channeldb: remove EncryptorDecryptor interface

This commit removes the EncryptorDecryptor interface, and all related
usage within channeldb. This interface is no longer needed as wallet
specific secrets such as private keys are no longer stored within the
database.
This commit is contained in:
Olaoluwa Osuntokun 2016-08-12 14:57:27 -07:00
parent a28c011b0b
commit dc00514c42
3 changed files with 12 additions and 52 deletions

@ -200,7 +200,7 @@ func (c *OpenChannel) FullSync() error {
chanIDBucket.Put(b.Bytes(), nil) chanIDBucket.Put(b.Bytes(), nil)
} }
return putOpenChannel(chanBucket, nodeChanBucket, c, c.Db.cryptoSystem) return putOpenChannel(chanBucket, nodeChanBucket, c)
}) })
} }
@ -362,7 +362,7 @@ func putClosedChannelSummary(tx *bolt.Tx, chanID []byte) error {
// putChannel serializes, and stores the current state of the channel in its // putChannel serializes, and stores the current state of the channel in its
// entirety. // entirety.
func putOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket, func putOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
channel *OpenChannel, encryptor EncryptorDecryptor) error { channel *OpenChannel) error {
// First write out all the "common" fields using the field's prefix // First write out all the "common" fields using the field's prefix
// appened with the channel's ID. These fields go into a top-level bucket // appened with the channel's ID. These fields go into a top-level bucket
@ -387,13 +387,13 @@ func putOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
if err := putChannelIDs(nodeChanBucket, channel); err != nil { if err := putChannelIDs(nodeChanBucket, channel); err != nil {
return err return err
} }
if err := putChanCommitKeys(nodeChanBucket, channel, encryptor); err != nil { if err := putChanCommitKeys(nodeChanBucket, channel); err != nil {
return err return err
} }
if err := putChanCommitTxns(nodeChanBucket, channel); err != nil { if err := putChanCommitTxns(nodeChanBucket, channel); err != nil {
return err return err
} }
if err := putChanFundingInfo(nodeChanBucket, channel, encryptor); err != nil { if err := putChanFundingInfo(nodeChanBucket, channel); err != nil {
return err return err
} }
if err := putChanEklremState(nodeChanBucket, channel); err != nil { if err := putChanEklremState(nodeChanBucket, channel); err != nil {
@ -411,7 +411,7 @@ func putOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
// An EncryptorDecryptor is required to decrypt sensitive information stored // An EncryptorDecryptor is required to decrypt sensitive information stored
// within the database. // within the database.
func fetchOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket, func fetchOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
chanID *wire.OutPoint, decryptor EncryptorDecryptor) (*OpenChannel, error) { chanID *wire.OutPoint) (*OpenChannel, error) {
channel := &OpenChannel{ channel := &OpenChannel{
ChanID: chanID, ChanID: chanID,
@ -421,13 +421,13 @@ func fetchOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
if err := fetchChannelIDs(nodeChanBucket, channel); err != nil { if err := fetchChannelIDs(nodeChanBucket, channel); err != nil {
return nil, err return nil, err
} }
if err := fetchChanCommitKeys(nodeChanBucket, channel, decryptor); err != nil { if err := fetchChanCommitKeys(nodeChanBucket, channel); err != nil {
return nil, err return nil, err
} }
if err := fetchChanCommitTxns(nodeChanBucket, channel); err != nil { if err := fetchChanCommitTxns(nodeChanBucket, channel); err != nil {
return nil, err return nil, err
} }
if err := fetchChanFundingInfo(nodeChanBucket, channel, decryptor); err != nil { if err := fetchChanFundingInfo(nodeChanBucket, channel); err != nil {
return nil, err return nil, err
} }
if err := fetchChanEklremState(nodeChanBucket, channel); err != nil { if err := fetchChanEklremState(nodeChanBucket, channel); err != nil {
@ -791,8 +791,7 @@ func fetchChannelIDs(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
return nil return nil
} }
func putChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel, func putChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
ed EncryptorDecryptor) error {
// Construct the key which stores the commitment keys: ckk || channelID. // Construct the key which stores the commitment keys: ckk || channelID.
// TODO(roasbeef): factor into func // TODO(roasbeef): factor into func
@ -829,8 +828,7 @@ func deleteChanCommitKeys(nodeChanBucket *bolt.Bucket, chanID []byte) error {
return nodeChanBucket.Delete(commitKey) return nodeChanBucket.Delete(commitKey)
} }
func fetchChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel, func fetchChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
ed EncryptorDecryptor) error {
// Construct the key which stores the commitment keys: ckk || channelID. // Construct the key which stores the commitment keys: ckk || channelID.
// TODO(roasbeef): factor into func // TODO(roasbeef): factor into func
@ -939,9 +937,7 @@ func fetchChanCommitTxns(nodeChanBucket *bolt.Bucket, channel *OpenChannel) erro
return nil return nil
} }
func putChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel, func putChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
ed EncryptorDecryptor) error {
var bc bytes.Buffer var bc bytes.Buffer
if err := writeOutpoint(&bc, channel.ChanID); err != nil { if err := writeOutpoint(&bc, channel.ChanID); err != nil {
return err return err
@ -989,9 +985,7 @@ func deleteChanFundingInfo(nodeChanBucket *bolt.Bucket, chanID []byte) error {
return nodeChanBucket.Delete(fundTxnKey) return nodeChanBucket.Delete(fundTxnKey)
} }
func fetchChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel, func fetchChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
ed EncryptorDecryptor) error {
var b bytes.Buffer var b bytes.Buffer
if err := writeOutpoint(&b, channel.ChanID); err != nil { if err := writeOutpoint(&b, channel.ChanID); err != nil {
return err return err

