channeldb: remove EncryptorDecryptor interface
This commit removes the EncryptorDecryptor interface, and all related usage within channeldb. This interface is no longer needed as wallet specific secrets such as private keys are no longer stored within the database.
This commit is contained in:
parent
a28c011b0b
commit
dc00514c42
@ -200,7 +200,7 @@ func (c *OpenChannel) FullSync() error {
|
|||||||
chanIDBucket.Put(b.Bytes(), nil)
|
chanIDBucket.Put(b.Bytes(), nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
return putOpenChannel(chanBucket, nodeChanBucket, c, c.Db.cryptoSystem)
|
return putOpenChannel(chanBucket, nodeChanBucket, c)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -362,7 +362,7 @@ func putClosedChannelSummary(tx *bolt.Tx, chanID []byte) error {
|
|||||||
// putChannel serializes, and stores the current state of the channel in its
|
// putChannel serializes, and stores the current state of the channel in its
|
||||||
// entirety.
|
// entirety.
|
||||||
func putOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
func putOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
||||||
channel *OpenChannel, encryptor EncryptorDecryptor) error {
|
channel *OpenChannel) error {
|
||||||
|
|
||||||
// First write out all the "common" fields using the field's prefix
|
// First write out all the "common" fields using the field's prefix
|
||||||
// appened with the channel's ID. These fields go into a top-level bucket
|
// appened with the channel's ID. These fields go into a top-level bucket
|
||||||
@ -387,13 +387,13 @@ func putOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
|||||||
if err := putChannelIDs(nodeChanBucket, channel); err != nil {
|
if err := putChannelIDs(nodeChanBucket, channel); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if err := putChanCommitKeys(nodeChanBucket, channel, encryptor); err != nil {
|
if err := putChanCommitKeys(nodeChanBucket, channel); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if err := putChanCommitTxns(nodeChanBucket, channel); err != nil {
|
if err := putChanCommitTxns(nodeChanBucket, channel); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if err := putChanFundingInfo(nodeChanBucket, channel, encryptor); err != nil {
|
if err := putChanFundingInfo(nodeChanBucket, channel); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if err := putChanEklremState(nodeChanBucket, channel); err != nil {
|
if err := putChanEklremState(nodeChanBucket, channel); err != nil {
|
||||||
@ -411,7 +411,7 @@ func putOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
|||||||
// An EncryptorDecryptor is required to decrypt sensitive information stored
|
// An EncryptorDecryptor is required to decrypt sensitive information stored
|
||||||
// within the database.
|
// within the database.
|
||||||
func fetchOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
func fetchOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
||||||
chanID *wire.OutPoint, decryptor EncryptorDecryptor) (*OpenChannel, error) {
|
chanID *wire.OutPoint) (*OpenChannel, error) {
|
||||||
|
|
||||||
channel := &OpenChannel{
|
channel := &OpenChannel{
|
||||||
ChanID: chanID,
|
ChanID: chanID,
|
||||||
@ -421,13 +421,13 @@ func fetchOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
|||||||
if err := fetchChannelIDs(nodeChanBucket, channel); err != nil {
|
if err := fetchChannelIDs(nodeChanBucket, channel); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
if err := fetchChanCommitKeys(nodeChanBucket, channel, decryptor); err != nil {
|
if err := fetchChanCommitKeys(nodeChanBucket, channel); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
if err := fetchChanCommitTxns(nodeChanBucket, channel); err != nil {
|
if err := fetchChanCommitTxns(nodeChanBucket, channel); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
if err := fetchChanFundingInfo(nodeChanBucket, channel, decryptor); err != nil {
|
if err := fetchChanFundingInfo(nodeChanBucket, channel); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
if err := fetchChanEklremState(nodeChanBucket, channel); err != nil {
|
if err := fetchChanEklremState(nodeChanBucket, channel); err != nil {
|
||||||
@ -791,8 +791,7 @@ func fetchChannelIDs(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func putChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel,
|
func putChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
|
||||||
ed EncryptorDecryptor) error {
|
|
||||||
|
|
||||||
// Construct the key which stores the commitment keys: ckk || channelID.
|
// Construct the key which stores the commitment keys: ckk || channelID.
|
||||||
// TODO(roasbeef): factor into func
|
// TODO(roasbeef): factor into func
|
||||||
@ -829,8 +828,7 @@ func deleteChanCommitKeys(nodeChanBucket *bolt.Bucket, chanID []byte) error {
|
|||||||
return nodeChanBucket.Delete(commitKey)
|
return nodeChanBucket.Delete(commitKey)
|
||||||
}
|
}
|
||||||
|
|
||||||
func fetchChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel,
|
func fetchChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
|
||||||
ed EncryptorDecryptor) error {
|
|
||||||
|
|
||||||
// Construct the key which stores the commitment keys: ckk || channelID.
|
// Construct the key which stores the commitment keys: ckk || channelID.
|
||||||
// TODO(roasbeef): factor into func
|
// TODO(roasbeef): factor into func
|
||||||
@ -939,9 +937,7 @@ func fetchChanCommitTxns(nodeChanBucket *bolt.Bucket, channel *OpenChannel) erro
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func putChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel,
|
func putChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
|
||||||
ed EncryptorDecryptor) error {
|
|
||||||
|
|
||||||
var bc bytes.Buffer
|
var bc bytes.Buffer
|
||||||
if err := writeOutpoint(&bc, channel.ChanID); err != nil {
|
if err := writeOutpoint(&bc, channel.ChanID); err != nil {
|
||||||
return err
|
return err
|
||||||
@ -989,9 +985,7 @@ func deleteChanFundingInfo(nodeChanBucket *bolt.Bucket, chanID []byte) error {
|
|||||||
return nodeChanBucket.Delete(fundTxnKey)
|
return nodeChanBucket.Delete(fundTxnKey)
|
||||||
}
|
}
|
||||||
|
|
||||||
func fetchChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel,
|
func fetchChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
|
||||||
ed EncryptorDecryptor) error {
|
|
||||||
|
|
||||||
var b bytes.Buffer
|
var b bytes.Buffer
|
||||||
if err := writeOutpoint(&b, channel.ChanID); err != nil {
|
if err := writeOutpoint(&b, channel.ChanID); err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -78,23 +78,6 @@ var (
|
|||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
type MockEncryptorDecryptor struct {
|
|
||||||
}
|
|
||||||
|
|
||||||
func (m *MockEncryptorDecryptor) Encrypt(n []byte) ([]byte, error) {
|
|
||||||
return n, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (m *MockEncryptorDecryptor) Decrypt(n []byte) ([]byte, error) {
|
|
||||||
return n, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (m *MockEncryptorDecryptor) OverheadSize() uint32 {
|
|
||||||
return 0
|
|
||||||
}
|
|
||||||
|
|
||||||
var _ EncryptorDecryptor = (*MockEncryptorDecryptor)(nil)
|
|
||||||
|
|
||||||
func TestOpenChannelPutGetDelete(t *testing.T) {
|
func TestOpenChannelPutGetDelete(t *testing.T) {
|
||||||
// First, create a temporary directory to be used for the duration of
|
// First, create a temporary directory to be used for the duration of
|
||||||
// this test.
|
// this test.
|
||||||
@ -111,7 +94,6 @@ func TestOpenChannelPutGetDelete(t *testing.T) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("unable to create channeldb: %v", err)
|
t.Fatalf("unable to create channeldb: %v", err)
|
||||||
}
|
}
|
||||||
cdb.RegisterCryptoSystem(&MockEncryptorDecryptor{})
|
|
||||||
defer cdb.Close()
|
defer cdb.Close()
|
||||||
|
|
||||||
privKey, pubKey := btcec.PrivKeyFromBytes(btcec.S256(), key[:])
|
privKey, pubKey := btcec.PrivKeyFromBytes(btcec.S256(), key[:])
|
||||||
|
@ -27,14 +27,6 @@ var bufPool = &sync.Pool{
|
|||||||
New: func() interface{} { return new(bytes.Buffer) },
|
New: func() interface{} { return new(bytes.Buffer) },
|
||||||
}
|
}
|
||||||
|
|
||||||
// EncryptorDecryptor...
|
|
||||||
// TODO(roasbeef): ability to rotate EncryptorDecryptor's across DB
|
|
||||||
type EncryptorDecryptor interface {
|
|
||||||
Encrypt(in []byte) ([]byte, error)
|
|
||||||
Decrypt(in []byte) ([]byte, error)
|
|
||||||
OverheadSize() uint32
|
|
||||||
}
|
|
||||||
|
|
||||||
// DB is the primary datastore for the LND daemon. The database stores
|
// DB is the primary datastore for the LND daemon. The database stores
|
||||||
// information related to nodes, routing data, open/closed channels, fee
|
// information related to nodes, routing data, open/closed channels, fee
|
||||||
// schedules, and reputation data.
|
// schedules, and reputation data.
|
||||||
@ -42,8 +34,6 @@ type DB struct {
|
|||||||
store *bolt.DB
|
store *bolt.DB
|
||||||
|
|
||||||
netParams *chaincfg.Params
|
netParams *chaincfg.Params
|
||||||
|
|
||||||
cryptoSystem EncryptorDecryptor
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Open opens an existing channeldb created under the passed namespace with
|
// Open opens an existing channeldb created under the passed namespace with
|
||||||
@ -66,12 +56,6 @@ func Open(dbPath string, netParams *chaincfg.Params) (*DB, error) {
|
|||||||
return &DB{store: bdb, netParams: netParams}, nil
|
return &DB{store: bdb, netParams: netParams}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// RegisterCryptoSystem registers an implementation of the EncryptorDecryptor
|
|
||||||
// interface for use within the database to encrypt/decrypt sensitive data.
|
|
||||||
func (d *DB) RegisterCryptoSystem(ed EncryptorDecryptor) {
|
|
||||||
d.cryptoSystem = ed
|
|
||||||
}
|
|
||||||
|
|
||||||
// Wipe completely deletes all saved state within all used buckets within the
|
// Wipe completely deletes all saved state within all used buckets within the
|
||||||
// database. The deletion is done in a single transaction, therefore this
|
// database. The deletion is done in a single transaction, therefore this
|
||||||
// operation is fully atomic.
|
// operation is fully atomic.
|
||||||
@ -179,7 +163,7 @@ func (d *DB) FetchOpenChannels(nodeID *wire.ShaHash) ([]*OpenChannel, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
oChannel, err := fetchOpenChannel(openChanBucket,
|
oChannel, err := fetchOpenChannel(openChanBucket,
|
||||||
nodeChanBucket, chanID, d.cryptoSystem)
|
nodeChanBucket, chanID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user