fluencelabs/js-libp2p-noise
1
0
Fork 0
mirror of https://github.com/fluencelabs/js-libp2p-noise synced 2025-06-12 15:01:38 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #89 from hugomrdias/feat/new-aegir

Browse Source 
fix: fix repo to use new aegir
This commit is contained in:
Marin Petrunić
2021-02-24 09:21:39 +01:00
committed by GitHub
parent 2df5f9546e 34bb8d4ef7
commit 81a70d1e4f
32 changed files with 1812 additions and 7414 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
.aegir.js Normal file
View File

@ -0,0 +1,28 @@
const path = require('path')
/** @type {import('aegir').Options["build"]["config"]} */
const esbuild = {
inject: [path.join(__dirname, 'test/fixtures/node-globals.js')]
}
/** @type {import('aegir').PartialOptions} */
const config = {
tsRepo: true,
docs: {
entryPoint: "src/index.ts"
},
test: {
browser :{
config: {
buildConfig: esbuild
}
}
},
build: {
bundlesizeMax: '214KB',
config: esbuild
}
}
module.exports = config

174
.github/workflows/ci.yml vendored Normal file
View File

@ -0,0 +1,174 @@
name: CI
on:
push:
branches:
- master
pull_request:
branches:
- master
jobs:
check:
name: Lint and Typecheck
runs-on: ubuntu-latest
steps:
- uses: actions/setup-node@v1
with:
node-version: 14
- uses: actions/checkout@v2
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- run: yarn --prefer-offline --frozen-lockfile
- run: yarn run build
- run: yarn run check
- uses: ipfs/aegir/actions/bundle-size@master
name: Check bundle size
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
test-node:
name: Test Nodejs
needs: check
strategy:
matrix:
node: [14]
os: ["ubuntu-latest", "macos-latest", "windows-latest"]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node }}
- uses: actions/checkout@v2
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- run: yarn --prefer-offline --frozen-lockfile
- run: npx aegir test -t node --bail --cov
- uses: codecov/codecov-action@v1
test-chrome:
name: Test Chrome
needs: check
runs-on: ubuntu-latest
steps:
- uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node }}
- uses: actions/checkout@v2
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- run: yarn --prefer-offline --frozen-lockfile
- run: npx aegir test -t browser -t webworker --bail
test-firefox:
name: Test Firefox
needs: check
runs-on: ubuntu-latest
steps:
- uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node }}
- uses: actions/checkout@v2
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- run: yarn --prefer-offline --frozen-lockfile
- run: npx aegir test -t browser -t webworker --bail -- --browser firefox
test-webkit:
name: Test Webkit
needs: check
runs-on: ubuntu-latest
steps:
- uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node }}
- uses: actions/checkout@v2
- uses: microsoft/playwright-github-action@v1
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- run: yarn --prefer-offline --frozen-lockfile
- run: npx aegir test -t browser -t webworker --bail -- --browser webkit
test-electron-main:
name: Test Electron Main
needs: check
runs-on: ubuntu-latest
steps:
- uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node }}
- uses: actions/checkout@v2
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- run: yarn --prefer-offline --frozen-lockfile
- run: npx xvfb-maybe aegir test -t electron-main --bail
test-electron-renderer:
name: Test Electron Renderer
needs: check
runs-on: ubuntu-latest
steps:
- uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node }}
- uses: actions/checkout@v2
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- run: yarn --prefer-offline --frozen-lockfile
- run: npx xvfb-maybe aegir test -t electron-renderer --bail

1
.gitignore vendored
View File

@ -5,6 +5,7 @@ node_modules/
.nyc_output
lib
dist
docs
# Logs
logs

2
.nvmrc
View File

@ -1 +1 @@
12
14

58
.travis.yml
View File

@ -1,58 +0,0 @@
language: node_js
cache: yarn
stages:
- check
- test
- cov
env:
- YARN_GPG=no
node_js:
- '12'
- '14'
os:
- linux
- osx
- windows
script: npx nyc -s yarn run test:node --bail
after_success:
- npm install -g travis-deploy-once
- if [ "$TRAVIS_OS_NAME" = "linux" ]; then travis-deploy-once "npx nyc report --reporter=text-lcov > coverage.lcov && npx codecov"; fi
jobs:
include:
- stage: check
script:
- yarn aegir dep-check
- yarn run lint
- yarn run build
- stage: test
name: chrome
addons:
chrome: stable
script: npx aegir test -t browser -t webworker --node true --ts
- stage: test
name: firefox
addons:
firefox: latest
script: npx aegir test -t browser -t webworker --ts --node true -- --browsers FirefoxHeadless
- stage: test
name: electron-main
os: osx
script:
- npx aegir test -t electron-main --bail --ts
- stage: test
name: electron-renderer
os: osx
script:
- npx aegir test -t electron-renderer --node true --bail --ts
notifications:
email: false

39
package.json
View File

@ -21,33 +21,33 @@
"scripts": {
"bench": "node benchmarks/benchmark.js",
"clean": "rm -rf dist",
"copy-dts": "copyfiles -u 1 \"src/**/*.d.ts\" dist/src",
"build": "aegir build --ts",
"postbuild": "yarn run copy-dts",
"lint": "aegir lint --ts",
"lint:fix": "aegir lint --ts --fix",
"test": "aegir test --ts --node true",
"test:node": "aegir test -t node --ts",
"test:browser": "aegir test -t browser --node true --ts",
"check": "aegir dep-check && aegir ts -p check",
"build": "aegir build",
"lint": "aegir lint",
"lint:fix": "aegir lint --fix",
"pretest": "yarn run check",
"test": "aegir test",
"test:node": "aegir test -t node",
"test:browser": "aegir test -t browser",
"docs": "aegir docs",
"proto:gen": "pbjs -t static-module -o ./src/proto/payload.js ./src/proto/payload.proto && pbts -o ./src/proto/payload.d.ts ./src/proto/payload.js && yarn run lint --fix"
},
"browser": {
"util": false
},
"devDependencies": {
"@types/bl": "^2.1.0",
"@types/chai": "^4.2.4",
"@types/mocha": "^5.2.7",
"aegir": "28.2.0",
"aegir": "^31.0.0",
"benchmark": "^2.1.4",
"buffer": "^5.7.1",
"chai": "^4.2.0",
"copyfiles": "^2.4.1",
"eslint-config-ipfs": "^0.1.0",
"karma-mocha-webworker": "^1.3.0",
"events": "^3.2.0",
"microtime": "^3.0.0",
"mocha": "^8.2.1",
"sinon": "^9.2.4"
},
"dependencies": {
"bcrypto": "^5.3.0",
"buffer": "^5.4.3",
"bcrypto": "^5.4.0",
"debug": "^4.3.1",
"it-buffer": "^0.1.1",
"it-length-prefixed": "^3.0.0",
@ -65,10 +65,13 @@
"eslintConfig": {
"extends": "ipfs",
"rules": {
"@typescript-eslint/no-unused-vars": "error"
"@typescript-eslint/no-unused-vars": "error",
"@typescript-eslint/explicit-function-return-type": "warn",
"@typescript-eslint/strict-boolean-expressions": "off"
},
"ignorePatterns": [
"src/proto/payload.js"
"src/proto/payload.js",
"test/fixtures/node-globals.js"
]
}
}

12
src/@types/basic.d.ts vendored
View File

@ -1,8 +1,8 @@
import {Buffer} from 'buffer';
import { Buffer } from 'buffer'
export type bytes = Buffer;
export type bytes32 = Buffer;
export type bytes16 = Buffer;
export type bytes = Buffer
export type bytes32 = Buffer
export type bytes16 = Buffer
export type uint32 = number;
export type uint64 = number;
export type uint32 = number
export type uint64 = number

16
src/@types/handshake-interface.d.ts vendored
View File

@ -1,11 +1,11 @@
import {bytes} from "./basic";
import {NoiseSession} from "./handshake";
import PeerId from "peer-id";
import { bytes } from './basic'
import { NoiseSession } from './handshake'
import PeerId from 'peer-id'
export interface IHandshake {
session: NoiseSession;
remotePeer: PeerId;
remoteEarlyData: Buffer;
encrypt(plaintext: bytes, session: NoiseSession): bytes;
decrypt(ciphertext: bytes, session: NoiseSession): {plaintext: bytes; valid: boolean};
session: NoiseSession
remotePeer: PeerId
remoteEarlyData: Buffer
encrypt: (plaintext: bytes, session: NoiseSession) => bytes
decrypt: (ciphertext: bytes, session: NoiseSession) => {plaintext: bytes, valid: boolean}
}

62
src/@types/handshake.d.ts vendored
View File

@ -1,45 +1,45 @@
import {bytes, bytes32, uint32, uint64} from "./basic";
import {KeyPair} from "./libp2p";
import { bytes, bytes32, uint32, uint64 } from './basic'
import { KeyPair } from './libp2p'
export type Hkdf = [bytes, bytes, bytes];
export type Hkdf = [bytes, bytes, bytes]
export type MessageBuffer = {
ne: bytes32;
ns: bytes;
ciphertext: bytes;
export interface MessageBuffer {
ne: bytes32
ns: bytes
ciphertext: bytes
}
export type CipherState = {
k: bytes32;
n: uint32;
export interface CipherState {
k: bytes32
n: uint32
}
export type SymmetricState = {
cs: CipherState;
ck: bytes32; // chaining key
h: bytes32; // handshake hash
export interface SymmetricState {
cs: CipherState
ck: bytes32 // chaining key
h: bytes32 // handshake hash
}
export type HandshakeState = {
ss: SymmetricState;
s: KeyPair;
e?: KeyPair;
rs: bytes32;
re: bytes32;
psk: bytes32;
export interface HandshakeState {
ss: SymmetricState
s: KeyPair
e?: KeyPair
rs: bytes32
re: bytes32
psk: bytes32
}
export type NoiseSession = {
hs: HandshakeState;
h?: bytes32;
cs1?: CipherState;
cs2?: CipherState;
mc: uint64;
i: boolean;
export interface NoiseSession {
hs: HandshakeState
h?: bytes32
cs1?: CipherState
cs2?: CipherState
mc: uint64
i: boolean
}
export interface INoisePayload {
identityKey: bytes;
identitySig: bytes;
data: bytes;
identityKey: bytes
identitySig: bytes
data: bytes
}

