| 
									
										
										
										
											2015-07-07 02:54:22 +02:00
										 |  |  | // Copyright 2015 The go-ethereum Authors | 
					
						
							| 
									
										
										
										
											2015-07-22 18:48:40 +02:00
										 |  |  | // This file is part of the go-ethereum library. | 
					
						
							| 
									
										
										
										
											2015-07-07 02:54:22 +02:00
										 |  |  | // | 
					
						
							| 
									
										
										
										
											2015-07-23 18:35:11 +02:00
										 |  |  | // The go-ethereum library is free software: you can redistribute it and/or modify | 
					
						
							| 
									
										
										
										
											2015-07-07 02:54:22 +02:00
										 |  |  | // it under the terms of the GNU Lesser General Public License as published by | 
					
						
							|  |  |  | // the Free Software Foundation, either version 3 of the License, or | 
					
						
							|  |  |  | // (at your option) any later version. | 
					
						
							|  |  |  | // | 
					
						
							| 
									
										
										
										
											2015-07-22 18:48:40 +02:00
										 |  |  | // The go-ethereum library is distributed in the hope that it will be useful, | 
					
						
							| 
									
										
										
										
											2015-07-07 02:54:22 +02:00
										 |  |  | // but WITHOUT ANY WARRANTY; without even the implied warranty of | 
					
						
							| 
									
										
										
										
											2015-07-22 18:48:40 +02:00
										 |  |  | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 
					
						
							| 
									
										
										
										
											2015-07-07 02:54:22 +02:00
										 |  |  | // GNU Lesser General Public License for more details. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // You should have received a copy of the GNU Lesser General Public License | 
					
						
							| 
									
										
										
										
											2015-07-22 18:48:40 +02:00
										 |  |  | // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>. | 
					
						
							| 
									
										
										
										
											2015-07-07 02:54:22 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-02-28 20:52:10 +01:00
										 |  |  | package trie | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | import ( | 
					
						
							| 
									
										
										
										
											2017-02-22 14:10:07 +02:00
										 |  |  | 	"fmt" | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | 	"github.com/ethereum/go-ethereum/common" | 
					
						
							| 
									
										
										
										
											2017-02-22 14:10:07 +02:00
										 |  |  | 	"github.com/ethereum/go-ethereum/log" | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | ) | 
					
						
							| 
									
										
										
										
											2015-03-24 15:14:03 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | var secureKeyPrefix = []byte("secure-key-") | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-09-27 13:13:13 +03:00
										 |  |  | const secureKeyLength = 11 + 32 // Length of the above prefix + 32byte hash | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | // SecureTrie wraps a trie with key hashing. In a secure trie, all | 
					
						
							|  |  |  | // access operations hash the key using keccak256. This prevents | 
					
						
							|  |  |  | // calling code from creating long chains of nodes that | 
					
						
							|  |  |  | // increase the access time. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Contrary to a regular trie, a SecureTrie can only be created with | 
					
						
							|  |  |  | // New and must have an attached database. The database also stores | 
					
						
							|  |  |  | // the preimage of each key. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // SecureTrie is not safe for concurrent use. | 
					
						
							| 
									
										
										
										
											2015-02-28 20:52:10 +01:00
										 |  |  | type SecureTrie struct { | 
					
						
							| 
									
										
										
										
											2016-09-27 13:13:13 +03:00
										 |  |  | 	trie             Trie | 
					
						
							|  |  |  | 	hashKeyBuf       [secureKeyLength]byte | 
					
						
							|  |  |  | 	secKeyBuf        [200]byte | 
					
						
							|  |  |  | 	secKeyCache      map[string][]byte | 
					
						
							|  |  |  | 	secKeyCacheOwner *SecureTrie // Pointer to self, replace the key cache on mismatch | 
					
						
							| 
									
										
										
										
											2015-02-28 20:52:10 +01:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | // NewSecure creates a trie with an existing root node from db. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // If root is the zero hash or the sha3 hash of an empty string, the | 
					
						
							| 
									
										
										
