js-libp2p-noise/src/handshake-xx.ts

import { Buffer } from "buffer";

import { XX } from "./handshakes/xx";
import { KeyPair } from "./@types/libp2p";
import { bytes, bytes32 } from "./@types/basic";
import { NoiseSession } from "./@types/handshake";
import {IHandshake} from "./@types/handshake-interface";
import {
  decodePayload,
  getPeerIdFromPayload,
  verifySignedPayload,
} from "./utils";
import {
  logger, 
  logLocalStaticKeys, 
  logLocalEphemeralKeys, 
  logRemoteEphemeralKey, 
  logRemoteStaticKey, 
  logCipherState, 
} from "./logger";
import {decode0, decode1, decode2, encode0, encode1, encode2} from "./encoder";
import { WrappedConnection } from "./noise";
import PeerId from "peer-id";

export class XXHandshake implements IHandshake {
  public isInitiator: boolean;
  public session: NoiseSession;
  public remotePeer!: PeerId;

  protected payload: bytes;
  protected connection: WrappedConnection;
  protected xx: XX;
  protected staticKeypair: KeyPair;

  private prologue: bytes32;

  constructor(
    isInitiator: boolean,
    payload: bytes,
    prologue: bytes32,
    staticKeypair: KeyPair,
    connection: WrappedConnection,
    remotePeer?: PeerId,
    handshake?: XX,
  ) {
    this.isInitiator = isInitiator;
    this.payload = payload;
    this.prologue = prologue;
    this.staticKeypair = staticKeypair;
    this.connection = connection;
    if(remotePeer) {
      this.remotePeer = remotePeer;
    }
    this.xx = handshake || new XX();
    this.session = this.xx.initSession(this.isInitiator, this.prologue, this.staticKeypair);
  }

  // stage 0
  public async propose(): Promise<void> {
    logLocalStaticKeys(this.session.hs.s)
    if (this.isInitiator) {
      logger("Stage 0 - Initiator starting to send first message.");
      const messageBuffer = this.xx.sendMessage(this.session, Buffer.alloc(0));
      this.connection.writeLP(encode0(messageBuffer));
      logger("Stage 0 - Initiator finished sending first message.");
      logLocalEphemeralKeys(this.session.hs.e)
    } else {
      logger("Stage 0 - Responder waiting to receive first message...");
      const receivedMessageBuffer = decode0((await this.connection.readLP()).slice());
      const {valid} = this.xx.recvMessage(this.session, receivedMessageBuffer);
      if(!valid) {
        throw new Error("xx handshake stage 0 validation fail");
      }
      logger("Stage 0 - Responder received first message.");
      logRemoteEphemeralKey(this.session.hs.re)
    }
  }

  // stage 1
  public async exchange(): Promise<void> {
    if (this.isInitiator) {
      logger('Stage 1 - Initiator waiting to receive first message from responder...');
      const receivedMessageBuffer = decode1((await this.connection.readLP()).slice());
      const {plaintext, valid} = this.xx.recvMessage(this.session, receivedMessageBuffer);
      if(!valid) {
        throw new Error("xx handshake stage 1 validation fail");
      }
      logger('Stage 1 - Initiator received the message.');
      logRemoteEphemeralKey(this.session.hs.re)
      logRemoteStaticKey(this.session.hs.rs)

      logger("Initiator going to check remote's signature...");
      try {
        const decodedPayload = await decodePayload(plaintext);
        this.remotePeer = this.remotePeer || await getPeerIdFromPayload(decodedPayload);
        this.remotePeer = await verifySignedPayload(receivedMessageBuffer.ns, decodedPayload, this.remotePeer);
      } catch (e) {
        throw new Error(`Error occurred while verifying signed payload: ${e.message}`);
      }
      logger("All good with the signature!");
    } else {
      logger('Stage 1 - Responder sending out first message with signed payload and static key.');
      const messageBuffer = this.xx.sendMessage(this.session, this.payload);
      this.connection.writeLP(encode1(messageBuffer));
      logger('Stage 1 - Responder sent the second handshake message with signed payload.')
      logLocalEphemeralKeys(this.session.hs.e)
    }
  }

