GNUnet  0.11.x
gnunet-service-core_kx.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet.
3  Copyright (C) 2009-2013, 2016 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
27 #include "platform.h"
28 #include "gnunet-service-core_kx.h"
29 #include "gnunet-service-core.h"
33 #include "gnunet_constants.h"
34 #include "gnunet_signatures.h"
35 #include "gnunet_protocols.h"
36 #include "core.h"
37 
41 #define DEBUG_KX 0
42 
46 #define INITIAL_SET_KEY_RETRY_FREQUENCY \
47  GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 10)
48 
52 #define MIN_PING_FREQUENCY \
53  GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5)
54 
58 #define REKEY_FREQUENCY \
59  GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 12)
60 
64 #define REKEY_TOLERANCE \
65  GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
66 
74 #define MAX_MESSAGE_AGE GNUNET_TIME_UNIT_DAYS
75 
76 
78 
84 {
89 
94 
100 
105 
110 
115 
120 
126 };
127 
128 
135 {
140 
144  uint32_t iv_seed GNUNET_PACKED;
145 
150  struct GNUNET_PeerIdentity target;
151 
155  uint32_t challenge GNUNET_PACKED;
156 };
157 
158 
163 {
168 
172  uint32_t iv_seed GNUNET_PACKED;
173 
177  uint32_t challenge GNUNET_PACKED;
178 
182  uint32_t reserved;
183 
188  struct GNUNET_PeerIdentity target;
189 };
190 
191 
197 {
202 
206  uint32_t iv_seed GNUNET_PACKED;
207 
215  struct GNUNET_HashCode hmac;
216 
221  uint32_t sequence_number GNUNET_PACKED;
222 
227 
232  struct GNUNET_TIME_AbsoluteNBO timestamp;
233 };
235 
236 
241 #define ENCRYPTED_HEADER_SIZE \
242  (offsetof (struct EncryptedMessage, sequence_number))
243 
244 
249 {
254 
259 
263  const struct GNUNET_PeerIdentity *peer;
264 
269 
274 
279 
283  struct GNUNET_CRYPTO_EcdhePublicKey other_ephemeral_key;
284 
290 
296 
300  struct GNUNET_TIME_Absolute foreign_key_expires;
301 
306 
310  struct GNUNET_TIME_Absolute last_notify_timeout;
311 
315  struct GNUNET_TIME_Relative set_key_retry_frequency;
316 
321 
326 
333 
338 
343 
347  uint32_t ping_challenge;
348 
353 
358 };
359 
360 
365 
370 
375 
380 
385 
390 
396 
401 
402 
408 static uint32_t
410 {
411  /* Note: may want to make this non-random and instead
412  derive from key material to avoid having an undetectable
413  side-channel */
414  return htonl (
416 }
417 
418 
424 static void
426 {
427  struct MonitorNotifyMessage msg;
428 
430  msg.header.size = htons (sizeof(msg));
431  msg.state = htonl ((uint32_t) kx->status);
432  msg.peer = *kx->peer;
435  kx->last_notify_timeout = kx->timeout;
436 }
437 
438 
446 static void
448  const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
449  uint32_t seed)
450 {
451  static const char ctx[] = "authentication key";
452 
453 #if DEBUG_KX
454  struct GNUNET_HashCode sh;
455 
456  GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
458  "Deriving Auth key from SKEY %s and seed %u\n",
459  GNUNET_h2s (&sh),
460  (unsigned int) seed);
461 #endif
463  skey,
464  &seed,
465  sizeof(seed),
466  skey,
467  sizeof(
469  ctx,
470  sizeof(ctx),
471  NULL);
472 }
473 
474 
483 static void
485  const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
486  uint32_t seed,
487  const struct GNUNET_PeerIdentity *identity)
488 {
489  static const char ctx[] = "initialization vector";
490 
491 #if DEBUG_KX
492  struct GNUNET_HashCode sh;
493 
494  GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
496  "Deriving IV from SKEY %s and seed %u for peer %s\n",
497  GNUNET_h2s (&sh),
498  (unsigned int) seed,
499  GNUNET_i2s (identity));
500 #endif
502  skey,
503  &seed,
504  sizeof(seed),
505  identity,
506  sizeof(struct GNUNET_PeerIdentity),
507  ctx,
508  sizeof(ctx),
509  NULL);
510 }
511 
512 
522 static void
524  const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
525  uint32_t seed,
526  uint32_t challenge,
527  const struct GNUNET_PeerIdentity *identity)
528 {
529  static const char ctx[] = "pong initialization vector";
530 
531 #if DEBUG_KX
532  struct GNUNET_HashCode sh;
533 
534  GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
536  "Deriving PONG IV from SKEY %s and seed %u/%u for %s\n",
537  GNUNET_h2s (&sh),
538  (unsigned int) seed,
539  (unsigned int) challenge,
540  GNUNET_i2s (identity));
541 #endif
543  skey,
544  &seed,
545  sizeof(seed),
546  identity,
547  sizeof(struct GNUNET_PeerIdentity),
548  &challenge,
549  sizeof(challenge),
550  ctx,
551  sizeof(ctx),
552  NULL);
553 }
554 
555 
564 static void
565 derive_aes_key (const struct GNUNET_PeerIdentity *sender,
566  const struct GNUNET_PeerIdentity *receiver,
567  const struct GNUNET_HashCode *key_material,
569 {
570  static const char ctx[] = "aes key generation vector";
571 
572 #if DEBUG_KX
573  struct GNUNET_HashCode sh;
574 
575  GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
577  "Deriving AES Keys for %s to %s from %s\n",
578  GNUNET_i2s (sender),
579  GNUNET_i2s2 (receiver),
580  GNUNET_h2s (key_material));
581 #endif
582  GNUNET_CRYPTO_kdf (skey,
583  sizeof(struct GNUNET_CRYPTO_SymmetricSessionKey),
584  ctx,
585  sizeof(ctx),
586  key_material,
587  sizeof(struct GNUNET_HashCode),
588  sender,
589  sizeof(struct GNUNET_PeerIdentity),
590  receiver,
591  sizeof(struct GNUNET_PeerIdentity),
592  NULL);
593 }
594 
595 
607 static int
610  const void *in,
611  void *out,
612  size_t size)
613 {
614  if (size != (uint16_t) size)
615  {
616  GNUNET_break (0);
617  return GNUNET_NO;
618  }
620  (uint16_t) size,
621  &kx->encrypt_key,
622  iv,
623  out));
625  gettext_noop ("# bytes encrypted"),
626  size,
627  GNUNET_NO);
628  /* the following is too sensitive to write to log files by accident,
629  so we require manual intervention to get this one... */
630 #if DEBUG_KX
632  "Encrypted %u bytes for `%s' using key %u, IV %u\n",
633  (unsigned int) size,
634  GNUNET_i2s (kx->peer),
635  (unsigned int) kx->encrypt_key.crc32,
636  GNUNET_CRYPTO_crc32_n (iv, sizeof(iv)));
637 #endif
638  return GNUNET_OK;
639 }
640 
641 
654 static int
657  const void *in,
658  void *out,
659  size_t size)
660 {
661  if (size != (uint16_t) size)
662  {
663  GNUNET_break (0);
664  return GNUNET_NO;
665  }
667  (kx->status != GNUNET_CORE_KX_STATE_UP) &&
669  {
670  GNUNET_break_op (0);
671  return GNUNET_SYSERR;
672  }
673  if (size != GNUNET_CRYPTO_symmetric_decrypt (in,
674  (uint16_t) size,
675  &kx->decrypt_key,
676  iv,
677  out))
678  {
679  GNUNET_break (0);
680  return GNUNET_SYSERR;
681  }
683  gettext_noop ("# bytes decrypted"),
684  size,
685  GNUNET_NO);
686  /* the following is too sensitive to write to log files by accident,
687  so we require manual intervention to get this one... */
