code for managing the key exchange (SET_KEY, PING, PONG) with other peers More...

#include "gnunet_util_lib.h"
#include "gnunet_core_service.h"

Include dependency graph for gnunet-service-core_kx.h:

This graph shows which files directly or indirectly include this file:

Data Structures
struct	InitiatorHelloPayload

struct	InitiatorHello
	TODO. More...

struct	ConfirmationAck
	The ACK. More...

struct	ResponderHello
	ResponderHello. More...

struct	ResponderHelloPayload

struct	InitiatorDone
	InitiatorDone. More...

struct	EncryptedMessage
	EncryptedMessage. More...

struct	Heartbeat
	KeyUpdate. More...

Enumerations
enum	HeartbeatFlags { GSC_HEARTBEAT_KEY_UPDATE_REQUESTED = 1 }
	Heartbeat flags. More...

Functions
void	GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo kx, const void payload, size_t payload_size)
	Encrypt and transmit a message with the given payload.

int	GSC_KX_init (void)
	Initialize KX subsystem.

void	GSC_KX_done (void)
	Shutdown KX subsystem.

int	GSC_NEIGHBOURS_check_excess_bandwidth (const struct GSC_KeyExchangeInfo *target)
	Check if the given neighbour has excess bandwidth available.

unsigned int	GSC_NEIGHBOURS_get_queue_length (const struct GSC_KeyExchangeInfo *target)
	Check how many messages are queued for the given neighbour.

void	GSC_KX_handle_client_monitor_peers (struct GNUNET_MQ_Handle *mq)
	Handle GNUNET_MESSAGE_TYPE_CORE_MONITOR_PEERS request.

Detailed Description

code for managing the key exchange (SET_KEY, PING, PONG) with other peers

Author: Christian Grothoff

Definition in file gnunet-service-core_kx.h.

Enumeration Type Documentation

◆ HeartbeatFlags

enum HeartbeatFlags

Heartbeat flags.

Enumerator
GSC_HEARTBEAT_KEY_UPDATE_REQUESTED	A key update is requested.

Definition at line 225 of file gnunet-service-core_kx.h.

{
  GSC_HEARTBEAT_KEY_UPDATE_REQUESTED = 1,
 
};

Function Documentation

◆ GSC_KX_encrypt_and_transmit()

void GSC_KX_encrypt_and_transmit	(	struct GSC_KeyExchangeInfo *	kx,
		const void *	payload,
		size_t	payload_size
	)

Encrypt and transmit a message with the given payload.

Parameters

kx	key exchange context
payload	payload of the message
payload_size	number of bytes in 'payload'

Encrypt and transmit a message with the given payload.

Parameters

kx	key exchange info
payload	the payload
payload_size	size of the payload

Definition at line 2743 of file gnunet-service-core_kx.c.

{
  struct GNUNET_MQ_Envelope *env;
  struct EncryptedMessage *encrypted_msg;
  unsigned char enc_key[AEAD_KEY_BYTES];
  unsigned char enc_nonce[AEAD_NONCE_BYTES];
  unsigned char seq_enc_k[crypto_stream_chacha20_ietf_KEYBYTES];
  uint64_t sqn;
  uint64_t epoch;
  int8_t ret;
 
  encrypted_msg = NULL;
 
  check_rekey (kx);
  sqn = kx->current_sqn;
  epoch = kx->current_epoch;
  /* We are the sender and as we are going to send,
   * we are using the initiator key material */
  derive_per_message_secrets (&kx->current_ats,
                              sqn,
                              enc_key,
                              enc_nonce);
  kx->current_sqn++;
  derive_sn (&kx->current_ats,
             seq_enc_k,
             sizeof seq_enc_k);
  env = GNUNET_MQ_msg_extra (encrypted_msg,
                             payload_size,
                             GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE_CAKE);
  // only encrypt the payload for now
  // TODO encrypt other fields as well
  ret = crypto_aead_xchacha20poly1305_ietf_encrypt_detached (
    (unsigned char*) &encrypted_msg[1],     // c - resulting ciphertext
    (unsigned char*) &encrypted_msg->tag,     // mac - resulting mac/tag
    NULL,     // maclen
    (unsigned char*) payload,     // m - plain message
    payload_size,     // mlen
    NULL,     // ad - additional data TODO also cover the unencrypted part (epoch)
    0,     // adlen
    NULL,     // nsec - unused
    enc_nonce,     // npub nonce
    enc_key     // k - key
    );
  if (0 != ret)
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "Something went wrong encrypting message\n");
    GNUNET_assert (0);
  }
  {
    /* compute the sequence number */
    unsigned char *seq_enc_nonce;
    uint64_t seq_nbo;
    uint32_t seq_enc_ctr;
 
    seq_nbo = GNUNET_htonll (sqn);
    seq_enc_ctr = *((uint32_t*) encrypted_msg->tag);
    seq_enc_nonce = &encrypted_msg->tag[sizeof (uint32_t)];
    crypto_stream_chacha20_ietf_xor_ic (
      (unsigned char*) &encrypted_msg->sequence_number,
      (unsigned char*) &seq_nbo,
      sizeof seq_nbo,
      seq_enc_nonce,
      ntohl (seq_enc_ctr),
      seq_enc_k);
#if DEBUG_KX
    GNUNET_print_bytes (seq_enc_k,
                        sizeof seq_enc_k,
                        8,
                        GNUNET_NO);
    GNUNET_print_bytes ((char*) &seq_enc_ctr,
                        16,
                        8,
                        GNUNET_NO);
#endif
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Sending encrypted message with E(SQN=%" PRIu64 ")=%" PRIu64
                "\n",
                sqn,
                encrypted_msg->sequence_number);
  }
  encrypted_msg->epoch = GNUNET_htonll (epoch);
 
  // TODO actually copy payload
  GNUNET_MQ_send (kx->mq, env);
}

References AEAD_KEY_BYTES, AEAD_NONCE_BYTES, check_rekey(), GSC_KeyExchangeInfo::current_ats, GSC_KeyExchangeInfo::current_epoch, GSC_KeyExchangeInfo::current_sqn, derive_per_message_secrets(), derive_sn(), env, EncryptedMessage::epoch, GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_ERROR, GNUNET_htonll(), GNUNET_log, GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE_CAKE, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), GNUNET_NO, GNUNET_print_bytes(), GSC_KeyExchangeInfo::mq, payload, ret, EncryptedMessage::sequence_number, and EncryptedMessage::tag.

Referenced by handle_heartbeat(), handle_initiator_done(), send_heartbeat(), and try_transmission().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ GSC_KX_init()

int GSC_KX_init ( void )

Initialize KX subsystem.

Returns: GNUNET_OK on success, GNUNET_SYSERR on failure

Definition at line 2867 of file gnunet-service-core_kx.c.

{
  struct GNUNET_MQ_MessageHandler handlers[] = {
    GNUNET_MQ_hd_var_size (initiator_hello,
                           GNUNET_MESSAGE_TYPE_CORE_INITIATOR_HELLO,
                           struct InitiatorHello,
                           NULL),
    GNUNET_MQ_hd_var_size (initiator_done,
                           GNUNET_MESSAGE_TYPE_CORE_INITIATOR_DONE,
                           struct InitiatorDone,
                           NULL),
    GNUNET_MQ_hd_var_size (responder_hello,
                           GNUNET_MESSAGE_TYPE_CORE_RESPONDER_HELLO,
                           struct ResponderHello,
                           NULL),
    GNUNET_MQ_hd_var_size   (encrypted_message, // TODO rename?
                             GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE_CAKE, // TODO rename!
                             struct EncryptedMessage,
                             NULL),
    GNUNET_MQ_handler_end ()
  };
 
  init_phase = GNUNET_YES;
  pils = GNUNET_PILS_connect (GSC_cfg,
                              peer_id_change_cb,
                              NULL); // TODO potentially wait
  // until we have a peer_id?
  // pay attention to whether
  // we have one anyways
  if (NULL == pils)
  {
    GSC_KX_done ();
    return GNUNET_SYSERR;
  }
 
  nc = GNUNET_notification_context_create (1);
  transport =
    GNUNET_TRANSPORT_core_connect (GSC_cfg,
                                   &GSC_my_identity,
                                   handlers,
                                   NULL, // cls - this connection-independant
                                         // cls seems not to be needed.
                                         // the connection-specific cls
                                         // will be set as a return value
                                         // of
                                         // handle_transport_notify_connect
                                   &handle_transport_notify_connect,
                                   &handle_transport_notify_disconnect);
  if (NULL == transport)
  {
    GSC_KX_done ();
    return GNUNET_SYSERR;
  }
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Connected to TRANSPORT\n");
  return GNUNET_OK;
}

References GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE_CAKE, GNUNET_MESSAGE_TYPE_CORE_INITIATOR_DONE, GNUNET_MESSAGE_TYPE_CORE_INITIATOR_HELLO, GNUNET_MESSAGE_TYPE_CORE_RESPONDER_HELLO, GNUNET_MQ_handler_end, GNUNET_MQ_hd_var_size, GNUNET_notification_context_create(), GNUNET_OK, GNUNET_PILS_connect(), GNUNET_SYSERR, GNUNET_TRANSPORT_core_connect(), GNUNET_YES, GSC_cfg, GSC_KX_done(), GSC_my_identity, handle_transport_notify_connect(), handle_transport_notify_disconnect(), handlers, init_phase, nc, peer_id_change_cb(), pils, and transport.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ GSC_KX_done()

void GSC_KX_done ( void )

Shutdown KX subsystem.

Definition at line 2930 of file gnunet-service-core_kx.c.

{
  struct PilsRequest *pr;
  while (NULL != (pr = pils_requests_head))
  {
    GNUNET_CONTAINER_DLL_remove (pils_requests_head,
                                 pils_requests_tail,
                                 pr);
    if (NULL != pr->op)
      GNUNET_PILS_cancel (pr->op);
    GNUNET_free (pr);
  }
  if (NULL != pils)
  {
    GNUNET_PILS_disconnect (pils);
    pils = NULL;
  }
  if (NULL != transport)
  {
    GNUNET_TRANSPORT_core_disconnect (transport);
    transport = NULL;
  }
  if (NULL != rekey_task)
  {
    GNUNET_SCHEDULER_cancel (rekey_task);
    rekey_task = NULL;
  }
  if (NULL != nc)
  {
    GNUNET_notification_context_destroy (nc);
    nc = NULL;
  }
}

References GNUNET_CONTAINER_DLL_remove, GNUNET_free, GNUNET_notification_context_destroy(), GNUNET_PILS_cancel(), GNUNET_PILS_disconnect(), GNUNET_SCHEDULER_cancel(), GNUNET_TRANSPORT_core_disconnect(), nc, PilsRequest::op, pils, pils_requests_head, pils_requests_tail, rekey_task, and transport.

Referenced by GSC_KX_init(), and shutdown_task().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ GSC_NEIGHBOURS_check_excess_bandwidth()

int GSC_NEIGHBOURS_check_excess_bandwidth ( const struct GSC_KeyExchangeInfo * target )

Check if the given neighbour has excess bandwidth available.

Parameters

target neighbour to check

Returns: GNUNET_YES if excess bandwidth is available, GNUNET_NO if not

Definition at line 2979 of file gnunet-service-core_kx.c.

{
  return kxinfo->has_excess_bandwidth;
}

References GSC_KeyExchangeInfo::has_excess_bandwidth.

Referenced by try_transmission().

Here is the caller graph for this function:

◆ GSC_NEIGHBOURS_get_queue_length()

unsigned int GSC_NEIGHBOURS_get_queue_length ( const struct GSC_KeyExchangeInfo * kxinfo )

Check how many messages are queued for the given neighbour.

Parameters

target neighbour to check

Returns: number of items in the message queue

Parameters

kxinfo data about neighbour to check

Returns: number of items in the message queue

Definition at line 2972 of file gnunet-service-core_kx.c.

{
  return GNUNET_MQ_get_length (kxinfo->mq);
}

References GNUNET_MQ_get_length(), and GSC_KeyExchangeInfo::mq.

Referenced by try_transmission().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ GSC_KX_handle_client_monitor_peers()

void GSC_KX_handle_client_monitor_peers ( struct GNUNET_MQ_Handle * mq )

Handle GNUNET_MESSAGE_TYPE_CORE_MONITOR_PEERS request.

For this request type, the client does not have to have transmitted an INIT request. All current peers are returned, regardless of which message types they accept.

Parameters

mq	message queue to add for monitoring

Definition at line 2994 of file gnunet-service-core_kx.c.

{
  struct GNUNET_MQ_Envelope *env;
  struct MonitorNotifyMessage *done_msg;
  struct GSC_KeyExchangeInfo *kx;
 
  GNUNET_notification_context_add (nc, mq);
  for (kx = kx_head; NULL != kx; kx = kx->next)
  {
    struct GNUNET_MQ_Envelope *env_notify;
    struct MonitorNotifyMessage *msg;
 
    env_notify = GNUNET_MQ_msg (msg, GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY);
    msg->state = htonl ((uint32_t) kx->status);
    msg->peer = kx->peer;
    msg->timeout = GNUNET_TIME_absolute_hton (kx->timeout);
    GNUNET_MQ_send (mq, env_notify);
  }
  env = GNUNET_MQ_msg (done_msg, GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY);
  done_msg->state = htonl ((uint32_t) GNUNET_CORE_KX_ITERATION_FINISHED);
  done_msg->timeout = GNUNET_TIME_absolute_hton (GNUNET_TIME_UNIT_FOREVER_ABS);
  GNUNET_MQ_send (mq, env);
}

References env, GNUNET_CORE_KX_ITERATION_FINISHED, GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY, GNUNET_MQ_msg, GNUNET_MQ_send(), GNUNET_notification_context_add(), GNUNET_TIME_absolute_hton(), GNUNET_TIME_UNIT_FOREVER_ABS, kx_head, mq, msg, nc, GSC_KeyExchangeInfo::next, GSC_KeyExchangeInfo::peer, MonitorNotifyMessage::state, GSC_KeyExchangeInfo::status, MonitorNotifyMessage::timeout, and GSC_KeyExchangeInfo::timeout.

Referenced by handle_client_monitor_peers().

Here is the call graph for this function:

Here is the caller graph for this function:

Data Structures

Enumerations

Functions

Detailed Description

Enumeration Type Documentation

◆ HeartbeatFlags

Function Documentation

◆ GSC_KX_encrypt_and_transmit()

◆ GSC_KX_init()

◆ GSC_KX_done()

◆ GSC_NEIGHBOURS_check_excess_bandwidth()

◆ GSC_NEIGHBOURS_get_queue_length()

◆ GSC_KX_handle_client_monitor_peers()