-
Notifications
You must be signed in to change notification settings - Fork 140
Expand file tree
/
Copy pathreplaylog.go
More file actions
236 lines (192 loc) · 6.92 KB
/
Copy pathreplaylog.go
File metadata and controls
236 lines (192 loc) · 6.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
package sphinx
import (
"crypto/sha256"
"errors"
)
const (
// HashPrefixSize is the size in bytes of the keys we will be storing
// in the ReplayLog. It represents the first 20 bytes of a truncated
// sha-256 hash of a secret generated by ECDH.
HashPrefixSize = 20
)
// HashPrefix is a statically size, 20-byte array containing the prefix
// of a Hash256, and is used to detect duplicate sphinx packets.
type HashPrefix [HashPrefixSize]byte
// errReplayLogAlreadyStarted is an error returned when Start() is called on a
// ReplayLog after it is started and before it is stopped.
var errReplayLogAlreadyStarted error = errors.New(
"Replay log has already been started")
// errReplayLogNotStarted is an error returned when methods other than Start()
// are called on a ReplayLog before it is started or after it is stopped.
var errReplayLogNotStarted error = errors.New(
"Replay log has not been started")
// hashSharedSecret Sha-256 hashes the shared secret and returns the first
// HashPrefixSize bytes of the hash.
func hashSharedSecret(sharedSecret *Hash256) *HashPrefix {
// Sha256 hash of sharedSecret
h := sha256.New()
h.Write(sharedSecret[:])
var sharedHash HashPrefix
// Copy bytes to sharedHash
copy(sharedHash[:], h.Sum(nil))
return &sharedHash
}
// ReplayLog is an interface that defines a log of incoming sphinx packets,
// enabling strong replay protection. The interface is general to allow
// implementations near-complete autonomy. All methods must be safe for
// concurrent access.
type ReplayLog interface {
// Start starts up the log. It returns an error if one occurs.
Start() error
// Stop safely stops the log. It returns an error if one occurs.
Stop() error
// Get retrieves an entry from the log given its hash prefix. It returns the
// value stored and an error if one occurs. It returns ErrLogEntryNotFound
// if the entry is not in the log.
Get(*HashPrefix) (uint32, error)
// Put stores an entry into the log given its hash prefix and an
// accompanying purposefully general type. It returns ErrReplayedPacket if
// the provided hash prefix already exists in the log.
Put(*HashPrefix, uint32) error
// Delete deletes an entry from the log given its hash prefix.
Delete(*HashPrefix) error
// PutBatch stores a batch of sphinx packets into the log given their hash
// prefixes and accompanying values. Returns the set of entries in the batch
// that are replays and an error if one occurs.
PutBatch(*Batch) (*ReplaySet, error)
}
// MemoryReplayLog is a simple ReplayLog implementation that stores all added
// sphinx packets and processed batches in memory with no persistence.
//
// This is designed for use just in testing.
type MemoryReplayLog struct {
batches map[string]*ReplaySet
entries map[HashPrefix]uint32
}
// NewMemoryReplayLog constructs a new MemoryReplayLog.
func NewMemoryReplayLog() *MemoryReplayLog {
return &MemoryReplayLog{}
}
// Start initializes the log and must be called before any other methods.
func (rl *MemoryReplayLog) Start() error {
rl.batches = make(map[string]*ReplaySet)
rl.entries = make(map[HashPrefix]uint32)
return nil
}
// Stop wipes the state of the log.
func (rl *MemoryReplayLog) Stop() error {
if rl.entries == nil || rl.batches == nil {
return errReplayLogNotStarted
}
rl.batches = nil
rl.entries = nil
return nil
}
// Get retrieves an entry from the log given its hash prefix. It returns the
// value stored and an error if one occurs. It returns ErrLogEntryNotFound
// if the entry is not in the log.
func (rl *MemoryReplayLog) Get(hash *HashPrefix) (uint32, error) {
if rl.entries == nil || rl.batches == nil {
return 0, errReplayLogNotStarted
}
cltv, exists := rl.entries[*hash]
if !exists {
return 0, ErrLogEntryNotFound
}
return cltv, nil
}
// Put stores an entry into the log given its hash prefix and an accompanying
// purposefully general type. It returns ErrReplayedPacket if the provided hash
// prefix already exists in the log.
func (rl *MemoryReplayLog) Put(hash *HashPrefix, cltv uint32) error {
if rl.entries == nil || rl.batches == nil {
return errReplayLogNotStarted
}
_, exists := rl.entries[*hash]
if exists {
return ErrReplayedPacket
}
rl.entries[*hash] = cltv
return nil
}
// Delete deletes an entry from the log given its hash prefix.
func (rl *MemoryReplayLog) Delete(hash *HashPrefix) error {
if rl.entries == nil || rl.batches == nil {
return errReplayLogNotStarted
}
delete(rl.entries, *hash)
return nil
}
// PutBatch stores a batch of sphinx packets into the log given their hash
// prefixes and accompanying values. Returns the set of entries in the batch
// that are replays and an error if one occurs.
func (rl *MemoryReplayLog) PutBatch(batch *Batch) (*ReplaySet, error) {
if rl.entries == nil || rl.batches == nil {
return nil, errReplayLogNotStarted
}
// Return the result when the batch was first processed to provide
// idempotence.
replays, exists := rl.batches[string(batch.ID)]
if !exists {
replays = NewReplaySet()
err := batch.ForEach(func(seqNum uint16, hashPrefix *HashPrefix, cltv uint32) error {
err := rl.Put(hashPrefix, cltv)
if err == ErrReplayedPacket {
replays.Add(seqNum)
return nil
}
// An error would be bad because we have already updated the entries
// map, but no errors other than ErrReplayedPacket should occur.
return err
})
if err != nil {
return nil, err
}
replays.Merge(batch.ReplaySet)
rl.batches[string(batch.ID)] = replays
}
batch.ReplaySet = replays
batch.IsCommitted = true
return replays, nil
}
// A compile time asserting *MemoryReplayLog implements the ReplayLog interface.
var _ ReplayLog = (*MemoryReplayLog)(nil)
// NoOpReplayLog is a ReplayLog implementation that performs no replay
// protection. This can be used when replay protection is handled externally
// or is not needed (e.g., for onion messaging where replay protection is
// not required).
type NoOpReplayLog struct{}
// NewNoOpReplayLog constructs a new NoOpReplayLog, which is an implementation
// of ReplayLog that performs no replay protection.
func NewNoOpReplayLog() *NoOpReplayLog {
return &NoOpReplayLog{}
}
// Start is a no-op.
func (NoOpReplayLog) Start() error {
return nil
}
// Stop is a no-op.
func (NoOpReplayLog) Stop() error {
return nil
}
// Get always returns ErrLogEntryNotFound since no entries are ever stored.
func (NoOpReplayLog) Get(*HashPrefix) (uint32, error) {
return 0, ErrLogEntryNotFound
}
// Put is a no-op and always returns nil, allowing all packets through.
func (NoOpReplayLog) Put(*HashPrefix, uint32) error {
return nil
}
// Delete is a no-op.
func (NoOpReplayLog) Delete(*HashPrefix) error {
return nil
}
// PutBatch marks the batch as committed and returns an empty replay set,
// indicating no replays were detected.
func (NoOpReplayLog) PutBatch(batch *Batch) (*ReplaySet, error) {
batch.IsCommitted = true
return NewReplaySet(), nil
}
// A compile time assertion that *NoOpReplayLog implements the ReplayLog
// interface.
var _ ReplayLog = (*NoOpReplayLog)(nil)