-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(dpp): panic when generating more than 12 identity keys #2195
Conversation
WalkthroughThe changes involve enhancements to the key generation logic within the Changes
Sequence Diagram(s)sequenceDiagram
participant User
participant IdentityPublicKey
participant IdentityPublicKeyV0
User->>IdentityPublicKey: Request main keys with random authentication keys
IdentityPublicKey->>IdentityPublicKey: Validate key count
IdentityPublicKey->>IdentityPublicKey: Generate keys using updated logic
IdentityPublicKey-->>User: Return generated keys
User->>IdentityPublicKeyV0: Request random authentication key
IdentityPublicKeyV0->>IdentityPublicKeyV0: Validate key count
IdentityPublicKeyV0->>IdentityPublicKeyV0: Generate key using MAX_RANDOM_KEYS
IdentityPublicKeyV0-->>User: Return random authentication key
Poem
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
🧹 Outside diff range and nitpick comments (3)
packages/rs-dpp/src/identity/identity_public_key/v0/random.rs (2)
Line range hint
95-97
: Consider replacing.unwrap()
with proper error handling.The use of
.unwrap()
in this context could potentially lead to panics if an unexpected error occurs. Consider using a more robust error handling approach, such as the?
operator or amatch
statement, to propagate errors gracefully.Here's a suggested improvement:
let security_level = SecurityLevel::try_from(security_level) .map_err(|_| ProtocolError::PublicKeyGenerationError("Invalid security level".to_string()))?; let key_type = KeyType::try_from(key_type) .map_err(|_| ProtocolError::PublicKeyGenerationError("Invalid key type".to_string()))?;
Line range hint
72-110
: Add unit tests to verify the fix.While the changes address the panic issue when generating more than 12 identity keys, it's important to add unit tests to verify this fix and prevent regression in the future.
Consider adding the following test cases:
- Generate exactly 16 keys (MAX_KEYS) and ensure it succeeds.
- Attempt to generate 17 keys and verify it returns an error.
- Test the edge case of generating keys when the key count is 15.
Would you like me to provide sample unit test code for these scenarios?
packages/rs-dpp/src/identity/identity_public_key/random.rs (1)
618-626
: Approved: Improved key generation logicThe changes to the
main_keys_with_random_authentication_keys_with_private_keys_with_rng
method have successfully addressed the issue of panicking when generating more than 12 identity keys. The new implementation using a for loop is more readable and maintainable.Consider adding a comment explaining why the loop starts from index 3 to improve code clarity:
+ // Generate additional authentication keys starting from index 3 + // as the first three keys (master, critical, and high-level) are already created for i in 3..key_count { let privkey = Self::random_authentication_key_with_private_key_with_rng( i, rng, Some((i, &mut used_key_matrix)), platform_version, )?; main_keys.push(privkey); }
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
📒 Files selected for processing (2)
- packages/rs-dpp/src/identity/identity_public_key/random.rs (1 hunks)
- packages/rs-dpp/src/identity/identity_public_key/v0/random.rs (1 hunks)
🔇 Additional comments (2)
packages/rs-dpp/src/identity/identity_public_key/v0/random.rs (1)
72-72
: Approve the introduction and usage ofMAX_KEYS
constant.The introduction of the
MAX_KEYS
constant and its usage throughout the function improves code maintainability and consistency. This change effectively addresses the issue of panicking when generating more than 12 identity keys, as mentioned in the PR objectives.Also applies to: 74-74, 76-76, 81-81
packages/rs-dpp/src/identity/identity_public_key/random.rs (1)
Line range hint
1-654
: Overall impact: Improved key generation robustnessThe changes in this file are focused on the
main_keys_with_random_authentication_keys_with_private_keys_with_rng
method. These modifications successfully address the issue of panicking when generating more than 12 identity keys, as mentioned in the PR objectives. The new implementation improves the robustness and readability of the key generation process without affecting other parts of the file.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 2
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
📒 Files selected for processing (3)
- packages/rs-dpp/src/identity/identity_public_key/random.rs (1 hunks)
- packages/rs-dpp/src/identity/identity_public_key/v0/random.rs (1 hunks)
- packages/rs-drive-abci/tests/strategy_tests/main.rs (0 hunks)
💤 Files with no reviewable changes (1)
- packages/rs-drive-abci/tests/strategy_tests/main.rs
🚧 Files skipped from review as they are similar to previous changes (1)
- packages/rs-dpp/src/identity/identity_public_key/v0/random.rs
for i in 6..key_count { | ||
let privkey = Self::random_authentication_key_with_private_key_with_rng( | ||
i, | ||
rng, | ||
Some((i, &mut used_key_matrix)), | ||
platform_version, | ||
) | ||
.unwrap() | ||
})); | ||
)?; | ||
main_keys.push(privkey); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Possible index out of bounds when key_count
exceeds 16
The used_key_matrix
is initialized with a fixed size of 16:
let mut used_key_matrix = [false; 16].to_vec();
If key_count
exceeds 16, accessing indices beyond 15
will cause an index out of bounds error.
