GNUnet  0.17.6
Functions
gnunet-service-core_kx.h File Reference

code for managing the key exchange (SET_KEY, PING, PONG) with other peers More...

#include "gnunet_util_lib.h"
#include "gnunet_transport_service.h"
Include dependency graph for gnunet-service-core_kx.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

void GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx, const void *payload, size_t payload_size)
 Encrypt and transmit a message with the given payload. More...
 
int GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
 Initialize KX subsystem. More...
 
void GSC_KX_done (void)
 Shutdown KX subsystem. More...
 
int GSC_NEIGHBOURS_check_excess_bandwidth (const struct GSC_KeyExchangeInfo *target)
 Check if the given neighbour has excess bandwidth available. More...
 
unsigned int GSC_NEIGHBOURS_get_queue_length (const struct GSC_KeyExchangeInfo *target)
 Check how many messages are queued for the given neighbour. More...
 
void GSC_KX_handle_client_monitor_peers (struct GNUNET_MQ_Handle *mq)
 Handle GNUNET_MESSAGE_TYPE_CORE_MONITOR_PEERS request. More...
 

Detailed Description

code for managing the key exchange (SET_KEY, PING, PONG) with other peers

Author
Christian Grothoff

Definition in file gnunet-service-core_kx.h.

Function Documentation

◆ GSC_KX_encrypt_and_transmit()

void GSC_KX_encrypt_and_transmit ( struct GSC_KeyExchangeInfo kx,
const void *  payload,
size_t  payload_size 
)

Encrypt and transmit a message with the given payload.

Parameters
kxkey exchange context
payloadpayload of the message
payload_sizenumber of bytes in 'payload'

Definition at line 1396 of file gnunet-service-core_kx.c.

