From 35058cdfe0134c88f1aa8d23342d1d7b9d39e296 Mon Sep 17 00:00:00 2001 From: Alberto Compagno Date: Tue, 7 Jan 2020 11:46:02 +0100 Subject: [HICN-2] Added P2P confidential communication on hICN P2P confidential communications exploit the TLS 1.3 protocol to let a consumer to establish a secure communication on an hICN name. Currently we don't support the consumer authentication (mutual authentication in TLS) and the 0-rtt session establishment. Change-Id: I2be073847c08a17f28c837d444081920c5e57a07 Signed-off-by: Alberto Compagno Signed-off-by: Olivier Roques Signed-off-by: Mauro Sardara --- .../src/hicn/transport/core/forwarder_interface.h | 5 + .../src/hicn/transport/core/memif_connector.cc | 52 +++------ libtransport/src/hicn/transport/core/name.cc | 15 ++- libtransport/src/hicn/transport/core/name.h | 19 +++- libtransport/src/hicn/transport/core/packet.cc | 2 +- libtransport/src/hicn/transport/core/packet.h | 2 +- libtransport/src/hicn/transport/core/portal.h | 3 - libtransport/src/hicn/transport/core/prefix.cc | 125 ++++++++++++++++++++- libtransport/src/hicn/transport/core/prefix.h | 11 ++ 9 files changed, 184 insertions(+), 50 deletions(-) (limited to 'libtransport/src/hicn/transport/core') diff --git a/libtransport/src/hicn/transport/core/forwarder_interface.h b/libtransport/src/hicn/transport/core/forwarder_interface.h index 380ce76bd..63b4a2eda 100644 --- a/libtransport/src/hicn/transport/core/forwarder_interface.h +++ b/libtransport/src/hicn/transport/core/forwarder_interface.h @@ -19,6 +19,8 @@ #include #include #include +#include + #include namespace transport { @@ -95,6 +97,9 @@ class ForwarderInterface { packet.setLocator(inet6_address_); } + // TRANSPORT_LOGI("Sending packet %s at %lu", + // packet.getName().toString().c_str(), + // utils::SteadyClock::now().time_since_epoch().count()); packet.setChecksum(); connector_.send(packet.acquireMemBufReference()); } diff --git a/libtransport/src/hicn/transport/core/memif_connector.cc b/libtransport/src/hicn/transport/core/memif_connector.cc index 43dfab345..5e37c882a 100644 --- a/libtransport/src/hicn/transport/core/memif_connector.cc +++ b/libtransport/src/hicn/transport/core/memif_connector.cc @@ -83,12 +83,11 @@ void MemifConnector::init() { nullptr, nullptr, nullptr); if (TRANSPORT_EXPECT_FALSE(err != MEMIF_ERR_SUCCESS)) { - TRANSPORT_LOGI("memif_init: %s", memif_strerror(err)); + TRANSPORT_LOGE("memif_init: %s", memif_strerror(err)); } } void MemifConnector::connect(uint32_t memif_id, long memif_mode) { - TRANSPORT_LOGI("Creating memif"); state_ = ConnectorState::CONNECTING; memif_id_ = memif_id; @@ -108,7 +107,7 @@ void MemifConnector::connect(uint32_t memif_id, long memif_mode) { int fd = -1; err = memif_get_queue_efd(memif_connection_->conn, 0, &fd); if (TRANSPORT_EXPECT_FALSE(err != MEMIF_ERR_SUCCESS)) { - TRANSPORT_LOGI("memif_get_queue_efd: %s", memif_strerror(err)); + TRANSPORT_LOGE("memif_get_queue_efd: %s", memif_strerror(err)); return; } @@ -142,15 +141,12 @@ int MemifConnector::createMemif(uint32_t index, uint8_t mode, char *s) { int err; - err= memif_create_socket (&args.socket, socket_filename_.c_str(), - nullptr); + err = memif_create_socket(&args.socket, socket_filename_.c_str(), nullptr); if (TRANSPORT_EXPECT_FALSE(err != MEMIF_ERR_SUCCESS)) { - throw errors::RuntimeException(memif_strerror(err)); + throw errors::RuntimeException(memif_strerror(err)); } - TRANSPORT_LOGD("Socket filename: %s", socket_filename_.c_str()); - args.interface_id = index; /* last argument for memif_create (void * private_ctx) is used by user to identify connection. this context is returned with callbacks */ @@ -202,11 +198,11 @@ int MemifConnector::deleteMemif() { err = memif_delete(&c->conn); if (TRANSPORT_EXPECT_FALSE(err != MEMIF_ERR_SUCCESS)) { - TRANSPORT_LOGI("memif_delete: %s", memif_strerror(err)); + TRANSPORT_LOGE("memif_delete: %s", memif_strerror(err)); } if (TRANSPORT_EXPECT_FALSE(c->conn != nullptr)) { - TRANSPORT_LOGI("memif delete fail"); + TRANSPORT_LOGE("memif delete fail"); } return 0; @@ -252,7 +248,7 @@ int MemifConnector::controlFdUpdate(int fd, uint8_t events, void *private_ctx) { memif_err = memif_control_fd_handler(evt.data.fd, event); if (TRANSPORT_EXPECT_FALSE(memif_err != MEMIF_ERR_SUCCESS)) { - TRANSPORT_LOGI("memif_control_fd_handler: %s", + TRANSPORT_LOGE("memif_control_fd_handler: %s", memif_strerror(memif_err)); } @@ -269,12 +265,10 @@ int MemifConnector::bufferAlloc(long n, uint16_t qid) { err = memif_buffer_alloc(c->conn, qid, c->tx_bufs, n, &r, 2000); if (TRANSPORT_EXPECT_FALSE(err != MEMIF_ERR_SUCCESS)) { - TRANSPORT_LOGD("memif_buffer_alloc: %s", memif_strerror(err)); + TRANSPORT_LOGE("memif_buffer_alloc: %s", memif_strerror(err)); } c->tx_buf_num += r; - TRANSPORT_LOGD("allocated %d/%ld buffers, %u free buffers", r, n, - MAX_MEMIF_BUFS - c->tx_buf_num); return r; } @@ -287,18 +281,17 @@ int MemifConnector::txBurst(uint16_t qid) { err = memif_tx_burst(c->conn, qid, c->tx_bufs, c->tx_buf_num, &r); if (TRANSPORT_EXPECT_FALSE(err != MEMIF_ERR_SUCCESS)) { - TRANSPORT_LOGI("memif_tx_burst: %s", memif_strerror(err)); + TRANSPORT_LOGE("memif_tx_burst: %s", memif_strerror(err)); } // err = memif_refill_queue(c->conn, qid, r, 0); if (TRANSPORT_EXPECT_FALSE(err != MEMIF_ERR_SUCCESS)) { - TRANSPORT_LOGI("memif_tx_burst: %s", memif_strerror(err)); + TRANSPORT_LOGE("memif_tx_burst: %s", memif_strerror(err)); c->tx_buf_num -= r; return -1; } - TRANSPORT_LOGD("tx: %d/%u", r, c->tx_buf_num); c->tx_buf_num -= r; return 0; } @@ -322,7 +315,6 @@ void MemifConnector::processInputBuffer() { /* informs user about connected status. private_ctx is used by user to identify connection (multiple connections WIP) */ int MemifConnector::onConnect(memif_conn_handle_t conn, void *private_ctx) { - TRANSPORT_LOGI("memif connected!\n"); MemifConnector *connector = (MemifConnector *)private_ctx; connector->state_ = ConnectorState::CONNECTED; memif_refill_queue(conn, 0, -1, 0); @@ -333,11 +325,8 @@ int MemifConnector::onConnect(memif_conn_handle_t conn, void *private_ctx) { /* informs user about disconnected status. private_ctx is used by user to identify connection (multiple connections WIP) */ int MemifConnector::onDisconnect(memif_conn_handle_t conn, void *private_ctx) { - TRANSPORT_LOGI("memif disconnected!"); MemifConnector *connector = (MemifConnector *)private_ctx; connector->state_ = ConnectorState::CLOSED; - TRANSPORT_LOGI("Packet to process: %u", - connector->memif_connection_->tx_buf_num); return 0; } @@ -357,14 +346,14 @@ int MemifConnector::onInterrupt(memif_conn_handle_t conn, void *private_ctx, if (TRANSPORT_EXPECT_FALSE(err != MEMIF_ERR_SUCCESS && err != MEMIF_ERR_NOBUF)) { - TRANSPORT_LOGI("memif_rx_burst: %s", memif_strerror(err)); + TRANSPORT_LOGE("memif_rx_burst: %s", memif_strerror(err)); goto error; } c->rx_buf_num += rx; if (TRANSPORT_EXPECT_TRUE(connector->io_service_.stopped())) { - TRANSPORT_LOGD("socket stopped: ignoring %u packets", rx); + TRANSPORT_LOGE("socket stopped: ignoring %u packets", rx); goto error; } @@ -378,7 +367,7 @@ int MemifConnector::onInterrupt(memif_conn_handle_t conn, void *private_ctx, packet->append(packet_length); if (!connector->input_buffer_.push(std::move(packet))) { - TRANSPORT_LOGI("Error pushing packet. Ring buffer full."); + TRANSPORT_LOGE("Error pushing packet. Ring buffer full."); // TODO Here we should consider the possibility to signal the