33#include "gnunet_signatures.h"
45#define INITIAL_SET_KEY_RETRY_FREQUENCY \
46 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 10)
51#define MIN_PING_FREQUENCY \
52 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5)
57#define REKEY_FREQUENCY \
58 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 12)
63#define REKEY_TOLERANCE \
64 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
73#define MAX_MESSAGE_AGE GNUNET_TIME_UNIT_DAYS
76#if CONG_CRYPTO_ENABLED
93 unsigned char nonce[crypto_aead_xchacha20poly1305_ietf_NPUBBYTES];
103 unsigned char tag[crypto_aead_xchacha20poly1305_ietf_ABYTES];
178#define ENCRYPTED_HEADER_SIZE \
179 (offsetof (struct EncryptedMessage, sequence_number))
222#if CONG_CRYPTO_ENABLED
227 unsigned char encrypt_key[crypto_aead_xchacha20poly1305_ietf_KEYBYTES];
233 unsigned char decrypt_key[crypto_aead_xchacha20poly1305_ietf_KEYBYTES];
353#if ! CONG_CRYPTO_ENABLED
384 msg.state = htonl ((uint32_t) kx->
status);
392#if ! CONG_CRYPTO_ENABLED
405 static const char ctx[] =
"authentication key";
412 "Deriving Auth key from SKEY %s and seed %u\n",
414 (
unsigned int)
seed);
443 static const char ctx[] =
"initialization vector";
450 "Deriving IV from SKEY %s and seed %u for peer %s\n",
483 static const char ctx[] =
"pong initialization vector";
490 "Deriving PONG IV from SKEY %s and seed %u/%u for %s\n",
493 (
unsigned int) challenge,
513#if CONG_CRYPTO_ENABLED
528 static const char ctx[] =
"xchacha20 key generation vector";
532 "Deriving XChaCha20 Key for %s to %s from %s\n",
538 crypto_aead_xchacha20poly1305_ietf_KEYBYTES,
567 static const char ctx[] =
"aes key generation vector";
574 "Deriving AES Keys for %s to %s from %s\n",
595#if ! CONG_CRYPTO_ENABLED
633 "Encrypted %u bytes for `%s' using key %s, IV %u\n",
645#if ! CONG_CRYPTO_ENABLED
694 "Decrypted %u bytes from `%s' using key %s, IV %u\n",
751#if CONG_CRYPTO_ENABLED
752 randombytes_buf (
pm->nonce, sizeof (
pm->nonce));
754 crypto_aead_xchacha20poly1305_ietf_encrypt_detached (
755 (
unsigned char*) &
pm->target,
758 (
unsigned char*) &pp.
target,
774 - ((
void *) &
pm->target - (
void *)
pm));
797 "Decrypted message of type %d from %s\n",
808 switch (ntohs (
m->type))
852 "Initiating key exchange with `%s'\n",
908 "Peer `%s' disconnected from us.\n",
970#if CONG_CRYPTO_ENABLED
981 memset (&key_material, 0,
sizeof(key_material));
1017 "Received expired EPHEMERAL_KEY from %s\n",
1019 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1022 if (0 == memcmp (&
m->ephemeral_key,
1024 sizeof(
m->ephemeral_key)))
1028 "# duplicate ephemeral keys. Not verifying."),
1032 "Duplicate EPHEMERAL_KEY from %s, do not verify\n",
1036 if (0 != memcmp (&
m->origin_identity,
1041 "Received EPHEMERAL_KEY from %s, but expected %s\n",
1045 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1048 if (do_verify && ((ntohl (
m->purpose.size) !=
1059 &
m->origin_identity.public_key
1066 "# EPHEMERAL_KEYs rejected (bad signature)"),
1070 "Received EPHEMERAL_KEY from %s with bad signature\n",
1072 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1085 "EPHEMERAL_KEY from peer `%s' rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"),
1092 "# EPHEMERAL_KEY messages rejected due to time")
1096 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1105 "Received valid EPHEMERAL_KEY `%s' from `%s' in state %d.\n",
1120 sender_status = ntohl (
m->sender_status);
1121 switch (sender_status)
1200 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1223#if CONG_CRYPTO_ENABLED
1239 "# PING messages dropped (out of order)"),
1242 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1246 "Core service receives PING request from `%s'.\n",
1248#if CONG_CRYPTO_ENABLED
1249 if (0 != crypto_aead_xchacha20poly1305_ietf_decrypt_detached (
1250 (
unsigned char*) &
t.target,
1252 (
unsigned char*) &
m->target,
1253 sizeof (
m->target) + sizeof (
m->challenge),
1260 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1270 - ((
void *) &
m->target - (
void *)
m)))
1273 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1282 "Decryption of PING from peer `%s' failed, PING for `%s'?\n",
