Refactors Cryptographer to remove logs and avoid multi return types

Cryptographer now uses exceptions to report errors and does not use the log anymore
2026-02-01 12:44:25 +01:00 · 2020-04-09 17:57:40 +02:00
parent b4ea005f55
commit 08701f0fee
12 changed files with 98 additions and 181 deletions
--- a/teos/gatekeeper.py
+++ b/teos/gatekeeper.py
@@ -1,5 +1,6 @@
 from common.tools import is_compressed_pk
 from common.cryptographer import Cryptographer
+from common.exceptions import InvalidParameter, InvalidKey, SignatureError


 class NotEnoughSlots(ValueError):
@@ -71,7 +72,7 @@ class Gatekeeper:
            :obj:`IdentificationFailure`: if the user cannot be identified.
        """

-        if isinstance(message, bytes) and isinstance(signature, str):
+        try:
            rpk = Cryptographer.recover_pk(message, signature)
            compressed_pk = Cryptographer.get_compressed_pk(rpk)

@@ -80,7 +81,7 @@ class Gatekeeper:
            else:
                raise IdentificationFailure("User not found.")

-        else:
+        except (InvalidParameter, InvalidKey, SignatureError):
            raise IdentificationFailure("Wrong message or signature.")

    def fill_slots(self, user_pk, n):
--- a/teos/inspector.py
+++ b/teos/inspector.py
@@ -1,6 +1,5 @@
 import re

-import common.cryptographer
 from common.logger import Logger
 from common.tools import is_locator
 from common.constants import LOCATOR_LEN_HEX
@@ -9,7 +8,6 @@ from common.appointment import Appointment
 from teos import errors, LOG_PREFIX

 logger = Logger(actor="Inspector", log_name_prefix=LOG_PREFIX)
-common.cryptographer.logger = Logger(actor="Cryptographer", log_name_prefix=LOG_PREFIX)

 # FIXME: The inspector logs the wrong messages sent form the users. A possible attack surface would be to send a really
 #        long field that, even if not accepted by TEOS, would be stored in the logs. This is a possible DoS surface
--- a/teos/teosd.py
+++ b/teos/teosd.py
@@ -3,7 +3,6 @@ from sys import argv, exit
 from getopt import getopt, GetoptError
 from signal import signal, SIGINT, SIGQUIT, SIGTERM

-import common.cryptographer
 from common.logger import Logger
 from common.config_loader import ConfigLoader
 from common.cryptographer import Cryptographer
@@ -25,7 +24,6 @@ from teos.tools import can_connect_to_bitcoind, in_correct_network
 from teos import LOG_PREFIX, DATA_DIR, DEFAULT_CONF, CONF_FILE_NAME

 logger = Logger(actor="Daemon", log_name_prefix=LOG_PREFIX)
-common.cryptographer.logger = Logger(actor="Cryptographer", log_name_prefix=LOG_PREFIX)


 def handle_signals(signal_received, frame):
--- a/teos/watcher.py
+++ b/teos/watcher.py
@@ -1,17 +1,17 @@
 from queue import Queue
 from threading import Thread

-import common.cryptographer
 from common.logger import Logger
 from common.tools import compute_locator
 from common.appointment import Appointment
+from common.exceptions import EncryptionError
 from common.cryptographer import Cryptographer, hash_160
+from common.exceptions import InvalidParameter, SignatureError

 from teos import LOG_PREFIX
 from teos.cleaner import Cleaner

 logger = Logger(actor="Watcher", log_name_prefix=LOG_PREFIX)
-common.cryptographer.logger = Logger(actor="Cryptographer", log_name_prefix=LOG_PREFIX)


 class Watcher:
@@ -57,7 +57,7 @@ class Watcher:
        last_known_block (:obj:`str`): the last block known by the ``Watcher``.

    Raises:
-        ValueError: if `teos_sk_file` is not found.
+        :obj:`InvalidKey <common.exceptions.InvalidKey>`: if teos sk cannot be loaded.

    """

@@ -147,7 +147,14 @@ class Watcher:
            self.db_manager.create_append_locator_map(appointment.locator, uuid)

            appointment_added = True
-            signature = Cryptographer.sign(appointment.serialize(), self.signing_key)
+
+            try:
+                signature = Cryptographer.sign(appointment.serialize(), self.signing_key)
+
+            except (InvalidParameter, SignatureError):
+                # This should never happen since data is sanitized, just in case to avoid a crash
+                logger.error("Data couldn't be signed", appointment=appointment.to_dict())
+                signature = None

            logger.info("New appointment accepted", locator=appointment.locator)

@@ -297,7 +304,7 @@ class Watcher:
                    try:
                        penalty_rawtx = Cryptographer.decrypt(appointment.encrypted_blob, dispute_txid)

-                    except ValueError:
+                    except EncryptionError:
                        penalty_rawtx = None

                    penalty_tx = self.block_processor.decode_raw_transaction(penalty_rawtx)