30
src/@types/it-length-prefixed/index.d.ts vendored
View File

@ -3,33 +3,33 @@ declare module 'it-length-prefixed' {
import { Buffer } from 'buffer'
interface LengthDecoderFunction {
(data: Buffer | BufferList): number;
bytes: number;
(data: Buffer | BufferList): number
bytes: number
}
interface LengthEncoderFunction {
(value: number, target: Buffer, offset: number): number|Buffer;
bytes: number;
(value: number, target: Buffer, offset: number): number|Buffer
bytes: number
}
interface Encoder {
(options?: Partial<{lengthEncoder: LengthEncoderFunction}>): AsyncGenerator<BufferList, Buffer>;
single: (chunk: Buffer, options?: Partial<{lengthEncoder: LengthEncoderFunction}>) => BufferList;
MIN_POOL_SIZE: number;
DEFAULT_POOL_SIZE: number;
(options?: Partial<{lengthEncoder: LengthEncoderFunction}>): AsyncGenerator<BufferList, Buffer>
single: (chunk: Buffer, options?: Partial<{lengthEncoder: LengthEncoderFunction}>) => BufferList
MIN_POOL_SIZE: number
DEFAULT_POOL_SIZE: number
}
interface DecoderOptions {
lengthDecoder: LengthDecoderFunction;
maxLengthLength: number;
maxDataLength: number;
lengthDecoder: LengthDecoderFunction
maxLengthLength: number
maxDataLength: number
}
interface Decoder {
(options?: Partial<DecoderOptions>): AsyncGenerator<BufferList, BufferList>;
fromReader: (reader: any, options?: Partial<DecoderOptions>) => BufferList;
MAX_LENGTH_LENGTH: number;
MAX_DATA_LENGTH: number;
(options?: Partial<DecoderOptions>): AsyncGenerator<BufferList, BufferList>
fromReader: (reader: any, options?: Partial<DecoderOptions>) => BufferList
MAX_LENGTH_LENGTH: number
MAX_DATA_LENGTH: number
}
export const encode: Encoder

8
src/@types/it-pair/index.d.ts vendored
View File

@ -1,8 +1,8 @@
declare module 'it-pair' {
export type Duplex = [Stream, Stream];
export type Duplex = [Stream, Stream]
type Stream = {
sink(source: Iterable<any>): void;
source: Record<string, any>;
interface Stream {
sink: (source: Iterable<any>) => void
source: Record<string, any>
}
}

25
src/@types/libp2p.d.ts vendored
View File

@ -1,20 +1,19 @@
import { bytes, bytes32 } from "./basic";
import PeerId from "peer-id";
import { bytes, bytes32 } from './basic'
import PeerId from 'peer-id'
export type KeyPair = {
publicKey: bytes32;
privateKey: bytes32;
export interface KeyPair {
publicKey: bytes32
privateKey: bytes32
}
export interface INoiseConnection {
remoteEarlyData?(): bytes;
secureOutbound(localPeer: PeerId, insecure: any, remotePeer: PeerId): Promise<SecureOutbound>;
secureInbound(localPeer: PeerId, insecure: any, remotePeer: PeerId): Promise<SecureOutbound>;
remoteEarlyData?: () => bytes
secureOutbound: (localPeer: PeerId, insecure: any, remotePeer: PeerId) => Promise<SecureOutbound>
secureInbound: (localPeer: PeerId, insecure: any, remotePeer: PeerId) => Promise<SecureOutbound>
}
export type SecureOutbound = {
conn: any;
remoteEarlyData: Buffer;
remotePeer: PeerId;
export interface SecureOutbound {
conn: any
remoteEarlyData: Buffer
remotePeer: PeerId
}

2
src/crypto.ts
View File

@ -3,7 +3,7 @@ import { IHandshake } from './@types/handshake-interface'
import { NOISE_MSG_MAX_LENGTH_BYTES, NOISE_MSG_MAX_LENGTH_BYTES_WITHOUT_TAG } from './constants'
interface IReturnEncryptionWrapper {
(source: Iterable<Uint8Array>): AsyncIterableIterator<Uint8Array>;
(source: Iterable<Uint8Array>): AsyncIterableIterator<Uint8Array>
}
// Returns generator that encrypts payload from the user

2
src/errors.ts
View File

@ -1,7 +1,7 @@
import BufferList from 'bl'
export class FailedIKError extends Error {
public initialMsg: string|BufferList|Buffer;
public initialMsg: string|BufferList|Buffer
constructor (initialMsg: string|BufferList|Buffer, message?: string) {
super(message)

