[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r35609 - gnunet/src/cadet
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r35609 - gnunet/src/cadet |
|
Date: |
Mon, 27 Apr 2015 21:14:57 +0200 |
Author: bartpolot
Date: 2015-04-27 21:14:57 +0200 (Mon, 27 Apr 2015)
New Revision: 35609
Modified:
gnunet/src/cadet/gnunet-service-cadet_peer.c
gnunet/src/cadet/gnunet-service-cadet_peer.h
Log:
- add ECDH key caching and verifying
Modified: gnunet/src/cadet/gnunet-service-cadet_peer.c
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_peer.c 2015-04-27 19:14:55 UTC
(rev 35608)
+++ gnunet/src/cadet/gnunet-service-cadet_peer.c 2015-04-27 19:14:57 UTC
(rev 35609)
@@ -22,6 +22,8 @@
#include "platform.h"
#include "gnunet_util_lib.h"
+#include "gnunet_signatures.h"
+
#include "gnunet_transport_service.h"
#include "gnunet_core_service.h"
#include "gnunet_statistics_service.h"
@@ -124,6 +126,11 @@
GNUNET_PEER_Id id;
/**
+ * Axolotl permanent public key.
+ */
+ struct GNUNET_CRYPTO_EcdhePublicKey ax_key;
+
+ /**
* Last time we heard from this peer
*/
struct GNUNET_TIME_Absolute last_contact;
@@ -2366,6 +2373,46 @@
/**
+ * Check if the given ECDH key is correct for the peer.
+ *
+ * This function caches the results if the key has been previoulsy checked,
+ * otherwise checks that the key is signed with the peer's ID (EdDSA key).
+ *
+ * TODO: save the cached public key to permanent storage / peerinfo.
+ *
+ * @param peer Peer whose key to check.
+ * @param key ECDH key to check.
+ * @param purpose Purpose of the signature (followed by the key).
+ * @param sig Signature with the peer's EdDSA key (PeerID).
+ */
+int
+GCP_check_key (struct CadetPeer *peer,
+ const struct GNUNET_CRYPTO_EcdhePublicKey *key,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ const struct GNUNET_CRYPTO_EddsaSignature *sig)
+{
+ struct GNUNET_CRYPTO_EddsaPublicKey *pub;
+ int verified;
+
+ /* Is it the same as the cached key? */
+ if (0 == memcmp (&peer->ax_key, key, sizeof (*key)))
+ return GNUNET_OK;
+
+ /* New key, verify. */
+ pub = (struct GNUNET_CRYPTO_EddsaPublicKey *) GCP_get_id (peer);
+ verified = GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_CADET_AXKX,
+ purpose, sig, pub);
+
+ if (GNUNET_OK != verified)
+ return GNUNET_SYSERR;
+
+ /* Cache key for later. */
+ peer->ax_key = *key;
+ return GNUNET_OK;
+}
+
+
+/**
* Notify a peer that a link between two other peers is broken. If any path
* used that link, eliminate it.
*
Modified: gnunet/src/cadet/gnunet-service-cadet_peer.h
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_peer.h 2015-04-27 19:14:55 UTC
(rev 35608)
+++ gnunet/src/cadet/gnunet-service-cadet_peer.h 2015-04-27 19:14:57 UTC
(rev 35609)
@@ -390,6 +390,25 @@
GCP_try_connect (struct CadetPeer *peer);
/**
+ * Check if the given ECDH key is correct for the peer.
+ *
+ * This function caches the results if the key has been previoulsy checked,
+ * otherwise checks that the key is signed with the peer's ID (EdDSA key).
+ *
+ * TODO: save the cached public key to permanent storage / peerinfo.
+ *
+ * @param peer Peer whose key to check.
+ * @param key ECDH key to check.
+ * @param purpose Purpose of the signature (followed by the key).
+ * @param sig Signature with the peer's EdDSA key (PeerID).
+ */
+int
+GCP_check_key (struct CadetPeer *peer,
+ const struct GNUNET_CRYPTO_EcdhePublicKey *key,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ const struct GNUNET_CRYPTO_EddsaSignature *sig);
+
+/**
* Notify a peer that a link between two other peers is broken. If any path
* used that link, eliminate it.
*
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r35609 - gnunet/src/cadet,
gnunet <=