GNUnet  0.11.x
Data Structures | Macros | Functions | Variables
gnunet-service-core_kx.c File Reference

code for managing the key exchange (SET_KEY, PING, PONG) with other peers More...

#include "platform.h"
#include "gnunet-service-core_kx.h"
#include "gnunet-service-core.h"
#include "gnunet-service-core_sessions.h"
#include "gnunet_statistics_service.h"
#include "gnunet_transport_service.h"
#include "gnunet_constants.h"
#include "gnunet_signatures.h"
#include "gnunet_protocols.h"
#include "core.h"
Include dependency graph for gnunet-service-core_kx.c:

Go to the source code of this file.

Data Structures

struct  EncryptedMessage
 Encapsulation for encrypted messages exchanged between peers. More...
 
struct  GSC_KeyExchangeInfo
 Information about the status of a key exchange with another peer. More...
 

Macros

#define DEBUG_KX   0
 Enable expensive (and possibly problematic for privacy!) logging of KX. More...
 
#define INITIAL_SET_KEY_RETRY_FREQUENCY    GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 10)
 How long do we wait for SET_KEY confirmation initially? More...
 
#define MIN_PING_FREQUENCY    GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5)
 What is the minimum frequency for a PING message? More...
 
#define REKEY_FREQUENCY    GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 12)
 How often do we rekey? More...
 
#define REKEY_TOLERANCE    GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
 What time difference do we tolerate? More...
 
#define MAX_MESSAGE_AGE   GNUNET_TIME_UNIT_DAYS
 What is the maximum age of a message for us to consider processing it? Note that this looks at the timestamp used by the other peer, so clock skew between machines does come into play here. More...
 
#define ENCRYPTED_HEADER_SIZE    (offsetof (struct EncryptedMessage, sequence_number))
 Number of bytes (at the beginning) of struct EncryptedMessage that are NOT encrypted. More...
 

Functions

static uint32_t calculate_seed (struct GSC_KeyExchangeInfo *kx)
 Calculate seed value we should use for a message. More...
 
static void monitor_notify_all (struct GSC_KeyExchangeInfo *kx)
 Inform all monitors about the KX state of the given peer. More...
 
static void derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed)
 Derive an authentication key from "set key" information. More...
 
static void derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed, const struct GNUNET_PeerIdentity *identity)
 Derive an IV from packet information. More...
 
static void derive_pong_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed, uint32_t challenge, const struct GNUNET_PeerIdentity *identity)
 Derive an IV from pong packet information. More...
 
static void derive_aes_key (const struct GNUNET_PeerIdentity *sender, const struct GNUNET_PeerIdentity *receiver, const struct GNUNET_HashCode *key_material, struct GNUNET_CRYPTO_SymmetricSessionKey *skey)
 Derive an AES key from key material. More...
 
static int do_encrypt (struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
 Encrypt size bytes from in and write the result to out. More...
 
static int do_decrypt (struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
 Decrypt size bytes from in and write the result to out. More...
 
static void send_key (struct GSC_KeyExchangeInfo *kx)
 Send our key (and encrypted PING) to the other peer. More...
 
static void set_key_retry_task (void *cls)
 Task that will retry send_key() if our previous attempt failed. More...
 
static void setup_fresh_ping (struct GSC_KeyExchangeInfo *kx)
 Create a fresh PING message for transmission to the other peer. More...
 
static int deliver_message (void *cls, const struct GNUNET_MessageHeader *m)
 Deliver P2P message to interested clients. More...
 
static void * handle_transport_notify_connect (void *cls, const struct GNUNET_PeerIdentity *pid, struct GNUNET_MQ_Handle *mq)
 Function called by transport to notify us that a peer connected to us (on the network level). More...
 
static void handle_transport_notify_disconnect (void *cls, const struct GNUNET_PeerIdentity *peer, void *handler_cls)
 Function called by transport telling us that a peer disconnected. More...
 
static void send_ping (struct GSC_KeyExchangeInfo *kx)
 Send our PING to the other peer. More...
 
static void derive_session_keys (struct GSC_KeyExchangeInfo *kx)
 Derive fresh session keys from the current ephemeral keys. More...
 
static void handle_ephemeral_key (void *cls, const struct EphemeralKeyMessage *m)
 We received a GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY message. More...
 
static void handle_ping (void *cls, const struct PingMessage *m)
 We received a PING message. More...
 
static void send_keep_alive (void *cls)
 Task triggered when a neighbour entry is about to time out (and we should prevent this by sending a PING). More...
 
static void update_timeout (struct GSC_KeyExchangeInfo *kx)
 We've seen a valid message from the other peer. More...
 
static void handle_pong (void *cls, const struct PongMessage *m)
 We received a PONG message. More...
 
void GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx, const void *payload, size_t payload_size)
 Encrypt and transmit a message with the given payload. More...
 
static int check_encrypted (void *cls, const struct EncryptedMessage *m)
 We received an encrypted message. More...
 
static void handle_encrypted (void *cls, const struct EncryptedMessage *m)
 We received an encrypted message. More...
 
static void handle_transport_notify_excess_bw (void *cls, const struct GNUNET_PeerIdentity *pid, void *connect_cls)
 One of our neighbours has excess bandwidth, remember this. More...
 
static void sign_ephemeral_key ()
 Setup the message that links the ephemeral key to our persistent public key and generate the appropriate signature. More...
 
static void do_rekey (void *cls)
 Task run to trigger rekeying. More...
 
int GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
 Initialize KX subsystem. More...
 
void GSC_KX_done ()
 Shutdown KX subsystem. More...
 
unsigned int GSC_NEIGHBOURS_get_queue_length (const struct GSC_KeyExchangeInfo *kxinfo)
 Check how many messages are queued for the given neighbour. More...
 
int GSC_NEIGHBOURS_check_excess_bandwidth (const struct GSC_KeyExchangeInfo *kxinfo)
 Check if the given neighbour has excess bandwidth available. More...
 
void GSC_KX_handle_client_monitor_peers (struct GNUNET_MQ_Handle *mq)
 Handle GNUNET_MESSAGE_TYPE_CORE_MONITOR_PEERS request. More...
 

Variables

static struct GNUNET_TRANSPORT_CoreHandletransport
 Transport service. More...
 
static struct GNUNET_CRYPTO_EddsaPrivateKey my_private_key
 Our private key. More...
 
static struct GNUNET_CRYPTO_EcdhePrivateKey my_ephemeral_key
 Our ephemeral private key. More...
 
static struct EphemeralKeyMessage current_ekm
 Current message we send for a key exchange. More...
 
static struct GSC_KeyExchangeInfokx_head
 DLL head. More...
 
static struct GSC_KeyExchangeInfokx_tail
 DLL tail. More...
 
static struct GNUNET_SCHEDULER_Taskrekey_task
 Task scheduled for periodic re-generation (and thus rekeying) of our ephemeral key. More...
 
static struct GNUNET_NotificationContextnc
 Notification context for broadcasting to monitors. More...
 

Detailed Description

code for managing the key exchange (SET_KEY, PING, PONG) with other peers

Author
Christian Grothoff

Definition in file gnunet-service-core_kx.c.

Macro Definition Documentation

◆ DEBUG_KX

#define DEBUG_KX   0

Enable expensive (and possibly problematic for privacy!) logging of KX.

Definition at line 41 of file gnunet-service-core_kx.c.

◆ INITIAL_SET_KEY_RETRY_FREQUENCY

#define INITIAL_SET_KEY_RETRY_FREQUENCY    GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 10)

How long do we wait for SET_KEY confirmation initially?

Definition at line 46 of file gnunet-service-core_kx.c.

◆ MIN_PING_FREQUENCY

#define MIN_PING_FREQUENCY    GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5)

What is the minimum frequency for a PING message?

Definition at line 52 of file gnunet-service-core_kx.c.

◆ REKEY_FREQUENCY

#define REKEY_FREQUENCY    GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 12)

How often do we rekey?

Definition at line 58 of file gnunet-service-core_kx.c.

◆ REKEY_TOLERANCE

#define REKEY_TOLERANCE    GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)

What time difference do we tolerate?

Definition at line 64 of file gnunet-service-core_kx.c.

◆ MAX_MESSAGE_AGE

#define MAX_MESSAGE_AGE   GNUNET_TIME_UNIT_DAYS

What is the maximum age of a message for us to consider processing it? Note that this looks at the timestamp used by the other peer, so clock skew between machines does come into play here.

So this should be picked high enough so that a little bit of clock skew does not prevent peers from connecting to us.

Definition at line 74 of file gnunet-service-core_kx.c.

◆ ENCRYPTED_HEADER_SIZE

#define ENCRYPTED_HEADER_SIZE    (offsetof (struct EncryptedMessage, sequence_number))

Number of bytes (at the beginning) of struct EncryptedMessage that are NOT encrypted.

Definition at line 128 of file gnunet-service-core_kx.c.

Function Documentation

◆ calculate_seed()

static uint32_t calculate_seed ( struct GSC_KeyExchangeInfo kx)
static

Calculate seed value we should use for a message.

Parameters
kxkey exchange context

Definition at line 296 of file gnunet-service-core_kx.c.

297 {
298  /* Note: may want to make this non-random and instead
299  derive from key material to avoid having an undetectable
300  side-channel */
301  return htonl (
303 }
uint32_t GNUNET_CRYPTO_random_u32(enum GNUNET_CRYPTO_Quality mode, uint32_t i)
Produce a random value.
@ GNUNET_CRYPTO_QUALITY_NONCE
Randomness for IVs etc.

References GNUNET_CRYPTO_QUALITY_NONCE, and GNUNET_CRYPTO_random_u32().

Referenced by GSC_KX_encrypt_and_transmit(), handle_ping(), and setup_fresh_ping().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ monitor_notify_all()

static void monitor_notify_all ( struct GSC_KeyExchangeInfo kx)
static

Inform all monitors about the KX state of the given peer.

Parameters
kxkey exchange state to inform about

Definition at line 312 of file gnunet-service-core_kx.c.

313 {
314  struct MonitorNotifyMessage msg;
315 
317  msg.header.size = htons (sizeof(msg));
318  msg.state = htonl ((uint32_t) kx->status);
319  msg.peer = *kx->peer;
320  msg.timeout = GNUNET_TIME_absolute_hton (kx->timeout);
322  kx->last_notify_timeout = kx->timeout;
323 }
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
static struct GNUNET_NotificationContext * nc
Notification context for broadcasting to monitors.
@ GNUNET_NO
Definition: gnunet_common.h:94
void GNUNET_notification_context_broadcast(struct GNUNET_NotificationContext *nc, const struct GNUNET_MessageHeader *msg, int can_drop)
Send a message to all subscribers of this context.
Definition: nc.c:189
#define GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY
Reply for monitor by CORE service.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:464
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format.
struct GNUNET_TIME_Absolute last_notify_timeout
What was the last timeout we informed our monitors about?
const struct GNUNET_PeerIdentity * peer
Identity of the peer.
struct GNUNET_TIME_Absolute timeout
When should the session time out (if there are no PONGs)?
enum GNUNET_CORE_KxState status
What is our connection status?
Message sent by the service to monitor clients to notify them about a peer changing status.
Definition: core.h:303

References GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY, GNUNET_NO, GNUNET_notification_context_broadcast(), GNUNET_TIME_absolute_hton(), GSC_KeyExchangeInfo::last_notify_timeout, msg, nc, GSC_KeyExchangeInfo::peer, GNUNET_MessageHeader::size, GSC_KeyExchangeInfo::status, GSC_KeyExchangeInfo::timeout, and GNUNET_MessageHeader::type.

Referenced by do_rekey(), handle_encrypted(), handle_ephemeral_key(), handle_pong(), handle_transport_notify_connect(), handle_transport_notify_disconnect(), send_keep_alive(), and update_timeout().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ derive_auth_key()

static void derive_auth_key ( struct GNUNET_CRYPTO_AuthKey akey,
const struct GNUNET_CRYPTO_SymmetricSessionKey skey,
uint32_t  seed 
)
static

Derive an authentication key from "set key" information.

Parameters
akeyauthentication key to derive
skeysession key to use
seedseed to use

Definition at line 334 of file gnunet-service-core_kx.c.

337 {
338  static const char ctx[] = "authentication key";
339 
340 #if DEBUG_KX
341  struct GNUNET_HashCode sh;
342 
343  GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
345  "Deriving Auth key from SKEY %s and seed %u\n",
346  GNUNET_h2s (&sh),
347  (unsigned int) seed);
348 #endif
350  skey,
351  &seed,
352  sizeof(seed),
353  skey,
354  sizeof(
356  ctx,
357  sizeof(ctx),
358  NULL);
359 }
static struct SolverHandle * sh
static struct GNUNET_DNSSTUB_Context * ctx
Context for DNS resolution.
#define GNUNET_log(kind,...)
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:41
void GNUNET_CRYPTO_hmac_derive_key(struct GNUNET_CRYPTO_AuthKey *key, const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, const void *salt, size_t salt_len,...)
Derive an authentication key.
Definition: crypto_hash.c:246
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
@ GNUNET_ERROR_TYPE_DEBUG
A 512-bit hashcode.

References ctx, GNUNET_CRYPTO_hash(), GNUNET_CRYPTO_hmac_derive_key(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_log, and sh.

Referenced by GSC_KX_encrypt_and_transmit(), and handle_encrypted().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ derive_iv()

static void derive_iv ( struct GNUNET_CRYPTO_SymmetricInitializationVector iv,
const struct GNUNET_CRYPTO_SymmetricSessionKey skey,
uint32_t  seed,
const struct GNUNET_PeerIdentity identity 
)
static

Derive an IV from packet information.

Parameters
ivinitialization vector to initialize
skeysession key to use
seedseed to use
identityidentity of the other peer to use

Definition at line 371 of file gnunet-service-core_kx.c.

375 {
376  static const char ctx[] = "initialization vector";
377 
378 #if DEBUG_KX
379  struct GNUNET_HashCode sh;
380 
381  GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
383  "Deriving IV from SKEY %s and seed %u for peer %s\n",
384  GNUNET_h2s (&sh),
385  (unsigned int) seed,
386  GNUNET_i2s (identity));
387 #endif
389  skey,
390  &seed,
391  sizeof(seed),
392  identity,
393  sizeof(struct GNUNET_PeerIdentity),
394  ctx,
395  sizeof(ctx),
396  NULL);
397 }
static struct GNUNET_IDENTITY_Handle * identity
Which namespace do we publish to? NULL if we do not publish to a namespace.
void GNUNET_CRYPTO_symmetric_derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
Derive an IV.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
The identity of the host (wraps the signing key of the peer).

References ctx, GNUNET_CRYPTO_hash(), GNUNET_CRYPTO_symmetric_derive_iv(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_i2s(), GNUNET_log, identity, and sh.

Referenced by GSC_KX_encrypt_and_transmit(), handle_encrypted(), handle_ping(), and setup_fresh_ping().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ derive_pong_iv()

static void derive_pong_iv ( struct GNUNET_CRYPTO_SymmetricInitializationVector iv,
const struct GNUNET_CRYPTO_SymmetricSessionKey skey,
uint32_t  seed,
uint32_t  challenge,
const struct GNUNET_PeerIdentity identity 
)
static

Derive an IV from pong packet information.

Parameters
ivinitialization vector to initialize
skeysession key to use
seedseed to use
challengenonce to use
identityidentity of the other peer to use

Definition at line 410 of file gnunet-service-core_kx.c.

415 {
416  static const char ctx[] = "pong initialization vector";
417 
418 #if DEBUG_KX
419  struct GNUNET_HashCode sh;
420 
421  GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
423  "Deriving PONG IV from SKEY %s and seed %u/%u for %s\n",
424  GNUNET_h2s (&sh),
425  (unsigned int) seed,
426  (unsigned int) challenge,
427  GNUNET_i2s (identity));
428 #endif
430  skey,
431  &seed,
432  sizeof(seed),
433  identity,
434  sizeof(struct GNUNET_PeerIdentity),
435  &challenge,
436  sizeof(challenge),
437  ctx,
438  sizeof(ctx),
439  NULL);
440 }

References ctx, GNUNET_CRYPTO_hash(), GNUNET_CRYPTO_symmetric_derive_iv(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_i2s(), GNUNET_log, identity, and sh.

Referenced by handle_ping(), and handle_pong().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ derive_aes_key()

static void derive_aes_key ( const struct GNUNET_PeerIdentity sender,
const struct GNUNET_PeerIdentity receiver,
const struct GNUNET_HashCode key_material,
struct GNUNET_CRYPTO_SymmetricSessionKey skey 
)
static

Derive an AES key from key material.

Parameters
senderpeer identity of the sender
receiverpeer identity of the sender
key_materialhigh entropy key material to use
skeyset to derived session key

Definition at line 452 of file gnunet-service-core_kx.c.

456 {
457  static const char ctx[] = "aes key generation vector";
458 
459 #if DEBUG_KX
460  struct GNUNET_HashCode sh;
461 
462  GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
464  "Deriving AES Keys for %s to %s from %s\n",
465  GNUNET_i2s (sender),
467  GNUNET_h2s (key_material));
468 #endif
469  GNUNET_CRYPTO_kdf (skey,
470  sizeof(struct GNUNET_CRYPTO_SymmetricSessionKey),
471  ctx,
472  sizeof(ctx),
473  key_material,
474  sizeof(struct GNUNET_HashCode),
475  sender,
476  sizeof(struct GNUNET_PeerIdentity),
477  receiver,
478  sizeof(struct GNUNET_PeerIdentity),
479  NULL);
480 }
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:90
const char * GNUNET_i2s2(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329

References ctx, GNUNET_CRYPTO_hash(), GNUNET_CRYPTO_kdf(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_i2s(), GNUNET_i2s2(), GNUNET_log, receiver(), and sh.

Referenced by derive_session_keys().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ do_encrypt()

static int do_encrypt ( struct GSC_KeyExchangeInfo kx,
const struct GNUNET_CRYPTO_SymmetricInitializationVector iv,
const void *  in,
void *  out,
size_t  size 
)
static

Encrypt size bytes from in and write the result to out.

Use the kx key for outbound traffic of the given neighbour.

Parameters
kxkey information context
ivinitialization vector to use
inciphertext
outplaintext
sizesize of in/out @return GNUNET_OK on success

Definition at line 495 of file gnunet-service-core_kx.c.

500 {
501  if (size != (uint16_t) size)
502  {
503  GNUNET_break (0);
504  return GNUNET_NO;
505  }
507  (uint16_t) size,
508  &kx->encrypt_key,
509  iv,
510  out));
512  gettext_noop ("# bytes encrypted"),
513  size,
514  GNUNET_NO);
515  /* the following is too sensitive to write to log files by accident,
516  so we require manual intervention to get this one... */
517 #if DEBUG_KX
519  "Encrypted %u bytes for `%s' using key %u, IV %u\n",
520  (unsigned int) size,
521  GNUNET_i2s (kx->peer),
522  (unsigned int) kx->encrypt_key.crc32,
523  GNUNET_CRYPTO_crc32_n (iv, sizeof(iv)));
524 #endif
525  return GNUNET_OK;
526 }
#define gettext_noop(String)
Definition: gettext.h:69
struct GNUNET_STATISTICS_Handle * GSC_stats
For creating statistics.
@ GNUNET_OK
Definition: gnunet_common.h:95
ssize_t GNUNET_CRYPTO_symmetric_encrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Encrypt a block using a symmetric sessionkey.
int32_t GNUNET_CRYPTO_crc32_n(const void *buf, size_t len)
Compute the CRC32 checksum for the first len bytes of the buffer.
Definition: crypto_crc.c:106
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
static unsigned int size
Size of the "table".
Definition: peer.c:67
struct GNUNET_CRYPTO_SymmetricSessionKey encrypt_key
Key we use to encrypt our messages for the other peer (initialized by us when we do the handshake).

References GSC_KeyExchangeInfo::encrypt_key, gettext_noop, GNUNET_assert, GNUNET_break, GNUNET_CRYPTO_crc32_n(), GNUNET_CRYPTO_symmetric_encrypt(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_NO, GNUNET_OK, GNUNET_STATISTICS_update(), GSC_stats, GSC_KeyExchangeInfo::peer, and size.

Referenced by GSC_KX_encrypt_and_transmit(), handle_ping(), and setup_fresh_ping().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ do_decrypt()

static int do_decrypt ( struct GSC_KeyExchangeInfo kx,
const struct GNUNET_CRYPTO_SymmetricInitializationVector iv,
const void *  in,
void *  out,
size_t  size 
)
static

Decrypt size bytes from in and write the result to out.

Use the kx key for inbound traffic of the given neighbour. This function does NOT do any integrity-checks on the result.

Parameters
kxkey information context
ivinitialization vector to use
inciphertext
outplaintext
sizesize of in / out
Returns
GNUNET_OK on success

Definition at line 542 of file gnunet-service-core_kx.c.

547 {
548  if (size != (uint16_t) size)
549  {
550  GNUNET_break (0);
551  return GNUNET_NO;
552  }
554  (kx->status != GNUNET_CORE_KX_STATE_UP) &&
556  {
557  GNUNET_break_op (0);
558  return GNUNET_SYSERR;
559  }
561  (uint16_t) size,
562  &kx->decrypt_key,
563  iv,
564  out))
565  {
566  GNUNET_break (0);
567  return GNUNET_SYSERR;
568  }
570  gettext_noop ("# bytes decrypted"),
571  size,
572  GNUNET_NO);
573  /* the following is too sensitive to write to log files by accident,
574  so we require manual intervention to get this one... */
575 #if DEBUG_KX
577  "Decrypted %u bytes from `%s' using key %u, IV %u\n",
578  (unsigned int) size,
579  GNUNET_i2s (kx->peer),
580  (unsigned int) kx->decrypt_key.crc32,
581  GNUNET_CRYPTO_crc32_n (iv, sizeof(*iv)));
582 #endif
583  return GNUNET_OK;
584 }
@ GNUNET_SYSERR
Definition: gnunet_common.h:93
@ GNUNET_CORE_KX_STATE_UP
The other peer has confirmed our session key + PING with a PONG message encrypted with their session ...
@ GNUNET_CORE_KX_STATE_KEY_RECEIVED
We've received the other peers session key.
@ GNUNET_CORE_KX_STATE_REKEY_SENT
We're rekeying (or had a timeout), so we have sent the other peer our new ephemeral key,...
ssize_t GNUNET_CRYPTO_symmetric_decrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Decrypt a given block using a symmetric sessionkey.
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
struct GNUNET_CRYPTO_SymmetricSessionKey decrypt_key
Key we use to decrypt messages from the other peer (given to us by the other peer during the handshak...

References GSC_KeyExchangeInfo::decrypt_key, gettext_noop, GNUNET_break, GNUNET_break_op, GNUNET_CORE_KX_STATE_KEY_RECEIVED, GNUNET_CORE_KX_STATE_REKEY_SENT, GNUNET_CORE_KX_STATE_UP, GNUNET_CRYPTO_crc32_n(), GNUNET_CRYPTO_symmetric_decrypt(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_NO, GNUNET_OK, GNUNET_STATISTICS_update(), GNUNET_SYSERR, GSC_stats, GSC_KeyExchangeInfo::peer, size, and GSC_KeyExchangeInfo::status.

Referenced by handle_encrypted(), handle_ping(), handle_pong(), and sock_read().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ send_key()

static void send_key ( struct GSC_KeyExchangeInfo kx)
static

Send our key (and encrypted PING) to the other peer.

Send our key to the other peer.

Parameters
kxkey exchange context

Definition at line 1358 of file gnunet-service-core_kx.c.

1359 {
1360  struct GNUNET_MQ_Envelope *env;
1361 
1363  if (NULL != kx->retry_set_key_task)
1364  {
1366  kx->retry_set_key_task = NULL;
1367  }
1368  /* always update sender status in SET KEY message */
1369 #if DEBUG_KX
1370  {
1371  struct GNUNET_HashCode hc;
1372 
1374  sizeof(current_ekm.ephemeral_key),
1375  &hc);
1377  "Sending EPHEMERAL_KEY %s to `%s' (my status: %d)\n",
1378  GNUNET_h2s (&hc),
1379  GNUNET_i2s (kx->peer),
1380  kx->status);
1381  }
1382 #endif
1383  current_ekm.sender_status = htonl ((int32_t) (kx->status));
1385  GNUNET_MQ_send (kx->mq, env);
1387  send_ping (kx);
1388  kx->retry_set_key_task =
1391  kx);
1392 }
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
static void set_key_retry_task(void *cls)
Task that will retry send_key() if our previous attempt failed.
static struct EphemeralKeyMessage current_ekm
Current message we send for a key exchange.
static void send_ping(struct GSC_KeyExchangeInfo *kx)
Send our PING to the other peer.
@ GNUNET_CORE_KX_STATE_DOWN
No handshake yet.
@ GNUNET_CORE_KX_STATE_KEY_SENT
We've sent our session key.
void GNUNET_MQ_send(struct GNUNET_MQ_Handle *mq, struct GNUNET_MQ_Envelope *ev)
Send a message with the given message queue.
Definition: mq.c:355
struct GNUNET_MQ_Envelope * GNUNET_MQ_msg_copy(const struct GNUNET_MessageHeader *hdr)
Create a new envelope by copying an existing message.
Definition: mq.c:666
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:972
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1269
struct GNUNET_MessageHeader header
Message type is GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY.
int32_t sender_status
Status of the sender (should be in enum PeerStateMachine), nbo.
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key
Ephemeral public ECC key.
struct GNUNET_SCHEDULER_Task * retry_set_key_task
ID of task used for re-trying SET_KEY and PING message.
struct GNUNET_TIME_Relative set_key_retry_frequency
At what frequency are we currently re-trying SET_KEY messages?
struct GNUNET_MQ_Handle * mq
Message queue for sending messages to peer.

References current_ekm, env, EphemeralKeyMessage::ephemeral_key, GNUNET_assert, GNUNET_CORE_KX_STATE_DOWN, GNUNET_CORE_KX_STATE_KEY_SENT, GNUNET_CRYPTO_hash(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_i2s(), GNUNET_log, GNUNET_MQ_msg_copy(), GNUNET_MQ_send(), GNUNET_SCHEDULER_add_delayed(), GNUNET_SCHEDULER_cancel(), EphemeralKeyMessage::header, GSC_KeyExchangeInfo::mq, GSC_KeyExchangeInfo::peer, GSC_KeyExchangeInfo::retry_set_key_task, send_ping(), EphemeralKeyMessage::sender_status, GSC_KeyExchangeInfo::set_key_retry_frequency, set_key_retry_task(), and GSC_KeyExchangeInfo::status.

Referenced by do_rekey(), handle_encrypted(), handle_ephemeral_key(), handle_transport_notify_connect(), send_keep_alive(), and set_key_retry_task().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ set_key_retry_task()

static void set_key_retry_task ( void *  cls)
static

Task that will retry send_key() if our previous attempt failed.

Parameters
clsour struct GSC_KeyExchangeInfo

Definition at line 602 of file gnunet-service-core_kx.c.

603 {
604  struct GSC_KeyExchangeInfo *kx = cls;
605 
606  kx->retry_set_key_task = NULL;
610  send_key (kx);
611 }
static void send_key(struct GSC_KeyExchangeInfo *kx)
Send our key (and encrypted PING) to the other peer.
#define GNUNET_TIME_STD_BACKOFF(r)
Perform our standard exponential back-off calculation, starting at 1 ms and then going by a factor of...
Information about the status of a key exchange with another peer.

References GNUNET_assert, GNUNET_CORE_KX_STATE_DOWN, GNUNET_TIME_STD_BACKOFF, GSC_KeyExchangeInfo::retry_set_key_task, send_key(), GSC_KeyExchangeInfo::set_key_retry_frequency, and GSC_KeyExchangeInfo::status.

Referenced by handle_transport_notify_connect(), and send_key().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ setup_fresh_ping()

static void setup_fresh_ping ( struct GSC_KeyExchangeInfo kx)
static

Create a fresh PING message for transmission to the other peer.

Parameters
kxkey exchange context to create PING for

Definition at line 620 of file gnunet-service-core_kx.c.

621 {
622  struct PingMessage pp;
623  struct PingMessage *pm;
625 
626  pm = &kx->ping;
627  kx->ping_challenge =
629  pm->header.size = htons (sizeof(struct PingMessage));
630  pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING);
631  pm->iv_seed = calculate_seed (kx);
632  derive_iv (&iv, &kx->encrypt_key, pm->iv_seed, kx->peer);
633  pp.challenge = kx->ping_challenge;
634  pp.target = *kx->peer;
635  do_encrypt (kx,
636  &iv,
637  &pp.target,
638  &pm->target,
639  sizeof(struct PingMessage)
640  - ((void *) &pm->target - (void *) pm));
641 }
static uint32_t calculate_seed(struct GSC_KeyExchangeInfo *kx)
Calculate seed value we should use for a message.
static void derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed, const struct GNUNET_PeerIdentity *identity)
Derive an IV from packet information.
static int do_encrypt(struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
Encrypt size bytes from in and write the result to out.
static struct GNUNET_TRANSPORT_PluginMonitor * pm
Handle if we are monitoring plugin session activity.
@ GNUNET_CRYPTO_QUALITY_WEAK
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
#define GNUNET_MESSAGE_TYPE_CORE_PING
Check that other peer is alive (challenge).
uint32_t ping_challenge
What was our PING challenge number (for this peer)?
struct PingMessage ping
PING message we transmit to the other peer.
We're sending an (encrypted) PING to the other peer to check if it can decrypt.

References calculate_seed(), PingMessage::challenge, derive_iv(), do_encrypt(), GSC_KeyExchangeInfo::encrypt_key, GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_u32(), GNUNET_MESSAGE_TYPE_CORE_PING, GSC_KeyExchangeInfo::peer, GSC_KeyExchangeInfo::ping, GSC_KeyExchangeInfo::ping_challenge, pm, and PingMessage::target.

Referenced by derive_session_keys(), and send_keep_alive().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ deliver_message()

static int deliver_message ( void *  cls,
const struct GNUNET_MessageHeader m 
)
static

Deliver P2P message to interested clients.

Invokes send twice, once for clients that want the full message, and once for clients that only want the header

Parameters
clsthe struct GSC_KeyExchangeInfo
mthe message
Returns
GNUNET_OK on success, GNUNET_NO to stop further processing (no error) GNUNET_SYSERR to stop further processing with error

Definition at line 656 of file gnunet-service-core_kx.c.

657 {
658  struct GSC_KeyExchangeInfo *kx = cls;
659 
661  "Decrypted message of type %d from %s\n",
662  ntohs (m->type),
663  GNUNET_i2s (kx->peer));
664  if (GNUNET_CORE_KX_STATE_UP != kx->status)
665  {
667  gettext_noop ("# PAYLOAD dropped (out of order)"),
668  1,
669  GNUNET_NO);
670  return GNUNET_OK;
671  }
672  switch (ntohs (m->type))
673  {
677  return GNUNET_OK;
678 
681  return GNUNET_OK;
682 
683  default:
685  m,
686  ntohs (m->size),
689  m,
690  sizeof(struct GNUNET_MessageHeader),
692  }
693  return GNUNET_OK;
694 }
#define GNUNET_CORE_OPTION_SEND_FULL_INBOUND
Client wants all inbound messages in full.
Definition: core.h:55
#define GNUNET_CORE_OPTION_SEND_HDR_INBOUND
Client just wants the 4-byte message headers of all inbound messages.
Definition: core.h:61
static struct GNUNET_ARM_MonitorHandle * m
Monitor connection with ARM.
Definition: gnunet-arm.c:104
void GSC_CLIENTS_deliver_message(const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg, uint16_t msize, uint32_t options)
Deliver P2P message to interested clients.
void GSC_SESSIONS_confirm_typemap(const struct GNUNET_PeerIdentity *peer, const struct GNUNET_MessageHeader *msg)
The other peer has confirmed receiving our type map, check if it is current and if so,...
void GSC_SESSIONS_set_typemap(const struct GNUNET_PeerIdentity *peer, const struct GNUNET_MessageHeader *msg)
We have received a typemap message from a peer, update ours.
#define GNUNET_MESSAGE_TYPE_CORE_BINARY_TYPE_MAP
uncompressed type map of the sender
#define GNUNET_MESSAGE_TYPE_CORE_COMPRESSED_TYPE_MAP
gzip-compressed type map of the sender
#define GNUNET_MESSAGE_TYPE_CORE_CONFIRM_TYPE_MAP
Other peer confirms having received the type map.
Header for all communications.

References gettext_noop, GNUNET_CORE_KX_STATE_UP, GNUNET_CORE_OPTION_SEND_FULL_INBOUND, GNUNET_CORE_OPTION_SEND_HDR_INBOUND, GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_MESSAGE_TYPE_CORE_BINARY_TYPE_MAP, GNUNET_MESSAGE_TYPE_CORE_COMPRESSED_TYPE_MAP, GNUNET_MESSAGE_TYPE_CORE_CONFIRM_TYPE_MAP, GNUNET_NO, GNUNET_OK, GNUNET_STATISTICS_update(), GSC_CLIENTS_deliver_message(), GSC_SESSIONS_confirm_typemap(), GSC_SESSIONS_set_typemap(), GSC_stats, m, GSC_KeyExchangeInfo::peer, and GSC_KeyExchangeInfo::status.

Referenced by handle_transport_notify_connect().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ handle_transport_notify_connect()

static void* handle_transport_notify_connect ( void *  cls,
const struct GNUNET_PeerIdentity pid,
struct GNUNET_MQ_Handle mq 
)
static

Function called by transport to notify us that a peer connected to us (on the network level).

Starts the key exchange with the given peer.

Parameters
clsclosure (NULL)
pididentity of the peer to do a key exchange with
Returns
key exchange information context

Definition at line 707 of file gnunet-service-core_kx.c.

710 {
711  struct GSC_KeyExchangeInfo *kx;
712  struct GNUNET_HashCode h1;
713  struct GNUNET_HashCode h2;
714 
716  "Initiating key exchange with `%s'\n",
717  GNUNET_i2s (pid));
719  gettext_noop ("# key exchanges initiated"),
720  1,
721  GNUNET_NO);
722  kx = GNUNET_new (struct GSC_KeyExchangeInfo);
724  kx->mq = mq;
725  kx->peer = pid;
729  monitor_notify_all (kx);
730  GNUNET_CRYPTO_hash (pid, sizeof(struct GNUNET_PeerIdentity), &h1);
732  sizeof(struct GNUNET_PeerIdentity),
733  &h2);
734  if (0 < GNUNET_CRYPTO_hash_cmp (&h1, &h2))
735  {
736  /* peer with "lower" identity starts KX, otherwise we typically end up
737  with both peers starting the exchange and transmit the 'set key'
738  message twice */
739  send_key (kx);
740  }
741  else
742  {
743  /* peer with "higher" identity starts a delayed KX, if the "lower" peer
744  * does not start a KX since it sees no reasons to do so */
745  kx->retry_set_key_task =
748  kx);
749  }
750  return kx;
751 }
struct GNUNET_MQ_Handle * mq
Definition: 003.c:5
struct GNUNET_PeerIdentity GSC_my_identity
Our identity.
static struct GSC_KeyExchangeInfo * kx_tail
DLL tail.
static struct GSC_KeyExchangeInfo * kx_head
DLL head.
#define INITIAL_SET_KEY_RETRY_FREQUENCY
How long do we wait for SET_KEY confirmation initially?
static int deliver_message(void *cls, const struct GNUNET_MessageHeader *m)
Deliver P2P message to interested clients.
static void monitor_notify_all(struct GSC_KeyExchangeInfo *kx)
Inform all monitors about the KX state of the given peer.
static struct GNUNET_PeerIdentity pid
Identity of the peer we transmit to / connect to.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
int GNUNET_CRYPTO_hash_cmp(const struct GNUNET_HashCode *h1, const struct GNUNET_HashCode *h2)
Compare function for HashCodes, producing a total ordering of all hashcodes.
Definition: crypto_hash.c:201
#define GNUNET_new(type)
Allocate a struct or union of the given type.
struct GNUNET_MessageStreamTokenizer * GNUNET_MST_create(GNUNET_MessageTokenizerCallback cb, void *cb_cls)
Create a message stream tokenizer.
Definition: mst.c:85
#define GNUNET_TIME_UNIT_SECONDS
One second.
struct GNUNET_MessageStreamTokenizer * mst
Our message stream tokenizer (for encrypted payload).

