Update timing of initiator payloading sending to verify that payload

2025-06-19 08:41:39 +00:00 · 2019-12-02 15:24:49 +01:00
parent bf9ae90a5e
commit 6bb36f1663
5 changed files with 140 additions and 116 deletions
--- a/src/handshake.ts
+++ b/src/handshake.ts
@ -45,9 +45,55 @@ export class Handshake {
  }

  // stage 0
-  async propose(earlyData?: bytes): Promise<void> {
+  async propose(): Promise<void> {
    if (this.isInitiator) {
      logger("Stage 0 - Initiator starting to send first message.");
+      const messageBuffer = await this.xx.sendMessage(this.session, Buffer.alloc(0));
+      this.connection.writeLP(encodeMessageBuffer(messageBuffer));
+      logger("Stage 0 - Initiator finished sending first message.");
+    } else {
+      logger("Stage 0 - Responder waiting to receive first message...");
+      const receivedMessageBuffer = decodeMessageBuffer((await this.connection.readLP()).slice());
+      await this.xx.recvMessage(this.session, receivedMessageBuffer);
+      logger("Stage 0 - Responder received first message.");
+    }
+  }
+
+  // stage 1
+  async exchange(): Promise<void> {
+    if (this.isInitiator) {
+      logger('Stage 1 - Initiator waiting to receive first message from responder...');
+      const receivedMessageBuffer = decodeMessageBuffer((await this.connection.readLP()).slice());
+      const plaintext = await this.xx.recvMessage(this.session, receivedMessageBuffer);
+      logger('Stage 1 - Initiator received the message. Got remote\'s static key.');
+
+      // if (!libp2pRemotekey) {
+      //   throw new Error("Missing remote's libp2p public key, can't verify peer ID.");
+      // }
+      logger("Initiator going to check remote's signature...");
+      await verifySignedPayload(receivedMessageBuffer.ns, plaintext);
+      logger("All good with the signature!");
+    } else {
+      logger('Stage 1 - Responder sending out first message with signed payload and static key.');
+      const signedPayload = signPayload(this.libp2pPrivateKey, getHandshakePayload(this.staticKeys.publicKey));
+      const signedEarlyDataPayload = signEarlyDataPayload(this.libp2pPrivateKey, Buffer.alloc(0));
+      const handshakePayload = await createHandshakePayload(
+        this.libp2pPublicKey,
+        this.libp2pPrivateKey,
+        signedPayload,
+        signedEarlyDataPayload,
+      );
+
+      const messageBuffer = await this.xx.sendMessage(this.session, handshakePayload);
+      this.connection.writeLP(encodeMessageBuffer(messageBuffer));
+      logger('Stage 1 - Responder sent the second handshake message with signed payload.')
+    }
+  }
+
+  // stage 2
+  async finish(earlyData?: bytes): Promise<void> {
+    if (this.isInitiator) {
+      logger('Stage 2 - Initiator sending third handshake message.');
      const signedPayload = signPayload(this.libp2pPrivateKey, getHandshakePayload(this.staticKeys.publicKey));
      const signedEarlyDataPayload = signEarlyDataPayload(this.libp2pPrivateKey, earlyData || Buffer.alloc(0));
      const handshakePayload = await createHandshakePayload(
@ -58,56 +104,18 @@ export class Handshake {
      );
      const messageBuffer = await this.xx.sendMessage(this.session, handshakePayload);
      this.connection.writeLP(encodeMessageBuffer(messageBuffer));
-
-      logger("Stage 0 - Initiator finished proposing, sent signed NoiseHandshake payload and static public key.");
-    } else {
-      logger("Stage 0 - Responder waiting to receive first message...");
-      const receivedMessageBuffer = decodeMessageBuffer((await this.connection.readLP()).slice());
-      const plaintext = await this.xx.recvMessage(this.session, receivedMessageBuffer);
-      // TODO: Verify payload
-      logger("Stage 0 - Responder received first message.");
-    }
-  }
-
-  // stage 1
-  async exchange(libp2pRemotekey?: bytes): Promise<void> {
-    if (this.isInitiator) {
-      logger('Stage 1 - Initiator waiting to receive first message from responder...');
-      const receivedMessageBuffer = decodeMessageBuffer((await this.connection.readLP()).slice());
-      const plaintext = await this.xx.recvMessage(this.session, receivedMessageBuffer);
-      logger('Stage 1 - Initiator received the message. Got remote\'s static key.');
-
-      if (!libp2pRemotekey) {
-        throw new Error("Missing remote's libp2p public key, can't verify signature.");
-      }
-      await verifySignedPayload(receivedMessageBuffer.ns, plaintext, libp2pRemotekey);
-    } else {
-      logger('Stage 1 - Responder sending out first message with signed payload and static key.');
-      const signedPayload = signPayload(this.libp2pPrivateKey, getHandshakePayload(this.staticKeys.publicKey));
-      const handshakePayload = await createHandshakePayload(
-        this.libp2pPublicKey,
-        this.libp2pPrivateKey,
-        signedPayload,
-      );
-
-      const messageBuffer = await this.xx.sendMessage(this.session, handshakePayload);
-      this.connection.writeLP(encodeMessageBuffer(messageBuffer));
-      logger('Stage 1 - Responder sent the second handshake message.')
-    }
-  }
-
-  // stage 2
-  async finish(): Promise<void> {
-    if (this.isInitiator) {
-      logger('Stage 2 - Initiator sending third handshake message.');
-      const messageBuffer = await this.xx.sendMessage(this.session, Buffer.alloc(0));
-      this.connection.writeLP(encodeMessageBuffer(messageBuffer));
-      logger('Stage 2 - Initiator sent message.');
+      logger('Stage 2 - Initiator sent message with signed payload.');
    } else {
      logger('Stage 2 - Responder waiting for third handshake message...');
-      const receivedMessageBuffer = (await this.connection.readLP()).slice();
-      const plaintext = await this.xx.recvMessage(this.session, decodeMessageBuffer(receivedMessageBuffer));
+      const receivedMessageBuffer = decodeMessageBuffer((await this.connection.readLP()).slice());
+      const plaintext = await this.xx.recvMessage(this.session, receivedMessageBuffer);
      logger('Stage 2 - Responder received the message, finished handshake. Got remote\'s static key.');
+
+      // if (!libp2pRemotekey) {
+      //   throw new Error("Missing remote's libp2p public key, can't verify signature.");
+      // }
+
+      await verifySignedPayload(receivedMessageBuffer.ns, plaintext);
    }
  }