sec: remove keychain lock

named-data · Jan 20, 2025 · 5c9a3f4 · 5c9a3f4
1 parent 9d46623
commit 5c9a3f4
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 22 deletions.
diff --git a/std/ndn/security.go b/std/ndn/security.go
@@ -39,6 +39,7 @@ type Signer interface {
 type SigChecker func(name enc.Name, sigCovered enc.Wire, sig Signature) bool
 
 // KeyChain is the interface of a keychain.
+// Note that Keychains are not thread-safe, and the owner should provide a lock.
 type KeyChain interface {
 	// String provides the log identifier of the keychain.
 	String() string

diff --git a/std/security/keychain/keychain_dir.go b/std/security/keychain/keychain_dir.go
@@ -7,7 +7,6 @@ import (
 	"os"
 	"path/filepath"
 	"strings"
-	"sync"
 
 	enc "github.com/named-data/ndnd/std/encoding"
 	"github.com/named-data/ndnd/std/log"
@@ -21,15 +20,13 @@ const EXT_CERT = ".cert"
 
 // KeyChainDir is a directory-based keychain.
 type KeyChainDir struct {
-	wmut sync.Mutex
 	mem  ndn.KeyChain
 	path string
 }
 
 // NewKeyChainDir creates a new in-memory keychain.
 func NewKeyChainDir(path string, pubStore ndn.Store) (ndn.KeyChain, error) {
 	kc := &KeyChainDir{
-		wmut: sync.Mutex{},
 		mem:  NewKeyChainMem(pubStore),
 		path: path,
 	}
@@ -66,7 +63,7 @@ func NewKeyChainDir(path string, pubStore ndn.Store) (ndn.KeyChain, error) {
 }
 
 func (kc *KeyChainDir) String() string {
-	return fmt.Sprintf("KeyChainDir (%s)", kc.path)
+	return fmt.Sprintf("keychain-dir (%s)", kc.path)
 }
 
 func (kc *KeyChainDir) GetIdentities() []ndn.Identity {
@@ -110,8 +107,5 @@ func (kc *KeyChainDir) writeFile(wire []byte, ext string) error {
 		return err
 	}
 
-	kc.wmut.Lock()
-	defer kc.wmut.Unlock()
-
 	return os.WriteFile(path, str, 0644)
 }
diff --git a/std/security/keychain/keychain_mem.go b/std/security/keychain/keychain_mem.go
@@ -1,8 +1,6 @@
 package keychain
 
 import (
-	"sync"
-
 	enc "github.com/named-data/ndnd/std/encoding"
 	"github.com/named-data/ndnd/std/ndn"
 	spec "github.com/named-data/ndnd/std/ndn/spec_2022"
@@ -11,23 +9,23 @@ import (
 
 // KeyChainMem is an in-memory keychain.
 type KeyChainMem struct {
-	mut        sync.RWMutex
 	identities map[string]*identity
 	pubStore   ndn.Store
 }
 
 // NewKeyChainMem creates a new in-memory keychain.
 func NewKeyChainMem(pubStore ndn.Store) ndn.KeyChain {
 	return &KeyChainMem{
-		mut:        sync.RWMutex{},
 		identities: make(map[string]*identity),
 		pubStore:   pubStore,
 	}
 }
 
+func (kc *KeyChainMem) String() string {
+	return "keychain-mem"
+}
+
 func (kc *KeyChainMem) GetIdentities() []ndn.Identity {
-	kc.mut.RLock()
-	defer kc.mut.RUnlock()
 	ids := make([]ndn.Identity, 0, len(kc.identities))
 	for _, id := range kc.identities {
 		ids = append(ids, id)
@@ -36,18 +34,13 @@ func (kc *KeyChainMem) GetIdentities() []ndn.Identity {
 }
 
 func (kc *KeyChainMem) GetIdentity(name enc.Name) ndn.Identity {
-	kc.mut.RLock()
-	defer kc.mut.RUnlock()
 	if id, ok := kc.identities[name.String()]; ok {
 		return id
 	}
 	return nil
 }
 
 func (kc *KeyChainMem) InsertKey(signer ndn.Signer) error {
-	kc.mut.Lock()
-	defer kc.mut.Unlock()
-
 	// Get key name
 	id, err := sec.GetIdentityFromKeyName(signer.KeyName())
 	if err != nil {
@@ -68,10 +61,6 @@ func (kc *KeyChainMem) InsertKey(signer ndn.Signer) error {
 	return nil
 }
 
-func (kc *KeyChainMem) String() string {
-	return "keychain-mem"
-}
-
 func (kc *KeyChainMem) InsertCert(wire []byte) error {
 	data, _, err := spec.Spec{}.ReadData(enc.NewBufferReader(wire))
 	if err != nil {