From 18240ea5ef88812dcf362366cacc9c3db7137a22 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Wed, 22 Mar 2023 18:51:01 +0100 Subject: [PATCH 01/24] Update aclrecordproto --- .../object/acl/aclrecordproto/aclrecord.pb.go | 617 +++++------------- .../acl/aclrecordproto/protos/aclrecord.proto | 33 +- .../treechangeproto/protos/treechange.proto | 4 +- .../tree/treechangeproto/treechange.pb.go | 133 ++-- 4 files changed, 255 insertions(+), 532 deletions(-) diff --git a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go index 3a25533b..c77e7818 100644 --- a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go +++ b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go @@ -171,11 +171,11 @@ func (m *RawAclRecordWithId) GetId() string { } type AclRecord struct { - PrevId string `protobuf:"bytes,1,opt,name=prevId,proto3" json:"prevId,omitempty"` - Identity []byte `protobuf:"bytes,2,opt,name=identity,proto3" json:"identity,omitempty"` - Data []byte `protobuf:"bytes,3,opt,name=data,proto3" json:"data,omitempty"` - CurrentReadKeyHash uint64 `protobuf:"varint,4,opt,name=currentReadKeyHash,proto3" json:"currentReadKeyHash,omitempty"` - Timestamp int64 `protobuf:"varint,5,opt,name=timestamp,proto3" json:"timestamp,omitempty"` + PrevId string `protobuf:"bytes,1,opt,name=prevId,proto3" json:"prevId,omitempty"` + Identity []byte `protobuf:"bytes,2,opt,name=identity,proto3" json:"identity,omitempty"` + Data []byte `protobuf:"bytes,3,opt,name=data,proto3" json:"data,omitempty"` + ReadKeyId string `protobuf:"bytes,4,opt,name=readKeyId,proto3" json:"readKeyId,omitempty"` + Timestamp int64 `protobuf:"varint,5,opt,name=timestamp,proto3" json:"timestamp,omitempty"` } func (m *AclRecord) Reset() { *m = AclRecord{} } @@ -232,11 +232,11 @@ func (m *AclRecord) GetData() []byte { return nil } -func (m *AclRecord) GetCurrentReadKeyHash() uint64 { +func (m *AclRecord) GetReadKeyId() string { if m != nil { - return m.CurrentReadKeyHash + return m.ReadKeyId } - return 0 + return "" } func (m *AclRecord) GetTimestamp() int64 { @@ -248,12 +248,11 @@ func (m *AclRecord) GetTimestamp() int64 { type AclRoot struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptionKey []byte `protobuf:"bytes,2,opt,name=encryptionKey,proto3" json:"encryptionKey,omitempty"` - SpaceId string `protobuf:"bytes,3,opt,name=spaceId,proto3" json:"spaceId,omitempty"` - EncryptedReadKey []byte `protobuf:"bytes,4,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` - DerivationScheme string `protobuf:"bytes,5,opt,name=derivationScheme,proto3" json:"derivationScheme,omitempty"` - CurrentReadKeyHash uint64 `protobuf:"varint,6,opt,name=currentReadKeyHash,proto3" json:"currentReadKeyHash,omitempty"` - Timestamp int64 `protobuf:"varint,7,opt,name=timestamp,proto3" json:"timestamp,omitempty"` + SpaceId string `protobuf:"bytes,2,opt,name=spaceId,proto3" json:"spaceId,omitempty"` + EncryptedReadKey []byte `protobuf:"bytes,3,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` + DerivationScheme string `protobuf:"bytes,4,opt,name=derivationScheme,proto3" json:"derivationScheme,omitempty"` + CurrentReadKeyHash uint64 `protobuf:"varint,5,opt,name=currentReadKeyHash,proto3" json:"currentReadKeyHash,omitempty"` + Timestamp int64 `protobuf:"varint,6,opt,name=timestamp,proto3" json:"timestamp,omitempty"` } func (m *AclRoot) Reset() { *m = AclRoot{} } @@ -296,13 +295,6 @@ func (m *AclRoot) GetIdentity() []byte { return nil } -func (m *AclRoot) GetEncryptionKey() []byte { - if m != nil { - return m.EncryptionKey - } - return nil -} - func (m *AclRoot) GetSpaceId() string { if m != nil { return m.SpaceId @@ -508,9 +500,9 @@ func (m *AclData) GetAclContent() []*AclContentValue { } type AclState struct { - ReadKeyHashes []uint64 `protobuf:"varint,1,rep,packed,name=readKeyHashes,proto3" json:"readKeyHashes,omitempty"` - UserStates []*AclUserState `protobuf:"bytes,2,rep,name=userStates,proto3" json:"userStates,omitempty"` - Invites map[string]*AclUserInvite `protobuf:"bytes,3,rep,name=invites,proto3" json:"invites,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + ReadKeyIds []string `protobuf:"bytes,1,rep,name=readKeyIds,proto3" json:"readKeyIds,omitempty"` + UserStates []*AclUserState `protobuf:"bytes,2,rep,name=userStates,proto3" json:"userStates,omitempty"` + Invites map[string]*AclUserInvite `protobuf:"bytes,3,rep,name=invites,proto3" json:"invites,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` } func (m *AclState) Reset() { *m = AclState{} } @@ -546,9 +538,9 @@ func (m *AclState) XXX_DiscardUnknown() { var xxx_messageInfo_AclState proto.InternalMessageInfo -func (m *AclState) GetReadKeyHashes() []uint64 { +func (m *AclState) GetReadKeyIds() []string { if m != nil { - return m.ReadKeyHashes + return m.ReadKeyIds } return nil } @@ -568,9 +560,8 @@ func (m *AclState) GetInvites() map[string]*AclUserInvite { } type AclUserState struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptionKey []byte `protobuf:"bytes,2,opt,name=encryptionKey,proto3" json:"encryptionKey,omitempty"` - Permissions AclUserPermissions `protobuf:"varint,3,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` + Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + Permissions AclUserPermissions `protobuf:"varint,2,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` } func (m *AclUserState) Reset() { *m = AclUserState{} } @@ -613,13 +604,6 @@ func (m *AclUserState) GetIdentity() []byte { return nil } -func (m *AclUserState) GetEncryptionKey() []byte { - if m != nil { - return m.EncryptionKey - } - return nil -} - func (m *AclUserState) GetPermissions() AclUserPermissions { if m != nil { return m.Permissions @@ -629,9 +613,8 @@ func (m *AclUserState) GetPermissions() AclUserPermissions { type AclUserAdd struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptionKey []byte `protobuf:"bytes,2,opt,name=encryptionKey,proto3" json:"encryptionKey,omitempty"` - EncryptedReadKeys [][]byte `protobuf:"bytes,3,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` - Permissions AclUserPermissions `protobuf:"varint,4,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` + EncryptedReadKeys [][]byte `protobuf:"bytes,2,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` + Permissions AclUserPermissions `protobuf:"varint,3,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` } func (m *AclUserAdd) Reset() { *m = AclUserAdd{} } @@ -674,13 +657,6 @@ func (m *AclUserAdd) GetIdentity() []byte { return nil } -func (m *AclUserAdd) GetEncryptionKey() []byte { - if m != nil { - return m.EncryptionKey - } - return nil -} - func (m *AclUserAdd) GetEncryptedReadKeys() [][]byte { if m != nil { return m.EncryptedReadKeys @@ -697,9 +673,8 @@ func (m *AclUserAdd) GetPermissions() AclUserPermissions { type AclUserInvite struct { AcceptPublicKey []byte `protobuf:"bytes,1,opt,name=acceptPublicKey,proto3" json:"acceptPublicKey,omitempty"` - EncryptSymKeyHash uint64 `protobuf:"varint,2,opt,name=encryptSymKeyHash,proto3" json:"encryptSymKeyHash,omitempty"` - EncryptedReadKeys [][]byte `protobuf:"bytes,3,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` - Permissions AclUserPermissions `protobuf:"varint,4,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` + EncryptedReadKeys [][]byte `protobuf:"bytes,2,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` + Permissions AclUserPermissions `protobuf:"varint,3,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` } func (m *AclUserInvite) Reset() { *m = AclUserInvite{} } @@ -742,13 +717,6 @@ func (m *AclUserInvite) GetAcceptPublicKey() []byte { return nil } -func (m *AclUserInvite) GetEncryptSymKeyHash() uint64 { - if m != nil { - return m.EncryptSymKeyHash - } - return 0 -} - func (m *AclUserInvite) GetEncryptedReadKeys() [][]byte { if m != nil { return m.EncryptedReadKeys @@ -893,8 +861,7 @@ func (m *AclUserRemove) GetReadKeyReplaces() []*AclReadKeyReplace { type AclReadKeyReplace struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptionKey []byte `protobuf:"bytes,2,opt,name=encryptionKey,proto3" json:"encryptionKey,omitempty"` - EncryptedReadKey []byte `protobuf:"bytes,3,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` + EncryptedReadKey []byte `protobuf:"bytes,2,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` } func (m *AclReadKeyReplace) Reset() { *m = AclReadKeyReplace{} } @@ -937,13 +904,6 @@ func (m *AclReadKeyReplace) GetIdentity() []byte { return nil } -func (m *AclReadKeyReplace) GetEncryptionKey() []byte { - if m != nil { - return m.EncryptionKey - } - return nil -} - func (m *AclReadKeyReplace) GetEncryptedReadKey() []byte { if m != nil { return m.EncryptedReadKey @@ -1004,7 +964,7 @@ func (m *AclUserPermissionChange) GetPermissions() AclUserPermissions { } type AclSyncMessage struct { - Content *AclSyncContentValue `protobuf:"bytes,2,opt,name=content,proto3" json:"content,omitempty"` + Content *AclSyncContentValue `protobuf:"bytes,1,opt,name=content,proto3" json:"content,omitempty"` } func (m *AclSyncMessage) Reset() { *m = AclSyncMessage{} } @@ -1192,68 +1152,66 @@ func init() { } var fileDescriptor_c8e9f754f34e929b = []byte{ - // 962 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0xcf, 0x6f, 0x1b, 0xc5, - 0x17, 0xf7, 0xac, 0x9d, 0x38, 0x7e, 0x76, 0x13, 0x67, 0xbe, 0x5f, 0x5a, 0x2b, 0x2a, 0x56, 0xb4, - 0x02, 0x29, 0xaa, 0x2a, 0x47, 0x18, 0xa4, 0x54, 0x11, 0xa2, 0x72, 0x4b, 0x91, 0xdd, 0x08, 0xa9, - 0x9a, 0x00, 0x45, 0xbd, 0x4d, 0x66, 0x47, 0xc9, 0xc2, 0xfe, 0xd2, 0xcc, 0xd8, 0x68, 0x8f, 0x9c, - 0xb9, 0xc0, 0x7f, 0x00, 0x7f, 0x08, 0x77, 0x24, 0x2e, 0xbd, 0x80, 0x38, 0xa2, 0xe4, 0xcf, 0xe0, - 0x82, 0x66, 0xf6, 0xf7, 0xae, 0x13, 0xb5, 0x52, 0xc4, 0x21, 0xc9, 0xcc, 0x7b, 0x9f, 0x37, 0xf9, - 0xbc, 0xcf, 0x7b, 0xf3, 0x66, 0xe1, 0x63, 0x16, 0xfa, 0x7e, 0x18, 0xc8, 0x88, 0x32, 0x7e, 0x18, - 0x9e, 0x7d, 0xc3, 0x99, 0x3a, 0xa4, 0xcc, 0xd3, 0x3f, 0x82, 0xb3, 0x50, 0x38, 0x91, 0x08, 0x55, - 0x78, 0x68, 0x7e, 0xcb, 0xc2, 0x3a, 0x31, 0x06, 0xdc, 0xcb, 0x0d, 0xf6, 0xcf, 0x08, 0x06, 0x84, - 0x7e, 0x37, 0x63, 0x1e, 0x31, 0x06, 0x3c, 0x82, 0x6e, 0x44, 0x63, 0x2f, 0xa4, 0xce, 0x08, 0xed, - 0xa3, 0x83, 0x01, 0xc9, 0xb6, 0xf8, 0x3e, 0xf4, 0xa4, 0x7b, 0x1e, 0x50, 0xb5, 0x14, 0x7c, 0x64, - 0x19, 0x5f, 0x61, 0xc0, 0x0f, 0x60, 0x48, 0x19, 0xe3, 0x91, 0x0a, 0xc5, 0xc2, 0xe1, 0x81, 0x72, - 0x55, 0x3c, 0x6a, 0x1b, 0x50, 0xc3, 0x8e, 0x1f, 0xc2, 0x6e, 0x66, 0x3b, 0xcd, 0x4f, 0xec, 0x18, - 0x70, 0xd3, 0x61, 0x7f, 0x02, 0xb8, 0xcc, 0xf0, 0xa5, 0xab, 0x2e, 0x16, 0x37, 0xf1, 0xdc, 0x06, - 0xcb, 0x75, 0x0c, 0xc1, 0x1e, 0xb1, 0x5c, 0xc7, 0xfe, 0x05, 0x41, 0xaf, 0xc8, 0xef, 0x2e, 0x6c, - 0x46, 0x82, 0xaf, 0x16, 0x49, 0x58, 0x8f, 0xa4, 0x3b, 0xbc, 0x07, 0x5b, 0x6e, 0xc6, 0x3b, 0x49, - 0x2e, 0xdf, 0x63, 0x0c, 0x1d, 0x87, 0x2a, 0x9a, 0xe6, 0x63, 0xd6, 0x78, 0x02, 0x98, 0x2d, 0x85, - 0xe0, 0x81, 0x22, 0x9c, 0x3a, 0x27, 0x3c, 0x9e, 0x53, 0x79, 0x61, 0x92, 0xe8, 0x90, 0x35, 0x1e, - 0xad, 0x9e, 0x72, 0x7d, 0x2e, 0x15, 0xf5, 0xa3, 0xd1, 0xc6, 0x3e, 0x3a, 0x68, 0x93, 0xc2, 0x60, - 0xff, 0x60, 0x41, 0x57, 0x73, 0x0c, 0x43, 0x55, 0x61, 0x82, 0x6a, 0x4c, 0xde, 0x83, 0x3b, 0x3c, - 0x60, 0x22, 0x8e, 0x94, 0x1b, 0x06, 0x27, 0x3c, 0xa3, 0x5a, 0x35, 0x6a, 0x6d, 0x4c, 0x67, 0x2c, - 0x1c, 0x43, 0xb9, 0x47, 0xb2, 0xad, 0xae, 0x52, 0x0a, 0xe5, 0x4e, 0xca, 0x2e, 0x15, 0xbe, 0x61, - 0xd7, 0x58, 0x87, 0x0b, 0x77, 0x45, 0xf5, 0xb1, 0xa7, 0xec, 0x82, 0xfb, 0xdc, 0x10, 0xef, 0x91, - 0x86, 0xfd, 0x1a, 0x35, 0x36, 0xdf, 0x4c, 0x8d, 0x6e, 0x5d, 0x8d, 0x3f, 0x2c, 0xd8, 0x99, 0x31, - 0xef, 0x69, 0x18, 0x28, 0x1e, 0xa8, 0xaf, 0xa8, 0xb7, 0xe4, 0xf8, 0x03, 0xe8, 0x2e, 0x25, 0x17, - 0x33, 0x27, 0x29, 0x5c, 0x7f, 0xfa, 0xce, 0xa4, 0x68, 0xeb, 0x19, 0xf3, 0xbe, 0x4c, 0x9c, 0xf3, - 0x16, 0xc9, 0x70, 0xf8, 0x18, 0x40, 0x2f, 0x09, 0xf7, 0xc3, 0x55, 0xd2, 0xb1, 0xfd, 0xe9, 0xa8, - 0x19, 0x95, 0xf8, 0xe7, 0x2d, 0x52, 0x42, 0xe3, 0xaf, 0xe1, 0xff, 0x7a, 0xf7, 0x82, 0x0b, 0xdf, - 0x95, 0xd2, 0x0d, 0x83, 0xa7, 0x17, 0x34, 0x38, 0xe7, 0x46, 0xcf, 0xfe, 0xd4, 0x6e, 0x9e, 0x52, - 0x47, 0xce, 0x5b, 0x64, 0xed, 0x09, 0x19, 0xab, 0x45, 0xb0, 0x72, 0x55, 0xd2, 0xf5, 0x6b, 0x59, - 0x25, 0xfe, 0x8c, 0x55, 0xb2, 0xc3, 0x1f, 0xc1, 0x96, 0xde, 0x3d, 0x0f, 0xdd, 0xc0, 0x94, 0xa2, - 0x3f, 0xbd, 0xdb, 0x8c, 0xd4, 0xde, 0x79, 0x8b, 0xe4, 0xc8, 0x27, 0x5d, 0xd8, 0x58, 0x69, 0x0d, - 0xed, 0x67, 0xa6, 0xc9, 0x3e, 0xd5, 0xed, 0x7b, 0x0c, 0x40, 0x73, 0x85, 0x47, 0x68, 0xbf, 0x7d, - 0xd0, 0x9f, 0xee, 0x55, 0xcf, 0x2a, 0xcb, 0x4f, 0x4a, 0x68, 0xfb, 0x1f, 0x04, 0x5b, 0x33, 0xe6, - 0x9d, 0x2a, 0xaa, 0xb8, 0xee, 0x48, 0x51, 0x14, 0x96, 0x4b, 0x73, 0x56, 0x87, 0x54, 0x8d, 0xf8, - 0x28, 0x49, 0xda, 0x84, 0xc8, 0x91, 0x65, 0xfe, 0xdd, 0xbd, 0x26, 0x75, 0xe3, 0x27, 0x25, 0x28, - 0x3e, 0x86, 0xae, 0x6b, 0x72, 0x97, 0xa3, 0xb6, 0x89, 0xda, 0xaf, 0x46, 0x19, 0xd8, 0x24, 0x91, - 0x47, 0x3e, 0x0b, 0x94, 0x88, 0x49, 0x16, 0xb0, 0xf7, 0x05, 0x0c, 0xca, 0x0e, 0x3c, 0x84, 0xf6, - 0xb7, 0x3c, 0x4e, 0xef, 0xbd, 0x5e, 0xe2, 0x49, 0xaa, 0xcc, 0xf5, 0xcd, 0x91, 0x1c, 0x40, 0x12, - 0xd8, 0xb1, 0xf5, 0x08, 0xd9, 0x3f, 0x21, 0x18, 0x94, 0xe9, 0xde, 0xc2, 0x7d, 0x7d, 0x0c, 0xfd, - 0x28, 0x6f, 0x13, 0x69, 0x7a, 0x6c, 0x7b, 0xfa, 0xee, 0x4d, 0x3d, 0x26, 0x49, 0x39, 0xc2, 0xfe, - 0x15, 0x01, 0x14, 0x77, 0xe0, 0x16, 0x18, 0x3d, 0x84, 0xdd, 0xfa, 0x3c, 0x48, 0x0a, 0x30, 0x20, - 0x4d, 0x47, 0x9d, 0x7f, 0xe7, 0xad, 0xf9, 0xff, 0x89, 0xe0, 0x4e, 0x45, 0x70, 0x7c, 0x00, 0x3b, - 0xc9, 0x4b, 0xf0, 0x62, 0x79, 0xe6, 0xb9, 0xec, 0x84, 0x67, 0x99, 0xd4, 0xcd, 0x25, 0xaa, 0xa7, - 0xb1, 0x9f, 0x4d, 0x1e, 0xcb, 0x4c, 0x9e, 0xa6, 0xe3, 0xbf, 0x4e, 0xec, 0x77, 0x04, 0xfd, 0xd2, - 0xb5, 0xbc, 0x85, 0xca, 0xe4, 0xc2, 0x14, 0x2f, 0x67, 0xbb, 0x2c, 0x4c, 0x6e, 0xc6, 0x36, 0x0c, - 0x72, 0xad, 0x8a, 0x39, 0x5f, 0xb1, 0xad, 0x97, 0x63, 0xe3, 0x1a, 0x39, 0x6c, 0x99, 0x57, 0x29, - 0x9d, 0x92, 0x37, 0xa5, 0xf3, 0x19, 0xec, 0xa4, 0x33, 0x80, 0xf0, 0xc8, 0xa3, 0x2c, 0xbf, 0xf7, - 0xf7, 0xab, 0xfa, 0x91, 0x0a, 0x88, 0xd4, 0x83, 0xec, 0xef, 0x11, 0xec, 0x36, 0x60, 0xb7, 0x20, - 0xe4, 0xba, 0xa7, 0xb0, 0xbd, 0xfe, 0x29, 0xb4, 0x57, 0x70, 0xef, 0x9a, 0x31, 0x7f, 0x23, 0x91, - 0x5a, 0xfb, 0x58, 0x6f, 0xdd, 0x3e, 0xcf, 0x61, 0x5b, 0xcf, 0xb8, 0x38, 0x60, 0x9f, 0x73, 0x29, - 0xe9, 0x39, 0xc7, 0x8f, 0xa0, 0xcb, 0xd2, 0xa1, 0x9d, 0xcc, 0xac, 0x71, 0x6d, 0x1e, 0xc6, 0x01, - 0xab, 0x0c, 0xee, 0x0c, 0x6e, 0xbf, 0x82, 0xff, 0xad, 0xf1, 0x9b, 0x87, 0xc0, 0x71, 0x92, 0x8f, - 0x23, 0x99, 0x3e, 0xad, 0xb5, 0x39, 0x38, 0xcb, 0xfd, 0xfa, 0x39, 0x2a, 0xd0, 0xc5, 0xc3, 0x32, - 0x37, 0x8d, 0x51, 0xe0, 0xf0, 0x11, 0x74, 0x45, 0x7e, 0xa4, 0x2e, 0x7a, 0x39, 0xeb, 0xe6, 0xd7, - 0x1c, 0xc9, 0xd0, 0x0f, 0x8e, 0x00, 0x37, 0x45, 0xc1, 0x3d, 0xd8, 0x98, 0x39, 0xbe, 0x1b, 0x0c, - 0x5b, 0x18, 0x60, 0xf3, 0xa5, 0x70, 0x15, 0x17, 0x43, 0xa4, 0xd7, 0xba, 0x42, 0x5c, 0x0c, 0xad, - 0x27, 0x8f, 0x7f, 0xbb, 0x1c, 0xa3, 0xd7, 0x97, 0x63, 0xf4, 0xf7, 0xe5, 0x18, 0xfd, 0x78, 0x35, - 0x6e, 0xbd, 0xbe, 0x1a, 0xb7, 0xfe, 0xba, 0x1a, 0xb7, 0x5e, 0xbd, 0xff, 0x46, 0xdf, 0xca, 0x67, - 0x9b, 0xe6, 0xcf, 0x87, 0xff, 0x06, 0x00, 0x00, 0xff, 0xff, 0x3e, 0xd9, 0x79, 0xd5, 0x5b, 0x0b, - 0x00, 0x00, + // 943 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0x4f, 0x6f, 0x1b, 0x45, + 0x14, 0xf7, 0xda, 0x49, 0x1c, 0x3f, 0xbb, 0x89, 0x33, 0x40, 0xbb, 0x8a, 0x8a, 0x15, 0xad, 0x40, + 0x8a, 0xaa, 0xca, 0x11, 0x06, 0x29, 0x55, 0x84, 0xa8, 0xdc, 0x52, 0x64, 0xb7, 0x42, 0xaa, 0x26, + 0x40, 0x51, 0x39, 0x4d, 0x66, 0x47, 0xf1, 0xd0, 0xf5, 0xee, 0x6a, 0x66, 0x6c, 0xe4, 0x4f, 0x01, + 0x37, 0xae, 0x1c, 0xf9, 0x28, 0x48, 0x5c, 0x72, 0x41, 0xe2, 0x88, 0x12, 0xf1, 0x11, 0xb8, 0xa3, + 0x99, 0xd9, 0xff, 0xeb, 0x58, 0x70, 0x80, 0x43, 0xe2, 0x9d, 0xf7, 0x7e, 0xef, 0xcd, 0xef, 0xfd, + 0xe6, 0xcd, 0xdb, 0x85, 0x8f, 0x69, 0x34, 0x9f, 0x47, 0xa1, 0x8c, 0x09, 0x65, 0x27, 0xd1, 0xc5, + 0xb7, 0x8c, 0xaa, 0x13, 0x42, 0x03, 0xfd, 0x27, 0x18, 0x8d, 0x84, 0x1f, 0x8b, 0x48, 0x45, 0x27, + 0xe6, 0xbf, 0xcc, 0xad, 0x43, 0x63, 0x40, 0x9d, 0xcc, 0xe0, 0xfd, 0xe4, 0x40, 0x0f, 0x93, 0xef, + 0xc6, 0x34, 0xc0, 0xc6, 0x80, 0x5c, 0x68, 0xc7, 0x64, 0x15, 0x44, 0xc4, 0x77, 0x9d, 0x23, 0xe7, + 0xb8, 0x87, 0xd3, 0x25, 0xba, 0x0f, 0x1d, 0xc9, 0x2f, 0x43, 0xa2, 0x16, 0x82, 0xb9, 0x4d, 0xe3, + 0xcb, 0x0d, 0xe8, 0x01, 0xf4, 0x09, 0xa5, 0x2c, 0x56, 0x91, 0x98, 0xfa, 0x2c, 0x54, 0x5c, 0xad, + 0xdc, 0x96, 0x01, 0xd5, 0xec, 0xe8, 0x21, 0x1c, 0xa4, 0xb6, 0xf3, 0x2c, 0xe3, 0x96, 0x01, 0xd7, + 0x1d, 0xde, 0x27, 0x80, 0x8a, 0x0c, 0x5f, 0x71, 0x35, 0x9b, 0x6e, 0xe2, 0xb9, 0x07, 0x4d, 0xee, + 0x1b, 0x82, 0x1d, 0xdc, 0xe4, 0xbe, 0xf7, 0xbd, 0x03, 0x9d, 0xbc, 0xbe, 0xbb, 0xb0, 0x13, 0x0b, + 0xb6, 0x9c, 0xda, 0xb0, 0x0e, 0x4e, 0x56, 0xe8, 0x10, 0x76, 0x79, 0xca, 0xdb, 0x16, 0x97, 0xad, + 0x11, 0x82, 0x2d, 0x9f, 0x28, 0x92, 0xd4, 0x63, 0x9e, 0xb5, 0x1a, 0x82, 0x11, 0xff, 0x05, 0x5b, + 0x4d, 0x7d, 0xc3, 0xbd, 0x83, 0x73, 0x83, 0xf6, 0x2a, 0x3e, 0x67, 0x52, 0x91, 0x79, 0xec, 0x6e, + 0x1f, 0x39, 0xc7, 0x2d, 0x9c, 0x1b, 0xbc, 0x3f, 0x1d, 0x68, 0x6b, 0x46, 0x51, 0xa4, 0x4a, 0xfb, + 0x3a, 0x95, 0x7d, 0x5d, 0x68, 0x9b, 0x13, 0x9e, 0xa6, 0xe5, 0xa4, 0x4b, 0xad, 0x36, 0x0b, 0xa9, + 0x58, 0xc5, 0x8a, 0xf9, 0xd8, 0xee, 0x9a, 0xaa, 0x5d, 0xb5, 0x6b, 0xac, 0xcf, 0x04, 0x5f, 0x12, + 0xc5, 0xa3, 0xf0, 0x9c, 0xce, 0xd8, 0x9c, 0x25, 0x84, 0x6b, 0x76, 0x34, 0x04, 0x44, 0x17, 0x42, + 0xb0, 0x50, 0x25, 0xd1, 0x13, 0x22, 0x67, 0xa6, 0x80, 0x2d, 0xbc, 0xc6, 0x53, 0xae, 0x73, 0xa7, + 0x5a, 0xe7, 0x6f, 0x4d, 0xd8, 0x1f, 0xd3, 0xe0, 0x69, 0x14, 0x2a, 0x16, 0xaa, 0xaf, 0x48, 0xb0, + 0x60, 0xe8, 0x03, 0x68, 0x2f, 0x24, 0x13, 0x63, 0xdf, 0x1e, 0x40, 0x77, 0xf4, 0xce, 0x30, 0x6f, + 0xcf, 0x31, 0x0d, 0xbe, 0xb4, 0xce, 0x49, 0x03, 0xa7, 0x38, 0x74, 0x06, 0xa0, 0x1f, 0x31, 0x9b, + 0x47, 0x4b, 0xdb, 0x79, 0xdd, 0x91, 0x5b, 0x8f, 0xb2, 0xfe, 0x49, 0x03, 0x17, 0xd0, 0xe8, 0x6b, + 0x78, 0x5b, 0xaf, 0x5e, 0x32, 0x31, 0xe7, 0x52, 0xf2, 0x28, 0x7c, 0x3a, 0x23, 0xe1, 0x25, 0x33, + 0x62, 0x75, 0x47, 0x5e, 0x3d, 0x4b, 0x15, 0x39, 0x69, 0xe0, 0xb5, 0x19, 0x52, 0x56, 0xd3, 0x70, + 0xc9, 0x95, 0x15, 0x74, 0x2d, 0x2b, 0xeb, 0x4f, 0x59, 0xd9, 0x15, 0xfa, 0x08, 0x76, 0xf5, 0xea, + 0x79, 0xc4, 0x43, 0x23, 0x6e, 0x77, 0x74, 0xb7, 0x1e, 0xa9, 0xbd, 0x93, 0x06, 0xce, 0x90, 0x4f, + 0xda, 0xb0, 0xbd, 0xd4, 0x1a, 0x7a, 0xcf, 0x4c, 0xfb, 0x7c, 0xaa, 0xdb, 0xf0, 0x0c, 0x80, 0x64, + 0x0a, 0xbb, 0xce, 0x51, 0xeb, 0xb8, 0x3b, 0x3a, 0x2c, 0xe7, 0x2a, 0xca, 0x8f, 0x0b, 0x68, 0xef, + 0x2f, 0x07, 0x76, 0xc7, 0x34, 0x38, 0x57, 0x44, 0x31, 0x34, 0x00, 0xc8, 0xda, 0x57, 0x9a, 0x44, + 0x1d, 0x5c, 0xb0, 0xa0, 0x53, 0x5b, 0xae, 0x01, 0x4b, 0xb7, 0x69, 0x36, 0xba, 0x57, 0x27, 0x6d, + 0xfc, 0xb8, 0x00, 0x45, 0x67, 0xd0, 0xe6, 0xa6, 0x6a, 0xe9, 0xb6, 0x4c, 0xd4, 0x51, 0x39, 0xca, + 0xc0, 0x86, 0x56, 0x18, 0xf9, 0x2c, 0x54, 0x62, 0x85, 0xd3, 0x80, 0xc3, 0x2f, 0xa0, 0x57, 0x74, + 0xa0, 0x3e, 0xb4, 0xde, 0xb0, 0x55, 0x72, 0x73, 0xf5, 0x23, 0x1a, 0x26, 0x9a, 0xdc, 0xde, 0x16, + 0x36, 0x01, 0xb6, 0xb0, 0xb3, 0xe6, 0x23, 0xc7, 0x7b, 0x03, 0xbd, 0x22, 0xdb, 0x8d, 0x57, 0xf0, + 0x31, 0x74, 0xe3, 0xec, 0xe4, 0xa5, 0xd9, 0x65, 0x6f, 0xf4, 0xee, 0xa6, 0xb6, 0x91, 0xb8, 0x18, + 0xe1, 0xfd, 0xe8, 0x00, 0xe4, 0x6d, 0xbd, 0x71, 0xaf, 0x87, 0x70, 0x50, 0xbd, 0xbc, 0x56, 0xe9, + 0x1e, 0xae, 0x3b, 0xaa, 0xcc, 0x5a, 0xff, 0x9a, 0xd9, 0xcf, 0x0e, 0xdc, 0x29, 0x69, 0x84, 0x8e, + 0x61, 0xdf, 0x8e, 0xdf, 0x97, 0x8b, 0x8b, 0x80, 0xd3, 0x17, 0x2c, 0xe5, 0x58, 0x35, 0xff, 0xdf, + 0x54, 0x7f, 0x75, 0xa0, 0x5b, 0xb8, 0x15, 0x1b, 0x55, 0x7c, 0x0f, 0xee, 0x24, 0x0c, 0x78, 0x14, + 0xea, 0x12, 0xec, 0x34, 0x2f, 0x1b, 0xf3, 0x52, 0xf3, 0x17, 0x50, 0xab, 0x58, 0x6a, 0x66, 0x46, + 0x1e, 0xf4, 0xb2, 0xea, 0x75, 0x3a, 0xfb, 0x9e, 0x2a, 0xd9, 0xd6, 0xcb, 0xb1, 0x7d, 0x8b, 0x1c, + 0x9e, 0xcc, 0x74, 0x4f, 0x86, 0xd4, 0xa6, 0x72, 0x3e, 0x83, 0xfd, 0xe4, 0x16, 0x62, 0x16, 0x07, + 0x84, 0x66, 0x97, 0xef, 0x7e, 0x59, 0x3f, 0x5c, 0x02, 0xe1, 0x6a, 0x90, 0xf7, 0x0d, 0x1c, 0xd4, + 0x50, 0x1b, 0x37, 0x5e, 0xf7, 0x8a, 0x69, 0xae, 0x7f, 0xc5, 0x78, 0x4b, 0xb8, 0x77, 0xcb, 0xf8, + 0xfc, 0x6f, 0x2f, 0xd7, 0x73, 0xd8, 0xd3, 0x13, 0x64, 0x15, 0xd2, 0xcf, 0x99, 0x94, 0xe4, 0x92, + 0xa1, 0x47, 0xd0, 0xa6, 0xd9, 0x30, 0xd4, 0x13, 0x61, 0x50, 0x99, 0x36, 0xab, 0x90, 0x96, 0x06, + 0x62, 0x0a, 0xf7, 0x5e, 0xc3, 0x5b, 0x6b, 0xfc, 0x66, 0xc0, 0xfa, 0xbe, 0xfd, 0x78, 0x90, 0x49, + 0xce, 0xca, 0x94, 0x19, 0x67, 0x7e, 0x3d, 0xe6, 0x73, 0x74, 0x3e, 0xb0, 0x27, 0xe6, 0xc4, 0x73, + 0x1c, 0x3a, 0x85, 0xb6, 0xc8, 0x52, 0xea, 0xd3, 0x2c, 0x56, 0x5d, 0xff, 0xda, 0xc1, 0x29, 0xfa, + 0xc1, 0x29, 0xa0, 0xba, 0x28, 0xa8, 0x03, 0xdb, 0x63, 0x7f, 0xce, 0xc3, 0x7e, 0x03, 0x01, 0xec, + 0xbc, 0x12, 0x5c, 0x31, 0xd1, 0x77, 0xf4, 0xb3, 0x3e, 0x21, 0x26, 0xfa, 0xcd, 0x27, 0x8f, 0x7f, + 0xb9, 0x1e, 0x38, 0x57, 0xd7, 0x03, 0xe7, 0x8f, 0xeb, 0x81, 0xf3, 0xc3, 0xcd, 0xa0, 0x71, 0x75, + 0x33, 0x68, 0xfc, 0x7e, 0x33, 0x68, 0xbc, 0x7e, 0xff, 0x1f, 0x7d, 0x4b, 0x5e, 0xec, 0x98, 0x9f, + 0x0f, 0xff, 0x0e, 0x00, 0x00, 0xff, 0xff, 0xca, 0x88, 0xea, 0x1c, 0x7b, 0x0a, 0x00, 0x00, } func (m *RawAclRecord) Marshal() (dAtA []byte, err error) { @@ -1369,10 +1327,12 @@ func (m *AclRecord) MarshalToSizedBuffer(dAtA []byte) (int, error) { i-- dAtA[i] = 0x28 } - if m.CurrentReadKeyHash != 0 { - i = encodeVarintAclrecord(dAtA, i, uint64(m.CurrentReadKeyHash)) + if len(m.ReadKeyId) > 0 { + i -= len(m.ReadKeyId) + copy(dAtA[i:], m.ReadKeyId) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.ReadKeyId))) i-- - dAtA[i] = 0x20 + dAtA[i] = 0x22 } if len(m.Data) > 0 { i -= len(m.Data) @@ -1421,39 +1381,32 @@ func (m *AclRoot) MarshalToSizedBuffer(dAtA []byte) (int, error) { if m.Timestamp != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.Timestamp)) i-- - dAtA[i] = 0x38 + dAtA[i] = 0x30 } if m.CurrentReadKeyHash != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.CurrentReadKeyHash)) i-- - dAtA[i] = 0x30 + dAtA[i] = 0x28 } if len(m.DerivationScheme) > 0 { i -= len(m.DerivationScheme) copy(dAtA[i:], m.DerivationScheme) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.DerivationScheme))) i-- - dAtA[i] = 0x2a + dAtA[i] = 0x22 } if len(m.EncryptedReadKey) > 0 { i -= len(m.EncryptedReadKey) copy(dAtA[i:], m.EncryptedReadKey) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKey))) i-- - dAtA[i] = 0x22 + dAtA[i] = 0x1a } if len(m.SpaceId) > 0 { i -= len(m.SpaceId) copy(dAtA[i:], m.SpaceId) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.SpaceId))) i-- - dAtA[i] = 0x1a - } - if len(m.EncryptionKey) > 0 { - i -= len(m.EncryptionKey) - copy(dAtA[i:], m.EncryptionKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptionKey))) - i-- dAtA[i] = 0x12 } if len(m.Identity) > 0 { @@ -1700,23 +1653,14 @@ func (m *AclState) MarshalToSizedBuffer(dAtA []byte) (int, error) { dAtA[i] = 0x12 } } - if len(m.ReadKeyHashes) > 0 { - dAtA8 := make([]byte, len(m.ReadKeyHashes)*10) - var j7 int - for _, num := range m.ReadKeyHashes { - for num >= 1<<7 { - dAtA8[j7] = uint8(uint64(num)&0x7f | 0x80) - num >>= 7 - j7++ - } - dAtA8[j7] = uint8(num) - j7++ + if len(m.ReadKeyIds) > 0 { + for iNdEx := len(m.ReadKeyIds) - 1; iNdEx >= 0; iNdEx-- { + i -= len(m.ReadKeyIds[iNdEx]) + copy(dAtA[i:], m.ReadKeyIds[iNdEx]) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.ReadKeyIds[iNdEx]))) + i-- + dAtA[i] = 0xa } - i -= j7 - copy(dAtA[i:], dAtA8[:j7]) - i = encodeVarintAclrecord(dAtA, i, uint64(j7)) - i-- - dAtA[i] = 0xa } return len(dAtA) - i, nil } @@ -1744,14 +1688,7 @@ func (m *AclUserState) MarshalToSizedBuffer(dAtA []byte) (int, error) { if m.Permissions != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) i-- - dAtA[i] = 0x18 - } - if len(m.EncryptionKey) > 0 { - i -= len(m.EncryptionKey) - copy(dAtA[i:], m.EncryptionKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptionKey))) - i-- - dAtA[i] = 0x12 + dAtA[i] = 0x10 } if len(m.Identity) > 0 { i -= len(m.Identity) @@ -1786,7 +1723,7 @@ func (m *AclUserAdd) MarshalToSizedBuffer(dAtA []byte) (int, error) { if m.Permissions != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) i-- - dAtA[i] = 0x20 + dAtA[i] = 0x18 } if len(m.EncryptedReadKeys) > 0 { for iNdEx := len(m.EncryptedReadKeys) - 1; iNdEx >= 0; iNdEx-- { @@ -1794,16 +1731,9 @@ func (m *AclUserAdd) MarshalToSizedBuffer(dAtA []byte) (int, error) { copy(dAtA[i:], m.EncryptedReadKeys[iNdEx]) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys[iNdEx]))) i-- - dAtA[i] = 0x1a + dAtA[i] = 0x12 } } - if len(m.EncryptionKey) > 0 { - i -= len(m.EncryptionKey) - copy(dAtA[i:], m.EncryptionKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptionKey))) - i-- - dAtA[i] = 0x12 - } if len(m.Identity) > 0 { i -= len(m.Identity) copy(dAtA[i:], m.Identity) @@ -1837,7 +1767,7 @@ func (m *AclUserInvite) MarshalToSizedBuffer(dAtA []byte) (int, error) { if m.Permissions != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) i-- - dAtA[i] = 0x20 + dAtA[i] = 0x18 } if len(m.EncryptedReadKeys) > 0 { for iNdEx := len(m.EncryptedReadKeys) - 1; iNdEx >= 0; iNdEx-- { @@ -1845,14 +1775,9 @@ func (m *AclUserInvite) MarshalToSizedBuffer(dAtA []byte) (int, error) { copy(dAtA[i:], m.EncryptedReadKeys[iNdEx]) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys[iNdEx]))) i-- - dAtA[i] = 0x1a + dAtA[i] = 0x12 } } - if m.EncryptSymKeyHash != 0 { - i = encodeVarintAclrecord(dAtA, i, uint64(m.EncryptSymKeyHash)) - i-- - dAtA[i] = 0x10 - } if len(m.AcceptPublicKey) > 0 { i -= len(m.AcceptPublicKey) copy(dAtA[i:], m.AcceptPublicKey) @@ -1992,13 +1917,6 @@ func (m *AclReadKeyReplace) MarshalToSizedBuffer(dAtA []byte) (int, error) { copy(dAtA[i:], m.EncryptedReadKey) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKey))) i-- - dAtA[i] = 0x1a - } - if len(m.EncryptionKey) > 0 { - i -= len(m.EncryptionKey) - copy(dAtA[i:], m.EncryptionKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptionKey))) - i-- dAtA[i] = 0x12 } if len(m.Identity) > 0 { @@ -2076,7 +1994,7 @@ func (m *AclSyncMessage) MarshalToSizedBuffer(dAtA []byte) (int, error) { i = encodeVarintAclrecord(dAtA, i, uint64(size)) } i-- - dAtA[i] = 0x12 + dAtA[i] = 0xa } return len(dAtA) - i, nil } @@ -2242,8 +2160,9 @@ func (m *AclRecord) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - if m.CurrentReadKeyHash != 0 { - n += 1 + sovAclrecord(uint64(m.CurrentReadKeyHash)) + l = len(m.ReadKeyId) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) } if m.Timestamp != 0 { n += 1 + sovAclrecord(uint64(m.Timestamp)) @@ -2261,10 +2180,6 @@ func (m *AclRoot) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptionKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } l = len(m.SpaceId) if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) @@ -2379,12 +2294,11 @@ func (m *AclState) Size() (n int) { } var l int _ = l - if len(m.ReadKeyHashes) > 0 { - l = 0 - for _, e := range m.ReadKeyHashes { - l += sovAclrecord(uint64(e)) + if len(m.ReadKeyIds) > 0 { + for _, s := range m.ReadKeyIds { + l = len(s) + n += 1 + l + sovAclrecord(uint64(l)) } - n += 1 + sovAclrecord(uint64(l)) + l } if len(m.UserStates) > 0 { for _, e := range m.UserStates { @@ -2418,10 +2332,6 @@ func (m *AclUserState) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptionKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } if m.Permissions != 0 { n += 1 + sovAclrecord(uint64(m.Permissions)) } @@ -2438,10 +2348,6 @@ func (m *AclUserAdd) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptionKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } if len(m.EncryptedReadKeys) > 0 { for _, b := range m.EncryptedReadKeys { l = len(b) @@ -2464,9 +2370,6 @@ func (m *AclUserInvite) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - if m.EncryptSymKeyHash != 0 { - n += 1 + sovAclrecord(uint64(m.EncryptSymKeyHash)) - } if len(m.EncryptedReadKeys) > 0 { for _, b := range m.EncryptedReadKeys { l = len(b) @@ -2539,10 +2442,6 @@ func (m *AclReadKeyReplace) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptionKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } l = len(m.EncryptedReadKey) if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) @@ -3056,10 +2955,10 @@ func (m *AclRecord) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 4: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field CurrentReadKeyHash", wireType) + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ReadKeyId", wireType) } - m.CurrentReadKeyHash = 0 + var stringLen uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowAclrecord @@ -3069,11 +2968,24 @@ func (m *AclRecord) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.CurrentReadKeyHash |= uint64(b&0x7F) << shift + stringLen |= uint64(b&0x7F) << shift if b < 0x80 { break } } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ReadKeyId = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex case 5: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Timestamp", wireType) @@ -3178,40 +3090,6 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptionKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptionKey = append(m.EncryptionKey[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptionKey == nil { - m.EncryptionKey = []byte{} - } - iNdEx = postIndex - case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field SpaceId", wireType) } @@ -3243,7 +3121,7 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { } m.SpaceId = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 4: + case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKey", wireType) } @@ -3277,7 +3155,7 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { m.EncryptedReadKey = []byte{} } iNdEx = postIndex - case 5: + case 4: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field DerivationScheme", wireType) } @@ -3309,7 +3187,7 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { } m.DerivationScheme = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 6: + case 5: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field CurrentReadKeyHash", wireType) } @@ -3328,7 +3206,7 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { break } } - case 7: + case 6: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Timestamp", wireType) } @@ -3707,81 +3585,37 @@ func (m *AclState) Unmarshal(dAtA []byte) error { } switch fieldNum { case 1: - if wireType == 0 { - var v uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ReadKeyIds", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord } - m.ReadKeyHashes = append(m.ReadKeyHashes, v) - } else if wireType == 2 { - var packedLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - packedLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if packedLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + packedLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { + if iNdEx >= l { return io.ErrUnexpectedEOF } - var elementCount int - var count int - for _, integer := range dAtA[iNdEx:postIndex] { - if integer < 128 { - count++ - } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break } - elementCount = count - if elementCount != 0 && len(m.ReadKeyHashes) == 0 { - m.ReadKeyHashes = make([]uint64, 0, elementCount) - } - for iNdEx < postIndex { - var v uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.ReadKeyHashes = append(m.ReadKeyHashes, v) - } - } else { - return fmt.Errorf("proto: wrong wireType = %d for field ReadKeyHashes", wireType) } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ReadKeyIds = append(m.ReadKeyIds, string(dAtA[iNdEx:postIndex])) + iNdEx = postIndex case 2: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field UserStates", wireType) @@ -4030,40 +3864,6 @@ func (m *AclUserState) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptionKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptionKey = append(m.EncryptionKey[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptionKey == nil { - m.EncryptionKey = []byte{} - } - iNdEx = postIndex - case 3: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) } @@ -4167,40 +3967,6 @@ func (m *AclUserAdd) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptionKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptionKey = append(m.EncryptionKey[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptionKey == nil { - m.EncryptionKey = []byte{} - } - iNdEx = postIndex - case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) } @@ -4232,7 +3998,7 @@ func (m *AclUserAdd) Unmarshal(dAtA []byte) error { m.EncryptedReadKeys = append(m.EncryptedReadKeys, make([]byte, postIndex-iNdEx)) copy(m.EncryptedReadKeys[len(m.EncryptedReadKeys)-1], dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 4: + case 3: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) } @@ -4336,25 +4102,6 @@ func (m *AclUserInvite) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptSymKeyHash", wireType) - } - m.EncryptSymKeyHash = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.EncryptSymKeyHash |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) } @@ -4386,7 +4133,7 @@ func (m *AclUserInvite) Unmarshal(dAtA []byte) error { m.EncryptedReadKeys = append(m.EncryptedReadKeys, make([]byte, postIndex-iNdEx)) copy(m.EncryptedReadKeys[len(m.EncryptedReadKeys)-1], dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 4: + case 3: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) } @@ -4826,40 +4573,6 @@ func (m *AclReadKeyReplace) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptionKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptionKey = append(m.EncryptionKey[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptionKey == nil { - m.EncryptionKey = []byte{} - } - iNdEx = postIndex - case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKey", wireType) } @@ -5046,7 +4759,7 @@ func (m *AclSyncMessage) Unmarshal(dAtA []byte) error { return fmt.Errorf("proto: AclSyncMessage: illegal tag %d (wire type %d)", fieldNum, wire) } switch fieldNum { - case 2: + case 1: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field Content", wireType) } diff --git a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto index 56cc2c28..f13ea819 100644 --- a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto +++ b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto @@ -18,18 +18,17 @@ message AclRecord { string prevId = 1; bytes identity = 2; bytes data = 3; - uint64 currentReadKeyHash = 4; + string readKeyId = 4; int64 timestamp = 5; } message AclRoot { bytes identity = 1; - bytes encryptionKey = 2; - string spaceId = 3; - bytes encryptedReadKey = 4; - string derivationScheme = 5; - uint64 currentReadKeyHash = 6; - int64 timestamp = 7; + string spaceId = 2; + bytes encryptedReadKey = 3; + string derivationScheme = 4; + uint64 currentReadKeyHash = 5; + int64 timestamp = 6; } message AclContentValue { @@ -47,29 +46,26 @@ message AclData { } message AclState { - repeated uint64 readKeyHashes = 1; + repeated string readKeyIds = 1; repeated AclUserState userStates = 2; map invites = 3; } message AclUserState { bytes identity = 1; - bytes encryptionKey = 2; - AclUserPermissions permissions = 3; + AclUserPermissions permissions = 2; } message AclUserAdd { bytes identity = 1; - bytes encryptionKey = 2; - repeated bytes encryptedReadKeys = 3; - AclUserPermissions permissions = 4; + repeated bytes encryptedReadKeys = 2; + AclUserPermissions permissions = 3; } message AclUserInvite { bytes acceptPublicKey = 1; - uint64 encryptSymKeyHash = 2; - repeated bytes encryptedReadKeys = 3; - AclUserPermissions permissions = 4; + repeated bytes encryptedReadKeys = 2; + AclUserPermissions permissions = 3; } message AclUserJoin { @@ -87,8 +83,7 @@ message AclUserRemove { message AclReadKeyReplace { bytes identity = 1; - bytes encryptionKey = 2; - bytes encryptedReadKey = 3; + bytes encryptedReadKey = 2; } message AclUserPermissionChange { @@ -103,7 +98,7 @@ enum AclUserPermissions { } message AclSyncMessage { - AclSyncContentValue content = 2; + AclSyncContentValue content = 1; } // AclSyncContentValue provides different types for acl sync diff --git a/commonspace/object/tree/treechangeproto/protos/treechange.proto b/commonspace/object/tree/treechangeproto/protos/treechange.proto index 2211f58f..dfc74a42 100644 --- a/commonspace/object/tree/treechangeproto/protos/treechange.proto +++ b/commonspace/object/tree/treechangeproto/protos/treechange.proto @@ -30,8 +30,8 @@ message TreeChange { string snapshotBaseId = 3; // ChangesData is an arbitrary payload to be read by the client bytes changesData = 4; - // CurrentReadKeyHash is the hash of the read key which is used to encrypt this change - uint64 currentReadKeyHash = 5; + // ReadKeyId is the id of the read key + string readKeyId = 5; // Timestamp is this change creation timestamp int64 timestamp = 6; // Identity is a public key with which the raw payload of this change is signed diff --git a/commonspace/object/tree/treechangeproto/treechange.pb.go b/commonspace/object/tree/treechangeproto/treechange.pb.go index da70a466..60eb619b 100644 --- a/commonspace/object/tree/treechangeproto/treechange.pb.go +++ b/commonspace/object/tree/treechangeproto/treechange.pb.go @@ -132,8 +132,8 @@ type TreeChange struct { SnapshotBaseId string `protobuf:"bytes,3,opt,name=snapshotBaseId,proto3" json:"snapshotBaseId,omitempty"` // ChangesData is an arbitrary payload to be read by the client ChangesData []byte `protobuf:"bytes,4,opt,name=changesData,proto3" json:"changesData,omitempty"` - // CurrentReadKeyHash is the hash of the read key which is used to encrypt this change - CurrentReadKeyHash uint64 `protobuf:"varint,5,opt,name=currentReadKeyHash,proto3" json:"currentReadKeyHash,omitempty"` + // ReadKeyId is the id of the read key + ReadKeyId string `protobuf:"bytes,5,opt,name=readKeyId,proto3" json:"readKeyId,omitempty"` // Timestamp is this change creation timestamp Timestamp int64 `protobuf:"varint,6,opt,name=timestamp,proto3" json:"timestamp,omitempty"` // Identity is a public key with which the raw payload of this change is signed @@ -203,11 +203,11 @@ func (m *TreeChange) GetChangesData() []byte { return nil } -func (m *TreeChange) GetCurrentReadKeyHash() uint64 { +func (m *TreeChange) GetReadKeyId() string { if m != nil { - return m.CurrentReadKeyHash + return m.ReadKeyId } - return 0 + return "" } func (m *TreeChange) GetTimestamp() int64 { @@ -806,51 +806,50 @@ func init() { } var fileDescriptor_5033f0301ef9b772 = []byte{ - // 690 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xc4, 0x55, 0xc1, 0x4e, 0xdb, 0x4a, - 0x14, 0xf5, 0x38, 0x01, 0xc3, 0x25, 0xc0, 0x7b, 0x03, 0x0b, 0x0b, 0xbd, 0xe7, 0x5a, 0x56, 0xd5, - 0xa6, 0x1b, 0x90, 0xe8, 0xaa, 0x55, 0x25, 0x54, 0x28, 0xd4, 0x11, 0x6a, 0x85, 0x06, 0x4a, 0xa5, - 0xee, 0x06, 0xfb, 0x42, 0x5c, 0x25, 0xb6, 0xeb, 0x99, 0x14, 0xe5, 0x03, 0xba, 0x69, 0xa5, 0xaa, - 0x9f, 0xd0, 0x5f, 0xe9, 0xae, 0x4b, 0x96, 0x2c, 0x2b, 0xf8, 0x91, 0xca, 0x63, 0x3b, 0xb1, 0x1d, - 0x2f, 0xd8, 0xb1, 0x71, 0x72, 0x8f, 0xef, 0x3d, 0x73, 0xee, 0xb9, 0x33, 0x63, 0xd8, 0xf1, 0xa2, - 0xe1, 0x30, 0x0a, 0x45, 0xcc, 0x3d, 0xdc, 0x8a, 0xce, 0x3e, 0xa2, 0x27, 0xb7, 0x64, 0x82, 0xa8, - 0x1e, 0x5e, 0x9f, 0x87, 0x17, 0x18, 0x27, 0x91, 0x8c, 0xb6, 0xd4, 0x53, 0x94, 0xe0, 0x4d, 0x85, - 0x50, 0x98, 0x22, 0xce, 0x35, 0x01, 0x60, 0x51, 0x24, 0xf7, 0x54, 0x48, 0xff, 0x83, 0x45, 0xee, - 0x0d, 0x5c, 0xe4, 0x7e, 0xcf, 0x37, 0x89, 0x4d, 0xba, 0x8b, 0x6c, 0x0a, 0x50, 0x13, 0x0c, 0xb5, - 0x6a, 0xcf, 0x37, 0x75, 0xf5, 0xae, 0x08, 0xa9, 0x05, 0x90, 0x11, 0x9e, 0x8c, 0x63, 0x34, 0x5b, - 0xea, 0x65, 0x09, 0x49, 0x79, 0x65, 0x30, 0x44, 0x21, 0xf9, 0x30, 0x36, 0xdb, 0x36, 0xe9, 0xb6, - 0xd8, 0x14, 0xa0, 0x14, 0xda, 0x02, 0xd1, 0x37, 0xe7, 0x6c, 0xd2, 0xed, 0x30, 0xf5, 0x9f, 0x6e, - 0xc0, 0x42, 0xe0, 0x63, 0x28, 0x03, 0x39, 0x36, 0xe7, 0x15, 0x3e, 0x89, 0xe9, 0x43, 0x58, 0xce, - 0xb8, 0x8f, 0xf8, 0x78, 0x10, 0x71, 0xdf, 0x34, 0x54, 0x42, 0x15, 0x74, 0x7e, 0xea, 0x00, 0x27, - 0x09, 0x62, 0xde, 0x9a, 0x0d, 0x4b, 0x69, 0xdf, 0x59, 0x2b, 0xc2, 0x24, 0x76, 0xab, 0xbb, 0xc8, - 0xca, 0x50, 0xb5, 0x79, 0xbd, 0xde, 0xfc, 0x23, 0x58, 0x11, 0x21, 0x8f, 0x45, 0x3f, 0x92, 0xbb, - 0x5c, 0xa4, 0x1e, 0x64, 0x6d, 0xd6, 0xd0, 0x74, 0x9d, 0x4c, 0x87, 0x78, 0xc5, 0x25, 0x57, 0xcd, - 0x76, 0x58, 0x19, 0xa2, 0x9b, 0x40, 0xbd, 0x51, 0x92, 0x60, 0x28, 0x19, 0x72, 0xff, 0x10, 0xc7, - 0x2e, 0x17, 0x7d, 0xd5, 0x7c, 0x9b, 0x35, 0xbc, 0xa9, 0x9a, 0x37, 0x5f, 0x37, 0xaf, 0x6c, 0x94, - 0x51, 0x33, 0xca, 0x02, 0x08, 0xc4, 0x71, 0xae, 0xcf, 0x5c, 0xb0, 0x49, 0x77, 0x81, 0x95, 0x10, - 0xe7, 0x35, 0x2c, 0x33, 0x7e, 0x59, 0x32, 0xc9, 0x04, 0x23, 0xce, 0x3d, 0x25, 0x8a, 0xab, 0x08, - 0x53, 0x11, 0x22, 0xb8, 0x08, 0xb9, 0x1c, 0x25, 0xa8, 0xcc, 0xe9, 0xb0, 0x29, 0xe0, 0xec, 0xc1, - 0x5a, 0x85, 0xe8, 0x7d, 0x20, 0xfb, 0x3d, 0x55, 0x94, 0xf0, 0xcb, 0x0c, 0xca, 0x09, 0xa7, 0x00, - 0x5d, 0x01, 0x3d, 0x28, 0x8c, 0xd6, 0x03, 0xdf, 0xf9, 0x4e, 0x60, 0x35, 0xa5, 0x38, 0x1e, 0x87, - 0xde, 0x1b, 0x14, 0x82, 0x5f, 0x20, 0x7d, 0x0e, 0x86, 0x17, 0x85, 0x12, 0x43, 0xa9, 0xea, 0x97, - 0xb6, 0xed, 0xcd, 0xd2, 0x7e, 0x2e, 0xb2, 0xf7, 0xb2, 0x94, 0x53, 0x3e, 0x18, 0x21, 0x2b, 0x0a, - 0xe8, 0x0e, 0x40, 0x32, 0xd9, 0xda, 0x6a, 0x9d, 0xa5, 0xed, 0x07, 0xe5, 0xf2, 0x06, 0xc9, 0xac, - 0x54, 0xe2, 0xfc, 0xd2, 0x61, 0xbd, 0x69, 0x09, 0xfa, 0x02, 0xa0, 0x8f, 0xdc, 0x7f, 0x17, 0xfb, - 0x5c, 0x62, 0x2e, 0x6c, 0xa3, 0x2e, 0xcc, 0x9d, 0x64, 0xb8, 0x1a, 0x2b, 0xe5, 0xd3, 0x43, 0x58, - 0x3d, 0x1f, 0x0d, 0x06, 0x29, 0x2b, 0xc3, 0x4f, 0x23, 0x14, 0xb2, 0x49, 0x5c, 0x4a, 0x71, 0x50, - 0x4d, 0x73, 0x35, 0x56, 0xaf, 0xa4, 0x6f, 0xe1, 0x9f, 0x29, 0x24, 0xe2, 0x28, 0x14, 0xd9, 0xf9, - 0x6b, 0x70, 0xea, 0xa0, 0x96, 0xe7, 0x6a, 0x6c, 0xa6, 0x96, 0xee, 0xc3, 0x32, 0x26, 0x49, 0x94, - 0x4c, 0xc8, 0xda, 0x8a, 0xec, 0xff, 0x3a, 0xd9, 0x7e, 0x39, 0xc9, 0xd5, 0x58, 0xb5, 0x6a, 0xd7, - 0x80, 0xb9, 0xcf, 0xa9, 0x55, 0xce, 0x17, 0x02, 0x2b, 0x55, 0x37, 0xe8, 0x3a, 0xcc, 0xa5, 0x6e, - 0x14, 0x67, 0x30, 0x0b, 0xe8, 0x33, 0x30, 0xf2, 0x43, 0x62, 0xea, 0x76, 0xeb, 0x2e, 0xa3, 0x2a, - 0xf2, 0xa9, 0x03, 0x9d, 0xe2, 0x10, 0x1e, 0x71, 0xd9, 0x37, 0x5b, 0x8a, 0xb7, 0x82, 0x39, 0x5f, - 0x09, 0xac, 0x35, 0x58, 0x7a, 0x3f, 0x62, 0xbe, 0x91, 0x6c, 0x63, 0xd5, 0x27, 0x72, 0x3f, 0x6a, - 0x9e, 0xc0, 0xbf, 0x33, 0x13, 0x4d, 0x95, 0xa8, 0x89, 0xe6, 0x5f, 0x81, 0x2c, 0x70, 0x4e, 0xb3, - 0x61, 0x66, 0x6b, 0xf5, 0xc2, 0xf3, 0xa8, 0x76, 0xf3, 0x93, 0x99, 0x9b, 0x7f, 0xe6, 0xae, 0xd6, - 0x1b, 0xee, 0xea, 0xdd, 0x97, 0xbf, 0x6f, 0x2c, 0x72, 0x75, 0x63, 0x91, 0x3f, 0x37, 0x16, 0xf9, - 0x71, 0x6b, 0x69, 0x57, 0xb7, 0x96, 0x76, 0x7d, 0x6b, 0x69, 0x1f, 0x1e, 0xdf, 0xf1, 0x6b, 0x77, - 0x36, 0xaf, 0x7e, 0x9e, 0xfe, 0x0d, 0x00, 0x00, 0xff, 0xff, 0x24, 0x93, 0x3b, 0x00, 0x1f, 0x07, - 0x00, 0x00, + // 677 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xc4, 0x55, 0xcf, 0x4f, 0xd4, 0x40, + 0x14, 0xee, 0x74, 0x81, 0xb2, 0x8f, 0x05, 0x74, 0xe0, 0xd0, 0x10, 0xad, 0x4d, 0x63, 0x74, 0xbd, + 0x40, 0x82, 0x27, 0x8d, 0x09, 0x11, 0x04, 0x77, 0x43, 0x34, 0x64, 0x40, 0x4c, 0xbc, 0x0d, 0xed, + 0xc0, 0xd6, 0xec, 0x76, 0x6a, 0x67, 0x56, 0xb2, 0x7f, 0x80, 0x17, 0x4d, 0x88, 0xff, 0x92, 0x37, + 0x8f, 0x1c, 0x39, 0x1a, 0xf6, 0x1f, 0x31, 0x9d, 0x69, 0xb7, 0x3f, 0x76, 0x0f, 0xdc, 0xb8, 0x74, + 0xf7, 0x7d, 0x7d, 0xef, 0x7b, 0xdf, 0xfb, 0xe6, 0x47, 0x61, 0xc7, 0xe7, 0x83, 0x01, 0x8f, 0x44, + 0x4c, 0x7d, 0xb6, 0xc5, 0xcf, 0xbe, 0x32, 0x5f, 0x6e, 0xc9, 0x84, 0x31, 0xf5, 0xf0, 0x7b, 0x34, + 0xba, 0x60, 0x71, 0xc2, 0x25, 0xdf, 0x52, 0x4f, 0x51, 0x82, 0x37, 0x15, 0x82, 0xa1, 0x40, 0xbc, + 0x1b, 0x04, 0x40, 0x38, 0x97, 0x7b, 0x2a, 0xc4, 0x8f, 0xa0, 0x49, 0xfd, 0x7e, 0x87, 0xd1, 0xa0, + 0x1b, 0xd8, 0xc8, 0x45, 0xed, 0x26, 0x29, 0x00, 0x6c, 0x83, 0xa5, 0xba, 0x76, 0x03, 0xdb, 0x54, + 0xef, 0xf2, 0x10, 0x3b, 0x00, 0x9a, 0xf0, 0x64, 0x14, 0x33, 0xbb, 0xa1, 0x5e, 0x96, 0x90, 0x94, + 0x57, 0x86, 0x03, 0x26, 0x24, 0x1d, 0xc4, 0xf6, 0x9c, 0x8b, 0xda, 0x0d, 0x52, 0x00, 0x18, 0xc3, + 0x9c, 0x60, 0x2c, 0xb0, 0xe7, 0x5d, 0xd4, 0x6e, 0x11, 0xf5, 0x1f, 0x6f, 0xc0, 0x62, 0x18, 0xb0, + 0x48, 0x86, 0x72, 0x64, 0x2f, 0x28, 0x7c, 0x12, 0xe3, 0xa7, 0xb0, 0xac, 0xb9, 0x8f, 0xe8, 0xa8, + 0xcf, 0x69, 0x60, 0x5b, 0x2a, 0xa1, 0x0a, 0x7a, 0x57, 0x26, 0xc0, 0x49, 0xc2, 0x58, 0x36, 0x9a, + 0x0b, 0x4b, 0xe9, 0xdc, 0x7a, 0x14, 0x61, 0x23, 0xb7, 0xd1, 0x6e, 0x92, 0x32, 0x54, 0x1d, 0xde, + 0xac, 0x0f, 0xff, 0x0c, 0x56, 0x44, 0x44, 0x63, 0xd1, 0xe3, 0x72, 0x97, 0x8a, 0xd4, 0x03, 0x3d, + 0x66, 0x0d, 0x4d, 0xfb, 0x68, 0x1d, 0xe2, 0x1d, 0x95, 0x54, 0x0d, 0xdb, 0x22, 0x65, 0x28, 0xed, + 0x93, 0x30, 0x1a, 0x1c, 0xb2, 0x51, 0x57, 0xcf, 0xdc, 0x24, 0x05, 0x50, 0xb5, 0x6a, 0xa1, 0x6e, + 0x55, 0xd9, 0x16, 0xab, 0x66, 0x8b, 0x03, 0x10, 0x8a, 0xe3, 0x4c, 0x8d, 0xbd, 0xe8, 0xa2, 0xf6, + 0x22, 0x29, 0x21, 0xde, 0x7b, 0x58, 0x26, 0xf4, 0xb2, 0x64, 0x89, 0x0d, 0x56, 0x9c, 0x39, 0x88, + 0x14, 0x57, 0x1e, 0xa6, 0x22, 0x44, 0x78, 0x11, 0x51, 0x39, 0x4c, 0x98, 0xb2, 0xa2, 0x45, 0x0a, + 0xc0, 0xdb, 0x83, 0xb5, 0x0a, 0xd1, 0xe7, 0x50, 0xf6, 0xb4, 0xf2, 0x84, 0x5e, 0x6a, 0x28, 0x23, + 0x2c, 0x00, 0xbc, 0x02, 0x66, 0x98, 0xdb, 0x6a, 0x86, 0x81, 0x77, 0x85, 0x60, 0x35, 0xa5, 0x38, + 0x1e, 0x45, 0xfe, 0x07, 0x26, 0x04, 0xbd, 0x60, 0xf8, 0x35, 0x58, 0x3e, 0x8f, 0x24, 0x8b, 0xa4, + 0xaa, 0x5f, 0xda, 0x76, 0x37, 0x4b, 0xbb, 0x37, 0xcf, 0xde, 0xd3, 0x29, 0xa7, 0xb4, 0x3f, 0x64, + 0x24, 0x2f, 0xc0, 0x3b, 0x00, 0xc9, 0x64, 0x23, 0xab, 0x3e, 0x4b, 0xdb, 0x4f, 0xca, 0xe5, 0x33, + 0x24, 0x93, 0x52, 0x89, 0xf7, 0xc7, 0x84, 0xf5, 0x59, 0x2d, 0xf0, 0x1b, 0x80, 0x1e, 0xa3, 0xc1, + 0xa7, 0x38, 0xa0, 0x92, 0x65, 0xc2, 0x36, 0xea, 0xc2, 0x3a, 0x93, 0x8c, 0x8e, 0x41, 0x4a, 0xf9, + 0xf8, 0x10, 0x56, 0xcf, 0x87, 0xfd, 0x7e, 0xca, 0x4a, 0xd8, 0xb7, 0x21, 0x13, 0x72, 0x96, 0xb8, + 0x94, 0xe2, 0xa0, 0x9a, 0xd6, 0x31, 0x48, 0xbd, 0x12, 0x7f, 0x84, 0x07, 0x05, 0x24, 0x62, 0x1e, + 0x09, 0x7d, 0xda, 0x66, 0x38, 0x75, 0x50, 0xcb, 0xeb, 0x18, 0x64, 0xaa, 0x16, 0xef, 0xc3, 0x32, + 0x4b, 0x12, 0x9e, 0x4c, 0xc8, 0xe6, 0x14, 0xd9, 0xe3, 0x3a, 0xd9, 0x7e, 0x39, 0xa9, 0x63, 0x90, + 0x6a, 0xd5, 0xae, 0x05, 0xf3, 0xdf, 0x53, 0xab, 0xbc, 0x1f, 0x08, 0x56, 0xaa, 0x6e, 0xe0, 0x75, + 0x98, 0x4f, 0xdd, 0xc8, 0x4f, 0x9c, 0x0e, 0xf0, 0x2b, 0xb0, 0xb2, 0x23, 0x61, 0x9b, 0x6e, 0xe3, + 0x2e, 0x4b, 0x95, 0xe7, 0x63, 0x0f, 0x5a, 0xf9, 0x91, 0x3b, 0xa2, 0xb2, 0x67, 0x37, 0x14, 0x6f, + 0x05, 0xf3, 0x7e, 0x22, 0x58, 0x9b, 0x61, 0xe9, 0xfd, 0x88, 0xf9, 0x85, 0xf4, 0xc6, 0xaa, 0xaf, + 0xc8, 0xfd, 0xa8, 0x79, 0x01, 0x0f, 0xa7, 0x56, 0x34, 0x55, 0xa2, 0x56, 0x34, 0xbb, 0xf3, 0x75, + 0xe0, 0x9d, 0xea, 0xc5, 0xd4, 0xbd, 0xba, 0xd1, 0x39, 0xaf, 0xdd, 0xf3, 0x68, 0xea, 0x9e, 0x9f, + 0xba, 0x99, 0xcd, 0x19, 0x37, 0xf3, 0xee, 0xdb, 0xbf, 0xb7, 0x0e, 0xba, 0xbe, 0x75, 0xd0, 0xbf, + 0x5b, 0x07, 0xfd, 0x1e, 0x3b, 0xc6, 0xf5, 0xd8, 0x31, 0x6e, 0xc6, 0x8e, 0xf1, 0xe5, 0xf9, 0x1d, + 0xbf, 0x6d, 0x67, 0x0b, 0xea, 0xe7, 0xe5, 0xff, 0x00, 0x00, 0x00, 0xff, 0xff, 0xbc, 0xc0, 0xf7, + 0x30, 0x0d, 0x07, 0x00, 0x00, } func (m *RootChange) Marshal() (dAtA []byte, err error) { @@ -965,10 +964,12 @@ func (m *TreeChange) MarshalToSizedBuffer(dAtA []byte) (int, error) { i-- dAtA[i] = 0x30 } - if m.CurrentReadKeyHash != 0 { - i = encodeVarintTreechange(dAtA, i, uint64(m.CurrentReadKeyHash)) + if len(m.ReadKeyId) > 0 { + i -= len(m.ReadKeyId) + copy(dAtA[i:], m.ReadKeyId) + i = encodeVarintTreechange(dAtA, i, uint64(len(m.ReadKeyId))) i-- - dAtA[i] = 0x28 + dAtA[i] = 0x2a } if len(m.ChangesData) > 0 { i -= len(m.ChangesData) @@ -1543,8 +1544,9 @@ func (m *TreeChange) Size() (n int) { if l > 0 { n += 1 + l + sovTreechange(uint64(l)) } - if m.CurrentReadKeyHash != 0 { - n += 1 + sovTreechange(uint64(m.CurrentReadKeyHash)) + l = len(m.ReadKeyId) + if l > 0 { + n += 1 + l + sovTreechange(uint64(l)) } if m.Timestamp != 0 { n += 1 + sovTreechange(uint64(m.Timestamp)) @@ -2214,10 +2216,10 @@ func (m *TreeChange) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 5: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field CurrentReadKeyHash", wireType) + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ReadKeyId", wireType) } - m.CurrentReadKeyHash = 0 + var stringLen uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowTreechange @@ -2227,11 +2229,24 @@ func (m *TreeChange) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.CurrentReadKeyHash |= uint64(b&0x7F) << shift + stringLen |= uint64(b&0x7F) << shift if b < 0x80 { break } } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthTreechange + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthTreechange + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ReadKeyId = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex case 6: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Timestamp", wireType) From add25062f3f3ef0584f2c59d26a1cbb47325a529 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Fri, 24 Mar 2023 11:45:39 +0100 Subject: [PATCH 02/24] WIP refactor crypto proto --- Makefile | 2 + .../object/acl/aclrecordproto/aclrecord.pb.go | 683 +++++------------- .../acl/aclrecordproto/protos/aclrecord.proto | 7 +- .../object/acl/list/aclrecordbuilder.go | 4 +- commonspace/object/acl/list/aclstate.go | 3 +- .../acl/testutils/acllistbuilder/keychain.go | 5 +- commonspace/object/keychain/keychain.go | 3 +- commonspace/settings/settings_test.go | 4 +- commonspace/spacestorage/spacestorage.go | 4 +- go.mod | 10 +- go.sum | 422 +---------- net/secureservice/credential.go | 4 +- net/secureservice/handshake/handshake_test.go | 8 +- nodeconf/service.go | 3 +- testutil/accounttest/accountservice.go | 6 +- util/crypto/cryptoproto/crypto.pb.go | 596 +++++++++++++++ util/crypto/cryptoproto/protos/crypto.proto | 20 + util/crypto/curve25519.go | 52 ++ .../signingkey => crypto}/ed25519.go | 111 +-- util/crypto/ed25519_test.go | 19 + util/crypto/key.go | 48 ++ util/crypto/x25519.go | 40 + .../asymmetric/encryptionkey/encryptionkey.go | 6 +- util/keys/asymmetric/encryptionkey/rsa.go | 8 +- .../signingkey/edwards25519/ed25519.go | 53 ++ util/keys/asymmetric/signingkey/signingkey.go | 48 +- .../asymmetric/signingkey/signingkey_test.go | 16 + util/keys/decode.go | 5 +- util/keys/key.go | 21 - 29 files changed, 1187 insertions(+), 1024 deletions(-) create mode 100644 util/crypto/cryptoproto/crypto.pb.go create mode 100644 util/crypto/cryptoproto/protos/crypto.proto create mode 100644 util/crypto/curve25519.go rename util/{keys/asymmetric/signingkey => crypto}/ed25519.go (50%) create mode 100644 util/crypto/ed25519_test.go create mode 100644 util/crypto/key.go create mode 100644 util/crypto/x25519.go create mode 100644 util/keys/asymmetric/signingkey/edwards25519/ed25519.go create mode 100644 util/keys/asymmetric/signingkey/signingkey_test.go delete mode 100644 util/keys/key.go diff --git a/Makefile b/Makefile index 50b46882..4c8f788f 100644 --- a/Makefile +++ b/Makefile @@ -7,11 +7,13 @@ proto: @$(eval P_ACL_RECORDS_PATH_PB := commonspace/object/acl/aclrecordproto) @$(eval P_TREE_CHANGES_PATH_PB := commonspace/object/tree/treechangeproto) + @$(eval P_CRYPTO_PATH_PB := util/keys/cryptoproto) @$(eval P_ACL_RECORDS := M$(P_ACL_RECORDS_PATH_PB)/protos/aclrecord.proto=github.com/anytypeio/any-sync/$(P_ACL_RECORDS_PATH_PB)) @$(eval P_TREE_CHANGES := M$(P_TREE_CHANGES_PATH_PB)/protos/treechange.proto=github.com/anytypeio/any-sync/$(P_TREE_CHANGES_PATH_PB)) protoc --gogofaster_out=:. $(P_ACL_RECORDS_PATH_PB)/protos/*.proto protoc --gogofaster_out=:. $(P_TREE_CHANGES_PATH_PB)/protos/*.proto + protoc --gogofaster_out=:. $(P_CRYPTO_PATH_PB)/protos/*.proto $(eval PKGMAP := $$(P_TREE_CHANGES),$$(P_ACL_RECORDS)) protoc --gogofaster_out=$(PKGMAP):. --go-drpc_out=protolib=github.com/gogo/protobuf:. commonspace/spacesyncproto/protos/*.proto protoc --gogofaster_out=$(PKGMAP):. --go-drpc_out=protolib=github.com/gogo/protobuf:. commonfile/fileproto/protos/*.proto diff --git a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go index 3a25533b..c596996c 100644 --- a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go +++ b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go @@ -171,11 +171,11 @@ func (m *RawAclRecordWithId) GetId() string { } type AclRecord struct { - PrevId string `protobuf:"bytes,1,opt,name=prevId,proto3" json:"prevId,omitempty"` - Identity []byte `protobuf:"bytes,2,opt,name=identity,proto3" json:"identity,omitempty"` - Data []byte `protobuf:"bytes,3,opt,name=data,proto3" json:"data,omitempty"` - CurrentReadKeyHash uint64 `protobuf:"varint,4,opt,name=currentReadKeyHash,proto3" json:"currentReadKeyHash,omitempty"` - Timestamp int64 `protobuf:"varint,5,opt,name=timestamp,proto3" json:"timestamp,omitempty"` + PrevId string `protobuf:"bytes,1,opt,name=prevId,proto3" json:"prevId,omitempty"` + Identity []byte `protobuf:"bytes,2,opt,name=identity,proto3" json:"identity,omitempty"` + Data []byte `protobuf:"bytes,3,opt,name=data,proto3" json:"data,omitempty"` + ReadKeyId string `protobuf:"bytes,4,opt,name=readKeyId,proto3" json:"readKeyId,omitempty"` + Timestamp int64 `protobuf:"varint,5,opt,name=timestamp,proto3" json:"timestamp,omitempty"` } func (m *AclRecord) Reset() { *m = AclRecord{} } @@ -232,11 +232,11 @@ func (m *AclRecord) GetData() []byte { return nil } -func (m *AclRecord) GetCurrentReadKeyHash() uint64 { +func (m *AclRecord) GetReadKeyId() string { if m != nil { - return m.CurrentReadKeyHash + return m.ReadKeyId } - return 0 + return "" } func (m *AclRecord) GetTimestamp() int64 { @@ -248,12 +248,11 @@ func (m *AclRecord) GetTimestamp() int64 { type AclRoot struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptionKey []byte `protobuf:"bytes,2,opt,name=encryptionKey,proto3" json:"encryptionKey,omitempty"` - SpaceId string `protobuf:"bytes,3,opt,name=spaceId,proto3" json:"spaceId,omitempty"` - EncryptedReadKey []byte `protobuf:"bytes,4,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` - DerivationScheme string `protobuf:"bytes,5,opt,name=derivationScheme,proto3" json:"derivationScheme,omitempty"` - CurrentReadKeyHash uint64 `protobuf:"varint,6,opt,name=currentReadKeyHash,proto3" json:"currentReadKeyHash,omitempty"` - Timestamp int64 `protobuf:"varint,7,opt,name=timestamp,proto3" json:"timestamp,omitempty"` + SpaceId string `protobuf:"bytes,2,opt,name=spaceId,proto3" json:"spaceId,omitempty"` + EncryptedReadKey []byte `protobuf:"bytes,3,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` + DerivationScheme string `protobuf:"bytes,4,opt,name=derivationScheme,proto3" json:"derivationScheme,omitempty"` + CurrentReadKeyHash uint64 `protobuf:"varint,5,opt,name=currentReadKeyHash,proto3" json:"currentReadKeyHash,omitempty"` + Timestamp int64 `protobuf:"varint,6,opt,name=timestamp,proto3" json:"timestamp,omitempty"` } func (m *AclRoot) Reset() { *m = AclRoot{} } @@ -296,13 +295,6 @@ func (m *AclRoot) GetIdentity() []byte { return nil } -func (m *AclRoot) GetEncryptionKey() []byte { - if m != nil { - return m.EncryptionKey - } - return nil -} - func (m *AclRoot) GetSpaceId() string { if m != nil { return m.SpaceId @@ -508,9 +500,9 @@ func (m *AclData) GetAclContent() []*AclContentValue { } type AclState struct { - ReadKeyHashes []uint64 `protobuf:"varint,1,rep,packed,name=readKeyHashes,proto3" json:"readKeyHashes,omitempty"` - UserStates []*AclUserState `protobuf:"bytes,2,rep,name=userStates,proto3" json:"userStates,omitempty"` - Invites map[string]*AclUserInvite `protobuf:"bytes,3,rep,name=invites,proto3" json:"invites,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + ReadKeyIds []string `protobuf:"bytes,1,rep,name=readKeyIds,proto3" json:"readKeyIds,omitempty"` + UserStates []*AclUserState `protobuf:"bytes,2,rep,name=userStates,proto3" json:"userStates,omitempty"` + Invites map[string]*AclUserInvite `protobuf:"bytes,3,rep,name=invites,proto3" json:"invites,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` } func (m *AclState) Reset() { *m = AclState{} } @@ -546,9 +538,9 @@ func (m *AclState) XXX_DiscardUnknown() { var xxx_messageInfo_AclState proto.InternalMessageInfo -func (m *AclState) GetReadKeyHashes() []uint64 { +func (m *AclState) GetReadKeyIds() []string { if m != nil { - return m.ReadKeyHashes + return m.ReadKeyIds } return nil } @@ -568,9 +560,8 @@ func (m *AclState) GetInvites() map[string]*AclUserInvite { } type AclUserState struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptionKey []byte `protobuf:"bytes,2,opt,name=encryptionKey,proto3" json:"encryptionKey,omitempty"` - Permissions AclUserPermissions `protobuf:"varint,3,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` + Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + Permissions AclUserPermissions `protobuf:"varint,2,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` } func (m *AclUserState) Reset() { *m = AclUserState{} } @@ -613,13 +604,6 @@ func (m *AclUserState) GetIdentity() []byte { return nil } -func (m *AclUserState) GetEncryptionKey() []byte { - if m != nil { - return m.EncryptionKey - } - return nil -} - func (m *AclUserState) GetPermissions() AclUserPermissions { if m != nil { return m.Permissions @@ -629,9 +613,8 @@ func (m *AclUserState) GetPermissions() AclUserPermissions { type AclUserAdd struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptionKey []byte `protobuf:"bytes,2,opt,name=encryptionKey,proto3" json:"encryptionKey,omitempty"` - EncryptedReadKeys [][]byte `protobuf:"bytes,3,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` - Permissions AclUserPermissions `protobuf:"varint,4,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` + EncryptedReadKeys [][]byte `protobuf:"bytes,2,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` + Permissions AclUserPermissions `protobuf:"varint,3,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` } func (m *AclUserAdd) Reset() { *m = AclUserAdd{} } @@ -674,13 +657,6 @@ func (m *AclUserAdd) GetIdentity() []byte { return nil } -func (m *AclUserAdd) GetEncryptionKey() []byte { - if m != nil { - return m.EncryptionKey - } - return nil -} - func (m *AclUserAdd) GetEncryptedReadKeys() [][]byte { if m != nil { return m.EncryptedReadKeys @@ -697,9 +673,8 @@ func (m *AclUserAdd) GetPermissions() AclUserPermissions { type AclUserInvite struct { AcceptPublicKey []byte `protobuf:"bytes,1,opt,name=acceptPublicKey,proto3" json:"acceptPublicKey,omitempty"` - EncryptSymKeyHash uint64 `protobuf:"varint,2,opt,name=encryptSymKeyHash,proto3" json:"encryptSymKeyHash,omitempty"` - EncryptedReadKeys [][]byte `protobuf:"bytes,3,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` - Permissions AclUserPermissions `protobuf:"varint,4,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` + EncryptedReadKeys [][]byte `protobuf:"bytes,2,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` + Permissions AclUserPermissions `protobuf:"varint,3,opt,name=permissions,proto3,enum=aclrecord.AclUserPermissions" json:"permissions,omitempty"` } func (m *AclUserInvite) Reset() { *m = AclUserInvite{} } @@ -742,13 +717,6 @@ func (m *AclUserInvite) GetAcceptPublicKey() []byte { return nil } -func (m *AclUserInvite) GetEncryptSymKeyHash() uint64 { - if m != nil { - return m.EncryptSymKeyHash - } - return 0 -} - func (m *AclUserInvite) GetEncryptedReadKeys() [][]byte { if m != nil { return m.EncryptedReadKeys @@ -765,10 +733,9 @@ func (m *AclUserInvite) GetPermissions() AclUserPermissions { type AclUserJoin struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptionKey []byte `protobuf:"bytes,2,opt,name=encryptionKey,proto3" json:"encryptionKey,omitempty"` - AcceptSignature []byte `protobuf:"bytes,3,opt,name=acceptSignature,proto3" json:"acceptSignature,omitempty"` - AcceptPubKey []byte `protobuf:"bytes,4,opt,name=acceptPubKey,proto3" json:"acceptPubKey,omitempty"` - EncryptedReadKeys [][]byte `protobuf:"bytes,5,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` + AcceptSignature []byte `protobuf:"bytes,2,opt,name=acceptSignature,proto3" json:"acceptSignature,omitempty"` + AcceptPubKey []byte `protobuf:"bytes,3,opt,name=acceptPubKey,proto3" json:"acceptPubKey,omitempty"` + EncryptedReadKeys [][]byte `protobuf:"bytes,4,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` } func (m *AclUserJoin) Reset() { *m = AclUserJoin{} } @@ -811,13 +778,6 @@ func (m *AclUserJoin) GetIdentity() []byte { return nil } -func (m *AclUserJoin) GetEncryptionKey() []byte { - if m != nil { - return m.EncryptionKey - } - return nil -} - func (m *AclUserJoin) GetAcceptSignature() []byte { if m != nil { return m.AcceptSignature @@ -893,8 +853,7 @@ func (m *AclUserRemove) GetReadKeyReplaces() []*AclReadKeyReplace { type AclReadKeyReplace struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptionKey []byte `protobuf:"bytes,2,opt,name=encryptionKey,proto3" json:"encryptionKey,omitempty"` - EncryptedReadKey []byte `protobuf:"bytes,3,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` + EncryptedReadKey []byte `protobuf:"bytes,2,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` } func (m *AclReadKeyReplace) Reset() { *m = AclReadKeyReplace{} } @@ -937,13 +896,6 @@ func (m *AclReadKeyReplace) GetIdentity() []byte { return nil } -func (m *AclReadKeyReplace) GetEncryptionKey() []byte { - if m != nil { - return m.EncryptionKey - } - return nil -} - func (m *AclReadKeyReplace) GetEncryptedReadKey() []byte { if m != nil { return m.EncryptedReadKey @@ -1004,7 +956,7 @@ func (m *AclUserPermissionChange) GetPermissions() AclUserPermissions { } type AclSyncMessage struct { - Content *AclSyncContentValue `protobuf:"bytes,2,opt,name=content,proto3" json:"content,omitempty"` + Content *AclSyncContentValue `protobuf:"bytes,1,opt,name=content,proto3" json:"content,omitempty"` } func (m *AclSyncMessage) Reset() { *m = AclSyncMessage{} } @@ -1192,68 +1144,65 @@ func init() { } var fileDescriptor_c8e9f754f34e929b = []byte{ - // 962 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0xcf, 0x6f, 0x1b, 0xc5, - 0x17, 0xf7, 0xac, 0x9d, 0x38, 0x7e, 0x76, 0x13, 0x67, 0xbe, 0x5f, 0x5a, 0x2b, 0x2a, 0x56, 0xb4, - 0x02, 0x29, 0xaa, 0x2a, 0x47, 0x18, 0xa4, 0x54, 0x11, 0xa2, 0x72, 0x4b, 0x91, 0xdd, 0x08, 0xa9, - 0x9a, 0x00, 0x45, 0xbd, 0x4d, 0x66, 0x47, 0xc9, 0xc2, 0xfe, 0xd2, 0xcc, 0xd8, 0x68, 0x8f, 0x9c, - 0xb9, 0xc0, 0x7f, 0x00, 0x7f, 0x08, 0x77, 0x24, 0x2e, 0xbd, 0x80, 0x38, 0xa2, 0xe4, 0xcf, 0xe0, - 0x82, 0x66, 0xf6, 0xf7, 0xae, 0x13, 0xb5, 0x52, 0xc4, 0x21, 0xc9, 0xcc, 0x7b, 0x9f, 0x37, 0xf9, - 0xbc, 0xcf, 0x7b, 0xf3, 0x66, 0xe1, 0x63, 0x16, 0xfa, 0x7e, 0x18, 0xc8, 0x88, 0x32, 0x7e, 0x18, - 0x9e, 0x7d, 0xc3, 0x99, 0x3a, 0xa4, 0xcc, 0xd3, 0x3f, 0x82, 0xb3, 0x50, 0x38, 0x91, 0x08, 0x55, - 0x78, 0x68, 0x7e, 0xcb, 0xc2, 0x3a, 0x31, 0x06, 0xdc, 0xcb, 0x0d, 0xf6, 0xcf, 0x08, 0x06, 0x84, - 0x7e, 0x37, 0x63, 0x1e, 0x31, 0x06, 0x3c, 0x82, 0x6e, 0x44, 0x63, 0x2f, 0xa4, 0xce, 0x08, 0xed, - 0xa3, 0x83, 0x01, 0xc9, 0xb6, 0xf8, 0x3e, 0xf4, 0xa4, 0x7b, 0x1e, 0x50, 0xb5, 0x14, 0x7c, 0x64, - 0x19, 0x5f, 0x61, 0xc0, 0x0f, 0x60, 0x48, 0x19, 0xe3, 0x91, 0x0a, 0xc5, 0xc2, 0xe1, 0x81, 0x72, - 0x55, 0x3c, 0x6a, 0x1b, 0x50, 0xc3, 0x8e, 0x1f, 0xc2, 0x6e, 0x66, 0x3b, 0xcd, 0x4f, 0xec, 0x18, - 0x70, 0xd3, 0x61, 0x7f, 0x02, 0xb8, 0xcc, 0xf0, 0xa5, 0xab, 0x2e, 0x16, 0x37, 0xf1, 0xdc, 0x06, - 0xcb, 0x75, 0x0c, 0xc1, 0x1e, 0xb1, 0x5c, 0xc7, 0xfe, 0x05, 0x41, 0xaf, 0xc8, 0xef, 0x2e, 0x6c, - 0x46, 0x82, 0xaf, 0x16, 0x49, 0x58, 0x8f, 0xa4, 0x3b, 0xbc, 0x07, 0x5b, 0x6e, 0xc6, 0x3b, 0x49, - 0x2e, 0xdf, 0x63, 0x0c, 0x1d, 0x87, 0x2a, 0x9a, 0xe6, 0x63, 0xd6, 0x78, 0x02, 0x98, 0x2d, 0x85, - 0xe0, 0x81, 0x22, 0x9c, 0x3a, 0x27, 0x3c, 0x9e, 0x53, 0x79, 0x61, 0x92, 0xe8, 0x90, 0x35, 0x1e, - 0xad, 0x9e, 0x72, 0x7d, 0x2e, 0x15, 0xf5, 0xa3, 0xd1, 0xc6, 0x3e, 0x3a, 0x68, 0x93, 0xc2, 0x60, - 0xff, 0x60, 0x41, 0x57, 0x73, 0x0c, 0x43, 0x55, 0x61, 0x82, 0x6a, 0x4c, 0xde, 0x83, 0x3b, 0x3c, - 0x60, 0x22, 0x8e, 0x94, 0x1b, 0x06, 0x27, 0x3c, 0xa3, 0x5a, 0x35, 0x6a, 0x6d, 0x4c, 0x67, 0x2c, - 0x1c, 0x43, 0xb9, 0x47, 0xb2, 0xad, 0xae, 0x52, 0x0a, 0xe5, 0x4e, 0xca, 0x2e, 0x15, 0xbe, 0x61, - 0xd7, 0x58, 0x87, 0x0b, 0x77, 0x45, 0xf5, 0xb1, 0xa7, 0xec, 0x82, 0xfb, 0xdc, 0x10, 0xef, 0x91, - 0x86, 0xfd, 0x1a, 0x35, 0x36, 0xdf, 0x4c, 0x8d, 0x6e, 0x5d, 0x8d, 0x3f, 0x2c, 0xd8, 0x99, 0x31, - 0xef, 0x69, 0x18, 0x28, 0x1e, 0xa8, 0xaf, 0xa8, 0xb7, 0xe4, 0xf8, 0x03, 0xe8, 0x2e, 0x25, 0x17, - 0x33, 0x27, 0x29, 0x5c, 0x7f, 0xfa, 0xce, 0xa4, 0x68, 0xeb, 0x19, 0xf3, 0xbe, 0x4c, 0x9c, 0xf3, - 0x16, 0xc9, 0x70, 0xf8, 0x18, 0x40, 0x2f, 0x09, 0xf7, 0xc3, 0x55, 0xd2, 0xb1, 0xfd, 0xe9, 0xa8, - 0x19, 0x95, 0xf8, 0xe7, 0x2d, 0x52, 0x42, 0xe3, 0xaf, 0xe1, 0xff, 0x7a, 0xf7, 0x82, 0x0b, 0xdf, - 0x95, 0xd2, 0x0d, 0x83, 0xa7, 0x17, 0x34, 0x38, 0xe7, 0x46, 0xcf, 0xfe, 0xd4, 0x6e, 0x9e, 0x52, - 0x47, 0xce, 0x5b, 0x64, 0xed, 0x09, 0x19, 0xab, 0x45, 0xb0, 0x72, 0x55, 0xd2, 0xf5, 0x6b, 0x59, - 0x25, 0xfe, 0x8c, 0x55, 0xb2, 0xc3, 0x1f, 0xc1, 0x96, 0xde, 0x3d, 0x0f, 0xdd, 0xc0, 0x94, 0xa2, - 0x3f, 0xbd, 0xdb, 0x8c, 0xd4, 0xde, 0x79, 0x8b, 0xe4, 0xc8, 0x27, 0x5d, 0xd8, 0x58, 0x69, 0x0d, - 0xed, 0x67, 0xa6, 0xc9, 0x3e, 0xd5, 0xed, 0x7b, 0x0c, 0x40, 0x73, 0x85, 0x47, 0x68, 0xbf, 0x7d, - 0xd0, 0x9f, 0xee, 0x55, 0xcf, 0x2a, 0xcb, 0x4f, 0x4a, 0x68, 0xfb, 0x1f, 0x04, 0x5b, 0x33, 0xe6, - 0x9d, 0x2a, 0xaa, 0xb8, 0xee, 0x48, 0x51, 0x14, 0x96, 0x4b, 0x73, 0x56, 0x87, 0x54, 0x8d, 0xf8, - 0x28, 0x49, 0xda, 0x84, 0xc8, 0x91, 0x65, 0xfe, 0xdd, 0xbd, 0x26, 0x75, 0xe3, 0x27, 0x25, 0x28, - 0x3e, 0x86, 0xae, 0x6b, 0x72, 0x97, 0xa3, 0xb6, 0x89, 0xda, 0xaf, 0x46, 0x19, 0xd8, 0x24, 0x91, - 0x47, 0x3e, 0x0b, 0x94, 0x88, 0x49, 0x16, 0xb0, 0xf7, 0x05, 0x0c, 0xca, 0x0e, 0x3c, 0x84, 0xf6, - 0xb7, 0x3c, 0x4e, 0xef, 0xbd, 0x5e, 0xe2, 0x49, 0xaa, 0xcc, 0xf5, 0xcd, 0x91, 0x1c, 0x40, 0x12, - 0xd8, 0xb1, 0xf5, 0x08, 0xd9, 0x3f, 0x21, 0x18, 0x94, 0xe9, 0xde, 0xc2, 0x7d, 0x7d, 0x0c, 0xfd, - 0x28, 0x6f, 0x13, 0x69, 0x7a, 0x6c, 0x7b, 0xfa, 0xee, 0x4d, 0x3d, 0x26, 0x49, 0x39, 0xc2, 0xfe, - 0x15, 0x01, 0x14, 0x77, 0xe0, 0x16, 0x18, 0x3d, 0x84, 0xdd, 0xfa, 0x3c, 0x48, 0x0a, 0x30, 0x20, - 0x4d, 0x47, 0x9d, 0x7f, 0xe7, 0xad, 0xf9, 0xff, 0x89, 0xe0, 0x4e, 0x45, 0x70, 0x7c, 0x00, 0x3b, - 0xc9, 0x4b, 0xf0, 0x62, 0x79, 0xe6, 0xb9, 0xec, 0x84, 0x67, 0x99, 0xd4, 0xcd, 0x25, 0xaa, 0xa7, - 0xb1, 0x9f, 0x4d, 0x1e, 0xcb, 0x4c, 0x9e, 0xa6, 0xe3, 0xbf, 0x4e, 0xec, 0x77, 0x04, 0xfd, 0xd2, - 0xb5, 0xbc, 0x85, 0xca, 0xe4, 0xc2, 0x14, 0x2f, 0x67, 0xbb, 0x2c, 0x4c, 0x6e, 0xc6, 0x36, 0x0c, - 0x72, 0xad, 0x8a, 0x39, 0x5f, 0xb1, 0xad, 0x97, 0x63, 0xe3, 0x1a, 0x39, 0x6c, 0x99, 0x57, 0x29, - 0x9d, 0x92, 0x37, 0xa5, 0xf3, 0x19, 0xec, 0xa4, 0x33, 0x80, 0xf0, 0xc8, 0xa3, 0x2c, 0xbf, 0xf7, - 0xf7, 0xab, 0xfa, 0x91, 0x0a, 0x88, 0xd4, 0x83, 0xec, 0xef, 0x11, 0xec, 0x36, 0x60, 0xb7, 0x20, - 0xe4, 0xba, 0xa7, 0xb0, 0xbd, 0xfe, 0x29, 0xb4, 0x57, 0x70, 0xef, 0x9a, 0x31, 0x7f, 0x23, 0x91, - 0x5a, 0xfb, 0x58, 0x6f, 0xdd, 0x3e, 0xcf, 0x61, 0x5b, 0xcf, 0xb8, 0x38, 0x60, 0x9f, 0x73, 0x29, - 0xe9, 0x39, 0xc7, 0x8f, 0xa0, 0xcb, 0xd2, 0xa1, 0x9d, 0xcc, 0xac, 0x71, 0x6d, 0x1e, 0xc6, 0x01, - 0xab, 0x0c, 0xee, 0x0c, 0x6e, 0xbf, 0x82, 0xff, 0xad, 0xf1, 0x9b, 0x87, 0xc0, 0x71, 0x92, 0x8f, - 0x23, 0x99, 0x3e, 0xad, 0xb5, 0x39, 0x38, 0xcb, 0xfd, 0xfa, 0x39, 0x2a, 0xd0, 0xc5, 0xc3, 0x32, - 0x37, 0x8d, 0x51, 0xe0, 0xf0, 0x11, 0x74, 0x45, 0x7e, 0xa4, 0x2e, 0x7a, 0x39, 0xeb, 0xe6, 0xd7, - 0x1c, 0xc9, 0xd0, 0x0f, 0x8e, 0x00, 0x37, 0x45, 0xc1, 0x3d, 0xd8, 0x98, 0x39, 0xbe, 0x1b, 0x0c, - 0x5b, 0x18, 0x60, 0xf3, 0xa5, 0x70, 0x15, 0x17, 0x43, 0xa4, 0xd7, 0xba, 0x42, 0x5c, 0x0c, 0xad, - 0x27, 0x8f, 0x7f, 0xbb, 0x1c, 0xa3, 0xd7, 0x97, 0x63, 0xf4, 0xf7, 0xe5, 0x18, 0xfd, 0x78, 0x35, - 0x6e, 0xbd, 0xbe, 0x1a, 0xb7, 0xfe, 0xba, 0x1a, 0xb7, 0x5e, 0xbd, 0xff, 0x46, 0xdf, 0xca, 0x67, - 0x9b, 0xe6, 0xcf, 0x87, 0xff, 0x06, 0x00, 0x00, 0xff, 0xff, 0x3e, 0xd9, 0x79, 0xd5, 0x5b, 0x0b, - 0x00, 0x00, + // 926 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0x4f, 0x6f, 0x1b, 0x45, + 0x14, 0xf7, 0xd8, 0x49, 0x1c, 0x3f, 0x9b, 0xc4, 0x19, 0xa0, 0x5d, 0x45, 0xc5, 0x8a, 0x56, 0x42, + 0x8a, 0xaa, 0xca, 0x11, 0x06, 0x29, 0x55, 0x84, 0xa8, 0xdc, 0x52, 0x64, 0xb7, 0x42, 0xaa, 0x26, + 0x40, 0x51, 0x39, 0x4d, 0x66, 0x47, 0xc9, 0x50, 0x7b, 0x77, 0x35, 0x33, 0x36, 0xf2, 0xa7, 0x80, + 0x1b, 0x57, 0x2e, 0x48, 0x7c, 0x14, 0x8e, 0xbd, 0x20, 0x71, 0x44, 0x89, 0xf8, 0x08, 0xdc, 0xd1, + 0xcc, 0xec, 0xff, 0x75, 0x2c, 0x38, 0xc0, 0x21, 0xf1, 0xce, 0x7b, 0xbf, 0x37, 0xf3, 0x7b, 0xbf, + 0x79, 0xef, 0xed, 0xc2, 0xc7, 0x2c, 0x9a, 0xcf, 0xa3, 0x50, 0xc5, 0x94, 0xf1, 0x93, 0xe8, 0xe2, + 0x5b, 0xce, 0xf4, 0x09, 0x65, 0x33, 0xf3, 0x27, 0x39, 0x8b, 0x64, 0x10, 0xcb, 0x48, 0x47, 0x27, + 0xf6, 0xbf, 0xca, 0xad, 0x43, 0x6b, 0xc0, 0x9d, 0xcc, 0xe0, 0xff, 0x84, 0xa0, 0x47, 0xe8, 0x77, + 0x63, 0x36, 0x23, 0xd6, 0x80, 0x3d, 0x68, 0xc7, 0x74, 0x35, 0x8b, 0x68, 0xe0, 0xa1, 0x23, 0x74, + 0xdc, 0x23, 0xe9, 0x12, 0xdf, 0x83, 0x8e, 0x12, 0x97, 0x21, 0xd5, 0x0b, 0xc9, 0xbd, 0xa6, 0xf5, + 0xe5, 0x06, 0x7c, 0x1f, 0xfa, 0x94, 0x31, 0x1e, 0xeb, 0x48, 0x4e, 0x03, 0x1e, 0x6a, 0xa1, 0x57, + 0x5e, 0xcb, 0x82, 0x6a, 0x76, 0xfc, 0x00, 0x0e, 0x52, 0xdb, 0x79, 0xb6, 0xe3, 0x96, 0x05, 0xd7, + 0x1d, 0xfe, 0x27, 0x80, 0x8b, 0x0c, 0x5f, 0x0a, 0x7d, 0x35, 0xdd, 0xc4, 0x73, 0x0f, 0x9a, 0x22, + 0xb0, 0x04, 0x3b, 0xa4, 0x29, 0x02, 0xff, 0x7b, 0x04, 0x9d, 0x3c, 0xbf, 0x3b, 0xb0, 0x13, 0x4b, + 0xbe, 0x9c, 0xba, 0xb0, 0x0e, 0x49, 0x56, 0xf8, 0x10, 0x76, 0x45, 0xca, 0xdb, 0x25, 0x97, 0xad, + 0x31, 0x86, 0xad, 0x80, 0x6a, 0x9a, 0xe4, 0x63, 0x9f, 0x8d, 0x1a, 0x92, 0xd3, 0xe0, 0x39, 0x5f, + 0x4d, 0x03, 0xcb, 0xbd, 0x43, 0x72, 0x83, 0xf1, 0x6a, 0x31, 0xe7, 0x4a, 0xd3, 0x79, 0xec, 0x6d, + 0x1f, 0xa1, 0xe3, 0x16, 0xc9, 0x0d, 0xfe, 0x9f, 0x08, 0xda, 0x86, 0x51, 0x14, 0xe9, 0xd2, 0xb9, + 0xa8, 0x72, 0xae, 0x07, 0x6d, 0x7b, 0xc3, 0xd3, 0x34, 0x9d, 0x74, 0x69, 0xd4, 0xe6, 0x21, 0x93, + 0xab, 0x58, 0xf3, 0x80, 0xb8, 0x53, 0x53, 0xb5, 0xab, 0x76, 0x83, 0x0d, 0xb8, 0x14, 0x4b, 0xaa, + 0x45, 0x14, 0x9e, 0xb3, 0x2b, 0x3e, 0xe7, 0x09, 0xe1, 0x9a, 0x1d, 0x0f, 0x01, 0xb3, 0x85, 0x94, + 0x3c, 0xd4, 0x49, 0xf4, 0x84, 0xaa, 0x2b, 0x9b, 0xc0, 0x16, 0x59, 0xe3, 0x29, 0xe7, 0xb9, 0x53, + 0xcd, 0xf3, 0xb7, 0x26, 0xec, 0x8f, 0xd9, 0xec, 0x49, 0x14, 0x6a, 0x1e, 0xea, 0xaf, 0xe8, 0x6c, + 0xc1, 0xf1, 0x07, 0xd0, 0x5e, 0x28, 0x2e, 0xc7, 0x81, 0xbb, 0x80, 0xee, 0xe8, 0xdd, 0x61, 0x5e, + 0x9e, 0x63, 0x36, 0xfb, 0xd2, 0x39, 0x27, 0x0d, 0x92, 0xe2, 0xf0, 0x19, 0x80, 0x79, 0x24, 0x7c, + 0x1e, 0x2d, 0x5d, 0xe5, 0x75, 0x47, 0x5e, 0x3d, 0xca, 0xf9, 0x27, 0x0d, 0x52, 0x40, 0xe3, 0xaf, + 0xe1, 0x1d, 0xb3, 0x7a, 0xc1, 0xe5, 0x5c, 0x28, 0x25, 0xa2, 0xf0, 0xc9, 0x15, 0x0d, 0x2f, 0xb9, + 0x15, 0xab, 0x3b, 0xf2, 0xeb, 0xbb, 0x54, 0x91, 0x93, 0x06, 0x59, 0xbb, 0x43, 0xca, 0x6a, 0x1a, + 0x2e, 0x85, 0x76, 0x82, 0xae, 0x65, 0xe5, 0xfc, 0x29, 0x2b, 0xb7, 0xc2, 0x1f, 0xc1, 0xae, 0x59, + 0x3d, 0x8b, 0x44, 0x68, 0xc5, 0xed, 0x8e, 0xee, 0xd4, 0x23, 0x8d, 0x77, 0xd2, 0x20, 0x19, 0xf2, + 0x71, 0x1b, 0xb6, 0x97, 0x46, 0x43, 0xff, 0xa9, 0x2d, 0x9f, 0x4f, 0x4d, 0x19, 0x9e, 0x01, 0xd0, + 0x4c, 0x61, 0x0f, 0x1d, 0xb5, 0x8e, 0xbb, 0xa3, 0xc3, 0xf2, 0x5e, 0x45, 0xf9, 0x49, 0x01, 0xed, + 0xff, 0x85, 0x60, 0x77, 0xcc, 0x66, 0xe7, 0x9a, 0x6a, 0x8e, 0x07, 0x00, 0x59, 0xf9, 0x2a, 0xbb, + 0x51, 0x87, 0x14, 0x2c, 0xf8, 0xd4, 0xa5, 0x6b, 0xc1, 0xca, 0x6b, 0xda, 0x83, 0xee, 0xd6, 0x49, + 0x5b, 0x3f, 0x29, 0x40, 0xf1, 0x19, 0xb4, 0x85, 0xcd, 0x5a, 0x79, 0x2d, 0x1b, 0x75, 0x54, 0x8e, + 0xb2, 0xb0, 0xa1, 0x13, 0x46, 0x3d, 0x0d, 0xb5, 0x5c, 0x91, 0x34, 0xe0, 0xf0, 0x0b, 0xe8, 0x15, + 0x1d, 0xb8, 0x0f, 0xad, 0xd7, 0x7c, 0x95, 0x74, 0xae, 0x79, 0xc4, 0xc3, 0x44, 0x93, 0xdb, 0xcb, + 0xc2, 0x6d, 0x40, 0x1c, 0xec, 0xac, 0xf9, 0x10, 0xf9, 0xaf, 0xa1, 0x57, 0x64, 0xbb, 0xb1, 0x05, + 0x1f, 0x41, 0x37, 0xce, 0x6e, 0x5e, 0xd9, 0x53, 0xf6, 0x46, 0xef, 0x6d, 0x2a, 0x1b, 0x45, 0x8a, + 0x11, 0xfe, 0x8f, 0x08, 0x20, 0x2f, 0xeb, 0x8d, 0x67, 0x3d, 0x80, 0x83, 0x6a, 0xf3, 0x3a, 0xa5, + 0x7b, 0xa4, 0xee, 0xa8, 0x32, 0x6b, 0xfd, 0x6b, 0x66, 0xbf, 0x20, 0x78, 0xab, 0xa4, 0x11, 0x3e, + 0x86, 0x7d, 0x37, 0x7e, 0x5f, 0x2c, 0x2e, 0x66, 0x82, 0x3d, 0xe7, 0x29, 0xc7, 0xaa, 0xf9, 0xff, + 0xa6, 0xfa, 0x33, 0x82, 0x6e, 0xa1, 0x2b, 0x36, 0xaa, 0x98, 0x25, 0x71, 0x5e, 0x79, 0x59, 0x55, + 0xcd, 0xd8, 0x87, 0x5e, 0x96, 0x57, 0x3e, 0x40, 0x4b, 0xb6, 0xf5, 0x89, 0x6e, 0xdd, 0x92, 0xa8, + 0xaf, 0x32, 0x45, 0x93, 0xf1, 0xb3, 0x89, 0xe8, 0x67, 0xb0, 0x9f, 0xf4, 0x17, 0xe1, 0xf1, 0x8c, + 0xb2, 0xac, 0xad, 0xee, 0x95, 0x95, 0x21, 0x25, 0x10, 0xa9, 0x06, 0xf9, 0xdf, 0xc0, 0x41, 0x0d, + 0xb5, 0xf1, 0xe0, 0x75, 0x2f, 0x8f, 0xe6, 0xfa, 0x97, 0x87, 0xbf, 0x84, 0xbb, 0xb7, 0x0c, 0xc6, + 0xff, 0xb6, 0x6d, 0x9e, 0xc1, 0x9e, 0x99, 0x0d, 0xab, 0x90, 0x7d, 0xce, 0x95, 0xa2, 0x97, 0x1c, + 0x3f, 0x84, 0x36, 0xcb, 0xc6, 0x9c, 0xe9, 0xf5, 0x41, 0x65, 0x8e, 0xac, 0x42, 0x56, 0x1a, 0x75, + 0x29, 0xdc, 0x7f, 0x05, 0x6f, 0xaf, 0xf1, 0xdb, 0xd1, 0x19, 0x04, 0xee, 0xb3, 0x40, 0x25, 0x7b, + 0x56, 0xe6, 0xc7, 0x38, 0xf3, 0x9b, 0x01, 0x9e, 0xa3, 0xf3, 0x51, 0x3c, 0xb1, 0x37, 0x9e, 0xe3, + 0xf0, 0x29, 0xb4, 0x65, 0xb6, 0xa5, 0xb9, 0xcd, 0x62, 0xd6, 0xf5, 0xef, 0x18, 0x92, 0xa2, 0xef, + 0x9f, 0x02, 0xae, 0x8b, 0x82, 0x3b, 0xb0, 0x3d, 0x0e, 0xe6, 0x22, 0xec, 0x37, 0x30, 0xc0, 0xce, + 0x4b, 0x29, 0x34, 0x97, 0x7d, 0x64, 0x9e, 0xcd, 0x0d, 0x71, 0xd9, 0x6f, 0x3e, 0x7e, 0xf4, 0xeb, + 0xf5, 0x00, 0xbd, 0xb9, 0x1e, 0xa0, 0x3f, 0xae, 0x07, 0xe8, 0x87, 0x9b, 0x41, 0xe3, 0xcd, 0xcd, + 0xa0, 0xf1, 0xfb, 0xcd, 0xa0, 0xf1, 0xea, 0xfd, 0x7f, 0xf4, 0x95, 0x78, 0xb1, 0x63, 0x7f, 0x3e, + 0xfc, 0x3b, 0x00, 0x00, 0xff, 0xff, 0xca, 0x28, 0x1e, 0x14, 0x55, 0x0a, 0x00, 0x00, } func (m *RawAclRecord) Marshal() (dAtA []byte, err error) { @@ -1369,10 +1318,12 @@ func (m *AclRecord) MarshalToSizedBuffer(dAtA []byte) (int, error) { i-- dAtA[i] = 0x28 } - if m.CurrentReadKeyHash != 0 { - i = encodeVarintAclrecord(dAtA, i, uint64(m.CurrentReadKeyHash)) + if len(m.ReadKeyId) > 0 { + i -= len(m.ReadKeyId) + copy(dAtA[i:], m.ReadKeyId) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.ReadKeyId))) i-- - dAtA[i] = 0x20 + dAtA[i] = 0x22 } if len(m.Data) > 0 { i -= len(m.Data) @@ -1421,39 +1372,32 @@ func (m *AclRoot) MarshalToSizedBuffer(dAtA []byte) (int, error) { if m.Timestamp != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.Timestamp)) i-- - dAtA[i] = 0x38 + dAtA[i] = 0x30 } if m.CurrentReadKeyHash != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.CurrentReadKeyHash)) i-- - dAtA[i] = 0x30 + dAtA[i] = 0x28 } if len(m.DerivationScheme) > 0 { i -= len(m.DerivationScheme) copy(dAtA[i:], m.DerivationScheme) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.DerivationScheme))) i-- - dAtA[i] = 0x2a + dAtA[i] = 0x22 } if len(m.EncryptedReadKey) > 0 { i -= len(m.EncryptedReadKey) copy(dAtA[i:], m.EncryptedReadKey) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKey))) i-- - dAtA[i] = 0x22 + dAtA[i] = 0x1a } if len(m.SpaceId) > 0 { i -= len(m.SpaceId) copy(dAtA[i:], m.SpaceId) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.SpaceId))) i-- - dAtA[i] = 0x1a - } - if len(m.EncryptionKey) > 0 { - i -= len(m.EncryptionKey) - copy(dAtA[i:], m.EncryptionKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptionKey))) - i-- dAtA[i] = 0x12 } if len(m.Identity) > 0 { @@ -1700,23 +1644,14 @@ func (m *AclState) MarshalToSizedBuffer(dAtA []byte) (int, error) { dAtA[i] = 0x12 } } - if len(m.ReadKeyHashes) > 0 { - dAtA8 := make([]byte, len(m.ReadKeyHashes)*10) - var j7 int - for _, num := range m.ReadKeyHashes { - for num >= 1<<7 { - dAtA8[j7] = uint8(uint64(num)&0x7f | 0x80) - num >>= 7 - j7++ - } - dAtA8[j7] = uint8(num) - j7++ + if len(m.ReadKeyIds) > 0 { + for iNdEx := len(m.ReadKeyIds) - 1; iNdEx >= 0; iNdEx-- { + i -= len(m.ReadKeyIds[iNdEx]) + copy(dAtA[i:], m.ReadKeyIds[iNdEx]) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.ReadKeyIds[iNdEx]))) + i-- + dAtA[i] = 0xa } - i -= j7 - copy(dAtA[i:], dAtA8[:j7]) - i = encodeVarintAclrecord(dAtA, i, uint64(j7)) - i-- - dAtA[i] = 0xa } return len(dAtA) - i, nil } @@ -1744,14 +1679,7 @@ func (m *AclUserState) MarshalToSizedBuffer(dAtA []byte) (int, error) { if m.Permissions != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) i-- - dAtA[i] = 0x18 - } - if len(m.EncryptionKey) > 0 { - i -= len(m.EncryptionKey) - copy(dAtA[i:], m.EncryptionKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptionKey))) - i-- - dAtA[i] = 0x12 + dAtA[i] = 0x10 } if len(m.Identity) > 0 { i -= len(m.Identity) @@ -1786,7 +1714,7 @@ func (m *AclUserAdd) MarshalToSizedBuffer(dAtA []byte) (int, error) { if m.Permissions != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) i-- - dAtA[i] = 0x20 + dAtA[i] = 0x18 } if len(m.EncryptedReadKeys) > 0 { for iNdEx := len(m.EncryptedReadKeys) - 1; iNdEx >= 0; iNdEx-- { @@ -1794,16 +1722,9 @@ func (m *AclUserAdd) MarshalToSizedBuffer(dAtA []byte) (int, error) { copy(dAtA[i:], m.EncryptedReadKeys[iNdEx]) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys[iNdEx]))) i-- - dAtA[i] = 0x1a + dAtA[i] = 0x12 } } - if len(m.EncryptionKey) > 0 { - i -= len(m.EncryptionKey) - copy(dAtA[i:], m.EncryptionKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptionKey))) - i-- - dAtA[i] = 0x12 - } if len(m.Identity) > 0 { i -= len(m.Identity) copy(dAtA[i:], m.Identity) @@ -1837,7 +1758,7 @@ func (m *AclUserInvite) MarshalToSizedBuffer(dAtA []byte) (int, error) { if m.Permissions != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.Permissions)) i-- - dAtA[i] = 0x20 + dAtA[i] = 0x18 } if len(m.EncryptedReadKeys) > 0 { for iNdEx := len(m.EncryptedReadKeys) - 1; iNdEx >= 0; iNdEx-- { @@ -1845,14 +1766,9 @@ func (m *AclUserInvite) MarshalToSizedBuffer(dAtA []byte) (int, error) { copy(dAtA[i:], m.EncryptedReadKeys[iNdEx]) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys[iNdEx]))) i-- - dAtA[i] = 0x1a + dAtA[i] = 0x12 } } - if m.EncryptSymKeyHash != 0 { - i = encodeVarintAclrecord(dAtA, i, uint64(m.EncryptSymKeyHash)) - i-- - dAtA[i] = 0x10 - } if len(m.AcceptPublicKey) > 0 { i -= len(m.AcceptPublicKey) copy(dAtA[i:], m.AcceptPublicKey) @@ -1889,7 +1805,7 @@ func (m *AclUserJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) { copy(dAtA[i:], m.EncryptedReadKeys[iNdEx]) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys[iNdEx]))) i-- - dAtA[i] = 0x2a + dAtA[i] = 0x22 } } if len(m.AcceptPubKey) > 0 { @@ -1897,20 +1813,13 @@ func (m *AclUserJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) { copy(dAtA[i:], m.AcceptPubKey) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.AcceptPubKey))) i-- - dAtA[i] = 0x22 + dAtA[i] = 0x1a } if len(m.AcceptSignature) > 0 { i -= len(m.AcceptSignature) copy(dAtA[i:], m.AcceptSignature) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.AcceptSignature))) i-- - dAtA[i] = 0x1a - } - if len(m.EncryptionKey) > 0 { - i -= len(m.EncryptionKey) - copy(dAtA[i:], m.EncryptionKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptionKey))) - i-- dAtA[i] = 0x12 } if len(m.Identity) > 0 { @@ -1992,13 +1901,6 @@ func (m *AclReadKeyReplace) MarshalToSizedBuffer(dAtA []byte) (int, error) { copy(dAtA[i:], m.EncryptedReadKey) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKey))) i-- - dAtA[i] = 0x1a - } - if len(m.EncryptionKey) > 0 { - i -= len(m.EncryptionKey) - copy(dAtA[i:], m.EncryptionKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptionKey))) - i-- dAtA[i] = 0x12 } if len(m.Identity) > 0 { @@ -2076,7 +1978,7 @@ func (m *AclSyncMessage) MarshalToSizedBuffer(dAtA []byte) (int, error) { i = encodeVarintAclrecord(dAtA, i, uint64(size)) } i-- - dAtA[i] = 0x12 + dAtA[i] = 0xa } return len(dAtA) - i, nil } @@ -2242,8 +2144,9 @@ func (m *AclRecord) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - if m.CurrentReadKeyHash != 0 { - n += 1 + sovAclrecord(uint64(m.CurrentReadKeyHash)) + l = len(m.ReadKeyId) + if l > 0 { + n += 1 + l + sovAclrecord(uint64(l)) } if m.Timestamp != 0 { n += 1 + sovAclrecord(uint64(m.Timestamp)) @@ -2261,10 +2164,6 @@ func (m *AclRoot) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptionKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } l = len(m.SpaceId) if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) @@ -2379,12 +2278,11 @@ func (m *AclState) Size() (n int) { } var l int _ = l - if len(m.ReadKeyHashes) > 0 { - l = 0 - for _, e := range m.ReadKeyHashes { - l += sovAclrecord(uint64(e)) + if len(m.ReadKeyIds) > 0 { + for _, s := range m.ReadKeyIds { + l = len(s) + n += 1 + l + sovAclrecord(uint64(l)) } - n += 1 + sovAclrecord(uint64(l)) + l } if len(m.UserStates) > 0 { for _, e := range m.UserStates { @@ -2418,10 +2316,6 @@ func (m *AclUserState) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptionKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } if m.Permissions != 0 { n += 1 + sovAclrecord(uint64(m.Permissions)) } @@ -2438,10 +2332,6 @@ func (m *AclUserAdd) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptionKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } if len(m.EncryptedReadKeys) > 0 { for _, b := range m.EncryptedReadKeys { l = len(b) @@ -2464,9 +2354,6 @@ func (m *AclUserInvite) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - if m.EncryptSymKeyHash != 0 { - n += 1 + sovAclrecord(uint64(m.EncryptSymKeyHash)) - } if len(m.EncryptedReadKeys) > 0 { for _, b := range m.EncryptedReadKeys { l = len(b) @@ -2489,10 +2376,6 @@ func (m *AclUserJoin) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptionKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } l = len(m.AcceptSignature) if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) @@ -2539,10 +2422,6 @@ func (m *AclReadKeyReplace) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptionKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } l = len(m.EncryptedReadKey) if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) @@ -3056,10 +2935,10 @@ func (m *AclRecord) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 4: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field CurrentReadKeyHash", wireType) + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ReadKeyId", wireType) } - m.CurrentReadKeyHash = 0 + var stringLen uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowAclrecord @@ -3069,11 +2948,24 @@ func (m *AclRecord) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.CurrentReadKeyHash |= uint64(b&0x7F) << shift + stringLen |= uint64(b&0x7F) << shift if b < 0x80 { break } } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ReadKeyId = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex case 5: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Timestamp", wireType) @@ -3178,40 +3070,6 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptionKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptionKey = append(m.EncryptionKey[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptionKey == nil { - m.EncryptionKey = []byte{} - } - iNdEx = postIndex - case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field SpaceId", wireType) } @@ -3243,7 +3101,7 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { } m.SpaceId = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 4: + case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKey", wireType) } @@ -3277,7 +3135,7 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { m.EncryptedReadKey = []byte{} } iNdEx = postIndex - case 5: + case 4: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field DerivationScheme", wireType) } @@ -3309,7 +3167,7 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { } m.DerivationScheme = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 6: + case 5: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field CurrentReadKeyHash", wireType) } @@ -3328,7 +3186,7 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { break } } - case 7: + case 6: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Timestamp", wireType) } @@ -3707,81 +3565,37 @@ func (m *AclState) Unmarshal(dAtA []byte) error { } switch fieldNum { case 1: - if wireType == 0 { - var v uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ReadKeyIds", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAclrecord } - m.ReadKeyHashes = append(m.ReadKeyHashes, v) - } else if wireType == 2 { - var packedLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - packedLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if packedLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + packedLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { + if iNdEx >= l { return io.ErrUnexpectedEOF } - var elementCount int - var count int - for _, integer := range dAtA[iNdEx:postIndex] { - if integer < 128 { - count++ - } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break } - elementCount = count - if elementCount != 0 && len(m.ReadKeyHashes) == 0 { - m.ReadKeyHashes = make([]uint64, 0, elementCount) - } - for iNdEx < postIndex { - var v uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.ReadKeyHashes = append(m.ReadKeyHashes, v) - } - } else { - return fmt.Errorf("proto: wrong wireType = %d for field ReadKeyHashes", wireType) } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthAclrecord + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthAclrecord + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ReadKeyIds = append(m.ReadKeyIds, string(dAtA[iNdEx:postIndex])) + iNdEx = postIndex case 2: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field UserStates", wireType) @@ -4030,40 +3844,6 @@ func (m *AclUserState) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptionKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptionKey = append(m.EncryptionKey[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptionKey == nil { - m.EncryptionKey = []byte{} - } - iNdEx = postIndex - case 3: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) } @@ -4167,40 +3947,6 @@ func (m *AclUserAdd) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptionKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptionKey = append(m.EncryptionKey[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptionKey == nil { - m.EncryptionKey = []byte{} - } - iNdEx = postIndex - case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) } @@ -4232,7 +3978,7 @@ func (m *AclUserAdd) Unmarshal(dAtA []byte) error { m.EncryptedReadKeys = append(m.EncryptedReadKeys, make([]byte, postIndex-iNdEx)) copy(m.EncryptedReadKeys[len(m.EncryptedReadKeys)-1], dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 4: + case 3: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) } @@ -4336,25 +4082,6 @@ func (m *AclUserInvite) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptSymKeyHash", wireType) - } - m.EncryptSymKeyHash = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.EncryptSymKeyHash |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) } @@ -4386,7 +4113,7 @@ func (m *AclUserInvite) Unmarshal(dAtA []byte) error { m.EncryptedReadKeys = append(m.EncryptedReadKeys, make([]byte, postIndex-iNdEx)) copy(m.EncryptedReadKeys[len(m.EncryptedReadKeys)-1], dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 4: + case 3: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Permissions", wireType) } @@ -4490,40 +4217,6 @@ func (m *AclUserJoin) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptionKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptionKey = append(m.EncryptionKey[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptionKey == nil { - m.EncryptionKey = []byte{} - } - iNdEx = postIndex - case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field AcceptSignature", wireType) } @@ -4557,7 +4250,7 @@ func (m *AclUserJoin) Unmarshal(dAtA []byte) error { m.AcceptSignature = []byte{} } iNdEx = postIndex - case 4: + case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field AcceptPubKey", wireType) } @@ -4591,7 +4284,7 @@ func (m *AclUserJoin) Unmarshal(dAtA []byte) error { m.AcceptPubKey = []byte{} } iNdEx = postIndex - case 5: + case 4: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) } @@ -4826,40 +4519,6 @@ func (m *AclReadKeyReplace) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptionKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptionKey = append(m.EncryptionKey[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptionKey == nil { - m.EncryptionKey = []byte{} - } - iNdEx = postIndex - case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKey", wireType) } @@ -5046,7 +4705,7 @@ func (m *AclSyncMessage) Unmarshal(dAtA []byte) error { return fmt.Errorf("proto: AclSyncMessage: illegal tag %d (wire type %d)", fieldNum, wire) } switch fieldNum { - case 2: + case 1: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field Content", wireType) } diff --git a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto index 56cc2c28..aa81c3ec 100644 --- a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto +++ b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto @@ -74,10 +74,9 @@ message AclUserInvite { message AclUserJoin { bytes identity = 1; - bytes encryptionKey = 2; - bytes acceptSignature = 3; - bytes acceptPubKey = 4; - repeated bytes encryptedReadKeys = 5; + bytes acceptSignature = 2; + bytes acceptPubKey = 3; + repeated bytes encryptedReadKeys = 4; } message AclUserRemove { diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index 8f0a0071..6b3f72e2 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -4,7 +4,7 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/util/cidutil" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/util/keys/symmetric" "github.com/gogo/protobuf/proto" "time" @@ -29,7 +29,7 @@ func newAclRecordBuilder(id string, keychain *keychain.Keychain) AclRecordBuilde } func (a *aclRecordBuilder) BuildUserJoin(acceptPrivKeyBytes []byte, encSymKeyBytes []byte, state *AclState) (rec *aclrecordproto.RawAclRecord, err error) { - acceptPrivKey, err := signingkey.NewSigningEd25519PrivKeyFromBytes(acceptPrivKeyBytes) + acceptPrivKey, err := crypto.NewSigningEd25519PrivKeyFromBytes(acceptPrivKeyBytes) if err != nil { return } diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 9808dddf..97300054 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -7,6 +7,7 @@ import ( "github.com/anytypeio/any-sync/app/logger" aclrecordproto "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anytypeio/any-sync/commonspace/object/keychain" + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/util/keys" "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" @@ -310,7 +311,7 @@ func (st *AclState) applyUserJoin(ch *aclrecordproto.AclUserJoin) error { // validating signature signature := ch.GetAcceptSignature() - verificationKey, err := signingkey.NewSigningEd25519PubKeyFromBytes(invite.AcceptPublicKey) + verificationKey, err := crypto.NewSigningEd25519PubKeyFromBytes(invite.AcceptPublicKey) if err != nil { return fmt.Errorf("public key verifying invite accepts is given in incorrect format: %v", err) } diff --git a/commonspace/object/acl/testutils/acllistbuilder/keychain.go b/commonspace/object/acl/testutils/acllistbuilder/keychain.go index df93f75b..4e727cfa 100644 --- a/commonspace/object/acl/testutils/acllistbuilder/keychain.go +++ b/commonspace/object/acl/testutils/acllistbuilder/keychain.go @@ -2,6 +2,7 @@ package acllistbuilder import ( "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/util/keys" "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" @@ -81,12 +82,12 @@ func (k *YAMLKeychain) AddSigningKey(key *Key) { err error ) if key.Value == "generated" { - newPrivKey, pubKey, err = signingkey.GenerateRandomEd25519KeyPair() + newPrivKey, pubKey, err = crypto.GenerateRandomEd25519KeyPair() if err != nil { panic(err) } } else { - newPrivKey, err = keys.DecodeKeyFromString(key.Value, signingkey.NewSigningEd25519PrivKeyFromBytes, nil) + newPrivKey, err = keys.DecodeKeyFromString(key.Value, crypto.NewSigningEd25519PrivKeyFromBytes, nil) if err != nil { panic(err) } diff --git a/commonspace/object/keychain/keychain.go b/commonspace/object/keychain/keychain.go index 0cf7ad7b..1cedbf31 100644 --- a/commonspace/object/keychain/keychain.go +++ b/commonspace/object/keychain/keychain.go @@ -1,6 +1,7 @@ package keychain import ( + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" ) @@ -18,7 +19,7 @@ func (k *Keychain) GetOrAdd(identity string) (signingkey.PubKey, error) { if key, exists := k.keys[identity]; exists { return key, nil } - res, err := signingkey.NewSigningEd25519PubKeyFromBytes([]byte(identity)) + res, err := crypto.NewSigningEd25519PubKeyFromBytes([]byte(identity)) if err != nil { return nil, err } diff --git a/commonspace/settings/settings_test.go b/commonspace/settings/settings_test.go index ce14ff3f..771050d9 100644 --- a/commonspace/settings/settings_test.go +++ b/commonspace/settings/settings_test.go @@ -14,7 +14,7 @@ import ( "github.com/anytypeio/any-sync/commonspace/settings/settingsstate" "github.com/anytypeio/any-sync/commonspace/settings/settingsstate/mock_settingsstate" "github.com/anytypeio/any-sync/commonspace/spacestorage/mock_spacestorage" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" + "github.com/anytypeio/any-sync/util/crypto" "github.com/golang/mock/gomock" "github.com/stretchr/testify/require" "sync" @@ -149,7 +149,7 @@ func TestSettingsObject_DeleteObject(t *testing.T) { accountData := &accountdata.AccountData{ Identity: []byte("id"), PeerKey: nil, - SignKey: &signingkey.Ed25519PrivateKey{}, + SignKey: &crypto.Ed25519PrivKey{}, EncKey: nil, } fx.account.EXPECT().Account().Return(accountData) diff --git a/commonspace/spacestorage/spacestorage.go b/commonspace/spacestorage/spacestorage.go index ff24d316..a2bf66a0 100644 --- a/commonspace/spacestorage/spacestorage.go +++ b/commonspace/spacestorage/spacestorage.go @@ -13,7 +13,7 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/tree/treestorage" "github.com/anytypeio/any-sync/commonspace/spacesyncproto" "github.com/anytypeio/any-sync/util/cidutil" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" + "github.com/anytypeio/any-sync/util/crypto" "github.com/gogo/protobuf/proto" "strings" ) @@ -94,7 +94,7 @@ func ValidateSpaceHeader(spaceId string, header, identity []byte) (err error) { err = ErrIncorrectSpaceHeader return } - key, err := signingkey.NewSigningEd25519PubKeyFromBytes(payload.Identity) + key, err := crypto.NewSigningEd25519PubKeyFromBytes(payload.Identity) if err != nil { return } diff --git a/go.mod b/go.mod index 1c763027..fb9727d1 100644 --- a/go.mod +++ b/go.mod @@ -7,6 +7,7 @@ require ( github.com/awalterschulze/gographviz v2.0.3+incompatible github.com/cespare/xxhash v1.1.0 github.com/cheggaaa/mb/v3 v3.0.1 + github.com/ethereum/go-ethereum v1.11.5 github.com/gobwas/glob v0.2.3 github.com/goccy/go-graphviz v0.1.0 github.com/gogo/protobuf v1.3.2 @@ -31,7 +32,7 @@ require ( github.com/zeebo/blake3 v0.2.3 github.com/zeebo/errs v1.3.0 go.uber.org/zap v1.24.0 - golang.org/x/exp v0.0.0-20230105202349-8879d0199aa3 + golang.org/x/exp v0.0.0-20230206171751-46f607a40771 golang.org/x/net v0.8.0 gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 gopkg.in/yaml.v3 v3.0.1 @@ -39,8 +40,10 @@ require ( ) require ( + filippo.io/edwards25519 v1.0.0 // indirect github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a // indirect github.com/beorn7/perks v1.0.1 // indirect + github.com/btcsuite/btcd/btcec/v2 v2.2.0 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/crackcomm/go-gitignore v0.0.0-20170627025303-887ab5e44cc3 // indirect github.com/davecgh/go-spew v1.1.1 // indirect @@ -53,6 +56,7 @@ require ( github.com/golang/protobuf v1.5.2 // indirect github.com/google/uuid v1.3.0 // indirect github.com/hashicorp/golang-lru v0.5.4 // indirect + github.com/holiman/uint256 v1.2.0 // indirect github.com/ipfs/bbloom v0.0.4 // indirect github.com/ipfs/go-bitfield v1.1.0 // indirect github.com/ipfs/go-datastore v0.6.0 // indirect @@ -87,8 +91,8 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/polydawn/refmt v0.89.0 // indirect github.com/prometheus/client_model v0.3.0 // indirect - github.com/prometheus/common v0.37.0 // indirect - github.com/prometheus/procfs v0.8.0 // indirect + github.com/prometheus/common v0.39.0 // indirect + github.com/prometheus/procfs v0.9.0 // indirect github.com/spacemonkeygo/spacelog v0.0.0-20180420211403-2296661a0572 // indirect github.com/spaolacci/murmur3 v1.1.0 // indirect github.com/whyrusleeping/cbor-gen v0.0.0-20221220214510-0333c149dec0 // indirect diff --git a/go.sum b/go.sum index 1cc3b14b..723a7276 100644 --- a/go.sum +++ b/go.sum @@ -1,45 +1,8 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= -cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= -cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= -cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= -cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= -cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= -cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= -cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= -cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= -cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= -cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= -cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= -cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= -cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= -cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= -cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= -cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= -cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= -cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= -cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= -cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= -cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +filippo.io/edwards25519 v1.0.0 h1:0wAIcmJUqRdI8IJ/3eGi5/HwXZWPujYXXlkrQogz0Ek= +filippo.io/edwards25519 v1.0.0/go.mod h1:N1IkdkCkiLB6tki+MYJoSx2JTY9NUlxZE7eHn5EwJns= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/OneOfOne/xxhash v1.2.2 h1:KMrpdQIwFcEqXDklaen+P1axHaj9BSKzvpUUfnHldSE= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a h1:E/8AP5dFtMhl5KPJz66Kt9G0n+7Sn41Fy1wv9/jHOrc= github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= github.com/anytypeio/go-chash v0.0.2 h1:BSpyMC3HXNkf2eosQrHM4svov0DrvxL9tb4gnHbdmbA= @@ -48,24 +11,17 @@ github.com/awalterschulze/gographviz v2.0.3+incompatible h1:9sVEXJBJLwGX7EQVhLm2 github.com/awalterschulze/gographviz v2.0.3+incompatible/go.mod h1:GEV5wmg4YquNw7v1kkyoX9etIk8yVmXj+AkDHuuETHs= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/btcsuite/btcd/btcec/v2 v2.2.0 h1:fzn1qaOt32TuLjFlkzYSsBC35Q3KUjT1SwPxiMSCF5k= +github.com/btcsuite/btcd/btcec/v2 v2.2.0/go.mod h1:U7MHm051Al6XmscBQ0BoNydpOTsFAn707034b5nY8zU= +github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1 h1:q0rUy8C/TYNBQS1+CGKw68tLOFYSNEs0TFnxxnS9+4U= github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cheggaaa/mb/v3 v3.0.1 h1:BuEOipGTqybXYi5KXVCpqhR1LWN2lrurq6UrH+VBhXc= github.com/cheggaaa/mb/v3 v3.0.1/go.mod h1:zCt2QeYukhd/g0bIdNqF+b/kKz1hnLFNDkP49qN5kqI= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/corona10/goimagehash v1.0.2 h1:pUfB0LnsJASMPGEZLj7tGY251vF+qLGqOgEP4rUs6kA= github.com/corona10/goimagehash v1.0.2/go.mod h1:/l9umBhvcHQXVtQO1V6Gp1yD20STawkhRnnX0D1bvVI= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= @@ -80,115 +36,56 @@ github.com/davidlazar/go-crypto v0.0.0-20200604182044-b73af7476f6c/go.mod h1:6Uh github.com/decred/dcrd/crypto/blake256 v1.0.0 h1:/8DMNYp9SGi5f0w7uCm6d6M4OU2rGFK09Y2A4Xv7EE0= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0 h1:HbphB4TFFXpv7MNrT52FGrrgVXF1owhMVTHFZIlnvd4= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0/go.mod h1:DZGJHZMqrU4JJqFAWUS2UO1+lbSKsdiOoYi9Zzey7Fc= -github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/ethereum/go-ethereum v1.11.5 h1:3M1uan+LAUvdn+7wCEFrcMM4LJTeuxDrPTg/f31a5QQ= +github.com/ethereum/go-ethereum v1.11.5/go.mod h1:it7x0DWnTDMfVFdXcU6Ti4KEFQynLHVRarcSlPr0HBo= github.com/fogleman/gg v1.3.0 h1:/7zJX8F6AaYQc57WQCyN9cAIz+4bCJGO9B+dyW29am8= github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= github.com/frankban/quicktest v1.14.4 h1:g2rn0vABPOOXmZUj+vbmUp0lPoXEMuhTpIluN0XL9UY= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= -github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= -github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-yaml/yaml v2.1.0+incompatible/go.mod h1:w2MrLa16VYP0jy6N7M5kHaCkaLENm+P+Tv+MfurjSw0= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/goccy/go-graphviz v0.1.0 h1:6OqQoQ5PeAiHYe/YcusyeulqBrOkUb16HQ4ctRdyVUU= github.com/goccy/go-graphviz v0.1.0/go.mod h1:wXVsXxmyMQU6TN3zGRttjNn3h+iCAS7xQFC6TlNvLhk= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 h1:DACJavvAHhabrF08vX0COfcOBJRhZ8lUbR+ZWIs0Y5g= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= -github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF8= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gxed/hashland/keccakpg v0.0.1/go.mod h1:kRzw3HkwxFU1mpmPP8v1WyQzwdGfmKFJ6tItnhQ67kU= github.com/gxed/hashland/murmur3 v0.0.1/go.mod h1:KjXop02n4/ckmZSnY2+HKcLud/tcmvhST0bie/0lS48= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= +github.com/holiman/uint256 v1.2.0 h1:gpSYcPLWGv4sG43I2mVLiDZCNDh/EpGjSk8tmtxitHM= +github.com/holiman/uint256 v1.2.0/go.mod h1:y4ga/t+u+Xwd7CpDgZESaRcWy0I7XMlTMA25ApIH5Jw= github.com/huandu/go-assert v1.1.5 h1:fjemmA7sSfYHJD7CUqs9qTwwfdNAx7/j2/ZlHXzNB3c= github.com/huandu/go-assert v1.1.5/go.mod h1:yOLvuqZwmcHIC5rIzrBhT7D3Q9c3GFnd0JrPVhn/06U= github.com/huandu/skiplist v1.2.0 h1:gox56QD77HzSC0w+Ws3MH3iie755GBJU1OER3h5VsYw= github.com/huandu/skiplist v1.2.0/go.mod h1:7v3iFjLcSAzO4fN5B8dvebvo/qsfumiLiDXMrPiHF9w= github.com/huin/goupnp v1.0.3 h1:N8No57ls+MnjlB+JPiCVSOyy/ot7MJTqlo7rn+NYSqQ= -github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ipfs/bbloom v0.0.4 h1:Gi+8EGJ2y5qiD5FbsbpX/TMNcJw8gSqr7eyjHa4Fhvs= github.com/ipfs/bbloom v0.0.4/go.mod h1:cS9YprKXpoZ9lT0n/Mw/a6/aFV6DTjTLYHeA+gyqMG0= github.com/ipfs/go-bitfield v1.1.0 h1:fh7FIo8bSwaJEh6DdTWbCeZ1eqOaOkKFI74SCnsWbGA= @@ -271,18 +168,9 @@ github.com/jbenet/go-temp-err-catcher v0.1.0/go.mod h1:0kJRvmDZXNMIiJirNPEYfhpPw github.com/jbenet/goprocess v0.1.4 h1:DRGOFReOMqqDNXwW70QkacFW0YN9QnwLV0Vqk+3oU0o= github.com/jbenet/goprocess v0.1.4/go.mod h1:5yspPrukOVuOLORacaBi858NqyClJPQxYZlqdZVfqY4= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jtolds/gls v4.2.1+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= @@ -291,10 +179,7 @@ github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa02 github.com/klauspost/cpuid/v2 v2.0.12/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c= github.com/klauspost/cpuid/v2 v2.2.2 h1:xPMwiykqNK9VK0NYC3+jTMYv9I6Vl3YdjZgPZKG3zO0= github.com/klauspost/cpuid/v2 v2.2.2/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/koron/go-ssdp v0.0.3 h1:JivLMY45N76b4p/vsWGOKewBQu6uf39y8l+AQ7sDKx8= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= @@ -324,7 +209,6 @@ github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPn github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-pointer v0.0.1 h1:n+XhsuGeVO6MEAp7xyEukFINEa+Quek5psIR/ylA6o0= github.com/mattn/go-pointer v0.0.1/go.mod h1:2zXcozF6qYGgmsG+SeTZz3oAbFLdD3OWqnUbNvJZAlc= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA= @@ -333,11 +217,6 @@ github.com/minio/sha256-simd v0.0.0-20190131020904-2d45a736cd16/go.mod h1:2FMWW+ github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM= github.com/minio/sha256-simd v1.0.0 h1:v1ta+49hkWZyvaKwrQB8elexRqm6Y0aMLjCNsrYxo6g= github.com/minio/sha256-simd v1.0.0/go.mod h1:OuYzVNI5vcoYIAmbIvHPl3N3jUzVedXbKy5RFepssQM= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/mr-tron/base58 v1.1.0/go.mod h1:xcD2VGqlgYjBdcBLw+TuYLr8afG+Hj8g2eTVqeSzSU8= github.com/mr-tron/base58 v1.1.2/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= github.com/mr-tron/base58 v1.1.3/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= @@ -372,14 +251,11 @@ github.com/multiformats/go-varint v0.0.5/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXS github.com/multiformats/go-varint v0.0.6/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE= github.com/multiformats/go-varint v0.0.7 h1:sWSGR+f/eu5ABZA2ZpYKBILXTTs9JWpdEM/nEGOHFS8= github.com/multiformats/go-varint v0.0.7/go.mod h1:r8PUYw/fD/SjBCiKOoDlGF6QawOELpZAu9eioSos/OU= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/nfnt/resize v0.0.0-20160724205520-891127d8d1b5 h1:BvoENQQU+fZ9uukda/RzCAL/191HHwJA5b13R6diVlY= github.com/nfnt/resize v0.0.0-20160724205520-891127d8d1b5/go.mod h1:jpp1/29i3P1S/RLdc7JQKbRpFeM1dOBd8T9ki5s+AY8= github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -389,39 +265,18 @@ github.com/polydawn/refmt v0.0.0-20190221155625-df39d6c2d992/go.mod h1:uIp+gprXx github.com/polydawn/refmt v0.0.0-20190807091052-3d65705ee9f1/go.mod h1:uIp+gprXxxrWSjjklXD+mN4wed/tMfjMMmN/9+JsA9o= github.com/polydawn/refmt v0.89.0 h1:ADJTApkvkeBZsN0tBTx8QjpD9JkmxbKp0cxfr9qszm4= github.com/polydawn/refmt v0.89.0/go.mod h1:/zvteZs/GwLtCgZ4BL6CBsk9IKIlexP43ObX9AxTqTw= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= -github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= -github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw= github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= -github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= -github.com/prometheus/common v0.37.0 h1:ccBbHCgIiT9uSoFY0vX8H3zsNR5eLt17/RQLUvn8pXE= -github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= -github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= +github.com/prometheus/common v0.39.0 h1:oOyhkDq05hPZKItWVBkJ6g6AtGxi+fy7F4JvUV8uhsI= +github.com/prometheus/common v0.39.0/go.mod h1:6XBZ7lYdLCbkAVhwRsWTZn+IN5AB9F/NXd5w0BbEX0Y= +github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI= +github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/assertions v1.2.0 h1:42S6lae5dvLc7BrLu/0ugRtcFVjoJNMC/N3yZFZkDFs= github.com/smartystreets/assertions v1.2.0/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYlVhC/LOxJk7iOWnoo= @@ -435,10 +290,8 @@ github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasO github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= @@ -458,9 +311,7 @@ github.com/whyrusleeping/cbor-gen v0.0.0-20221220214510-0333c149dec0/go.mod h1:f github.com/whyrusleeping/chunker v0.0.0-20181014151217-fe64bd25879f h1:jQa4QT2UP9WYv2nzyawpKMOCl+Z/jW7djv2/J50lj9E= github.com/whyrusleeping/chunker v0.0.0-20181014151217-fe64bd25879f/go.mod h1:p9UJB6dDgdPgMJZs7UjUOdulKyRr9fqkS+6JKAInPy8= github.com/whyrusleeping/go-logging v0.0.0-20170515211332-0457bb6b88fc/go.mod h1:bopw91TMyo8J3tvftk8xmU2kPmlrt4nScJQZU2hE5EM= -github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/zeebo/assert v1.1.0/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0= @@ -471,11 +322,6 @@ github.com/zeebo/errs v1.3.0 h1:hmiaKqgYZzcVgRL1Vkc1Mn2914BbzB0IBxs+ebeutGs= github.com/zeebo/errs v1.3.