  // stage 2
  public async finish(): Promise<void> {
    if (this.isInitiator) {
      logger('Stage 2 - Initiator sending third handshake message.');
      const messageBuffer = this.xx.sendMessage(this.session, this.payload);
      this.connection.writeLP(encode2(messageBuffer));
      logger('Stage 2 - Initiator sent message with signed payload.');
    } else {
      logger('Stage 2 - Responder waiting for third handshake message...');
      const receivedMessageBuffer = decode2((await this.connection.readLP()).slice());
      const {plaintext, valid} = this.xx.recvMessage(this.session, receivedMessageBuffer);
      if(!valid) {
        throw new Error("xx handshake stage 2 validation fail");
      }
      logger('Stage 2 - Responder received the message, finished handshake.');

      try {
        const decodedPayload = await decodePayload(plaintext);
        this.remotePeer = this.remotePeer || await getPeerIdFromPayload(decodedPayload);
        await verifySignedPayload(this.session.hs.rs, decodedPayload, this.remotePeer);
      } catch (e) {
        throw new Error(`Error occurred while verifying signed payload: ${e.message}`);
      }
    }
    logCipherState(this.session)
  }

  public encrypt(plaintext: bytes, session: NoiseSession): bytes {
    const cs = this.getCS(session);

    return this.xx.encryptWithAd(cs, Buffer.alloc(0), plaintext);
  }

  public decrypt(ciphertext: bytes, session: NoiseSession): {plaintext: bytes; valid: boolean} {
    const cs = this.getCS(session, false);
    return this.xx.decryptWithAd(cs, Buffer.alloc(0), ciphertext);
  }

  public getRemoteStaticKey(): bytes {
    return this.session.hs.rs;
  }

  private getCS(session: NoiseSession, encryption = true) {
    if (!session.cs1 || !session.cs2) {
      throw new Error("Handshake not completed properly, cipher state does not exist.");
    }

    if (this.isInitiator) {
      return encryption ? session.cs1 : session.cs2;
    } else {
      return encryption ? session.cs2 : session.cs1;
    }
  }
}
Add debug 2019-11-27 08:39:06 +01:00			`import { Buffer } from "buffer";`

