da2ce7
diff --git a/‎packages/configuration/src/v2_0_0/udp_tracker.rs
+10 b/‎packages/configuration/src/v2_0_0/udp_tracker.rs
+10
diff --git a/‎packages/test-helpers/src/configuration.rs
+2 b/‎packages/test-helpers/src/configuration.rs
+2
diff --git a/‎src/bootstrap/app.rs
+15-4 b/‎src/bootstrap/app.rs
+15-4
diff --git a/‎src/bootstrap/jobs/udp_tracker.rs
+2-1 b/‎src/bootstrap/jobs/udp_tracker.rs
+2-1
diff --git a/‎src/servers/udp/connection_cookie.rs
+54-33 b/‎src/servers/udp/connection_cookie.rs
+54-33
@@ -1,4 +1,5 @@
 use std::net::{IpAddr, Ipv4Addr, SocketAddr};
+use std::time::Duration;
 
 use serde::{Deserialize, Serialize};
 
@@ -10,11 +11,16 @@ pub struct UdpTracker {
     /// system to choose a random port, use port `0`.
     #[serde(default = "UdpTracker::default_bind_address")]
     pub bind_address: SocketAddr,
+
+    /// The lifetime of the server-generated connection cookie, that is passed
+    /// the client as the `ConnectionId`.
+    pub cookie_lifetime: Duration,
 }
 impl Default for UdpTracker {
     fn default() -> Self {
         Self {
             bind_address: Self::default_bind_address(),
+            cookie_lifetime: Self::default_cookie_lifetime(),
         }
     }
 }
@@ -23,4 +29,8 @@ impl UdpTracker {
     fn default_bind_address() -> SocketAddr {
         SocketAddr::new(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), 6969)
     }
+
+    fn default_cookie_lifetime() -> Duration {
+        Duration::from_secs(120)
+    }
 }
@@ -1,6 +1,7 @@
 //! Tracker configuration factories for testing.
 use std::env;
 use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr};
+use std::time::Duration;
 
 use torrust_tracker_configuration::{Configuration, HttpApi, HttpTracker, Threshold, UdpTracker};
 
@@ -47,6 +48,7 @@ pub fn ephemeral() -> Configuration {
     let udp_port = 0u16;
     config.udp_trackers = Some(vec![UdpTracker {
         bind_address: SocketAddr::new(IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)), udp_port),
+        cookie_lifetime: Duration::from_secs(120),
     }]);
 
     // Ephemeral socket address for HTTP tracker
 
@@ -23,7 +23,7 @@ use crate::bootstrap;
 use crate::core::services::tracker_factory;
 use crate::core::Tracker;
 use crate::shared::crypto::ephemeral_instance_keys;
-use crate::shared::crypto::keys::seeds::{self, Keeper as _};
+use crate::shared::crypto::keys::{self, Keeper as _};
 
 /// It loads the configuration from the environment and builds the main domain [`Tracker`] struct.
 ///
@@ -49,11 +49,16 @@ pub fn setup() -> (Configuration, Arc<Tracker>) {
     (configuration, tracker)
 }
 
+/// checks if the seed is the instance seed in production.
+///
+/// # Panics
+///
+/// It would panic if the seed is not the instance seed.
 pub fn check_seed() {
-    let seed = seeds::Current::get_seed();
-    let instance = seeds::Instance::get_seed();
+    let seed = keys::Current::get_seed();
+    let instance = keys::Instance::get_seed();
 
-    assert_eq!(seed, instance, "maybe using zeroed see in production!?")
+    assert_eq!(seed, instance, "maybe using zeroed see in production!?");
 }
 
 /// It initializes the application with the given configuration.
@@ -80,6 +85,12 @@ pub fn initialize_static() {
 
     // Initialize the Ephemeral Instance Random Seed
     lazy_static::initialize(&ephemeral_instance_keys::RANDOM_SEED);
+
+    // Initialize the Ephemeral Instance Random Cipher
+    lazy_static::initialize(&ephemeral_instance_keys::RANDOM_CIPHER_BLOWFISH);
+
+    // Initialize the Zeroed Cipher
+    lazy_static::initialize(&ephemeral_instance_keys::ZEROED_TEST_CIPHER_BLOWFISH);
 }
 
 /// It builds the domain tracker
 
@@ -32,9 +32,10 @@ use crate::servers::udp::UDP_TRACKER_LOG_TARGET;
 #[instrument(skip(config, tracker, form))]
 pub async fn start_job(config: &UdpTracker, tracker: Arc<core::Tracker>, form: ServiceRegistrationForm) -> JoinHandle<()> {
     let bind_to = config.bind_address;
+    let cookie_lifetime = config.cookie_lifetime;
 
     let server = Server::new(Spawner::new(bind_to))
-        .start(tracker, form)
+        .start(tracker, form, cookie_lifetime)
         .await
         .expect("it should be able to start the udp tracker");
 
 
@@ -1,31 +1,32 @@
-//! Module for generating and verifying connection IDs (cookies) used in the UDP tracker protocol.
+//! Module for Generating and Verifying Connection IDs (Cookies) in the UDP Tracker Protocol
 //!
 //! **Overview:**
 //!
-//! In the BitTorrent UDP tracker protocol, clients must establish a connection by obtaining a connection ID from the server. This connection ID helps prevent IP spoofing and replay attacks by ensuring that only legitimate clients can interact with the tracker.
+//! In the `BitTorrent` UDP tracker protocol, clients initiate communication by obtaining a connection ID from the server. This connection ID serves as a safeguard against IP spoofing and replay attacks, ensuring that only legitimate clients can interact with the tracker.
 //!
-//! Instead of storing connection IDs on the server (which would require maintaining state), this module implements a stateless method for generating and verifying connection IDs based on the client's fingerprint (typically derived from the client's IP address) and the time of issuance.
+//! To maintain a stateless server architecture, this module implements a method for generating and verifying connection IDs based on the client's fingerprint (typically derived from the client's IP address) and the time of issuance, without storing state on the server.
 //!
-//! The Connection ID is an encrypted opaque cookie that he held by the client. Therefore endianness is not a concern as the same server checks the cookie as produced it.
+//! The connection ID is an encrypted, opaque cookie held by the client. Since the same server that generates the cookie also validates it, endianness is not a concern.
 //!
 //! **Connection ID Generation Algorithm:**
 //!
-//! The connection ID is generated using the following steps:
-//!
 //! 1. **Issue Time (`issue_at`):**
 //!    - Obtain the current time as a 64-bit floating-point number (`f64`), representing seconds since the Unix epoch.
 //!
 //! 2. **Fingerprint:**
 //!    - Use an 8-byte fingerprint unique to the client (e.g., derived from the client's IP address).
 //!
 //! 3. **Assemble Cookie Value:**
-//!    - Interpret the bytes of `issue_at` as a 64-bit integer (`i64`) without changing the bit pattern.
-//!    - Interpret the fingerprint bytes as an `i64` in the same way.
-//!    - Compute `cookie_value = issue_at_i64.wrapping_add(fingerprint_i64)`.
-//!      - **Note:** Wrapping addition handles potential integer overflows gracefully.
+//!    - Interpret the bytes of `issue_at` as a 64-bit integer (`i64`) without altering the bit pattern.
+//!    - Similarly, interpret the fingerprint bytes as an `i64`.
+//!    - Compute the cookie value:
+//!      ```rust
+//!      cookie_value = issue_at_i64.wrapping_add(fingerprint_i64);
+//!      ```
+//!      - *Note:* Wrapping addition handles potential integer overflows gracefully.
 //!
 //! 4. **Encrypt Cookie Value:**
-//!    - Use a symmetric block cipher (from `Current::get_cipher()`) to encrypt `cookie_value`.
+//!    - Encrypt `cookie_value` using a symmetric block cipher obtained from `Current::get_cipher()`.
 //!    - The encrypted `cookie_value` becomes the connection ID sent to the client.
 //!
 //! **Connection ID Verification Algorithm:**
@@ -34,62 +35,82 @@
 //!
 //! 1. **Decrypt Connection ID:**
 //!    - Decrypt the received connection ID using the same cipher to retrieve `cookie_value`.
-//!    - **Important Note:** The decryption is non-authenticated. This means it does not verify the integrity or authenticity of the ciphertext. The decrypted `cookie_value` can be any byte sequence, including manipulated data.