@ -78,23 +78,6 @@ var (
} }
) )
type MockEncryptorDecryptor struct {
}
func (m *MockEncryptorDecryptor) Encrypt(n []byte) ([]byte, error) {
return n, nil
}
func (m *MockEncryptorDecryptor) Decrypt(n []byte) ([]byte, error) {
return n, nil
}
func (m *MockEncryptorDecryptor) OverheadSize() uint32 {
return 0
}
var _ EncryptorDecryptor = (*MockEncryptorDecryptor)(nil)
func TestOpenChannelPutGetDelete(t *testing.T) { func TestOpenChannelPutGetDelete(t *testing.T) {
// First, create a temporary directory to be used for the duration of // First, create a temporary directory to be used for the duration of
// this test. // this test.
@ -111,7 +94,6 @@ func TestOpenChannelPutGetDelete(t *testing.T) {
if err != nil { if err != nil {
t.Fatalf("unable to create channeldb: %v", err) t.Fatalf("unable to create channeldb: %v", err)
} }
cdb.RegisterCryptoSystem(&MockEncryptorDecryptor{})
defer cdb.Close() defer cdb.Close()
privKey, pubKey := btcec.PrivKeyFromBytes(btcec.S256(), key[:]) privKey, pubKey := btcec.PrivKeyFromBytes(btcec.S256(), key[:])

@ -27,14 +27,6 @@ var bufPool = &sync.Pool{
New: func() interface{} { return new(bytes.Buffer) }, New: func() interface{} { return new(bytes.Buffer) },
} }
// EncryptorDecryptor...
// TODO(roasbeef): ability to rotate EncryptorDecryptor's across DB
type EncryptorDecryptor interface {
Encrypt(in []byte) ([]byte, error)
Decrypt(in []byte) ([]byte, error)
OverheadSize() uint32
}
// DB is the primary datastore for the LND daemon. The database stores // DB is the primary datastore for the LND daemon. The database stores
// information related to nodes, routing data, open/closed channels, fee // information related to nodes, routing data, open/closed channels, fee
// schedules, and reputation data. // schedules, and reputation data.
@ -42,8 +34,6 @@ type DB struct {
store *bolt.DB store *bolt.DB
netParams *chaincfg.Params netParams *chaincfg.Params
cryptoSystem EncryptorDecryptor
} }
// Open opens an existing channeldb created under the passed namespace with // Open opens an existing channeldb created under the passed namespace with
@ -66,12 +56,6 @@ func Open(dbPath string, netParams *chaincfg.Params) (*DB, error) {
return &DB{store: bdb, netParams: netParams}, nil return &DB{store: bdb, netParams: netParams}, nil
} }
// RegisterCryptoSystem registers an implementation of the EncryptorDecryptor
// interface for use within the database to encrypt/decrypt sensitive data.
func (d *DB) RegisterCryptoSystem(ed EncryptorDecryptor) {
d.cryptoSystem = ed
}
// Wipe completely deletes all saved state within all used buckets within the // Wipe completely deletes all saved state within all used buckets within the
// database. The deletion is done in a single transaction, therefore this // database. The deletion is done in a single transaction, therefore this
// operation is fully atomic. // operation is fully atomic.
@ -179,7 +163,7 @@ func (d *DB) FetchOpenChannels(nodeID *wire.ShaHash) ([]*OpenChannel, error) {
} }
oChannel, err := fetchOpenChannel(openChanBucket, oChannel, err := fetchOpenChannel(openChanBucket,
nodeChanBucket, chanID, d.cryptoSystem) nodeChanBucket, chanID)
if err != nil { if err != nil {
return err return err
} }