Better naming 2020-01-05 19:09:59 +01:00			`import { XX } from "./handshakes/xx";`
use built in peer id types 2020-02-07 12:59:52 +01:00			`import { KeyPair } from "./@types/libp2p";`
Move handshake types to separate file 2019-12-24 20:54:45 +01:00			`import { bytes, bytes32 } from "./@types/basic";`
			`import { NoiseSession } from "./@types/handshake";`
Address PR comments 2020-01-07 13:34:45 +01:00			`import {IHandshake} from "./@types/handshake-interface";`
Write handshake test 2019-11-22 12:52:59 +01:00			`import {`
Address PR comment and refactor setting remote peer 2020-02-10 13:51:32 +01:00			`decodePayload,`
better ik flow 2020-02-07 20:21:27 +01:00			`getPeerIdFromPayload,`
Verify peer id 2019-12-03 13:39:33 +01:00			`verifySignedPayload,`
Write handshake test 2019-11-22 12:52:59 +01:00			`} from "./utils";`
Lint multiline imports 2020-04-17 09:48:55 +02:00			`import {`
			`logger,`
			`logLocalStaticKeys,`
			`logLocalEphemeralKeys,`
			`logRemoteEphemeralKey,`
			`logRemoteStaticKey,`
			`logCipherState,`
			`} from "./logger";`
remove empty ephemeral key from XX message C 2020-03-03 12:44:37 -05:00			`import {decode0, decode1, decode2, encode0, encode1, encode2} from "./encoder";`
Add debug 2019-11-27 08:39:06 +01:00			`import { WrappedConnection } from "./noise";`
use built in peer id types 2020-02-07 12:59:52 +01:00			`import PeerId from "peer-id";`
Address PR comments 2019-11-20 13:23:36 +01:00
Address PR comments 2020-01-07 13:34:45 +01:00			`export class XXHandshake implements IHandshake {`
Write encryption generators 2019-11-25 13:09:40 +01:00			`public isInitiator: boolean;`
Update handling keys, refactoring 2019-11-28 17:32:46 +01:00			`public session: NoiseSession;`
better ik flow 2020-02-07 20:21:27 +01:00			`public remotePeer!: PeerId;`
Write encryption generators 2019-11-25 13:09:40 +01:00
Fix merging updated payload signing 2020-01-11 20:20:57 +01:00			`protected payload: bytes;`
Create XX fallback flow 2020-01-05 19:00:16 +01:00			`protected connection: WrappedConnection;`
Better naming 2020-01-05 19:09:59 +01:00			`protected xx: XX;`
Address PR comments 2020-01-07 13:34:45 +01:00			`protected staticKeypair: KeyPair;`
Create fallback test 2020-01-07 10:16:57 +01:00
			`private prologue: bytes32;`
Address PR comments 2019-11-20 13:23:36 +01:00
			`constructor(`
Write encryption generators 2019-11-25 13:09:40 +01:00			`isInitiator: boolean,`
use libp2p keys from PeerId argument 2020-01-07 16:59:41 +01:00			`payload: bytes,`
Create interface according to spec 2019-11-11 21:58:04 +01:00			`prologue: bytes32,`
Address PR comments 2020-01-07 13:34:45 +01:00			`staticKeypair: KeyPair,`
Write handshake test 2019-11-22 12:52:59 +01:00			`connection: WrappedConnection,`
better ik flow 2020-02-07 20:21:27 +01:00			`remotePeer?: PeerId,`
Better naming 2020-01-05 19:09:59 +01:00			`handshake?: XX,`
Address PR comments 2019-11-20 13:23:36 +01:00			`) {`
Write encryption generators 2019-11-25 13:09:40 +01:00			`this.isInitiator = isInitiator;`
use libp2p keys from PeerId argument 2020-01-07 16:59:41 +01:00			`this.payload = payload;`
Address PR comments 2019-11-20 13:23:36 +01:00			`this.prologue = prologue;`
Address PR comments 2020-01-07 13:34:45 +01:00			`this.staticKeypair = staticKeypair;`
handshake propose 2019-11-20 22:52:08 +01:00			`this.connection = connection;`
better ik flow 2020-02-07 20:21:27 +01:00			`if(remotePeer) {`
			`this.remotePeer = remotePeer;`
			`}`
Better naming 2020-01-05 19:09:59 +01:00			`this.xx = handshake \|\| new XX();`
Address PR comments 2020-01-07 13:34:45 +01:00			`this.session = this.xx.initSession(this.isInitiator, this.prologue, this.staticKeypair);`
Address PR comments 2019-11-20 13:23:36 +01:00			`}`

handshake propose 2019-11-20 22:52:08 +01:00			`// stage 0`
Create handshake interface to support performing different handshakes 2020-01-03 15:43:56 +01:00			`public async propose(): Promise<void> {`
Replace log statements with log functions 2020-04-14 15:10:48 +02:00			`logLocalStaticKeys(this.session.hs.s)`
Write encryption generators 2019-11-25 13:09:40 +01:00			`if (this.isInitiator) {`
Log handshake steps 2019-12-02 11:24:30 +01:00			`logger("Stage 0 - Initiator starting to send first message.");`
Remove promises from xx 2019-12-03 15:12:55 +01:00			`const messageBuffer = this.xx.sendMessage(this.session, Buffer.alloc(0));`
Update encoder functions 2020-01-07 10:29:40 +01:00			`this.connection.writeLP(encode0(messageBuffer));`
Update timing of initiator payloading sending to verify that payload 2019-12-02 15:24:49 +01:00			`logger("Stage 0 - Initiator finished sending first message.");`
Replace log statements with log functions 2020-04-14 15:10:48 +02:00			`logLocalEphemeralKeys(this.session.hs.e)`
handshake propose 2019-11-20 22:52:08 +01:00			`} else {`
Log handshake steps 2019-12-02 11:24:30 +01:00			`logger("Stage 0 - Responder waiting to receive first message...");`
fix return types 2020-02-14 10:10:42 +01:00			`const receivedMessageBuffer = decode0((await this.connection.readLP()).slice());`
validate aead decryption 2020-03-01 19:05:53 +01:00			`const {valid} = this.xx.recvMessage(this.session, receivedMessageBuffer);`
			`if(!valid) {`
			`throw new Error("xx handshake stage 0 validation fail");`
			`}`
Log handshake steps 2019-12-02 11:24:30 +01:00			`logger("Stage 0 - Responder received first message.");`
Replace log statements with log functions 2020-04-14 15:10:48 +02:00			`logRemoteEphemeralKey(this.session.hs.re)`
Update handling keys, refactoring 2019-11-28 17:32:46 +01:00			`}`
Create interface according to spec 2019-11-11 21:58:04 +01:00			`}`
Address PR comments 2019-11-20 13:23:36 +01:00
Fix tslint 2019-11-21 14:43:12 +01:00			`// stage 1`
Create handshake interface to support performing different handshakes 2020-01-03 15:43:56 +01:00			`public async exchange(): Promise<void> {`
Write encryption generators 2019-11-25 13:09:40 +01:00			`if (this.isInitiator) {`
Log handshake steps 2019-12-02 11:24:30 +01:00			`logger('Stage 1 - Initiator waiting to receive first message from responder...');`
fix return types 2020-02-14 10:10:42 +01:00			`const receivedMessageBuffer = decode1((await this.connection.readLP()).slice());`
validate aead decryption 2020-03-01 19:05:53 +01:00			`const {plaintext, valid} = this.xx.recvMessage(this.session, receivedMessageBuffer);`
			`if(!valid) {`
			`throw new Error("xx handshake stage 1 validation fail");`
			`}`
			`logger('Stage 1 - Initiator received the message.');`
Replace log statements with log functions 2020-04-14 15:10:48 +02:00			`logRemoteEphemeralKey(this.session.hs.re)`
			`logRemoteStaticKey(this.session.hs.rs)`
Write functions for verification 2019-12-02 12:53:00 +01:00
Update timing of initiator payloading sending to verify that payload 2019-12-02 15:24:49 +01:00			`logger("Initiator going to check remote's signature...");`
Verify peer id 2019-12-03 13:39:33 +01:00			`try {`
Address PR comment and refactor setting remote peer 2020-02-10 13:51:32 +01:00			`const decodedPayload = await decodePayload(plaintext);`
			`this.remotePeer = this.remotePeer \|\| await getPeerIdFromPayload(decodedPayload);`
			`this.remotePeer = await verifySignedPayload(receivedMessageBuffer.ns, decodedPayload, this.remotePeer);`
Verify peer id 2019-12-03 13:39:33 +01:00			`} catch (e) {`
			throw new Error(`Error occurred while verifying signed payload: ${e.message}`);
			`}`
Update timing of initiator payloading sending to verify that payload 2019-12-02 15:24:49 +01:00			`logger("All good with the signature!");`
Written handshake exchange 2019-11-21 13:38:39 +01:00			`} else {`
Log handshake steps 2019-12-02 11:24:30 +01:00			`logger('Stage 1 - Responder sending out first message with signed payload and static key.');`
use libp2p keys from PeerId argument 2020-01-07 16:59:41 +01:00			`const messageBuffer = this.xx.sendMessage(this.session, this.payload);`
Update encoder functions 2020-01-07 10:29:40 +01:00			`this.connection.writeLP(encode1(messageBuffer));`
Update timing of initiator payloading sending to verify that payload 2019-12-02 15:24:49 +01:00			`logger('Stage 1 - Responder sent the second handshake message with signed payload.')`
Replace log statements with log functions 2020-04-14 15:10:48 +02:00			`logLocalEphemeralKeys(this.session.hs.e)`
Written handshake exchange 2019-11-21 13:38:39 +01:00			`}`
Address PR comments 2019-11-20 13:23:36 +01:00			`}`