688 #if DEBUG_KX
690  "Decrypted %u bytes from `%s' using key %u, IV %u\n",
691  (unsigned int) size,
692  GNUNET_i2s (kx->peer),
693  (unsigned int) kx->decrypt_key.crc32,
694  GNUNET_CRYPTO_crc32_n (iv, sizeof(*iv)));
695 #endif
696  return GNUNET_OK;
697 }
698 
699 
705 static void
706 send_key (struct GSC_KeyExchangeInfo *kx);
707 
708 
714 static void
716 {
717  struct GSC_KeyExchangeInfo *kx = cls;
718 
719  kx->retry_set_key_task = NULL;
723  send_key (kx);
724 }
725 
726 
732 static void
734 {
735  struct PingMessage pp;
736  struct PingMessage *pm;
738 
739  pm = &kx->ping;
740  kx->ping_challenge =
742  pm->header.size = htons (sizeof(struct PingMessage));
743  pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING);
744  pm->iv_seed = calculate_seed (kx);
745  derive_iv (&iv, &kx->encrypt_key, pm->iv_seed, kx->peer);
746  pp.challenge = kx->ping_challenge;
747  pp.target = *kx->peer;
748  do_encrypt (kx,
749  &iv,
750  &pp.target,
751  &pm->target,
752  sizeof(struct PingMessage)
753  - ((void *) &pm->target - (void *) pm));
754 }
755 
756 
768 static int
769 deliver_message (void *cls, const struct GNUNET_MessageHeader *m)
770 {
771  struct GSC_KeyExchangeInfo *kx = cls;
772 
774  "Decrypted message of type %d from %s\n",
775  ntohs (m->type),
776  GNUNET_i2s (kx->peer));
777  if (GNUNET_CORE_KX_STATE_UP != kx->status)
778  {
780  gettext_noop ("# PAYLOAD dropped (out of order)"),
781  1,
782  GNUNET_NO);
783  return GNUNET_OK;
784  }
785  switch (ntohs (m->type))
786  {
790  return GNUNET_OK;
791 
794  return GNUNET_OK;
795 
796  default:
798  m,
799  ntohs (m->size),
802  m,
803  sizeof(struct GNUNET_MessageHeader),
805  }
806  return GNUNET_OK;
807 }
808 
809 
819 static void *
821  const struct GNUNET_PeerIdentity *pid,
822  struct GNUNET_MQ_Handle *mq)
823 {
824  struct GSC_KeyExchangeInfo *kx;
825  struct GNUNET_HashCode h1;
826  struct GNUNET_HashCode h2;
827 
829  "Initiating key exchange with `%s'\n",
830  GNUNET_i2s (pid));
832  gettext_noop ("# key exchanges initiated"),
833  1,
834  GNUNET_NO);
835  kx = GNUNET_new (struct GSC_KeyExchangeInfo);
837  kx->mq = mq;
838  kx->peer = pid;
840  GNUNET_CONTAINER_DLL_insert (kx_head, kx_tail, kx);
842  monitor_notify_all (kx);
843  GNUNET_CRYPTO_hash (pid, sizeof(struct GNUNET_PeerIdentity), &h1);
845  sizeof(struct GNUNET_PeerIdentity),
846  &h2);
847  if (0 < GNUNET_CRYPTO_hash_cmp (&h1, &h2))
848  {
849  /* peer with "lower" identity starts KX, otherwise we typically end up
850  with both peers starting the exchange and transmit the 'set key'
851  message twice */
852  send_key (kx);
853  }
854  else
855  {
856  /* peer with "higher" identity starts a delayed KX, if the "lower" peer
857  * does not start a KX since it sees no reasons to do so */
858  kx->retry_set_key_task =
861  kx);
862  }
863  return kx;
864 }
865 
866 
876 static void
878  const struct GNUNET_PeerIdentity *peer,
879  void *handler_cls)
880 {
881  struct GSC_KeyExchangeInfo *kx = handler_cls;
882 
884  "Peer `%s' disconnected from us.\n",
885  GNUNET_i2s (peer));
886  GSC_SESSIONS_end (kx->peer);
888  gettext_noop ("# key exchanges stopped"),
889  1,
890  GNUNET_NO);
891  if (NULL != kx->retry_set_key_task)
892  {
894  kx->retry_set_key_task = NULL;
895  }
896  if (NULL != kx->keep_alive_task)
897  {
899  kx->keep_alive_task = NULL;
900  }
902  monitor_notify_all (kx);
903  GNUNET_CONTAINER_DLL_remove (kx_head, kx_tail, kx);
904  GNUNET_MST_destroy (kx->mst);
905  GNUNET_free (kx);
906 }
907 
908 
914 static void
916 {
917  struct GNUNET_MQ_Envelope *env;
918 
920  gettext_noop ("# PING messages transmitted"),
921  1,
922  GNUNET_NO);
923  env = GNUNET_MQ_msg_copy (&kx->ping.header);
924  GNUNET_MQ_send (kx->mq, env);
925 }
926 
927 
933 static void
935 {
936  struct GNUNET_HashCode key_material;
937 
938  if (GNUNET_OK != GNUNET_CRYPTO_ecc_ecdh (my_ephemeral_key,
939  &kx->other_ephemeral_key,
940  &key_material))
941  {
942  GNUNET_break (0);
943  return;
944  }
945  derive_aes_key (&GSC_my_identity, kx->peer, &key_material, &kx->encrypt_key);
946  derive_aes_key (kx->peer, &GSC_my_identity, &key_material, &kx->decrypt_key);
947  memset (&key_material, 0, sizeof(key_material));
948  /* fresh key, reset sequence numbers */
950  kx->last_packets_bitmap = 0;
951  setup_fresh_ping (kx);
952 }
953 
954 
962 static void
963 handle_ephemeral_key (void *cls, const struct EphemeralKeyMessage *m)
964 {
965  struct GSC_KeyExchangeInfo *kx = cls;
966  struct GNUNET_TIME_Absolute start_t;
967  struct GNUNET_TIME_Absolute end_t;
968  struct GNUNET_TIME_Absolute now;
970 
973  (GNUNET_CORE_KX_STATE_UP == kx->status) ||
976  {
978  gettext_noop ("# old ephemeral keys ignored"),
979  1,
980  GNUNET_NO);
982  "Received expired EPHEMERAL_KEY from %s\n",
984  return;
985  }
986  if (0 == memcmp (&m->ephemeral_key,
987  &kx->other_ephemeral_key,
988  sizeof(m->ephemeral_key)))
989  {
991  gettext_noop (
992  "# duplicate ephemeral keys ignored"),
993  1,
994  GNUNET_NO);
996  "Ignoring duplicate EPHEMERAL_KEY from %s\n",
998  return;
999  }
1000  if (0 != memcmp (&m->origin_identity,
1001  kx->peer,
1002  sizeof(struct GNUNET_PeerIdentity)))
1003  {
1005  "Received EPHEMERAL_KEY from %s, but expected %s\n",
1007  GNUNET_i2s_full (kx->peer));
1008  GNUNET_break_op (0);
1009  return;
1010  }
1011  if ((ntohl (m->purpose.size) !=
1012  sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
1013  + sizeof(struct GNUNET_TIME_AbsoluteNBO)
1014  + sizeof(struct GNUNET_TIME_AbsoluteNBO)
1015  + sizeof(struct GNUNET_CRYPTO_EddsaPublicKey)
1016  + sizeof(struct GNUNET_CRYPTO_EddsaPublicKey)) ||
1017  (GNUNET_OK !=
1019  &m->purpose,
1020  &m->signature,
1022  {
1023  /* invalid signature */
1024  GNUNET_break_op (0);
1026  gettext_noop (
1027  "# EPHEMERAL_KEYs rejected (bad signature)"),
1028  1,
1029  GNUNET_NO);
1031  "Received EPHEMERAL_KEY from %s with bad signature\n",
1032  GNUNET_i2s (&m->origin_identity));
1033  return;
1034  }
1035  now = GNUNET_TIME_absolute_get ();
1037  if ((end_t.abs_value_us <
1039  (start_t.abs_value_us >
1040  GNUNET_TIME_absolute_add (now, REKEY_TOLERANCE).abs_value_us))
1041  {
1042  GNUNET_log (
1044  _ (
1045  "EPHEMERAL_KEY from peer `%s' rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"),
1046  GNUNET_i2s (kx->peer),
1047  (unsigned long long) now.abs_value_us,
1048  (unsigned long long) start_t.abs_value_us,
1049  (unsigned long long) end_t.abs_value_us);
1051  gettext_noop (
1052  "# EPHEMERAL_KEY messages rejected due to time"),
1053  1,
1054  GNUNET_NO);
1055  return;
1056  }
