diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 20 | ||||
-rw-r--r-- | src/transport/Makefile.am | 1 | ||||
-rw-r--r-- | src/transport/gnunet-communicator-tcp.c | 10 | ||||
-rw-r--r-- | src/transport/gnunet-service-tng.c | 68 | ||||
-rw-r--r-- | src/util/crypto_random.c | 39 |
5 files changed, 108 insertions, 30 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 6822de2f1..45da5f6ba 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -456,6 +456,18 @@ int32_t | |||
456 | GNUNET_CRYPTO_crc32_n (const void *buf, | 456 | GNUNET_CRYPTO_crc32_n (const void *buf, |
457 | size_t len); | 457 | size_t len); |
458 | 458 | ||
459 | /** | ||
460 | * @ingroup crypto | ||
461 | * Zero out @a buffer, securely against compiler optimizations. | ||
462 | * Used to delete key material. | ||
463 | * | ||
464 | * @param buffer the buffer to zap | ||
465 | * @param length buffer length | ||
466 | */ | ||
467 | void | ||
468 | GNUNET_CRYPTO_zero_keys (void *buffer, | ||
469 | size_t length); | ||
470 | |||
459 | 471 | ||
460 | /** | 472 | /** |
461 | * @ingroup crypto | 473 | * @ingroup crypto |
@@ -721,8 +733,8 @@ GNUNET_CRYPTO_hash_context_abort (struct GNUNET_HashContext *hc); | |||
721 | */ | 733 | */ |
722 | void | 734 | void |
723 | GNUNET_CRYPTO_hmac_raw (const void *key, size_t key_len, | 735 | GNUNET_CRYPTO_hmac_raw (const void *key, size_t key_len, |
724 | const void *plaintext, size_t plaintext_len, | 736 | const void *plaintext, size_t plaintext_len, |
725 | struct GNUNET_HashCode *hmac); | 737 | struct GNUNET_HashCode *hmac); |
726 | 738 | ||
727 | 739 | ||
728 | /** | 740 | /** |
@@ -1866,7 +1878,7 @@ GNUNET_CRYPTO_rsa_private_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *key); | |||
1866 | */ | 1878 | */ |
1867 | size_t | 1879 | size_t |
1868 | GNUNET_CRYPTO_rsa_private_key_encode (const struct GNUNET_CRYPTO_RsaPrivateKey *key, | 1880 | GNUNET_CRYPTO_rsa_private_key_encode (const struct GNUNET_CRYPTO_RsaPrivateKey *key, |
1869 | char **buffer); | 1881 | char **buffer); |
1870 | 1882 | ||
1871 | 1883 | ||
1872 | /** | 1884 | /** |
@@ -1879,7 +1891,7 @@ GNUNET_CRYPTO_rsa_private_key_encode (const struct GNUNET_CRYPTO_RsaPrivateKey * | |||
1879 | */ | 1891 | */ |
1880 | struct GNUNET_CRYPTO_RsaPrivateKey * | 1892 | struct GNUNET_CRYPTO_RsaPrivateKey * |
1881 | GNUNET_CRYPTO_rsa_private_key_decode (const char *buf, | 1893 | GNUNET_CRYPTO_rsa_private_key_decode (const char *buf, |
1882 | size_t len); | 1894 | size_t len); |
1883 | 1895 | ||
1884 | 1896 | ||
1885 | /** | 1897 | /** |
diff --git a/src/transport/Makefile.am b/src/transport/Makefile.am index f83fa669c..53fd9c973 100644 --- a/src/transport/Makefile.am +++ b/src/transport/Makefile.am | |||
@@ -374,6 +374,7 @@ gnunet_service_tng_LDADD = \ | |||
374 | $(top_builddir)/src/hello/libgnunethello.la \ | 374 | $(top_builddir)/src/hello/libgnunethello.la \ |
375 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | 375 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ |
376 | $(top_builddir)/src/util/libgnunetutil.la \ | 376 | $(top_builddir)/src/util/libgnunetutil.la \ |
377 | $(LIBGCRYPT_LIBS) \ | ||
377 | $(GN_LIBINTL) | 378 | $(GN_LIBINTL) |
378 | 379 | ||
379 | plugin_LTLIBRARIES = \ | 380 | plugin_LTLIBRARIES = \ |
diff --git a/src/transport/gnunet-communicator-tcp.c b/src/transport/gnunet-communicator-tcp.c index a8f88c5e4..e9223401f 100644 --- a/src/transport/gnunet-communicator-tcp.c +++ b/src/transport/gnunet-communicator-tcp.c | |||
