TCP rekey message box. More...

Collaboration diagram for TCPRekey:

Data Fields
struct GNUNET_MessageHeader	header
	Type is GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_REKEY. More...

struct GNUNET_ShortHashCode	hmac
	HMAC for the following encrypted message. More...

struct GNUNET_CRYPTO_HpkeEncapsulation	ephemeral
	New ephemeral key. More...

struct GNUNET_CRYPTO_EddsaSignature	sender_sig
	Sender's signature of type GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_TCP_REKEY. More...

struct GNUNET_TIME_AbsoluteNBO	monotonic_time
	Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sender). More...

Detailed Description

TCP rekey message box.

Always sent encrypted! Data after this message will use the new key.

Definition at line 284 of file gnunet-communicator-tcp.c.

Field Documentation

◆ header

struct GNUNET_MessageHeader TCPRekey::header

Type is GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_REKEY.

Definition at line 289 of file gnunet-communicator-tcp.c.

Referenced by inject_rekey().

◆ hmac

struct GNUNET_ShortHashCode TCPRekey::hmac

HMAC for the following encrypted message.

Yes, we MUST use mac-then-encrypt here, as we want to hide the message sizes on the wire (zero plaintext design!). Using CTR mode padding oracle attacks do not apply. Besides, due to the use of ephemeral keys (hopefully with effective replay protection from monotonic time!) the attacker is limited in using the oracle.

Definition at line 299 of file gnunet-communicator-tcp.c.

Referenced by inject_rekey(), and try_handle_plaintext().