References deliver_message(), gettext_noop, GNUNET_CONTAINER_DLL_insert, GNUNET_CORE_KX_STATE_KEY_SENT, GNUNET_CRYPTO_hash(), GNUNET_CRYPTO_hash_cmp(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_MST_create(), GNUNET_new, GNUNET_NO, GNUNET_SCHEDULER_add_delayed(), GNUNET_STATISTICS_update(), GNUNET_TIME_UNIT_SECONDS, GSC_my_identity, GSC_stats, INITIAL_SET_KEY_RETRY_FREQUENCY, kx_head, kx_tail, monitor_notify_all(), mq, GSC_KeyExchangeInfo::mq, GSC_KeyExchangeInfo::mst, GSC_KeyExchangeInfo::peer, pid, GSC_KeyExchangeInfo::retry_set_key_task, send_key(), GSC_KeyExchangeInfo::set_key_retry_frequency, set_key_retry_task(), and GSC_KeyExchangeInfo::status.

Referenced by GSC_KX_init().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ handle_transport_notify_disconnect()

static void handle_transport_notify_disconnect ( void *  cls,
const struct GNUNET_PeerIdentity peer,
void *  handler_cls 
)
static

Function called by transport telling us that a peer disconnected.

Stop key exchange with the given peer. Clean up key material.

Parameters
clsclosure
peerthe peer that disconnected
handler_clsthe struct GSC_KeyExchangeInfo of the peer

Definition at line 764 of file gnunet-service-core_kx.c.

767 {
768  struct GSC_KeyExchangeInfo *kx = handler_cls;
769 
771  "Peer `%s' disconnected from us.\n",
772  GNUNET_i2s (peer));
773  GSC_SESSIONS_end (kx->peer);
775  gettext_noop ("# key exchanges stopped"),
776  1,
777  GNUNET_NO);
778  if (NULL != kx->retry_set_key_task)
779  {
781  kx->retry_set_key_task = NULL;
782  }
783  if (NULL != kx->keep_alive_task)
784  {
786  kx->keep_alive_task = NULL;
787  }
789  monitor_notify_all (kx);
791  GNUNET_MST_destroy (kx->mst);
792  GNUNET_free (kx);
793 }
void GSC_SESSIONS_end(const struct GNUNET_PeerIdentity *pid)
End the session with the given peer (we are no longer connected).
@ GNUNET_CORE_KX_PEER_DISCONNECT
Last state of a KX (when it is being terminated).
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
#define GNUNET_free(ptr)
Wrapper around free.
void GNUNET_MST_destroy(struct GNUNET_MessageStreamTokenizer *mst)
Destroys a tokenizer.
Definition: mst.c:411
struct GNUNET_SCHEDULER_Task * keep_alive_task
ID of task used for sending keep-alive pings.
struct GNUNET_TESTBED_Peer * peer
The peer associated with this model.

References gettext_noop, GNUNET_CONTAINER_DLL_remove, GNUNET_CORE_KX_PEER_DISCONNECT, GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_i2s(), GNUNET_log, GNUNET_MST_destroy(), GNUNET_NO, GNUNET_SCHEDULER_cancel(), GNUNET_STATISTICS_update(), GSC_SESSIONS_end(), GSC_stats, GSC_KeyExchangeInfo::keep_alive_task, kx_head, kx_tail, monitor_notify_all(), GSC_KeyExchangeInfo::mst, GSC_KeyExchangeInfo::peer, peer, GSC_KeyExchangeInfo::retry_set_key_task, and GSC_KeyExchangeInfo::status.

Referenced by GSC_KX_init().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ send_ping()

static void send_ping ( struct GSC_KeyExchangeInfo kx)
static

Send our PING to the other peer.

Parameters
kxkey exchange context

Definition at line 802 of file gnunet-service-core_kx.c.

803 {
804  struct GNUNET_MQ_Envelope *env;
805 
807  gettext_noop ("# PING messages transmitted"),
808  1,
809  GNUNET_NO);
811  GNUNET_MQ_send (kx->mq, env);
812 }
struct GNUNET_MessageHeader header
Message type is GNUNET_MESSAGE_TYPE_CORE_PING.

References env, gettext_noop, GNUNET_MQ_msg_copy(), GNUNET_MQ_send(), GNUNET_NO, GNUNET_STATISTICS_update(), GSC_stats, PingMessage::header, GSC_KeyExchangeInfo::mq, and GSC_KeyExchangeInfo::ping.

Referenced by handle_ephemeral_key(), send_keep_alive(), and send_key().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ derive_session_keys()

static void derive_session_keys ( struct GSC_KeyExchangeInfo kx)
static

Derive fresh session keys from the current ephemeral keys.

Parameters
kxsession to derive keys for

Definition at line 821 of file gnunet-service-core_kx.c.

822 {
823  struct GNUNET_HashCode key_material;
824 
825  if (GNUNET_OK !=
827  &kx->other_ephemeral_key,
828  &key_material))
829  {
830  GNUNET_break (0);
831  return;
832  }
833  derive_aes_key (&GSC_my_identity, kx->peer, &key_material, &kx->encrypt_key);
834  derive_aes_key (kx->peer, &GSC_my_identity, &key_material, &kx->decrypt_key);
835  memset (&key_material, 0, sizeof(key_material));
836  /* fresh key, reset sequence numbers */
838  kx->last_packets_bitmap = 0;
839  setup_fresh_ping (kx);
840 }
static struct GNUNET_CRYPTO_EcdhePrivateKey my_ephemeral_key
Our ephemeral private key.
static void derive_aes_key(const struct GNUNET_PeerIdentity *sender, const struct GNUNET_PeerIdentity *receiver, const struct GNUNET_HashCode *key_material, struct GNUNET_CRYPTO_SymmetricSessionKey *skey)
Derive an AES key from key material.
static void setup_fresh_ping(struct GSC_KeyExchangeInfo *kx)
Create a fresh PING message for transmission to the other peer.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecc_ecdh(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a public and a private ECC key.
Definition: crypto_ecc.c:705
uint32_t last_sequence_number_received
last sequence number received on this connection (highest)
struct GNUNET_CRYPTO_EcdhePublicKey other_ephemeral_key
Ephemeral public ECC key of the other peer.
uint32_t last_packets_bitmap
Bit map indicating which of the 32 sequence numbers before the last were received (good for accepting...

References GSC_KeyExchangeInfo::decrypt_key, derive_aes_key(), GSC_KeyExchangeInfo::encrypt_key, GNUNET_break, GNUNET_CRYPTO_ecc_ecdh(), GNUNET_OK, GSC_my_identity, GSC_KeyExchangeInfo::last_packets_bitmap, GSC_KeyExchangeInfo::last_sequence_number_received, my_ephemeral_key, GSC_KeyExchangeInfo::other_ephemeral_key, GSC_KeyExchangeInfo::peer, and setup_fresh_ping().

Referenced by do_rekey(), and handle_ephemeral_key().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ handle_ephemeral_key()

static void handle_ephemeral_key ( void *  cls,
const struct EphemeralKeyMessage m 
)
static

We received a GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY message.

Validate and update our key material and status.

Parameters
clskey exchange status for the corresponding peer
mthe set key message we received

Definition at line 851 of file gnunet-service-core_kx.c.

852 {
853  struct GSC_KeyExchangeInfo *kx = cls;
854  struct GNUNET_TIME_Absolute start_t;
855  struct GNUNET_TIME_Absolute end_t;
856  struct GNUNET_TIME_Absolute now;
857  enum GNUNET_CORE_KxState sender_status;
858 
859  end_t = GNUNET_TIME_absolute_ntoh (m->expiration_time);
861  (GNUNET_CORE_KX_STATE_UP == kx->status) ||
863  (end_t.abs_value_us < kx->foreign_key_expires.abs_value_us))
864  {
866  gettext_noop ("# old ephemeral keys ignored"),
867  1,
868  GNUNET_NO);
870  "Received expired EPHEMERAL_KEY from %s\n",
871  GNUNET_i2s (&m->origin_identity));
872  return;
873  }
874  if (0 == memcmp (&m->ephemeral_key,
875  &kx->other_ephemeral_key,
876  sizeof(m->ephemeral_key)))
877  {
879  gettext_noop (
880  "# duplicate ephemeral keys ignored"),
881  1,
882  GNUNET_NO);
884  "Ignoring duplicate EPHEMERAL_KEY from %s\n",
885  GNUNET_i2s (&m->origin_identity));
886  return;
887  }
888  if (0 != memcmp (&m->origin_identity,
889  kx->peer,
890  sizeof(struct GNUNET_PeerIdentity)))
891  {
893  "Received EPHEMERAL_KEY from %s, but expected %s\n",
894  GNUNET_i2s (&m->origin_identity),
895  GNUNET_i2s_full (kx->peer));
896  GNUNET_break_op (0);
897  return;
898  }
899  if ((ntohl (m->purpose.size) !=
900  sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
901  + sizeof(struct GNUNET_TIME_AbsoluteNBO)
902  + sizeof(struct GNUNET_TIME_AbsoluteNBO)
903  + sizeof(struct GNUNET_CRYPTO_EddsaPublicKey)
904  + sizeof(struct GNUNET_CRYPTO_EddsaPublicKey)) ||
905  (GNUNET_OK !=
907  &m->purpose,
908  &m->signature,
909  &m->origin_identity.public_key)))
910  {
911  /* invalid signature */
912  GNUNET_break_op (0);
914  gettext_noop (
915  "# EPHEMERAL_KEYs rejected (bad signature)"),
916  1,
917  GNUNET_NO);
919  "Received EPHEMERAL_KEY from %s with bad signature\n",
920  GNUNET_i2s (&m->origin_identity));
921  return;
922  }
923  now = GNUNET_TIME_absolute_get ();
924  start_t = GNUNET_TIME_absolute_ntoh (m->creation_time);
925  if ((end_t.abs_value_us <
927  (start_t.abs_value_us >
929  {
930  GNUNET_log (
932  _ (
933  "EPHEMERAL_KEY from peer `%s' rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"),
934  GNUNET_i2s (kx->peer),
935  (unsigned long long) now.abs_value_us,
936  (unsigned long long) start_t.abs_value_us,
937  (unsigned long long) end_t.abs_value_us);
939  gettext_noop (
940  "# EPHEMERAL_KEY messages rejected due to time"),
941  1,
942  GNUNET_NO);
943  return;
944  }
945 #if DEBUG_KX
946  {
947  struct GNUNET_HashCode eh;
948 
949  GNUNET_CRYPTO_hash (&m->ephemeral_key, sizeof(m->ephemeral_key), &eh);
951  "Received valid EPHEMERAL_KEY `%s' from `%s' in state %d.\n",
952  GNUNET_h2s (&eh),
953  GNUNET_i2s (kx->peer),
954  kx->status);
955  }
956 #endif
958  gettext_noop ("# valid ephemeral keys received"),
959  1,
960  GNUNET_NO);
961  kx->other_ephemeral_key = m->ephemeral_key;
962  kx->foreign_key_expires = end_t;
963  derive_session_keys (kx);
964 
965  /* check if we still need to send the sender our key */
966  sender_status = (enum GNUNET_CORE_KxState) ntohl (m->sender_status);
967  switch (sender_status)
968  {
970  GNUNET_break_op (0);
971  break;
972 
974  /* fine, need to send our key after updating our status, see below */
976  break;
977 
979  /* other peer already got our key, but typemap did go down */
981  break;
982 
984  /* other peer already got our key, typemap NOT down */
985  break;
986 
988  /* other peer already got our key, typemap NOT down */
989  break;
990 
991  default:
992  GNUNET_break (0);
993  break;
994  }
995  /* check if we need to confirm everything is fine via PING + PONG */
996  switch (kx->status)
997  {
999  GNUNET_assert (NULL == kx->keep_alive_task);
1001  monitor_notify_all (kx);
1002  if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1003  send_key (kx);
1004  else
1005  send_ping (kx);
1006  break;
1007 
1009  GNUNET_assert (NULL == kx->keep_alive_task);
1011  monitor_notify_all (kx);
1012  if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1013  send_key (kx);
1014  else
1015  send_ping (kx);
1016  break;
1017 
1019  GNUNET_assert (NULL == kx->keep_alive_task);
1020  if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1021  send_key (kx);
1022  else
1023  send_ping (kx);
1024  break;
1025 
1028  monitor_notify_all (kx);
1029  if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1030  send_key (kx);
1031  else
1032  send_ping (kx);
1033  break;
1034 
1036  if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1037  send_key (kx);
1038  else
1039  send_ping (kx);
1040  break;
1041 
1042  default:
1043  GNUNET_break (0);
1044  break;
1045  }
1046 }
#define REKEY_TOLERANCE
What time difference do we tolerate?
static void derive_session_keys(struct GSC_KeyExchangeInfo *kx)
Derive fresh session keys from the current ephemeral keys.
void GSC_SESSIONS_reinit(const struct GNUNET_PeerIdentity *peer)
The other peer has indicated that it 'lost' the session (KX down), reinitialize the session on our en...
GNUNET_CORE_KxState
State machine for our P2P encryption handshake.
int GNUNET_CRYPTO_eddsa_verify_(uint32_t purpose, const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Verify EdDSA signature.
Definition: crypto_ecc.c:682
const char * GNUNET_i2s_full(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
@ GNUNET_ERROR_TYPE_WARNING
#define GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY
Purpose is to set a session key.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:86
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_ntoh(struct GNUNET_TIME_AbsoluteNBO a)
Convert absolute time from network byte order.
Definition: time.c:542
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_subtract(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Subtract a given relative duration from the given start time.
Definition: time.c:296
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
Definition: time.c:277
#define _(String)
GNU gettext support macro.
Definition: platform.h:177
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...
Time for absolute time used by GNUnet, in microseconds and in network byte order.
Time for absolute times used by GNUnet, in microseconds.
uint64_t abs_value_us
The actual value.
struct GNUNET_TIME_Absolute foreign_key_expires
At what time did the other peer generate the decryption key?

