45 #define LOG(level, ...) GNUNET_log_from (level, "cadet-tun", __VA_ARGS__) 52 #define MAX_UNVERIFIED_ATTEMPTS 16 57 #define IDLE_DESTROY_DELAY GNUNET_TIME_relative_multiply ( \ 58 GNUNET_TIME_UNIT_SECONDS, 90) 64 #define INITIAL_KX_RETRY_DELAY GNUNET_TIME_relative_multiply ( \ 65 GNUNET_TIME_UNIT_MILLISECONDS, 250) 70 #define MAX_SKIPPED_KEYS 64 76 #define MAX_KEY_GAP 256 522 return "Tunnel(NULL)";
546 return "CADET_TUNNEL_KEY_UNINITIALIZED";
548 return "CADET_TUNNEL_KEY_AX_RECV";
550 return "CADET_TUNNEL_KEY_AX_SENT";
552 return "CADET_TUNNEL_KEY_AX_SENT_AND_RECV";
554 return "CADET_TUNNEL_KEY_AX_AUTH_SENT";
556 return "CADET_TUNNEL_KEY_OK";
560 "%u (UNKNOWN STATE)",
679 "Creating new ephemeral ratchet key (DHRs)\n");
701 static const char ctx[] =
"cadet authentication key";
737 static const char ctx[] =
"axolotl HMAC-HASH";
765 static const char ctx[] =
"axolotl derive key";
799 ((ratchet_messages <= ax->ratchet_counter) ||
811 static const char ctx[] =
"axolotl ratchet";
1005 "Trying skipped keys\n");
1006 hmac = &plaintext_header.
hmac;
1021 valid_HK = &key->
HK;
1047 while ((NULL != key) &&
1050 if ((NULL == key) ||
1123 "Storing skipped keys [%u, %u)\n",
1132 "Got message %u, expected %u+\n",
1188 static const char ctx[] =
"axolotl ratchet";
1230 &hmac,
sizeof(hmac),
1249 if ((Np != ax->
Nr) &&
1306 "%s estate changed from %s to %s\n",
1357 "Wanted to send %s in state %s, but no connection is ready, deferring\n",
1367 msg->
flags = htonl (flags);
1372 msg->ephemeral_key_XXX = ax->
kx_0;
1376 "Sending KX message to %s with ephemeral %s on CID %s\n",
1427 "Wanted to send KX_AUTH on %s, but no connection is ready, deferring\n",
1440 msg->
kx.
flags = htonl (flags);
1447 msg->
kx.ephemeral_key_XXX = ax->
kx_0;
1452 "Sending KX_AUTH message to %s with ephemeral %s on CID %s\n",
1478 "# KX_AUTH transmitted",
1522 const char salt[] =
"CADET Axolotl salt";
1534 "# Ratchet key already known",
1538 "Ratchet key already known. Ignoring KX.\n");
1542 ax->
DHRr = *ratchet_key;
1578 &key_material,
sizeof(key_material),
1581 if (0 == memcmp (&ax->
RK,
1586 "Root key already known. Ignoring KX.\n");
1588 "# Root key already known",
1631 "Trying to make KX progress on %s in state %s\n",
1737 "Received KX message from %s with ephemeral %s from %s on connection %s\n",
1754 "# Duplicate KX received",
1778 "# Duplicate unverified KX received",
1790 "Dropping old unverified KX state.\n");
1792 "# Unverified KX dropped for fresh KX",
1803 "Creating fresh unverified KX for %s\n",
1938 "# KX_AUTH received",
1951 "Handling KX_AUTH message from %s with ephemeral %s\n",
1967 "# redundant KX_AUTH received",
1983 "# KX_AUTH not using our last KX received (auth failure)",
1987 "KX AUTH mismatch!\n");
1995 &msg->r_ephemeral_key_XXX))
1998 "My ephemeral is %s!\n",
2001 "Response is for ephemeral %s!\n",
2006 test_crypto_bug (&ax_tmp.
kx_0,
2007 &msg->
kx.ephemeral_key_XXX,
2009 &msg->
kx.private_key_XXX);
2073 #define HIGH_BIT 0x8000000 2087 ctn = ntohl (
t->next_ctn.cn);
2094 t->next_ctn.cn = htonl ((ctn + 1) & (~
HIGH_BIT));
2095 ret.
cn = htonl (ctn | highbit);
2116 if (NULL != t->destroy_task)
2119 t->destroy_task = NULL;
2127 "Adding %s to %s\n",
2145 if (NULL == t->kx_task)
2222 "Destroying idle %s\n",
2230 while (NULL != (tq = t->
tq_head))
2232 if (NULL != tq->
cont)
2281 "Removing %s from %s\n",
2363 "Not sending payload of %s on ready %s (nothing pending)\n",
2373 if (NULL != tq->
cid)
2377 "Sending payload of %s on %s\n",
2382 if (NULL != tq->
cont)
2407 "%s no longer ready for %s\n",
2426 "%s now ready for %s in state %s\n",
2581 unsigned int ct_length;
2588 double success_rate;
2593 "Evaluating path %s of existing %s\n",
2599 "Ignoring duplicate path %s.\n",
2604 if (NULL != es->
path)
2608 for (
unsigned int i = 0; i < ct_length; i++)
2623 "Ignoring overlapping path %s.\n",
2631 "Known path %s differs from proposed path\n",
2645 + 100.0 / (1.0 + ct_length)
2648 score *= success_rate;
2650 if ((NULL == es->
worst) ||
2698 "Evaluating proposed path %s for target %s\n",
2722 "Ignoring paths of length %u, they are way too long.\n",
2733 "Ignoring path (%u/%llu) to %s, got something better already.\n",
2761 "Found interesting path %s for %s, created %s\n",
2791 "Performing connection maintenance for %s.\n",
2804 if ((NULL != es.