1288 "Decryption of PING from peer `%s' failed after rekey (harmless)\n",
1291 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1299#if CONG_CRYPTO_ENABLED
1300 randombytes_buf (tp->nonce, sizeof (tp->nonce));
1302 crypto_aead_xchacha20poly1305_ietf_encrypt_detached (
1308 - ((
void *) &tp->
challenge - (
void *) tp),
1321 - ((
void *) &tp->
challenge - (
void *) tp));
1334 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1366 "Sending KEEPALIVE to `%s'\n",
1423#if CONG_CRYPTO_ENABLED
1437 "# PONG messages dropped (connection down)"),
1440 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1446 "# PONG messages dropped (out of order)"),
1449 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1463 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1467 "Core service receives PONG response from `%s'.\n",
1470 memset (&
t, 255,
sizeof(
t));
1471#if CONG_CRYPTO_ENABLED
1472 if (0 != crypto_aead_xchacha20poly1305_ietf_decrypt_detached (
1473 (
unsigned char*) &
t.challenge,
1475 (
unsigned char*) &
m->challenge,
1477 - ((
void *) &
m->challenge - (
void *)
m),
1484 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1498 - ((
void *) &
m->challenge - (
void *)
m)))
1501 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1515 "Received malformed PONG wanted sender `%s' with challenge %u\n",
1519 "Received malformed PONG received from `%s' with challenge %u\n",
1521 (
unsigned int)
t.challenge);
1522 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1526 "Received valid PONG from `%s'\n",
1538 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1543 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1549 "# session keys confirmed via PONG"),
1570 "# rekey operations confirmed via PONG"),
1582 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1611 "Sending EPHEMERAL_KEY %s to `%s' (my status: %d)\n",
1632 size_t payload_size)
1639#if CONG_CRYPTO_ENABLED
1653#if CONG_CRYPTO_ENABLED
1654 randombytes_buf (ph->nonce, sizeof (ph->nonce));
1656 crypto_aead_xchacha20poly1305_ietf_encrypt_detached (
1683 "Encrypted payload `%s' of %u bytes for %s\n",
1700 "For peer %s, used AC %s to create hmac %s\n",
1723 uint16_t
size = ntohs (
m->header.size) -
sizeof(*m);
1748 uint16_t
size = ntohs (
m->header.size);
1755 "# DATA message dropped (out of order)"),
1758 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1767 "Session to peer `%s' went down due to key expiration (should not happen)\n"),
1771 "# sessions terminated by key expiration"),
1783 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1794 "Received encrypted payload `%s' of %u bytes from %s\n",
1801#if CONG_CRYPTO_ENABLED
1802 if (0 != crypto_aead_xchacha20poly1305_ietf_decrypt_detached (
1805 (
unsigned char*) &
m->sequence_number,
1813 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1823 &
m->sequence_number,
1832 "For peer %s, used AC %s to verify hmac %s\n",
1842 "Failed checksum validation for a message from `%s'\n",
1844 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1851 &
m->sequence_number,
1856 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1862 "Decrypted %u bytes from %s\n",
1872 "Received duplicate message, ignoring.\n");
1878 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1885 "Received ancient out of sequence message, ignoring.\n");
1889 "# bytes dropped (out of sequence)"),
1892 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1902 "Received duplicate message, ignoring.\n");
1908 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1930 "Message received far too old (%s). Content ignored.\n",
1936 "# bytes dropped (ancient message)"),
1939 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1957 GNUNET_TRANSPORT_core_receive_continue (
transport, kx->
peer);
1982 "USE_EPHEMERAL_KEYS"))
2084 "Starting with ephemeral key %s\n",
2178 msg->state = htonl ((uint32_t) kx->
status);
struct GNUNET_MQ_MessageHandlers handlers[]
struct GNUNET_MQ_Handle * mq
struct GNUNET_MessageHeader * msg
struct GNUNET_MQ_Envelope * env
#define GNUNET_CORE_OPTION_SEND_FULL_INBOUND
Client wants all inbound messages in full.
