Body by which a peer confirms that it is using an ephemeral key. More...

Collaboration diagram for EphemeralConfirmationPS:

Data Fields
struct GNUNET_CRYPTO_EccSignaturePurpose	purpose
	Purpose is GNUNET_SIGNATURE_PURPOSE_TRANSPORT_EPHEMERAL. More...

struct GNUNET_TIME_AbsoluteNBO	sender_monotonic_time
	How long is this signature over the ephemeral key valid? More...

struct GNUNET_PeerIdentity	target
	Target's peer identity. More...

struct GNUNET_CRYPTO_HpkeEncapsulation	ephemeral_key
	Ephemeral key setup by the sender for target, used to encrypt the payload. More...

Detailed Description

Body by which a peer confirms that it is using an ephemeral key.

Definition at line 381 of file gnunet-service-transport.c.

Field Documentation

◆ purpose

struct GNUNET_CRYPTO_EccSignaturePurpose EphemeralConfirmationPS::purpose

Purpose is GNUNET_SIGNATURE_PURPOSE_TRANSPORT_EPHEMERAL.

Definition at line 386 of file gnunet-service-transport.c.

Referenced by handle_dv_box(), and sign_ephemeral().

◆ sender_monotonic_time

struct GNUNET_TIME_AbsoluteNBO EphemeralConfirmationPS::sender_monotonic_time

How long is this signature over the ephemeral key valid?

Note that the receiver MUST IGNORE the absolute time, and only interpret the value as a mononic time and reject "older" values than the last one observed. This is necessary as we do not want to require synchronized clocks and may not have a bidirectional communication channel.

Even with this, there is no real guarantee against replay achieved here, unless the latest timestamp is persisted. While persistence should be provided via PEERSTORE, we do not consider the mechanism reliable! Thus, communicators must protect against replay attacks when using backchannel communication!

Definition at line 402 of file gnunet-service-transport.c.

Referenced by handle_dv_box(), and sign_ephemeral().