Actually expire sessions when we have given out too many nonces

LLFourn · Feb 3, 2023 · ac7fcc8 · ac7fcc8
1 parent e23f800
commit ac7fcc8
Showing 1 changed file with 14 additions and 12 deletions.
diff --git a/schnorr_fun/src/blind.rs b/schnorr_fun/src/blind.rs
@@ -305,7 +305,7 @@ pub struct BlindSigner<CH, NG> {
     pub schnorr: Schnorr<CH, NG>,
     max_sessions: usize,
     signature_requests: Vec<SignatureRequest>,
-    nonces: BTreeMap<Point<EvenY>, Scalar>,
+    nonces: Vec<(Point<EvenY>, Scalar)>,
     already_signed: BTreeMap<Point<EvenY>, Option<Scalar<Public, Zero>>>,
     secret: Scalar,
 }
@@ -324,7 +324,7 @@ where
         Self {
             max_sessions,
             signature_requests: vec![],
-            nonces: BTreeMap::new(),
+            nonces: vec![],
             already_signed: BTreeMap::new(),
             secret,
             schnorr,
@@ -361,22 +361,24 @@ where
         );
         let (pub_nonce, nonce_negated) = g!(nonce * G).normalize().into_point_with_even_y();
         nonce.conditional_negate(nonce_negated);
-        self.nonces.insert(pub_nonce, nonce);
+        // If there are too many nonces we need to kick one of them out
+        if self.nonces.len() >= self.max_sessions {
+            self.nonces.remove(0);
+        }
+        self.nonces.push((pub_nonce, nonce));
+        assert!(self.nonces.len() <= self.max_sessions);
         pub_nonce
     }
 
     /// Fetch the secret nonce for some public nonce and forget it
     fn use_secret_nonce(&mut self, public_nonce: Point<EvenY>) -> Option<Scalar> {
-        let secret_nonce = match self.nonces.get(&public_nonce) {
-            Some(secret_nonce) => Some(secret_nonce.clone()),
-            // skip because we do not know about this public nonce!
-            None => None,
-        };
-        if secret_nonce.is_some() {
-            self.nonces.remove_entry(&public_nonce);
-            assert!(self.nonces.get(&public_nonce).is_none());
+        for (i, (public, _)) in self.nonces.iter().enumerate() {
+            if *public == public_nonce {
+                let (_, secret) = self.nonces.remove(i);
+                return Some(secret);
+            }
         }
-        secret_nonce
+        return None;
     }
 
     /// Sign a blinded challenge and delete the associated secret_nonce