aboutsummaryrefslogtreecommitdiffstats
path: root/whisper/envelope.go
blob: ba3e4ccc940c92250b0623da768b5e28e97b6418 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
// Contains the Whisper protocol Envelope element. For formal details please see
// the specs at https://github.com/ethereum/wiki/wiki/Whisper-PoC-1-Protocol-Spec#envelopes.

package whisper

import (
    "crypto/ecdsa"
    "encoding/binary"
    "fmt"
    "time"

    "github.com/ethereum/go-ethereum/common"
    "github.com/ethereum/go-ethereum/crypto"
    "github.com/ethereum/go-ethereum/crypto/ecies"
    "github.com/ethereum/go-ethereum/rlp"
)

// Envelope represents a clear-text data packet to transmit through the Whisper
// network. Its contents may or may not be encrypted and signed.
type Envelope struct {
    Expiry uint32 // Whisper protocol specifies int32, really should be int64
    TTL    uint32 // ^^^^^^
    Topics []Topic
    Data   []byte
    Nonce  uint32

    hash common.Hash // Cached hash of the envelope to avoid rehashing every time
}

// NewEnvelope wraps a Whisper message with expiration and destination data
// included into an envelope for network forwarding.
func NewEnvelope(ttl time.Duration, topics []Topic, msg *Message) *Envelope {
    return &Envelope{
        Expiry: uint32(time.Now().Add(ttl).Unix()),
        TTL:    uint32(ttl.Seconds()),
        Topics: topics,
        Data:   msg.bytes(),
        Nonce:  0,
    }
}

// Seal closes the envelope by spending the requested amount of time as a proof
// of work on hashing the data.
func (self *Envelope) Seal(pow time.Duration) {
    d := make([]byte, 64)
    copy(d[:32], self.rlpWithoutNonce())

    finish, bestBit := time.Now().Add(pow).UnixNano(), 0
    for nonce := uint32(0); time.Now().UnixNano() < finish; {
        for i := 0; i < 1024; i++ {
            binary.BigEndian.PutUint32(d[60:], nonce)

            firstBit := common.FirstBitSet(common.BigD(crypto.Sha3(d)))
            if firstBit > bestBit {
                self.Nonce, bestBit = nonce, firstBit
            }
            nonce++
        }
    }
}

// rlpWithoutNonce returns the RLP encoded envelope contents, except the nonce.
func (self *Envelope) rlpWithoutNonce() []byte {
    enc, _ := rlp.EncodeToBytes([]interface{}{self.Expiry, self.TTL, self.Topics, self.Data})
    return enc
}

// Open extracts the message contained within a potentially encrypted envelope.
func (self *Envelope) Open(key *ecdsa.PrivateKey) (msg *Message, err error) {
    // Split open the payload into a message construct
    data := self.Data

    message := &Message{
        Flags: data[0],
        Sent:  int64(self.Expiry - self.TTL),
    }
    data = data[1:]

    if message.Flags&signatureFlag == signatureFlag {
        if len(data) < signatureLength {
            return nil, fmt.Errorf("unable to open envelope. First bit set but len(data) < len(signature)")
        }
        message.Signature, data = data[:signatureLength], data[signatureLength:]
    }
    message.Payload = data

    // Decrypt the message, if requested
    if key == nil {
        return message, nil
    }
    err = message.decrypt(key)
    switch err {
    case nil:
        return message, nil

    case ecies.ErrInvalidPublicKey: // Payload isn't encrypted
        return message, err

    default:
        return nil, fmt.Errorf("unable to open envelope, decrypt failed: %v", err)
    }
}

// Hash returns the SHA3 hash of the envelope, calculating it if not yet done.
func (self *Envelope) Hash() common.Hash {
    if (self.hash == common.Hash{}) {
        enc, _ := rlp.EncodeToBytes(self)
        self.hash = crypto.Sha3Hash(enc)
    }
    return self.hash
}

// DecodeRLP decodes an Envelope from an RLP data stream.
func (self *Envelope) DecodeRLP(s *rlp.Stream) error {
    raw, err := s.Raw()
    if err != nil {
        return err
    }
    // The decoding of Envelope uses the struct fields but also needs
    // to compute the hash of the whole RLP-encoded envelope. This
    // type has the same structure as Envelope but is not an
    // rlp.Decoder so we can reuse the Envelope struct definition.
    type rlpenv Envelope
    if err := rlp.DecodeBytes(raw, (*rlpenv)(self)); err != nil {
        return err
    }
    self.hash = crypto.Sha3Hash(raw)
    return nil
}