#define GNUNET_CORE_OPTION_SEND_HDR_INBOUND
Client just wants the 4-byte message headers of all inbound messages.
#define gettext_noop(String)
static struct GNUNET_ARM_MonitorHandle * m
Monitor connection with ARM.
static struct GNUNET_FS_Handle * ctx
static struct GNUNET_IDENTITY_Handle * sh
Handle to IDENTITY service.
struct GNUNET_CRYPTO_PrivateKey pk
Private key from command line option, or NULL.
static struct GNUNET_IDENTITY_Handle * identity
Which namespace do we publish to? NULL if we do not publish to a namespace.
const struct GNUNET_CONFIGURATION_Handle * GSC_cfg
Our configuration.
struct GNUNET_PeerIdentity GSC_my_identity
Our identity.
void GSC_CLIENTS_deliver_message(const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg, uint16_t msize, uint32_t options)
Deliver P2P message to interested clients.
struct GNUNET_STATISTICS_Handle * GSC_stats
For creating statistics.
Globals for gnunet-service-core.
static void handle_pong(void *cls, const struct PongMessage *m)
We received a PONG message.
static void handle_encrypted(void *cls, const struct EncryptedMessage *m)
We received an encrypted message.
static void set_key_retry_task(void *cls)
Task that will retry send_key() if our previous attempt failed.
#define REKEY_TOLERANCE
What time difference do we tolerate?
unsigned int GSC_NEIGHBOURS_get_queue_length(const struct GSC_KeyExchangeInfo *kxinfo)
Check how many messages are queued for the given neighbour.
static struct GNUNET_CRYPTO_EddsaPrivateKey my_private_key
Our private key.
static struct GNUNET_CRYPTO_EcdhePrivateKey my_ephemeral_key
Our ephemeral private key.
int GSC_NEIGHBOURS_check_excess_bandwidth(const struct GSC_KeyExchangeInfo *kxinfo)
Check if the given neighbour has excess bandwidth available.
static void derive_aes_key(const struct GNUNET_PeerIdentity *sender, const struct GNUNET_PeerIdentity *receiver, const struct GNUNET_HashCode *key_material, struct GNUNET_CRYPTO_SymmetricSessionKey *skey)
Derive an AES key from key material.
#define MIN_PING_FREQUENCY
What is the minimum frequency for a PING message?
static struct GSC_KeyExchangeInfo * kx_tail
DLL tail.
void GSC_KX_handle_client_monitor_peers(struct GNUNET_MQ_Handle *mq)
Handle GNUNET_MESSAGE_TYPE_CORE_MONITOR_PEERS request.
static void handle_ephemeral_key(void *cls, const struct EphemeralKeyMessage *m)
We received a GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY message.
#define REKEY_FREQUENCY
How often do we rekey?
static void sign_ephemeral_key()
Setup the message that links the ephemeral key to our persistent public key and generate the appropri...
static void handle_transport_notify_disconnect(void *cls, const struct GNUNET_PeerIdentity *peer, void *handler_cls)
Function called by transport telling us that a peer disconnected.
static struct GNUNET_NotificationContext * nc
Notification context for broadcasting to monitors.
void GSC_KX_encrypt_and_transmit(struct GSC_KeyExchangeInfo *kx, const void *payload, size_t payload_size)
Encrypt and transmit a message with the given payload.
static int check_encrypted(void *cls, const struct EncryptedMessage *m)
We received an encrypted message.
static void send_key(struct GSC_KeyExchangeInfo *kx)
Send our key (and encrypted PING) to the other peer.
static uint32_t calculate_seed(struct GSC_KeyExchangeInfo *kx)
Calculate seed value we should use for a message.
static void handle_ping(void *cls, const struct PingMessage *m)
We received a PING message.
static struct GSC_KeyExchangeInfo * kx_head
DLL head.
static struct EphemeralKeyMessage current_ekm
Current message we send for a key exchange.
int GSC_KX_init(struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
Initialize KX subsystem.
static void do_rekey(void *cls)
Task run to trigger rekeying.