@@ -814,9 +814,9 @@ pass_plaintext_to_core (struct Queue *queue, | |||
814 | */ | 814 | */ |
815 | static void | 815 | static void |
816 | setup_cipher (const struct GNUNET_HashCode *dh, | 816 | setup_cipher (const struct GNUNET_HashCode *dh, |
817 | const struct GNUNET_PeerIdentity *pid, | 817 | const struct GNUNET_PeerIdentity *pid, |
818 | gcry_cipher_hd_t *cipher, | 818 | gcry_cipher_hd_t *cipher, |
819 | struct GNUNET_HashCode *hmac_key) | 819 | struct GNUNET_HashCode *hmac_key) |
820 | { | 820 | { |
821 | char key[256/8]; | 821 | char key[256/8]; |
822 | char ctr[128/8]; | 822 | char ctr[128/8]; |
@@ -872,7 +872,7 @@ setup_cipher (const struct GNUNET_HashCode *dh, | |||
872 | */ | 872 | */ |
873 | static void | 873 | static void |
874 | setup_in_cipher (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, | 874 | setup_in_cipher (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, |
875 | struct Queue *queue) | 875 | struct Queue *queue) |
876 | { | 876 | { |
877 | struct GNUNET_HashCode dh; | 877 | struct GNUNET_HashCode dh; |
878 | 878 | ||
@@ -896,7 +896,7 @@ setup_in_cipher (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, | |||
896 | */ | 896 | */ |
897 | static void | 897 | static void |
898 | do_rekey (struct Queue *queue, | 898 | do_rekey (struct Queue *queue, |
899 | const struct TCPRekey *rekey) | 899 | const struct TCPRekey *rekey) |
900 | { | 900 | { |
901 | struct TcpHandshakeSignature thp; | 901 | struct TcpHandshakeSignature thp; |
902 | 902 | ||
diff --git a/src/transport/gnunet-service-tng.c b/src/transport/gnunet-service-tng.c index bb1656876..53b9ba0c8 100644 --- a/src/transport/gnunet-service-tng.c +++ b/src/transport/gnunet-service-tng.c | |||
@@ -33,7 +33,6 @@ | |||
33 | * transport-to-transport traffic) | 33 | * transport-to-transport traffic) |
34 | * | 34 | * |
35 | * Implement next: | 35 | * Implement next: |
36 | * - backchannel message encryption & decryption | ||
37 | * - DV data structures: | 36 | * - DV data structures: |
38 | * + using DV routes! | 37 | * + using DV routes! |
39 | * - handling of DV-boxed messages that need to be forwarded | 38 | * - handling of DV-boxed messages that need to be forwarded |
@@ -59,7 +58,6 @@ | |||
59 | * FIXME (without marks in the code!): | 58 | * FIXME (without marks in the code!): |
60 | * - proper use/initialization of timestamps in messages exchanged | 59 | * - proper use/initialization of timestamps in messages exchanged |
61 | * during DV learning | 60 | * during DV learning |
62 | * - | ||
63 | * | 61 | * |
64 | * Optimizations: | 62 | * Optimizations: |
65 | * - use shorthashmap on msg_uuid's when matching reliability/fragment ACKs | 63 | * - use shorthashmap on msg_uuid's when matching reliability/fragment ACKs |
@@ -3238,21 +3236,32 @@ route_message (const struct GNUNET_PeerIdentity *target, | |||
3238 | */ | 3236 | */ |
3239 | struct BackchannelKeyState | 3237 | struct BackchannelKeyState |
3240 | { | 3238 | { |
3241 | // FIXME: actual data types in this struct are likely still totally wrong | ||
3242 | /** | 3239 | /** |
3243 | * | 3240 | * State of our block cipher. |
3244 | */ | 3241 | */ |
3245 | char hdr_key[128]; | 3242 | gcry_cipher_hd_t cipher; |
3246 | 3243 | ||
3247 | /** | 3244 | /** |
3248 | * | 3245 | * Actual key material. |
3249 | */ | 3246 | */ |
3250 | char body_key[128]; | 3247 | struct { |
