On Fri, Apr 06, 2001 at 06:39:14PM +0100, toad wrote:
> On Fri, Apr 06, 2001 at 06:31:27PM +0100, toad wrote:
>
> > To: Steven Hazel <sah at thalassocracy.org>
> > Subject: Re: libfreenet patch for htl=0 => don't insert, just generate CHK
> >
> > On Fri, Apr 06, 2001 at 05:03:51PM +0100, toad wrote:
> > > On Fri, Apr 06, 2001 at 04:28:16PM +0100, toad wrote:
> > > > Hi. I have patched libfreenet-0.3.0 so that HTL=0 causes it to generate
> > > > the CHK
> > > > but not insert the file. Attached patch.
> > > >
> > > Also, -m doesn't work.
> > > $ testclient -i -f 1 freenet:CHK at CxnLMc~RfDCIooExc25ke7nfRyUOAwE -h 0
> > > -d -m 26
> > > reached EOF
> > > key:
> > > freenet:CHK at p0rl410lZ0QcAfxg~~AHKWXH4lAOAwE,~lowoPtaSZxH7C~vG-QApw
> > >
> > > $ testclient -i -f 1 -m 26 freenet:CHK at CxnLMc~RfDCIooExc25ke7nfRyUOAwE
> > > -h 0 -d
> > > reached EOF
> > > key:
> > > freenet:CHK at p0rl410lZ0QcAfxg~~AHKWXH4lAOAwE,~lowoPtaSZxH7C~vG-QApw
> > >
> > > $ testclient -i -f 1 -m26 freenet:CHK at CxnLMc~RfDCIooExc25ke7nfRyUOAwE
> > > -h 0 -d
> > > reached EOF
> > > key:
> > > freenet:CHK at p0rl410lZ0QcAfxg~~AHKWXH4lAOAwE,~lowoPtaSZxH7C~vG-QApw
> > >
> > > $ testclient -i -f 1 -m25 freenet:CHK at CxnLMc~RfDCIooExc25ke7nfRyUOAwE
> > > -h 0 -d
> > > reached EOF
> > > key:
> > > freenet:CHK at p0rl410lZ0QcAfxg~~AHKWXH4lAOAwE,~lowoPtaSZxH7C~vG-QApw
> > >
> > I see what the apparent problem is now. Fred 0.3.8.1 uses the file content,
> > not including the metadata, to get the encryption key. This is a bug as has
> > been pointed out on the list recently (is there going to be a 0.3.8.2
> > soon?).
> > libfreenet does what Fred should, and will/soon will, do, i.e. it hashes the
> > whole file including metadata to get the encryption key. This is
> > incompatible
> > with 0.3.8.1, so means I can't use libfreenet to get the CHK of files I then
> > insert with Fred (specifically, GJ's PutFiles wrapper). I may be able to
> > patch
> > libfreenet to have an option for the broken fred behaviour, but it becomes
> > irrelevant when fred 0.3.8.2 comes out. More seriously, it means that we
> > have
> > an instant way to produce CHK collisions - put something in with the same
> > data+
> > metadata, but change the boundary byte from one to the other, and you get a
> > different CHK. Can be used for some interesting spoofing attacks...
> Umm, I mean the same CHK. libfreenet produces the exact same CHK for the same
> datastream regardless of where the divide between metadata and data is. Is
> this
> the correct behaviour? Isn't it a risk with malicious collisions?
Attached patch introduces a new option to libfreenet testclient, '-e'. This
emulates Fred <=0.3.8.1 behaviour, skipping the metadata when calculating the
encryption key. Mainly useful in combination with -h 0, to determine what CHK
Fred would have inserted a file under. You must specify -m <bytes of metadata>,
and put a Content-Type=<whatever content type Fred would give>\n at the
beginning of the file.
