[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] branch master updated: use DEBUG_KX for new core l
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] branch master updated: use DEBUG_KX for new core log messages |
Date: |
Mon, 04 Jun 2018 19:24:03 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new d7aa2a805 use DEBUG_KX for new core log messages
d7aa2a805 is described below
commit d7aa2a805cea33cb1b37c2bb65be1fd4cf367d21
Author: Christian Grothoff <address@hidden>
AuthorDate: Mon Jun 4 19:24:00 2018 +0200
use DEBUG_KX for new core log messages
---
src/core/gnunet-service-core_kx.c | 53 +++++++++++++++++++++++++++++++--------
1 file changed, 42 insertions(+), 11 deletions(-)
diff --git a/src/core/gnunet-service-core_kx.c
b/src/core/gnunet-service-core_kx.c
index c29e46997..21f1308f7 100644
--- a/src/core/gnunet-service-core_kx.c
+++ b/src/core/gnunet-service-core_kx.c
@@ -34,6 +34,10 @@
#include "gnunet_protocols.h"
#include "core.h"
+/**
+ * Enable expensive (and possibly problematic for privacy!) logging of KX.
+ */
+#define DEBUG_KX 0
/**
* How long do we wait for SET_KEY confirmation initially?
@@ -447,13 +451,17 @@ derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey,
uint32_t seed)
{
static const char ctx[] = "authentication key";
-
+#if DEBUG_KX
struct GNUNET_HashCode sh;
- GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh);
+
+ GNUNET_CRYPTO_hash (skey,
+ sizeof (*skey),
+ &sh);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Deriving Auth key from SKEY %s and seed %u\n",
GNUNET_h2s (&sh),
(unsigned int) seed);
+#endif
GNUNET_CRYPTO_hmac_derive_key (akey,
skey,
&seed, sizeof (seed),
@@ -478,14 +486,18 @@ derive_iv (struct
GNUNET_CRYPTO_SymmetricInitializationVector *iv,
const struct GNUNET_PeerIdentity *identity)
{
static const char ctx[] = "initialization vector";
-
+#if DEBUG_KX
struct GNUNET_HashCode sh;
- GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh);
+
+ GNUNET_CRYPTO_hash (skey,
+ sizeof (*skey),
+ &sh);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Deriving IV from SKEY %s and seed %u for peer %s\n",
GNUNET_h2s (&sh),
(unsigned int) seed,
GNUNET_i2s (identity));
+#endif
GNUNET_CRYPTO_symmetric_derive_iv (iv,
skey,
&seed, sizeof (seed),
@@ -512,15 +524,19 @@ derive_pong_iv (struct
GNUNET_CRYPTO_SymmetricInitializationVector *iv,
const struct GNUNET_PeerIdentity *identity)
{
static const char ctx[] = "pong initialization vector";
-
+#if DEBUG_KX
struct GNUNET_HashCode sh;
- GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh);
+
+ GNUNET_CRYPTO_hash (skey,
+ sizeof (*skey),
+ &sh);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Deriving PONG IV from SKEY %s and seed %u/%u for %s\n",
GNUNET_h2s (&sh),
(unsigned int) seed,
(unsigned int) challenge,
GNUNET_i2s (identity));
+#endif
GNUNET_CRYPTO_symmetric_derive_iv (iv,
skey,
&seed, sizeof (seed),
@@ -547,14 +563,18 @@ derive_aes_key (const struct GNUNET_PeerIdentity *sender,
struct GNUNET_CRYPTO_SymmetricSessionKey *skey)
{
static const char ctx[] = "aes key generation vector";
-
+#if DEBUG_KX
struct GNUNET_HashCode sh;
- GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh);
+
+ GNUNET_CRYPTO_hash (skey,
+ sizeof (*skey),
+ &sh);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Deriving AES Keys for %s to %s from %s\n",