worst) &&
2846 "Considering %s for %s (offset %u)\n",
2869 "Received KEEPALIVE on %s\n",
2872 "# keepalives received",
2914 "Received %u bytes of application data for unknown channel %u, sending DESTROY\n",
2915 (
unsigned int) (ntohs (msg->
header.
size) -
sizeof(*msg)),
2916 ntohl (msg->
ctn.
cn));
2949 "Received DATA_ACK for unknown channel %u, sending DESTROY\n",
2950 ntohl (ack->
ctn.
cn));
2977 ntohl (copen->
ctn.
cn));
2981 "Received duplicate channel CHANNEL_OPEN on h_port %s from %s (%s), resending ACK\n",
2990 "Received CHANNEL_OPEN on h_port %s from %s\n",
2996 ntohl (copen->
opt));
3004 ntohl (copen->
ctn.
cn),
3023 "Sending DESTORY message for channel ID %u\n",
3059 "Received channel OPEN_ACK for unknown channel %u, sending DESTROY\n",
3060 ntohl (cm->
ctn.
cn));
3066 "Received channel OPEN_ACK on channel %s from %s\n",
3097 "Received channel DESTORY for unknown channel %u. Ignoring.\n",
3098 ntohl (cm->
ctn.
cn));
3102 "Received channel DESTROY on %s from %s\n",
3239 "%s refused inbound %s (duplicate)\n",
3274 ssize_t decrypted_size;
3277 "%s received %u bytes of encrypted data in state %d\n",
3279 (
unsigned int) size,
3291 "# received encrypted without any KX",
3308 "# received encrypted without KX_AUTH",
3326 "# received encrypted without KX",
3346 decrypted_size = -1;
3357 if ((-1 == decrypted_size) &&
3367 if (-1 != decrypted_size)
3395 "Failed to decrypt message with unverified KX data %u times\n",
3405 if (-1 == decrypted_size)
3409 "%s failed to decrypt and validate encrypted data, retrying KX\n",
3412 "# unable to decrypt",
3426 "# decrypted bytes",
3459 uint16_t payload_size;
3468 payload_size = ntohs (message->
size);
3470 "Encrypting %u bytes for %s\n",
3471 (
unsigned int) payload_size,
3481 "# encrypted bytes",
3654 #define LOG2(level, ...) GNUNET_log_from_nocheck (level, "cadet-tun", \ 3668 #if ! defined(GNUNET_CULL_LOGGING) 3674 __FILE__, __FUNCTION__, __LINE__);
3679 "TTT TUNNEL TOWARDS %s in estate %s tq_len: %u #cons: %u\n",
3690 "TTT connections:\n");
3699 "TTT TUNNEL END\n");
struct CadetTunnelAxolotl ax
Axolotl info.
int GNUNET_CRYPTO_ecdhe_key_create2(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
Closure for evaluate_connection.
Axolotl-encrypted tunnel message with application payload.
#define GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED
Axolotl encrypted data.
struct CadetChannel * lookup_channel(struct CadetTunnel *t, struct GNUNET_CADET_ChannelTunnelNumber ctn)
Lookup a channel by its ctn.
Struct to old keys for skipped messages while advancing the Axolotl ratchet.
void GCT_remove_channel(struct CadetTunnel *t, struct CadetChannel *ch, struct GNUNET_CADET_ChannelTunnelNumber ctn)
Remove a channel from a tunnel.
void GCCH_handle_remote_destroy(struct CadetChannel *ch, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cti)
Destroy channel, based on the other peer closing the connection.
static struct GNUNET_CADET_Channel * ch
Channel handle.
struct GNUNET_CONTAINER_MultiHashMap32 * channels
Channels inside this tunnel.
static void handle_plaintext_data_ack(void *cls, const struct GNUNET_CADET_ChannelDataAckMessage *ack)
We received an acknowledgement for data we sent on a channel.
void GCT_connection_lost(struct CadetTConnection *ct)
We lost a connection, remove it from our list and clean up the connection object itself.
struct GNUNET_HashCode h_port
Hash of destination port and listener.
uint32_t cn
Which number does this channel have that uniquely identfies it within its tunnel, in network byte ord...
const char * GNUNET_sh2s(const struct GNUNET_ShortHashCode *shc)
Convert a short hash value to a string (for printing debug messages).
const struct CadetConnectionMetrics * GCC_get_metrics(struct CadetConnection *cc)
Obtain performance metrics from cc.
struct CadetPeerPath * path
Path we are comparing against for evaluate_connection, can be NULL.
struct CadetTConnection * connection_ready_tail
DLL of ready connections that are actively used to reach the destination peer.
struct CadetPeer * GCT_get_destination(struct CadetTunnel *t)
Return the peer to which this tunnel goes.
struct GNUNET_MessageHeader * msg
static const char * estate2s(enum CadetTunnelEState es)
Get string description for tunnel encryption state.
static void handle_plaintext_data(void *cls, const struct GNUNET_CADET_ChannelAppDataMessage *msg)
We received payload data for a channel.
