[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] branch master updated: add more information to ensure signature
From: |
gnunet |
Subject: |
[gnunet] branch master updated: add more information to ensure signatures are fresh and request-specific |
Date: |
Mon, 10 Jan 2022 10:32:09 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new 8f8351c2d add more information to ensure signatures are fresh and
request-specific
8f8351c2d is described below
commit 8f8351c2ddb2c3040195548363161a2a177c7cc0
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Mon Jan 10 10:31:59 2022 +0100
add more information to ensure signatures are fresh and request-specific
---
src/dht/gnunet-service-dht_neighbours.c | 30 ++++++++++++++++++++++++------
src/include/gnunet_dht_service.h | 15 +++++++++++++++
2 files changed, 39 insertions(+), 6 deletions(-)
diff --git a/src/dht/gnunet-service-dht_neighbours.c
b/src/dht/gnunet-service-dht_neighbours.c
index 2c9240969..95d8bb032 100644
--- a/src/dht/gnunet-service-dht_neighbours.c
+++ b/src/dht/gnunet-service-dht_neighbours.c
@@ -419,26 +419,36 @@ static struct GNUNET_CRYPTO_EddsaPrivateKey
my_private_key;
* Sign that we are routing a message from @a pred to @a succ.
* (So the route is $PRED->us->$SUCC).
*
+ * @param key key of the data (not necessarily the query hash)
+ * @param data payload (the block)
+ * @param data_size number of bytes in @a data
+ * @param exp_time expiration time of @a data
* @param pred predecessor peer ID
* @param succ successor peer ID
* @param[out] sig where to write the signature
* (of purpose #GNUNET_SIGNATURE_PURPOSE_DHT_HOP)
*/
static void
-sign_path (const struct GNUNET_PeerIdentity *pred,
+sign_path (const struct GNUNET_HashCode *key,
+ const void *data,
+ size_t data_size,
+ struct GNUNET_TIME_Absolute exp_time,
+ const struct GNUNET_PeerIdentity *pred,
const struct GNUNET_PeerIdentity *succ,
struct GNUNET_CRYPTO_EddsaSignature *sig)
{
struct GNUNET_DHT_HopSignature hs = {
.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DHT_HOP),
.purpose.size = htonl (sizeof (hs)),
+ .expiration_time = GNUNET_TIME_absolute_hton (exp_time),
+ .key = *key,
.pred = *pred,
.succ = *succ
};
- /* TODO: we might want to cache signatures by 'hs' in the
- future as an optimization to reduce the amount of
- crypto operations we need to do! */
+ GNUNET_CRYPTO_hash (data,
+ data_size,
+ &hs.h_data);
GNUNET_CRYPTO_eddsa_sign (&my_private_key,
&hs,
sig);
@@ -1387,7 +1397,11 @@ GDS_NEIGHBOURS_handle_put (const struct
GDS_DATACACHE_BlockData *bd,
{
/* Note that the signature in 'put_path' was not initialized before,
so this is crucial to avoid sending garbage. */
- sign_path (&pp[put_path_length - 1].pred,
+ sign_path (&bd->key,
+ bd->data,
+ bd->data_size,
+ bd->expiration_time,
+ &pp[put_path_length - 1].pred,
target->id,
&pp[put_path_length - 1].sig);
}
@@ -1604,7 +1618,11 @@ GDS_NEIGHBOURS_handle_reply (struct PeerInfo *pi,
{
/* Note that the signature in 'get_path' was not initialized before,
so this is crucial to avoid sending garbage. */
- sign_path (&paths[bd->put_path_length + get_path_length - 1].pred,
+ sign_path (&bd->key,
+ bd->data,
+ bd->data_size,
+ bd->expiration_time,
+ &paths[bd->put_path_length + get_path_length - 1].pred,
pi->id,
&paths[bd->put_path_length + get_path_length - 1].sig);
}
diff --git a/src/include/gnunet_dht_service.h b/src/include/gnunet_dht_service.h
index d33ef2f0d..7376dd5f4 100644
--- a/src/include/gnunet_dht_service.h
+++ b/src/include/gnunet_dht_service.h
@@ -125,6 +125,21 @@ struct GNUNET_DHT_HopSignature
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+ /**
+ * Expiration time of the block.
+ */
+ struct GNUNET_TIME_AbsoluteNBO expiration_time;
+
+ /**
+ * Key of the block.
+ */
+ struct GNUNET_HashCode key;
+
+ /**
+ * Hash over the payload of the block.
+ */
+ struct GNUNET_HashCode h_data;
+
/**
* Previous hop the message was received from. All zeros
* if this peer was the initiator.
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [gnunet] branch master updated: add more information to ensure signatures are fresh and request-specific,
gnunet <=