diff options
Diffstat (limited to 'src/core/gnunet-service-core_kx.c')
-rw-r--r-- | src/core/gnunet-service-core_kx.c | 264 |
1 files changed, 215 insertions, 49 deletions
diff --git a/src/core/gnunet-service-core_kx.c b/src/core/gnunet-service-core_kx.c index 944d1e692..c017e0c23 100644 --- a/src/core/gnunet-service-core_kx.c +++ b/src/core/gnunet-service-core_kx.c | |||
@@ -2,20 +2,18 @@ | |||
2 | This file is part of GNUnet. | 2 | This file is part of GNUnet. |
3 | Copyright (C) 2009-2013, 2016 GNUnet e.V. | 3 | Copyright (C) 2009-2013, 2016 GNUnet e.V. |
4 | 4 | ||
5 | GNUnet is free software; you can redistribute it and/or modify | 5 | GNUnet is free software: you can redistribute it and/or modify it |
6 | it under the terms of the GNU General Public License as published | 6 | under the terms of the GNU Affero General Public License as published |
7 | by the Free Software Foundation; either version 3, or (at your | 7 | by the Free Software Foundation, either version 3 of the License, |
8 | option) any later version. | 8 | or (at your option) any later version. |
9 | 9 | ||
10 | GNUnet is distributed in the hope that it will be useful, but | 10 | GNUnet is distributed in the hope that it will be useful, but |
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with GNUnet; see the file COPYING. If not, write to the | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
18 | Boston, MA 02110-1301, USA. | ||
19 | */ | 17 | */ |
20 | 18 | ||
21 | /** | 19 | /** |
@@ -34,6 +32,10 @@ | |||
34 | #include "gnunet_protocols.h" | 32 | #include "gnunet_protocols.h" |
35 | #include "core.h" | 33 | #include "core.h" |
36 | 34 | ||
35 | /** | ||
36 | * Enable expensive (and possibly problematic for privacy!) logging of KX. | ||
37 | */ | ||
38 | #define DEBUG_KX 0 | ||
37 | 39 | ||
38 | /** | 40 | /** |
39 | * How long do we wait for SET_KEY confirmation initially? | 41 | * How long do we wait for SET_KEY confirmation initially? |
@@ -121,7 +123,7 @@ struct EphemeralKeyMessage | |||
121 | 123 | ||
122 | 124 | ||
123 | /** | 125 | /** |
124 | * We're sending an (encrypted) PING to the other peer to check if he | 126 | * We're sending an (encrypted) PING to the other peer to check if it |
125 | * can decrypt. The other peer should respond with a PONG with the | 127 | * can decrypt. The other peer should respond with a PONG with the |
126 | * same content, except this time encrypted with the receiver's key. | 128 | * same content, except this time encrypted with the receiver's key. |
127 | */ | 129 | */ |
@@ -447,8 +449,19 @@ derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey, | |||
447 | uint32_t seed) | 449 | uint32_t seed) |
448 | { | 450 | { |
449 | static const char ctx[] = "authentication key"; | 451 | static const char ctx[] = "authentication key"; |
450 | 452 | #if DEBUG_KX | |
451 | GNUNET_CRYPTO_hmac_derive_key (akey, skey, | 453 | struct GNUNET_HashCode sh; |
454 | |||
455 | GNUNET_CRYPTO_hash (skey, | ||
456 | sizeof (*skey), | ||
457 | &sh); | ||
458 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
459 | "Deriving Auth key from SKEY %s and seed %u\n", | ||
460 | GNUNET_h2s (&sh), | ||
461 | (unsigned int) seed); | ||
462 | #endif | ||