GNUnet CADET service with encryption.
struct GNUNET_CADET_ChannelTunnelNumber ctn
ID of the channel.
Low-level connection to a destination.
static void t_hmac(const void *plaintext, size_t size, uint32_t iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_ShortHashCode *hmac)
Calculate HMAC.
int duplicate
Set to GNUNET_YES if we have a connection over path already.
uint64_t rel_value_us
The actual value.
void(* GCT_SendContinuation)(void *cls, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid)
Function called when a transmission requested using GCT_send is done.
enum CadetTunnelEState GCT_get_estate(struct CadetTunnel *t)
Get the encryption state of a tunnel.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
unsigned int max_length
Maximum length of any of our connections, 0 if we have none.
struct CadetChannel * GCCH_channel_incoming_new(struct CadetTunnel *t, struct GNUNET_CADET_ChannelTunnelNumber ctn, const struct GNUNET_HashCode *h_port, uint32_t options)
Create a new channel based on a request coming in over the network.
struct CadetTunnelSkippedKey * skipped_tail
Skipped messages' keys DLL, tail.
int is_ready
Is the connection currently ready for transmission?
struct GNUNET_TIME_Absolute timestamp
When was this key stored (for timeout).
void GNUNET_CRYPTO_ecdhe_key_clear(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Clear memory that was used to store a private key.
A connection is a live end-to-end messaging mechanism where the peers are identified by a path and kn...
struct GNUNET_CRYPTO_SymmetricSessionKey HKr
32-byte header key (currently used for receiving)
void GCCH_tunnel_up(struct CadetChannel *ch)
Function called once and only once after a channel was bound to its tunnel via GCT_add_channel() is r...
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
unsigned long long num_successes
Number of packets that were sent via this connection did actually receive an ACK? (Note: ACKs may be ...
int GNUNET_snprintf(char *buf, size_t size, const char *format,...)
Like snprintf, just aborts if the buffer is of insufficient size.
#define DESIRED_CONNECTIONS_PER_TUNNEL
How many connections would we like to have per tunnel?
unsigned int num_ready_connections
Number of connections in the connection_ready_head DLL.
void GCT_handle_encrypted(struct CadetTConnection *ct, const struct GNUNET_CADET_TunnelEncryptedMessage *msg)
Handle encrypted message.
GNUNET_MQ_Error
Error codes for the queue.
const char * GCC_2s(const struct CadetConnection *cc)
Get a (static) string for a connection.
static int alice_or_betty(const struct GNUNET_PeerIdentity *other)
Am I Alice or Betty (some call her Bob), or talking to myself?
#define GNUNET_TIME_UNIT_MINUTES
One minute.
struct GNUNET_TIME_Absolute last_use
When was this connection last used? (by us sending or receiving a PAYLOAD message on it) ...
struct GNUNET_CADET_TunnelKeyExchangeMessage kx
Message header with key material.
struct GNUNET_PeerIdentity my_full_id
Local peer own ID.
int GNUNET_CONTAINER_multihashmap32_iterate(struct GNUNET_CONTAINER_MultiHashMap32 *map, GNUNET_CONTAINER_MulitHashMapIterator32Callback it, void *it_cls)
Iterate over all entries in the map.
uint32_t flags
Flags for the key exchange in NBO, based on enum GNUNET_CADET_KX_Flags.
struct CadetTunnel * GCT_create_tunnel(struct CadetPeer *destination)
Create a tunnel to destionation.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
struct GNUNET_MQ_Handle * mq
Dispatcher for decrypted messages only (do NOT use for sending!).
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct CadetTunnelQueueEntry * GCT_send(struct CadetTunnel *t, const struct GNUNET_MessageHeader *message, GCT_SendContinuation cont, void *cont_cls)
Sends an already built message on a tunnel, encrypting it and choosing the best connection if not pro...
void GCT_send_cancel(struct CadetTunnelQueueEntry *tq)
Cancel a previously sent message while it's in the queue.
const struct GNUNET_CADET_ConnectionTunnelIdentifier * GCC_get_id(struct CadetConnection *cc)
Obtain unique ID for the connection.
struct CadetTunnelQueueEntry * prev
We are entries in a DLL.
struct GNUNET_MessageHeader header
Type: GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY.
struct GNUNET_TIME_Absolute ratchet_expiration
Time when the current ratchet expires and a new one is triggered (if ratchet_allowed is GNUNET_YES)...
uint32_t PNs
Previous message numbers (# of msgs sent under prev ratchet)
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_ACK
Confirm the creation of a channel.
static void mark_connection_unready(struct CadetTConnection *ct)
Connection ct is now unready, clear it's ready flag and move it from the ready DLL to the busy DLL...
void GCCH_handle_duplicate_open(struct CadetChannel *ch, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cti)
We got a GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN message again for this channel.
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY
Ask the cadet service to destroy a channel.
KX received and we sent KX_AUTH back, but we got no traffic yet, so we're waiting for either KX_AUTH ...
unsigned int GCT_count_any_connections(const struct CadetTunnel *t)
Count all created connections of a tunnel.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
#define GNUNET_MQ_hd_fixed_size(name, code, str, ctx)
int GNUNET_CRYPTO_ecc_ecdh(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a public and a private ECC key.
struct CadetTConnection * connection_ready_head
DLL of ready connections that are actively used to reach the destination peer.
static int ret
Return value of the commandline.
