diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2023-07-15 10:20:32 +0200 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2023-07-15 10:20:32 +0200 |
commit | 722bb062cb3e46c3ed3c800c8a63041fc02d343b (patch) | |
tree | 802afb7f13548b37ff5e5cdadde1418919b4d4a4 /src/transport/gnunet-communicator-udp.c | |
parent | 1d86bc9670ae065c850c40263cc5fabd7b211795 (diff) | |
download | gnunet-722bb062cb3e46c3ed3c800c8a63041fc02d343b.tar.gz gnunet-722bb062cb3e46c3ed3c800c8a63041fc02d343b.zip |
TNG: Use new KEM API in UDP communicator.
This also more cleanly separates random rekeys from KEM KXs
Diffstat (limited to 'src/transport/gnunet-communicator-udp.c')
-rw-r--r-- | src/transport/gnunet-communicator-udp.c | 62 |
1 files changed, 48 insertions, 14 deletions
diff --git a/src/transport/gnunet-communicator-udp.c b/src/transport/gnunet-communicator-udp.c index f4a25328f..5f40d2b38 100644 --- a/src/transport/gnunet-communicator-udp.c +++ b/src/transport/gnunet-communicator-udp.c | |||
@@ -1375,7 +1375,7 @@ setup_shared_secret_dec (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral) | |||
1375 | struct SharedSecret *ss; | 1375 | struct SharedSecret *ss; |
1376 | 1376 | ||
1377 | ss = GNUNET_new (struct SharedSecret); | 1377 | ss = GNUNET_new (struct SharedSecret); |
1378 | GNUNET_CRYPTO_eddsa_ecdh (my_private_key, ephemeral, &ss->master); | 1378 | GNUNET_CRYPTO_eddsa_kem_decaps (my_private_key, ephemeral, &ss->master); |
1379 | return ss; | 1379 | return ss; |
1380 | } | 1380 | } |
1381 | 1381 | ||
@@ -1388,15 +1388,13 @@ setup_shared_secret_dec (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral) | |||
1388 | * @return new shared secret | 1388 | * @return new shared secret |
1389 | */ | 1389 | */ |
1390 | static struct SharedSecret * | 1390 | static struct SharedSecret * |
1391 | setup_shared_secret_enc (const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, | 1391 | setup_shared_secret_from_k (struct GNUNET_HashCode *k, |
1392 | struct ReceiverAddress *receiver, int add_to_receiver) | 1392 | struct ReceiverAddress *receiver) |
1393 | { | 1393 | { |
1394 | struct SharedSecret *ss; | 1394 | struct SharedSecret *ss; |
1395 | 1395 | ||
1396 | ss = GNUNET_new (struct SharedSecret); | 1396 | ss = GNUNET_new (struct SharedSecret); |
1397 | GNUNET_CRYPTO_ecdh_eddsa (ephemeral, | 1397 | memcpy (&ss->master, k, sizeof (*k)); |
1398 | &receiver->target.public_key, | ||
1399 | &ss->master); | ||
1400 | calculate_cmac (ss); | 1398 | calculate_cmac (ss); |
1401 | ss->receiver = receiver; | 1399 | ss->receiver = receiver; |
1402 | GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss); | 1400 | GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss); |
@@ -1407,6 +1405,47 @@ setup_shared_secret_enc (const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, | |||
1407 | 1405 | ||
1408 | 1406 | ||
1409 | /** | 1407 | /** |
1408 | * Setup shared secret for encryption. | ||
1409 | * | ||
1410 | * @param ephemeral ephemeral key we are sending to the other peer | ||
1411 | * @param[in,out] receiver queue to initialize encryption key for | ||
1412 | * @return new shared secret | ||
1413 | */ | ||
1414 | static struct SharedSecret * | ||
1415 | setup_shared_secret_ephemeral (struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, | ||
1416 | struct ReceiverAddress *receiver) | ||
1417 | { | ||
1418 | struct SharedSecret *ss; | ||
1419 | struct GNUNET_HashCode k; | ||
1420 | |||
1421 | GNUNET_CRYPTO_eddsa_kem_encaps (&receiver->target.public_key, ephemeral, &k); | ||
1422 | ss = setup_shared_secret_from_k (&k, receiver); | ||
1423 | GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO); | ||
1424 | return ss; | ||
1425 | } | ||
1426 | |||
1427 | |||
1428 | /** | ||
1429 | * Setup shared secret for encryption. | ||
1430 | * | ||
1431 | * @param ephemeral ephemeral key we are sending to the other peer | ||
1432 | * @param[in,out] receiver queue to initialize encryption key for | ||
1433 | * @return new shared secret | ||
1434 | */ | ||
1435 | static struct SharedSecret * | ||
1436 | setup_shared_secret_random (struct ReceiverAddress *receiver) | ||
1437 | { | ||
1438 | struct SharedSecret *ss; | ||
1439 | struct GNUNET_HashCode k; | ||
1440 | |||
1441 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, &k, sizeof(k)); | ||
1442 | ss = setup_shared_secret_from_k (&k, receiver); | ||
1443 | GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO); | ||
1444 | return ss; | ||
1445 | } | ||
1446 | |||
1447 | |||
1448 | /** | ||
1410 | * Setup the MQ for the @a receiver. If a queue exists, | 1449 | * Setup the MQ for the @a receiver. If a queue exists, |
1411 | * the existing one is destroyed. Then the MTU is | 1450 | * the existing one is destroyed. Then the MTU is |
1412 | * recalculated and a fresh queue is initialized. | 1451 | * recalculated and a fresh queue is initialized. |
@@ -2625,11 +2664,11 @@ mq_send_kx (struct GNUNET_MQ_Handle *mq, | |||
2625 | struct UdpHandshakeSignature uhs; | 2664 | struct UdpHandshakeSignature uhs; |
2626 | struct UDPConfirmation uc; | 2665 | struct UDPConfirmation uc; |
2627 | struct InitialKX kx; | 2666 | struct InitialKX kx; |
2628 | struct GNUNET_CRYPTO_EcdhePrivateKey epriv; | ||
2629 | char dgram[receiver->kx_mtu + sizeof(uc) + sizeof(kx)]; | 2667 | char dgram[receiver->kx_mtu + sizeof(uc) + sizeof(kx)]; |
2630 | size_t dpos; | 2668 | size_t dpos; |
2631 | gcry_cipher_hd_t out_cipher; | 2669 | gcry_cipher_hd_t out_cipher; |
2632 | struct SharedSecret *ss; | 2670 | struct SharedSecret *ss; |
2671 | struct GNUNET_HashCode k; | ||
2633 | 2672 | ||
2634 | GNUNET_assert (mq == receiver->kx_mq); | 2673 | GNUNET_assert (mq == receiver->kx_mq); |
2635 | if (msize > receiver->kx_mtu) | 2674 | if (msize > receiver->kx_mtu) |
@@ -2642,9 +2681,8 @@ mq_send_kx (struct GNUNET_MQ_Handle *mq, | |||
2642 | reschedule_receiver_timeout (receiver); | 2681 | reschedule_receiver_timeout (receiver); |
2643 | 2682 | ||
2644 | /* setup key material */ | 2683 | /* setup key material */ |
2645 | GNUNET_CRYPTO_ecdhe_key_create (&epriv); | ||
2646 | 2684 | ||
2647 | ss = setup_shared_secret_enc (&epriv, receiver, GNUNET_YES); | 2685 | ss = setup_shared_secret_ephemeral (&uhs.ephemeral, receiver); |
2648 | 2686 | ||
2649 | if (receiver->num_secrets > MAX_SECRETS) | 2687 | if (receiver->num_secrets > MAX_SECRETS) |
2650 | { | 2688 | { |
@@ -2661,7 +2699,6 @@ mq_send_kx (struct GNUNET_MQ_Handle *mq, | |||
2661 | uhs.purpose.size = htonl (sizeof(uhs)); | 2699 | uhs.purpose.size = htonl (sizeof(uhs)); |
2662 | uhs.sender = my_identity; | 2700 | uhs.sender = my_identity; |
2663 | uhs.receiver = receiver->target; | 2701 | uhs.receiver = receiver->target; |
2664 | GNUNET_CRYPTO_ecdhe_key_get_public (&epriv, &uhs.ephemeral); | ||
2665 | uhs.monotonic_time = uc.monotonic_time; | 2702 | uhs.monotonic_time = uc.monotonic_time; |
2666 | GNUNET_CRYPTO_eddsa_sign (my_private_key, | 2703 | GNUNET_CRYPTO_eddsa_sign (my_private_key, |
2667 | &uhs, | 2704 | &uhs, |
@@ -2765,7 +2802,6 @@ send_UDPRekey (struct ReceiverAddress *receiver, struct SharedSecret *ss) | |||
2765 | uint8_t is_acks_available_below = GNUNET_NO; | 2802 | uint8_t is_acks_available_below = GNUNET_NO; |
2766 | uint8_t send_rekey = GNUNET_NO; | 2803 | uint8_t send_rekey = GNUNET_NO; |
2767 | uint16_t not_below; | 2804 | uint16_t not_below; |
2768 | struct GNUNET_CRYPTO_EcdhePrivateKey epriv; | ||
2769 | struct UDPRekey *rekey; | 2805 | struct UDPRekey *rekey; |
2770 | size_t dpos; | 2806 | size_t dpos; |
2771 | 2807 | ||
@@ -2789,9 +2825,7 @@ send_UDPRekey (struct ReceiverAddress *receiver, struct SharedSecret *ss) | |||
2789 | else if (NULL == receiver->ss_rekey) | 2825 | else if (NULL == receiver->ss_rekey) |
2790 | { | 2826 | { |
2791 | /* setup key material */ | 2827 | /* setup key material */ |
2792 | GNUNET_CRYPTO_ecdhe_key_create (&epriv); | 2828 | receiver->ss_rekey = setup_shared_secret_random (receiver); |
2793 | receiver->ss_rekey = setup_shared_secret_enc (&epriv, receiver, | ||
2794 | GNUNET_NO); | ||
2795 | receiver->ss_rekey->sequence_allowed = 0; | 2829 | receiver->ss_rekey->sequence_allowed = 0; |
2796 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2830 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2797 | "Setup secret with cmac %s\n", | 2831 | "Setup secret with cmac %s\n", |