improve naming in decryption keys message validation

fredo · fredo · commit 6943d923375b · 2024-07-15T12:35:13.000+02:00
diff --git a/rolling-shutter/keyper/epochkghandler/key.go b/rolling-shutter/keyper/epochkghandler/key.go
@@ -32,15 +32,15 @@ func (*DecryptionKeyHandler) MessagePrototypes() []p2pmsg.Message {
 }
 
 func (handler *DecryptionKeyHandler) ValidateMessage(ctx context.Context, msg p2pmsg.Message) (pubsub.ValidationResult, error) {
-	key := msg.(*p2pmsg.DecryptionKeys)
-	if key.GetInstanceID() != handler.config.GetInstanceID() {
+	decryptionKeys := msg.(*p2pmsg.DecryptionKeys)
+	if decryptionKeys.GetInstanceID() != handler.config.GetInstanceID() {
 		return pubsub.ValidationReject,
-			errors.Errorf("instance ID mismatch (want=%d, have=%d)", handler.config.GetInstanceID(), key.GetInstanceID())
+			errors.Errorf("instance ID mismatch (want=%d, have=%d)", handler.config.GetInstanceID(), decryptionKeys.GetInstanceID())
 	}
 
-	eon, err := medley.Uint64ToInt64Safe(key.Eon)
+	eon, err := medley.Uint64ToInt64Safe(decryptionKeys.Eon)
 	if err != nil {
-		return pubsub.ValidationReject, errors.Wrapf(err, "overflow error while converting eon to int64 %d", key.Eon)
+		return pubsub.ValidationReject, errors.Wrapf(err, "overflow error while converting eon to int64 %d", decryptionKeys.Eon)
 	}
 
 	queries := database.New(handler.dbpool)
@@ -69,40 +69,40 @@ func (handler *DecryptionKeyHandler) ValidateMessage(ctx context.Context, msg p2
 		return pubsub.ValidationReject, errors.Wrapf(err, "error while decoding pure DKG result for eon %d", eon)
 	}
 
-	if len(key.Keys) == 0 {
+	if len(decryptionKeys.Keys) == 0 {
 		return pubsub.ValidationReject, errors.New("no keys in message")
 	}
-	if len(key.Keys) > int(handler.config.GetMaxNumKeysPerMessage()) {
+	if len(decryptionKeys.Keys) > int(handler.config.GetMaxNumKeysPerMessage()) {
 		return pubsub.ValidationReject, errors.Errorf(
 			"too many keys in message (%d > %d)",
-			len(key.Keys),
+			len(decryptionKeys.Keys),
 			handler.config.GetMaxNumKeysPerMessage(),
 		)
 	}
 
-	validationResult, err := checkKeysErrors(ctx, key, pureDKGResult, queries)
+	validationResult, err := checkKeysErrors(ctx, decryptionKeys, pureDKGResult, queries)
 	return validationResult, err
 }
 
-func checkKeysErrors(ctx context.Context, msg *p2pmsg.DecryptionKeys, pureDKGResult *puredkg.Result, queries *database.Queries) (pubsub.ValidationResult, error) {
+func checkKeysErrors(ctx context.Context, decryptionKeys *p2pmsg.DecryptionKeys, pureDKGResult *puredkg.Result, queries *database.Queries) (pubsub.ValidationResult, error) {
 
