fixed bug in distant chat randomly screwing up key exchange, and causing distant chat to be unreliable.

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@7677 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2014-11-13 22:28:37 +00:00
parent f2a6d9f35e
commit a3eea2cfb1

View File

@ -45,7 +45,7 @@
#include <retroshare/rsids.h>
#include "distantchat.h"
//#define DEBUG_DISTANT_CHAT
#define DEBUG_DISTANT_CHAT
void DistantChatService::connectToTurtleRouter(p3turtle *tr)
{
@ -199,6 +199,17 @@ void DistantChatService::addVirtualPeer(const TurtleFileHash& hash,const TurtleV
return ;
}
// make sure the DH session does not already exist. If so, remove it.
std::map<TurtleFileHash,DistantChatPeerInfo>::iterator it = _distant_chat_peers.find(hash) ;
if(it != _distant_chat_peers.end())
{
std::cerr << " (WW) weird. Already existing DH session found. Removing it." << std::endl ;
if(it->second.dh != NULL)
DH_free(it->second.dh) ;
_distant_chat_peers.erase(it) ;
}
DistantChatPeerInfo info ;
info.last_contact = now ;
info.status = RS_DISTANT_CHAT_STATUS_TUNNEL_OK ;
@ -214,19 +225,25 @@ void DistantChatService::addVirtualPeer(const TurtleFileHash& hash,const TurtleV
{
// Start a new DH session for this tunnel
RS_STACK_MUTEX(mDistantChatMtx); /********** STACK LOCKED MTX ******/
RsStackMutex stack(mDistantChatMtx); /********** STACK LOCKED MTX ******/
DistantChatPeerInfo& info(_distant_chat_peers[hash]) ;
std::cerr << " Starting new DH session." << std::endl;
if(!locked_initDHSessionKey(info))
{
std::cerr << " (EE) Cannot start DH session. Something went wrong." << std::endl;
return ;
}
if(!locked_sendDHPublicKey(info))
{
std::cerr << " (EE) Cannot send DH public key. Something went wrong." << std::endl;
return ;
}
info.status = RS_DISTANT_CHAT_STATUS_WAITING_DH ;
_distant_chat_peers[hash].status = RS_DISTANT_CHAT_STATUS_WAITING_DH ;
}
// RsChatMsgItem *item = new RsChatMsgItem;
@ -328,7 +345,21 @@ void DistantChatService::receiveTurtleData( RsTurtleGenericTunnelItem *gitem,con
}
uint32_t decrypted_size = RsAES::get_buffer_size(item->data_size-8);
uint8_t *decrypted_data = new uint8_t[decrypted_size];
bool decrypted = false ;
unsigned char no_key[DISTANT_CHAT_AES_KEY_SIZE] ;
memset(no_key,0,DISTANT_CHAT_AES_KEY_SIZE) ;
if(RsAES::aes_decrypt_8_16((uint8_t*)item->data_bytes+8,item->data_size-8,no_key,(uint8_t*)item->data_bytes,decrypted_data,decrypted_size))
{
decrypted = true ;
#ifdef DEBUG_DISTANT_CHAT
std::cerr << " Data is not encrypted. Probably a DH session key." << std::endl;
#endif
}
if(!decrypted)
{
#ifdef DEBUG_DISTANT_CHAT
std::cerr << " Using IV: " << std::hex << *(uint64_t*)item->data_bytes << std::dec << std::endl;
std::cerr << " Decrypted buffer size: " << decrypted_size << std::endl;
@ -342,6 +373,7 @@ void DistantChatService::receiveTurtleData( RsTurtleGenericTunnelItem *gitem,con
delete[] decrypted_data ;
return ;
}
}
#ifdef DEBUG_DISTANT_CHAT
std::cerr << "(II) Decrypted data: size=" << decrypted_size << std::endl;
@ -531,7 +563,8 @@ bool DistantChatService::locked_sendDHPublicKey(const DistantChatPeerInfo& pinfo
RsIdentityDetails details ;
mIdService->getIdDetails(pinfo.own_gxs_id,details);
for(int i=0;i<6;++i)
int i ;
for(i=0;i<6;++i)
if(!mIdService->getPrivateKey(pinfo.own_gxs_id,signature_key) || signature_key.keyData.bin_data == NULL)
{
std::cerr << " Cannot get key. Waiting for caching. try " << i << "/6" << std::endl;
@ -540,6 +573,12 @@ bool DistantChatService::locked_sendDHPublicKey(const DistantChatPeerInfo& pinfo
else
break ;
if(i == 6)
{
std::cerr << " (EE) Could not retrieve own private key for ID = " << pinfo.own_gxs_id << ". Giging up sending DH session params." << std::endl;
return false ;
}
GxsSecurity::extractPublicKey(signature_key,signature_key_public) ;
assert(!(signature_key_public.keyFlags & RSTLV_KEY_TYPE_FULL)) ;
@ -563,6 +602,9 @@ bool DistantChatService::locked_sendDHPublicKey(const DistantChatPeerInfo& pinfo
dhitem->gxs_key = signature_key_public ;
dhitem->PeerId(pinfo.virtual_peer_id) ;
#ifdef DEBUG_DISTANT_MSG
std::cerr << " Pushing DH session key item to pending distant messages..." << std::endl;
#endif
pendingDistantChatItems.push_back(dhitem) ;
return true ;
@ -602,6 +644,7 @@ bool DistantChatService::locked_initDHSessionKey(DistantChatPeerInfo& pinfo)
std::cerr << " (EE) DH generate_key() failed! Error code = " << ERR_get_error() << std::endl;
return false ;
}
std::cerr << " (II) DH Session key inited." << std::endl;
return true ;
}
@ -657,14 +700,21 @@ void DistantChatService::sendTurtleData(RsChatItem *item)
//
uint8_t *encrypted_data = new uint8_t[RsAES::get_buffer_size(rssize)];
uint32_t encrypted_size = RsAES::get_buffer_size(rssize);
uint64_t IV = RSRandom::random_u64() ; // make a random 8 bytes IV
if(dynamic_cast<RsChatDHPublicKeyItem*>(item) != NULL)
{
memset(aes_key,0,16) ;
IV = 0 ;
#ifdef DEBUG_DISTANT_CHAT
std::cerr << " Special item DH session key --> will be sent unencrypted." << std::endl ;
#endif
}
#ifdef DEBUG_DISTANT_CHAT
std::cerr << " Using IV: " << std::hex << IV << std::dec << std::endl;
std::cerr << " Using Key: " ; printBinaryData(aes_key,16) ; std::cerr << std::endl;
#endif
if(!RsAES::aes_crypt_8_16(buff,rssize,aes_key,(uint8_t*)&IV,encrypted_data,encrypted_size))
{
std::cerr << "(EE) packet encryption failed." << std::endl;
@ -768,6 +818,7 @@ TurtleFileHash DistantChatService::hashFromGxsId(const RsGxsId& gid)
{
if(DistantChatPeerId::SIZE_IN_BYTES > Sha1CheckSum::SIZE_IN_BYTES)
std::cerr << __PRETTY_FUNCTION__ << ": Serious inconsistency error." << std::endl;
assert(Sha1CheckSum::SIZE_IN_BYTES >= DistantChatPeerId::SIZE_IN_BYTES) ;
unsigned char tmp[Sha1CheckSum::SIZE_IN_BYTES] ;
memset(tmp,0,Sha1CheckSum::SIZE_IN_BYTES) ;