										
											2015-11-25 18:28:21 +01:00
										 |  |  | // trie is initially empty. Otherwise, New will panic if db is nil | 
					
						
							|  |  |  | // and returns MissingNodeError if the root node cannot be found. | 
					
						
							| 
									
										
										
										
											2016-10-14 18:04:33 +02:00
										 |  |  | // | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | // Accessing the trie loads nodes from db on demand. | 
					
						
							| 
									
										
										
										
											2016-10-14 18:04:33 +02:00
										 |  |  | // Loaded nodes are kept around until their 'cache generation' expires. | 
					
						
							|  |  |  | // A new cache generation is created by each call to Commit. | 
					
						
							|  |  |  | // cachelimit sets the number of past cache generations to keep. | 
					
						
							|  |  |  | func NewSecure(root common.Hash, db Database, cachelimit uint16) (*SecureTrie, error) { | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | 	if db == nil { | 
					
						
							|  |  |  | 		panic("NewSecure called with nil database") | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	trie, err := New(root, db) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2016-10-14 18:04:33 +02:00
										 |  |  | 	trie.SetCacheLimit(cachelimit) | 
					
						
							|  |  |  | 	return &SecureTrie{trie: *trie}, nil | 
					
						
							| 
									
										
										
										
											2015-02-28 20:52:10 +01:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | // Get returns the value for key stored in the trie. | 
					
						
							|  |  |  | // The value bytes must not be modified by the caller. | 
					
						
							|  |  |  | func (t *SecureTrie) Get(key []byte) []byte { | 
					
						
							| 
									
										
										
										
											2015-11-25 18:28:21 +01:00
										 |  |  | 	res, err := t.TryGet(key) | 
					
						
							| 
									
										
										
										
											2017-02-22 14:10:07 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		log.Error(fmt.Sprintf("Unhandled trie error: %v", err)) | 
					
						
							| 
									
										
										
										
											2015-11-25 18:28:21 +01:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	return res | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // TryGet returns the value for key stored in the trie. | 
					
						
							|  |  |  | // The value bytes must not be modified by the caller. | 
					
						
							|  |  |  | // If a node was not found in the database, a MissingNodeError is returned. | 
					
						
							|  |  |  | func (t *SecureTrie) TryGet(key []byte) ([]byte, error) { | 
					
						
							| 
									
										
										
										
											2016-09-25 20:49:02 +02:00
										 |  |  | 	return t.trie.TryGet(t.hashKey(key)) | 
					
						
							| 
									
										
										
										
											2015-02-28 20:52:10 +01:00
										 |  |  | } | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | // Update associates key with value in the trie. Subsequent calls to | 
					
						
							|  |  |  | // Get will return value. If value has length zero, any existing value | 
					
						
							|  |  |  | // is deleted from the trie and calls to Get will return nil. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // The value bytes must not be modified by the caller while they are | 
					
						
							|  |  |  | // stored in the trie. | 
					
						
							|  |  |  | func (t *SecureTrie) Update(key, value []byte) { | 
					
						
							| 
									
										
										
										
											2017-02-22 14:10:07 +02:00
										 |  |  | 	if err := t.TryUpdate(key, value); err != nil { | 
					
						
							|  |  |  | 		log.Error(fmt.Sprintf("Unhandled trie error: %v", err)) | 
					
						
							| 
									
										
										
										
											2015-11-25 18:28:21 +01:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // TryUpdate associates key with value in the trie. Subsequent calls to | 
					
						
							|  |  |  | // Get will return value. If value has length zero, any existing value | 
					
						
							|  |  |  | // is deleted from the trie and calls to Get will return nil. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // The value bytes must not be modified by the caller while they are | 
					
						
							|  |  |  | // stored in the trie. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // If a node was not found in the database, a MissingNodeError is returned. | 
					
						
							|  |  |  | func (t *SecureTrie) TryUpdate(key, value []byte) error { | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | 	hk := t.hashKey(key) | 
					
						
							| 
									
										
										
										
											2016-09-25 20:49:02 +02:00
										 |  |  | 	err := t.trie.TryUpdate(hk, value) | 
					
						
							| 
									
										
										
										
											2015-11-25 18:28:21 +01:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return err | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2016-09-27 13:13:13 +03:00
										 |  |  | 	t.getSecKeyCache()[string(hk)] = common.CopyBytes(key) | 
					
						
							| 
									
										
										
										
											2015-11-25 18:28:21 +01:00
										 |  |  | 	return nil | 
					
						
							| 
									
										
										
										
											2015-02-28 20:52:10 +01:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | // Delete removes any existing value for key from the trie. | 
					
						
							|  |  |  | func (t *SecureTrie) Delete(key []byte) { | 
					
						
							| 
									
										
										
										
											2017-02-22 14:10:07 +02:00
										 |  |  | 	if err := t.TryDelete(key); err != nil { | 
					
						
							|  |  |  | 		log.Error(fmt.Sprintf("Unhandled trie error: %v", err)) | 
					
						
							| 
									
										
										
										
											2015-11-25 18:28:21 +01:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // TryDelete removes any existing value for key from the trie. | 
					
						
							|  |  |  | // If a node was not found in the database, a MissingNodeError is returned. | 
					
						
							|  |  |  | func (t *SecureTrie) TryDelete(key []byte) error { | 
					
						
							| 
									
										
										
										
											2016-01-20 16:06:28 +02:00
										 |  |  | 	hk := t.hashKey(key) | 
					
						
							| 
									
										
										
										
											2016-09-27 13:13:13 +03:00
										 |  |  | 	delete(t.getSecKeyCache(), string(hk)) | 
					
						
							| 
									
										
										
										
											2016-09-25 20:49:02 +02:00
										 |  |  | 	return t.trie.TryDelete(hk) | 
					
						
							| 
									
										
										
										
											2015-02-28 20:52:10 +01:00
										 |  |  | } | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | // GetKey returns the sha3 preimage of a hashed key that was | 
					
						
							|  |  |  | // previously used to store a value. | 
					
						
							|  |  |  | func (t *SecureTrie) GetKey(shaKey []byte) []byte { | 
					
						
							| 
									
										
										
										
											2016-09-27 13:13:13 +03:00
										 |  |  | 	if key, ok := t.getSecKeyCache()[string(shaKey)]; ok { | 
					
						
							| 
									
										
										
										
											2016-01-20 12:09:24 +02:00
										 |  |  | 		return key | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2016-09-25 20:49:02 +02:00
										 |  |  | 	key, _ := t.trie.db.Get(t.secKey(shaKey)) | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | 	return key | 
					
						
							| 
									
										
										
										
											2015-02-28 20:52:10 +01:00
										 |  |  | } | 
					
						
							| 
									
										
										
										
											2015-03-03 12:25:44 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-01-20 12:09:24 +02:00
										 |  |  | // Commit writes all nodes and the secure hash pre-images to the trie's database. | 
					
						
							|  |  |  | // Nodes are stored with their sha3 hash as the key. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Committing flushes nodes from memory. Subsequent Get calls will load nodes | 
					
						
							|  |  |  | // from the database. | 
					
						
							|  |  |  | func (t *SecureTrie) Commit() (root common.Hash, err error) { | 
					
						
							| 
									
										
										
										
											2016-09-25 20:49:02 +02:00
										 |  |  | 	return t.CommitTo(t.trie.db) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (t *SecureTrie) Hash() common.Hash { | 
					
						
							|  |  |  | 	return t.trie.Hash() | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (t *SecureTrie) Root() []byte { | 
					
						
							|  |  |  | 	return t.trie.Root() | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-06-27 15:57:06 +02:00
										 |  |  | func (t *SecureTrie) Copy() *SecureTrie { | 
					
						
							|  |  |  | 	cpy := *t | 
					
						
							|  |  |  | 	return &cpy | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-04-13 14:41:24 +02:00
										 |  |  | // NodeIterator returns an iterator that returns nodes of the underlying trie. Iteration | 
					
						
							|  |  |  | // starts at the key after the given start key. | 
					
						
							|  |  |  | func (t *SecureTrie) NodeIterator(start []byte) NodeIterator { | 
					
						
							|  |  |  | 	return t.trie.NodeIterator(start) | 
					
						
							| 
									
										
										
