[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r35581 - gnunet/src/cadet
From: |
gnunet |
Subject: |
[GNUnet-SVN] r35581 - gnunet/src/cadet |
Date: |
Mon, 27 Apr 2015 21:14:18 +0200 |
Author: bartpolot
Date: 2015-04-27 21:14:18 +0200 (Mon, 27 Apr 2015)
New Revision: 35581
Modified:
gnunet/src/cadet/gnunet-service-cadet_tunnel.c
Log:
- ax kdf
Modified: gnunet/src/cadet/gnunet-service-cadet_tunnel.c
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2015-04-27 19:14:16 UTC
(rev 35580)
+++ gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2015-04-27 19:14:18 UTC
(rev 35581)
@@ -454,6 +454,16 @@
const static struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key;
/**
+ * Own Axolotl private key (derived from @a my_private_key).
+ */
+struct GNUNET_CRYPTO_EcdhePrivateKey *ax_identity;
+
+/**
+ * Own Axolotl public key.
+ */
+static struct GNUNET_CRYPTO_EcdhePrivateKey *ax_key;
+
+/**
* Own OTR ephemeral private key.
*/
static struct GNUNET_CRYPTO_EcdhePrivateKey *my_ephemeral_key;
@@ -473,6 +483,7 @@
*/
static struct GNUNET_TIME_Relative rekey_period;
+
/******************************************************************************/
/******************************** STATIC
***********************************/
/******************************************************************************/
@@ -2082,6 +2093,28 @@
}
+static void
+new_ephemeral (struct CadetTunnel *t)
+{
+ GNUNET_free_non_null (t->ax->DHRs);
+ t->ax->DHRs = GNUNET_CRYPTO_ecdhe_key_create();
+}
+
+
+static void
+destroy_ax (struct CadetTunnel *t)
+{
+ if (NULL == t->ax)
+ return;
+
+ if (NULL != t->ax->DHRs)
+ GNUNET_free (t->ax->DHRs);
+ GNUNET_free (t->ax);
+ t->ax = NULL;
+}
+
+
+
/**
* The peer's ephemeral key has changed: update the symmetrical keys.
*
@@ -2103,8 +2136,7 @@
/* If we get a proper OTR-style ephemeral, fallback to old crypto. */
if (NULL != t->ax)
{
- GNUNET_free (t->ax);
- t->ax = NULL;
+ destroy_ax (t);
t->enc_type = CADET_Fallback;
}
@@ -2201,20 +2233,117 @@
}
+static void
+send_ax_kx ()
+{
+ //FIXME
+}
+
+
/**
- * .
+ * WARNING! DANGER! Do not use this if you don't know what you are doing!
+ * Ask Christian Grothoff, Werner Koch, Dan Bernstein and $GOD!
*
+ * Transform a private EdDSA key (peer's key) into a key usable by DH.
+ *
+ * @param k Private EdDSA key to transform.
+ *
+ * @return Private key for EC Diffie-Hellman.
+ */
+static const struct GNUNET_CRYPTO_EcdhePrivateKey *
+get_private_ecdhe_from_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *k)
+{
+ return (const struct GNUNET_CRYPTO_EcdhePrivateKey *) k;
+}
+
+
+/**
+ * WARNING! DANGER! Do not use this if you don't know what you are doing!
+ * Ask Christian Grothoff, Werner Koch, Dan Bernstein and $GOD!
+ *
+ * Transform a public EdDSA key (peer's key) into a key usable by DH.
+ *
+ * @param k Public EdDSA key to transform (peer's ID).
+ *
+ * @return Public key for EC Diffie-Hellman.
+ */
+static const struct GNUNET_CRYPTO_EcdhePublicKey *
+get_public_ecdhe_from_eddsa (const struct GNUNET_CRYPTO_EddsaPublicKey *k)
+{
+ return (const struct GNUNET_CRYPTO_EcdhePublicKey *) k;
+}
+
+
+/**
+ * WARNING! DANGER! Do not use this if you don't know what you are doing!
+ * Ask Christian Grothoff, Werner Koch, Dan Bernstein and $GOD!
+ *
+ * Transform a public EdDSA key (peer's key) into a key usable by DH.
+ *
+ * @param k Public EdDSA key to transform (peer's ID).
+ *
+ * @return Public key for EC Diffie-Hellman.
