github.com/clem109/go-ethereum@v1.8.3-0.20180316121352-fe6cf00f480a/p2p/enr/enr.go (about) 1 // Copyright 2017 The go-ethereum Authors 2 // This file is part of the go-ethereum library. 3 // 4 // The go-ethereum library is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU Lesser General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // The go-ethereum library is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU Lesser General Public License for more details. 13 // 14 // You should have received a copy of the GNU Lesser General Public License 15 // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>. 16 17 // Package enr implements Ethereum Node Records as defined in EIP-778. A node record holds 18 // arbitrary information about a node on the peer-to-peer network. 19 // 20 // Records contain named keys. To store and retrieve key/values in a record, use the Entry 21 // interface. 22 // 23 // Records must be signed before transmitting them to another node. Decoding a record verifies 24 // its signature. When creating a record, set the entries you want, then call Sign to add the 25 // signature. Modifying a record invalidates the signature. 26 // 27 // Package enr supports the "secp256k1-keccak" identity scheme. 28 package enr 29 30 import ( 31 "bytes" 32 "crypto/ecdsa" 33 "errors" 34 "fmt" 35 "io" 36 "sort" 37 38 "github.com/ethereum/go-ethereum/crypto" 39 "github.com/ethereum/go-ethereum/crypto/sha3" 40 "github.com/ethereum/go-ethereum/rlp" 41 ) 42 43 const SizeLimit = 300 // maximum encoded size of a node record in bytes 44 45 const ID_SECP256k1_KECCAK = ID("secp256k1-keccak") // the default identity scheme 46 47 var ( 48 errNoID = errors.New("unknown or unspecified identity scheme") 49 errInvalidSigsize = errors.New("invalid signature size") 50 errInvalidSig = errors.New("invalid signature") 51 errNotSorted = errors.New("record key/value pairs are not sorted by key") 52 errDuplicateKey = errors.New("record contains duplicate key") 53 errIncompletePair = errors.New("record contains incomplete k/v pair") 54 errTooBig = fmt.Errorf("record bigger than %d bytes", SizeLimit) 55 errEncodeUnsigned = errors.New("can't encode unsigned record") 56 errNotFound = errors.New("no such key in record") 57 ) 58 59 // Record represents a node record. The zero value is an empty record. 60 type Record struct { 61 seq uint64 // sequence number 62 signature []byte // the signature 63 raw []byte // RLP encoded record 64 pairs []pair // sorted list of all key/value pairs 65 } 66 67 // pair is a key/value pair in a record. 68 type pair struct { 69 k string 70 v rlp.RawValue 71 } 72 73 // Signed reports whether the record has a valid signature. 74 func (r *Record) Signed() bool { 75 return r.signature != nil 76 } 77 78 // Seq returns the sequence number. 79 func (r *Record) Seq() uint64 { 80 return r.seq 81 } 82 83 // SetSeq updates the record sequence number. This invalidates any signature on the record. 84 // Calling SetSeq is usually not required because signing the redord increments the 85 // sequence number. 86 func (r *Record) SetSeq(s uint64) { 87 r.signature = nil 88 r.raw = nil 89 r.seq = s 90 } 91 92 // Load retrieves the value of a key/value pair. The given Entry must be a pointer and will 93 // be set to the value of the entry in the record. 94 // 95 // Errors returned by Load are wrapped in KeyError. You can distinguish decoding errors 96 // from missing keys using the IsNotFound function. 97 func (r *Record) Load(e Entry) error { 98 i := sort.Search(len(r.pairs), func(i int) bool { return r.pairs[i].k >= e.ENRKey() }) 99 if i < len(r.pairs) && r.pairs[i].k == e.ENRKey() { 100 if err := rlp.DecodeBytes(r.pairs[i].v, e); err != nil { 101 return &KeyError{Key: e.ENRKey(), Err: err} 102 } 103 return nil 104 } 105 return &KeyError{Key: e.ENRKey(), Err: errNotFound} 106 } 107 108 // Set adds or updates the given entry in the record. 109 // It panics if the value can't be encoded. 