Explicitly handling base58 key recovery errors (#396)

Author: jstuczyn

common/client-libs/directory-client/models/src/presence/coconodes.rs

@@ -21,8 +21,8 @@ pub enum ConversionError {
     InvalidKeyError,
 }
 
-impl From<identity::SignatureError> for ConversionError {
-    fn from(_: identity::SignatureError) -> Self {
+impl From<identity::KeyRecoveryError> for ConversionError {
+    fn from(_: identity::KeyRecoveryError) -> Self {
         ConversionError::InvalidKeyError
     }
 }

common/client-libs/directory-client/models/src/presence/gateways.rs

@@ -24,14 +24,14 @@ pub enum ConversionError {
     InvalidAddress(io::Error),
 }
 
-impl From<identity::SignatureError> for ConversionError {
-    fn from(_: identity::SignatureError) -> Self {
+impl From<identity::KeyRecoveryError> for ConversionError {
+    fn from(_: identity::KeyRecoveryError) -> Self {
         ConversionError::InvalidKeyError
     }
 }
 
-impl From<encryption::EncryptionKeyError> for ConversionError {
-    fn from(_: encryption::EncryptionKeyError) -> Self {
+impl From<encryption::KeyRecoveryError> for ConversionError {
+    fn from(_: encryption::KeyRecoveryError) -> Self {
         ConversionError::InvalidKeyError
     }
 }

common/client-libs/directory-client/models/src/presence/mixnodes.rs

@@ -24,8 +24,8 @@ pub enum ConversionError {
     InvalidAddress(io::Error),
 }
 
-impl From<encryption::EncryptionKeyError> for ConversionError {
-    fn from(_: encryption::EncryptionKeyError) -> Self {
+impl From<encryption::KeyRecoveryError> for ConversionError {
+    fn from(_: encryption::KeyRecoveryError) -> Self {
         ConversionError::InvalidKeyError
     }
 }

common/crypto/src/asymmetric/encryption/mod.rs

@@ -25,23 +25,31 @@ pub const PUBLIC_KEY_SIZE: usize = 32;
 /// Size of a X25519 shared secret
 pub const SHARED_SECRET_SIZE: usize = 32;
 
-#[derive(Clone, Copy, Eq, PartialEq, Hash, Debug)]
-pub enum EncryptionKeyError {
-    InvalidPublicKey,
-    InvalidPrivateKey,
+#[derive(Clone, Copy, Eq, PartialEq, Debug)]
+pub enum KeyRecoveryError {
+    InvalidPublicKeyBytes,
+    InvalidPrivateKeyBytes,
+    MalformedString(bs58::decode::Error),
+}
+
+impl From<bs58::decode::Error> for KeyRecoveryError {
+    fn from(err: bs58::decode::Error) -> Self {
+        KeyRecoveryError::MalformedString(err)
+    }
 }
 
 // required for std::error::Error
-impl Display for EncryptionKeyError {
+impl Display for KeyRecoveryError {
     fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
         match self {
-            EncryptionKeyError::InvalidPrivateKey => write!(f, "Invalid private key"),
-            EncryptionKeyError::InvalidPublicKey => write!(f, "Invalid public key"),
+            KeyRecoveryError::InvalidPrivateKeyBytes => write!(f, "Invalid private key bytes"),
+            KeyRecoveryError::InvalidPublicKeyBytes => write!(f, "Invalid public key bytes"),
+            KeyRecoveryError::MalformedString(err) => write!(f, "malformed string - {}", err),
         }
     }
 }
 
-impl std::error::Error for EncryptionKeyError {}
+impl std::error::Error for KeyRecoveryError {}
 
 pub struct KeyPair {
     pub(crate) private_key: PrivateKey,
@@ -72,7 +80,7 @@ impl KeyPair {
         &self.public_key
     }
 
-    pub fn from_bytes(priv_bytes: &[u8], pub_bytes: &[u8]) -> Result<Self, EncryptionKeyError> {
+    pub fn from_bytes(priv_bytes: &[u8], pub_bytes: &[u8]) -> Result<Self, KeyRecoveryError> {
         Ok(KeyPair {
             private_key: PrivateKey::from_bytes(priv_bytes)?,
             public_key: PublicKey::from_bytes(pub_bytes)?,
@@ -108,9 +116,9 @@ impl PublicKey {
         *self.0.as_bytes()
     }
 
-    pub fn from_bytes(b: &[u8]) -> Result<Self, EncryptionKeyError> {
+    pub fn from_bytes(b: &[u8]) -> Result<Self, KeyRecoveryError> {
         if b.len() != PUBLIC_KEY_SIZE {
-            return Err(EncryptionKeyError::InvalidPublicKey);
+            return Err(KeyRecoveryError::InvalidPublicKeyBytes);
         }
         let mut bytes = [0; PUBLIC_KEY_SIZE];
         bytes.copy_from_slice(&b[..PUBLIC_KEY_SIZE]);
@@ -121,16 +129,14 @@ impl PublicKey {
         bs58::encode(&self.to_bytes()).into_string()
     }
 