Consider initializing used_key_matrix
based on key_count
to accommodate all possible key IDs:
-let mut used_key_matrix = [false; 16].to_vec();
+let mut used_key_matrix = vec![false; key_count as usize];
Ensure that all indices set to true
are within the bounds of the new used_key_matrix
.
Potential skipping of key IDs 3 to 5 due to loop starting at index 6
The for loop starts at i = 6
, which skips key IDs 3, 4, and 5. This means that keys with these IDs are not generated or added to main_keys
, which might not be the intended behavior.
To include all sequential keys, consider starting the loop at i = 3
:
-for i in 6..key_count {
+for i in 3..key_count {
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
for i in 6..key_count { | |
let privkey = Self::random_authentication_key_with_private_key_with_rng( | |
i, | |
rng, | |
Some((i, &mut used_key_matrix)), | |
platform_version, | |
) | |
.unwrap() | |
})); | |
)?; | |
main_keys.push(privkey); | |
} | |
for i in 3..key_count { | |
let privkey = Self::random_authentication_key_with_private_key_with_rng( | |
i, | |
rng, | |
Some((i, &mut used_key_matrix)), | |
platform_version, | |
)?; | |
main_keys.push(privkey); | |
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed the loop
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
📒 Files selected for processing (1)
- packages/rs-dpp/src/identity/identity_public_key/random.rs (2 hunks)
🔇 Additional comments (1)
packages/rs-dpp/src/identity/identity_public_key/random.rs (1)
626-634
: LGTM!The logic for generating authentication keys appears correct, and the added check for
key_count > 16
effectively prevents potential index out-of-bounds errors.
if key_count > 16 { | ||
return Err(ProtocolError::PublicKeyGenerationError(format!( | ||
"too many keys requested: {}, max is 16", | ||
key_count | ||
))); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🛠️ Refactor suggestion
Consider defining a constant for the maximum key count
Using the hardcoded value 16
directly can make future maintenance more challenging and reduce code readability. Consider defining a constant MAX_KEYS
and using it throughout the code to improve clarity and ease future updates.
Apply this diff to introduce a constant:
At the appropriate scope, define:
const MAX_KEYS: KeyCount = 16;
Then modify the code:
if key_count > MAX_KEYS {
return Err(ProtocolError::PublicKeyGenerationError(format!(
"too many keys requested: {}, max is {}",
key_count,
- 16
+ MAX_KEYS
)));
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
🧹 Outside diff range and nitpick comments (1)
packages/rs-dpp/src/identity/identity_public_key/random.rs (1)
627-640
: Complex logic in key generation loopThe modification of the loop for generating additional keys appears to address the issue of generating more than 12 identity keys. However, the logic is complex and might benefit from additional comments explaining the purpose of each step, especially the calculation of the index passed to
random_authentication_key_with_private_key_with_rng
.Consider adding comments to explain the logic, particularly for the following lines:
Some(( used_key_matrix_count + (i - main_keys_count), &mut used_key_matrix, )),
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
📒 Files selected for processing (2)
- packages/rs-dpp/src/identity/identity_public_key/random.rs (4 hunks)
- packages/rs-dpp/src/identity/identity_public_key/v0/random.rs (2 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
- packages/rs-dpp/src/identity/identity_public_key/v0/random.rs
🔇 Additional comments (5)
packages/rs-dpp/src/identity/identity_public_key/random.rs (5)
12-12
: Excellent addition of MAX_RANDOM_KEYS constantThe introduction of the
MAX_RANDOM_KEYS
constant improves code readability and maintainability. This change effectively addresses the suggestion from a previous review to define a constant for the maximum key count.
546-546
: Consistent use of MAX_RANDOM_KEYS constantThe change from the hardcoded value 16 to
MAX_RANDOM_KEYS
in therandom_authentication_keys_with_rng
method is consistent with the introduction of the constant. This improves code maintainability by centralizing the maximum key count value.
588-593
: Improved error handling for key count limitThis check effectively prevents generating more keys than allowed, addressing the panic issue mentioned in the PR objectives. It provides a clear error message when the limit is exceeded.
620-620
: Consistent use of MAX_RANDOM_KEYS in used_key_matrix initializationThe initialization of
used_key_matrix
now usesMAX_RANDOM_KEYS
, which is consistent with the introduction of the constant and improves maintainability.
Line range hint
587-640
: Consider adding unit tests for the fixThe changes effectively address the panic issue when generating more than 12 identity keys and improve error handling. However, it would be beneficial to add unit tests to verify this fix and prevent regression in the future.
Could you please add unit tests that cover the following scenarios:
- Generating the maximum allowed number of keys (16)
- Attempting to generate more than the maximum allowed keys
- Generating keys with various counts between 2 and 16
Here's a shell script to check for existing tests related to this functionality:
Issue being fixed or feature implemented
pub fn random_authentication_key_with_private_key_with_rng panics
What was done?
.unwrap()
How Has This Been Tested?
Using TUI, observed that the panic does not happen anymore.
Breaking Changes
None
Checklist:
For repository code-owners and collaborators only
Summary by CodeRabbit
New Features
MAX_RANDOM_KEYS
to replace hardcoded values, making the code more adaptable.Bug Fixes
MAX_RANDOM_KEYS
constant.