#define GNUNET_MQ_msg(mvar, type)
Allocate a GNUNET_MQ_Envelope.
int kx_auth_requested
Force triggering KX_AUTH independent of estate.
static void send_kx(struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax)
Send a KX message.
void * iter_cls
Closure for iter.
void GCT_iterate_channels(struct CadetTunnel *t, GCT_ChannelIterator iter, void *iter_cls)
Iterate over all channels of a tunnel.
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
#define GNUNET_OK
Named constants for return values.
Should the peer reply with its KX details?
Information we track per tunnel.
struct GNUNET_CRYPTO_SymmetricSessionKey NHKr
32-byte next header key (for receiving).
GNUNET_ErrorType
Types of errors.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
uint32_t opt
Channel options.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
KX message sent, waiting for other peer's KX_AUTH.
static struct CadetTConnection * get_ready_connection(struct CadetTunnel *t)
Find first connection that is ready in the list of our connections.
static void store_skipped_key(struct CadetTunnelAxolotl *ax, const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr)
Delete a key from the list of skipped keys.
struct GNUNET_CADET_AxHeader ax_header
Axolotl-header that specifies which keys to use in which ratchet to decrypt the body that follows...
struct CadetConnection * GCC_create(struct CadetPeer *destination, struct CadetPeerPath *path, unsigned int off, struct CadetTConnection *ct, GCC_ReadyCallback ready_cb, void *ready_cb_cls)
Create a connection to destination via path and notify cb whenever we are ready for more data...
unsigned int GCP_iterate_paths(struct CadetPeer *cp, GCP_PathIterator callback, void *callback_cls)
Iterate over the paths to a peer.
static struct GNUNET_SCHEDULER_Task * t
Main task.
struct CadetConnection * GCC_create_inbound(struct CadetPeer *destination, struct CadetPeerPath *path, struct CadetTConnection *ct, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid, GCC_ReadyCallback ready_cb, void *ready_cb_cls)
Create a connection to destination via path and notify cb whenever we are ready for more data...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
static void handle_plaintext_channel_destroy(void *cls, const struct GNUNET_CADET_ChannelDestroyMessage *cm)
We received a message saying that a channel should be destroyed.
struct GNUNET_SCHEDULER_Task * destroy_task
Task scheduled if there are no more channels using the tunnel.
void GNUNET_CRYPTO_hmac(const struct GNUNET_CRYPTO_AuthKey *key, const void *plaintext, size_t plaintext_len, struct GNUNET_HashCode *hmac)
Calculate HMAC of a message (RFC 2104)
int GNUNET_CONTAINER_multihashmap32_put(struct GNUNET_CONTAINER_MultiHashMap32 *map, uint32_t key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
void GCC_debug(struct CadetConnection *cc, enum GNUNET_ErrorType level)
Log connection info.
static int update_ax_by_kx(struct CadetTunnelAxolotl *ax, const struct GNUNET_PeerIdentity *pid, const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key, const struct GNUNET_CRYPTO_EcdhePublicKey *ratchet_key)
Update our Axolotl key state based on the KX data we received.
struct CadetTConnection * connection_busy_head
DLL of connections that we maintain that might be used to reach the destination peer.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA
Payload data (inside an encrypted tunnel).
struct GNUNET_SCHEDULER_Task * kx_task
Task to trigger KX.
static void destroy_tunnel(void *cls)
This tunnel is no longer used, destroy it.
static struct GNUNET_DNSSTUB_Context * ctx
Context for DNS resolution.
struct CadetTunnelQueueEntry * tq_tail
Queued messages, to transmit once tunnel gets connected.
static int store_ax_keys(struct CadetTunnelAxolotl *ax, const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr, uint32_t Np)
Stage skipped AX keys and calculate the message key.
GCT_ChannelIterator iter
Function to call.
const char * GCP_2s(const struct CadetPeer *cp)
Get the static string for a peer ID.
void GCT_send_channel_destroy(struct CadetTunnel *t, struct GNUNET_CADET_ChannelTunnelNumber ctn)
Send a DESTROY message via the tunnel.
static void t_ax_hmac_hash(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_HashCode *hash, const void *source, unsigned int len)
Perform a HMAC.
struct GNUNET_CRYPTO_SymmetricSessionKey HK
Header key.
struct CadetTunnel * t
Tunnel this connection belongs to.
struct CadetTunnelSkippedKey * prev
DLL prev.
static void trigger_transmissions(void *cls)
Called when either we have a new connection, or a new message in the queue, or some existing connecti...
static void handle_plaintext_channel_open_ack(void *cls, const struct GNUNET_CADET_ChannelOpenAckMessage *cm)
We have received confirmation from the target peer that the given channel could be established (the p...
const char * GCPP_2s(struct CadetPeerPath *path)
Convert a path to a human-readable string.
GNUNET_CADET_KX_Flags
Flags to be used in GNUNET_CADET_KX.
static int destroy_remaining_channels(void *cls, uint32_t key, void *value)
Destroy remaining channels during shutdown.
struct GNUNET_CRYPTO_SymmetricSessionKey CKr
32-byte chain keys (used for forward-secrecy) for receiving messages.
Performance metrics for a connection.
