[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] branch master updated: also remember last ephemera
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnunet] branch master updated: also remember last ephemeral for duplicate KX detection |
|
Date: |
Wed, 16 May 2018 17:17:19 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new 2a25c3af9 also remember last ephemeral for duplicate KX detection
2a25c3af9 is described below
commit 2a25c3af926cf1a3ca22ed1059dd5baa8ce3a52a
Author: Christian Grothoff <address@hidden>
AuthorDate: Wed May 16 17:17:04 2018 +0200
also remember last ephemeral for duplicate KX detection
---
src/cadet/gnunet-service-cadet_tunnels.c | 45 ++++++++++++++++++++------------
1 file changed, 29 insertions(+), 16 deletions(-)
diff --git a/src/cadet/gnunet-service-cadet_tunnels.c
b/src/cadet/gnunet-service-cadet_tunnels.c
index 6e8ce96b3..d12c55092 100644
--- a/src/cadet/gnunet-service-cadet_tunnels.c
+++ b/src/cadet/gnunet-service-cadet_tunnels.c
@@ -187,6 +187,12 @@ struct CadetTunnelAxolotl
struct GNUNET_CRYPTO_EcdhePublicKey DHRr;
/**
+ * Last ephemeral public key received from the other peer,
+ * for duplicate detection.
+ */
+ struct GNUNET_CRYPTO_EcdhePublicKey last_ephemeral;
+
+ /**
* Time when the current ratchet expires and a new one is triggered
* (if @e ratchet_allowed is #GNUNET_YES).
*/
@@ -1509,18 +1515,18 @@ update_ax_by_kx (struct CadetTunnelAxolotl *ax,
}
ax->DHRr = *ratchet_key;
-
+ ax->last_ephemeral = *ephemeral_key;
/* ECDH A B0 */
if (GNUNET_YES == am_I_alice)
{
GNUNET_CRYPTO_eddsa_ecdh (my_private_key, /* A */
- ephemeral_key, /* B0 */
+ ephemeral_key, /* B0 */
&key_material[0]);
}
else
{
GNUNET_CRYPTO_ecdh_eddsa (&ax->kx_0, /* B0 */
- &pid->public_key, /* A */
+ &pid->public_key, /* A */
&key_material[0]);
}
@@ -1528,21 +1534,19 @@ update_ax_by_kx (struct CadetTunnelAxolotl *ax,
if (GNUNET_YES == am_I_alice)
{
GNUNET_CRYPTO_ecdh_eddsa (&ax->kx_0, /* A0 */
- &pid->public_key, /* B */
+ &pid->public_key, /* B */
&key_material[1]);
}
else
{
GNUNET_CRYPTO_eddsa_ecdh (my_private_key, /* A */
- ephemeral_key, /* B0 */
+ ephemeral_key, /* B0 */
&key_material[1]);
}
/* ECDH A0 B0 */
- /* (This is the triple-DH, we could probably safely skip this,
- as A0/B0 are already in the key material.) */
GNUNET_CRYPTO_ecc_ecdh (&ax->kx_0, /* A0 or B0 */
- ephemeral_key, /* B0 or A0 */
+ ephemeral_key, /* B0 or A0 */
&key_material[2]);
/* KDF */
@@ -1697,10 +1701,15 @@ GCT_handle_kx (struct CadetTConnection *ct,
"# KX received",
1,
GNUNET_NO);
- if (0 ==
- memcmp (&t->ax.DHRr,
- &msg->ratchet_key,
- sizeof (msg->ratchet_key)))
+ if ( (0 ==
+ memcmp (&t->ax.DHRr,
+ &msg->ratchet_key,
+ sizeof (msg->ratchet_key))) &&
+ (0 ==
+ memcmp (&t->ax.last_ephemeral,
+ &msg->ephemeral_key,
+ sizeof (msg->ephemeral_key))) )
+
{
LOG (GNUNET_ERROR_TYPE_DEBUG,
"Got duplicate KX. Firing back KX_AUTH.\n");
@@ -1719,10 +1728,14 @@ GCT_handle_kx (struct CadetTConnection *ct,
clean it up. */
if (NULL != t->unverified_ax)
{
- if (0 ==
- memcmp (&t->unverified_ax->DHRr,
- &msg->ratchet_key,
- sizeof (msg->ratchet_key)))
+ if ( (0 ==
+ memcmp (&t->unverified_ax->DHRr,
+ &msg->ratchet_key,
+ sizeof (msg->ratchet_key))) &&
+ (0 ==
+ memcmp (&t->unverified_ax->last_ephemeral,
+ &msg->ephemeral_key,
+ sizeof (msg->ephemeral_key))) )
{
LOG (GNUNET_ERROR_TYPE_DEBUG,
"Got duplicate unverified KX on %s. Fire back KX_AUTH again.\n",
--
To stop receiving notification emails like this one, please contact
address@hidden
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnunet] branch master updated: also remember last ephemeral for duplicate KX detection,
gnunet <=