From 95f0bd0acf301bf8415747c4ff050e8a4dfdc864 Mon Sep 17 00:00:00 2001
From: gluk256 <gluk256@users.noreply.github.com>
Date: Wed, 26 Apr 2017 21:05:48 +0200
Subject: whisper: message format refactoring (#14335)

* whisper: salt removed from AES encryption
* whisper: padding format updated
* whisper: padding test added
* whisper: padding refactored, tests fixed
* whisper: padding test updated
* whisper: wnode bugfix
* whisper: send/receive protocol updated
* whisper: minor update
* whisper: bugfix in test
* whisper: updated parameter names and comments
* whisper: functions renamed
* whisper: minor refactoring
---
 whisper/whisperv5/whisper.go | 55 +++++++++++++++++---------------------------
 1 file changed, 21 insertions(+), 34 deletions(-)

(limited to 'whisper/whisperv5/whisper.go')

diff --git a/whisper/whisperv5/whisper.go b/whisper/whisperv5/whisper.go
index c4d5d04a7..f2aad08ef 100644
--- a/whisper/whisperv5/whisper.go
+++ b/whisper/whisperv5/whisper.go
@@ -262,24 +262,14 @@ func (w *Whisper) GetPrivateKey(id string) (*ecdsa.PrivateKey, error) {
 // GenerateSymKey generates a random symmetric key and stores it under id,
 // which is then returned. Will be used in the future for session key exchange.
 func (w *Whisper) GenerateSymKey() (string, error) {
-	const size = aesKeyLength * 2
-	buf := make([]byte, size)
-	_, err := crand.Read(buf)
+	key := make([]byte, aesKeyLength)
+	_, err := crand.Read(key)
 	if err != nil {
 		return "", err
-	} else if !validateSymmetricKey(buf) {
+	} else if !validateSymmetricKey(key) {
 		return "", fmt.Errorf("error in GenerateSymKey: crypto/rand failed to generate random data")
 	}
 
-	key := buf[:aesKeyLength]
-	salt := buf[aesKeyLength:]
-	derived, err := DeriveOneTimeKey(key, salt, EnvelopeVersion)
-	if err != nil {
-		return "", err
-	} else if !validateSymmetricKey(derived) {
-		return "", fmt.Errorf("failed to derive valid key")
-	}
-
 	id, err := GenerateRandomID()
 	if err != nil {
 		return "", fmt.Errorf("failed to generate ID: %s", err)
@@ -291,7 +281,7 @@ func (w *Whisper) GenerateSymKey() (string, error) {
 	if w.symKeys[id] != nil {
 		return "", fmt.Errorf("failed to generate unique ID")
 	}
-	w.symKeys[id] = derived
+	w.symKeys[id] = key
 	return id, nil
 }
 
@@ -395,6 +385,9 @@ func (w *Whisper) Unsubscribe(id string) error {
 // network in the coming cycles.
 func (w *Whisper) Send(envelope *Envelope) error {
 	ok, err := w.add(envelope)
+	if err != nil {
+		return err
+	}
 	if !ok {
 		return fmt.Errorf("failed to add envelope")
 	}
@@ -469,21 +462,18 @@ func (wh *Whisper) runMessageLoop(p *Peer, rw p2p.MsgReadWriter) error {
 			log.Warn("unxepected status message received", "peer", p.peer.ID())
 		case messagesCode:
 			// decode the contained envelopes
-			var envelopes []*Envelope
-			if err := packet.Decode(&envelopes); err != nil {
+			var envelope Envelope
+			if err := packet.Decode(&envelope); err != nil {
 				log.Warn("failed to decode envelope, peer will be disconnected", "peer", p.peer.ID(), "err", err)
 				return errors.New("invalid envelope")
 			}
-			// inject all envelopes into the internal pool
-			for _, envelope := range envelopes {
-				cached, err := wh.add(envelope)
-				if err != nil {
-					log.Warn("bad envelope received, peer will be disconnected", "peer", p.peer.ID(), "err", err)
-					return errors.New("invalid envelope")
-				}
-				if cached {
-					p.mark(envelope)
-				}
+			cached, err := wh.add(&envelope)
+			if err != nil {
+				log.Warn("bad envelope received, peer will be disconnected", "peer", p.peer.ID(), "err", err)
+				return errors.New("invalid envelope")
+			}
+			if cached {
+				p.mark(&envelope)
 			}
 		case p2pCode:
 			// peer-to-peer message, sent directly to peer bypassing PoW checks, etc.
@@ -550,14 +540,11 @@ func (wh *Whisper) add(envelope *Envelope) (bool, error) {
 		return false, fmt.Errorf("oversized version [%x]", envelope.Hash())
 	}
 
-	if len(envelope.AESNonce) > AESNonceMaxLength {
-		// the standard AES GSM nonce size is 12,
-		// but const gcmStandardNonceSize cannot be accessed directly
-		return false, fmt.Errorf("oversized AESNonce [%x]", envelope.Hash())
-	}
-
-	if len(envelope.Salt) > saltLength {
-		return false, fmt.Errorf("oversized salt [%x]", envelope.Hash())
+	aesNonceSize := len(envelope.AESNonce)
+	if aesNonceSize != 0 && aesNonceSize != AESNonceLength {
+		// the standard AES GCM nonce size is 12 bytes,
+		// but constant gcmStandardNonceSize cannot be accessed (not exported)
+		return false, fmt.Errorf("wrong size of AESNonce: %d bytes [env: %x]", aesNonceSize, envelope.Hash())
 	}
 
 	if envelope.PoW() < wh.minPoW {
-- 
cgit