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN
Ask the cadet service to create a new channel.
#define GNUNET_MQ_msg_extra(mvar, esize, type)
Allocate an envelope, with extra space allocated after the space needed by the message struct...
struct GNUNET_TIME_Relative ratchet_time
How long until we trigger a ratched advance due to time.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
static ssize_t t_ax_decrypt_and_validate(struct CadetTunnelAxolotl *ax, void *dst, const struct GNUNET_CADET_TunnelEncryptedMessage *src, size_t size)
Decrypt and verify data with the appropriate tunnel key and verify that the data has not been altered...
void(* GCT_ConnectionIterator)(void *cls, struct CadetTConnection *ct)
Iterator over connections.
double worst_score
Numeric score of worst, only set if worst is non-NULL.
enum State state
current state of profiling
Information we track per peer.
struct GNUNET_MQ_Handle * GNUNET_MQ_queue_for_callbacks(GNUNET_MQ_SendImpl send, GNUNET_MQ_DestroyImpl destroy, GNUNET_MQ_CancelImpl cancel, void *impl_state, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *cls)
Create a message queue for the specified handlers.
static struct GNUNET_OS_Process * p
Helper process we started.
struct CadetTunnelAxolotl * unverified_ax
Unverified Axolotl info, used only if we got a fresh KX (not a KX_AUTH) while our end of the tunnel w...
int GNUNET_CONTAINER_multihashmap32_remove(struct GNUNET_CONTAINER_MultiHashMap32 *map, uint32_t key, const void *value)
Remove the given key-value pair from the map.
int GNUNET_CRYPTO_eddsa_ecdh(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a ECDH public key and a private EdDSA key.
static char * value
Value of the record to add/remove.
CadetTunnelEState
All the encryption states a tunnel can be in.
GNUNET_CONTAINER_HeapCostType min_desire
Minimum desirability of any of our connections, UINT64_MAX if we have none.
void GNUNET_MST_destroy(struct GNUNET_MessageStreamTokenizer *mst)
Destroys a tokenizer.
struct CadetTConnection * current_ct
Identification of the connection from which we are currently processing a message.
void * GNUNET_CONTAINER_multihashmap32_get(const struct GNUNET_CONTAINER_MultiHashMap32 *map, uint32_t key)
Given a key find a value in the map matching the key.
#define GNUNET_MQ_hd_var_size(name, code, str, ctx)
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
struct GNUNET_MessageHeader header
Type: GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
ssize_t GNUNET_CRYPTO_symmetric_encrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Encrypt a block using a symmetric sessionkey.
struct GNUNET_STATISTICS_Handle * stats
Handle to the statistics service.
Struct containing all information regarding a channel to a remote client.
int GCT_add_inbound_connection(struct CadetTunnel *t, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid, struct CadetPeerPath *path)
Add a connection to the tunnel.
Message for a Key eXchange for a tunnel, with authentication.
struct GNUNET_CRYPTO_EcdhePublicKey last_ephemeral
Last ephemeral public key received from the other peer, for duplicate detection.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
static void t_hmac_derive_key(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_CRYPTO_SymmetricSessionKey *out, const void *source, unsigned int len)
Derive a symmetric encryption key from an HMAC-HASH.
static void delete_skipped_key(struct CadetTunnelAxolotl *ax, struct CadetTunnelSkippedKey *key)
Delete a key from the list of skipped keys.
Handle to a message stream tokenizer.
#define INITIAL_KX_RETRY_DELAY
How long do we wait initially before retransmitting the KX? TODO: replace by 2 RTT if/once we have co...
void GNUNET_CRYPTO_symmetric_derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
Derive an IV.
unsigned int GNUNET_CONTAINER_multihashmap32_size(const struct GNUNET_CONTAINER_MultiHashMap32 *map)
Get the number of key-value pairs in the map.
struct GNUNET_CADET_ConnectionTunnelIdentifier cid
ID of the connection.
unsigned int unverified_attempts
How often have we tried and failed to decrypt a message using the unverified KX material from unverif...
struct GNUNET_MessageStreamTokenizer * GNUNET_MST_create(GNUNET_MessageTokenizerCallback cb, void *cb_cls)
Create a message stream tokenizer.
struct GNUNET_MessageStreamTokenizer * mst
Tokenizer for decrypted messages.
struct GNUNET_CADET_ConnectionTunnelIdentifier cid
ID of the connection.
Message for cadet data traffic.
void GCC_destroy_without_tunnel(struct CadetConnection *cc)
Destroy a connection, called if the tunnel association with the connection was already broken...
int GNUNET_MST_from_buffer(struct GNUNET_MessageStreamTokenizer *mst, const char *buf, size_t size, int purge, int one_shot)
Add incoming data to the receive buffer and call the callback for all complete messages.
void GNUNET_MQ_inject_message(struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *mh)
Call the message message handler that was registered for the type of the given message in the given m...
void GCCH_handle_channel_plaintext_data_ack(struct CadetChannel *ch, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cti, const struct GNUNET_CADET_ChannelDataAckMessage *ack)
We got an acknowledgement for payload data for a channel.
struct GNUNET_CADET_ChannelTunnelNumber GCT_add_channel(struct CadetTunnel *t, struct CadetChannel *ch)
Add a channel to a tunnel, and notify channel that we are ready for transmission if we are already up...