28
src/handshake-ik.ts
View File

@ -19,16 +19,16 @@ import {
import PeerId from 'peer-id'
export class IKHandshake implements IHandshake {
public isInitiator: boolean;
public session: NoiseSession;
public remotePeer!: PeerId;
public remoteEarlyData: Buffer;
public isInitiator: boolean
public session: NoiseSession
public remotePeer!: PeerId
public remoteEarlyData: Buffer
private payload: bytes;
private prologue: bytes32;
private staticKeypair: KeyPair;
private connection: WrappedConnection;
private ik: IK;
private readonly payload: bytes
private readonly prologue: bytes32
private readonly staticKeypair: KeyPair
private readonly connection: WrappedConnection
private readonly ik: IK
constructor (
isInitiator: boolean,
@ -48,7 +48,7 @@ export class IKHandshake implements IHandshake {
if (remotePeer) {
this.remotePeer = remotePeer
}
this.ik = handshake || new IK()
this.ik = handshake ?? new IK()
this.session = this.ik.initSession(this.isInitiator, this.prologue, this.staticKeypair, remoteStaticKey)
this.remoteEarlyData = Buffer.alloc(0)
}
@ -79,9 +79,10 @@ export class IKHandshake implements IHandshake {
logger('IK Stage 0 - Responder successfully verified payload!')
logRemoteEphemeralKey(this.session.hs.re)
} catch (e) {
const err = e as Error
logger('Responder breaking up with IK handshake in stage 0.')
throw new FailedIKError(receivedMsg, `Error occurred while verifying initiator's signed payload: ${e.message}`)
throw new FailedIKError(receivedMsg, `Error occurred while verifying initiator's signed payload: ${err.message}`)
}
}
}
@ -104,8 +105,9 @@ export class IKHandshake implements IHandshake {
logger('IK Stage 1 - Initiator successfully verified payload!')
logRemoteEphemeralKey(this.session.hs.re)
} catch (e) {
const err = e as Error
logger('Initiator breaking up with IK handshake in stage 1.')
throw new FailedIKError(receivedMsg, `Error occurred while verifying responder's signed payload: ${e.message}`)
throw new FailedIKError(receivedMsg, `Error occurred while verifying responder's signed payload: ${err.message}`)
}
} else {
logger('IK Stage 1 - Responder sending message...')
@ -117,7 +119,7 @@ export class IKHandshake implements IHandshake {
logCipherState(this.session)
}
public decrypt (ciphertext: bytes, session: NoiseSession): {plaintext: bytes; valid: boolean} {
public decrypt (ciphertext: bytes, session: NoiseSession): {plaintext: bytes, valid: boolean} {
const cs = this.getCS(session, false)
return this.ik.decryptWithAd(cs, Buffer.alloc(0), ciphertext)
}

7
src/handshake-xx-fallback.ts
View File

@ -10,8 +10,8 @@ import { decode0, decode1 } from './encoder'
import PeerId from 'peer-id'
export class XXFallbackHandshake extends XXHandshake {
private ephemeralKeys?: KeyPair;
private initialMsg: bytes;
private readonly ephemeralKeys?: KeyPair
private readonly initialMsg: bytes
constructor (
isInitiator: boolean,
@ -73,7 +73,8 @@ export class XXFallbackHandshake extends XXHandshake {
await verifySignedPayload(this.session.hs.rs, decodedPayload, this.remotePeer)
this.setRemoteEarlyData(decodedPayload.data)
} catch (e) {
throw new Error(`Error occurred while verifying signed payload from responder: ${e.message}`)
const err = e as Error
throw new Error(`Error occurred while verifying signed payload from responder: ${err.message}`)
}
logger('All good with the signature!')
} else {

28
src/handshake-xx.ts
View File

@ -23,17 +23,17 @@ import { WrappedConnection } from './noise'
import PeerId from 'peer-id'
export class XXHandshake implements IHandshake {
public isInitiator: boolean;
public session: NoiseSession;
public remotePeer!: PeerId;
public remoteEarlyData: Buffer;
public isInitiator: boolean
public session: NoiseSession
public remotePeer!: PeerId
public remoteEarlyData: Buffer
protected payload: bytes;
protected connection: WrappedConnection;
protected xx: XX;
protected staticKeypair: KeyPair;
protected payload: bytes
protected connection: WrappedConnection
protected xx: XX
protected staticKeypair: KeyPair
private prologue: bytes32;
private readonly prologue: bytes32
constructor (
isInitiator: boolean,
@ -52,7 +52,7 @@ export class XXHandshake implements IHandshake {
if (remotePeer) {
this.remotePeer = remotePeer
}
this.xx = handshake || new XX()
this.xx = handshake ?? new XX()
this.session = this.xx.initSession(this.isInitiator, this.prologue, this.staticKeypair)
this.remoteEarlyData = Buffer.alloc(0)
}
@ -98,7 +98,8 @@ export class XXHandshake implements IHandshake {
this.remotePeer = await verifySignedPayload(receivedMessageBuffer.ns, decodedPayload, this.remotePeer)
this.setRemoteEarlyData(decodedPayload.data)
} catch (e) {
throw new Error(`Error occurred while verifying signed payload: ${e.message}`)
const err = e as Error
throw new Error(`Error occurred while verifying signed payload: ${err.message}`)
}
logger('All good with the signature!')
} else {
@ -132,7 +133,8 @@ export class XXHandshake implements IHandshake {
await verifySignedPayload(this.session.hs.rs, decodedPayload, this.remotePeer)
this.setRemoteEarlyData(decodedPayload.data)
} catch (e) {
throw new Error(`Error occurred while verifying signed payload: ${e.message}`)
const err = e as Error
throw new Error(`Error occurred while verifying signed payload: ${err.message}`)
}
}
logCipherState(this.session)
@ -144,7 +146,7 @@ export class XXHandshake implements IHandshake {
return this.xx.encryptWithAd(cs, Buffer.alloc(0), plaintext)
}
public decrypt (ciphertext: bytes, session: NoiseSession): {plaintext: bytes; valid: boolean} {
public decrypt (ciphertext: bytes, session: NoiseSession): {plaintext: bytes, valid: boolean} {
const cs = this.getCS(session, false)
return this.xx.decryptWithAd(cs, Buffer.alloc(0), ciphertext)
}

10
src/handshakes/abstract-handshake.ts
View File

@ -18,7 +18,7 @@ export abstract class AbstractHandshake {
return e
}
public decryptWithAd (cs: CipherState, ad: bytes, ciphertext: bytes): {plaintext: bytes; valid: boolean} {
public decryptWithAd (cs: CipherState, ad: bytes, ciphertext: bytes): {plaintext: bytes, valid: boolean} {
const { plaintext, valid } = this.decrypt(cs.k, cs.n, ad, ciphertext)
this.setNonce(cs, this.incrementNonce(cs.n))
@ -78,7 +78,7 @@ export abstract class AbstractHandshake {
return ciphertext
}
protected decrypt (k: bytes32, n: uint32, ad: bytes, ciphertext: bytes): {plaintext: bytes; valid: boolean} {
protected decrypt (k: bytes32, n: uint32, ad: bytes, ciphertext: bytes): {plaintext: bytes, valid: boolean} {
const nonce = this.nonceToBytes(n)
const ctx = new AEAD()
ciphertext = Buffer.from(ciphertext)
@ -91,7 +91,7 @@ export abstract class AbstractHandshake {
return { plaintext: ciphertext, valid: ctx.verify(tag) }
}
protected decryptAndHash (ss: SymmetricState, ciphertext: bytes): {plaintext: bytes; valid: boolean} {
protected decryptAndHash (ss: SymmetricState, ciphertext: bytes): {plaintext: bytes, valid: boolean} {
let plaintext: bytes; let valid = true
if (this.hasKey(ss.cs)) {
({ plaintext, valid } = this.decryptWithAd(ss.cs, ss.h, ciphertext))
@ -125,7 +125,7 @@ export abstract class AbstractHandshake {
protected mixKey (ss: SymmetricState, ikm: bytes32): void {
const [ck, tempK] = getHkdf(ss.ck, ikm)
ss.cs = this.initializeKey(tempK) as CipherState
ss.cs = this.initializeKey(tempK)
ss.ck = ck
}
@ -173,7 +173,7 @@ export abstract class AbstractHandshake {
return { ne, ns, ciphertext }
}
protected readMessageRegular (cs: CipherState, message: MessageBuffer): {plaintext: bytes; valid: boolean} {
protected readMessageRegular (cs: CipherState, message: MessageBuffer): {plaintext: bytes, valid: boolean} {
return this.decryptWithAd(cs, Buffer.alloc(0), message.ciphertext)
}
}

6
src/handshakes/ik.ts
View File

@ -55,7 +55,7 @@ export class IK extends AbstractHandshake {
return messageBuffer
}
public recvMessage (session: NoiseSession, message: MessageBuffer): {plaintext: bytes; valid: boolean} {
public recvMessage (session: NoiseSession, message: MessageBuffer): {plaintext: bytes, valid: boolean} {
let plaintext = Buffer.alloc(0); let valid = false
if (session.mc === 0) {
({ plaintext, valid } = this.readMessageA(session.hs, message))
@ -101,7 +101,7 @@ export class IK extends AbstractHandshake {
return { messageBuffer, cs1, cs2, h: hs.ss.h }
}
private readMessageA (hs: HandshakeState, message: MessageBuffer): {plaintext: bytes; valid: boolean} {
private readMessageA (hs: HandshakeState, message: MessageBuffer): {plaintext: bytes, valid: boolean} {
if (isValidPublicKey(message.ne)) {
hs.re = message.ne
}
@ -117,7 +117,7 @@ export class IK extends AbstractHandshake {
return { plaintext, valid: (valid1 && valid2) }
}
private readMessageB (hs: HandshakeState, message: MessageBuffer): {h: bytes; plaintext: bytes; valid: boolean; cs1: CipherState; cs2: CipherState} {
private readMessageB (hs: HandshakeState, message: MessageBuffer): {h: bytes, plaintext: bytes, valid: boolean, cs1: CipherState, cs2: CipherState} {
if (isValidPublicKey(message.ne)) {
hs.re = message.ne
}

10
src/handshakes/xx.ts
View File

@ -27,7 +27,7 @@ export class XX extends AbstractHandshake {
private writeMessageA (hs: HandshakeState, payload: bytes, e?: KeyPair): MessageBuffer {
const ns = Buffer.alloc(0)
if (e) {
if (e !== undefined) {
hs.e = e
} else {
hs.e = generateKeypair()
@ -68,7 +68,7 @@ export class XX extends AbstractHandshake {
return { h: hs.ss.h, messageBuffer, cs1, cs2 }
}
private readMessageA (hs: HandshakeState, message: MessageBuffer): {plaintext: bytes; valid: boolean} {
private readMessageA (hs: HandshakeState, message: MessageBuffer): {plaintext: bytes, valid: boolean} {
if (isValidPublicKey(message.ne)) {
hs.re = message.ne
}
@ -77,7 +77,7 @@ export class XX extends AbstractHandshake {
return this.decryptAndHash(hs.ss, message.ciphertext)
}
private readMessageB (hs: HandshakeState, message: MessageBuffer): {plaintext: bytes; valid: boolean} {
private readMessageB (hs: HandshakeState, message: MessageBuffer): {plaintext: bytes, valid: boolean} {
if (isValidPublicKey(message.ne)) {
hs.re = message.ne
}
@ -96,7 +96,7 @@ export class XX extends AbstractHandshake {
return { plaintext, valid: (valid1 && valid2) }
}
private readMessageC (hs: HandshakeState, message: MessageBuffer): {h: bytes; plaintext: bytes; valid: boolean; cs1: CipherState; cs2: CipherState} {
private readMessageC (hs: HandshakeState, message: MessageBuffer): {h: bytes, plaintext: bytes, valid: boolean, cs1: CipherState, cs2: CipherState} {
const { plaintext: ns, valid: valid1 } = this.decryptAndHash(hs.ss, message.ns)
if (valid1 && ns.length === 32 && isValidPublicKey(ns)) {
hs.rs = ns
@ -164,7 +164,7 @@ export class XX extends AbstractHandshake {
return messageBuffer
}
public recvMessage (session: NoiseSession, message: MessageBuffer): {plaintext: bytes; valid: boolean} {
public recvMessage (session: NoiseSession, message: MessageBuffer): {plaintext: bytes, valid: boolean} {
let plaintext: bytes = Buffer.alloc(0)
let valid = false
if (session.mc === 0) {

4
src/keycache.ts
View File

@ -5,7 +5,7 @@ import PeerId from 'peer-id'
* Storage for static keys of previously connected peers.
*/
class Keycache {
private storage = new Map<Uint8Array, bytes32>();
private readonly storage = new Map<Uint8Array, bytes32>()
public store (peerId: PeerId, key: bytes32): void {
this.storage.set(peerId.id, key)
@ -15,7 +15,7 @@ class Keycache {
if (!peerId) {
return null
}
return this.storage.get(peerId.id) || null
return this.storage.get(peerId.id) ?? null
}
public resetStorage (): void {

40
src/noise.ts
View File

@ -21,22 +21,22 @@ import { logger } from './logger'
import PeerId from 'peer-id'
import { NOISE_MSG_MAX_LENGTH_BYTES } from './constants'
export type WrappedConnection = ReturnType<typeof Wrap>;
export type WrappedConnection = ReturnType<typeof Wrap>
type HandshakeParams = {
connection: WrappedConnection;
isInitiator: boolean;
localPeer: PeerId;
remotePeer?: PeerId;
};
interface HandshakeParams {
connection: WrappedConnection
isInitiator: boolean
localPeer: PeerId
remotePeer?: PeerId
}
export class Noise implements INoiseConnection {
public protocol = '/noise';
public protocol = '/noise'
private readonly prologue = Buffer.alloc(0);
private readonly staticKeys: KeyPair;
private readonly earlyData?: bytes;
private useNoisePipes: boolean;
private readonly prologue = Buffer.alloc(0)
private readonly staticKeys: KeyPair
private readonly earlyData?: bytes
private readonly useNoisePipes: boolean
/**
*
@ -44,7 +44,7 @@ export class Noise implements INoiseConnection {
* @param {bytes} earlyData
*/
constructor (staticNoiseKey?: bytes, earlyData?: bytes) {
this.earlyData = earlyData || Buffer.alloc(0)
this.earlyData = earlyData ?? Buffer.alloc(0)
// disabled until properly specked
this.useNoisePipes = false
@ -71,9 +71,6 @@ export class Noise implements INoiseConnection {
const wrappedConnection = Wrap(
connection,
{
// wrong types in repo
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore
lengthEncoder: uint16BEEncode,
lengthDecoder: uint16BEDecode,
maxDataLength: NOISE_MSG_MAX_LENGTH_BYTES
@ -106,9 +103,6 @@ export class Noise implements INoiseConnection {
const wrappedConnection = Wrap(
connection,
{
// wrong types in repo
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore
lengthEncoder: uint16BEEncode,
lengthDecoder: uint16BEDecode,
maxDataLength: NOISE_MSG_MAX_LENGTH_BYTES
@ -153,7 +147,7 @@ export class Noise implements INoiseConnection {
this.staticKeys,
connection,
// safe to cast as we did checks
KeyCache.load(params.remotePeer) || Buffer.alloc(32),
KeyCache.load(params.remotePeer) ?? Buffer.alloc(32),
remotePeer as PeerId
)
@ -189,7 +183,8 @@ export class Noise implements INoiseConnection {
await handshake.finish()
} catch (e) {
logger(e)
throw new Error(`Error occurred during XX Fallback handshake: ${e.message}`)
const err = e as Error
throw new Error(`Error occurred during XX Fallback handshake: ${err.message}`)
}
return handshake
@ -211,7 +206,8 @@ export class Noise implements INoiseConnection {
KeyCache.store(handshake.remotePeer, handshake.getRemoteStaticKey())
}
} catch (e) {
throw new Error(`Error occurred during XX handshake: ${e.message}`)
const err = e as Error
throw new Error(`Error occurred during XX handshake: ${err.message}`)
}
return handshake