3251 | 3248 | ||
3252 | /** | 3249 | /** |
3253 | * | 3250 | * Key used for HMAC calculations (via #GNUNET_CRYPTO_hmac()). |
3254 | */ | 3251 | */ |
3255 | char hmac_key[128]; | 3252 | struct GNUNET_CRYPTO_AuthKey hmac_key; |
3253 | |||
3254 | /** | ||
3255 | * Symmetric key to use for encryption. | ||
3256 | */ | ||
3257 | char aes_key[256/8]; | ||
3258 | |||
3259 | /** | ||
3260 | * Counter value to use during setup. | ||
3261 | */ | ||
3262 | char aes_ctr[128/8]; | ||
3263 | |||
3264 | } material; | ||
3256 | }; | 3265 | }; |
3257 | 3266 | ||
3258 | 3267 | ||
@@ -3263,14 +3272,24 @@ bc_setup_key_state_from_km (const struct GNUNET_HashCode *km, | |||
3263 | { | 3272 | { |
3264 | /* must match #dh_key_derive_eph_pub */ | 3273 | /* must match #dh_key_derive_eph_pub */ |
3265 | GNUNET_assert (GNUNET_YES == | 3274 | GNUNET_assert (GNUNET_YES == |
3266 | GNUNET_CRYPTO_kdf (key, | 3275 | GNUNET_CRYPTO_kdf (&key->material, |
3267 | sizeof (*key), | 3276 | sizeof (key->material), |
3268 | "transport-backchannel-key", | 3277 | "transport-backchannel-key", |
3269 | strlen ("transport-backchannel-key"), | 3278 | strlen ("transport-backchannel-key"), |
3270 | &km, | 3279 | &km, |
3271 | sizeof (km), | 3280 | sizeof (km), |
3272 | iv, | 3281 | iv, |
3273 | sizeof (*iv))); | 3282 | sizeof (*iv))); |
3283 | gcry_cipher_open (&key->cipher, | ||
3284 | GCRY_CIPHER_AES256 /* low level: go for speed */, | ||
3285 | GCRY_CIPHER_MODE_CTR, | ||
3286 | 0 /* flags */); | ||
3287 | gcry_cipher_setkey (key->cipher, | ||
3288 | &key->material.aes_key, | ||
3289 | sizeof (key->material.aes_key)); | ||
3290 | gcry_cipher_setctr (key->cipher, | ||
3291 | &key->material.aes_ctr, | ||
3292 | sizeof (key->material.aes_ctr)); | ||
3274 | } | 3293 | } |
3275 | 3294 | ||
3276 | 3295 | ||
@@ -3342,7 +3361,10 @@ bc_hmac (const struct BackchannelKeyState *key, | |||
3342 | const void *data, | 3361 | const void *data, |
3343 | size_t data_size) | 3362 | size_t data_size) |
3344 | { | 3363 | { |
3345 | // FIXME! | 3364 | GNUNET_CRYPTO_hmac (&key->material.hmac_key, |
3365 | data, | ||
3366 | data_size, | ||
3367 | hmac); | ||
3346 | } | 3368 | } |
3347 | 3369 | ||
3348 | 3370 | ||
@@ -3361,7 +3383,12 @@ bc_encrypt (struct BackchannelKeyState *key, | |||
3361 | void *dst, | 3383 | void *dst, |
3362 | size_t in_size) | 3384 | size_t in_size) |
3363 | { | 3385 | { |
3364 | // FIXME! | 3386 | GNUNET_assert (0 == |
3387 | gcry_cipher_encrypt (key->cipher, | ||
3388 | dst, | ||
3389 | in_size, | ||
3390 | in, | ||
3391 | in_size)); | ||
3365 | } | 3392 | } |
3366 | 3393 | ||
3367 | 3394 | ||
@@ -3380,7 +3407,12 @@ bc_decrypt (struct BackchannelKeyState *key, | |||
3380 | const void *ciph, | 3407 | const void *ciph, |
3381 | size_t out_size) | 3408 | size_t out_size) |
3382 | { | 3409 | { |
3383 | // FIXME! | 3410 | GNUNET_assert (0 == |
3411 | gcry_cipher_decrypt (key->cipher, | ||
3412 | out, | ||
3413 | out_size, | ||
3414 | ciph, | ||
3415 | out_size)); | ||
3384 | } | 3416 | } |
3385 | 3417 | ||
3386 | 3418 | ||
@@ -3392,7 +3424,9 @@ bc_decrypt (struct BackchannelKeyState *key, | |||
3392 | static void | 3424 | static void |
3393 | bc_key_clean (struct BackchannelKeyState *key) | 3425 | bc_key_clean (struct BackchannelKeyState *key) |
3394 | { | 3426 | { |
3395 | // FIXME! | 3427 | gcry_cipher_close (key->cipher); |
3428 | GNUNET_CRYPTO_zero_keys (&key->material, | ||
3429 | sizeof (key->material)); | ||
3396 | } | 3430 | } |
3397 | 3431 | ||
3398 | 3432 | ||
diff --git a/src/util/crypto_random.c b/src/util/crypto_random.c index 54bea58e1..8bb5f0587 100644 --- a/src/util/crypto_random.c +++ b/src/util/crypto_random.c | |||
@@ -98,6 +98,34 @@ GNUNET_CRYPTO_seed_weak_random (int32_t seed) | |||
98 | 98 | ||
99 | /** | 99 | /** |
100 | * @ingroup crypto | 100 | * @ingroup crypto |
101 | * Zero out @a buffer, securely against compiler optimizations. | ||
102 | * Used to delete key material. | ||
103 | * | ||
104 | * @param buffer the buffer to zap | ||
105 | * @param length buffer length | ||
106 | */ | ||
107 | void | ||
108 | GNUNET_CRYPTO_zero_keys (void *buffer, | ||
109 | size_t length) | ||
110 | { | ||
111 | #if HAVE_MEMSET_S | ||
112 | memset_s (buffer, | ||
113 | length, | ||
114 | 0, | ||
115 | length); | ||
116 | #elif HAVE_EXPLICIT_BZERO | ||
117 | explicit_bzero (buffer, | ||
118 | length); | ||
119 | #else | ||
120 | volatile unsigned char *p = buffer; | ||
121 | while (length--) | ||
122 | *p++ = 0; | ||
123 | #endif | ||
124 | } | ||
125 | |||
126 | |||
127 | /** | ||
128 | * @ingroup crypto | ||
101 | * Fill block with a random values. | 129 | * Fill block with a random values. |
102 | * | 130 | * |
103 | * @param mode desired quality of the random number | 131 | * @param mode desired quality of the random number |
@@ -105,7 +133,9 @@ GNUNET_CRYPTO_seed_weak_random (int32_t seed) | |||
105 | * @param length buffer length | 133 | * @param length buffer length |
106 | */ | 134 | */ |
107 | void | 135 | void |
108 | GNUNET_CRYPTO_random_block (enum GNUNET_CRYPTO_Quality mode, void *buffer, size_t length) | 136 | GNUNET_CRYPTO_random_block (enum GNUNET_CRYPTO_Quality mode, |
137 | void *buffer, | ||
138 | size_t length) | ||
109 | { | 139 | { |
110 | #ifdef gcry_fast_random_poll | 140 | #ifdef gcry_fast_random_poll |
111 | static unsigned int invokeCount; | 141 | static unsigned int invokeCount; |
@@ -146,7 +176,7 @@ GNUNET_CRYPTO_random_block (enum GNUNET_CRYPTO_Quality mode, void *buffer, size_ | |||
146 | */ | 176 | */ |
147 | uint32_t | 177 | uint32_t |
148 | GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode, | 178 | GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode, |
149 | uint32_t i) | 179 | uint32_t i) |
150 | { | 180 | { |
151 | #ifdef gcry_fast_random_poll | 181 | #ifdef gcry_fast_random_poll |
152 | static unsigned int invokeCount; | 182 | static unsigned int invokeCount; |
@@ -202,7 +232,7 @@ GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode, | |||
202 | */ | 232 | */ |
203 | unsigned int * | 233 | unsigned int * |
204 | GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, | 234 | GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, |
205 | unsigned int n) | 235 | unsigned int n) |
206 | { | 236 | { |
207 | unsigned int *ret; | 237 | unsigned int *ret; |
208 | unsigned int i; | 238 | unsigned int i; |
@@ -232,7 +262,8 @@ GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, | |||
232 | * @return random 64-bit number | 262 | * @return random 64-bit number |
233 | */ | 263 | */ |
234 | uint64_t | 264 | uint64_t |
235 | GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, uint64_t max) | 265 | GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, |
266 | uint64_t max) | ||
236 | { | 267 | { |
237 | uint64_t ret; | 268 | uint64_t ret; |
238 | uint64_t ul; | 269 | uint64_t ul; |