+ */
+static const struct GNUNET_CRYPTO_EcdhePublicKey *
+get_public_ecdhe_from_id (const struct GNUNET_PeerIdentity *id)
+{
+ return (const struct GNUNET_CRYPTO_EcdhePublicKey *) id;
+}
+
+
+/**
+ * Handle Axolotl handshake.
+ *
* @param t Tunnel this message came on.
* @param msg Key eXchange Pong message.
*/
static void
handle_kx_ax (struct CadetTunnel *t, const struct GNUNET_CADET_AX_KX *msg)
{
+ struct GNUNET_CRYPTO_EcdhePublicKey eph;
+ struct CadetTunnelAxolotl *ax;
+ struct GNUNET_HashCode key_material[3];
+ struct GNUNET_CRYPTO_SymmetricSessionKey keys[5];
+ const struct GNUNET_CRYPTO_EcdhePublicKey *DHIr;
+ struct GNUNET_CRYPTO_EcdhePrivateKey *DHIs;
+ const char salt[] = "CADET Axolotl salt";
if (NULL == t->ax)
{
- t->ax = GNUNET_new (struct CadetTunnelAxolotl);
+ /* Something is wrong if ax is NULL. Whose fault it is? */
+ GNUNET_break_op (CADET_Fallback == t->enc_type);
+ GNUNET_break (CADET_Axolotl == t->enc_type);
+ return;
}
+
+ ax = t->ax;
+ ax->DHRr = msg->ratchet_key;
+
+ GNUNET_CRYPTO_ecdhe_key_get_public (ax->DHRs, &eph);
+ if (0 != memcmp (&eph, &msg->peers_key, sizeof (eph)))
+ {
+ send_ax_kx ();
+ return;
+ }
+
+ DHIr = get_public_ecdhe_from_id (GCT_get_destination (t));
+ DHIs = ax_identity;
+
+ /* ECDH */
+ GNUNET_CRYPTO_ecc_ecdh (DHIs,
+ &msg->ephemeral_key,
+ &key_material[0]);
+ GNUNET_CRYPTO_ecc_ecdh (ax->DHRs,
+ DHIr,
+ &key_material[1]);
+ GNUNET_CRYPTO_ecc_ecdh (ax->DHRs,
+ &msg->ephemeral_key,
+ &key_material[2]);
+
+ /* KDF */
+ GNUNET_CRYPTO_kdf (keys, sizeof (keys),
+ salt, sizeof (salt),
+ key_material, sizeof (key_material), NULL);
}
@@ -2256,25 +2385,19 @@
break;
case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_CREATE:
- handle_ch_create (t,
- (struct GNUNET_CADET_ChannelCreate *) msgh);
+ handle_ch_create (t, (struct GNUNET_CADET_ChannelCreate *) msgh);
break;
case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_NACK:
- handle_ch_nack (t,
- (struct GNUNET_CADET_ChannelManage *) msgh);
+ handle_ch_nack (t, (struct GNUNET_CADET_ChannelManage *) msgh);
break;
case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_ACK:
- handle_ch_ack (t,
- (struct GNUNET_CADET_ChannelManage *) msgh,
- fwd);
+ handle_ch_ack (t, (struct GNUNET_CADET_ChannelManage *) msgh, fwd);
break;
case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY:
- handle_ch_destroy (t,
- (struct GNUNET_CADET_ChannelManage *) msgh,
- fwd);
+ handle_ch_destroy (t, (struct GNUNET_CADET_ChannelManage *) msgh, fwd);
break;
default:
@@ -2430,6 +2553,8 @@
rekey_task = GNUNET_SCHEDULER_add_now (&rekey, NULL);
tunnels = GNUNET_CONTAINER_multipeermap_create (128, GNUNET_YES);
+
+ ax_key = GNUNET_CRYPTO_ecdhe_key_create();
}
@@ -2446,6 +2571,8 @@
}
GNUNET_CONTAINER_multipeermap_iterate (tunnels, &destroy_iterator, NULL);
GNUNET_CONTAINER_multipeermap_destroy (tunnels);
+
+ GNUNET_free (ax_key);
}
@@ -2471,6 +2598,7 @@
GNUNET_free (t);
return NULL;
}
+ t->ax = GNUNET_new (struct CadetTunnelAxolotl);
return t;
}
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r35581 - gnunet/src/cadet,
gnunet <=