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4= github.com/zeebo/pcg v1.0.1 h1:lyqfGeWiv4ahac6ttHs+I5hwtH/+1mrhlCtVNQM2kHo= github.com/zeebo/pcg v1.0.1/go.mod h1:09F0S9iiKrwn9rlI5yjLkmrug154/YRW6KnnXVDM/l4= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= -go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opentelemetry.io/otel v1.11.2 h1:YBZcQlsVekzFsFbjygXMOXSs6pialIZxcjfO/mBDmR0= go.opentelemetry.io/otel v1.11.2/go.mod h1:7p4EUV+AqgdlNV9gL97IgUZiVR3yrFXYo53f9BM3tRI= go.opentelemetry.io/otel/trace v1.11.2 h1:Xf7hWSF2Glv0DE3MH7fBHvtpSBsjcBUe5MYAmZM/+y0= @@ -495,11 +341,9 @@ go.uber.org/zap v1.16.0/go.mod h1:MA8QOfq0BHJwdXa996Y4dYkAqRKB8/1K1QMMZVaNZjQ= go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI= go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200204104054-c9f3fb736b72/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -508,207 +352,61 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.4.0 h1:UVQgzMY87xqpKNgb+kDsll2Igd33HszWHFLmpaRMq/8= golang.org/x/crypto v0.4.0/go.mod h1:3quD/ATkf6oY+rnes5c3ExXTbLc8mueNue5/DoinL80= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20230105202349-8879d0199aa3 h1:fJwx88sMf5RXwDwziL0/Mn9Wqs+efMSo/RYcL+37W9c= -golang.org/x/exp v0.0.0-20230105202349-8879d0199aa3/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/exp v0.0.0-20230206171751-46f607a40771 h1:xP7rWLUr1e1n2xkK5YB4LI0hPEy3LJC6Wk+D4pGlOJg= +golang.org/x/exp v0.0.0-20230206171751-46f607a40771/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= golang.org/x/image v0.0.0-20200119044424-58c23975cae1 h1:5h3ngYt7+vXCDZCup/HkCQgW5XwmSvR/nA2JmJ0RErg= golang.org/x/image v0.0.0-20200119044424-58c23975cae1/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= -golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.7.0 h1:LapD9S96VoQRhi/GrNTqeBJFrUjs5UHCAtTlgwA5oZA= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190227160552-c95aed5357e7/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190219092855-153ac476189d/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210309074719-68d13333faf2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= -golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= @@ -719,114 +417,26 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk= golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= -google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= -google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= -google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= -google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= -google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= -google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= -google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= -google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 h1:VpOs+IwYnYBaFnrNAeB8UUWtL3vEUnzSCL1nVjPhqrw= gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= lukechampine.com/blake3 v1.1.7 h1:GgRMhmdsuK8+ii6UZFDL8Nb+VyMwadAgcJyfYHxG6n0= lukechampine.com/blake3 v1.1.7/go.mod h1:tkKEOtDkNtklkXtLNEOGNq5tcV90tJiA1vAA12R78LA= -rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= -rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= storj.io/drpc v0.0.32 h1:5p5ZwsK/VOgapaCu+oxaPVwO6UwIs+iwdMiD50+R4PI= storj.io/drpc v0.0.32/go.mod h1:6rcOyR/QQkSTX/9L5ZGtlZaE2PtXTTZl8d+ulSeeYEg= diff --git a/net/secureservice/credential.go b/net/secureservice/credential.go index b9dffaf7..7dc1bf79 100644 --- a/net/secureservice/credential.go +++ b/net/secureservice/credential.go @@ -4,7 +4,7 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/accountdata" "github.com/anytypeio/any-sync/net/secureservice/handshake" "github.com/anytypeio/any-sync/net/secureservice/handshake/handshakeproto" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" + "github.com/anytypeio/any-sync/util/crypto" "github.com/libp2p/go-libp2p/core/sec" "go.uber.org/zap" ) @@ -57,7 +57,7 @@ func (p *peerSignVerifier) CheckCredential(sc sec.SecureConn, cred *handshakepro if err = msg.Unmarshal(cred.Payload); err != nil { return nil, handshake.ErrUnexpectedPayload } - pubKey, err := signingkey.NewSigningEd25519PubKeyFromBytes(msg.Identity) + pubKey, err := crypto.NewSigningEd25519PubKeyFromBytes(msg.Identity) if err != nil { return nil, handshake.ErrInvalidCredentials } diff --git a/net/secureservice/handshake/handshake_test.go b/net/secureservice/handshake/handshake_test.go index e32a9362..b19acae8 100644 --- a/net/secureservice/handshake/handshake_test.go +++ b/net/secureservice/handshake/handshake_test.go @@ -3,7 +3,7 @@ package handshake import ( "context" "github.com/anytypeio/any-sync/net/secureservice/handshake/handshakeproto" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" + crypto2 "github.com/anytypeio/any-sync/util/crypto" peer2 "github.com/anytypeio/any-sync/util/peer" "github.com/libp2p/go-libp2p/core/crypto" "github.com/libp2p/go-libp2p/core/network" @@ -558,12 +558,12 @@ func (t *testCredChecker) CheckCredential(sc sec.SecureConn, cred *handshakeprot func newConnPair(t require.TestingT) (sc1, sc2 *secConn) { c1, c2 := net.Pipe() - sk1, _, err := signingkey.GenerateRandomEd25519KeyPair() + sk1, _, err := crypto2.GenerateRandomEd25519KeyPair() require.NoError(t, err) sk1b, err := sk1.Raw() signKey1, err := crypto.UnmarshalEd25519PrivateKey(sk1b) require.NoError(t, err) - sk2, _, err := signingkey.GenerateRandomEd25519KeyPair() + sk2, _, err := crypto2.GenerateRandomEd25519KeyPair() require.NoError(t, err) sk2b, err := sk2.Raw() signKey2, err := crypto.UnmarshalEd25519PrivateKey(sk2b) @@ -593,7 +593,7 @@ type secConn struct { func (s *secConn) LocalPeer() peer.ID { skB, _ := s.localKey.Raw() - sk, _ := signingkey.NewSigningEd25519PubKeyFromBytes(skB) + sk, _ := crypto2.NewSigningEd25519PubKeyFromBytes(skB) lp, _ := peer2.IdFromSigningPubKey(sk) return lp } diff --git a/nodeconf/service.go b/nodeconf/service.go index 9b242a0f..234f22f7 100644 --- a/nodeconf/service.go +++ b/nodeconf/service.go @@ -4,6 +4,7 @@ import ( commonaccount "github.com/anytypeio/any-sync/accountservice" "github.com/anytypeio/any-sync/app" "github.com/anytypeio/any-sync/app/logger" + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/util/keys" "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" @@ -121,7 +122,7 @@ func nodeFromConfigNode(n NodeConfig) (*Node, error) { return nil, err } - sigPubKey, err := signingkey.UnmarshalEd25519PublicKey(icRaw) + sigPubKey, err := crypto.UnmarshalEd25519PublicKey(icRaw) if err != nil { return nil, err } diff --git a/testutil/accounttest/accountservice.go b/testutil/accounttest/accountservice.go index 26941504..af3eea9f 100644 --- a/testutil/accounttest/accountservice.go +++ b/testutil/accounttest/accountservice.go @@ -5,9 +5,9 @@ import ( "github.com/anytypeio/any-sync/app" "github.com/anytypeio/any-sync/commonspace/object/accountdata" "github.com/anytypeio/any-sync/nodeconf" + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/util/keys" "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" "github.com/anytypeio/any-sync/util/peer" ) @@ -25,7 +25,7 @@ func (s *AccountTestService) Init(a *app.App) (err error) { return } - signKey, _, err := signingkey.GenerateRandomEd25519KeyPair() + signKey, _, err := crypto.GenerateRandomEd25519KeyPair() if err != nil { return } @@ -34,7 +34,7 @@ func (s *AccountTestService) Init(a *app.App) (err error) { return } - peerKey, _, err := signingkey.GenerateRandomEd25519KeyPair() + peerKey, _, err := crypto.GenerateRandomEd25519KeyPair() if err != nil { return err } diff --git a/util/crypto/cryptoproto/crypto.pb.go b/util/crypto/cryptoproto/crypto.pb.go new file mode 100644 index 00000000..af4ac14c --- /dev/null +++ b/util/crypto/cryptoproto/crypto.pb.go @@ -0,0 +1,596 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: util/keys/cryptoproto/protos/crypto.proto + +package cryptoproto + +import ( + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" + math_bits "math/bits" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +type KeyType int32 + +const ( + KeyType_RSA KeyType = 0 + KeyType_Ed25519 KeyType = 1 + KeyType_Secp256k1 KeyType = 2 + KeyType_ECDSA KeyType = 3 +) + +var KeyType_name = map[int32]string{ + 0: "RSA", + 1: "Ed25519", + 2: "Secp256k1", + 3: "ECDSA", +} + +var KeyType_value = map[string]int32{ + "RSA": 0, + "Ed25519": 1, + "Secp256k1": 2, + "ECDSA": 3, +} + +func (x KeyType) String() string { + return proto.EnumName(KeyType_name, int32(x)) +} + +func (KeyType) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_761a9295b23470c2, []int{0} +} + +type PublicKey struct { + Type KeyType `protobuf:"varint,1,opt,name=Type,proto3,enum=utilcrypto.KeyType" json:"Type,omitempty"` + Data []byte `protobuf:"bytes,2,opt,name=Data,proto3" json:"Data,omitempty"` +} + +func (m *PublicKey) Reset() { *m = PublicKey{} } +func (m *PublicKey) String() string { return proto.CompactTextString(m) } +func (*PublicKey) ProtoMessage() {} +func (*PublicKey) Descriptor() ([]byte, []int) { + return fileDescriptor_761a9295b23470c2, []int{0} +} +func (m *PublicKey) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *PublicKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_PublicKey.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *PublicKey) XXX_Merge(src proto.Message) { + xxx_messageInfo_PublicKey.Merge(m, src) +} +func (m *PublicKey) XXX_Size() int { + return m.Size() +} +func (m *PublicKey) XXX_DiscardUnknown() { + xxx_messageInfo_PublicKey.DiscardUnknown(m) +} + +var xxx_messageInfo_PublicKey proto.InternalMessageInfo + +func (m *PublicKey) GetType() KeyType { + if m != nil { + return m.Type + } + return KeyType_RSA +} + +func (m *PublicKey) GetData() []byte { + if m != nil { + return m.Data + } + return nil +} + +type PrivateKey struct { + Type KeyType `protobuf:"varint,1,opt,name=Type,proto3,enum=utilcrypto.KeyType" json:"Type,omitempty"` + Data []byte `protobuf:"bytes,2,opt,name=Data,proto3" json:"Data,omitempty"` +} + +func (m *PrivateKey) Reset() { *m = PrivateKey{} } +func (m *PrivateKey) String() string { return proto.CompactTextString(m) } +func (*PrivateKey) ProtoMessage() {} +func (*PrivateKey) Descriptor() ([]byte, []int) { + return fileDescriptor_761a9295b23470c2, []int{1} +} +func (m *PrivateKey) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *PrivateKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_PrivateKey.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *PrivateKey) XXX_Merge(src proto.Message) { + xxx_messageInfo_PrivateKey.Merge(m, src) +} +func (m *PrivateKey) XXX_Size() int { + return m.Size() +} +func (m *PrivateKey) XXX_DiscardUnknown() { + xxx_messageInfo_PrivateKey.DiscardUnknown(m) +} + +var xxx_messageInfo_PrivateKey proto.InternalMessageInfo + +func (m *PrivateKey) GetType() KeyType { + if m != nil { + return m.Type + } + return KeyType_RSA +} + +func (m *PrivateKey) GetData() []byte { + if m != nil { + return m.Data + } + return nil +} + +func init() { + proto.RegisterEnum("utilcrypto.KeyType", KeyType_name, KeyType_value) + proto.RegisterType((*PublicKey)(nil), "utilcrypto.PublicKey") + proto.RegisterType((*PrivateKey)(nil), "utilcrypto.PrivateKey") +} + +func init() { + proto.RegisterFile("util/keys/cryptoproto/protos/crypto.proto", fileDescriptor_761a9295b23470c2) +} + +var fileDescriptor_761a9295b23470c2 = []byte{ + // 222 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xd2, 0x2c, 0x2d, 0xc9, 0xcc, + 0xd1, 0xcf, 0x4e, 0xad, 0x2c, 0xd6, 0x4f, 0x2e, 0xaa, 0x2c, 0x28, 0xc9, 0x2f, 0x28, 0xca, 0x2f, + 0xc9, 0xd7, 0x07, 0x93, 0x30, 0x21, 0x3d, 0x30, 0x4f, 0x88, 0x0b, 0xa4, 0x14, 0x22, 0xa2, 0xe4, + 0xc1, 0xc5, 0x19, 0x50, 0x9a, 0x94, 0x93, 0x99, 0xec, 0x9d, 0x5a, 0x29, 0xa4, 0xce, 0xc5, 0x12, + 0x52, 0x59, 0x90, 0x2a, 0xc1, 0xa8, 0xc0, 0xa8, 0xc1, 0x67, 0x24, 0xac, 0x87, 0x50, 0xa7, 0xe7, + 0x9d, 0x5a, 0x09, 0x92, 0x0a, 0x02, 0x2b, 0x10, 0x12, 0xe2, 0x62, 0x71, 0x49, 0x2c, 0x49, 0x94, + 0x60, 0x52, 0x60, 0xd4, 0xe0, 0x09, 0x02, 0xb3, 0x95, 0x3c, 0xb9, 0xb8, 0x02, 0x8a, 0x32, 0xcb, + 0x12, 0x4b, 0x52, 0x29, 0x35, 0x4a, 0xcb, 0x92, 0x8b, 0x1d, 0xaa, 0x48, 0x88, 0x9d, 0x8b, 0x39, + 0x28, 0xd8, 0x51, 0x80, 0x41, 0x88, 0x9b, 0x8b, 0xdd, 0x35, 0xc5, 0xc8, 0xd4, 0xd4, 0xd0, 0x52, + 0x80, 0x51, 0x88, 0x97, 0x8b, 0x33, 0x38, 0x35, 0xb9, 0xc0, 0xc8, 0xd4, 0x2c, 0xdb, 0x50, 0x80, + 0x49, 0x88, 0x93, 0x8b, 0xd5, 0xd5, 0xd9, 0x25, 0xd8, 0x51, 0x80, 0xd9, 0x49, 0xff, 0xc4, 0x23, + 0x39, 0xc6, 0x0b, 0x8f, 0xe4, 0x18, 0x1f, 0x3c, 0x92, 0x63, 0x9c, 0xf0, 0x58, 0x8e, 0xe1, 0xc2, + 0x63, 0x39, 0x86, 0x1b, 0x8f, 0xe5, 0x18, 0xa2, 0x44, 0xb1, 0x06, 0x50, 0x12, 0x1b, 0x98, 0x32, + 0x06, 0x04, 0x00, 0x00, 0xff, 0xff, 0x9d, 0x04, 0x8a, 0xb8, 0x40, 0x01, 0x00, 0x00, +} + +func (m *PublicKey) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *PublicKey) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *PublicKey) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.Data) > 0 { + i -= len(m.Data) + copy(dAtA[i:], m.Data) + i = encodeVarintCrypto(dAtA, i, uint64(len(m.Data))) + i-- + dAtA[i] = 0x12 + } + if m.Type != 0 { + i = encodeVarintCrypto(dAtA, i, uint64(m.Type)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func (m *PrivateKey) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *PrivateKey) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *PrivateKey) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.Data) > 0 { + i -= len(m.Data) + copy(dAtA[i:], m.Data) + i = encodeVarintCrypto(dAtA, i, uint64(len(m.Data))) + i-- + dAtA[i] = 0x12 + } + if m.Type != 0 { + i = encodeVarintCrypto(dAtA, i, uint64(m.Type)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func encodeVarintCrypto(dAtA []byte, offset int, v uint64) int { + offset -= sovCrypto(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func (m *PublicKey) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Type != 0 { + n += 1 + sovCrypto(uint64(m.Type)) + } + l = len(m.Data) + if l > 0 { + n += 1 + l + sovCrypto(uint64(l)) + } + return n +} + +func (m *PrivateKey) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Type != 0 { + n += 1 + sovCrypto(uint64(m.Type)) + } + l = len(m.Data) + if l > 0 { + n += 1 + l + sovCrypto(uint64(l)) + } + return n +} + +func sovCrypto(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozCrypto(x uint64) (n int) { + return sovCrypto(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (m *PublicKey) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowCrypto + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: PublicKey: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: PublicKey: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType) + } + m.Type = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowCrypto + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Type |= KeyType(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Data", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowCrypto + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthCrypto + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthCrypto + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Data = append(m.Data[:0], dAtA[iNdEx:postIndex]...) + if m.Data == nil { + m.Data = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipCrypto(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthCrypto + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *PrivateKey) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowCrypto + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: PrivateKey: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: PrivateKey: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType) + } + m.Type = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowCrypto + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Type |= KeyType(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Data", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowCrypto + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthCrypto + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthCrypto + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Data = append(m.Data[:0], dAtA[iNdEx:postIndex]...) + if m.Data == nil { + m.Data = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipCrypto(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthCrypto + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipCrypto(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowCrypto + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowCrypto + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowCrypto + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthCrypto + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupCrypto + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthCrypto + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthCrypto = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowCrypto = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupCrypto = fmt.Errorf("proto: unexpected end of group") +) diff --git a/util/crypto/cryptoproto/protos/crypto.proto b/util/crypto/cryptoproto/protos/crypto.proto new file mode 100644 index 00000000..02352719 --- /dev/null +++ b/util/crypto/cryptoproto/protos/crypto.proto @@ -0,0 +1,20 @@ +syntax = "proto3"; +package utilcrypto; +option go_package = "util/crypto/cryptoproto"; + +enum KeyType { + RSA = 0; + Ed25519 = 1; + Secp256k1 = 2; + ECDSA = 3; +} + +message PublicKey { + KeyType Type = 1; + bytes Data = 2; +} + +message PrivateKey { + KeyType Type = 1; + bytes Data = 2; +} \ No newline at end of file diff --git a/util/crypto/curve25519.go b/util/crypto/curve25519.go new file mode 100644 index 00000000..f60050a5 --- /dev/null +++ b/util/crypto/curve25519.go @@ -0,0 +1,52 @@ +package crypto + +import ( + "crypto/ed25519" + "crypto/sha512" + "filippo.io/edwards25519" + "golang.org/x/crypto/curve25519" +) + +// Ed25519PublicKeyToCurve25519 converts an Ed25519 public key to a Curve25519 public key +func Ed25519PublicKeyToCurve25519(pk ed25519.PublicKey) []byte { + // Unmarshalling public key into edwards curve point + epk, err := (&edwards25519.Point{}).SetBytes(pk) + if err != nil { + panic(err) + } + // converting to curve25519 (see here for more details https://github.com/golang/go/issues/20504) + return epk.BytesMontgomery() +} + +// ISC License +// +// Copyright (c) 2013-2020 +// Frank Denis +// +// Permission to use, copy, modify, and/or distribute this software for any +// purpose with or without fee is hereby granted, provided that the above +// copyright notice and this permission notice appear in all copies. +// +// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +// https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_sign/ed25519/ref10/keypair.c#L69-L83 + +// Ed25519PrivateKeyToCurve25519 converts an Ed25519 private key to a Curve25519 private key +// This code is originally taken from here https://github.com/jorrizza/ed2curve25519/blob/master/ed2curve25519.go +func Ed25519PrivateKeyToCurve25519(pk ed25519.PrivateKey) []byte { + h := sha512.New() + h.Write(pk.Seed()) + out := h.Sum(nil) + + // used in libsodium + out[0] &= 248 + out[31] &= 127 + out[31] |= 64 + + return out[:curve25519.ScalarSize] +} diff --git a/util/keys/asymmetric/signingkey/ed25519.go b/util/crypto/ed25519.go similarity index 50% rename from util/keys/asymmetric/signingkey/ed25519.go rename to util/crypto/ed25519.go index cfa3f262..0d2e9a90 100644 --- a/util/keys/asymmetric/signingkey/ed25519.go +++ b/util/crypto/ed25519.go @@ -1,4 +1,4 @@ -package signingkey +package crypto import ( "bytes" @@ -7,18 +7,37 @@ import ( "crypto/subtle" "errors" "fmt" - "github.com/anytypeio/any-sync/util/keys" "io" ) -// Ed25519PrivateKey is an ed25519 private key. -type Ed25519PrivateKey struct { - k ed25519.PrivateKey +// Ed25519PrivKey is an ed25519 private key. +type Ed25519PrivKey struct { + privKey ed25519.PrivateKey + privCurve *[32]byte + pubCurve *[32]byte } -// Ed25519PublicKey is an ed25519 public key. -type Ed25519PublicKey struct { - k ed25519.PublicKey +// Ed25519PubKey is an ed25519 public key. +type Ed25519PubKey struct { + pubKey ed25519.PublicKey + pubCurve *[32]byte +} + +func NewEd25519PrivKey(privKey ed25519.PrivateKey) PrivKey { + pK := &Ed25519PrivKey{privKey: privKey} + pubKey := pK.pubKeyBytes() + privCurve := Ed25519PrivateKeyToCurve25519(privKey) + pubCurve := Ed25519PublicKeyToCurve25519(pubKey) + pK.privCurve = (*[32]byte)(privCurve) + pK.pubCurve = (*[32]byte)(pubCurve) + return pK +} + +func NewEd25519PubKey(pubKey ed25519.PublicKey) PubKey { + pK := &Ed25519PubKey{pubKey: pubKey} + pubCurve := Ed25519PublicKeyToCurve25519(pubKey) + pK.pubCurve = (*[32]byte)(pubCurve) + return pK } func NewSigningEd25519PubKeyFromBytes(bytes []byte) (PubKey, error) { @@ -40,69 +59,75 @@ func GenerateEd25519Key(src io.Reader) (PrivKey, PubKey, error) { return nil, nil, err } - return &Ed25519PrivateKey{ - k: priv, - }, - &Ed25519PublicKey{ - k: pub, - }, + return NewEd25519PrivKey(priv), + NewEd25519PubKey(pub), nil } // Raw private key bytes. -func (k *Ed25519PrivateKey) Raw() ([]byte, error) { - // The Ed25519 private key contains two 32-bytes curve points, the private - // key and the public key. - // It makes it more efficient to get the public key without re-computing an - // elliptic curve multiplication. - buf := make([]byte, len(k.k)) - copy(buf, k.k) +func (k *Ed25519PrivKey) Raw() ([]byte, error) { + buf := make([]byte, len(k.privKey)) + copy(buf, k.privKey) return buf, nil } -func (k *Ed25519PrivateKey) pubKeyBytes() []byte { - return k.k[ed25519.PrivateKeySize-ed25519.PublicKeySize:] +func (k *Ed25519PrivKey) pubKeyBytes() []byte { + return k.privKey[ed25519.PrivateKeySize-ed25519.PublicKeySize:] } // Equals compares two ed25519 private keys. -func (k *Ed25519PrivateKey) Equals(o keys.Key) bool { - edk, ok := o.(*Ed25519PrivateKey) +func (k *Ed25519PrivKey) Equals(o Key) bool { + edk, ok := o.(*Ed25519PrivKey) if !ok { - return keys.KeyEquals(k, o) + return KeyEquals(k, o) } - return subtle.ConstantTimeCompare(k.k, edk.k) == 1 + return subtle.ConstantTimeCompare(k.privKey, edk.privKey) == 1 } // GetPublic returns an ed25519 public key from a private key. -func (k *Ed25519PrivateKey) GetPublic() PubKey { - return &Ed25519PublicKey{k: k.pubKeyBytes()} +func (k *Ed25519PrivKey) GetPublic() PubKey { + return &Ed25519PubKey{ + pubKey: k.pubKeyBytes(), + pubCurve: k.pubCurve, + } } // Sign returns a signature from an input message. -func (k *Ed25519PrivateKey) Sign(msg []byte) ([]byte, error) { - return ed25519.Sign(k.k, msg), nil +func (k *Ed25519PrivKey) Sign(msg []byte) ([]byte, error) { + return ed25519.Sign(k.privKey, msg), nil +} + +// Decrypt decrypts the message +func (k *Ed25519PrivKey) Decrypt(msg []byte) ([]byte, error) { + return DecryptX25519(k.privCurve, k.pubCurve, msg) } // Raw public key bytes. -func (k *Ed25519PublicKey) Raw() ([]byte, error) { - return k.k, nil +func (k *Ed25519PubKey) Raw() ([]byte, error) { + return k.pubKey, nil +} + +// Encrypt message +func (k *Ed25519PubKey) Encrypt(msg []byte) (data []byte, err error) { + data = EncryptX25519(k.pubCurve, msg) + return } // Equals compares two ed25519 public keys. -func (k *Ed25519PublicKey) Equals(o keys.Key) bool { - edk, ok := o.(*Ed25519PublicKey) +func (k *Ed25519PubKey) Equals(o Key) bool { + edk, ok := o.(*Ed25519PubKey) if !ok { - return keys.KeyEquals(k, o) + return KeyEquals(k, o) } - return bytes.Equal(k.k, edk.k) + return bytes.Equal(k.pubKey, edk.pubKey) } // Verify checks a signature agains the input data. -func (k *Ed25519PublicKey) Verify(data []byte, sig []byte) (bool, error) { - return ed25519.Verify(k.k, data, sig), nil +func (k *Ed25519PubKey) Verify(data []byte, sig []byte) (bool, error) { + return ed25519.Verify(k.pubKey, data, sig), nil } // UnmarshalEd25519PublicKey returns a public key from input bytes. @@ -111,9 +136,7 @@ func UnmarshalEd25519PublicKey(data []byte) (PubKey, error) { return nil, errors.New("expect ed25519 public key data size to be 32") } - return &Ed25519PublicKey{ - k: ed25519.PublicKey(data), - }, nil + return NewEd25519PubKey(data), nil } // UnmarshalEd25519PrivateKey returns a private key from input bytes. @@ -141,7 +164,5 @@ func UnmarshalEd25519PrivateKey(data []byte) (PrivKey, error) { ) } - return &Ed25519PrivateKey{ - k: ed25519.PrivateKey(data), - }, nil + return NewEd25519PrivKey(data), nil } diff --git a/util/crypto/ed25519_test.go b/util/crypto/ed25519_test.go new file mode 100644 index 00000000..abda9e44 --- /dev/null +++ b/util/crypto/ed25519_test.go @@ -0,0 +1,19 @@ +package crypto + +import ( + "crypto/rand" + "github.com/stretchr/testify/require" + "testing" +) + +func Test_EncryptDecrypt(t *testing.T) { + privKey, pubKey, _ := GenerateEd25519Key(rand.Reader) + msg := make([]byte, 32768) + _, err := rand.Read(msg) + require.NoError(t, err) + enc, err := pubKey.Encrypt(msg) + require.NoError(t, err) + dec, err := privKey.Decrypt(enc) + require.NoError(t, err) + require.Equal(t, dec, msg) +} diff --git a/util/crypto/key.go b/util/crypto/key.go new file mode 100644 index 00000000..50b01c97 --- /dev/null +++ b/util/crypto/key.go @@ -0,0 +1,48 @@ +package crypto + +import ( + "crypto/subtle" +) + +// Key is an abstract interface for all types of keys +type Key interface { + // Equals returns if the keys are equal + Equals(Key) bool + + // Raw returns raw key + Raw() ([]byte, error) +} + +// PrivKey is an interface for keys that should be used for signing and decryption +type PrivKey interface { + Key + + // Decrypt decrypts the message and returns the result + Decrypt(message []byte) ([]byte, error) + // Sign signs the raw bytes and returns the signature + Sign([]byte) ([]byte, error) + // GetPublic returns the associated public key + GetPublic() PubKey +} + +// PubKey is the public key used to verify the signatures made by SignPrivKey +type PubKey interface { + Key + + // Encrypt encrypts the message and returns the result + Encrypt(message []byte) ([]byte, error) + // Verify verifies the signed message and the signature + Verify(data []byte, sig []byte) (bool, error) +} + +func KeyEquals(k1, k2 Key) bool { + a, err := k1.Raw() + if err != nil { + return false + } + b, err := k2.Raw() + if err != nil { + return false + } + return subtle.ConstantTimeCompare(a, b) == 1 +} diff --git a/util/crypto/x25519.go b/util/crypto/x25519.go new file mode 100644 index 00000000..ef2ab05d --- /dev/null +++ b/util/crypto/x25519.go @@ -0,0 +1,40 @@ +package crypto + +import ( + "crypto/rand" + "errors" + "golang.org/x/crypto/blake2b" + "golang.org/x/crypto/nacl/box" +) + +var ErrX25519DecryptionFailed = errors.New("failed decryption with x25519 key") + +// EncryptX25519 takes a x25519 public key and encrypts the message +func EncryptX25519(pubKey *[32]byte, msg []byte) []byte { + // see discussion here https://github.com/golang/go/issues/29128 + var nonce [24]byte + epk, esk, _ := box.GenerateKey(rand.Reader) + // nonce logic is taken from libsodium https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_box/crypto_box_seal.c + nonceWriter, _ := blake2b.New(24, nil) + nonceSlice := nonceWriter.Sum(append(epk[:], pubKey[:]...)) + copy(nonce[:], nonceSlice) + + return box.Seal(epk[:], msg, &nonce, pubKey, esk) +} + +// DecryptX25519 takes a x25519 private and public key and decrypts the message +func DecryptX25519(privKey, pubKey *[32]byte, encrypted []byte) ([]byte, error) { + var epk [32]byte + var nonce [24]byte + copy(epk[:], encrypted[:32]) + + nonceWriter, _ := blake2b.New(24, nil) + nonceSlice := nonceWriter.Sum(append(epk[:], pubKey[:]...)) + copy(nonce[:], nonceSlice) + + decrypted, ok := box.Open(nil, encrypted[32:], &nonce, &epk, privKey) + if !ok { + return nil, ErrX25519DecryptionFailed + } + return decrypted, nil +} diff --git a/util/keys/asymmetric/encryptionkey/encryptionkey.go b/util/keys/asymmetric/encryptionkey/encryptionkey.go index bbd41aad..9c4215ce 100644 --- a/util/keys/asymmetric/encryptionkey/encryptionkey.go +++ b/util/keys/asymmetric/encryptionkey/encryptionkey.go @@ -1,18 +1,18 @@ package encryptionkey import ( - "github.com/anytypeio/any-sync/util/keys" + "github.com/anytypeio/any-sync/util/crypto" ) type PrivKey interface { - keys.Key + crypto.Key Decrypt([]byte) ([]byte, error) GetPublic() PubKey } type PubKey interface { - keys.Key + crypto.Key Encrypt(data []byte) ([]byte, error) } diff --git a/util/keys/asymmetric/encryptionkey/rsa.go b/util/keys/asymmetric/encryptionkey/rsa.go index 80fc599a..855daf55 100644 --- a/util/keys/asymmetric/encryptionkey/rsa.go +++ b/util/keys/asymmetric/encryptionkey/rsa.go @@ -7,7 +7,7 @@ import ( "crypto/subtle" "crypto/x509" "errors" - "github.com/anytypeio/any-sync/util/keys" + "github.com/anytypeio/any-sync/util/crypto" "github.com/cespare/xxhash" mrand "golang.org/x/exp/rand" "io" @@ -30,7 +30,7 @@ type EncryptionRsaPubKey struct { pubKey rsa.PublicKey } -func (e *EncryptionRsaPubKey) Equals(key keys.Key) bool { +func (e *EncryptionRsaPubKey) Equals(key crypto.Key) bool { other, ok := (key).(*EncryptionRsaPubKey) if !ok { return keyEquals(e, key) @@ -48,7 +48,7 @@ func (e *EncryptionRsaPubKey) Encrypt(data []byte) ([]byte, error) { return rsa.EncryptOAEP(hash, rand.Reader, &e.pubKey, data, nil) } -func (e *EncryptionRsaPrivKey) Equals(key keys.Key) bool { +func (e *EncryptionRsaPrivKey) Equals(key crypto.Key) bool { other, ok := (key).(*EncryptionRsaPrivKey) if !ok { return keyEquals(e, key) @@ -127,7 +127,7 @@ func NewEncryptionRsaPubKeyFromBytes(bytes []byte) (PubKey, error) { return &EncryptionRsaPubKey{pubKey: *pk}, nil } -func keyEquals(k1, k2 keys.Key) bool { +func keyEquals(k1, k2 crypto.Key) bool { a, err := k1.Raw() if err != nil { return false diff --git a/util/keys/asymmetric/signingkey/edwards25519/ed25519.go b/util/keys/asymmetric/signingkey/edwards25519/ed25519.go new file mode 100644 index 00000000..12e8086a --- /dev/null +++ b/util/keys/asymmetric/signingkey/edwards25519/ed25519.go @@ -0,0 +1,53 @@ +package edwards25519 + +import ( + "crypto/ed25519" + "crypto/sha512" + "filippo.io/edwards25519" + "golang.org/x/crypto/curve25519" +) + +// Ed25519PublicKeyToCurve25519 converts an Ed25519 public key to a Curve25519 public key +func Ed25519PublicKeyToCurve25519(pk ed25519.PublicKey) []byte { + // Unmarshalling public key into edwards curve point + epk, err := (&edwards25519.Point{}).SetBytes(pk) + if err != nil { + panic(err) + } + // converting to curve25519 (see here for more details https://github.com/golang/go/issues/20504) + return epk.BytesMontgomery() +} + +/* + * ISC License + * + * Copyright (c) 2013-2020 + * Frank Denis + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +// https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_sign/ed25519/ref10/keypair.c#L69-L83 + +// Ed25519PrivateKeyToCurve25519 converts an Ed25519 private key to a Curve25519 private key +func Ed25519PrivateKeyToCurve25519(pk ed25519.PrivateKey) []byte { + h := sha512.New() + h.Write(pk.Seed()) + out := h.Sum(nil) + + out[0] &= 248 + out[31] &= 127 + out[31] |= 64 + + return out[:curve25519.ScalarSize] +} diff --git a/util/keys/asymmetric/signingkey/signingkey.go b/util/keys/asymmetric/signingkey/signingkey.go index d07d939d..f284f87a 100644 --- a/util/keys/asymmetric/signingkey/signingkey.go +++ b/util/keys/asymmetric/signingkey/signingkey.go @@ -1,19 +1,59 @@ package signingkey import ( - "github.com/anytypeio/any-sync/util/keys" + "crypto/ed25519" + "crypto/rand" + "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey/edwards25519" + "golang.org/x/crypto/blake2b" + "golang.org/x/crypto/nacl/box" ) type PrivKey interface { - keys.Key + //crypto.Key Sign([]byte) ([]byte, error) - GetPublic() PubKey } type PubKey interface { - keys.Key + //crypto.Key Verify(data []byte, sig []byte) (bool, error) } + +func EncryptWithEd25519(pk ed25519.PublicKey, msg []byte) []byte { + conv := edwards25519.Ed25519PublicKeyToCurve25519(pk) + return Encrypt((*[32]byte)(conv), msg) +} + +func DecryptWithEd25519(pub ed25519.PublicKey, priv ed25519.PrivateKey, msg []byte) []byte { + cPub := edwards25519.Ed25519PublicKeyToCurve25519(pub) + cPriv := edwards25519.Ed25519PrivateKeyToCurve25519(priv) + return Decrypt((*[32]byte)(cPriv), (*[32]byte)(cPub), msg) +} + +func Encrypt(pubKey *[32]byte, msg []byte) []byte { + var nonce [24]byte + epk, esk, _ := box.GenerateKey(rand.Reader) + nonceWriter, _ := blake2b.New(24, nil) + nonceSlice := nonceWriter.Sum(append(epk[:], pubKey[:]...)) + copy(nonce[:], nonceSlice) + + return box.Seal(epk[:], msg, &nonce, pubKey, esk) +} + +func Decrypt(privKey, pubKey *[32]byte, encrypted []byte) []byte { + var epk [32]byte + var nonce [24]byte + copy(epk[:], encrypted[:32]) + + nonceWriter, _ := blake2b.New(24, nil) + nonceSlice := nonceWriter.Sum(append(epk[:], pubKey[:]...)) + copy(nonce[:], nonceSlice) + + decrypted, ok := box.Open(nil, encrypted[32:], &nonce, &epk, privKey) + if !ok { + panic("Decryption error.") + } + return decrypted +} diff --git a/util/keys/asymmetric/signingkey/signingkey_test.go b/util/keys/asymmetric/signingkey/signingkey_test.go new file mode 100644 index 00000000..e0a1d0ca --- /dev/null +++ b/util/keys/asymmetric/signingkey/signingkey_test.go @@ -0,0 +1,16 @@ +package signingkey + +import ( + "crypto/ed25519" + "crypto/rand" + "fmt" + "testing" +) + +func Test(t *testing.T) { + pubKey, privKey, _ := ed25519.GenerateKey(rand.Reader) + msg := []byte("some stuffsafeesafujeaiofjoeai joaij fioaj iofaj oifaj foiajio fjao jo") + enc := EncryptWithEd25519(pubKey, msg) + dec := DecryptWithEd25519(pubKey, privKey, enc) + fmt.Println(string(enc), string(dec)) +} diff --git a/util/keys/decode.go b/util/keys/decode.go index c08e7c41..374241de 100644 --- a/util/keys/decode.go +++ b/util/keys/decode.go @@ -2,9 +2,10 @@ package keys import ( "encoding/base64" + "github.com/anytypeio/any-sync/util/crypto" ) -func EncodeKeyToString[T Key](key T) (str string, err error) { +func EncodeKeyToString[T crypto.Key](key T) (str string, err error) { raw, err := key.Raw() if err != nil { return @@ -17,7 +18,7 @@ func EncodeBytesToString(bytes []byte) string { return base64.StdEncoding.EncodeToString(bytes) } -func DecodeKeyFromString[T Key](str string, construct func([]byte) (T, error), def T) (T, error) { +func DecodeKeyFromString[T crypto.Key](str string, construct func([]byte) (T, error), def T) (T, error) { dec, err := DecodeBytesFromString(str) if err != nil { return def, err diff --git a/util/keys/key.go b/util/keys/key.go deleted file mode 100644 index 150d0897..00000000 --- a/util/keys/key.go +++ /dev/null @@ -1,21 +0,0 @@ -package keys - -import "crypto/subtle" - -type Key interface { - Equals(Key) bool - - Raw() ([]byte, error) -} - -func KeyEquals(k1, k2 Key) bool { - a, err := k1.Raw() - if err != nil { - return false - } - b, err := k2.Raw() - if err != nil { - return false - } - return subtle.ConstantTimeCompare(a, b) == 1 -} From 33c9a25665e6626ec17901ffbc5a504509bd394b Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Fri, 24 Mar 2023 13:01:53 +0100 Subject: [PATCH 03/24] Add sym key --- .../acl/aclrecordproto/aclreadkeyderive.go | 3 +- .../object/acl/list/aclrecordbuilder.go | 3 +- commonspace/object/acl/list/aclstate.go | 17 +++-- .../acl/testutils/acllistbuilder/keychain.go | 9 ++- .../acllistbuilder/liststoragebuilder.go | 4 +- .../object/tree/objecttree/changebuilder.go | 4 +- .../object/tree/objecttree/objecttree.go | 6 +- .../tree/objecttree/objecttreefactory.go | 6 +- .../symmetric/symmetric.go => crypto/aes.go} | 67 +++++++------------ util/crypto/cryptoproto/protos/crypto.proto | 16 ++--- util/crypto/curve25519.go | 52 -------------- util/crypto/key.go | 11 ++- util/crypto/x25519.go | 48 +++++++++++++ 13 files changed, 112 insertions(+), 134 deletions(-) rename util/{keys/symmetric/symmetric.go => crypto/aes.go} (58%) delete mode 100644 util/crypto/curve25519.go diff --git a/commonspace/object/acl/aclrecordproto/aclreadkeyderive.go b/commonspace/object/acl/aclrecordproto/aclreadkeyderive.go index fa7b074a..6d6bab90 100644 --- a/commonspace/object/acl/aclrecordproto/aclreadkeyderive.go +++ b/commonspace/object/acl/aclrecordproto/aclreadkeyderive.go @@ -1,10 +1,11 @@ package aclrecordproto import ( + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/util/keys/symmetric" ) -func AclReadKeyDerive(signKey []byte, encKey []byte) (*symmetric.Key, error) { +func AclReadKeyDerive(signKey []byte, encKey []byte) (*crypto.AESKey, error) { concBuf := make([]byte, 0, len(signKey)+len(encKey)) concBuf = append(concBuf, signKey...) concBuf = append(concBuf, encKey...) diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index 6b3f72e2..4a68ce77 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -5,7 +5,6 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/util/cidutil" "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/keys/symmetric" "github.com/gogo/protobuf/proto" "time" ) @@ -37,7 +36,7 @@ func (a *aclRecordBuilder) BuildUserJoin(acceptPrivKeyBytes []byte, encSymKeyByt if err != nil { return } - encSymKey, err := symmetric.FromBytes(encSymKeyBytes) + encSymKey, err := crypto.UnmarshallAESKey(encSymKeyBytes) if err != nil { return } diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 97300054..e5922a56 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -11,7 +11,6 @@ import ( "github.com/anytypeio/any-sync/util/keys" "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" - "github.com/anytypeio/any-sync/util/keys/symmetric" "github.com/gogo/protobuf/proto" "go.uber.org/zap" "hash/fnv" @@ -43,7 +42,7 @@ type UserPermissionPair struct { type AclState struct { id string currentReadKeyHash uint64 - userReadKeys map[uint64]*symmetric.Key + userReadKeys map[uint64]*crypto.AESKey userStates map[string]*aclrecordproto.AclUserState userInvites map[string]*aclrecordproto.AclUserInvite encryptionKey encryptionkey.PrivKey @@ -70,7 +69,7 @@ func newAclStateWithKeys( identity: string(identity), signingKey: signingKey, encryptionKey: encryptionKey, - userReadKeys: make(map[uint64]*symmetric.Key), + userReadKeys: make(map[uint64]*crypto.AESKey), userStates: make(map[string]*aclrecordproto.AclUserState), userInvites: make(map[string]*aclrecordproto.AclUserInvite), permissionsAtRecord: make(map[string][]UserPermissionPair), @@ -80,7 +79,7 @@ func newAclStateWithKeys( func newAclState(id string) *AclState { return &AclState{ id: id, - userReadKeys: make(map[uint64]*symmetric.Key), + userReadKeys: make(map[uint64]*crypto.AESKey), userStates: make(map[string]*aclrecordproto.AclUserState), userInvites: make(map[string]*aclrecordproto.AclUserInvite), permissionsAtRecord: make(map[string][]UserPermissionPair), @@ -91,7 +90,7 @@ func (st *AclState) CurrentReadKeyHash() uint64 { return st.currentReadKeyHash } -func (st *AclState) CurrentReadKey() (*symmetric.Key, error) { +func (st *AclState) CurrentReadKey() (*crypto.AESKey, error) { key, exists := st.userReadKeys[st.currentReadKeyHash] if !exists { return nil, ErrNoReadKey @@ -99,7 +98,7 @@ func (st *AclState) CurrentReadKey() (*symmetric.Key, error) { return key, nil } -func (st *AclState) UserReadKeys() map[uint64]*symmetric.Key { +func (st *AclState) UserReadKeys() map[uint64]*crypto.AESKey { return st.userReadKeys } @@ -194,7 +193,7 @@ func (st *AclState) applyRoot(root *aclrecordproto.AclRoot) (err error) { } func (st *AclState) saveReadKeyFromRoot(root *aclrecordproto.AclRoot) (err error) { - var readKey *symmetric.Key + var readKey *crypto.AESKey if len(root.GetDerivationScheme()) != 0 { var encPrivKey []byte encPrivKey, err = st.encryptionKey.Raw() @@ -400,13 +399,13 @@ func (st *AclState) applyUserRemove(ch *aclrecordproto.AclUserRemove) error { return nil } -func (st *AclState) decryptReadKeyAndHash(msg []byte) (*symmetric.Key, uint64, error) { +func (st *AclState) decryptReadKeyAndHash(msg []byte) (*crypto.AESKey, uint64, error) { decrypted, err := st.encryptionKey.Decrypt(msg) if err != nil { return nil, 0, ErrFailedToDecrypt } - key, err := symmetric.FromBytes(decrypted) + key, err := crypto.UnmarshallAESKey(decrypted) if err != nil { return nil, 0, ErrFailedToDecrypt } diff --git a/commonspace/object/acl/testutils/acllistbuilder/keychain.go b/commonspace/object/acl/testutils/acllistbuilder/keychain.go index 4e727cfa..00e207a6 100644 --- a/commonspace/object/acl/testutils/acllistbuilder/keychain.go +++ b/commonspace/object/acl/testutils/acllistbuilder/keychain.go @@ -6,14 +6,13 @@ import ( "github.com/anytypeio/any-sync/util/keys" "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" - "github.com/anytypeio/any-sync/util/keys/symmetric" "hash/fnv" "strings" ) type SymKey struct { Hash uint64 - Key *symmetric.Key + Key *crypto.AESKey } type YAMLKeychain struct { @@ -111,11 +110,11 @@ func (k *YAMLKeychain) AddReadKey(key *Key) { } var ( - rkey *symmetric.Key + rkey *crypto.AESKey err error ) if key.Value == "generated" { - rkey, err = symmetric.NewRandom() + rkey, err = crypto.NewRandomAES() if err != nil { panic("should be able to generate symmetric key") } @@ -127,7 +126,7 @@ func (k *YAMLKeychain) AddReadKey(key *Key) { panic("should be able to derive symmetric key") } } else { - rkey, err = symmetric.FromString(key.Value) + rkey, err = crypto.UnmarshallAESKeyString(key.Value) if err != nil { panic("should be able to parse symmetric key") } diff --git a/commonspace/object/acl/testutils/acllistbuilder/liststoragebuilder.go b/commonspace/object/acl/testutils/acllistbuilder/liststoragebuilder.go index 35a17bda..a73c2924 100644 --- a/commonspace/object/acl/testutils/acllistbuilder/liststoragebuilder.go +++ b/commonspace/object/acl/testutils/acllistbuilder/liststoragebuilder.go @@ -7,9 +7,9 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/acl/liststorage" "github.com/anytypeio/any-sync/commonspace/object/acl/testutils/yamltests" "github.com/anytypeio/any-sync/util/cidutil" + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" - "github.com/anytypeio/any-sync/util/keys/symmetric" "gopkg.in/yaml.v3" "io/ioutil" "path" @@ -249,7 +249,7 @@ func (t *AclListStorageBuilder) encryptReadKeysWithPubKey(keys []string, encKey return } -func (t *AclListStorageBuilder) encryptReadKeysWithSymKey(keys []string, key *symmetric.Key) (enc [][]byte) { +func (t *AclListStorageBuilder) encryptReadKeysWithSymKey(keys []string, key *crypto.AESKey) (enc [][]byte) { for _, k := range keys { realKey := t.keychain.GetKey(k).(*SymKey).Key.Bytes() res, err := key.Encrypt(realKey) diff --git a/commonspace/object/tree/objecttree/changebuilder.go b/commonspace/object/tree/objecttree/changebuilder.go index 8e312309..396f5e20 100644 --- a/commonspace/object/tree/objecttree/changebuilder.go +++ b/commonspace/object/tree/objecttree/changebuilder.go @@ -5,8 +5,8 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/commonspace/object/tree/treechangeproto" "github.com/anytypeio/any-sync/util/cidutil" + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" - "github.com/anytypeio/any-sync/util/keys/symmetric" "github.com/gogo/protobuf/proto" "time" ) @@ -21,7 +21,7 @@ type BuilderContent struct { Identity []byte IsSnapshot bool SigningKey signingkey.PrivKey - ReadKey *symmetric.Key + ReadKey *crypto.AESKey Content []byte } diff --git a/commonspace/object/tree/objecttree/objecttree.go b/commonspace/object/tree/objecttree/objecttree.go index af169ad2..5930334e 100644 --- a/commonspace/object/tree/objecttree/objecttree.go +++ b/commonspace/object/tree/objecttree/objecttree.go @@ -4,6 +4,7 @@ package objecttree import ( "context" "errors" + "github.com/anytypeio/any-sync/util/crypto" "sync" "time" @@ -11,7 +12,6 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/acl/list" "github.com/anytypeio/any-sync/commonspace/object/tree/treechangeproto" "github.com/anytypeio/any-sync/commonspace/object/tree/treestorage" - "github.com/anytypeio/any-sync/util/keys/symmetric" "github.com/anytypeio/any-sync/util/slice" ) @@ -99,7 +99,7 @@ type objectTree struct { root *Change tree *Tree - keys map[uint64]*symmetric.Key + keys map[uint64]*crypto.AESKey // buffers difSnapshotBuf []*treechangeproto.RawTreeChangeWithId @@ -225,7 +225,7 @@ func (ot *objectTree) prepareBuilderContent(content SignableChangeContent) (cnt var ( state = ot.aclList.AclState() // special method for own keys - readKey *symmetric.Key + readKey *crypto.AESKey readKeyHash uint64 ) canWrite := state.HasPermission(content.Identity, aclrecordproto.AclUserPermissions_Writer) || diff --git a/commonspace/object/tree/objecttree/objecttreefactory.go b/commonspace/object/tree/objecttree/objecttreefactory.go index e3ec5c6f..af350ef4 100644 --- a/commonspace/object/tree/objecttree/objecttreefactory.go +++ b/commonspace/object/tree/objecttree/objecttreefactory.go @@ -5,8 +5,8 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/commonspace/object/tree/treechangeproto" "github.com/anytypeio/any-sync/commonspace/object/tree/treestorage" + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" - "github.com/anytypeio/any-sync/util/keys/symmetric" "math/rand" "time" ) @@ -189,7 +189,7 @@ func buildObjectTree(deps objectTreeDeps) (ObjectTree, error) { aclList: deps.aclList, changeBuilder: deps.changeBuilder, rawChangeLoader: deps.rawChangeLoader, - keys: make(map[uint64]*symmetric.Key), + keys: make(map[uint64]*crypto.AESKey), newChangesBuf: make([]*Change, 0, 10), difSnapshotBuf: make([]*treechangeproto.RawTreeChangeWithId, 0, 10), notSeenIdxBuf: make([]int, 0, 10), @@ -225,7 +225,7 @@ func buildHistoryTree(deps objectTreeDeps, params HistoryTreeParams) (ht History aclList: deps.aclList, changeBuilder: deps.changeBuilder, rawChangeLoader: deps.rawChangeLoader, - keys: make(map[uint64]*symmetric.Key), + keys: make(map[uint64]*crypto.AESKey), newChangesBuf: make([]*Change, 0, 10), difSnapshotBuf: make([]*treechangeproto.RawTreeChangeWithId, 0, 10), notSeenIdxBuf: make([]int, 0, 10), diff --git a/util/keys/symmetric/symmetric.go b/util/crypto/aes.go similarity index 58% rename from util/keys/symmetric/symmetric.go rename to util/crypto/aes.go index 711f1fdd..e6ac4976 100644 --- a/util/keys/symmetric/symmetric.go +++ b/util/crypto/aes.go @@ -1,12 +1,11 @@ -package symmetric +package crypto import ( "crypto/aes" "crypto/cipher" "crypto/rand" + "crypto/subtle" "fmt" - "github.com/minio/sha256-simd" - mbase "github.com/multiformats/go-multibase" ) @@ -18,83 +17,65 @@ const ( KeyBytes = 32 ) -type Key struct { +type AESKey struct { raw []byte } -func DeriveFromBytes(bytes []byte) (*Key, error) { - bArray := sha256.Sum256(bytes) - bSlice := bArray[:] - return FromBytes(bSlice) -} - -func (k *Key) Equals(otherKey *Key) bool { - otherRaw := otherKey.raw - keyRaw := k.raw - - if len(keyRaw) != len(otherRaw) { +func (k *AESKey) Equals(key Key) bool { + aesKey, ok := key.(*AESKey) + if !ok { return false } - for i := 0; i < len(keyRaw); i++ { - if keyRaw[i] != otherRaw[i] { - return false - } - } - return true + return subtle.ConstantTimeCompare(k.raw, aesKey.raw) == 1 } -func (k *Key) Raw() ([]byte, error) { +func (k *AESKey) Raw() ([]byte, error) { return k.raw, nil } -// NewRandom returns a random key. -func NewRandom() (*Key, error) { +// NewRandomAES returns a random key. +func NewRandomAES() (*AESKey, error) { raw := make([]byte, KeyBytes) if _, err := rand.Read(raw); err != nil { return nil, err } - return &Key{raw: raw}, nil + return &AESKey{raw: raw}, nil } -// New returns Key if err is nil and panics otherwise. -func New() *Key { - k, err := NewRandom() +// NewAES returns AESKey if err is nil and panics otherwise. +func NewAES() *AESKey { + k, err := NewRandomAES() if err != nil { panic(err) } return k } -// FromBytes returns a key by decoding bytes. -func FromBytes(k []byte) (*Key, error) { +// UnmarshallAESKey returns a key by decoding bytes. +func UnmarshallAESKey(k []byte) (*AESKey, error) { if len(k) != KeyBytes { return nil, fmt.Errorf("invalid key") } - return &Key{raw: k}, nil + return &AESKey{raw: k}, nil } -// FromString returns a key by decoding a base32-encoded string. -func FromString(k string) (*Key, error) { +// UnmarshallAESKeyString returns a key by decoding a base32-encoded string. +func UnmarshallAESKeyString(k string) (*AESKey, error) { _, b, err := mbase.Decode(k) if err != nil { return nil, err } - return FromBytes(b) + return UnmarshallAESKey(b) } // Bytes returns raw key bytes. -func (k *Key) Bytes() []byte { +func (k *AESKey) Bytes() []byte { return k.raw } -// MarshalBinary implements BinaryMarshaler. -func (k *Key) MarshalBinary() ([]byte, error) { - return k.raw, nil -} - // String returns the base32-encoded string representation of raw key bytes. -func (k *Key) String() string { +func (k *AESKey) String() string { str, err := mbase.Encode(mbase.Base32, k.raw) if err != nil { panic("should not error with hardcoded mbase: " + err.Error()) @@ -103,7 +84,7 @@ func (k *Key) String() string { } // Encrypt performs AES-256 GCM encryption on plaintext. -func (k *Key) Encrypt(plaintext []byte) ([]byte, error) { +func (k *AESKey) Encrypt(plaintext []byte) ([]byte, error) { block, err := aes.NewCipher(k.raw[:KeyBytes]) if err != nil { return nil, err @@ -122,7 +103,7 @@ func (k *Key) Encrypt(plaintext []byte) ([]byte, error) { } // Decrypt uses key to perform AES-256 GCM decryption on ciphertext. -func (k *Key) Decrypt(ciphertext []byte) ([]byte, error) { +func (k *AESKey) Decrypt(ciphertext []byte) ([]byte, error) { block, err := aes.NewCipher(k.raw[:KeyBytes]) if err != nil { return nil, err diff --git a/util/crypto/cryptoproto/protos/crypto.proto b/util/crypto/cryptoproto/protos/crypto.proto index 02352719..dea6164b 100644 --- a/util/crypto/cryptoproto/protos/crypto.proto +++ b/util/crypto/cryptoproto/protos/crypto.proto @@ -1,20 +1,14 @@ syntax = "proto3"; -package utilcrypto; +package crypto; option go_package = "util/crypto/cryptoproto"; enum KeyType { - RSA = 0; - Ed25519 = 1; - Secp256k1 = 2; - ECDSA = 3; + Ed25519Public = 0; + Ed25519Private = 1; + AES = 2; } -message PublicKey { +message Key { KeyType Type = 1; bytes Data = 2; } - -message PrivateKey { - KeyType Type = 1; - bytes Data = 2; -} \ No newline at end of file diff --git a/util/crypto/curve25519.go b/util/crypto/curve25519.go deleted file mode 100644 index f60050a5..00000000 --- a/util/crypto/curve25519.go +++ /dev/null @@ -1,52 +0,0 @@ -package crypto - -import ( - "crypto/ed25519" - "crypto/sha512" - "filippo.io/edwards25519" - "golang.org/x/crypto/curve25519" -) - -// Ed25519PublicKeyToCurve25519 converts an Ed25519 public key to a Curve25519 public key -func Ed25519PublicKeyToCurve25519(pk ed25519.PublicKey) []byte { - // Unmarshalling public key into edwards curve point - epk, err := (&edwards25519.Point{}).SetBytes(pk) - if err != nil { - panic(err) - } - // converting to curve25519 (see here for more details https://github.com/golang/go/issues/20504) - return epk.BytesMontgomery() -} - -// ISC License -// -// Copyright (c) 2013-2020 -// Frank Denis -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -// https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_sign/ed25519/ref10/keypair.c#L69-L83 - -// Ed25519PrivateKeyToCurve25519 converts an Ed25519 private key to a Curve25519 private key -// This code is originally taken from here https://github.com/jorrizza/ed2curve25519/blob/master/ed2curve25519.go -func Ed25519PrivateKeyToCurve25519(pk ed25519.PrivateKey) []byte { - h := sha512.New() - h.Write(pk.Seed()) - out := h.Sum(nil) - - // used in libsodium - out[0] &= 248 - out[31] &= 127 - out[31] |= 64 - - return out[:curve25519.ScalarSize] -} diff --git a/util/crypto/key.go b/util/crypto/key.go index 50b01c97..ad408ab9 100644 --- a/util/crypto/key.go +++ b/util/crypto/key.go @@ -25,7 +25,7 @@ type PrivKey interface { GetPublic() PubKey } -// PubKey is the public key used to verify the signatures made by SignPrivKey +// PubKey is the public key used to verify the signatures and decrypt messages type PubKey interface { Key @@ -35,6 +35,15 @@ type PubKey interface { Verify(data []byte, sig []byte) (bool, error) } +type SymKey interface { + Key + + // Decrypt decrypts the message and returns the result + Decrypt(message []byte) ([]byte, error) + // Encrypt encrypts the message and returns the result + Encrypt(message []byte) ([]byte, error) +} + func KeyEquals(k1, k2 Key) bool { a, err := k1.Raw() if err != nil { diff --git a/util/crypto/x25519.go b/util/crypto/x25519.go index ef2ab05d..96864ebc 100644 --- a/util/crypto/x25519.go +++ b/util/crypto/x25519.go @@ -1,14 +1,62 @@ package crypto import ( + "crypto/ed25519" "crypto/rand" + "crypto/sha512" "errors" + "filippo.io/edwards25519" "golang.org/x/crypto/blake2b" + "golang.org/x/crypto/curve25519" "golang.org/x/crypto/nacl/box" ) var ErrX25519DecryptionFailed = errors.New("failed decryption with x25519 key") +// Ed25519PublicKeyToCurve25519 converts an Ed25519 public key to a Curve25519 public key +func Ed25519PublicKeyToCurve25519(pk ed25519.PublicKey) []byte { + // Unmarshalling public key into edwards curve point + epk, err := (&edwards25519.Point{}).SetBytes(pk) + if err != nil { + panic(err) + } + // converting to curve25519 (see here for more details https://github.com/golang/go/issues/20504) + return epk.BytesMontgomery() +} + +// ISC License +// +// Copyright (c) 2013-2020 +// Frank Denis +// +// Permission to use, copy, modify, and/or distribute this software for any +// purpose with or without fee is hereby granted, provided that the above +// copyright notice and this permission notice appear in all copies. +// +// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +// https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_sign/ed25519/ref10/keypair.c#L69-L83 + +// Ed25519PrivateKeyToCurve25519 converts an Ed25519 private key to a Curve25519 private key +// This code is originally taken from here https://github.com/jorrizza/ed2curve25519/blob/master/ed2curve25519.go +func Ed25519PrivateKeyToCurve25519(pk ed25519.PrivateKey) []byte { + h := sha512.New() + h.Write(pk.Seed()) + out := h.Sum(nil) + + // used in libsodium + out[0] &= 248 + out[31] &= 127 + out[31] |= 64 + + return out[:curve25519.ScalarSize] +} + // EncryptX25519 takes a x25519 public key and encrypts the message func EncryptX25519(pubKey *[32]byte, msg []byte) []byte { // see discussion here https://github.com/golang/go/issues/29128 From cc48cf88f3ab324c64c495ca744cf076ed4cc5f5 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Fri, 24 Mar 2023 14:56:39 +0100 Subject: [PATCH 04/24] Update derivation --- Makefile | 2 +- go.mod | 1 + go.sum | 2 + util/crypto/cryptoproto/crypto.pb.go | 320 +++++---------------------- util/crypto/derived.go | 17 ++ util/crypto/ed25519.go | 49 +++- util/crypto/key.go | 5 + 7 files changed, 118 insertions(+), 278 deletions(-) create mode 100644 util/crypto/derived.go diff --git a/Makefile b/Makefile index 4c8f788f..434ab943 100644 --- a/Makefile +++ b/Makefile @@ -7,7 +7,7 @@ proto: @$(eval P_ACL_RECORDS_PATH_PB := commonspace/object/acl/aclrecordproto) @$(eval P_TREE_CHANGES_PATH_PB := commonspace/object/tree/treechangeproto) - @$(eval P_CRYPTO_PATH_PB := util/keys/cryptoproto) + @$(eval P_CRYPTO_PATH_PB := util/crypto/cryptoproto) @$(eval P_ACL_RECORDS := M$(P_ACL_RECORDS_PATH_PB)/protos/aclrecord.proto=github.com/anytypeio/any-sync/$(P_ACL_RECORDS_PATH_PB)) @$(eval P_TREE_CHANGES := M$(P_TREE_CHANGES_PATH_PB)/protos/treechange.proto=github.com/anytypeio/any-sync/$(P_TREE_CHANGES_PATH_PB)) diff --git a/go.mod b/go.mod index fb9727d1..980af79b 100644 --- a/go.mod +++ b/go.mod @@ -42,6 +42,7 @@ require ( require ( filippo.io/edwards25519 v1.0.0 // indirect github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a // indirect + github.com/anytypeio/go-slip21 v0.0.0-20200218204727-e2e51e20ab51 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/btcsuite/btcd/btcec/v2 v2.2.0 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect diff --git a/go.sum b/go.sum index 723a7276..5037014e 100644 --- a/go.sum +++ b/go.sum @@ -7,6 +7,8 @@ github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a h1:E/8AP5dFtMhl5K github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= github.com/anytypeio/go-chash v0.0.2 h1:BSpyMC3HXNkf2eosQrHM4svov0DrvxL9tb4gnHbdmbA= github.com/anytypeio/go-chash v0.0.2/go.mod h1:G+R6q7jYgNa52NqcRhnNm28pogfWW+cuHtgBktrc2QA= +github.com/anytypeio/go-slip21 v0.0.0-20200218204727-e2e51e20ab51 h1:3Y+18zBC8LZgcL3l2dgoTEIzIUzCZa/kN0UV3ZWpbuA= +github.com/anytypeio/go-slip21 v0.0.0-20200218204727-e2e51e20ab51/go.mod h1:SoKy+W8Mf6v7XBV30xFWkIFMs7UnXwsNGrGV12yVkEs= github.com/awalterschulze/gographviz v2.0.3+incompatible h1:9sVEXJBJLwGX7EQVhLm2elIKCm7P2YHFC8v6096G09E= github.com/awalterschulze/gographviz v2.0.3+incompatible/go.mod h1:GEV5wmg4YquNw7v1kkyoX9etIk8yVmXj+AkDHuuETHs= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= diff --git a/util/crypto/cryptoproto/crypto.pb.go b/util/crypto/cryptoproto/crypto.pb.go index af4ac14c..338c1dd9 100644 --- a/util/crypto/cryptoproto/crypto.pb.go +++ b/util/crypto/cryptoproto/crypto.