channeldb: remove EncryptorDecryptor interface
This commit removes the EncryptorDecryptor interface, and all related usage within channeldb. This interface is no longer needed as wallet specific secrets such as private keys are no longer stored within the database.
This commit is contained in:
Olaoluwa Osuntokun
parent
a28c011b0b
commit
dc00514c42
@ -200,7 +200,7 @@ func (c *OpenChannel) FullSync() error {
|
||||
chanIDBucket.Put(b.Bytes(), nil)
|
||||
}
|
||||
|
||||
return putOpenChannel(chanBucket, nodeChanBucket, c, c.Db.cryptoSystem)
|
||||
return putOpenChannel(chanBucket, nodeChanBucket, c)
|
||||
})
|
||||
}
|
||||
|
||||
@ -362,7 +362,7 @@ func putClosedChannelSummary(tx *bolt.Tx, chanID []byte) error {
|
||||
// putChannel serializes, and stores the current state of the channel in its
|
||||
// entirety.
|
||||
func putOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
||||
channel *OpenChannel, encryptor EncryptorDecryptor) error {
|
||||
channel *OpenChannel) error {
|
||||
|
||||
// First write out all the "common" fields using the field's prefix
|
||||
// appened with the channel's ID. These fields go into a top-level bucket
|
||||
@ -387,13 +387,13 @@ func putOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
||||
if err := putChannelIDs(nodeChanBucket, channel); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := putChanCommitKeys(nodeChanBucket, channel, encryptor); err != nil {
|
||||
if err := putChanCommitKeys(nodeChanBucket, channel); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := putChanCommitTxns(nodeChanBucket, channel); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := putChanFundingInfo(nodeChanBucket, channel, encryptor); err != nil {
|
||||
if err := putChanFundingInfo(nodeChanBucket, channel); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := putChanEklremState(nodeChanBucket, channel); err != nil {
|
||||
@ -411,7 +411,7 @@ func putOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
||||
// An EncryptorDecryptor is required to decrypt sensitive information stored
|
||||
// within the database.
|
||||
func fetchOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
||||
chanID *wire.OutPoint, decryptor EncryptorDecryptor) (*OpenChannel, error) {
|
||||
chanID *wire.OutPoint) (*OpenChannel, error) {
|
||||
|
||||
channel := &OpenChannel{
|
||||
ChanID: chanID,
|
||||
@ -421,13 +421,13 @@ func fetchOpenChannel(openChanBucket *bolt.Bucket, nodeChanBucket *bolt.Bucket,
|
||||
if err := fetchChannelIDs(nodeChanBucket, channel); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if err := fetchChanCommitKeys(nodeChanBucket, channel, decryptor); err != nil {
|
||||
if err := fetchChanCommitKeys(nodeChanBucket, channel); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if err := fetchChanCommitTxns(nodeChanBucket, channel); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if err := fetchChanFundingInfo(nodeChanBucket, channel, decryptor); err != nil {
|
||||
if err := fetchChanFundingInfo(nodeChanBucket, channel); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if err := fetchChanEklremState(nodeChanBucket, channel); err != nil {
|
||||
@ -791,8 +791,7 @@ func fetchChannelIDs(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func putChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel,
|
||||
ed EncryptorDecryptor) error {
|
||||
func putChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
|
||||
|
||||
// Construct the key which stores the commitment keys: ckk || channelID.
|
||||
// TODO(roasbeef): factor into func
|
||||
@ -829,8 +828,7 @@ func deleteChanCommitKeys(nodeChanBucket *bolt.Bucket, chanID []byte) error {
|
||||
return nodeChanBucket.Delete(commitKey)
|
||||
}
|
||||
|
||||
func fetchChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel,
|
||||
ed EncryptorDecryptor) error {
|
||||
func fetchChanCommitKeys(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
|
||||
|
||||
// Construct the key which stores the commitment keys: ckk || channelID.
|
||||
// TODO(roasbeef): factor into func
|
||||
@ -939,9 +937,7 @@ func fetchChanCommitTxns(nodeChanBucket *bolt.Bucket, channel *OpenChannel) erro
|
||||
return nil
|
||||
}
|
||||
|
||||
func putChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel,
|
||||
ed EncryptorDecryptor) error {
|
||||
|
||||
func putChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
|
||||
var bc bytes.Buffer
|
||||
if err := writeOutpoint(&bc, channel.ChanID); err != nil {
|
||||
return err
|
||||
@ -989,9 +985,7 @@ func deleteChanFundingInfo(nodeChanBucket *bolt.Bucket, chanID []byte) error {
|
||||
return nodeChanBucket.Delete(fundTxnKey)
|
||||
}
|
||||
|
||||
func fetchChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel,
|
||||
ed EncryptorDecryptor) error {
|
||||
|
||||
func fetchChanFundingInfo(nodeChanBucket *bolt.Bucket, channel *OpenChannel) error {
|
||||
var b bytes.Buffer
|
||||
if err := writeOutpoint(&b, channel.ChanID); err != nil {
|
||||
return err
|
||||
|
||||
@ -78,23 +78,6 @@ var (
|
||||
}
|
||||
)
|
||||
|
||||
type MockEncryptorDecryptor struct {
|
||||
}
|
||||
|
||||
func (m *MockEncryptorDecryptor) Encrypt(n []byte) ([]byte, error) {
|
||||
return n, nil
|
||||
}
|
||||
|
||||
func (m *MockEncryptorDecryptor) Decrypt(n []byte) ([]byte, error) {
|
||||
return n, nil
|
||||
}
|
||||
|
||||
func (m *MockEncryptorDecryptor) OverheadSize() uint32 {
|
||||
return 0
|
||||
}
|
||||
|
||||
var _ EncryptorDecryptor = (*MockEncryptorDecryptor)(nil)
|
||||
|
||||
func TestOpenChannelPutGetDelete(t *testing.T) {
|
||||
// First, create a temporary directory to be used for the duration of
|
||||
// this test.
|
||||
@ -111,7 +94,6 @@ func TestOpenChannelPutGetDelete(t *testing.T) {
|
||||
if err != nil {
|
||||
t.Fatalf("unable to create channeldb: %v", err)
|
||||
}
|
||||
cdb.RegisterCryptoSystem(&MockEncryptorDecryptor{})
|
||||
defer cdb.Close()
|
||||
|
||||
privKey, pubKey := btcec.PrivKeyFromBytes(btcec.S256(), key[:])
|
||||
|
||||
@ -27,14 +27,6 @@ var bufPool = &sync.Pool{
|
||||
New: func() interface{} { return new(bytes.Buffer) },
|
||||
}
|
||||
|
||||
// EncryptorDecryptor...
|
||||
// TODO(roasbeef): ability to rotate EncryptorDecryptor's across DB
|
||||
type EncryptorDecryptor interface {
|
||||
Encrypt(in []byte) ([]byte, error)
|
||||
Decrypt(in []byte) ([]byte, error)
|
||||
OverheadSize() uint32
|
||||
}
|
||||
|
||||
// DB is the primary datastore for the LND daemon. The database stores
|
||||
// information related to nodes, routing data, open/closed channels, fee
|
||||
// schedules, and reputation data.
|
||||
@ -42,8 +34,6 @@ type DB struct {
|
||||
store *bolt.DB
|
||||
|
||||
netParams *chaincfg.Params
|
||||
|
||||
cryptoSystem EncryptorDecryptor
|
||||
}
|
||||
|
||||
// Open opens an existing channeldb created under the passed namespace with
|
||||
@ -66,12 +56,6 @@ func Open(dbPath string, netParams *chaincfg.Params) (*DB, error) {
|
||||
return &DB{store: bdb, netParams: netParams}, nil
|
||||
}
|
||||
|
||||
// RegisterCryptoSystem registers an implementation of the EncryptorDecryptor
|
||||
// interface for use within the database to encrypt/decrypt sensitive data.
|
||||
func (d *DB) RegisterCryptoSystem(ed EncryptorDecryptor) {
|
||||
d.cryptoSystem = ed
|
||||
}
|
||||
|
||||
// Wipe completely deletes all saved state within all used buckets within the
|
||||
// database. The deletion is done in a single transaction, therefore this
|
||||
// operation is fully atomic.
|
||||
@ -179,7 +163,7 @@ func (d *DB) FetchOpenChannels(nodeID *wire.ShaHash) ([]*OpenChannel, error) {
|
||||
}
|
||||
|
||||
oChannel, err := fetchOpenChannel(openChanBucket,
|
||||
nodeChanBucket, chanID, d.cryptoSystem)
|
||||
nodeChanBucket, chanID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user