#define MAX_MESSAGE_AGE
What is the maximum age of a message for us to consider processing it? Note that this looks at the ti...
#define INITIAL_SET_KEY_RETRY_FREQUENCY
How long do we wait for SET_KEY confirmation initially?
void GSC_KX_done()
Shutdown KX subsystem.
#define ENCRYPTED_HEADER_SIZE
Number of bytes (at the beginning) of struct EncryptedMessage that are NOT encrypted.
static void derive_session_keys(struct GSC_KeyExchangeInfo *kx)
Derive fresh session keys from the current ephemeral keys.
static void * handle_transport_notify_connect(void *cls, const struct GNUNET_PeerIdentity *pid, struct GNUNET_MQ_Handle *mq)
Function called by transport to notify us that a peer connected to us (on the network level).
static void derive_auth_key(struct GNUNET_CRYPTO_AuthKey *akey, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed)
Derive an authentication key from "set key" information.
static void setup_fresh_ping(struct GSC_KeyExchangeInfo *kx)
Create a fresh PING message for transmission to the other peer.
static void update_timeout(struct GSC_KeyExchangeInfo *kx)
We've seen a valid message from the other peer.
static void send_ping(struct GSC_KeyExchangeInfo *kx)
Send our PING to the other peer.
static void derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed, const struct GNUNET_PeerIdentity *identity)
Derive an IV from packet information.
static void send_keep_alive(void *cls)
Task triggered when a neighbour entry is about to time out (and we should prevent this by sending a P...
static int do_decrypt(struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
Decrypt size bytes from in and write the result to out.
static int deliver_message(void *cls, const struct GNUNET_MessageHeader *m)
Deliver P2P message to interested clients.
static void monitor_notify_all(struct GSC_KeyExchangeInfo *kx)
Inform all monitors about the KX state of the given peer.
static struct GNUNET_SCHEDULER_Task * rekey_task
Task scheduled for periodic re-generation (and thus rekeying) of our ephemeral key.
static struct GNUNET_TRANSPORT_CoreHandle * transport
Transport service.
static int do_encrypt(struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
Encrypt size bytes from in and write the result to out.
static void derive_pong_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed, uint32_t challenge, const struct GNUNET_PeerIdentity *identity)
Derive an IV from pong packet information.
code for managing the key exchange (SET_KEY, PING, PONG) with other peers
void GSC_SESSIONS_reinit(const struct GNUNET_PeerIdentity *peer)
The other peer has indicated that it 'lost' the session (KX down), reinitialize the session on our en...
void GSC_SESSIONS_end(const struct GNUNET_PeerIdentity *pid)
End the session with the given peer (we are no longer connected).
void GSC_SESSIONS_confirm_typemap(const struct GNUNET_PeerIdentity *peer, const struct GNUNET_MessageHeader *msg)
The other peer has confirmed receiving our type map, check if it is current and if so,...
void GSC_SESSIONS_create(const struct GNUNET_PeerIdentity *peer, struct GSC_KeyExchangeInfo *kx)
Create a session, a key exchange was just completed.
void GSC_SESSIONS_set_typemap(const struct GNUNET_PeerIdentity *peer, const struct GNUNET_MessageHeader *msg)
We've received a typemap message from a peer, update ours.
static unsigned long long payload
How much data are we currently storing in the database?
static struct GNUNET_PeerIdentity pid
Identity of the peer we transmit to / connect to.
static struct GNUNET_TRANSPORT_PluginMonitor * pm
Handle if we are monitoring plugin session activity.
static struct GNUNET_SCHEDULER_Task * t
Main task.
Constants for network protocols.
API of the transport service towards the CORE service (TNG version)
struct GNUNET_TRANSPORT_CoreHandle * GNUNET_TRANSPORT_core_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_PeerIdentity *self, const struct GNUNET_MQ_MessageHandler *handlers, void *cls, GNUNET_TRANSPORT_NotifyConnect nc, GNUNET_TRANSPORT_NotifyDisconnect nd)
Connect to the transport service.
void GNUNET_TRANSPORT_core_disconnect(struct GNUNET_TRANSPORT_CoreHandle *handle)
Disconnect from the transport service.
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_yesno(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option)
Get a configuration value that should be in a set of "YES" or "NO".
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don't receive messages from the peer?
GNUNET_CORE_KxState
State machine for our P2P encryption handshake.