110 func (r *Record) Set(e Entry) { 111 r.signature = nil 112 r.raw = nil 113 blob, err := rlp.EncodeToBytes(e) 114 if err != nil { 115 panic(fmt.Errorf("enr: can't encode %s: %v", e.ENRKey(), err)) 116 } 117 118 i := sort.Search(len(r.pairs), func(i int) bool { return r.pairs[i].k >= e.ENRKey() }) 119 120 if i < len(r.pairs) && r.pairs[i].k == e.ENRKey() { 121 // element is present at r.pairs[i] 122 r.pairs[i].v = blob 123 return 124 } else if i < len(r.pairs) { 125 // insert pair before i-th elem 126 el := pair{e.ENRKey(), blob} 127 r.pairs = append(r.pairs, pair{}) 128 copy(r.pairs[i+1:], r.pairs[i:]) 129 r.pairs[i] = el 130 return 131 } 132 133 // element should be placed at the end of r.pairs 134 r.pairs = append(r.pairs, pair{e.ENRKey(), blob}) 135 } 136 137 // EncodeRLP implements rlp.Encoder. Encoding fails if 138 // the record is unsigned. 139 func (r Record) EncodeRLP(w io.Writer) error { 140 if !r.Signed() { 141 return errEncodeUnsigned 142 } 143 _, err := w.Write(r.raw) 144 return err 145 } 146 147 // DecodeRLP implements rlp.Decoder. Decoding verifies the signature. 148 func (r *Record) DecodeRLP(s *rlp.Stream) error { 149 raw, err := s.Raw() 150 if err != nil { 151 return err 152 } 153 if len(raw) > SizeLimit { 154 return errTooBig 155 } 156 157 // Decode the RLP container. 158 dec := Record{raw: raw} 159 s = rlp.NewStream(bytes.NewReader(raw), 0) 160 if _, err := s.List(); err != nil { 161 return err 162 } 163 if err = s.Decode(&dec.signature); err != nil { 164 return err 165 } 166 if err = s.Decode(&dec.seq); err != nil { 167 return err 168 } 169 // The rest of the record contains sorted k/v pairs. 170 var prevkey string 171 for i := 0; ; i++ { 172 var kv pair 173 if err := s.Decode(&kv.k); err != nil { 174 if err == rlp.EOL { 175 break 176 } 177 return err 178 } 179 if err := s.Decode(&kv.v); err != nil { 180 if err == rlp.EOL { 181 return errIncompletePair 182 } 183 return err 184 } 185 if i > 0 { 186 if kv.k == prevkey { 187 return errDuplicateKey 188 } 189 if kv.k < prevkey { 190 return errNotSorted 191 } 192 } 193 dec.pairs = append(dec.pairs, kv) 194 prevkey = kv.k 195 } 196 if err := s.ListEnd(); err != nil { 197 return err 198 } 199 200 // Verify signature. 201 if err = dec.verifySignature(); err != nil { 202 return err 203 } 204 *r = dec 205 return nil 206 } 207 208 type s256raw []byte 209 210 func (s256raw) ENRKey() string { return "secp256k1" } 211 212 // NodeAddr returns the node address. The return value will be nil if the record is 213 // unsigned. 214 func (r *Record) NodeAddr() []byte { 215 var entry s256raw 216 if r.Load(&entry) != nil { 217 return nil 218 } 219 return crypto.Keccak256(entry) 220 } 221 222 // Sign signs the record with the given private key. It updates the record's identity 223 // scheme, public key and increments the sequence number. Sign returns an error if the 224 // encoded record is larger than the size limit. 225 func (r *Record) Sign(privkey *ecdsa.PrivateKey) error { 226 r.seq = r.seq + 1 227 r.Set(ID_SECP256k1_KECCAK) 228 r.Set(Secp256k1(privkey.PublicKey)) 229 return r.signAndEncode(privkey) 230 } 231 232 func (r *Record) appendPairs(list []interface{}) []interface{} { 233 list = append(list, r.seq) 234 for _, p := range r.pairs { 235 list = append(list, p.k, p.v) 236 } 237 return list 238 } 239 240 func (r *Record) signAndEncode(privkey *ecdsa.PrivateKey) error { 241 // Put record elements into a flat list. Leave room for the signature. 242 list := make([]interface{}, 1, len(r.pairs)*2+2) 243 list = r.appendPairs(list) 244 245 // Sign the tail of the list. 246 h := sha3.NewKeccak256() 247 rlp.Encode(h, list[1:]) 248 sig, err := crypto.Sign(h.Sum(nil), privkey) 249 if err != nil { 250 return err 251 } 252 sig = sig[:len(sig)-1] // remove v 253 254 // Put signature in front. 255 r.signature, list[0] = sig, sig 256 r.raw, err = rlp.EncodeToBytes(list) 257 if err != nil { 258 return err 259 } 260 if len(r.raw) > SizeLimit { 261 return errTooBig 262 } 263 return nil 264 } 265 266 func (r *Record) verifySignature() error { 267 // Get identity scheme, public key, signature. 268 var id ID 269 var entry s256raw 270 if err := r.Load(&id); err != nil { 271 return err 272 } else if id != ID_SECP256k1_KECCAK { 273 return errNoID 274 } 275 if err := r.Load(&entry); err != nil { 276 return err 277 } else if len(entry) != 33 { 278 return fmt.Errorf("invalid public key") 279 } 280 281 // Verify the signature. 282 list := make([]interface{}, 0, len(r.pairs)*2+1) 283 list = r.appendPairs(list) 284 h := sha3.NewKeccak256() 285 rlp.Encode(h, list) 286 if !crypto.VerifySignature(entry, h.Sum(nil), r.signature) { 287 return errInvalidSig 288 } 289 return nil 290 }