1399 {
1400  size_t used = payload_size + sizeof(struct EncryptedMessage);
1401  char pbuf[used]; /* plaintext */
1402  struct EncryptedMessage *em; /* encrypted message */
1403  struct EncryptedMessage *ph; /* plaintext header */
1404  struct GNUNET_MQ_Envelope *env;
1406  struct GNUNET_CRYPTO_AuthKey auth_key;
1407 
1408  ph = (struct EncryptedMessage *) pbuf;
1409  ph->sequence_number = htonl (++kx->last_sequence_number_sent);
1410  ph->iv_seed = calculate_seed (kx);
1411  ph->reserved = 0;
1413  GNUNET_memcpy (&ph[1], payload, payload_size);
1414  env = GNUNET_MQ_msg_extra (em,
1415  payload_size,
1417  em->iv_seed = ph->iv_seed;
1418  derive_iv (&iv, &kx->encrypt_key, ph->iv_seed, kx->peer);
1420  &iv,
1421  &ph->sequence_number,
1422  &em->sequence_number,
1423  used - ENCRYPTED_HEADER_SIZE));
1424 #if DEBUG_KX
1425  {
1426  struct GNUNET_HashCode hc;
1427 
1428  GNUNET_CRYPTO_hash (&ph->sequence_number,
1429  used - ENCRYPTED_HEADER_SIZE,
1430  &hc);
1432  "Encrypted payload `%s' of %u bytes for %s\n",
1433  GNUNET_h2s (&hc),
1434  (unsigned int) (used - ENCRYPTED_HEADER_SIZE),
1435  GNUNET_i2s (kx->peer));
1436  }
1437 #endif
1438  derive_auth_key (&auth_key, &kx->encrypt_key, ph->iv_seed);
1439  GNUNET_CRYPTO_hmac (&auth_key,
1440  &em->sequence_number,
1441  used - ENCRYPTED_HEADER_SIZE,
1442  &em->hmac);
1443 #if DEBUG_KX
1444  {
1445  struct GNUNET_HashCode hc;
1446 
1447  GNUNET_CRYPTO_hash (&auth_key, sizeof(auth_key), &hc);
1449  "For peer %s, used AC %s to create hmac %s\n",
1450  GNUNET_i2s (kx->peer),
1451  GNUNET_h2s (&hc),
1452  GNUNET_h2s2 (&em->hmac));
1453  }
1454 #endif
1456  GNUNET_MQ_send (kx->mq, env);
1457 }
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
static struct GNUNET_ATS_PerformanceHandle * ph
ATS performance handle used.
Definition: gnunet-ats.c:116
static uint32_t calculate_seed(struct GSC_KeyExchangeInfo *kx)
Calculate seed value we should use for a message.
#define ENCRYPTED_HEADER_SIZE
Number of bytes (at the beginning) of struct EncryptedMessage that are NOT encrypted.
static void derive_auth_key(struct GNUNET_CRYPTO_AuthKey *akey, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed)
Derive an authentication key from "set key" information.
static void derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed, const struct GNUNET_PeerIdentity *identity)
Derive an IV from packet information.
static int do_encrypt(struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
Encrypt size bytes from in and write the result to out.
static unsigned long long payload
How much data are we currently storing in the database?
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:41
void GNUNET_CRYPTO_hmac(const struct GNUNET_CRYPTO_AuthKey *key, const void *plaintext, size_t plaintext_len, struct GNUNET_HashCode *hmac)
Calculate HMAC of a message (RFC 2104)
Definition: crypto_hash.c:328
#define GNUNET_log(kind,...)
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
@ GNUNET_OK
Definition: gnunet_common.h:99
@ GNUNET_NO
Definition: gnunet_common.h:98
const char * GNUNET_h2s2(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
@ GNUNET_ERROR_TYPE_DEBUG
void GNUNET_MQ_send(struct GNUNET_MQ_Handle *mq, struct GNUNET_MQ_Envelope *ev)
Send a message with the given message queue.
Definition: mq.c:302
#define GNUNET_MQ_msg_extra(mvar, esize, type)
Allocate an envelope, with extra space allocated after the space needed by the message struct.
Definition: gnunet_mq_lib.h:56
#define GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE
Encapsulation for an encrypted message between peers.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:110
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:637
Encapsulation for encrypted messages exchanged between peers.
uint32_t iv_seed
Random value used for IV generation.
uint32_t sequence_number
Sequence number, in network byte order.
struct GNUNET_HashCode hmac
MAC of the encrypted message (starting at sequence_number), used to verify message integrity.
type for (message) authentication keys
A 512-bit hashcode.
struct GNUNET_CRYPTO_SymmetricSessionKey encrypt_key
Key we use to encrypt our messages for the other peer (initialized by us when we do the handshake).
const struct GNUNET_PeerIdentity * peer
Identity of the peer.
uint32_t last_sequence_number_sent
last sequence number transmitted
struct GNUNET_MQ_Handle * mq
Message queue for sending messages to peer.
int has_excess_bandwidth
GNUNET_YES if this peer currently has excess bandwidth.

References calculate_seed(), derive_auth_key(), derive_iv(), do_encrypt(), GSC_KeyExchangeInfo::encrypt_key, ENCRYPTED_HEADER_SIZE, env, GNUNET_assert, GNUNET_CRYPTO_hash(), GNUNET_CRYPTO_hmac(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_h2s2(), GNUNET_i2s(), GNUNET_log, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), GNUNET_NO, GNUNET_OK, GNUNET_TIME_absolute_get(), GNUNET_TIME_absolute_hton(), GSC_KeyExchangeInfo::has_excess_bandwidth, EncryptedMessage::hmac, EncryptedMessage::iv_seed, GSC_KeyExchangeInfo::last_sequence_number_sent, GSC_KeyExchangeInfo::mq, payload, GSC_KeyExchangeInfo::peer, ph, and EncryptedMessage::sequence_number.

