Move Conduit decryption into read()

julianknutsen · julianknutsen · commit 243ccd4d7681 · 2020-09-16T13:09:05.000-07:00
This gets rid of the complexity required to handle Iterators that
return errors and makes way for fewer copies in the decryption path.
diff --git a/lightning/src/ln/peers/conduit.rs b/lightning/src/ln/peers/conduit.rs
@@ -2,6 +2,7 @@
 
 use ln::peers::{chacha, hkdf5869rfc};
 use util::byte_utils;
+use std::collections::VecDeque;
 
 pub(super) type SymmetricKey = [u8; 32];
 
@@ -38,29 +39,14 @@ pub(super) struct Decryptor {
 
 	pending_message_length: Option<usize>,
 	read_buffer: Option<Vec<u8>>,
-	poisoned: bool, // signal an error has occurred so None is returned on iteration after failure
+	decrypted_payloads: VecDeque<Vec<u8>>,
 }
 
 impl Iterator for Decryptor {
-	type Item = Result<Option<Vec<u8>>, String>;
+	type Item = Vec<u8>;
 
 	fn next(&mut self) -> Option<Self::Item> {
-		if self.poisoned {
-			return None;
-		}
-
-		match self.decrypt_single_message(None) {
-			Ok(Some(result)) => {
-				Some(Ok(Some(result)))
-			},
-			Ok(None) => {
-				None
-			}
-			Err(e) => {
-				self.poisoned = true;
-				Some(Err(e))
-			}
-		}
+		self.decrypted_payloads.pop_front()
 	}
 }
 
@@ -79,7 +65,7 @@ impl Conduit {
 				receiving_nonce: 0,
 				read_buffer: None,
 				pending_message_length: None,
-				poisoned: false
+				decrypted_payloads: VecDeque::new(),
 			}
 		}
 	}
@@ -89,7 +75,7 @@ impl Conduit {
 		self.encryptor.encrypt(buffer)
 	}
 
-	pub(super) fn read(&mut self, data: &[u8]) {
+	pub(super) fn read(&mut self, data: &[u8]) -> Result<(), String>{
 		self.decryptor.read(data)
 	}
 
@@ -143,9 +129,25 @@ impl Encryptor {
 }
 
 impl Decryptor {
-	pub(super) fn read(&mut self, data: &[u8]) {
-		let read_buffer = self.read_buffer.get_or_insert(Vec::new());
-		read_buffer.extend_from_slice(data);
+	pub(super) fn read(&mut self, data: &[u8]) -> Result<(), String> {
+		let mut input_data = Some(data);
+
+		loop {
+			match self.decrypt_single_message(input_data) {
+				Ok(Some(result)) => {
+					self.decrypted_payloads.push_back(result);
+				},
+				Ok(None) => {
+					break;
+				}
+				Err(e) => {
+					return Err(e);
+				}
+			}
+			input_data = None;
+		}
+
+		Ok(())
 	}
 
 	/// Decrypt a single message. If data containing more than one message has been received,
@@ -332,7 +334,7 @@ mod tests {
 		let encrypted = remote_peer.encrypt(&[1]);
 
 		connected_peer.decryptor.receiving_key = [0; 32];
-		assert_eq!(connected_peer.decrypt_single_message(Some(&encrypted)), Err("invalid hmac".to_string()));
+		assert_eq!(connected_peer.read(&encrypted), Err("invalid hmac".to_string()));
 	}
 
 	// Test next()::None
@@ -348,86 +350,9 @@ mod tests {
 	fn decryptor_iterator_one_item_valid() {
 		let (mut connected_peer, mut remote_peer) = setup_peers();
 		let encrypted = remote_peer.encrypt(&[1]);
-		connected_peer.read(&encrypted);
-
-		assert_eq!(connected_peer.decryptor.next(), Some(Ok(Some(vec![1]))));
-		assert_eq!(connected_peer.decryptor.next(), None);
-	}
-
-	// Test next()::err -> next()::None
-	#[test]
-	fn decryptor_iterator_error() {
-		let (mut connected_peer, mut remote_peer) = setup_peers();
-		let encrypted = remote_peer.encrypt(&[1]);
-		connected_peer.read(&encrypted);
-
-		connected_peer.decryptor.receiving_key = [0; 32];
-		assert_eq!(connected_peer.decryptor.next(), Some(Err("invalid hmac".to_string())));
-		assert_eq!(connected_peer.decryptor.next(), None);
-	}
-
-	// Test next()::Some -> next()::err -> next()::None
-	#[test]
-	fn decryptor_iterator_error_after_success() {
-		let (mut connected_peer, mut remote_peer) = setup_peers();
-		let encrypted = remote_peer.encrypt(&[1]);
-		connected_peer.read(&encrypted);
-		let encrypted = remote_peer.encrypt(&[2]);
-		connected_peer.read(&encrypted);
-
-		assert_eq!(connected_peer.decryptor.next(), Some(Ok(Some(vec![1]))));
-		connected_peer.decryptor.receiving_key = [0; 32];
-		assert_eq!(connected_peer.decryptor.next(), Some(Err("invalid hmac".to_string())));
-		assert_eq!(connected_peer.decryptor.next(), None);
-	}
-
-	// Test that next()::Some -> next()::err -> next()::None
-	// Error should poison decryptor
-	#[test]
-	fn decryptor_iterator_next_after_error_returns_none() {
-		let (mut connected_peer, mut remote_peer) = setup_peers();
-		let encrypted = remote_peer.encrypt(&[1]);
-		connected_peer.read(&encrypted);
-		let encrypted = remote_peer.encrypt(&[2]);
-		connected_peer.read(&encrypted);
-		let encrypted = remote_peer.encrypt(&[3]);
-		connected_peer.read(&encrypted);
-
-		// Get one valid value
-		assert_eq!(connected_peer.decryptor.next(), Some(Ok(Some(vec![1]))));
-		let valid_receiving_key = connected_peer.decryptor.receiving_key;
-
-		// Corrupt the receiving key and ensure we get a failure
-		connected_peer.decryptor.receiving_key = [0; 32];
-		assert_eq!(connected_peer.decryptor.next(), Some(Err("invalid hmac".to_string())));
-
-		// Restore the receiving key, do a read and ensure None is returned (poisoned)
-		connected_peer.decryptor.receiving_key = valid_receiving_key;
-		assert_eq!(connected_peer.decryptor.next(), None);
-	}
-
-	// Test next()::Some -> next()::err -> read() -> next()::None
-	// Error should poison decryptor even after future reads
-	#[test]
-	fn decryptor_iterator_read_next_after_error_returns_none() {
-		let (mut connected_peer, mut remote_peer) = setup_peers();
-		let encrypted = remote_peer.encrypt(&[1]);
-		connected_peer.read(&encrypted);
-		let encrypted = remote_peer.encrypt(&[2]);
-		connected_peer.read(&encrypted);
-
-		// Get one valid value
-		assert_eq!(connected_peer.decryptor.next(), Some(Ok(Some(vec![1]))));
-		let valid_receiving_key = connected_peer.decryptor.receiving_key;
-
-		// Corrupt the receiving key and ensure we get a failure
-		connected_peer.decryptor.receiving_key = [0; 32];
-		assert_eq!(connected_peer.decryptor.next(), Some(Err("invalid hmac".to_string())));
+		connected_peer.read(&encrypted).unwrap();
 
-		// Restore the receiving key, do a read and ensure None is returned (poisoned)
-		let encrypted = remote_peer.encrypt(&[3]);
-		connected_peer.read(&encrypted);
-		connected_peer.decryptor.receiving_key = valid_receiving_key;
+		assert_eq!(connected_peer.decryptor.next(), Some(vec![1]));
 		assert_eq!(connected_peer.decryptor.next(), None);
 	}
 
diff --git a/lightning/src/ln/peers/handshake/states.rs b/lightning/src/ln/peers/handshake/states.rs
@@ -386,7 +386,7 @@ impl IHandshakeState for ResponderAwaitingActThreeState {
 
 		// Any remaining data in the read buffer would be encrypted, so transfer ownership
 		// to the Conduit for future use.
-		conduit.read(&input[bytes_read..]);
+		conduit.read(&input[bytes_read..])?;
 
 		Ok((
 			None,
@@ -769,7 +769,7 @@ mod test {
 		let test_ctx = TestCtx::new();
 		let (_act2, awaiting_act_three_state) = do_next_or_panic!(test_ctx.responder, &test_ctx.valid_act1);
 		let mut act3 = test_ctx.valid_act3;
-		act3.extend_from_slice(&[2; 100]);
+		act3.extend_from_slice(&[2; 16]);
 
 		let (conduit, remote_pubkey) = if let (None, Complete(Some((conduit, remote_pubkey)))) = awaiting_act_three_state.next(&act3).unwrap() {
 			(conduit, remote_pubkey)
@@ -778,7 +778,7 @@ mod test {
 		};
 
 		assert_eq!(remote_pubkey, test_ctx.initiator_public_key);
-		assert_eq!(100, conduit.decryptor.read_buffer_length());
+		assert_eq!(16, conduit.decryptor.read_buffer_length());
 	}
 
 	// Responder::AwaitingActThree -> Error (bad version bytes)
diff --git a/lightning/src/ln/peers/transport.rs b/lightning/src/ln/peers/transport.rs
@@ -91,7 +91,7 @@ impl<PeerHandshakeImpl: IPeerHandshake> ITransport for Transport<PeerHandshakeIm
 				}
 			}
 			Some(ref mut conduit) => {
-				conduit.read(input);
+				conduit.read(input)?;
 				Ok(false) // newly connected
 			}
 		}
@@ -105,53 +105,33 @@ impl<PeerHandshakeImpl: IPeerHandshake> ITransport for Transport<PeerHandshakeIm
 		match self.conduit {
 			None => {}
 			Some(ref mut conduit) => {
-				// Using Iterators that can error requires special handling
-				// The item returned from next() has type Option<Result<Option<Vec>, String>>
-				// The Some wrapper is stripped for each item inside the loop
-				// There are 3 valid match cases:
-				// 1) Some(Ok(Some(msg_data))) => Indicates a valid decrypted msg accessed via msg_data
-				// 2) Some(Err(_)) => Indicates an error during decryption that should be handled
-				// 3) None -> Indicates there were no messages available to decrypt
-				// Invalid Cases
-				// 1) Some(Ok(None)) => Translated to None case above so users of iterators can stop correctly
-				for msg_data_result in &mut conduit.decryptor {
-					match msg_data_result {
-						Ok(Some(msg_data)) => {
-							let mut reader = ::std::io::Cursor::new(&msg_data[..]);
-							let message_result = wire::read(&mut reader);
-							let message = match message_result {
-								Ok(x) => x,
-								Err(e) => {
-									match e {
-										msgs::DecodeError::UnknownVersion => return Err(PeerHandleError { no_connection_possible: false }),
-										msgs::DecodeError::UnknownRequiredFeature => {
-											log_debug!(logger, "Got a channel/node announcement with an known required feature flag, you may want to update!");
-											continue;
-										}
-										msgs::DecodeError::InvalidValue => {
-											log_debug!(logger, "Got an invalid value while deserializing message");
-											return Err(PeerHandleError { no_connection_possible: false });
-										}
-										msgs::DecodeError::ShortRead => {
-											log_debug!(logger, "Deserialization failed due to shortness of message");
-											return Err(PeerHandleError { no_connection_possible: false });
-										}
-										msgs::DecodeError::BadLengthDescriptor => return Err(PeerHandleError { no_connection_possible: false }),
-										msgs::DecodeError::Io(_) => return Err(PeerHandleError { no_connection_possible: false }),
-									}
-								}
-							};
-
-							received_messages.push(message);
-						},
+				for msg_data in &mut conduit.decryptor {
+					let mut reader = ::std::io::Cursor::new(&msg_data[..]);
+					let message_result = wire::read(&mut reader);
+					let message = match message_result {
+						Ok(x) => x,
 						Err(e) => {
-							log_trace!(logger, "Message decryption failed due to: {}", e);
-							return Err(PeerHandleError { no_connection_possible: false });
-						}
-						Ok(None) => {
-							panic!("Invalid behavior. Conduit iterator should never return this match.")
+							match e {
+								msgs::DecodeError::UnknownVersion => return Err(PeerHandleError { no_connection_possible: false }),
+								msgs::DecodeError::UnknownRequiredFeature => {
+									log_debug!(logger, "Got a channel/node announcement with an known required feature flag, you may want to update!");
+									continue;
+								}
+								msgs::DecodeError::InvalidValue => {
+									log_debug!(logger, "Got an invalid value while deserializing message");
+									return Err(PeerHandleError { no_connection_possible: false });
+								}
+								msgs::DecodeError::ShortRead => {
+									log_debug!(logger, "Deserialization failed due to shortness of message");
+									return Err(PeerHandleError { no_connection_possible: false });
+								}
+								msgs::DecodeError::BadLengthDescriptor => return Err(PeerHandleError { no_connection_possible: false }),
+								msgs::DecodeError::Io(_) => return Err(PeerHandleError { no_connection_possible: false }),
+							}
 						}
-					}
+					};
+
+					received_messages.push(message);
 				}
 			}
 		}