1057 #if DEBUG_KX
1058  {
1059  struct GNUNET_HashCode eh;
1060 
1061  GNUNET_CRYPTO_hash (&m->ephemeral_key, sizeof(m->ephemeral_key), &eh);
1063  "Received valid EPHEMERAL_KEY `%s' from `%s' in state %d.\n",
1064  GNUNET_h2s (&eh),
1065  GNUNET_i2s (kx->peer),
1066  kx->status);
1067  }
1068 #endif
1070  gettext_noop ("# valid ephemeral keys received"),
1071  1,
1072  GNUNET_NO);
1074  kx->foreign_key_expires = end_t;
1075  derive_session_keys (kx);
1076 
1077  /* check if we still need to send the sender our key */
1078  sender_status = (enum GNUNET_CORE_KxState) ntohl (m->sender_status);
1079  switch (sender_status)
1080  {
1082  GNUNET_break_op (0);
1083  break;
1084 
1086  /* fine, need to send our key after updating our status, see below */
1087  GSC_SESSIONS_reinit (kx->peer);
1088  break;
1089 
1091  /* other peer already got our key, but typemap did go down */
1092  GSC_SESSIONS_reinit (kx->peer);
1093  break;
1094 
1096  /* other peer already got our key, typemap NOT down */
1097  break;
1098 
1100  /* other peer already got our key, typemap NOT down */
1101  break;
1102 
1103  default:
1104  GNUNET_break (0);
1105  break;
1106  }
1107  /* check if we need to confirm everything is fine via PING + PONG */
1108  switch (kx->status)
1109  {
1111  GNUNET_assert (NULL == kx->keep_alive_task);
1113  monitor_notify_all (kx);
1114  if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1115  send_key (kx);
1116  else
1117  send_ping (kx);
1118  break;
1119 
1121  GNUNET_assert (NULL == kx->keep_alive_task);
1123  monitor_notify_all (kx);
1124  if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1125  send_key (kx);
1126  else
1127  send_ping (kx);
1128  break;
1129 
1131  GNUNET_assert (NULL == kx->keep_alive_task);
1132  if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1133  send_key (kx);
1134  else
1135  send_ping (kx);
1136  break;
1137 
1140  monitor_notify_all (kx);
1141  if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1142  send_key (kx);
1143  else
1144  send_ping (kx);
1145  break;
1146 
1148  if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1149  send_key (kx);
1150  else
1151  send_ping (kx);
1152  break;
1153 
1154  default:
1155  GNUNET_break (0);
1156  break;
1157  }
1158 }
1159 
1160 
1168 static void
1169 handle_ping (void *cls, const struct PingMessage *m)
1170 {
1171  struct GSC_KeyExchangeInfo *kx = cls;
1172  struct PingMessage t;
1173  struct PongMessage tx;
1174  struct PongMessage *tp;
1175  struct GNUNET_MQ_Envelope *env;
1177 
1179  gettext_noop ("# PING messages received"),
1180  1,
1181  GNUNET_NO);
1183  (kx->status != GNUNET_CORE_KX_STATE_UP) &&
1185  {
1186  /* ignore */
1188  gettext_noop (
1189  "# PING messages dropped (out of order)"),
1190  1,
1191  GNUNET_NO);
1192  return;
1193  }
1195  "Core service receives PING request from `%s'.\n",
1196  GNUNET_i2s (kx->peer));
1197  derive_iv (&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity);
1198  if (GNUNET_OK != do_decrypt (kx,
1199  &iv,
1200  &m->target,
1201  &t.target,
1202  sizeof(struct PingMessage)
1203  - ((void *) &m->target - (void *) m)))
1204  {
1205  GNUNET_break_op (0);
1206  return;
1207  }
1208  if (0 !=
1209  memcmp (&t.target, &GSC_my_identity, sizeof(struct GNUNET_PeerIdentity)))
1210  {
1213  "Decryption of PING from peer `%s' failed, PING for `%s'?\n",
1214  GNUNET_i2s (kx->peer),
1215  GNUNET_i2s2 (&t.target));
1216  else
1217  GNUNET_log (
1219  "Decryption of PING from peer `%s' failed after rekey (harmless)\n",
1220  GNUNET_i2s (kx->peer));
1221  GNUNET_break_op (0);
1222  return;
1223  }
1224  /* construct PONG */
1225  tx.reserved = 0;
1226  tx.challenge = t.challenge;
1227  tx.target = t.target;
1229  tp->iv_seed = calculate_seed (kx);
1230  derive_pong_iv (&iv, &kx->encrypt_key, tp->iv_seed, t.challenge, kx->peer);
1231  do_encrypt (kx,
1232  &iv,
1233  &tx.challenge,
1234  &tp->challenge,
1235  sizeof(struct PongMessage)
1236  - ((void *) &tp->challenge - (void *) tp));
1238  gettext_noop ("# PONG messages created"),
1239  1,
1240  GNUNET_NO);
1241  GNUNET_MQ_send (kx->mq, env);
1242 }
1243 
1244 
1251 static void
1252 send_keep_alive (void *cls)
1253 {
1254  struct GSC_KeyExchangeInfo *kx = cls;
1255  struct GNUNET_TIME_Relative retry;
1256  struct GNUNET_TIME_Relative left;
1257 
1258  kx->keep_alive_task = NULL;
1260  if (0 == left.rel_value_us)
1261  {
1263  gettext_noop ("# sessions terminated by timeout"),
1264  1,
1265  GNUNET_NO);
1266  GSC_SESSIONS_end (kx->peer);
1268  monitor_notify_all (kx);
1269  send_key (kx);
1270  return;
1271  }
1273  "Sending KEEPALIVE to `%s'\n",
1274  GNUNET_i2s (kx->peer));
1276  gettext_noop ("# keepalive messages sent"),
1277  1,
1278  GNUNET_NO);
1279  setup_fresh_ping (kx);
1280  send_ping (kx);
1283  kx->keep_alive_task =
1285 }
1286 
1287 
1295 static void
1297 {
1298  struct GNUNET_TIME_Relative delta;
1299 
1300  kx->timeout =
1302  delta =
1304  if (delta.rel_value_us > 5LL * 1000LL * 1000LL)
1305  {
1306  /* we only notify monitors about timeout changes if those
1307  are bigger than the threshold (5s) */
1308  monitor_notify_all (kx);
1309  }
1310  if (NULL != kx->keep_alive_task)
1314  &send_keep_alive,
1315  kx);
1316 }
1317 
1318 
1325 static void
1326 handle_pong (void *cls, const struct PongMessage *m)
1327 {
1328  struct GSC_KeyExchangeInfo *kx = cls;
1329  struct PongMessage t;
1331 
1333  gettext_noop ("# PONG messages received"),
1334  1,
1335  GNUNET_NO);
1336  switch (kx->status)
1337  {
1340  gettext_noop (
1341  "# PONG messages dropped (connection down)"),
1342  1,
1343  GNUNET_NO);
1344  return;
1345 
1348  gettext_noop (
1349  "# PONG messages dropped (out of order)"),
1350  1,
1351  GNUNET_NO);
1352  return;
1353 
1355  break;
1356 
1358  break;
1359 
1361  break;
1362 
1363  default:
1364  GNUNET_break (0);
1365  return;
1366  }
1368  "Core service receives PONG response from `%s'.\n",
1369  GNUNET_i2s (kx->peer));
1370  /* mark as garbage, just to be sure */
1371  memset (&t, 255, sizeof(t));
1372  derive_pong_iv (&iv,
1373  &kx->decrypt_key,
1374  m->iv_seed,
1375  kx->ping_challenge,
1376  &GSC_my_identity);
1377  if (GNUNET_OK != do_decrypt (kx,
1378  &iv,
1379  &m->challenge,
1380  &t.challenge,
1381  sizeof(struct PongMessage)
1382  - ((void *) &m->challenge - (void *) m)))
1383  {
1384  GNUNET_break_op (0);
1385  return;
1386  }
1388  gettext_noop ("# PONG messages decrypted"),
1389  1,
1390  GNUNET_NO);
1391  if ((0 !=
1392  memcmp (&t.target, kx->peer, sizeof(struct GNUNET_PeerIdentity))) ||
1393  (kx->ping_challenge != t.challenge))