463 | GNUNET_CRYPTO_hmac_derive_key (akey, | ||
464 | skey, | ||
452 | &seed, sizeof (seed), | 465 | &seed, sizeof (seed), |
453 | skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), | 466 | skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), |
454 | ctx, sizeof (ctx), | 467 | ctx, sizeof (ctx), |
@@ -471,8 +484,20 @@ derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, | |||
471 | const struct GNUNET_PeerIdentity *identity) | 484 | const struct GNUNET_PeerIdentity *identity) |
472 | { | 485 | { |
473 | static const char ctx[] = "initialization vector"; | 486 | static const char ctx[] = "initialization vector"; |
474 | 487 | #if DEBUG_KX | |
475 | GNUNET_CRYPTO_symmetric_derive_iv (iv, skey, | 488 | struct GNUNET_HashCode sh; |
489 | |||
490 | GNUNET_CRYPTO_hash (skey, | ||
491 | sizeof (*skey), | ||
492 | &sh); | ||
493 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
494 | "Deriving IV from SKEY %s and seed %u for peer %s\n", | ||
495 | GNUNET_h2s (&sh), | ||
496 | (unsigned int) seed, | ||
497 | GNUNET_i2s (identity)); | ||
498 | #endif | ||
499 | GNUNET_CRYPTO_symmetric_derive_iv (iv, | ||
500 | skey, | ||
476 | &seed, sizeof (seed), | 501 | &seed, sizeof (seed), |
477 | identity, | 502 | identity, |
478 | sizeof (struct GNUNET_PeerIdentity), ctx, | 503 | sizeof (struct GNUNET_PeerIdentity), ctx, |
@@ -497,8 +522,21 @@ derive_pong_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, | |||
497 | const struct GNUNET_PeerIdentity *identity) | 522 | const struct GNUNET_PeerIdentity *identity) |
498 | { | 523 | { |
499 | static const char ctx[] = "pong initialization vector"; | 524 | static const char ctx[] = "pong initialization vector"; |
500 | 525 | #if DEBUG_KX | |
501 | GNUNET_CRYPTO_symmetric_derive_iv (iv, skey, | 526 | struct GNUNET_HashCode sh; |
527 | |||
528 | GNUNET_CRYPTO_hash (skey, | ||
529 | sizeof (*skey), | ||
530 | &sh); | ||
531 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
532 | "Deriving PONG IV from SKEY %s and seed %u/%u for %s\n", | ||
533 | GNUNET_h2s (&sh), | ||
534 | (unsigned int) seed, | ||
535 | (unsigned int) challenge, | ||
536 | GNUNET_i2s (identity)); | ||
537 | #endif | ||
538 | GNUNET_CRYPTO_symmetric_derive_iv (iv, | ||
539 | skey, | ||
502 | &seed, sizeof (seed), | 540 | &seed, sizeof (seed), |
503 | identity, | 541 | identity, |
504 | sizeof (struct GNUNET_PeerIdentity), | 542 | sizeof (struct GNUNET_PeerIdentity), |
@@ -523,7 +561,18 @@ derive_aes_key (const struct GNUNET_PeerIdentity *sender, | |||
523 | struct GNUNET_CRYPTO_SymmetricSessionKey *skey) | 561 | struct GNUNET_CRYPTO_SymmetricSessionKey *skey) |
524 | { | 562 | { |
525 | static const char ctx[] = "aes key generation vector"; | 563 | static const char ctx[] = "aes key generation vector"; |
526 | 564 | #if DEBUG_KX | |
565 | struct GNUNET_HashCode sh; | ||
566 | |||
567 | GNUNET_CRYPTO_hash (skey, | ||
568 | sizeof (*skey), | ||
569 | &sh); | ||
570 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
571 | "Deriving AES Keys for %s to %s from %s\n", | ||
572 | GNUNET_i2s (sender), | ||
573 | GNUNET_i2s2 (receiver), | ||
574 | GNUNET_h2s (key_material)); | ||
575 | #endif | ||
527 | GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), | 576 | GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), |
528 | ctx, sizeof (ctx), | 577 | ctx, sizeof (ctx), |
529 | key_material, sizeof (struct GNUNET_HashCode), | 578 | key_material, sizeof (struct GNUNET_HashCode), |
@@ -568,7 +617,7 @@ do_encrypt (struct GSC_KeyExchangeInfo *kx, | |||
568 | GNUNET_NO); | 617 | GNUNET_NO); |
569 | /* the following is too sensitive to write to log files by accident, | 618 | /* the following is too sensitive to write to log files by accident, |
570 | so we require manual intervention to get this one... */ | 619 | so we require manual intervention to get this one... */ |
571 | #if 0 | 620 | #if DEBUG_KX |
572 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 621 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
573 | "Encrypted %u bytes for `%s' using key %u, IV %u\n", | 622 | "Encrypted %u bytes for `%s' using key %u, IV %u\n", |
574 | (unsigned int) size, | 623 | (unsigned int) size, |
@@ -628,7 +677,7 @@ do_decrypt (struct GSC_KeyExchangeInfo *kx, | |||
628 | GNUNET_NO); | 677 | GNUNET_NO); |
629 | /* the following is too sensitive to write to log files by accident, | 678 | /* the following is too sensitive to write to log files by accident, |
630 | so we require manual intervention to get this one... */ | 679 | so we require manual intervention to get this one... */ |
631 | #if 0 | 680 | #if DEBUG_KX |
632 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 681 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
633 | "Decrypted %u bytes from `%s' using key %u, IV %u\n", | 682 | "Decrypted %u bytes from `%s' using key %u, IV %u\n", |
634 | (unsigned int) size, | 683 | (unsigned int) size, |
@@ -805,8 +854,8 @@ handle_transport_notify_connect (void *cls, | |||
805 | } | 854 | } |
806 | else | 855 | else |
807 | { | 856 | { |
808 | /* peer with "higher" identity starts a delayed KX, if the "lower" peer | 857 | /* peer with "higher" identity starts a delayed KX, if the "lower" peer |
809 | * does not start a KX since he sees no reasons to do so */ | 858 | * does not start a KX since it sees no reasons to do so */ |
810 | kx->retry_set_key_task | 859 | kx->retry_set_key_task |
811 | = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS, | 860 | = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS, |
812 | &set_key_retry_task, | 861 | &set_key_retry_task, |
@@ -939,15 +988,26 @@ handle_ephemeral_key (void *cls, | |||
939 | { | 988 | { |
940 | GNUNET_STATISTICS_update (GSC_stats, | 989 | GNUNET_STATISTICS_update (GSC_stats, |
941 | gettext_noop ("# old ephemeral keys ignored"), | 990 | gettext_noop ("# old ephemeral keys ignored"), |
942 | 1, GNUNET_NO); | 991 | 1, |
992 | GNUNET_NO); | ||
993 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
994 | "Received expired EPHEMERAL_KEY from %s\n", | ||
995 | GNUNET_i2s (&m->origin_identity)); | ||
996 | return; | ||
997 | } | ||
998 | if (0 == memcmp (&m->ephemeral_key, | ||
999 | &kx->other_ephemeral_key, | ||
1000 | sizeof (m->ephemeral_key))) | ||
1001 | { | ||
1002 | GNUNET_STATISTICS_update (GSC_stats, | ||
1003 | gettext_noop ("# duplicate ephemeral keys ignored"), | ||
1004 | 1, | ||
1005 | GNUNET_NO); | ||
1006 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
1007 | "Ignoring duplicate EPHEMERAL_KEY from %s\n", | ||
1008 | GNUNET_i2s (&m->origin_identity)); | ||
943 | return; | 1009 | return; |
944 | } | 1010 | } |
945 | start_t = GNUNET_TIME_absolute_ntoh (m->creation_time); | ||
946 | |||
947 | GNUNET_STATISTICS_update (GSC_stats, | ||
948 | gettext_noop ("# ephemeral keys received"), | ||
949 | 1, GNUNET_NO); | ||
950 | |||
951 | if (0 != | 1011 | if (0 != |
952 | memcmp (&m->origin_identity, | 1012 | memcmp (&m->origin_identity, |
953 | kx->peer, | 1013 | kx->peer, |
@@ -960,9 +1020,6 @@ handle_ephemeral_key (void *cls, | |||
960 | GNUNET_break_op (0); | 1020 | GNUNET_break_op (0); |
961 | return; | 1021 | return; |
962 | } | 1022 | } |
963 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
964 | "Core service receives EPHEMERAL_KEY request from `%s'.\n", | ||
965 | GNUNET_i2s (kx->peer)); | ||
966 | if ((ntohl (m->purpose.size) != | 1023 | if ((ntohl (m->purpose.size) != |
967 | sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + | 1024 | sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + |
968 | sizeof (struct GNUNET_TIME_AbsoluteNBO) + | 1025 | sizeof (struct GNUNET_TIME_AbsoluteNBO) + |
@@ -977,26 +1034,53 @@ handle_ephemeral_key (void *cls, | |||
977 | { | 1034 | { |
978 | /* invalid signature */ | 1035 | /* invalid signature */ |
979 | GNUNET_break_op (0); | 1036 | GNUNET_break_op (0); |
1037 | GNUNET_STATISTICS_update (GSC_stats, | ||
1038 | gettext_noop ("# EPHEMERAL_KEYs rejected (bad signature)"), | ||
1039 | 1, | ||
1040 | GNUNET_NO); | ||
1041 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
1042 | "Received EPHEMERAL_KEY from %s with bad signature\n", | ||
1043 | GNUNET_i2s (&m->origin_identity)); | ||
980 | return; | 1044 | return; |
981 | } | 1045 | } |
982 | now = GNUNET_TIME_absolute_get (); | 1046 | now = GNUNET_TIME_absolute_get (); |
1047 | start_t = GNUNET_TIME_absolute_ntoh (m->creation_time); | ||
983 | if ( (end_t.abs_value_us < GNUNET_TIME_absolute_subtract (now, REKEY_TOLERANCE).abs_value_us) || | 1048 | if ( (end_t.abs_value_us < GNUNET_TIME_absolute_subtract (now, REKEY_TOLERANCE).abs_value_us) || |
984 | (start_t.abs_value_us > GNUNET_TIME_absolute_add (now, REKEY_TOLERANCE).abs_value_us) ) | 1049 | (start_t.abs_value_us > GNUNET_TIME_absolute_add (now, REKEY_TOLERANCE).abs_value_us) ) |
985 | { | 1050 | { |
986 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 1051 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
987 | _("Ephemeral key message from peer `%s' rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"), | 1052 | _("EPHEMERAL_KEY from peer `%s' rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"), |
988 | GNUNET_i2s (kx->peer), | 1053 | GNUNET_i2s (kx->peer), |
989 | (unsigned long long) now.abs_value_us, | 1054 | (unsigned long long) now.abs_value_us, |
990 | (unsigned long long) start_t.abs_value_us, | 1055 | (unsigned long long) start_t.abs_value_us, |
991 | (unsigned long long) end_t.abs_value_us); | 1056 | (unsigned long long) end_t.abs_value_us); |
1057 | GNUNET_STATISTICS_update (GSC_stats, | ||
1058 | gettext_noop ("# EPHEMERAL_KEY messages rejected due to time"), | ||
1059 | 1, | ||
1060 | GNUNET_NO); | ||
992 | return; | 1061 | return; |