congestion // to the application, that would react properly (e.g. slow down @@ -392,13 +381,11 @@ int MemifConnector::onInterrupt(memif_conn_handle_t conn, void *private_ctx, err = memif_refill_queue(conn, qid, rx, 0); if (TRANSPORT_EXPECT_FALSE(err != MEMIF_ERR_SUCCESS)) { - TRANSPORT_LOGI("memif_buffer_free: %s", memif_strerror(err)); + TRANSPORT_LOGE("memif_buffer_free: %s", memif_strerror(err)); } c->rx_buf_num -= rx; - TRANSPORT_LOGD("freed %d buffers. %u/%u alloc/free buffers", rx, rx, - MAX_MEMIF_BUFS - rx); } while (ret_val == MEMIF_ERR_NOBUF); connector->io_service_.post( @@ -410,12 +397,10 @@ error: err = memif_refill_queue(c->conn, qid, rx, 0); if (TRANSPORT_EXPECT_FALSE(err != MEMIF_ERR_SUCCESS)) { - TRANSPORT_LOGI("memif_buffer_free: %s", memif_strerror(err)); + TRANSPORT_LOGE("memif_buffer_free: %s", memif_strerror(err)); } c->rx_buf_num -= rx; - TRANSPORT_LOGD("freed %d buffers. %u/%u alloc/free buffers", rx, - c->rx_buf_num, MAX_MEMIF_BUFS - c->rx_buf_num); return 0; } @@ -430,9 +415,6 @@ void MemifConnector::close() { if (memif_worker_ && memif_worker_->joinable()) { memif_worker_->join(); - TRANSPORT_LOGD("Memif worker joined"); - } else { - TRANSPORT_LOGD("Memif worker not joined"); } } } @@ -467,7 +449,7 @@ int MemifConnector::doSend() { if (TRANSPORT_EXPECT_FALSE( (n = bufferAlloc(max, memif_connection_->tx_qid)) < 0)) { - TRANSPORT_LOGI("Error allocating buffers."); + TRANSPORT_LOGE("Error allocating buffers."); return -1; } @@ -487,8 +469,6 @@ int MemifConnector::doSend() { memif_connection_->tx_bufs[i].len = uint32_t(offset); - TRANSPORT_LOGD("Packet size : %zu", offset); - output_buffer_.pop_front(); } diff --git a/libtransport/src/hicn/transport/core/name.cc b/libtransport/src/hicn/transport/core/name.cc index 46ef98948..85e2b8565 100644 --- a/libtransport/src/hicn/transport/core/name.cc +++ b/libtransport/src/hicn/transport/core/name.cc @@ -116,9 +116,9 @@ std::string Name::toString() const { return name_string; } -uint32_t Name::getHash32() const { +uint32_t Name::getHash32(bool consider_suffix) const { uint32_t hash; - if (hicn_name_hash((hicn_name_t *)&name_, &hash) < 0) { + if (hicn_name_hash(&name_, &hash, consider_suffix) < 0) { throw errors::RuntimeException("Error computing the hash of the name!"); } return hash; @@ -206,6 +206,17 @@ std::ostream &operator<<(std::ostream &os, const Name &name) { return os; } +size_t hash::operator()( + const transport::core::Name &name) const { + return name.getHash32(false); +} + +size_t compare2::operator()( + const transport::core::Name &name1, + const transport::core::Name &name2) const { + return name1.equals(name2, false); +} + } // end namespace core } // end namespace transport diff --git a/libtransport/src/hicn/transport/core/name.h b/libtransport/src/hicn/transport/core/name.h index 35625ddd1..ea72797ad 100644 --- a/libtransport/src/hicn/transport/core/name.h +++ b/libtransport/src/hicn/transport/core/name.h @@ -81,7 +81,7 @@ class Name { bool equals(const Name &name, bool consider_segment = true) const; - uint32_t getHash32() const; + uint32_t getHash32(bool consider_suffix = true) const; void clear(); @@ -112,10 +112,27 @@ class Name { std::ostream &operator<<(std::ostream &os, const Name &name); +template +struct hash {}; + +template <> +struct hash { + size_t operator()(const transport::core::Name &name) const; +}; + +template +struct compare2 {}; + +template <> +struct compare2 { + size_t operator()(const transport::core::Name &name1, const transport::core::Name &name2) const; +}; + } // end namespace core } // end namespace transport + namespace std { template <> struct hash { diff --git a/libtransport/src/hicn/transport/core/packet.cc