-	for i, k := range msg.Keys {
+	for i, k := range decryptionKeys.Keys {
 		epochSecretKey, err := k.GetEpochSecretKey()
 		if err != nil {
 			return pubsub.ValidationReject, err
 		}
-		eon, err := medley.Uint64ToInt64Safe(msg.Eon)
+		eon, err := medley.Uint64ToInt64Safe(decryptionKeys.Eon)
 		if err != nil {
-			return pubsub.ValidationReject, errors.Wrapf(err, "overflow error while converting eon to int64 %d", msg.Eon)
+			return pubsub.ValidationReject, errors.Wrapf(err, "overflow error while converting eon to int64 %d", decryptionKeys.Eon)
 		}
-		decryptionKey, err := queries.GetDecryptionKey(ctx, database.GetDecryptionKeyParams{
+		existingDecryptionKey, err := queries.GetDecryptionKey(ctx, database.GetDecryptionKeyParams{
 			Eon:     eon,
 			EpochID: k.GetIdentity(),
 		})
 		if err != nil && !errors.Is(err, pgx.ErrNoRows) {
 			return pubsub.ValidationReject, errors.Wrapf(err, "failed to get decryption key for identity %x from db", k.Identity)
 		}
-		if bytes.Equal(k.Key, decryptionKey.DecryptionKey) {
+		if bytes.Equal(k.Key, existingDecryptionKey.DecryptionKey) {
 			continue
 		}
 		ok, err := shcrypto.VerifyEpochSecretKey(epochSecretKey, pureDKGResult.PublicKey, k.Identity)
@@ -113,7 +113,7 @@ func checkKeysErrors(ctx context.Context, msg *p2pmsg.DecryptionKeys, pureDKGRes
 			return pubsub.ValidationReject, errors.Errorf("epoch secret key for identity %x is not valid", k.Identity)
 		}
 
-		if i > 0 && bytes.Compare(k.Identity, msg.Keys[i-1].Identity) < 0 {
+		if i > 0 && bytes.Compare(k.Identity, decryptionKeys.Keys[i-1].Identity) < 0 {
 			return pubsub.ValidationReject, errors.Errorf("keys not ordered")
 		}
 	}