993 | } | 1062 | } |
1063 | #if DEBUG_KX | ||
1064 | { | ||
1065 | struct GNUNET_HashCode eh; | ||
1066 | |||
1067 | GNUNET_CRYPTO_hash (&m->ephemeral_key, | ||
1068 | sizeof (m->ephemeral_key), | ||
1069 | &eh); | ||
1070 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1071 | "Received valid EPHEMERAL_KEY `%s' from `%s' in state %d.\n", | ||
1072 | GNUNET_h2s (&eh), | ||
1073 | GNUNET_i2s (kx->peer), | ||
1074 | kx->status); | ||
1075 | } | ||
1076 | #endif | ||
1077 | GNUNET_STATISTICS_update (GSC_stats, | ||
1078 | gettext_noop ("# valid ephemeral keys received"), | ||
1079 | 1, | ||
1080 | GNUNET_NO); | ||
994 | kx->other_ephemeral_key = m->ephemeral_key; | 1081 | kx->other_ephemeral_key = m->ephemeral_key; |
995 | kx->foreign_key_expires = end_t; | 1082 | kx->foreign_key_expires = end_t; |
996 | derive_session_keys (kx); | 1083 | derive_session_keys (kx); |
997 | GNUNET_STATISTICS_update (GSC_stats, | ||
998 | gettext_noop ("# EPHEMERAL_KEY messages received"), 1, | ||
999 | GNUNET_NO); | ||
1000 | 1084 | ||
1001 | /* check if we still need to send the sender our key */ | 1085 | /* check if we still need to send the sender our key */ |
1002 | sender_status = (enum GNUNET_CORE_KxState) ntohl (m->sender_status); | 1086 | sender_status = (enum GNUNET_CORE_KxState) ntohl (m->sender_status); |
@@ -1130,8 +1214,9 @@ handle_ping (void *cls, | |||
1130 | { | 1214 | { |
1131 | if (GNUNET_CORE_KX_STATE_REKEY_SENT != kx->status) | 1215 | if (GNUNET_CORE_KX_STATE_REKEY_SENT != kx->status) |
1132 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 1216 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
1133 | "Decryption of PING from peer `%s' failed\n", | 1217 | "Decryption of PING from peer `%s' failed, PING for `%s'?\n", |
1134 | GNUNET_i2s (kx->peer)); | 1218 | GNUNET_i2s (kx->peer), |
1219 | GNUNET_i2s2 (&t.target)); | ||
1135 | else | 1220 | else |
1136 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1221 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1137 | "Decryption of PING from peer `%s' failed after rekey (harmless)\n", | 1222 | "Decryption of PING from peer `%s' failed after rekey (harmless)\n", |
@@ -1328,7 +1413,7 @@ handle_pong (void *cls, | |||
1328 | return; | 1413 | return; |
1329 | } | 1414 | } |
1330 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1415 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1331 | "Received PONG from `%s'\n", | 1416 | "Received valid PONG from `%s'\n", |
1332 | GNUNET_i2s (kx->peer)); | 1417 | GNUNET_i2s (kx->peer)); |
1333 | /* no need to resend key any longer */ | 1418 | /* no need to resend key any longer */ |
1334 | if (NULL != kx->retry_set_key_task) | 1419 | if (NULL != kx->retry_set_key_task) |
@@ -1395,10 +1480,20 @@ send_key (struct GSC_KeyExchangeInfo *kx) | |||
1395 | kx->retry_set_key_task = NULL; | 1480 | kx->retry_set_key_task = NULL; |
1396 | } | 1481 | } |
1397 | /* always update sender status in SET KEY message */ | 1482 | /* always update sender status in SET KEY message */ |
1398 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1483 | #if DEBUG_KX |
1399 | "Sending key to `%s' (my status: %d)\n", | 1484 | { |
1400 | GNUNET_i2s (kx->peer), | 1485 | struct GNUNET_HashCode hc; |
1401 | kx->status); | 1486 | |
1487 | GNUNET_CRYPTO_hash (¤t_ekm.ephemeral_key, | ||
1488 | sizeof (current_ekm.ephemeral_key), | ||
1489 | &hc); | ||
1490 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1491 | "Sending EPHEMERAL_KEY %s to `%s' (my status: %d)\n", | ||
1492 | GNUNET_h2s (&hc), | ||
1493 | GNUNET_i2s (kx->peer), | ||
1494 | kx->status); | ||
1495 | } | ||
1496 | #endif | ||
1402 | current_ekm.sender_status = htonl ((int32_t) (kx->status)); | 1497 | current_ekm.sender_status = htonl ((int32_t) (kx->status)); |
1403 | env = GNUNET_MQ_msg_copy (¤t_ekm.header); | 1498 | env = GNUNET_MQ_msg_copy (¤t_ekm.header); |
1404 | GNUNET_MQ_send (kx->mq, | 1499 | GNUNET_MQ_send (kx->mq, |
@@ -1454,10 +1549,20 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx, | |||
1454 | &ph->sequence_number, | 1549 | &ph->sequence_number, |
1455 | &em->sequence_number, | 1550 | &em->sequence_number, |
1456 | used - ENCRYPTED_HEADER_SIZE)); | 1551 | used - ENCRYPTED_HEADER_SIZE)); |
1457 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1552 | #if DEBUG_KX |
1458 | "Encrypted %u bytes for %s\n", | 1553 | { |
1459 | (unsigned int) (used - ENCRYPTED_HEADER_SIZE), | 1554 | struct GNUNET_HashCode hc; |
1460 | GNUNET_i2s (kx->peer)); | 1555 | |
1556 | GNUNET_CRYPTO_hash (&ph->sequence_number, | ||
1557 | used - ENCRYPTED_HEADER_SIZE, | ||
1558 | &hc); | ||
1559 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1560 | "Encrypted payload `%s' of %u bytes for %s\n", | ||
1561 | GNUNET_h2s (&hc), | ||
1562 | (unsigned int) (used - ENCRYPTED_HEADER_SIZE), | ||
1563 | GNUNET_i2s (kx->peer)); | ||
1564 | } | ||
1565 | #endif | ||
1461 | derive_auth_key (&auth_key, | 1566 | derive_auth_key (&auth_key, |
1462 | &kx->encrypt_key, | 1567 | &kx->encrypt_key, |
1463 | ph->iv_seed); | 1568 | ph->iv_seed); |
@@ -1465,6 +1570,20 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx, | |||
1465 | &em->sequence_number, | 1570 | &em->sequence_number, |
1466 | used - ENCRYPTED_HEADER_SIZE, | 1571 | used - ENCRYPTED_HEADER_SIZE, |
1467 | &em->hmac); | 1572 | &em->hmac); |
1573 | #if DEBUG_KX | ||
1574 | { | ||
1575 | struct GNUNET_HashCode hc; | ||
1576 | |||
1577 | GNUNET_CRYPTO_hash (&auth_key, | ||
1578 | sizeof (auth_key), | ||
1579 | &hc); | ||
1580 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1581 | "For peer %s, used AC %s to create hmac %s\n", | ||
1582 | GNUNET_i2s (kx->peer), | ||
1583 | GNUNET_h2s (&hc), | ||
1584 | GNUNET_h2s2 (&em->hmac)); | ||
1585 | } | ||
1586 | #endif | ||
1468 | kx->has_excess_bandwidth = GNUNET_NO; | 1587 | kx->has_excess_bandwidth = GNUNET_NO; |
1469 | GNUNET_MQ_send (kx->mq, | 1588 | GNUNET_MQ_send (kx->mq, |
1470 | env); | 1589 | env); |
@@ -1544,6 +1663,20 @@ handle_encrypted (void *cls, | |||
1544 | } | 1663 | } |
1545 | 1664 | ||
1546 | /* validate hash */ | 1665 | /* validate hash */ |
1666 | #if DEBUG_KX | ||
1667 | { | ||
1668 | struct GNUNET_HashCode hc; | ||
1669 | |||
1670 | GNUNET_CRYPTO_hash (&m->sequence_number, | ||
1671 | size - ENCRYPTED_HEADER_SIZE, | ||
1672 | &hc); | ||
1673 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1674 | "Received encrypted payload `%s' of %u bytes from %s\n", | ||
1675 | GNUNET_h2s (&hc), | ||