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: util/keys/cryptoproto/protos/crypto.proto +// source: util/crypto/cryptoproto/protos/crypto.proto package cryptoproto @@ -25,24 +25,21 @@ const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package type KeyType int32 const ( - KeyType_RSA KeyType = 0 - KeyType_Ed25519 KeyType = 1 - KeyType_Secp256k1 KeyType = 2 - KeyType_ECDSA KeyType = 3 + KeyType_Ed25519Public KeyType = 0 + KeyType_Ed25519Private KeyType = 1 + KeyType_AES KeyType = 2 ) var KeyType_name = map[int32]string{ - 0: "RSA", - 1: "Ed25519", - 2: "Secp256k1", - 3: "ECDSA", + 0: "Ed25519Public", + 1: "Ed25519Private", + 2: "AES", } var KeyType_value = map[string]int32{ - "RSA": 0, - "Ed25519": 1, - "Secp256k1": 2, - "ECDSA": 3, + "Ed25519Public": 0, + "Ed25519Private": 1, + "AES": 2, } func (x KeyType) String() string { @@ -50,26 +47,26 @@ func (x KeyType) String() string { } func (KeyType) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_761a9295b23470c2, []int{0} + return fileDescriptor_ddfeb19e486561de, []int{0} } -type PublicKey struct { - Type KeyType `protobuf:"varint,1,opt,name=Type,proto3,enum=utilcrypto.KeyType" json:"Type,omitempty"` +type Key struct { + Type KeyType `protobuf:"varint,1,opt,name=Type,proto3,enum=crypto.KeyType" json:"Type,omitempty"` Data []byte `protobuf:"bytes,2,opt,name=Data,proto3" json:"Data,omitempty"` } -func (m *PublicKey) Reset() { *m = PublicKey{} } -func (m *PublicKey) String() string { return proto.CompactTextString(m) } -func (*PublicKey) ProtoMessage() {} -func (*PublicKey) Descriptor() ([]byte, []int) { - return fileDescriptor_761a9295b23470c2, []int{0} +func (m *Key) Reset() { *m = Key{} } +func (m *Key) String() string { return proto.CompactTextString(m) } +func (*Key) ProtoMessage() {} +func (*Key) Descriptor() ([]byte, []int) { + return fileDescriptor_ddfeb19e486561de, []int{0} } -func (m *PublicKey) XXX_Unmarshal(b []byte) error { +func (m *Key) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) } -func (m *PublicKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { +func (m *Key) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { if deterministic { - return xxx_messageInfo_PublicKey.Marshal(b, m, deterministic) + return xxx_messageInfo_Key.Marshal(b, m, deterministic) } else { b = b[:cap(b)] n, err := m.MarshalToSizedBuffer(b) @@ -79,78 +76,26 @@ func (m *PublicKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { return b[:n], nil } } -func (m *PublicKey) XXX_Merge(src proto.Message) { - xxx_messageInfo_PublicKey.Merge(m, src) +func (m *Key) XXX_Merge(src proto.Message) { + xxx_messageInfo_Key.Merge(m, src) } -func (m *PublicKey) XXX_Size() int { +func (m *Key) XXX_Size() int { return m.Size() } -func (m *PublicKey) XXX_DiscardUnknown() { - xxx_messageInfo_PublicKey.DiscardUnknown(m) +func (m *Key) XXX_DiscardUnknown() { + xxx_messageInfo_Key.DiscardUnknown(m) } -var xxx_messageInfo_PublicKey proto.InternalMessageInfo +var xxx_messageInfo_Key proto.InternalMessageInfo -func (m *PublicKey) GetType() KeyType { +func (m *Key) GetType() KeyType { if m != nil { return m.Type } - return KeyType_RSA + return KeyType_Ed25519Public } -func (m *PublicKey) GetData() []byte { - if m != nil { - return m.Data - } - return nil -} - -type PrivateKey struct { - Type KeyType `protobuf:"varint,1,opt,name=Type,proto3,enum=utilcrypto.KeyType" json:"Type,omitempty"` - Data []byte `protobuf:"bytes,2,opt,name=Data,proto3" json:"Data,omitempty"` -} - -func (m *PrivateKey) Reset() { *m = PrivateKey{} } -func (m *PrivateKey) String() string { return proto.CompactTextString(m) } -func (*PrivateKey) ProtoMessage() {} -func (*PrivateKey) Descriptor() ([]byte, []int) { - return fileDescriptor_761a9295b23470c2, []int{1} -} -func (m *PrivateKey) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PrivateKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_PrivateKey.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *PrivateKey) XXX_Merge(src proto.Message) { - xxx_messageInfo_PrivateKey.Merge(m, src) -} -func (m *PrivateKey) XXX_Size() int { - return m.Size() -} -func (m *PrivateKey) XXX_DiscardUnknown() { - xxx_messageInfo_PrivateKey.DiscardUnknown(m) -} - -var xxx_messageInfo_PrivateKey proto.InternalMessageInfo - -func (m *PrivateKey) GetType() KeyType { - if m != nil { - return m.Type - } - return KeyType_RSA -} - -func (m *PrivateKey) GetData() []byte { +func (m *Key) GetData() []byte { if m != nil { return m.Data } @@ -158,34 +103,31 @@ func (m *PrivateKey) GetData() []byte { } func init() { - proto.RegisterEnum("utilcrypto.KeyType", KeyType_name, KeyType_value) - proto.RegisterType((*PublicKey)(nil), "utilcrypto.PublicKey") - proto.RegisterType((*PrivateKey)(nil), "utilcrypto.PrivateKey") + proto.RegisterEnum("crypto.KeyType", KeyType_name, KeyType_value) + proto.RegisterType((*Key)(nil), "crypto.Key") } func init() { - proto.RegisterFile("util/keys/cryptoproto/protos/crypto.proto", fileDescriptor_761a9295b23470c2) + proto.RegisterFile("util/crypto/cryptoproto/protos/crypto.proto", fileDescriptor_ddfeb19e486561de) } -var fileDescriptor_761a9295b23470c2 = []byte{ - // 222 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xd2, 0x2c, 0x2d, 0xc9, 0xcc, - 0xd1, 0xcf, 0x4e, 0xad, 0x2c, 0xd6, 0x4f, 0x2e, 0xaa, 0x2c, 0x28, 0xc9, 0x2f, 0x28, 0xca, 0x2f, - 0xc9, 0xd7, 0x07, 0x93, 0x30, 0x21, 0x3d, 0x30, 0x4f, 0x88, 0x0b, 0xa4, 0x14, 0x22, 0xa2, 0xe4, - 0xc1, 0xc5, 0x19, 0x50, 0x9a, 0x94, 0x93, 0x99, 0xec, 0x9d, 0x5a, 0x29, 0xa4, 0xce, 0xc5, 0x12, - 0x52, 0x59, 0x90, 0x2a, 0xc1, 0xa8, 0xc0, 0xa8, 0xc1, 0x67, 0x24, 0xac, 0x87, 0x50, 0xa7, 0xe7, - 0x9d, 0x5a, 0x09, 0x92, 0x0a, 0x02, 0x2b, 0x10, 0x12, 0xe2, 0x62, 0x71, 0x49, 0x2c, 0x49, 0x94, - 0x60, 0x52, 0x60, 0xd4, 0xe0, 0x09, 0x02, 0xb3, 0x95, 0x3c, 0xb9, 0xb8, 0x02, 0x8a, 0x32, 0xcb, - 0x12, 0x4b, 0x52, 0x29, 0x35, 0x4a, 0xcb, 0x92, 0x8b, 0x1d, 0xaa, 0x48, 0x88, 0x9d, 0x8b, 0x39, - 0x28, 0xd8, 0x51, 0x80, 0x41, 0x88, 0x9b, 0x8b, 0xdd, 0x35, 0xc5, 0xc8, 0xd4, 0xd4, 0xd0, 0x52, - 0x80, 0x51, 0x88, 0x97, 0x8b, 0x33, 0x38, 0x35, 0xb9, 0xc0, 0xc8, 0xd4, 0x2c, 0xdb, 0x50, 0x80, - 0x49, 0x88, 0x93, 0x8b, 0xd5, 0xd5, 0xd9, 0x25, 0xd8, 0x51, 0x80, 0xd9, 0x49, 0xff, 0xc4, 0x23, - 0x39, 0xc6, 0x0b, 0x8f, 0xe4, 0x18, 0x1f, 0x3c, 0x92, 0x63, 0x9c, 0xf0, 0x58, 0x8e, 0xe1, 0xc2, - 0x63, 0x39, 0x86, 0x1b, 0x8f, 0xe5, 0x18, 0xa2, 0x44, 0xb1, 0x06, 0x50, 0x12, 0x1b, 0x98, 0x32, - 0x06, 0x04, 0x00, 0x00, 0xff, 0xff, 0x9d, 0x04, 0x8a, 0xb8, 0x40, 0x01, 0x00, 0x00, +var fileDescriptor_ddfeb19e486561de = []byte{ + // 191 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xd2, 0x2e, 0x2d, 0xc9, 0xcc, + 0xd1, 0x4f, 0x2e, 0xaa, 0x2c, 0x28, 0xc9, 0x87, 0x52, 0x05, 0x45, 0xf9, 0x25, 0xf9, 0xfa, 0x60, + 0xb2, 0x18, 0x2a, 0xa4, 0x07, 0xe6, 0x09, 0xb1, 0x41, 0x78, 0x4a, 0x76, 0x5c, 0xcc, 0xde, 0xa9, + 0x95, 0x42, 0xca, 0x5c, 0x2c, 0x21, 0x95, 0x05, 0xa9, 0x12, 0x8c, 0x0a, 0x8c, 0x1a, 0x7c, 0x46, + 0xfc, 0x7a, 0x50, 0xb5, 0xde, 0xa9, 0x95, 0x20, 0xe1, 0x20, 0xb0, 0xa4, 0x90, 0x10, 0x17, 0x8b, + 0x4b, 0x62, 0x49, 0xa2, 0x04, 0x93, 0x02, 0xa3, 0x06, 0x4f, 0x10, 0x98, 0xad, 0x65, 0xc9, 0xc5, + 0x0e, 0x55, 0x24, 0x24, 0xc8, 0xc5, 0xeb, 0x9a, 0x62, 0x64, 0x6a, 0x6a, 0x68, 0x19, 0x50, 0x9a, + 0x94, 0x93, 0x99, 0x2c, 0xc0, 0x20, 0x24, 0xc4, 0xc5, 0x07, 0x13, 0x2a, 0xca, 0x2c, 0x4b, 0x2c, + 0x49, 0x15, 0x60, 0x14, 0x62, 0xe7, 0x62, 0x76, 0x74, 0x0d, 0x16, 0x60, 0x72, 0x32, 0x3c, 0xf1, + 0x48, 0x8e, 0xf1, 0xc2, 0x23, 0x39, 0xc6, 0x07, 0x8f, 0xe4, 0x18, 0x27, 0x3c, 0x96, 0x63, 0xb8, + 0xf0, 0x58, 0x8e, 0xe1, 0xc6, 0x63, 0x39, 0x86, 0x28, 0x71, 0x1c, 0x3e, 0x49, 0x62, 0x03, 0x53, + 0xc6, 0x80, 0x00, 0x00, 0x00, 0xff, 0xff, 0x27, 0xb9, 0xba, 0xd8, 0xeb, 0x00, 0x00, 0x00, } -func (m *PublicKey) Marshal() (dAtA []byte, err error) { +func (m *Key) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) n, err := m.MarshalToSizedBuffer(dAtA[:size]) @@ -195,47 +137,12 @@ func (m *PublicKey) Marshal() (dAtA []byte, err error) { return dAtA[:n], nil } -func (m *PublicKey) MarshalTo(dAtA []byte) (int, error) { +func (m *Key) MarshalTo(dAtA []byte) (int, error) { size := m.Size() return m.MarshalToSizedBuffer(dAtA[:size]) } -func (m *PublicKey) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.Data) > 0 { - i -= len(m.Data) - copy(dAtA[i:], m.Data) - i = encodeVarintCrypto(dAtA, i, uint64(len(m.Data))) - i-- - dAtA[i] = 0x12 - } - if m.Type != 0 { - i = encodeVarintCrypto(dAtA, i, uint64(m.Type)) - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func (m *PrivateKey) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *PrivateKey) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *PrivateKey) MarshalToSizedBuffer(dAtA []byte) (int, error) { +func (m *Key) MarshalToSizedBuffer(dAtA []byte) (int, error) { i := len(dAtA) _ = i var l int @@ -266,23 +173,7 @@ func encodeVarintCrypto(dAtA []byte, offset int, v uint64) int { dAtA[offset] = uint8(v) return base } -func (m *PublicKey) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Type != 0 { - n += 1 + sovCrypto(uint64(m.Type)) - } - l = len(m.Data) - if l > 0 { - n += 1 + l + sovCrypto(uint64(l)) - } - return n -} - -func (m *PrivateKey) Size() (n int) { +func (m *Key) Size() (n int) { if m == nil { return 0 } @@ -304,7 +195,7 @@ func sovCrypto(x uint64) (n int) { func sozCrypto(x uint64) (n int) { return sovCrypto(uint64((x << 1) ^ uint64((int64(x) >> 63)))) } -func (m *PublicKey) Unmarshal(dAtA []byte) error { +func (m *Key) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 for iNdEx < l { @@ -327,113 +218,10 @@ func (m *PublicKey) Unmarshal(dAtA []byte) error { fieldNum := int32(wire >> 3) wireType := int(wire & 0x7) if wireType == 4 { - return fmt.Errorf("proto: PublicKey: wiretype end group for non-group") + return fmt.Errorf("proto: Key: wiretype end group for non-group") } if fieldNum <= 0 { - return fmt.Errorf("proto: PublicKey: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType) - } - m.Type = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowCrypto - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Type |= KeyType(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Data", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowCrypto - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthCrypto - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthCrypto - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Data = append(m.Data[:0], dAtA[iNdEx:postIndex]...) - if m.Data == nil { - m.Data = []byte{} - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipCrypto(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthCrypto - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *PrivateKey) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowCrypto - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: PrivateKey: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: PrivateKey: illegal tag %d (wire type %d)", fieldNum, wire) + return fmt.Errorf("proto: Key: illegal tag %d (wire type %d)", fieldNum, wire) } switch fieldNum { case 1: diff --git a/util/crypto/derived.go b/util/crypto/derived.go new file mode 100644 index 00000000..f12fca51 --- /dev/null +++ b/util/crypto/derived.go @@ -0,0 +1,17 @@ +package crypto + +import "github.com/anytypeio/go-slip21" + +const anytypeAccountPath = "m/SLIP-0021/anytype/account" + +func DeriveAccountSymmetric(seed []byte) (SymKey, error) { + master, err := slip21.DeriveForPath(anytypeAccountPath, seed) + if err != nil { + return nil, err + } + key, err := UnmarshallAESKey(master.SymmetricKey()) + if err != nil { + return nil, err + } + return key, nil +} diff --git a/util/crypto/ed25519.go b/util/crypto/ed25519.go index 0d2e9a90..0cdfdb1f 100644 --- a/util/crypto/ed25519.go +++ b/util/crypto/ed25519.go @@ -7,7 +7,10 @@ import ( "crypto/subtle" "errors" "fmt" + "github.com/anytypeio/any-sync/util/crypto/cryptoproto" + "github.com/gogo/protobuf/proto" "io" + "sync" ) // Ed25519PrivKey is an ed25519 private key. @@ -15,29 +18,34 @@ type Ed25519PrivKey struct { privKey ed25519.PrivateKey privCurve *[32]byte pubCurve *[32]byte + once sync.Once } // Ed25519PubKey is an ed25519 public key. type Ed25519PubKey struct { pubKey ed25519.PublicKey pubCurve *[32]byte + once sync.Once } func NewEd25519PrivKey(privKey ed25519.PrivateKey) PrivKey { - pK := &Ed25519PrivKey{privKey: privKey} - pubKey := pK.pubKeyBytes() - privCurve := Ed25519PrivateKeyToCurve25519(privKey) - pubCurve := Ed25519PublicKeyToCurve25519(pubKey) - pK.privCurve = (*[32]byte)(privCurve) - pK.pubCurve = (*[32]byte)(pubCurve) - return pK + return &Ed25519PrivKey{privKey: privKey} } func NewEd25519PubKey(pubKey ed25519.PublicKey) PubKey { - pK := &Ed25519PubKey{pubKey: pubKey} - pubCurve := Ed25519PublicKeyToCurve25519(pubKey) - pK.pubCurve = (*[32]byte)(pubCurve) - return pK + return &Ed25519PubKey{pubKey: pubKey} +} + +func UnmarshalEd25519PublicKeyProto(bytes []byte) (PubKey, error) { + msg := &cryptoproto.Key{} + err := proto.Unmarshal(bytes, msg) + if err != nil { + return nil, err + } + if msg.Type != cryptoproto.KeyType_Ed25519Public { + return nil, ErrIncorrectKeyType + } + return UnmarshalEd25519PublicKey(msg.Data) } func NewSigningEd25519PubKeyFromBytes(bytes []byte) (PubKey, error) { @@ -101,6 +109,13 @@ func (k *Ed25519PrivKey) Sign(msg []byte) ([]byte, error) { // Decrypt decrypts the message func (k *Ed25519PrivKey) Decrypt(msg []byte) ([]byte, error) { + k.once.Do(func() { + pubKey := k.pubKeyBytes() + privCurve := Ed25519PrivateKeyToCurve25519(k.privKey) + pubCurve := Ed25519PublicKeyToCurve25519(pubKey) + k.pubCurve = (*[32]byte)(pubCurve) + k.privCurve = (*[32]byte)(privCurve) + }) return DecryptX25519(k.privCurve, k.pubCurve, msg) } @@ -111,6 +126,10 @@ func (k *Ed25519PubKey) Raw() ([]byte, error) { // Encrypt message func (k *Ed25519PubKey) Encrypt(msg []byte) (data []byte, err error) { + k.once.Do(func() { + pubCurve := Ed25519PublicKeyToCurve25519(k.pubKey) + k.pubCurve = (*[32]byte)(pubCurve) + }) data = EncryptX25519(k.pubCurve, msg) return } @@ -130,6 +149,14 @@ func (k *Ed25519PubKey) Verify(data []byte, sig []byte) (bool, error) { return ed25519.Verify(k.pubKey, data, sig), nil } +func (k *Ed25519PubKey) Marshall() ([]byte, error) { + msg := &cryptoproto.Key{ + Type: cryptoproto.KeyType_Ed25519Public, + Data: k.pubKey, + } + return proto.Marshal(msg) +} + // UnmarshalEd25519PublicKey returns a public key from input bytes. func UnmarshalEd25519PublicKey(data []byte) (PubKey, error) { if len(data) != 32 { diff --git a/util/crypto/key.go b/util/crypto/key.go index ad408ab9..21f08142 100644 --- a/util/crypto/key.go +++ b/util/crypto/key.go @@ -2,8 +2,11 @@ package crypto import ( "crypto/subtle" + "errors" ) +var ErrIncorrectKeyType = errors.New("incorrect key type") + // Key is an abstract interface for all types of keys type Key interface { // Equals returns if the keys are equal @@ -33,6 +36,8 @@ type PubKey interface { Encrypt(message []byte) ([]byte, error) // Verify verifies the signed message and the signature Verify(data []byte, sig []byte) (bool, error) + // Marshall wraps key in proto encoding and marshalls it + Marshall() ([]byte, error) } type SymKey interface { From 5baa6dc856e60d04c3b9a5e3cc46fe8aa3f11d8f Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Fri, 24 Mar 2023 22:43:25 +0100 Subject: [PATCH 05/24] ACLState refactoring --- .../acl/aclrecordproto/aclreadkeyderive.go | 13 - .../object/acl/aclrecordproto/aclrecord.pb.go | 228 +++------ .../acl/aclrecordproto/protos/aclrecord.proto | 3 +- .../object/acl/list/aclrecordbuilder.go | 227 +++++---- commonspace/object/acl/list/aclstate.go | 476 ++++++++---------- commonspace/object/acl/list/list.go | 13 +- commonspace/object/acl/list/list_test.go | 14 +- commonspace/object/acl/list/models.go | 22 + commonspace/object/acl/list/record.go | 12 - .../object/tree/exporter/treeexporter.go | 2 +- commonspace/object/tree/objecttree/change.go | 4 +- .../object/tree/objecttree/changebuilder.go | 48 +- .../object/tree/objecttree/objecttree.go | 24 +- .../tree/objecttree/objecttreevalidator.go | 2 +- util/crypto/ed25519.go | 11 + util/crypto/key.go | 4 + util/crypto/keystorage.go | 9 + 17 files changed, 506 insertions(+), 606 deletions(-) delete mode 100644 commonspace/object/acl/aclrecordproto/aclreadkeyderive.go create mode 100644 commonspace/object/acl/list/models.go delete mode 100644 commonspace/object/acl/list/record.go create mode 100644 util/crypto/keystorage.go diff --git a/commonspace/object/acl/aclrecordproto/aclreadkeyderive.go b/commonspace/object/acl/aclrecordproto/aclreadkeyderive.go deleted file mode 100644 index 6d6bab90..00000000 --- a/commonspace/object/acl/aclrecordproto/aclreadkeyderive.go +++ /dev/null @@ -1,13 +0,0 @@ -package aclrecordproto - -import ( - "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/keys/symmetric" -) - -func AclReadKeyDerive(signKey []byte, encKey []byte) (*crypto.AESKey, error) { - concBuf := make([]byte, 0, len(signKey)+len(encKey)) - concBuf = append(concBuf, signKey...) - concBuf = append(concBuf, encKey...) - return symmetric.DeriveFromBytes(concBuf) -} diff --git a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go index c77e7818..a8b99e7e 100644 --- a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go +++ b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go @@ -247,12 +247,11 @@ func (m *AclRecord) GetTimestamp() int64 { } type AclRoot struct { - Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - SpaceId string `protobuf:"bytes,2,opt,name=spaceId,proto3" json:"spaceId,omitempty"` - EncryptedReadKey []byte `protobuf:"bytes,3,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` - DerivationScheme string `protobuf:"bytes,4,opt,name=derivationScheme,proto3" json:"derivationScheme,omitempty"` - CurrentReadKeyHash uint64 `protobuf:"varint,5,opt,name=currentReadKeyHash,proto3" json:"currentReadKeyHash,omitempty"` - Timestamp int64 `protobuf:"varint,6,opt,name=timestamp,proto3" json:"timestamp,omitempty"` + Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + SpaceId string `protobuf:"bytes,2,opt,name=spaceId,proto3" json:"spaceId,omitempty"` + EncryptedReadKey []byte `protobuf:"bytes,3,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` + DerivationScheme string `protobuf:"bytes,4,opt,name=derivationScheme,proto3" json:"derivationScheme,omitempty"` + Timestamp int64 `protobuf:"varint,5,opt,name=timestamp,proto3" json:"timestamp,omitempty"` } func (m *AclRoot) Reset() { *m = AclRoot{} } @@ -316,13 +315,6 @@ func (m *AclRoot) GetDerivationScheme() string { return "" } -func (m *AclRoot) GetCurrentReadKeyHash() uint64 { - if m != nil { - return m.CurrentReadKeyHash - } - return 0 -} - func (m *AclRoot) GetTimestamp() int64 { if m != nil { return m.Timestamp @@ -733,10 +725,9 @@ func (m *AclUserInvite) GetPermissions() AclUserPermissions { type AclUserJoin struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` - EncryptionKey []byte `protobuf:"bytes,2,opt,name=encryptionKey,proto3" json:"encryptionKey,omitempty"` - AcceptSignature []byte `protobuf:"bytes,3,opt,name=acceptSignature,proto3" json:"acceptSignature,omitempty"` - AcceptPubKey []byte `protobuf:"bytes,4,opt,name=acceptPubKey,proto3" json:"acceptPubKey,omitempty"` - EncryptedReadKeys [][]byte `protobuf:"bytes,5,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` + AcceptSignature []byte `protobuf:"bytes,2,opt,name=acceptSignature,proto3" json:"acceptSignature,omitempty"` + AcceptPubKey []byte `protobuf:"bytes,3,opt,name=acceptPubKey,proto3" json:"acceptPubKey,omitempty"` + EncryptedReadKeys [][]byte `protobuf:"bytes,4,rep,name=encryptedReadKeys,proto3" json:"encryptedReadKeys,omitempty"` } func (m *AclUserJoin) Reset() { *m = AclUserJoin{} } @@ -779,13 +770,6 @@ func (m *AclUserJoin) GetIdentity() []byte { return nil } -func (m *AclUserJoin) GetEncryptionKey() []byte { - if m != nil { - return m.EncryptionKey - } - return nil -} - func (m *AclUserJoin) GetAcceptSignature() []byte { if m != nil { return m.AcceptSignature @@ -1152,66 +1136,64 @@ func init() { } var fileDescriptor_c8e9f754f34e929b = []byte{ - // 943 bytes of a gzipped FileDescriptorProto + // 907 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0x4f, 0x6f, 0x1b, 0x45, - 0x14, 0xf7, 0xda, 0x49, 0x1c, 0x3f, 0xbb, 0x89, 0x33, 0x40, 0xbb, 0x8a, 0x8a, 0x15, 0xad, 0x40, - 0x8a, 0xaa, 0xca, 0x11, 0x06, 0x29, 0x55, 0x84, 0xa8, 0xdc, 0x52, 0x64, 0xb7, 0x42, 0xaa, 0x26, - 0x40, 0x51, 0x39, 0x4d, 0x66, 0x47, 0xf1, 0xd0, 0xf5, 0xee, 0x6a, 0x66, 0x6c, 0xe4, 0x4f, 0x01, - 0x37, 0xae, 0x1c, 0xf9, 0x28, 0x48, 0x5c, 0x72, 0x41, 0xe2, 0x88, 0x12, 0xf1, 0x11, 0xb8, 0xa3, - 0x99, 0xd9, 0xff, 0xeb, 0x58, 0x70, 0x80, 0x43, 0xe2, 0x9d, 0xf7, 0x7e, 0xef, 0xcd, 0xef, 0xfd, - 0xe6, 0xcd, 0xdb, 0x85, 0x8f, 0x69, 0x34, 0x9f, 0x47, 0xa1, 0x8c, 0x09, 0x65, 0x27, 0xd1, 0xc5, - 0xb7, 0x8c, 0xaa, 0x13, 0x42, 0x03, 0xfd, 0x27, 0x18, 0x8d, 0x84, 0x1f, 0x8b, 0x48, 0x45, 0x27, - 0xe6, 0xbf, 0xcc, 0xad, 0x43, 0x63, 0x40, 0x9d, 0xcc, 0xe0, 0xfd, 0xe4, 0x40, 0x0f, 0x93, 0xef, - 0xc6, 0x34, 0xc0, 0xc6, 0x80, 0x5c, 0x68, 0xc7, 0x64, 0x15, 0x44, 0xc4, 0x77, 0x9d, 0x23, 0xe7, - 0xb8, 0x87, 0xd3, 0x25, 0xba, 0x0f, 0x1d, 0xc9, 0x2f, 0x43, 0xa2, 0x16, 0x82, 0xb9, 0x4d, 0xe3, - 0xcb, 0x0d, 0xe8, 0x01, 0xf4, 0x09, 0xa5, 0x2c, 0x56, 0x91, 0x98, 0xfa, 0x2c, 0x54, 0x5c, 0xad, - 0xdc, 0x96, 0x01, 0xd5, 0xec, 0xe8, 0x21, 0x1c, 0xa4, 0xb6, 0xf3, 0x2c, 0xe3, 0x96, 0x01, 0xd7, - 0x1d, 0xde, 0x27, 0x80, 0x8a, 0x0c, 0x5f, 0x71, 0x35, 0x9b, 0x6e, 0xe2, 0xb9, 0x07, 0x4d, 0xee, - 0x1b, 0x82, 0x1d, 0xdc, 0xe4, 0xbe, 0xf7, 0xbd, 0x03, 0x9d, 0xbc, 0xbe, 0xbb, 0xb0, 0x13, 0x0b, - 0xb6, 0x9c, 0xda, 0xb0, 0x0e, 0x4e, 0x56, 0xe8, 0x10, 0x76, 0x79, 0xca, 0xdb, 0x16, 0x97, 0xad, - 0x11, 0x82, 0x2d, 0x9f, 0x28, 0x92, 0xd4, 0x63, 0x9e, 0xb5, 0x1a, 0x82, 0x11, 0xff, 0x05, 0x5b, - 0x4d, 0x7d, 0xc3, 0xbd, 0x83, 0x73, 0x83, 0xf6, 0x2a, 0x3e, 0x67, 0x52, 0x91, 0x79, 0xec, 0x6e, - 0x1f, 0x39, 0xc7, 0x2d, 0x9c, 0x1b, 0xbc, 0x3f, 0x1d, 0x68, 0x6b, 0x46, 0x51, 0xa4, 0x4a, 0xfb, - 0x3a, 0x95, 0x7d, 0x5d, 0x68, 0x9b, 0x13, 0x9e, 0xa6, 0xe5, 0xa4, 0x4b, 0xad, 0x36, 0x0b, 0xa9, - 0x58, 0xc5, 0x8a, 0xf9, 0xd8, 0xee, 0x9a, 0xaa, 0x5d, 0xb5, 0x6b, 0xac, 0xcf, 0x04, 0x5f, 0x12, - 0xc5, 0xa3, 0xf0, 0x9c, 0xce, 0xd8, 0x9c, 0x25, 0x84, 0x6b, 0x76, 0x34, 0x04, 0x44, 0x17, 0x42, - 0xb0, 0x50, 0x25, 0xd1, 0x13, 0x22, 0x67, 0xa6, 0x80, 0x2d, 0xbc, 0xc6, 0x53, 0xae, 0x73, 0xa7, - 0x5a, 0xe7, 0x6f, 0x4d, 0xd8, 0x1f, 0xd3, 0xe0, 0x69, 0x14, 0x2a, 0x16, 0xaa, 0xaf, 0x48, 0xb0, - 0x60, 0xe8, 0x03, 0x68, 0x2f, 0x24, 0x13, 0x63, 0xdf, 0x1e, 0x40, 0x77, 0xf4, 0xce, 0x30, 0x6f, - 0xcf, 0x31, 0x0d, 0xbe, 0xb4, 0xce, 0x49, 0x03, 0xa7, 0x38, 0x74, 0x06, 0xa0, 0x1f, 0x31, 0x9b, - 0x47, 0x4b, 0xdb, 0x79, 0xdd, 0x91, 0x5b, 0x8f, 0xb2, 0xfe, 0x49, 0x03, 0x17, 0xd0, 0xe8, 0x6b, - 0x78, 0x5b, 0xaf, 0x5e, 0x32, 0x31, 0xe7, 0x52, 0xf2, 0x28, 0x7c, 0x3a, 0x23, 0xe1, 0x25, 0x33, - 0x62, 0x75, 0x47, 0x5e, 0x3d, 0x4b, 0x15, 0x39, 0x69, 0xe0, 0xb5, 0x19, 0x52, 0x56, 0xd3, 0x70, - 0xc9, 0x95, 0x15, 0x74, 0x2d, 0x2b, 0xeb, 0x4f, 0x59, 0xd9, 0x15, 0xfa, 0x08, 0x76, 0xf5, 0xea, - 0x79, 0xc4, 0x43, 0x23, 0x6e, 0x77, 0x74, 0xb7, 0x1e, 0xa9, 0xbd, 0x93, 0x06, 0xce, 0x90, 0x4f, - 0xda, 0xb0, 0xbd, 0xd4, 0x1a, 0x7a, 0xcf, 0x4c, 0xfb, 0x7c, 0xaa, 0xdb, 0xf0, 0x0c, 0x80, 0x64, - 0x0a, 0xbb, 0xce, 0x51, 0xeb, 0xb8, 0x3b, 0x3a, 0x2c, 0xe7, 0x2a, 0xca, 0x8f, 0x0b, 0x68, 0xef, - 0x2f, 0x07, 0x76, 0xc7, 0x34, 0x38, 0x57, 0x44, 0x31, 0x34, 0x00, 0xc8, 0xda, 0x57, 0x9a, 0x44, - 0x1d, 0x5c, 0xb0, 0xa0, 0x53, 0x5b, 0xae, 0x01, 0x4b, 0xb7, 0x69, 0x36, 0xba, 0x57, 0x27, 0x6d, - 0xfc, 0xb8, 0x00, 0x45, 0x67, 0xd0, 0xe6, 0xa6, 0x6a, 0xe9, 0xb6, 0x4c, 0xd4, 0x51, 0x39, 0xca, - 0xc0, 0x86, 0x56, 0x18, 0xf9, 0x2c, 0x54, 0x62, 0x85, 0xd3, 0x80, 0xc3, 0x2f, 0xa0, 0x57, 0x74, - 0xa0, 0x3e, 0xb4, 0xde, 0xb0, 0x55, 0x72, 0x73, 0xf5, 0x23, 0x1a, 0x26, 0x9a, 0xdc, 0xde, 0x16, - 0x36, 0x01, 0xb6, 0xb0, 0xb3, 0xe6, 0x23, 0xc7, 0x7b, 0x03, 0xbd, 0x22, 0xdb, 0x8d, 0x57, 0xf0, - 0x31, 0x74, 0xe3, 0xec, 0xe4, 0xa5, 0xd9, 0x65, 0x6f, 0xf4, 0xee, 0xa6, 0xb6, 0x91, 0xb8, 0x18, - 0xe1, 0xfd, 0xe8, 0x00, 0xe4, 0x6d, 0xbd, 0x71, 0xaf, 0x87, 0x70, 0x50, 0xbd, 0xbc, 0x56, 0xe9, - 0x1e, 0xae, 0x3b, 0xaa, 0xcc, 0x5a, 0xff, 0x9a, 0xd9, 0xcf, 0x0e, 0xdc, 0x29, 0x69, 0x84, 0x8e, - 0x61, 0xdf, 0x8e, 0xdf, 0x97, 0x8b, 0x8b, 0x80, 0xd3, 0x17, 0x2c, 0xe5, 0x58, 0x35, 0xff, 0xdf, - 0x54, 0x7f, 0x75, 0xa0, 0x5b, 0xb8, 0x15, 0x1b, 0x55, 0x7c, 0x0f, 0xee, 0x24, 0x0c, 0x78, 0x14, - 0xea, 0x12, 0xec, 0x34, 0x2f, 0x1b, 0xf3, 0x52, 0xf3, 0x17, 0x50, 0xab, 0x58, 0x6a, 0x66, 0x46, - 0x1e, 0xf4, 0xb2, 0xea, 0x75, 0x3a, 0xfb, 0x9e, 0x2a, 0xd9, 0xd6, 0xcb, 0xb1, 0x7d, 0x8b, 0x1c, - 0x9e, 0xcc, 0x74, 0x4f, 0x86, 0xd4, 0xa6, 0x72, 0x3e, 0x83, 0xfd, 0xe4, 0x16, 0x62, 0x16, 0x07, - 0x84, 0x66, 0x97, 0xef, 0x7e, 0x59, 0x3f, 0x5c, 0x02, 0xe1, 0x6a, 0x90, 0xf7, 0x0d, 0x1c, 0xd4, - 0x50, 0x1b, 0x37, 0x5e, 0xf7, 0x8a, 0x69, 0xae, 0x7f, 0xc5, 0x78, 0x4b, 0xb8, 0x77, 0xcb, 0xf8, - 0xfc, 0x6f, 0x2f, 0xd7, 0x73, 0xd8, 0xd3, 0x13, 0x64, 0x15, 0xd2, 0xcf, 0x99, 0x94, 0xe4, 0x92, - 0xa1, 0x47, 0xd0, 0xa6, 0xd9, 0x30, 0xd4, 0x13, 0x61, 0x50, 0x99, 0x36, 0xab, 0x90, 0x96, 0x06, - 0x62, 0x0a, 0xf7, 0x5e, 0xc3, 0x5b, 0x6b, 0xfc, 0x66, 0xc0, 0xfa, 0xbe, 0xfd, 0x78, 0x90, 0x49, - 0xce, 0xca, 0x94, 0x19, 0x67, 0x7e, 0x3d, 0xe6, 0x73, 0x74, 0x3e, 0xb0, 0x27, 0xe6, 0xc4, 0x73, - 0x1c, 0x3a, 0x85, 0xb6, 0xc8, 0x52, 0xea, 0xd3, 0x2c, 0x56, 0x5d, 0xff, 0xda, 0xc1, 0x29, 0xfa, - 0xc1, 0x29, 0xa0, 0xba, 0x28, 0xa8, 0x03, 0xdb, 0x63, 0x7f, 0xce, 0xc3, 0x7e, 0x03, 0x01, 0xec, - 0xbc, 0x12, 0x5c, 0x31, 0xd1, 0x77, 0xf4, 0xb3, 0x3e, 0x21, 0x26, 0xfa, 0xcd, 0x27, 0x8f, 0x7f, - 0xb9, 0x1e, 0x38, 0x57, 0xd7, 0x03, 0xe7, 0x8f, 0xeb, 0x81, 0xf3, 0xc3, 0xcd, 0xa0, 0x71, 0x75, - 0x33, 0x68, 0xfc, 0x7e, 0x33, 0x68, 0xbc, 0x7e, 0xff, 0x1f, 0x7d, 0x4b, 0x5e, 0xec, 0x98, 0x9f, - 0x0f, 0xff, 0x0e, 0x00, 0x00, 0xff, 0xff, 0xca, 0x88, 0xea, 0x1c, 0x7b, 0x0a, 0x00, 0x00, + 0x14, 0xf7, 0xd8, 0x49, 0x1c, 0x3f, 0x9b, 0xc4, 0x19, 0xa0, 0x5d, 0x45, 0xc5, 0x8a, 0x56, 0x42, + 0x8a, 0xaa, 0x2a, 0x11, 0x06, 0x29, 0x55, 0x84, 0xa8, 0xdc, 0x52, 0x64, 0xb7, 0x42, 0xaa, 0x26, + 0x40, 0x51, 0x39, 0x4d, 0x66, 0x47, 0xc9, 0xd0, 0xf5, 0xee, 0x6a, 0x66, 0x6c, 0xe4, 0x4f, 0x01, + 0x37, 0xae, 0x5c, 0x90, 0xf8, 0x02, 0x7c, 0x07, 0x8e, 0xb9, 0x20, 0x71, 0x44, 0xc9, 0x67, 0xe0, + 0x8e, 0x66, 0xc6, 0xfb, 0xdf, 0x31, 0x70, 0xa0, 0x87, 0xc4, 0x3b, 0xef, 0xfd, 0xe6, 0xcd, 0xef, + 0xfd, 0xe6, 0xbd, 0xb7, 0x0b, 0x1f, 0xb3, 0x78, 0x3a, 0x8d, 0x23, 0x95, 0x50, 0xc6, 0x8f, 0xe3, + 0xf3, 0x6f, 0x39, 0xd3, 0xc7, 0x94, 0x85, 0xe6, 0x4f, 0x72, 0x16, 0xcb, 0x20, 0x91, 0xb1, 0x8e, + 0x8f, 0xed, 0x7f, 0x95, 0x5b, 0x8f, 0xac, 0x01, 0x77, 0x32, 0x83, 0xff, 0x13, 0x82, 0x1e, 0xa1, + 0xdf, 0x8d, 0x58, 0x48, 0xac, 0x01, 0x7b, 0xd0, 0x4e, 0xe8, 0x22, 0x8c, 0x69, 0xe0, 0xa1, 0x03, + 0x74, 0xd8, 0x23, 0xe9, 0x12, 0xdf, 0x83, 0x8e, 0x12, 0x17, 0x11, 0xd5, 0x33, 0xc9, 0xbd, 0xa6, + 0xf5, 0xe5, 0x06, 0x7c, 0x1f, 0xfa, 0x94, 0x31, 0x9e, 0xe8, 0x58, 0x4e, 0x02, 0x1e, 0x69, 0xa1, + 0x17, 0x5e, 0xcb, 0x82, 0x6a, 0x76, 0xfc, 0x00, 0xf6, 0x52, 0xdb, 0x59, 0x16, 0x71, 0xc3, 0x82, + 0xeb, 0x0e, 0xff, 0x13, 0xc0, 0x45, 0x86, 0x2f, 0x85, 0xbe, 0x9c, 0xac, 0xe3, 0xb9, 0x03, 0x4d, + 0x11, 0x58, 0x82, 0x1d, 0xd2, 0x14, 0x81, 0xff, 0x3d, 0x82, 0x4e, 0x9e, 0xdf, 0x1d, 0xd8, 0x4a, + 0x24, 0x9f, 0x4f, 0xdc, 0xb6, 0x0e, 0x59, 0xae, 0xf0, 0x3e, 0x6c, 0x8b, 0x94, 0xb7, 0x4b, 0x2e, + 0x5b, 0x63, 0x0c, 0x1b, 0x01, 0xd5, 0x74, 0x99, 0x8f, 0x7d, 0x36, 0x6a, 0x48, 0x4e, 0x83, 0xe7, + 0x7c, 0x31, 0x09, 0x2c, 0xf7, 0x0e, 0xc9, 0x0d, 0xc6, 0xab, 0xc5, 0x94, 0x2b, 0x4d, 0xa7, 0x89, + 0xb7, 0x79, 0x80, 0x0e, 0x5b, 0x24, 0x37, 0xf8, 0xbf, 0x22, 0x68, 0x1b, 0x46, 0x71, 0xac, 0x4b, + 0xe7, 0xa2, 0xca, 0xb9, 0x1e, 0xb4, 0xed, 0x0d, 0x4f, 0xd2, 0x74, 0xd2, 0xa5, 0x51, 0x9b, 0x47, + 0x4c, 0x2e, 0x12, 0xcd, 0x03, 0xe2, 0x4e, 0x4d, 0xd5, 0xae, 0xda, 0x0d, 0x36, 0xe0, 0x52, 0xcc, + 0xa9, 0x16, 0x71, 0x74, 0xc6, 0x2e, 0xf9, 0x94, 0x2f, 0x09, 0xd7, 0xec, 0xff, 0xc0, 0xfb, 0xf7, + 0x26, 0xec, 0x8e, 0x58, 0xf8, 0x24, 0x8e, 0x34, 0x8f, 0xf4, 0x57, 0x34, 0x9c, 0x71, 0xfc, 0x01, + 0xb4, 0x67, 0x8a, 0xcb, 0x51, 0xe0, 0x04, 0xed, 0x0e, 0xdf, 0x3d, 0xca, 0xcb, 0x6d, 0xc4, 0xc2, + 0x2f, 0x9d, 0x73, 0xdc, 0x20, 0x29, 0x0e, 0x9f, 0x02, 0x98, 0x47, 0xc2, 0xa7, 0xf1, 0xdc, 0x55, + 0x52, 0x77, 0xe8, 0xd5, 0x77, 0x39, 0xff, 0xb8, 0x41, 0x0a, 0x68, 0xfc, 0x35, 0xbc, 0x63, 0x56, + 0x2f, 0xb8, 0x9c, 0x0a, 0xa5, 0x44, 0x1c, 0x3d, 0xb9, 0xa4, 0xd1, 0x05, 0xb7, 0xc9, 0x77, 0x87, + 0x7e, 0x3d, 0x4a, 0x15, 0x39, 0x6e, 0x90, 0x95, 0x11, 0x52, 0x56, 0x93, 0x68, 0x2e, 0xb4, 0x13, + 0x68, 0x25, 0x2b, 0xe7, 0x4f, 0x59, 0xb9, 0x15, 0xfe, 0x08, 0xb6, 0xcd, 0xea, 0x59, 0x2c, 0x22, + 0xab, 0x5a, 0x77, 0x78, 0xa7, 0xbe, 0xd3, 0x78, 0xc7, 0x0d, 0x92, 0x21, 0x1f, 0xb7, 0x61, 0x73, + 0x6e, 0x34, 0xf4, 0x9f, 0xda, 0x72, 0xf8, 0xd4, 0x94, 0xd5, 0x29, 0x00, 0xcd, 0x14, 0xf6, 0xd0, + 0x41, 0xeb, 0xb0, 0x3b, 0xdc, 0x2f, 0xc7, 0x2a, 0xca, 0x4f, 0x0a, 0x68, 0xff, 0x2f, 0x04, 0xdb, + 0x23, 0x16, 0x9e, 0x69, 0xaa, 0x39, 0x1e, 0x00, 0x64, 0xe5, 0xa8, 0x6c, 0xa0, 0x0e, 0x29, 0x58, + 0xf0, 0x89, 0x4b, 0xd7, 0x82, 0x95, 0xd7, 0xb4, 0x07, 0xdd, 0xad, 0x93, 0xb6, 0x7e, 0x52, 0x80, + 0xe2, 0x53, 0x68, 0x0b, 0x9b, 0xb5, 0xf2, 0x5a, 0x76, 0xd7, 0x41, 0x79, 0x97, 0x85, 0x1d, 0x39, + 0x61, 0xd4, 0xd3, 0x48, 0xcb, 0x05, 0x49, 0x37, 0xec, 0x7f, 0x01, 0xbd, 0xa2, 0x03, 0xf7, 0xa1, + 0xf5, 0x9a, 0x2f, 0x96, 0x9d, 0x68, 0x1e, 0xf1, 0xd1, 0x52, 0x93, 0xdb, 0xcb, 0xc2, 0x05, 0x20, + 0x0e, 0x76, 0xda, 0x7c, 0x88, 0xfc, 0xd7, 0xd0, 0x2b, 0xb2, 0x5d, 0xdb, 0x52, 0x8f, 0xa0, 0x9b, + 0x64, 0x37, 0xaf, 0xec, 0x29, 0x3b, 0xc3, 0xf7, 0xd6, 0x95, 0x8d, 0x22, 0xc5, 0x1d, 0xfe, 0x8f, + 0x08, 0x20, 0x2f, 0xeb, 0xb5, 0x67, 0x3d, 0x80, 0xbd, 0x6a, 0x33, 0x3a, 0xa5, 0x7b, 0xa4, 0xee, + 0xa8, 0x32, 0x6b, 0xfd, 0x67, 0x66, 0xbf, 0x20, 0x78, 0xab, 0xa4, 0x11, 0x3e, 0x84, 0x5d, 0x37, + 0x4e, 0x5f, 0xcc, 0xce, 0x43, 0xc1, 0x9e, 0xf3, 0x94, 0x63, 0xd5, 0xfc, 0xa6, 0xa9, 0xfe, 0x8c, + 0xa0, 0x5b, 0xe8, 0x8a, 0xb5, 0x2a, 0x66, 0x49, 0x9c, 0x55, 0x5e, 0x3e, 0x55, 0x33, 0xf6, 0xa1, + 0x97, 0xe5, 0x95, 0x0f, 0xc4, 0x92, 0x6d, 0x75, 0xa2, 0x1b, 0xb7, 0x24, 0xea, 0xab, 0x4c, 0xd1, + 0xe5, 0xf8, 0x59, 0x47, 0xf4, 0x33, 0xd8, 0x5d, 0xf6, 0x17, 0xe1, 0x49, 0x48, 0x59, 0xd6, 0x56, + 0xf7, 0xca, 0xca, 0x90, 0x12, 0x88, 0x54, 0x37, 0xf9, 0xdf, 0xc0, 0x5e, 0x0d, 0xb5, 0xf6, 0xe0, + 0x55, 0x2f, 0x83, 0xe6, 0xea, 0x97, 0x81, 0x3f, 0x87, 0xbb, 0xb7, 0x0c, 0xc6, 0xff, 0xb7, 0x6d, + 0x9e, 0xc1, 0x8e, 0x99, 0x0d, 0x8b, 0x88, 0x7d, 0xce, 0x95, 0xa2, 0x17, 0x1c, 0x3f, 0x84, 0x36, + 0xcb, 0xc6, 0x9c, 0xe9, 0xf5, 0x41, 0x65, 0x8e, 0x2c, 0x22, 0x56, 0x1a, 0x75, 0x29, 0xdc, 0x7f, + 0x05, 0x6f, 0xaf, 0xf0, 0xdb, 0xd1, 0x19, 0x04, 0xee, 0x35, 0xaf, 0x96, 0x31, 0x2b, 0xf3, 0x63, + 0x94, 0xf9, 0xcd, 0x00, 0xcf, 0xd1, 0xf9, 0x28, 0x1e, 0xdb, 0x1b, 0xcf, 0x71, 0xf8, 0x04, 0xda, + 0x32, 0x0b, 0x69, 0x6e, 0xb3, 0x98, 0x75, 0xfd, 0xbb, 0x84, 0xa4, 0xe8, 0xfb, 0x27, 0x80, 0xeb, + 0xa2, 0xe0, 0x0e, 0x6c, 0x8e, 0x82, 0xa9, 0x88, 0xfa, 0x0d, 0x0c, 0xb0, 0xf5, 0x52, 0x0a, 0xcd, + 0x65, 0x1f, 0x99, 0x67, 0x73, 0x43, 0x5c, 0xf6, 0x9b, 0x8f, 0x1f, 0xfd, 0x76, 0x3d, 0x40, 0x57, + 0xd7, 0x03, 0xf4, 0xe7, 0xf5, 0x00, 0xfd, 0x70, 0x33, 0x68, 0x5c, 0xdd, 0x0c, 0x1a, 0x7f, 0xdc, + 0x0c, 0x1a, 0xaf, 0xde, 0xff, 0x57, 0x5f, 0x7d, 0xe7, 0x5b, 0xf6, 0xe7, 0xc3, 0xbf, 0x03, 0x00, + 0x00, 0xff, 0xff, 0x34, 0xb4, 0xa5, 0x8e, 0x25, 0x0a, 0x00, 0x00, } func (m *RawAclRecord) Marshal() (dAtA []byte, err error) { @@ -1381,11 +1363,6 @@ func (m *AclRoot) MarshalToSizedBuffer(dAtA []byte) (int, error) { if m.Timestamp != 0 { i = encodeVarintAclrecord(dAtA, i, uint64(m.Timestamp)) i-- - dAtA[i] = 0x30 - } - if m.CurrentReadKeyHash != 0 { - i = encodeVarintAclrecord(dAtA, i, uint64(m.CurrentReadKeyHash)) - i-- dAtA[i] = 0x28 } if len(m.DerivationScheme) > 0 { @@ -1814,7 +1791,7 @@ func (m *AclUserJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) { copy(dAtA[i:], m.EncryptedReadKeys[iNdEx]) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptedReadKeys[iNdEx]))) i-- - dAtA[i] = 0x2a + dAtA[i] = 0x22 } } if len(m.AcceptPubKey) > 0 { @@ -1822,20 +1799,13 @@ func (m *AclUserJoin) MarshalToSizedBuffer(dAtA []byte) (int, error) { copy(dAtA[i:], m.AcceptPubKey) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.AcceptPubKey))) i-- - dAtA[i] = 0x22 + dAtA[i] = 0x1a } if len(m.AcceptSignature) > 0 { i -= len(m.AcceptSignature) copy(dAtA[i:], m.AcceptSignature) i = encodeVarintAclrecord(dAtA, i, uint64(len(m.AcceptSignature))) i-- - dAtA[i] = 0x1a - } - if len(m.EncryptionKey) > 0 { - i -= len(m.EncryptionKey) - copy(dAtA[i:], m.EncryptionKey) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.EncryptionKey))) - i-- dAtA[i] = 0x12 } if len(m.Identity) > 0 { @@ -2192,9 +2162,6 @@ func (m *AclRoot) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - if m.CurrentReadKeyHash != 0 { - n += 1 + sovAclrecord(uint64(m.CurrentReadKeyHash)) - } if m.Timestamp != 0 { n += 1 + sovAclrecord(uint64(m.Timestamp)) } @@ -2392,10 +2359,6 @@ func (m *AclUserJoin) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.EncryptionKey) - if l > 0 { - n += 1 + l + sovAclrecord(uint64(l)) - } l = len(m.AcceptSignature) if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) @@ -3188,25 +3151,6 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { m.DerivationScheme = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex case 5: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field CurrentReadKeyHash", wireType) - } - m.CurrentReadKeyHash = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.CurrentReadKeyHash |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 6: if wireType != 0 { return fmt.Errorf("proto: wrong wireType = %d for field Timestamp", wireType) } @@ -4237,40 +4181,6 @@ func (m *AclUserJoin) Unmarshal(dAtA []byte) error { } iNdEx = postIndex case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field EncryptionKey", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAclrecord - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAclrecord - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAclrecord - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.EncryptionKey = append(m.EncryptionKey[:0], dAtA[iNdEx:postIndex]...) - if m.EncryptionKey == nil { - m.EncryptionKey = []byte{} - } - iNdEx = postIndex - case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field AcceptSignature", wireType) } @@ -4304,7 +4214,7 @@ func (m *AclUserJoin) Unmarshal(dAtA []byte) error { m.AcceptSignature = []byte{} } iNdEx = postIndex - case 4: + case 3: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field AcceptPubKey", wireType) } @@ -4338,7 +4248,7 @@ func (m *AclUserJoin) Unmarshal(dAtA []byte) error { m.AcceptPubKey = []byte{} } iNdEx = postIndex - case 5: + case 4: if wireType != 2 { return fmt.Errorf("proto: wrong wireType = %d for field EncryptedReadKeys", wireType) } diff --git a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto index 72101d15..4a6658d5 100644 --- a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto +++ b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto @@ -27,8 +27,7 @@ message AclRoot { string spaceId = 2; bytes encryptedReadKey = 3; string derivationScheme = 4; - uint64 currentReadKeyHash = 5; - int64 timestamp = 6; + int64 timestamp = 5; } message AclContentValue { diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index 4a68ce77..e85f6be1 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -2,129 +2,131 @@ package list import ( "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" - "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/util/cidutil" "github.com/anytypeio/any-sync/util/crypto" "github.com/gogo/protobuf/proto" - "time" ) -// remove interface type AclRecordBuilder interface { - ConvertFromRaw(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) - BuildUserJoin(acceptPrivKeyBytes []byte, encSymKeyBytes []byte, state *AclState) (rec *aclrecordproto.RawAclRecord, err error) + FromRaw(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) } type aclRecordBuilder struct { - id string - keychain *keychain.Keychain + id string + keyStorage crypto.KeyStorage } -func newAclRecordBuilder(id string, keychain *keychain.Keychain) AclRecordBuilder { +func newAclRecordBuilder(id string, keyStorage crypto.KeyStorage) AclRecordBuilder { return &aclRecordBuilder{ - id: id, - keychain: keychain, + id: id, + keyStorage: keyStorage, } } -func (a *aclRecordBuilder) BuildUserJoin(acceptPrivKeyBytes []byte, encSymKeyBytes []byte, state *AclState) (rec *aclrecordproto.RawAclRecord, err error) { - acceptPrivKey, err := crypto.NewSigningEd25519PrivKeyFromBytes(acceptPrivKeyBytes) - if err != nil { - return - } - acceptPubKeyBytes, err := acceptPrivKey.GetPublic().Raw() - if err != nil { - return - } - encSymKey, err := crypto.UnmarshallAESKey(encSymKeyBytes) - if err != nil { - return - } +// TODO: update with new logic +//func (a *aclRecordBuilder) BuildUserJoin(acceptPrivKeyBytes []byte, encSymKeyBytes []byte, state *AclState) (rec *aclrecordproto.RawAclRecord, err error) { +// acceptPrivKey, err := crypto.NewSigningEd25519PrivKeyFromBytes(acceptPrivKeyBytes) +// if err != nil { +// return +// } +// acceptPubKeyBytes, err := acceptPrivKey.GetPublic().Raw() +// if err != nil { +// return +// } +// encSymKey, err := crypto.UnmarshallAESKey(encSymKeyBytes) +// if err != nil { +// return +// } +// +// invite, err := state.Invite(acceptPubKeyBytes) +// if err != nil { +// return +// } +// +// encPrivKey, signPrivKey := state.UserKeys() +// var symKeys [][]byte +// for _, rk := range invite.EncryptedReadKeys { +// dec, err := encSymKey.Decrypt(rk) +// if err != nil { +// return nil, err +// } +// newEnc, err := encPrivKey.GetPublic().Encrypt(dec) +// if err != nil { +// return nil, err +// } +// symKeys = append(symKeys, newEnc) +// } +// idSignature, err := acceptPrivKey.Sign(state.Identity()) +// if err != nil { +// return +// } +// encPubKeyBytes, err := encPrivKey.GetPublic().Raw() +// if err != nil { +// return +// } +// +// userJoin := &aclrecordproto.AclUserJoin{ +// Identity: state.Identity(), +// EncryptionKey: encPubKeyBytes, +// AcceptSignature: idSignature, +// AcceptPubKey: acceptPubKeyBytes, +// EncryptedReadKeys: symKeys, +// } +// aclData := &aclrecordproto.AclData{AclContent: []*aclrecordproto.AclContentValue{ +// {Value: &aclrecordproto.AclContentValue_UserJoin{UserJoin: userJoin}}, +// }} +// marshalledJoin, err := aclData.Marshal() +// if err != nil { +// return +// } +// aclRecord := &aclrecordproto.AclRecord{ +// PrevId: state.LastRecordId(), +// Identity: state.Identity(), +// Data: marshalledJoin, +// CurrentReadKeyHash: state.CurrentReadKeyId(), +// Timestamp: time.Now().Unix(), +// } +// marshalledRecord, err := aclRecord.Marshal() +// if err != nil { +// return +// } +// recSignature, err := signPrivKey.Sign(marshalledRecord) +// if err != nil { +// return +// } +// rec = &aclrecordproto.RawAclRecord{ +// Payload: marshalledRecord, +// Signature: recSignature, +// } +// return +//} - invite, err := state.Invite(acceptPubKeyBytes) - if err != nil { - return - } - - encPrivKey, signPrivKey := state.UserKeys() - var symKeys [][]byte - for _, rk := range invite.EncryptedReadKeys { - dec, err := encSymKey.Decrypt(rk) - if err != nil { - return nil, err - } - newEnc, err := encPrivKey.GetPublic().Encrypt(dec) - if err != nil { - return nil, err - } - symKeys = append(symKeys, newEnc) - } - idSignature, err := acceptPrivKey.Sign(state.Identity()) - if err != nil { - return - } - encPubKeyBytes, err := encPrivKey.GetPublic().Raw() - if err != nil { - return - } - - userJoin := &aclrecordproto.AclUserJoin{ - Identity: state.Identity(), - EncryptionKey: encPubKeyBytes, - AcceptSignature: idSignature, - AcceptPubKey: acceptPubKeyBytes, - EncryptedReadKeys: symKeys, - } - aclData := &aclrecordproto.AclData{AclContent: []*aclrecordproto.AclContentValue{ - {Value: &aclrecordproto.AclContentValue_UserJoin{UserJoin: userJoin}}, - }} - marshalledJoin, err := aclData.Marshal() - if err != nil { - return - } - aclRecord := &aclrecordproto.AclRecord{ - PrevId: state.LastRecordId(), - Identity: state.Identity(), - Data: marshalledJoin, - CurrentReadKeyHash: state.CurrentReadKeyHash(), - Timestamp: time.Now().Unix(), - } - marshalledRecord, err := aclRecord.Marshal() - if err != nil { - return - } - recSignature, err := signPrivKey.Sign(marshalledRecord) - if err != nil { - return - } - rec = &aclrecordproto.RawAclRecord{ - Payload: marshalledRecord, - Signature: recSignature, - } - return -} - -func (a *aclRecordBuilder) ConvertFromRaw(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) { - rawRec := &aclrecordproto.RawAclRecord{} +func (a *aclRecordBuilder) FromRaw(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) { + var ( + rawRec = &aclrecordproto.RawAclRecord{} + pubKey crypto.PubKey + ) err = proto.Unmarshal(rawIdRecord.Payload, rawRec) if err != nil { return } - if rawIdRecord.Id == a.id { aclRoot := &aclrecordproto.AclRoot{} err = proto.Unmarshal(rawRec.Payload, aclRoot) if err != nil { return } - + pubKey, err = a.keyStorage.PubKeyFromProto(aclRoot.Identity) + if err != nil { + return + } rec = &AclRecord{ - Id: rawIdRecord.Id, - CurrentReadKeyHash: aclRoot.CurrentReadKeyHash, - Timestamp: aclRoot.Timestamp, - Signature: rawRec.Signature, - Identity: aclRoot.Identity, - Model: aclRoot, + Id: rawIdRecord.Id, + ReadKeyId: rawIdRecord.Id, + Timestamp: aclRoot.Timestamp, + Signature: rawRec.Signature, + Identity: pubKey, + Model: aclRoot, } } else { aclRecord := &aclrecordproto.AclRecord{} @@ -132,34 +134,31 @@ func (a *aclRecordBuilder) ConvertFromRaw(rawIdRecord *aclrecordproto.RawAclReco if err != nil { return } - + pubKey, err = a.keyStorage.PubKeyFromProto(aclRecord.Identity) + if err != nil { + return + } rec = &AclRecord{ - Id: rawIdRecord.Id, - PrevId: aclRecord.PrevId, - CurrentReadKeyHash: aclRecord.CurrentReadKeyHash, - Timestamp: aclRecord.Timestamp, - Data: aclRecord.Data, - Signature: rawRec.Signature, - Identity: aclRecord.Identity, + Id: rawIdRecord.Id, + PrevId: aclRecord.PrevId, + ReadKeyId: aclRecord.ReadKeyId, + Timestamp: aclRecord.Timestamp, + Data: aclRecord.Data, + Signature: rawRec.Signature, + Identity: pubKey, } } - err = verifyRaw(a.keychain, rawRec, rawIdRecord, rec.Identity) + err = verifyRaw(pubKey, rawRec, rawIdRecord) return } func verifyRaw( - keychain *keychain.Keychain, + pubKey crypto.PubKey, rawRec *aclrecordproto.RawAclRecord, - recWithId *aclrecordproto.RawAclRecordWithId, - identity []byte) (err error) { - identityKey, err := keychain.GetOrAdd(string(identity)) - if err != nil { - return - } - + recWithId *aclrecordproto.RawAclRecordWithId) (err error) { // verifying signature - res, err := identityKey.Verify(rawRec.Payload, rawRec.Signature) + res, err := pubKey.Verify(rawRec.Payload, rawRec.Signature) if err != nil { return } diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index a0426b42..4c4e4de9 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -1,18 +1,13 @@ package list import ( - "bytes" "errors" "fmt" - "hash/fnv" "github.com/anytypeio/any-sync/app/logger" "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/keys" - "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" "github.com/gogo/protobuf/proto" "go.uber.org/zap" ) @@ -36,86 +31,80 @@ var ( ) type UserPermissionPair struct { - Identity string + Identity crypto.PubKey Permission aclrecordproto.AclUserPermissions } type AclState struct { - id string - currentReadKeyHash uint64 - userReadKeys map[uint64]*crypto.AESKey - userStates map[string]*aclrecordproto.AclUserState - userInvites map[string]*aclrecordproto.AclUserInvite - encryptionKey encryptionkey.PrivKey - signingKey signingkey.PrivKey - totalReadKeys int + id string + currentReadKeyId string + userReadKeys map[string]crypto.SymKey + userStates map[string]AclUserState + statesAtRecord map[string][]AclUserState + //userInvites map[string]*aclrecordproto.AclUserInvite + key crypto.PrivKey + pubKey crypto.PubKey + keyStore crypto.KeyStorage + totalReadKeys int - identity string - permissionsAtRecord map[string][]UserPermissionPair - lastRecordId string + lastRecordId string keychain *keychain.Keychain } func newAclStateWithKeys( id string, - signingKey signingkey.PrivKey, - encryptionKey encryptionkey.PrivKey) (*AclState, error) { - identity, err := signingKey.GetPublic().Raw() - if err != nil { - return nil, err - } + key crypto.PrivKey) (*AclState, error) { return &AclState{ - id: id, - identity: string(identity), - signingKey: signingKey, - encryptionKey: encryptionKey, - userReadKeys: make(map[uint64]*crypto.AESKey), - userStates: make(map[string]*aclrecordproto.AclUserState), - userInvites: make(map[string]*aclrecordproto.AclUserInvite), - permissionsAtRecord: make(map[string][]UserPermissionPair), + id: id, + key: key, + pubKey: key.GetPublic(), + userReadKeys: make(map[string]crypto.SymKey), + userStates: make(map[string]AclUserState), + statesAtRecord: make(map[string][]AclUserState), + //userInvites: make(map[string]*aclrecordproto.AclUserInvite), }, nil } func newAclState(id string) *AclState { return &AclState{ - id: id, - userReadKeys: make(map[uint64]*crypto.AESKey), - userStates: make(map[string]*aclrecordproto.AclUserState), - userInvites: make(map[string]*aclrecordproto.AclUserInvite), - permissionsAtRecord: make(map[string][]UserPermissionPair), + id: id, + userReadKeys: make(map[string]crypto.SymKey), + userStates: make(map[string]AclUserState), + statesAtRecord: make(map[string][]AclUserState), + //userInvites: make(map[string]*aclrecordproto.AclUserInvite), } } -func (st *AclState) CurrentReadKeyHash() uint64 { - return st.currentReadKeyHash +func (st *AclState) CurrentReadKeyId() string { + return st.currentReadKeyId } -func (st *AclState) CurrentReadKey() (*crypto.AESKey, error) { - key, exists := st.userReadKeys[st.currentReadKeyHash] +func (st *AclState) CurrentReadKey() (crypto.SymKey, error) { + key, exists := st.userReadKeys[st.currentReadKeyId] if !exists { return nil, ErrNoReadKey } return key, nil } -func (st *AclState) UserReadKeys() map[uint64]*crypto.AESKey { +func (st *AclState) UserReadKeys() map[string]crypto.SymKey { return st.userReadKeys } -func (st *AclState) PermissionsAtRecord(id string, identity string) (UserPermissionPair, error) { - permissions, ok := st.permissionsAtRecord[id] +func (st *AclState) StateAtRecord(id string, pubKey crypto.PubKey) (AclUserState, error) { + userState, ok := st.statesAtRecord[id] if !ok { log.Errorf("missing record at id %s", id) - return UserPermissionPair{}, ErrNoSuchRecord + return AclUserState{}, ErrNoSuchRecord } - for _, perm := range permissions { - if perm.Identity == identity { + for _, perm := range userState { + if perm.PubKey.Equals(pubKey) { return perm, nil } } - return UserPermissionPair{}, ErrNoSuchUser + return AclUserState{}, ErrNoSuchUser } func (st *AclState) applyRecord(record *AclRecord) (err error) { @@ -129,24 +118,18 @@ func (st *AclState) applyRecord(record *AclRecord) (err error) { return } if record.Id == st.id { - root, ok := record.Model.(*aclrecordproto.AclRoot) - if !ok { - return ErrIncorrectRoot - } - err = st.applyRoot(root) + err = st.applyRoot(record) if err != nil { return } - st.permissionsAtRecord[record.Id] = []UserPermissionPair{ - {Identity: string(root.Identity), Permission: aclrecordproto.AclUserPermissions_Admin}, + st.statesAtRecord[record.Id] = []AclUserState{ + {PubKey: record.Identity, Permissions: aclrecordproto.AclUserPermissions_Admin}, } return } - aclData := &aclrecordproto.AclData{} - if record.Model != nil { - aclData = record.Model.(*aclrecordproto.AclData) - } else { + if record.Model == nil { + aclData := &aclrecordproto.AclData{} err = proto.Unmarshal(record.Data, aclData) if err != nil { return @@ -154,109 +137,96 @@ func (st *AclState) applyRecord(record *AclRecord) (err error) { record.Model = aclData } - err = st.applyChangeData(aclData, record.CurrentReadKeyHash, record.Identity) + err = st.applyChangeData(record) if err != nil { return } - // getting all permissions for users at record - var permissions []UserPermissionPair + // getting all states for users at record + var states []AclUserState for _, state := range st.userStates { - permission := UserPermissionPair{ - Identity: string(state.Identity), - Permission: state.Permissions, - } - permissions = append(permissions, permission) + states = append(states, state) } - st.permissionsAtRecord[record.Id] = permissions + st.statesAtRecord[record.Id] = states return } -func (st *AclState) applyRoot(root *aclrecordproto.AclRoot) (err error) { - if st.signingKey != nil && st.encryptionKey != nil && st.identity == string(root.Identity) { - err = st.saveReadKeyFromRoot(root) +func (st *AclState) applyRoot(record *AclRecord) (err error) { + if st.key != nil && st.pubKey.Equals(record.Identity) { + err = st.saveReadKeyFromRoot(record) if err != nil { return } } // adding user to the list - userState := &aclrecordproto.AclUserState{ - Identity: root.Identity, - EncryptionKey: root.EncryptionKey, - Permissions: aclrecordproto.AclUserPermissions_Admin, + userState := AclUserState{ + PubKey: record.Identity, + Permissions: aclrecordproto.AclUserPermissions_Admin, } - st.currentReadKeyHash = root.CurrentReadKeyHash - st.userStates[string(root.Identity)] = userState + st.currentReadKeyId = record.ReadKeyId + st.userStates[mapKeyFromPubKey(record.Identity)] = userState st.totalReadKeys++ return } -func (st *AclState) saveReadKeyFromRoot(root *aclrecordproto.AclRoot) (err error) { - var readKey *crypto.AESKey +func (st *AclState) saveReadKeyFromRoot(record *AclRecord) (err error) { + var readKey crypto.SymKey + root, ok := record.Model.(*aclrecordproto.AclRoot) + if !ok { + return ErrIncorrectRoot + } if len(root.GetDerivationScheme()) != 0 { - var encPrivKey []byte - encPrivKey, err = st.encryptionKey.Raw() - if err != nil { - return - } - var signPrivKey []byte - signPrivKey, err = st.signingKey.Raw() + var keyBytes []byte + keyBytes, err = st.key.Raw() if err != nil { return } - readKey, err = aclrecordproto.AclReadKeyDerive(signPrivKey, encPrivKey) + readKey, err = crypto.DeriveAccountSymmetric(keyBytes) if err != nil { return } } else { - readKey, _, err = st.decryptReadKeyAndHash(root.EncryptedReadKey) + readKey, err = st.decryptReadKey(root.EncryptedReadKey) if err != nil { return } } - hasher := fnv.New64() - _, err = hasher.Write(readKey.Bytes()) - if err != nil { - return - } - if hasher.Sum64() != root.CurrentReadKeyHash { - return ErrIncorrectRoot - } - st.userReadKeys[root.CurrentReadKeyHash] = readKey - + st.userReadKeys[record.Id] = readKey return } -func (st *AclState) applyChangeData(changeData *aclrecordproto.AclData, hash uint64, identity []byte) (err error) { +func (st *AclState) applyChangeData(record *AclRecord) (err error) { defer func() { if err != nil { return } - if hash != st.currentReadKeyHash { + if record.ReadKeyId != st.currentReadKeyId { st.totalReadKeys++ - st.currentReadKeyHash = hash + st.currentReadKeyId = record.ReadKeyId } }() - - if !st.isUserJoin(changeData) { + model := record.Model.(*aclrecordproto.AclData) + if !st.isUserJoin(model) { // we check signature when we add this to the List, so no need to do it here - if _, exists := st.userStates[string(identity)]; !exists { + if _, exists := st.userStates[mapKeyFromPubKey(record.Identity)]; !exists { err = ErrNoSuchUser return } - if !st.HasPermission(identity, aclrecordproto.AclUserPermissions_Admin) { - err = fmt.Errorf("user %s must have admin permissions", identity) + // only Admins can do non-user join changes + if !st.HasPermission(record.Identity, aclrecordproto.AclUserPermissions_Admin) { + // TODO: add string encoding + err = fmt.Errorf("user %s must have admin permissions", record.Identity.String()) return } } - for _, ch := range changeData.GetAclContent() { - if err = st.applyChangeContent(ch); err != nil { + for _, ch := range model.GetAclContent() { + if err = st.applyChangeContent(ch, record.Id); err != nil { log.Info("error while applying changes: %v; ignore", zap.Error(err)) return err } @@ -265,26 +235,29 @@ func (st *AclState) applyChangeData(changeData *aclrecordproto.AclData, hash uin return nil } -func (st *AclState) applyChangeContent(ch *aclrecordproto.AclContentValue) error { +func (st *AclState) applyChangeContent(ch *aclrecordproto.AclContentValue, recordId string) error { switch { case ch.GetUserPermissionChange() != nil: - return st.applyUserPermissionChange(ch.GetUserPermissionChange()) + return st.applyUserPermissionChange(ch.GetUserPermissionChange(), recordId) case ch.GetUserAdd() != nil: - return st.applyUserAdd(ch.GetUserAdd()) + return st.applyUserAdd(ch.GetUserAdd(), recordId) case ch.GetUserRemove() != nil: - return st.applyUserRemove(ch.GetUserRemove()) + return st.applyUserRemove(ch.GetUserRemove(), recordId) case ch.GetUserInvite() != nil: - return st.applyUserInvite(ch.GetUserInvite()) + return st.applyUserInvite(ch.GetUserInvite(), recordId) case ch.GetUserJoin() != nil: - return st.applyUserJoin(ch.GetUserJoin()) + return st.applyUserJoin(ch.GetUserJoin(), recordId) default: return fmt.Errorf("unexpected change type: %v", ch) } } -func (st *AclState) applyUserPermissionChange(ch *aclrecordproto.AclUserPermissionChange) error { - chIdentity := string(ch.Identity) - state, exists := st.userStates[chIdentity] +func (st *AclState) applyUserPermissionChange(ch *aclrecordproto.AclUserPermissionChange, recordId string) error { + chIdentity, err := st.keyStore.PubKeyFromProto(ch.Identity) + if err != nil { + return err + } + state, exists := st.userStates[mapKeyFromPubKey(chIdentity)] if !exists { return ErrNoSuchUser } @@ -293,131 +266,132 @@ func (st *AclState) applyUserPermissionChange(ch *aclrecordproto.AclUserPermissi return nil } -func (st *AclState) applyUserInvite(ch *aclrecordproto.AclUserInvite) error { - st.userInvites[string(ch.AcceptPublicKey)] = ch +func (st *AclState) applyUserInvite(ch *aclrecordproto.AclUserInvite, recordId string) error { + //acceptPubKey, err := st.keyStore.PubKeyFromProto(ch.AcceptPublicKey) + //if err != nil { + // return nil + //} + //st.userInvites[string(ch.AcceptPublicKey)] = ch return nil } -func (st *AclState) applyUserJoin(ch *aclrecordproto.AclUserJoin) error { - invite, exists := st.userInvites[string(ch.AcceptPubKey)] - if !exists { - return fmt.Errorf("no such invite with such public key %s", keys.EncodeBytesToString(ch.AcceptPubKey)) - } - chIdentity := string(ch.Identity) +func (st *AclState) applyUserJoin(ch *aclrecordproto.AclUserJoin, recordId string) error { + //invite, exists := st.userInvites[string(ch.AcceptPubKey)] + //if !exists { + // // TODO: change key to use same encoding + // return fmt.Errorf("no such invite with such public key %s", keys.EncodeBytesToString(ch.AcceptPubKey)) + //} + //chIdentity := string(ch.Identity) + //if _, exists = st.userStates[chIdentity]; exists { + // return ErrUserAlreadyExists + //} + // + //// validating signature + //signature := ch.GetAcceptSignature() + //verificationKey, err := crypto.UnmarshalEd25519PublicKeyProto(invite.AcceptPublicKey) + //if err != nil { + // return fmt.Errorf("public key verifying invite accepts is given in incorrect format: %v", err) + //} + // + //// TODO: intuitively we need to sign not only the identity but a more complicated payload + //res, err := verificationKey.Verify(ch.Identity, signature) + //if err != nil { + // return fmt.Errorf("verification returned error: %w", err) + //} + //if !res { + // return ErrInvalidSignature + //} + // + //// if ourselves -> we need to decrypt the read keys + //if st.identity == chIdentity { + // for _, key := range ch.EncryptedReadKeys { + // key, err := st.decryptReadKey(key) + // if err != nil { + // return ErrFailedToDecrypt + // } + // + // st.userReadKeys[recordId] = key + // } + //} + // + //// adding user to the list + //userState := &aclrecordproto.AclUserState{ + // Identity: ch.Identity, + // Permissions: invite.Permissions, + //} + //st.userStates[chIdentity] = userState + return nil +} - if _, exists = st.userStates[chIdentity]; exists { - return ErrUserAlreadyExists - } +func (st *AclState) applyUserAdd(ch *aclrecordproto.AclUserAdd, recordId string) error { + //chIdentity := string(ch.Identity) + //if _, exists := st.userStates[chIdentity]; exists { + // return ErrUserAlreadyExists + //} + // + //st.userStates[chIdentity] = &aclrecordproto.AclUserState{ + // Identity: ch.Identity, + // EncryptionKey: ch.EncryptionKey, + // Permissions: ch.Permissions, + //} + // + //if chIdentity == st.identity { + // for _, key := range ch.EncryptedReadKeys { + // key, hash, err := st.decryptReadKey(key) + // if err != nil { + // return ErrFailedToDecrypt + // } + // + // st.userReadKeys[hash] = key + // } + //} - // validating signature - signature := ch.GetAcceptSignature() - verificationKey, err := crypto.NewSigningEd25519PubKeyFromBytes(invite.AcceptPublicKey) + return nil +} + +func (st *AclState) applyUserRemove(ch *aclrecordproto.AclUserRemove, recordId string) error { + //chIdentity := string(ch.Identity) + //if chIdentity == st.identity { + // return ErrDocumentForbidden + //} + // + //if _, exists := st.userStates[chIdentity]; !exists { + // return ErrNoSuchUser + //} + // + //delete(st.userStates, chIdentity) + // + //for _, replace := range ch.ReadKeyReplaces { + // repIdentity := string(replace.Identity) + // // if this is our identity then we have to decrypt the key + // if repIdentity == st.identity { + // key, hash, err := st.decryptReadKey(replace.EncryptedReadKey) + // if err != nil { + // return ErrFailedToDecrypt + // } + // + // st.userReadKeys[hash] = key + // break + // } + //} + return nil +} + +func (st *AclState) decryptReadKey(msg []byte) (crypto.SymKey, error) { + decrypted, err := st.key.Decrypt(msg) if err != nil { - return fmt.Errorf("public key verifying invite accepts is given in incorrect format: %v", err) - } - - res, err := verificationKey.Verify(ch.Identity, signature) - if err != nil { - return fmt.Errorf("verification returned error: %w", err) - } - if !res { - return ErrInvalidSignature - } - - // if ourselves -> we need to decrypt the read keys - if st.identity == chIdentity { - for _, key := range ch.EncryptedReadKeys { - key, hash, err := st.decryptReadKeyAndHash(key) - if err != nil { - return ErrFailedToDecrypt - } - - st.userReadKeys[hash] = key - } - } - - // adding user to the list - userState := &aclrecordproto.AclUserState{ - Identity: ch.Identity, - EncryptionKey: ch.EncryptionKey, - Permissions: invite.Permissions, - } - st.userStates[chIdentity] = userState - return nil -} - -func (st *AclState) applyUserAdd(ch *aclrecordproto.AclUserAdd) error { - chIdentity := string(ch.Identity) - if _, exists := st.userStates[chIdentity]; exists { - return ErrUserAlreadyExists - } - - st.userStates[chIdentity] = &aclrecordproto.AclUserState{ - Identity: ch.Identity, - EncryptionKey: ch.EncryptionKey, - Permissions: ch.Permissions, - } - - if chIdentity == st.identity { - for _, key := range ch.EncryptedReadKeys { - key, hash, err := st.decryptReadKeyAndHash(key) - if err != nil { - return ErrFailedToDecrypt - } - - st.userReadKeys[hash] = key - } - } - - return nil -} - -func (st *AclState) applyUserRemove(ch *aclrecordproto.AclUserRemove) error { - chIdentity := string(ch.Identity) - if chIdentity == st.identity { - return ErrDocumentForbidden - } - - if _, exists := st.userStates[chIdentity]; !exists { - return ErrNoSuchUser - } - - delete(st.userStates, chIdentity) - - for _, replace := range ch.ReadKeyReplaces { - repIdentity := string(replace.Identity) - // if this is our identity then we have to decrypt the key - if repIdentity == st.identity { - key, hash, err := st.decryptReadKeyAndHash(replace.EncryptedReadKey) - if err != nil { - return ErrFailedToDecrypt - } - - st.userReadKeys[hash] = key - break - } - } - return nil -} - -func (st *AclState) decryptReadKeyAndHash(msg []byte) (*crypto.AESKey, uint64, error) { - decrypted, err := st.encryptionKey.Decrypt(msg) - if err != nil { - return nil, 0, ErrFailedToDecrypt + return nil, ErrFailedToDecrypt } key, err := crypto.UnmarshallAESKey(decrypted) if err != nil { - return nil, 0, ErrFailedToDecrypt + return nil, ErrFailedToDecrypt } - - hasher := fnv.New64() - hasher.Write(decrypted) - return key, hasher.Sum64(), nil + return key, nil } -func (st *AclState) HasPermission(identity []byte, permission aclrecordproto.AclUserPermissions) bool { - state, exists := st.userStates[string(identity)] +func (st *AclState) HasPermission(identity crypto.PubKey, permission aclrecordproto.AclUserPermissions) bool { + state, exists := st.userStates[mapKeyFromPubKey(identity)] if !exists { return false } @@ -430,36 +404,32 @@ func (st *AclState) isUserJoin(data *aclrecordproto.AclData) bool { return data.GetAclContent() != nil && data.GetAclContent()[0].GetUserJoin() != nil } -func (st *AclState) isUserAdd(data *aclrecordproto.AclData, identity []byte) bool { - // if we have a UserAdd, then it should always be the first one applied - userAdd := data.GetAclContent()[0].GetUserAdd() - return data.GetAclContent() != nil && userAdd != nil && bytes.Compare(userAdd.GetIdentity(), identity) == 0 -} +//func (st *AclState) isUserAdd(data *aclrecordproto.AclData, identity []byte) bool { +// // if we have a UserAdd, then it should always be the first one applied +// userAdd := data.GetAclContent()[0].GetUserAdd() +// return data.GetAclContent() != nil && userAdd != nil && bytes.Compare(userAdd.GetIdentity(), identity) == 0 +//} -func (st *AclState) UserStates() map[string]*aclrecordproto.AclUserState { +func (st *AclState) UserStates() map[string]AclUserState { return st.userStates } -func (st *AclState) Invite(acceptPubKey []byte) (invite *aclrecordproto.AclUserInvite, err error) { - invite, exists := st.userInvites[string(acceptPubKey)] - if !exists { - err = ErrNoSuchInvite - return - } - if len(invite.EncryptedReadKeys) != st.totalReadKeys { - err = ErrOldInvite - } - return -} - -func (st *AclState) UserKeys() (encKey encryptionkey.PrivKey, signKey signingkey.PrivKey) { - return st.encryptionKey, st.signingKey -} - -func (st *AclState) Identity() []byte { - return []byte(st.identity) -} +//func (st *AclState) Invite(acceptPubKey []byte) (invite *aclrecordproto.AclUserInvite, err error) { +// invite, exists := st.userInvites[string(acceptPubKey)] +// if !exists { +// err = ErrNoSuchInvite +// return +// } +// if len(invite.EncryptedReadKeys) != st.totalReadKeys { +// err = ErrOldInvite +// } +// return +//} func (st *AclState) LastRecordId() string { return st.lastRecordId } + +func mapKeyFromPubKey(pubKey crypto.PubKey) string { + return string(pubKey.Storage()) +} diff --git a/commonspace/object/acl/list/list.go b/commonspace/object/acl/list/list.go index e8d074a3..3a670bd1 100644 --- a/commonspace/object/acl/list/list.go +++ b/commonspace/object/acl/list/list.go @@ -9,6 +9,7 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anytypeio/any-sync/commonspace/object/acl/liststorage" "github.com/anytypeio/any-sync/commonspace/object/keychain" + "github.com/anytypeio/any-sync/util/crypto" "sync" ) @@ -56,11 +57,11 @@ type aclList struct { func BuildAclListWithIdentity(acc *accountdata.AccountData, storage liststorage.ListStorage) (AclList, error) { builder := newAclStateBuilderWithIdentity(acc) - return build(storage.Id(), builder, newAclRecordBuilder(storage.Id(), keychain.NewKeychain()), storage) + return build(storage.Id(), builder, newAclRecordBuilder(storage.Id(), crypto.NewKeyStorage()), storage) } func BuildAclList(storage liststorage.ListStorage) (AclList, error) { - return build(storage.Id(), newAclStateBuilder(), newAclRecordBuilder(storage.Id(), keychain.NewKeychain()), storage) + return build(storage.Id(), newAclStateBuilder(), newAclRecordBuilder(storage.Id(), crypto.NewKeyStorage()), storage) } func build(id string, stateBuilder *aclStateBuilder, recBuilder AclRecordBuilder, storage liststorage.ListStorage) (list AclList, err error) { @@ -74,7 +75,7 @@ func build(id string, stateBuilder *aclStateBuilder, recBuilder AclRecordBuilder return } - record, err := recBuilder.ConvertFromRaw(rawRecordWithId) + record, err := recBuilder.FromRaw(rawRecordWithId) if err != nil { return } @@ -86,7 +87,7 @@ func build(id string, stateBuilder *aclStateBuilder, recBuilder AclRecordBuilder return } - record, err = recBuilder.ConvertFromRaw(rawRecordWithId) + record, err = recBuilder.FromRaw(rawRecordWithId) if err != nil { return } @@ -137,7 +138,7 @@ func (a *aclList) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (added if _, ok := a.indexes[rawRec.Id]; ok { return } - record, err := a.recordBuilder.ConvertFromRaw(rawRec) + record, err := a.recordBuilder.FromRaw(rawRec) if err != nil { return } @@ -156,7 +157,7 @@ func (a *aclList) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (added } func (a *aclList) IsValidNext(rawRec *aclrecordproto.RawAclRecordWithId) (err error) { - _, err = a.recordBuilder.ConvertFromRaw(rawRec) + _, err = a.recordBuilder.FromRaw(rawRec) if err != nil { return } diff --git a/commonspace/object/acl/list/list_test.go b/commonspace/object/acl/list/list_test.go index a5b7bd5c..b3cd9166 100644 --- a/commonspace/object/acl/list/list_test.go +++ b/commonspace/object/acl/list/list_test.go @@ -25,7 +25,7 @@ func TestAclList_AclState_UserInviteAndJoin(t *testing.T) { assert.Equal(t, aclrecordproto.AclUserPermissions_Admin, aclList.AclState().UserStates()[idA].Permissions) assert.Equal(t, aclrecordproto.AclUserPermissions_Writer, aclList.AclState().UserStates()[idB].Permissions) assert.Equal(t, aclrecordproto.AclUserPermissions_Reader, aclList.AclState().UserStates()[idC].Permissions) - assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.AclState().CurrentReadKeyHash()) + assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) var records []*AclRecord aclList.Iterate(func(record *AclRecord) (IsContinue bool) { @@ -36,10 +36,10 @@ func TestAclList_AclState_UserInviteAndJoin(t *testing.T) { // checking permissions at specific records assert.Equal(t, 3, len(records)) - _, err = aclList.AclState().PermissionsAtRecord(records[1].Id, idB) + _, err = aclList.AclState().StateAtRecord(records[1].Id, idB) assert.Error(t, err, "B should have no permissions at record 1") - perm, err := aclList.AclState().PermissionsAtRecord(records[2].Id, idB) + perm, err := aclList.AclState().StateAtRecord(records[2].Id, idB) assert.NoError(t, err, "should have no error with permissions of B in the record 2") assert.Equal(t, UserPermissionPair{ Identity: idB, @@ -63,7 +63,7 @@ func TestAclList_AclState_UserJoinAndRemove(t *testing.T) { // checking final state assert.Equal(t, aclrecordproto.AclUserPermissions_Admin, aclList.AclState().UserStates()[idA].Permissions) assert.Equal(t, aclrecordproto.AclUserPermissions_Reader, aclList.AclState().UserStates()[idC].Permissions) - assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.AclState().CurrentReadKeyHash()) + assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) _, exists := aclList.AclState().UserStates()[idB] assert.Equal(t, false, exists) @@ -77,15 +77,15 @@ func TestAclList_AclState_UserJoinAndRemove(t *testing.T) { // checking permissions at specific records assert.Equal(t, 4, len(records)) - assert.NotEqual(t, records[2].CurrentReadKeyHash, aclList.AclState().CurrentReadKeyHash()) + assert.NotEqual(t, records[2].CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) - perm, err := aclList.AclState().PermissionsAtRecord(records[2].Id, idB) + perm, err := aclList.AclState().StateAtRecord(records[2].Id, idB) assert.NoError(t, err, "should have no error with permissions of B in the record 2") assert.Equal(t, UserPermissionPair{ Identity: idB, Permission: aclrecordproto.AclUserPermissions_Writer, }, perm) - _, err = aclList.AclState().PermissionsAtRecord(records[3].Id, idB) + _, err = aclList.AclState().StateAtRecord(records[3].Id, idB) assert.Error(t, err, "B should have no permissions at record 3, because user should be removed") } diff --git a/commonspace/object/acl/list/models.go b/commonspace/object/acl/list/models.go new file mode 100644 index 00000000..8c82325e --- /dev/null +++ b/commonspace/object/acl/list/models.go @@ -0,0 +1,22 @@ +package list + +import ( + "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" + "github.com/anytypeio/any-sync/util/crypto" +) + +type AclRecord struct { + Id string + PrevId string + ReadKeyId string + Timestamp int64 + Data []byte + Identity crypto.PubKey + Model interface{} + Signature []byte +} + +type AclUserState struct { + PubKey crypto.PubKey + Permissions aclrecordproto.AclUserPermissions +} diff --git a/commonspace/object/acl/list/record.go b/commonspace/object/acl/list/record.go deleted file mode 100644 index b6ad5391..00000000 --- a/commonspace/object/acl/list/record.go +++ /dev/null @@ -1,12 +0,0 @@ -package list - -type AclRecord struct { - Id string - PrevId string - CurrentReadKeyHash uint64 - Timestamp int64 - Data []byte - Identity []byte - Model interface{} - Signature []byte -} diff --git a/commonspace/object/tree/exporter/treeexporter.go b/commonspace/object/tree/exporter/treeexporter.go index 3dabd605..fe77fb26 100644 --- a/commonspace/object/tree/exporter/treeexporter.go +++ b/commonspace/object/tree/exporter/treeexporter.go @@ -68,7 +68,7 @@ func (t *treeExporter) ExportUnencrypted(tree objecttree.ReadableObjectTree) (er return false } // that means that change is unencrypted - change.ReadKeyHash = 0 + change.ReadKeyId = 0 change.Data = data err = putStorage(change) return err == nil diff --git a/commonspace/object/tree/objecttree/change.go b/commonspace/object/tree/objecttree/change.go index ff59c991..4f7ff510 100644 --- a/commonspace/object/tree/objecttree/change.go +++ b/commonspace/object/tree/objecttree/change.go @@ -20,7 +20,7 @@ type Change struct { SnapshotId string IsSnapshot bool Timestamp int64 - ReadKeyHash uint64 + ReadKeyId string Identity string Data []byte Model interface{} @@ -38,7 +38,7 @@ func NewChange(id string, ch *treechangeproto.TreeChange, signature []byte) *Cha PreviousIds: ch.TreeHeadIds, AclHeadId: ch.AclHeadId, Timestamp: ch.Timestamp, - ReadKeyHash: ch.CurrentReadKeyHash, + ReadKeyId: ch.ReadKeyId, Id: id, Data: ch.ChangesData, SnapshotId: ch.SnapshotBaseId, diff --git a/commonspace/object/tree/objecttree/changebuilder.go b/commonspace/object/tree/objecttree/changebuilder.go index 396f5e20..599122be 100644 --- a/commonspace/object/tree/objecttree/changebuilder.go +++ b/commonspace/object/tree/objecttree/changebuilder.go @@ -14,15 +14,15 @@ import ( var ErrEmptyChange = errors.New("change payload should not be empty") type BuilderContent struct { - TreeHeadIds []string - AclHeadId string - SnapshotBaseId string - CurrentReadKeyHash uint64 - Identity []byte - IsSnapshot bool - SigningKey signingkey.PrivKey - ReadKey *crypto.AESKey - Content []byte + TreeHeadIds []string + AclHeadId string + SnapshotBaseId string + ReadKeyId string + Identity []byte + IsSnapshot bool + SigningKey signingkey.PrivKey + ReadKey *crypto.AESKey + Content []byte } type InitialContent struct { @@ -161,13 +161,13 @@ func (c *changeBuilder) BuildRoot(payload InitialContent) (ch *Change, rawIdChan func (c *changeBuilder) Build(payload BuilderContent) (ch *Change, rawIdChange *treechangeproto.RawTreeChangeWithId, err error) { change := &treechangeproto.TreeChange{ - TreeHeadIds: payload.TreeHeadIds, - AclHeadId: payload.AclHeadId, - SnapshotBaseId: payload.SnapshotBaseId, - CurrentReadKeyHash: payload.CurrentReadKeyHash, - Timestamp: time.Now().Unix(), - Identity: payload.Identity, - IsSnapshot: payload.IsSnapshot, + TreeHeadIds: payload.TreeHeadIds, + AclHeadId: payload.AclHeadId, + SnapshotBaseId: payload.SnapshotBaseId, + ReadKeyId: payload.ReadKeyId, + Timestamp: time.Now().Unix(), + Identity: payload.Identity, + IsSnapshot: payload.IsSnapshot, } if payload.ReadKey != nil { var encrypted []byte @@ -212,14 +212,14 @@ func (c *changeBuilder) Marshall(ch *Change) (raw *treechangeproto.RawTreeChange return c.rootChange, nil } treeChange := &treechangeproto.TreeChange{ - TreeHeadIds: ch.PreviousIds, - AclHeadId: ch.AclHeadId, - SnapshotBaseId: ch.SnapshotId, - ChangesData: ch.Data, - CurrentReadKeyHash: ch.ReadKeyHash, - Timestamp: ch.Timestamp, - Identity: []byte(ch.Identity), - IsSnapshot: ch.IsSnapshot, + TreeHeadIds: ch.PreviousIds, + AclHeadId: ch.AclHeadId, + SnapshotBaseId: ch.SnapshotId, + ChangesData: ch.Data, + ReadKeyId: ch.ReadKeyId, + Timestamp: ch.Timestamp, + Identity: []byte(ch.Identity), + IsSnapshot: ch.IsSnapshot, } var marshalled []byte marshalled, err = treeChange.Marshal() diff --git a/commonspace/object/tree/objecttree/objecttree.go b/commonspace/object/tree/objecttree/objecttree.go index 5930334e..a75a44e6 100644 --- a/commonspace/object/tree/objecttree/objecttree.go +++ b/commonspace/object/tree/objecttree/objecttree.go @@ -236,22 +236,22 @@ func (ot *objectTree) prepareBuilderContent(content SignableChangeContent) (cnt } if content.IsEncrypted { - readKeyHash = state.CurrentReadKeyHash() + readKeyHash = state.CurrentReadKeyId() readKey, err = state.CurrentReadKey() if err != nil { return } } cnt = BuilderContent{ - TreeHeadIds: ot.tree.Heads(), - AclHeadId: ot.aclList.Head().Id, - SnapshotBaseId: ot.tree.RootId(), - CurrentReadKeyHash: readKeyHash, - Identity: content.Identity, - IsSnapshot: content.IsSnapshot, - SigningKey: content.Key, - ReadKey: readKey, - Content: content.Data, + TreeHeadIds: ot.tree.Heads(), + AclHeadId: ot.aclList.Head().Id, + SnapshotBaseId: ot.tree.RootId(), + ReadKeyId: readKeyHash, + Identity: content.Identity, + IsSnapshot: content.IsSnapshot, + SigningKey: content.Key, + ReadKey: readKey, + Content: content.Data, } return } @@ -488,11 +488,11 @@ func (ot *objectTree) IterateFrom(id string, convert ChangeConvertFunc, iterate } decrypt := func(c *Change) (decrypted []byte, err error) { // the change is not encrypted - if c.ReadKeyHash == 0 { + if c.ReadKeyId == 0 { decrypted = c.Data return } - readKey, exists := ot.keys[c.ReadKeyHash] + readKey, exists := ot.keys[c.ReadKeyId] if !exists { err = list.ErrNoReadKey return diff --git a/commonspace/object/tree/objecttree/objecttreevalidator.go b/commonspace/object/tree/objecttree/objecttreevalidator.go index 55adc6a7..221b3002 100644 --- a/commonspace/object/tree/objecttree/objecttreevalidator.go +++ b/commonspace/object/tree/objecttree/objecttreevalidator.go @@ -54,7 +54,7 @@ func (v *objectTreeValidator) validateChange(tree *Tree, aclList list.AclList, c state = aclList.AclState() ) // checking if the user could write - perm, err = state.PermissionsAtRecord(c.AclHeadId, c.Identity) + perm, err = state.StateAtRecord(c.AclHeadId, c.Identity) if err != nil { return } diff --git a/util/crypto/ed25519.go b/util/crypto/ed25519.go index 0cdfdb1f..0a0f16cc 100644 --- a/util/crypto/ed25519.go +++ b/util/crypto/ed25519.go @@ -8,6 +8,7 @@ import ( "errors" "fmt" "github.com/anytypeio/any-sync/util/crypto/cryptoproto" + "github.com/anytypeio/any-sync/util/strkey" "github.com/gogo/protobuf/proto" "io" "sync" @@ -119,6 +120,11 @@ func (k *Ed25519PrivKey) Decrypt(msg []byte) ([]byte, error) { return DecryptX25519(k.privCurve, k.pubCurve, msg) } +func (k *Ed25519PubKey) String() string { + res, _ := strkey.Encode(strkey.AccountAddressVersionByte, k.pubKey) + return res +} + // Raw public key bytes. func (k *Ed25519PubKey) Raw() ([]byte, error) { return k.pubKey, nil @@ -134,6 +140,11 @@ func (k *Ed25519PubKey) Encrypt(msg []byte) (data []byte, err error) { return } +// Storage returns underlying byte storage +func (k *Ed25519PubKey) Storage() []byte { + return k.pubKey +} + // Equals compares two ed25519 public keys. func (k *Ed25519PubKey) Equals(o Key) bool { edk, ok := o.(*Ed25519PubKey) diff --git a/util/crypto/key.go b/util/crypto/key.go index 21f08142..93642ad4 100644 --- a/util/crypto/key.go +++ b/util/crypto/key.go @@ -38,6 +38,10 @@ type PubKey interface { Verify(data []byte, sig []byte) (bool, error) // Marshall wraps key in proto encoding and marshalls it Marshall() ([]byte, error) + // Storage returns underlying key storage + Storage() []byte + // String returns string representation + String() string } type SymKey interface { diff --git a/util/crypto/keystorage.go b/util/crypto/keystorage.go new file mode 100644 index 00000000..80b1892d --- /dev/null +++ b/util/crypto/keystorage.go @@ -0,0 +1,9 @@ +package crypto + +type KeyStorage interface { + PubKeyFromProto(protoBytes []byte) (PubKey, error) +} + +func NewKeyStorage() KeyStorage { + return nil +} From fd5bd0b09913df1f484804cfed4c1e159dae3157 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Sat, 25 Mar 2023 13:15:19 +0100 Subject: [PATCH 06/24] More key changes --- accountservice/accountservice.go | 2 +- accountservice/mock_accountservice/helper.go | 2 +- .../mock_accountservice.go | 4 +- commonspace/object/accountdata/accountdata.go | 13 +- .../object/acl/list/aclrecordbuilder_test.go | 77 +++-- .../object/acl/list/aclstatebuilder.go | 17 +- commonspace/object/acl/list/list.go | 18 +- commonspace/object/acl/list/list_test.go | 156 +++++---- .../acl/testutils/acllistbuilder/keychain.go | 194 ------------ .../acllistbuilder/liststoragebuilder.go | 295 ------------------ .../acllistbuilder/liststoragebuildergraph.go | 11 - .../liststoragebuildergraph_nix.go | 122 -------- .../testutils/acllistbuilder/ymlentities.go | 70 ----- .../object/acl/testutils/yamltests/path.go | 15 - .../testutils/yamltests/userjoinexample.yml | 53 ---- .../testutils/yamltests/userremoveexample.yml | 58 ---- commonspace/object/tree/objecttree/change.go | 11 +- .../object/tree/objecttree/changebuilder.go | 62 ++-- .../object/tree/objecttree/objecttree.go | 22 +- .../tree/objecttree/objecttreefactory.go | 18 +- .../tree/objecttree/objecttreevalidator.go | 4 +- .../object/tree/objecttree/signablecontent.go | 5 +- commonspace/payloads.go | 4 +- commonspace/settings/settings_test.go | 2 +- net/secureservice/credential.go | 4 +- net/secureservice/credential_test.go | 2 +- net/secureservice/secureservice.go | 2 +- testutil/accounttest/accountservice.go | 6 +- util/crypto/ed25519.go | 26 +- 29 files changed, 229 insertions(+), 1046 deletions(-) delete mode 100644 commonspace/object/acl/testutils/acllistbuilder/keychain.go delete mode 100644 commonspace/object/acl/testutils/acllistbuilder/liststoragebuilder.go delete mode 100644 commonspace/object/acl/testutils/acllistbuilder/liststoragebuildergraph.go delete mode 100644 commonspace/object/acl/testutils/acllistbuilder/liststoragebuildergraph_nix.go delete mode 100644 commonspace/object/acl/testutils/acllistbuilder/ymlentities.go delete mode 100644 commonspace/object/acl/testutils/yamltests/path.go delete mode 100644 commonspace/object/acl/testutils/yamltests/userjoinexample.yml delete mode 100644 commonspace/object/acl/testutils/yamltests/userremoveexample.yml diff --git a/accountservice/accountservice.go b/accountservice/accountservice.go index cc2ad335..0c3c0bf0 100644 --- a/accountservice/accountservice.go +++ b/accountservice/accountservice.go @@ -10,7 +10,7 @@ const CName = "common.accountservice" type Service interface { app.Component - Account() *accountdata.AccountData + Account() *accountdata.AccountKeys } type Config struct { diff --git a/accountservice/mock_accountservice/helper.go b/accountservice/mock_accountservice/helper.go index 24f187a0..8457b53d 100644 --- a/accountservice/mock_accountservice/helper.go +++ b/accountservice/mock_accountservice/helper.go @@ -6,7 +6,7 @@ import ( "github.com/golang/mock/gomock" ) -func NewAccountServiceWithAccount(ctrl *gomock.Controller, acc *accountdata.AccountData) *MockService { +func NewAccountServiceWithAccount(ctrl *gomock.Controller, acc *accountdata.AccountKeys) *MockService { mock := NewMockService(ctrl) mock.EXPECT().Name().Return(accountservice.CName).AnyTimes() mock.EXPECT().Init(gomock.Any()).AnyTimes() diff --git a/accountservice/mock_accountservice/mock_accountservice.go b/accountservice/mock_accountservice/mock_accountservice.go index d0876934..b05c634b 100644 --- a/accountservice/mock_accountservice/mock_accountservice.go +++ b/accountservice/mock_accountservice/mock_accountservice.go @@ -36,10 +36,10 @@ func (m *MockService) EXPECT() *MockServiceMockRecorder { } // Account mocks base method. -func (m *MockService) Account() *accountdata.AccountData { +func (m *MockService) Account() *accountdata.AccountKeys { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Account") - ret0, _ := ret[0].(*accountdata.AccountData) + ret0, _ := ret[0].(*accountdata.AccountKeys) return ret0 } diff --git a/commonspace/object/accountdata/accountdata.go b/commonspace/object/accountdata/accountdata.go index 28ae4a50..841b9602 100644 --- a/commonspace/object/accountdata/accountdata.go +++ b/commonspace/object/accountdata/accountdata.go @@ -1,14 +1,11 @@ package accountdata import ( - "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" + "github.com/anytypeio/any-sync/util/crypto" ) -type AccountData struct { // TODO: create a convenient constructor for this - Identity []byte // public key - PeerKey signingkey.PrivKey - SignKey signingkey.PrivKey - EncKey encryptionkey.PrivKey - PeerId string +type AccountKeys struct { + PeerKey crypto.PrivKey + SignKey crypto.PrivKey + PeerId string } diff --git a/commonspace/object/acl/list/aclrecordbuilder_test.go b/commonspace/object/acl/list/aclrecordbuilder_test.go index 5afdb2a8..24b5c9ce 100644 --- a/commonspace/object/acl/list/aclrecordbuilder_test.go +++ b/commonspace/object/acl/list/aclrecordbuilder_test.go @@ -1,50 +1,43 @@ package list import ( - "github.com/anytypeio/any-sync/commonspace/object/accountdata" - "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" - acllistbuilder2 "github.com/anytypeio/any-sync/commonspace/object/acl/testutils/acllistbuilder" - "github.com/anytypeio/any-sync/commonspace/object/keychain" - "github.com/anytypeio/any-sync/util/cidutil" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" - "github.com/stretchr/testify/require" "testing" ) func TestAclRecordBuilder_BuildUserJoin(t *testing.T) { - st, err := acllistbuilder2.NewListStorageWithTestName("userjoinexample.yml") - require.NoError(t, err, "building storage should not result in error") - - testKeychain := st.(*acllistbuilder2.AclListStorageBuilder).GetKeychain() - identity := testKeychain.GeneratedIdentities["D"] - signPrivKey := testKeychain.SigningKeysByYAMLName["D"] - encPrivKey := testKeychain.EncryptionKeysByYAMLName["D"] - acc := &accountdata.AccountData{ - Identity: []byte(identity), - SignKey: signPrivKey, - EncKey: encPrivKey, - } - - aclList, err := BuildAclListWithIdentity(acc, st) - require.NoError(t, err, "building acl list should be without error") - recordBuilder := newAclRecordBuilder(aclList.Id(), keychain.NewKeychain()) - rk, err := testKeychain.GetKey("key.Read.EncKey").(*acllistbuilder2.SymKey).Key.Raw() - require.NoError(t, err) - privKey, err := testKeychain.GetKey("key.Sign.Onetime1").(signingkey.PrivKey).Raw() - require.NoError(t, err) - - userJoin, err := recordBuilder.BuildUserJoin(privKey, rk, aclList.AclState()) - require.NoError(t, err) - marshalledJoin, err := userJoin.Marshal() - require.NoError(t, err) - id, err := cidutil.NewCidFromBytes(marshalledJoin) - require.NoError(t, err) - rawRec := &aclrecordproto.RawAclRecordWithId{ - Payload: marshalledJoin, - Id: id, - } - res, err := aclList.AddRawRecord(rawRec) - require.True(t, res) - require.NoError(t, err) - require.Equal(t, aclrecordproto.AclUserPermissions_Writer, aclList.AclState().UserStates()[identity].Permissions) + //st, err := acllistbuilder2.NewListStorageWithTestName("userjoinexample.yml") + //require.NoError(t, err, "building storage should not result in error") + // + //testKeychain := st.(*acllistbuilder2.AclListStorageBuilder).GetKeychain() + //identity := testKeychain.GeneratedIdentities["D"] + //signPrivKey := testKeychain.SigningKeysByYAMLName["D"] + //encPrivKey := testKeychain.EncryptionKeysByYAMLName["D"] + //acc := &accountdata.AccountKeys{ + // Identity: []byte(identity), + // PrivKey: signPrivKey, + // EncKey: encPrivKey, + //} + // + //aclList, err := BuildAclListWithIdentity(acc, st) + //require.NoError(t, err, "building acl list should be without error") + //recordBuilder := newAclRecordBuilder(aclList.Id(), keychain.NewKeychain()) + //rk, err := testKeychain.GetKey("key.Read.EncKey").(*acllistbuilder2.SymKey).Key.Raw() + //require.NoError(t, err) + //privKey, err := testKeychain.GetKey("key.Sign.Onetime1").(signingkey.PrivKey).Raw() + //require.NoError(t, err) + // + //userJoin, err := recordBuilder.BuildUserJoin(privKey, rk, aclList.AclState()) + //require.NoError(t, err) + //marshalledJoin, err := userJoin.Marshal() + //require.NoError(t, err) + //id, err := cidutil.NewCidFromBytes(marshalledJoin) + //require.NoError(t, err) + //rawRec := &aclrecordproto.RawAclRecordWithId{ + // Payload: marshalledJoin, + // Id: id, + //} + //res, err := aclList.AddRawRecord(rawRec) + //require.True(t, res) + //require.NoError(t, err) + //require.Equal(t, aclrecordproto.AclUserPermissions_Writer, aclList.AclState().UserStates()[identity].Permissions) } diff --git a/commonspace/object/acl/list/aclstatebuilder.go b/commonspace/object/acl/list/aclstatebuilder.go index 38816685..b9f63e69 100644 --- a/commonspace/object/acl/list/aclstatebuilder.go +++ b/commonspace/object/acl/list/aclstatebuilder.go @@ -2,20 +2,17 @@ package list import ( "github.com/anytypeio/any-sync/commonspace/object/accountdata" - "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" + "github.com/anytypeio/any-sync/util/crypto" ) type aclStateBuilder struct { - signPrivKey signingkey.PrivKey - encPrivKey encryptionkey.PrivKey - id string + privKey crypto.PrivKey + id string } -func newAclStateBuilderWithIdentity(accountData *accountdata.AccountData) *aclStateBuilder { +func newAclStateBuilderWithIdentity(keys *accountdata.AccountKeys) *aclStateBuilder { return &aclStateBuilder{ - signPrivKey: accountData.SignKey, - encPrivKey: accountData.EncKey, + privKey: keys.SignKey, } } @@ -28,8 +25,8 @@ func (sb *aclStateBuilder) Init(id string) { } func (sb *aclStateBuilder) Build(records []*AclRecord) (state *AclState, err error) { - if sb.encPrivKey != nil && sb.signPrivKey != nil { - state, err = newAclStateWithKeys(sb.id, sb.signPrivKey, sb.encPrivKey) + if sb.privKey != nil { + state, err = newAclStateWithKeys(sb.id, sb.privKey) if err != nil { return } diff --git a/commonspace/object/acl/list/list.go b/commonspace/object/acl/list/list.go index 3a670bd1..5a486ae5 100644 --- a/commonspace/object/acl/list/list.go +++ b/commonspace/object/acl/list/list.go @@ -8,7 +8,6 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/accountdata" "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anytypeio/any-sync/commonspace/object/acl/liststorage" - "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/util/crypto" "sync" ) @@ -34,6 +33,7 @@ type AclList interface { Get(id string) (*AclRecord, error) Iterate(iterFunc IterFunc) IterateFrom(startId string, iterFunc IterFunc) + KeyStorage() crypto.KeyStorage AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (added bool, err error) @@ -48,23 +48,25 @@ type aclList struct { stateBuilder *aclStateBuilder recordBuilder AclRecordBuilder + keyStorage crypto.KeyStorage aclState *AclState - keychain *keychain.Keychain storage liststorage.ListStorage sync.RWMutex } -func BuildAclListWithIdentity(acc *accountdata.AccountData, storage liststorage.ListStorage) (AclList, error) { +func BuildAclListWithIdentity(acc *accountdata.AccountKeys, storage liststorage.ListStorage) (AclList, error) { builder := newAclStateBuilderWithIdentity(acc) - return build(storage.Id(), builder, newAclRecordBuilder(storage.Id(), crypto.NewKeyStorage()), storage) + keyStorage := crypto.NewKeyStorage() + return build(storage.Id(), keyStorage, builder, newAclRecordBuilder(storage.Id(), keyStorage), storage) } func BuildAclList(storage liststorage.ListStorage) (AclList, error) { - return build(storage.Id(), newAclStateBuilder(), newAclRecordBuilder(storage.Id(), crypto.NewKeyStorage()), storage) + keyStorage := crypto.NewKeyStorage() + return build(storage.Id(), keyStorage, newAclStateBuilder(), newAclRecordBuilder(storage.Id(), crypto.NewKeyStorage()), storage) } -func build(id string, stateBuilder *aclStateBuilder, recBuilder AclRecordBuilder, storage liststorage.ListStorage) (list AclList, err error) { +func build(id string, keyStorage crypto.KeyStorage, stateBuilder *aclStateBuilder, recBuilder AclRecordBuilder, storage liststorage.ListStorage) (list AclList, err error) { head, err := storage.Head() if err != nil { return @@ -177,6 +179,10 @@ func (a *aclList) AclState() *AclState { return a.aclState } +func (a *aclList) KeyStorage() crypto.KeyStorage { + return a.keyStorage +} + func (a *aclList) IsAfter(first string, second string) (bool, error) { firstRec, okFirst := a.indexes[first] secondRec, okSecond := a.indexes[second] diff --git a/commonspace/object/acl/list/list_test.go b/commonspace/object/acl/list/list_test.go index b3cd9166..9e3cedfb 100644 --- a/commonspace/object/acl/list/list_test.go +++ b/commonspace/object/acl/list/list_test.go @@ -1,91 +1,87 @@ package list import ( - "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" - "github.com/anytypeio/any-sync/commonspace/object/acl/testutils/acllistbuilder" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" "testing" ) func TestAclList_AclState_UserInviteAndJoin(t *testing.T) { - st, err := acllistbuilder.NewListStorageWithTestName("userjoinexample.yml") - require.NoError(t, err, "building storage should not result in error") - - keychain := st.(*acllistbuilder.AclListStorageBuilder).GetKeychain() - - aclList, err := BuildAclList(st) - require.NoError(t, err, "building acl list should be without error") - - idA := keychain.GetIdentity("A") - idB := keychain.GetIdentity("B") - idC := keychain.GetIdentity("C") - - // checking final state - assert.Equal(t, aclrecordproto.AclUserPermissions_Admin, aclList.AclState().UserStates()[idA].Permissions) - assert.Equal(t, aclrecordproto.AclUserPermissions_Writer, aclList.AclState().UserStates()[idB].Permissions) - assert.Equal(t, aclrecordproto.AclUserPermissions_Reader, aclList.AclState().UserStates()[idC].Permissions) - assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) - - var records []*AclRecord - aclList.Iterate(func(record *AclRecord) (IsContinue bool) { - records = append(records, record) - return true - }) - - // checking permissions at specific records - assert.Equal(t, 3, len(records)) - - _, err = aclList.AclState().StateAtRecord(records[1].Id, idB) - assert.Error(t, err, "B should have no permissions at record 1") - - perm, err := aclList.AclState().StateAtRecord(records[2].Id, idB) - assert.NoError(t, err, "should have no error with permissions of B in the record 2") - assert.Equal(t, UserPermissionPair{ - Identity: idB, - Permission: aclrecordproto.AclUserPermissions_Writer, - }, perm) + //st, err := acllistbuilder.NewListStorageWithTestName("userjoinexample.yml") + //require.NoError(t, err, "building storage should not result in error") + // + //keychain := st.(*acllistbuilder.AclListStorageBuilder).GetKeychain() + // + //aclList, err := BuildAclList(st) + //require.NoError(t, err, "building acl list should be without error") + // + //idA := keychain.GetIdentity("A") + //idB := keychain.GetIdentity("B") + //idC := keychain.GetIdentity("C") + // + //// checking final state + //assert.Equal(t, aclrecordproto.AclUserPermissions_Admin, aclList.AclState().UserStates()[idA].Permissions) + //assert.Equal(t, aclrecordproto.AclUserPermissions_Writer, aclList.AclState().UserStates()[idB].Permissions) + //assert.Equal(t, aclrecordproto.AclUserPermissions_Reader, aclList.AclState().UserStates()[idC].Permissions) + //assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) + // + //var records []*AclRecord + //aclList.Iterate(func(record *AclRecord) (IsContinue bool) { + // records = append(records, record) + // return true + //}) + // + //// checking permissions at specific records + //assert.Equal(t, 3, len(records)) + // + //_, err = aclList.AclState().StateAtRecord(records[1].Id, idB) + //assert.Error(t, err, "B should have no permissions at record 1") + // + //perm, err := aclList.AclState().StateAtRecord(records[2].Id, idB) + //assert.NoError(t, err, "should have no error with permissions of B in the record 2") + //assert.Equal(t, UserPermissionPair{ + // Identity: idB, + // Permission: aclrecordproto.AclUserPermissions_Writer, + //}, perm) } func TestAclList_AclState_UserJoinAndRemove(t *testing.T) { - st, err := acllistbuilder.NewListStorageWithTestName("userremoveexample.yml") - require.NoError(t, err, "building storage should not result in error") - - keychain := st.(*acllistbuilder.AclListStorageBuilder).GetKeychain() - - aclList, err := BuildAclList(st) - require.NoError(t, err, "building acl list should be without error") - - idA := keychain.GetIdentity("A") - idB := keychain.GetIdentity("B") - idC := keychain.GetIdentity("C") - - // checking final state - assert.Equal(t, aclrecordproto.AclUserPermissions_Admin, aclList.AclState().UserStates()[idA].Permissions) - assert.Equal(t, aclrecordproto.AclUserPermissions_Reader, aclList.AclState().UserStates()[idC].Permissions) - assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) - - _, exists := aclList.AclState().UserStates()[idB] - assert.Equal(t, false, exists) - - var records []*AclRecord - aclList.Iterate(func(record *AclRecord) (IsContinue bool) { - records = append(records, record) - return true - }) - - // checking permissions at specific records - assert.Equal(t, 4, len(records)) - - assert.NotEqual(t, records[2].CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) - - perm, err := aclList.AclState().StateAtRecord(records[2].Id, idB) - assert.NoError(t, err, "should have no error with permissions of B in the record 2") - assert.Equal(t, UserPermissionPair{ - Identity: idB, - Permission: aclrecordproto.AclUserPermissions_Writer, - }, perm) - - _, err = aclList.AclState().StateAtRecord(records[3].Id, idB) - assert.Error(t, err, "B should have no permissions at record 3, because user should be removed") + //st, err := acllistbuilder.NewListStorageWithTestName("userremoveexample.yml") + //require.NoError(t, err, "building storage should not result in error") + // + //keychain := st.(*acllistbuilder.AclListStorageBuilder).GetKeychain() + // + //aclList, err := BuildAclList(st) + //require.NoError(t, err, "building acl list should be without error") + // + //idA := keychain.GetIdentity("A") + //idB := keychain.GetIdentity("B") + //idC := keychain.GetIdentity("C") + // + //// checking final state + //assert.Equal(t, aclrecordproto.AclUserPermissions_Admin, aclList.AclState().UserStates()[idA].Permissions) + //assert.Equal(t, aclrecordproto.AclUserPermissions_Reader, aclList.AclState().UserStates()[idC].Permissions) + //assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) + // + //_, exists := aclList.AclState().UserStates()[idB] + //assert.Equal(t, false, exists) + // + //var records []*AclRecord + //aclList.Iterate(func(record *AclRecord) (IsContinue bool) { + // records = append(records, record) + // return true + //}) + // + //// checking permissions at specific records + //assert.Equal(t, 4, len(records)) + // + //assert.NotEqual(t, records[2].CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) + // + //perm, err := aclList.AclState().StateAtRecord(records[2].Id, idB) + //assert.NoError(t, err, "should have no error with permissions of B in the record 2") + //assert.Equal(t, UserPermissionPair{ + // Identity: idB, + // Permission: aclrecordproto.AclUserPermissions_Writer, + //}, perm) + // + //_, err = aclList.AclState().StateAtRecord(records[3].Id, idB) + //assert.Error(t, err, "B should have no permissions at record 3, because user should be removed") } diff --git a/commonspace/object/acl/testutils/acllistbuilder/keychain.go b/commonspace/object/acl/testutils/acllistbuilder/keychain.go deleted file mode 100644 index 00e207a6..00000000 --- a/commonspace/object/acl/testutils/acllistbuilder/keychain.go +++ /dev/null @@ -1,194 +0,0 @@ -package acllistbuilder - -import ( - "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" - "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/keys" - "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" - "hash/fnv" - "strings" -) - -type SymKey struct { - Hash uint64 - Key *crypto.AESKey -} - -type YAMLKeychain struct { - SigningKeysByYAMLName map[string]signingkey.PrivKey - SigningKeysByRealIdentity map[string]signingkey.PrivKey - EncryptionKeysByYAMLName map[string]encryptionkey.PrivKey - ReadKeysByYAMLName map[string]*SymKey - ReadKeysByHash map[uint64]*SymKey - GeneratedIdentities map[string]string -} - -func NewKeychain() *YAMLKeychain { - return &YAMLKeychain{ - SigningKeysByYAMLName: map[string]signingkey.PrivKey{}, - SigningKeysByRealIdentity: map[string]signingkey.PrivKey{}, - EncryptionKeysByYAMLName: map[string]encryptionkey.PrivKey{}, - GeneratedIdentities: map[string]string{}, - ReadKeysByYAMLName: map[string]*SymKey{}, - ReadKeysByHash: map[uint64]*SymKey{}, - } -} - -func (k *YAMLKeychain) ParseKeys(keys *Keys) { - for _, encKey := range keys.Enc { - k.AddEncryptionKey(encKey) - } - - for _, signKey := range keys.Sign { - k.AddSigningKey(signKey) - } - - for _, readKey := range keys.Read { - k.AddReadKey(readKey) - } -} - -func (k *YAMLKeychain) AddEncryptionKey(key *Key) { - if _, exists := k.EncryptionKeysByYAMLName[key.Name]; exists { - return - } - var ( - newPrivKey encryptionkey.PrivKey - err error - ) - if key.Value == "generated" { - newPrivKey, _, err = encryptionkey.GenerateRandomRSAKeyPair(2048) - if err != nil { - panic(err) - } - } else { - newPrivKey, err = keys.DecodeKeyFromString(key.Value, encryptionkey.NewEncryptionRsaPrivKeyFromBytes, nil) - if err != nil { - panic(err) - } - } - k.EncryptionKeysByYAMLName[key.Name] = newPrivKey -} - -func (k *YAMLKeychain) AddSigningKey(key *Key) { - if _, exists := k.SigningKeysByYAMLName[key.Name]; exists { - return - } - var ( - newPrivKey signingkey.PrivKey - pubKey signingkey.PubKey - err error - ) - if key.Value == "generated" { - newPrivKey, pubKey, err = crypto.GenerateRandomEd25519KeyPair() - if err != nil { - panic(err) - } - } else { - newPrivKey, err = keys.DecodeKeyFromString(key.Value, crypto.NewSigningEd25519PrivKeyFromBytes, nil) - if err != nil { - panic(err) - } - pubKey = newPrivKey.GetPublic() - } - - k.SigningKeysByYAMLName[key.Name] = newPrivKey - rawPubKey, err := pubKey.Raw() - if err != nil { - panic(err) - } - encoded := string(rawPubKey) - - k.SigningKeysByRealIdentity[encoded] = newPrivKey - k.GeneratedIdentities[key.Name] = encoded -} - -func (k *YAMLKeychain) AddReadKey(key *Key) { - if _, exists := k.ReadKeysByYAMLName[key.Name]; exists { - return - } - - var ( - rkey *crypto.AESKey - err error - ) - if key.Value == "generated" { - rkey, err = crypto.NewRandomAES() - if err != nil { - panic("should be able to generate symmetric key") - } - } else if key.Value == "derived" { - signKey, _ := k.SigningKeysByYAMLName[key.Name].Raw() - encKey, _ := k.EncryptionKeysByYAMLName[key.Name].Raw() - rkey, err = aclrecordproto.AclReadKeyDerive(signKey, encKey) - if err != nil { - panic("should be able to derive symmetric key") - } - } else { - rkey, err = crypto.UnmarshallAESKeyString(key.Value) - if err != nil { - panic("should be able to parse symmetric key") - } - } - - hasher := fnv.New64() - hasher.Write(rkey.Bytes()) - - k.ReadKeysByYAMLName[key.Name] = &SymKey{ - Hash: hasher.Sum64(), - Key: rkey, - } - k.ReadKeysByHash[hasher.Sum64()] = &SymKey{ - Hash: hasher.Sum64(), - Key: rkey, - } -} - -func (k *YAMLKeychain) AddKey(key *Key) { - parts := strings.Split(key.Name, ".") - if len(parts) != 3 { - panic("cannot parse a key") - } - - switch parts[1] { - case "Signature": - k.AddSigningKey(key) - case "Enc": - k.AddEncryptionKey(key) - case "Read": - k.AddReadKey(key) - default: - panic("incorrect format") - } -} - -func (k *YAMLKeychain) GetKey(key string) interface{} { - parts := strings.Split(key, ".") - if len(parts) != 3 { - panic("cannot parse a key") - } - name := parts[2] - - switch parts[1] { - case "Sign": - if key, exists := k.SigningKeysByYAMLName[name]; exists { - return key - } - case "Enc": - if key, exists := k.EncryptionKeysByYAMLName[name]; exists { - return key - } - case "Read": - if key, exists := k.ReadKeysByYAMLName[name]; exists { - return key - } - default: - panic("incorrect format") - } - return nil -} - -func (k *YAMLKeychain) GetIdentity(name string) string { - return k.GeneratedIdentities[name] -} diff --git a/commonspace/object/acl/testutils/acllistbuilder/liststoragebuilder.go b/commonspace/object/acl/testutils/acllistbuilder/liststoragebuilder.go deleted file mode 100644 index a73c2924..00000000 --- a/commonspace/object/acl/testutils/acllistbuilder/liststoragebuilder.go +++ /dev/null @@ -1,295 +0,0 @@ -package acllistbuilder - -import ( - "context" - "fmt" - "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" - "github.com/anytypeio/any-sync/commonspace/object/acl/liststorage" - "github.com/anytypeio/any-sync/commonspace/object/acl/testutils/yamltests" - "github.com/anytypeio/any-sync/util/cidutil" - "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" - "gopkg.in/yaml.v3" - "io/ioutil" - "path" - "time" - - "github.com/gogo/protobuf/proto" -) - -type AclListStorageBuilder struct { - liststorage.ListStorage - keychain *YAMLKeychain -} - -func NewAclListStorageBuilder(keychain *YAMLKeychain) *AclListStorageBuilder { - return &AclListStorageBuilder{ - keychain: keychain, - } -} - -func NewListStorageWithTestName(name string) (liststorage.ListStorage, error) { - filePath := path.Join(yamltests.Path(), name) - return NewAclListStorageBuilderFromFile(filePath) -} - -func NewAclListStorageBuilderFromFile(file string) (*AclListStorageBuilder, error) { - content, err := ioutil.ReadFile(file) - if err != nil { - return nil, err - } - - ymlTree := YMLList{} - err = yaml.Unmarshal(content, &ymlTree) - if err != nil { - return nil, err - } - - tb := NewAclListStorageBuilder(NewKeychain()) - tb.Parse(&ymlTree) - - return tb, nil -} - -func (t *AclListStorageBuilder) createRaw(rec proto.Marshaler, identity []byte) *aclrecordproto.RawAclRecordWithId { - protoMarshalled, err := rec.Marshal() - if err != nil { - panic("should be able to marshal final acl message!") - } - - signature, err := t.keychain.SigningKeysByRealIdentity[string(identity)].Sign(protoMarshalled) - if err != nil { - panic("should be able to sign final acl message!") - } - - rawRec := &aclrecordproto.RawAclRecord{ - Payload: protoMarshalled, - Signature: signature, - } - - rawMarshalled, err := proto.Marshal(rawRec) - if err != nil { - panic(err) - } - - id, _ := cidutil.NewCidFromBytes(rawMarshalled) - - return &aclrecordproto.RawAclRecordWithId{ - Payload: rawMarshalled, - Id: id, - } -} - -func (t *AclListStorageBuilder) GetKeychain() *YAMLKeychain { - return t.keychain -} - -func (t *AclListStorageBuilder) Parse(l *YMLList) { - // Just to clarify - we are generating new identities for the ones that - // are specified in the yml file, because our identities should be Ed25519 - // the same thing is happening for the encryption keys - t.keychain.ParseKeys(&l.Keys) - rawRoot := t.parseRoot(l.Root) - var err error - t.ListStorage, err = liststorage.NewInMemoryAclListStorage(rawRoot.Id, []*aclrecordproto.RawAclRecordWithId{rawRoot}) - if err != nil { - panic(err) - } - prevId := rawRoot.Id - for _, rec := range l.Records { - newRecord := t.parseRecord(rec, prevId) - rawRecord := t.createRaw(newRecord, newRecord.Identity) - err = t.AddRawRecord(context.Background(), rawRecord) - if err != nil { - panic(err) - } - prevId = rawRecord.Id - } - t.SetHead(prevId) -} - -func (t *AclListStorageBuilder) parseRecord(rec *Record, prevId string) *aclrecordproto.AclRecord { - k := t.keychain.GetKey(rec.ReadKey).(*SymKey) - var aclChangeContents []*aclrecordproto.AclContentValue - for _, ch := range rec.AclChanges { - aclChangeContent := t.parseAclChange(ch) - aclChangeContents = append(aclChangeContents, aclChangeContent) - } - data := &aclrecordproto.AclData{ - AclContent: aclChangeContents, - } - bytes, _ := data.Marshal() - - return &aclrecordproto.AclRecord{ - PrevId: prevId, - Identity: []byte(t.keychain.GetIdentity(rec.Identity)), - Data: bytes, - CurrentReadKeyHash: k.Hash, - Timestamp: time.Now().Unix(), - } -} - -func (t *AclListStorageBuilder) parseAclChange(ch *AclChange) (convCh *aclrecordproto.AclContentValue) { - switch { - case ch.UserAdd != nil: - add := ch.UserAdd - - encKey := t.keychain.GetKey(add.EncryptionKey).(encryptionkey.PrivKey) - rawKey, _ := encKey.GetPublic().Raw() - - convCh = &aclrecordproto.AclContentValue{ - Value: &aclrecordproto.AclContentValue_UserAdd{ - UserAdd: &aclrecordproto.AclUserAdd{ - Identity: []byte(t.keychain.GetIdentity(add.Identity)), - EncryptionKey: rawKey, - EncryptedReadKeys: t.encryptReadKeysWithPubKey(add.EncryptedReadKeys, encKey), - Permissions: t.convertPermission(add.Permission), - }, - }, - } - case ch.UserJoin != nil: - join := ch.UserJoin - - encKey := t.keychain.GetKey(join.EncryptionKey).(encryptionkey.PrivKey) - rawKey, _ := encKey.GetPublic().Raw() - - idKey, _ := t.keychain.SigningKeysByYAMLName[join.Identity].GetPublic().Raw() - signKey := t.keychain.GetKey(join.AcceptKey).(signingkey.PrivKey) - signature, err := signKey.Sign(idKey) - if err != nil { - panic(err) - } - acceptPubKey, _ := signKey.GetPublic().Raw() - - convCh = &aclrecordproto.AclContentValue{ - Value: &aclrecordproto.AclContentValue_UserJoin{ - UserJoin: &aclrecordproto.AclUserJoin{ - Identity: []byte(t.keychain.GetIdentity(join.Identity)), - EncryptionKey: rawKey, - AcceptSignature: signature, - AcceptPubKey: acceptPubKey, - EncryptedReadKeys: t.encryptReadKeysWithPubKey(join.EncryptedReadKeys, encKey), - }, - }, - } - case ch.UserInvite != nil: - invite := ch.UserInvite - rawAcceptKey, _ := t.keychain.GetKey(invite.AcceptKey).(signingkey.PrivKey).GetPublic().Raw() - hash := t.keychain.GetKey(invite.EncryptionKey).(*SymKey).Hash - encKey := t.keychain.ReadKeysByHash[hash] - - convCh = &aclrecordproto.AclContentValue{ - Value: &aclrecordproto.AclContentValue_UserInvite{ - UserInvite: &aclrecordproto.AclUserInvite{ - AcceptPublicKey: rawAcceptKey, - EncryptSymKeyHash: hash, - EncryptedReadKeys: t.encryptReadKeysWithSymKey(invite.EncryptedReadKeys, encKey.Key), - Permissions: t.convertPermission(invite.Permissions), - }, - }, - } - case ch.UserPermissionChange != nil: - permissionChange := ch.UserPermissionChange - - convCh = &aclrecordproto.AclContentValue{ - Value: &aclrecordproto.AclContentValue_UserPermissionChange{ - UserPermissionChange: &aclrecordproto.AclUserPermissionChange{ - Identity: []byte(t.keychain.GetIdentity(permissionChange.Identity)), - Permissions: t.convertPermission(permissionChange.Permission), - }, - }, - } - case ch.UserRemove != nil: - remove := ch.UserRemove - - newReadKey := t.keychain.GetKey(remove.NewReadKey).(*SymKey) - - var replaces []*aclrecordproto.AclReadKeyReplace - for _, id := range remove.IdentitiesLeft { - encKey := t.keychain.EncryptionKeysByYAMLName[id] - rawEncKey, _ := encKey.GetPublic().Raw() - encReadKey, err := encKey.GetPublic().Encrypt(newReadKey.Key.Bytes()) - if err != nil { - panic(err) - } - replaces = append(replaces, &aclrecordproto.AclReadKeyReplace{ - Identity: []byte(t.keychain.GetIdentity(id)), - EncryptionKey: rawEncKey, - EncryptedReadKey: encReadKey, - }) - } - - convCh = &aclrecordproto.AclContentValue{ - Value: &aclrecordproto.AclContentValue_UserRemove{ - UserRemove: &aclrecordproto.AclUserRemove{ - Identity: []byte(t.keychain.GetIdentity(remove.RemovedIdentity)), - ReadKeyReplaces: replaces, - }, - }, - } - } - if convCh == nil { - panic("cannot have empty acl change") - } - - return convCh -} - -func (t *AclListStorageBuilder) encryptReadKeysWithPubKey(keys []string, encKey encryptionkey.PrivKey) (enc [][]byte) { - for _, k := range keys { - realKey := t.keychain.GetKey(k).(*SymKey).Key.Bytes() - res, err := encKey.GetPublic().Encrypt(realKey) - if err != nil { - panic(err) - } - - enc = append(enc, res) - } - return -} - -func (t *AclListStorageBuilder) encryptReadKeysWithSymKey(keys []string, key *crypto.AESKey) (enc [][]byte) { - for _, k := range keys { - realKey := t.keychain.GetKey(k).(*SymKey).Key.Bytes() - res, err := key.Encrypt(realKey) - if err != nil { - panic(err) - } - - enc = append(enc, res) - } - return -} - -func (t *AclListStorageBuilder) convertPermission(perm string) aclrecordproto.AclUserPermissions { - switch perm { - case "admin": - return aclrecordproto.AclUserPermissions_Admin - case "writer": - return aclrecordproto.AclUserPermissions_Writer - case "reader": - return aclrecordproto.AclUserPermissions_Reader - default: - panic(fmt.Sprintf("incorrect permission: %s", perm)) - } -} - -func (t *AclListStorageBuilder) traverseFromHead(f func(rec *aclrecordproto.AclRecord, id string) error) (err error) { - panic("this was removed, add if needed") -} - -func (t *AclListStorageBuilder) parseRoot(root *Root) (rawRoot *aclrecordproto.RawAclRecordWithId) { - rawSignKey, _ := t.keychain.SigningKeysByYAMLName[root.Identity].GetPublic().Raw() - rawEncKey, _ := t.keychain.EncryptionKeysByYAMLName[root.Identity].GetPublic().Raw() - readKey := t.keychain.ReadKeysByYAMLName[root.Identity] - aclRoot := &aclrecordproto.AclRoot{ - Identity: rawSignKey, - EncryptionKey: rawEncKey, - SpaceId: root.SpaceId, - EncryptedReadKey: nil, - DerivationScheme: "scheme", - CurrentReadKeyHash: readKey.Hash, - } - return t.createRaw(aclRoot, rawSignKey) -} diff --git a/commonspace/object/acl/testutils/acllistbuilder/liststoragebuildergraph.go b/commonspace/object/acl/testutils/acllistbuilder/liststoragebuildergraph.go deleted file mode 100644 index 3752b660..00000000 --- a/commonspace/object/acl/testutils/acllistbuilder/liststoragebuildergraph.go +++ /dev/null @@ -1,11 +0,0 @@ -//go:build ((!linux && !darwin) || android || ios || nographviz || !cgo) && !amd64 -// +build !linux,!darwin android ios nographviz !cgo -// +build !amd64 - -package acllistbuilder - -import "fmt" - -func (t *AclListStorageBuilder) Graph() (string, error) { - return "", fmt.Errorf("building graphs is not supported") -} diff --git a/commonspace/object/acl/testutils/acllistbuilder/liststoragebuildergraph_nix.go b/commonspace/object/acl/testutils/acllistbuilder/liststoragebuildergraph_nix.go deleted file mode 100644 index a1d2ed8f..00000000 --- a/commonspace/object/acl/testutils/acllistbuilder/liststoragebuildergraph_nix.go +++ /dev/null @@ -1,122 +0,0 @@ -//go:build (linux || darwin) && !android && !ios && !nographviz && cgo && (amd64 || arm64) -// +build linux darwin -// +build !android -// +build !ios -// +build !nographviz -// +build cgo -// +build amd64 arm64 - -package acllistbuilder - -import ( - "fmt" - "strings" - "unicode" - - "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" - "github.com/gogo/protobuf/proto" - - "github.com/awalterschulze/gographviz" -) - -// To quickly look at visualized string you can use https://dreampuf.github.io/GraphvizOnline - -type EdgeParameters struct { - style string - color string - label string -} - -func (t *AclListStorageBuilder) Graph() (string, error) { - // TODO: check updates on https://github.com/goccy/go-graphviz/issues/52 or make a fix yourself to use better library here - graph := gographviz.NewGraph() - graph.SetName("G") - graph.SetDir(true) - var nodes = make(map[string]struct{}) - - var addNodes = func(r *aclrecordproto.AclRecord, id string) error { - style := "solid" - - var chSymbs []string - aclData := &aclrecordproto.AclData{} - err := proto.Unmarshal(r.GetData(), aclData) - if err != nil { - return err - } - - for _, chc := range aclData.AclContent { - tp := fmt.Sprintf("%T", chc.Value) - tp = strings.Replace(tp, "AclChangeAclContentValueValueOf", "", 1) - res := "" - for _, ts := range tp { - if unicode.IsUpper(ts) { - res += string(ts) - } - } - chSymbs = append(chSymbs, res) - } - - shortId := id - label := fmt.Sprintf("Id: %s\nChanges: %s\n", - shortId, - strings.Join(chSymbs, ","), - ) - e := graph.AddNode("G", "\""+id+"\"", map[string]string{ - "label": "\"" + label + "\"", - "style": "\"" + style + "\"", - }) - if e != nil { - return e - } - nodes[id] = struct{}{} - return nil - } - - var createEdge = func(firstId, secondId string, params EdgeParameters) error { - _, exists := nodes[firstId] - if !exists { - return fmt.Errorf("no such node") - } - _, exists = nodes[secondId] - if !exists { - return fmt.Errorf("no previous node") - } - - err := graph.AddEdge("\""+firstId+"\"", "\""+secondId+"\"", true, map[string]string{ - "color": params.color, - "style": params.style, - }) - if err != nil { - return err - } - - return nil - } - - var addLinks = func(r *aclrecordproto.AclRecord, id string) error { - if r.PrevId == "" { - return nil - } - err := createEdge(id, r.PrevId, EdgeParameters{ - style: "dashed", - color: "red", - }) - if err != nil { - return err - } - - return nil - } - - err := t.traverseFromHead(addNodes) - if err != nil { - return "", err - } - - err = t.traverseFromHead(addLinks) - if err != nil { - return "", err - } - - return graph.String(), nil -} diff --git a/commonspace/object/acl/testutils/acllistbuilder/ymlentities.go b/commonspace/object/acl/testutils/acllistbuilder/ymlentities.go deleted file mode 100644 index c50f0e30..00000000 --- a/commonspace/object/acl/testutils/acllistbuilder/ymlentities.go +++ /dev/null @@ -1,70 +0,0 @@ -package acllistbuilder - -type Key struct { - Name string `yaml:"name"` - Value string `yaml:"value"` -} - -type Keys struct { - Derived string `yaml:"Derived"` - Enc []*Key `yaml:"Enc"` - Sign []*Key `yaml:"Sign"` - Read []*Key `yaml:"Read"` -} - -type AclChange struct { - UserAdd *struct { - Identity string `yaml:"identity"` - EncryptionKey string `yaml:"encryptionKey"` - EncryptedReadKeys []string `yaml:"encryptedReadKeys"` - Permission string `yaml:"permission"` - } `yaml:"userAdd"` - - UserJoin *struct { - Identity string `yaml:"identity"` - EncryptionKey string `yaml:"encryptionKey"` - AcceptKey string `yaml:"acceptKey"` - EncryptedReadKeys []string `yaml:"encryptedReadKeys"` - } `yaml:"userJoin"` - - UserInvite *struct { - AcceptKey string `yaml:"acceptKey"` - EncryptionKey string `yaml:"encryptionKey"` - EncryptedReadKeys []string `yaml:"encryptedReadKeys"` - Permissions string `yaml:"permissions"` - } `yaml:"userInvite"` - - UserRemove *struct { - RemovedIdentity string `yaml:"removedIdentity"` - NewReadKey string `yaml:"newReadKey"` - IdentitiesLeft []string `yaml:"identitiesLeft"` - } `yaml:"userRemove"` - - UserPermissionChange *struct { - Identity string `yaml:"identity"` - Permission string `yaml:"permission"` - } -} - -type Record struct { - Identity string `yaml:"identity"` - AclChanges []*AclChange `yaml:"aclChanges"` - ReadKey string `yaml:"readKey"` -} - -type Header struct { - FirstChangeId string `yaml:"firstChangeId"` - IsWorkspace bool `yaml:"isWorkspace"` -} - -type Root struct { - Identity string `yaml:"identity"` - SpaceId string `yaml:"spaceId"` -} - -type YMLList struct { - Root *Root - Records []*Record `yaml:"records"` - - Keys Keys `yaml:"keys"` -} diff --git a/commonspace/object/acl/testutils/yamltests/path.go b/commonspace/object/acl/testutils/yamltests/path.go deleted file mode 100644 index c2dd2712..00000000 --- a/commonspace/object/acl/testutils/yamltests/path.go +++ /dev/null @@ -1,15 +0,0 @@ -package yamltests - -import ( - "path/filepath" - "runtime" -) - -var ( - _, b, _, _ = runtime.Caller(0) - basepath = filepath.Dir(b) -) - -func Path() string { - return basepath -} diff --git a/commonspace/object/acl/testutils/yamltests/userjoinexample.yml b/commonspace/object/acl/testutils/yamltests/userjoinexample.yml deleted file mode 100644 index fd90c063..00000000 --- a/commonspace/object/acl/testutils/yamltests/userjoinexample.yml +++ /dev/null @@ -1,53 +0,0 @@ -root: - identity: A - spaceId: space -records: - - identity: A - aclChanges: - - userInvite: - acceptKey: key.Sign.Onetime1 - encryptionKey: key.Read.EncKey - encryptedReadKeys: [key.Read.A] - permissions: writer - - userAdd: - identity: C - permission: reader - encryptionKey: key.Enc.C - encryptedReadKeys: [key.Read.A] - readKey: key.Read.A - - identity: B - aclChanges: - - userJoin: - identity: B - encryptionKey: key.Enc.B - acceptKey: key.Sign.Onetime1 - encryptedReadKeys: [key.Read.A] - readKey: key.Read.A -keys: - Enc: - - name: A - value: generated - - name: B - value: generated - - name: C - value: generated - - name: D - value: generated - - name: Onetime1 - value: generated - Sign: - - name: A - value: generated - - name: B - value: generated - - name: C - value: generated - - name: D - value: generated - - name: Onetime1 - value: generated - Read: - - name: A - value: derived - - name: EncKey - value: generated diff --git a/commonspace/object/acl/testutils/yamltests/userremoveexample.yml b/commonspace/object/acl/testutils/yamltests/userremoveexample.yml deleted file mode 100644 index cc6d817e..00000000 --- a/commonspace/object/acl/testutils/yamltests/userremoveexample.yml +++ /dev/null @@ -1,58 +0,0 @@ -root: - identity: A - spaceId: space -records: - - identity: A - aclChanges: - - userInvite: - acceptKey: key.Sign.Onetime1 - encryptionKey: key.Read.EncKey - encryptedReadKeys: [key.Read.A] - permissions: writer - - userAdd: - identity: C - permission: reader - encryptionKey: key.Enc.C - encryptedReadKeys: [key.Read.A] - readKey: key.Read.A - - identity: B - aclChanges: - - userJoin: - identity: B - encryptionKey: key.Enc.B - acceptKey: key.Sign.Onetime1 - encryptedReadKeys: [key.Read.A] - readKey: key.Read.A - - identity: A - aclChanges: - - userRemove: - removedIdentity: B - newReadKey: key.Read.2 - identitiesLeft: [A, C] - readKey: key.Read.2 -keys: - Enc: - - name: A - value: generated - - name: B - value: generated - - name: C - value: generated - - name: Onetime1 - value: generated - Sign: - - name: A - value: generated - - name: B - value: generated - - name: C - value: generated - - name: Onetime1 - value: generated - Read: - - name: A - value: derived - - name: 2 - value: generated - - name: EncKey - value: generated diff --git a/commonspace/object/tree/objecttree/change.go b/commonspace/object/tree/objecttree/change.go index 4f7ff510..2e5a3008 100644 --- a/commonspace/object/tree/objecttree/change.go +++ b/commonspace/object/tree/objecttree/change.go @@ -3,6 +3,7 @@ package objecttree import ( "errors" "github.com/anytypeio/any-sync/commonspace/object/tree/treechangeproto" + "github.com/anytypeio/any-sync/util/crypto" "github.com/gogo/protobuf/proto" ) @@ -21,7 +22,7 @@ type Change struct { IsSnapshot bool Timestamp int64 ReadKeyId string - Identity string + Identity crypto.PubKey Data []byte Model interface{} @@ -32,7 +33,7 @@ type Change struct { Signature []byte } -func NewChange(id string, ch *treechangeproto.TreeChange, signature []byte) *Change { +func NewChange(id string, identity crypto.PubKey, ch *treechangeproto.TreeChange, signature []byte) *Change { return &Change{ Next: nil, PreviousIds: ch.TreeHeadIds, @@ -43,12 +44,12 @@ func NewChange(id string, ch *treechangeproto.TreeChange, signature []byte) *Cha Data: ch.ChangesData, SnapshotId: ch.SnapshotBaseId, IsSnapshot: ch.IsSnapshot, - Identity: string(ch.Identity), + Identity: identity, Signature: signature, } } -func NewChangeFromRoot(id string, ch *treechangeproto.RootChange, signature []byte) *Change { +func NewChangeFromRoot(id string, identity crypto.PubKey, ch *treechangeproto.RootChange, signature []byte) *Change { changeInfo := &treechangeproto.TreeChangeInfo{ ChangeType: ch.ChangeType, ChangePayload: ch.ChangePayload, @@ -60,7 +61,7 @@ func NewChangeFromRoot(id string, ch *treechangeproto.RootChange, signature []by Id: id, IsSnapshot: true, Timestamp: ch.Timestamp, - Identity: string(ch.Identity), + Identity: identity, Signature: signature, Data: data, Model: changeInfo, diff --git a/commonspace/object/tree/objecttree/changebuilder.go b/commonspace/object/tree/objecttree/changebuilder.go index 599122be..cb22d249 100644 --- a/commonspace/object/tree/objecttree/changebuilder.go +++ b/commonspace/object/tree/objecttree/changebuilder.go @@ -2,11 +2,9 @@ package objecttree import ( "errors" - "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/commonspace/object/tree/treechangeproto" "github.com/anytypeio/any-sync/util/cidutil" "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" "github.com/gogo/protobuf/proto" "time" ) @@ -18,17 +16,15 @@ type BuilderContent struct { AclHeadId string SnapshotBaseId string ReadKeyId string - Identity []byte IsSnapshot bool - SigningKey signingkey.PrivKey - ReadKey *crypto.AESKey + PrivKey crypto.PrivKey + ReadKey crypto.SymKey Content []byte } type InitialContent struct { AclHeadId string - Identity []byte - SigningKey signingkey.PrivKey + PrivKey crypto.PrivKey SpaceId string Seed []byte ChangeType string @@ -65,10 +61,10 @@ type ChangeBuilder interface { type changeBuilder struct { rootChange *treechangeproto.RawTreeChangeWithId - keys *keychain.Keychain + keys crypto.KeyStorage } -func NewChangeBuilder(keys *keychain.Keychain, rootChange *treechangeproto.RawTreeChangeWithId) ChangeBuilder { +func NewChangeBuilder(keys crypto.KeyStorage, rootChange *treechangeproto.RawTreeChangeWithId) ChangeBuilder { return &changeBuilder{keys: keys, rootChange: rootChange} } @@ -97,15 +93,9 @@ func (c *changeBuilder) Unmarshall(rawIdChange *treechangeproto.RawTreeChangeWit } if verify { - var identityKey signingkey.PubKey - identityKey, err = c.keys.GetOrAdd(ch.Identity) - if err != nil { - return - } - // verifying signature var res bool - res, err = identityKey.Verify(raw.Payload, raw.Signature) + res, err = ch.Identity.Verify(raw.Payload, raw.Signature) if err != nil { return } @@ -122,10 +112,14 @@ func (c *changeBuilder) SetRootRawChange(rawIdChange *treechangeproto.RawTreeCha } func (c *changeBuilder) BuildRoot(payload InitialContent) (ch *Change, rawIdChange *treechangeproto.RawTreeChangeWithId, err error) { + identity, err := payload.PrivKey.GetPublic().Marshall() + if err != nil { + return + } change := &treechangeproto.RootChange{ AclHeadId: payload.AclHeadId, Timestamp: payload.Timestamp, - Identity: payload.Identity, + Identity: identity, ChangeType: payload.ChangeType, ChangePayload: payload.ChangePayload, SpaceId: payload.SpaceId, @@ -135,7 +129,7 @@ func (c *changeBuilder) BuildRoot(payload InitialContent) (ch *Change, rawIdChan if err != nil { return } - signature, err := payload.SigningKey.Sign(marshalledChange) + signature, err := payload.PrivKey.Sign(marshalledChange) if err != nil { return } @@ -151,7 +145,7 @@ func (c *changeBuilder) BuildRoot(payload InitialContent) (ch *Change, rawIdChan if err != nil { return } - ch = NewChangeFromRoot(id, change, signature) + ch = NewChangeFromRoot(id, payload.PrivKey.GetPublic(), change, signature) rawIdChange = &treechangeproto.RawTreeChangeWithId{ RawChange: marshalledRawChange, Id: id, @@ -160,13 +154,17 @@ func (c *changeBuilder) BuildRoot(payload InitialContent) (ch *Change, rawIdChan } func (c *changeBuilder) Build(payload BuilderContent) (ch *Change, rawIdChange *treechangeproto.RawTreeChangeWithId, err error) { + identity, err := payload.PrivKey.GetPublic().Marshall() + if err != nil { + return + } change := &treechangeproto.TreeChange{ TreeHeadIds: payload.TreeHeadIds, AclHeadId: payload.AclHeadId, SnapshotBaseId: payload.SnapshotBaseId, ReadKeyId: payload.ReadKeyId, Timestamp: time.Now().Unix(), - Identity: payload.Identity, + Identity: identity, IsSnapshot: payload.IsSnapshot, } if payload.ReadKey != nil { @@ -183,7 +181,7 @@ func (c *changeBuilder) Build(payload BuilderContent) (ch *Change, rawIdChange * if err != nil { return } - signature, err := payload.SigningKey.Sign(marshalledChange) + signature, err := payload.PrivKey.Sign(marshalledChange) if err != nil { return } @@ -199,7 +197,7 @@ func (c *changeBuilder) Build(payload BuilderContent) (ch *Change, rawIdChange * if err != nil { return } - ch = NewChange(id, change, signature) + ch = NewChange(id, payload.PrivKey.GetPublic(), change, signature) rawIdChange = &treechangeproto.RawTreeChangeWithId{ RawChange: marshalledRawChange, Id: id, @@ -211,6 +209,10 @@ func (c *changeBuilder) Marshall(ch *Change) (raw *treechangeproto.RawTreeChange if c.isRoot(ch.Id) { return c.rootChange, nil } + identity, err := ch.Identity.Marshall() + if err != nil { + return + } treeChange := &treechangeproto.TreeChange{ TreeHeadIds: ch.PreviousIds, AclHeadId: ch.AclHeadId, @@ -218,7 +220,7 @@ func (c *changeBuilder) Marshall(ch *Change) (raw *treechangeproto.RawTreeChange ChangesData: ch.Data, ReadKeyId: ch.ReadKeyId, Timestamp: ch.Timestamp, - Identity: []byte(ch.Identity), + Identity: identity, IsSnapshot: ch.IsSnapshot, } var marshalled []byte @@ -243,13 +245,18 @@ func (c *changeBuilder) Marshall(ch *Change) (raw *treechangeproto.RawTreeChange } func (c *changeBuilder) unmarshallRawChange(raw *treechangeproto.RawTreeChange, id string) (ch *Change, err error) { + var key crypto.PubKey if c.isRoot(id) { unmarshalled := &treechangeproto.RootChange{} err = proto.Unmarshal(raw.Payload, unmarshalled) if err != nil { return } - ch = NewChangeFromRoot(id, unmarshalled, raw.Signature) + key, err = c.keys.PubKeyFromProto(unmarshalled.Identity) + if err != nil { + return + } + ch = NewChangeFromRoot(id, key, unmarshalled, raw.Signature) return } unmarshalled := &treechangeproto.TreeChange{} @@ -257,8 +264,11 @@ func (c *changeBuilder) unmarshallRawChange(raw *treechangeproto.RawTreeChange, if err != nil { return } - - ch = NewChange(id, unmarshalled, raw.Signature) + key, err = c.keys.PubKeyFromProto(unmarshalled.Identity) + if err != nil { + return + } + ch = NewChange(id, key, unmarshalled, raw.Signature) return } diff --git a/commonspace/object/tree/objecttree/objecttree.go b/commonspace/object/tree/objecttree/objecttree.go index a75a44e6..a1129375 100644 --- a/commonspace/object/tree/objecttree/objecttree.go +++ b/commonspace/object/tree/objecttree/objecttree.go @@ -99,7 +99,7 @@ type objectTree struct { root *Change tree *Tree - keys map[uint64]*crypto.AESKey + keys map[string]crypto.SymKey // buffers difSnapshotBuf []*treechangeproto.RawTreeChangeWithId @@ -224,19 +224,20 @@ func (ot *objectTree) prepareBuilderContent(content SignableChangeContent) (cnt defer ot.aclList.RUnlock() var ( - state = ot.aclList.AclState() // special method for own keys - readKey *crypto.AESKey - readKeyHash uint64 + state = ot.aclList.AclState() // special method for own keys + readKey crypto.SymKey + pubKey = content.Key.GetPublic() + readKeyId string ) - canWrite := state.HasPermission(content.Identity, aclrecordproto.AclUserPermissions_Writer) || - state.HasPermission(content.Identity, aclrecordproto.AclUserPermissions_Admin) + canWrite := state.HasPermission(pubKey, aclrecordproto.AclUserPermissions_Writer) || + state.HasPermission(pubKey, aclrecordproto.AclUserPermissions_Admin) if !canWrite { err = list.ErrInsufficientPermissions return } if content.IsEncrypted { - readKeyHash = state.CurrentReadKeyId() + readKeyId = state.CurrentReadKeyId() readKey, err = state.CurrentReadKey() if err != nil { return @@ -246,10 +247,9 @@ func (ot *objectTree) prepareBuilderContent(content SignableChangeContent) (cnt TreeHeadIds: ot.tree.Heads(), AclHeadId: ot.aclList.Head().Id, SnapshotBaseId: ot.tree.RootId(), - ReadKeyId: readKeyHash, - Identity: content.Identity, + ReadKeyId: readKeyId, IsSnapshot: content.IsSnapshot, - SigningKey: content.Key, + PrivKey: content.Key, ReadKey: readKey, Content: content.Data, } @@ -488,7 +488,7 @@ func (ot *objectTree) IterateFrom(id string, convert ChangeConvertFunc, iterate } decrypt := func(c *Change) (decrypted []byte, err error) { // the change is not encrypted - if c.ReadKeyId == 0 { + if c.ReadKeyId == "" { decrypted = c.Data return } diff --git a/commonspace/object/tree/objecttree/objecttreefactory.go b/commonspace/object/tree/objecttree/objecttreefactory.go index af350ef4..bcdf6513 100644 --- a/commonspace/object/tree/objecttree/objecttreefactory.go +++ b/commonspace/object/tree/objecttree/objecttreefactory.go @@ -2,21 +2,18 @@ package objecttree import ( "github.com/anytypeio/any-sync/commonspace/object/acl/list" - "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/commonspace/object/tree/treechangeproto" "github.com/anytypeio/any-sync/commonspace/object/tree/treestorage" "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" "math/rand" "time" ) type ObjectTreeCreatePayload struct { - SignKey signingkey.PrivKey + PrivKey crypto.PrivKey ChangeType string ChangePayload []byte SpaceId string - Identity []byte IsEncrypted bool } @@ -40,9 +37,7 @@ func defaultObjectTreeDeps( rootChange *treechangeproto.RawTreeChangeWithId, treeStorage treestorage.TreeStorage, aclList list.AclList) objectTreeDeps { - - keychain := keychain.NewKeychain() - changeBuilder := NewChangeBuilder(keychain, rootChange) + changeBuilder := NewChangeBuilder(aclList.KeyStorage(), rootChange) treeBuilder := newTreeBuilder(treeStorage, changeBuilder) return objectTreeDeps{ changeBuilder: changeBuilder, @@ -167,8 +162,7 @@ func createObjectTreeRoot( } cnt := InitialContent{ AclHeadId: aclHeadId, - Identity: payload.Identity, - SigningKey: payload.SignKey, + PrivKey: payload.PrivKey, SpaceId: payload.SpaceId, ChangeType: payload.ChangeType, ChangePayload: payload.ChangePayload, @@ -176,7 +170,7 @@ func createObjectTreeRoot( Seed: seed, } - _, root, err = NewChangeBuilder(keychain.NewKeychain(), nil).BuildRoot(cnt) + _, root, err = NewChangeBuilder(aclList.KeyStorage(), nil).BuildRoot(cnt) return } @@ -189,7 +183,7 @@ func buildObjectTree(deps objectTreeDeps) (ObjectTree, error) { aclList: deps.aclList, changeBuilder: deps.changeBuilder, rawChangeLoader: deps.rawChangeLoader, - keys: make(map[uint64]*crypto.AESKey), + keys: make(map[string]crypto.SymKey), newChangesBuf: make([]*Change, 0, 10), difSnapshotBuf: make([]*treechangeproto.RawTreeChangeWithId, 0, 10), notSeenIdxBuf: make([]int, 0, 10), @@ -225,7 +219,7 @@ func buildHistoryTree(deps objectTreeDeps, params HistoryTreeParams) (ht History aclList: deps.aclList, changeBuilder: deps.changeBuilder, rawChangeLoader: deps.rawChangeLoader, - keys: make(map[uint64]*crypto.AESKey), + keys: make(map[string]crypto.SymKey), newChangesBuf: make([]*Change, 0, 10), difSnapshotBuf: make([]*treechangeproto.RawTreeChangeWithId, 0, 10), notSeenIdxBuf: make([]int, 0, 10), diff --git a/commonspace/object/tree/objecttree/objecttreevalidator.go b/commonspace/object/tree/objecttree/objecttreevalidator.go index 221b3002..937dcc96 100644 --- a/commonspace/object/tree/objecttree/objecttreevalidator.go +++ b/commonspace/object/tree/objecttree/objecttreevalidator.go @@ -50,7 +50,7 @@ func (v *objectTreeValidator) ValidateNewChanges(tree *Tree, aclList list.AclLis func (v *objectTreeValidator) validateChange(tree *Tree, aclList list.AclList, c *Change) (err error) { var ( - perm list.UserPermissionPair + perm list.AclUserState state = aclList.AclState() ) // checking if the user could write @@ -59,7 +59,7 @@ func (v *objectTreeValidator) validateChange(tree *Tree, aclList list.AclList, c return } - if perm.Permission != aclrecordproto.AclUserPermissions_Writer && perm.Permission != aclrecordproto.AclUserPermissions_Admin { + if perm.Permissions != aclrecordproto.AclUserPermissions_Writer && perm.Permissions != aclrecordproto.AclUserPermissions_Admin { err = list.ErrInsufficientPermissions return } diff --git a/commonspace/object/tree/objecttree/signablecontent.go b/commonspace/object/tree/objecttree/signablecontent.go index 0d30cb25..e56ac9f1 100644 --- a/commonspace/object/tree/objecttree/signablecontent.go +++ b/commonspace/object/tree/objecttree/signablecontent.go @@ -1,13 +1,12 @@ package objecttree import ( - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" + "github.com/anytypeio/any-sync/util/crypto" ) type SignableChangeContent struct { Data []byte - Key signingkey.PrivKey - Identity []byte + Key crypto.PrivKey IsSnapshot bool IsEncrypted bool } diff --git a/commonspace/payloads.go b/commonspace/payloads.go index ba45dff6..f86703cb 100644 --- a/commonspace/payloads.go +++ b/commonspace/payloads.go @@ -99,7 +99,7 @@ func storagePayloadForSpaceCreate(payload SpaceCreatePayload) (storagePayload sp _, settingsRoot, err := builder.BuildRoot(objecttree.InitialContent{ AclHeadId: rawWithId.Id, Identity: aclRoot.Identity, - SigningKey: payload.SigningKey, + PrivKey: payload.SigningKey, SpaceId: spaceId, Seed: spaceSettingsSeed, ChangeType: SpaceReserved, @@ -201,7 +201,7 @@ func storagePayloadForSpaceDerive(payload SpaceDerivePayload) (storagePayload sp _, settingsRoot, err := builder.BuildRoot(objecttree.InitialContent{ AclHeadId: rawWithId.Id, Identity: aclRoot.Identity, - SigningKey: payload.SigningKey, + PrivKey: payload.SigningKey, SpaceId: spaceId, ChangeType: SpaceReserved, }) diff --git a/commonspace/settings/settings_test.go b/commonspace/settings/settings_test.go index 771050d9..c3a89c19 100644 --- a/commonspace/settings/settings_test.go +++ b/commonspace/settings/settings_test.go @@ -146,7 +146,7 @@ func TestSettingsObject_DeleteObject(t *testing.T) { fx.doc.state = &settingsstate.State{LastIteratedId: "someId"} fx.changeFactory.EXPECT().CreateObjectDeleteChange(delId, fx.doc.state, false).Return(res, nil) - accountData := &accountdata.AccountData{ + accountData := &accountdata.AccountKeys{ Identity: []byte("id"), PeerKey: nil, SignKey: &crypto.Ed25519PrivKey{}, diff --git a/net/secureservice/credential.go b/net/secureservice/credential.go index 7dc1bf79..7b4dadf6 100644 --- a/net/secureservice/credential.go +++ b/net/secureservice/credential.go @@ -25,12 +25,12 @@ func (n noVerifyChecker) CheckCredential(sc sec.SecureConn, cred *handshakeproto return nil, nil } -func newPeerSignVerifier(account *accountdata.AccountData) handshake.CredentialChecker { +func newPeerSignVerifier(account *accountdata.AccountKeys) handshake.CredentialChecker { return &peerSignVerifier{account: account} } type peerSignVerifier struct { - account *accountdata.AccountData + account *accountdata.AccountKeys } func (p *peerSignVerifier) MakeCredentials(sc sec.SecureConn) *handshakeproto.Credentials { diff --git a/net/secureservice/credential_test.go b/net/secureservice/credential_test.go index 9b005f29..d384af5f 100644 --- a/net/secureservice/credential_test.go +++ b/net/secureservice/credential_test.go @@ -38,7 +38,7 @@ func TestPeerSignVerifier_CheckCredential(t *testing.T) { assert.EqualError(t, err, handshake.ErrInvalidCredentials.Error()) } -func newTestAccData(t *testing.T) *accountdata.AccountData { +func newTestAccData(t *testing.T) *accountdata.AccountKeys { as := accounttest.AccountTestService{} require.NoError(t, as.Init(nil)) return as.Account() diff --git a/net/secureservice/secureservice.go b/net/secureservice/secureservice.go index 2e66ab5f..4bbb8dee 100644 --- a/net/secureservice/secureservice.go +++ b/net/secureservice/secureservice.go @@ -45,7 +45,7 @@ type SecureService interface { type secureService struct { p2pTr *libp2ptls.Transport - account *accountdata.AccountData + account *accountdata.AccountKeys key crypto.PrivKey nodeconf nodeconf.Service diff --git a/testutil/accounttest/accountservice.go b/testutil/accounttest/accountservice.go index af3eea9f..42d21a26 100644 --- a/testutil/accounttest/accountservice.go +++ b/testutil/accounttest/accountservice.go @@ -13,7 +13,7 @@ import ( // AccountTestService provides service for test purposes, generates new random account every Init type AccountTestService struct { - acc *accountdata.AccountData + acc *accountdata.AccountKeys } func (s *AccountTestService) Init(a *app.App) (err error) { @@ -43,7 +43,7 @@ func (s *AccountTestService) Init(a *app.App) (err error) { if err != nil { return err } - s.acc = &accountdata.AccountData{ + s.acc = &accountdata.AccountKeys{ Identity: ident, PeerKey: peerKey, SignKey: signKey, @@ -57,7 +57,7 @@ func (s *AccountTestService) Name() (name string) { return accountService.CName } -func (s *AccountTestService) Account() *accountdata.AccountData { +func (s *AccountTestService) Account() *accountdata.AccountKeys { return s.acc } diff --git a/util/crypto/ed25519.go b/util/crypto/ed25519.go index 0a0f16cc..778d2ff0 100644 --- a/util/crypto/ed25519.go +++ b/util/crypto/ed25519.go @@ -24,9 +24,14 @@ type Ed25519PrivKey struct { // Ed25519PubKey is an ed25519 public key. type Ed25519PubKey struct { - pubKey ed25519.PublicKey - pubCurve *[32]byte - once sync.Once + pubKey ed25519.PublicKey + + pubCurve *[32]byte + curveOnce sync.Once + + marshallOnce sync.Once + marshalled []byte + marshallErr error } func NewEd25519PrivKey(privKey ed25519.PrivateKey) PrivKey { @@ -132,7 +137,7 @@ func (k *Ed25519PubKey) Raw() ([]byte, error) { // Encrypt message func (k *Ed25519PubKey) Encrypt(msg []byte) (data []byte, err error) { - k.once.Do(func() { + k.curveOnce.Do(func() { pubCurve := Ed25519PublicKeyToCurve25519(k.pubKey) k.pubCurve = (*[32]byte)(pubCurve) }) @@ -161,11 +166,14 @@ func (k *Ed25519PubKey) Verify(data []byte, sig []byte) (bool, error) { } func (k *Ed25519PubKey) Marshall() ([]byte, error) { - msg := &cryptoproto.Key{ - Type: cryptoproto.KeyType_Ed25519Public, - Data: k.pubKey, - } - return proto.Marshal(msg) + k.marshallOnce.Do(func() { + msg := &cryptoproto.Key{ + Type: cryptoproto.KeyType_Ed25519Public, + Data: k.pubKey, + } + k.marshalled, k.marshallErr = proto.Marshal(msg) + }) + return k.marshalled, k.marshallErr } // UnmarshalEd25519PublicKey returns a public key from input bytes. From d9868c55c2e45689290a1b9053f32320dc267ae5 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Sat, 25 Mar 2023 14:06:20 +0100 Subject: [PATCH 07/24] Add KeyStorage --- .../tree/objecttree/objecttreefactory.go | 4 +-- util/crypto/ed25519_test.go | 5 +-- util/crypto/keystorage.go | 32 ++++++++++++++++++- util/crypto/keystorage_test.go | 21 ++++++++++++ 4 files changed, 57 insertions(+), 5 deletions(-) create mode 100644 util/crypto/keystorage_test.go diff --git a/commonspace/object/tree/objecttree/objecttreefactory.go b/commonspace/object/tree/objecttree/objecttreefactory.go index bcdf6513..b3b757fb 100644 --- a/commonspace/object/tree/objecttree/objecttreefactory.go +++ b/commonspace/object/tree/objecttree/objecttreefactory.go @@ -37,7 +37,7 @@ func defaultObjectTreeDeps( rootChange *treechangeproto.RawTreeChangeWithId, treeStorage treestorage.TreeStorage, aclList list.AclList) objectTreeDeps { - changeBuilder := NewChangeBuilder(aclList.KeyStorage(), rootChange) + changeBuilder := NewChangeBuilder(crypto.NewKeyStorage(), rootChange) treeBuilder := newTreeBuilder(treeStorage, changeBuilder) return objectTreeDeps{ changeBuilder: changeBuilder, @@ -170,7 +170,7 @@ func createObjectTreeRoot( Seed: seed, } - _, root, err = NewChangeBuilder(aclList.KeyStorage(), nil).BuildRoot(cnt) + _, root, err = NewChangeBuilder(crypto.NewKeyStorage(), nil).BuildRoot(cnt) return } diff --git a/util/crypto/ed25519_test.go b/util/crypto/ed25519_test.go index abda9e44..5b96ecb6 100644 --- a/util/crypto/ed25519_test.go +++ b/util/crypto/ed25519_test.go @@ -7,9 +7,10 @@ import ( ) func Test_EncryptDecrypt(t *testing.T) { - privKey, pubKey, _ := GenerateEd25519Key(rand.Reader) + privKey, pubKey, err := GenerateEd25519Key(rand.Reader) + require.NoError(t, err) msg := make([]byte, 32768) - _, err := rand.Read(msg) + _, err = rand.Read(msg) require.NoError(t, err) enc, err := pubKey.Encrypt(msg) require.NoError(t, err) diff --git a/util/crypto/keystorage.go b/util/crypto/keystorage.go index 80b1892d..faedd4a4 100644 --- a/util/crypto/keystorage.go +++ b/util/crypto/keystorage.go @@ -1,9 +1,39 @@ package crypto +import "bytes" + type KeyStorage interface { PubKeyFromProto(protoBytes []byte) (PubKey, error) } func NewKeyStorage() KeyStorage { - return nil + return &keyStorage{} +} + +type pubKeyEntry struct { + protoKey []byte + key PubKey +} + +type keyStorage struct { + keys []pubKeyEntry +} + +func (k *keyStorage) PubKeyFromProto(protoBytes []byte) (PubKey, error) { + for _, k := range k.keys { + // it is not guaranteed that proto will always marshal to the same bytes (but in our case it probably will) + // but this shouldn't be the problem, because we will just create another copy + if bytes.Equal(protoBytes, k.protoKey) { + return k.key, nil + } + } + key, err := UnmarshalEd25519PublicKeyProto(protoBytes) + if err != nil { + return nil, err + } + k.keys = append(k.keys, pubKeyEntry{ + protoKey: protoBytes, + key: key, + }) + return key, nil } diff --git a/util/crypto/keystorage_test.go b/util/crypto/keystorage_test.go new file mode 100644 index 00000000..8f4426b5 --- /dev/null +++ b/util/crypto/keystorage_test.go @@ -0,0 +1,21 @@ +package crypto + +import ( + "crypto/rand" + "github.com/stretchr/testify/require" + "testing" +) + +func TestKeyStorage_PubKeyFromProto(t *testing.T) { + st := NewKeyStorage().(*keyStorage) + _, pubKey, err := GenerateEd25519Key(rand.Reader) + require.NoError(t, err) + for i := 0; i < 100; i++ { + marshalled, err := pubKey.Marshall() + require.NoError(t, err) + pk, err := st.PubKeyFromProto(marshalled) + require.NoError(t, err) + require.Equal(t, pk.Storage(), pubKey.Storage()) + } + require.Equal(t, 1, len(st.keys)) +} From 98931433a57135ff1cf035f87a290010df75bb8c Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Sun, 26 Mar 2023 13:45:24 +0200 Subject: [PATCH 08/24] Fix handshake tests --- commonspace/object/tree/objecttree/change.go | 5 ++-- net/peer/context.go | 9 ++++++ net/secureservice/credential.go | 6 ++-- net/secureservice/credential_test.go | 6 ++-- net/secureservice/secureservice_test.go | 3 +- nodeconf/config.go | 7 ++--- nodeconf/service.go | 25 ++++------------ testutil/accounttest/accountservice.go | 30 ++++---------------- util/crypto/ed25519.go | 13 +++++++++ util/crypto/key.go | 5 ++++ util/peer/peer.go | 4 +-- 11 files changed, 56 insertions(+), 57 deletions(-) diff --git a/commonspace/object/tree/objecttree/change.go b/commonspace/object/tree/objecttree/change.go index 2e5a3008..1f7dc442 100644 --- a/commonspace/object/tree/objecttree/change.go +++ b/commonspace/object/tree/objecttree/change.go @@ -19,18 +19,17 @@ type Change struct { AclHeadId string Id string SnapshotId string - IsSnapshot bool Timestamp int64 ReadKeyId string Identity crypto.PubKey Data []byte Model interface{} + Signature []byte // iterator helpers visited bool branchesFinished bool - - Signature []byte + IsSnapshot bool } func NewChange(id string, identity crypto.PubKey, ch *treechangeproto.TreeChange, signature []byte) *Change { diff --git a/net/peer/context.go b/net/peer/context.go index 89626276..d759ad01 100644 --- a/net/peer/context.go +++ b/net/peer/context.go @@ -3,6 +3,7 @@ package peer import ( "context" "errors" + "github.com/anytypeio/any-sync/util/crypto" "github.com/libp2p/go-libp2p/core/sec" "storj.io/drpc/drpcctx" ) @@ -43,6 +44,14 @@ func CtxIdentity(ctx context.Context) ([]byte, error) { return nil, ErrIdentityNotFoundInContext } +// CtxPubKey returns identity unmarshalled from proto in crypto.PubKey model +func CtxPubKey(ctx context.Context) (crypto.PubKey, error) { + if identity, ok := ctx.Value(contextKeyIdentity).([]byte); ok { + return crypto.UnmarshalEd25519PublicKeyProto(identity) + } + return nil, ErrIdentityNotFoundInContext +} + // CtxWithIdentity sets identity in the context func CtxWithIdentity(ctx context.Context, identity []byte) context.Context { return context.WithValue(ctx, contextKeyIdentity, identity) diff --git a/net/secureservice/credential.go b/net/secureservice/credential.go index 7b4dadf6..82fde3a3 100644 --- a/net/secureservice/credential.go +++ b/net/secureservice/credential.go @@ -38,8 +38,10 @@ func (p *peerSignVerifier) MakeCredentials(sc sec.SecureConn) *handshakeproto.Cr if err != nil { log.Warn("can't sign identity credentials", zap.Error(err)) } + // this will actually be called only once + marshalled, _ := p.account.SignKey.GetPublic().Marshall() msg := &handshakeproto.PayloadSignedPeerIds{ - Identity: p.account.Identity, + Identity: marshalled, Sign: sign, } payload, _ := msg.Marshal() @@ -57,7 +59,7 @@ func (p *peerSignVerifier) CheckCredential(sc sec.SecureConn, cred *handshakepro if err = msg.Unmarshal(cred.Payload); err != nil { return nil, handshake.ErrUnexpectedPayload } - pubKey, err := crypto.NewSigningEd25519PubKeyFromBytes(msg.Identity) + pubKey, err := crypto.UnmarshalEd25519PublicKeyProto(msg.Identity) if err != nil { return nil, handshake.ErrInvalidCredentials } diff --git a/net/secureservice/credential_test.go b/net/secureservice/credential_test.go index d384af5f..1bab8ac9 100644 --- a/net/secureservice/credential_test.go +++ b/net/secureservice/credential_test.go @@ -17,6 +17,8 @@ import ( func TestPeerSignVerifier_CheckCredential(t *testing.T) { a1 := newTestAccData(t) a2 := newTestAccData(t) + identity1, _ := a1.SignKey.GetPublic().Marshall() + identity2, _ := a2.SignKey.GetPublic().Marshall() cc1 := newPeerSignVerifier(a1) cc2 := newPeerSignVerifier(a2) @@ -28,11 +30,11 @@ func TestPeerSignVerifier_CheckCredential(t *testing.T) { cr2 := cc2.MakeCredentials(c2) id1, err := cc1.CheckCredential(c1, cr2) assert.NoError(t, err) - assert.Equal(t, a2.Identity, id1) + assert.Equal(t, identity2, id1) id2, err := cc2.CheckCredential(c2, cr1) assert.NoError(t, err) - assert.Equal(t, a1.Identity, id2) + assert.Equal(t, identity1, id2) _, err = cc1.CheckCredential(c1, cr1) assert.EqualError(t, err, handshake.ErrInvalidCredentials.Error()) diff --git a/net/secureservice/secureservice_test.go b/net/secureservice/secureservice_test.go index 2807ef84..b1dc7e6a 100644 --- a/net/secureservice/secureservice_test.go +++ b/net/secureservice/secureservice_test.go @@ -46,8 +46,9 @@ func TestHandshake(t *testing.T) { require.NoError(t, err) accId, err := peer.CtxIdentity(res.ctx) require.NoError(t, err) + marshalledId, _ := nc.GetAccountService(1).Account().SignKey.GetPublic().Marshall() assert.Equal(t, nc.GetAccountService(1).Account().PeerId, peerId) - assert.Equal(t, nc.GetAccountService(1).Account().Identity, accId) + assert.Equal(t, marshalledId, accId) } func newFixture(t *testing.T, nc *testnodeconf.Config, acc accountservice.Service) *fixture { diff --git a/nodeconf/config.go b/nodeconf/config.go index 17093019..5a60315b 100644 --- a/nodeconf/config.go +++ b/nodeconf/config.go @@ -15,10 +15,9 @@ type configGetter interface { } type NodeConfig struct { - PeerId string `yaml:"peerId"` - Addresses []string `yaml:"address"` - EncryptionKey string `yaml:"encryptionPubKey,omitempty"` - Types []NodeType `yaml:"types,omitempty"` + PeerId string `yaml:"peerId"` + Addresses []string `yaml:"address"` + Types []NodeType `yaml:"types,omitempty"` } func (n NodeConfig) HasType(t NodeType) bool { diff --git a/nodeconf/service.go b/nodeconf/service.go index 234f22f7..ad66fc5a 100644 --- a/nodeconf/service.go +++ b/nodeconf/service.go @@ -5,9 +5,6 @@ import ( "github.com/anytypeio/any-sync/app" "github.com/anytypeio/any-sync/app/logger" "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/keys" - "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" "github.com/anytypeio/go-chash" "github.com/libp2p/go-libp2p/core/peer" ) @@ -37,10 +34,9 @@ type service struct { } type Node struct { - Addresses []string - PeerId string - SigningKey signingkey.PubKey - EncryptionKey encryptionkey.PubKey + Addresses []string + PeerId string + SigningKey crypto.PubKey } func (n *Node) Id() string { @@ -127,18 +123,9 @@ func nodeFromConfigNode(n NodeConfig) (*Node, error) { return nil, err } - encPubKey, err := keys.DecodeKeyFromString( - n.EncryptionKey, - encryptionkey.NewEncryptionRsaPubKeyFromBytes, - nil) - if err != nil { - return nil, err - } - return &Node{ - Addresses: n.Addresses, - PeerId: n.PeerId, - SigningKey: sigPubKey, - EncryptionKey: encPubKey, + Addresses: n.Addresses, + PeerId: n.PeerId, + SigningKey: sigPubKey, }, nil } diff --git a/testutil/accounttest/accountservice.go b/testutil/accounttest/accountservice.go index 42d21a26..57986340 100644 --- a/testutil/accounttest/accountservice.go +++ b/testutil/accounttest/accountservice.go @@ -6,8 +6,6 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/accountdata" "github.com/anytypeio/any-sync/nodeconf" "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/keys" - "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" "github.com/anytypeio/any-sync/util/peer" ) @@ -20,19 +18,10 @@ func (s *AccountTestService) Init(a *app.App) (err error) { if s.acc != nil { return } - encKey, _, err := encryptionkey.GenerateRandomRSAKeyPair(2048) - if err != nil { - return - } - signKey, _, err := crypto.GenerateRandomEd25519KeyPair() if err != nil { return } - ident, err := signKey.GetPublic().Raw() - if err != nil { - return - } peerKey, _, err := crypto.GenerateRandomEd25519KeyPair() if err != nil { @@ -44,11 +33,9 @@ func (s *AccountTestService) Init(a *app.App) (err error) { return err } s.acc = &accountdata.AccountKeys{ - Identity: ident, - PeerKey: peerKey, - SignKey: signKey, - EncKey: encKey, - PeerId: peerId.String(), + PeerKey: peerKey, + SignKey: signKey, + PeerId: peerId.String(), } return nil } @@ -62,14 +49,9 @@ func (s *AccountTestService) Account() *accountdata.AccountKeys { } func (s *AccountTestService) NodeConf(addrs []string) nodeconf.NodeConfig { - encEk, err := keys.EncodeKeyToString(s.acc.EncKey.GetPublic()) - if err != nil { - panic(err) - } return nodeconf.NodeConfig{ - PeerId: s.acc.PeerId, - Addresses: addrs, - EncryptionKey: encEk, - Types: []nodeconf.NodeType{nodeconf.NodeTypeTree}, + PeerId: s.acc.PeerId, + Addresses: addrs, + Types: []nodeconf.NodeType{nodeconf.NodeTypeTree}, } } diff --git a/util/crypto/ed25519.go b/util/crypto/ed25519.go index 778d2ff0..faa64a40 100644 --- a/util/crypto/ed25519.go +++ b/util/crypto/ed25519.go @@ -10,6 +10,7 @@ import ( "github.com/anytypeio/any-sync/util/crypto/cryptoproto" "github.com/anytypeio/any-sync/util/strkey" "github.com/gogo/protobuf/proto" + "github.com/libp2p/go-libp2p/core/crypto" "io" "sync" ) @@ -125,6 +126,12 @@ func (k *Ed25519PrivKey) Decrypt(msg []byte) ([]byte, error) { return DecryptX25519(k.privCurve, k.pubCurve, msg) } +// LibP2P converts the key to libp2p format +func (k *Ed25519PrivKey) LibP2P() (crypto.PrivKey, error) { + return crypto.UnmarshalEd25519PrivateKey(k.privKey) +} + +// String returns string representation of key func (k *Ed25519PubKey) String() string { res, _ := strkey.Encode(strkey.AccountAddressVersionByte, k.pubKey) return res @@ -165,6 +172,7 @@ func (k *Ed25519PubKey) Verify(data []byte, sig []byte) (bool, error) { return ed25519.Verify(k.pubKey, data, sig), nil } +// Marshall marshalls the key into proto func (k *Ed25519PubKey) Marshall() ([]byte, error) { k.marshallOnce.Do(func() { msg := &cryptoproto.Key{ @@ -176,6 +184,11 @@ func (k *Ed25519PubKey) Marshall() ([]byte, error) { return k.marshalled, k.marshallErr } +// LibP2P converts the key to libp2p format +func (k *Ed25519PubKey) LibP2P() (crypto.PubKey, error) { + return crypto.UnmarshalEd25519PublicKey(k.pubKey) +} + // UnmarshalEd25519PublicKey returns a public key from input bytes. func UnmarshalEd25519PublicKey(data []byte) (PubKey, error) { if len(data) != 32 { diff --git a/util/crypto/key.go b/util/crypto/key.go index 93642ad4..969a773f 100644 --- a/util/crypto/key.go +++ b/util/crypto/key.go @@ -3,6 +3,7 @@ package crypto import ( "crypto/subtle" "errors" + "github.com/libp2p/go-libp2p/core/crypto" ) var ErrIncorrectKeyType = errors.New("incorrect key type") @@ -26,6 +27,8 @@ type PrivKey interface { Sign([]byte) ([]byte, error) // GetPublic returns the associated public key GetPublic() PubKey + // LibP2P returns libp2p model + LibP2P() (crypto.PrivKey, error) } // PubKey is the public key used to verify the signatures and decrypt messages @@ -42,6 +45,8 @@ type PubKey interface { Storage() []byte // String returns string representation String() string + // LibP2P returns libp2p model + LibP2P() (crypto.PubKey, error) } type SymKey interface { diff --git a/util/peer/peer.go b/util/peer/peer.go index 9e77f299..ee6a32cd 100644 --- a/util/peer/peer.go +++ b/util/peer/peer.go @@ -1,12 +1,12 @@ package peer import ( - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" + utilcrypto "github.com/anytypeio/any-sync/util/crypto" "github.com/libp2p/go-libp2p/core/crypto" "github.com/libp2p/go-libp2p/core/peer" ) -func IdFromSigningPubKey(pubKey signingkey.PubKey) (peer.ID, error) { +func IdFromSigningPubKey(pubKey utilcrypto.PubKey) (peer.ID, error) { rawSigning, err := pubKey.Raw() if err != nil { return "", err From ee0f62410fcd6bd7564b53b03b4830dfed1c4f76 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Sun, 26 Mar 2023 17:53:11 +0200 Subject: [PATCH 09/24] Remove old acl methods and tests, acl builder --- .../object/acl/aclrecordproto/aclrecord.pb.go | 114 ++++---- .../acl/aclrecordproto/protos/aclrecord.proto | 2 +- .../object/acl/list/aclrecordbuilder.go | 146 +++++----- .../object/acl/list/aclrecordbuilder_test.go | 36 +-- commonspace/object/acl/list/aclstate.go | 153 ++-------- commonspace/object/acl/list/list.go | 12 +- commonspace/payloads.go | 134 +++------ commonspace/space.go | 14 +- util/crypto/cryptoproto/crypto.pb.go | 249 +++++++++++++++- util/crypto/cryptoproto/protos/crypto.proto | 9 + util/crypto/derived.go | 6 +- util/{keys/decode.go => crypto/encoder.go} | 7 +- .../asymmetric/encryptionkey/encryptionkey.go | 18 -- util/keys/asymmetric/encryptionkey/rsa.go | 275 ------------------ .../keys/asymmetric/encryptionkey/rsa_test.go | 24 -- .../signingkey/edwards25519/ed25519.go | 53 ---- util/keys/asymmetric/signingkey/signingkey.go | 59 ---- .../asymmetric/signingkey/signingkey_test.go | 16 - 18 files changed, 453 insertions(+), 874 deletions(-) rename util/{keys/decode.go => crypto/encoder.go} (65%) delete mode 100644 util/keys/asymmetric/encryptionkey/encryptionkey.go delete mode 100644 util/keys/asymmetric/encryptionkey/rsa.go delete mode 100644 util/keys/asymmetric/encryptionkey/rsa_test.go delete mode 100644 util/keys/asymmetric/signingkey/edwards25519/ed25519.go delete mode 100644 util/keys/asymmetric/signingkey/signingkey.go delete mode 100644 util/keys/asymmetric/signingkey/signingkey_test.go diff --git a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go index a8b99e7e..c00b712f 100644 --- a/commonspace/object/acl/aclrecordproto/aclrecord.pb.go +++ b/commonspace/object/acl/aclrecordproto/aclrecord.pb.go @@ -250,7 +250,7 @@ type AclRoot struct { Identity []byte `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` SpaceId string `protobuf:"bytes,2,opt,name=spaceId,proto3" json:"spaceId,omitempty"` EncryptedReadKey []byte `protobuf:"bytes,3,opt,name=encryptedReadKey,proto3" json:"encryptedReadKey,omitempty"` - DerivationScheme string `protobuf:"bytes,4,opt,name=derivationScheme,proto3" json:"derivationScheme,omitempty"` + DerivationParams []byte `protobuf:"bytes,4,opt,name=derivationParams,proto3" json:"derivationParams,omitempty"` Timestamp int64 `protobuf:"varint,5,opt,name=timestamp,proto3" json:"timestamp,omitempty"` } @@ -308,11 +308,11 @@ func (m *AclRoot) GetEncryptedReadKey() []byte { return nil } -func (m *AclRoot) GetDerivationScheme() string { +func (m *AclRoot) GetDerivationParams() []byte { if m != nil { - return m.DerivationScheme + return m.DerivationParams } - return "" + return nil } func (m *AclRoot) GetTimestamp() int64 { @@ -1139,61 +1139,61 @@ var fileDescriptor_c8e9f754f34e929b = []byte{ // 907 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0x4f, 0x6f, 0x1b, 0x45, 0x14, 0xf7, 0xd8, 0x49, 0x1c, 0x3f, 0x9b, 0xc4, 0x19, 0xa0, 0x5d, 0x45, 0xc5, 0x8a, 0x56, 0x42, - 0x8a, 0xaa, 0x2a, 0x11, 0x06, 0x29, 0x55, 0x84, 0xa8, 0xdc, 0x52, 0x64, 0xb7, 0x42, 0xaa, 0x26, - 0x40, 0x51, 0x39, 0x4d, 0x66, 0x47, 0xc9, 0xd0, 0xf5, 0xee, 0x6a, 0x66, 0x6c, 0xe4, 0x4f, 0x01, + 0x8a, 0xaa, 0x2a, 0x11, 0x06, 0x29, 0x55, 0x84, 0xa8, 0xdc, 0x52, 0x64, 0xb7, 0x42, 0x8a, 0x26, + 0x40, 0x51, 0x39, 0x4d, 0x66, 0x47, 0xe9, 0xd0, 0xf5, 0xee, 0x6a, 0x66, 0x6c, 0xe4, 0x4f, 0x01, 0x37, 0xae, 0x5c, 0x90, 0xf8, 0x02, 0x7c, 0x07, 0x8e, 0xb9, 0x20, 0x71, 0x44, 0xc9, 0x67, 0xe0, 0x8e, 0x66, 0xc6, 0xfb, 0xdf, 0x31, 0x70, 0xa0, 0x87, 0xc4, 0x3b, 0xef, 0xfd, 0xe6, 0xcd, 0xef, 0xfd, 0xe6, 0xbd, 0xb7, 0x0b, 0x1f, 0xb3, 0x78, 0x3a, 0x8d, 0x23, 0x95, 0x50, 0xc6, 0x8f, 0xe3, - 0xf3, 0x6f, 0x39, 0xd3, 0xc7, 0x94, 0x85, 0xe6, 0x4f, 0x72, 0x16, 0xcb, 0x20, 0x91, 0xb1, 0x8e, + 0x8b, 0x6f, 0x39, 0xd3, 0xc7, 0x94, 0x85, 0xe6, 0x4f, 0x72, 0x16, 0xcb, 0x20, 0x91, 0xb1, 0x8e, 0x8f, 0xed, 0x7f, 0x95, 0x5b, 0x8f, 0xac, 0x01, 0x77, 0x32, 0x83, 0xff, 0x13, 0x82, 0x1e, 0xa1, 0xdf, 0x8d, 0x58, 0x48, 0xac, 0x01, 0x7b, 0xd0, 0x4e, 0xe8, 0x22, 0x8c, 0x69, 0xe0, 0xa1, 0x03, - 0x74, 0xd8, 0x23, 0xe9, 0x12, 0xdf, 0x83, 0x8e, 0x12, 0x17, 0x11, 0xd5, 0x33, 0xc9, 0xbd, 0xa6, + 0x74, 0xd8, 0x23, 0xe9, 0x12, 0xdf, 0x83, 0x8e, 0x12, 0x97, 0x11, 0xd5, 0x33, 0xc9, 0xbd, 0xa6, 0xf5, 0xe5, 0x06, 0x7c, 0x1f, 0xfa, 0x94, 0x31, 0x9e, 0xe8, 0x58, 0x4e, 0x02, 0x1e, 0x69, 0xa1, - 0x17, 0x5e, 0xcb, 0x82, 0x6a, 0x76, 0xfc, 0x00, 0xf6, 0x52, 0xdb, 0x59, 0x16, 0x71, 0xc3, 0x82, - 0xeb, 0x0e, 0xff, 0x13, 0xc0, 0x45, 0x86, 0x2f, 0x85, 0xbe, 0x9c, 0xac, 0xe3, 0xb9, 0x03, 0x4d, - 0x11, 0x58, 0x82, 0x1d, 0xd2, 0x14, 0x81, 0xff, 0x3d, 0x82, 0x4e, 0x9e, 0xdf, 0x1d, 0xd8, 0x4a, - 0x24, 0x9f, 0x4f, 0xdc, 0xb6, 0x0e, 0x59, 0xae, 0xf0, 0x3e, 0x6c, 0x8b, 0x94, 0xb7, 0x4b, 0x2e, - 0x5b, 0x63, 0x0c, 0x1b, 0x01, 0xd5, 0x74, 0x99, 0x8f, 0x7d, 0x36, 0x6a, 0x48, 0x4e, 0x83, 0xe7, - 0x7c, 0x31, 0x09, 0x2c, 0xf7, 0x0e, 0xc9, 0x0d, 0xc6, 0xab, 0xc5, 0x94, 0x2b, 0x4d, 0xa7, 0x89, - 0xb7, 0x79, 0x80, 0x0e, 0x5b, 0x24, 0x37, 0xf8, 0xbf, 0x22, 0x68, 0x1b, 0x46, 0x71, 0xac, 0x4b, - 0xe7, 0xa2, 0xca, 0xb9, 0x1e, 0xb4, 0xed, 0x0d, 0x4f, 0xd2, 0x74, 0xd2, 0xa5, 0x51, 0x9b, 0x47, - 0x4c, 0x2e, 0x12, 0xcd, 0x03, 0xe2, 0x4e, 0x4d, 0xd5, 0xae, 0xda, 0x0d, 0x36, 0xe0, 0x52, 0xcc, - 0xa9, 0x16, 0x71, 0x74, 0xc6, 0x2e, 0xf9, 0x94, 0x2f, 0x09, 0xd7, 0xec, 0xff, 0xc0, 0xfb, 0xf7, - 0x26, 0xec, 0x8e, 0x58, 0xf8, 0x24, 0x8e, 0x34, 0x8f, 0xf4, 0x57, 0x34, 0x9c, 0x71, 0xfc, 0x01, - 0xb4, 0x67, 0x8a, 0xcb, 0x51, 0xe0, 0x04, 0xed, 0x0e, 0xdf, 0x3d, 0xca, 0xcb, 0x6d, 0xc4, 0xc2, - 0x2f, 0x9d, 0x73, 0xdc, 0x20, 0x29, 0x0e, 0x9f, 0x02, 0x98, 0x47, 0xc2, 0xa7, 0xf1, 0xdc, 0x55, - 0x52, 0x77, 0xe8, 0xd5, 0x77, 0x39, 0xff, 0xb8, 0x41, 0x0a, 0x68, 0xfc, 0x35, 0xbc, 0x63, 0x56, - 0x2f, 0xb8, 0x9c, 0x0a, 0xa5, 0x44, 0x1c, 0x3d, 0xb9, 0xa4, 0xd1, 0x05, 0xb7, 0xc9, 0x77, 0x87, - 0x7e, 0x3d, 0x4a, 0x15, 0x39, 0x6e, 0x90, 0x95, 0x11, 0x52, 0x56, 0x93, 0x68, 0x2e, 0xb4, 0x13, - 0x68, 0x25, 0x2b, 0xe7, 0x4f, 0x59, 0xb9, 0x15, 0xfe, 0x08, 0xb6, 0xcd, 0xea, 0x59, 0x2c, 0x22, - 0xab, 0x5a, 0x77, 0x78, 0xa7, 0xbe, 0xd3, 0x78, 0xc7, 0x0d, 0x92, 0x21, 0x1f, 0xb7, 0x61, 0x73, - 0x6e, 0x34, 0xf4, 0x9f, 0xda, 0x72, 0xf8, 0xd4, 0x94, 0xd5, 0x29, 0x00, 0xcd, 0x14, 0xf6, 0xd0, - 0x41, 0xeb, 0xb0, 0x3b, 0xdc, 0x2f, 0xc7, 0x2a, 0xca, 0x4f, 0x0a, 0x68, 0xff, 0x2f, 0x04, 0xdb, - 0x23, 0x16, 0x9e, 0x69, 0xaa, 0x39, 0x1e, 0x00, 0x64, 0xe5, 0xa8, 0x6c, 0xa0, 0x0e, 0x29, 0x58, - 0xf0, 0x89, 0x4b, 0xd7, 0x82, 0x95, 0xd7, 0xb4, 0x07, 0xdd, 0xad, 0x93, 0xb6, 0x7e, 0x52, 0x80, - 0xe2, 0x53, 0x68, 0x0b, 0x9b, 0xb5, 0xf2, 0x5a, 0x76, 0xd7, 0x41, 0x79, 0x97, 0x85, 0x1d, 0x39, - 0x61, 0xd4, 0xd3, 0x48, 0xcb, 0x05, 0x49, 0x37, 0xec, 0x7f, 0x01, 0xbd, 0xa2, 0x03, 0xf7, 0xa1, - 0xf5, 0x9a, 0x2f, 0x96, 0x9d, 0x68, 0x1e, 0xf1, 0xd1, 0x52, 0x93, 0xdb, 0xcb, 0xc2, 0x05, 0x20, - 0x0e, 0x76, 0xda, 0x7c, 0x88, 0xfc, 0xd7, 0xd0, 0x2b, 0xb2, 0x5d, 0xdb, 0x52, 0x8f, 0xa0, 0x9b, - 0x64, 0x37, 0xaf, 0xec, 0x29, 0x3b, 0xc3, 0xf7, 0xd6, 0x95, 0x8d, 0x22, 0xc5, 0x1d, 0xfe, 0x8f, - 0x08, 0x20, 0x2f, 0xeb, 0xb5, 0x67, 0x3d, 0x80, 0xbd, 0x6a, 0x33, 0x3a, 0xa5, 0x7b, 0xa4, 0xee, - 0xa8, 0x32, 0x6b, 0xfd, 0x67, 0x66, 0xbf, 0x20, 0x78, 0xab, 0xa4, 0x11, 0x3e, 0x84, 0x5d, 0x37, - 0x4e, 0x5f, 0xcc, 0xce, 0x43, 0xc1, 0x9e, 0xf3, 0x94, 0x63, 0xd5, 0xfc, 0xa6, 0xa9, 0xfe, 0x8c, - 0xa0, 0x5b, 0xe8, 0x8a, 0xb5, 0x2a, 0x66, 0x49, 0x9c, 0x55, 0x5e, 0x3e, 0x55, 0x33, 0xf6, 0xa1, + 0x17, 0x5e, 0xcb, 0x82, 0x6a, 0x76, 0xfc, 0x00, 0xf6, 0x52, 0xdb, 0x79, 0x16, 0x71, 0xc3, 0x82, + 0xeb, 0x0e, 0xff, 0x13, 0xc0, 0x45, 0x86, 0x2f, 0x84, 0x7e, 0x35, 0x59, 0xc7, 0x73, 0x07, 0x9a, + 0x22, 0xb0, 0x04, 0x3b, 0xa4, 0x29, 0x02, 0xff, 0x7b, 0x04, 0x9d, 0x3c, 0xbf, 0x3b, 0xb0, 0x95, + 0x48, 0x3e, 0x9f, 0xb8, 0x6d, 0x1d, 0xb2, 0x5c, 0xe1, 0x7d, 0xd8, 0x16, 0x29, 0x6f, 0x97, 0x5c, + 0xb6, 0xc6, 0x18, 0x36, 0x02, 0xaa, 0xe9, 0x32, 0x1f, 0xfb, 0x6c, 0xd4, 0x90, 0x9c, 0x06, 0xcf, + 0xf9, 0x62, 0x12, 0x58, 0xee, 0x1d, 0x92, 0x1b, 0x8c, 0x57, 0x8b, 0x29, 0x57, 0x9a, 0x4e, 0x13, + 0x6f, 0xf3, 0x00, 0x1d, 0xb6, 0x48, 0x6e, 0xf0, 0x7f, 0x45, 0xd0, 0x36, 0x8c, 0xe2, 0x58, 0x97, + 0xce, 0x45, 0x95, 0x73, 0x3d, 0x68, 0xdb, 0x1b, 0x9e, 0xa4, 0xe9, 0xa4, 0x4b, 0xa3, 0x36, 0x8f, + 0x98, 0x5c, 0x24, 0x9a, 0x07, 0xc4, 0x9d, 0x9a, 0xaa, 0x5d, 0xb5, 0x1b, 0x6c, 0xc0, 0xa5, 0x98, + 0x53, 0x2d, 0xe2, 0xe8, 0x8c, 0x4a, 0x3a, 0x55, 0x4b, 0xb1, 0x6b, 0xf6, 0x7f, 0xe0, 0xfd, 0x7b, + 0x13, 0x76, 0x47, 0x2c, 0x7c, 0x12, 0x47, 0x9a, 0x47, 0xfa, 0x2b, 0x1a, 0xce, 0x38, 0xfe, 0x00, + 0xda, 0x33, 0xc5, 0xe5, 0x28, 0x70, 0x82, 0x76, 0x87, 0xef, 0x1e, 0xe5, 0xe5, 0x36, 0x62, 0xe1, + 0x97, 0xce, 0x39, 0x6e, 0x90, 0x14, 0x87, 0x4f, 0x01, 0xcc, 0x23, 0xe1, 0xd3, 0x78, 0xee, 0x2a, + 0xa9, 0x3b, 0xf4, 0xea, 0xbb, 0x9c, 0x7f, 0xdc, 0x20, 0x05, 0x34, 0xfe, 0x1a, 0xde, 0x31, 0xab, + 0x33, 0x2e, 0xa7, 0x42, 0x29, 0x11, 0x47, 0x4f, 0x5e, 0xd1, 0xe8, 0x92, 0xdb, 0xe4, 0xbb, 0x43, + 0xbf, 0x1e, 0xa5, 0x8a, 0x1c, 0x37, 0xc8, 0xca, 0x08, 0x29, 0xab, 0x49, 0x34, 0x17, 0xda, 0x55, + 0xe3, 0x4a, 0x56, 0xce, 0x9f, 0xb2, 0x72, 0x2b, 0xfc, 0x11, 0x6c, 0x9b, 0xd5, 0xb3, 0x58, 0x44, + 0x56, 0xb5, 0xee, 0xf0, 0x4e, 0x7d, 0xa7, 0xf1, 0x8e, 0x1b, 0x24, 0x43, 0x3e, 0x6e, 0xc3, 0xe6, + 0xdc, 0x68, 0xe8, 0x3f, 0xb5, 0xe5, 0xf0, 0xa9, 0x29, 0xab, 0x53, 0x00, 0x9a, 0x29, 0xec, 0xa1, + 0x83, 0xd6, 0x61, 0x77, 0xb8, 0x5f, 0x8e, 0x55, 0x94, 0x9f, 0x14, 0xd0, 0xfe, 0x5f, 0x08, 0xb6, + 0x47, 0x2c, 0x3c, 0xd7, 0x54, 0x73, 0x3c, 0x00, 0xc8, 0xca, 0x51, 0xd9, 0x40, 0x1d, 0x52, 0xb0, + 0xe0, 0x13, 0x97, 0xae, 0x05, 0x2b, 0xaf, 0x69, 0x0f, 0xba, 0x5b, 0x27, 0x6d, 0xfd, 0xa4, 0x00, + 0xc5, 0xa7, 0xd0, 0x16, 0x36, 0x6b, 0xe5, 0xb5, 0xec, 0xae, 0x83, 0xf2, 0x2e, 0x0b, 0x3b, 0x72, + 0xc2, 0xa8, 0xa7, 0x91, 0x96, 0x0b, 0x92, 0x6e, 0xd8, 0xff, 0x02, 0x7a, 0x45, 0x07, 0xee, 0x43, + 0xeb, 0x35, 0x5f, 0x2c, 0x3b, 0xd1, 0x3c, 0xe2, 0xa3, 0xa5, 0x26, 0xb7, 0x97, 0x85, 0x0b, 0x40, + 0x1c, 0xec, 0xb4, 0xf9, 0x10, 0xf9, 0xaf, 0xa1, 0x57, 0x64, 0xbb, 0xb6, 0xa5, 0x1e, 0x41, 0x37, + 0xc9, 0x6e, 0x5e, 0xd9, 0x53, 0x76, 0x86, 0xef, 0xad, 0x2b, 0x1b, 0x45, 0x8a, 0x3b, 0xfc, 0x1f, + 0x11, 0x40, 0x5e, 0xd6, 0x6b, 0xcf, 0x7a, 0x00, 0x7b, 0xd5, 0x66, 0x74, 0x4a, 0xf7, 0x48, 0xdd, + 0x51, 0x65, 0xd6, 0xfa, 0xcf, 0xcc, 0x7e, 0x41, 0xf0, 0x56, 0x49, 0x23, 0x7c, 0x08, 0xbb, 0x6e, + 0x9c, 0x9e, 0xcd, 0x2e, 0x42, 0xc1, 0x9e, 0xf3, 0x94, 0x63, 0xd5, 0xfc, 0xa6, 0xa9, 0xfe, 0x8c, + 0xa0, 0x5b, 0xe8, 0x8a, 0xb5, 0x2a, 0x66, 0x49, 0x9c, 0x57, 0x5e, 0x3e, 0x55, 0x33, 0xf6, 0xa1, 0x97, 0xe5, 0x95, 0x0f, 0xc4, 0x92, 0x6d, 0x75, 0xa2, 0x1b, 0xb7, 0x24, 0xea, 0xab, 0x4c, 0xd1, 0xe5, 0xf8, 0x59, 0x47, 0xf4, 0x33, 0xd8, 0x5d, 0xf6, 0x17, 0xe1, 0x49, 0x48, 0x59, 0xd6, 0x56, 0xf7, 0xca, 0xca, 0x90, 0x12, 0x88, 0x54, 0x37, 0xf9, 0xdf, 0xc0, 0x5e, 0x0d, 0xb5, 0xf6, 0xe0, 0x55, 0x2f, 0x83, 0xe6, 0xea, 0x97, 0x81, 0x3f, 0x87, 0xbb, 0xb7, 0x0c, 0xc6, 0xff, 0xb7, 0x6d, - 0x9e, 0xc1, 0x8e, 0x99, 0x0d, 0x8b, 0x88, 0x7d, 0xce, 0x95, 0xa2, 0x17, 0x1c, 0x3f, 0x84, 0x36, + 0x9e, 0xc1, 0x8e, 0x99, 0x0d, 0x8b, 0x88, 0x7d, 0xce, 0x95, 0xa2, 0x97, 0x1c, 0x3f, 0x84, 0x36, 0xcb, 0xc6, 0x9c, 0xe9, 0xf5, 0x41, 0x65, 0x8e, 0x2c, 0x22, 0x56, 0x1a, 0x75, 0x29, 0xdc, 0x7f, - 0x05, 0x6f, 0xaf, 0xf0, 0xdb, 0xd1, 0x19, 0x04, 0xee, 0x35, 0xaf, 0x96, 0x31, 0x2b, 0xf3, 0x63, + 0x09, 0x6f, 0xaf, 0xf0, 0xdb, 0xd1, 0x19, 0x04, 0xee, 0x35, 0xaf, 0x96, 0x31, 0x2b, 0xf3, 0x63, 0x94, 0xf9, 0xcd, 0x00, 0xcf, 0xd1, 0xf9, 0x28, 0x1e, 0xdb, 0x1b, 0xcf, 0x71, 0xf8, 0x04, 0xda, 0x32, 0x0b, 0x69, 0x6e, 0xb3, 0x98, 0x75, 0xfd, 0xbb, 0x84, 0xa4, 0xe8, 0xfb, 0x27, 0x80, 0xeb, - 0xa2, 0xe0, 0x0e, 0x6c, 0x8e, 0x82, 0xa9, 0x88, 0xfa, 0x0d, 0x0c, 0xb0, 0xf5, 0x52, 0x0a, 0xcd, + 0xa2, 0xe0, 0x0e, 0x6c, 0x8e, 0x82, 0xa9, 0x88, 0xfa, 0x0d, 0x0c, 0xb0, 0xf5, 0x42, 0x0a, 0xcd, 0x65, 0x1f, 0x99, 0x67, 0x73, 0x43, 0x5c, 0xf6, 0x9b, 0x8f, 0x1f, 0xfd, 0x76, 0x3d, 0x40, 0x57, 0xd7, 0x03, 0xf4, 0xe7, 0xf5, 0x00, 0xfd, 0x70, 0x33, 0x68, 0x5c, 0xdd, 0x0c, 0x1a, 0x7f, 0xdc, - 0x0c, 0x1a, 0xaf, 0xde, 0xff, 0x57, 0x5f, 0x7d, 0xe7, 0x5b, 0xf6, 0xe7, 0xc3, 0xbf, 0x03, 0x00, - 0x00, 0xff, 0xff, 0x34, 0xb4, 0xa5, 0x8e, 0x25, 0x0a, 0x00, 0x00, + 0x0c, 0x1a, 0x2f, 0xdf, 0xff, 0x57, 0x5f, 0x7d, 0x17, 0x5b, 0xf6, 0xe7, 0xc3, 0xbf, 0x03, 0x00, + 0x00, 0xff, 0xff, 0xd0, 0x3a, 0xc4, 0x88, 0x25, 0x0a, 0x00, 0x00, } func (m *RawAclRecord) Marshal() (dAtA []byte, err error) { @@ -1365,10 +1365,10 @@ func (m *AclRoot) MarshalToSizedBuffer(dAtA []byte) (int, error) { i-- dAtA[i] = 0x28 } - if len(m.DerivationScheme) > 0 { - i -= len(m.DerivationScheme) - copy(dAtA[i:], m.DerivationScheme) - i = encodeVarintAclrecord(dAtA, i, uint64(len(m.DerivationScheme))) + if len(m.DerivationParams) > 0 { + i -= len(m.DerivationParams) + copy(dAtA[i:], m.DerivationParams) + i = encodeVarintAclrecord(dAtA, i, uint64(len(m.DerivationParams))) i-- dAtA[i] = 0x22 } @@ -2158,7 +2158,7 @@ func (m *AclRoot) Size() (n int) { if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } - l = len(m.DerivationScheme) + l = len(m.DerivationParams) if l > 0 { n += 1 + l + sovAclrecord(uint64(l)) } @@ -3120,9 +3120,9 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { iNdEx = postIndex case 4: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field DerivationScheme", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field DerivationParams", wireType) } - var stringLen uint64 + var byteLen int for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowAclrecord @@ -3132,23 +3132,25 @@ func (m *AclRoot) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - stringLen |= uint64(b&0x7F) << shift + byteLen |= int(b&0x7F) << shift if b < 0x80 { break } } - intStringLen := int(stringLen) - if intStringLen < 0 { + if byteLen < 0 { return ErrInvalidLengthAclrecord } - postIndex := iNdEx + intStringLen + postIndex := iNdEx + byteLen if postIndex < 0 { return ErrInvalidLengthAclrecord } if postIndex > l { return io.ErrUnexpectedEOF } - m.DerivationScheme = string(dAtA[iNdEx:postIndex]) + m.DerivationParams = append(m.DerivationParams[:0], dAtA[iNdEx:postIndex]...) + if m.DerivationParams == nil { + m.DerivationParams = []byte{} + } iNdEx = postIndex case 5: if wireType != 0 { diff --git a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto index 4a6658d5..f64b9697 100644 --- a/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto +++ b/commonspace/object/acl/aclrecordproto/protos/aclrecord.proto @@ -26,7 +26,7 @@ message AclRoot { bytes identity = 1; string spaceId = 2; bytes encryptedReadKey = 3; - string derivationScheme = 4; + bytes derivationParams = 4; int64 timestamp = 5; } diff --git a/commonspace/object/acl/list/aclrecordbuilder.go b/commonspace/object/acl/list/aclrecordbuilder.go index e85f6be1..8ea77746 100644 --- a/commonspace/object/acl/list/aclrecordbuilder.go +++ b/commonspace/object/acl/list/aclrecordbuilder.go @@ -4,11 +4,20 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" "github.com/anytypeio/any-sync/util/cidutil" "github.com/anytypeio/any-sync/util/crypto" + "github.com/anytypeio/any-sync/util/crypto/cryptoproto" "github.com/gogo/protobuf/proto" ) +type RootContent struct { + PrivKey crypto.PrivKey + SpaceId string + DerivationPath string + EncryptedReadKey []byte +} + type AclRecordBuilder interface { - FromRaw(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) + Unmarshall(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) + BuildRoot(content RootContent) (rec *aclrecordproto.RawAclRecordWithId, err error) } type aclRecordBuilder struct { @@ -16,92 +25,14 @@ type aclRecordBuilder struct { keyStorage crypto.KeyStorage } -func newAclRecordBuilder(id string, keyStorage crypto.KeyStorage) AclRecordBuilder { +func NewAclRecordBuilder(id string, keyStorage crypto.KeyStorage) AclRecordBuilder { return &aclRecordBuilder{ id: id, keyStorage: keyStorage, } } -// TODO: update with new logic -//func (a *aclRecordBuilder) BuildUserJoin(acceptPrivKeyBytes []byte, encSymKeyBytes []byte, state *AclState) (rec *aclrecordproto.RawAclRecord, err error) { -// acceptPrivKey, err := crypto.NewSigningEd25519PrivKeyFromBytes(acceptPrivKeyBytes) -// if err != nil { -// return -// } -// acceptPubKeyBytes, err := acceptPrivKey.GetPublic().Raw() -// if err != nil { -// return -// } -// encSymKey, err := crypto.UnmarshallAESKey(encSymKeyBytes) -// if err != nil { -// return -// } -// -// invite, err := state.Invite(acceptPubKeyBytes) -// if err != nil { -// return -// } -// -// encPrivKey, signPrivKey := state.UserKeys() -// var symKeys [][]byte -// for _, rk := range invite.EncryptedReadKeys { -// dec, err := encSymKey.Decrypt(rk) -// if err != nil { -// return nil, err -// } -// newEnc, err := encPrivKey.GetPublic().Encrypt(dec) -// if err != nil { -// return nil, err -// } -// symKeys = append(symKeys, newEnc) -// } -// idSignature, err := acceptPrivKey.Sign(state.Identity()) -// if err != nil { -// return -// } -// encPubKeyBytes, err := encPrivKey.GetPublic().Raw() -// if err != nil { -// return -// } -// -// userJoin := &aclrecordproto.AclUserJoin{ -// Identity: state.Identity(), -// EncryptionKey: encPubKeyBytes, -// AcceptSignature: idSignature, -// AcceptPubKey: acceptPubKeyBytes, -// EncryptedReadKeys: symKeys, -// } -// aclData := &aclrecordproto.AclData{AclContent: []*aclrecordproto.AclContentValue{ -// {Value: &aclrecordproto.AclContentValue_UserJoin{UserJoin: userJoin}}, -// }} -// marshalledJoin, err := aclData.Marshal() -// if err != nil { -// return -// } -// aclRecord := &aclrecordproto.AclRecord{ -// PrevId: state.LastRecordId(), -// Identity: state.Identity(), -// Data: marshalledJoin, -// CurrentReadKeyHash: state.CurrentReadKeyId(), -// Timestamp: time.Now().Unix(), -// } -// marshalledRecord, err := aclRecord.Marshal() -// if err != nil { -// return -// } -// recSignature, err := signPrivKey.Sign(marshalledRecord) -// if err != nil { -// return -// } -// rec = &aclrecordproto.RawAclRecord{ -// Payload: marshalledRecord, -// Signature: recSignature, -// } -// return -//} - -func (a *aclRecordBuilder) FromRaw(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) { +func (a *aclRecordBuilder) Unmarshall(rawIdRecord *aclrecordproto.RawAclRecordWithId) (rec *AclRecord, err error) { var ( rawRec = &aclrecordproto.RawAclRecord{} pubKey crypto.PubKey @@ -153,6 +84,31 @@ func (a *aclRecordBuilder) FromRaw(rawIdRecord *aclrecordproto.RawAclRecordWithI return } +func (a *aclRecordBuilder) BuildRoot(content RootContent) (rec *aclrecordproto.RawAclRecordWithId, err error) { + identity, err := content.PrivKey.GetPublic().Marshall() + if err != nil { + return + } + var derivationParams []byte + if content.DerivationPath != "" { + keyDerivation := &cryptoproto.KeyDerivation{ + Method: cryptoproto.DerivationMethod_Slip21, + DerivationPath: content.DerivationPath, + } + derivationParams, err = keyDerivation.Marshal() + if err != nil { + return + } + } + aclRoot := &aclrecordproto.AclRoot{ + Identity: identity, + SpaceId: content.SpaceId, + EncryptedReadKey: content.EncryptedReadKey, + DerivationParams: derivationParams, + } + return marshalAclRoot(aclRoot, content.PrivKey) +} + func verifyRaw( pubKey crypto.PubKey, rawRec *aclrecordproto.RawAclRecord, @@ -173,3 +129,31 @@ func verifyRaw( } return } + +func marshalAclRoot(aclRoot *aclrecordproto.AclRoot, key crypto.PrivKey) (rawWithId *aclrecordproto.RawAclRecordWithId, err error) { + marshalledRoot, err := aclRoot.Marshal() + if err != nil { + return + } + signature, err := key.Sign(marshalledRoot) + if err != nil { + return + } + raw := &aclrecordproto.RawAclRecord{ + Payload: marshalledRoot, + Signature: signature, + } + marshalledRaw, err := raw.Marshal() + if err != nil { + return + } + aclHeadId, err := cidutil.NewCidFromBytes(marshalledRaw) + if err != nil { + return + } + rawWithId = &aclrecordproto.RawAclRecordWithId{ + Payload: marshalledRaw, + Id: aclHeadId, + } + return +} diff --git a/commonspace/object/acl/list/aclrecordbuilder_test.go b/commonspace/object/acl/list/aclrecordbuilder_test.go index 24b5c9ce..27a75a28 100644 --- a/commonspace/object/acl/list/aclrecordbuilder_test.go +++ b/commonspace/object/acl/list/aclrecordbuilder_test.go @@ -5,39 +5,5 @@ import ( ) func TestAclRecordBuilder_BuildUserJoin(t *testing.T) { - //st, err := acllistbuilder2.NewListStorageWithTestName("userjoinexample.yml") - //require.NoError(t, err, "building storage should not result in error") - // - //testKeychain := st.(*acllistbuilder2.AclListStorageBuilder).GetKeychain() - //identity := testKeychain.GeneratedIdentities["D"] - //signPrivKey := testKeychain.SigningKeysByYAMLName["D"] - //encPrivKey := testKeychain.EncryptionKeysByYAMLName["D"] - //acc := &accountdata.AccountKeys{ - // Identity: []byte(identity), - // PrivKey: signPrivKey, - // EncKey: encPrivKey, - //} - // - //aclList, err := BuildAclListWithIdentity(acc, st) - //require.NoError(t, err, "building acl list should be without error") - //recordBuilder := newAclRecordBuilder(aclList.Id(), keychain.NewKeychain()) - //rk, err := testKeychain.GetKey("key.Read.EncKey").(*acllistbuilder2.SymKey).Key.Raw() - //require.NoError(t, err) - //privKey, err := testKeychain.GetKey("key.Sign.Onetime1").(signingkey.PrivKey).Raw() - //require.NoError(t, err) - // - //userJoin, err := recordBuilder.BuildUserJoin(privKey, rk, aclList.AclState()) - //require.NoError(t, err) - //marshalledJoin, err := userJoin.Marshal() - //require.NoError(t, err) - //id, err := cidutil.NewCidFromBytes(marshalledJoin) - //require.NoError(t, err) - //rawRec := &aclrecordproto.RawAclRecordWithId{ - // Payload: marshalledJoin, - // Id: id, - //} - //res, err := aclList.AddRawRecord(rawRec) - //require.True(t, res) - //require.NoError(t, err) - //require.Equal(t, aclrecordproto.AclUserPermissions_Writer, aclList.AclState().UserStates()[identity].Permissions) + return } diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 4c4e4de9..8fff1a8b 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -3,6 +3,7 @@ package list import ( "errors" "fmt" + "github.com/anytypeio/any-sync/util/crypto/cryptoproto" "github.com/anytypeio/any-sync/app/logger" "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" @@ -41,11 +42,10 @@ type AclState struct { userReadKeys map[string]crypto.SymKey userStates map[string]AclUserState statesAtRecord map[string][]AclUserState - //userInvites map[string]*aclrecordproto.AclUserInvite - key crypto.PrivKey - pubKey crypto.PubKey - keyStore crypto.KeyStorage - totalReadKeys int + key crypto.PrivKey + pubKey crypto.PubKey + keyStore crypto.KeyStorage + totalReadKeys int lastRecordId string @@ -62,7 +62,6 @@ func newAclStateWithKeys( userReadKeys: make(map[string]crypto.SymKey), userStates: make(map[string]AclUserState), statesAtRecord: make(map[string][]AclUserState), - //userInvites: make(map[string]*aclrecordproto.AclUserInvite), }, nil } @@ -72,7 +71,6 @@ func newAclState(id string) *AclState { userReadKeys: make(map[string]crypto.SymKey), userStates: make(map[string]AclUserState), statesAtRecord: make(map[string][]AclUserState), - //userInvites: make(map[string]*aclrecordproto.AclUserInvite), } } @@ -177,14 +175,8 @@ func (st *AclState) saveReadKeyFromRoot(record *AclRecord) (err error) { if !ok { return ErrIncorrectRoot } - if len(root.GetDerivationScheme()) != 0 { - var keyBytes []byte - keyBytes, err = st.key.Raw() - if err != nil { - return - } - - readKey, err = crypto.DeriveAccountSymmetric(keyBytes) + if root.DerivationParams != nil { + readKey, err = st.deriveKey(root.DerivationParams) if err != nil { return } @@ -267,113 +259,19 @@ func (st *AclState) applyUserPermissionChange(ch *aclrecordproto.AclUserPermissi } func (st *AclState) applyUserInvite(ch *aclrecordproto.AclUserInvite, recordId string) error { - //acceptPubKey, err := st.keyStore.PubKeyFromProto(ch.AcceptPublicKey) - //if err != nil { - // return nil - //} - //st.userInvites[string(ch.AcceptPublicKey)] = ch + // TODO: check old code and bring it back :-) return nil } func (st *AclState) applyUserJoin(ch *aclrecordproto.AclUserJoin, recordId string) error { - //invite, exists := st.userInvites[string(ch.AcceptPubKey)] - //if !exists { - // // TODO: change key to use same encoding - // return fmt.Errorf("no such invite with such public key %s", keys.EncodeBytesToString(ch.AcceptPubKey)) - //} - //chIdentity := string(ch.Identity) - //if _, exists = st.userStates[chIdentity]; exists { - // return ErrUserAlreadyExists - //} - // - //// validating signature - //signature := ch.GetAcceptSignature() - //verificationKey, err := crypto.UnmarshalEd25519PublicKeyProto(invite.AcceptPublicKey) - //if err != nil { - // return fmt.Errorf("public key verifying invite accepts is given in incorrect format: %v", err) - //} - // - //// TODO: intuitively we need to sign not only the identity but a more complicated payload - //res, err := verificationKey.Verify(ch.Identity, signature) - //if err != nil { - // return fmt.Errorf("verification returned error: %w", err) - //} - //if !res { - // return ErrInvalidSignature - //} - // - //// if ourselves -> we need to decrypt the read keys - //if st.identity == chIdentity { - // for _, key := range ch.EncryptedReadKeys { - // key, err := st.decryptReadKey(key) - // if err != nil { - // return ErrFailedToDecrypt - // } - // - // st.userReadKeys[recordId] = key - // } - //} - // - //// adding user to the list - //userState := &aclrecordproto.AclUserState{ - // Identity: ch.Identity, - // Permissions: invite.Permissions, - //} - //st.userStates[chIdentity] = userState return nil } func (st *AclState) applyUserAdd(ch *aclrecordproto.AclUserAdd, recordId string) error { - //chIdentity := string(ch.Identity) - //if _, exists := st.userStates[chIdentity]; exists { - // return ErrUserAlreadyExists - //} - // - //st.userStates[chIdentity] = &aclrecordproto.AclUserState{ - // Identity: ch.Identity, - // EncryptionKey: ch.EncryptionKey, - // Permissions: ch.Permissions, - //} - // - //if chIdentity == st.identity { - // for _, key := range ch.EncryptedReadKeys { - // key, hash, err := st.decryptReadKey(key) - // if err != nil { - // return ErrFailedToDecrypt - // } - // - // st.userReadKeys[hash] = key - // } - //} - return nil } func (st *AclState) applyUserRemove(ch *aclrecordproto.AclUserRemove, recordId string) error { - //chIdentity := string(ch.Identity) - //if chIdentity == st.identity { - // return ErrDocumentForbidden - //} - // - //if _, exists := st.userStates[chIdentity]; !exists { - // return ErrNoSuchUser - //} - // - //delete(st.userStates, chIdentity) - // - //for _, replace := range ch.ReadKeyReplaces { - // repIdentity := string(replace.Identity) - // // if this is our identity then we have to decrypt the key - // if repIdentity == st.identity { - // key, hash, err := st.decryptReadKey(replace.EncryptedReadKey) - // if err != nil { - // return ErrFailedToDecrypt - // } - // - // st.userReadKeys[hash] = key - // break - // } - //} return nil } @@ -404,32 +302,35 @@ func (st *AclState) isUserJoin(data *aclrecordproto.AclData) bool { return data.GetAclContent() != nil && data.GetAclContent()[0].GetUserJoin() != nil } -//func (st *AclState) isUserAdd(data *aclrecordproto.AclData, identity []byte) bool { -// // if we have a UserAdd, then it should always be the first one applied -// userAdd := data.GetAclContent()[0].GetUserAdd() -// return data.GetAclContent() != nil && userAdd != nil && bytes.Compare(userAdd.GetIdentity(), identity) == 0 -//} +func (st *AclState) isUserAdd(data *aclrecordproto.AclData, identity []byte) bool { + return false +} func (st *AclState) UserStates() map[string]AclUserState { return st.userStates } -//func (st *AclState) Invite(acceptPubKey []byte) (invite *aclrecordproto.AclUserInvite, err error) { -// invite, exists := st.userInvites[string(acceptPubKey)] -// if !exists { -// err = ErrNoSuchInvite -// return -// } -// if len(invite.EncryptedReadKeys) != st.totalReadKeys { -// err = ErrOldInvite -// } -// return -//} +func (st *AclState) Invite(acceptPubKey []byte) (invite *aclrecordproto.AclUserInvite, err error) { + return +} func (st *AclState) LastRecordId() string { return st.lastRecordId } +func (st *AclState) deriveKey(params []byte) (crypto.SymKey, error) { + keyDerivation := &cryptoproto.KeyDerivation{} + err := proto.Unmarshal(params, keyDerivation) + if err != nil { + return nil, err + } + keyBytes, err := st.key.Raw() + if err != nil { + return nil, err + } + return crypto.DeriveSymmetricKey(keyBytes, keyDerivation.DerivationPath) +} + func mapKeyFromPubKey(pubKey crypto.PubKey) string { return string(pubKey.Storage()) } diff --git a/commonspace/object/acl/list/list.go b/commonspace/object/acl/list/list.go index 5a486ae5..d714f407 100644 --- a/commonspace/object/acl/list/list.go +++ b/commonspace/object/acl/list/list.go @@ -58,12 +58,12 @@ type aclList struct { func BuildAclListWithIdentity(acc *accountdata.AccountKeys, storage liststorage.ListStorage) (AclList, error) { builder := newAclStateBuilderWithIdentity(acc) keyStorage := crypto.NewKeyStorage() - return build(storage.Id(), keyStorage, builder, newAclRecordBuilder(storage.Id(), keyStorage), storage) + return build(storage.Id(), keyStorage, builder, NewAclRecordBuilder(storage.Id(), keyStorage), storage) } func BuildAclList(storage liststorage.ListStorage) (AclList, error) { keyStorage := crypto.NewKeyStorage() - return build(storage.Id(), keyStorage, newAclStateBuilder(), newAclRecordBuilder(storage.Id(), crypto.NewKeyStorage()), storage) + return build(storage.Id(), keyStorage, newAclStateBuilder(), NewAclRecordBuilder(storage.Id(), crypto.NewKeyStorage()), storage) } func build(id string, keyStorage crypto.KeyStorage, stateBuilder *aclStateBuilder, recBuilder AclRecordBuilder, storage liststorage.ListStorage) (list AclList, err error) { @@ -77,7 +77,7 @@ func build(id string, keyStorage crypto.KeyStorage, stateBuilder *aclStateBuilde return } - record, err := recBuilder.FromRaw(rawRecordWithId) + record, err := recBuilder.Unmarshall(rawRecordWithId) if err != nil { return } @@ -89,7 +89,7 @@ func build(id string, keyStorage crypto.KeyStorage, stateBuilder *aclStateBuilde return } - record, err = recBuilder.FromRaw(rawRecordWithId) + record, err = recBuilder.Unmarshall(rawRecordWithId) if err != nil { return } @@ -140,7 +140,7 @@ func (a *aclList) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (added if _, ok := a.indexes[rawRec.Id]; ok { return } - record, err := a.recordBuilder.FromRaw(rawRec) + record, err := a.recordBuilder.Unmarshall(rawRec) if err != nil { return } @@ -159,7 +159,7 @@ func (a *aclList) AddRawRecord(rawRec *aclrecordproto.RawAclRecordWithId) (added } func (a *aclList) IsValidNext(rawRec *aclrecordproto.RawAclRecordWithId) (err error) { - _, err = a.recordBuilder.FromRaw(rawRec) + _, err = a.recordBuilder.Unmarshall(rawRec) if err != nil { return } diff --git a/commonspace/payloads.go b/commonspace/payloads.go index f86703cb..00075379 100644 --- a/commonspace/payloads.go +++ b/commonspace/payloads.go @@ -1,30 +1,24 @@ package commonspace import ( - aclrecordproto "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" - "github.com/anytypeio/any-sync/commonspace/object/keychain" + "github.com/anytypeio/any-sync/commonspace/object/acl/list" "github.com/anytypeio/any-sync/commonspace/object/tree/objecttree" "github.com/anytypeio/any-sync/commonspace/spacestorage" "github.com/anytypeio/any-sync/commonspace/spacesyncproto" "github.com/anytypeio/any-sync/util/cidutil" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" + "github.com/anytypeio/any-sync/util/crypto" "hash/fnv" "math/rand" "time" ) const ( - SpaceReserved = "any-sync.space" - SpaceDerivationScheme = "derivation.standard" + SpaceReserved = "any-sync.space" ) func storagePayloadForSpaceCreate(payload SpaceCreatePayload) (storagePayload spacestorage.SpaceStorageCreatePayload, err error) { - // unmarshalling signing and encryption keys - identity, err := payload.SigningKey.GetPublic().Raw() - if err != nil { - return - } - encPubKey, err := payload.EncryptionKey.GetPublic().Raw() + // marshalling keys + identity, err := payload.SigningKey.GetPublic().Marshall() if err != nil { return } @@ -62,43 +56,32 @@ func storagePayloadForSpaceCreate(payload SpaceCreatePayload) (storagePayload sp RawHeader: marshalled, Id: spaceId, } - - // encrypting read key - hasher := fnv.New64() - _, err = hasher.Write(payload.ReadKey) - if err != nil { - return - } - readKeyHash := hasher.Sum64() - encReadKey, err := payload.EncryptionKey.GetPublic().Encrypt(payload.ReadKey) + readKey, err := payload.SigningKey.GetPublic().Encrypt(payload.ReadKey) if err != nil { return } - // preparing acl - aclRoot := &aclrecordproto.AclRoot{ - Identity: identity, - EncryptionKey: encPubKey, - SpaceId: spaceId, - EncryptedReadKey: encReadKey, - CurrentReadKeyHash: readKeyHash, - Timestamp: time.Now().Unix(), - } - rawWithId, err := marshalAclRoot(aclRoot, payload.SigningKey) + // building acl root + keyStorage := crypto.NewKeyStorage() + aclBuilder := list.NewAclRecordBuilder("", keyStorage) + aclRoot, err := aclBuilder.BuildRoot(list.RootContent{ + PrivKey: payload.SigningKey, + SpaceId: spaceId, + EncryptedReadKey: readKey, + }) if err != nil { return } - builder := objecttree.NewChangeBuilder(keychain.NewKeychain(), nil) + // building settings + builder := objecttree.NewChangeBuilder(keyStorage, nil) spaceSettingsSeed := make([]byte, 32) _, err = rand.Read(spaceSettingsSeed) if err != nil { return } - _, settingsRoot, err := builder.BuildRoot(objecttree.InitialContent{ - AclHeadId: rawWithId.Id, - Identity: aclRoot.Identity, + AclHeadId: aclRoot.Id, PrivKey: payload.SigningKey, SpaceId: spaceId, Seed: spaceSettingsSeed, @@ -111,7 +94,7 @@ func storagePayloadForSpaceCreate(payload SpaceCreatePayload) (storagePayload sp // creating storage storagePayload = spacestorage.SpaceStorageCreatePayload{ - AclWithId: rawWithId, + AclWithId: aclRoot, SpaceHeaderWithId: rawHeaderWithId, SpaceSettingsWithId: settingsRoot, } @@ -119,27 +102,19 @@ func storagePayloadForSpaceCreate(payload SpaceCreatePayload) (storagePayload sp } func storagePayloadForSpaceDerive(payload SpaceDerivePayload) (storagePayload spacestorage.SpaceStorageCreatePayload, err error) { - // unmarshalling signing and encryption keys - identity, err := payload.SigningKey.GetPublic().Raw() + // marshalling keys + identity, err := payload.SigningKey.GetPublic().Marshall() if err != nil { return } - signPrivKey, err := payload.SigningKey.Raw() - if err != nil { - return - } - encPubKey, err := payload.EncryptionKey.GetPublic().Raw() - if err != nil { - return - } - encPrivKey, err := payload.EncryptionKey.Raw() + pubKey, err := payload.SigningKey.GetPublic().Raw() if err != nil { return } // preparing replication key hasher := fnv.New64() - _, err = hasher.Write(identity) + _, err = hasher.Write(pubKey) if err != nil { return } @@ -172,35 +147,22 @@ func storagePayloadForSpaceDerive(payload SpaceDerivePayload) (storagePayload sp Id: spaceId, } - // deriving and encrypting read key - readKey, err := aclrecordproto.AclReadKeyDerive(signPrivKey, encPrivKey) - if err != nil { - return - } - hasher = fnv.New64() - _, err = hasher.Write(readKey.Bytes()) - if err != nil { - return - } - readKeyHash := hasher.Sum64() - - // preparing acl - aclRoot := &aclrecordproto.AclRoot{ - Identity: identity, - EncryptionKey: encPubKey, - SpaceId: spaceId, - DerivationScheme: SpaceDerivationScheme, - CurrentReadKeyHash: readKeyHash, - } - rawWithId, err := marshalAclRoot(aclRoot, payload.SigningKey) + // building acl root + keyStorage := crypto.NewKeyStorage() + aclBuilder := list.NewAclRecordBuilder("", keyStorage) + aclRoot, err := aclBuilder.BuildRoot(list.RootContent{ + PrivKey: payload.SigningKey, + SpaceId: spaceId, + DerivationPath: crypto.AnytypeAccountPath, + }) if err != nil { return } - builder := objecttree.NewChangeBuilder(keychain.NewKeychain(), nil) + // building settings + builder := objecttree.NewChangeBuilder(keyStorage, nil) _, settingsRoot, err := builder.BuildRoot(objecttree.InitialContent{ - AclHeadId: rawWithId.Id, - Identity: aclRoot.Identity, + AclHeadId: aclRoot.Id, PrivKey: payload.SigningKey, SpaceId: spaceId, ChangeType: SpaceReserved, @@ -211,37 +173,9 @@ func storagePayloadForSpaceDerive(payload SpaceDerivePayload) (storagePayload sp // creating storage storagePayload = spacestorage.SpaceStorageCreatePayload{ - AclWithId: rawWithId, + AclWithId: aclRoot, SpaceHeaderWithId: rawHeaderWithId, SpaceSettingsWithId: settingsRoot, } return } - -func marshalAclRoot(aclRoot *aclrecordproto.AclRoot, key signingkey.PrivKey) (rawWithId *aclrecordproto.RawAclRecordWithId, err error) { - marshalledRoot, err := aclRoot.Marshal() - if err != nil { - return - } - signature, err := key.Sign(marshalledRoot) - if err != nil { - return - } - raw := &aclrecordproto.RawAclRecord{ - Payload: marshalledRoot, - Signature: signature, - } - marshalledRaw, err := raw.Marshal() - if err != nil { - return - } - aclHeadId, err := cidutil.NewCidFromBytes(marshalledRaw) - if err != nil { - return - } - rawWithId = &aclrecordproto.RawAclRecordWithId{ - Payload: marshalledRaw, - Id: aclHeadId, - } - return -} diff --git a/commonspace/space.go b/commonspace/space.go index f6de90ea..ece13042 100644 --- a/commonspace/space.go +++ b/commonspace/space.go @@ -23,8 +23,7 @@ import ( "github.com/anytypeio/any-sync/commonspace/syncstatus" "github.com/anytypeio/any-sync/net/peer" "github.com/anytypeio/any-sync/nodeconf" - "github.com/anytypeio/any-sync/util/keys/asymmetric/encryptionkey" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/util/multiqueue" "github.com/anytypeio/any-sync/util/slice" "github.com/cheggaaa/mb/v3" @@ -42,9 +41,7 @@ var ( type SpaceCreatePayload struct { // SigningKey is the signing key of the owner - SigningKey signingkey.PrivKey - // EncryptionKey is the encryption key of the owner - EncryptionKey encryptionkey.PrivKey + SigningKey crypto.PrivKey // SpaceType is an arbitrary string SpaceType string // ReadKey is a first symmetric encryption key for a space @@ -63,10 +60,9 @@ type HandleMessage struct { } type SpaceDerivePayload struct { - SigningKey signingkey.PrivKey - EncryptionKey encryptionkey.PrivKey - SpaceType string - SpacePayload []byte + SigningKey crypto.PrivKey + SpaceType string + SpacePayload []byte } type SpaceDescription struct { diff --git a/util/crypto/cryptoproto/crypto.pb.go b/util/crypto/cryptoproto/crypto.pb.go index 338c1dd9..0f1120cc 100644 --- a/util/crypto/cryptoproto/crypto.pb.go +++ b/util/crypto/cryptoproto/crypto.pb.go @@ -50,6 +50,28 @@ func (KeyType) EnumDescriptor() ([]byte, []int) { return fileDescriptor_ddfeb19e486561de, []int{0} } +type DerivationMethod int32 + +const ( + DerivationMethod_Slip21 DerivationMethod = 0 +) + +var DerivationMethod_name = map[int32]string{ + 0: "Slip21", +} + +var DerivationMethod_value = map[string]int32{ + "Slip21": 0, +} + +func (x DerivationMethod) String() string { + return proto.EnumName(DerivationMethod_name, int32(x)) +} + +func (DerivationMethod) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_ddfeb19e486561de, []int{1} +} + type Key struct { Type KeyType `protobuf:"varint,1,opt,name=Type,proto3,enum=crypto.KeyType" json:"Type,omitempty"` Data []byte `protobuf:"bytes,2,opt,name=Data,proto3" json:"Data,omitempty"` @@ -102,9 +124,63 @@ func (m *Key) GetData() []byte { return nil } +type KeyDerivation struct { + Method DerivationMethod `protobuf:"varint,1,opt,name=method,proto3,enum=crypto.DerivationMethod" json:"method,omitempty"` + DerivationPath string `protobuf:"bytes,2,opt,name=derivationPath,proto3" json:"derivationPath,omitempty"` +} + +func (m *KeyDerivation) Reset() { *m = KeyDerivation{} } +func (m *KeyDerivation) String() string { return proto.CompactTextString(m) } +func (*KeyDerivation) ProtoMessage() {} +func (*KeyDerivation) Descriptor() ([]byte, []int) { + return fileDescriptor_ddfeb19e486561de, []int{1} +} +func (m *KeyDerivation) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *KeyDerivation) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_KeyDerivation.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *KeyDerivation) XXX_Merge(src proto.Message) { + xxx_messageInfo_KeyDerivation.Merge(m, src) +} +func (m *KeyDerivation) XXX_Size() int { + return m.Size() +} +func (m *KeyDerivation) XXX_DiscardUnknown() { + xxx_messageInfo_KeyDerivation.DiscardUnknown(m) +} + +var xxx_messageInfo_KeyDerivation proto.InternalMessageInfo + +func (m *KeyDerivation) GetMethod() DerivationMethod { + if m != nil { + return m.Method + } + return DerivationMethod_Slip21 +} + +func (m *KeyDerivation) GetDerivationPath() string { + if m != nil { + return m.DerivationPath + } + return "" +} + func init() { proto.RegisterEnum("crypto.KeyType", KeyType_name, KeyType_value) + proto.RegisterEnum("crypto.DerivationMethod", DerivationMethod_name, DerivationMethod_value) proto.RegisterType((*Key)(nil), "crypto.Key") + proto.RegisterType((*KeyDerivation)(nil), "crypto.KeyDerivation") } func init() { @@ -112,19 +188,24 @@ func init() { } var fileDescriptor_ddfeb19e486561de = []byte{ - // 191 bytes of a gzipped FileDescriptorProto + // 263 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xd2, 0x2e, 0x2d, 0xc9, 0xcc, 0xd1, 0x4f, 0x2e, 0xaa, 0x2c, 0x28, 0xc9, 0x87, 0x52, 0x05, 0x45, 0xf9, 0x25, 0xf9, 0xfa, 0x60, 0xb2, 0x18, 0x2a, 0xa4, 0x07, 0xe6, 0x09, 0xb1, 0x41, 0x78, 0x4a, 0x76, 0x5c, 0xcc, 0xde, 0xa9, 0x95, 0x42, 0xca, 0x5c, 0x2c, 0x21, 0x95, 0x05, 0xa9, 0x12, 0x8c, 0x0a, 0x8c, 0x1a, 0x7c, 0x46, 0xfc, 0x7a, 0x50, 0xb5, 0xde, 0xa9, 0x95, 0x20, 0xe1, 0x20, 0xb0, 0xa4, 0x90, 0x10, 0x17, 0x8b, - 0x4b, 0x62, 0x49, 0xa2, 0x04, 0x93, 0x02, 0xa3, 0x06, 0x4f, 0x10, 0x98, 0xad, 0x65, 0xc9, 0xc5, - 0x0e, 0x55, 0x24, 0x24, 0xc8, 0xc5, 0xeb, 0x9a, 0x62, 0x64, 0x6a, 0x6a, 0x68, 0x19, 0x50, 0x9a, - 0x94, 0x93, 0x99, 0x2c, 0xc0, 0x20, 0x24, 0xc4, 0xc5, 0x07, 0x13, 0x2a, 0xca, 0x2c, 0x4b, 0x2c, - 0x49, 0x15, 0x60, 0x14, 0x62, 0xe7, 0x62, 0x76, 0x74, 0x0d, 0x16, 0x60, 0x72, 0x32, 0x3c, 0xf1, - 0x48, 0x8e, 0xf1, 0xc2, 0x23, 0x39, 0xc6, 0x07, 0x8f, 0xe4, 0x18, 0x27, 0x3c, 0x96, 0x63, 0xb8, - 0xf0, 0x58, 0x8e, 0xe1, 0xc6, 0x63, 0x39, 0x86, 0x28, 0x71, 0x1c, 0x3e, 0x49, 0x62, 0x03, 0x53, - 0xc6, 0x80, 0x00, 0x00, 0x00, 0xff, 0xff, 0x27, 0xb9, 0xba, 0xd8, 0xeb, 0x00, 0x00, 0x00, + 0x4b, 0x62, 0x49, 0xa2, 0x04, 0x93, 0x02, 0xa3, 0x06, 0x4f, 0x10, 0x98, 0xad, 0x94, 0xc9, 0xc5, + 0xeb, 0x9d, 0x5a, 0xe9, 0x92, 0x5a, 0x94, 0x59, 0x96, 0x58, 0x92, 0x99, 0x9f, 0x27, 0x64, 0xc0, + 0xc5, 0x96, 0x9b, 0x5a, 0x92, 0x91, 0x9f, 0x02, 0x35, 0x4b, 0x02, 0x66, 0x16, 0x42, 0x8d, 0x2f, + 0x58, 0x3e, 0x08, 0xaa, 0x4e, 0x48, 0x8d, 0x8b, 0x2f, 0x05, 0x2e, 0x17, 0x90, 0x58, 0x92, 0x01, + 0xb6, 0x80, 0x33, 0x08, 0x4d, 0x54, 0xcb, 0x92, 0x8b, 0x1d, 0xea, 0x1e, 0x21, 0x41, 0x2e, 0x5e, + 0xd7, 0x14, 0x23, 0x53, 0x53, 0x43, 0xcb, 0x80, 0xd2, 0xa4, 0x9c, 0xcc, 0x64, 0x01, 0x06, 0x21, + 0x21, 0x2e, 0x3e, 0x98, 0x10, 0x58, 0x57, 0xaa, 0x00, 0xa3, 0x10, 0x3b, 0x17, 0xb3, 0xa3, 0x6b, + 0xb0, 0x00, 0x93, 0x96, 0x1c, 0x97, 0x00, 0xba, 0xf5, 0x42, 0x5c, 0x5c, 0x6c, 0xc1, 0x39, 0x99, + 0x05, 0x46, 0x86, 0x02, 0x0c, 0x4e, 0x86, 0x27, 0x1e, 0xc9, 0x31, 0x5e, 0x78, 0x24, 0xc7, 0xf8, + 0xe0, 0x91, 0x1c, 0xe3, 0x84, 0xc7, 0x72, 0x0c, 0x17, 0x1e, 0xcb, 0x31, 0xdc, 0x78, 0x2c, 0xc7, + 0x10, 0x25, 0x8e, 0x23, 0x50, 0x93, 0xd8, 0xc0, 0x94, 0x31, 0x20, 0x00, 0x00, 0xff, 0xff, 0x65, + 0xdf, 0xa5, 0x11, 0x76, 0x01, 0x00, 0x00, } func (m *Key) Marshal() (dAtA []byte, err error) { @@ -162,6 +243,41 @@ func (m *Key) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } +func (m *KeyDerivation) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *KeyDerivation) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *KeyDerivation) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.DerivationPath) > 0 { + i -= len(m.DerivationPath) + copy(dAtA[i:], m.DerivationPath) + i = encodeVarintCrypto(dAtA, i, uint64(len(m.DerivationPath))) + i-- + dAtA[i] = 0x12 + } + if m.Method != 0 { + i = encodeVarintCrypto(dAtA, i, uint64(m.Method)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + func encodeVarintCrypto(dAtA []byte, offset int, v uint64) int { offset -= sovCrypto(v) base := offset @@ -189,6 +305,22 @@ func (m *Key) Size() (n int) { return n } +func (m *KeyDerivation) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Method != 0 { + n += 1 + sovCrypto(uint64(m.Method)) + } + l = len(m.DerivationPath) + if l > 0 { + n += 1 + l + sovCrypto(uint64(l)) + } + return n +} + func sovCrypto(x uint64) (n int) { return (math_bits.Len64(x|1) + 6) / 7 } @@ -298,6 +430,107 @@ func (m *Key) Unmarshal(dAtA []byte) error { } return nil } +func (m *KeyDerivation) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowCrypto + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: KeyDerivation: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: KeyDerivation: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Method", wireType) + } + m.Method = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowCrypto + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Method |= DerivationMethod(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field DerivationPath", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowCrypto + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthCrypto + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthCrypto + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.DerivationPath = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipCrypto(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthCrypto + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func skipCrypto(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0 diff --git a/util/crypto/cryptoproto/protos/crypto.proto b/util/crypto/cryptoproto/protos/crypto.proto index dea6164b..d74f0b61 100644 --- a/util/crypto/cryptoproto/protos/crypto.proto +++ b/util/crypto/cryptoproto/protos/crypto.proto @@ -8,7 +8,16 @@ enum KeyType { AES = 2; } +enum DerivationMethod { + Slip21 = 0; +} + message Key { KeyType Type = 1; bytes Data = 2; } + +message KeyDerivation { + DerivationMethod method = 1; + string derivationPath = 2; +} \ No newline at end of file diff --git a/util/crypto/derived.go b/util/crypto/derived.go index f12fca51..1c3dbe93 100644 --- a/util/crypto/derived.go +++ b/util/crypto/derived.go @@ -2,10 +2,10 @@ package crypto import "github.com/anytypeio/go-slip21" -const anytypeAccountPath = "m/SLIP-0021/anytype/account" +const AnytypeAccountPath = "m/SLIP-0021/anytype/account" -func DeriveAccountSymmetric(seed []byte) (SymKey, error) { - master, err := slip21.DeriveForPath(anytypeAccountPath, seed) +func DeriveSymmetricKey(seed []byte, path string) (SymKey, error) { + master, err := slip21.DeriveForPath(path, seed) if err != nil { return nil, err } diff --git a/util/keys/decode.go b/util/crypto/encoder.go similarity index 65% rename from util/keys/decode.go rename to util/crypto/encoder.go index 374241de..64432dee 100644 --- a/util/keys/decode.go +++ b/util/crypto/encoder.go @@ -1,11 +1,10 @@ -package keys +package crypto import ( "encoding/base64" - "github.com/anytypeio/any-sync/util/crypto" ) -func EncodeKeyToString[T crypto.Key](key T) (str string, err error) { +func EncodeKeyToString[T Key](key T) (str string, err error) { raw, err := key.Raw() if err != nil { return @@ -18,7 +17,7 @@ func EncodeBytesToString(bytes []byte) string { return base64.StdEncoding.EncodeToString(bytes) } -func DecodeKeyFromString[T crypto.Key](str string, construct func([]byte) (T, error), def T) (T, error) { +func DecodeKeyFromString[T Key](str string, construct func([]byte) (T, error), def T) (T, error) { dec, err := DecodeBytesFromString(str) if err != nil { return def, err diff --git a/util/keys/asymmetric/encryptionkey/encryptionkey.go b/util/keys/asymmetric/encryptionkey/encryptionkey.go deleted file mode 100644 index 9c4215ce..00000000 --- a/util/keys/asymmetric/encryptionkey/encryptionkey.go +++ /dev/null @@ -1,18 +0,0 @@ -package encryptionkey - -import ( - "github.com/anytypeio/any-sync/util/crypto" -) - -type PrivKey interface { - crypto.Key - - Decrypt([]byte) ([]byte, error) - GetPublic() PubKey -} - -type PubKey interface { - crypto.Key - - Encrypt(data []byte) ([]byte, error) -} diff --git a/util/keys/asymmetric/encryptionkey/rsa.go b/util/keys/asymmetric/encryptionkey/rsa.go deleted file mode 100644 index 855daf55..00000000 --- a/util/keys/asymmetric/encryptionkey/rsa.go +++ /dev/null @@ -1,275 +0,0 @@ -package encryptionkey - -import ( - "crypto/rand" - "crypto/rsa" - "crypto/sha512" - "crypto/subtle" - "crypto/x509" - "errors" - "github.com/anytypeio/any-sync/util/crypto" - "github.com/cespare/xxhash" - mrand "golang.org/x/exp/rand" - "io" - "math" - "math/big" -) - -var bigZero = big.NewInt(0) -var bigOne = big.NewInt(1) - -var MinRsaKeyBits = 2048 - -var ErrKeyLengthTooSmall = errors.New("error key length too small") - -type EncryptionRsaPrivKey struct { - privKey rsa.PrivateKey -} - -type EncryptionRsaPubKey struct { - pubKey rsa.PublicKey -} - -func (e *EncryptionRsaPubKey) Equals(key crypto.Key) bool { - other, ok := (key).(*EncryptionRsaPubKey) - if !ok { - return keyEquals(e, key) - } - - return e.pubKey.N.Cmp(other.pubKey.N) == 0 && e.pubKey.E == other.pubKey.E -} - -func (e *EncryptionRsaPubKey) Raw() ([]byte, error) { - return x509.MarshalPKIXPublicKey(&e.pubKey) -} - -func (e *EncryptionRsaPubKey) Encrypt(data []byte) ([]byte, error) { - hash := sha512.New() - return rsa.EncryptOAEP(hash, rand.Reader, &e.pubKey, data, nil) -} - -func (e *EncryptionRsaPrivKey) Equals(key crypto.Key) bool { - other, ok := (key).(*EncryptionRsaPrivKey) - if !ok { - return keyEquals(e, key) - } - - return e.privKey.N.Cmp(other.privKey.N) == 0 && e.privKey.E == other.privKey.E -} - -func (e *EncryptionRsaPrivKey) Raw() ([]byte, error) { - b := x509.MarshalPKCS1PrivateKey(&e.privKey) - return b, nil -} - -func (e *EncryptionRsaPrivKey) Decrypt(bytes []byte) ([]byte, error) { - hash := sha512.New() - return rsa.DecryptOAEP(hash, rand.Reader, &e.privKey, bytes, nil) -} - -func (e *EncryptionRsaPrivKey) GetPublic() PubKey { - return &EncryptionRsaPubKey{pubKey: e.privKey.PublicKey} -} - -func GenerateRandomRSAKeyPair(bits int) (PrivKey, PubKey, error) { - return GenerateRSAKeyPair(bits, rand.Reader) -} - -func GenerateRSAKeyPair(bits int, src io.Reader) (PrivKey, PubKey, error) { - if bits < MinRsaKeyBits { - return nil, nil, ErrKeyLengthTooSmall - } - priv, err := rsa.GenerateKey(src, bits) - if err != nil { - return nil, nil, err - } - pk := priv.PublicKey - return &EncryptionRsaPrivKey{privKey: *priv}, &EncryptionRsaPubKey{pubKey: pk}, nil -} - -func DeriveRSAKePair(bits int, seed []byte) (PrivKey, PubKey, error) { - if bits < MinRsaKeyBits { - return nil, nil, ErrKeyLengthTooSmall - } - seed64 := xxhash.Sum64(seed) - priv, err := rsaGenerateMultiPrimeKey(mrand.New(mrand.NewSource(seed64)), 2, bits) - if err != nil { - return nil, nil, err - } - pk := priv.PublicKey - return &EncryptionRsaPrivKey{privKey: *priv}, &EncryptionRsaPubKey{pubKey: pk}, nil -} - -func NewEncryptionRsaPrivKeyFromBytes(bytes []byte) (PrivKey, error) { - sk, err := x509.ParsePKCS1PrivateKey(bytes) - if err != nil { - return nil, err - } - if sk.N.BitLen() < MinRsaKeyBits { - return nil, ErrKeyLengthTooSmall - } - return &EncryptionRsaPrivKey{privKey: *sk}, nil -} - -func NewEncryptionRsaPubKeyFromBytes(bytes []byte) (PubKey, error) { - pub, err := x509.ParsePKIXPublicKey(bytes) - if err != nil { - return nil, err - } - pk, ok := pub.(*rsa.PublicKey) - if !ok { - return nil, errors.New("not actually an rsa public key") - } - if pk.N.BitLen() < MinRsaKeyBits { - return nil, ErrKeyLengthTooSmall - } - - return &EncryptionRsaPubKey{pubKey: *pk}, nil -} - -func keyEquals(k1, k2 crypto.Key) bool { - a, err := k1.Raw() - if err != nil { - return false - } - b, err := k2.Raw() - if err != nil { - return false - } - return subtle.ConstantTimeCompare(a, b) == 1 -} - -// generateMultiPrimeKey is a copied original rsa.GenerateMultiPrimeKey but without randutil.MaybeReadByte calls -func rsaGenerateMultiPrimeKey(random io.Reader, nprimes int, bits int) (*rsa.PrivateKey, error) { - - priv := new(rsa.PrivateKey) - priv.E = 65537 - - if nprimes < 2 { - return nil, errors.New("crypto/rsa: GenerateMultiPrimeKey: nprimes must be >= 2") - } - - if bits < 64 { - primeLimit := float64(uint64(1) << uint(bits/nprimes)) - // pi approximates the number of primes less than primeLimit - pi := primeLimit / (math.Log(primeLimit) - 1) - // Generated primes start with 11 (in binary) so we can only - // use a quarter of them. - pi /= 4 - // Use a factor of two to ensure that key generation terminates - // in a reasonable amount of time. - pi /= 2 - if pi <= float64(nprimes) { - return nil, errors.New("crypto/rsa: too few primes of given length to generate an RSA key") - } - } - - primes := make([]*big.Int, nprimes) - -NextSetOfPrimes: - for { - todo := bits - // crypto/rand should set the top two bits in each prime. - // Thus each prime has the form - // p_i = 2^bitlen(p_i) × 0.11... (in base 2). - // And the product is: - // P = 2^todo × α - // where α is the product of nprimes numbers of the form 0.11... - // - // If α < 1/2 (which can happen for nprimes > 2), we need to - // shift todo to compensate for lost bits: the mean value of 0.11... - // is 7/8, so todo + shift - nprimes * log2(7/8) ~= bits - 1/2 - // will give good results. - if nprimes >= 7 { - todo += (nprimes - 2) / 5 - } - for i := 0; i < nprimes; i++ { - var err error - primes[i], err = randPrime(random, todo/(nprimes-i)) - if err != nil { - return nil, err - } - todo -= primes[i].BitLen() - } - - // Make sure that primes is pairwise unequal. - for i, prime := range primes { - for j := 0; j < i; j++ { - if prime.Cmp(primes[j]) == 0 { - continue NextSetOfPrimes - } - } - } - - n := new(big.Int).Set(bigOne) - totient := new(big.Int).Set(bigOne) - pminus1 := new(big.Int) - for _, prime := range primes { - n.Mul(n, prime) - pminus1.Sub(prime, bigOne) - totient.Mul(totient, pminus1) - } - if n.BitLen() != bits { - // This should never happen for nprimes == 2 because - // crypto/rand should set the top two bits in each prime. - // For nprimes > 2 we hope it does not happen often. - continue NextSetOfPrimes - } - - priv.D = new(big.Int) - e := big.NewInt(int64(priv.E)) - ok := priv.D.ModInverse(e, totient) - - if ok != nil { - priv.Primes = primes - priv.N = n - break - } - } - - priv.Precompute() - return priv, nil -} - -func randPrime(rand io.Reader, bits int) (*big.Int, error) { - if bits < 2 { - return nil, errors.New("crypto/rand: prime size must be at least 2-bit") - } - - b := uint(bits % 8) - if b == 0 { - b = 8 - } - - bytes := make([]byte, (bits+7)/8) - p := new(big.Int) - - for { - if _, err := io.ReadFull(rand, bytes); err != nil { - return nil, err - } - - // Clear bits in the first byte to make sure the candidate has a size <= bits. - bytes[0] &= uint8(int(1<= 2 { - bytes[0] |= 3 << (b - 2) - } else { - // Here b==1, because b cannot be zero. - bytes[0] |= 1 - if len(bytes) > 1 { - bytes[1] |= 0x80 - } - } - // Make the value odd since an even number this large certainly isn't prime. - bytes[len(bytes)-1] |= 1 - - p.SetBytes(bytes) - if p.ProbablyPrime(20) { - return p, nil - } - } -} diff --git a/util/keys/asymmetric/encryptionkey/rsa_test.go b/util/keys/asymmetric/encryptionkey/rsa_test.go deleted file mode 100644 index 55b2bfd8..00000000 --- a/util/keys/asymmetric/encryptionkey/rsa_test.go +++ /dev/null @@ -1,24 +0,0 @@ -package encryptionkey - -import ( - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "testing" -) - -func TestDeriveRSAKePair(t *testing.T) { - privKey1, _, err := DeriveRSAKePair(4096, []byte("test seed")) - require.NoError(t, err) - - privKey2, _, err := DeriveRSAKePair(4096, []byte("test seed")) - require.NoError(t, err) - data := []byte("test data") - - encryped, err := privKey1.GetPublic().Encrypt(data) - require.NoError(t, err) - - decrypted, err := privKey2.Decrypt(encryped) - require.NoError(t, err) - - assert.Equal(t, data, decrypted) -} diff --git a/util/keys/asymmetric/signingkey/edwards25519/ed25519.go b/util/keys/asymmetric/signingkey/edwards25519/ed25519.go deleted file mode 100644 index 12e8086a..00000000 --- a/util/keys/asymmetric/signingkey/edwards25519/ed25519.go +++ /dev/null @@ -1,53 +0,0 @@ -package edwards25519 - -import ( - "crypto/ed25519" - "crypto/sha512" - "filippo.io/edwards25519" - "golang.org/x/crypto/curve25519" -) - -// Ed25519PublicKeyToCurve25519 converts an Ed25519 public key to a Curve25519 public key -func Ed25519PublicKeyToCurve25519(pk ed25519.PublicKey) []byte { - // Unmarshalling public key into edwards curve point - epk, err := (&edwards25519.Point{}).SetBytes(pk) - if err != nil { - panic(err) - } - // converting to curve25519 (see here for more details https://github.com/golang/go/issues/20504) - return epk.BytesMontgomery() -} - -/* - * ISC License - * - * Copyright (c) 2013-2020 - * Frank Denis - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -// https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_sign/ed25519/ref10/keypair.c#L69-L83 - -// Ed25519PrivateKeyToCurve25519 converts an Ed25519 private key to a Curve25519 private key -func Ed25519PrivateKeyToCurve25519(pk ed25519.PrivateKey) []byte { - h := sha512.New() - h.Write(pk.Seed()) - out := h.Sum(nil) - - out[0] &= 248 - out[31] &= 127 - out[31] |= 64 - - return out[:curve25519.ScalarSize] -} diff --git a/util/keys/asymmetric/signingkey/signingkey.go b/util/keys/asymmetric/signingkey/signingkey.go deleted file mode 100644 index f284f87a..00000000 --- a/util/keys/asymmetric/signingkey/signingkey.go +++ /dev/null @@ -1,59 +0,0 @@ -package signingkey - -import ( - "crypto/ed25519" - "crypto/rand" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey/edwards25519" - "golang.org/x/crypto/blake2b" - "golang.org/x/crypto/nacl/box" -) - -type PrivKey interface { - //crypto.Key - - Sign([]byte) ([]byte, error) - GetPublic() PubKey -} - -type PubKey interface { - //crypto.Key - - Verify(data []byte, sig []byte) (bool, error) -} - -func EncryptWithEd25519(pk ed25519.PublicKey, msg []byte) []byte { - conv := edwards25519.Ed25519PublicKeyToCurve25519(pk) - return Encrypt((*[32]byte)(conv), msg) -} - -func DecryptWithEd25519(pub ed25519.PublicKey, priv ed25519.PrivateKey, msg []byte) []byte { - cPub := edwards25519.Ed25519PublicKeyToCurve25519(pub) - cPriv := edwards25519.Ed25519PrivateKeyToCurve25519(priv) - return Decrypt((*[32]byte)(cPriv), (*[32]byte)(cPub), msg) -} - -func Encrypt(pubKey *[32]byte, msg []byte) []byte { - var nonce [24]byte - epk, esk, _ := box.GenerateKey(rand.Reader) - nonceWriter, _ := blake2b.New(24, nil) - nonceSlice := nonceWriter.Sum(append(epk[:], pubKey[:]...)) - copy(nonce[:], nonceSlice) - - return box.Seal(epk[:], msg, &nonce, pubKey, esk) -} - -func Decrypt(privKey, pubKey *[32]byte, encrypted []byte) []byte { - var epk [32]byte - var nonce [24]byte - copy(epk[:], encrypted[:32]) - - nonceWriter, _ := blake2b.New(24, nil) - nonceSlice := nonceWriter.Sum(append(epk[:], pubKey[:]...)) - copy(nonce[:], nonceSlice) - - decrypted, ok := box.Open(nil, encrypted[32:], &nonce, &epk, privKey) - if !ok { - panic("Decryption error.") - } - return decrypted -} diff --git a/util/keys/asymmetric/signingkey/signingkey_test.go b/util/keys/asymmetric/signingkey/signingkey_test.go deleted file mode 100644 index e0a1d0ca..00000000 --- a/util/keys/asymmetric/signingkey/signingkey_test.go +++ /dev/null @@ -1,16 +0,0 @@ -package signingkey - -import ( - "crypto/ed25519" - "crypto/rand" - "fmt" - "testing" -) - -func Test(t *testing.T) { - pubKey, privKey, _ := ed25519.GenerateKey(rand.Reader) - msg := []byte("some stuffsafeesafujeaiofjoeai joaij fioaj iofaj oifaj foiajio fjao jo") - enc := EncryptWithEd25519(pubKey, msg) - dec := DecryptWithEd25519(pubKey, privKey, enc) - fmt.Println(string(enc), string(dec)) -} From 0243ec0fca9020641f01f7bf5425ce68792699be Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Sun, 26 Mar 2023 18:36:07 +0200 Subject: [PATCH 10/24] Fix objecttree tests --- commonspace/object/accountdata/accountdata.go | 22 +++++ commonspace/object/acl/list/aclstate.go | 3 - commonspace/object/acl/list/list_test.go | 89 ++----------------- commonspace/object/acl/list/listutils.go | 27 ++++++ commonspace/object/keychain/keychain.go | 29 ------ .../object/tree/objecttree/objecttree_test.go | 28 ++++-- commonspace/settings/settings.go | 10 +-- 7 files changed, 83 insertions(+), 125 deletions(-) create mode 100644 commonspace/object/acl/list/listutils.go delete mode 100644 commonspace/object/keychain/keychain.go diff --git a/commonspace/object/accountdata/accountdata.go b/commonspace/object/accountdata/accountdata.go index 841b9602..12d3f029 100644 --- a/commonspace/object/accountdata/accountdata.go +++ b/commonspace/object/accountdata/accountdata.go @@ -1,7 +1,9 @@ package accountdata import ( + "crypto/rand" "github.com/anytypeio/any-sync/util/crypto" + "github.com/anytypeio/any-sync/util/peer" ) type AccountKeys struct { @@ -9,3 +11,23 @@ type AccountKeys struct { SignKey crypto.PrivKey PeerId string } + +func NewRandom() (*AccountKeys, error) { + peerKey, _, err := crypto.GenerateEd25519Key(rand.Reader) + if err != nil { + return nil, err + } + signKey, _, err := crypto.GenerateEd25519Key(rand.Reader) + if err != nil { + return nil, err + } + peerId, err := peer.IdFromSigningPubKey(peerKey.GetPublic()) + if err != nil { + return nil, err + } + return &AccountKeys{ + PeerKey: peerKey, + SignKey: signKey, + PeerId: peerId.String(), + }, nil +} diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 8fff1a8b..84d1e80a 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -7,7 +7,6 @@ import ( "github.com/anytypeio/any-sync/app/logger" "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" - "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/util/crypto" "github.com/gogo/protobuf/proto" "go.uber.org/zap" @@ -48,8 +47,6 @@ type AclState struct { totalReadKeys int lastRecordId string - - keychain *keychain.Keychain } func newAclStateWithKeys( diff --git a/commonspace/object/acl/list/list_test.go b/commonspace/object/acl/list/list_test.go index 9e3cedfb..ec087c8a 100644 --- a/commonspace/object/acl/list/list_test.go +++ b/commonspace/object/acl/list/list_test.go @@ -1,87 +1,16 @@ package list import ( + "fmt" + "github.com/anytypeio/any-sync/commonspace/object/accountdata" + "github.com/stretchr/testify/require" "testing" ) -func TestAclList_AclState_UserInviteAndJoin(t *testing.T) { - //st, err := acllistbuilder.NewListStorageWithTestName("userjoinexample.yml") - //require.NoError(t, err, "building storage should not result in error") - // - //keychain := st.