added statistics info for key requests

This commit is contained in:
csoler 2016-12-22 00:14:16 +01:00
parent d3051eff1a
commit 0a3ec9706d
12 changed files with 37 additions and 29 deletions

View File

@ -220,7 +220,7 @@ bool DistributedChatService::checkSignature(RsChatLobbyBouncingObject *obj,const
// network pre-request key to allow message authentication. // network pre-request key to allow message authentication.
mGixs->requestKey(obj->signature.keyId,peer_list); mGixs->requestKey(obj->signature.keyId,peer_list,"Needed for chat lobby "+RsUtil::NumberToString(obj->lobby_id,true));
uint32_t size = obj->signed_serial_size() ; uint32_t size = obj->signed_serial_size() ;
RsTemporaryMemory memory(size) ; RsTemporaryMemory memory(size) ;
@ -238,7 +238,7 @@ bool DistributedChatService::checkSignature(RsChatLobbyBouncingObject *obj,const
uint32_t error_status ; uint32_t error_status ;
if(!mGixs->validateData(memory,obj->signed_serial_size(),obj->signature,false,error_status)) if(!mGixs->validateData(memory,obj->signed_serial_size(),obj->signature,false,"Chat lobby "+RsUtil::NumberToString(obj->lobby_id,true),error_status))
{ {
bool res = false ; bool res = false ;

View File

@ -1555,7 +1555,7 @@ void p3GRouter::handleIncomingReceiptItem(RsGRouterSignedReceiptItem *receipt_it
uint32_t error_status ; uint32_t error_status ;
if(! verifySignedDataItem(receipt_item,error_status)) if(! verifySignedDataItem(receipt_item,"GRouter incoming receipt item",error_status))
if( (it->second.routing_flags & GRouterRoutingInfo::ROUTING_FLAGS_IS_ORIGIN) || (error_status != RsGixs::RS_GIXS_ERROR_KEY_NOT_AVAILABLE)) if( (it->second.routing_flags & GRouterRoutingInfo::ROUTING_FLAGS_IS_ORIGIN) || (error_status != RsGixs::RS_GIXS_ERROR_KEY_NOT_AVAILABLE))
{ {
std::cerr << " checking receipt signature : FAILED. Receipt is dropped. Error status=" << error_status << std::endl; std::cerr << " checking receipt signature : FAILED. Receipt is dropped. Error status=" << error_status << std::endl;
@ -1711,7 +1711,7 @@ void p3GRouter::handleIncomingDataItem(RsGRouterGenericDataItem *data_item)
#endif #endif
uint32_t error_status ; uint32_t error_status ;
if(!verifySignedDataItem(data_item,error_status)) // we should get proper flags out of this if(!verifySignedDataItem(data_item,"Incoming distant message",error_status)) // we should get proper flags out of this
{ {
std::cerr << " verifying item signature: FAILED! Droping that item" ; std::cerr << " verifying item signature: FAILED! Droping that item" ;
std::cerr << " You probably received a message from a person you don't have key." << std::endl; std::cerr << " You probably received a message from a person you don't have key." << std::endl;
@ -1980,7 +1980,7 @@ bool p3GRouter::signDataItem(RsGRouterAbstractMsgItem *item,const RsGxsId& signi
return false ; return false ;
} }
} }
bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,uint32_t& error_status) bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,const std::string& info,uint32_t& error_status)
{ {
try try
{ {
@ -1999,7 +1999,7 @@ bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,uint32_t& er
if(!item->serialise_signed_data(data,data_size)) if(!item->serialise_signed_data(data,data_size))
throw std::runtime_error("Cannot serialise signed data.") ; throw std::runtime_error("Cannot serialise signed data.") ;
if(!mGixs->validateData(data,data_size,item->signature,true,error_status)) if(!mGixs->validateData(data,data_size,item->signature,true,info, error_status))
{ {
switch(error_status) switch(error_status)
{ {
@ -2010,7 +2010,7 @@ bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,uint32_t& er
std::cerr << "(EE) Key for GXS Id " << item->signature.keyId << " is not available. Cannot verify. Asking key to peer " << item->PeerId() << std::endl; std::cerr << "(EE) Key for GXS Id " << item->signature.keyId << " is not available. Cannot verify. Asking key to peer " << item->PeerId() << std::endl;
mGixs->requestKey(item->signature.keyId,peer_ids) ; // request the key around mGixs->requestKey(item->signature.keyId,peer_ids,info) ; // request the key around
} }
break ; break ;
case RsGixs::RS_GIXS_ERROR_SIGNATURE_MISMATCH: std::cerr << "(EE) Signature mismatch. Spoofing/Corrupted/MITM?." << std::endl; case RsGixs::RS_GIXS_ERROR_SIGNATURE_MISMATCH: std::cerr << "(EE) Signature mismatch. Spoofing/Corrupted/MITM?." << std::endl;
@ -2116,7 +2116,7 @@ bool p3GRouter::sendData(const RsGxsId& destination,const GRouterServiceId& clie
// Verify the signature. If that fails, there's a bug somewhere!! // Verify the signature. If that fails, there's a bug somewhere!!
uint32_t error_status; uint32_t error_status;
if(!verifySignedDataItem(data_item,error_status)) if(!verifySignedDataItem(data_item,"GRouter own signature check for outgoing msg",error_status))
{ {
std::cerr << "Cannot verify data item that was just signed. Some error occured!" << std::endl; std::cerr << "Cannot verify data item that was just signed. Some error occured!" << std::endl;
delete data_item; delete data_item;

View File

@ -254,7 +254,7 @@ private:
// signs an item with the given key. // signs an item with the given key.
bool signDataItem(RsGRouterAbstractMsgItem *item,const RsGxsId& id) ; bool signDataItem(RsGRouterAbstractMsgItem *item,const RsGxsId& id) ;
bool verifySignedDataItem(RsGRouterAbstractMsgItem *item, uint32_t &error_status) ; bool verifySignedDataItem(RsGRouterAbstractMsgItem *item, const std::string &info, uint32_t &error_status) ;
bool encryptDataItem(RsGRouterGenericDataItem *item,const RsGxsId& destination_key) ; bool encryptDataItem(RsGRouterGenericDataItem *item,const RsGxsId& destination_key) ;
bool decryptDataItem(RsGRouterGenericDataItem *item) ; bool decryptDataItem(RsGRouterGenericDataItem *item) ;

View File

@ -855,7 +855,7 @@ int RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, const uin
{ {
RsTlvKeySignature sign = metaData.signSet.keySignSet[INDEX_AUTHEN_IDENTITY]; RsTlvKeySignature sign = metaData.signSet.keySignSet[INDEX_AUTHEN_IDENTITY];
idValidate &= GxsSecurity::validateNxsMsg(*msg, sign, authorKey); idValidate &= GxsSecurity::validateNxsMsg(*msg, sign, authorKey);
mGixs->timeStampKey(metaData.mAuthorId,"Validation of author signature. Grp="+metaData.mGroupId.toStdString()+", msg="+metaData.mMsgId.toStdString()) ; mGixs->timeStampKey(metaData.mAuthorId,"Validation of author signature, service: " + rsServiceControl->getServiceName(serviceFullType()) + ". Grp="+metaData.mGroupId.toStdString()+", msg="+metaData.mMsgId.toStdString()) ;
} }
else else
{ {
@ -909,7 +909,7 @@ int RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, const uin
{ {
std::list<RsPeerId> peers; std::list<RsPeerId> peers;
peers.push_back(msg->PeerId()); peers.push_back(msg->PeerId());
mGixs->requestKey(metaData.mAuthorId, peers); mGixs->requestKey(metaData.mAuthorId, peers,"Validation of author signature, service: " + rsServiceControl->getServiceName(serviceFullType()) + ". Grp="+metaData.mGroupId.toStdString()+", msg="+metaData.mMsgId.toStdString());
#ifdef GEN_EXCH_DEBUG #ifdef GEN_EXCH_DEBUG
std::cerr << ", Key missing. Retry later." << std::endl; std::cerr << ", Key missing. Retry later." << std::endl;
@ -1004,7 +1004,7 @@ int RsGenExchange::validateGrp(RsNxsGrp* grp)
#endif #endif
std::list<RsPeerId> peers; std::list<RsPeerId> peers;
peers.push_back(grp->PeerId()); peers.push_back(grp->PeerId());
mGixs->requestKey(metaData.mAuthorId, peers); mGixs->requestKey(metaData.mAuthorId, peers,"Group author signature validation. GrpId=" + metaData.mGroupId.toStdString());
return VALIDATE_FAIL_TRY_LATER; return VALIDATE_FAIL_TRY_LATER;
} }
} }

View File

@ -656,7 +656,7 @@ public:
virtual void setSyncPeriod(const RsGxsGroupId& grpId,uint32_t age_in_secs) ; virtual void setSyncPeriod(const RsGxsGroupId& grpId,uint32_t age_in_secs) ;
uint16_t serviceType() const { return mServType ; } uint16_t serviceType() const { return mServType ; }
uint16_t serviceFullType() const { return ((uint32_t)mServType << 8) + (((uint32_t) RS_PKT_VERSION_SERVICE) << 24); } uint32_t serviceFullType() const { return ((uint32_t)mServType << 8) + (((uint32_t) RS_PKT_VERSION_SERVICE) << 24); }
protected: protected:

View File

@ -117,7 +117,7 @@ public:
*/ */
virtual bool signData(const uint8_t *data,uint32_t data_size,const RsGxsId& signer_id,RsTlvKeySignature& signature,uint32_t& signing_error) = 0 ; virtual bool signData(const uint8_t *data,uint32_t data_size,const RsGxsId& signer_id,RsTlvKeySignature& signature,uint32_t& signing_error) = 0 ;
virtual bool validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,uint32_t& signing_error) = 0 ; virtual bool validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const std::string& info_string,uint32_t& signing_error) = 0 ;
virtual bool encryptData(const uint8_t *clear_data,uint32_t clear_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& encryption_error) = 0 ; virtual bool encryptData(const uint8_t *clear_data,uint32_t clear_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& encryption_error) = 0 ;
virtual bool decryptData(const uint8_t *encrypted_data,uint32_t encrypted_data_size,uint8_t *& clear_data,uint32_t& clear_data_size,const RsGxsId& encryption_key_id,uint32_t& encryption_error) = 0 ; virtual bool decryptData(const uint8_t *encrypted_data,uint32_t encrypted_data_size,uint8_t *& clear_data,uint32_t& clear_data_size,const RsGxsId& encryption_key_id,uint32_t& encryption_error) = 0 ;
@ -149,7 +149,7 @@ public:
* @param keyref the KeyRef of the key being requested * @param keyref the KeyRef of the key being requested
* @return will * @return will
*/ */
virtual bool requestKey(const RsGxsId &id, const std::list<RsPeerId> &peers) = 0; virtual bool requestKey(const RsGxsId &id, const std::list<RsPeerId> &peers,const std::string& info) = 0;
virtual bool requestPrivateKey(const RsGxsId &id) = 0; virtual bool requestPrivateKey(const RsGxsId &id) = 0;

View File

@ -323,7 +323,7 @@ bool RsGxsIntegrityCheck::check()
if(!mGixs->haveKey(gxs_ids[n].first)) // checks if we have it already in the cache (conservative way to ensure that we atually have it) if(!mGixs->haveKey(gxs_ids[n].first)) // checks if we have it already in the cache (conservative way to ensure that we atually have it)
{ {
mGixs->requestKey(gxs_ids[n].first,connected_friends); mGixs->requestKey(gxs_ids[n].first,connected_friends,"Author in group " + gxs_ids[n].second.toStdString() + " of service \"" + rsServiceControl->getServiceName(mGenExchangeClient->serviceFullType())+"\"") ;
++nb_requested_not_in_cache ; ++nb_requested_not_in_cache ;
#ifdef DEBUG_GXSUTIL #ifdef DEBUG_GXSUTIL
@ -336,7 +336,7 @@ bool RsGxsIntegrityCheck::check()
GXSUTIL_DEBUG() << " ... already in cache" << std::endl; GXSUTIL_DEBUG() << " ... already in cache" << std::endl;
#endif #endif
} }
mGixs->timeStampKey(gxs_ids[n].first,"Author in group " + gxs_ids[n].second.toStdString() + " of service \"" + rsServiceControl->getServiceName(mGenExchangeClient->serviceFullType())) ; mGixs->timeStampKey(gxs_ids[n].first,"Author in group " + gxs_ids[n].second.toStdString() + " of service \"" + rsServiceControl->getServiceName(mGenExchangeClient->serviceFullType())+"\"") ;
gxs_ids[n] = gxs_ids[gxs_ids.size()-1] ; gxs_ids[n] = gxs_ids[gxs_ids.size()-1] ;
gxs_ids.pop_back() ; gxs_ids.pop_back() ;

