Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Avoid extra key fetching on hash check #490

Merged
merged 4 commits into from
Feb 7, 2022

Conversation

Lagovas
Copy link
Collaborator

@Lagovas Lagovas commented Feb 4, 2022

Noticed that acra-server inefficiently matches searchable envelopes. It checks only hash header that now should contain first byte zero (0) and have > 32 byte length (sha256). If payload has first byte 0 and 32 bytes more than acra-server decide that probably it is searchable envelope and tries to check it by getting HMAC key and hashing. But it may verify remain payload that it has known signature of any CryptoEnvelope, try to detect other 3 types of headers (acrastruct, acrablock, serialized container). It takes less of computational time than getting HMAC key. Because key is private and encrypted. So we should decrypt it even if it stored in local cache. If it is not in a cache then we should make syscall and read file from file system keystore or even make remote request to Redis (one another keystore backend) just to check that payload is a trash, not a ciphertext.

So, here were added EnvelopeMatcher that uses existing EnvelopeDetector that matches new versioned envelopes and OldContainerDetectorWrapper to match pure AcraStruct/AcraBlock signatures. It uses matchers without any callbacks that make any decryption or other expensive operations, they only try to match signatures in a loop and if finds then up flag about it.

And updated hmac.Processor to use this matcher. If processor matches valid hash signature then it tries to match remain payload to known ciphertext headers. And only after successful check it will do next steps with getting key and verification hashes.

Checklist

add generate command to auto-generate mocks for keystore
update existing mocks according to changes in interfaces
Copy link
Collaborator

@vixentael vixentael left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👏👏👏👏

@Lagovas Lagovas merged commit 68dadaa into master Feb 7, 2022
@Lagovas Lagovas deleted the lagovas/avoid-extra-key-fetching-on-hash-check branch February 7, 2022 18:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants