mirror of
https://github.com/fluencelabs/js-libp2p-noise
synced 2025-06-10 09:21:19 +00:00
Use static key caching
This commit is contained in:
parent
90af03ab02
commit
7d22967197
@ -24,6 +24,7 @@ export class IKHandshake implements IHandshake {
|
||||
staticKeypair: KeyPair,
|
||||
connection: WrappedConnection,
|
||||
remotePeer: PeerId,
|
||||
remoteStaticKey: bytes,
|
||||
handshake?: IK,
|
||||
) {
|
||||
this.isInitiator = isInitiator;
|
||||
@ -34,11 +35,7 @@ export class IKHandshake implements IHandshake {
|
||||
this.remotePeer = remotePeer;
|
||||
|
||||
this.ik = handshake || new IK();
|
||||
|
||||
// Dummy data
|
||||
// TODO: Load remote static keys if found
|
||||
const remoteStaticKeys = this.staticKeypair;
|
||||
this.session = this.ik.initSession(this.isInitiator, this.prologue, this.staticKeypair, remoteStaticKeys.publicKey);
|
||||
this.session = this.ik.initSession(this.isInitiator, this.prologue, this.staticKeypair, remoteStaticKey);
|
||||
}
|
||||
|
||||
public decrypt(ciphertext: Buffer, session: NoiseSession): Buffer {
|
||||
|
@ -114,6 +114,10 @@ export class XXHandshake implements IHandshake {
|
||||
return this.xx.decryptWithAd(cs, Buffer.alloc(0), ciphertext);
|
||||
}
|
||||
|
||||
public getRemoteStaticKey(): bytes {
|
||||
return this.session.hs.rs;
|
||||
}
|
||||
|
||||
private getCS(session: NoiseSession, encryption = true) {
|
||||
if (!session.cs1 || !session.cs2) {
|
||||
throw new Error("Handshake not completed properly, cipher state does not exist.");
|
||||
|
@ -145,7 +145,6 @@ export class XX extends AbstractHandshake {
|
||||
session.h = h;
|
||||
session.cs1 = cs1;
|
||||
session.cs2 = cs2;
|
||||
delete session.hs;
|
||||
} else if (session.mc.gtn(2)) {
|
||||
if (session.i) {
|
||||
if (!session.cs1) {
|
||||
|
@ -20,11 +20,11 @@ class Keycache {
|
||||
}
|
||||
}
|
||||
|
||||
public async load(peerId: PeerId): Promise<bytes32> {
|
||||
public async load(peerId: PeerId): Promise<bytes32|null> {
|
||||
const release = await this.mutex.acquire();
|
||||
let key;
|
||||
try {
|
||||
key = this.storage.get(peerId.id);
|
||||
key = this.storage.get(peerId.id) || null;
|
||||
} finally {
|
||||
release();
|
||||
}
|
||||
|
26
src/noise.ts
26
src/noise.ts
@ -16,6 +16,8 @@ import { bytes } from "./@types/basic";
|
||||
import { INoiseConnection, PeerId, KeyPair, SecureOutbound } from "./@types/libp2p";
|
||||
import { Duplex } from "./@types/it-pair";
|
||||
import {IHandshake} from "./@types/handshake-interface";
|
||||
import {KeyCache} from "./keycache";
|
||||
import {logger} from "./logger";
|
||||
|
||||
export type WrappedConnection = ReturnType<typeof Wrap>;
|
||||
|
||||
@ -104,14 +106,21 @@ export class Noise implements INoiseConnection {
|
||||
* @param remotePeer
|
||||
*/
|
||||
private async performHandshake(params: HandshakeParams): Promise<IHandshake> {
|
||||
// TODO: Implement noise pipes
|
||||
const payload = await getPayload(params.localPeer, this.staticKeys.publicKey, this.earlyData);
|
||||
|
||||
if (false) {
|
||||
let IKhandshake;
|
||||
let foundRemoteStaticKey: bytes|null = null;
|
||||
if (this.useNoisePipes && params.isInitiator) {
|
||||
logger("Initiator using noise pipes. Going to load cached static key...");
|
||||
foundRemoteStaticKey = await KeyCache.load(params.remotePeer);
|
||||
logger(`Static key has been found: ${!!foundRemoteStaticKey}`)
|
||||
}
|
||||
|
||||
if (foundRemoteStaticKey) {
|
||||
// Try IK first
|
||||
const { remotePeer, connection, isInitiator } = params;
|
||||
const IKhandshake = new IKHandshake(isInitiator, payload, this.prologue, this.staticKeys, connection, remotePeer, foundRemoteStaticKey);
|
||||
try {
|
||||
IKhandshake = await this.performIKHandshake(params, payload);
|
||||
return IKhandshake;
|
||||
return await this.performIKHandshake(IKhandshake, payload);
|
||||
} catch (e) {
|
||||
// XX fallback
|
||||
const ephemeralKeys = IKhandshake.getRemoteEphemeralKeys();
|
||||
@ -156,7 +165,7 @@ export class Noise implements INoiseConnection {
|
||||
await handshake.finish();
|
||||
|
||||
if (this.useNoisePipes) {
|
||||
|
||||
await KeyCache.store(remotePeer, handshake.getRemoteStaticKey());
|
||||
}
|
||||
} catch (e) {
|
||||
throw new Error(`Error occurred during XX handshake: ${e.message}`);
|
||||
@ -166,12 +175,9 @@ export class Noise implements INoiseConnection {
|
||||
}
|
||||
|
||||
private async performIKHandshake(
|
||||
params: HandshakeParams,
|
||||
handshake: IKHandshake,
|
||||
payload: bytes,
|
||||
): Promise<IKHandshake> {
|
||||
const { isInitiator, remotePeer, connection } = params;
|
||||
const handshake = new IKHandshake(isInitiator, payload, this.prologue, this.staticKeys, connection, remotePeer);
|
||||
|
||||
// TODO
|
||||
|
||||
return handshake;
|
||||
|
@ -26,8 +26,8 @@ describe("Noise", () => {
|
||||
|
||||
it("should communicate through encrypted streams", async() => {
|
||||
try {
|
||||
const noiseInit = new Noise();
|
||||
const noiseResp = new Noise();
|
||||
const noiseInit = new Noise(undefined, undefined, false);
|
||||
const noiseResp = new Noise(undefined, undefined, false);
|
||||
|
||||
const [inboundConnection, outboundConnection] = DuplexPair();
|
||||
const [outbound, inbound] = await Promise.all([
|
||||
@ -46,7 +46,7 @@ describe("Noise", () => {
|
||||
});
|
||||
|
||||
it("should test that secureOutbound is spec compliant", async() => {
|
||||
const noiseInit = new Noise();
|
||||
const noiseInit = new Noise(undefined, undefined, false);
|
||||
const [inboundConnection, outboundConnection] = DuplexPair();
|
||||
|
||||
const [outbound, { wrapped, handshake }] = await Promise.all([
|
||||
@ -99,8 +99,8 @@ describe("Noise", () => {
|
||||
|
||||
it("should test large payloads", async() => {
|
||||
try {
|
||||
const noiseInit = new Noise();
|
||||
const noiseResp = new Noise();
|
||||
const noiseInit = new Noise(undefined, undefined, false);
|
||||
const noiseResp = new Noise(undefined, undefined, false);
|
||||
|
||||
const [inboundConnection, outboundConnection] = DuplexPair();
|
||||
const [outbound, inbound] = await Promise.all([
|
||||
|
Loading…
x
Reference in New Issue
Block a user