View File

@ -1094,7 +1094,7 @@ bool p3GxsCircles::locked_processLoadingCacheEntry(RsGxsCircleCache& cache)
rsPeers->getOnlineList(peers) ; rsPeers->getOnlineList(peers) ;
} }
mIdentities->requestKey(pit->first, peers); mIdentities->requestKey(pit->first, peers,"Membership status check in Circle "+cache.mCircleName+" ("+cache.mCircleId.toStdString()+")");
//isUnprocessedPeers = true; //isUnprocessedPeers = true;
} }
} }

View File

@ -523,7 +523,7 @@ void p3IdService::notifyChanges(std::vector<RsGxsNotify *> &changes)
// also time_stamp the key that this group represents // also time_stamp the key that this group represents
timeStampKey(RsGxsId(*git),"Group info changed") ; timeStampKey(RsGxsId(*git),"Group meta data changed") ;
++git; ++git;
} }
@ -789,7 +789,7 @@ static void mergeIds(std::map<RsGxsId,std::list<RsPeerId> >& idmap,const RsGxsId
old_peers.push_back(*it) ; old_peers.push_back(*it) ;
} }
bool p3IdService::requestKey(const RsGxsId &id, const std::list<RsPeerId>& peers) bool p3IdService::requestKey(const RsGxsId &id, const std::list<RsPeerId>& peers,const std::string& info)
{ {
if(id.isNull()) if(id.isNull())
{ {
@ -815,7 +815,7 @@ bool p3IdService::requestKey(const RsGxsId &id, const std::list<RsPeerId>& peers
std::cerr << "(II) not requesting Key " << id << " because it has been banned." << std::endl; std::cerr << "(II) not requesting Key " << id << " because it has been banned." << std::endl;
{ {
RsStackMutex stack(mIdMtx); /********** STACK LOCKED MTX ******/ RS_STACK_MUTEX(mIdMtx); /********** STACK LOCKED MTX ******/
mIdsNotPresent.erase(id) ; mIdsNotPresent.erase(id) ;
} }
return true; return true;
@ -833,6 +833,10 @@ bool p3IdService::requestKey(const RsGxsId &id, const std::list<RsPeerId>& peers
return true ; return true ;
} }
} }
{
RS_STACK_MUTEX(mIdMtx); /********** STACK LOCKED MTX ******/
mKeysTS[id].usage_map["Requested to friends: "+info] = time(NULL) ;
}
return cache_request_load(id, peers); return cache_request_load(id, peers);
} }
@ -929,10 +933,10 @@ bool p3IdService::signData(const uint8_t *data,uint32_t data_size,const RsGxsId&
return false ; return false ;
} }
error_status = RS_GIXS_ERROR_NO_ERROR ; error_status = RS_GIXS_ERROR_NO_ERROR ;
timeStampKey(own_gxs_id,"own GXS id") ; timeStampKey(own_gxs_id,"Own GXS id") ;
return true ; return true ;
} }
bool p3IdService::validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,uint32_t& signing_error) bool p3IdService::validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const std::string& info_string,uint32_t& signing_error)
{ {
// RsIdentityDetails details ; // RsIdentityDetails details ;
// getIdDetails(signature.keyId,details); // getIdDetails(signature.keyId,details);
@ -966,7 +970,7 @@ bool p3IdService::validateData(const uint8_t *data,uint32_t data_size,const RsTl
} }
signing_error = RS_GIXS_ERROR_NO_ERROR ; signing_error = RS_GIXS_ERROR_NO_ERROR ;
timeStampKey(signature.keyId,"Used in signature checking." ) ; timeStampKey(signature.keyId,"Used in signature checking: "+info_string ) ;
return true ; return true ;
} }
bool p3IdService::encryptData(const uint8_t *decrypted_data,uint32_t decrypted_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& error_status) bool p3IdService::encryptData(const uint8_t *decrypted_data,uint32_t decrypted_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& error_status)
@ -2531,7 +2535,7 @@ bool p3IdService::cachetest_handlerequest(uint32_t token)
if (!haveKey(*vit)) if (!haveKey(*vit))
{ {
std::list<RsPeerId> nullpeers; std::list<RsPeerId> nullpeers;
requestKey(*vit, nullpeers); requestKey(*vit, nullpeers,"Cache test in p3IdService");
#ifdef DEBUG_IDS #ifdef DEBUG_IDS
std::cerr << "p3IdService::cachetest_request() Requested Key Id: " << *vit; std::cerr << "p3IdService::cachetest_request() Requested Key Id: " << *vit;

