fix(bc/pointer): cancel upper two bytes of payload bc they're node-specific

2022-09-27 17:17:27 +02:00 · 2022-09-27 17:17:27 +02:00 · 7580ba28bb
commit 7580ba28bb
parent 911d662634
1 changed files with 14 additions and 2 deletions
--- a/crates/fogtix-bytecode/src/pointer.rs
+++ b/crates/fogtix-bytecode/src/pointer.rs
@ -77,10 +77,12 @@ impl Pointer {
    fn calculate_hmac(payload: u64, key: &Atom) -> u64 {
        use core::hash::Hasher;
        let mut h = key.build_hasher();
-        h.write_u64(payload);
+        h.write_u64(payload & ((1 << 48) - 1));
        h.finish()
    }

+    /// SECURITY NOTE: the upper two bytes of `payload` (`origin`) aren't taken
+    /// into account when calculating the HMAC because they're node-specific
    pub fn new_with_key(payload: u64, key: &Atom) -> Pointer {
        let hmac = Self::calculate_hmac(payload, key);
        Atom::from((hmac, payload)).into()
@ -172,8 +174,18 @@ mod tests {
        let k = Atom([0, 0, 0, 0, 0, 0, 0xde, 0xad, 0, 0, 0, 0, 0, 0, 0xbe, 0xef]);
        let p = Pointer::new_with_key(0x0508deadbeeffefe, &k);
        // verify that this is the same value on all systems
-        assert_eq!(p.0[0..8], [98, 122, 191, 167, 34, 251, 28, 171]);
+        assert_eq!(p.0[0..8], [191, 23, 107, 0, 61, 74, 249, 219]);
        assert_eq!(p.verify(&k), Some(0x0508deadbeeffefe));
        assert_eq!(p.origin(), 0x0508);
    }
+
+    #[test]
+    fn pointer_usage3() {
+        let k = Atom([0, 0, 0, 0, 0, 0, 0xde, 0xad, 0, 0, 0, 0, 0, 0, 0xbe, 0xef]);
+        let p = Pointer::new_with_key(0xf7d8deadbeeffefe, &k);
+        // verify that this is the same value on all systems
+        assert_eq!(p.0[0..8], [191, 23, 107, 0, 61, 74, 249, 219]);
+        assert_eq!(p.verify(&k), Some(0xf7d8deadbeeffefe));
+        assert_eq!(p.origin(), 0xf7d8);
+    }
 }