// Return the set of nodes in this graph with no children.
func (self *DAG) FindFinalTargets() *NodeSet {
//fmt.Println("FindFinalTargets():")
var targets *bit.Set = bit.New()
targets.AddRange(0, self.length())
for _, parents := range self.parents {
//fmt.Printf(" %d: node=%v, parents=%v\n", id, self.nodes[id], parents)
targets.SetAndNot(targets, parents)
}
//fmt.Printf(" -> targets = %v\n", targets)
return (*NodeSet)(targets)
}
func (nd *NaClDecryptor) decrypt(buf []byte) ([]byte, error) {
offset := binary.BigEndian.Uint16(buf[:2])
df := (offset & (1 << 15)) != 0
offsetNoFlags := offset & ((1 << 15) - 1)
var decState *NaClDecryptorInstance
if df {
decState = nd.instanceDF
} else {
decState = nd.instance
}
var nonce *[24]byte
var usedOffsets *bit.Set
var ok bool
if decState.nonce == nil {
if offsetNoFlags > (1 << 13) {
// offset is already beyond the first quarter and it's the
// first thing we've seen?! I don't think so.
return nil, fmt.Errorf("Unexpected offset when decrypting UDP packet")
}
decState.nonce, ok = <-decState.nonceChan
if !ok {
return nil, fmt.Errorf("Nonce chan closed")
}
nonce = decState.nonce
usedOffsets = decState.usedOffsets
decState.highestOffsetSeen = offsetNoFlags
} else {
highestOffsetSeen := decState.highestOffsetSeen
if offsetNoFlags < (1<<13) && highestOffsetSeen > ((1<<14)+(1<<13)) &&
(highestOffsetSeen-offsetNoFlags) > ((1<<14)+(1<<13)) {
// offset is in the first quarter, highestOffsetSeen is in
// the top quarter and under a quarter behind us. We
// interpret this as we need to move to the next nonce
decState.previousUsedOffsets = decState.usedOffsets
decState.usedOffsets = bit.New()
decState.previousNonce = decState.nonce
decState.nonce, ok = <-decState.nonceChan
if !ok {
return nil, fmt.Errorf("Nonce chan closed")
}
decState.highestOffsetSeen = offsetNoFlags
nonce = decState.nonce
usedOffsets = decState.usedOffsets
} else if offsetNoFlags > highestOffsetSeen &&
(offsetNoFlags-highestOffsetSeen) < (1<<13) {
// offset is under a quarter above highestOffsetSeen. This
// is ok - maybe some packet loss
decState.highestOffsetSeen = offsetNoFlags
nonce = decState.nonce
usedOffsets = decState.usedOffsets
} else if offsetNoFlags <= highestOffsetSeen &&
(highestOffsetSeen-offsetNoFlags) < (1<<13) {
// offset is within a quarter of the highest we've
// seen. This is ok - just assuming some out-of-order
// delivery.
nonce = decState.nonce
usedOffsets = decState.usedOffsets
} else if highestOffsetSeen < (1<<13) && offsetNoFlags > ((1<<14)+(1<<13)) &&
(offsetNoFlags-highestOffsetSeen) > ((1<<14)+(1<<13)) {
// offset is in the last quarter, highestOffsetSeen is in
// the first quarter, and offset is under a quarter behind
// us. This is ok - as above, just some out of order. But
// here it means we're dealing with the previous nonce
nonce = decState.previousNonce
usedOffsets = decState.previousUsedOffsets
} else {
return nil, fmt.Errorf("Unexpected offset when decrypting UDP packet")
}
}
offsetNoFlagsInt := int(offsetNoFlags)
if usedOffsets.Contains(offsetNoFlagsInt) {
return nil, fmt.Errorf("Suspected replay attack detected when decrypting UDP packet")
}
SetNonceLow15Bits(nonce, offsetNoFlags)
result, success := secretbox.Open(nil, buf[2:], nonce, nd.conn.SessionKey)
if success {
usedOffsets.Add(offsetNoFlagsInt)
return result, nil
} else {
return nil, fmt.Errorf("Unable to decrypt msg via UDP: %v", buf)
}
}