diff options
Diffstat (limited to 'src/include/gnunet_core_service.h')
-rw-r--r-- | src/include/gnunet_core_service.h | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/src/include/gnunet_core_service.h b/src/include/gnunet_core_service.h index c3069be81..c7e8b9022 100644 --- a/src/include/gnunet_core_service.h +++ b/src/include/gnunet_core_service.h | |||
@@ -50,6 +50,10 @@ extern "C" { | |||
50 | * Version number of GNUnet-core API. | 50 | * Version number of GNUnet-core API. |
51 | */ | 51 | */ |
52 | #define GNUNET_CORE_VERSION 0x00000001 | 52 | #define GNUNET_CORE_VERSION 0x00000001 |
53 | /** | ||
54 | * Enable XChaCha20-Poly1305 crypto https://bugs.gnunet.org/view.php?id=8630 | ||
55 | */ | ||
56 | #define CONG_CRYPTO_ENABLED 0 | ||
53 | 57 | ||
54 | GNUNET_NETWORK_STRUCT_BEGIN | 58 | GNUNET_NETWORK_STRUCT_BEGIN |
55 | 59 | ||
@@ -102,6 +106,89 @@ struct EphemeralKeyMessage | |||
102 | struct GNUNET_PeerIdentity origin_identity; | 106 | struct GNUNET_PeerIdentity origin_identity; |
103 | }; | 107 | }; |
104 | 108 | ||
109 | #if CONG_CRYPTO_ENABLED | ||
110 | /** | ||
111 | * We're sending an (encrypted) PING to the other peer to check if it | ||
112 | * can decrypt. The other peer should respond with a PONG with the | ||
113 | * same content, except this time encrypted with the receiver's key. | ||
114 | */ | ||
115 | struct PingMessage | ||
116 | { | ||
117 | /** | ||
118 | * Message type is #GNUNET_MESSAGE_TYPE_CORE_PING. | ||
119 | */ | ||
120 | struct GNUNET_MessageHeader header; | ||
121 | |||
122 | /** | ||
123 | * XChaCha20 nonce | ||
124 | */ | ||
125 | unsigned char nonce[crypto_aead_xchacha20poly1305_ietf_NPUBBYTES]; | ||
126 | |||
127 | /** | ||
128 | * The Poly1305 tag of the encrypted message | ||
129 | * (which is starting at @e target), | ||
130 | * used to verify message integrity. Everything after this value | ||
131 | * (excluding this value itself) will be encrypted and | ||
132 | * authenticated. | ||
133 | */ | ||
134 | unsigned char tag[crypto_aead_xchacha20poly1305_ietf_ABYTES]; | ||
135 | |||
136 | /** | ||
137 | * Intended target of the PING, used primarily to check | ||
138 | * that decryption actually worked. | ||
139 | */ | ||
140 | struct GNUNET_PeerIdentity target; | ||
141 | |||
142 | /** | ||
143 | * Random number chosen to make replay harder. | ||
144 | */ | ||
145 | uint32_t challenge GNUNET_PACKED; | ||
146 | }; | ||
147 | |||
148 | |||
149 | /** | ||
150 | * Response to a PING. Includes data from the original PING. | ||
151 | */ | ||
152 | struct PongMessage | ||
153 | { | ||
154 | /** | ||
155 | * Message type is #GNUNET_MESSAGE_TYPE_CORE_PONG. | ||
156 | */ | ||
157 | struct GNUNET_MessageHeader header; | ||
158 | |||
159 | /** | ||
160 | * XChaCha20 nonce | ||
161 | */ | ||
162 | unsigned char nonce[crypto_aead_xchacha20poly1305_ietf_NPUBBYTES]; | ||
163 | |||
164 | /** | ||
165 | * The Poly1305 tag of the encrypted message | ||
166 | * (which is starting at @e target), | ||
167 | * used to verify message integrity. Everything after this value | ||
168 | * (excluding this value itself) will be encrypted and | ||
169 | * authenticated. | ||
170 | */ | ||
171 | unsigned char tag[crypto_aead_xchacha20poly1305_ietf_ABYTES]; | ||
172 | |||
173 | |||
174 | /** | ||
175 | * Random number to make replay attacks harder. | ||
176 | */ | ||
177 | uint32_t challenge GNUNET_PACKED; | ||
178 | |||
179 | /** | ||
180 | * Reserved, always zero. | ||
181 | */ | ||
182 | uint32_t reserved; | ||
183 | |||
184 | /** | ||
185 | * Intended target of the PING, used primarily to check | ||
186 | * that decryption actually worked. | ||
187 | */ | ||
188 | struct GNUNET_PeerIdentity target; | ||
189 | }; | ||
190 | |||
191 | #else | ||
105 | 192 | ||
106 | /** | 193 | /** |
107 | * We're sending an (encrypted) PING to the other peer to check if it | 194 | * We're sending an (encrypted) PING to the other peer to check if it |
@@ -165,6 +252,9 @@ struct PongMessage | |||
165 | struct GNUNET_PeerIdentity target; | 252 | struct GNUNET_PeerIdentity target; |
166 | }; | 253 | }; |
167 | 254 | ||
255 | #endif | ||
256 | |||
257 | |||
168 | 258 | ||
169 | GNUNET_NETWORK_STRUCT_END | 259 | GNUNET_NETWORK_STRUCT_END |
170 | 260 | ||