[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] branch master updated: trying to make KX logic sli
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnunet] branch master updated: trying to make KX logic slightly more readable |
|
Date: |
Fri, 27 Jan 2017 14:30:53 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new 164e9747a trying to make KX logic slightly more readable
164e9747a is described below
commit 164e9747a9a90666c98d2dd31541bb11a3eee51d
Author: Christian Grothoff <address@hidden>
AuthorDate: Fri Jan 27 14:30:52 2017 +0100
trying to make KX logic slightly more readable
---
src/cadet/cadet_protocol.h | 67 +++++++++++++++++++++-----
src/cadet/gnunet-service-cadet-new_tunnels.c | 71 +++++++++++++---------------
src/include/gnunet_protocols.h | 19 ++++++--
3 files changed, 103 insertions(+), 54 deletions(-)
diff --git a/src/cadet/cadet_protocol.h b/src/cadet/cadet_protocol.h
index 8fb260dfd..e2d6f9d0b 100644
--- a/src/cadet/cadet_protocol.h
+++ b/src/cadet/cadet_protocol.h
@@ -205,7 +205,9 @@ enum GNUNET_CADET_KX_Flags {
struct GNUNET_CADET_TunnelKeyExchangeMessage
{
/**
- * Type: #GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX.
+ * Type: #GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX or
+ * #GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX_AUTH as part
+ * of `struct GNUNET_CADET_TunnelKeyExchangeAuthMessage`.
*/
struct GNUNET_MessageHeader header;
@@ -234,17 +236,57 @@ struct GNUNET_CADET_TunnelKeyExchangeMessage
*/
struct GNUNET_CRYPTO_EcdhePublicKey ratchet_key;
-#ifdef NEW_CADET
+};
+
+
+/**
+ * Message for a Key eXchange for a tunnel, with authentication.
+ * Used as a response to the initial KX as well as for rekeying.
+ */
+struct GNUNET_CADET_TunnelKeyExchangeAuthMessage
+{
+
/**
- * Proof that sender could compute the 3-DH, in lieu of a signature.
+ * Message header with key material.
*/
- struct GNUNET_HashCode triple_dh_proof;
-#endif
+ struct GNUNET_CADET_TunnelKeyExchangeMessage kx;
+
+ /**
+ * KDF-proof that sender could compute the 3-DH, used in lieu of a
+ * signature or payload data.
+ */
+ struct GNUNET_HashCode auth;
+
+};
+
+
+/**
+ * Encrypted axolotl header with numbers that identify which
+ * keys in which ratchet are to be used to decrypt the body.
+ */
+struct GNUNET_CADET_AxHeader
+{
+
+ /**
+ * Number of messages sent with the current ratchet key.
+ */
+ uint32_t Ns GNUNET_PACKED;
+
+ /**
+ * Number of messages sent with the previous ratchet key.
+ */
+ uint32_t PNs GNUNET_PACKED;
+
+ /**
+ * Current ratchet key.
+ */
+ struct GNUNET_CRYPTO_EcdhePublicKey DHRs;
+
};
/**
- * Axolotl tunnel message.
+ * Axolotl-encrypted tunnel message with application payload.
*/
struct GNUNET_CADET_TunnelEncryptedMessage
{
@@ -277,8 +319,13 @@ struct GNUNET_CADET_TunnelEncryptedMessage
*/
struct GNUNET_ShortHashCode hmac;
- /**************** AX_HEADER start ****************/
-
+ #if NEW_CADET
+ /**
+ * Axolotl-header that specifies which keys to use in which ratchet
+ * to decrypt the body that follows.
+ */
+ struct GNUNET_CADET_AxHeader ax_header;
+#else
/**
* Number of messages sent with the current ratchet key.
*/
@@ -293,9 +340,7 @@ struct GNUNET_CADET_TunnelEncryptedMessage
* Current ratchet key.
*/
struct GNUNET_CRYPTO_EcdhePublicKey DHRs;
-
- /**************** AX_HEADER end ****************/
-
+#endif
/**
* Encrypted content follows.
*/
diff --git a/src/cadet/gnunet-service-cadet-new_tunnels.c
b/src/cadet/gnunet-service-cadet-new_tunnels.c
index bd46dc151..020564d8e 100644
--- a/src/cadet/gnunet-service-cadet-new_tunnels.c
+++ b/src/cadet/gnunet-service-cadet-new_tunnels.c
@@ -25,9 +25,9 @@
*
* FIXME:
* - KX:
+ * + clean up KX logic, including adding sender authentication
* + implement rekeying
* + check KX estate machine -- make sure it is never stuck!