GNUNET_i2s (sender),
GNUNET_i2s2 (receiver),
GNUNET_h2s (key_material));
+#endif
GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey),
ctx, sizeof (ctx),
key_material, sizeof (struct GNUNET_HashCode),
@@ -599,7 +619,7 @@ do_encrypt (struct GSC_KeyExchangeInfo *kx,
GNUNET_NO);
/* the following is too sensitive to write to log files by accident,
so we require manual intervention to get this one... */
-#if 0
+#if DEBUG_KX
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Encrypted %u bytes for `%s' using key %u, IV %u\n",
(unsigned int) size,
@@ -659,7 +679,7 @@ do_decrypt (struct GSC_KeyExchangeInfo *kx,
GNUNET_NO);
/* the following is too sensitive to write to log files by accident,
so we require manual intervention to get this one... */
-#if 0
+#if DEBUG_KX
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Decrypted %u bytes from `%s' using key %u, IV %u\n",
(unsigned int) size,
@@ -1042,6 +1062,7 @@ handle_ephemeral_key (void *cls,
GNUNET_NO);
return;
}
+#if DEBUG_KX
{
struct GNUNET_HashCode eh;
@@ -1054,6 +1075,7 @@ handle_ephemeral_key (void *cls,
GNUNET_i2s (kx->peer),
kx->status);
}
+#endif
GNUNET_STATISTICS_update (GSC_stats,
gettext_noop ("# valid ephemeral keys received"),
1,
@@ -1460,6 +1482,7 @@ send_key (struct GSC_KeyExchangeInfo *kx)
kx->retry_set_key_task = NULL;
}
/* always update sender status in SET KEY message */
+#if DEBUG_KX
{
struct GNUNET_HashCode hc;
@@ -1472,6 +1495,7 @@ send_key (struct GSC_KeyExchangeInfo *kx)
GNUNET_i2s (kx->peer),
kx->status);
}
+#endif
current_ekm.sender_status = htonl ((int32_t) (kx->status));
env = GNUNET_MQ_msg_copy (¤t_ekm.header);
GNUNET_MQ_send (kx->mq,
@@ -1527,6 +1551,7 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo
*kx,
&ph->sequence_number,
&em->sequence_number,
used - ENCRYPTED_HEADER_SIZE));
+#if DEBUG_KX
{
struct GNUNET_HashCode hc;
@@ -1539,6 +1564,7 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo
*kx,
(unsigned int) (used - ENCRYPTED_HEADER_SIZE),
GNUNET_i2s (kx->peer));
}
+#endif
derive_auth_key (&auth_key,
&kx->encrypt_key,
ph->iv_seed);
@@ -1546,6 +1572,7 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo
*kx,
&em->sequence_number,
used - ENCRYPTED_HEADER_SIZE,
&em->hmac);
+#if DEBUG_KX
{
struct GNUNET_HashCode hc;
@@ -1558,6 +1585,7 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo
*kx,
GNUNET_h2s (&hc),
GNUNET_h2s2 (&em->hmac));
}
+#endif
kx->has_excess_bandwidth = GNUNET_NO;
GNUNET_MQ_send (kx->mq,
env);
@@ -1637,6 +1665,7 @@ handle_encrypted (void *cls,
}
/* validate hash */
+#if DEBUG_KX
{
struct GNUNET_HashCode hc;
@@ -1649,7 +1678,7 @@ handle_encrypted (void *cls,
(unsigned int) (size - ENCRYPTED_HEADER_SIZE),
GNUNET_i2s (kx->peer));
}
-
+#endif
derive_auth_key (&auth_key,
&kx->decrypt_key,
m->iv_seed);
@@ -1657,6 +1686,7 @@ handle_encrypted (void *cls,
&m->sequence_number,
size - ENCRYPTED_HEADER_SIZE,
&ph);
+#if DEBUG_KX
{
struct GNUNET_HashCode hc;
@@ -1669,6 +1699,7 @@ handle_encrypted (void *cls,
GNUNET_h2s (&hc),
GNUNET_h2s2 (&m->hmac));
}
+#endif
if (0 != memcmp (&ph,
&m->hmac,
sizeof (struct GNUNET_HashCode)))
--
To stop receiving notification emails like this one, please contact
address@hidden
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnunet] branch master updated: use DEBUG_KX for new core log messages,
gnunet <=