@ GNUNET_CORE_KX_PEER_DISCONNECT
Last state of a KX (when it is being terminated).
@ GNUNET_CORE_KX_STATE_UP
The other peer has confirmed our session key + PING with a PONG message encrypted with their session ...
@ GNUNET_CORE_KX_STATE_DOWN
No handshake yet.
@ GNUNET_CORE_KX_STATE_KEY_SENT
We've sent our session key.
@ GNUNET_CORE_KX_STATE_KEY_RECEIVED
We've received the other peers session key.
@ GNUNET_CORE_KX_ITERATION_FINISHED
This is not a state in a peer's state machine, but a special value used with the GNUNET_CORE_MonitorC...
@ GNUNET_CORE_KX_STATE_REKEY_SENT
We're rekeying (or had a timeout), so we have sent the other peer our new ephemeral key,...
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecc_ecdh(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a public and a private ECC key.
void GNUNET_CRYPTO_ecdhe_key_create(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
ssize_t GNUNET_CRYPTO_symmetric_encrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Encrypt a block using a symmetric sessionkey.
void GNUNET_CRYPTO_symmetric_derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
Derive an IV.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_sign_(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
EdDSA sign a given block.
uint32_t GNUNET_CRYPTO_random_u32(enum GNUNET_CRYPTO_Quality mode, uint32_t i)
Produce a random value.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_verify_(uint32_t purpose, const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Verify EdDSA signature.
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
ssize_t GNUNET_CRYPTO_symmetric_decrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Decrypt a given block using a symmetric sessionkey.
@ GNUNET_CRYPTO_QUALITY_WEAK
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
@ GNUNET_CRYPTO_QUALITY_NONCE
Randomness for IVs etc.
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
int32_t GNUNET_CRYPTO_crc32_n(const void *buf, size_t len)
Compute the CRC32 checksum for the first len bytes of the buffer.
void GNUNET_CRYPTO_hmac(const struct GNUNET_CRYPTO_AuthKey *key, const void *plaintext, size_t plaintext_len, struct GNUNET_HashCode *hmac)
Calculate HMAC of a message (RFC 2104)
int GNUNET_CRYPTO_hash_cmp(const struct GNUNET_HashCode *h1, const struct GNUNET_HashCode *h2)
Compare function for HashCodes, producing a total ordering of all hashcodes.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
void GNUNET_CRYPTO_hmac_derive_key(struct GNUNET_CRYPTO_AuthKey *key, const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, const void *salt, size_t salt_len,...)
Derive an authentication key.
#define GNUNET_NETWORK_STRUCT_BEGIN
Define as empty, GNUNET_PACKED should suffice, but this won't work on W32.
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
#define GNUNET_log(kind,...)
#define GNUNET_NETWORK_STRUCT_END
Define as empty, GNUNET_PACKED should suffice, but this won't work on W32;.
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to 'struct's.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
GNUNET_GenericReturnValue
Named constants for return values.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format.
#define GNUNET_PACKED
gcc-ism to get packed structs.
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
const char * GNUNET_i2s_full(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur.
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
const char * GNUNET_h2s2(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
const char * GNUNET_i2s2(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
@ GNUNET_ERROR_TYPE_WARNING
@ GNUNET_ERROR_TYPE_DEBUG
#define GNUNET_new(type)
Allocate a struct or union of the given type.
#define GNUNET_free(ptr)
Wrapper around free.
void GNUNET_notification_context_destroy(struct GNUNET_NotificationContext *nc)
Destroy the context, force disconnect for all subscribers.
struct GNUNET_MQ_Envelope * GNUNET_MQ_msg_copy(const struct GNUNET_MessageHeader *hdr)
Create a new envelope by copying an existing message.
unsigned int GNUNET_MQ_get_length(struct GNUNET_MQ_Handle *mq)
Obtain the current length of the message queue.
void GNUNET_MQ_send(struct GNUNET_MQ_Handle *mq, struct GNUNET_MQ_Envelope *ev)
Send a message with the given message queue.
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
#define GNUNET_MQ_msg_extra(mvar, esize, type)
Allocate an envelope, with extra space allocated after the space needed by the message struct.
struct GNUNET_NotificationContext * GNUNET_notification_context_create(unsigned int queue_length)
Create a new notification context.
void GNUNET_notification_context_broadcast(struct GNUNET_NotificationContext *nc, const struct GNUNET_MessageHeader *msg, int can_drop)
Send a message to all subscribers of this context.
