liz/veilid
liz/veilid
1
0
Fork 0
Code Pull Requests Packages Releases Activity

lints

Browse Source
This commit is contained in:
John Smith 2021-11-26 11:50:49 -05:00
parent 303a7aec29
commit 7718ca84a7
4 changed files with 54 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
veilid-core/src/dht/crypto.rs
View File

@ -75,7 +75,7 @@ pub struct Crypto {
impl Crypto { impl Crypto {
fn new_inner(table_store: TableStore) -> CryptoInner { fn new_inner(table_store: TableStore) -> CryptoInner {
CryptoInner { CryptoInner {
table_store: table_store, table_store,
node_id: Default::default(), node_id: Default::default(),
node_id_secret: Default::default(), node_id_secret: Default::default(),
dh_cache: DHCache::default(), dh_cache: DHCache::default(),
@ -85,7 +85,7 @@ impl Crypto {
pub fn new(config: VeilidConfig, table_store: TableStore) -> Self { pub fn new(config: VeilidConfig, table_store: TableStore) -> Self {
Self { Self {
config: config, config,
inner: Arc::new(Mutex::new(Self::new_inner(table_store))), inner: Arc::new(Mutex::new(Self::new_inner(table_store))),
} }
} }
@ -106,12 +106,9 @@ impl Crypto {
None => false, None => false,
}; };
if caches_valid { if caches_valid {
match db.load(0, b"dh_cache").await? { if let Some(b) = db.load(0, b"dh_cache").await? {
Some(b) => { bytes_to_cache(&b, &mut inner.dh_cache);
bytes_to_cache(&b, &mut inner.dh_cache); }
}
None => (),
};
} else { } else {
drop(db); drop(db);
inner.table_store.delete("crypto_caches").await?; inner.table_store.delete("crypto_caches").await?;
@ -157,11 +154,9 @@ impl Crypto {
match self.flush().await { match self.flush().await {
Ok(_) => { Ok(_) => {
trace!("finished termination flush"); trace!("finished termination flush");
()
} }
Err(e) => { Err(e) => {
error!("failed termination flush: {}", e); error!("failed termination flush: {}", e);
()
} }
}; };
} }
@ -190,13 +185,13 @@ impl Crypto {
return Ok(c.shared_secret); return Ok(c.shared_secret);
} }
let ss = Self::compute_dh(key, secret)?; let shared_secret = Self::compute_dh(key, secret)?;
self.inner.lock().dh_cache.insert(DHCacheEntry { self.inner.lock().dh_cache.insert(DHCacheEntry {
key: key.clone(), key: *key,
secret: secret.clone(), secret: *secret,
shared_secret: ss.clone(), shared_secret,
}); });
Ok(ss) Ok(shared_secret)
} }
/////////// ///////////
@ -242,8 +237,8 @@ impl Crypto {
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<(), ()> { ) -> Result<(), ()> {
let key = ch::Key::from(shared_secret.clone()); let key = ch::Key::from(*shared_secret);
let xnonce = ch::XNonce::from(nonce.clone()); let xnonce = ch::XNonce::from(*nonce);
let aead = ch::XChaCha20Poly1305::new(&key); let aead = ch::XChaCha20Poly1305::new(&key);
aead.decrypt_in_place(&xnonce, associated_data.unwrap_or(b""), body) aead.decrypt_in_place(&xnonce, associated_data.unwrap_or(b""), body)
.map_err(|e| trace!("decryption failure: {}", e)) .map_err(|e| trace!("decryption failure: {}", e))
@ -266,8 +261,8 @@ impl Crypto {
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<(), ()> { ) -> Result<(), ()> {
let key = ch::Key::from(shared_secret.clone()); let key = ch::Key::from(*shared_secret);
let xnonce = ch::XNonce::from(nonce.clone()); let xnonce = ch::XNonce::from(*nonce);
let aead = ch::XChaCha20Poly1305::new(&key); let aead = ch::XChaCha20Poly1305::new(&key);
aead.encrypt_in_place(&xnonce, associated_data.unwrap_or(b""), body) aead.encrypt_in_place(&xnonce, associated_data.unwrap_or(b""), body)