1676 | (unsigned int) (size - ENCRYPTED_HEADER_SIZE), | ||
1677 | GNUNET_i2s (kx->peer)); | ||
1678 | } | ||
1679 | #endif | ||
1547 | derive_auth_key (&auth_key, | 1680 | derive_auth_key (&auth_key, |
1548 | &kx->decrypt_key, | 1681 | &kx->decrypt_key, |
1549 | m->iv_seed); | 1682 | m->iv_seed); |
@@ -1551,6 +1684,20 @@ handle_encrypted (void *cls, | |||
1551 | &m->sequence_number, | 1684 | &m->sequence_number, |
1552 | size - ENCRYPTED_HEADER_SIZE, | 1685 | size - ENCRYPTED_HEADER_SIZE, |
1553 | &ph); | 1686 | &ph); |
1687 | #if DEBUG_KX | ||
1688 | { | ||
1689 | struct GNUNET_HashCode hc; | ||
1690 | |||
1691 | GNUNET_CRYPTO_hash (&auth_key, | ||
1692 | sizeof (auth_key), | ||
1693 | &hc); | ||
1694 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1695 | "For peer %s, used AC %s to verify hmac %s\n", | ||
1696 | GNUNET_i2s (kx->peer), | ||
1697 | GNUNET_h2s (&hc), | ||
1698 | GNUNET_h2s2 (&m->hmac)); | ||
1699 | } | ||
1700 | #endif | ||
1554 | if (0 != memcmp (&ph, | 1701 | if (0 != memcmp (&ph, |
1555 | &m->hmac, | 1702 | &m->hmac, |
1556 | sizeof (struct GNUNET_HashCode))) | 1703 | sizeof (struct GNUNET_HashCode))) |
@@ -1742,11 +1889,19 @@ do_rekey (void *cls) | |||
1742 | NULL); | 1889 | NULL); |
1743 | if (NULL != my_ephemeral_key) | 1890 | if (NULL != my_ephemeral_key) |
1744 | GNUNET_free (my_ephemeral_key); | 1891 | GNUNET_free (my_ephemeral_key); |
1745 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
1746 | "Rekeying\n"); | ||
1747 | my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create (); | 1892 | my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create (); |
1748 | GNUNET_assert (NULL != my_ephemeral_key); | 1893 | GNUNET_assert (NULL != my_ephemeral_key); |
1749 | sign_ephemeral_key (); | 1894 | sign_ephemeral_key (); |
1895 | { | ||
1896 | struct GNUNET_HashCode eh; | ||
1897 | |||
1898 | GNUNET_CRYPTO_hash (¤t_ekm.ephemeral_key, | ||
1899 | sizeof (current_ekm.ephemeral_key), | ||
1900 | &eh); | ||
1901 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
1902 | "Rekeying to %s\n", | ||
1903 | GNUNET_h2s (&eh)); | ||
1904 | } | ||
1750 | for (pos = kx_head; NULL != pos; pos = pos->next) | 1905 | for (pos = kx_head; NULL != pos; pos = pos->next) |
1751 | { | 1906 | { |
1752 | if (GNUNET_CORE_KX_STATE_UP == pos->status) | 1907 | if (GNUNET_CORE_KX_STATE_UP == pos->status) |
@@ -1807,6 +1962,17 @@ GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk) | |||
1807 | return GNUNET_SYSERR; | 1962 | return GNUNET_SYSERR; |
1808 | } | 1963 | } |
1809 | sign_ephemeral_key (); | 1964 | sign_ephemeral_key (); |
1965 | { | ||
1966 | struct GNUNET_HashCode eh; | ||
1967 | |||
1968 | GNUNET_CRYPTO_hash (¤t_ekm.ephemeral_key, | ||
1969 | sizeof (current_ekm.ephemeral_key), | ||
1970 | &eh); | ||
1971 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
1972 | "Starting with ephemeral key %s\n", | ||
1973 | GNUNET_h2s (&eh)); | ||
1974 | } | ||
1975 | |||
1810 | nc = GNUNET_notification_context_create (1); | 1976 | nc = GNUNET_notification_context_create (1); |
1811 | rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, | 1977 | rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, |
1812 | &do_rekey, | 1978 | &do_rekey, |