Move arbitrary constants to consts.rs

src/consts.rs

@@ -0,0 +1,5 @@
+pub const MAX_FORWARD_JUMPS: usize = 2000;
+pub const MAX_MESSAGE_KEYS: usize = 2000;
+pub const MAX_RECEIVER_CHAINS: usize = 5;
+pub const ARCHIVED_STATES_MAX_LENGTH: usize = 40;
+pub const MAX_SENDER_KEY_STATES: usize = 5;

src/group_cipher.rs

@@ -1,3 +1,4 @@
+use crate::consts;
 use crate::crypto;
 use crate::curve;
 use crate::error::Result;
@@ -58,7 +59,8 @@ fn get_sender_key(state: &mut SenderKeyState, iteration: u32) -> Result<SenderMe
         }
     }
 
-    if iteration - sender_chain_key.iteration()? > 2000 {
+    let jump = (iteration - sender_chain_key.iteration()?) as usize;
+    if jump > consts::MAX_FORWARD_JUMPS {
         return Err(SignalProtocolError::InvalidMessage(
             "message from too far into the future",
         ));

src/lib.rs

@@ -2,6 +2,7 @@
 #![deny(unsafe_code)]
 
 mod address;
+mod consts;
 mod crypto;
 mod curve;
 mod error;

src/sender_keys.rs

@@ -1,3 +1,4 @@
+use crate::consts;
 use crate::crypto::hmac_sha256;
 use crate::curve;
 use crate::error::{Result, SignalProtocolError};
@@ -140,8 +141,6 @@ pub struct SenderKeyState {
 }
 
 impl SenderKeyState {
-    const MAX_MESSAGE_KEYS: usize = 2000;
-
     pub fn new(
         id: u32,
         iteration: u32,
@@ -224,7 +223,7 @@ impl SenderKeyState {
         self.state
             .sender_message_keys
             .push(sender_message_key.as_protobuf()?);
-        while self.state.sender_message_keys.len() > Self::MAX_MESSAGE_KEYS {
+        while self.state.sender_message_keys.len() > consts::MAX_MESSAGE_KEYS {
             self.state.sender_message_keys.remove(0);
         }
         Ok(())
@@ -254,8 +253,6 @@ pub struct SenderKeyRecord {
 }
 
 impl SenderKeyRecord {
-    const MAX_STATES: usize = 5;
-
     pub fn new_empty() -> Self {
         Self {
             states: VecDeque::new(),
@@ -308,7 +305,7 @@ impl SenderKeyRecord {
             signature_private_key,
         )?);
 
-        while self.states.len() > Self::MAX_STATES {
+        while self.states.len() > consts::MAX_SENDER_KEY_STATES {
             self.states.pop_back();
         }
         Ok(())

src/session_cipher.rs

@@ -3,6 +3,7 @@ use crate::{
     SignalProtocolError, SignedPreKeyStore,
 };
 
+use crate::consts::MAX_FORWARD_JUMPS;
 use crate::crypto;
 use crate::curve;
 use crate::error::Result;
@@ -13,12 +14,6 @@ use crate::storage::Direction;
 
 use rand::{CryptoRng, Rng};
 
-/*
-* Prevent a message from jumping too far forward to avoid computation DoS.
-* The specific value is arbitrary, value taking from libsignal-protocol-java
-*/
-const MAX_FORWARD_CHAIN_JUMPS: u32 = 2000;
-
 pub struct SessionCipher<'a> {
     remote_address: ProtocolAddress,
     session_store: &'a mut dyn SessionStore,
@@ -259,9 +254,9 @@ impl<'a> SessionCipher<'a> {
 
         let their_ephemeral = ciphertext.sender_ratchet_key();
         let counter = ciphertext.counter();
-        let chain_key = self.get_or_create_chain_key(state, their_ephemeral, csprng)?;
+        let chain_key = Self::get_or_create_chain_key(state, their_ephemeral, csprng)?;
         let message_keys =
-            self.get_or_create_message_key(state, their_ephemeral, &chain_key, counter)?;
+            Self::get_or_create_message_key(state, their_ephemeral, &chain_key, counter)?;
 
         let their_identity_key = state
             .remote_identity_key()?
@@ -305,7 +300,6 @@ impl<'a> SessionCipher<'a> {
     }
 
     fn get_or_create_chain_key<R: Rng + CryptoRng>(
-        &self,
         state: &mut SessionState,
         their_ephemeral: &curve::PublicKey,
         csprng: &mut R,
@@ -338,7 +332,6 @@ impl<'a> SessionCipher<'a> {
     }
 
     fn get_or_create_message_key(
-        &self,
         state: &mut SessionState,
         their_ephemeral: &curve::PublicKey,
         chain_key: &ChainKey,
@@ -358,7 +351,9 @@ impl<'a> SessionCipher<'a> {
 
         assert!(chain_index <= counter);
 
-        if counter - chain_index > MAX_FORWARD_CHAIN_JUMPS {
+        let jump = (counter - chain_index) as usize;
+
+        if jump > MAX_FORWARD_JUMPS {
             return Err(SignalProtocolError::InvalidMessage(
                 "message from too far into the future",
             ));

src/state/session.rs

@@ -2,6 +2,7 @@ use crate::error::{Result, SignalProtocolError};
 use crate::ratchet::{ChainKey, MessageKeys, RootKey};
 use crate::{IdentityKey, IdentityKeyPair};
 
+use crate::consts;
 use crate::curve;
 use crate::kdf;
 use crate::proto::storage::session_structure;
@@ -45,10 +46,6 @@ pub struct SessionState {
     session: SessionStructure,
 }
 
-const MAX_MESSAGE_KEYS: usize = 2000;
-const MAX_RECEIVER_CHAINS: usize = 5;
-const ARCHIVED_STATES_MAX_LENGTH: usize = 40;
-
 impl SessionState {
     pub fn deserialize(bytes: &[u8]) -> Result<Self> {
         let session = SessionStructure::decode(bytes)?;
@@ -191,7 +188,7 @@ impl SessionState {
 
         self.session.receiver_chains.push(chain);
 
-        if self.session.receiver_chains.len() > MAX_RECEIVER_CHAINS {
+        if self.session.receiver_chains.len() > consts::MAX_RECEIVER_CHAINS {
             self.session.receiver_chains.remove(0);
         }
 
@@ -327,7 +324,7 @@ impl SessionState {
             let mut updated_chain = chain_and_index.0;
             updated_chain.message_keys.insert(0, new_keys);
 
-            if updated_chain.message_keys.len() > MAX_MESSAGE_KEYS {
+            if updated_chain.message_keys.len() > consts::MAX_MESSAGE_KEYS {
                 updated_chain.message_keys.pop();
             }
 
@@ -637,7 +634,7 @@ impl SessionRecord {
         if self.current_session.is_some() {
             self.previous_sessions
                 .push_front(self.current_session.take().expect("Checked is_some"));
-            if self.previous_sessions.len() > ARCHIVED_STATES_MAX_LENGTH {
+            if self.previous_sessions.len() > consts::ARCHIVED_STATES_MAX_LENGTH {
                 self.previous_sessions.pop_back();
             }
         }