fluencelabs/fluence-js
1
0
Fork 0
mirror of https://github.com/fluencelabs/fluence-js.git synced 2025-04-25 09:52:12 +00:00
Code Issues Projects Releases Wiki Activity

fix(signatures): Add signature checks [fixes DXJ-488] (#357)

Browse Source 
Add signature checks
This commit is contained in:
Akim 2023-10-12 21:01:41 +07:00 committed by GitHub
parent 47a610b71e
commit a8e5eb6c1e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 32 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
packages/core/js-client/src/connection/RelayConnection.ts
View File

@ -121,19 +121,19 @@ export class RelayConnection implements IConnection {
}, },
connectionGater: { connectionGater: {
// By default, this function forbids connections to private peers. For example multiaddr with ip 127.0.0.1 isn't allowed // By default, this function forbids connections to private peers. For example multiaddr with ip 127.0.0.1 isn't allowed
denyDialMultiaddr: () => Promise.resolve(false) denyDialMultiaddr: () => Promise.resolve(false),
}, },
services: { services: {
identify: identifyService(), identify: identifyService(),
ping: pingService() ping: pingService(),
} },
}); });
const supportedProtocols = (await this.lib2p2Peer.peerStore.get(this.lib2p2Peer.peerId)).protocols; const supportedProtocols = (await this.lib2p2Peer.peerStore.get(this.lib2p2Peer.peerId)).protocols;
await this.lib2p2Peer.peerStore.patch(this.lib2p2Peer.peerId, { await this.lib2p2Peer.peerStore.patch(this.lib2p2Peer.peerId, {
protocols: [...supportedProtocols, PROTOCOL_NAME] protocols: [...supportedProtocols, PROTOCOL_NAME],
}); });
await this.connect(); await this.connect();
} }
@ -166,14 +166,10 @@ export class RelayConnection implements IConnection {
log.trace('created stream with id ', stream.id); log.trace('created stream with id ', stream.id);
const sink = stream.sink; const sink = stream.sink;
await pipe( await pipe([fromString(serializeToString(particle))], encode(), sink);
[fromString(serializeToString(particle))],
encode(),
sink,
);
log.trace('data written to sink'); log.trace('data written to sink');
} }
private async processIncomingMessage(msg: string, stream: Stream) { private async processIncomingMessage(msg: string, stream: Stream) {
let particle: Particle | undefined; let particle: Particle | undefined;
try { try {
@ -182,13 +178,19 @@ export class RelayConnection implements IConnection {
const initPeerId = peerIdFromString(particle.initPeerId); const initPeerId = peerIdFromString(particle.initPeerId);
if (initPeerId.publicKey === undefined) { if (initPeerId.publicKey === undefined) {
log.error('cannot retrieve public key from init_peer_id. particle id: %s. init_peer_id: %s', particle.id, particle.initPeerId); log.error(
'cannot retrieve public key from init_peer_id. particle id: %s. init_peer_id: %s',
particle.id,
particle.initPeerId,
);
return; return;
} }
// TODO: uncomment this after nox rolls out signature verification const isVerified = await KeyPair.verifyWithPublicKey(
// const isVerified = await KeyPair.verifyWithPublicKey(initPeerId.publicKey, buildParticleMessage(particle), particle.signature); initPeerId.publicKey,
const isVerified = true; buildParticleMessage(particle),
particle.signature,
);
if (isVerified) { if (isVerified) {
this.particleSource.next(particle); this.particleSource.next(particle);
} else { } else {
@ -208,20 +210,21 @@ export class RelayConnection implements IConnection {
await this.lib2p2Peer.handle( await this.lib2p2Peer.handle(
[PROTOCOL_NAME], [PROTOCOL_NAME],
async ({ connection, stream }) => pipe( async ({ connection, stream }) =>
stream.source, pipe(
decode(), stream.source,
(source) => map(source, (buf) => toString(buf.subarray())), decode(),
async (source) => { (source) => map(source, (buf) => toString(buf.subarray())),
try { async (source) => {
for await (const msg of source) { try {
await this.processIncomingMessage(msg, stream); for await (const msg of source) {
await this.processIncomingMessage(msg, stream);
}
} catch (e) {
log.error('connection closed: %j', e);
} }
} catch (e) { },
log.error('connection closed: %j', e); ),
}
},
),
{ {
maxInboundStreams: this.config.maxInboundStreams, maxInboundStreams: this.config.maxInboundStreams,
maxOutboundStreams: this.config.maxOutboundStreams, maxOutboundStreams: this.config.maxOutboundStreams,