keyquorum 0.1.1

Shamir secret sharing daemon for distributed key quorum
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143

use tokio::io::{AsyncBufRead, AsyncBufReadExt, AsyncRead, AsyncWrite, AsyncWriteExt, BufReader};
use tokio::sync::{mpsc, oneshot};
use tracing::{debug, warn};

use super::session::SessionCommand;
use keyquorum_core::protocol::{ClientMessage, DaemonMessage};

/// Maximum size of a single JSON message line (64 KB).
/// A base64-encoded share is ~350 bytes; this leaves ample room
/// while preventing memory exhaustion from oversized payloads.
const MAX_LINE_LENGTH: usize = 64 * 1024;

/// Handle a single client connection. Reads newline-delimited JSON,
/// dispatches to the session task, and writes responses.
pub async fn handle_connection<R, W>(
    reader: R,
    mut writer: W,
    session_tx: mpsc::Sender<SessionCommand>,
) where
    R: AsyncRead + Unpin,
    W: AsyncWrite + Unpin,
{
    let mut buf_reader = BufReader::new(reader);

    loop {
        let line = match read_limited_line(&mut buf_reader).await {
            Ok(Some(line)) => line,
            Ok(None) => break, // EOF
            Err(e) => {
                let _ = write_message(
                    &mut writer,
                    &DaemonMessage::Error {
                        message: format!("{}", e),
                    },
                )
                .await;
                break;
            }
        };

        if line.trim().is_empty() {
            continue;
        }

        let msg: ClientMessage = match serde_json::from_str(&line) {
            Ok(m) => m,
            Err(e) => {
                let err = DaemonMessage::Error {
                    message: format!("Invalid JSON: {}", e),
                };
                let _ = write_message(&mut writer, &err).await;
                continue;
            }
        };

        let (tx, rx) = oneshot::channel();
        let cmd = match msg {
            ClientMessage::SubmitShare { share } => {
                debug!(index = share.index, "received share submission");
                SessionCommand::SubmitShare {
                    share,
                    respond_to: tx,
                }
            }
            ClientMessage::Status => {
                debug!("received status query");
                SessionCommand::GetStatus { respond_to: tx }
            }
        };

        if session_tx.send(cmd).await.is_err() {
            warn!("session task has shut down");
            let _ = write_message(
                &mut writer,
                &DaemonMessage::Error {
                    message: "Internal error: session task unavailable".to_string(),
                },
            )
            .await;
            break;
        }

        match rx.await {
            Ok(response) => {
                let _ = write_message(&mut writer, &response).await;
            }
            Err(_) => {
                warn!("session task dropped response channel");
                break;
            }
        }
    }
}

/// Read a single newline-terminated line, rejecting lines that exceed MAX_LINE_LENGTH.
/// Returns Ok(None) on EOF, Ok(Some(line)) on success, Err on oversized or invalid data.
async fn read_limited_line<R: AsyncBufRead + Unpin>(
    reader: &mut R,
) -> std::io::Result<Option<String>> {
    let mut line = Vec::new();
    loop {
        let buf = reader.fill_buf().await?;
        if buf.is_empty() {
            if line.is_empty() {
                return Ok(None);
            }
            break;
        }
        let found_newline = if let Some(pos) = buf.iter().position(|&b| b == b'\n') {
            line.extend_from_slice(&buf[..pos]);
            reader.consume(pos + 1);
            true
        } else {
            line.extend_from_slice(buf);
            let len = buf.len();
            reader.consume(len);
            false
        };
        if line.len() > MAX_LINE_LENGTH {
            return Err(std::io::Error::new(
                std::io::ErrorKind::InvalidData,
                format!("Message exceeds maximum size of {} bytes", MAX_LINE_LENGTH),
            ));
        }
        if found_newline {
            break;
        }
    }
    String::from_utf8(line)
        .map(Some)
        .map_err(|_| std::io::Error::new(std::io::ErrorKind::InvalidData, "Invalid UTF-8"))
}

async fn write_message<W: AsyncWrite + Unpin>(
    writer: &mut W,
    msg: &DaemonMessage,
) -> std::io::Result<()> {
    let mut json = serde_json::to_string(msg).map_err(std::io::Error::other)?;
    json.push('\n');
    writer.write_all(json.as_bytes()).await?;
    writer.flush().await?;
    Ok(())
}