+//!    - *Important:* The decryption is non-authenticated, meaning it does not verify the integrity or authenticity of the ciphertext. The decrypted `cookie_value` can be any byte sequence, including manipulated data.
 //!
 //! 2. **Recover Issue Time:**
 //!    - Interpret the fingerprint bytes as `i64`.
-//!    - Compute `issue_at_i64 = cookie_value.wrapping_sub(fingerprint_i64)`.
-//!      - **Note:** Wrapping subtraction handles potential integer underflows gracefully.
+//!    - Compute the issue time:
+//!      ```rust
+//!      issue_at_i64 = cookie_value.wrapping_sub(fingerprint_i64);
+//!      ```
+//!      - *Note:* Wrapping subtraction handles potential integer underflows gracefully.
 //!    - Reinterpret `issue_at_i64` bytes as an `f64` to get `issue_time`.
 //!
 //! 3. **Validate Issue Time:**
 //!    - **Handling Arbitrary `issue_time` Values:**
-//!        - Since the decrypted `cookie_value` can be arbitrary, `issue_time` can be any `f64` value, including special values like `NaN`, positive or negative infinity, and subnormal numbers.
+//!        - Since the decrypted `cookie_value` may be arbitrary, `issue_time` can be any `f64` value, including special values like `NaN`, positive or negative infinity, and subnormal numbers.
 //!    - **Validation Steps:**
 //!        - **Step 1:** Check if `issue_time` is finite using `issue_time.is_finite()`.
 //!            - If `issue_time` is `NaN` or infinite, it is considered invalid.
-//!        - **Step 2:** Perform range checks only if `issue_time` is finite:
-//!            - Check if `issue_time >= min` and `issue_time <= max`.
+//!        - **Step 2:** If `issue_time` is finite, perform range checks:
+//!            - Verify that `min <= issue_time <= max`.
 //!    - If `issue_time` passes these checks, accept the connection ID; otherwise, reject it with an appropriate error.
 //!
 //! **Security Considerations:**
 //!
 //! - **Non-Authenticated Encryption:**
-//!   - The block size is 8-bytes, there is no good authenticated encryption algorithm that will work with 8-bytes.
-//!   - It is not an option to expand to 16-bytes, as the protocol is an external and widely adopted deployed standard.
-//!   - Because the cipher does not provide authentication, attackers could forge or manipulate connection IDs.
-//!   - However, the probability of an arbitrary 64-bit value decrypting to a valid `issue_time` within the acceptable range is extremely low, and is thus used a form of authentication.
+//!   - Due to protocol constraints (an 8-byte connection ID), using an authenticated encryption algorithm is not feasible.
+//!   - As a result, attackers might attempt to forge or manipulate connection IDs.
+//!   - However, the probability of an arbitrary 64-bit value decrypting to a valid `issue_time` within the acceptable range is extremely low, effectively serving as a form of authentication.
 //!
 //! - **Handling Special `f64` Values:**
-//!   - By checking `issue_time.is_finite()`, we prevent `NaN` and infinite values from passing the validation.
-//!   - This ensures that only valid, finite timestamps are considered.
+//!   - By checking `issue_time.is_finite()`, the implementation excludes `NaN` and infinite values, ensuring that only valid, finite timestamps are considered.
 //!
 //! - **Probability of Successful Attack:**
-//!   - Given the narrow valid time window (usually 2 minutes) compared to the vast range of `f64`, the chance of successfully guessing a valid `issue_time` is negligible.
+//!   - Given the narrow valid time window (usually around 2 minutes) compared to the vast range of `f64` values, the chance of successfully guessing a valid `issue_time` is negligible.
+//!
+//! **Key Points:**
+//!
+//! - The server maintains a stateless design, reducing resource consumption and complexity.
+//! - Wrapping arithmetic ensures that the addition and subtraction of `i64` values are safe from overflow or underflow issues.
+//! - The validation process is robust against malformed or malicious connection IDs due to stringent checks on the deserialized `issue_time`.
+//! - The module leverages existing cryptographic primitives while acknowledging and addressing the limitations imposed by the protocol's specifications.
 //!
 