Internal representation of the hash map.
void GCT_debug(const struct CadetTunnel *t, enum GNUNET_ErrorType level)
Log all possible info about the tunnel state.
static ssize_t try_old_ax_keys(struct CadetTunnelAxolotl *ax, void *dst, const struct GNUNET_CADET_TunnelEncryptedMessage *src, size_t size)
Decrypt and verify data with the appropriate tunnel key and verify that the data has not been altered...
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_KEEPALIVE
Announce connection is still alive (direction sensitive).
Closure for iterate_channels_cb.
uint32_t reserved
For alignment.
int GNUNET_CRYPTO_ecdh_eddsa(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EddsaPublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a EdDSA public key and a private ECDH key.
Message handler for a specific message type.
struct GNUNET_CRYPTO_EcdhePublicKey ratchet_key
Sender's next ephemeral public ECC key encoded in a format suitable for network transmission, as created using 'gcry_sexp_sprint'.
static int consider_path_cb(void *cls, struct CadetPeerPath *path, unsigned int off)
Consider using the path p for the tunnel t.
void GCT_handle_kx(struct CadetTConnection *ct, const struct GNUNET_CADET_TunnelKeyExchangeMessage *msg)
Handle KX message that lacks authentication (and which will thus only be considered authenticated aft...
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
struct GNUNET_CONTAINER_MultiHashMap32 * GNUNET_CONTAINER_multihashmap32_create(unsigned int len)
Create a 32-bit key multi hash map.
struct CadetConnection * cc
Connection handle.
struct GNUNET_MessageHeader header
Type: GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA.
void GNUNET_CONTAINER_multihashmap32_destroy(struct GNUNET_CONTAINER_MultiHashMap32 *map)
Destroy a 32-bit key hash map.
void GNUNET_MQ_discard(struct GNUNET_MQ_Envelope *mqm)
Discard the message queue message, free all allocated resources.
static GstElement * source
Appsrc instance into which we write data for the pipeline.
struct GNUNET_CADET_ChannelTunnelNumber ctn
Number identifying this channel in its tunnel.
Private ECC key encoded for transmission.
Struct containing all information regarding a tunnel to a peer.
Message to acknowledge end-to-end data.
void GCCH_handle_channel_open_ack(struct CadetChannel *ch, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cti, const struct GNUNET_HashCode *port)
We got an acknowledgement for the creation of the channel (the port is open on the other side)...
There must only be one value per key; storing a value should fail if a value under the same key alrea...
int ratchet_allowed
True (GNUNET_YES) if we have received a message from the other peer that uses the keys from our last ...
static int iterate_channels_cb(void *cls, uint32_t key, void *value)
Helper function for GCT_iterate_channels.
struct GNUNET_HashCode key
The key used in the DHT.
int GNUNET_get_log_call_status(int caller_level, const char *comp, const char *file, const char *function, int line)
Decides whether a particular logging call should or should not be allowed to be made.
static unsigned int size
Size of the "table".
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
static void decrypted_error_cb(void *cls, enum GNUNET_MQ_Error error)
Function called if we had an error processing an incoming decrypted message.
struct GNUNET_CADET_ChannelTunnelNumber ctn
ID of the channel within the tunnel.
uint64_t GNUNET_CONTAINER_HeapCostType
Cost by which elements in a heap can be ordered.
struct GNUNET_TIME_Absolute next_kx_attempt
When do we try the next KX?
uint32_t Nr
Message number (reset to 0 with each new ratchet, next message to recv).
Message to acknowledge opening a channel of type GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_ACK.
struct GNUNET_CADET_ChannelTunnelNumber ctn
ID of the channel.
Struct used to save messages in a non-ready tunnel to send once connected.
GNUNET_CONTAINER_HeapCostType GCPP_get_desirability(const struct CadetPeerPath *path)
Return how much we like keeping the path.
struct GNUNET_MQ_Envelope * env
void GCCH_debug(struct CadetChannel *ch, enum GNUNET_ErrorType level)
Log channel info.
#define GNUNET_CONTAINER_DLL_insert_tail(head, tail, element)
Insert an element at the tail of a DLL.
void GCT_destroy_tunnel_now(struct CadetTunnel *t)
Destroys the tunnel t now, without delay.
struct CadetTunnelQueueEntry * tq_head
Queued messages, to transmit once tunnel gets connected.
#define GNUNET_TIME_STD_BACKOFF(r)
Perform our standard exponential back-off calculation, starting at 1 ms and then going by a factor of...
Handshake completed: session key available.
struct CadetPeerPath * GCC_get_path(struct CadetConnection *cc, unsigned int *off)
Obtain the path used by this connection.
Message to create a Channel.
static void evaluate_connection(void *cls, struct CadetTConnection *ct)
Evaluate a connection, updating our summary information in cls about what kinds of connections we hav...
struct CadetTunnel * t
Tunnel these messages belong in.
void GCT_consider_path(struct CadetTunnel *t, struct CadetPeerPath *p, unsigned int off)
Consider using the path p for the tunnel t.
void * cont_cls
Closure for cont.
struct GNUNET_ShortHashCode hmac
MAC of the encrypted message, used to verify message integrity.
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
P2P messages used by CADET.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
struct CadetTunnelQueueEntry * next
We are entries in a DLL.
const char * GCCH_2s(const struct CadetChannel *ch)
Get the static string for identification of the channel.
int shutting_down
Signal that shutdown is happening: prevent recovery measures.
Message to destroy a channel of type GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY.
static int notify_tunnel_up_cb(void *cls, uint32_t key, void *value)
Our tunnel became ready for the first time, notify channels that have been waiting.
static void handle_plaintext_keepalive(void *cls, const struct GNUNET_MessageHeader *msg)
We got a keepalive.
struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Own private key.
struct GNUNET_MQ_Envelope * env
Envelope of message to send follows.
void GCT_handle_kx_auth(struct CadetTConnection *ct, const struct GNUNET_CADET_TunnelKeyExchangeAuthMessage *msg)
Handle KX_AUTH message.
void GCT_change_estate(struct CadetTunnel *t, enum CadetTunnelEState state)
Change the tunnel encryption state.
Handle to a message queue.
struct GNUNET_CRYPTO_SymmetricSessionKey RK
32-byte root key which gets updated by DH ratchet.
void GCC_transmit(struct CadetConnection *cc, struct GNUNET_MQ_Envelope *env)
Transmit message msg via connection cc.
Private ECC key encoded for transmission.
unsigned int Kn
Key number for a given HK.
static void maintain_connections_cb(void *cls)
Function called to maintain the connections underlying our tunnel.
struct GNUNET_CRYPTO_EcdhePublicKey DHRr
ECDH Ratchet key (other peer's public key in the current DH).
Entry in list of connections used by tunnel, with metadata.
The identity of the host (wraps the signing key of the peer).
void GCP_drop_tunnel(struct CadetPeer *cp, struct CadetTunnel *t)
The tunnel to the given peer no longer exists, remove it from our data structures, and possibly clean up the peer itself.
GNUNET_CONTAINER_HeapCostType max_desire
Maximum desirability of any of our connections, 0 if we have none.
unsigned int min_length
Minimum length of any of our connections, UINT_MAX if we have none.
struct GNUNET_HashCode port
Port number of the channel, used to prove to the initiator that the receiver knows the port...
KX message sent and received, trying to send back KX_AUTH.
static int check_plaintext_data(void *cls, const struct GNUNET_CADET_ChannelAppDataMessage *msg)
Check that msg is well-formed.
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to 'struct's...
struct CadetPeer * destination
Destination of the tunnel.
#define MAX_SKIPPED_KEYS
Maximum number of skipped keys we keep in memory per tunnel.
The peer should reply with its KX details?
struct GNUNET_CRYPTO_EcdhePrivateKey DHRs
ECDH Ratchet key (our private key in the current DH).
#define MAX_UNVERIFIED_ATTEMPTS
How often do we try to decrypt payload with unverified key material? Used to limit CPU increase upon ...
Hash uniquely identifying a connection below a tunnel.
Axolotl data, according to https://github.com/trevp/axolotl/wiki .
struct GNUNET_HashCode auth
KDF-proof that sender could compute the 3-DH, used in lieu of a signature or payload data...
static void connection_ready_cb(void *cls, int is_ready)
A connection is is_ready for transmission.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_duration(struct GNUNET_TIME_Absolute whence)
Get the duration of an operation as the difference of the current time and the given start time "henc...
struct CadetTunnelSkippedKey * skipped_head
A (double linked) list of stored message keys and associated header keys for "skipped" messages...
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA_ACK
Confirm payload data end-to-end.
Message for a Key eXchange for a tunnel.
static void send_kx_auth(struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax, int force_reply)
Send a KX_AUTH message.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
unsigned int GCT_count_channels(struct CadetTunnel *t)
Count channels of a tunnel.
Number identifying a CADET channel within a tunnel.
Entry in list of pending tasks.
static void handle_plaintext_channel_open(void *cls, const struct GNUNET_CADET_ChannelOpenMessage *copen)
We have received a request to open a channel to a port from another peer.
struct GNUNET_TIME_Absolute created
Creation time, to keep oldest connection alive.
static void retry_kx(void *cls)
Try to redo the KX or KX_AUTH handshake, if we can.
unsigned long long num_acked_transmissions
How many packets that ought to generate an ACK did we send via this connection?
struct GNUNET_CRYPTO_SymmetricSessionKey HKs
32-byte header key (currently used for sending).
void GCCH_handle_channel_plaintext_data(struct CadetChannel *ch, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cti, const struct GNUNET_CADET_ChannelAppDataMessage *msg)
We got payload data for a channel.
struct GNUNET_SCHEDULER_Task * maintain_connections_task
Task to trim connections if too many are present.
static int handle_decrypted(void *cls, const struct GNUNET_MessageHeader *msg)
Handles a message we decrypted, by injecting it into our message queue (which will do the dispatching...
static int debug_channel(void *cls, uint32_t key, void *value)
Call GCCH_debug() on a channel.
static void t_h_encrypt(struct CadetTunnelAxolotl *ax, struct GNUNET_CADET_TunnelEncryptedMessage *msg)
Encrypt header with the axolotl header key.
struct CadetPeer * GCPP_get_peer_at_offset(struct CadetPeerPath *path, unsigned int off)
Obtain the peer at offset off in path.
void GCT_iterate_connections(struct CadetTunnel *t, GCT_ConnectionIterator iter, void *iter_cls)
Iterate over all connections of a tunnel.
struct GNUNET_CADET_ChannelTunnelNumber ctn
ID of the channel.
static void destroy_t_connection(void *cls, struct CadetTConnection *ct)
Clean up connection ct of a tunnel.
static void cleanup_ax(struct CadetTunnelAxolotl *ax)
Cleanup state used by ax.
