src/lib.rs

@@ -388,46 +388,27 @@ pub fn new_negative_report_key(db: &Db, date: u32) -> Option<PublicKey> {
     }
 }
 
-/// If we have a key for the requested day, return the secret part.
+/// Receive an encrypted negative report. Attempt to decrypt it and if
-pub fn get_negative_report_secret_key(db: &Db, date: u32) -> Option<StaticSecret> {
+/// successful, add it to the database to be processed later.
+pub fn handle_encrypted_negative_report(db: &Db, enc_report: EncryptedNegativeReport) {
     if db.contains_key("nr-keys").unwrap() {
         let nr_keys: BTreeMap<u32, StaticSecret> =
             match bincode::deserialize(&db.get("nr-keys").unwrap().unwrap()) {
                 Ok(map) => map,
                 Err(_) => {
-                    return None;
+                    return;
                 }
             };
-        if nr_keys.contains_key(&date) {
+        if nr_keys.contains_key(&enc_report.date) {
-            let secret = nr_keys.get(&date).unwrap();
+            let secret = nr_keys.get(&enc_report.date).unwrap();
-            Some(secret.clone())
+            let nr = match enc_report.decrypt(&secret) {
-        } else {
+                Ok(nr) => nr,
-            None
+                Err(_) => {
+                    return;
+                }
+            };
+            save_negative_report_to_process(&db, nr);
         }
-    } else {
-        None
-    }
-}
-
-/// If we have a key for the requested day, return the public part.
-pub fn get_negative_report_public_key(db: &Db, date: u32) -> Option<PublicKey> {
-    match get_negative_report_secret_key(&db, date) {
-        Some(secret) => Some(PublicKey::from(&secret)),
-        None => None,
-    }
-}
-
-/// Receive an encrypted negative report. Attempt to decrypt it and if
-/// successful, add it to the database to be processed later.
-pub fn handle_encrypted_negative_report(db: &Db, enc_report: EncryptedNegativeReport) {
-    match get_negative_report_secret_key(&db, enc_report.date) {
-        Some(secret) => match enc_report.decrypt(&secret) {
-            Ok(nr) => {
-                save_negative_report_to_process(&db, nr);
-            }
-            Err(_) => {}
-        },
-        None => {}
     }
 }
 

src/request_handler.rs

@@ -15,31 +15,10 @@ pub async fn handle(db: &Db, req: Request<Body>) -> Result<Response<Body>, Infal
             .body(Body::from("Allow POST"))
             .unwrap()),
         _ => match (req.method(), req.uri().path()) {
-            #[cfg(feature = "simulation")]
-            (&Method::POST, "/nrkey") => Ok::<_, Infallible>({
-                // We need a way for simulated users to get the keys to
-                // encrypt their negative reports. As Troll Patrol may
-                // not be directly accessible when users are submitting
-                // negative reports, in practice we expect that these
-                // keys will be made available elsewhere.
-                let bytes = body::to_bytes(req.into_body()).await.unwrap();
-                // Expect the body to contain the date for the key the
-                // user requests.
-                let date: u32 = match serde_json::from_slice(&bytes) {
-                    Ok(date) => date,
-                    Err(e) => {
-                        let response = json!({"error": e.to_string()});
-                        let val = serde_json::to_string(&response).unwrap();
-                        return Ok(prepare_header(val));
-                    }
-                };
-                let pubkey = get_negative_report_public_key(&db, date);
-                prepare_header(serde_json::to_string(&pubkey).unwrap())
-            }),
             (&Method::POST, "/negativereport") => Ok::<_, Infallible>({
                 let bytes = body::to_bytes(req.into_body()).await.unwrap();
                 // We cannot depend on the transport layer providing E2EE, so
-                // negative reports should be separately encrypted.
+                // positive reports should be separately encrypted.
                 let enr: EncryptedNegativeReport = match bincode::deserialize(&bytes) {
                     Ok(enr) => enr,
                     Err(e) => {

src/simulation/state.rs

@@ -1,5 +1,7 @@
 use lox_cli::networking::*;
 use lox_library::IssuerPubKey;
+use std::collections::HashMap;
+use x25519_dalek::PublicKey;
 
 pub struct State {
     pub la_pubkeys: Vec<IssuerPubKey>,
@@ -14,4 +16,5 @@ pub struct State {
     pub prob_user_is_censor: f64,
     pub prob_user_submits_reports: f64,
     pub probs_user_in_country: Vec<(String, f64)>,
+    pub tp_pubkeys: HashMap<u32, PublicKey>,
 }

src/simulation/user.rs

@@ -9,7 +9,6 @@ use lox_library::{
     bridge_table::BridgeLine, cred::Lox, proto::check_blockage::MIN_TRUST_LEVEL, scalar_u32,
 };
 use rand::Rng;
-use x25519_dalek::PublicKey;
 
 pub struct User {
     // Does this user cooperate with a censor?
@@ -143,18 +142,7 @@ impl User {
 
     pub async fn send_negative_reports(state: &State, reports: Vec<NegativeReport>) {
         let date = get_date();
-        //let pubkey = state.tp_pubkeys.get(&date).unwrap();
+        let pubkey = state.tp_pubkeys.get(&date).unwrap();
-        let pubkey = serde_json::from_slice::<Option<PublicKey>>(
-            &state
-                .net_tp
-                .request(
-                    "/nrkey".to_string(),
-                    serde_json::to_string(&date).unwrap().into(),
-                )
-                .await,
-        )
-        .unwrap()
-        .unwrap();
         for report in reports {
             state
                 .net_tp
@@ -200,10 +188,13 @@ impl User {
         let mut succeeded = Vec::<BridgeLine>::new();
         for i in 0..bucket.len() {
             // At level 0, we only have 1 bridge
-            if level > 0 || i == 0 {
+            if (level > 0 || i == 0) && self.connect(&bucket[i]) {
-                if self.connect(&bucket[i]) {
+                if self.submits_reports && level >= 3 {
                     succeeded.push(bucket[i]);
-                } else {
+                }
+                break;
+            } else {
+                if self.submits_reports {
                     failed.push(bucket[i]);
                 }
             }