Revise multicast format to include protocol version, discriminator for TLS roots

2025-04-28 22:25:07 +03:00 · 2023-05-21 15:24:31 +01:00 · 2023-05-21 15:24:31 +01:00 · 57d9a2399f
commit 57d9a2399f
parent 002b984c04
5 changed files with 112 additions and 11 deletions
--- a/src/multicast/advertisement.go
+++ b/src/multicast/advertisement.go
@ -7,22 +7,33 @@ import (
 )

 type multicastAdvertisement struct {
-	PublicKey ed25519.PublicKey
-	Port      uint16
+	MajorVersion  uint16
+	MinorVersion  uint16
+	PublicKey     ed25519.PublicKey
+	Port          uint16
+	Discriminator []byte
 }

 func (m *multicastAdvertisement) MarshalBinary() ([]byte, error) {
-	b := make([]byte, 0, ed25519.PublicKeySize+2)
+	b := make([]byte, 0, ed25519.PublicKeySize+8+len(m.Discriminator))
+	b = binary.BigEndian.AppendUint16(b, m.MajorVersion)
+	b = binary.BigEndian.AppendUint16(b, m.MinorVersion)
 	b = append(b, m.PublicKey...)
 	b = binary.BigEndian.AppendUint16(b, m.Port)
+	b = binary.BigEndian.AppendUint16(b, uint16(len(m.Discriminator)))
+	b = append(b, m.Discriminator...)
 	return b, nil
 }

 func (m *multicastAdvertisement) UnmarshalBinary(b []byte) error {
-	if len(b) < ed25519.PublicKeySize+2 {
+	if len(b) < ed25519.PublicKeySize+8 {
 		return fmt.Errorf("invalid multicast beacon")
 	}
-	m.PublicKey = b[:ed25519.PublicKeySize]
-	m.Port = binary.BigEndian.Uint16(b[ed25519.PublicKeySize:])
+	m.MajorVersion = binary.BigEndian.Uint16(b[0:2])
+	m.MinorVersion = binary.BigEndian.Uint16(b[2:4])
+	m.PublicKey = append(m.PublicKey[:0], b[4:4+ed25519.PublicKeySize]...)
+	m.Port = binary.BigEndian.Uint16(b[4+ed25519.PublicKeySize : 6+ed25519.PublicKeySize])
+	dl := binary.BigEndian.Uint16(b[6+ed25519.PublicKeySize : 8+ed25519.PublicKeySize])
+	m.Discriminator = append(m.Discriminator[:0], b[8+ed25519.PublicKeySize:8+ed25519.PublicKeySize+dl]...)
 	return nil
 }
--- a/src/multicast/advertisement_test.go
+++ b/src/multicast/advertisement_test.go
@ -0,0 +1,38 @@
+package multicast
+
+import (
+	"crypto/ed25519"
+	"reflect"
+	"testing"
+)
+
+func TestMulticastAdvertisementRoundTrip(t *testing.T) {
+	pk, sk, err := ed25519.GenerateKey(nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	orig := multicastAdvertisement{
+		MajorVersion:  1,
+		MinorVersion:  2,
+		PublicKey:     pk,
+		Port:          3,
+		Discriminator: sk, // any bytes will do
+	}
+
+	ob, err := orig.MarshalBinary()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	var new multicastAdvertisement
+	if err := new.UnmarshalBinary(ob); err != nil {
+		t.Fatal(err)
+	}
+
+	if !reflect.DeepEqual(orig, new) {
+		t.Logf("original: %+v", orig)
+		t.Logf("new:      %+v", new)
+		t.Fatalf("differences found after round-trip")
+	}
+}
--- a/src/multicast/multicast.go
+++ b/src/multicast/multicast.go
@ -1,6 +1,7 @@
 package multicast

 import (
+	"bytes"
 	"context"
 	"encoding/hex"
 	"fmt"
@ -30,8 +31,10 @@ type Multicast struct {
 	_interfaces map[string]*interfaceInfo
 	_timer      *time.Timer
 	config      struct {
-		_groupAddr  GroupAddress
-		_interfaces map[MulticastInterface]struct{}
+		_discriminator      []byte
+		_discriminatorMatch func([]byte) bool
+		_groupAddr          GroupAddress
+		_interfaces         map[MulticastInterface]struct{}
 	}
 }

@ -321,8 +324,11 @@ func (m *Multicast) _announce() {
 			}
 			addr := linfo.listener.Addr().(*net.TCPAddr)
 			adv := multicastAdvertisement{
-				PublicKey: m.core.PublicKey(),
-				Port:      uint16(addr.Port),
+				MajorVersion:  core.ProtocolVersionMajor,
+				MinorVersion:  core.ProtocolVersionMinor,
+				PublicKey:     m.core.PublicKey(),
+				Port:          uint16(addr.Port),
+				Discriminator: m.config._discriminator,
 			}
 			msg, err := adv.MarshalBinary()
 			if err != nil {
@ -373,7 +379,16 @@ func (m *Multicast) listen() {
 		if err := adv.UnmarshalBinary(bs[:n]); err != nil {
 			continue
 		}
-		if adv.PublicKey.Equal(m.core.PublicKey()) {
+		switch {
+		case adv.MajorVersion != core.ProtocolVersionMajor:
+			continue
+		case adv.MinorVersion != core.ProtocolVersionMinor:
+			continue
+		case adv.PublicKey.Equal(m.core.PublicKey()):
+			continue
+		case m.config._discriminatorMatch == nil && !bytes.Equal(adv.Discriminator, m.config._discriminator):
+			continue
+		case m.config._discriminatorMatch != nil && !m.config._discriminatorMatch(adv.Discriminator):
 			continue
 		}
 		from := fromAddr.(*net.UDPAddr)
--- a/src/multicast/options.go
+++ b/src/multicast/options.go
@ -8,6 +8,10 @@ func (m *Multicast) _applyOption(opt SetupOption) {
 		m.config._interfaces[v] = struct{}{}
 	case GroupAddress:
 		m.config._groupAddr = v
+	case Discriminator:
+		m.config._discriminator = append(m.config._discriminator[:0], v...)
+	case DiscriminatorMatch:
+		m.config._discriminatorMatch = v
 	}
 }

@ -24,6 +28,10 @@ type MulticastInterface struct {
 }

 type GroupAddress string
+type Discriminator []byte
+type DiscriminatorMatch func([]byte) bool

 func (a MulticastInterface) isSetupOption() {}
 func (a GroupAddress) isSetupOption()       {}
+func (a Discriminator) isSetupOption()      {}
+func (a DiscriminatorMatch) isSetupOption() {}