From 6b8379668ac9ef4b0bdd8240f2539b5aa3056ad3 Mon Sep 17 00:00:00 2001 From: t3sserakt Date: Wed, 22 Jan 2020 21:39:00 +0100 Subject: [PATCH] added signing of monotonic time --- src/cadet/gnunet-service-cadet_connection.c | 23 ++++++++++++++++++++ src/cadet/gnunet-service-cadet_core.c | 24 ++++++++++++++++++++- src/include/gnunet_signatures.h | 4 ++++ 3 files changed, 50 insertions(+), 1 deletion(-) diff --git a/src/cadet/gnunet-service-cadet_connection.c b/src/cadet/gnunet-service-cadet_connection.c index a6c3e51d4..1e0f82579 100644 --- a/src/cadet/gnunet-service-cadet_connection.c +++ b/src/cadet/gnunet-service-cadet_connection.c @@ -78,6 +78,29 @@ enum CadetConnectionState CADET_CONNECTION_READY }; +struct CadetConnectionCreatePS +{ + + /** + * Purpose is #GNUNET_SIGNATURE_PURPOSE_CADET_CONNECTION_INITIATOR + */ + struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + + /** + * Time at the initiator when generating the signature. + * + * Note that the receiver MUST IGNORE the absolute time, and only interpret + * the value as a mononic time and reject "older" values than the last one + * observed. This is necessary as we do not want to require synchronized + * clocks and may not have a bidirectional communication channel. + * + * Even with this, there is no real guarantee against replay achieved here, + * unless the latest timestamp is persisted. Persistence should be + * provided via PEERSTORE if possible. + */ + struct GNUNET_TIME_AbsoluteNBO monotonic_time; + +} /** * Low-level connection to a destination. diff --git a/src/cadet/gnunet-service-cadet_core.c b/src/cadet/gnunet-service-cadet_core.c index 7fc131114..4cc29782e 100644 --- a/src/cadet/gnunet-service-cadet_core.c +++ b/src/cadet/gnunet-service-cadet_core.c @@ -227,6 +227,28 @@ static unsigned long long cur_buffers; */ static struct GNUNET_SCHEDULER_Task *timeout_task; +static int +check_monotime_sig (struc GNUNET_PeerIdentity *pid, + const struct GNUNET_CADET_ConnectionCreateMessage *msg) +{ + + struct CCCreatePS cp = { .purpose.purpose = htonl ( + GNUNET_SIGNATURE_PURPOSE_CADET_CONNECTION_INITIATOR), + .purpose.size = htonl (sizeof(cp)), + .monotonic_time = sender_monotonic_time}; + + if ( + GNUNET_OK != + GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_CADET_CONNECTION_INITIATOR, + &cp.purpose, + msg->monotime_sig, + &pid->public_key)) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + return GNUNET_OK; +} /** * Get the route corresponding to a hash. @@ -826,7 +848,7 @@ handle_connection_create ( t = GCP_get_tunnel (sender, GNUNET_YES); // Check for CADET state in case the other side has lost the tunnel (xrs,t3ss) - if ((NULL != msg->monotime) && check_monotime_sig(msg) + if ((NULL != msg->monotime) && GNUNET_OK == check_monotime_sig(origin->pid, &msg) (CADET_TUNNEL_KEY_OK == GCT_get_estate(t))) { GCT_change_estate (t, CADET_TUNNEL_KEY_UNINITIALIZED); diff --git a/src/include/gnunet_signatures.h b/src/include/gnunet_signatures.h index a00e0372d..503113770 100644 --- a/src/include/gnunet_signatures.h +++ b/src/include/gnunet_signatures.h @@ -241,6 +241,10 @@ extern "C" */ #define GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_INITIATOR 37 +/** + * Signature by a peer that like to create a connection. + */ +#define GNUNET_SIGNATURE_PURPOSE_CADET_CONNECTION_INITIATOR 38 #if 0 /* keep Emacsens' auto-indent happy */ { -- 2.25.1