[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r33297 - gnunet/src/cadet
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r33297 - gnunet/src/cadet |
|
Date: |
Wed, 14 May 2014 18:50:50 +0200 |
Author: bartpolot
Date: 2014-05-14 18:50:49 +0200 (Wed, 14 May 2014)
New Revision: 33297
Modified:
gnunet/src/cadet/gnunet-service-cadet_tunnel.c
Log:
- don't use the old key during a KX
Modified: gnunet/src/cadet/gnunet-service-cadet_tunnel.c
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2014-05-14 16:50:48 UTC
(rev 33296)
+++ gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2014-05-14 16:50:49 UTC
(rev 33297)
@@ -580,18 +580,23 @@
* @param src Source of the plaintext. Can overlap with @c dst.
* @param size Size of the plaintext.
* @param iv Initialization Vector to use.
+ * @param force_newest_key Force the use of the newest key, otherwise
+ * CADET will use the old key when allowed.
+ * This can happen in the case when a KX is going on
+ * and the old one hasn't expired.
*/
static int
-t_encrypt (struct CadetTunnel *t,
- void *dst, const void *src,
- size_t size, uint32_t iv)
+t_encrypt (struct CadetTunnel *t, void *dst, const void *src,
+ size_t size, uint32_t iv, int force_newest_key)
{
struct GNUNET_CRYPTO_SymmetricInitializationVector siv;
struct GNUNET_CRYPTO_SymmetricSessionKey *e_key;
size_t out_size;
LOG (GNUNET_ERROR_TYPE_DEBUG, " t_encrypt start\n");
- if (NULL != t->kx_ctx && GNUNET_SCHEDULER_NO_TASK == t->kx_ctx->finish_task)
+ if (GNUNET_NO == force_newest_key
+ && NULL != t->kx_ctx
+ && GNUNET_SCHEDULER_NO_TASK == t->kx_ctx->finish_task)
{
struct GNUNET_TIME_Relative age;
@@ -805,7 +810,9 @@
derive_key_material (&km, &t->peers_ephemeral_key);
LOG (GNUNET_ERROR_TYPE_INFO, "km %s\n", GNUNET_h2s_full (&km));
derive_symmertic (&t->e_key, &my_full_id, GCP_get_id (t->peer), &km);
+ LOG (GNUNET_ERROR_TYPE_INFO, "ek %s\n", GNUNET_h2s_full (&t->e_key));
derive_symmertic (&t->d_key, GCP_get_id (t->peer), &my_full_id, &km);
+ LOG (GNUNET_ERROR_TYPE_INFO, "dk %s\n", GNUNET_h2s_full (&t->d_key));
}
@@ -977,7 +984,7 @@
msg = (struct GNUNET_CADET_Encrypted *) cbuf;
msg->header.type = htons (GNUNET_MESSAGE_TYPE_CADET_ENCRYPTED);
msg->iv = iv;
- GNUNET_assert (t_encrypt (t, &msg[1], message, size, iv) == size);
+ GNUNET_assert (t_encrypt (t, &msg[1], message, size, iv, GNUNET_NO) == size);
t_hmac (t, &msg[1], size, iv, GNUNET_YES, &msg->hmac);
msg->header.size = htons (sizeof (struct GNUNET_CADET_Encrypted) + size);
@@ -1199,7 +1206,8 @@
LOG (GNUNET_ERROR_TYPE_DEBUG, " sending %u\n", msg.nonce);
LOG (GNUNET_ERROR_TYPE_DEBUG, " towards %s\n", GNUNET_i2s (&msg.target));
- t_encrypt (t, &msg.target, &msg.target, ping_encryption_size(), msg.iv);
+ t_encrypt (t, &msg.target, &msg.target,
+ ping_encryption_size(), msg.iv, GNUNET_YES);
LOG (GNUNET_ERROR_TYPE_DEBUG, " e sending %u\n", msg.nonce);
LOG (GNUNET_ERROR_TYPE_DEBUG, " e towards %s\n", GNUNET_i2s (&msg.target));
@@ -1224,7 +1232,8 @@
msg.iv = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX);
msg.nonce = challenge;
LOG (GNUNET_ERROR_TYPE_DEBUG, " sending %u\n", msg.nonce);
- t_encrypt (t, &msg.nonce, &msg.nonce, sizeof (msg.nonce), msg.iv);
+ t_encrypt (t, &msg.nonce, &msg.nonce,
+ sizeof (msg.nonce), msg.iv, GNUNET_YES);
LOG (GNUNET_ERROR_TYPE_DEBUG, " e sending %u\n", msg.nonce);
send_kx (t, &msg.header);
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r33297 - gnunet/src/cadet,
gnunet <=