Referenced by transmit_typemap_task(), and try_transmission().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GSC_KX_init()

int GSC_KX_init ( struct GNUNET_CRYPTO_EddsaPrivateKey pk)

Initialize KX subsystem.

Parameters
pkprivate key to use for the peer
Returns
GNUNET_OK on success, GNUNET_SYSERR on failure

Definition at line 1791 of file gnunet-service-core_kx.c.

1792 {
1793  struct GNUNET_MQ_MessageHandler handlers[] = {
1794  GNUNET_MQ_hd_fixed_size (ephemeral_key,
1796  struct EphemeralKeyMessage,
1797  NULL),
1800  struct PingMessage,
1801  NULL),
1804  struct PongMessage,
1805  NULL),
1806  GNUNET_MQ_hd_var_size (encrypted,
1808  struct EncryptedMessage,
1809  NULL),
1811  };
1812 
1813  my_private_key = *pk;
1817  sign_ephemeral_key ();
1818  {
1819  struct GNUNET_HashCode eh;
1820 
1822  sizeof(current_ekm.ephemeral_key),
1823  &eh);
1825  "Starting with ephemeral key %s\n",
1826  GNUNET_h2s (&eh));
1827  }
1828 
1831  transport =
1833  &GSC_my_identity,
1834  handlers,
1835  NULL,
1839  if (NULL == transport)
1840  {
1841  GSC_KX_done ();
1842  return GNUNET_SYSERR;
1843  }
1844  return GNUNET_OK;
1845 }
static void pong(struct GNUNET_CADET_Channel *channel, const struct CadetPingMessage *ping)
Reply with a pong to origin.
static void ping(void *cls)
Send a ping to destination.
static struct GNUNET_CADET_MessageHandler handlers[]
Handlers, for diverse services.
struct GNUNET_IDENTITY_PrivateKey pk
Private key from command line option, or NULL.
const struct GNUNET_CONFIGURATION_Handle * GSC_cfg
Our configuration.
struct GNUNET_PeerIdentity GSC_my_identity
Our identity.
static struct GNUNET_CRYPTO_EddsaPrivateKey my_private_key
Our private key.
static struct GNUNET_CRYPTO_EcdhePrivateKey my_ephemeral_key
Our ephemeral private key.
#define REKEY_FREQUENCY
How often do we rekey?
static void sign_ephemeral_key()
Setup the message that links the ephemeral key to our persistent public key and generate the appropri...
static void handle_transport_notify_disconnect(void *cls, const struct GNUNET_PeerIdentity *peer, void *handler_cls)
Function called by transport telling us that a peer disconnected.
static struct GNUNET_NotificationContext * nc
Notification context for broadcasting to monitors.
static struct EphemeralKeyMessage current_ekm
Current message we send for a key exchange.
static void do_rekey(void *cls)
Task run to trigger rekeying.
void GSC_KX_done()
Shutdown KX subsystem.
static void * handle_transport_notify_connect(void *cls, const struct GNUNET_PeerIdentity *pid, struct GNUNET_MQ_Handle *mq)
Function called by transport to notify us that a peer connected to us (on the network level).
static struct GNUNET_SCHEDULER_Task * rekey_task
Task scheduled for periodic re-generation (and thus rekeying) of our ephemeral key.
static struct GNUNET_TRANSPORT_CoreHandle * transport
Transport service.
static void handle_transport_notify_excess_bw(void *cls, const struct GNUNET_PeerIdentity *pid, void *connect_cls)
One of our neighbours has excess bandwidth, remember this.
void GNUNET_CRYPTO_ecdhe_key_create(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:435
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:197
@ GNUNET_SYSERR
Definition: gnunet_common.h:97
@ GNUNET_ERROR_TYPE_INFO
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
#define GNUNET_MQ_hd_var_size(name, code, str, ctx)
struct GNUNET_NotificationContext * GNUNET_notification_context_create(unsigned int queue_length)
Create a new notification context.
Definition: nc.c:121
#define GNUNET_MQ_hd_fixed_size(name, code, str, ctx)
#define GNUNET_MESSAGE_TYPE_CORE_PING
Check that other peer is alive (challenge).
#define GNUNET_MESSAGE_TYPE_CORE_PONG
Confirmation that other peer is alive.
#define GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY
Session key exchange between peers.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1254
struct GNUNET_TRANSPORT_CoreHandle * GNUNET_TRANSPORT_core_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_PeerIdentity *self, const struct GNUNET_MQ_MessageHandler *handlers, void *cls, GNUNET_TRANSPORT_NotifyConnect nc, GNUNET_TRANSPORT_NotifyDisconnect nd)
Connect to the transport service.
Message transmitted with the signed ephemeral key of a peer.
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key
Ephemeral public ECC key.
Message handler for a specific message type.
struct GNUNET_CRYPTO_EddsaPublicKey public_key
We're sending an (encrypted) PING to the other peer to check if it can decrypt.
Response to a PING.