										
											2016-01-20 12:09:24 +02:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // CommitTo writes all nodes and the secure hash pre-images to the given database. | 
					
						
							|  |  |  | // Nodes are stored with their sha3 hash as the key. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Committing flushes nodes from memory. Subsequent Get calls will load nodes from | 
					
						
							|  |  |  | // the trie's database. Calling code must ensure that the changes made to db are | 
					
						
							|  |  |  | // written back to the trie's attached database before using the trie. | 
					
						
							|  |  |  | func (t *SecureTrie) CommitTo(db DatabaseWriter) (root common.Hash, err error) { | 
					
						
							| 
									
										
										
										
											2016-09-27 13:13:13 +03:00
										 |  |  | 	if len(t.getSecKeyCache()) > 0 { | 
					
						
							| 
									
										
										
										
											2016-01-20 12:09:24 +02:00
										 |  |  | 		for hk, key := range t.secKeyCache { | 
					
						
							|  |  |  | 			if err := db.Put(t.secKey([]byte(hk)), key); err != nil { | 
					
						
							|  |  |  | 				return common.Hash{}, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		t.secKeyCache = make(map[string][]byte) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2016-09-25 20:49:02 +02:00
										 |  |  | 	return t.trie.CommitTo(db) | 
					
						
							| 
									
										
										
										
											2016-01-20 12:09:24 +02:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-09-25 20:49:02 +02:00
										 |  |  | // secKey returns the database key for the preimage of key, as an ephemeral buffer. | 
					
						
							|  |  |  | // The caller must not hold onto the return value because it will become | 
					
						
							|  |  |  | // invalid on the next call to hashKey or secKey. | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | func (t *SecureTrie) secKey(key []byte) []byte { | 
					
						
							| 
									
										
										
										
											2016-09-25 20:49:02 +02:00
										 |  |  | 	buf := append(t.secKeyBuf[:0], secureKeyPrefix...) | 
					
						
							|  |  |  | 	buf = append(buf, key...) | 
					
						
							|  |  |  | 	return buf | 
					
						
							| 
									
										
										
										
											2015-03-03 12:25:44 +01:00
										 |  |  | } | 
					
						
							| 
									
										
										
										
											2015-03-24 15:14:03 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-09-25 20:49:02 +02:00
										 |  |  | // hashKey returns the hash of key as an ephemeral buffer. | 
					
						
							|  |  |  | // The caller must not hold onto the return value because it will become | 
					
						
							|  |  |  | // invalid on the next call to hashKey or secKey. | 
					
						
							| 
									
										
										
										
											2015-07-06 01:19:48 +02:00
										 |  |  | func (t *SecureTrie) hashKey(key []byte) []byte { | 
					
						
							| 
									
										
										
										
											2016-10-14 18:04:33 +02:00
										 |  |  | 	h := newHasher(0, 0) | 
					
						
							| 
									
										
										
										
											2016-09-25 20:49:02 +02:00
										 |  |  | 	h.sha.Reset() | 
					
						
							|  |  |  | 	h.sha.Write(key) | 
					
						
							|  |  |  | 	buf := h.sha.Sum(t.hashKeyBuf[:0]) | 
					
						
							|  |  |  | 	returnHasherToPool(h) | 
					
						
							|  |  |  | 	return buf | 
					
						
							| 
									
										
										
										
											2015-03-24 15:14:03 +01:00
										 |  |  | } | 
					
						
							| 
									
										
										
										
											2016-09-27 13:13:13 +03:00
										 |  |  | 
 | 
					
						
							|  |  |  | // getSecKeyCache returns the current secure key cache, creating a new one if | 
					
						
							|  |  |  | // ownership changed (i.e. the current secure trie is a copy of another owning | 
					
						
							|  |  |  | // the actual cache). | 
					
						
							|  |  |  | func (t *SecureTrie) getSecKeyCache() map[string][]byte { | 
					
						
							|  |  |  | 	if t != t.secKeyCacheOwner { | 
					
						
							|  |  |  | 		t.secKeyCacheOwner = t | 
					
						
							|  |  |  | 		t.secKeyCache = make(map[string][]byte) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return t.secKeyCache | 
					
						
							|  |  |  | } |