 use aquatic_udp_protocol::ConnectionId as Cookie;
 use cookie_builder::{assemble, decode, disassemble, encode};
 use zerocopy::AsBytes;
 
 use super::error::{self, Error};
-use crate::shared::crypto::keys::CipherArray;
+use crate::shared::crypto::keys::CipherArrayBlowfish;
 
 /// Generates a new connection cookie.
+///
+/// # Panics
+///
+/// It would panic if the cookie is not exactly 8 bytes is size.
 #[must_use]
 pub fn make(fingerprint: u64, issue_at: f64) -> Cookie {
     let cookie = assemble(fingerprint, issue_at);
     let cookie = encode(cookie);
 
     // using `read_from` as the array may be not correctly aligned
-    zerocopy::FromBytes::read_from(&cookie.as_slice()).expect("it should be the same size")
+    zerocopy::FromBytes::read_from(cookie.as_slice()).expect("it should be the same size")
 }
 
 /// Checks if the supplied `connection_cookie` is valid.
+///
+/// # Errors
+///
+/// It would error if the connection cookie is somehow invalid or expired.
+///
+/// # Panics
+///
+/// It would panic if somehow the cookie min value is larger than the max value.
 pub fn check(cookie: &Cookie, fingerprint: u64, min: f64, max: f64) -> Result<f64, Error> {
     assert!(min < max, "invalid constraint on number");
 
-    let cookie_bytes = CipherArray::from_slice(cookie.0.as_bytes());
+    let cookie_bytes = CipherArrayBlowfish::from_slice(cookie.0.as_bytes());
     let cookie_bytes = decode(*cookie_bytes);
 
     let issue_time = disassemble(fingerprint, cookie_bytes);
@@ -122,10 +143,10 @@ mod cookie_builder {
     use tracing::{instrument, Level};
     use zerocopy::{byteorder, AsBytes as _, NativeEndian};
 
-    pub type CookiePlainText = CipherArray;
-    pub type CookieCipherText = CipherArray;
+    pub type CookiePlainText = CipherArrayBlowfish;
+    pub type CookieCipherText = CipherArrayBlowfish;
 
-    use crate::shared::crypto::keys::{CipherArray, Current, Keeper};
+    use crate::shared::crypto::keys::{CipherArrayBlowfish, Current, Keeper};
 
     #[instrument(ret(level = Level::TRACE))]
     pub(super) fn assemble(fingerprint: u64, issue_at: f64) -> CookiePlainText {
@@ -138,7 +159,7 @@ mod cookie_builder {
         let cookie: byteorder::I64<NativeEndian> =
             *zerocopy::FromBytes::ref_from(&cookie.to_ne_bytes()).expect("it should be aligned");
 
-        *CipherArray::from_slice(cookie.as_bytes())
+        *CipherArrayBlowfish::from_slice(cookie.as_bytes())
     }
 
     #[instrument(ret(level = Level::TRACE))]
@@ -160,7 +181,7 @@ mod cookie_builder {
 
     #[instrument(ret(level = Level::TRACE))]
     pub(super) fn encode(mut cookie: CookiePlainText) -> CookieCipherText {
-        let cipher = Current::get_cipher();
+        let cipher = Current::get_cipher_blowfish();
 
         cipher.encrypt_block(&mut cookie);
 
@@ -169,7 +190,7 @@ mod cookie_builder {
 
     #[instrument(ret(level = Level::TRACE))]
     pub(super) fn decode(mut cookie: CookieCipherText) -> CookiePlainText {
-        let cipher = Current::get_cipher();
+        let cipher = Current::get_cipher_blowfish();
 
         cipher.decrypt_block(&mut cookie);
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`use std::net::{IpAddr, Ipv4Addr, SocketAddr};`
	`2`	`+use std::time::Duration;`
`2`	`3`
`3`	`4`	`use serde::{Deserialize, Serialize};`
`4`	`5`
`@@ -10,11 +11,16 @@ pub struct UdpTracker {`
`10`	`11`	/// system to choose a random port, use port `0`.
`11`	`12`	`#[serde(default = "UdpTracker::default_bind_address")]`
`12`	`13`	`pub bind_address: SocketAddr,`
	`14`	`+`
	`15`	`+ /// The lifetime of the server-generated connection cookie, that is passed`
	`16`	+ /// the client as the `ConnectionId`.
	`17`	`+ pub cookie_lifetime: Duration,`
`13`	`18`	`}`
`14`	`19`	`impl Default for UdpTracker {`
`15`	`20`	`fn default() -> Self {`
`16`	`21`	`Self {`
`17`	`22`	`bind_address: Self::default_bind_address(),`
	`23`	`+ cookie_lifetime: Self::default_cookie_lifetime(),`
`18`	`24`	`}`
`19`	`25`	`}`
`20`	`26`	`}`
`@@ -23,4 +29,8 @@ impl UdpTracker {`
`23`	`29`	`fn default_bind_address() -> SocketAddr {`
`24`	`30`	`SocketAddr::new(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), 6969)`
`25`	`31`	`}`
	`32`	`+`
	`33`	`+ fn default_cookie_lifetime() -> Duration {`
	`34`	`+ Duration::from_secs(120)`
	`35`	`+ }`
`26`	`36`	`}`