10
src/utils.ts
View File

@ -28,9 +28,9 @@ export async function getPayload (
earlyData?: bytes
): Promise<bytes> {
const signedPayload = await signPayload(localPeer, getHandshakePayload(staticPublicKey))
const earlyDataPayload = earlyData || Buffer.alloc(0)
const earlyDataPayload = earlyData ?? Buffer.alloc(0)
return await createHandshakePayload(
return createHandshakePayload(
localPeer.marshalPubKey(),
signedPayload,
earlyDataPayload
@ -45,7 +45,7 @@ export function createHandshakePayload (
const payloadInit = NoiseHandshakePayloadProto.create({
identityKey: Buffer.from(libp2pPublicKey),
identitySig: signedPayload,
data: earlyData || null
data: earlyData ?? null
})
return Buffer.from(NoiseHandshakePayloadProto.encode(payloadInit).finish())
@ -94,10 +94,12 @@ export async function verifySignedPayload (
const generatedPayload = getHandshakePayload(noiseStaticKey)
// Unmarshaling from PublicKey protobuf
const publicKey = keys.unmarshalPublicKey(identityKey)
// TODO remove this after libp2p-crypto ships proper types
// eslint-disable-next-line @typescript-eslint/no-misused-promises
if (!payload.identitySig || !publicKey.verify(generatedPayload, Buffer.from(payload.identitySig))) {
throw new Error("Static key doesn't match to peer that signed payload!")
}
return PeerId.createFromPubKey(identityKey)
return await PeerId.createFromPubKey(identityKey)
}
export function getHkdf (ck: bytes32, ikm: bytes): Hkdf {

2
test/fixtures/node-globals.js vendored Normal file
View File

@ -0,0 +1,2 @@
// @ts-nocheck
export const { Buffer } = require('buffer')

4
test/fixtures/peer.ts vendored
View File

@ -19,9 +19,9 @@ const peers = [{
pubKey: 'CAESIMbnikZaPciAMZhUXqDRVCs7VFOBtmlIk26g0GgOotDA'
}]
export async function createPeerIdsFromFixtures (length:number): Promise<PeerId[]> {
export async function createPeerIdsFromFixtures (length: number): Promise<PeerId[]> {
return await Promise.all(
Array.from({ length }).map((_, i) => PeerId.createFromJSON(peers[i]))
Array.from({ length }).map(async (_, i) => await PeerId.createFromJSON(peers[i]))
)
}

4
test/handshakes/ik.spec.ts
View File

@ -56,8 +56,8 @@ describe('IK handshake', () => {
// initiator receives message
ikI.recvMessage(initiatorSession, messageBuffer2)
assert(initiatorSession?.cs1?.k.equals(responderSession?.cs1?.k || new Uint8Array()))
assert(initiatorSession?.cs2?.k.equals(responderSession?.cs2?.k || new Uint8Array()))
assert(initiatorSession?.cs1?.k.equals(responderSession?.cs1?.k ?? new Uint8Array()))
assert(initiatorSession?.cs2?.k.equals(responderSession?.cs2?.k ?? new Uint8Array()))
} catch (e) {
return assert(false, e.message)
}

10
test/keycache.spec.ts
View File

@ -15,9 +15,10 @@ describe('KeyCache', () => {
const key = Buffer.from('this is id 007')
await KeyCache.store(peerA, key)
const result = await KeyCache.load(peerA)
assert(uint8ArrayEquals(result, key), 'Stored and loaded key are not the same')
assert(result !== null && uint8ArrayEquals(result, key), 'Stored and loaded key are not the same')
} catch (e) {
assert(false, `Test failed - ${e.message}`)
const err = e as Error
assert(false, `Test failed - ${err.message}`)
}
})
@ -25,9 +26,10 @@ describe('KeyCache', () => {
try {
const [newPeer] = await createPeerIds(1)
const result = await KeyCache.load(newPeer)
assert(!result)
assert(result === null)
} catch (e) {
assert(false, `Test failed - ${e.message}`)
const err = e as Error
assert(false, `Test failed - ${err.message}`)
}
})
})

9
test/noise.spec.ts
View File

@ -144,7 +144,9 @@ describe('Noise', () => {
KeyCache.store(localPeer, staticKeysInitiator.publicKey)
KeyCache.store(remotePeer, staticKeysResponder.publicKey)
// @ts-expect-error
const xxSpy = sandbox.spy(noiseInit, 'performXXHandshake')
// @ts-expect-error
const xxFallbackSpy = sandbox.spy(noiseInit, 'performXXFallbackHandshake')
const [inboundConnection, outboundConnection] = DuplexPair()
@ -171,6 +173,7 @@ describe('Noise', () => {
const staticKeysInitiator = generateKeypair()
const noiseInit = new Noise(staticKeysInitiator.privateKey)
const noiseResp = new Noise()
// @ts-expect-error
const xxSpy = sandbox.spy(noiseInit, 'performXXFallbackHandshake')
// Prepare key cache for noise pipes
@ -205,6 +208,7 @@ describe('Noise', () => {
const staticKeysResponder = generateKeypair()
const noiseResp = new Noise(staticKeysResponder.privateKey, undefined)
// @ts-expect-error
const xxSpy = sandbox.spy(noiseInit, 'performXXFallbackHandshake')
// Prepare key cache for noise pipes
@ -237,7 +241,9 @@ describe('Noise', () => {
const staticKeysResponder = generateKeypair()
const noiseResp = new Noise(staticKeysResponder.privateKey)
// @ts-expect-error
const xxInitSpy = sandbox.spy(noiseInit, 'performXXHandshake')
// @ts-expect-error
const xxRespSpy = sandbox.spy(noiseResp, 'performXXFallbackHandshake')
// Prepare key cache for noise pipes
@ -271,8 +277,11 @@ describe('Noise', () => {
const staticKeysResponder = generateKeypair()
const noiseResp = new Noise(staticKeysResponder.privateKey)
// @ts-expect-error
const ikInitSpy = sandbox.spy(noiseInit, 'performIKHandshake')
// @ts-expect-error
const xxFallbackInitSpy = sandbox.spy(noiseInit, 'performXXFallbackHandshake')
// @ts-expect-error
const ikRespSpy = sandbox.spy(noiseResp, 'performIKHandshake')
// Prepare key cache for noise pipes

4
test/utils.ts
View File

@ -8,7 +8,7 @@ export async function generateEd25519Keys (): Promise<PrivateKey> {
export function getKeyPairFromPeerId (peerId: PeerId): KeyPair {
return {
privateKey: peerId.privKey.marshal().slice(0, 32),
publicKey: peerId.marshalPubKey()
privateKey: Buffer.from(peerId.privKey.marshal().slice(0, 32)),
publicKey: Buffer.from(peerId.marshalPubKey())
}
}

7
test/xx-fallback-handshake.spec.ts
View File

@ -48,7 +48,7 @@ describe('XX Fallback Handshake', () => {
// This is the point where initiator falls back from IK
const initialMsgI = await connectionFrom.readLP()
const handshakeInit =
new XXFallbackHandshake(true, handshakePayload, prologue, staticKeysInitiator, connectionFrom, initialMsgI, peerB, ephemeralKeys)
new XXFallbackHandshake(true, handshakePayload, prologue, staticKeysInitiator, connectionFrom, initialMsgI.slice(0), peerB, ephemeralKeys)
await handshakeInit.propose()
await handshakeInit.exchange()
@ -60,7 +60,10 @@ describe('XX Fallback Handshake', () => {
const sessionResponder = handshakeResp.session
// Test shared key
if (sessionInitator.cs1 && sessionResponder.cs1 && sessionInitator.cs2 && sessionResponder.cs2) {
if (sessionInitator.cs1 !== undefined &&
sessionResponder.cs1 !== undefined &&
sessionInitator.cs2 !== undefined &&
sessionResponder.cs2 !== undefined) {
assert(sessionInitator.cs1.k.equals(sessionResponder.cs1.k))
assert(sessionInitator.cs2.k.equals(sessionResponder.cs2.k))
} else {

4
tsconfig.json
View File

@ -1,5 +1,8 @@
{
"compilerOptions": {
"outDir": "dist",
"incremental": true,
"composite": true,
"target": "ES2018",
"module": "commonjs",
"strict": true,
@ -14,6 +17,7 @@
]
},
"include": [
"**/test/**/*.ts",
"**/src/**/*.ts",
"**/src/**/*.js"
],

8580
yarn.lock
View File

File diff suppressed because it is too large Load Diff