Fix tslint 2019-11-21 14:43:12 +01:00			`// stage 2`
Merge remote-tracking branch 'remotes/origin/master' into feature/xx-fallback # Conflicts: # src/handshake-xx.ts # src/noise.ts # src/utils.ts # test/noise.test.ts # test/xx-handshake.test.ts 2020-01-11 15:24:33 +01:00			`public async finish(): Promise<void> {`
Write encryption generators 2019-11-25 13:09:40 +01:00			`if (this.isInitiator) {`
Log handshake steps 2019-12-02 11:24:30 +01:00			`logger('Stage 2 - Initiator sending third handshake message.');`
use libp2p keys from PeerId argument 2020-01-07 16:59:41 +01:00			`const messageBuffer = this.xx.sendMessage(this.session, this.payload);`
remove empty ephemeral key from XX message C 2020-03-03 12:44:37 -05:00			`this.connection.writeLP(encode2(messageBuffer));`
Update timing of initiator payloading sending to verify that payload 2019-12-02 15:24:49 +01:00			`logger('Stage 2 - Initiator sent message with signed payload.');`
Written handshake exchange 2019-11-21 13:38:39 +01:00			`} else {`
Log handshake steps 2019-12-02 11:24:30 +01:00			`logger('Stage 2 - Responder waiting for third handshake message...');`
remove empty ephemeral key from XX message C 2020-03-03 12:44:37 -05:00			`const receivedMessageBuffer = decode2((await this.connection.readLP()).slice());`
validate aead decryption 2020-03-01 19:05:53 +01:00			`const {plaintext, valid} = this.xx.recvMessage(this.session, receivedMessageBuffer);`
			`if(!valid) {`
			`throw new Error("xx handshake stage 2 validation fail");`
			`}`
			`logger('Stage 2 - Responder received the message, finished handshake.');`
Update timing of initiator payloading sending to verify that payload 2019-12-02 15:24:49 +01:00
Verify peer id 2019-12-03 13:39:33 +01:00			`try {`
Address PR comment and refactor setting remote peer 2020-02-10 13:51:32 +01:00			`const decodedPayload = await decodePayload(plaintext);`
			`this.remotePeer = this.remotePeer \|\| await getPeerIdFromPayload(decodedPayload);`
handle aead auth tag 2020-02-17 12:11:55 +01:00			`await verifySignedPayload(this.session.hs.rs, decodedPayload, this.remotePeer);`
Verify peer id 2019-12-03 13:39:33 +01:00			`} catch (e) {`
			throw new Error(`Error occurred while verifying signed payload: ${e.message}`);
			`}`
Written handshake exchange 2019-11-21 13:38:39 +01:00			`}`
Replace log statements with log functions 2020-04-14 15:10:48 +02:00			`logCipherState(this.session)`
Address PR comments 2019-11-20 13:23:36 +01:00			`}`
Write encryption generators 2019-11-25 13:09:40 +01:00
Address PR comments 2019-12-02 10:48:19 +01:00			`public encrypt(plaintext: bytes, session: NoiseSession): bytes {`
Write encryption generators 2019-11-25 13:09:40 +01:00			`const cs = this.getCS(session);`
Address PR comments 2019-12-02 10:48:19 +01:00
Write encryption generators 2019-11-25 13:09:40 +01:00			`return this.xx.encryptWithAd(cs, Buffer.alloc(0), plaintext);`
			`}`

validate aead decryption 2020-03-01 19:05:53 +01:00			`public decrypt(ciphertext: bytes, session: NoiseSession): {plaintext: bytes; valid: boolean} {`
Write encryption generators 2019-11-25 13:09:40 +01:00			`const cs = this.getCS(session, false);`
			`return this.xx.decryptWithAd(cs, Buffer.alloc(0), ciphertext);`
			`}`

Use static key caching 2020-01-13 16:33:58 +01:00			`public getRemoteStaticKey(): bytes {`
			`return this.session.hs.rs;`
			`}`

Write encryption generators 2019-11-25 13:09:40 +01:00			`private getCS(session: NoiseSession, encryption = true) {`
			`if (!session.cs1 \|\| !session.cs2) {`
			`throw new Error("Handshake not completed properly, cipher state does not exist.");`
			`}`

			`if (this.isInitiator) {`
			`return encryption ? session.cs1 : session.cs2;`
			`} else {`
			`return encryption ? session.cs2 : session.cs1;`
			`}`
			`}`
Create interface according to spec 2019-11-11 21:58:04 +01:00			`}`