b/libtransport/src/hicn/transport/core/packet.cc index 954266664..817f8de66 100644 --- a/libtransport/src/hicn/transport/core/packet.cc +++ b/libtransport/src/hicn/transport/core/packet.cc @@ -230,7 +230,7 @@ Packet::Format Packet::getFormat() const { return format_; } -const std::shared_ptr Packet::acquireMemBufReference() { +const std::shared_ptr Packet::acquireMemBufReference() const { return packet_; } diff --git a/libtransport/src/hicn/transport/core/packet.h b/libtransport/src/hicn/transport/core/packet.h index 4ec93205a..35c8606c9 100644 --- a/libtransport/src/hicn/transport/core/packet.h +++ b/libtransport/src/hicn/transport/core/packet.h @@ -99,7 +99,7 @@ class Packet : public std::enable_shared_from_this { std::size_t headerSize() const; - const std::shared_ptr acquireMemBufReference(); + const std::shared_ptr acquireMemBufReference() const; virtual const Name &getName() const = 0; diff --git a/libtransport/src/hicn/transport/core/portal.h b/libtransport/src/hicn/transport/core/portal.h index 4f161e4c8..c6e11ada6 100644 --- a/libtransport/src/hicn/transport/core/portal.h +++ b/libtransport/src/hicn/transport/core/portal.h @@ -658,9 +658,6 @@ class Portal { consumer_callback_->onContentObject(std::move(_int), std::move(content_object)); } - } else { - TRANSPORT_LOGD("No pending interests for current content (%s)", - content_object->getName().toString().c_str()); } } diff --git a/libtransport/src/hicn/transport/core/prefix.cc b/libtransport/src/hicn/transport/core/prefix.cc index 648c0a67b..59898ab70 100644 --- a/libtransport/src/hicn/transport/core/prefix.cc +++ b/libtransport/src/hicn/transport/core/prefix.cc @@ -29,6 +29,8 @@ extern "C" { #include #include +#include + namespace transport { namespace core { @@ -80,11 +82,11 @@ void Prefix::buildPrefix(std::string &prefix, uint16_t prefix_length, int ret; switch (family) { case AF_INET: - ret = inet_pton(AF_INET, prefix.c_str(), ip_prefix_.address.v4.buffer); - break; + ret = inet_pton(AF_INET, prefix.c_str(), ip_prefix_.address.v4.buffer); + break; case AF_INET6: - ret = inet_pton(AF_INET6, prefix.c_str(), ip_prefix_.address.v6.buffer); - break; + ret = inet_pton(AF_INET6, prefix.c_str(), ip_prefix_.address.v6.buffer); + break; default: throw errors::InvalidIpAddressException(); } @@ -133,8 +135,7 @@ Prefix &Prefix::setAddressFamily(int address_family) { } std::string Prefix::getNetwork() const { - if (!checkPrefixLengthAndAddressFamily(ip_prefix_.len, - ip_prefix_.family)) { + if (!checkPrefixLengthAndAddressFamily(ip_prefix_.len, ip_prefix_.family)) { throw errors::InvalidIpAddressException(); } @@ -151,11 +152,123 @@ std::string Prefix::getNetwork() const { return network; } +int Prefix::contains(const ip_address_t &content_name) const { + int res = + ip_address_cmp(&content_name, &(ip_prefix_.address), ip_prefix_.family); + + if (ip_prefix_.len != (ip_prefix_.family == AF_INET6 ? IPV6_ADDR_LEN_BITS + : IPV4_ADDR_LEN_BITS)) { + const u8 *ip_prefix_buffer = + ip_address_get_buffer(&(ip_prefix_.address), ip_prefix_.family); + const u8 *content_name_buffer = + ip_address_get_buffer(&content_name, ip_prefix_.family); + uint8_t mask = 0xFF >> (ip_prefix_.len % 8); + mask = ~mask; + + res += (ip_prefix_buffer[ip_prefix_.len] & mask) == + (content_name_buffer[ip_prefix_.len] & mask); + } + + return res; +} + +int Prefix::contains(const core::Name &content_name) const { + return contains(content_name.toIpAddress().address); +} + Name Prefix::getName() const { std::string s(getNetwork()); return Name(s); } +/* + * Mask is used to apply the components to a content name that belong to this + * prefix + */ +Name Prefix::getName(const core::Name &mask, const core::Name &components, + const core::Name &content_name) const { + if (ip_prefix_.family != mask.getAddressFamily() || + ip_prefix_.family != components.getAddressFamily() || + ip_prefix_.family != content_name.getAddressFamily()) + throw errors::RuntimeException( + "Prefix, mask, components and content name are not of the same address " + "family"); + + ip_address_t mask_ip = mask.toIpAddress().address; + ip_address_t component_ip = components.toIpAddress().address; + ip_address_t name_ip = content_name.toIpAddress().address; + const u8 *mask_ip_buffer = ip_address_get_buffer(&mask_ip, ip_prefix_.family); + const u8 *component_ip_buffer = + ip_address_get_buffer(&component_ip, ip_prefix_.family); + u8 *name_ip_buffer = + const_cast(ip_address_get_buffer(&name_ip, ip_prefix_.family)); + + int addr_len = ip_prefix_.family == AF_INET6 ? IPV6_ADDR_LEN : IPV4_ADDR_LEN; + + for (int i = 0; i < addr_len; i++) { + if (mask_ip_buffer[i]) { + name_ip_buffer[i] = component_ip_buffer[i] & mask_ip_buffer[i]; + } + } + + if (this->contains(name_ip)) + throw errors::RuntimeException("Mask overrides the prefix"); + return Name(ip_prefix_.family, (uint8_t *)&name_ip); +} + +Name Prefix::getRandomName() const { + ip_address_t name_ip = ip_prefix_.address; + u8 *name_ip_buffer = + const_cast(ip_address_get_buffer(&name_ip, ip_prefix_.family)); + + int addr_len = + (ip_prefix_.family == AF_INET6 ? IPV6_ADDR_LEN * 8 : IPV4_ADDR_LEN * 8) - + ip_prefix_.len; + + size_t size = (size_t)ceil((float)addr_len / 8.0); + uint8_t buffer[size]; + + RAND_bytes(buffer, size); + + int j = 0; + for (uint8_t i = (uint8_t)ceil((float)ip_prefix_.len / 8.0); + i < (ip_prefix_.family == AF_INET6 ? IPV6_ADDR_LEN : IPV4_ADDR_LEN); + i++) { + name_ip_buffer[i] = buffer[j]; + j++; + } + + return Name(ip_prefix_.family, (uint8_t *)&name_ip); +} + +/* + * Map a name in a different name prefix to this name prefix + */ +Name Prefix::mapName(const core::Name &content_name) const { + if (ip_prefix_.family != content_name.getAddressFamily()) + throw errors::RuntimeException( + "Prefix content name are not of the same address " + "family"); + + ip_address_t name_ip = content_name.toIpAddress().address; + const u8 *ip_prefix_buffer = + ip_address_get_buffer(&(ip_prefix_.address), ip_prefix_.family); + u8 *name_ip_buffer = + const_cast(ip_address_get_buffer(&name_ip, ip_prefix_.family)); + + memcpy(name_ip_buffer, ip_prefix_buffer, ip_prefix_.len / 8); + + if (ip_prefix_.len != (ip_prefix_.family == AF_INET6 ? IPV6_ADDR_LEN_BITS + : IPV4_ADDR_LEN_BITS)) { + uint8_t mask = 0xFF >> (ip_prefix_.len % 8); + name_ip_buffer[ip_prefix_.len / 8 + 1] = + (name_ip_buffer[ip_prefix_.len / 8 + 1] & mask) | + (ip_prefix_buffer[ip_prefix_.len / 8 + 1] & ~mask); + } + + return Name(ip_prefix_.family, (uint8_t *)&name_ip); +} + Prefix &Prefix::setNetwork(std::string &network) { if (!inet_pton(AF_INET6, network.c_str(), ip_prefix_.address.v6.buffer)) { throw errors::RuntimeException("The network name is not valid."); diff --git a/libtransport/src/hicn/transport/core/prefix.h b/libtransport/src/hicn/transport/core/prefix.h index af7c705cf..47971acaf 100644 --- a/libtransport/src/hicn/transport/core/prefix.h +++ b/libtransport/src/hicn/transport/core/prefix.h @@ -42,8 +42,19 @@ class Prefix { std::string getNetwork() const; + int contains(const ip_address_t &content_name) const; + + int contains(const core::Name &content_name) const; + Name getName() const; + Name getRandomName() const; + + Name getName(const core::Name &mask, const core::Name &components, + const core::Name &content_name) const; + + Name mapName(const core::Name &content_name) const; + Prefix &setNetwork(std::string &network); int getAddressFamily(); -- cgit 1.2.3-korg