-    pub fn from_base58_string<S: Into<String>>(val: S) -> Result<Self, EncryptionKeyError> {
-        let bytes = bs58::decode(val.into())
-            .into_vec()
-            .expect("TODO: deal with this failure case");
+    pub fn from_base58_string<S: Into<String>>(val: S) -> Result<Self, KeyRecoveryError> {
+        let bytes = bs58::decode(val.into()).into_vec()?;
         Self::from_bytes(&bytes)
     }
 }
 
 impl PemStorableKey for PublicKey {
-    type Error = EncryptionKeyError;
+    type Error = KeyRecoveryError;
 
     fn pem_type() -> &'static str {
         "X25519 PUBLIC KEY"
@@ -159,9 +165,9 @@ impl PrivateKey {
         self.0.to_bytes()
     }
 
-    pub fn from_bytes(b: &[u8]) -> Result<Self, EncryptionKeyError> {
+    pub fn from_bytes(b: &[u8]) -> Result<Self, KeyRecoveryError> {
         if b.len() != PRIVATE_KEY_SIZE {
-            return Err(EncryptionKeyError::InvalidPrivateKey);
+            return Err(KeyRecoveryError::InvalidPrivateKeyBytes);
         }
         let mut bytes = [0; 32];
         bytes.copy_from_slice(&b[..PRIVATE_KEY_SIZE]);
@@ -172,10 +178,8 @@ impl PrivateKey {
         bs58::encode(&self.to_bytes()).into_string()
     }
 
-    pub fn from_base58_string<S: Into<String>>(val: S) -> Result<Self, EncryptionKeyError> {
-        let bytes = bs58::decode(val.into())
-            .into_vec()
-            .expect("TODO: deal with this failure case");
+    pub fn from_base58_string<S: Into<String>>(val: S) -> Result<Self, KeyRecoveryError> {
+        let bytes = bs58::decode(val.into()).into_vec()?;
         Self::from_bytes(&bytes)
     }
 
@@ -186,7 +190,7 @@ impl PrivateKey {
 }
 
 impl PemStorableKey for PrivateKey {
-    type Error = EncryptionKeyError;
+    type Error = KeyRecoveryError;
 
     fn pem_type() -> &'static str {
         "X25519 PRIVATE KEY"

common/crypto/src/asymmetric/identity/mod.rs

@@ -19,6 +19,36 @@ pub use ed25519_dalek::{Verifier, PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH, SIGNATUR
 use nymsphinx_types::{DestinationAddressBytes, DESTINATION_ADDRESS_LENGTH};
 use pemstore::traits::{PemStorableKey, PemStorableKeyPair};
 use rand::{rngs::OsRng, CryptoRng, RngCore};
+use std::fmt::{self, Formatter};
+
+#[derive(Debug)]
+pub enum KeyRecoveryError {
+    MalformedBytes(SignatureError),
+    MalformedString(bs58::decode::Error),
+}
+
+impl From<SignatureError> for KeyRecoveryError {
+    fn from(err: SignatureError) -> Self {
+        KeyRecoveryError::MalformedBytes(err)
+    }
+}
+
+impl From<bs58::decode::Error> for KeyRecoveryError {
+    fn from(err: bs58::decode::Error) -> Self {
+        KeyRecoveryError::MalformedString(err)
+    }
+}
+
+impl fmt::Display for KeyRecoveryError {
+    fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
+        match self {
+            KeyRecoveryError::MalformedBytes(err) => write!(f, "malformed bytes - {}", err),
+            KeyRecoveryError::MalformedString(err) => write!(f, "malformed string - {}", err),
+        }
+    }
+}
+
+impl std::error::Error for KeyRecoveryError {}
 
 /// Keypair for usage in ed25519 EdDSA.
 pub struct KeyPair {
@@ -49,7 +79,7 @@ impl KeyPair {
         &self.public_key
     }
 
-    pub fn from_bytes(priv_bytes: &[u8], pub_bytes: &[u8]) -> Result<Self, SignatureError> {
+    pub fn from_bytes(priv_bytes: &[u8], pub_bytes: &[u8]) -> Result<Self, KeyRecoveryError> {
         Ok(KeyPair {
             private_key: PrivateKey::from_bytes(priv_bytes)?,
             public_key: PublicKey::from_bytes(pub_bytes)?,
@@ -96,18 +126,16 @@ impl PublicKey {
         self.0.to_bytes()
     }
 
-    pub fn from_bytes(b: &[u8]) -> Result<Self, SignatureError> {
+    pub fn from_bytes(b: &[u8]) -> Result<Self, KeyRecoveryError> {
         Ok(PublicKey(ed25519_dalek::PublicKey::from_bytes(b)?))
     }
 
     pub fn to_base58_string(&self) -> String {
         bs58::encode(&self.to_bytes()).into_string()
     }
 
-    pub fn from_base58_string<S: Into<String>>(val: S) -> Result<Self, SignatureError> {
-        let bytes = bs58::decode(val.into())
-            .into_vec()
-            .expect("TODO: deal with this failure case");
+    pub fn from_base58_string<S: Into<String>>(val: S) -> Result<Self, KeyRecoveryError> {
+        let bytes = bs58::decode(val.into()).into_vec()?;
         Self::from_bytes(&bytes)
     }
 