--
Always hardwire the explosives
-- Fiona Dexter quoting Monkey, J. Gregory Keyes, Dark Genesis
-------------- next part --------------
diff -u -r tmp/libfreenet-0.3.0/client.c tmp2/libfreenet-0.3.0/client.c
--- tmp/libfreenet-0.3.0/client.c Wed Mar 28 00:26:10 2001
+++ tmp2/libfreenet-0.3.0/client.c Fri Apr 6 22:44:37 2001
@@ -40,7 +40,7 @@
unsigned char *buffer, int buflen);
int generate_CHK_enckey_from_stream (unsigned char *enckey,
- FILE *instream);
+ FILE *instream, int skip);
int generate_hashes_from_buffer (freenet_transfer_state *state,
const unsigned char *docname,
@@ -265,7 +265,7 @@
int generate_CHK_enckey_from_stream (unsigned char *enckey,
- FILE *instream)
+ FILE *instream, int skip)
{
int status;
int c;
@@ -273,7 +273,8 @@
SHA_CTX td;
unsigned char hash[FN_HASH_BYTES];
- status = fseek(instream, 0, SEEK_SET); /* rewind */
+ printf("skipping %i bytes for keygen\n",skip);
+ status = fseek(instream, skip, SEEK_SET); /* rewind */
if (status == -1) {
return FNS_FSEEK_FAILED;
}
@@ -1439,7 +1440,7 @@
int freenet_generate_CHK_stream (freenet_transfer_state *state,
int endtoend, freenet_key *key,
int *num_parts, int *len,
- FILE *instream)
+ FILE *instream, int ekeyskiplen)
{
int status;
unsigned char header[FN_HEADER_SIZE];
@@ -1453,7 +1454,7 @@
}
state->endtoend = endtoend;
- status = generate_CHK_enckey_from_stream(key->enckey, instream);
+ status = generate_CHK_enckey_from_stream(key->enckey, instream, ekeyskiplen);
if (status != FNS_SUCCESS) {
return status;
}
@@ -1515,7 +1516,7 @@
int freenet_insert_CHK_stream (freenet_transfer_state *state, char *address,
char *port, int htl, int endtoend,
int metadata_len, freenet_key *key,
- FILE *instream)
+ FILE *instream, int fredbug)
{
unsigned char header[FN_HEADER_SIZE];
int len, content_len, total_len;
@@ -1525,13 +1526,19 @@
int num_parts;
status = freenet_generate_CHK_stream(state, endtoend, key, &num_parts,
- &len, instream);
+ &len, instream, fredbug ? metadata_len
: 0);
if (status != FNS_SUCCESS) {
return status;
}
content_len = len + FN_HEADER_SIZE;
total_len = content_len + (num_parts * FN_TRAILER_LEN) + 1;
+
+ if(!htl)
+ {
+ return FNS_SUCCESS;
+ /* all finished */
+ }
status = freenet_connect(&(state->connection), address, port);
if (status != FNS_SUCCESS) {
diff -u -r tmp/libfreenet-0.3.0/include/client.h
tmp2/libfreenet-0.3.0/include/client.h
--- tmp/libfreenet-0.3.0/include/client.h Wed Mar 28 12:29:36 2001
+++ tmp2/libfreenet-0.3.0/include/client.h Fri Apr 6 22:34:52 2001
@@ -162,7 +162,7 @@
int freenet_generate_CHK_stream (freenet_transfer_state *state,
int endtoend, freenet_key *key,
int *num_parts, int *len,
- FILE *instream);
+ FILE *instream, int enckeyskiplen);
int freenet_insert_CHK_buffer (freenet_transfer_state *state, char *address,
char *port, int htl, int endtoend,
@@ -172,7 +172,7 @@
int freenet_insert_CHK_stream (freenet_transfer_state *state, char *address,
char *port, int htl, int endtoend,
int metadata_len, freenet_key *key,
- FILE *instream);
+ FILE *instream, int fredbug);
int freenet_insert_SVK_buffer (freenet_transfer_state *state, char *address,
char *port, int htl, int endtoend,
diff -u -r tmp/libfreenet-0.3.0/testclient.c tmp2/libfreenet-0.3.0/testclient.c
--- tmp/libfreenet-0.3.0/testclient.c Tue Mar 27 12:00:45 2001
+++ tmp2/libfreenet-0.3.0/testclient.c Fri Apr 6 22:32:20 2001
@@ -60,11 +60,12 @@
freenet_key key;
int metadata_len = 0;
int show_metadata = 0;
+ int fredbug = 0;
int max_redirects = 5;
int redirect_count;
- while ((c = getopt(argc, argv, "brdif:a:p:m:h:")) != EOF) {
+ while ((c = getopt(argc, argv, "brdief:a:p:m:h:")) != EOF) {
switch (c) {
case 'r':
if (cmd == 0) {
@@ -102,6 +103,9 @@
break;
case '?':
errflg++;
+ break;
+ case 'e':
+ fredbug = 1;
}
}
@@ -142,7 +146,7 @@
fprintf(stderr,
"[-h <hopstolive>] [-f file] [-m metadata length]\n");
fprintf(stderr,
- "[-d] key\n");
+ "[-d] [-e] key\n");
exit (2);
}
@@ -279,7 +283,7 @@
if (key.type == FN_CHK_TYPE) {
status = freenet_insert_CHK_stream(&state, host, port, htl, FN_TWOFISH,
- metadata_len, &key, instream);
+ metadata_len, &key, instream,
fredbug);
} else {
status = freenet_insert_SVK_stream(&state, host, port, htl,
FN_TWOFISH, metadata_len, &key,