Uninitialized status, we need to send KX.
#define GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX_AUTH
Axolotl key exchange response with authentication.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
KX message received, trying to send back KX_AUTH.
static void t_h_decrypt(struct CadetTunnelAxolotl *ax, const struct GNUNET_CADET_TunnelEncryptedMessage *src, struct GNUNET_CADET_TunnelEncryptedMessage *dst)
Decrypt header with the current axolotl header key.
struct GNUNET_SCHEDULER_Task * send_task
Task to send messages from queue (if possible).
struct GNUNET_TIME_Relative kx_retry_delay
How long do we wait until we retry the KX?
struct CadetTunnelSkippedKey * next
DLL next.
Time for absolute times used by GNUnet, in microseconds.
void GNUNET_MQ_destroy(struct GNUNET_MQ_Handle *mq)
Destroy the message queue.
static void t_ax_encrypt(struct CadetTunnelAxolotl *ax, void *dst, const void *src, size_t size)
Encrypt data with the axolotl tunnel key.
void(* GCT_ChannelIterator)(void *cls, struct CadetChannel *ch)
Iterator over channels.
#define MAX_KEY_GAP
Maximum number of keys (and thus ratchet steps) we are willing to skip before we decide this is eithe...
unsigned int ratchet_counter
Number of messages recieved since our last ratchet advance.
struct CadetTConnection * next
Next in DLL.
unsigned int tq_len
Number of entries in the tq_head DLL.
GCT_SendContinuation cont
Continuation to call once sent (on the channel layer).
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key
Sender's ephemeral public ECC key encoded in a format suitable for network transmission, as created using 'gcry_sexp_sprint'.
const char * GNUNET_e2s(const struct GNUNET_CRYPTO_EcdhePublicKey *p)
Convert a public key value to a string (for printing debug messages).
unsigned int num_busy_connections
Number of connections in the connection_busy_head DLL.
static struct GNUNET_PeerIdentity pid
Identity of the peer we transmit to / connect to.
struct GNUNET_CRYPTO_SymmetricSessionKey CKs
32-byte chain keys (used for forward-secrecy) for sending messages.
struct GNUNET_TIME_Absolute age
When was this connection first established? (by us sending or receiving the CREATE_ACK for the first ...
static void new_ephemeral(struct CadetTunnelAxolotl *ax)
Create a new Axolotl ephemeral (ratchet) key.
ssize_t GNUNET_CRYPTO_symmetric_decrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Decrypt a given block using a symmetric sessionkey.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_at(struct GNUNET_TIME_Absolute at, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run at the specified time.
struct GNUNET_CADET_ChannelTunnelNumber ctn
ID of the channel.
unsigned int skipped
Number of elements in skipped_head <-> skipped_tail.
void GNUNET_CRYPTO_hmac_derive_key(struct GNUNET_CRYPTO_AuthKey *key, const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, const void *salt, size_t salt_len,...)
Derive an authentication key.
Information regarding a possible path to reach a peer.
static void t_ax_decrypt(struct CadetTunnelAxolotl *ax, void *dst, const void *src, size_t size)
Decrypt data with the axolotl tunnel key.
struct CadetTConnection * connection_busy_tail
DLL of connections that we maintain that might be used to reach the destination peer.
struct GNUNET_ShortHashCode connection_of_tunnel
unsigned int GCPP_get_length(struct CadetPeerPath *path)
Return the length of the path.
int ratchet_flag
True (GNUNET_YES) if we have to send a new ratchet key in next msg.
int GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
enum CadetTunnelEState estate
State of the tunnel encryption.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
static void try_send_normal_payload(struct CadetTunnel *t, struct CadetTConnection *ct)
Send normal payload from queue in t via connection ct.
type for (message) authentication keys
struct GNUNET_CRYPTO_SymmetricSessionKey NHKs
32-byte next header key (for sending), used once the ratchet advances.
#define GNUNET_malloc(size)
Wrapper around malloc.
#define IDLE_DESTROY_DELAY
How long do we wait until tearing down an idle tunnel?
uint32_t Ns
Message number (reset to 0 with each new ratchet, next message to send).
#define GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX
Axolotl key exchange.
#define GNUNET_free(ptr)
Wrapper around free.
const struct GNUNET_PeerIdentity * GCP_get_id(struct CadetPeer *cp)
Obtain the peer identity for a struct CadetPeer.
Time for relative time used by GNUnet, in microseconds.
struct GNUNET_CRYPTO_EddsaPublicKey public_key
struct GNUNET_CADET_ConnectionTunnelIdentifier * cid
Where to put the connection identifier into the payload of the message in env once we have it...
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
struct GNUNET_CRYPTO_SymmetricSessionKey MK
Message key.
struct GNUNET_CRYPTO_EcdhePrivateKey kx_0
ECDH for key exchange (A0 / B0).
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
static struct GNUNET_CADET_ChannelTunnelNumber get_next_free_ctn(struct CadetTunnel *t)
Compute the next free channel tunnel number for this tunnel.
struct CadetTConnection * worst
Connection deemed the "worst" so far encountered by evaluate_connection, NULL if we did not yet encou...
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...
1.8.13