(*acllistbuilder.AclListStorageBuilder).GetKeychain() - // - //aclList, err := BuildAclList(st) - //require.NoError(t, err, "building acl list should be without error") - // - //idA := keychain.GetIdentity("A") - //idB := keychain.GetIdentity("B") - //idC := keychain.GetIdentity("C") - // - //// checking final state - //assert.Equal(t, aclrecordproto.AclUserPermissions_Admin, aclList.AclState().UserStates()[idA].Permissions) - //assert.Equal(t, aclrecordproto.AclUserPermissions_Writer, aclList.AclState().UserStates()[idB].Permissions) - //assert.Equal(t, aclrecordproto.AclUserPermissions_Reader, aclList.AclState().UserStates()[idC].Permissions) - //assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) - // - //var records []*AclRecord - //aclList.Iterate(func(record *AclRecord) (IsContinue bool) { - // records = append(records, record) - // return true - //}) - // - //// checking permissions at specific records - //assert.Equal(t, 3, len(records)) - // - //_, err = aclList.AclState().StateAtRecord(records[1].Id, idB) - //assert.Error(t, err, "B should have no permissions at record 1") - // - //perm, err := aclList.AclState().StateAtRecord(records[2].Id, idB) - //assert.NoError(t, err, "should have no error with permissions of B in the record 2") - //assert.Equal(t, UserPermissionPair{ - // Identity: idB, - // Permission: aclrecordproto.AclUserPermissions_Writer, - //}, perm) -} - -func TestAclList_AclState_UserJoinAndRemove(t *testing.T) { - //st, err := acllistbuilder.NewListStorageWithTestName("userremoveexample.yml") - //require.NoError(t, err, "building storage should not result in error") - // - //keychain := st.(*acllistbuilder.AclListStorageBuilder).GetKeychain() - // - //aclList, err := BuildAclList(st) - //require.NoError(t, err, "building acl list should be without error") - // - //idA := keychain.GetIdentity("A") - //idB := keychain.GetIdentity("B") - //idC := keychain.GetIdentity("C") - // - //// checking final state - //assert.Equal(t, aclrecordproto.AclUserPermissions_Admin, aclList.AclState().UserStates()[idA].Permissions) - //assert.Equal(t, aclrecordproto.AclUserPermissions_Reader, aclList.AclState().UserStates()[idC].Permissions) - //assert.Equal(t, aclList.Head().CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) - // - //_, exists := aclList.AclState().UserStates()[idB] - //assert.Equal(t, false, exists) - // - //var records []*AclRecord - //aclList.Iterate(func(record *AclRecord) (IsContinue bool) { - // records = append(records, record) - // return true - //}) - // - //// checking permissions at specific records - //assert.Equal(t, 4, len(records)) - // - //assert.NotEqual(t, records[2].CurrentReadKeyHash, aclList.AclState().CurrentReadKeyId()) - // - //perm, err := aclList.AclState().StateAtRecord(records[2].Id, idB) - //assert.NoError(t, err, "should have no error with permissions of B in the record 2") - //assert.Equal(t, UserPermissionPair{ - // Identity: idB, - // Permission: aclrecordproto.AclUserPermissions_Writer, - //}, perm) - // - //_, err = aclList.AclState().StateAtRecord(records[3].Id, idB) - //assert.Error(t, err, "B should have no permissions at record 3, because user should be removed") +func TestAclList_BuildRoot(t *testing.T) { + randomKeys, err := accountdata.NewRandom() + require.NoError(t, err) + randomAcl, err := NewTestDerivedAcl("spaceId", randomKeys) + require.NoError(t, err) + fmt.Println(randomAcl.Id()) } diff --git a/commonspace/object/acl/list/listutils.go b/commonspace/object/acl/list/listutils.go new file mode 100644 index 00000000..e9a92553 --- /dev/null +++ b/commonspace/object/acl/list/listutils.go @@ -0,0 +1,27 @@ +package list + +import ( + "github.com/anytypeio/any-sync/commonspace/object/accountdata" + "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" + "github.com/anytypeio/any-sync/commonspace/object/acl/liststorage" + "github.com/anytypeio/any-sync/util/crypto" +) + +func NewTestDerivedAcl(spaceId string, keys *accountdata.AccountKeys) (AclList, error) { + builder := NewAclRecordBuilder("", crypto.NewKeyStorage()) + root, err := builder.BuildRoot(RootContent{ + PrivKey: keys.SignKey, + SpaceId: spaceId, + DerivationPath: crypto.AnytypeAccountPath, + }) + if err != nil { + return nil, err + } + st, err := liststorage.NewInMemoryAclListStorage(root.Id, []*aclrecordproto.RawAclRecordWithId{ + root, + }) + if err != nil { + return nil, err + } + return BuildAclListWithIdentity(keys, st) +} diff --git a/commonspace/object/keychain/keychain.go b/commonspace/object/keychain/keychain.go deleted file mode 100644 index 1cedbf31..00000000 --- a/commonspace/object/keychain/keychain.go +++ /dev/null @@ -1,29 +0,0 @@ -package keychain - -import ( - "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/keys/asymmetric/signingkey" -) - -type Keychain struct { - keys map[string]signingkey.PubKey -} - -func NewKeychain() *Keychain { - return &Keychain{ - keys: make(map[string]signingkey.PubKey), - } -} - -func (k *Keychain) GetOrAdd(identity string) (signingkey.PubKey, error) { - if key, exists := k.keys[identity]; exists { - return key, nil - } - res, err := crypto.NewSigningEd25519PubKeyFromBytes([]byte(identity)) - if err != nil { - return nil, err - } - - k.keys[identity] = res.(signingkey.PubKey) - return res.(signingkey.PubKey), nil -} diff --git a/commonspace/object/tree/objecttree/objecttree_test.go b/commonspace/object/tree/objecttree/objecttree_test.go index ee8989e9..dbb31321 100644 --- a/commonspace/object/tree/objecttree/objecttree_test.go +++ b/commonspace/object/tree/objecttree/objecttree_test.go @@ -2,15 +2,30 @@ package objecttree import ( "context" + "crypto/rand" + "github.com/anytypeio/any-sync/commonspace/object/accountdata" "github.com/anytypeio/any-sync/commonspace/object/acl/list" - "github.com/anytypeio/any-sync/commonspace/object/acl/testutils/acllistbuilder" "github.com/anytypeio/any-sync/commonspace/object/tree/treechangeproto" "github.com/anytypeio/any-sync/commonspace/object/tree/treestorage" + "github.com/anytypeio/any-sync/util/crypto" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "testing" ) +type mockKeyStorage struct { + key crypto.PubKey +} + +func newKeyStorage() mockKeyStorage { + _, pk, _ := crypto.GenerateEd25519Key(rand.Reader) + return mockKeyStorage{pk} +} + +func (m mockKeyStorage) PubKeyFromProto(protoBytes []byte) (crypto.PubKey, error) { + return m.key, nil +} + type mockChangeCreator struct{} func (c *mockChangeCreator) createRoot(id, aclId string) *treechangeproto.RawTreeChangeWithId { @@ -68,10 +83,9 @@ type testTreeContext struct { } func prepareAclList(t *testing.T) list.AclList { - st, err := acllistbuilder.NewListStorageWithTestName("userjoinexample.yml") - require.NoError(t, err, "building storage should not result in error") - - aclList, err := list.BuildAclList(st) + randKeys, err := accountdata.NewRandom() + require.NoError(t, err) + aclList, err := list.NewTestDerivedAcl("spaceId", randKeys) require.NoError(t, err, "building acl list should be without error") return aclList @@ -82,7 +96,7 @@ func prepareTreeDeps(aclList list.AclList) (*mockChangeCreator, objectTreeDeps) treeStorage := changeCreator.createNewTreeStorage("0", aclList.Head().Id) root, _ := treeStorage.Root() changeBuilder := &nonVerifiableChangeBuilder{ - ChangeBuilder: NewChangeBuilder(nil, root), + ChangeBuilder: NewChangeBuilder(newKeyStorage(), root), } deps := objectTreeDeps{ changeBuilder: changeBuilder, @@ -100,7 +114,7 @@ func prepareTreeContext(t *testing.T, aclList list.AclList) testTreeContext { treeStorage := changeCreator.createNewTreeStorage("0", aclList.Head().Id) root, _ := treeStorage.Root() changeBuilder := &nonVerifiableChangeBuilder{ - ChangeBuilder: NewChangeBuilder(nil, root), + ChangeBuilder: NewChangeBuilder(newKeyStorage(), root), } deps := objectTreeDeps{ changeBuilder: changeBuilder, diff --git a/commonspace/settings/settings.go b/commonspace/settings/settings.go index 453df055..42bd88ed 100644 --- a/commonspace/settings/settings.go +++ b/commonspace/settings/settings.go @@ -5,10 +5,10 @@ import ( "context" "errors" "fmt" + "github.com/anytypeio/any-sync/util/crypto" "github.com/anytypeio/any-sync/accountservice" "github.com/anytypeio/any-sync/app/logger" - "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/commonspace/object/tree/objecttree" "github.com/anytypeio/any-sync/commonspace/object/tree/synctree" "github.com/anytypeio/any-sync/commonspace/object/tree/synctree/updatelistener" @@ -207,7 +207,6 @@ func (s *settingsObject) SpaceDeleteRawChange() (raw *treechangeproto.RawTreeCha return s.PrepareChange(objecttree.SignableChangeContent{ Data: data, Key: accountData.SignKey, - Identity: accountData.Identity, IsSnapshot: false, IsEncrypted: false, }) @@ -252,7 +251,6 @@ func (s *settingsObject) addContent(data []byte) (err error) { _, err = s.AddContent(context.Background(), objecttree.SignableChangeContent{ Data: data, Key: accountData.SignKey, - Identity: accountData.Identity, IsSnapshot: false, IsEncrypted: false, }) @@ -264,13 +262,13 @@ func (s *settingsObject) addContent(data []byte) (err error) { return } -func VerifyDeleteChange(raw *treechangeproto.RawTreeChangeWithId, identity []byte, peerId string) (err error) { - changeBuilder := objecttree.NewChangeBuilder(keychain.NewKeychain(), nil) +func VerifyDeleteChange(raw *treechangeproto.RawTreeChangeWithId, identity crypto.PubKey, peerId string) (err error) { + changeBuilder := objecttree.NewChangeBuilder(crypto.NewKeyStorage(), nil) res, err := changeBuilder.Unmarshall(raw, true) if err != nil { return } - if res.Identity != string(identity) { + if !res.Identity.Equals(identity) { return fmt.Errorf("incorrect identity") } return verifyDeleteContent(res.Data, peerId) From 2d977ed5355a8897dc53131f7665b4b8080d7a0f Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Sun, 26 Mar 2023 18:47:35 +0200 Subject: [PATCH 11/24] Fix tests --- accountservice/accountservice.go | 7 +++---- .../object/acl/list/mock_list/mock_list.go | 15 +++++++++++++++ commonspace/object/tree/exporter/treeexporter.go | 6 +++--- commonspace/settings/settings_test.go | 10 ++-------- net/timeoutconn/conn.go | 1 - 5 files changed, 23 insertions(+), 16 deletions(-) diff --git a/accountservice/accountservice.go b/accountservice/accountservice.go index 0c3c0bf0..c15364f3 100644 --- a/accountservice/accountservice.go +++ b/accountservice/accountservice.go @@ -14,10 +14,9 @@ type Service interface { } type Config struct { - PeerId string `yaml:"peerId"` - PeerKey string `yaml:"peerKey"` - SigningKey string `yaml:"signingKey"` - EncryptionKey string `yaml:"encryptionKey"` + PeerId string `yaml:"peerId"` + PeerKey string `yaml:"peerKey"` + SigningKey string `yaml:"signingKey"` } type ConfigGetter interface { diff --git a/commonspace/object/acl/list/mock_list/mock_list.go b/commonspace/object/acl/list/mock_list/mock_list.go index 378792fe..3d3163d9 100644 --- a/commonspace/object/acl/list/mock_list/mock_list.go +++ b/commonspace/object/acl/list/mock_list/mock_list.go @@ -9,6 +9,7 @@ import ( aclrecordproto "github.com/anytypeio/any-sync/commonspace/object/acl/aclrecordproto" list "github.com/anytypeio/any-sync/commonspace/object/acl/list" + crypto "github.com/anytypeio/any-sync/util/crypto" gomock "github.com/golang/mock/gomock" ) @@ -160,6 +161,20 @@ func (mr *MockAclListMockRecorder) IterateFrom(arg0, arg1 interface{}) *gomock.C return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IterateFrom", reflect.TypeOf((*MockAclList)(nil).IterateFrom), arg0, arg1) } +// KeyStorage mocks base method. +func (m *MockAclList) KeyStorage() crypto.KeyStorage { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "KeyStorage") + ret0, _ := ret[0].(crypto.KeyStorage) + return ret0 +} + +// KeyStorage indicates an expected call of KeyStorage. +func (mr *MockAclListMockRecorder) KeyStorage() *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "KeyStorage", reflect.TypeOf((*MockAclList)(nil).KeyStorage)) +} + // Lock mocks base method. func (m *MockAclList) Lock() { m.ctrl.T.Helper() diff --git a/commonspace/object/tree/exporter/treeexporter.go b/commonspace/object/tree/exporter/treeexporter.go index fe77fb26..459d6c75 100644 --- a/commonspace/object/tree/exporter/treeexporter.go +++ b/commonspace/object/tree/exporter/treeexporter.go @@ -2,10 +2,10 @@ package exporter import ( "github.com/anytypeio/any-sync/commonspace/object/acl/liststorage" - "github.com/anytypeio/any-sync/commonspace/object/keychain" "github.com/anytypeio/any-sync/commonspace/object/tree/objecttree" "github.com/anytypeio/any-sync/commonspace/object/tree/treechangeproto" "github.com/anytypeio/any-sync/commonspace/object/tree/treestorage" + "github.com/anytypeio/any-sync/util/crypto" ) type DataConverter interface { @@ -48,7 +48,7 @@ func (t *treeExporter) ExportUnencrypted(tree objecttree.ReadableObjectTree) (er if err != nil { return } - changeBuilder := objecttree.NewChangeBuilder(keychain.NewKeychain(), tree.Header()) + changeBuilder := objecttree.NewChangeBuilder(crypto.NewKeyStorage(), tree.Header()) putStorage := func(change *objecttree.Change) (err error) { var raw *treechangeproto.RawTreeChangeWithId raw, err = changeBuilder.Marshall(change) @@ -68,7 +68,7 @@ func (t *treeExporter) ExportUnencrypted(tree objecttree.ReadableObjectTree) (er return false } // that means that change is unencrypted - change.ReadKeyId = 0 + change.ReadKeyId = "" change.Data = data err = putStorage(change) return err == nil diff --git a/commonspace/settings/settings_test.go b/commonspace/settings/settings_test.go index c3a89c19..1526b1f4 100644 --- a/commonspace/settings/settings_test.go +++ b/commonspace/settings/settings_test.go @@ -14,7 +14,6 @@ import ( "github.com/anytypeio/any-sync/commonspace/settings/settingsstate" "github.com/anytypeio/any-sync/commonspace/settings/settingsstate/mock_settingsstate" "github.com/anytypeio/any-sync/commonspace/spacestorage/mock_spacestorage" - "github.com/anytypeio/any-sync/util/crypto" "github.com/golang/mock/gomock" "github.com/stretchr/testify/require" "sync" @@ -146,17 +145,12 @@ func TestSettingsObject_DeleteObject(t *testing.T) { fx.doc.state = &settingsstate.State{LastIteratedId: "someId"} fx.changeFactory.EXPECT().CreateObjectDeleteChange(delId, fx.doc.state, false).Return(res, nil) - accountData := &accountdata.AccountKeys{ - Identity: []byte("id"), - PeerKey: nil, - SignKey: &crypto.Ed25519PrivKey{}, - EncKey: nil, - } + accountData, err := accountdata.NewRandom() + require.NoError(t, err) fx.account.EXPECT().Account().Return(accountData) fx.syncTree.EXPECT().AddContent(gomock.Any(), objecttree.SignableChangeContent{ Data: res, Key: accountData.SignKey, - Identity: accountData.Identity, IsSnapshot: false, IsEncrypted: false, }).Return(objecttree.AddResult{}, nil) diff --git a/net/timeoutconn/conn.go b/net/timeoutconn/conn.go index 62917dbc..28d13495 100644 --- a/net/timeoutconn/conn.go +++ b/net/timeoutconn/conn.go @@ -27,7 +27,6 @@ func (c *Conn) Write(p []byte) (n int, err error) { if e := c.Conn.SetWriteDeadline(time.Now().Add(c.timeout)); e != nil { log.Warn("can't set write deadline", zap.String("remoteAddr", c.RemoteAddr().String())) } - } nn, err := c.Conn.Write(p[n:]) n += nn From 58cc732f3a159f3d645407d71be2244e9d667be7 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 27 Mar 2023 01:34:51 +0200 Subject: [PATCH 12/24] Add mnemonic --- go.mod | 16 ++++---- go.sum | 13 ++---- util/crypto/derived.go | 10 ++++- util/crypto/mnemonic.go | 90 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 109 insertions(+), 20 deletions(-) create mode 100644 util/crypto/mnemonic.go diff --git a/go.mod b/go.mod index 58598953..769f49a0 100644 --- a/go.mod +++ b/go.mod @@ -3,11 +3,12 @@ module github.com/anytypeio/any-sync go 1.19 require ( + filippo.io/edwards25519 v1.0.0 github.com/anytypeio/go-chash v0.0.2 - github.com/awalterschulze/gographviz v2.0.3+incompatible + github.com/anytypeio/go-slip10 v0.0.0-20200330112030-a352ca8495e4 + github.com/anytypeio/go-slip21 v0.0.0-20200218204727-e2e51e20ab51 github.com/cespare/xxhash v1.1.0 github.com/cheggaaa/mb/v3 v3.0.1 - github.com/ethereum/go-ethereum v1.11.5 github.com/gobwas/glob v0.2.3 github.com/goccy/go-graphviz v0.1.0 github.com/gogo/protobuf v1.3.2 @@ -23,28 +24,25 @@ require ( github.com/ipfs/go-merkledag v0.10.0 github.com/ipfs/go-unixfs v0.4.4 github.com/libp2p/go-libp2p v0.24.1 - github.com/minio/sha256-simd v1.0.0 github.com/mr-tron/base58 v1.2.0 github.com/multiformats/go-multibase v0.2.0 github.com/multiformats/go-multihash v0.2.1 github.com/prometheus/client_golang v1.14.0 github.com/stretchr/testify v1.8.2 + github.com/tyler-smith/go-bip39 v1.1.0 github.com/zeebo/blake3 v0.2.3 github.com/zeebo/errs v1.3.0 go.uber.org/zap v1.24.0 + golang.org/x/crypto v0.4.0 golang.org/x/exp v0.0.0-20230206171751-46f607a40771 golang.org/x/net v0.8.0 gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 - gopkg.in/yaml.v3 v3.0.1 storj.io/drpc v0.0.32 ) require ( - filippo.io/edwards25519 v1.0.0 // indirect github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a // indirect - github.com/anytypeio/go-slip21 v0.0.0-20200218204727-e2e51e20ab51 // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/btcsuite/btcd/btcec/v2 v2.2.0 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/crackcomm/go-gitignore v0.0.0-20170627025303-887ab5e44cc3 // indirect github.com/davecgh/go-spew v1.1.1 // indirect @@ -57,7 +55,6 @@ require ( github.com/golang/protobuf v1.5.2 // indirect github.com/google/uuid v1.3.0 // indirect github.com/hashicorp/golang-lru v0.5.4 // indirect - github.com/holiman/uint256 v1.2.0 // indirect github.com/ipfs/bbloom v0.0.4 // indirect github.com/ipfs/go-bitfield v1.1.0 // indirect github.com/ipfs/go-datastore v0.6.0 // indirect @@ -81,6 +78,7 @@ require ( github.com/mattn/go-isatty v0.0.17 // indirect github.com/mattn/go-pointer v0.0.1 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/minio/sha256-simd v1.0.0 // indirect github.com/multiformats/go-base32 v0.1.0 // indirect github.com/multiformats/go-base36 v0.2.0 // indirect github.com/multiformats/go-multiaddr v0.8.0 // indirect @@ -102,11 +100,11 @@ require ( go.opentelemetry.io/otel/trace v1.11.2 // indirect go.uber.org/atomic v1.10.0 // indirect go.uber.org/multierr v1.9.0 // indirect - golang.org/x/crypto v0.4.0 // indirect golang.org/x/image v0.0.0-20200119044424-58c23975cae1 // indirect golang.org/x/sync v0.1.0 // indirect golang.org/x/sys v0.6.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/protobuf v1.28.1 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect lukechampine.com/blake3 v1.1.7 // indirect ) diff --git a/go.sum b/go.sum index 242ad87b..139e873d 100644 --- a/go.sum +++ b/go.sum @@ -7,17 +7,14 @@ github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a h1:E/8AP5dFtMhl5K github.com/alecthomas/units v0.0.0-20210927113745-59d0afb8317a/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= github.com/anytypeio/go-chash v0.0.2 h1:BSpyMC3HXNkf2eosQrHM4svov0DrvxL9tb4gnHbdmbA= github.com/anytypeio/go-chash v0.0.2/go.mod h1:G+R6q7jYgNa52NqcRhnNm28pogfWW+cuHtgBktrc2QA= +github.com/anytypeio/go-slip10 v0.0.0-20200330112030-a352ca8495e4 h1:jB5Ke7NVoW52i65PtLFBr5Q5k6RskIY8L70pgnBcnWo= +github.com/anytypeio/go-slip10 v0.0.0-20200330112030-a352ca8495e4/go.mod h1:/8GIEJBE5wmdgcE49JPdupnHNUf7bEn6C+aArfWqvw8= github.com/anytypeio/go-slip21 v0.0.0-20200218204727-e2e51e20ab51 h1:3Y+18zBC8LZgcL3l2dgoTEIzIUzCZa/kN0UV3ZWpbuA= github.com/anytypeio/go-slip21 v0.0.0-20200218204727-e2e51e20ab51/go.mod h1:SoKy+W8Mf6v7XBV30xFWkIFMs7UnXwsNGrGV12yVkEs= -github.com/awalterschulze/gographviz v2.0.3+incompatible h1:9sVEXJBJLwGX7EQVhLm2elIKCm7P2YHFC8v6096G09E= -github.com/awalterschulze/gographviz v2.0.3+incompatible/go.mod h1:GEV5wmg4YquNw7v1kkyoX9etIk8yVmXj+AkDHuuETHs= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/btcsuite/btcd/btcec/v2 v2.2.0 h1:fzn1qaOt32TuLjFlkzYSsBC35Q3KUjT1SwPxiMSCF5k= -github.com/btcsuite/btcd/btcec/v2 v2.2.0/go.mod h1:U7MHm051Al6XmscBQ0BoNydpOTsFAn707034b5nY8zU= -github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1 h1:q0rUy8C/TYNBQS1+CGKw68tLOFYSNEs0TFnxxnS9+4U= github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= @@ -38,8 +35,6 @@ github.com/davidlazar/go-crypto v0.0.0-20200604182044-b73af7476f6c/go.mod h1:6Uh github.com/decred/dcrd/crypto/blake256 v1.0.0 h1:/8DMNYp9SGi5f0w7uCm6d6M4OU2rGFK09Y2A4Xv7EE0= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0 h1:HbphB4TFFXpv7MNrT52FGrrgVXF1owhMVTHFZIlnvd4= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0/go.mod h1:DZGJHZMqrU4JJqFAWUS2UO1+lbSKsdiOoYi9Zzey7Fc= -github.com/ethereum/go-ethereum v1.11.5 h1:3M1uan+LAUvdn+7wCEFrcMM4LJTeuxDrPTg/f31a5QQ= -github.com/ethereum/go-ethereum v1.11.5/go.mod h1:it7x0DWnTDMfVFdXcU6Ti4KEFQynLHVRarcSlPr0HBo= github.com/fogleman/gg v1.3.0 h1:/7zJX8F6AaYQc57WQCyN9cAIz+4bCJGO9B+dyW29am8= github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= @@ -81,8 +76,6 @@ github.com/gxed/hashland/keccakpg v0.0.1/go.mod h1:kRzw3HkwxFU1mpmPP8v1WyQzwdGfm github.com/gxed/hashland/murmur3 v0.0.1/go.mod h1:KjXop02n4/ckmZSnY2+HKcLud/tcmvhST0bie/0lS48= github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= -github.com/holiman/uint256 v1.2.0 h1:gpSYcPLWGv4sG43I2mVLiDZCNDh/EpGjSk8tmtxitHM= -github.com/holiman/uint256 v1.2.0/go.mod h1:y4ga/t+u+Xwd7CpDgZESaRcWy0I7XMlTMA25ApIH5Jw= github.com/huandu/go-assert v1.1.5 h1:fjemmA7sSfYHJD7CUqs9qTwwfdNAx7/j2/ZlHXzNB3c= github.com/huandu/go-assert v1.1.5/go.mod h1:yOLvuqZwmcHIC5rIzrBhT7D3Q9c3GFnd0JrPVhn/06U= github.com/huandu/skiplist v1.2.0 h1:gox56QD77HzSC0w+Ws3MH3iie755GBJU1OER3h5VsYw= @@ -300,6 +293,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/tyler-smith/go-bip39 v1.1.0 h1:5eUemwrMargf3BSLRRCalXT93Ns6pQJIjYQN2nyfOP8= +github.com/tyler-smith/go-bip39 v1.1.0/go.mod h1:gUYDtqQw1JS3ZJ8UWVcGTGqqr6YIN3CWg+kkNaLt55U= github.com/urfave/cli v1.22.10/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/warpfork/go-testmark v0.11.0 h1:J6LnV8KpceDvo7spaNU4+DauH2n1x+6RaO2rJrmpQ9U= github.com/warpfork/go-wish v0.0.0-20180510122957-5ad1f5abf436/go.mod h1:x6AKhvSSexNrVSrViXSHUEbICjmGXhtgABaHIySUSGw= diff --git a/util/crypto/derived.go b/util/crypto/derived.go index 1c3dbe93..62851296 100644 --- a/util/crypto/derived.go +++ b/util/crypto/derived.go @@ -1,9 +1,15 @@ package crypto -import "github.com/anytypeio/go-slip21" +import ( + "github.com/anytypeio/go-slip21" +) -const AnytypeAccountPath = "m/SLIP-0021/anytype/account" +const ( + AnytypeAccountPath = "m/SLIP-0021/anytype/account" + AnytypeAccountPrefix = "m/44'/607'" +) +// DeriveSymmetricKey derives a symmetric key from seed and path using slip-21 func DeriveSymmetricKey(seed []byte, path string) (SymKey, error) { master, err := slip21.DeriveForPath(path, seed) if err != nil { diff --git a/util/crypto/mnemonic.go b/util/crypto/mnemonic.go new file mode 100644 index 00000000..4f184bfb --- /dev/null +++ b/util/crypto/mnemonic.go @@ -0,0 +1,90 @@ +package crypto + +import ( + "bytes" + "errors" + "github.com/anytypeio/go-slip10" + "github.com/tyler-smith/go-bip39" +) + +var ( + ErrInvalidWordCount = errors.New("error invalid word count for mnemonic") + ErrInvalidMnemonic = errors.New("error invalid mnemonic") +) + +type MnemonicGenerator struct { + mnemonic string +} + +func NewMnemonicGenerator() MnemonicGenerator { + return MnemonicGenerator{} +} + +type Mnemonic string + +func (g *MnemonicGenerator) WithWordCount(wc int) (Mnemonic, error) { + size := 0 + switch wc { + case 12: + size = 128 + case 15: + size = 160 + case 18: + size = 192 + case 21: + size = 224 + case 24: + size = 256 + default: + return "", ErrInvalidWordCount + } + return g.WithWordCount(size) +} + +func (g *MnemonicGenerator) WithRandomEntropy(size int) (Mnemonic, error) { + entropy, err := bip39.NewEntropy(size) + if err != nil { + return "", err + } + mnemonic, err := bip39.NewMnemonic(entropy) + if err != nil { + return "", err + } + return Mnemonic(mnemonic), nil +} + +func (g *MnemonicGenerator) WithEntropy(b []byte) (Mnemonic, error) { + mnemonic, err := bip39.NewMnemonic(b) + if err != nil { + return "", err + } + return Mnemonic(mnemonic), nil +} + +func (m Mnemonic) DeriveEd25519Key(index int) (PrivKey, error) { + seed, err := bip39.NewSeedWithErrorChecking(string(m), "") + if err != nil { + if err == bip39.ErrInvalidMnemonic { + return nil, ErrInvalidMnemonic + } + return nil, err + } + masterKey, err := slip10.DeriveForPath(AnytypeAccountPrefix, seed) + if err != nil { + return nil, err + } + + key, err := masterKey.Derive(slip10.FirstHardenedIndex + uint32(index)) + if err != nil { + return nil, err + } + + reader := bytes.NewReader(key.RawSeed()) + privKey, _, err := GenerateEd25519Key(reader) + + return privKey, err +} + +func (m Mnemonic) Bytes() ([]byte, error) { + return bip39.MnemonicToByteArray(string(m), true) +} From cdfb88d6a83cd3ee64d5569682f5b64f441a9a87 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 27 Mar 2023 01:55:33 +0200 Subject: [PATCH 13/24] Add decoders --- commonspace/object/acl/list/aclstate.go | 2 +- util/crypto/{encoder.go => decode.go} | 27 +++++++++++++++++++++++++ util/crypto/ed25519.go | 2 +- util/crypto/key.go | 4 ++-- 4 files changed, 31 insertions(+), 4 deletions(-) rename util/crypto/{encoder.go => decode.go} (50%) diff --git a/commonspace/object/acl/list/aclstate.go b/commonspace/object/acl/list/aclstate.go index 84d1e80a..c1ab749e 100644 --- a/commonspace/object/acl/list/aclstate.go +++ b/commonspace/object/acl/list/aclstate.go @@ -209,7 +209,7 @@ func (st *AclState) applyChangeData(record *AclRecord) (err error) { // only Admins can do non-user join changes if !st.HasPermission(record.Identity, aclrecordproto.AclUserPermissions_Admin) { // TODO: add string encoding - err = fmt.Errorf("user %s must have admin permissions", record.Identity.String()) + err = fmt.Errorf("user %s must have admin permissions", record.Identity.Account()) return } } diff --git a/util/crypto/encoder.go b/util/crypto/decode.go similarity index 50% rename from util/crypto/encoder.go rename to util/crypto/decode.go index 64432dee..91535849 100644 --- a/util/crypto/encoder.go +++ b/util/crypto/decode.go @@ -2,6 +2,8 @@ package crypto import ( "encoding/base64" + "github.com/anytypeio/any-sync/util/strkey" + "github.com/libp2p/go-libp2p/core/peer" ) func EncodeKeyToString[T Key](key T) (str string, err error) { @@ -28,3 +30,28 @@ func DecodeKeyFromString[T Key](str string, construct func([]byte) (T, error), d func DecodeBytesFromString(str string) (bytes []byte, err error) { return base64.StdEncoding.DecodeString(str) } + +func DecodeAccountAddress(address string) (PubKey, error) { + pubKeyRaw, err := strkey.Decode(strkey.AccountAddressVersionByte, address) + if err != nil { + return nil, err + } + return UnmarshalEd25519PublicKey(pubKeyRaw) +} + +func DecodePeerId(peerId string) (PubKey, error) { + decoded, err := peer.Decode(peerId) + if err != nil { + return nil, err + } + + pk, err := decoded.ExtractPublicKey() + if err != nil { + return nil, err + } + raw, err := pk.Raw() + if err != nil { + return nil, err + } + return UnmarshalEd25519PublicKey(raw) +} diff --git a/util/crypto/ed25519.go b/util/crypto/ed25519.go index faa64a40..608da2f5 100644 --- a/util/crypto/ed25519.go +++ b/util/crypto/ed25519.go @@ -132,7 +132,7 @@ func (k *Ed25519PrivKey) LibP2P() (crypto.PrivKey, error) { } // String returns string representation of key -func (k *Ed25519PubKey) String() string { +func (k *Ed25519PubKey) Account() string { res, _ := strkey.Encode(strkey.AccountAddressVersionByte, k.pubKey) return res } diff --git a/util/crypto/key.go b/util/crypto/key.go index 969a773f..10f08875 100644 --- a/util/crypto/key.go +++ b/util/crypto/key.go @@ -43,8 +43,8 @@ type PubKey interface { Marshall() ([]byte, error) // Storage returns underlying key storage Storage() []byte - // String returns string representation - String() string + // Account returns string representation + Account() string // LibP2P returns libp2p model LibP2P() (crypto.PubKey, error) } From 503c4f339f4fd6bf0c102f3688bb736722d11320 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 27 Mar 2023 01:57:49 +0200 Subject: [PATCH 14/24] Remove pointer methods --- util/crypto/mnemonic.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/util/crypto/mnemonic.go b/util/crypto/mnemonic.go index 4f184bfb..9f55f6b8 100644 --- a/util/crypto/mnemonic.go +++ b/util/crypto/mnemonic.go @@ -22,7 +22,7 @@ func NewMnemonicGenerator() MnemonicGenerator { type Mnemonic string -func (g *MnemonicGenerator) WithWordCount(wc int) (Mnemonic, error) { +func (g MnemonicGenerator) WithWordCount(wc int) (Mnemonic, error) { size := 0 switch wc { case 12: @@ -41,7 +41,7 @@ func (g *MnemonicGenerator) WithWordCount(wc int) (Mnemonic, error) { return g.WithWordCount(size) } -func (g *MnemonicGenerator) WithRandomEntropy(size int) (Mnemonic, error) { +func (g MnemonicGenerator) WithRandomEntropy(size int) (Mnemonic, error) { entropy, err := bip39.NewEntropy(size) if err != nil { return "", err @@ -53,7 +53,7 @@ func (g *MnemonicGenerator) WithRandomEntropy(size int) (Mnemonic, error) { return Mnemonic(mnemonic), nil } -func (g *MnemonicGenerator) WithEntropy(b []byte) (Mnemonic, error) { +func (g MnemonicGenerator) WithEntropy(b []byte) (Mnemonic, error) { mnemonic, err := bip39.NewMnemonic(b) if err != nil { return "", err From 3d017d1e0c51eb27fa818f181f76d5274c70d418 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 27 Mar 2023 13:01:35 +0200 Subject: [PATCH 15/24] Add individual key derivation for trees --- commonspace/object/tree/objecttree/historytree.go | 6 +++++- commonspace/object/tree/objecttree/objecttree.go | 6 +++++- commonspace/object/tree/objecttree/util.go | 13 +++++++++++++ util/crypto/derived.go | 1 + 4 files changed, 24 insertions(+), 2 deletions(-) diff --git a/commonspace/object/tree/objecttree/historytree.go b/commonspace/object/tree/objecttree/historytree.go index c81143fc..e8de9520 100644 --- a/commonspace/object/tree/objecttree/historytree.go +++ b/commonspace/object/tree/objecttree/historytree.go @@ -45,7 +45,11 @@ func (h *historyTree) rebuildFromStorage(beforeId string, include bool) (err err if len(ot.keys) != len(state.UserReadKeys()) { for key, value := range state.UserReadKeys() { - ot.keys[key] = value + treeKey, err := deriveTreeKey(value, h.id) + if err != nil { + return err + } + ot.keys[key] = treeKey } } return diff --git a/commonspace/object/tree/objecttree/objecttree.go b/commonspace/object/tree/objecttree/objecttree.go index a1129375..7ba9c2e5 100644 --- a/commonspace/object/tree/objecttree/objecttree.go +++ b/commonspace/object/tree/objecttree/objecttree.go @@ -640,7 +640,11 @@ func (ot *objectTree) validateTree(newChanges []*Change) error { // just not to take lock many times, updating the key map from aclList if len(ot.keys) != len(state.UserReadKeys()) { for key, value := range state.UserReadKeys() { - ot.keys[key] = value + treeKey, err := deriveTreeKey(value, ot.id) + if err != nil { + return err + } + ot.keys[key] = treeKey } } if len(newChanges) == 0 { diff --git a/commonspace/object/tree/objecttree/util.go b/commonspace/object/tree/objecttree/util.go index ad577194..2e960233 100644 --- a/commonspace/object/tree/objecttree/util.go +++ b/commonspace/object/tree/objecttree/util.go @@ -1,5 +1,10 @@ package objecttree +import ( + "fmt" + "github.com/anytypeio/any-sync/util/crypto" +) + func commonSnapshotForTwoPaths(ourPath []string, theirPath []string) (string, error) { var i int var j int @@ -27,3 +32,11 @@ OuterLoop: } return ourPath[i+1], nil } + +func deriveTreeKey(key crypto.SymKey, cid string) (crypto.SymKey, error) { + raw, err := key.Raw() + if err != nil { + return nil, err + } + return crypto.DeriveSymmetricKey(raw, fmt.Sprintf(crypto.AnysyncTreePath, cid)) +} diff --git a/util/crypto/derived.go b/util/crypto/derived.go index 62851296..596e4560 100644 --- a/util/crypto/derived.go +++ b/util/crypto/derived.go @@ -6,6 +6,7 @@ import ( const ( AnytypeAccountPath = "m/SLIP-0021/anytype/account" + AnysyncTreePath = "m/SLIP-0021/anysync/tree/%s" AnytypeAccountPrefix = "m/44'/607'" ) From 2225aca40f46b6fe05cf82f178f00922e699c8fa Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 27 Mar 2023 16:03:58 +0200 Subject: [PATCH 16/24] Add marshalling of private key --- util/crypto/ed25519.go | 21 +++++++++++++++++++++ util/crypto/key.go | 2 ++ 2 files changed, 23 insertions(+) diff --git a/util/crypto/ed25519.go b/util/crypto/ed25519.go index 608da2f5..b520bfcd 100644 --- a/util/crypto/ed25519.go +++ b/util/crypto/ed25519.go @@ -55,6 +55,18 @@ func UnmarshalEd25519PublicKeyProto(bytes []byte) (PubKey, error) { return UnmarshalEd25519PublicKey(msg.Data) } +func UnmarshalEd25519PrivateKeyProto(bytes []byte) (PrivKey, error) { + msg := &cryptoproto.Key{} + err := proto.Unmarshal(bytes, msg) + if err != nil { + return nil, err + } + if msg.Type != cryptoproto.KeyType_Ed25519Private { + return nil, ErrIncorrectKeyType + } + return UnmarshalEd25519PrivateKey(msg.Data) +} + func NewSigningEd25519PubKeyFromBytes(bytes []byte) (PubKey, error) { return UnmarshalEd25519PublicKey(bytes) } @@ -114,6 +126,15 @@ func (k *Ed25519PrivKey) Sign(msg []byte) ([]byte, error) { return ed25519.Sign(k.privKey, msg), nil } +// Marshall marshalls the key into proto +func (k *Ed25519PrivKey) Marshall() ([]byte, error) { + msg := &cryptoproto.Key{ + Type: cryptoproto.KeyType_Ed25519Public, + Data: k.privKey, + } + return msg.Marshal() +} + // Decrypt decrypts the message func (k *Ed25519PrivKey) Decrypt(msg []byte) ([]byte, error) { k.once.Do(func() { diff --git a/util/crypto/key.go b/util/crypto/key.go index 10f08875..91390999 100644 --- a/util/crypto/key.go +++ b/util/crypto/key.go @@ -27,6 +27,8 @@ type PrivKey interface { Sign([]byte) ([]byte, error) // GetPublic returns the associated public key GetPublic() PubKey + // Marshall wraps key in proto encoding and marshalls it + Marshall() ([]byte, error) // LibP2P returns libp2p model LibP2P() (crypto.PrivKey, error) } From eec2b842bcb62aac722a9799d52885df92b3a2bc Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 27 Mar 2023 16:32:56 +0200 Subject: [PATCH 17/24] Add accountdata constructor --- commonspace/object/accountdata/accountdata.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/commonspace/object/accountdata/accountdata.go b/commonspace/object/accountdata/accountdata.go index 12d3f029..3ad47ca4 100644 --- a/commonspace/object/accountdata/accountdata.go +++ b/commonspace/object/accountdata/accountdata.go @@ -12,6 +12,15 @@ type AccountKeys struct { PeerId string } +func New(peerKey crypto.PrivKey, signKey crypto.PrivKey) *AccountKeys { + peerId, _ := peer.IdFromSigningPubKey(peerKey.GetPublic()) + return &AccountKeys{ + PeerKey: peerKey, + SignKey: signKey, + PeerId: peerId.String(), + } +} + func NewRandom() (*AccountKeys, error) { peerKey, _, err := crypto.GenerateEd25519Key(rand.Reader) if err != nil { From 9679bb3bf3bceecaab591b66b3cd58f33d0e7858 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 27 Mar 2023 17:04:59 +0200 Subject: [PATCH 18/24] Add peer id string for keys --- commonspace/object/accountdata/accountdata.go | 10 ++-------- util/crypto/ed25519.go | 9 ++++++++- util/crypto/key.go | 4 +++- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/commonspace/object/accountdata/accountdata.go b/commonspace/object/accountdata/accountdata.go index 3ad47ca4..279a6cbd 100644 --- a/commonspace/object/accountdata/accountdata.go +++ b/commonspace/object/accountdata/accountdata.go @@ -3,7 +3,6 @@ package accountdata import ( "crypto/rand" "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/peer" ) type AccountKeys struct { @@ -13,11 +12,10 @@ type AccountKeys struct { } func New(peerKey crypto.PrivKey, signKey crypto.PrivKey) *AccountKeys { - peerId, _ := peer.IdFromSigningPubKey(peerKey.GetPublic()) return &AccountKeys{ PeerKey: peerKey, SignKey: signKey, - PeerId: peerId.String(), + PeerId: peerKey.GetPublic().PeerId(), } } @@ -30,13 +28,9 @@ func NewRandom() (*AccountKeys, error) { if err != nil { return nil, err } - peerId, err := peer.IdFromSigningPubKey(peerKey.GetPublic()) - if err != nil { - return nil, err - } return &AccountKeys{ PeerKey: peerKey, SignKey: signKey, - PeerId: peerId.String(), + PeerId: peerKey.GetPublic().PeerId(), }, nil } diff --git a/util/crypto/ed25519.go b/util/crypto/ed25519.go index b520bfcd..02cc9ed2 100644 --- a/util/crypto/ed25519.go +++ b/util/crypto/ed25519.go @@ -8,6 +8,7 @@ import ( "errors" "fmt" "github.com/anytypeio/any-sync/util/crypto/cryptoproto" + "github.com/anytypeio/any-sync/util/peer" "github.com/anytypeio/any-sync/util/strkey" "github.com/gogo/protobuf/proto" "github.com/libp2p/go-libp2p/core/crypto" @@ -152,12 +153,18 @@ func (k *Ed25519PrivKey) LibP2P() (crypto.PrivKey, error) { return crypto.UnmarshalEd25519PrivateKey(k.privKey) } -// String returns string representation of key +// Account returns string representation of key in anytype account format func (k *Ed25519PubKey) Account() string { res, _ := strkey.Encode(strkey.AccountAddressVersionByte, k.pubKey) return res } +// PeerId returns string representation of key for peer id +func (k *Ed25519PubKey) PeerId() string { + peerId, _ := peer.IdFromSigningPubKey(k) + return peerId.String() +} + // Raw public key bytes. func (k *Ed25519PubKey) Raw() ([]byte, error) { return k.pubKey, nil diff --git a/util/crypto/key.go b/util/crypto/key.go index 91390999..c5346841 100644 --- a/util/crypto/key.go +++ b/util/crypto/key.go @@ -45,8 +45,10 @@ type PubKey interface { Marshall() ([]byte, error) // Storage returns underlying key storage Storage() []byte - // Account returns string representation + // Account returns string representation for anytype account Account() string + // PeerId returns string representation for peer id + PeerId() string // LibP2P returns libp2p model LibP2P() (crypto.PubKey, error) } From b62ad579888ed7b056ca81789cf68d854d77ee12 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 27 Mar 2023 21:22:32 +0200 Subject: [PATCH 19/24] Move peer util package into crypto --- net/secureservice/handshake/handshake_test.go | 7 +++---- testutil/accounttest/accountservice.go | 3 +-- util/crypto/ed25519.go | 3 +-- util/{peer => crypto}/peer.go | 5 ++--- 4 files changed, 7 insertions(+), 11 deletions(-) rename util/{peer => crypto}/peer.go (69%) diff --git a/net/secureservice/handshake/handshake_test.go b/net/secureservice/handshake/handshake_test.go index b19acae8..b766952f 100644 --- a/net/secureservice/handshake/handshake_test.go +++ b/net/secureservice/handshake/handshake_test.go @@ -4,7 +4,6 @@ import ( "context" "github.com/anytypeio/any-sync/net/secureservice/handshake/handshakeproto" crypto2 "github.com/anytypeio/any-sync/util/crypto" - peer2 "github.com/anytypeio/any-sync/util/peer" "github.com/libp2p/go-libp2p/core/crypto" "github.com/libp2p/go-libp2p/core/network" "github.com/libp2p/go-libp2p/core/peer" @@ -568,9 +567,9 @@ func newConnPair(t require.TestingT) (sc1, sc2 *secConn) { sk2b, err := sk2.Raw() signKey2, err := crypto.UnmarshalEd25519PrivateKey(sk2b) require.NoError(t, err) - peerId1, err := peer2.IdFromSigningPubKey(sk1.GetPublic()) + peerId1, err := crypto2.IdFromSigningPubKey(sk1.GetPublic()) require.NoError(t, err) - peerId2, err := peer2.IdFromSigningPubKey(sk2.GetPublic()) + peerId2, err := crypto2.IdFromSigningPubKey(sk2.GetPublic()) require.NoError(t, err) sc1 = &secConn{ Conn: c1, @@ -594,7 +593,7 @@ type secConn struct { func (s *secConn) LocalPeer() peer.ID { skB, _ := s.localKey.Raw() sk, _ := crypto2.NewSigningEd25519PubKeyFromBytes(skB) - lp, _ := peer2.IdFromSigningPubKey(sk) + lp, _ := crypto2.IdFromSigningPubKey(sk) return lp } diff --git a/testutil/accounttest/accountservice.go b/testutil/accounttest/accountservice.go index 57986340..7aec1c14 100644 --- a/testutil/accounttest/accountservice.go +++ b/testutil/accounttest/accountservice.go @@ -6,7 +6,6 @@ import ( "github.com/anytypeio/any-sync/commonspace/object/accountdata" "github.com/anytypeio/any-sync/nodeconf" "github.com/anytypeio/any-sync/util/crypto" - "github.com/anytypeio/any-sync/util/peer" ) // AccountTestService provides service for test purposes, generates new random account every Init @@ -28,7 +27,7 @@ func (s *AccountTestService) Init(a *app.App) (err error) { return err } - peerId, err := peer.IdFromSigningPubKey(peerKey.GetPublic()) + peerId, err := crypto.IdFromSigningPubKey(peerKey.GetPublic()) if err != nil { return err } diff --git a/util/crypto/ed25519.go b/util/crypto/ed25519.go index 02cc9ed2..17e24e5a 100644 --- a/util/crypto/ed25519.go +++ b/util/crypto/ed25519.go @@ -8,7 +8,6 @@ import ( "errors" "fmt" "github.com/anytypeio/any-sync/util/crypto/cryptoproto" - "github.com/anytypeio/any-sync/util/peer" "github.com/anytypeio/any-sync/util/strkey" "github.com/gogo/protobuf/proto" "github.com/libp2p/go-libp2p/core/crypto" @@ -161,7 +160,7 @@ func (k *Ed25519PubKey) Account() string { // PeerId returns string representation of key for peer id func (k *Ed25519PubKey) PeerId() string { - peerId, _ := peer.IdFromSigningPubKey(k) + peerId, _ := IdFromSigningPubKey(k) return peerId.String() } diff --git a/util/peer/peer.go b/util/crypto/peer.go similarity index 69% rename from util/peer/peer.go rename to util/crypto/peer.go index ee6a32cd..a7a7ac3d 100644 --- a/util/peer/peer.go +++ b/util/crypto/peer.go @@ -1,12 +1,11 @@ -package peer +package crypto import ( - utilcrypto "github.com/anytypeio/any-sync/util/crypto" "github.com/libp2p/go-libp2p/core/crypto" "github.com/libp2p/go-libp2p/core/peer" ) -func IdFromSigningPubKey(pubKey utilcrypto.PubKey) (peer.ID, error) { +func IdFromSigningPubKey(pubKey PubKey) (peer.ID, error) { rawSigning, err := pubKey.Raw() if err != nil { return "", err From 6d70bc37866e3b9aeb77a535988d8a077d21831f Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 27 Mar 2023 22:08:07 +0200 Subject: [PATCH 20/24] Fix mnemonic --- util/crypto/mnemonic.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/crypto/mnemonic.go b/util/crypto/mnemonic.go index 9f55f6b8..3b388bcc 100644 --- a/util/crypto/mnemonic.go +++ b/util/crypto/mnemonic.go @@ -38,7 +38,7 @@ func (g MnemonicGenerator) WithWordCount(wc int) (Mnemonic, error) { default: return "", ErrInvalidWordCount } - return g.WithWordCount(size) + return g.WithRandomEntropy(size) } func (g MnemonicGenerator) WithRandomEntropy(size int) (Mnemonic, error) { From f4bc677d020b9540c8b76fcef125e78e2ad61e1b Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 27 Mar 2023 22:28:49 +0200 Subject: [PATCH 21/24] Fix private key marshal --- util/crypto/ed25519.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/crypto/ed25519.go b/util/crypto/ed25519.go index 17e24e5a..424104a7 100644 --- a/util/crypto/ed25519.go +++ b/util/crypto/ed25519.go @@ -129,7 +129,7 @@ func (k *Ed25519PrivKey) Sign(msg []byte) ([]byte, error) { // Marshall marshalls the key into proto func (k *Ed25519PrivKey) Marshall() ([]byte, error) { msg := &cryptoproto.Key{ - Type: cryptoproto.KeyType_Ed25519Public, + Type: cryptoproto.KeyType_Ed25519Private, Data: k.privKey, } return msg.Marshal() From 13f30aa60f7f86e27c72d01ecf3406e2e39e8167 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Mon, 27 Mar 2023 23:03:02 +0200 Subject: [PATCH 22/24] Change sym encryption logic in objecttree --- .../object/tree/objecttree/historytree.go | 11 +---- .../object/tree/objecttree/objecttree.go | 41 +++++++++++++------ 2 files changed, 30 insertions(+), 22 deletions(-) diff --git a/commonspace/object/tree/objecttree/historytree.go b/commonspace/object/tree/objecttree/historytree.go index e8de9520..c5b78a95 100644 --- a/commonspace/object/tree/objecttree/historytree.go +++ b/commonspace/object/tree/objecttree/historytree.go @@ -43,14 +43,5 @@ func (h *historyTree) rebuildFromStorage(beforeId string, include bool) (err err defer ot.aclList.RUnlock() state := ot.aclList.AclState() - if len(ot.keys) != len(state.UserReadKeys()) { - for key, value := range state.UserReadKeys() { - treeKey, err := deriveTreeKey(value, h.id) - if err != nil { - return err - } - ot.keys[key] = treeKey - } - } - return + return ot.readKeysFromAclState(state) } diff --git a/commonspace/object/tree/objecttree/objecttree.go b/commonspace/object/tree/objecttree/objecttree.go index 7ba9c2e5..f455b150 100644 --- a/commonspace/object/tree/objecttree/objecttree.go +++ b/commonspace/object/tree/objecttree/objecttree.go @@ -27,6 +27,7 @@ var ( ErrHasInvalidChanges = errors.New("the change is invalid") ErrNoCommonSnapshot = errors.New("trees doesn't have a common snapshot") ErrNoChangeInTree = errors.New("no such change in tree") + ErrMissingKey = errors.New("missing current read key") ) type AddResultSummary int @@ -99,7 +100,8 @@ type objectTree struct { root *Change tree *Tree - keys map[string]crypto.SymKey + keys map[string]crypto.SymKey + currentReadKey crypto.SymKey // buffers difSnapshotBuf []*treechangeproto.RawTreeChangeWithId @@ -238,10 +240,11 @@ func (ot *objectTree) prepareBuilderContent(content SignableChangeContent) (cnt if content.IsEncrypted { readKeyId = state.CurrentReadKeyId() - readKey, err = state.CurrentReadKey() - if err != nil { + if ot.currentReadKey == nil { + err = ErrMissingKey return } + readKey = ot.currentReadKey } cnt = BuilderContent{ TreeHeadIds: ot.tree.Heads(), @@ -637,15 +640,9 @@ func (ot *objectTree) validateTree(newChanges []*Change) error { defer ot.aclList.RUnlock() state := ot.aclList.AclState() - // just not to take lock many times, updating the key map from aclList - if len(ot.keys) != len(state.UserReadKeys()) { - for key, value := range state.UserReadKeys() { - treeKey, err := deriveTreeKey(value, ot.id) - if err != nil { - return err - } - ot.keys[key] = treeKey - } + err := ot.readKeysFromAclState(state) + if err != nil { + return err } if len(newChanges) == 0 { return ot.validator.ValidateFullTree(ot.tree, ot.aclList) @@ -654,6 +651,26 @@ func (ot *objectTree) validateTree(newChanges []*Change) error { return ot.validator.ValidateNewChanges(ot.tree, ot.aclList, newChanges) } +func (ot *objectTree) readKeysFromAclState(state *list.AclState) (err error) { + // just not to take lock many times, updating the key map from aclList + if len(ot.keys) == len(state.UserReadKeys()) { + return nil + } + for key, value := range state.UserReadKeys() { + treeKey, err := deriveTreeKey(value, ot.id) + if err != nil { + return err + } + ot.keys[key] = treeKey + } + curKey, err := state.CurrentReadKey() + if err != nil { + return err + } + ot.currentReadKey, err = deriveTreeKey(curKey, ot.id) + return err +} + func (ot *objectTree) Debug(parser DescriptionParser) (DebugInfo, error) { return objectTreeDebug{}.debugInfo(ot, parser) } From a8ef63eca098a9d4cc69efacb7e3e1b9ea05b107 Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Tue, 28 Mar 2023 00:11:09 +0200 Subject: [PATCH 23/24] Update space header validation --- commonspace/spacestorage/spacestorage.go | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/commonspace/spacestorage/spacestorage.go b/commonspace/spacestorage/spacestorage.go index a2bf66a0..8d300a48 100644 --- a/commonspace/spacestorage/spacestorage.go +++ b/commonspace/spacestorage/spacestorage.go @@ -2,7 +2,6 @@ package spacestorage import ( - "bytes" "context" "errors" "github.com/anytypeio/any-sync/app" @@ -71,7 +70,7 @@ func ValidateSpaceStorageCreatePayload(payload SpaceStorageCreatePayload) (err e return nil } -func ValidateSpaceHeader(spaceId string, header, identity []byte) (err error) { +func ValidateSpaceHeader(spaceId string, header []byte, identity crypto.PubKey) (err error) { split := strings.Split(spaceId, ".") if len(split) != 2 { return ErrIncorrectSpaceHeader @@ -90,15 +89,15 @@ func ValidateSpaceHeader(spaceId string, header, identity []byte) (err error) { if err != nil { return } - if identity != nil && !bytes.Equal(identity, payload.Identity) { - err = ErrIncorrectSpaceHeader - return - } - key, err := crypto.NewSigningEd25519PubKeyFromBytes(payload.Identity) + payloadIdentity, err := crypto.UnmarshalEd25519PublicKeyProto(payload.Identity) if err != nil { return } - res, err := key.Verify(raw.SpaceHeader, raw.Signature) + if identity != nil && !payloadIdentity.Equals(identity) { + err = ErrIncorrectSpaceHeader + return + } + res, err := identity.Verify(raw.SpaceHeader, raw.Signature) if err != nil || !res { err = ErrIncorrectSpaceHeader return From f472fd83c48cad948978a7d9e47388087abf4f8c Mon Sep 17 00:00:00 2001 From: mcrakhman Date: Tue, 28 Mar 2023 21:29:12 +0200 Subject: [PATCH 24/24] Add some tests --- util/crypto/derived_test.go | 22 ++++++++++++++++++++++ util/crypto/ed25519_test.go | 15 ++++++++++++++- util/crypto/mnemonic_test.go | 25 +++++++++++++++++++++++++ util/crypto/peer.go | 2 -- 4 files changed, 61 insertions(+), 3 deletions(-) create mode 100644 util/crypto/derived_test.go create mode 100644 util/crypto/mnemonic_test.go diff --git a/util/crypto/derived_test.go b/util/crypto/derived_test.go new file mode 100644 index 00000000..24fd75df --- /dev/null +++ b/util/crypto/derived_test.go @@ -0,0 +1,22 @@ +package crypto + +import ( + "crypto/rand" + "github.com/stretchr/testify/require" + "testing" +) + +func TestDerivedKey(t *testing.T) { + seed := make([]byte, 32) + _, err := rand.Read(seed) + require.NoError(t, err) + key, err := DeriveSymmetricKey(seed, AnytypeAccountPath) + require.NoError(t, err) + _, err = rand.Read(seed) + require.NoError(t, err) + res, err := key.Encrypt(seed) + require.NoError(t, err) + dec, err := key.Decrypt(res) + require.NoError(t, err) + require.Equal(t, seed, dec) +} diff --git a/util/crypto/ed25519_test.go b/util/crypto/ed25519_test.go index 5b96ecb6..92565723 100644 --- a/util/crypto/ed25519_test.go +++ b/util/crypto/ed25519_test.go @@ -9,12 +9,25 @@ import ( func Test_EncryptDecrypt(t *testing.T) { privKey, pubKey, err := GenerateEd25519Key(rand.Reader) require.NoError(t, err) - msg := make([]byte, 32768) + msg := make([]byte, 32000) _, err = rand.Read(msg) require.NoError(t, err) enc, err := pubKey.Encrypt(msg) require.NoError(t, err) dec, err := privKey.Decrypt(enc) require.NoError(t, err) + require.NotEqual(t, enc, dec) require.Equal(t, dec, msg) } + +func Test_SignVerify(t *testing.T) { + privKey, pubKey, err := GenerateEd25519Key(rand.Reader) + require.NoError(t, err) + msg := make([]byte, 32000) + _, err = rand.Read(msg) + sign, err := privKey.Sign(msg) + require.NoError(t, err) + res, err := pubKey.Verify(msg, sign) + require.NoError(t, err) + require.True(t, res) +} diff --git a/util/crypto/mnemonic_test.go b/util/crypto/mnemonic_test.go new file mode 100644 index 00000000..176dabbf --- /dev/null +++ b/util/crypto/mnemonic_test.go @@ -0,0 +1,25 @@ +package crypto + +import ( + "crypto/rand" + "github.com/stretchr/testify/require" + "strings" + "testing" +) + +func TestMnemonic(t *testing.T) { + phrase, err := NewMnemonicGenerator().WithWordCount(12) + require.NoError(t, err) + parts := strings.Split(string(phrase), " ") + require.Equal(t, 12, len(parts)) + key, err := phrase.DeriveEd25519Key(0) + require.NoError(t, err) + bytes := make([]byte, 64) + _, err = rand.Read(bytes) + require.NoError(t, err) + sign, err := key.Sign(bytes) + require.NoError(t, err) + res, err := key.GetPublic().Verify(bytes, sign) + require.NoError(t, err) + require.True(t, res) +} diff --git a/util/crypto/peer.go b/util/crypto/peer.go index a7a7ac3d..cde5a940 100644 --- a/util/crypto/peer.go +++ b/util/crypto/peer.go @@ -10,11 +10,9 @@ func IdFromSigningPubKey(pubKey PubKey) (peer.ID, error) { if err != nil { return "", err } - libp2pKey, err := crypto.UnmarshalEd25519PublicKey(rawSigning) if err != nil { return "", err } - return peer.IDFromPublicKey(libp2pKey) }