Original file line number	Diff line number	Diff line change
`@@ -32,15 +32,15 @@ func (*DecryptionKeyHandler) MessagePrototypes() []p2pmsg.Message {`
`32`	`32`	`}`
`33`	`33`
`34`	`34`	`func (handler *DecryptionKeyHandler) ValidateMessage(ctx context.Context, msg p2pmsg.Message) (pubsub.ValidationResult, error) {`
`35`		`- key := msg.(*p2pmsg.DecryptionKeys)`
`36`		`- if key.GetInstanceID() != handler.config.GetInstanceID() {`
	`35`	`+ decryptionKeys := msg.(*p2pmsg.DecryptionKeys)`
	`36`	`+ if decryptionKeys.GetInstanceID() != handler.config.GetInstanceID() {`
`37`	`37`	`return pubsub.ValidationReject,`
`38`		`- errors.Errorf("instance ID mismatch (want=%d, have=%d)", handler.config.GetInstanceID(), key.GetInstanceID())`
	`38`	`+ errors.Errorf("instance ID mismatch (want=%d, have=%d)", handler.config.GetInstanceID(), decryptionKeys.GetInstanceID())`
`39`	`39`	`}`
`40`	`40`
`41`		`- eon, err := medley.Uint64ToInt64Safe(key.Eon)`
	`41`	`+ eon, err := medley.Uint64ToInt64Safe(decryptionKeys.Eon)`
`42`	`42`	`if err != nil {`
`43`		`- return pubsub.ValidationReject, errors.Wrapf(err, "overflow error while converting eon to int64 %d", key.Eon)`
	`43`	`+ return pubsub.ValidationReject, errors.Wrapf(err, "overflow error while converting eon to int64 %d", decryptionKeys.Eon)`
`44`	`44`	`}`
`45`	`45`
`46`	`46`	`queries := database.New(handler.dbpool)`
`@@ -69,40 +69,40 @@ func (handler *DecryptionKeyHandler) ValidateMessage(ctx context.Context, msg p2`
`69`	`69`	`return pubsub.ValidationReject, errors.Wrapf(err, "error while decoding pure DKG result for eon %d", eon)`
`70`	`70`	`}`
`71`	`71`
`72`		`- if len(key.Keys) == 0 {`
	`72`	`+ if len(decryptionKeys.Keys) == 0 {`
`73`	`73`	`return pubsub.ValidationReject, errors.New("no keys in message")`
`74`	`74`	`}`
`75`		`- if len(key.Keys) > int(handler.config.GetMaxNumKeysPerMessage()) {`
	`75`	`+ if len(decryptionKeys.Keys) > int(handler.config.GetMaxNumKeysPerMessage()) {`
`76`	`76`	`return pubsub.ValidationReject, errors.Errorf(`
`77`	`77`	`"too many keys in message (%d > %d)",`
`78`		`- len(key.Keys),`
	`78`	`+ len(decryptionKeys.Keys),`
`79`	`79`	`handler.config.GetMaxNumKeysPerMessage(),`
`80`	`80`	`)`
`81`	`81`	`}`
`82`	`82`
`83`		`- validationResult, err := checkKeysErrors(ctx, key, pureDKGResult, queries)`
	`83`	`+ validationResult, err := checkKeysErrors(ctx, decryptionKeys, pureDKGResult, queries)`
`84`	`84`	`return validationResult, err`
`85`	`85`	`}`
`86`	`86`
`87`		`-func checkKeysErrors(ctx context.Context, msg p2pmsg.DecryptionKeys, pureDKGResult puredkg.Result, queries *database.Queries) (pubsub.ValidationResult, error) {`
	`87`	`+func checkKeysErrors(ctx context.Context, decryptionKeys p2pmsg.DecryptionKeys, pureDKGResult puredkg.Result, queries *database.Queries) (pubsub.ValidationResult, error) {`
`88`	`88`
`89`		`- for i, k := range msg.Keys {`
	`89`	`+ for i, k := range decryptionKeys.Keys {`
`90`	`90`	`epochSecretKey, err := k.GetEpochSecretKey()`
`91`	`91`	`if err != nil {`
`92`	`92`	`return pubsub.ValidationReject, err`
`93`	`93`	`}`
`94`		`- eon, err := medley.Uint64ToInt64Safe(msg.Eon)`
	`94`	`+ eon, err := medley.Uint64ToInt64Safe(decryptionKeys.Eon)`
`95`	`95`	`if err != nil {`
`96`		`- return pubsub.ValidationReject, errors.Wrapf(err, "overflow error while converting eon to int64 %d", msg.Eon)`
	`96`	`+ return pubsub.ValidationReject, errors.Wrapf(err, "overflow error while converting eon to int64 %d", decryptionKeys.Eon)`
`97`	`97`	`}`
`98`		`- decryptionKey, err := queries.GetDecryptionKey(ctx, database.GetDecryptionKeyParams{`
	`98`	`+ existingDecryptionKey, err := queries.GetDecryptionKey(ctx, database.GetDecryptionKeyParams{`
`99`	`99`	`Eon: eon,`
`100`	`100`	`EpochID: k.GetIdentity(),`
`101`	`101`	`})`
`102`	`102`	`if err != nil && !errors.Is(err, pgx.ErrNoRows) {`
`103`	`103`	`return pubsub.ValidationReject, errors.Wrapf(err, "failed to get decryption key for identity %x from db", k.Identity)`
`104`	`104`	`}`
`105`		`- if bytes.Equal(k.Key, decryptionKey.DecryptionKey) {`
	`105`	`+ if bytes.Equal(k.Key, existingDecryptionKey.DecryptionKey) {`
`106`	`106`	`continue`
`107`	`107`	`}`
`108`	`108`	`ok, err := shcrypto.VerifyEpochSecretKey(epochSecretKey, pureDKGResult.PublicKey, k.Identity)`
`@@ -113,7 +113,7 @@ func checkKeysErrors(ctx context.Context, msg *p2pmsg.DecryptionKeys, pureDKGRes`
`113`	`113`	`return pubsub.ValidationReject, errors.Errorf("epoch secret key for identity %x is not valid", k.Identity)`
`114`	`114`	`}`
`115`	`115`
`116`		`- if i > 0 && bytes.Compare(k.Identity, msg.Keys[i-1].Identity) < 0 {`
	`116`	`+ if i > 0 && bytes.Compare(k.Identity, decryptionKeys.Keys[i-1].Identity) < 0 {`
`117`	`117`	`return pubsub.ValidationReject, errors.Errorf("keys not ordered")`
`118`	`118`	`}`
`119`	`119`	`}`