40
veilid-core/src/dht/envelope.rs
View File

@ -1,3 +1,4 @@
#![allow(clippy::absurd_extreme_comparisons)]
use super::crypto::*; use super::crypto::*;
use super::key::*; use super::key::*;
use crate::xx::*; use crate::xx::*;
@ -65,13 +66,13 @@ impl Envelope {
assert!(version >= MIN_VERSION); assert!(version >= MIN_VERSION);
assert!(version <= MAX_VERSION); assert!(version <= MAX_VERSION);
Self { Self {
version: version, version,
min_version: MIN_VERSION, min_version: MIN_VERSION,
max_version: MAX_VERSION, max_version: MAX_VERSION,
timestamp: timestamp, timestamp,
nonce: nonce, nonce,
sender_id: sender_id, sender_id,
recipient_id: recipient_id, recipient_id,
} }
} }
@ -139,29 +140,29 @@ impl Envelope {
// Get nonce and sender node id // Get nonce and sender node id
let nonce: EnvelopeNonce = data[0x12..0x2A].try_into().map_err(drop)?; let nonce: EnvelopeNonce = data[0x12..0x2A].try_into().map_err(drop)?;
let sender_id: [u8; 32] = data[0x2A..0x4A].try_into().map_err(drop)?; let sender_id_slice: [u8; 32] = data[0x2A..0x4A].try_into().map_err(drop)?;
let recipient_id: [u8; 32] = data[0x4A..0x6A].try_into().map_err(drop)?; let recipient_id_slice: [u8; 32] = data[0x4A..0x6A].try_into().map_err(drop)?;
let sender_id_dhtkey = DHTKey::new(sender_id); let sender_id = DHTKey::new(sender_id_slice);
let recipient_id_dhtkey = DHTKey::new(recipient_id); let recipient_id = DHTKey::new(recipient_id_slice);
// Ensure sender_id and recipient_id are not the same // Ensure sender_id and recipient_id are not the same
if sender_id_dhtkey == recipient_id_dhtkey { if sender_id == recipient_id {
trace!( trace!(
"sender_id should not be same as recipient_id: {}", "sender_id should not be same as recipient_id: {}",
recipient_id_dhtkey.encode() recipient_id.encode()
); );
return Err(()); return Err(());
} }
// Return envelope // Return envelope
Ok(Self { Ok(Self {
version: version, version,
min_version: min_version, min_version,
max_version: max_version, max_version,
timestamp: timestamp, timestamp,
nonce: nonce, nonce,
sender_id: sender_id_dhtkey, sender_id,
recipient_id: recipient_id_dhtkey, recipient_id,
}) })
} }
@ -205,8 +206,7 @@ impl Envelope {
if envelope_size > MAX_ENVELOPE_SIZE { if envelope_size > MAX_ENVELOPE_SIZE {
return Err(()); return Err(());
} }
let mut data: Vec<u8> = Vec::with_capacity(envelope_size); let mut data = vec![0u8; envelope_size];
data.resize(envelope_size, 0u8);
// Write magic // Write magic
data[0x00..0x04].copy_from_slice(ENVELOPE_MAGIC); data[0x00..0x04].copy_from_slice(ENVELOPE_MAGIC);

17
veilid-core/src/dht/key.rs
View File

@ -62,16 +62,13 @@ macro_rules! byte_array_type {
if s == "" { if s == "" {
return Ok($name::default()); return Ok($name::default());
} }
$name::try_decode(s.as_str()).map_err(|e| serde::de::Error::custom(e)) $name::try_decode(s.as_str()).map_err(serde::de::Error::custom)
} }
} }
impl $name { impl $name {
pub fn new(bytes: [u8; $size]) -> Self { pub fn new(bytes: [u8; $size]) -> Self {
Self { Self { bytes, valid: true }
bytes: bytes,
valid: true,
}
} }
pub fn try_from_vec(v: Vec<u8>) -> Result<Self, String> { pub fn try_from_vec(v: Vec<u8>) -> Result<Self, String> {
@ -377,7 +374,7 @@ pub fn sign(
.sign_prehashed(dig, None) .sign_prehashed(dig, None)
.map_err(|_| "Signature failed".to_owned())?; .map_err(|_| "Signature failed".to_owned())?;
let dht_sig = DHTSignature::new(sig.to_bytes().clone()); let dht_sig = DHTSignature::new(sig.to_bytes());
Ok(dht_sig) Ok(dht_sig)
} }
@ -410,13 +407,13 @@ pub fn validate_hash(data: &[u8], dht_key: &DHTKey) -> bool {
pub fn validate_key(dht_key: &DHTKey, dht_key_secret: &DHTKeySecret) -> bool { pub fn validate_key(dht_key: &DHTKey, dht_key_secret: &DHTKeySecret) -> bool {
let data = vec![0u8; 512]; let data = vec![0u8; 512];
let sig = match sign(&dht_key, &dht_key_secret, &data) { let sig = match sign(dht_key, dht_key_secret, &data) {
Ok(s) => s, Ok(s) => s,
Err(_) => { Err(_) => {
return false; return false;
} }
}; };
verify(&dht_key, &data, &sig).is_ok() verify(dht_key, &data, &sig).is_ok()
} }
pub fn distance(key1: &DHTKey, key2: &DHTKey) -> DHTKeyDistance { pub fn distance(key1: &DHTKey, key2: &DHTKey) -> DHTKeyDistance {
@ -424,8 +421,8 @@ pub fn distance(key1: &DHTKey, key2: &DHTKey) -> DHTKeyDistance {
assert!(key2.valid); assert!(key2.valid);
let mut bytes = [0u8; DHT_KEY_LENGTH]; let mut bytes = [0u8; DHT_KEY_LENGTH];
for n in 0..DHT_KEY_LENGTH { for (n, byte) in bytes.iter_mut().enumerate() {
bytes[n] = key1.bytes[n] ^ key2.bytes[n]; *byte = key1.bytes[n] ^ key2.bytes[n];
} }
DHTKeyDistance::new(bytes) DHTKeyDistance::new(bytes)