@@ -117,7 +145,7 @@ impl PublicKey {
 }
 
 impl PemStorableKey for PublicKey {
-    type Error = SignatureError;
+    type Error = KeyRecoveryError;
 
     fn pem_type() -> &'static str {
         "ED25519 PUBLIC KEY"
@@ -147,18 +175,16 @@ impl PrivateKey {
         self.0.to_bytes()
     }
 
-    pub fn from_bytes(b: &[u8]) -> Result<Self, SignatureError> {
+    pub fn from_bytes(b: &[u8]) -> Result<Self, KeyRecoveryError> {
         Ok(PrivateKey(ed25519_dalek::SecretKey::from_bytes(b)?))
     }
 
     pub fn to_base58_string(&self) -> String {
         bs58::encode(&self.to_bytes()).into_string()
     }
 
-    pub fn from_base58_string<S: Into<String>>(val: S) -> Result<Self, SignatureError> {
-        let bytes = bs58::decode(val.into())
-            .into_vec()
-            .expect("TODO: deal with this failure case");
+    pub fn from_base58_string<S: Into<String>>(val: S) -> Result<Self, KeyRecoveryError> {
+        let bytes = bs58::decode(val.into()).into_vec()?;
         Self::from_bytes(&bytes)
     }
 
@@ -171,7 +197,7 @@ impl PrivateKey {
 }
 
 impl PemStorableKey for PrivateKey {
-    type Error = SignatureError;
+    type Error = KeyRecoveryError;
 
     fn pem_type() -> &'static str {
         "ED25519 PRIVATE KEY"

common/nymsphinx/addressing/src/clients.rs

@@ -22,9 +22,9 @@ const CLIENT_IDENTITY_SIZE: usize = identity::PUBLIC_KEY_LENGTH;
 #[derive(Debug)]
 pub enum RecipientFormattingError {
     MalformedRecipientError,
-    MalformedIdentityError(identity::SignatureError),
-    MalformedEncryptionKeyError(encryption::EncryptionKeyError),
-    MalformedGatewayError(identity::SignatureError),
+    MalformedIdentityError(identity::KeyRecoveryError),
+    MalformedEncryptionKeyError(encryption::KeyRecoveryError),
+    MalformedGatewayError(identity::KeyRecoveryError),
 }
 
 impl fmt::Display for RecipientFormattingError {
@@ -51,8 +51,8 @@ impl fmt::Display for RecipientFormattingError {
 // since we have Debug and Display might as well slap Error on top of it too
 impl std::error::Error for RecipientFormattingError {}
 
-impl From<encryption::EncryptionKeyError> for RecipientFormattingError {
-    fn from(err: encryption::EncryptionKeyError) -> Self {
+impl From<encryption::KeyRecoveryError> for RecipientFormattingError {
+    fn from(err: encryption::KeyRecoveryError) -> Self {
         RecipientFormattingError::MalformedEncryptionKeyError(err)
     }
 }

common/nymsphinx/src/receiver.rs

@@ -34,7 +34,7 @@ pub struct ReconstructedMessage {
 pub enum MessageRecoveryError {
     InvalidSurbPrefixError,
     MalformedSURBError(ReplySURBError),
-    InvalidRemoteEphemeralKey(encryption::EncryptionKeyError),
+    InvalidRemoteEphemeralKey(encryption::KeyRecoveryError),
     MalformedFragmentError,
     InvalidMessagePaddingError,
     MalformedReconstructedMessage(Vec<i32>),
@@ -47,8 +47,8 @@ impl From<ReplySURBError> for MessageRecoveryError {
     }
 }
 
-impl From<encryption::EncryptionKeyError> for MessageRecoveryError {
-    fn from(err: encryption::EncryptionKeyError) -> Self {
+impl From<encryption::KeyRecoveryError> for MessageRecoveryError {
+    fn from(err: encryption::KeyRecoveryError) -> Self {
         MessageRecoveryError::InvalidRemoteEphemeralKey(err)
     }
 }

network-monitor/src/test_packet.rs

@@ -13,7 +13,7 @@
 // limitations under the License.
 
 use crypto::asymmetric::encryption;
-use crypto::asymmetric::encryption::EncryptionKeyError;
+use crypto::asymmetric::encryption::KeyRecoveryError;
 use directory_client::mixmining::MixStatus;
 use std::convert::{TryFrom, TryInto};
 use std::fmt::{self, Display, Formatter};
@@ -26,8 +26,8 @@ pub(crate) enum TestPacketError {
     InvalidNodeKey,
 }
 
-impl From<encryption::EncryptionKeyError> for TestPacketError {
-    fn from(_: EncryptionKeyError) -> Self {
+impl From<encryption::KeyRecoveryError> for TestPacketError {
+    fn from(_: KeyRecoveryError) -> Self {
         TestPacketError::InvalidNodeKey
     }
 }