2 This file is part of GNUnet.
3 (C) 2009, 2010, 2011 Christian Grothoff (and other contributing authors)
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file core/gnunet-service-core_kx.h
23 * @brief code for managing the key exchange (SET_KEY, PING, PONG) with other peers
24 * @author Christian Grothoff
26 #ifndef GNUNET_SERVICE_CORE_KX_H
27 #define GNUNET_SERVICE_CORE_KX_H
29 #include "gnunet_util_lib.h"
33 * State machine for our P2P encryption handshake. Everyone starts in
34 * "DOWN", if we receive the other peer's key (other peer initiated)
35 * we start in state RECEIVED (since we will immediately send our
36 * own); otherwise we start in SENT. If we get back a PONG from
37 * within either state, we move up to CONFIRMED (the PONG will always
38 * be sent back encrypted with the key we sent to the other peer).
48 * We've sent our session key.
53 * We've received the other peers session key.
55 KX_STATE_KEY_RECEIVED,
58 * The other peer has confirmed our session key with a message
59 * encrypted with his session key (which we got). Key exchange
67 * Information about the status of a key exchange with another peer.
69 struct GSC_KeyExchangeInfo
72 * Identity of the peer.
74 struct GNUNET_PeerIdentity peer;
77 * SetKeyMessage to transmit (initialized the first
78 * time our status goes past 'KX_STATE_KEY_SENT').
80 struct SetKeyMessage skm;
83 * PING message we transmit to the other peer.
85 struct PingMessage ping;
88 * SetKeyMessage we received and did not process yet.
90 struct SetKeyMessage *skm_received;
93 * PING message we received from the other peer and
94 * did not process yet (or NULL).
96 struct PingMessage *ping_received;
99 * PONG message we received from the other peer and
100 * did not process yet (or NULL).
102 struct PongMessage *pong_received;
105 * Non-NULL if we are currently looking up HELLOs for this peer.
108 struct GNUNET_PEERINFO_IteratorContext *pitr;
111 * Public key of the neighbour, NULL if we don't have it yet.
113 struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *public_key;
116 * We received a PONG message before we got the "public_key"
117 * (or the SET_KEY). We keep it here until we have a key
118 * to decrypt it. NULL if no PONG is pending.
120 struct PongMessage *pending_pong;
123 * Key we use to encrypt our messages for the other peer
124 * (initialized by us when we do the handshake).
126 struct GNUNET_CRYPTO_AesSessionKey encrypt_key;
129 * Key we use to decrypt messages from the other peer
130 * (given to us by the other peer during the handshake).
132 struct GNUNET_CRYPTO_AesSessionKey decrypt_key;
135 * At what time did we generate our encryption key?
137 struct GNUNET_TIME_Absolute encrypt_key_created;
140 * At what time did the other peer generate the decryption key?
142 struct GNUNET_TIME_Absolute decrypt_key_created;
145 * When should the session time out (if there are no PONGs)?
147 struct GNUNET_TIME_Absolute timeout;
150 * At what frequency are we currently re-trying SET_KEY messages?
152 struct GNUNET_TIME_Relative set_key_retry_frequency;
155 * ID of task used for re-trying SET_KEY and PING message.
157 GNUNET_SCHEDULER_TaskIdentifier retry_set_key_task;
160 * ID of task used for sending keep-alive pings.
162 GNUNET_SCHEDULER_TaskIdentifier keep_alive_task;
165 * What was our PING challenge number (for this peer)?
167 uint32_t ping_challenge;
170 * What is our connection status?
172 enum KxStateMachine status;
178 * We received a SET_KEY message. Validate and update
179 * our key material and status.
181 * @param kx key exchange status for the corresponding peer
182 * @param msg the set key message we received
185 GSC_KX_handle_set_key (struct GSC_KeyExchangeInfo *kx,
186 const struct GNUNET_MessageHandler *msg);
190 * We received a PING message. Validate and transmit
193 * @param kx key exchange status for the corresponding peer
194 * @param msg the encrypted PING message itself
197 GSC_KX_handle_ping (struct GSC_KeyExchangeInfo *kx,
198 const struct GNUNET_MessageHeader *msg);
202 * We received a PONG message. Validate and update our status.
204 * @param kx key exchange status for the corresponding peer
205 * @param msg the encrypted PONG message itself
208 GSC_KX_handle_pong (struct GSC_KeyExchangeInfo *kx,
209 const struct GNUNET_MessageHeader *msg);
213 * Encrypt and transmit a message with the given payload.
215 * @param kx key exchange context
216 * @param bw_in bandwidth limit to transmit to the other peer;
217 * the other peer shall not send us more than the
219 * @param payload payload of the message
220 * @param payload_size number of bytes in 'payload'
223 GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx,
224 struct GNUNET_BANDWIDTH_Value32NBO bw_in,
226 size_t payload_size);
230 * We received an encrypted message. Decrypt, validate and
231 * pass on to the appropriate clients.
233 * @param kx key exchange information context
234 * @param msg encrypted message
235 * @param atsi performance data
236 * @param atsi_count number of entries in ats (excluding 0-termination)
239 GSC_KX_handle_encrypted_message (struct GSC_KeyExchangeInfo *kx,
240 const struct GNUNET_MessageHeader *msg,
241 const struct GNUNET_TRANSPORT_ATS_Information *atsi,
242 uint32_t atsi_count);
246 * Start the key exchange with the given peer.
248 * @param pid identity of the peer to do a key exchange with
249 * @return key exchange information context
251 struct GSC_KeyExchangeInfo *
252 GSC_KX_start (const struct GNUNET_PeerIdentity *pid);
256 * Stop key exchange with the given peer. Clean up key material.
258 * @param kx key exchange to stop
261 GSC_KX_stop (struct GSC_KeyExchangeInfo *kx);
265 * Initialize KX subsystem.
267 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
274 * Shutdown KX subsystem.
280 /* end of gnunet-service-core_kx.h */