View File

@ -287,7 +287,7 @@ public:
virtual bool isOwnId(const RsGxsId& key_id) ; virtual bool isOwnId(const RsGxsId& key_id) ;
virtual bool signData(const uint8_t *data,uint32_t data_size,const RsGxsId& signer_id,RsTlvKeySignature& signature,uint32_t& signing_error) ; virtual bool signData(const uint8_t *data,uint32_t data_size,const RsGxsId& signer_id,RsTlvKeySignature& signature,uint32_t& signing_error) ;
virtual bool validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,uint32_t& signing_error) ; virtual bool validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const std::string& info_string,uint32_t& signing_error) ;
virtual bool encryptData(const uint8_t *decrypted_data,uint32_t decrypted_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& encryption_error) ; virtual bool encryptData(const uint8_t *decrypted_data,uint32_t decrypted_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& encryption_error) ;
virtual bool decryptData(const uint8_t *encrypted_data,uint32_t encrypted_data_size,uint8_t *& decrypted_data,uint32_t& decrypted_data_size,const RsGxsId& encryption_key_id,uint32_t& encryption_error) ; virtual bool decryptData(const uint8_t *encrypted_data,uint32_t encrypted_data_size,uint8_t *& decrypted_data,uint32_t& decrypted_data_size,const RsGxsId& encryption_key_id,uint32_t& encryption_error) ;
@ -298,7 +298,7 @@ public:
virtual bool getKey(const RsGxsId &id, RsTlvPublicRSAKey &key); virtual bool getKey(const RsGxsId &id, RsTlvPublicRSAKey &key);
virtual bool getPrivateKey(const RsGxsId &id, RsTlvPrivateRSAKey &key); virtual bool getPrivateKey(const RsGxsId &id, RsTlvPrivateRSAKey &key);
virtual bool requestKey(const RsGxsId &id, const std::list<RsPeerId> &peers); virtual bool requestKey(const RsGxsId &id, const std::list<RsPeerId> &peers, const std::string &info);
virtual bool requestPrivateKey(const RsGxsId &id); virtual bool requestPrivateKey(const RsGxsId &id);

View File

@ -36,9 +36,13 @@
#include <sys/timeb.h> #include <sys/timeb.h>
#endif #endif
std::string RsUtil::NumberToString(uint64_t n) std::string RsUtil::NumberToString(uint64_t n,bool hex)
{ {
std::ostringstream os ; std::ostringstream os ;
if(hex)
os << std::hex ;
os << n ; os << n ;
os.flush() ; os.flush() ;

View File

@ -36,7 +36,7 @@ namespace RsUtil {
std::string BinToHex(const std::string &bin); std::string BinToHex(const std::string &bin);
std::string BinToHex(const char *arr, const uint32_t len); std::string BinToHex(const char *arr, const uint32_t len);
std::string BinToHex(const unsigned char *arr, const uint32_t len); std::string BinToHex(const unsigned char *arr, const uint32_t len);
std::string NumberToString(uint64_t n); std::string NumberToString(uint64_t n, bool hex=false);
std::string HashId(const std::string &id, bool reverse = false); std::string HashId(const std::string &id, bool reverse = false);
//std::string AccurateTimeString(); //std::string AccurateTimeString();