#define GNUNET_MQ_msg(mvar, type)
Allocate a GNUNET_MQ_Envelope.
#define GNUNET_MQ_hd_var_size(name, code, str, ctx)
#define GNUNET_MQ_hd_fixed_size(name, code, str, ctx)
void GNUNET_notification_context_add(struct GNUNET_NotificationContext *nc, struct GNUNET_MQ_Handle *mq)
Add a subscriber to the notification context.
#define GNUNET_MESSAGE_TYPE_CORE_PING
Check that other peer is alive (challenge).
#define GNUNET_MESSAGE_TYPE_CORE_BINARY_TYPE_MAP
uncompressed type map of the sender
#define GNUNET_MESSAGE_TYPE_CORE_PONG
Confirmation that other peer is alive.
#define GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE
Encapsulation for an encrypted message between peers.
#define GNUNET_MESSAGE_TYPE_CORE_COMPRESSED_TYPE_MAP
gzip-compressed type map of the sender
#define GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY
Reply for monitor by CORE service.
#define GNUNET_MESSAGE_TYPE_CORE_CONFIRM_TYPE_MAP
Other peer confirms having received the type map.
#define GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY
Session key exchange between peers.
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
enum GNUNET_GenericReturnValue GNUNET_MST_from_buffer(struct GNUNET_MessageStreamTokenizer *mst, const char *buf, size_t size, int purge, int one_shot)
Add incoming data to the receive buffer and call the callback for all complete messages.
struct GNUNET_MessageStreamTokenizer * GNUNET_MST_create(GNUNET_MessageTokenizerCallback cb, void *cb_cls)
Create a message stream tokenizer.
void GNUNET_MST_destroy(struct GNUNET_MessageStreamTokenizer *mst)
Destroys a tokenizer.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_duration(struct GNUNET_TIME_Absolute whence)
Get the duration of an operation as the difference of the current time and the given start time "henc...
struct GNUNET_TIME_Relative GNUNET_TIME_relative_max(struct GNUNET_TIME_Relative t1, struct GNUNET_TIME_Relative t2)
Return the maximum of two relative time values.
#define GNUNET_TIME_UNIT_SECONDS
One second.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
const char * GNUNET_STRINGS_relative_time_to_string(struct GNUNET_TIME_Relative delta, int do_round)
Give relative time in human-readable fancy format.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_ntoh(struct GNUNET_TIME_AbsoluteNBO a)
Convert absolute time from network byte order.
struct GNUNET_TIME_Relative GNUNET_TIME_relative_add(struct GNUNET_TIME_Relative a1, struct GNUNET_TIME_Relative a2)
Add relative times together.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_subtract(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Subtract a given relative duration from the given start time.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
struct GNUNET_TIME_Relative GNUNET_TIME_relative_divide(struct GNUNET_TIME_Relative rel, unsigned long long factor)
Divide relative time by a given factor.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_difference(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Absolute end)
Compute the time difference between the given start and end times.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
#define GNUNET_TIME_UNIT_FOREVER_ABS
Constant used to specify "forever".
#define GNUNET_TIME_STD_BACKOFF(r)
Perform our standard exponential back-off calculation, starting at 1 ms and then going by a factor of...
static unsigned int size
Size of the "table".
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
static struct GNUNET_TIME_Relative delta
#define GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY
Purpose is to set a session key.
Encapsulation for encrypted messages exchanged between peers.
uint32_t iv_seed
Random value used for IV generation.
struct GNUNET_TIME_AbsoluteNBO timestamp
Timestamp.
uint32_t sequence_number
Sequence number, in network byte order.
struct GNUNET_HashCode hmac
MAC of the encrypted message (starting at sequence_number), used to verify message integrity.
struct GNUNET_MessageHeader header
Message type is GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE.
uint32_t reserved
Reserved, always zero.
