diff options
-rw-r--r-- | src/cadet/gnunet-service-cadet_peer.c | 47 | ||||
-rw-r--r-- | src/cadet/gnunet-service-cadet_peer.h | 19 |
2 files changed, 66 insertions, 0 deletions
diff --git a/src/cadet/gnunet-service-cadet_peer.c b/src/cadet/gnunet-service-cadet_peer.c index 19c6c99bf..1948c1ed9 100644 --- a/src/cadet/gnunet-service-cadet_peer.c +++ b/src/cadet/gnunet-service-cadet_peer.c | |||
@@ -22,6 +22,8 @@ | |||
22 | #include "platform.h" | 22 | #include "platform.h" |
23 | #include "gnunet_util_lib.h" | 23 | #include "gnunet_util_lib.h" |
24 | 24 | ||
25 | #include "gnunet_signatures.h" | ||
26 | |||
25 | #include "gnunet_transport_service.h" | 27 | #include "gnunet_transport_service.h" |
26 | #include "gnunet_core_service.h" | 28 | #include "gnunet_core_service.h" |
27 | #include "gnunet_statistics_service.h" | 29 | #include "gnunet_statistics_service.h" |
@@ -124,6 +126,11 @@ struct CadetPeer | |||
124 | GNUNET_PEER_Id id; | 126 | GNUNET_PEER_Id id; |
125 | 127 | ||
126 | /** | 128 | /** |
129 | * Axolotl permanent public key. | ||
130 | */ | ||
131 | struct GNUNET_CRYPTO_EcdhePublicKey ax_key; | ||
132 | |||
133 | /** | ||
127 | * Last time we heard from this peer | 134 | * Last time we heard from this peer |
128 | */ | 135 | */ |
129 | struct GNUNET_TIME_Absolute last_contact; | 136 | struct GNUNET_TIME_Absolute last_contact; |
@@ -2366,6 +2373,46 @@ GCP_try_connect (struct CadetPeer *peer) | |||
2366 | 2373 | ||
2367 | 2374 | ||
2368 | /** | 2375 | /** |
2376 | * Check if the given ECDH key is correct for the peer. | ||
2377 | * | ||
2378 | * This function caches the results if the key has been previoulsy checked, | ||
2379 | * otherwise checks that the key is signed with the peer's ID (EdDSA key). | ||
2380 | * | ||
2381 | * TODO: save the cached public key to permanent storage / peerinfo. | ||
2382 | * | ||
2383 | * @param peer Peer whose key to check. | ||
2384 | * @param key ECDH key to check. | ||
2385 | * @param purpose Purpose of the signature (followed by the key). | ||
2386 | * @param sig Signature with the peer's EdDSA key (PeerID). | ||
2387 | */ | ||
2388 | int | ||
2389 | GCP_check_key (struct CadetPeer *peer, | ||
2390 | const struct GNUNET_CRYPTO_EcdhePublicKey *key, | ||
2391 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
2392 | const struct GNUNET_CRYPTO_EddsaSignature *sig) | ||
2393 | { | ||
2394 | struct GNUNET_CRYPTO_EddsaPublicKey *pub; | ||
2395 | int verified; | ||
2396 | |||
2397 | /* Is it the same as the cached key? */ | ||
2398 | if (0 == memcmp (&peer->ax_key, key, sizeof (*key))) | ||
2399 | return GNUNET_OK; | ||
2400 | |||
2401 | /* New key, verify. */ | ||
2402 | pub = (struct GNUNET_CRYPTO_EddsaPublicKey *) GCP_get_id (peer); | ||
2403 | verified = GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_CADET_AXKX, | ||
2404 | purpose, sig, pub); | ||
2405 | |||
2406 | if (GNUNET_OK != verified) | ||
2407 | return GNUNET_SYSERR; | ||
2408 | |||
2409 | /* Cache key for later. */ | ||
2410 | peer->ax_key = *key; | ||
2411 | return GNUNET_OK; | ||
2412 | } | ||
2413 | |||
2414 | |||
2415 | /** | ||
2369 | * Notify a peer that a link between two other peers is broken. If any path | 2416 | * Notify a peer that a link between two other peers is broken. If any path |
2370 | * used that link, eliminate it. | 2417 | * used that link, eliminate it. |
2371 | * | 2418 | * |
diff --git a/src/cadet/gnunet-service-cadet_peer.h b/src/cadet/gnunet-service-cadet_peer.h index a0211328b..53a26b2e9 100644 --- a/src/cadet/gnunet-service-cadet_peer.h +++ b/src/cadet/gnunet-service-cadet_peer.h | |||
@@ -390,6 +390,25 @@ void | |||
390 | GCP_try_connect (struct CadetPeer *peer); | 390 | GCP_try_connect (struct CadetPeer *peer); |
391 | 391 | ||
392 | /** | 392 | /** |
393 | * Check if the given ECDH key is correct for the peer. | ||
394 | * | ||
395 | * This function caches the results if the key has been previoulsy checked, | ||
396 | * otherwise checks that the key is signed with the peer's ID (EdDSA key). | ||
397 | * | ||
398 | * TODO: save the cached public key to permanent storage / peerinfo. | ||
399 | * | ||
400 | * @param peer Peer whose key to check. | ||
401 | * @param key ECDH key to check. | ||
402 | * @param purpose Purpose of the signature (followed by the key). | ||
403 | * @param sig Signature with the peer's EdDSA key (PeerID). | ||
404 | */ | ||
405 | int | ||
406 | GCP_check_key (struct CadetPeer *peer, | ||
407 | const struct GNUNET_CRYPTO_EcdhePublicKey *key, | ||
408 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
409 | const struct GNUNET_CRYPTO_EddsaSignature *sig); | ||
410 | |||
411 | /** | ||
393 | * Notify a peer that a link between two other peers is broken. If any path | 412 | * Notify a peer that a link between two other peers is broken. If any path |
394 | * used that link, eliminate it. | 413 | * used that link, eliminate it. |
395 | * | 414 | * |