References current_ekm, do_rekey(), EphemeralKeyMessage::ephemeral_key, GNUNET_CRYPTO_ecdhe_key_create(), GNUNET_CRYPTO_eddsa_key_get_public(), GNUNET_CRYPTO_hash(), GNUNET_ERROR_TYPE_INFO, GNUNET_h2s(), GNUNET_log, GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE, GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY, GNUNET_MESSAGE_TYPE_CORE_PING, GNUNET_MESSAGE_TYPE_CORE_PONG, GNUNET_MQ_handler_end, GNUNET_MQ_hd_fixed_size, GNUNET_MQ_hd_var_size, GNUNET_notification_context_create(), GNUNET_OK, GNUNET_SCHEDULER_add_delayed(), GNUNET_SYSERR, GNUNET_TRANSPORT_core_connect(), GSC_cfg, GSC_KX_done(), GSC_my_identity, handle_transport_notify_connect(), handle_transport_notify_disconnect(), handle_transport_notify_excess_bw(), handlers, my_ephemeral_key, my_private_key, nc, ping(), pk, pong(), GNUNET_PeerIdentity::public_key, REKEY_FREQUENCY, rekey_task, sign_ephemeral_key(), and transport.

Referenced by run().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GSC_KX_done()

void GSC_KX_done ( void  )

Shutdown KX subsystem.

Definition at line 1852 of file gnunet-service-core_kx.c.

1853 {
1854  if (NULL != transport)
1855  {
1857  transport = NULL;
1858  }
1859  if (NULL != rekey_task)
1860  {
1862  rekey_task = NULL;
1863  }
1864  memset (&my_ephemeral_key,
1865  0,
1866  sizeof (my_ephemeral_key));
1867  memset (&my_private_key,
1868  0,
1869  sizeof (my_private_key));
1870  if (NULL != nc)
1871  {
1873  nc = NULL;
1874  }
1875 }
void GNUNET_notification_context_destroy(struct GNUNET_NotificationContext *nc)
Destroy the context, force disconnect for all subscribers.
Definition: nc.c:137
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:957
void GNUNET_TRANSPORT_core_disconnect(struct GNUNET_TRANSPORT_CoreHandle *handle)
Disconnect from the transport service.

References GNUNET_notification_context_destroy(), GNUNET_SCHEDULER_cancel(), GNUNET_TRANSPORT_core_disconnect(), my_ephemeral_key, my_private_key, nc, rekey_task, and transport.

Referenced by GSC_KX_init(), and shutdown_task().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GSC_NEIGHBOURS_check_excess_bandwidth()

int GSC_NEIGHBOURS_check_excess_bandwidth ( const struct GSC_KeyExchangeInfo kxinfo)

Check if the given neighbour has excess bandwidth available.

Parameters
targetneighbour to check
Returns
GNUNET_YES if excess bandwidth is available, GNUNET_NO if not

Definition at line 1898 of file gnunet-service-core_kx.c.