1394  {
1395  /* PONG malformed */
1397  "Received malformed PONG wanted sender `%s' with challenge %u\n",
1398  GNUNET_i2s (kx->peer),
1399  (unsigned int) kx->ping_challenge);
1401  "Received malformed PONG received from `%s' with challenge %u\n",
1402  GNUNET_i2s (&t.target),
1403  (unsigned int) t.challenge);
1404  return;
1405  }
1407  "Received valid PONG from `%s'\n",
1408  GNUNET_i2s (kx->peer));
1409  /* no need to resend key any longer */
1410  if (NULL != kx->retry_set_key_task)
1411  {
1413  kx->retry_set_key_task = NULL;
1414  }
1415  switch (kx->status)
1416  {
1418  GNUNET_assert (0); /* should be impossible */
1419  return;
1420 
1422  GNUNET_assert (0); /* should be impossible */
1423  return;
1424 
1427  gettext_noop (
1428  "# session keys confirmed via PONG"),
1429  1,
1430  GNUNET_NO);
1432  monitor_notify_all (kx);
1433  GSC_SESSIONS_create (kx->peer, kx);
1434  GNUNET_assert (NULL == kx->keep_alive_task);
1435  update_timeout (kx);
1436  break;
1437 
1440  gettext_noop ("# timeouts prevented via PONG"),
1441  1,
1442  GNUNET_NO);
1443  update_timeout (kx);
1444  break;
1445 
1448  gettext_noop (
1449  "# rekey operations confirmed via PONG"),
1450  1,
1451  GNUNET_NO);
1453  monitor_notify_all (kx);
1454  update_timeout (kx);
1455  break;
1456 
1457  default:
1458  GNUNET_break (0);
1459  break;
1460  }
1461 }
1462 
1463 
1469 static void
1471 {
1472  struct GNUNET_MQ_Envelope *env;
1473 
1475  if (NULL != kx->retry_set_key_task)
1476  {
1478  kx->retry_set_key_task = NULL;
1479  }
1480  /* always update sender status in SET KEY message */
1481 #if DEBUG_KX
1482  {
1483  struct GNUNET_HashCode hc;
1484 
1486  sizeof(current_ekm.ephemeral_key),
1487  &hc);
1489  "Sending EPHEMERAL_KEY %s to `%s' (my status: %d)\n",
1490  GNUNET_h2s (&hc),
1491  GNUNET_i2s (kx->peer),
1492  kx->status);
1493  }
1494 #endif
1495  current_ekm.sender_status = htonl ((int32_t) (kx->status));
1497  GNUNET_MQ_send (kx->mq, env);
1499  send_ping (kx);
1500  kx->retry_set_key_task =
1503  kx);
1504 }
1505 
1506 
1514 void
1516  const void *payload,
1517  size_t payload_size)
1518 {
1519  size_t used = payload_size + sizeof(struct EncryptedMessage);
1520  char pbuf[used]; /* plaintext */
1521  struct EncryptedMessage *em; /* encrypted message */
1522  struct EncryptedMessage *ph; /* plaintext header */
1523  struct GNUNET_MQ_Envelope *env;
1525  struct GNUNET_CRYPTO_AuthKey auth_key;
1526 
1527  ph = (struct EncryptedMessage *) pbuf;
1528  ph->sequence_number = htonl (++kx->last_sequence_number_sent);
1529  ph->iv_seed = calculate_seed (kx);
1530  ph->reserved = 0;
1532  GNUNET_memcpy (&ph[1], payload, payload_size);
1533  env = GNUNET_MQ_msg_extra (em,
1534  payload_size,
1536  em->iv_seed = ph->iv_seed;
1537  derive_iv (&iv, &kx->encrypt_key, ph->iv_seed, kx->peer);
1539  &iv,
1540  &ph->sequence_number,
1541  &em->sequence_number,
1542  used - ENCRYPTED_HEADER_SIZE));
1543 #if DEBUG_KX
1544  {
1545  struct GNUNET_HashCode hc;
1546 
1547  GNUNET_CRYPTO_hash (&ph->sequence_number,
1548  used - ENCRYPTED_HEADER_SIZE,
1549  &hc);
1551  "Encrypted payload `%s' of %u bytes for %s\n",
1552  GNUNET_h2s (&hc),
1553  (unsigned int) (used - ENCRYPTED_HEADER_SIZE),
1554  GNUNET_i2s (kx->peer));
1555  }
1556 #endif
1557  derive_auth_key (&auth_key, &kx->encrypt_key, ph->iv_seed);
1558  GNUNET_CRYPTO_hmac (&auth_key,
1559  &em->sequence_number,
1560  used - ENCRYPTED_HEADER_SIZE,
1561  &em->hmac);
1562 #if DEBUG_KX
1563  {
1564  struct GNUNET_HashCode hc;
1565 
1566  GNUNET_CRYPTO_hash (&auth_key, sizeof(auth_key), &hc);
1568  "For peer %s, used AC %s to create hmac %s\n",
1569  GNUNET_i2s (kx->peer),
1570  GNUNET_h2s (&hc),
1571  GNUNET_h2s2 (&em->hmac));
1572  }
1573 #endif
1575  GNUNET_MQ_send (kx->mq, env);
1576 }
1577 
1578 
1587 static int
1588 check_encrypted (void *cls, const struct EncryptedMessage *m)
1589 {
1590  uint16_t size = ntohs (m->header.size) - sizeof(*m);
1591 
1592  if (size < sizeof(struct GNUNET_MessageHeader))
1593  {
1594  GNUNET_break_op (0);
1595  return GNUNET_SYSERR;
1596  }
1597  return GNUNET_OK;
1598 }
1599 
1600 
1608 static void
1609 handle_encrypted (void *cls, const struct EncryptedMessage *m)
1610 {
1611  struct GSC_KeyExchangeInfo *kx = cls;
1612  struct EncryptedMessage *pt; /* plaintext */
1613  struct GNUNET_HashCode ph;
1614  uint32_t snum;
1615  struct GNUNET_TIME_Absolute t;
1617  struct GNUNET_CRYPTO_AuthKey auth_key;
1618  uint16_t size = ntohs (m->header.size);
1619  char buf[size] GNUNET_ALIGN;
1620 
1621  if (GNUNET_CORE_KX_STATE_UP != kx->status)
1622  {
1624  gettext_noop (
1625  "# DATA message dropped (out of order)"),
1626  1,
1627  GNUNET_NO);
1628  return;
1629  }
1630  if (0 ==
1632  {
1633  GNUNET_log (
1635  _ (
1636  "Session to peer `%s' went down due to key expiration (should not happen)\n"),
1637  GNUNET_i2s (kx->peer));
1639  gettext_noop (
1640  "# sessions terminated by key expiration"),
1641  1,
1642  GNUNET_NO);
1643  GSC_SESSIONS_end (kx->peer);
1644  if (NULL != kx->keep_alive_task)
1645  {
1647  kx->keep_alive_task = NULL;
1648  }
1650  monitor_notify_all (kx);
1651  send_key (kx);
1652  return;
1653  }
1654 
1655  /* validate hash */
1656 #if DEBUG_KX
1657  {
1658  struct GNUNET_HashCode hc;
1659 
1662  "Received encrypted payload `%s' of %u bytes from %s\n",
1663  GNUNET_h2s (&hc),
1664  (unsigned int) (size - ENCRYPTED_HEADER_SIZE),
1665  GNUNET_i2s (kx->peer));
1666  }
1667 #endif
1668  derive_auth_key (&auth_key, &kx->decrypt_key, m->iv_seed);
1669  GNUNET_CRYPTO_hmac (&auth_key,
1670  &m->sequence_number,
1671  size - ENCRYPTED_HEADER_SIZE,
1672  &ph);
1673 #if DEBUG_KX
1674  {
1675  struct GNUNET_HashCode hc;
1676 
1677  GNUNET_CRYPTO_hash (&auth_key, sizeof(auth_key), &hc);
1679  "For peer %s, used AC %s to verify hmac %s\n",
1680  GNUNET_i2s (kx->peer),
1681  GNUNET_h2s (&hc),
1682  GNUNET_h2s2 (&m->hmac));
1683  }
1684 #endif
1685  if (0 != memcmp (&ph, &m->hmac, sizeof(struct GNUNET_HashCode)))
1686  {
1687  /* checksum failed */
1689  "Failed checksum validation for a message from `%s'\n",
1690  GNUNET_i2s (kx->peer));
1691  return;
1692  }
1693  derive_iv (&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity);
1694  /* decrypt */
1695  if (GNUNET_OK != do_decrypt (kx,
1696  &iv,
1697  &m->sequence_number,
1699  size - ENCRYPTED_HEADER_SIZE))
1700  {
1701  GNUNET_break_op (0);
1702  return;
1703  }
1705  "Decrypted %u bytes from %s\n",
1706  (unsigned int) (size - ENCRYPTED_HEADER_SIZE),
1707  GNUNET_i2s (kx->peer));
1708  pt = (struct EncryptedMessage *) buf;
1709 
1710  /* validate sequence number */
1711  snum = ntohl (pt->sequence_number);
1712  if (kx->last_sequence_number_received == snum)
1713  {
1715  "Received duplicate message, ignoring.\n");
1716  /* duplicate, ignore */
1718  gettext_noop ("# bytes dropped (duplicates)"),
1719  size,
1720  GNUNET_NO);
1721  return;
1722  }
1723  if ((kx->last_sequence_number_received > snum) &&
1724  (kx->last_sequence_number_received - snum > 32))
1725  {
1727  "Received ancient out of sequence message, ignoring.\n");
1728  /* ancient out of sequence, ignore */
1730  gettext_noop (
1731  "# bytes dropped (out of sequence)"),
1732  size,
1733  GNUNET_NO);
1734  return;
1735  }
1736  if (kx->last_sequence_number_received > snum)
1737  {
1738  uint32_t rotbit = 1U << (kx->last_sequence_number_received - snum - 1);
1739 
1740  if ((kx->last_packets_bitmap & rotbit) != 0)
1741  {
1743  "Received duplicate message, ignoring.\n");
1745  gettext_noop ("# bytes dropped (duplicates)"),
1746  size,
1747  GNUNET_NO);
1748  /* duplicate, ignore */
1749  return;
1750  }
1751  kx->last_packets_bitmap |= rotbit;
1752  }
1753  if (kx->last_sequence_number_received < snum)
1754  {
1755  unsigned int shift = (snum - kx->last_sequence_number_received);
1756 
1757  if (shift >= 8 * sizeof(kx->last_packets_bitmap))
1758  kx->last_packets_bitmap = 0;
1759  else
1760  kx->last_packets_bitmap <<= shift;
1761  kx->last_sequence_number_received = snum;
1762  }
1763 
1764  /* check timestamp */
1766  if (GNUNET_TIME_absolute_get_duration (t).rel_value_us >
1767  MAX_MESSAGE_AGE.rel_value_us)
1768  {
1770  "Message received far too old (%s). Content ignored.\n",
1773  GNUNET_YES));
1775  gettext_noop (
1776  "# bytes dropped (ancient message)"),
1777  size,
1778  GNUNET_NO);
1779  return;
1780  }
1781 
1782  /* process decrypted message(s) */
1783  update_timeout (kx);
1785  gettext_noop ("# bytes of payload decrypted"),
1786  size - sizeof(struct EncryptedMessage),
1787  GNUNET_NO);
1788  if (GNUNET_OK !=
1790  &buf[sizeof(struct EncryptedMessage)],
1791  size - sizeof(struct EncryptedMessage),
1792  GNUNET_YES,
1793  GNUNET_NO))
1794  GNUNET_break_op (0);
1795 }
1796 
1797 
1805 static void
1807  const struct GNUNET_PeerIdentity *pid,
1808  void *connect_cls)
1809 {
1810  struct GSC_KeyExchangeInfo *kx = connect_cls;
1811 
1813  "Peer %s has excess bandwidth available\n",
1814  GNUNET_i2s (pid));
1816  GSC_SESSIONS_solicit (pid);
1817 }
1818 
1819 
1824 static void
1826 {
1827  current_ekm.header.size = htons (sizeof(struct EphemeralKeyMessage));
1829  current_ekm.sender_status = 0; /* to be set later */
1832  htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
1833  + sizeof(struct GNUNET_TIME_AbsoluteNBO)
1834  + sizeof(struct GNUNET_TIME_AbsoluteNBO)
1835  + sizeof(struct GNUNET_CRYPTO_EcdhePublicKey)
1836  + sizeof(struct GNUNET_PeerIdentity));
1840  "core",
1841  "USE_EPHEMERAL_KEYS"))
1842  {
1846  REKEY_TOLERANCE)));
1847  }
1848  else
1849  {
1852  }
1853  GNUNET_CRYPTO_ecdhe_key_get_public (my_ephemeral_key,
1857  GNUNET_CRYPTO_eddsa_sign (my_private_key,
1860 }
1861 
1862 
1868 static void
1869 do_rekey (void *cls)
1870 {
1871  struct GSC_KeyExchangeInfo *pos;
1872 
1873  rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL);
1874  if (NULL != my_ephemeral_key)
1875  GNUNET_free (my_ephemeral_key);
1876  my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create ();
1877  GNUNET_assert (NULL != my_ephemeral_key);
1878  sign_ephemeral_key ();
1879  {
1880  struct GNUNET_HashCode eh;
1881 
1883  sizeof(current_ekm.ephemeral_key),
1884  &eh);
1885  GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Rekeying to %s\n", GNUNET_h2s (&eh));
1886  }
1887  for (pos = kx_head; NULL != pos; pos = pos->next)
1888  {
1889  if (GNUNET_CORE_KX_STATE_UP == pos->status)
1890  {
1892  monitor_notify_all (pos);
1893  derive_session_keys (pos);
1894  }
1895  if (GNUNET_CORE_KX_STATE_DOWN == pos->status)
1896  {
1898  monitor_notify_all (pos);
1899  }
1900  monitor_notify_all (pos);
1901  send_key (pos);
1902  }
1903 }
1904 
1905 
1912 int
1914 {
1915  struct GNUNET_MQ_MessageHandler handlers[] =
1918  struct EphemeralKeyMessage,
1919  NULL),
1922  struct PingMessage,
1923  NULL),
1926  struct PongMessage,
1927  NULL),
1928  GNUNET_MQ_hd_var_size (encrypted,
1930  struct EncryptedMessage,
1931  NULL),
1932  GNUNET_MQ_handler_end () };
1933 
1934  my_private_key = pk;
1935  GNUNET_CRYPTO_eddsa_key_get_public (my_private_key,
1937  my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create ();
1938  if (NULL == my_ephemeral_key)
1939  {
1940  GNUNET_break (0);
1941  GNUNET_free (my_private_key);
1942  my_private_key = NULL;
1943  return GNUNET_SYSERR;
1944  }
1945  sign_ephemeral_key ();
1946  {
1947  struct GNUNET_HashCode eh;
1948 
1950  sizeof(current_ekm.ephemeral_key),
1951  &eh);
1953  "Starting with ephemeral key %s\n",
1954  GNUNET_h2s (&eh));
1955  }
1956 
1958  rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL);
1959  transport =
1961  &GSC_my_identity,
1962  handlers,
1963  NULL,
1967  if (NULL == transport)
1968  {
1969  GSC_KX_done ();
1970  return GNUNET_SYSERR;
1971  }
1972  return GNUNET_OK;
1973 }
1974 
1975 
1979 void
1981 {
1982  if (NULL != transport)
1983  {
1985  transport = NULL;
1986  }
1987  if (NULL != rekey_task)
1988  {
1989  GNUNET_SCHEDULER_cancel (rekey_task);
1990  rekey_task = NULL;
1991  }
1992  if (NULL != my_ephemeral_key)
1993  {
1994  GNUNET_free (my_ephemeral_key);
1995  my_ephemeral_key = NULL;
1996  }
1997  if (NULL != my_private_key)
1998  {
1999  GNUNET_free (my_private_key);
2000  my_private_key = NULL;
2001  }
2002  if (NULL != nc)
2003  {
2005  nc = NULL;
2006  }
2007 }
2008 
2009 
2016 unsigned int
2018 {
2019  return GNUNET_MQ_get_length (kxinfo->mq);
2020 }
2021 
2022 
2029 int
2031 {
2032  return kxinfo->has_excess_bandwidth;
2033 }
2034 
2035 
2044 void
2046 {
2047  struct GNUNET_MQ_Envelope *env;
2048  struct MonitorNotifyMessage *done_msg;
2049  struct GSC_KeyExchangeInfo *kx;
2050 
2052  for (kx = kx_head; NULL != kx; kx = kx->next)
2053  {
2054  struct GNUNET_MQ_Envelope *env;
2055  struct MonitorNotifyMessage *msg;
2056 
2058  msg->state = htonl ((uint32_t) kx->status);
2059  msg->peer = *kx->peer;
2061  GNUNET_MQ_send (mq, env);
2062  }
2064  done_msg->state = htonl ((uint32_t) GNUNET_CORE_KX_ITERATION_FINISHED);
2066  GNUNET_MQ_send (mq, env);
2067 }
2068 
2069 
2070 /* end of gnunet-service-core_kx.c */
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
#define GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY
Purpose is to set a session key.
#define REKEY_TOLERANCE
What time difference do we tolerate?
void GSC_SESSIONS_confirm_typemap(const struct GNUNET_PeerIdentity *peer, const struct GNUNET_MessageHeader *msg)
The other peer has confirmed receiving our type map, check if it is current and if so...
struct GNUNET_MQ_Envelope * GNUNET_MQ_msg_copy(const struct GNUNET_MessageHeader *hdr)
Create a new envelope by copying an existing message.
Definition: mq.c:653
The notification context is the key datastructure for a convenience API used for transmission of noti...
Definition: nc.c:75
static struct GNUNET_CRYPTO_EddsaPrivateKey * pk
Private key of this peer.
const char * GNUNET_i2s2(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
static void ping(void *cls)
Send a ping to destination.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_subtract(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Subtract a given relative duration from the given start time.
Definition: time.c:422
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_ntoh(struct GNUNET_TIME_AbsoluteNBO a)
Convert absolute time from network byte order.
Definition: time.c:673
static void derive_aes_key(const struct GNUNET_PeerIdentity *sender, const struct GNUNET_PeerIdentity *receiver, const struct GNUNET_HashCode *key_material, struct GNUNET_CRYPTO_SymmetricSessionKey *skey)
Derive an AES key from key material.
const struct GNUNET_PeerIdentity * peer
Identity of the peer.
void GSC_KX_handle_client_monitor_peers(struct GNUNET_MQ_Handle *mq)
Handle GNUNET_MESSAGE_TYPE_CORE_MONITOR_PEERS request.
uint64_t rel_value_us
The actual value.
struct GNUNET_TIME_Relative set_key_retry_frequency
At what frequency are we currently re-trying SET_KEY messages?
uint32_t iv_seed
Seed for the IV.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
enum GNUNET_CORE_KxState status
What is our connection status?
uint32_t last_packets_bitmap
Bit map indicating which of the 32 sequence numbers before the last were received (good for accepting...
struct GNUNET_PeerIdentity target
Intended target of the PING, used primarily to check that decryption actually worked.
int32_t GNUNET_CRYPTO_crc32_n(const void *buf, size_t len)
Compute the CRC32 checksum for the first len bytes of the buffer.
Definition: crypto_crc.c:106
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
struct PingMessage ping
PING message we transmit to the other peer.
uint32_t sequence_number
Sequence number, in network byte order.
static struct GNUNET_CRYPTO_EcdhePrivateKey * my_ephemeral_key
Our ephemeral private key.
static void do_rekey(void *cls)
Task run to trigger rekeying.
struct GNUNET_TIME_Relative GNUNET_TIME_relative_max(struct GNUNET_TIME_Relative t1, struct GNUNET_TIME_Relative t2)
Return the maximum of two relative time values.
Definition: time.c:287
static void handle_ephemeral_key(void *cls, const struct EphemeralKeyMessage *m)
We received a GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY message.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
uint32_t GNUNET_CRYPTO_random_u32(enum GNUNET_CRYPTO_Quality mode, uint32_t i)
Produce a random value.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Response to a PING.
static struct GNUNET_ATS_PerformanceHandle * ph
ATS performance handle used.
Definition: gnunet-ats.c:116
static void send_key(struct GSC_KeyExchangeInfo *kx)
Send our key (and encrypted PING) to the other peer.
#define GNUNET_TIME_UNIT_SECONDS
One second.
uint32_t last_sequence_number_sent
last sequence number transmitted
struct GNUNET_TIME_AbsoluteNBO timeout
How long will we stay in this state (if nothing else happens)?
Definition: core.h:322
static int do_encrypt(struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
Encrypt size bytes from in and write the result to out.
int GNUNET_CRYPTO_eddsa_sign(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
EdDSA sign a given block.
Definition: crypto_ecc.c:986
static struct GNUNET_TRANSPORT_CoreHandle * transport
Transport service.
static void derive_session_keys(struct GSC_KeyExchangeInfo *kx)
Derive fresh session keys from the current ephemeral keys.
unsigned int GSC_NEIGHBOURS_get_queue_length(const struct GSC_KeyExchangeInfo *kxinfo)
Check how many messages are queued for the given neighbour.
common internal definitions for core service
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
#define GNUNET_MQ_hd_fixed_size(name, code, str, ctx)
int GNUNET_CRYPTO_ecc_ecdh(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a public and a private ECC key.
Definition: crypto_ecc.c:1182
static struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Our private key.
static void handle_transport_notify_excess_bw(void *cls, const struct GNUNET_PeerIdentity *pid, void *connect_cls)
One of our neighbours has excess bandwidth, remember this.
struct GNUNET_CRYPTO_EcdhePrivateKey * GNUNET_CRYPTO_ecdhe_key_create(void)
Create a new private key.
Definition: crypto_ecc.c:608
#define GNUNET_MQ_msg(mvar, type)
Allocate a GNUNET_MQ_Envelope.
Definition: gnunet_mq_lib.h:67
#define GNUNET_NO
Definition: gnunet_common.h:78
const char * GNUNET_i2s_full(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
static void sign_ephemeral_key()
Setup the message that links the ephemeral key to our persistent public key and generate the appropri...
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
Definition: time.c:395
GNUNET_CORE_KxState
State machine for our P2P encryption handshake.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
static void handle_encrypted(void *cls, const struct EncryptedMessage *m)
We received an encrypted message.
static struct GSC_KeyExchangeInfo * kx_head
DLL head.
struct GNUNET_TRANSPORT_CoreHandle * GNUNET_TRANSPORT_core_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_PeerIdentity *self, const struct GNUNET_MQ_MessageHandler *handlers, void *cls, GNUNET_TRANSPORT_NotifyConnect nc, GNUNET_TRANSPORT_NotifyDisconnect nd)
Connect to the transport service.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
static void handle_ping(void *cls, const struct PingMessage *m)
We received a PING message.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
struct GNUNET_HashCode hmac
MAC of the encrypted message (starting at sequence_number), used to verify message integrity...
struct GNUNET_STATISTICS_Handle * GSC_stats
For creating statistics.
We&#39;ve received the other peers session key.
struct GNUNET_MessageStreamTokenizer * mst
Our message stream tokenizer (for encrypted payload).
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
static void derive_auth_key(struct GNUNET_CRYPTO_AuthKey *akey, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed)
Derive an authentication key from "set key" information.
void GNUNET_CRYPTO_hmac(const struct GNUNET_CRYPTO_AuthKey *key, const void *plaintext, size_t plaintext_len, struct GNUNET_HashCode *hmac)
Calculate HMAC of a message (RFC 2104)
Definition: crypto_hash.c:438
void GNUNET_notification_context_add(struct GNUNET_NotificationContext *nc, struct GNUNET_MQ_Handle *mq)
Add a subscriber to the notification context.
Definition: nc.c:160
uint64_t abs_value_us
The actual value.
struct GNUNET_TIME_Absolute last_notify_timeout
What was the last timeout we informed our monitors about?
#define GNUNET_MESSAGE_TYPE_CORE_COMPRESSED_TYPE_MAP
gzip-compressed type map of the sender
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
#define GNUNET_MESSAGE_TYPE_CORE_PONG
Confirmation that other peer is alive.
#define GNUNET_NETWORK_STRUCT_BEGIN
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32.
static struct GNUNET_DNSSTUB_Context * ctx
Context for DNS resolution.
#define GNUNET_TIME_UNIT_FOREVER_ABS
Constant used to specify "forever".
#define _(String)
GNU gettext support macro.
Definition: platform.h:181
struct GNUNET_TIME_AbsoluteNBO expiration_time
When does the given ephemeral key expire (end of validity).
struct GNUNET_MessageHeader header
Header with type GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY.
Definition: core.h:307
struct GNUNET_MessageHeader header
Message type is GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE.
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
static int deliver_message(void *cls, const struct GNUNET_MessageHeader *m)
Deliver P2P message to interested clients.
struct GNUNET_SCHEDULER_Task * retry_set_key_task
ID of task used for re-trying SET_KEY and PING message.
static struct GNUNET_ARM_MonitorHandle * m
Monitor connection with ARM.
Definition: gnunet-arm.c:104
struct GNUNET_CRYPTO_EddsaSignature signature
An ECC signature of the origin_identity asserting the validity of the given ephemeral key...
struct GNUNET_TIME_AbsoluteNBO creation_time
At what time was this key created (beginning of validity).
struct GNUNET_MQ_Handle * mq
Message queue for sending messages to peer.
const char * GNUNET_h2s2(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
#define GNUNET_MQ_msg_extra(mvar, esize, type)
Allocate an envelope, with extra space allocated after the space needed by the message struct...
Definition: gnunet_mq_lib.h:52
static void monitor_notify_all(struct GSC_KeyExchangeInfo *kx)
Inform all monitors about the KX state of the given peer.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1253
static int do_decrypt(struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
Decrypt size bytes from in and write the result to out.
uint32_t challenge
Random number to make replay attacks harder.
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
static struct GNUNET_TIME_Relative timeout
Desired timeout for the lookup (default is no timeout).
Definition: gnunet-abd.c:61
int GNUNET_CRYPTO_eddsa_verify(uint32_t purpose, const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Verify EdDSA signature.
Definition: crypto_ecc.c:1113
void GSC_KX_encrypt_and_transmit(struct GSC_KeyExchangeInfo *kx, const void *payload, size_t payload_size)
Encrypt and transmit a message with the given payload.
static int check_encrypted(void *cls, const struct EncryptedMessage *m)
We received an encrypted message.
static void send_ping(struct GSC_KeyExchangeInfo *kx)
Send our PING to the other peer.
We&#39;re sending an (encrypted) PING to the other peer to check if it can decrypt.
static void send_keep_alive(void *cls)
Task triggered when a neighbour entry is about to time out (and we should prevent this by sending a P...
void GNUNET_MST_destroy(struct GNUNET_MessageStreamTokenizer *mst)
Destroys a tokenizer.
Definition: mst.c:411
uint32_t challenge
Random number chosen to make replay harder.
#define GNUNET_MQ_hd_var_size(name, code, str, ctx)
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:48
ssize_t GNUNET_CRYPTO_symmetric_encrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Encrypt a block using a symmetric sessionkey.
#define GNUNET_MESSAGE_TYPE_CORE_CONFIRM_TYPE_MAP
Other peer confirms having received the type map.
unsigned int GNUNET_MQ_get_length(struct GNUNET_MQ_Handle *mq)
Obtain the current length of the message queue.
Definition: mq.c:335
Encapsulation for encrypted messages exchanged between peers.
struct GSC_KeyExchangeInfo * next
DLL.
static struct GSC_KeyExchangeInfo * kx_tail
DLL tail.
struct GNUNET_CRYPTO_EcdhePublicKey other_ephemeral_key
Ephemeral public ECC key of the other peer.
uint32_t iv_seed
Seed for the IV.
void GSC_SESSIONS_set_typemap(const struct GNUNET_PeerIdentity *peer, const struct GNUNET_MessageHeader *msg)
We have received a typemap message from a peer, update ours.
Handle to a message stream tokenizer.
Definition: mst.c:43
const char * GNUNET_STRINGS_relative_time_to_string(struct GNUNET_TIME_Relative delta, int do_round)
Give relative time in human-readable fancy format.
Definition: strings.c:687
void GNUNET_CRYPTO_symmetric_derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
Derive an IV.
#define GNUNET_CORE_OPTION_SEND_FULL_INBOUND
Client wants all inbound messages in full.
Definition: core.h:55
Randomness for IVs etc.
uint16_t status
See PRISM_STATUS_*-constants.
static char buf[2048]
#define MIN_PING_FREQUENCY
What is the minimum frequency for a PING message?
uint32_t ping_challenge
What was our PING challenge number (for this peer)?
struct GNUNET_MessageHeader header
Message type is GNUNET_MESSAGE_TYPE_CORE_PING.
struct GNUNET_MessageStreamTokenizer * GNUNET_MST_create(GNUNET_MessageTokenizerCallback cb, void *cb_cls)
Create a message stream tokenizer.
Definition: mst.c:85
int GNUNET_MST_from_buffer(struct GNUNET_MessageStreamTokenizer *mst, const char *buf, size_t size, int purge, int one_shot)
Add incoming data to the receive buffer and call the callback for all complete messages.
Definition: mst.c:114
int GSC_KX_init(struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
Initialize KX subsystem.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Information about the status of a key exchange with another peer.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Information about what is being signed.
void GSC_CLIENTS_deliver_message(const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg, uint16_t msize, uint32_t options)
Deliver P2P message to interested clients.
A 512-bit hashcode.
Globals for gnunet-service-core.
Message handler for a specific message type.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
struct GNUNET_CRYPTO_SymmetricSessionKey decrypt_key
Key we use to decrypt messages from the other peer (given to us by the other peer during the handshak...
#define GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY
Session key exchange between peers.
struct GNUNET_PeerIdentity GSC_my_identity
Our identity.
Private ECC key encoded for transmission.
static void pong(struct GNUNET_CADET_Channel *channel, const struct CadetPingMessage *ping)
Reply with a pong to origin.
static struct GNUNET_IDENTITY_Handle * identity
Which namespace do we publish to? NULL if we do not publish to a namespace.
struct GNUNET_SCHEDULER_Task * keep_alive_task
ID of task used for sending keep-alive pings.
static void update_timeout(struct GSC_KeyExchangeInfo *kx)
We&#39;ve seen a valid message from the other peer.
static void setup_fresh_ping(struct GSC_KeyExchangeInfo *kx)
Create a fresh PING message for transmission to the other peer.
struct GNUNET_TESTBED_Peer * peer
The peer associated with this model.
void GSC_SESSIONS_solicit(const struct GNUNET_PeerIdentity *pid)
Traffic is being solicited for the given peer.
#define GNUNET_SYSERR
Definition: gnunet_common.h:76
static unsigned int size
Size of the "table".
Definition: peer.c:67
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:301
This is not a state in a peer&#39;s state machine, but a special value used with the GNUNET_CORE_MonitorC...
void GSC_SESSIONS_create(const struct GNUNET_PeerIdentity *peer, struct GSC_KeyExchangeInfo *kx)
Create a session, a key exchange was just completed.
uint32_t iv_seed
Random value used for IV generation.
#define MAX_MESSAGE_AGE
What is the maximum age of a message for us to consider processing it? Note that this looks at the ti...
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key
Ephemeral public ECC key.
static void set_key_retry_task(void *cls)
Task that will retry send_key() if our previous attempt failed.
static uint32_t calculate_seed(struct GSC_KeyExchangeInfo *kx)
Calculate seed value we should use for a message.
#define GNUNET_MESSAGE_TYPE_CORE_BINARY_TYPE_MAP
uncompressed type map of the sender
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
static void * handle_transport_notify_connect(void *cls, const struct GNUNET_PeerIdentity *pid, struct GNUNET_MQ_Handle *mq)
Function called by transport to notify us that a peer connected to us (on the network level)...
#define GNUNET_MESSAGE_TYPE_CORE_PING
Check that other peer is alive (challenge).
The other peer has confirmed our session key + PING with a PONG message encrypted with their session ...
static struct GNUNET_NotificationContext * nc
Notification context for broadcasting to monitors.
#define GNUNET_TIME_STD_BACKOFF(r)
Perform our standard exponential back-off calculation, starting at 1 ms and then going by a factor of...
struct GSC_KeyExchangeInfo * prev
DLL.
static unsigned long long payload
How much data are we currently storing in the database?
code for managing the key exchange (SET_KEY, PING, PONG) with other peers
struct GNUNET_PeerIdentity target
Intended target of the PING, used primarily to check that decryption actually worked.
#define ENCRYPTED_HEADER_SIZE
Number of bytes (at the beginning) of struct EncryptedMessage that are NOT encrypted.
an ECC signature using EdDSA.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:270
struct GNUNET_NotificationContext * GNUNET_notification_context_create(unsigned int queue_length)
Create a new notification context.
Definition: nc.c:121
static void derive_pong_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed, uint32_t challenge, const struct GNUNET_PeerIdentity *identity)
Derive an IV from pong packet information.
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don&#39;t receive messages from the peer...
Handle to a message queue.
Definition: mq.c:85
#define GNUNET_NETWORK_STRUCT_END
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32;.
Private ECC key encoded for transmission.
struct GNUNET_TIME_Relative GNUNET_TIME_relative_add(struct GNUNET_TIME_Relative a1, struct GNUNET_TIME_Relative a2)
Add relative times together.
Definition: time.c:579
#define GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE
Encapsulation for an encrypted message between peers.
void GNUNET_notification_context_broadcast(struct GNUNET_NotificationContext *nc, const struct GNUNET_MessageHeader *msg, int can_drop)
Send a message to all subscribers of this context.
Definition: nc.c:189
The identity of the host (wraps the signing key of the peer).
static void derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed, const struct GNUNET_PeerIdentity *identity)
Derive an IV from packet information.
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to &#39;struct&#39;s...
uint32_t last_sequence_number_received
last sequence number received on this connection (highest)
static struct GNUNET_SCHEDULER_Task * rekey_task
Task scheduled for periodic re-generation (and thus rekeying) of our ephemeral key.
#define GNUNET_PACKED
gcc-ism to get packed structs.
int has_excess_bandwidth
GNUNET_YES if this peer currently has excess bandwidth.
#define REKEY_FREQUENCY
How often do we rekey?
uint32_t reserved
Reserved, always zero.
struct GNUNET_MessageHeader header
Message type is GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_duration(struct GNUNET_TIME_Absolute whence)
Get the duration of an operation as the difference of the current time and the given start time "henc...
Definition: time.c:375
int GNUNET_CRYPTO_hash_cmp(const struct GNUNET_HashCode *h1, const struct GNUNET_HashCode *h2)
Compare function for HashCodes, producing a total ordering of all hashcodes.
Definition: crypto_hash.c:294
struct GNUNET_TIME_Absolute foreign_key_expires
At what time did the other peer generate the decryption key?
void GNUNET_TRANSPORT_core_disconnect(struct GNUNET_TRANSPORT_CoreHandle *handle)
Disconnect from the transport service.
uint32_t state
New peer state, an enum GNUNET_CORE_KxState in NBO.
Definition: core.h:312
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
struct GNUNET_MQ_Handle * mq
Definition: 003.c:5
#define GNUNET_log(kind,...)
Entry in list of pending tasks.
Definition: scheduler.c:134
struct GNUNET_CRYPTO_SymmetricSessionKey encrypt_key
Key we use to encrypt our messages for the other peer (initialized by us when we do the handshake)...
int32_t sender_status
Status of the sender (should be in enum PeerStateMachine), nbo.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:331
struct GNUNET_TIME_Absolute timeout
When should the session time out (if there are no PONGs)?
Last state of a KX (when it is being terminated).
Header for all communications.
struct GNUNET_TIME_Relative GNUNET_TIME_relative_divide(struct GNUNET_TIME_Relative rel, unsigned long long factor)
Divide relative time by a given factor.
Definition: time.c:527
Time for absolute times used by GNUnet, in microseconds.
#define GNUNET_YES
Definition: gnunet_common.h:77
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_difference(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Absolute end)
Compute the time difference between the given start and end times.
Definition: time.c:354
void GNUNET_notification_context_destroy(struct GNUNET_NotificationContext *nc)
Destroy the context, force disconnect for all subscribers.
Definition: nc.c:137
void GNUNET_MQ_send(struct GNUNET_MQ_Handle *mq, struct GNUNET_MQ_Envelope *ev)
Send a message with the given message queue.
Definition: mq.c:353
static struct EphemeralKeyMessage current_ekm
Current message we send for a key exchange.
Message sent by the service to monitor clients to notify them about a peer changing status...
Definition: core.h:302
We&#39;ve sent our session key.
static unsigned long long reserved
How much space have we currently reserved?
static void handle_transport_notify_disconnect(void *cls, const struct GNUNET_PeerIdentity *peer, void *handler_cls)
Function called by transport telling us that a peer disconnected.
int GSC_NEIGHBOURS_check_excess_bandwidth(const struct GSC_KeyExchangeInfo *kxinfo)
Check if the given neighbour has excess bandwidth available.
Message transmitted with the signed ephemeral key of a peer.
static struct GNUNET_PeerIdentity pid
Identity of the peer we transmit to / connect to.
ssize_t GNUNET_CRYPTO_symmetric_decrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Decrypt a given block using a symmetric sessionkey.
struct GNUNET_PeerIdentity origin_identity
Public key of the signing peer (persistent version, not the ephemeral public key).
int GNUNET_CONFIGURATION_get_value_yesno(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option)
Get a configuration value that should be in a set of "YES" or "NO".
Handle for the transport service (includes all of the state for the transport service).
void GNUNET_CRYPTO_hmac_derive_key(struct GNUNET_CRYPTO_AuthKey *key, const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, const void *salt, size_t salt_len,...)
Derive an authentication key.
Definition: crypto_hash.c:356
#define GNUNET_CORE_OPTION_SEND_HDR_INBOUND
Client just wants the 4-byte message headers of all inbound messages.
Definition: core.h:61
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:657
void GSC_SESSIONS_end(const struct GNUNET_PeerIdentity *pid)
End the session with the given peer (we are no longer connected).
int GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:89
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define INITIAL_SET_KEY_RETRY_FREQUENCY
How long do we wait for SET_KEY confirmation initially?
void GSC_KX_done()
Shutdown KX subsystem.
struct GNUNET_TIME_AbsoluteNBO timestamp
Timestamp.
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
const struct GNUNET_CONFIGURATION_Handle * GSC_cfg
Our configuration.
type for (message) authentication keys
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
void GSC_SESSIONS_reinit(const struct GNUNET_PeerIdentity *peer)
The other peer has indicated that it &#39;lost&#39; the session (KX down), reinitialize the session on our en...
#define GNUNET_free(ptr)
Wrapper around free.
#define GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY
Reply for monitor by CORE service.
Time for relative time used by GNUnet, in microseconds.
static void handle_pong(void *cls, const struct PongMessage *m)
We received a PONG message.
struct GNUNET_CRYPTO_EddsaPublicKey public_key
static struct GNUNET_TRANSPORT_PluginMonitor * pm
Handle if we are monitoring plugin session activity.
#define gettext_noop(String)
Definition: gettext.h:69
struct GNUNET_PeerIdentity peer
Identity of the peer.
Definition: core.h:317
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:966
We&#39;re rekeying (or had a timeout), so we have sent the other peer our new ephemeral key...
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...