aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--NEWS13
-rw-r--r--README13
-rw-r--r--README.1st12
-rw-r--r--src/core/Makefile.am2
-rw-r--r--src/core/gnunet-service-core.c12
-rw-r--r--src/core/gnunet-service-core_kx.c963
-rw-r--r--src/core/gnunet-service-core_kx.h8
-rw-r--r--src/core/gnunet-service-core_neighbours.c4
-rw-r--r--src/hello/gnunet-hello.c2
-rw-r--r--src/hello/hello.c18
-rw-r--r--src/hello/test_hello.c4
-rw-r--r--src/include/gnunet_crypto_lib.h17
-rw-r--r--src/include/gnunet_hello_lib.h6
-rw-r--r--src/include/gnunet_protocols.h11
-rw-r--r--src/include/gnunet_signatures.h13
-rw-r--r--src/include/gnunet_testing_lib.h10
-rw-r--r--src/peerinfo-tool/gnunet-peerinfo.c12
-rw-r--r--src/testing/gnunet-testing.c22
-rw-r--r--src/testing/testing.c23
-rw-r--r--src/transport/gnunet-service-transport.c23
-rw-r--r--src/transport/gnunet-service-transport.h4
-rw-r--r--src/transport/gnunet-service-transport_hello.c4
-rw-r--r--src/transport/gnunet-service-transport_hello.h2
-rw-r--r--src/transport/gnunet-service-transport_neighbours.c20
-rw-r--r--src/transport/gnunet-service-transport_validation.c26
-rw-r--r--src/transport/gnunet-service-transport_validation.h2
-rw-r--r--src/transport/test_plugin_transport.c12
-rw-r--r--src/util/crypto_aes.c29
-rw-r--r--src/util/crypto_hash.c2
-rw-r--r--src/util/gnunet-ecc.c60
-rw-r--r--src/util/gnunet-rsa.c110
-rw-r--r--src/util/test_crypto_aes.c11
-rw-r--r--src/util/test_crypto_aes_weak.c3
33 files changed, 567 insertions, 906 deletions
diff --git a/NEWS b/NEWS
index 898a3dab3..c13106bbe 100644
--- a/NEWS
+++ b/NEWS
@@ -1 +1,12 @@
1See ChangeLog. 1======================================================================
2
3THIS SVN VERSION OF GNUNET IS INCOMPATIBLE TO ALL PREVIOUS RELEASES.
4WE ARE WORKING ON CHANGING FUNDAMENTAL PARTS OF THE CRYPTOGRAPHIC
5PARTS OF THE SYSTEM.
6
7THE CURRENT IMPLEMENTATION DOES NOT GIVE YOU ANY SECURITY (AS SOME
8CRYPTO IS DISABLED/INCOMPLETE) AND WILL LIKELY NOT BE COMPATIBLE WITH
9YESTERDAYS OR TOMORROWS VERSION. AS SUCH, DO NOT USE IT, OTHER THAN
10FOR DEVELOPMENT!
11
12=======================================================================
diff --git a/README b/README
index 6d6697734..fe1655195 100644
--- a/README
+++ b/README
@@ -1,3 +1,16 @@
1======================================================================
2
3THIS SVN VERSION OF GNUNET IS INCOMPATIBLE TO ALL PREVIOUS RELEASES.
4WE ARE WORKING ON CHANGING FUNDAMENTAL PARTS OF THE CRYPTOGRAPHIC
5PARTS OF THE SYSTEM.
6
7THE CURRENT IMPLEMENTATION DOES NOT GIVE YOU ANY SECURITY (AS SOME
8CRYPTO IS DISABLED/INCOMPLETE) AND WILL LIKELY NOT BE COMPATIBLE WITH
9YESTERDAYS OR TOMORROWS VERSION. AS SUCH, DO NOT USE IT, OTHER THAN
10FOR DEVELOPMENT!
11
12=======================================================================
13
1 Welcome to GNUnet 14 Welcome to GNUnet
2 15
3 16
diff --git a/README.1st b/README.1st
new file mode 100644
index 000000000..c13106bbe
--- /dev/null
+++ b/README.1st
@@ -0,0 +1,12 @@
1======================================================================
2
3THIS SVN VERSION OF GNUNET IS INCOMPATIBLE TO ALL PREVIOUS RELEASES.
4WE ARE WORKING ON CHANGING FUNDAMENTAL PARTS OF THE CRYPTOGRAPHIC
5PARTS OF THE SYSTEM.
6
7THE CURRENT IMPLEMENTATION DOES NOT GIVE YOU ANY SECURITY (AS SOME
8CRYPTO IS DISABLED/INCOMPLETE) AND WILL LIKELY NOT BE COMPATIBLE WITH
9YESTERDAYS OR TOMORROWS VERSION. AS SUCH, DO NOT USE IT, OTHER THAN
10FOR DEVELOPMENT!
11
12=======================================================================
diff --git a/src/core/Makefile.am b/src/core/Makefile.am
index 6d073da1f..a3ef13f5a 100644
--- a/src/core/Makefile.am
+++ b/src/core/Makefile.am
@@ -46,8 +46,6 @@ gnunet_service_core_SOURCES = \
46 gnunet-service-core_sessions.c gnunet-service-core_sessions.h \ 46 gnunet-service-core_sessions.c gnunet-service-core_sessions.h \
47 gnunet-service-core_typemap.c gnunet-service-core_typemap.h 47 gnunet-service-core_typemap.c gnunet-service-core_typemap.h
48gnunet_service_core_LDADD = \ 48gnunet_service_core_LDADD = \
49 $(top_builddir)/src/hello/libgnunethello.la \
50 $(top_builddir)/src/peerinfo/libgnunetpeerinfo.la \
51 $(top_builddir)/src/statistics/libgnunetstatistics.la \ 49 $(top_builddir)/src/statistics/libgnunetstatistics.la \
52 $(top_builddir)/src/transport/libgnunettransport.la \ 50 $(top_builddir)/src/transport/libgnunettransport.la \
53 $(top_builddir)/src/util/libgnunetutil.la \ 51 $(top_builddir)/src/util/libgnunetutil.la \
diff --git a/src/core/gnunet-service-core.c b/src/core/gnunet-service-core.c
index 095e12405..2be833fa0 100644
--- a/src/core/gnunet-service-core.c
+++ b/src/core/gnunet-service-core.c
@@ -56,7 +56,7 @@ static struct GNUNET_SERVER_Handle *GSC_server;
56/** 56/**
57 * Hostkey generation context 57 * Hostkey generation context
58 */ 58 */
59static struct GNUNET_CRYPTO_RsaKeyGenerationContext *keygen; 59static struct GNUNET_CRYPTO_EccKeyGenerationContext *keygen;
60 60
61 61
62/** 62/**
@@ -72,7 +72,7 @@ shutdown_task (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
72 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Core service shutting down.\n"); 72 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Core service shutting down.\n");
73 if (NULL != keygen) 73 if (NULL != keygen)
74 { 74 {
75 GNUNET_CRYPTO_rsa_key_create_stop (keygen); 75 GNUNET_CRYPTO_ecc_key_create_stop (keygen);
76 keygen = NULL; 76 keygen = NULL;
77 } 77 }
78 GSC_CLIENTS_done (); 78 GSC_CLIENTS_done ();
@@ -99,14 +99,14 @@ shutdown_task (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
99 */ 99 */
100static void 100static void
101key_generation_cb (void *cls, 101key_generation_cb (void *cls,
102 struct GNUNET_CRYPTO_RsaPrivateKey *pk, 102 struct GNUNET_CRYPTO_EccPrivateKey *pk,
103 const char *emsg) 103 const char *emsg)
104{ 104{
105 keygen = NULL; 105 keygen = NULL;
106 if (NULL == pk) 106 if (NULL == pk)
107 { 107 {
108 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 108 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
109 _("Failed to read hostkey: %s\n"), 109 _("Failed to read or generate private key: %s\n"),
110 emsg); 110 emsg);
111 GNUNET_SCHEDULER_shutdown (); 111 GNUNET_SCHEDULER_shutdown ();
112 return; 112 return;
@@ -141,7 +141,7 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
141 GSC_cfg = c; 141 GSC_cfg = c;
142 GSC_server = server; 142 GSC_server = server;
143 if (GNUNET_OK != 143 if (GNUNET_OK !=
144 GNUNET_CONFIGURATION_get_value_filename (GSC_cfg, "GNUNETD", "HOSTKEY", 144 GNUNET_CONFIGURATION_get_value_filename (GSC_cfg, "PEER", "PRIVATE_KEY",
145 &keyfile)) 145 &keyfile))
146 { 146 {
147 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 147 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -155,7 +155,7 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
155 NULL); 155 NULL);
156 GNUNET_SERVER_suspend (server); 156 GNUNET_SERVER_suspend (server);
157 GSC_TYPEMAP_init (); 157 GSC_TYPEMAP_init ();
158 keygen = GNUNET_CRYPTO_rsa_key_create_start (keyfile, &key_generation_cb, NULL); 158 keygen = GNUNET_CRYPTO_ecc_key_create_start (keyfile, &key_generation_cb, NULL);
159 GNUNET_free (keyfile); 159 GNUNET_free (keyfile);
160 if (NULL == keygen) 160 if (NULL == keygen)
161 { 161 {
diff --git a/src/core/gnunet-service-core_kx.c b/src/core/gnunet-service-core_kx.c
index b2fc2a971..f7fbfcf68 100644
--- a/src/core/gnunet-service-core_kx.c
+++ b/src/core/gnunet-service-core_kx.c
@@ -30,8 +30,6 @@
30#include "gnunet-service-core_neighbours.h" 30#include "gnunet-service-core_neighbours.h"
31#include "gnunet-service-core_sessions.h" 31#include "gnunet-service-core_sessions.h"
32#include "gnunet_statistics_service.h" 32#include "gnunet_statistics_service.h"
33#include "gnunet_peerinfo_service.h"
34#include "gnunet_hello_lib.h"
35#include "gnunet_constants.h" 33#include "gnunet_constants.h"
36#include "gnunet_signatures.h" 34#include "gnunet_signatures.h"
37#include "gnunet_protocols.h" 35#include "gnunet_protocols.h"
@@ -39,14 +37,9 @@
39 37
40 38
41/** 39/**
42 * Set to GNUNET_YES to perform some slightly expensive internal invariant checks.
43 */
44#define EXTRA_CHECKS GNUNET_YES
45
46/**
47 * How long do we wait for SET_KEY confirmation initially? 40 * How long do we wait for SET_KEY confirmation initially?
48 */ 41 */
49#define INITIAL_SET_KEY_RETRY_FREQUENCY GNUNET_TIME_relative_multiply (MAX_SET_KEY_DELAY, 1) 42#define INITIAL_SET_KEY_RETRY_FREQUENCY GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 10)
50 43
51/** 44/**
52 * What is the minimum frequency for a PING message? 45 * What is the minimum frequency for a PING message?
@@ -56,8 +49,12 @@
56/** 49/**
57 * How often do we rekey? 50 * How often do we rekey?
58 */ 51 */
59#define REKEY_FREQUENCY GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 90) 52#define REKEY_FREQUENCY GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 12)
60 53
54/**
55 * What time difference do we tolerate?
56 */
57#define REKEY_TOLERANCE GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
61 58
62/** 59/**
63 * What is the maximum age of a message for us to consider processing 60 * What is the maximum age of a message for us to consider processing
@@ -68,13 +65,61 @@
68 */ 65 */
69#define MAX_MESSAGE_AGE GNUNET_TIME_UNIT_DAYS 66#define MAX_MESSAGE_AGE GNUNET_TIME_UNIT_DAYS
70 67
68
69
70GNUNET_NETWORK_STRUCT_BEGIN
71
71/** 72/**
72 * What is the maximum delay for a SET_KEY message? 73 * Message transmitted with the signed ephemeral key of a peer. The
74 * session key is then derived from the two ephemeral keys (ECDHE).
73 */ 75 */
74#define MAX_SET_KEY_DELAY GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 10) 76struct EphemeralKeyMessage
77{
78
79 /**
80 * Message type is CORE_EPHEMERAL_KEY.
81 */
82 struct GNUNET_MessageHeader header;
83
84 /**
85 * Status of the sender (should be in "enum PeerStateMachine"), nbo.
86 */
87 int32_t sender_status GNUNET_PACKED;
75 88
89 /**
90 * An ECC signature of the 'origin' asserting the validity of
91 * the given ephemeral key.
92 */
93 struct GNUNET_CRYPTO_EccSignature signature;
94
95 /**
96 * Information about what is being signed.
97 */
98 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
99
100 /**
101 * At what time was this key created (beginning of validity).
102 */
103 struct GNUNET_TIME_AbsoluteNBO creation_time;
104
105 /**
106 * When does the given ephemeral key expire (end of validity).
107 */
108 struct GNUNET_TIME_AbsoluteNBO expiration_time;
109
110 /**
111 * Ephemeral public ECC key (always for NIST P-521) encoded in a format suitable
112 * for network transmission as created using 'gcry_sexp_sprint'.
113 */
114 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded ephemeral_key;
115
116 /**
117 * Public key of the signing peer (persistent version, not the ephemeral public key).
118 */
119 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded origin_public_key;
120
121};
76 122
77GNUNET_NETWORK_STRUCT_BEGIN
78 123
79/** 124/**
80 * We're sending an (encrypted) PING to the other peer to check if he 125 * We're sending an (encrypted) PING to the other peer to check if he
@@ -128,9 +173,9 @@ struct PongMessage
128 uint32_t challenge GNUNET_PACKED; 173 uint32_t challenge GNUNET_PACKED;
129 174
130 /** 175 /**
131 * Reserved, always 'GNUNET_BANDWIDTH_VALUE_MAX'. 176 * Reserved, always zero.
132 */ 177 */
133 struct GNUNET_BANDWIDTH_Value32NBO reserved; 178 uint32_t reserved;
134 179
135 /** 180 /**
136 * Intended target of the PING, used primarily to check 181 * Intended target of the PING, used primarily to check
@@ -141,51 +186,6 @@ struct PongMessage
141 186
142 187
143/** 188/**
144 * Message transmitted to set (or update) a session key.
145 */
146struct SetKeyMessage
147{
148
149 /**
150 * Message type is either CORE_SET_KEY.
151 */
152 struct GNUNET_MessageHeader header;
153
154 /**
155 * Status of the sender (should be in "enum PeerStateMachine"), nbo.
156 */
157 int32_t sender_status GNUNET_PACKED;
158
159 /**
160 * Purpose of the signature, will be
161 * GNUNET_SIGNATURE_PURPOSE_SET_KEY.
162 */
163 struct GNUNET_CRYPTO_RsaSignaturePurpose purpose;
164
165 /**
166 * At what time was this key created?
167 */
168 struct GNUNET_TIME_AbsoluteNBO creation_time;
169
170 /**
171 * The encrypted session key.
172 */
173 struct GNUNET_CRYPTO_RsaEncryptedData encrypted_key;
174
175 /**
176 * Who is the intended recipient?
177 */
178 struct GNUNET_PeerIdentity target;
179
180 /**
181 * Signature of the stuff above (starting at purpose).
182 */
183 struct GNUNET_CRYPTO_RsaSignature signature;
184
185};
186
187
188/**
189 * Encapsulation for encrypted messages exchanged between 189 * Encapsulation for encrypted messages exchanged between
190 * peers. Followed by the actual encrypted data. 190 * peers. Followed by the actual encrypted data.
191 */ 191 */
@@ -216,9 +216,9 @@ struct EncryptedMessage
216 uint32_t sequence_number GNUNET_PACKED; 216 uint32_t sequence_number GNUNET_PACKED;
217 217
218 /** 218 /**
219 * Reserved, always 'GNUNET_BANDWIDTH_VALUE_MAX'. 219 * Reserved, always zero.
220 */ 220 */
221 struct GNUNET_BANDWIDTH_Value32NBO reserved; 221 uint32_t reserved;
222 222
223 /** 223 /**
224 * Timestamp. Used to prevent reply of ancient messages 224 * Timestamp. Used to prevent reply of ancient messages
@@ -263,23 +263,18 @@ enum KxStateMachine
263 KX_STATE_KEY_RECEIVED, 263 KX_STATE_KEY_RECEIVED,
264 264
265 /** 265 /**
266 * The other peer has confirmed our session key with a message 266 * The other peer has confirmed our session key + PING with a PONG
267 * encrypted with his session key (which we got). Key exchange 267 * message encrypted with his session key (which we got). Key
268 * is done. 268 * exchange is done.
269 */ 269 */
270 KX_STATE_UP, 270 KX_STATE_UP,
271 271
272 /** 272 /**
273 * We're rekeying, so we have received the other peer's session 273 * We're rekeying, so we have sent the other peer our new ephemeral
274 * key, but he didn't get ours yet. 274 * key, but we did not get a matching PONG yet.
275 */
276 KX_STATE_REKEY,
277
278 /**
279 * We're rekeying but have not yet received confirmation for our new
280 * key from the other peer.
281 */ 275 */
282 KX_STATE_REKEY_SENT 276 KX_STATE_REKEY_SENT
277
283}; 278};
284 279
285 280
@@ -288,62 +283,26 @@ enum KxStateMachine
288 */ 283 */
289struct GSC_KeyExchangeInfo 284struct GSC_KeyExchangeInfo
290{ 285{
291 /**
292 * Identity of the peer.
293 */
294 struct GNUNET_PeerIdentity peer;
295 286
296 /** 287 /**
297 * SetKeyMessage to transmit (initialized the first 288 * DLL.
298 * time our status goes past 'KX_STATE_KEY_SENT').
299 */ 289 */
300 struct SetKeyMessage skm; 290 struct GSC_KeyExchangeInfo *next;
301 291
302 /** 292 /**
303 * PING message we transmit to the other peer. 293 * DLL.
304 */ 294 */
305 struct PingMessage ping; 295 struct GSC_KeyExchangeInfo *prev;
306
307 /**
308 * SetKeyMessage we received and did not process yet.
309 */
310 struct SetKeyMessage *skm_received;
311 296
312 /** 297 /**
313 * PING message we received from the other peer and 298 * Identity of the peer.
314 * did not process yet (or NULL).
315 */
316 struct PingMessage *ping_received;
317
318 /**
319 * PONG message we received from the other peer and
320 * did not process yet (or NULL).
321 */
322 struct PongMessage *pong_received;
323
324 /**
325 * Encrypted message we received from the other peer and
326 * did not process yet (or NULL).
327 */
328 struct EncryptedMessage *emsg_received;
329
330 /**
331 * Non-NULL if we are currently looking up HELLOs for this peer.
332 * for this peer.
333 */
334 struct GNUNET_PEERINFO_IteratorContext *pitr;
335
336 /**
337 * Public key of the neighbour, NULL if we don't have it yet.
338 */ 299 */
339 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *public_key; 300 struct GNUNET_PeerIdentity peer;
340 301
341 /** 302 /**
342 * We received a PONG message before we got the "public_key" 303 * PING message we transmit to the other peer.
343 * (or the SET_KEY). We keep it here until we have a key
344 * to decrypt it. NULL if no PONG is pending.
345 */ 304 */
346 struct PongMessage *pending_pong; 305 struct PingMessage ping;
347 306
348 /** 307 /**
349 * Key we use to encrypt our messages for the other peer 308 * Key we use to encrypt our messages for the other peer
@@ -358,14 +317,9 @@ struct GSC_KeyExchangeInfo
358 struct GNUNET_CRYPTO_AesSessionKey decrypt_key; 317 struct GNUNET_CRYPTO_AesSessionKey decrypt_key;
359 318
360 /** 319 /**
361 * At what time did we generate our encryption key?
362 */
363 struct GNUNET_TIME_Absolute encrypt_key_created;
364
365 /**
366 * At what time did the other peer generate the decryption key? 320 * At what time did the other peer generate the decryption key?
367 */ 321 */
368 struct GNUNET_TIME_Absolute decrypt_key_created; 322 struct GNUNET_TIME_Absolute foreign_key_expires;
369 323
370 /** 324 /**
371 * When should the session time out (if there are no PONGs)? 325 * When should the session time out (if there are no PONGs)?
@@ -418,57 +372,46 @@ struct GSC_KeyExchangeInfo
418 372
419 373
420/** 374/**
421 * Handle to peerinfo service. 375 * Our private key.
422 */ 376 */
423static struct GNUNET_PEERINFO_Handle *peerinfo; 377static struct GNUNET_CRYPTO_EccPrivateKey *my_private_key;
424 378
425/** 379/**
426 * Our private key. 380 * Our ephemeral private key.
381 */
382static struct GNUNET_CRYPTO_EccPrivateKey *my_ephemeral_key;
383
384/**
385 * Current message we send for a key exchange.
427 */ 386 */
428static struct GNUNET_CRYPTO_RsaPrivateKey *my_private_key; 387static struct EphemeralKeyMessage current_ekm;
429 388
430/** 389/**
431 * Our public key. 390 * Our public key.
432 */ 391 */
433static struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded my_public_key; 392static struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded my_public_key;
434 393
435/** 394/**
436 * Our message stream tokenizer (for encrypted payload). 395 * Our message stream tokenizer (for encrypted payload).
437 */ 396 */
438static struct GNUNET_SERVER_MessageStreamTokenizer *mst; 397static struct GNUNET_SERVER_MessageStreamTokenizer *mst;
439 398
440
441#if EXTRA_CHECKS
442/** 399/**
443 * Check internal invariants of the given KX record. 400 * DLL head.
444 * 401 */
445 * @param kx record to check 402static struct GSC_KeyExchangeInfo *kx_head;
446 * @param file filename for error reporting
447 * @param line line number for error reporting
448 */
449static void
450check_kx_record (struct GSC_KeyExchangeInfo *kx,
451 const char *file,
452 int line)
453{
454 struct GNUNET_HashCode hc;
455
456 if (NULL == kx->public_key)
457 return;
458 GNUNET_CRYPTO_hash (kx->public_key, sizeof (*kx->public_key), &hc);
459 GNUNET_assert_at (0 == memcmp (&hc, &kx->peer, sizeof (struct GNUNET_HashCode)), file, line);
460}
461
462 403
463/** 404/**
464 * Check internal invariants of the given KX record. 405 * DLL tail.
465 *
466 * @param kx record to check
467 */ 406 */
468#define CHECK_KX(kx) check_kx_record(kx, __FILE__, __LINE__) 407static struct GSC_KeyExchangeInfo *kx_tail;
469#else 408
470#define CHECK_KX(kx) 409/**
471#endif 410 * Task scheduled for periodic re-generation (and thus rekeying) of our
411 * ephemeral key.
412 */
413static GNUNET_SCHEDULER_TaskIdentifier rekey_task;
414
472 415
473/** 416/**
474 * Derive an authentication key from "set key" information 417 * Derive an authentication key from "set key" information
@@ -476,19 +419,15 @@ check_kx_record (struct GSC_KeyExchangeInfo *kx,
476 * @param akey authentication key to derive 419 * @param akey authentication key to derive
477 * @param skey session key to use 420 * @param skey session key to use
478 * @param seed seed to use 421 * @param seed seed to use
479 * @param creation_time creation time to use
480 */ 422 */
481static void 423static void
482derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey, 424derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey,
483 const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed, 425 const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed)
484 struct GNUNET_TIME_Absolute creation_time)
485{ 426{
486 static const char ctx[] = "authentication key"; 427 static const char ctx[] = "authentication key";
487 struct GNUNET_TIME_AbsoluteNBO ctbe;
488 428
489 ctbe = GNUNET_TIME_absolute_hton (creation_time);
490 GNUNET_CRYPTO_hmac_derive_key (akey, skey, &seed, sizeof (seed), &skey->key, 429 GNUNET_CRYPTO_hmac_derive_key (akey, skey, &seed, sizeof (seed), &skey->key,
491 sizeof (skey->key), &ctbe, sizeof (ctbe), ctx, 430 sizeof (skey->key), ctx,
492 sizeof (ctx), NULL); 431 sizeof (ctx), NULL);
493} 432}
494 433
@@ -539,6 +478,31 @@ derive_pong_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv,
539 478
540 479
541/** 480/**
481 * Derive an AES key from key material
482 *
483 * @param sender peer identity of the sender
484 * @param receiver peer identity of the sender
485 * @param key_material high entropy key material to use
486 * @param skey set to derived session key
487 */
488static void
489derive_aes_key (const struct GNUNET_PeerIdentity *sender,
490 const struct GNUNET_PeerIdentity *receiver,
491 const struct GNUNET_HashCode *key_material,
492 struct GNUNET_CRYPTO_AesSessionKey *skey)
493{
494 static const char ctx[] = "aes key generation vector";
495
496 GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_AesSessionKey),
497 ctx, sizeof (ctx),
498 skey, sizeof (struct GNUNET_CRYPTO_AesSessionKey),
499 sender, sizeof (struct GNUNET_PeerIdentity),
500 receiver, sizeof (struct GNUNET_PeerIdentity),
501 NULL);
502}
503
504
505/**
542 * Encrypt size bytes from in and write the result to out. Use the 506 * Encrypt size bytes from in and write the result to out. Use the
543 * key for outbound traffic of the given neighbour. 507 * key for outbound traffic of the given neighbour.
544 * 508 *
@@ -601,8 +565,7 @@ do_decrypt (struct GSC_KeyExchangeInfo *kx,
601 return GNUNET_NO; 565 return GNUNET_NO;
602 } 566 }
603 if ( (kx->status != KX_STATE_KEY_RECEIVED) && (kx->status != KX_STATE_UP) && 567 if ( (kx->status != KX_STATE_KEY_RECEIVED) && (kx->status != KX_STATE_UP) &&
604 (kx->status != KX_STATE_REKEY_SENT) && 568 (kx->status != KX_STATE_REKEY_SENT) )
605 (kx->status != KX_STATE_REKEY) )
606 { 569 {
607 GNUNET_break_op (0); 570 GNUNET_break_op (0);
608 return GNUNET_SYSERR; 571 return GNUNET_SYSERR;
@@ -651,88 +614,34 @@ set_key_retry_task (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
651 struct GSC_KeyExchangeInfo *kx = cls; 614 struct GSC_KeyExchangeInfo *kx = cls;
652 615
653 kx->retry_set_key_task = GNUNET_SCHEDULER_NO_TASK; 616 kx->retry_set_key_task = GNUNET_SCHEDULER_NO_TASK;
654 kx->set_key_retry_frequency = 617 kx->set_key_retry_frequency = GNUNET_TIME_STD_BACKOFF (kx->set_key_retry_frequency);
655 GNUNET_TIME_relative_multiply (kx->set_key_retry_frequency, 2);
656 send_key (kx); 618 send_key (kx);
657} 619}
658 620
659 621
660/** 622/**
661 * PEERINFO is giving us a HELLO for a peer. Add the public key to 623 * Create a fresh PING message for transmission to the other peer.
662 * the neighbour's struct and continue with the key exchange. Or, if
663 * we did not get a HELLO, just do nothing.
664 * 624 *
665 * @param cls the 'struct GSC_KeyExchangeInfo' to retry sending the key for 625 * @param kx key exchange context to create PING for
666 * @param peer the peer for which this is the HELLO
667 * @param hello HELLO message of that peer
668 * @param err_msg NULL if successful, otherwise contains error message
669 */ 626 */
670static void 627static void
671process_hello (void *cls, const struct GNUNET_PeerIdentity *peer, 628setup_fresh_ping (struct GSC_KeyExchangeInfo *kx)
672 const struct GNUNET_HELLO_Message *hello, const char *err_msg)
673{ 629{
674 struct GSC_KeyExchangeInfo *kx = cls; 630 struct PingMessage pp;
675 struct SetKeyMessage *skm; 631 struct PingMessage *pm;
632 struct GNUNET_CRYPTO_AesInitializationVector iv;
676 633
677 CHECK_KX (kx); 634 pm = &kx->ping;
678 if (NULL != err_msg) 635 pm->header.size = htons (sizeof (struct PingMessage));
679 { 636 pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING);
680 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 637 pm->iv_seed =
681 _("Error in communication with PEERINFO service\n")); 638 GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX);
682 kx->pitr = NULL; 639 derive_iv (&iv, &kx->encrypt_key, pm->iv_seed, &kx->peer);
683 if (GNUNET_SCHEDULER_NO_TASK != kx->retry_set_key_task) 640 pp.challenge = kx->ping_challenge;
684 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task); 641 pp.target = kx->peer;
685 kx->retry_set_key_task = 642 do_encrypt (kx, &iv, &pp.target, &pm->target,
686 GNUNET_SCHEDULER_add_delayed (kx->set_key_retry_frequency, 643 sizeof (struct PingMessage) - ((void *) &pm->target -
687 &set_key_retry_task, kx); 644 (void *) pm));
688 return;
689 }
690 if (NULL == peer)
691 {
692 kx->pitr = NULL;
693 if (NULL != kx->public_key)
694 return; /* done here */
695 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
696 "Failed to obtain public key for peer `%4s', delaying processing of SET_KEY\n",
697 GNUNET_i2s (&kx->peer));
698 GNUNET_STATISTICS_update (GSC_stats,
699 gettext_noop
700 ("# Delayed connecting due to lack of public key"),
701 1, GNUNET_NO);
702 if (GNUNET_SCHEDULER_NO_TASK != kx->retry_set_key_task)
703 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task);
704 kx->retry_set_key_task =
705 GNUNET_SCHEDULER_add_delayed (kx->set_key_retry_frequency,
706 &set_key_retry_task, kx);
707 return;
708 }
709 GNUNET_break (0 == memcmp (peer, &kx->peer, sizeof (struct GNUNET_PeerIdentity)));
710 if (NULL != kx->public_key)
711 {
712 /* already have public key, why are we here? */
713 GNUNET_break (0);
714 return;
715 }
716 GNUNET_assert (GNUNET_SCHEDULER_NO_TASK == kx->retry_set_key_task);
717 kx->public_key =
718 GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded));
719 if (GNUNET_OK != GNUNET_HELLO_get_key (hello, kx->public_key))
720 {
721 GNUNET_break (0);
722 GNUNET_free (kx->public_key);
723 kx->public_key = NULL;
724 CHECK_KX (kx);
725 return;
726 }
727 CHECK_KX (kx);
728 send_key (kx);
729 if (NULL != kx->skm_received)
730 {
731 skm = kx->skm_received;
732 kx->skm_received = NULL;
733 GSC_KX_handle_set_key (kx, &skm->header);
734 GNUNET_free (skm);
735 }
736} 645}
737 646
738 647
@@ -747,7 +656,8 @@ GSC_KX_start (const struct GNUNET_PeerIdentity *pid)
747{ 656{
748 struct GSC_KeyExchangeInfo *kx; 657 struct GSC_KeyExchangeInfo *kx;
749 658
750 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Initiating key exchange with `%s'\n", 659 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
660 "Initiating key exchange with `%s'\n",
751 GNUNET_i2s (pid)); 661 GNUNET_i2s (pid));
752 GNUNET_STATISTICS_update (GSC_stats, 662 GNUNET_STATISTICS_update (GSC_stats,
753 gettext_noop ("# key exchanges initiated"), 1, 663 gettext_noop ("# key exchanges initiated"), 1,
@@ -755,11 +665,11 @@ GSC_KX_start (const struct GNUNET_PeerIdentity *pid)
755 kx = GNUNET_malloc (sizeof (struct GSC_KeyExchangeInfo)); 665 kx = GNUNET_malloc (sizeof (struct GSC_KeyExchangeInfo));
756 kx->peer = *pid; 666 kx->peer = *pid;
757 kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY; 667 kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY;
758 kx->pitr = 668 GNUNET_CONTAINER_DLL_insert (kx_head,
759 GNUNET_PEERINFO_iterate (peerinfo, pid, 669 kx_tail,
760 GNUNET_TIME_UNIT_FOREVER_REL /* timeout? */ , 670 kx);
761 &process_hello, kx); 671 kx->status = KX_STATE_KEY_SENT;
762 CHECK_KX (kx); 672 send_key (kx);
763 return kx; 673 return kx;
764} 674}
765 675
@@ -774,11 +684,6 @@ GSC_KX_stop (struct GSC_KeyExchangeInfo *kx)
774{ 684{
775 GNUNET_STATISTICS_update (GSC_stats, gettext_noop ("# key exchanges stopped"), 685 GNUNET_STATISTICS_update (GSC_stats, gettext_noop ("# key exchanges stopped"),
776 1, GNUNET_NO); 686 1, GNUNET_NO);
777 if (NULL != kx->pitr)
778 {
779 GNUNET_PEERINFO_iterate_cancel (kx->pitr);
780 kx->pitr = NULL;
781 }
782 if (kx->retry_set_key_task != GNUNET_SCHEDULER_NO_TASK) 687 if (kx->retry_set_key_task != GNUNET_SCHEDULER_NO_TASK)
783 { 688 {
784 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task); 689 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task);
@@ -789,16 +694,26 @@ GSC_KX_stop (struct GSC_KeyExchangeInfo *kx)
789 GNUNET_SCHEDULER_cancel (kx->keep_alive_task); 694 GNUNET_SCHEDULER_cancel (kx->keep_alive_task);
790 kx->keep_alive_task = GNUNET_SCHEDULER_NO_TASK; 695 kx->keep_alive_task = GNUNET_SCHEDULER_NO_TASK;
791 } 696 }
792 GNUNET_free_non_null (kx->skm_received); 697 GNUNET_CONTAINER_DLL_remove (kx_head,
793 GNUNET_free_non_null (kx->ping_received); 698 kx_tail,
794 GNUNET_free_non_null (kx->pong_received); 699 kx);
795 GNUNET_free_non_null (kx->emsg_received);
796 GNUNET_free_non_null (kx->public_key);
797 GNUNET_free (kx); 700 GNUNET_free (kx);
798} 701}
799 702
800 703
801/** 704/**
705 * Send our PING to the other peer.
706 *
707 * @param kx key exchange context
708 */
709static void
710send_ping (struct GSC_KeyExchangeInfo *kx)
711{
712 GSC_NEIGHBOURS_transmit (&kx->peer, &kx->ping.header,
713 MIN_PING_FREQUENCY);
714}
715
716/**
802 * We received a SET_KEY message. Validate and update 717 * We received a SET_KEY message. Validate and update
803 * our key material and status. 718 * our key material and status.
804 * 719 *
@@ -806,146 +721,142 @@ GSC_KX_stop (struct GSC_KeyExchangeInfo *kx)
806 * @param msg the set key message we received 721 * @param msg the set key message we received
807 */ 722 */
808void 723void
809GSC_KX_handle_set_key (struct GSC_KeyExchangeInfo *kx, 724GSC_KX_handle_ephemeral_key (struct GSC_KeyExchangeInfo *kx,
810 const struct GNUNET_MessageHeader *msg) 725 const struct GNUNET_MessageHeader *msg)
811{ 726{
812 const struct SetKeyMessage *m; 727 const struct EphemeralKeyMessage *m;
813 struct GNUNET_TIME_Absolute t; 728 struct GNUNET_TIME_Absolute start_t;
814 struct GNUNET_CRYPTO_AesSessionKey k; 729 struct GNUNET_TIME_Absolute end_t;
815 struct PingMessage *ping; 730 struct GNUNET_TIME_Absolute now;
816 struct PongMessage *pong; 731 struct GNUNET_PeerIdentity signer_id;
817 enum KxStateMachine sender_status; 732 enum KxStateMachine sender_status;
818 uint16_t size; 733 uint16_t size;
734 struct GNUNET_HashCode key_material;
819 735
820 CHECK_KX (kx);
821 size = ntohs (msg->size); 736 size = ntohs (msg->size);
822 if (size != sizeof (struct SetKeyMessage)) 737 if (sizeof (struct EphemeralKeyMessage) != size)
823 { 738 {
824 GNUNET_break_op (0); 739 GNUNET_break_op (0);
825 return; 740 return;
826 } 741 }
827 m = (const struct SetKeyMessage *) msg; 742 m = (const struct EphemeralKeyMessage *) msg;
828 GNUNET_STATISTICS_update (GSC_stats, gettext_noop ("# session keys received"), 743 GNUNET_STATISTICS_update (GSC_stats, gettext_noop ("# ephemeral keys received"),
829 1, GNUNET_NO); 744 1, GNUNET_NO);
830 745
831 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 746 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
832 "Core service receives `%s' request from `%4s'.\n", "SET_KEY", 747 "Core service receives `%s' request from `%4s'.\n", "EPHEMERAL_KEY",
833 GNUNET_i2s (&kx->peer)); 748 GNUNET_i2s (&kx->peer));
834 if (NULL == kx->public_key) 749 GNUNET_CRYPTO_hash (&m->origin_public_key,
835 { 750 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded),
836 GNUNET_free_non_null (kx->skm_received); 751 &signer_id.hashPubKey);
837 kx->skm_received = (struct SetKeyMessage *) GNUNET_copy_message (msg);
838 return;
839 }
840 if (0 != 752 if (0 !=
841 memcmp (&m->target, &GSC_my_identity, 753 memcmp (&signer_id, &kx->peer,
842 sizeof (struct GNUNET_PeerIdentity))) 754 sizeof (struct GNUNET_PeerIdentity)))
843 { 755 {
844 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 756 GNUNET_break_op (0);
845 _("`%s' is for `%s', not for me. Ignoring.\n"), "SET_KEY",
846 GNUNET_i2s (&m->target));
847 return; 757 return;
848 } 758 }
849 if ((ntohl (m->purpose.size) != 759 if ((ntohl (m->purpose.size) !=
850 sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + 760 sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
761 sizeof (struct GNUNET_TIME_AbsoluteNBO) +
851 sizeof (struct GNUNET_TIME_AbsoluteNBO) + 762 sizeof (struct GNUNET_TIME_AbsoluteNBO) +
852 sizeof (struct GNUNET_CRYPTO_RsaEncryptedData) + 763 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded) +
853 sizeof (struct GNUNET_PeerIdentity)) || 764 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded)) ||
854 (GNUNET_OK != 765 (GNUNET_OK !=
855 GNUNET_CRYPTO_rsa_verify (GNUNET_SIGNATURE_PURPOSE_SET_KEY, &m->purpose, 766 GNUNET_CRYPTO_ecc_verify (GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY,
856 &m->signature, kx->public_key))) 767 &m->purpose,
768 &m->signature, &m->origin_public_key)))
857 { 769 {
858 /* invalid signature */ 770 /* invalid signature */
859 CHECK_KX (kx);
860 GNUNET_break_op (0); 771 GNUNET_break_op (0);
861 return; 772 return;
862 } 773 }
863 t = GNUNET_TIME_absolute_ntoh (m->creation_time); 774 start_t = GNUNET_TIME_absolute_ntoh (m->creation_time);
864 if (((kx->status == KX_STATE_KEY_RECEIVED) || (kx->status == KX_STATE_UP)) && 775 end_t = GNUNET_TIME_absolute_ntoh (m->expiration_time);
865 (t.abs_value < kx->decrypt_key_created.abs_value)) 776 now = GNUNET_TIME_absolute_get ();
777 if ( (end_t.abs_value < GNUNET_TIME_absolute_subtract (now, REKEY_TOLERANCE).abs_value) ||
778 (start_t.abs_value > GNUNET_TIME_absolute_add (now, REKEY_TOLERANCE).abs_value) )
866 { 779 {
867 /* this could rarely happen due to massive re-ordering of 780 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
868 * messages on the network level, but is most likely either 781 _("Ephemeral key message rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"),
869 * a bug or some adversary messing with us. Report. */ 782 now.abs_value,
870 GNUNET_break_op (0); 783 start_t.abs_value,
784 end_t.abs_value);
871 return; 785 return;
872 } 786 }
873 if ((GNUNET_CRYPTO_rsa_decrypt 787 if (GNUNET_OK !=
874 (my_private_key, &m->encrypted_key, &k, 788 GNUNET_CRYPTO_ecc_ecdh (my_ephemeral_key,
875 sizeof (struct GNUNET_CRYPTO_AesSessionKey)) != 789 &m->ephemeral_key,
876 sizeof (struct GNUNET_CRYPTO_AesSessionKey)) || 790 &key_material))
877 (GNUNET_OK != GNUNET_CRYPTO_aes_check_session_key (&k)))
878 { 791 {
879 /* failed to decrypt !? */ 792 GNUNET_break (0);
880 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
881 "Invalid key %x decrypted by %s from message %u (origin: %s)\n",
882 (unsigned int) GNUNET_CRYPTO_crc32_n (&k, sizeof (struct GNUNET_CRYPTO_AesSessionKey)),
883 GNUNET_i2s (&GSC_my_identity),
884 (unsigned int) GNUNET_CRYPTO_crc32_n (&m->encrypted_key, sizeof (struct GNUNET_CRYPTO_RsaEncryptedData)),
885 GNUNET_h2s (&kx->peer.hashPubKey));
886 GNUNET_break_op (0);
887 return; 793 return;
888 } 794 }
889 GNUNET_STATISTICS_update (GSC_stats, 795 GNUNET_STATISTICS_update (GSC_stats,
890 gettext_noop ("# SET_KEY messages decrypted"), 1, 796 gettext_noop ("# EPHEMERAL_KEY messages decrypted"), 1,
891 GNUNET_NO); 797 GNUNET_NO);
892 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received SET_KEY from `%s'\n", 798 derive_aes_key (&GSC_my_identity,
893 GNUNET_i2s (&kx->peer)); 799 &kx->peer,
894 kx->decrypt_key = k; 800 &key_material,
895 if (kx->decrypt_key_created.abs_value != t.abs_value) 801 &kx->encrypt_key);
802 derive_aes_key (&kx->peer,
803 &GSC_my_identity,
804 &key_material,
805 &kx->decrypt_key);
806 /* fresh key, reset sequence numbers */
807 kx->last_sequence_number_received = 0;
808 kx->last_packets_bitmap = 0;
809 kx->foreign_key_expires = end_t;
810 setup_fresh_ping (kx);
811
812 /* check if we still need to send the sender our key */
813 sender_status = (enum KxStateMachine) ntohl (m->sender_status);
814 switch (sender_status)
896 { 815 {
897 /* fresh key, reset sequence numbers */ 816 case KX_STATE_DOWN:
898 kx->last_sequence_number_received = 0; 817 /* makes no sense, should be at least KX_STATE_KEY_SENT */
899 kx->last_packets_bitmap = 0; 818 GNUNET_break_op (0);
900 kx->decrypt_key_created = t; 819 break;
820 case KX_STATE_KEY_SENT:
821 send_key (kx);
822 break;
823 case KX_STATE_KEY_RECEIVED:
824 case KX_STATE_UP:
825 case KX_STATE_REKEY_SENT:
826 /* other peer already got our key */
827 break;
828 default:
829 GNUNET_break (0);
830 break;
901 } 831 }
902 sender_status = (enum KxStateMachine) ntohl (m->sender_status); 832 /* check if we need to confirm everything is fine via PING + PONG */
903 switch (kx->status) 833 switch (kx->status)
904 { 834 {
905 case KX_STATE_DOWN: 835 case KX_STATE_DOWN:
906 kx->status = KX_STATE_KEY_RECEIVED; 836 kx->status = KX_STATE_KEY_RECEIVED;
907 /* we're not up, so we are already doing 'send_key' */ 837 send_ping (kx);
908 break; 838 break;
909 case KX_STATE_KEY_SENT: 839 case KX_STATE_KEY_SENT:
910 kx->status = KX_STATE_KEY_RECEIVED; 840 kx->status = KX_STATE_KEY_RECEIVED;
911 /* we're not up, so we are already doing 'send_key' */ 841 send_ping (kx);
912 break; 842 break;
913 case KX_STATE_KEY_RECEIVED: 843 case KX_STATE_KEY_RECEIVED:
914 /* we're not up, so we are already doing 'send_key' */ 844 send_ping (kx);
915 break; 845 break;
916 case KX_STATE_UP: 846 case KX_STATE_UP:
917 if ((sender_status == KX_STATE_DOWN) || 847 kx->status = KX_STATE_KEY_RECEIVED;
918 (sender_status == KX_STATE_KEY_SENT)) 848 /* we got a new key, need to reconfirm! */
919 send_key (kx); /* we are up, but other peer is not! */ 849 send_ping (kx);
920 break;
921 case KX_STATE_REKEY:
922 if ((sender_status == KX_STATE_DOWN) ||
923 (sender_status == KX_STATE_KEY_SENT))
924 send_key (kx); /* we are up, but other peer is not! */
925 break; 850 break;
926 case KX_STATE_REKEY_SENT: 851 case KX_STATE_REKEY_SENT:
927 if ((sender_status == KX_STATE_DOWN) || 852 kx->status = KX_STATE_KEY_RECEIVED;
928 (sender_status == KX_STATE_KEY_SENT)) 853 /* we got a new key, need to reconfirm! */
929 send_key (kx); /* we are up, but other peer is not! */ 854 send_ping (kx);
930 break; 855 break;
931 default: 856 default:
932 GNUNET_break (0); 857 GNUNET_break (0);
933 break; 858 break;
934 } 859 }
935 if (NULL != kx->ping_received)
936 {
937 ping = kx->ping_received;
938 kx->ping_received = NULL;
939 GSC_KX_handle_ping (kx, &ping->header);
940 GNUNET_free (ping);
941 }
942 if (NULL != kx->pong_received)
943 {
944 pong = kx->pong_received;
945 kx->pong_received = NULL;
946 GSC_KX_handle_pong (kx, &pong->header);
947 GNUNET_free (pong);
948 }
949} 860}
950 861
951 862
@@ -976,12 +887,14 @@ GSC_KX_handle_ping (struct GSC_KeyExchangeInfo *kx,
976 GNUNET_STATISTICS_update (GSC_stats, 887 GNUNET_STATISTICS_update (GSC_stats,
977 gettext_noop ("# PING messages received"), 1, 888 gettext_noop ("# PING messages received"), 1,
978 GNUNET_NO); 889 GNUNET_NO);
979 if ((kx->status != KX_STATE_KEY_RECEIVED) && (kx->status != KX_STATE_UP) && 890 if ( (kx->status != KX_STATE_KEY_RECEIVED) &&
980 (kx->status != KX_STATE_REKEY_SENT)) 891 (kx->status != KX_STATE_UP) &&
892 (kx->status != KX_STATE_REKEY_SENT))
981 { 893 {
982 /* defer */ 894 /* ignore */
983 GNUNET_free_non_null (kx->ping_received); 895 GNUNET_STATISTICS_update (GSC_stats,
984 kx->ping_received = (struct PingMessage *) GNUNET_copy_message (msg); 896 gettext_noop ("# PING messages dropped (out of order)"), 1,
897 GNUNET_NO);
985 return; 898 return;
986 } 899 }
987 m = (const struct PingMessage *) msg; 900 m = (const struct PingMessage *) msg;
@@ -1012,10 +925,8 @@ GSC_KX_handle_ping (struct GSC_KeyExchangeInfo *kx,
1012 GNUNET_break_op (0); 925 GNUNET_break_op (0);
1013 return; 926 return;
1014 } 927 }
1015 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received PING from `%s'\n",
1016 GNUNET_i2s (&kx->peer));
1017 /* construct PONG */ 928 /* construct PONG */
1018 tx.reserved = GNUNET_BANDWIDTH_VALUE_MAX; 929 tx.reserved = 0;
1019 tx.challenge = t.challenge; 930 tx.challenge = t.challenge;
1020 tx.target = t.target; 931 tx.target = t.target;
1021 tp.header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PONG); 932 tp.header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PONG);
@@ -1034,76 +945,6 @@ GSC_KX_handle_ping (struct GSC_KeyExchangeInfo *kx,
1034 945
1035 946
1036/** 947/**
1037 * Create a fresh SET KEY message for transmission to the other peer.
1038 * Also creates a new key.
1039 *
1040 * @param kx key exchange context to create SET KEY message for
1041 */
1042static void
1043setup_fresh_setkey (struct GSC_KeyExchangeInfo *kx)
1044{
1045 struct SetKeyMessage *skm;
1046
1047 GNUNET_CRYPTO_aes_create_session_key (&kx->encrypt_key);
1048 kx->encrypt_key_created = GNUNET_TIME_absolute_get ();
1049 skm = &kx->skm;
1050 skm->header.size = htons (sizeof (struct SetKeyMessage));
1051 skm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_SET_KEY);
1052 skm->purpose.size =
1053 htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) +
1054 sizeof (struct GNUNET_TIME_AbsoluteNBO) +
1055 sizeof (struct GNUNET_CRYPTO_RsaEncryptedData) +
1056 sizeof (struct GNUNET_PeerIdentity));
1057 skm->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_SET_KEY);
1058 skm->creation_time = GNUNET_TIME_absolute_hton (kx->encrypt_key_created);
1059 skm->target = kx->peer;
1060 CHECK_KX (kx);
1061 GNUNET_assert (GNUNET_OK ==
1062 GNUNET_CRYPTO_rsa_encrypt (&kx->encrypt_key,
1063 sizeof (struct
1064 GNUNET_CRYPTO_AesSessionKey),
1065 kx->public_key,
1066 &skm->encrypted_key));
1067 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1068 "Encrypting key %x for %s resulting in message %u (origin: %s)\n",
1069 (unsigned int) GNUNET_CRYPTO_crc32_n (&kx->encrypt_key, sizeof (struct GNUNET_CRYPTO_AesSessionKey)),
1070 GNUNET_i2s (&kx->peer),
1071 (unsigned int) GNUNET_CRYPTO_crc32_n (&skm->encrypted_key, sizeof (struct GNUNET_CRYPTO_RsaEncryptedData)),
1072 GNUNET_h2s (&GSC_my_identity.hashPubKey));
1073
1074 GNUNET_assert (GNUNET_OK ==
1075 GNUNET_CRYPTO_rsa_sign (my_private_key, &skm->purpose,
1076 &skm->signature));
1077}
1078
1079
1080/**
1081 * Create a fresh PING message for transmission to the other peer.
1082 *
1083 * @param kx key exchange context to create PING for
1084 */
1085static void
1086setup_fresh_ping (struct GSC_KeyExchangeInfo *kx)
1087{
1088 struct PingMessage pp;
1089 struct PingMessage *pm;
1090 struct GNUNET_CRYPTO_AesInitializationVector iv;
1091
1092 pm = &kx->ping;
1093 pm->header.size = htons (sizeof (struct PingMessage));
1094 pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING);
1095 pm->iv_seed =
1096 GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX);
1097 derive_iv (&iv, &kx->encrypt_key, pm->iv_seed, &kx->peer);
1098 pp.challenge = kx->ping_challenge;
1099 pp.target = kx->peer;
1100 do_encrypt (kx, &iv, &pp.target, &pm->target,
1101 sizeof (struct PingMessage) - ((void *) &pm->target -
1102 (void *) pm));
1103}
1104
1105
1106/**
1107 * Task triggered when a neighbour entry is about to time out 948 * Task triggered when a neighbour entry is about to time out
1108 * (and we should prevent this by sending a PING). 949 * (and we should prevent this by sending a PING).
1109 * 950 *
@@ -1125,7 +966,7 @@ send_keep_alive (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
1125 gettext_noop ("# sessions terminated by timeout"), 966 gettext_noop ("# sessions terminated by timeout"),
1126 1, GNUNET_NO); 967 1, GNUNET_NO);
1127 GSC_SESSIONS_end (&kx->peer); 968 GSC_SESSIONS_end (&kx->peer);
1128 kx->status = KX_STATE_DOWN; 969 kx->status = KX_STATE_KEY_SENT;
1129 send_key (kx); 970 send_key (kx);
1130 return; 971 return;
1131 } 972 }
@@ -1168,49 +1009,6 @@ update_timeout (struct GSC_KeyExchangeInfo *kx)
1168 1009
1169 1010
1170/** 1011/**
1171 * Trigger rekeying event.
1172 *
1173 * @param cls the 'struct GSC_KeyExchangeInfo'
1174 * @param tc schedule context (unused)
1175 */
1176static void
1177trigger_rekey (void *cls,
1178 const struct GNUNET_SCHEDULER_TaskContext *tc)
1179{
1180 struct GSC_KeyExchangeInfo *kx = cls;
1181
1182 GNUNET_break (KX_STATE_UP == kx->status);
1183 kx->status = KX_STATE_REKEY;
1184 kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY;
1185 kx->retry_set_key_task =
1186 GNUNET_SCHEDULER_add_delayed (kx->set_key_retry_frequency,
1187 &set_key_retry_task, kx);
1188}
1189
1190
1191/**
1192 * Schedule rekey operation.
1193 *
1194 * @param kx key exchange to schedule rekey for
1195 */
1196static void
1197schedule_rekey (struct GSC_KeyExchangeInfo *kx)
1198{
1199 struct GNUNET_TIME_Relative rdelay;
1200
1201 if (GNUNET_SCHEDULER_NO_TASK != kx->retry_set_key_task)
1202 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task);
1203 rdelay = REKEY_FREQUENCY;
1204 /* randomize rekey frequency by one minute to avoid synchronization */
1205 rdelay.rel_value += GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
1206 60 * 1000);
1207 kx->retry_set_key_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY,
1208 &trigger_rekey,
1209 kx);
1210}
1211
1212
1213/**
1214 * We received a PONG message. Validate and update our status. 1012 * We received a PONG message. Validate and update our status.
1215 * 1013 *
1216 * @param kx key exchange context for the the PONG 1014 * @param kx key exchange context for the the PONG
@@ -1222,7 +1020,6 @@ GSC_KX_handle_pong (struct GSC_KeyExchangeInfo *kx,
1222{ 1020{
1223 const struct PongMessage *m; 1021 const struct PongMessage *m;
1224 struct PongMessage t; 1022 struct PongMessage t;
1225 struct EncryptedMessage *emsg;
1226 struct GNUNET_CRYPTO_AesInitializationVector iv; 1023 struct GNUNET_CRYPTO_AesInitializationVector iv;
1227 uint16_t msize; 1024 uint16_t msize;
1228 1025
@@ -1238,17 +1035,19 @@ GSC_KX_handle_pong (struct GSC_KeyExchangeInfo *kx,
1238 switch (kx->status) 1035 switch (kx->status)
1239 { 1036 {
1240 case KX_STATE_DOWN: 1037 case KX_STATE_DOWN:
1038 GNUNET_STATISTICS_update (GSC_stats,
1039 gettext_noop ("# PONG messages dropped (connection down)"), 1,
1040 GNUNET_NO);
1241 return; 1041 return;
1242 case KX_STATE_KEY_SENT: 1042 case KX_STATE_KEY_SENT:
1243 GNUNET_free_non_null (kx->pong_received); 1043 GNUNET_STATISTICS_update (GSC_stats,
1244 kx->pong_received = (struct PongMessage *) GNUNET_copy_message (msg); 1044 gettext_noop ("# PONG messages dropped (out of order)"), 1,
1045 GNUNET_NO);
1245 return; 1046 return;
1246 case KX_STATE_KEY_RECEIVED: 1047 case KX_STATE_KEY_RECEIVED:
1247 break; 1048 break;
1248 case KX_STATE_UP: 1049 case KX_STATE_UP:
1249 break; 1050 break;
1250 case KX_STATE_REKEY:
1251 break;
1252 case KX_STATE_REKEY_SENT: 1051 case KX_STATE_REKEY_SENT:
1253 break; 1052 break;
1254 default: 1053 default:
@@ -1289,13 +1088,19 @@ GSC_KX_handle_pong (struct GSC_KeyExchangeInfo *kx,
1289 } 1088 }
1290 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received PONG from `%s'\n", 1089 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received PONG from `%s'\n",
1291 GNUNET_i2s (&kx->peer)); 1090 GNUNET_i2s (&kx->peer));
1091 /* no need to resend key any longer */
1092 if (GNUNET_SCHEDULER_NO_TASK != kx->retry_set_key_task)
1093 {
1094 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task);
1095 kx->retry_set_key_task = GNUNET_SCHEDULER_NO_TASK;
1096 }
1292 switch (kx->status) 1097 switch (kx->status)
1293 { 1098 {
1294 case KX_STATE_DOWN: 1099 case KX_STATE_DOWN:
1295 GNUNET_break (0); /* should be impossible */ 1100 GNUNET_assert (0); /* should be impossible */
1296 return; 1101 return;
1297 case KX_STATE_KEY_SENT: 1102 case KX_STATE_KEY_SENT:
1298 GNUNET_break (0); /* should be impossible */ 1103 GNUNET_assert (0); /* should be impossible */
1299 return; 1104 return;
1300 case KX_STATE_KEY_RECEIVED: 1105 case KX_STATE_KEY_RECEIVED:
1301 GNUNET_STATISTICS_update (GSC_stats, 1106 GNUNET_STATISTICS_update (GSC_stats,
@@ -1304,23 +1109,14 @@ GSC_KX_handle_pong (struct GSC_KeyExchangeInfo *kx,
1304 GNUNET_NO); 1109 GNUNET_NO);
1305 kx->status = KX_STATE_UP; 1110 kx->status = KX_STATE_UP;
1306 GSC_SESSIONS_create (&kx->peer, kx); 1111 GSC_SESSIONS_create (&kx->peer, kx);
1307 CHECK_KX (kx);
1308 schedule_rekey (kx);
1309 GNUNET_assert (GNUNET_SCHEDULER_NO_TASK == kx->keep_alive_task); 1112 GNUNET_assert (GNUNET_SCHEDULER_NO_TASK == kx->keep_alive_task);
1310 if (NULL != kx->emsg_received)
1311 {
1312 emsg = kx->emsg_received;
1313 kx->emsg_received = NULL;
1314 GSC_KX_handle_encrypted_message (kx, &emsg->header, NULL,
1315 0 /* FIXME: ATSI */ );
1316 GNUNET_free (emsg);
1317 }
1318 update_timeout (kx); 1113 update_timeout (kx);
1319 break; 1114 break;
1320 case KX_STATE_UP: 1115 case KX_STATE_UP:
1321 update_timeout (kx); 1116 GNUNET_STATISTICS_update (GSC_stats,
1322 break; 1117 gettext_noop
1323 case KX_STATE_REKEY: 1118 ("# timeouts prevented via PONG"), 1,
1119 GNUNET_NO);
1324 update_timeout (kx); 1120 update_timeout (kx);
1325 break; 1121 break;
1326 case KX_STATE_REKEY_SENT: 1122 case KX_STATE_REKEY_SENT:
@@ -1329,7 +1125,6 @@ GSC_KX_handle_pong (struct GSC_KeyExchangeInfo *kx,
1329 ("# rekey operations confirmed via PONG"), 1, 1125 ("# rekey operations confirmed via PONG"), 1,
1330 GNUNET_NO); 1126 GNUNET_NO);
1331 kx->status = KX_STATE_UP; 1127 kx->status = KX_STATE_UP;
1332 schedule_rekey (kx);
1333 update_timeout (kx); 1128 update_timeout (kx);
1334 break; 1129 break;
1335 default: 1130 default:
@@ -1340,86 +1135,25 @@ GSC_KX_handle_pong (struct GSC_KeyExchangeInfo *kx,
1340 1135
1341 1136
1342/** 1137/**
1343 * Send our key (and encrypted PING) to the other peer. 1138 * Send our key to the other peer.
1344 * 1139 *
1345 * @param kx key exchange context 1140 * @param kx key exchange context
1346 */ 1141 */
1347static void 1142static void
1348send_key (struct GSC_KeyExchangeInfo *kx) 1143send_key (struct GSC_KeyExchangeInfo *kx)
1349{ 1144{
1350 CHECK_KX (kx);
1351 if (GNUNET_SCHEDULER_NO_TASK != kx->retry_set_key_task) 1145 if (GNUNET_SCHEDULER_NO_TASK != kx->retry_set_key_task)
1352 { 1146 {
1353 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task); 1147 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task);
1354 kx->retry_set_key_task = GNUNET_SCHEDULER_NO_TASK; 1148 kx->retry_set_key_task = GNUNET_SCHEDULER_NO_TASK;
1355 } 1149 }
1356 if (KX_STATE_UP == kx->status)
1357 return; /* nothing to do */
1358 if (NULL == kx->public_key)
1359 {
1360 if (NULL != kx->pitr)
1361 return;
1362 /* lookup public key, then try again */
1363 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1364 "Trying to obtain public key for `%s'\n",
1365 GNUNET_i2s (&kx->peer));
1366 kx->pitr =
1367 GNUNET_PEERINFO_iterate (peerinfo, &kx->peer,
1368 GNUNET_TIME_UNIT_FOREVER_REL /* timeout? */ ,
1369 &process_hello, kx);
1370 return;
1371 }
1372
1373 /* update status */
1374 switch (kx->status)
1375 {
1376 case KX_STATE_DOWN:
1377 kx->status = KX_STATE_KEY_SENT;
1378 /* setup SET KEY message */
1379 setup_fresh_setkey (kx);
1380 setup_fresh_ping (kx);
1381 GNUNET_STATISTICS_update (GSC_stats,
1382 gettext_noop
1383 ("# SET_KEY and PING messages created"), 1,
1384 GNUNET_NO);
1385 break;
1386 case KX_STATE_KEY_SENT:
1387 break;
1388 case KX_STATE_KEY_RECEIVED:
1389 break;
1390 case KX_STATE_UP:
1391 GNUNET_break (0);
1392 return;
1393 case KX_STATE_REKEY:
1394 kx->status = KX_STATE_REKEY_SENT;
1395 /* setup fresh SET KEY message */
1396 setup_fresh_setkey (kx);
1397 setup_fresh_ping (kx);
1398 GNUNET_STATISTICS_update (GSC_stats,
1399 gettext_noop
1400 ("# SET_KEY and PING messages created"), 1,
1401 GNUNET_NO);
1402 GNUNET_STATISTICS_update (GSC_stats,
1403 gettext_noop
1404 ("# REKEY operations performed"), 1,
1405 GNUNET_NO);
1406 break;
1407 case KX_STATE_REKEY_SENT:
1408 break;
1409 default:
1410 GNUNET_break (0);
1411 return;
1412 }
1413
1414 /* always update sender status in SET KEY message */ 1150 /* always update sender status in SET KEY message */
1415 /* Not sending rekey sent state to be compatible with GNUnet 0.9.2 */ 1151 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1416 kx->skm.sender_status = htonl ((int32_t) ((kx->status == KX_STATE_REKEY_SENT) ? 1152 "Sending key to `%s' (my status: %d)\n",
1417 KX_STATE_KEY_RECEIVED : kx->status)); 1153 GNUNET_i2s (&kx->peer),
1418 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sending SET_KEY and PING to `%s'\n", 1154 kx->status);
1419 GNUNET_i2s (&kx->peer)); 1155 current_ekm.sender_status = htonl ((int32_t) (kx->status));
1420 GSC_NEIGHBOURS_transmit (&kx->peer, &kx->skm.header, 1156 GSC_NEIGHBOURS_transmit (&kx->peer, &current_ekm.header,
1421 kx->set_key_retry_frequency);
1422 GSC_NEIGHBOURS_transmit (&kx->peer, &kx->ping.header,
1423 kx->set_key_retry_frequency); 1157 kx->set_key_retry_frequency);
1424 kx->retry_set_key_task = 1158 kx->retry_set_key_task =
1425 GNUNET_SCHEDULER_add_delayed (kx->set_key_retry_frequency, 1159 GNUNET_SCHEDULER_add_delayed (kx->set_key_retry_frequency,
@@ -1451,7 +1185,7 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx,
1451 htonl (GNUNET_CRYPTO_random_u32 1185 htonl (GNUNET_CRYPTO_random_u32
1452 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX)); 1186 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX));
1453 ph->sequence_number = htonl (++kx->last_sequence_number_sent); 1187 ph->sequence_number = htonl (++kx->last_sequence_number_sent);
1454 ph->reserved = GNUNET_BANDWIDTH_VALUE_MAX; 1188 ph->reserved = 0;
1455 ph->timestamp = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ()); 1189 ph->timestamp = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ());
1456 memcpy (&ph[1], payload, payload_size); 1190 memcpy (&ph[1], payload, payload_size);
1457 1191
@@ -1466,8 +1200,9 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx,
1466 used - ENCRYPTED_HEADER_SIZE)); 1200 used - ENCRYPTED_HEADER_SIZE));
1467 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Encrypted %u bytes for %s\n", 1201 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Encrypted %u bytes for %s\n",
1468 used - ENCRYPTED_HEADER_SIZE, GNUNET_i2s (&kx->peer)); 1202 used - ENCRYPTED_HEADER_SIZE, GNUNET_i2s (&kx->peer));
1469 derive_auth_key (&auth_key, &kx->encrypt_key, ph->iv_seed, 1203 derive_auth_key (&auth_key,
1470 kx->encrypt_key_created); 1204 &kx->encrypt_key,
1205 ph->iv_seed);
1471 GNUNET_CRYPTO_hmac (&auth_key, &em->sequence_number, 1206 GNUNET_CRYPTO_hmac (&auth_key, &em->sequence_number,
1472 used - ENCRYPTED_HEADER_SIZE, &em->hmac); 1207 used - ENCRYPTED_HEADER_SIZE, &em->hmac);
1473 GSC_NEIGHBOURS_transmit (&kx->peer, &em->header, 1208 GSC_NEIGHBOURS_transmit (&kx->peer, &em->header,
@@ -1531,31 +1266,35 @@ GSC_KX_handle_encrypted_message (struct GSC_KeyExchangeInfo *kx,
1531 return; 1266 return;
1532 } 1267 }
1533 m = (const struct EncryptedMessage *) msg; 1268 m = (const struct EncryptedMessage *) msg;
1534 if ((kx->status != KX_STATE_KEY_RECEIVED) && (kx->status != KX_STATE_UP) && 1269 if (kx->status != KX_STATE_UP)
1535 (kx->status != KX_STATE_REKEY_SENT) )
1536 { 1270 {
1537 GNUNET_STATISTICS_update (GSC_stats, 1271 GNUNET_STATISTICS_update (GSC_stats,
1538 gettext_noop 1272 gettext_noop
1539 ("# failed to decrypt message (no session key)"), 1273 ("# DATA message dropped (out of order)"),
1540 1, GNUNET_NO); 1274 1, GNUNET_NO);
1541 return; 1275 return;
1542 } 1276 }
1543 if (KX_STATE_KEY_RECEIVED == kx->status) 1277 if (0 == GNUNET_TIME_absolute_get_remaining (kx->foreign_key_expires).rel_value)
1544 { 1278 {
1545 /* defer */ 1279 kx->status = KX_STATE_KEY_SENT;
1546 GNUNET_free_non_null (kx->emsg_received); 1280 GNUNET_STATISTICS_update (GSC_stats,
1547 kx->emsg_received = (struct EncryptedMessage *) GNUNET_copy_message (msg); 1281 gettext_noop
1282 ("# DATA message dropped (session key expired)"),
1283 1, GNUNET_NO);
1284 send_key (kx);
1548 return; 1285 return;
1549 } 1286 }
1287
1550 /* validate hash */ 1288 /* validate hash */
1551 derive_auth_key (&auth_key, &kx->decrypt_key, m->iv_seed, 1289 derive_auth_key (&auth_key, &kx->decrypt_key, m->iv_seed);
1552 kx->decrypt_key_created);
1553 GNUNET_CRYPTO_hmac (&auth_key, &m->sequence_number, 1290 GNUNET_CRYPTO_hmac (&auth_key, &m->sequence_number,
1554 size - ENCRYPTED_HEADER_SIZE, &ph); 1291 size - ENCRYPTED_HEADER_SIZE, &ph);
1555 if (0 != memcmp (&ph, &m->hmac, sizeof (struct GNUNET_HashCode))) 1292 if (0 != memcmp (&ph, &m->hmac, sizeof (struct GNUNET_HashCode)))
1556 { 1293 {
1557 /* checksum failed */ 1294 /* checksum failed */
1558 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Failed checksum validation for a message from `%s'\n", GNUNET_i2s (&kx->peer)); 1295 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1296 "Failed checksum validation for a message from `%s'\n",
1297 GNUNET_i2s (&kx->peer));
1559 return; 1298 return;
1560 } 1299 }
1561 derive_iv (&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity); 1300 derive_iv (&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity);
@@ -1572,7 +1311,7 @@ GSC_KX_handle_encrypted_message (struct GSC_KeyExchangeInfo *kx,
1572 snum = ntohl (pt->sequence_number); 1311 snum = ntohl (pt->sequence_number);
1573 if (kx->last_sequence_number_received == snum) 1312 if (kx->last_sequence_number_received == snum)
1574 { 1313 {
1575 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1314 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1576 "Received duplicate message, ignoring.\n"); 1315 "Received duplicate message, ignoring.\n");
1577 /* duplicate, ignore */ 1316 /* duplicate, ignore */
1578 GNUNET_STATISTICS_update (GSC_stats, 1317 GNUNET_STATISTICS_update (GSC_stats,
@@ -1583,7 +1322,7 @@ GSC_KX_handle_encrypted_message (struct GSC_KeyExchangeInfo *kx,
1583 if ((kx->last_sequence_number_received > snum) && 1322 if ((kx->last_sequence_number_received > snum) &&
1584 (kx->last_sequence_number_received - snum > 32)) 1323 (kx->last_sequence_number_received - snum > 32))
1585 { 1324 {
1586 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1325 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1587 "Received ancient out of sequence message, ignoring.\n"); 1326 "Received ancient out of sequence message, ignoring.\n");
1588 /* ancient out of sequence, ignore */ 1327 /* ancient out of sequence, ignore */
1589 GNUNET_STATISTICS_update (GSC_stats, 1328 GNUNET_STATISTICS_update (GSC_stats,
@@ -1598,7 +1337,7 @@ GSC_KX_handle_encrypted_message (struct GSC_KeyExchangeInfo *kx,
1598 1337
1599 if ((kx->last_packets_bitmap & rotbit) != 0) 1338 if ((kx->last_packets_bitmap & rotbit) != 0)
1600 { 1339 {
1601 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1340 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1602 "Received duplicate message, ignoring.\n"); 1341 "Received duplicate message, ignoring.\n");
1603 GNUNET_STATISTICS_update (GSC_stats, 1342 GNUNET_STATISTICS_update (GSC_stats,
1604 gettext_noop ("# bytes dropped (duplicates)"), 1343 gettext_noop ("# bytes dropped (duplicates)"),
@@ -1624,8 +1363,8 @@ GSC_KX_handle_encrypted_message (struct GSC_KeyExchangeInfo *kx,
1624 if (GNUNET_TIME_absolute_get_duration (t).rel_value > 1363 if (GNUNET_TIME_absolute_get_duration (t).rel_value >
1625 MAX_MESSAGE_AGE.rel_value) 1364 MAX_MESSAGE_AGE.rel_value)
1626 { 1365 {
1627 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1366 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1628 _("Message received far too old (%s). Content ignored.\n"), 1367 "Message received far too old (%s). Content ignored.\n",
1629 GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (t), GNUNET_YES)); 1368 GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (t), GNUNET_YES));
1630 GNUNET_STATISTICS_update (GSC_stats, 1369 GNUNET_STATISTICS_update (GSC_stats,
1631 gettext_noop 1370 gettext_noop
@@ -1684,28 +1423,89 @@ deliver_message (void *cls, void *client, const struct GNUNET_MessageHeader *m)
1684 1423
1685 1424
1686/** 1425/**
1426 * Setup the message that links the ephemeral key to our persistent
1427 * public key and generate the appropriate signature.
1428 */
1429static void
1430sign_ephemeral_key ()
1431{
1432 current_ekm.header.size = htons (sizeof (struct EphemeralKeyMessage));
1433 current_ekm.header.type = htons (GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY);
1434 current_ekm.sender_status = 0; /* to be set later */
1435 current_ekm.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY);
1436 current_ekm.purpose.size = htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
1437 sizeof (struct GNUNET_TIME_AbsoluteNBO) +
1438 sizeof (struct GNUNET_TIME_AbsoluteNBO) +
1439 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded) +
1440 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded));
1441 current_ekm.creation_time = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ());
1442 current_ekm.expiration_time = GNUNET_TIME_absolute_hton (GNUNET_TIME_relative_to_absolute (GNUNET_TIME_relative_add (REKEY_FREQUENCY,
1443 REKEY_TOLERANCE)));
1444 GNUNET_CRYPTO_ecc_key_get_public (my_ephemeral_key,
1445 &current_ekm.ephemeral_key);
1446 current_ekm.origin_public_key = my_public_key;
1447 GNUNET_assert (GNUNET_OK ==
1448 GNUNET_CRYPTO_ecc_sign (my_private_key,
1449 &current_ekm.purpose,
1450 &current_ekm.signature));
1451}
1452
1453
1454/**
1455 * Task run to trigger rekeying.
1456 *
1457 * @param cls closure, NULL
1458 * @param tc scheduler context
1459 */
1460static void
1461do_rekey (void *cls,
1462 const struct GNUNET_SCHEDULER_TaskContext *tc)
1463{
1464 struct GSC_KeyExchangeInfo *pos;
1465
1466 rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY,
1467 &do_rekey,
1468 NULL);
1469 if (NULL != my_ephemeral_key)
1470 GNUNET_CRYPTO_ecc_key_free (my_ephemeral_key);
1471 my_ephemeral_key = GNUNET_CRYPTO_ecc_key_create ();
1472 GNUNET_assert (NULL != my_ephemeral_key);
1473 sign_ephemeral_key ();
1474 for (pos = kx_head; NULL != pos; pos = pos->next)
1475 {
1476 pos->status = KX_STATE_REKEY_SENT;
1477 send_key (pos);
1478 }
1479}
1480
1481
1482/**
1687 * Initialize KX subsystem. 1483 * Initialize KX subsystem.
1688 * 1484 *
1689 * @param pk private key to use for the peer 1485 * @param pk private key to use for the peer
1690 * @return GNUNET_OK on success, GNUNET_SYSERR on failure 1486 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
1691 */ 1487 */
1692int 1488int
1693GSC_KX_init (struct GNUNET_CRYPTO_RsaPrivateKey *pk) 1489GSC_KX_init (struct GNUNET_CRYPTO_EccPrivateKey *pk)
1694{ 1490{
1491 GNUNET_assert (NULL != pk);
1695 my_private_key = pk; 1492 my_private_key = pk;
1696 GNUNET_CRYPTO_rsa_key_get_public (my_private_key, &my_public_key); 1493 GNUNET_CRYPTO_ecc_key_get_public (my_private_key, &my_public_key);
1697 GNUNET_CRYPTO_hash (&my_public_key, sizeof (my_public_key), 1494 GNUNET_CRYPTO_hash (&my_public_key, sizeof (my_public_key),
1698 &GSC_my_identity.hashPubKey); 1495 &GSC_my_identity.hashPubKey);
1699 peerinfo = GNUNET_PEERINFO_connect (GSC_cfg); 1496 my_ephemeral_key = GNUNET_CRYPTO_ecc_key_create ();
1700 if (NULL == peerinfo) 1497 if (NULL == my_ephemeral_key)
1701 { 1498 {
1702 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 1499 GNUNET_break (0);
1703 _("Could not access PEERINFO service. Exiting.\n")); 1500 GNUNET_CRYPTO_ecc_key_free (my_private_key);
1704 GNUNET_CRYPTO_rsa_key_free (my_private_key);
1705 my_private_key = NULL; 1501 my_private_key = NULL;
1706 return GNUNET_SYSERR; 1502 return GNUNET_SYSERR;
1707 } 1503 }
1504 sign_ephemeral_key ();
1708 mst = GNUNET_SERVER_mst_create (&deliver_message, NULL); 1505 mst = GNUNET_SERVER_mst_create (&deliver_message, NULL);
1506 rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY,
1507 &do_rekey,
1508 NULL);
1709 return GNUNET_OK; 1509 return GNUNET_OK;
1710} 1510}
1711 1511
@@ -1716,15 +1516,20 @@ GSC_KX_init (struct GNUNET_CRYPTO_RsaPrivateKey *pk)
1716void 1516void
1717GSC_KX_done () 1517GSC_KX_done ()
1718{ 1518{
1519 if (GNUNET_SCHEDULER_NO_TASK != rekey_task)
1520 {
1521 GNUNET_SCHEDULER_cancel (rekey_task);
1522 rekey_task = GNUNET_SCHEDULER_NO_TASK;
1523 }
1719 if (NULL != my_private_key) 1524 if (NULL != my_private_key)
1720 { 1525 {
1721 GNUNET_CRYPTO_rsa_key_free (my_private_key); 1526 GNUNET_CRYPTO_ecc_key_free (my_private_key);
1722 my_private_key = NULL; 1527 my_private_key = NULL;
1723 } 1528 }
1724 if (NULL != peerinfo) 1529 if (NULL != my_ephemeral_key)
1725 { 1530 {
1726 GNUNET_PEERINFO_disconnect (peerinfo); 1531 GNUNET_CRYPTO_ecc_key_free (my_ephemeral_key);
1727 peerinfo = NULL; 1532 my_ephemeral_key = NULL;
1728 } 1533 }
1729 if (NULL != mst) 1534 if (NULL != mst)
1730 { 1535 {
diff --git a/src/core/gnunet-service-core_kx.h b/src/core/gnunet-service-core_kx.h
index fcb561e01..6e6d30d8d 100644
--- a/src/core/gnunet-service-core_kx.h
+++ b/src/core/gnunet-service-core_kx.h
@@ -37,15 +37,15 @@ struct GSC_KeyExchangeInfo;
37 37
38 38
39/** 39/**
40 * We received a SET_KEY message. Validate and update 40 * We received a EPHEMERAL_KEY message. Validate and update
41 * our key material and status. 41 * our key material and status.
42 * 42 *
43 * @param kx key exchange status for the corresponding peer 43 * @param kx key exchange status for the corresponding peer
44 * @param msg the set key message we received 44 * @param msg the set key message we received
45 */ 45 */
46void 46void
47GSC_KX_handle_set_key (struct GSC_KeyExchangeInfo *kx, 47GSC_KX_handle_ephemeral_key (struct GSC_KeyExchangeInfo *kx,
48 const struct GNUNET_MessageHeader *msg); 48 const struct GNUNET_MessageHeader *msg);
49 49
50 50
51/** 51/**
@@ -125,7 +125,7 @@ GSC_KX_stop (struct GSC_KeyExchangeInfo *kx);
125 * @return GNUNET_OK on success, GNUNET_SYSERR on failure 125 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
126 */ 126 */
127int 127int
128GSC_KX_init (struct GNUNET_CRYPTO_RsaPrivateKey *pk); 128GSC_KX_init (struct GNUNET_CRYPTO_EccPrivateKey *pk);
129 129
130 130
131/** 131/**
diff --git a/src/core/gnunet-service-core_neighbours.c b/src/core/gnunet-service-core_neighbours.c
index aa77fe47e..7e0086fd6 100644
--- a/src/core/gnunet-service-core_neighbours.c
+++ b/src/core/gnunet-service-core_neighbours.c
@@ -400,8 +400,8 @@ handle_transport_receive (void *cls, const struct GNUNET_PeerIdentity *peer,
400 type = ntohs (message->type); 400 type = ntohs (message->type);
401 switch (type) 401 switch (type)
402 { 402 {
403 case GNUNET_MESSAGE_TYPE_CORE_SET_KEY: 403 case GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY:
404 GSC_KX_handle_set_key (n->kxinfo, message); 404 GSC_KX_handle_ephemeral_key (n->kxinfo, message);
405 break; 405 break;
406 case GNUNET_MESSAGE_TYPE_CORE_PING: 406 case GNUNET_MESSAGE_TYPE_CORE_PING:
407 GSC_KX_handle_ping (n->kxinfo, message); 407 GSC_KX_handle_ping (n->kxinfo, message);
diff --git a/src/hello/gnunet-hello.c b/src/hello/gnunet-hello.c
index eae16a90b..fa250d7a1 100644
--- a/src/hello/gnunet-hello.c
+++ b/src/hello/gnunet-hello.c
@@ -107,7 +107,7 @@ main (int argc, char *argv[])
107 struct GNUNET_DISK_FileHandle *fh; 107 struct GNUNET_DISK_FileHandle *fh;
108 struct GNUNET_HELLO_Message *orig; 108 struct GNUNET_HELLO_Message *orig;
109 struct GNUNET_HELLO_Message *result; 109 struct GNUNET_HELLO_Message *result;
110 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pk; 110 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded pk;
111 uint64_t fsize; 111 uint64_t fsize;
112 112
113 GNUNET_log_setup ("gnunet-hello", "INFO", NULL); 113 GNUNET_log_setup ("gnunet-hello", "INFO", NULL);
diff --git a/src/hello/hello.c b/src/hello/hello.c
index becc4da96..a20e8992c 100644
--- a/src/hello/hello.c
+++ b/src/hello/hello.c
@@ -59,7 +59,7 @@ struct GNUNET_HELLO_Message
59 /** 59 /**
60 * The public key of the peer. 60 * The public key of the peer.
61 */ 61 */
62 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded publicKey; 62 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded publicKey;
63 63
64}; 64};
65GNUNET_NETWORK_STRUCT_END 65GNUNET_NETWORK_STRUCT_END
@@ -201,7 +201,7 @@ get_hello_address_size (const char *buf, size_t max, uint16_t * ralen)
201 * @return the hello message 201 * @return the hello message
202 */ 202 */
203struct GNUNET_HELLO_Message * 203struct GNUNET_HELLO_Message *
204GNUNET_HELLO_create (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded 204GNUNET_HELLO_create (const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded
205 *publicKey, 205 *publicKey,
206 GNUNET_HELLO_GenerateAddressListCallback addrgen, 206 GNUNET_HELLO_GenerateAddressListCallback addrgen,
207 void *addrgen_cls) 207 void *addrgen_cls)
@@ -227,7 +227,7 @@ GNUNET_HELLO_create (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded
227 hello->header.type = htons (GNUNET_MESSAGE_TYPE_HELLO); 227 hello->header.type = htons (GNUNET_MESSAGE_TYPE_HELLO);
228 hello->header.size = htons (sizeof (struct GNUNET_HELLO_Message) + used); 228 hello->header.size = htons (sizeof (struct GNUNET_HELLO_Message) + used);
229 memcpy (&hello->publicKey, publicKey, 229 memcpy (&hello->publicKey, publicKey,
230 sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)); 230 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded));
231 memcpy (&hello[1], buffer, used); 231 memcpy (&hello[1], buffer, used);
232 return hello; 232 return hello;
233} 233}
@@ -274,7 +274,7 @@ GNUNET_HELLO_iterate_addresses (const struct GNUNET_HELLO_Message *msg,
274 wpos = 0; 274 wpos = 0;
275 woff = (ret != NULL) ? (char *) &ret[1] : NULL; 275 woff = (ret != NULL) ? (char *) &ret[1] : NULL;
276 GNUNET_CRYPTO_hash (&msg->publicKey, 276 GNUNET_CRYPTO_hash (&msg->publicKey,
277 sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), 277 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded),
278 &address.peer.hashPubKey); 278 &address.peer.hashPubKey);
279 while (insize > 0) 279 while (insize > 0)
280 { 280 {
@@ -503,7 +503,7 @@ GNUNET_HELLO_size (const struct GNUNET_HELLO_Message *hello)
503 */ 503 */
504int 504int
505GNUNET_HELLO_get_key (const struct GNUNET_HELLO_Message *hello, 505GNUNET_HELLO_get_key (const struct GNUNET_HELLO_Message *hello,
506 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *publicKey) 506 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *publicKey)
507{ 507{
508 uint16_t ret = ntohs (hello->header.size); 508 uint16_t ret = ntohs (hello->header.size);
509 509
@@ -532,7 +532,7 @@ GNUNET_HELLO_get_id (const struct GNUNET_HELLO_Message *hello,
532 (ntohs (hello->header.type) != GNUNET_MESSAGE_TYPE_HELLO)) 532 (ntohs (hello->header.type) != GNUNET_MESSAGE_TYPE_HELLO))
533 return GNUNET_SYSERR; 533 return GNUNET_SYSERR;
534 GNUNET_CRYPTO_hash (&hello->publicKey, 534 GNUNET_CRYPTO_hash (&hello->publicKey,
535 sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), 535 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded),
536 &peer->hashPubKey); 536 &peer->hashPubKey);
537 return GNUNET_OK; 537 return GNUNET_OK;
538} 538}
@@ -641,7 +641,7 @@ GNUNET_HELLO_equals (const struct GNUNET_HELLO_Message *h1,
641 641
642 if (0 != 642 if (0 !=
643 memcmp (&h1->publicKey, &h2->publicKey, 643 memcmp (&h1->publicKey, &h2->publicKey,
644 sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded))) 644 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded)))
645 return GNUNET_TIME_UNIT_ZERO_ABS; 645 return GNUNET_TIME_UNIT_ZERO_ABS;
646 ec.expiration_limit = now; 646 ec.expiration_limit = now;
647 ec.result = GNUNET_TIME_UNIT_FOREVER_ABS; 647 ec.result = GNUNET_TIME_UNIT_FOREVER_ABS;
@@ -833,7 +833,7 @@ GNUNET_HELLO_compose_uri (const struct GNUNET_HELLO_Message *hello,
833 struct GNUNET_HELLO_ComposeUriContext ctx; 833 struct GNUNET_HELLO_ComposeUriContext ctx;
834 ctx.plugins_find = plugins_find; 834 ctx.plugins_find = plugins_find;
835 835
836 char *pkey = GNUNET_CRYPTO_rsa_public_key_to_string (&(hello->publicKey)); 836 char *pkey = GNUNET_CRYPTO_ecc_public_key_to_string (&(hello->publicKey));
837 GNUNET_asprintf (&(ctx.uri), 837 GNUNET_asprintf (&(ctx.uri),
838 "%s%s", 838 "%s%s",
839 GNUNET_HELLO_URI_PREFIX, 839 GNUNET_HELLO_URI_PREFIX,
@@ -1005,7 +1005,7 @@ add_address_to_hello (void *cls, size_t max, void *buffer)
1005 */ 1005 */
1006int 1006int
1007GNUNET_HELLO_parse_uri (const char *uri, 1007GNUNET_HELLO_parse_uri (const char *uri,
1008 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *pubkey, 1008 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pubkey,
1009 struct GNUNET_HELLO_Message **hello, 1009 struct GNUNET_HELLO_Message **hello,
1010 GNUNET_HELLO_TransportPluginsFind plugins_find) 1010 GNUNET_HELLO_TransportPluginsFind plugins_find)
1011{ 1011{
diff --git a/src/hello/test_hello.c b/src/hello/test_hello.c
index 28d4aecbe..67335ab95 100644
--- a/src/hello/test_hello.c
+++ b/src/hello/test_hello.c
@@ -93,8 +93,8 @@ main (int argc, char *argv[])
93 struct GNUNET_HELLO_Message *msg1; 93 struct GNUNET_HELLO_Message *msg1;
94 struct GNUNET_HELLO_Message *msg2; 94 struct GNUNET_HELLO_Message *msg2;
95 struct GNUNET_HELLO_Message *msg3; 95 struct GNUNET_HELLO_Message *msg3;
96 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded publicKey; 96 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded publicKey;
97 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pk; 97 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded pk;
98 struct GNUNET_TIME_Absolute startup_time; 98 struct GNUNET_TIME_Absolute startup_time;
99 unsigned int i; 99 unsigned int i;
100 100
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 6120b48d8..fb299267b 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -323,10 +323,6 @@ struct GNUNET_CRYPTO_AesSessionKey
323 */ 323 */
324 unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH]; 324 unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH];
325 325
326 /**
327 * checksum!
328 */
329 uint32_t crc32 GNUNET_PACKED;
330}; 326};
331GNUNET_NETWORK_STRUCT_END 327GNUNET_NETWORK_STRUCT_END
332 328
@@ -451,17 +447,6 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key);
451 447
452 448
453/** 449/**
454 * Check that a new session key is well-formed.
455 *
456 * @param key key to check
457 * @return GNUNET_OK if the key is valid
458 */
459int
460GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey
461 *key);
462
463
464/**
465 * Encrypt a block with the public key of another 450 * Encrypt a block with the public key of another
466 * host that uses the same cyper. 451 * host that uses the same cyper.
467 * 452 *
@@ -1199,7 +1184,7 @@ GNUNET_CRYPTO_ecc_key_get_public (const struct GNUNET_CRYPTO_EccPrivateKey *priv
1199 * @return string representing 'pub' 1184 * @return string representing 'pub'
1200 */ 1185 */
1201char * 1186char *
1202GNUNET_CRYPTO_ecc_public_key_to_string (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub); 1187GNUNET_CRYPTO_ecc_public_key_to_string (const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub);
1203 1188
1204 1189
1205/** 1190/**
diff --git a/src/include/gnunet_hello_lib.h b/src/include/gnunet_hello_lib.h
index 7be30cf8f..867ff686d 100644
--- a/src/include/gnunet_hello_lib.h
+++ b/src/include/gnunet_hello_lib.h
@@ -183,7 +183,7 @@ typedef size_t (*GNUNET_HELLO_GenerateAddressListCallback) (void *cls,
183 * @return the hello message 183 * @return the hello message
184 */ 184 */
185struct GNUNET_HELLO_Message * 185struct GNUNET_HELLO_Message *
186GNUNET_HELLO_create (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded 186GNUNET_HELLO_create (const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded
187 *publicKey, 187 *publicKey,
188 GNUNET_HELLO_GenerateAddressListCallback addrgen, 188 GNUNET_HELLO_GenerateAddressListCallback addrgen,
189 void *addrgen_cls); 189 void *addrgen_cls);
@@ -310,7 +310,7 @@ GNUNET_HELLO_iterate_new_addresses (const struct GNUNET_HELLO_Message
310 */ 310 */
311int 311int
312GNUNET_HELLO_get_key (const struct GNUNET_HELLO_Message *hello, 312GNUNET_HELLO_get_key (const struct GNUNET_HELLO_Message *hello,
313 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded 313 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded
314 *publicKey); 314 *publicKey);
315 315
316 316
@@ -364,7 +364,7 @@ GNUNET_HELLO_compose_uri (const struct GNUNET_HELLO_Message *hello,
364 */ 364 */
365int 365int
366GNUNET_HELLO_parse_uri (const char *uri, 366GNUNET_HELLO_parse_uri (const char *uri,
367 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *pubkey, 367 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pubkey,
368 struct GNUNET_HELLO_Message **hello, 368 struct GNUNET_HELLO_Message **hello,
369 GNUNET_HELLO_TransportPluginsFind plugins_find); 369 GNUNET_HELLO_TransportPluginsFind plugins_find);
370 370
diff --git a/src/include/gnunet_protocols.h b/src/include/gnunet_protocols.h
index 2ccc3e5b7..af94ebeb5 100644
--- a/src/include/gnunet_protocols.h
+++ b/src/include/gnunet_protocols.h
@@ -313,11 +313,6 @@ extern "C"
313#define GNUNET_MESSAGE_TYPE_CORE_PEER_CONNECTED 80 313#define GNUNET_MESSAGE_TYPE_CORE_PEER_CONNECTED 80
314 314
315/** 315/**
316 * Session key exchange between peers.
317 */
318#define GNUNET_MESSAGE_TYPE_CORE_SET_KEY 81
319
320/**
321 * Encapsulation for an encrypted message between peers. 316 * Encapsulation for an encrypted message between peers.
322 */ 317 */
323#define GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE 82 318#define GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE 82
@@ -347,6 +342,12 @@ extern "C"
347 */ 342 */
348#define GNUNET_MESSAGE_TYPE_CORE_BINARY_TYPE_MAP 87 343#define GNUNET_MESSAGE_TYPE_CORE_BINARY_TYPE_MAP 87
349 344
345/**
346 * Session key exchange between peers.
347 */
348#define GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY 88
349
350
350/******************************************************************************* 351/*******************************************************************************
351 * DATASTORE message types 352 * DATASTORE message types
352 ******************************************************************************/ 353 ******************************************************************************/
diff --git a/src/include/gnunet_signatures.h b/src/include/gnunet_signatures.h
index ee105c62a..2a2ba4755 100644
--- a/src/include/gnunet_signatures.h
+++ b/src/include/gnunet_signatures.h
@@ -53,11 +53,6 @@ extern "C"
53#define GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DISCONNECT 2 53#define GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DISCONNECT 2
54 54
55/** 55/**
56 * Purpose is to set a session key.
57 */
58#define GNUNET_SIGNATURE_PURPOSE_SET_KEY 3
59
60/**
61 * Signature for a namespace/pseudonym advertisement (by 56 * Signature for a namespace/pseudonym advertisement (by
62 * the namespace owner). 57 * the namespace owner).
63 */ 58 */
@@ -115,12 +110,18 @@ extern "C"
115 */ 110 */
116#define GNUNET_SIGNATURE_PURPOSE_NSE_SEND 14 111#define GNUNET_SIGNATURE_PURPOSE_NSE_SEND 14
117 112
118
119/** 113/**
120 * Signature of a gnunet naming system record block 114 * Signature of a gnunet naming system record block
121 */ 115 */
122#define GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN 15 116#define GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN 15
123 117
118/**
119 * Purpose is to set a session key.
120 */
121#define GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY 16
122
123
124
124#if 0 /* keep Emacsens' auto-indent happy */ 125#if 0 /* keep Emacsens' auto-indent happy */
125{ 126{
126#endif 127#endif
diff --git a/src/include/gnunet_testing_lib.h b/src/include/gnunet_testing_lib.h
index 04a3e9942..47f05d49d 100644
--- a/src/include/gnunet_testing_lib.h
+++ b/src/include/gnunet_testing_lib.h
@@ -44,7 +44,13 @@ extern "C"
44#endif 44#endif
45#endif 45#endif
46 46
47#define GNUNET_TESTING_HOSTKEYFILESIZE 914 47/**
48 * Size of each hostkey in the hostkey file (in BYTES). This is the
49 * maximum length of the S-expressions generated by libgcrypt for the
50 * curves (rounded up to the next full KB to make IO nicer); it is NOT
51 * the number of bits in the key.
52 */
53#define GNUNET_TESTING_HOSTKEYFILESIZE 2048
48 54
49/** 55/**
50 * Handle for a system on which GNUnet peers are executed; 56 * Handle for a system on which GNUnet peers are executed;
@@ -138,7 +144,7 @@ GNUNET_TESTING_system_destroy (struct GNUNET_TESTING_System *system,
138 * key; if NULL, GNUNET_SYSERR is returned immediately 144 * key; if NULL, GNUNET_SYSERR is returned immediately
139 * @return NULL on error (not enough keys) 145 * @return NULL on error (not enough keys)
140 */ 146 */
141struct GNUNET_CRYPTO_RsaPrivateKey * 147struct GNUNET_CRYPTO_EccPrivateKey *
142GNUNET_TESTING_hostkey_get (const struct GNUNET_TESTING_System *system, 148GNUNET_TESTING_hostkey_get (const struct GNUNET_TESTING_System *system,
143 uint32_t key_number, 149 uint32_t key_number,
144 struct GNUNET_PeerIdentity *id); 150 struct GNUNET_PeerIdentity *id);
diff --git a/src/peerinfo-tool/gnunet-peerinfo.c b/src/peerinfo-tool/gnunet-peerinfo.c
index 61185bc04..809b2a592 100644
--- a/src/peerinfo-tool/gnunet-peerinfo.c
+++ b/src/peerinfo-tool/gnunet-peerinfo.c
@@ -167,7 +167,7 @@ static struct GNUNET_PeerIdentity my_peer_identity;
167/** 167/**
168 * My public key. 168 * My public key.
169 */ 169 */
170static struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded my_public_key; 170static struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded my_public_key;
171 171
172/** 172/**
173 * Head of list of print contexts. 173 * Head of list of print contexts.
@@ -524,7 +524,7 @@ static void
524run (void *cls, char *const *args, const char *cfgfile, 524run (void *cls, char *const *args, const char *cfgfile,
525 const struct GNUNET_CONFIGURATION_Handle *c) 525 const struct GNUNET_CONFIGURATION_Handle *c)
526{ 526{
527 struct GNUNET_CRYPTO_RsaPrivateKey *priv; 527 struct GNUNET_CRYPTO_EccPrivateKey *priv;
528 char *fn; 528 char *fn;
529 529
530 cfg = c; 530 cfg = c;
@@ -551,22 +551,22 @@ run (void *cls, char *const *args, const char *cfgfile,
551 { 551 {
552 /* load private key */ 552 /* load private key */
553 if (GNUNET_OK != 553 if (GNUNET_OK !=
554 GNUNET_CONFIGURATION_get_value_filename (cfg, "GNUNETD", "HOSTKEY", 554 GNUNET_CONFIGURATION_get_value_filename (cfg, "PEER", "PRIVATE_KEY",
555 &fn)) 555 &fn))
556 { 556 {
557 FPRINTF (stderr, _("Could not find option `%s:%s' in configuration.\n"), 557 FPRINTF (stderr, _("Could not find option `%s:%s' in configuration.\n"),
558 "GNUNETD", "HOSTKEYFILE"); 558 "GNUNETD", "HOSTKEYFILE");
559 return; 559 return;
560 } 560 }
561 if (NULL == (priv = GNUNET_CRYPTO_rsa_key_create_from_file (fn))) 561 if (NULL == (priv = GNUNET_CRYPTO_ecc_key_create_from_file (fn)))
562 { 562 {
563 FPRINTF (stderr, _("Loading hostkey from `%s' failed.\n"), fn); 563 FPRINTF (stderr, _("Loading hostkey from `%s' failed.\n"), fn);
564 GNUNET_free (fn); 564 GNUNET_free (fn);
565 return; 565 return;
566 } 566 }
567 GNUNET_free (fn); 567 GNUNET_free (fn);
568 GNUNET_CRYPTO_rsa_key_get_public (priv, &my_public_key); 568 GNUNET_CRYPTO_ecc_key_get_public (priv, &my_public_key);
569 GNUNET_CRYPTO_rsa_key_free (priv); 569 GNUNET_CRYPTO_ecc_key_free (priv);
570 GNUNET_CRYPTO_hash (&my_public_key, sizeof (my_public_key), &my_peer_identity.hashPubKey); 570 GNUNET_CRYPTO_hash (&my_public_key, sizeof (my_public_key), &my_peer_identity.hashPubKey);
571 } 571 }
572 572
diff --git a/src/testing/gnunet-testing.c b/src/testing/gnunet-testing.c
index 28c5be965..eb85e155e 100644
--- a/src/testing/gnunet-testing.c
+++ b/src/testing/gnunet-testing.c
@@ -28,7 +28,7 @@
28#include "gnunet_testing_lib.h" 28#include "gnunet_testing_lib.h"
29 29
30 30
31#define HOSTKEYFILESIZE 914 31#define HOSTKEYFILESIZE 1024
32 32
33/** 33/**
34 * Final status code. 34 * Final status code.
@@ -119,11 +119,13 @@ create_unique_cfgs (const char * template, const unsigned int no)
119static int 119static int
120create_hostkeys (const unsigned int no) 120create_hostkeys (const unsigned int no)
121{ 121{
122 static char pad[HOSTKEYFILESIZE];
122 struct GNUNET_TESTING_System *system; 123 struct GNUNET_TESTING_System *system;
123 struct GNUNET_PeerIdentity id; 124 struct GNUNET_PeerIdentity id;
124 struct GNUNET_DISK_FileHandle *fd; 125 struct GNUNET_DISK_FileHandle *fd;
125 struct GNUNET_CRYPTO_RsaPrivateKey *pk; 126 struct GNUNET_CRYPTO_EccPrivateKey *pk;
126 struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *pkb; 127 struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded *pkb;
128 ssize_t ret;
127 129
128 system = GNUNET_TESTING_system_create ("testing", NULL, NULL); 130 system = GNUNET_TESTING_system_create ("testing", NULL, NULL);
129 pk = GNUNET_TESTING_hostkey_get (system, create_no, &id); 131 pk = GNUNET_TESTING_hostkey_get (system, create_no, &id);
@@ -140,14 +142,20 @@ create_hostkeys (const unsigned int no)
140 GNUNET_DISK_PERM_USER_READ | 142 GNUNET_DISK_PERM_USER_READ |
141 GNUNET_DISK_PERM_USER_WRITE); 143 GNUNET_DISK_PERM_USER_WRITE);
142 GNUNET_assert (fd != NULL); 144 GNUNET_assert (fd != NULL);
143 pkb = GNUNET_CRYPTO_rsa_encode_key (pk); 145 pkb = GNUNET_CRYPTO_ecc_encode_key (pk);
144 GNUNET_assert (HOSTKEYFILESIZE == 146 ret = GNUNET_DISK_file_write (fd, pkb,
145 GNUNET_DISK_file_write (fd, pkb, ntohs (pkb->len))); 147 ntohs (pkb->size));
148 GNUNET_assert (ntohs (pkb->size) == ret);
149 GNUNET_assert (ntohs (pkb->size) < HOSTKEYFILESIZE);
150 GNUNET_assert (HOSTKEYFILESIZE - ret ==
151 GNUNET_DISK_file_write (fd, pad,
152 HOSTKEYFILESIZE - ret));
153
146 GNUNET_assert (GNUNET_OK == GNUNET_DISK_file_close (fd)); 154 GNUNET_assert (GNUNET_OK == GNUNET_DISK_file_close (fd));
147 GNUNET_log_from (GNUNET_ERROR_TYPE_DEBUG, "transport-testing", 155 GNUNET_log_from (GNUNET_ERROR_TYPE_DEBUG, "transport-testing",
148 "Wrote hostkey to file: `%s'\n", create_hostkey); 156 "Wrote hostkey to file: `%s'\n", create_hostkey);
149 GNUNET_free (pkb); 157 GNUNET_free (pkb);
150 GNUNET_CRYPTO_rsa_key_free (pk); 158 GNUNET_CRYPTO_ecc_key_free (pk);
151 GNUNET_TESTING_system_destroy (system, GNUNET_YES); 159 GNUNET_TESTING_system_destroy (system, GNUNET_YES);
152 return 0; 160 return 0;
153} 161}
diff --git a/src/testing/testing.c b/src/testing/testing.c
index dd80f6ea5..16f902890 100644
--- a/src/testing/testing.c
+++ b/src/testing/testing.c
@@ -202,7 +202,7 @@ hostkeys_load (struct GNUNET_TESTING_System *system)
202 202
203 GNUNET_assert (NULL == system->hostkeys_data); 203 GNUNET_assert (NULL == system->hostkeys_data);
204 data_dir = GNUNET_OS_installation_get_path (GNUNET_OS_IPK_DATADIR); 204 data_dir = GNUNET_OS_installation_get_path (GNUNET_OS_IPK_DATADIR);
205 GNUNET_asprintf (&filename, "%s/testing_hostkeys.dat", data_dir); 205 GNUNET_asprintf (&filename, "%s/testing_hostkeys.ecc", data_dir);
206 GNUNET_free (data_dir); 206 GNUNET_free (data_dir);
207 207
208 if (GNUNET_YES != GNUNET_DISK_file_test (filename)) 208 if (GNUNET_YES != GNUNET_DISK_file_test (filename))
@@ -525,13 +525,13 @@ reserve_path (struct GNUNET_TESTING_System *system)
525 * key; if NULL, GNUNET_SYSERR is returned immediately 525 * key; if NULL, GNUNET_SYSERR is returned immediately
526 * @return NULL on error (not enough keys) 526 * @return NULL on error (not enough keys)
527 */ 527 */
528struct GNUNET_CRYPTO_RsaPrivateKey * 528struct GNUNET_CRYPTO_EccPrivateKey *
529GNUNET_TESTING_hostkey_get (const struct GNUNET_TESTING_System *system, 529GNUNET_TESTING_hostkey_get (const struct GNUNET_TESTING_System *system,
530 uint32_t key_number, 530 uint32_t key_number,
531 struct GNUNET_PeerIdentity *id) 531 struct GNUNET_PeerIdentity *id)
532{ 532{
533 struct GNUNET_CRYPTO_RsaPrivateKey *private_key; 533 struct GNUNET_CRYPTO_EccPrivateKey *private_key;
534 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded public_key; 534 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded public_key;
535 535
536 if ((NULL == id) || (NULL == system->hostkeys_data)) 536 if ((NULL == id) || (NULL == system->hostkeys_data))
537 return NULL; 537 return NULL;
@@ -541,7 +541,7 @@ GNUNET_TESTING_hostkey_get (const struct GNUNET_TESTING_System *system,
541 _("Key number %u does not exist\n"), key_number); 541 _("Key number %u does not exist\n"), key_number);
542 return NULL; 542 return NULL;
543 } 543 }
544 private_key = GNUNET_CRYPTO_rsa_decode_key (system->hostkeys_data + 544 private_key = GNUNET_CRYPTO_ecc_decode_key (system->hostkeys_data +
545 (key_number * 545 (key_number *
546 GNUNET_TESTING_HOSTKEYFILESIZE), 546 GNUNET_TESTING_HOSTKEYFILESIZE),
547 GNUNET_TESTING_HOSTKEYFILESIZE); 547 GNUNET_TESTING_HOSTKEYFILESIZE);
@@ -551,9 +551,9 @@ GNUNET_TESTING_hostkey_get (const struct GNUNET_TESTING_System *system,
551 _("Error while decoding key %u\n"), key_number); 551 _("Error while decoding key %u\n"), key_number);
552 return NULL; 552 return NULL;
553 } 553 }
554 GNUNET_CRYPTO_rsa_key_get_public (private_key, &public_key); 554 GNUNET_CRYPTO_ecc_key_get_public (private_key, &public_key);
555 GNUNET_CRYPTO_hash (&public_key, 555 GNUNET_CRYPTO_hash (&public_key,
556 sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), 556 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded),
557 &(id->hashPubKey)); 557 &(id->hashPubKey));
558 return private_key; 558 return private_key;
559} 559}
@@ -855,7 +855,7 @@ GNUNET_TESTING_peer_configure (struct GNUNET_TESTING_System *system,
855 char *config_filename; 855 char *config_filename;
856 char *libexec_binary; 856 char *libexec_binary;
857 char *emsg_; 857 char *emsg_;
858 struct GNUNET_CRYPTO_RsaPrivateKey *pk; 858 struct GNUNET_CRYPTO_EccPrivateKey *pk;
859 859
860 if (NULL != emsg) 860 if (NULL != emsg)
861 *emsg = NULL; 861 *emsg = NULL;
@@ -897,12 +897,13 @@ GNUNET_TESTING_peer_configure (struct GNUNET_TESTING_System *system,
897 return NULL; 897 return NULL;
898 } 898 }
899 if (NULL != pk) 899 if (NULL != pk)
900 GNUNET_CRYPTO_rsa_key_free (pk); 900 GNUNET_CRYPTO_ecc_key_free (pk);
901 GNUNET_assert (GNUNET_OK == 901 GNUNET_assert (GNUNET_OK ==
902 GNUNET_CONFIGURATION_get_value_string (cfg, "PATHS", 902 GNUNET_CONFIGURATION_get_value_string (cfg, "PATHS",
903 "SERVICEHOME", 903 "SERVICEHOME",
904 &service_home)); 904 &service_home));
905 GNUNET_snprintf (hostkey_filename, sizeof (hostkey_filename), "%s/.hostkey", 905 /* FIXME: might be better to evaluate actual configuration option here... */
906 GNUNET_snprintf (hostkey_filename, sizeof (hostkey_filename), "%s/private.ecc",
906 service_home); 907 service_home);
907 GNUNET_free (service_home); 908 GNUNET_free (service_home);
908 fd = GNUNET_DISK_file_open (hostkey_filename, 909 fd = GNUNET_DISK_file_open (hostkey_filename,
@@ -978,7 +979,7 @@ void
978GNUNET_TESTING_peer_get_identity (const struct GNUNET_TESTING_Peer *peer, 979GNUNET_TESTING_peer_get_identity (const struct GNUNET_TESTING_Peer *peer,
979 struct GNUNET_PeerIdentity *id) 980 struct GNUNET_PeerIdentity *id)
980{ 981{
981 GNUNET_CRYPTO_rsa_key_free (GNUNET_TESTING_hostkey_get (peer->system, 982 GNUNET_CRYPTO_ecc_key_free (GNUNET_TESTING_hostkey_get (peer->system,
982 peer->key_number, 983 peer->key_number,
983 id)); 984 id));
984} 985}
diff --git a/src/transport/gnunet-service-transport.c b/src/transport/gnunet-service-transport.c
index e64cbfbfe..513a660ac 100644
--- a/src/transport/gnunet-service-transport.c
+++ b/src/transport/gnunet-service-transport.c
@@ -65,7 +65,7 @@ struct GNUNET_PEERINFO_Handle *GST_peerinfo;
65/** 65/**
66 * Hostkey generation context 66 * Hostkey generation context
67 */ 67 */
68struct GNUNET_CRYPTO_RsaKeyGenerationContext *GST_keygen; 68struct GNUNET_CRYPTO_EccKeyGenerationContext *GST_keygen;
69 69
70/** 70/**
71 * Handle to our service's server. 71 * Handle to our service's server.
@@ -75,12 +75,12 @@ static struct GNUNET_SERVER_Handle *GST_server;
75/** 75/**
76 * Our public key. 76 * Our public key.
77 */ 77 */
78struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded GST_my_public_key; 78struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded GST_my_public_key;
79 79
80/** 80/**
81 * Our private key. 81 * Our private key.
82 */ 82 */
83struct GNUNET_CRYPTO_RsaPrivateKey *GST_my_private_key; 83struct GNUNET_CRYPTO_EccPrivateKey *GST_my_private_key;
84 84
85/** 85/**
86 * ATS handle. 86 * ATS handle.
@@ -557,7 +557,7 @@ shutdown_task (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
557{ 557{
558 if (NULL != GST_keygen) 558 if (NULL != GST_keygen)
559 { 559 {
560 GNUNET_CRYPTO_rsa_key_create_stop (GST_keygen); 560 GNUNET_CRYPTO_ecc_key_create_stop (GST_keygen);
561 GST_keygen = NULL; 561 GST_keygen = NULL;
562 } 562 }
563 GST_neighbours_stop (); 563 GST_neighbours_stop ();
@@ -583,7 +583,7 @@ shutdown_task (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
583 } 583 }
584 if (NULL != GST_my_private_key) 584 if (NULL != GST_my_private_key)
585 { 585 {
586 GNUNET_CRYPTO_rsa_key_free (GST_my_private_key); 586 GNUNET_CRYPTO_ecc_key_free (GST_my_private_key);
587 GST_my_private_key = NULL; 587 GST_my_private_key = NULL;
588 } 588 }
589 GST_server = NULL; 589 GST_server = NULL;
@@ -599,10 +599,9 @@ shutdown_task (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
599 */ 599 */
600static void 600static void
601key_generation_cb (void *cls, 601key_generation_cb (void *cls,
602 struct GNUNET_CRYPTO_RsaPrivateKey *pk, 602 struct GNUNET_CRYPTO_EccPrivateKey *pk,
603 const char *emsg) 603 const char *emsg)
604{ 604{
605 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded tmp;
606 long long unsigned int max_fd_cfg; 605 long long unsigned int max_fd_cfg;
607 int max_fd_rlimit; 606 int max_fd_rlimit;
608 int max_fd; 607 int max_fd;
@@ -627,14 +626,10 @@ key_generation_cb (void *cls,
627 return; 626 return;
628 } 627 }
629 GST_peerinfo = GNUNET_PEERINFO_connect (GST_cfg); 628 GST_peerinfo = GNUNET_PEERINFO_connect (GST_cfg);
630 memset (&GST_my_public_key, '\0', sizeof (GST_my_public_key)); 629 GNUNET_CRYPTO_ecc_key_get_public (GST_my_private_key, &GST_my_public_key);
631 memset (&tmp, '\0', sizeof (tmp));
632 GNUNET_CRYPTO_rsa_key_get_public (GST_my_private_key, &GST_my_public_key);
633 GNUNET_CRYPTO_hash (&GST_my_public_key, sizeof (GST_my_public_key), 630 GNUNET_CRYPTO_hash (&GST_my_public_key, sizeof (GST_my_public_key),
634 &GST_my_identity.hashPubKey); 631 &GST_my_identity.hashPubKey);
635
636 GNUNET_assert (NULL != GST_my_private_key); 632 GNUNET_assert (NULL != GST_my_private_key);
637 GNUNET_assert (0 != memcmp (&GST_my_public_key, &tmp, sizeof (GST_my_public_key)));
638 633
639 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &shutdown_task, 634 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &shutdown_task,
640 NULL); 635 NULL);
@@ -712,7 +707,7 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
712 /* setup globals */ 707 /* setup globals */
713 GST_cfg = c; 708 GST_cfg = c;
714 if (GNUNET_OK != 709 if (GNUNET_OK !=
715 GNUNET_CONFIGURATION_get_value_filename (c, "GNUNETD", "HOSTKEY", 710 GNUNET_CONFIGURATION_get_value_filename (c, "PEER", "PRIVATE_KEY",
716 &keyfile)) 711 &keyfile))
717 { 712 {
718 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 713 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -729,7 +724,7 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
729 } 724 }
730 GST_server = server; 725 GST_server = server;
731 GNUNET_SERVER_suspend (server); 726 GNUNET_SERVER_suspend (server);
732 GST_keygen = GNUNET_CRYPTO_rsa_key_create_start (keyfile, &key_generation_cb, NULL); 727 GST_keygen = GNUNET_CRYPTO_ecc_key_create_start (keyfile, &key_generation_cb, NULL);
733 GNUNET_free (keyfile); 728 GNUNET_free (keyfile);
734 if (NULL == GST_keygen) 729 if (NULL == GST_keygen)
735 { 730 {
diff --git a/src/transport/gnunet-service-transport.h b/src/transport/gnunet-service-transport.h
index abc473e21..1cbc14c6c 100644
--- a/src/transport/gnunet-service-transport.h
+++ b/src/transport/gnunet-service-transport.h
@@ -55,12 +55,12 @@ extern struct GNUNET_PEERINFO_Handle *GST_peerinfo;
55/** 55/**
56 * Our public key. 56 * Our public key.
57 */ 57 */
58extern struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded GST_my_public_key; 58extern struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded GST_my_public_key;
59 59
60/** 60/**
61 * Our private key. 61 * Our private key.
62 */ 62 */
63extern struct GNUNET_CRYPTO_RsaPrivateKey *GST_my_private_key; 63extern struct GNUNET_CRYPTO_EccPrivateKey *GST_my_private_key;
64 64
65/** 65/**
66 * ATS handle. 66 * ATS handle.
diff --git a/src/transport/gnunet-service-transport_hello.c b/src/transport/gnunet-service-transport_hello.c
index 247fbc882..c04d2e1dd 100644
--- a/src/transport/gnunet-service-transport_hello.c
+++ b/src/transport/gnunet-service-transport_hello.c
@@ -74,7 +74,7 @@ struct OwnAddressList
74 /** 74 /**
75 * Signature for a 'struct TransportPongMessage' for this address. 75 * Signature for a 'struct TransportPongMessage' for this address.
76 */ 76 */
77 struct GNUNET_CRYPTO_RsaSignature pong_signature; 77 struct GNUNET_CRYPTO_EccSignature pong_signature;
78 78
79}; 79};
80 80
@@ -299,7 +299,7 @@ GST_hello_modify_addresses (int addremove,
299 */ 299 */
300int 300int
301GST_hello_test_address (const struct GNUNET_HELLO_Address *address, 301GST_hello_test_address (const struct GNUNET_HELLO_Address *address,
302 struct GNUNET_CRYPTO_RsaSignature **sig, 302 struct GNUNET_CRYPTO_EccSignature **sig,
303 struct GNUNET_TIME_Absolute **sig_expiration) 303 struct GNUNET_TIME_Absolute **sig_expiration)
304{ 304{
305 struct OwnAddressList *al; 305 struct OwnAddressList *al;
diff --git a/src/transport/gnunet-service-transport_hello.h b/src/transport/gnunet-service-transport_hello.h
index 605d19861..9927408d2 100644
--- a/src/transport/gnunet-service-transport_hello.h
+++ b/src/transport/gnunet-service-transport_hello.h
@@ -92,7 +92,7 @@ GST_hello_modify_addresses (int addremove,
92 */ 92 */
93int 93int
94GST_hello_test_address (const struct GNUNET_HELLO_Address *address, 94GST_hello_test_address (const struct GNUNET_HELLO_Address *address,
95 struct GNUNET_CRYPTO_RsaSignature **sig, 95 struct GNUNET_CRYPTO_EccSignature **sig,
96 struct GNUNET_TIME_Absolute **sig_expiration); 96 struct GNUNET_TIME_Absolute **sig_expiration);
97 97
98 98
diff --git a/src/transport/gnunet-service-transport_neighbours.c b/src/transport/gnunet-service-transport_neighbours.c
index cad325d98..8c8397ee2 100644
--- a/src/transport/gnunet-service-transport_neighbours.c
+++ b/src/transport/gnunet-service-transport_neighbours.c
@@ -318,7 +318,7 @@ struct SessionDisconnectMessage
318 * Purpose of the signature. Extends over the timestamp. 318 * Purpose of the signature. Extends over the timestamp.
319 * Purpose should be GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DISCONNECT. 319 * Purpose should be GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DISCONNECT.
320 */ 320 */
321 struct GNUNET_CRYPTO_RsaSignaturePurpose purpose; 321 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
322 322
323 /** 323 /**
324 * Absolute time at the sender. Only the most recent connect 324 * Absolute time at the sender. Only the most recent connect
@@ -329,14 +329,14 @@ struct SessionDisconnectMessage
329 /** 329 /**
330 * Public key of the sender. 330 * Public key of the sender.
331 */ 331 */
332 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded public_key; 332 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded public_key;
333 333
334 /** 334 /**
335 * Signature of the peer that sends us the disconnect. Only 335 * Signature of the peer that sends us the disconnect. Only
336 * valid if the timestamp is AFTER the timestamp from the 336 * valid if the timestamp is AFTER the timestamp from the
337 * corresponding 'CONNECT' message. 337 * corresponding 'CONNECT' message.
338 */ 338 */
339 struct GNUNET_CRYPTO_RsaSignature signature; 339 struct GNUNET_CRYPTO_EccSignature signature;
340 340
341}; 341};
342 342
@@ -1205,8 +1205,8 @@ send_disconnect (struct NeighbourMapEntry *n)
1205 htons (GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_DISCONNECT); 1205 htons (GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_DISCONNECT);
1206 disconnect_msg.reserved = htonl (0); 1206 disconnect_msg.reserved = htonl (0);
1207 disconnect_msg.purpose.size = 1207 disconnect_msg.purpose.size =
1208 htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + 1208 htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
1209 sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded) + 1209 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded) +
1210 sizeof (struct GNUNET_TIME_AbsoluteNBO)); 1210 sizeof (struct GNUNET_TIME_AbsoluteNBO));
1211 disconnect_msg.purpose.purpose = 1211 disconnect_msg.purpose.purpose =
1212 htonl (GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_DISCONNECT); 1212 htonl (GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_DISCONNECT);
@@ -1214,7 +1214,7 @@ send_disconnect (struct NeighbourMapEntry *n)
1214 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ()); 1214 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ());
1215 disconnect_msg.public_key = GST_my_public_key; 1215 disconnect_msg.public_key = GST_my_public_key;
1216 GNUNET_assert (GNUNET_OK == 1216 GNUNET_assert (GNUNET_OK ==
1217 GNUNET_CRYPTO_rsa_sign (GST_my_private_key, 1217 GNUNET_CRYPTO_ecc_sign (GST_my_private_key,
1218 &disconnect_msg.purpose, 1218 &disconnect_msg.purpose,
1219 &disconnect_msg.signature)); 1219 &disconnect_msg.signature));
1220 1220
@@ -3195,7 +3195,7 @@ GST_neighbours_handle_disconnect_message (const struct GNUNET_PeerIdentity
3195 return; 3195 return;
3196 } 3196 }
3197 GNUNET_CRYPTO_hash (&sdm->public_key, 3197 GNUNET_CRYPTO_hash (&sdm->public_key,
3198 sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), 3198 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded),
3199 &hc); 3199 &hc);
3200 if (0 != memcmp (peer, &hc, sizeof (struct GNUNET_PeerIdentity))) 3200 if (0 != memcmp (peer, &hc, sizeof (struct GNUNET_PeerIdentity)))
3201 { 3201 {
@@ -3203,15 +3203,15 @@ GST_neighbours_handle_disconnect_message (const struct GNUNET_PeerIdentity
3203 return; 3203 return;
3204 } 3204 }
3205 if (ntohl (sdm->purpose.size) != 3205 if (ntohl (sdm->purpose.size) !=
3206 sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + 3206 sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
3207 sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded) + 3207 sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded) +
3208 sizeof (struct GNUNET_TIME_AbsoluteNBO)) 3208 sizeof (struct GNUNET_TIME_AbsoluteNBO))
3209 { 3209 {
3210 GNUNET_break_op (0); 3210 GNUNET_break_op (0);
3211 return; 3211 return;
3212 } 3212 }
3213 if (GNUNET_OK != 3213 if (GNUNET_OK !=
3214 GNUNET_CRYPTO_rsa_verify 3214 GNUNET_CRYPTO_ecc_verify
3215 (GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_DISCONNECT, &sdm->purpose, 3215 (GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_DISCONNECT, &sdm->purpose,
3216 &sdm->signature, &sdm->public_key)) 3216 &sdm->signature, &sdm->public_key))
3217 { 3217 {
diff --git a/src/transport/gnunet-service-transport_validation.c b/src/transport/gnunet-service-transport_validation.c
index 3598a3494..c38a5022c 100644
--- a/src/transport/gnunet-service-transport_validation.c
+++ b/src/transport/gnunet-service-transport_validation.c
@@ -149,13 +149,13 @@ struct TransportPongMessage
149 /** 149 /**
150 * Signature. 150 * Signature.
151 */ 151 */
152 struct GNUNET_CRYPTO_RsaSignature signature; 152 struct GNUNET_CRYPTO_EccSignature signature;
153 153
154 /** 154 /**
155 * GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN to confirm that this is a 155 * GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN to confirm that this is a
156 * plausible address for the signing peer. 156 * plausible address for the signing peer.
157 */ 157 */
158 struct GNUNET_CRYPTO_RsaSignaturePurpose purpose; 158 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
159 159
160 /** 160 /**
161 * When does this signature expire? 161 * When does this signature expire?
@@ -190,7 +190,7 @@ struct ValidationEntry
190 /** 190 /**
191 * Public key of the peer. 191 * Public key of the peer.
192 */ 192 */
193 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded public_key; 193 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded public_key;
194 194
195 /** 195 /**
196 * The identity of the peer. FIXME: duplicated (also in 'address') 196 * The identity of the peer. FIXME: duplicated (also in 'address')
@@ -636,7 +636,7 @@ revalidate_address (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
636 * if we don't have an existing entry and no public key was given 636 * if we don't have an existing entry and no public key was given
637 */ 637 */
638static struct ValidationEntry * 638static struct ValidationEntry *
639find_validation_entry (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded 639find_validation_entry (const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded
640 *public_key, const struct GNUNET_HELLO_Address *address) 640 *public_key, const struct GNUNET_HELLO_Address *address)
641{ 641{
642 struct ValidationEntryMatchContext vemc; 642 struct ValidationEntryMatchContext vemc;
@@ -688,7 +688,7 @@ add_valid_address (void *cls, const struct GNUNET_HELLO_Address *address,
688 const struct GNUNET_HELLO_Message *hello = cls; 688 const struct GNUNET_HELLO_Message *hello = cls;
689 struct ValidationEntry *ve; 689 struct ValidationEntry *ve;
690 struct GNUNET_PeerIdentity pid; 690 struct GNUNET_PeerIdentity pid;
691 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded public_key; 691 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded public_key;
692 692
693 if (GNUNET_TIME_absolute_get_remaining (expiration).rel_value == 0) 693 if (GNUNET_TIME_absolute_get_remaining (expiration).rel_value == 0)
694 return GNUNET_OK; /* expired */ 694 return GNUNET_OK; /* expired */
@@ -789,7 +789,7 @@ GST_validation_stop ()
789 */ 789 */
790static void 790static void
791multicast_pong (void *cls, 791multicast_pong (void *cls,
792 const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded 792 const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded
793 *public_key, struct GNUNET_TIME_Absolute valid_until, 793 *public_key, struct GNUNET_TIME_Absolute valid_until,
794 struct GNUNET_TIME_Absolute validation_block, 794 struct GNUNET_TIME_Absolute validation_block,
795 const struct GNUNET_HELLO_Address *address) 795 const struct GNUNET_HELLO_Address *address)
@@ -835,7 +835,7 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender,
835 const struct TransportPingMessage *ping; 835 const struct TransportPingMessage *ping;
836 struct TransportPongMessage *pong; 836 struct TransportPongMessage *pong;
837 struct GNUNET_TRANSPORT_PluginFunctions *papi; 837 struct GNUNET_TRANSPORT_PluginFunctions *papi;
838 struct GNUNET_CRYPTO_RsaSignature *sig_cache; 838 struct GNUNET_CRYPTO_EccSignature *sig_cache;
839 struct GNUNET_TIME_Absolute *sig_cache_exp; 839 struct GNUNET_TIME_Absolute *sig_cache_exp;
840 const char *addr; 840 const char *addr;
841 const char *addrend; 841 const char *addrend;
@@ -931,7 +931,7 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender,
931 { 931 {
932 addrend = NULL; /* make gcc happy */ 932 addrend = NULL; /* make gcc happy */
933 slen = 0; 933 slen = 0;
934 static struct GNUNET_CRYPTO_RsaSignature no_address_signature; 934 static struct GNUNET_CRYPTO_EccSignature no_address_signature;
935 static struct GNUNET_TIME_Absolute no_address_signature_expiration; 935 static struct GNUNET_TIME_Absolute no_address_signature_expiration;
936 936
937 sig_cache = &no_address_signature; 937 sig_cache = &no_address_signature;
@@ -951,7 +951,7 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender,
951 htons (sizeof (struct TransportPongMessage) + alen + slen); 951 htons (sizeof (struct TransportPongMessage) + alen + slen);
952 pong->header.type = htons (GNUNET_MESSAGE_TYPE_TRANSPORT_PONG); 952 pong->header.type = htons (GNUNET_MESSAGE_TYPE_TRANSPORT_PONG);
953 pong->purpose.size = 953 pong->purpose.size =
954 htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + 954 htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
955 sizeof (uint32_t) + sizeof (struct GNUNET_TIME_AbsoluteNBO) + 955 sizeof (uint32_t) + sizeof (struct GNUNET_TIME_AbsoluteNBO) +
956 alen + slen); 956 alen + slen);
957 pong->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN); 957 pong->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN);
@@ -981,7 +981,7 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender,
981 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating buggy PONG signature to indicate ownership.\n"); 981 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating buggy PONG signature to indicate ownership.\n");
982 pong->expiration = GNUNET_TIME_absolute_hton (GNUNET_TIME_relative_to_absolute (PONG_SIGNATURE_LIFETIME)); 982 pong->expiration = GNUNET_TIME_absolute_hton (GNUNET_TIME_relative_to_absolute (PONG_SIGNATURE_LIFETIME));
983 GNUNET_assert (GNUNET_OK == 983 GNUNET_assert (GNUNET_OK ==
984 GNUNET_CRYPTO_rsa_sign (GST_my_private_key, &pong->purpose, 984 GNUNET_CRYPTO_ecc_sign (GST_my_private_key, &pong->purpose,
985 &pong->signature)); 985 &pong->signature));
986 } 986 }
987 else 987 else
@@ -1001,7 +1001,7 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender,
1001 *sig_cache_exp = GNUNET_TIME_relative_to_absolute (PONG_SIGNATURE_LIFETIME); 1001 *sig_cache_exp = GNUNET_TIME_relative_to_absolute (PONG_SIGNATURE_LIFETIME);
1002 pong->expiration = GNUNET_TIME_absolute_hton (*sig_cache_exp); 1002 pong->expiration = GNUNET_TIME_absolute_hton (*sig_cache_exp);
1003 GNUNET_assert (GNUNET_OK == 1003 GNUNET_assert (GNUNET_OK ==
1004 GNUNET_CRYPTO_rsa_sign (GST_my_private_key, &pong->purpose, 1004 GNUNET_CRYPTO_ecc_sign (GST_my_private_key, &pong->purpose,
1005 sig_cache)); 1005 sig_cache));
1006 } 1006 }
1007 else 1007 else
@@ -1080,7 +1080,7 @@ struct ValidateAddressContext
1080 /** 1080 /**
1081 * Public key of the peer whose address is being validated. 1081 * Public key of the peer whose address is being validated.
1082 */ 1082 */
1083 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded public_key; 1083 struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded public_key;
1084}; 1084};
1085 1085
1086 1086
@@ -1197,7 +1197,7 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender,
1197 } 1197 }
1198 1198
1199 if (GNUNET_OK != 1199 if (GNUNET_OK !=
1200 GNUNET_CRYPTO_rsa_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN, 1200 GNUNET_CRYPTO_ecc_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN,
1201 &pong->purpose, &pong->signature, 1201 &pong->purpose, &pong->signature,
1202 &ve->public_key)) 1202 &ve->public_key))
1203 { 1203 {
diff --git a/src/transport/gnunet-service-transport_validation.h b/src/transport/gnunet-service-transport_validation.h
index 6f1206f65..929e97a5c 100644
--- a/src/transport/gnunet-service-transport_validation.h
+++ b/src/transport/gnunet-service-transport_validation.h
@@ -134,7 +134,7 @@ GST_validation_handle_hello (const struct GNUNET_MessageHeader *hello);
134 */ 134 */
135typedef void (*GST_ValidationAddressCallback) (void *cls, 135typedef void (*GST_ValidationAddressCallback) (void *cls,
136 const struct 136 const struct
137 GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded 137 GNUNET_CRYPTO_EccPublicKeyBinaryEncoded
138 * public_key, 138 * public_key,
139 struct GNUNET_TIME_Absolute 139 struct GNUNET_TIME_Absolute
140 valid_until, 140 valid_until,
diff --git a/src/transport/test_plugin_transport.c b/src/transport/test_plugin_transport.c
index f0dbc411b..7fcbe9d63 100644
--- a/src/transport/test_plugin_transport.c
+++ b/src/transport/test_plugin_transport.c
@@ -43,12 +43,12 @@
43#define WAIT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5) 43#define WAIT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5)
44#define TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 30) 44#define TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 30)
45 45
46#define HOSTKEY_FILE "test_plugin_hostkey" 46#define HOSTKEY_FILE "test_plugin_hostkey.ecc"
47 47
48/** 48/**
49 * Our public key. 49 * Our public key.
50 */ 50 */
51static struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded my_public_key; 51static struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded my_public_key;
52 52
53/** 53/**
54 * Our identity. 54 * Our identity.
@@ -58,7 +58,7 @@ static struct GNUNET_PeerIdentity my_identity;
58/** 58/**
59 * Our private key. 59 * Our private key.
60 */ 60 */
61static struct GNUNET_CRYPTO_RsaPrivateKey *my_private_key; 61static struct GNUNET_CRYPTO_EccPrivateKey *my_private_key;
62 62
63/** 63/**
64 * Our configuration. 64 * Our configuration.
@@ -533,7 +533,7 @@ run (void *cls, char *const *args, const char *cfgfile,
533 "NEIGHBOUR_LIMIT", 533 "NEIGHBOUR_LIMIT",
534 &tneigh)) || 534 &tneigh)) ||
535 (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (c, 535 (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (c,
536 "GNUNETD", "HOSTKEY", 536 "PEER", "PRIVATE_KEY",
537 &keyfile))) 537 &keyfile)))
538 { 538 {
539 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 539 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -576,7 +576,7 @@ run (void *cls, char *const *args, const char *cfgfile,
576 576
577 577
578 max_connect_per_transport = (uint32_t) tneigh; 578 max_connect_per_transport = (uint32_t) tneigh;
579 my_private_key = GNUNET_CRYPTO_rsa_key_create_from_file (keyfile); 579 my_private_key = GNUNET_CRYPTO_ecc_key_create_from_file (keyfile);
580 GNUNET_free (keyfile); 580 GNUNET_free (keyfile);
581 if (NULL == my_private_key) 581 if (NULL == my_private_key)
582 { 582 {
@@ -585,7 +585,7 @@ run (void *cls, char *const *args, const char *cfgfile,
585 end_badly_now (); 585 end_badly_now ();
586 return; 586 return;
587 } 587 }
588 GNUNET_CRYPTO_rsa_key_get_public (my_private_key, &my_public_key); 588 GNUNET_CRYPTO_ecc_key_get_public (my_private_key, &my_public_key);
589 GNUNET_CRYPTO_hash (&my_public_key, sizeof (my_public_key), 589 GNUNET_CRYPTO_hash (&my_public_key, sizeof (my_public_key),
590 &my_identity.hashPubKey); 590 &my_identity.hashPubKey);
591 591
diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c
index d5c36d703..11b894f69 100644
--- a/src/util/crypto_aes.c
+++ b/src/util/crypto_aes.c
@@ -42,29 +42,6 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key)
42{ 42{
43 gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, 43 gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH,
44 GCRY_STRONG_RANDOM); 44 GCRY_STRONG_RANDOM);
45 key->crc32 =
46 htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH));
47}
48
49
50/**
51 * Check that a new session key is well-formed.
52 *
53 * @return GNUNET_OK if the key is valid
54 */
55int
56GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey
57 *key)
58{
59 uint32_t crc;
60
61 crc = GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH);
62 if (ntohl (key->crc32) != crc)
63 {
64 GNUNET_break_op (0);
65 return GNUNET_SYSERR;
66 }
67 return GNUNET_OK;
68} 45}
69 46
70 47
@@ -85,12 +62,6 @@ setup_cipher (gcry_cipher_hd_t *handle,
85{ 62{
86 int rc; 63 int rc;
87 64
88 if (GNUNET_OK !=
89 GNUNET_CRYPTO_aes_check_session_key (sessionkey))
90 {
91 GNUNET_break (0);
92 return GNUNET_SYSERR;
93 }
94 GNUNET_assert (0 == 65 GNUNET_assert (0 ==
95 gcry_cipher_open (handle, GCRY_CIPHER_AES256, 66 gcry_cipher_open (handle, GCRY_CIPHER_AES256,
96 GCRY_CIPHER_MODE_CFB, 0)); 67 GCRY_CIPHER_MODE_CFB, 0));
diff --git a/src/util/crypto_hash.c b/src/util/crypto_hash.c
index 04225b3dc..fca66aed4 100644
--- a/src/util/crypto_hash.c
+++ b/src/util/crypto_hash.c
@@ -419,8 +419,6 @@ GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc,
419 GNUNET_CRYPTO_AES_KEY_LENGTH + 419 GNUNET_CRYPTO_AES_KEY_LENGTH +
420 sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); 420 sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
421 memcpy (skey, hc, GNUNET_CRYPTO_AES_KEY_LENGTH); 421 memcpy (skey, hc, GNUNET_CRYPTO_AES_KEY_LENGTH);
422 skey->crc32 =
423 htonl (GNUNET_CRYPTO_crc32_n (skey, GNUNET_CRYPTO_AES_KEY_LENGTH));
424 memcpy (iv, &((char *) hc)[GNUNET_CRYPTO_AES_KEY_LENGTH], 422 memcpy (iv, &((char *) hc)[GNUNET_CRYPTO_AES_KEY_LENGTH],
425 sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); 423 sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
426} 424}
diff --git a/src/util/gnunet-ecc.c b/src/util/gnunet-ecc.c
index b19fc1998..d7f1dd58d 100644
--- a/src/util/gnunet-ecc.c
+++ b/src/util/gnunet-ecc.c
@@ -65,38 +65,12 @@ struct GNUNET_CRYPTO_EccPrivateKey
65 65
66 66
67/** 67/**
68 * Create a new private key. Caller must free return value.
69 *
70 * @return fresh private key
71 */
72static struct GNUNET_CRYPTO_EccPrivateKey *
73ecc_key_create ()
74{
75 struct GNUNET_CRYPTO_EccPrivateKey *ret;
76 gcry_sexp_t s_key;
77 gcry_sexp_t s_keyparam;
78
79 GNUNET_assert (0 ==
80 gcry_sexp_build (&s_keyparam, NULL,
81 "(genkey(ecc(nbits %d)(ecc-use-e 3:257)))",
82 2048));
83 GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam));
84 gcry_sexp_release (s_keyparam);
85#if EXTRA_CHECKS
86 GNUNET_assert (0 == gcry_pk_testkey (s_key));
87#endif
88 ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccPrivateKey));
89 ret->sexp = s_key;
90 return ret;
91}
92
93
94/**
95 * Create a flat file with a large number of key pairs for testing. 68 * Create a flat file with a large number of key pairs for testing.
96 */ 69 */
97static void 70static void
98create_keys (const char *fn) 71create_keys (const char *fn)
99{ 72{
73 static char pad[GNUNET_TESTING_HOSTKEYFILESIZE];
100 FILE *f; 74 FILE *f;
101 struct GNUNET_CRYPTO_EccPrivateKey *pk; 75 struct GNUNET_CRYPTO_EccPrivateKey *pk;
102 struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded *enc; 76 struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded *enc;
@@ -116,28 +90,34 @@ create_keys (const char *fn)
116 { 90 {
117 fprintf (stderr, 91 fprintf (stderr,
118 "."); 92 ".");
119 if (NULL == (pk = ecc_key_create ())) 93 if (NULL == (pk = GNUNET_CRYPTO_ecc_key_create ()))
120 { 94 {
121 GNUNET_break (0); 95 GNUNET_break (0);
122 break; 96 break;
123 } 97 }
124 enc = GNUNET_CRYPTO_ecc_encode_key (pk); 98 enc = GNUNET_CRYPTO_ecc_encode_key (pk);
125 if (htons (enc->size) != fwrite (enc, 1, htons (enc->size), f)) 99 GNUNET_assert (ntohs (enc->size) <= GNUNET_TESTING_HOSTKEYFILESIZE);
126 { 100 if ( (ntohs (enc->size) != fwrite (enc, 1, ntohs (enc->size), f)) ||
127 fprintf (stderr, 101 (GNUNET_TESTING_HOSTKEYFILESIZE - ntohs (enc->size)
128 _("\nFailed to write to `%s': %s\n"), 102 != fwrite (pad, 1, GNUNET_TESTING_HOSTKEYFILESIZE - ntohs (enc->size), f)) )
129 fn, 103 {
130 STRERROR (errno)); 104 fprintf (stderr,
131 GNUNET_CRYPTO_ecc_key_free (pk); 105 _("\nFailed to write to `%s': %s\n"),
132 GNUNET_free (enc); 106 fn,
133 break; 107 STRERROR (errno));
134 } 108 GNUNET_CRYPTO_ecc_key_free (pk);
109 GNUNET_free (enc);
110 break;
111 }
135 GNUNET_CRYPTO_ecc_key_free (pk); 112 GNUNET_CRYPTO_ecc_key_free (pk);
136 GNUNET_free (enc); 113 GNUNET_free (enc);
137 } 114 }
138 if (0 == make_keys) 115 if (UINT_MAX == make_keys)
116 fprintf (stderr,
117 _("\nFinished!\n"));
118 else
139 fprintf (stderr, 119 fprintf (stderr,
140 _("Finished!\n")); 120 _("\nError, %u keys not generated\n"), make_keys);
141 fclose (f); 121 fclose (f);
142} 122}
143 123
diff --git a/src/util/gnunet-rsa.c b/src/util/gnunet-rsa.c
index 917ee50f4..1e7132d3f 100644
--- a/src/util/gnunet-rsa.c
+++ b/src/util/gnunet-rsa.c
@@ -25,7 +25,6 @@
25 */ 25 */
26#include "platform.h" 26#include "platform.h"
27#include "gnunet_util_lib.h" 27#include "gnunet_util_lib.h"
28#include "gnunet_testing_lib.h"
29#include <gcrypt.h> 28#include <gcrypt.h>
30 29
31 30
@@ -49,107 +48,6 @@ static int print_short_identity;
49 */ 48 */
50static int weak_random; 49static int weak_random;
51 50
52/**
53 * Option set to create a bunch of keys at once.
54 */
55static unsigned int make_keys;
56
57/**
58 * The private information of an RSA key pair.
59 * NOTE: this must match the definition in crypto_ksk.c and crypto_rsa.c!
60 */
61struct GNUNET_CRYPTO_RsaPrivateKey
62{
63 gcry_sexp_t sexp;
64};
65
66
67/**
68 * Create a new private key. Caller must free return value.
69 *
70 * @return fresh private key
71 */
72static struct GNUNET_CRYPTO_RsaPrivateKey *
73rsa_key_create ()
74{
75 struct GNUNET_CRYPTO_RsaPrivateKey *ret;
76 gcry_sexp_t s_key;
77 gcry_sexp_t s_keyparam;
78
79 GNUNET_assert (0 ==
80 gcry_sexp_build (&s_keyparam, NULL,
81 "(genkey(rsa(nbits %d)(rsa-use-e 3:257)))",
82 2048));
83 GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam));
84 gcry_sexp_release (s_keyparam);
85#if EXTRA_CHECKS
86 GNUNET_assert (0 == gcry_pk_testkey (s_key));
87#endif
88 ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey));
89 ret->sexp = s_key;
90 return ret;
91}
92
93
94/**
95 * Create a flat file with a large number of key pairs for testing.
96 */
97static void
98create_keys (const char *fn)
99{
100 FILE *f;
101 struct GNUNET_CRYPTO_RsaPrivateKey *pk;
102 struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *enc;
103
104 if (NULL == (f = fopen (fn, "w+")))
105 {
106 fprintf (stderr,
107 _("Failed to open `%s': %s\n"),
108 fn,
109 STRERROR (errno));
110 return;
111 }
112 fprintf (stderr,
113 _("Generating %u keys, please wait"),
114 make_keys);
115 while (0 < make_keys--)
116 {
117 fprintf (stderr,
118 ".");
119 if (NULL == (pk = rsa_key_create ()))
120 {
121 GNUNET_break (0);
122 break;
123 }
124 enc = GNUNET_CRYPTO_rsa_encode_key (pk);
125 if (GNUNET_TESTING_HOSTKEYFILESIZE != htons (enc->len))
126 {
127 /* sometimes we get a different key length because 'd' or 'u' start
128 with leading bits; skip those... */
129 GNUNET_CRYPTO_rsa_key_free (pk);
130 GNUNET_free (enc);
131 make_keys++;
132 continue;
133 }
134 if (htons (enc->len) != fwrite (enc, 1, htons (enc->len), f))
135 {
136 fprintf (stderr,
137 _("\nFailed to write to `%s': %s\n"),
138 fn,
139 STRERROR (errno));
140 GNUNET_CRYPTO_rsa_key_free (pk);
141 GNUNET_free (enc);
142 break;
143 }
144 GNUNET_CRYPTO_rsa_key_free (pk);
145 GNUNET_free (enc);
146 }
147 if (0 == make_keys)
148 fprintf (stderr,
149 _("Finished!\n"));
150 fclose (f);
151}
152
153 51
154/** 52/**
155 * Main function that will be run by the scheduler. 53 * Main function that will be run by the scheduler.
@@ -174,11 +72,6 @@ run (void *cls, char *const *args, const char *cfgfile,
174 } 72 }
175 if (0 != weak_random) 73 if (0 != weak_random)
176 GNUNET_CRYPTO_random_disable_entropy_gathering (); 74 GNUNET_CRYPTO_random_disable_entropy_gathering ();
177 if (make_keys > 0)
178 {
179 create_keys (args[0]);
180 return;
181 }
182 pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]); 75 pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]);
183 if (NULL == pk) 76 if (NULL == pk)
184 return; 77 return;
@@ -225,9 +118,6 @@ int
225main (int argc, char *const*argv) 118main (int argc, char *const*argv)
226{ 119{
227 static const struct GNUNET_GETOPT_CommandLineOption options[] = { 120 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
228 { 'g', "generate-keys", "COUNT",
229 gettext_noop ("create COUNT public-private key pairs (for testing)"),
230 1, &GNUNET_GETOPT_set_uint, &make_keys },
231 { 'p', "print-public-key", NULL, 121 { 'p', "print-public-key", NULL,
232 gettext_noop ("print the public key in ASCII format"), 122 gettext_noop ("print the public key in ASCII format"),
233 0, &GNUNET_GETOPT_set_one, &print_public_key }, 123 0, &GNUNET_GETOPT_set_one, &print_public_key },
diff --git a/src/util/test_crypto_aes.c b/src/util/test_crypto_aes.c
index 971e9afbe..88b51188e 100644
--- a/src/util/test_crypto_aes.c
+++ b/src/util/test_crypto_aes.c
@@ -95,17 +95,6 @@ verifyCrypto ()
95 ret = 0; 95 ret = 0;
96 96
97 memcpy (key.key, raw_key, GNUNET_CRYPTO_AES_KEY_LENGTH); 97 memcpy (key.key, raw_key, GNUNET_CRYPTO_AES_KEY_LENGTH);
98 key.crc32 =
99 htonl (GNUNET_CRYPTO_crc32_n (&key, GNUNET_CRYPTO_AES_KEY_LENGTH));
100
101 if (ntohl (key.crc32) != (unsigned int) 38125195LL)
102 {
103 printf ("Static key has different CRC: %u - %u\n", ntohl (key.crc32),
104 key.crc32);
105
106 ret = 1;
107 goto error;
108 }
109 98
110 if (GNUNET_CRYPTO_AES_KEY_LENGTH != 99 if (GNUNET_CRYPTO_AES_KEY_LENGTH !=
111 GNUNET_CRYPTO_aes_encrypt (plain, GNUNET_CRYPTO_AES_KEY_LENGTH, &key, 100 GNUNET_CRYPTO_aes_encrypt (plain, GNUNET_CRYPTO_AES_KEY_LENGTH, &key,
diff --git a/src/util/test_crypto_aes_weak.c b/src/util/test_crypto_aes_weak.c
index 0b7ba5c54..201bfeb5d 100644
--- a/src/util/test_crypto_aes_weak.c
+++ b/src/util/test_crypto_aes_weak.c
@@ -91,9 +91,6 @@ testWeakKey ()
91 weak_key.key[30] = (char) (0xaa); 91 weak_key.key[30] = (char) (0xaa);
92 weak_key.key[31] = (char) (0xaa); 92 weak_key.key[31] = (char) (0xaa);
93 /* memset(&weak_key, 0, 32); */ 93 /* memset(&weak_key, 0, 32); */
94 weak_key.crc32 =
95 htonl (GNUNET_CRYPTO_crc32_n (&weak_key, GNUNET_CRYPTO_AES_KEY_LENGTH));
96
97 size = 94 size =
98 GNUNET_CRYPTO_aes_encrypt (WEAK_KEY_TESTSTRING, 95 GNUNET_CRYPTO_aes_encrypt (WEAK_KEY_TESTSTRING,
99 strlen (WEAK_KEY_TESTSTRING) + 1, &weak_key, 96 strlen (WEAK_KEY_TESTSTRING) + 1, &weak_key,