1899 {
1900  return kxinfo->has_excess_bandwidth;
1901 }

References GSC_KeyExchangeInfo::has_excess_bandwidth.

Referenced by try_transmission().

Here is the caller graph for this function:

◆ GSC_NEIGHBOURS_get_queue_length()

unsigned int GSC_NEIGHBOURS_get_queue_length ( const struct GSC_KeyExchangeInfo kxinfo)

Check how many messages are queued for the given neighbour.

Parameters
targetneighbour to check
Returns
number of items in the message queue
Parameters
kxinfodata about neighbour to check
Returns
number of items in the message queue

Definition at line 1885 of file gnunet-service-core_kx.c.

1886 {
1887  return GNUNET_MQ_get_length (kxinfo->mq);
1888 }
unsigned int GNUNET_MQ_get_length(struct GNUNET_MQ_Handle *mq)
Obtain the current length of the message queue.
Definition: mq.c:291

References GNUNET_MQ_get_length(), and GSC_KeyExchangeInfo::mq.

Referenced by try_transmission().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GSC_KX_handle_client_monitor_peers()

void GSC_KX_handle_client_monitor_peers ( struct GNUNET_MQ_Handle mq)

Handle GNUNET_MESSAGE_TYPE_CORE_MONITOR_PEERS request.

For this request type, the client does not have to have transmitted an INIT request. All current peers are returned, regardless of which message types they accept.

Parameters
mqmessage queue to add for monitoring

Definition at line 1913 of file gnunet-service-core_kx.c.

1914 {
1915  struct GNUNET_MQ_Envelope *env;
1916  struct MonitorNotifyMessage *done_msg;
1917  struct GSC_KeyExchangeInfo *kx;
1918 
1920  for (kx = kx_head; NULL != kx; kx = kx->next)
1921  {
1922  struct GNUNET_MQ_Envelope *env;
1923  struct MonitorNotifyMessage *msg;
1924 
1926  msg->state = htonl ((uint32_t) kx->status);
1927  msg->peer = *kx->peer;
1928  msg->timeout = GNUNET_TIME_absolute_hton (kx->timeout);
1929  GNUNET_MQ_send (mq, env);
1930  }
1932  done_msg->state = htonl ((uint32_t) GNUNET_CORE_KX_ITERATION_FINISHED);
1934  GNUNET_MQ_send (mq, env);
1935 }
struct GNUNET_MQ_Handle * mq
Definition: 003.c:5
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
static struct GSC_KeyExchangeInfo * kx_head
DLL head.
@ GNUNET_CORE_KX_ITERATION_FINISHED
This is not a state in a peer's state machine, but a special value used with the GNUNET_CORE_MonitorC...
#define GNUNET_MQ_msg(mvar, type)
Allocate a GNUNET_MQ_Envelope.
Definition: gnunet_mq_lib.h:71
void GNUNET_notification_context_add(struct GNUNET_NotificationContext *nc, struct GNUNET_MQ_Handle *mq)
Add a subscriber to the notification context.
Definition: nc.c:160
#define GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY
Reply for monitor by CORE service.
#define GNUNET_TIME_UNIT_FOREVER_ABS
Constant used to specify "forever".
Information about the status of a key exchange with another peer.
struct GSC_KeyExchangeInfo * next
DLL.
struct GNUNET_TIME_Absolute timeout
When should the session time out (if there are no PONGs)?
enum GNUNET_CORE_KxState status
What is our connection status?
Message sent by the service to monitor clients to notify them about a peer changing status.
Definition: core.h:303
uint32_t state
New peer state, an enum GNUNET_CORE_KxState in NBO.
Definition: core.h:312
struct GNUNET_TIME_AbsoluteNBO timeout
How long will we stay in this state (if nothing else happens)?
Definition: core.h:322

Referenced by handle_client_monitor_peers().

Here is the caller graph for this function: