diff options
| author | Joey Hess <joeyh@joeyh.name> | 2017-04-27 15:26:50 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2017-04-27 15:55:39 -0400 |
| commit | 686dcc8b172b77e3e612ba4badbb88879d0f5599 (patch) | |
| tree | 5dd568eb15fe1a64a0c77adda8901509396ebd73 /PrevActivity.hs | |
| parent | f6a9cd9c705850a19e2677150c1168bea1a7a9c7 (diff) | |
| download | debug-me-686dcc8b172b77e3e612ba4badbb88879d0f5599.tar.gz | |
Leave the prevMessage out of Activity serialization to save BW.
Do include it in the data that gets signed, so it can be recovered
by trying each likely (recently seen) Activity as the prevMessage, and
checking the signature.
The UserState and DeveloperState already had the necessary state about
recently seen hashes, so this does not impact data use.
One tricky bit is that relayFromSocket needs to wait for the TMChan
to be empty before calling restorePrevActivityHash. Otherwise, the
hashes of items in the channel that have not been processed yet won't be
tried. The TMChan is not really being used as a channel since only 1
item can be in it. It could be converted to a TMVar, but closeTMChan is
used so I left it as a channel.
Note that the server does not restore hashes of messages that pass
through it; it's just a dumb relay.
Sending a single key press now only needs 94 bytes of data to be sent,
down from 169!
---
Also switched to SHA512, since hashes are no longer being sent over
the wire and so the larger size does not matter. SHA512 is slightly
faster and more secure.
This commit was sponsored by Ewen McNeill.
Diffstat (limited to 'PrevActivity.hs')
| -rw-r--r-- | PrevActivity.hs | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/PrevActivity.hs b/PrevActivity.hs new file mode 100644 index 0000000..32e647d --- /dev/null +++ b/PrevActivity.hs @@ -0,0 +1,43 @@ +module PrevActivity where + +import Types +import Crypto + +import Control.Concurrent.STM + +-- | Remove the prevActivity from a message. Doing this before sending +-- it over the wire saves transmitting that data, without weakening +-- security at all. +removePrevActivityHash :: AnyMessage -> AnyMessage +removePrevActivityHash msg = case msg of + User (ActivityMessage a) -> User (go a) + Developer (ActivityMessage a) -> Developer (go a) + _ -> msg + where + go a = ActivityMessage $ a { prevActivity = Nothing } + +type RecentActivity = STM (SigVerifier, [Hash]) + +noRecentActivity :: RecentActivity +noRecentActivity = return (mempty, []) + +-- | Restore the prevActivity to a message received without one. +-- This needs a RecentActivity cache, and it tries hashes from that cache +-- as the prevActivity until it finds one that makes the message's +-- signature verify. +restorePrevActivityHash :: RecentActivity -> AnyMessage -> STM AnyMessage +restorePrevActivityHash ra msg = case msg of + User (ActivityMessage act) -> + User . ActivityMessage <$> (go act =<< ra) + Developer (ActivityMessage act) -> + Developer . ActivityMessage <$> (go act =<< ra) + User (ControlMessage {}) -> return msg + Developer (ControlMessage {}) -> return msg + + where + go act (_, []) = return act + go act (sigverifier, (h:hs)) = do + let act' = act { prevActivity = Just h } + if verifySigned sigverifier act' + then return act' + else go act (sigverifier, hs) |