25
veilid-core/src/dht/receipt.rs
View File

@ -1,3 +1,4 @@
#![allow(clippy::absurd_extreme_comparisons)]
use super::envelope::{MAX_VERSION, MIN_VERSION}; use super::envelope::{MAX_VERSION, MIN_VERSION};
use super::key::*; use super::key::*;
use crate::xx::*; use crate::xx::*;
@ -50,9 +51,9 @@ impl Receipt {
return Err("extra data too large for receipt".to_owned()); return Err("extra data too large for receipt".to_owned());
} }
Ok(Self { Ok(Self {
version: version, version,
nonce: nonce, nonce,
sender_id: sender_id, sender_id,
extra_data: Vec::from(extra_data.as_ref()), extra_data: Vec::from(extra_data.as_ref()),
}) })
} }
@ -94,12 +95,13 @@ impl Receipt {
} }
// Get sender id // Get sender id
let sender_id_dhtkey = DHTKey::new(data[0x20..0x40].try_into().map_err(drop)?); let sender_id = DHTKey::new(data[0x20..0x40].try_into().map_err(drop)?);
// Get signature // Get signature
let signature = DHTSignature::new(data[(data.len() - 64)..].try_into().map_err(drop)?); let signature = DHTSignature::new(data[(data.len() - 64)..].try_into().map_err(drop)?);
// Validate signature // Validate signature
verify(&sender_id_dhtkey, &data[0..(data.len() - 64)], &signature).map_err(drop)?; verify(&sender_id, &data[0..(data.len() - 64)], &signature).map_err(drop)?;
// Get nonce // Get nonce
let nonce: ReceiptNonce = data[0x08..0x20].try_into().map_err(drop)?; let nonce: ReceiptNonce = data[0x08..0x20].try_into().map_err(drop)?;
@ -109,10 +111,10 @@ impl Receipt {
// Return receipt // Return receipt
Ok(Self { Ok(Self {
version: version, version,
nonce: nonce, nonce,
sender_id: sender_id_dhtkey, sender_id,
extra_data: extra_data, extra_data,
}) })
} }
@ -127,8 +129,7 @@ impl Receipt {
if receipt_size > MAX_RECEIPT_SIZE { if receipt_size > MAX_RECEIPT_SIZE {
return Err(()); return Err(());
} }
let mut data: Vec<u8> = Vec::with_capacity(receipt_size); let mut data: Vec<u8> = vec![0u8; receipt_size];
data.resize(receipt_size, 0u8);
// Write magic // Write magic
data[0x00..0x04].copy_from_slice(RECEIPT_MAGIC); data[0x00..0x04].copy_from_slice(RECEIPT_MAGIC);
@ -141,7 +142,7 @@ impl Receipt {
// Write sender node id // Write sender node id
data[0x20..0x40].copy_from_slice(&self.sender_id.bytes); data[0x20..0x40].copy_from_slice(&self.sender_id.bytes);
// Write extra data // Write extra data
if self.extra_data.len() > 0 { if !self.extra_data.is_empty() {
data[0x40..(receipt_size - 64)].copy_from_slice(self.extra_data.as_slice()); data[0x40..(receipt_size - 64)].copy_from_slice(self.extra_data.as_slice());
} }
// Sign the receipt // Sign the receipt