Message transmitted with the signed ephemeral key of a peer.
struct GNUNET_PeerIdentity origin_identity
Public key of the signing peer (persistent version, not the ephemeral public key).
struct GNUNET_MessageHeader header
Message type is GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY.
int32_t sender_status
Status of the sender (should be in enum PeerStateMachine), nbo.
struct GNUNET_TIME_AbsoluteNBO expiration_time
When does the given ephemeral key expire (end of validity).
struct GNUNET_CRYPTO_EddsaSignature signature
An ECC signature of the origin_identity asserting the validity of the given ephemeral key.
struct GNUNET_TIME_AbsoluteNBO creation_time
At what time was this key created (beginning of validity).
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Information about what is being signed.
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key
Ephemeral public ECC key.
type for (message) authentication keys
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!...
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
Private ECC key encoded for transmission.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
Private ECC key encoded for transmission.
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...
unsigned char aes_key[(256/8)]
Actual key for AES.
Handle to a message queue.
Message handler for a specific message type.
Handle to a message stream tokenizer.
The notification context is the key datastructure for a convenience API used for transmission of noti...
The identity of the host (wraps the signing key of the peer).
struct GNUNET_CRYPTO_EddsaPublicKey public_key
Entry in list of pending tasks.
Time for absolute time used by GNUnet, in microseconds and in network byte order.
Time for absolute times used by GNUnet, in microseconds.
uint64_t abs_value_us
The actual value.
Time for relative time used by GNUnet, in microseconds.
uint64_t rel_value_us
The actual value.
Handle for the transport service (includes all of the state for the transport service).
Information about the status of a key exchange with another peer.
struct GSC_KeyExchangeInfo * prev
DLL.
struct GNUNET_CRYPTO_SymmetricSessionKey encrypt_key
Key we use to encrypt our messages for the other peer (initialized by us when we do the handshake).
struct GNUNET_SCHEDULER_Task * retry_set_key_task
ID of task used for re-trying SET_KEY and PING message.
struct GNUNET_TIME_Relative set_key_retry_frequency
At what frequency are we currently re-trying SET_KEY messages?
struct GNUNET_TIME_Absolute last_notify_timeout
What was the last timeout we informed our monitors about?
const struct GNUNET_PeerIdentity * peer
Identity of the peer.
uint32_t last_sequence_number_sent
last sequence number transmitted
struct GNUNET_MessageStreamTokenizer * mst
Our message stream tokenizer (for encrypted payload).
struct GSC_KeyExchangeInfo * next
DLL.
uint32_t ping_challenge
What was our PING challenge number (for this peer)?
struct GNUNET_MQ_Handle * mq
Message queue for sending messages to peer.
uint32_t last_sequence_number_received
last sequence number received on this connection (highest)
struct GNUNET_CRYPTO_EcdhePublicKey other_ephemeral_key
Ephemeral public ECC key of the other peer.
struct GNUNET_CRYPTO_SymmetricSessionKey decrypt_key
Key we use to decrypt messages from the other peer (given to us by the other peer during the handshak...
struct GNUNET_TIME_Absolute timeout
When should the session time out (if there are no PONGs)?
int has_excess_bandwidth
GNUNET_YES if this peer currently has excess bandwidth.
struct PingMessage ping
PING message we transmit to the other peer.
struct GNUNET_SCHEDULER_Task * keep_alive_task
ID of task used for sending keep-alive pings.
enum GNUNET_CORE_KxState status
What is our connection status?
struct GNUNET_TIME_Absolute foreign_key_expires
At what time did the other peer generate the decryption key?
uint32_t last_packets_bitmap
Bit map indicating which of the 32 sequence numbers before the last were received (good for accepting...
Message sent by the service to monitor clients to notify them about a peer changing status.
uint32_t state
New peer state, an enum GNUNET_CORE_KxState in NBO.
struct GNUNET_TIME_AbsoluteNBO timeout
How long will we stay in this state (if nothing else happens)?
We're sending an (encrypted) PING to the other peer to check if it can decrypt.
struct GNUNET_MessageHeader header
Message type is GNUNET_MESSAGE_TYPE_CORE_PING.
struct GNUNET_PeerIdentity target
Intended target of the PING, used primarily to check that decryption actually worked.
uint32_t challenge
Random number chosen to make replay harder.
uint32_t challenge
Random number to make replay attacks harder.
uint32_t reserved
Reserved, always zero.
uint32_t iv_seed
Seed for the IV.
struct GNUNET_PeerIdentity target
Intended target of the PING, used primarily to check that decryption actually worked.
1.9.4