References _, GNUNET_TIME_Absolute::abs_value_us, derive_session_keys(), GSC_KeyExchangeInfo::foreign_key_expires, gettext_noop, GNUNET_assert, GNUNET_break, GNUNET_break_op, GNUNET_CORE_KX_STATE_DOWN, GNUNET_CORE_KX_STATE_KEY_RECEIVED, GNUNET_CORE_KX_STATE_KEY_SENT, GNUNET_CORE_KX_STATE_REKEY_SENT, GNUNET_CORE_KX_STATE_UP, GNUNET_CRYPTO_eddsa_verify_(), GNUNET_CRYPTO_hash(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_h2s(), GNUNET_i2s(), GNUNET_i2s_full(), GNUNET_log, GNUNET_NO, GNUNET_OK, GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY, GNUNET_STATISTICS_update(), GNUNET_TIME_absolute_add(), GNUNET_TIME_absolute_get(), GNUNET_TIME_absolute_ntoh(), GNUNET_TIME_absolute_subtract(), GSC_SESSIONS_reinit(), GSC_stats, GSC_KeyExchangeInfo::keep_alive_task, m, monitor_notify_all(), GSC_KeyExchangeInfo::other_ephemeral_key, GSC_KeyExchangeInfo::peer, REKEY_TOLERANCE, send_key(), send_ping(), and GSC_KeyExchangeInfo::status.

Here is the call graph for this function:

◆ handle_ping()

static void handle_ping ( void *  cls,
const struct PingMessage m 
)
static

We received a PING message.

Validate and transmit a PONG message.

Parameters
clskey exchange status for the corresponding peer
mthe encrypted PING message itself

Definition at line 1057 of file gnunet-service-core_kx.c.

1058 {
1059  struct GSC_KeyExchangeInfo *kx = cls;
1060  struct PingMessage t;
1061  struct PongMessage tx;
1062  struct PongMessage *tp;
1063  struct GNUNET_MQ_Envelope *env;
1065 
1067  gettext_noop ("# PING messages received"),
1068  1,
1069  GNUNET_NO);
1071  (kx->status != GNUNET_CORE_KX_STATE_UP) &&
1073  {
1074  /* ignore */
1076  gettext_noop (
1077  "# PING messages dropped (out of order)"),
1078  1,
1079  GNUNET_NO);
1080  return;
1081  }
1083  "Core service receives PING request from `%s'.\n",
1084  GNUNET_i2s (kx->peer));
1085  derive_iv (&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity);
1086  if (GNUNET_OK != do_decrypt (kx,
1087  &iv,
1088  &m->target,
1089  &t.target,
1090  sizeof(struct PingMessage)
1091  - ((void *) &m->target - (void *) m)))
1092  {
1093  GNUNET_break_op (0);
1094  return;
1095  }
1096  if (0 !=
1097  memcmp (&t.target, &GSC_my_identity, sizeof(struct GNUNET_PeerIdentity)))
1098  {
1101  "Decryption of PING from peer `%s' failed, PING for `%s'?\n",
1102  GNUNET_i2s (kx->peer),
1103  GNUNET_i2s2 (&t.target));
1104  else
1105  GNUNET_log (
1107  "Decryption of PING from peer `%s' failed after rekey (harmless)\n",
1108  GNUNET_i2s (kx->peer));
1109  GNUNET_break_op (0);
1110  return;
1111  }
1112  /* construct PONG */
1113  tx.reserved = 0;
1114  tx.challenge = t.challenge;
1115  tx.target = t.target;
1117  tp->iv_seed = calculate_seed (kx);
1118  derive_pong_iv (&iv, &kx->encrypt_key, tp->iv_seed, t.challenge, kx->peer);
1119  do_encrypt (kx,
1120  &iv,
1121  &tx.challenge,
1122  &tp->challenge,
1123  sizeof(struct PongMessage)
1124  - ((void *) &tp->challenge - (void *) tp));
1126  gettext_noop ("# PONG messages created"),
1127  1,
1128  GNUNET_NO);
1129  GNUNET_MQ_send (kx->mq, env);
1130 }
static int do_decrypt(struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
Decrypt size bytes from in and write the result to out.
static void derive_pong_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed, uint32_t challenge, const struct GNUNET_PeerIdentity *identity)
Derive an IV from pong packet information.
static struct GNUNET_SCHEDULER_Task * t
Main task.
#define GNUNET_MQ_msg(mvar, type)
Allocate a GNUNET_MQ_Envelope.
Definition: gnunet_mq_lib.h:67
#define GNUNET_MESSAGE_TYPE_CORE_PONG
Confirmation that other peer is alive.
Response to a PING.
uint32_t challenge
Random number to make replay attacks harder.
uint32_t iv_seed
Seed for the IV.

References calculate_seed(), PongMessage::challenge, GSC_KeyExchangeInfo::decrypt_key, derive_iv(), derive_pong_iv(), do_decrypt(), do_encrypt(), GSC_KeyExchangeInfo::encrypt_key, env, gettext_noop, GNUNET_break_op, GNUNET_CORE_KX_STATE_KEY_RECEIVED, GNUNET_CORE_KX_STATE_REKEY_SENT, GNUNET_CORE_KX_STATE_UP, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_i2s(), GNUNET_i2s2(), GNUNET_log, GNUNET_MESSAGE_TYPE_CORE_PONG, GNUNET_MQ_msg, GNUNET_MQ_send(), GNUNET_NO, GNUNET_OK, GNUNET_STATISTICS_update(), GSC_my_identity, GSC_stats, PongMessage::iv_seed, m, GSC_KeyExchangeInfo::mq, GSC_KeyExchangeInfo::peer, PongMessage::reserved, GSC_KeyExchangeInfo::status, t, and PongMessage::target.

Here is the call graph for this function:

◆ send_keep_alive()

static void send_keep_alive ( void *  cls)
static

Task triggered when a neighbour entry is about to time out (and we should prevent this by sending a PING).

Parameters
clsthe struct GSC_KeyExchangeInfo

Definition at line 1140 of file gnunet-service-core_kx.c.

1141 {
1142  struct GSC_KeyExchangeInfo *kx = cls;
1143  struct GNUNET_TIME_Relative retry;
1144  struct GNUNET_TIME_Relative left;
1145 
1146  kx->keep_alive_task = NULL;
1148  if (0 == left.rel_value_us)
1149  {
1151  gettext_noop ("# sessions terminated by timeout"),
1152  1,
1153  GNUNET_NO);
1154  GSC_SESSIONS_end (kx->peer);
1156  monitor_notify_all (kx);
1157  send_key (kx);
1158  return;
1159  }
1161  "Sending KEEPALIVE to `%s'\n",
1162  GNUNET_i2s (kx->peer));
1164  gettext_noop ("# keepalive messages sent"),
1165  1,
1166  GNUNET_NO);
1167  setup_fresh_ping (kx);
1168  send_ping (kx);
1171  kx->keep_alive_task =
1173 }
#define MIN_PING_FREQUENCY
What is the minimum frequency for a PING message?
static void send_keep_alive(void *cls)
Task triggered when a neighbour entry is about to time out (and we should prevent this by sending a P...
struct GNUNET_TIME_Relative GNUNET_TIME_relative_max(struct GNUNET_TIME_Relative t1, struct GNUNET_TIME_Relative t2)
Return the maximum of two relative time values.
Definition: time.c:208
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:232
struct GNUNET_TIME_Relative GNUNET_TIME_relative_divide(struct GNUNET_TIME_Relative rel, unsigned long long factor)
Divide relative time by a given factor.
Definition: time.c:376
Time for relative time used by GNUnet, in microseconds.

References gettext_noop, GNUNET_CORE_KX_STATE_KEY_SENT, GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_NO, GNUNET_SCHEDULER_add_delayed(), GNUNET_STATISTICS_update(), GNUNET_TIME_absolute_get_remaining(), GNUNET_TIME_relative_divide(), GNUNET_TIME_relative_max(), GSC_SESSIONS_end(), GSC_stats, GSC_KeyExchangeInfo::keep_alive_task, MIN_PING_FREQUENCY, monitor_notify_all(), GSC_KeyExchangeInfo::peer, GNUNET_TIME_Relative::rel_value_us, send_key(), send_ping(), setup_fresh_ping(), GSC_KeyExchangeInfo::status, and GSC_KeyExchangeInfo::timeout.

Referenced by update_timeout().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ update_timeout()

static void update_timeout ( struct GSC_KeyExchangeInfo kx)
static

We've seen a valid message from the other peer.

Update the time when the session would time out and delay sending our keep alive message further.

Parameters
kxkey exchange where we saw activity

Definition at line 1184 of file gnunet-service-core_kx.c.

1185 {
1186  struct GNUNET_TIME_Relative delta;
1187 
1188  kx->timeout =
1190  delta =
1192  if (delta.rel_value_us > 5LL * 1000LL * 1000LL)
1193  {
1194  /* we only notify monitors about timeout changes if those
1195  are bigger than the threshold (5s) */
1196  monitor_notify_all (kx);
1197  }
1198  if (NULL != kx->keep_alive_task)
1202  &send_keep_alive,
1203  kx);
1204 }
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don't receive messages from the peer?
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:181
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_difference(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Absolute end)
Compute the time difference between the given start and end times.
Definition: time.c:248
static struct GNUNET_TIME_Relative delta
Definition: speedup.c:35
uint64_t rel_value_us
The actual value.

References delta, GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, GNUNET_SCHEDULER_add_delayed(), GNUNET_SCHEDULER_cancel(), GNUNET_TIME_absolute_get_difference(), GNUNET_TIME_relative_divide(), GNUNET_TIME_relative_to_absolute(), GSC_KeyExchangeInfo::keep_alive_task, GSC_KeyExchangeInfo::last_notify_timeout, monitor_notify_all(), GNUNET_TIME_Relative::rel_value_us, send_keep_alive(), and GSC_KeyExchangeInfo::timeout.

Referenced by handle_encrypted(), and handle_pong().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ handle_pong()

static void handle_pong ( void *  cls,
const struct PongMessage m 
)
static

We received a PONG message.

Validate and update our status.

Parameters
kxkey exchange context for the the PONG
mthe encrypted PONG message itself

Definition at line 1214 of file gnunet-service-core_kx.c.

1215 {
1216  struct GSC_KeyExchangeInfo *kx = cls;
1217  struct PongMessage t;
1219 
1221  gettext_noop ("# PONG messages received"),
1222  1,
1223  GNUNET_NO);
1224  switch (kx->status)
1225  {
1228  gettext_noop (
1229  "# PONG messages dropped (connection down)"),
1230  1,
1231  GNUNET_NO);
1232  return;
1233 
1236  gettext_noop (
1237  "# PONG messages dropped (out of order)"),
1238  1,
1239  GNUNET_NO);
1240  return;
1241 
1243  break;
1244 
1246  break;
1247 
1249  break;
1250 
1251  default:
1252  GNUNET_break (0);
1253  return;
1254  }
1256  "Core service receives PONG response from `%s'.\n",
1257  GNUNET_i2s (kx->peer));
1258  /* mark as garbage, just to be sure */
1259  memset (&t, 255, sizeof(t));
1260  derive_pong_iv (&iv,
1261  &kx->decrypt_key,
1262  m->iv_seed,
1263  kx->ping_challenge,
1264  &GSC_my_identity);
1265  if (GNUNET_OK != do_decrypt (kx,
1266  &iv,
1267  &m->challenge,
1268  &t.challenge,
1269  sizeof(struct PongMessage)
1270  - ((void *) &m->challenge - (void *) m)))
1271  {
1272  GNUNET_break_op (0);
1273  return;
1274  }
1276  gettext_noop ("# PONG messages decrypted"),
1277  1,
1278  GNUNET_NO);
1279  if ((0 !=
1280  memcmp (&t.target, kx->peer, sizeof(struct GNUNET_PeerIdentity))) ||
1281  (kx->ping_challenge != t.challenge))
1282  {
1283  /* PONG malformed */
1285  "Received malformed PONG wanted sender `%s' with challenge %u\n",
1286  GNUNET_i2s (kx->peer),
1287  (unsigned int) kx->ping_challenge);
1289  "Received malformed PONG received from `%s' with challenge %u\n",
1290  GNUNET_i2s (&t.target),
1291  (unsigned int) t.challenge);
1292  return;
1293  }
1295  "Received valid PONG from `%s'\n",
1296  GNUNET_i2s (kx->peer));
1297  /* no need to resend key any longer */
1298  if (NULL != kx->retry_set_key_task)
1299  {
1301  kx->retry_set_key_task = NULL;
1302  }
1303  switch (kx->status)
1304  {
1306  GNUNET_assert (0); /* should be impossible */
1307  return;
1308 
1310  GNUNET_assert (0); /* should be impossible */
1311  return;
1312 
1315  gettext_noop (
1316  "# session keys confirmed via PONG"),
1317  1,
1318  GNUNET_NO);
1320  monitor_notify_all (kx);
1321  GSC_SESSIONS_create (kx->peer, kx);
1322  GNUNET_assert (NULL == kx->keep_alive_task);
1323  update_timeout (kx);
1324  break;
1325 
1328  gettext_noop ("# timeouts prevented via PONG"),
1329  1,
1330  GNUNET_NO);
1331  update_timeout (kx);
1332  break;
1333 
1336  gettext_noop (
1337  "# rekey operations confirmed via PONG"),
1338  1,
1339  GNUNET_NO);
1341  monitor_notify_all (kx);
1342  update_timeout (kx);
1343  break;
1344 
1345  default:
1346  GNUNET_break (0);
1347  break;
1348  }
1349 }
static void update_timeout(struct GSC_KeyExchangeInfo *kx)
We've seen a valid message from the other peer.
void GSC_SESSIONS_create(const struct GNUNET_PeerIdentity *peer, struct GSC_KeyExchangeInfo *kx)
Create a session, a key exchange was just completed.

References GSC_KeyExchangeInfo::decrypt_key, derive_pong_iv(), do_decrypt(), gettext_noop, GNUNET_assert, GNUNET_break, GNUNET_break_op, GNUNET_CORE_KX_STATE_DOWN, GNUNET_CORE_KX_STATE_KEY_RECEIVED, GNUNET_CORE_KX_STATE_KEY_SENT, GNUNET_CORE_KX_STATE_REKEY_SENT, GNUNET_CORE_KX_STATE_UP, GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_NO, GNUNET_OK, GNUNET_SCHEDULER_cancel(), GNUNET_STATISTICS_update(), GSC_my_identity, GSC_SESSIONS_create(), GSC_stats, GSC_KeyExchangeInfo::keep_alive_task, m, monitor_notify_all(), GSC_KeyExchangeInfo::peer, GSC_KeyExchangeInfo::ping_challenge, GSC_KeyExchangeInfo::retry_set_key_task, GSC_KeyExchangeInfo::status, t, and update_timeout().

Here is the call graph for this function:

◆ GSC_KX_encrypt_and_transmit()

void GSC_KX_encrypt_and_transmit ( struct GSC_KeyExchangeInfo kx,
const void *  payload,
size_t  payload_size 
)

Encrypt and transmit a message with the given payload.

Parameters
kxkey exchange context
payloadpayload of the message
payload_sizenumber of bytes in payload

Definition at line 1403 of file gnunet-service-core_kx.c.

1406 {
1407  size_t used = payload_size + sizeof(struct EncryptedMessage);
1408  char pbuf[used]; /* plaintext */
1409  struct EncryptedMessage *em; /* encrypted message */
1410  struct EncryptedMessage *ph; /* plaintext header */
1411  struct GNUNET_MQ_Envelope *env;
1413  struct GNUNET_CRYPTO_AuthKey auth_key;
1414 
1415  ph = (struct EncryptedMessage *) pbuf;
1416  ph->sequence_number = htonl (++kx->last_sequence_number_sent);
1417  ph->iv_seed = calculate_seed (kx);
1418  ph->reserved = 0;
1420  GNUNET_memcpy (&ph[1], payload, payload_size);
1421  env = GNUNET_MQ_msg_extra (em,
1422  payload_size,
1424  em->iv_seed = ph->iv_seed;
1425  derive_iv (&iv, &kx->encrypt_key, ph->iv_seed, kx->peer);
1427  &iv,
1428  &ph->sequence_number,
1429  &em->sequence_number,
1430  used - ENCRYPTED_HEADER_SIZE));
1431 #if DEBUG_KX
1432  {
1433  struct GNUNET_HashCode hc;
1434 
1435  GNUNET_CRYPTO_hash (&ph->sequence_number,
1436  used - ENCRYPTED_HEADER_SIZE,
1437  &hc);
1439  "Encrypted payload `%s' of %u bytes for %s\n",
1440  GNUNET_h2s (&hc),
1441  (unsigned int) (used - ENCRYPTED_HEADER_SIZE),
1442  GNUNET_i2s (kx->peer));
1443  }
1444 #endif
1445  derive_auth_key (&auth_key, &kx->encrypt_key, ph->iv_seed);
1446  GNUNET_CRYPTO_hmac (&auth_key,
1447  &em->sequence_number,
1448  used - ENCRYPTED_HEADER_SIZE,
1449  &em->hmac);
1450 #if DEBUG_KX
1451  {
1452  struct GNUNET_HashCode hc;
1453 
1454  GNUNET_CRYPTO_hash (&auth_key, sizeof(auth_key), &hc);
1456  "For peer %s, used AC %s to create hmac %s\n",
1457  GNUNET_i2s (kx->peer),
1458  GNUNET_h2s (&hc),
1459  GNUNET_h2s2 (&em->hmac));
1460  }
1461 #endif
1463  GNUNET_MQ_send (kx->mq, env);
1464 }
static struct GNUNET_ATS_PerformanceHandle * ph
ATS performance handle used.
Definition: gnunet-ats.c:116
#define ENCRYPTED_HEADER_SIZE
Number of bytes (at the beginning) of struct EncryptedMessage that are NOT encrypted.
static void derive_auth_key(struct GNUNET_CRYPTO_AuthKey *akey, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed)
Derive an authentication key from "set key" information.
static unsigned long long payload
How much data are we currently storing in the database?
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
void GNUNET_CRYPTO_hmac(const struct GNUNET_CRYPTO_AuthKey *key, const void *plaintext, size_t plaintext_len, struct GNUNET_HashCode *hmac)
Calculate HMAC of a message (RFC 2104)
Definition: crypto_hash.c:301
const char * GNUNET_h2s2(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
#define GNUNET_MQ_msg_extra(mvar, esize, type)
Allocate an envelope, with extra space allocated after the space needed by the message struct.
Definition: gnunet_mq_lib.h:52
#define GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE
Encapsulation for an encrypted message between peers.
Encapsulation for encrypted messages exchanged between peers.
uint32_t iv_seed
Random value used for IV generation.
uint32_t sequence_number
Sequence number, in network byte order.
struct GNUNET_HashCode hmac
MAC of the encrypted message (starting at sequence_number), used to verify message integrity.
type for (message) authentication keys
uint32_t last_sequence_number_sent
last sequence number transmitted
int has_excess_bandwidth
GNUNET_YES if this peer currently has excess bandwidth.

References calculate_seed(), derive_auth_key(), derive_iv(), do_encrypt(), GSC_KeyExchangeInfo::encrypt_key, ENCRYPTED_HEADER_SIZE, env, GNUNET_assert, GNUNET_CRYPTO_hash(), GNUNET_CRYPTO_hmac(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_h2s2(), GNUNET_i2s(), GNUNET_log, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), GNUNET_NO, GNUNET_OK, GNUNET_TIME_absolute_get(), GNUNET_TIME_absolute_hton(), GSC_KeyExchangeInfo::has_excess_bandwidth, EncryptedMessage::hmac, EncryptedMessage::iv_seed, GSC_KeyExchangeInfo::last_sequence_number_sent, GSC_KeyExchangeInfo::mq, payload, GSC_KeyExchangeInfo::peer, ph, and EncryptedMessage::sequence_number.

Referenced by transmit_typemap_task(), and try_transmission().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ check_encrypted()

static int check_encrypted ( void *  cls,
const struct EncryptedMessage m 
)
static

We received an encrypted message.

Check that it is well-formed (size-wise).

Parameters
clskey exchange context for encrypting the message
mencrypted message
Returns
GNUNET_OK if msg is well-formed (size-wise)

Definition at line 1476 of file gnunet-service-core_kx.c.

1477 {
1478  uint16_t size = ntohs (m->header.size) - sizeof(*m);
1479 
1480  if (size < sizeof(struct GNUNET_MessageHeader))
1481  {
1482  GNUNET_break_op (0);
1483  return GNUNET_SYSERR;
1484  }
1485  return GNUNET_OK;
1486 }

References GNUNET_break_op, GNUNET_OK, GNUNET_SYSERR, m, and size.

◆ handle_encrypted()

static void handle_encrypted ( void *  cls,
const struct EncryptedMessage m 
)
static

We received an encrypted message.

Decrypt, validate and pass on to the appropriate clients.

Parameters
clskey exchange context for encrypting the message
mencrypted message

Definition at line 1497 of file gnunet-service-core_kx.c.

