sn_routing 0.43.4

A secured storage DHT
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147

// Copyright 2021 MaidSafe.net limited.
//
// This SAFE Network Software is licensed to you under The General Public License (GPL), version 3.
// Unless required by applicable law or agreed to in writing, the SAFE Network Software distributed
// under the GPL Licence is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. Please review the Licences for the specific language governing
// permissions and limitations relating to use of the SAFE Network Software.

use crate::error::{Error, Result};
use std::collections::VecDeque;

/// All the key material needed to sign or combine signature for our section key.
#[derive(Debug)]
pub struct SectionKeyShare {
    /// Public key set to verify threshold signatures and combine shares.
    pub public_key_set: bls::PublicKeySet,
    /// Index of the owner of this key share within the set of all section elders.
    pub index: usize,
    /// Secret Key share.
    pub secret_key_share: bls::SecretKeyShare,
}

/// Struct that holds the current section keys and helps with new key generation.
#[derive(Debug)]
pub struct SectionKeysProvider {
    /// A cache for current and previous section BLS keys.
    cache: MiniKeyCache,
    /// The new keys to use when section update completes.
    pending: Option<SectionKeyShare>,
}

impl SectionKeysProvider {
    pub fn new(cache_size: u8, current: Option<SectionKeyShare>) -> Self {
        let mut provider = Self {
            pending: None,
            cache: MiniKeyCache::with_capacity(cache_size as usize),
        };
        if let Some(share) = current {
            let public_key = share.public_key_set.public_key();
            provider.insert_dkg_outcome(share);
            provider.finalise_dkg(&public_key);
        }
        provider
    }

    pub fn key_share(&self) -> Result<&SectionKeyShare> {
        self.cache.get_most_recent()
    }

    pub fn sign_with(
        &self,
        data: &[u8],
        public_key: &bls::PublicKey,
    ) -> Result<bls::SignatureShare> {
        self.cache.sign_with(data, public_key)
    }

    pub fn has_key_share(&self) -> bool {
        self.cache.has_key_share()
    }

    pub fn insert_dkg_outcome(&mut self, share: SectionKeyShare) {
        self.pending = Some(share);
    }

    pub fn finalise_dkg(&mut self, public_key: &bls::PublicKey) {
        if let Some(share) = &self.pending {
            if *public_key != share.public_key_set.public_key() {
                return;
            }
        }
        if let Some(share) = self.pending.take() {
            if let Some(evicted) = self.cache.add(public_key, share) {
                trace!("evicted old key from cache: {:?}", evicted);
            }
            trace!("finalised DKG: {:?}", public_key);
        }
    }
}

/// Implementation of super simple cache, for no more than a handfull of items.
#[derive(Debug)]
pub struct MiniKeyCache {
    list: VecDeque<(bls::PublicKey, SectionKeyShare)>,
}

impl MiniKeyCache {
    /// Constructor for capacity based `KeyCache`.
    pub fn with_capacity(capacity: usize) -> MiniKeyCache {
        MiniKeyCache {
            list: VecDeque::with_capacity(capacity),
        }
    }

    /// Returns true if a key share exists.
    pub fn has_key_share(&self) -> bool {
        !self.list.is_empty()
    }

    /// Returns the most recently added key.
    pub fn get_most_recent(&self) -> Result<&SectionKeyShare> {
        if let Some((_, share)) = self.list.back() {
            return Ok(share);
        }
        Err(Error::MissingSecretKeyShare)
    }

    /// Uses the secret key from cache, corresponding to
    /// the provided public key.
    pub fn sign_with(
        &self,
        data: &[u8],
        public_key: &bls::PublicKey,
    ) -> Result<bls::SignatureShare> {
        for (cached_public, section_key_share) in &self.list {
            if public_key == cached_public {
                return Ok(section_key_share.secret_key_share.sign(data));
            }
        }
        Err(Error::MissingSecretKeyShare)
    }

    /// Adds a new key to the cache, and removes + returns the oldest
    /// key if cache size is exceeded.
    pub fn add(
        &mut self,
        public_key: &bls::PublicKey,
        section_key_share: SectionKeyShare,
    ) -> Option<bls::PublicKey> {
        for (cached_public, _) in &self.list {
            if public_key == cached_public {
                return None;
            }
        }

        let mut evicted = None;
        if self.list.capacity() == self.list.len() {
            if let Some((cached_public, _)) = self.list.pop_front() {
                evicted = Some(cached_public);
            }
        }

        self.list.push_back((*public_key, section_key_share));

        evicted
    }
}