- * + clean up KX logic, including adding sender authentication
* - connection management
* + properly (evaluate, kill old ones, search for new ones)
* + when managing connections, distinguish those that
@@ -56,14 +56,6 @@
#define IDLE_DESTROY_DELAY
GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 90)
/**
- * Yuck, replace by 'offsetof' expression?
- * FIXME.
- */
-#define AX_HEADER_SIZE (sizeof (uint32_t) * 2\
- + sizeof (struct GNUNET_CRYPTO_EcdhePublicKey))
-
-
-/**
* Maximum number of skipped keys we keep in memory per tunnel.
*/
#define MAX_SKIPPED_KEYS 64
@@ -600,7 +592,8 @@ t_hmac (const void *plaintext,
key, sizeof (*key),
ctx, sizeof (ctx),
NULL);
- /* Two step: CADET_Hash is only 256 bits, HashCode is 512. */
+ /* Two step: GNUNET_ShortHash is only 256 bits,
+ GNUNET_HashCode is 512, so we truncate. */
GNUNET_CRYPTO_hmac (&auth_key,
plaintext,
size,
@@ -814,12 +807,12 @@ t_h_encrypt (struct CadetTunnel *t,
&ax->HKs,
NULL, 0,
NULL);
- out_size = GNUNET_CRYPTO_symmetric_encrypt (&msg->Ns,
- AX_HEADER_SIZE,
+ out_size = GNUNET_CRYPTO_symmetric_encrypt (&msg->ax_header.Ns,
+ sizeof (struct
GNUNET_CADET_AxHeader),
&ax->HKs,
&iv,
- &msg->Ns);
- GNUNET_assert (AX_HEADER_SIZE == out_size);
+ &msg->ax_header.Ns);
+ GNUNET_assert (sizeof (struct GNUNET_CADET_AxHeader) == out_size);
}
@@ -844,12 +837,12 @@ t_h_decrypt (struct CadetTunnel *t,
&ax->HKr,
NULL, 0,
NULL);
- out_size = GNUNET_CRYPTO_symmetric_decrypt (&src->Ns,
- AX_HEADER_SIZE,
+ out_size = GNUNET_CRYPTO_symmetric_decrypt (&src->ax_header.Ns,
+ sizeof (struct
GNUNET_CADET_AxHeader),
&ax->HKr,
&iv,
- &dst->Ns);
- GNUNET_assert (AX_HEADER_SIZE == out_size);
+ &dst->ax_header.Ns);
+ GNUNET_assert (sizeof (struct GNUNET_CADET_AxHeader) == out_size);
}
@@ -906,8 +899,8 @@ try_old_ax_keys (struct CadetTunnel *t,
valid_HK = NULL;
for (key = t->ax.skipped_head; NULL != key; key = key->next)
{
- t_hmac (&src->Ns,
- AX_HEADER_SIZE + esize,
+ t_hmac (&src->ax_header,
+ sizeof (struct GNUNET_CADET_AxHeader) + esize,
0,
&key->HK,
hmac);
@@ -932,15 +925,15 @@ try_old_ax_keys (struct CadetTunnel *t,
&key->HK,
NULL, 0,
NULL);
- res = GNUNET_CRYPTO_symmetric_decrypt (&src->Ns,
- AX_HEADER_SIZE,
+ res = GNUNET_CRYPTO_symmetric_decrypt (&src->ax_header.Ns,
+ sizeof (struct GNUNET_CADET_AxHeader),
&key->HK,
&iv,
- &plaintext_header.Ns);
- GNUNET_assert (AX_HEADER_SIZE == res);
+ &plaintext_header.ax_header.Ns);
+ GNUNET_assert (sizeof (struct GNUNET_CADET_AxHeader) == res);
/* Find the correct message key */
- N = ntohl (plaintext_header.Ns);
+ N = ntohl (plaintext_header.ax_header.Ns);
while ( (NULL != key) &&
(N != key->Kn) )
key = key->next;
@@ -1077,8 +1070,8 @@ t_ax_decrypt_and_validate (struct CadetTunnel *t,
ax = &t->ax;
/* Try current HK */
- t_hmac (&src->Ns,
- AX_HEADER_SIZE + esize,
+ t_hmac (&src->ax_header,
+ sizeof (struct GNUNET_CADET_AxHeader) + esize,
0, &ax->HKr,
&msg_hmac);
if (0 != memcmp (&msg_hmac,
@@ -1092,8 +1085,8 @@ t_ax_decrypt_and_validate (struct CadetTunnel *t,
struct GNUNET_CRYPTO_EcdhePublicKey *DHRp;
/* Try Next HK */
- t_hmac (&src->Ns,
- AX_HEADER_SIZE + esize,
+ t_hmac (&src->ax_header,
+ sizeof (struct GNUNET_CADET_AxHeader) + esize,
0,
&ax->NHKr,
&msg_hmac);
@@ -1112,9 +1105,9 @@ t_ax_decrypt_and_validate (struct CadetTunnel *t,
t_h_decrypt (t,
src,
&plaintext_header);
- Np = ntohl (plaintext_header.Ns);
- PNp = ntohl (plaintext_header.PNs);
- DHRp = &plaintext_header.DHRs;
+ Np = ntohl (plaintext_header.ax_header.Ns);
+ PNp = ntohl (plaintext_header.ax_header.PNs);
+ DHRp = &plaintext_header.ax_header.DHRs;
store_ax_keys (t,
&HK,
PNp);
@@ -1144,8 +1137,8 @@ t_ax_decrypt_and_validate (struct CadetTunnel *t,
t_h_decrypt (t,
src,
&plaintext_header);
- Np = ntohl (plaintext_header.Ns);
- PNp = ntohl (plaintext_header.PNs);
+ Np = ntohl (plaintext_header.ax_header.Ns);
+ PNp = ntohl (plaintext_header.ax_header.PNs);
}
if ( (Np != ax->Nr) &&
(GNUNET_OK != store_ax_keys (t,
@@ -2473,14 +2466,14 @@ GCT_send (struct CadetTunnel *t,
&ax_msg[1],
message,
payload_size);
- ax_msg->Ns = htonl (t->ax.Ns++);
- ax_msg->PNs = htonl (t->ax.PNs);
+ ax_msg->ax_header.Ns = htonl (t->ax.Ns++);
+ ax_msg->ax_header.PNs = htonl (t->ax.PNs);
GNUNET_CRYPTO_ecdhe_key_get_public (t->ax.DHRs,
- &ax_msg->DHRs);
+ &ax_msg->ax_header.DHRs);
t_h_encrypt (t,
ax_msg);
- t_hmac (&ax_msg->Ns,
- AX_HEADER_SIZE + payload_size,
+ t_hmac (&ax_msg->ax_header,
+ sizeof (struct GNUNET_CADET_AxHeader) + payload_size,
0,
&t->ax.HKs,
&ax_msg->hmac);
diff --git a/src/include/gnunet_protocols.h b/src/include/gnunet_protocols.h
index 4079aa0e4..1b6152206 100644
--- a/src/include/gnunet_protocols.h
+++ b/src/include/gnunet_protocols.h
@@ -2651,10 +2651,21 @@ extern "C"
/**
* Hop-by-hop, connection dependent ACK.
+ *
+ * @deprecated
*/
#define GNUNET_MESSAGE_TYPE_CADET_CONNECTION_HOP_BY_HOP_ENCRYPTED_ACK 1005
/**
+ * We do not bother with ACKs for
+ * #GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED messages, but we instead
+ * poll for one if we got nothing for a while and start to be worried.
+ *
+ * @deprecated
+ */
+#define GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED_POLL 1006
+
+/**
* Axolotl key exchange.
*/
#define GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX 1007
@@ -2665,11 +2676,9 @@ extern "C"
#define GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED 1008
/**
- * We do not bother with ACKs for
- * #GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED messages, but we instead
- * poll for one if we got nothing for a while and start to be worried.
+ * Axolotl key exchange response with authentication.
*/
-#define GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED_POLL 1006
+#define GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX_AUTH 1009
@@ -2707,6 +2716,8 @@ extern "C"
/**
* Reject the creation of a channel
+ *
+ * @deprecated
*/
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_NACK_DEPRECATED 1016
--
To stop receiving notification emails like this one, please contact
address@hidden
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnunet] branch master updated: trying to make KX logic slightly more readable,
gnunet <=