1498 {
1499  struct GSC_KeyExchangeInfo *kx = cls;
1500  struct EncryptedMessage *pt; /* plaintext */
1501  struct GNUNET_HashCode ph;
1502  uint32_t snum;
1503  struct GNUNET_TIME_Absolute t;
1505  struct GNUNET_CRYPTO_AuthKey auth_key;
1506  uint16_t size = ntohs (m->header.size);
1507  char buf[size] GNUNET_ALIGN;
1508 
1509  if (GNUNET_CORE_KX_STATE_UP != kx->status)
1510  {
1512  gettext_noop (
1513  "# DATA message dropped (out of order)"),
1514  1,
1515  GNUNET_NO);
1516  return;
1517  }
1518  if (0 ==
1520  {
1521  GNUNET_log (
1523  _ (
1524  "Session to peer `%s' went down due to key expiration (should not happen)\n"),
1525  GNUNET_i2s (kx->peer));
1527  gettext_noop (
1528  "# sessions terminated by key expiration"),
1529  1,
1530  GNUNET_NO);
1531  GSC_SESSIONS_end (kx->peer);
1532  if (NULL != kx->keep_alive_task)
1533  {
1535  kx->keep_alive_task = NULL;
1536  }
1538  monitor_notify_all (kx);
1539  send_key (kx);
1540  return;
1541  }
1542 
1543  /* validate hash */
1544 #if DEBUG_KX
1545  {
1546  struct GNUNET_HashCode hc;
1547 
1548  GNUNET_CRYPTO_hash (&m->sequence_number, size - ENCRYPTED_HEADER_SIZE, &hc);
1550  "Received encrypted payload `%s' of %u bytes from %s\n",
1551  GNUNET_h2s (&hc),
1552  (unsigned int) (size - ENCRYPTED_HEADER_SIZE),
1553  GNUNET_i2s (kx->peer));
1554  }
1555 #endif
1556  derive_auth_key (&auth_key, &kx->decrypt_key, m->iv_seed);
1557  GNUNET_CRYPTO_hmac (&auth_key,
1558  &m->sequence_number,
1560  &ph);
1561 #if DEBUG_KX
1562  {
1563  struct GNUNET_HashCode hc;
1564 
1565  GNUNET_CRYPTO_hash (&auth_key, sizeof(auth_key), &hc);
1567  "For peer %s, used AC %s to verify hmac %s\n",
1568  GNUNET_i2s (kx->peer),
1569  GNUNET_h2s (&hc),
1570  GNUNET_h2s2 (&m->hmac));
1571  }
1572 #endif
1573  if (0 != memcmp (&ph, &m->hmac, sizeof(struct GNUNET_HashCode)))
1574  {
1575  /* checksum failed */
1577  "Failed checksum validation for a message from `%s'\n",
1578  GNUNET_i2s (kx->peer));
1579  return;
1580  }
1581  derive_iv (&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity);
1582  /* decrypt */
1583  if (GNUNET_OK != do_decrypt (kx,
1584  &iv,
1585  &m->sequence_number,
1588  {
1589  GNUNET_break_op (0);
1590  return;
1591  }
1593  "Decrypted %u bytes from %s\n",
1594  (unsigned int) (size - ENCRYPTED_HEADER_SIZE),
1595  GNUNET_i2s (kx->peer));
1596  pt = (struct EncryptedMessage *) buf;
1597 
1598  /* validate sequence number */
1599  snum = ntohl (pt->sequence_number);
1600  if (kx->last_sequence_number_received == snum)
1601  {
1603  "Received duplicate message, ignoring.\n");
1604  /* duplicate, ignore */
1606  gettext_noop ("# bytes dropped (duplicates)"),
1607  size,
1608  GNUNET_NO);
1609  return;
1610  }
1611  if ((kx->last_sequence_number_received > snum) &&
1612  (kx->last_sequence_number_received - snum > 32))
1613  {
1615  "Received ancient out of sequence message, ignoring.\n");
1616  /* ancient out of sequence, ignore */
1618  gettext_noop (
1619  "# bytes dropped (out of sequence)"),
1620  size,
1621  GNUNET_NO);
1622  return;
1623  }
1624  if (kx->last_sequence_number_received > snum)
1625  {
1626  uint32_t rotbit = 1U << (kx->last_sequence_number_received - snum - 1);
1627 
1628  if ((kx->last_packets_bitmap & rotbit) != 0)
1629  {
1631  "Received duplicate message, ignoring.\n");
1633  gettext_noop ("# bytes dropped (duplicates)"),
1634  size,
1635  GNUNET_NO);
1636  /* duplicate, ignore */
1637  return;
1638  }
1639  kx->last_packets_bitmap |= rotbit;
1640  }
1641  if (kx->last_sequence_number_received < snum)
1642  {
1643  unsigned int shift = (snum - kx->last_sequence_number_received);
1644 
1645  if (shift >= 8 * sizeof(kx->last_packets_bitmap))
1646  kx->last_packets_bitmap = 0;
1647  else
1648  kx->last_packets_bitmap <<= shift;
1649  kx->last_sequence_number_received = snum;
1650  }
1651 
1652  /* check timestamp */
1654  if (GNUNET_TIME_absolute_get_duration (t).rel_value_us >
1655  MAX_MESSAGE_AGE.rel_value_us)
1656  {
1658  "Message received far too old (%s). Content ignored.\n",
1661  GNUNET_YES));
1663  gettext_noop (
1664  "# bytes dropped (ancient message)"),
1665  size,
1666  GNUNET_NO);
1667  return;
1668  }
1669 
1670  /* process decrypted message(s) */
1671  update_timeout (kx);
1673  gettext_noop ("# bytes of payload decrypted"),
1674  size - sizeof(struct EncryptedMessage),
1675  GNUNET_NO);
1676  if (GNUNET_OK !=
1678  &buf[sizeof(struct EncryptedMessage)],
1679  size - sizeof(struct EncryptedMessage),
1680  GNUNET_YES,
1681  GNUNET_NO))
1682  GNUNET_break_op (0);
1683 }
#define MAX_MESSAGE_AGE
What is the maximum age of a message for us to consider processing it? Note that this looks at the ti...
static char buf[2048]
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to 'struct's.
@ GNUNET_YES
Definition: gnunet_common.h:97
int GNUNET_MST_from_buffer(struct GNUNET_MessageStreamTokenizer *mst, const char *buf, size_t size, int purge, int one_shot)
Add incoming data to the receive buffer and call the callback for all complete messages.
Definition: mst.c:114
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_duration(struct GNUNET_TIME_Absolute whence)
Get the duration of an operation as the difference of the current time and the given start time "henc...
Definition: time.c:263
const char * GNUNET_STRINGS_relative_time_to_string(struct GNUNET_TIME_Relative delta, int do_round)
Give relative time in human-readable fancy format.
Definition: strings.c:557
struct GNUNET_TIME_AbsoluteNBO timestamp
Timestamp.

References _, buf, GSC_KeyExchangeInfo::decrypt_key, derive_auth_key(), derive_iv(), do_decrypt(), ENCRYPTED_HEADER_SIZE, GSC_KeyExchangeInfo::foreign_key_expires, gettext_noop, GNUNET_ALIGN, GNUNET_break_op, GNUNET_CORE_KX_STATE_KEY_SENT, GNUNET_CORE_KX_STATE_UP, GNUNET_CRYPTO_hash(), GNUNET_CRYPTO_hmac(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_h2s(), GNUNET_h2s2(), GNUNET_i2s(), GNUNET_log, GNUNET_MST_from_buffer(), GNUNET_NO, GNUNET_OK, GNUNET_SCHEDULER_cancel(), GNUNET_STATISTICS_update(), GNUNET_STRINGS_relative_time_to_string(), GNUNET_TIME_absolute_get_duration(), GNUNET_TIME_absolute_get_remaining(), GNUNET_TIME_absolute_ntoh(), GNUNET_YES, GSC_my_identity, GSC_SESSIONS_end(), GSC_stats, GSC_KeyExchangeInfo::keep_alive_task, GSC_KeyExchangeInfo::last_packets_bitmap, GSC_KeyExchangeInfo::last_sequence_number_received, m, MAX_MESSAGE_AGE, monitor_notify_all(), GSC_KeyExchangeInfo::mst, GSC_KeyExchangeInfo::peer, ph, GNUNET_TIME_Relative::rel_value_us, send_key(), EncryptedMessage::sequence_number, size, GSC_KeyExchangeInfo::status, t, EncryptedMessage::timestamp, and update_timeout().

Here is the call graph for this function:

◆ handle_transport_notify_excess_bw()

static void handle_transport_notify_excess_bw ( void *  cls,
const struct GNUNET_PeerIdentity pid,
void *  connect_cls 
)
static

One of our neighbours has excess bandwidth, remember this.

Parameters
clsNULL
pididentity of the peer with excess bandwidth
connect_clsthe struct Neighbour

Definition at line 1694 of file gnunet-service-core_kx.c.

1697 {
1698  struct GSC_KeyExchangeInfo *kx = connect_cls;
1699 
1701  "Peer %s has excess bandwidth available\n",
1702  GNUNET_i2s (pid));
1705 }
void GSC_SESSIONS_solicit(const struct GNUNET_PeerIdentity *pid)
Traffic is being solicited for the given peer.

References GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_YES, GSC_SESSIONS_solicit(), GSC_KeyExchangeInfo::has_excess_bandwidth, and pid.

Referenced by GSC_KX_init().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ sign_ephemeral_key()

static void sign_ephemeral_key ( )
static

Setup the message that links the ephemeral key to our persistent public key and generate the appropriate signature.

Definition at line 1713 of file gnunet-service-core_kx.c.

1714 {
1715  current_ekm.header.size = htons (sizeof(struct EphemeralKeyMessage));
1717  current_ekm.sender_status = 0; /* to be set later */
1720  htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
1721  + sizeof(struct GNUNET_TIME_AbsoluteNBO)
1722  + sizeof(struct GNUNET_TIME_AbsoluteNBO)
1723  + sizeof(struct GNUNET_CRYPTO_EcdhePublicKey)
1724  + sizeof(struct GNUNET_PeerIdentity));
1728  "core",
1729  "USE_EPHEMERAL_KEYS"))
1730  {
1734  REKEY_TOLERANCE)));
1735  }
1736  else
1737  {
1740  }
1748 }
const struct GNUNET_CONFIGURATION_Handle * GSC_cfg
Our configuration.
static struct GNUNET_CRYPTO_EddsaPrivateKey my_private_key
Our private key.
#define REKEY_FREQUENCY
How often do we rekey?
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_yesno(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option)
Get a configuration value that should be in a set of "YES" or "NO".
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_sign_(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
EdDSA sign a given block.
Definition: crypto_ecc.c:599
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:213
#define GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY
Session key exchange between peers.
struct GNUNET_TIME_Relative GNUNET_TIME_relative_add(struct GNUNET_TIME_Relative a1, struct GNUNET_TIME_Relative a2)
Add relative times together.
Definition: time.c:411
#define GNUNET_TIME_UNIT_FOREVER_ABS
Constant used to specify "forever".
Message transmitted with the signed ephemeral key of a peer.
struct GNUNET_PeerIdentity origin_identity
Public key of the signing peer (persistent version, not the ephemeral public key).
struct GNUNET_TIME_AbsoluteNBO expiration_time
When does the given ephemeral key expire (end of validity).
struct GNUNET_CRYPTO_EddsaSignature signature
An ECC signature of the origin_identity asserting the validity of the given ephemeral key.
struct GNUNET_TIME_AbsoluteNBO creation_time
At what time was this key created (beginning of validity).
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Information about what is being signed.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!...
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...

References EphemeralKeyMessage::creation_time, current_ekm, EphemeralKeyMessage::ephemeral_key, EphemeralKeyMessage::expiration_time, GNUNET_assert, GNUNET_CONFIGURATION_get_value_yesno(), GNUNET_CRYPTO_ecdhe_key_get_public(), GNUNET_CRYPTO_eddsa_sign_(), GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY, GNUNET_OK, GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY, GNUNET_TIME_absolute_get(), GNUNET_TIME_absolute_hton(), GNUNET_TIME_relative_add(), GNUNET_TIME_relative_to_absolute(), GNUNET_TIME_UNIT_FOREVER_ABS, GNUNET_YES, GSC_cfg, GSC_my_identity, EphemeralKeyMessage::header, my_ephemeral_key, my_private_key, EphemeralKeyMessage::origin_identity, EphemeralKeyMessage::purpose, GNUNET_CRYPTO_EccSignaturePurpose::purpose, REKEY_FREQUENCY, REKEY_TOLERANCE, EphemeralKeyMessage::sender_status, EphemeralKeyMessage::signature, GNUNET_MessageHeader::size, GNUNET_CRYPTO_EccSignaturePurpose::size, and GNUNET_MessageHeader::type.

Referenced by do_rekey(), and GSC_KX_init().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ do_rekey()

static void do_rekey ( void *  cls)
static

Task run to trigger rekeying.

Parameters
clsclosure, NULL

Definition at line 1757 of file gnunet-service-core_kx.c.

1758 {
1759  struct GSC_KeyExchangeInfo *pos;
1760 
1763  sign_ephemeral_key ();
1764  {
1765  struct GNUNET_HashCode eh;
1766 
1768  sizeof(current_ekm.ephemeral_key),
1769  &eh);
1770  GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Rekeying to %s\n", GNUNET_h2s (&eh));
1771  }
1772  for (pos = kx_head; NULL != pos; pos = pos->next)
1773  {
1774  if (GNUNET_CORE_KX_STATE_UP == pos->status)
1775  {
1777  monitor_notify_all (pos);
1778  derive_session_keys (pos);
1779  }
1780  if (GNUNET_CORE_KX_STATE_DOWN == pos->status)
1781  {
1783  monitor_notify_all (pos);
1784  }
1785  monitor_notify_all (pos);
1786  send_key (pos);
1787  }
1788 }
static void sign_ephemeral_key()
Setup the message that links the ephemeral key to our persistent public key and generate the appropri...
static void do_rekey(void *cls)
Task run to trigger rekeying.
static struct GNUNET_SCHEDULER_Task * rekey_task
Task scheduled for periodic re-generation (and thus rekeying) of our ephemeral key.
void GNUNET_CRYPTO_ecdhe_key_create(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:435
@ GNUNET_ERROR_TYPE_INFO
struct GSC_KeyExchangeInfo * next
DLL.

References current_ekm, derive_session_keys(), EphemeralKeyMessage::ephemeral_key, GNUNET_CORE_KX_STATE_DOWN, GNUNET_CORE_KX_STATE_KEY_SENT, GNUNET_CORE_KX_STATE_REKEY_SENT, GNUNET_CORE_KX_STATE_UP, GNUNET_CRYPTO_ecdhe_key_create(), GNUNET_CRYPTO_hash(), GNUNET_ERROR_TYPE_INFO, GNUNET_h2s(), GNUNET_log, GNUNET_SCHEDULER_add_delayed(), kx_head, monitor_notify_all(), my_ephemeral_key, GSC_KeyExchangeInfo::next, REKEY_FREQUENCY, rekey_task, send_key(), sign_ephemeral_key(), and GSC_KeyExchangeInfo::status.

Referenced by GSC_KX_init().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GSC_KX_init()

int GSC_KX_init ( struct GNUNET_CRYPTO_EddsaPrivateKey pk)

Initialize KX subsystem.

Parameters
pkprivate key to use for the peer
Returns
GNUNET_OK on success, GNUNET_SYSERR on failure

Definition at line 1798 of file gnunet-service-core_kx.c.

1799 {
1801  { GNUNET_MQ_hd_fixed_size (ephemeral_key,
1803  struct EphemeralKeyMessage,
1804  NULL),
1807  struct PingMessage,
1808  NULL),
1811  struct PongMessage,
1812  NULL),
1813  GNUNET_MQ_hd_var_size (encrypted,
1815  struct EncryptedMessage,
1816  NULL),
1817  GNUNET_MQ_handler_end () };
1818 
1819  my_private_key = *pk;
1823  sign_ephemeral_key ();
1824  {
1825  struct GNUNET_HashCode eh;
1826 
1828  sizeof(current_ekm.ephemeral_key),
1829  &eh);
1831  "Starting with ephemeral key %s\n",
1832  GNUNET_h2s (&eh));
1833  }
1834 
1837  transport =
1839  &GSC_my_identity,
1840  handlers,
1841  NULL,
1845  if (NULL == transport)
1846  {
1847  GSC_KX_done ();
1848  return GNUNET_SYSERR;
1849  }
1850  return GNUNET_OK;
1851 }
static void pong(struct GNUNET_CADET_Channel *channel, const struct CadetPingMessage *ping)
Reply with a pong to origin.
static void ping(void *cls)
Send a ping to destination.
static struct GNUNET_CADET_MessageHandler handlers[]
Handlers, for diverse services.
struct GNUNET_IDENTITY_PrivateKey pk
Private key from command line option, or NULL.
static void handle_transport_notify_disconnect(void *cls, const struct GNUNET_PeerIdentity *peer, void *handler_cls)
Function called by transport telling us that a peer disconnected.
void GSC_KX_done()
Shutdown KX subsystem.
static void * handle_transport_notify_connect(void *cls, const struct GNUNET_PeerIdentity *pid, struct GNUNET_MQ_Handle *mq)
Function called by transport to notify us that a peer connected to us (on the network level).
static struct GNUNET_TRANSPORT_CoreHandle * transport
Transport service.
static void handle_transport_notify_excess_bw(void *cls, const struct GNUNET_PeerIdentity *pid, void *connect_cls)
One of our neighbours has excess bandwidth, remember this.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:197
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
#define GNUNET_MQ_hd_var_size(name, code, str, ctx)
struct GNUNET_NotificationContext * GNUNET_notification_context_create(unsigned int queue_length)
Create a new notification context.
Definition: nc.c:121
#define GNUNET_MQ_hd_fixed_size(name, code, str, ctx)
struct GNUNET_TRANSPORT_CoreHandle * GNUNET_TRANSPORT_core_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_PeerIdentity *self, const struct GNUNET_MQ_MessageHandler *handlers, void *cls, GNUNET_TRANSPORT_NotifyConnect nc, GNUNET_TRANSPORT_NotifyDisconnect nd)
Connect to the transport service.
Message handler for a specific message type.
struct GNUNET_CRYPTO_EddsaPublicKey public_key

References current_ekm, do_rekey(), EphemeralKeyMessage::ephemeral_key, GNUNET_CRYPTO_ecdhe_key_create(), GNUNET_CRYPTO_eddsa_key_get_public(), GNUNET_CRYPTO_hash(), GNUNET_ERROR_TYPE_INFO, GNUNET_h2s(), GNUNET_log, GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE, GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY, GNUNET_MESSAGE_TYPE_CORE_PING, GNUNET_MESSAGE_TYPE_CORE_PONG, GNUNET_MQ_handler_end, GNUNET_MQ_hd_fixed_size, GNUNET_MQ_hd_var_size, GNUNET_notification_context_create(), GNUNET_OK, GNUNET_SCHEDULER_add_delayed(), GNUNET_SYSERR, GNUNET_TRANSPORT_core_connect(), GSC_cfg, GSC_KX_done(), GSC_my_identity, handle_transport_notify_connect(), handle_transport_notify_disconnect(), handle_transport_notify_excess_bw(), handlers, my_ephemeral_key, my_private_key, nc, ping(), pk, pong(), GNUNET_PeerIdentity::public_key, REKEY_FREQUENCY, rekey_task, sign_ephemeral_key(), and transport.

Referenced by run().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GSC_KX_done()

void GSC_KX_done ( void  )

Shutdown KX subsystem.

Definition at line 1858 of file gnunet-service-core_kx.c.

1859 {
1860  if (NULL != transport)
1861  {
1863  transport = NULL;
1864  }
1865  if (NULL != rekey_task)
1866  {
1868  rekey_task = NULL;
1869  }
1870  memset (&my_ephemeral_key,
1871  0,
1872  sizeof (my_ephemeral_key));
1873  memset (&my_private_key,
1874  0,
1875  sizeof (my_private_key));
1876  if (NULL != nc)
1877  {
1879  nc = NULL;
1880  }
1881 }
void GNUNET_notification_context_destroy(struct GNUNET_NotificationContext *nc)
Destroy the context, force disconnect for all subscribers.
Definition: nc.c:137
void GNUNET_TRANSPORT_core_disconnect(struct GNUNET_TRANSPORT_CoreHandle *handle)
Disconnect from the transport service.

References GNUNET_notification_context_destroy(), GNUNET_SCHEDULER_cancel(), GNUNET_TRANSPORT_core_disconnect(), my_ephemeral_key, my_private_key, nc, rekey_task, and transport.

Referenced by GSC_KX_init(), and shutdown_task().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GSC_NEIGHBOURS_get_queue_length()

unsigned int GSC_NEIGHBOURS_get_queue_length ( const struct GSC_KeyExchangeInfo kxinfo)

Check how many messages are queued for the given neighbour.

Parameters
kxinfodata about neighbour to check
Returns
number of items in the message queue

Definition at line 1891 of file gnunet-service-core_kx.c.

1892 {
1893  return GNUNET_MQ_get_length (kxinfo->mq);
1894 }
unsigned int GNUNET_MQ_get_length(struct GNUNET_MQ_Handle *mq)
Obtain the current length of the message queue.
Definition: mq.c:337

References GNUNET_MQ_get_length(), and GSC_KeyExchangeInfo::mq.

Referenced by try_transmission().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GSC_NEIGHBOURS_check_excess_bandwidth()

int GSC_NEIGHBOURS_check_excess_bandwidth ( const struct GSC_KeyExchangeInfo kxinfo)

Check if the given neighbour has excess bandwidth available.

Parameters
targetneighbour to check
Returns
GNUNET_YES if excess bandwidth is available, GNUNET_NO if not

Definition at line 1904 of file gnunet-service-core_kx.c.

1905 {
1906  return kxinfo->has_excess_bandwidth;
1907 }

References GSC_KeyExchangeInfo::has_excess_bandwidth.

Referenced by try_transmission().

Here is the caller graph for this function:

◆ GSC_KX_handle_client_monitor_peers()

void GSC_KX_handle_client_monitor_peers ( struct GNUNET_MQ_Handle mq)

Handle GNUNET_MESSAGE_TYPE_CORE_MONITOR_PEERS request.

For this request type, the client does not have to have transmitted an INIT request. All current peers are returned, regardless of which message types they accept.

Parameters
mqmessage queue to add for monitoring

Definition at line 1919 of file gnunet-service-core_kx.c.

1920 {
1921  struct GNUNET_MQ_Envelope *env;
1922  struct MonitorNotifyMessage *done_msg;
1923  struct GSC_KeyExchangeInfo *kx;
1924 
1926  for (kx = kx_head; NULL != kx; kx = kx->next)
1927  {
1928  struct GNUNET_MQ_Envelope *env;
1929  struct MonitorNotifyMessage *msg;
1930 
1932  msg->state = htonl ((uint32_t) kx->status);
1933  msg->peer = *kx->peer;
1934  msg->timeout = GNUNET_TIME_absolute_hton (kx->timeout);
1935  GNUNET_MQ_send (mq, env);
1936  }
1938  done_msg->state = htonl ((uint32_t) GNUNET_CORE_KX_ITERATION_FINISHED);
1940  GNUNET_MQ_send (mq, env);
1941 }
@ GNUNET_CORE_KX_ITERATION_FINISHED
This is not a state in a peer's state machine, but a special value used with the GNUNET_CORE_MonitorC...
void GNUNET_notification_context_add(struct GNUNET_NotificationContext *nc, struct GNUNET_MQ_Handle *mq)
Add a subscriber to the notification context.
Definition: nc.c:160
uint32_t state
New peer state, an enum GNUNET_CORE_KxState in NBO.
Definition: core.h:312
struct GNUNET_TIME_AbsoluteNBO timeout
How long will we stay in this state (if nothing else happens)?
Definition: core.h:322

Referenced by handle_client_monitor_peers().

Here is the caller graph for this function:

Variable Documentation

◆ transport

struct GNUNET_TRANSPORT_CoreHandle* transport
static

Transport service.

Definition at line 251 of file gnunet-service-core_kx.c.

Referenced by GSC_KX_done(), GSC_KX_init(), GST_blacklist_add_peer(), and print_info().

◆ my_private_key

struct GNUNET_CRYPTO_EddsaPrivateKey my_private_key
static

Our private key.

Definition at line 251 of file gnunet-service-core_kx.c.

Referenced by GSC_KX_done(), GSC_KX_init(), and sign_ephemeral_key().

◆ my_ephemeral_key

struct GNUNET_CRYPTO_EcdhePrivateKey my_ephemeral_key
static

Our ephemeral private key.

Definition at line 251 of file gnunet-service-core_kx.c.

Referenced by derive_session_keys(), do_rekey(), GSC_KX_done(), GSC_KX_init(), and sign_ephemeral_key().

◆ current_ekm

struct EphemeralKeyMessage current_ekm
static

Current message we send for a key exchange.

Definition at line 251 of file gnunet-service-core_kx.c.

Referenced by do_rekey(), GSC_KX_init(), send_key(), and sign_ephemeral_key().

◆ kx_head

struct GSC_KeyExchangeInfo* kx_head
static

◆ kx_tail

struct GSC_KeyExchangeInfo* kx_tail
static

◆ rekey_task

struct GNUNET_SCHEDULER_Task* rekey_task
static

Task scheduled for periodic re-generation (and thus rekeying) of our ephemeral key.

Definition at line 282 of file gnunet-service-core_kx.c.

Referenced by do_rekey(), GSC_KX_done(), and GSC_KX_init().

◆ nc

struct GNUNET_NotificationContext* nc
static

Notification context for broadcasting to monitors.

Definition at line 287 of file gnunet-service-core_kx.c.

Referenced by GSC_KX_done(), GSC_KX_init(), and monitor_notify_all().