From 83e6380d8fdf0580f533930d05db074aae195d80 Mon Sep 17 00:00:00 2001
From: Matija Petrunic <matija.petrunic@gmail.com>
Date: Thu, 9 Apr 2020 15:33:15 +0200
Subject: [PATCH] Add basic session key logging

---
 src/constants.ts |  2 ++
 src/logger.ts    |  1 +
 src/noise.ts     |  6 +++++-
 src/utils.ts     | 26 +++++++++++++++++++++++++-
 4 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/src/constants.ts b/src/constants.ts
index d17e594..46d7aca 100644
--- a/src/constants.ts
+++ b/src/constants.ts
@@ -1,3 +1,5 @@
 export const NOISE_MSG_MAX_LENGTH_BYTES = 65535;
 export const NOISE_MSG_MAX_LENGTH_BYTES_WITHOUT_TAG = NOISE_MSG_MAX_LENGTH_BYTES - 16;
 
+export const DUMP_SESSION_KEYS = true;
+
diff --git a/src/logger.ts b/src/logger.ts
index 150e061..ad693e1 100644
--- a/src/logger.ts
+++ b/src/logger.ts
@@ -1,2 +1,3 @@
 import debug from "debug";
 export const logger = debug('libp2p:noise');
+export const sessionKeyLogger = debug('libp2p:session')
diff --git a/src/noise.ts b/src/noise.ts
index 404d9a7..421e6ee 100644
--- a/src/noise.ts
+++ b/src/noise.ts
@@ -9,7 +9,7 @@ import {encode, decode} from 'it-length-prefixed';
 import {XXHandshake} from "./handshake-xx";
 import {IKHandshake} from "./handshake-ik";
 import {XXFallbackHandshake} from "./handshake-xx-fallback";
-import {generateKeypair, getPayload} from "./utils";
+import {generateKeypair, getPayload, dumpSessionKeys} from "./utils";
 import {uint16BEDecode, uint16BEEncode} from "./encoder";
 import {decryptStream, encryptStream} from "./crypto";
 import {bytes} from "./@types/basic";
@@ -83,6 +83,8 @@ export class Noise implements INoiseConnection {
     });
     const conn = await this.createSecureConnection(wrappedConnection, handshake);
 
+    dumpSessionKeys(handshake.session.hs, localPeer.id, remotePeer.id);
+
     return {
       conn,
       remotePeer: handshake.remotePeer,
@@ -113,6 +115,8 @@ export class Noise implements INoiseConnection {
     });
     const conn = await this.createSecureConnection(wrappedConnection, handshake);
 
+    dumpSessionKeys(handshake.session.hs, localPeer.id, remotePeer ? remotePeer.id : undefined);
+
     return {
       conn,
       remotePeer: handshake.remotePeer
diff --git a/src/utils.ts b/src/utils.ts
index a4004f9..fa0fb55 100644
--- a/src/utils.ts
+++ b/src/utils.ts
@@ -4,8 +4,10 @@ import PeerId from "peer-id";
 import * as crypto from 'libp2p-crypto';
 import {KeyPair} from "./@types/libp2p";
 import {bytes, bytes32} from "./@types/basic";
-import {Hkdf, INoisePayload} from "./@types/handshake";
+import {Hkdf, INoisePayload, HandshakeState} from "./@types/handshake";
 import {pb} from "./proto/payload";
+import {sessionKeyLogger} from "./logger"
+import {DUMP_SESSION_KEYS} from "./constants"
 
 const NoiseHandshakePayloadProto = pb.NoiseHandshakePayload;
 
@@ -113,3 +115,25 @@ export function getHkdf(ck: bytes32, ikm: bytes): Hkdf {
 export function isValidPublicKey(pk: bytes): boolean {
   return x25519.publicKeyVerify(pk.slice(0, 32));
 }
+
+export function dumpSessionKeys(hs: HandshakeState, localPeerId: Buffer, remotePeerId=Buffer.alloc(0)): void {
+  if(!DUMP_SESSION_KEYS){
+    return;
+  }
+
+  if(hs.e === undefined){
+    hs.e = {privateKey: Buffer.alloc(0), publicKey: Buffer.alloc(0)}
+  }
+
+  const log = `
+    PEER_ID_LOCAL ${localPeerId.toString('hex')}
+    PEER_ID_REMOTE ${remotePeerId.toString('hex')}
+    LOCAL_STATIC_KEY ${hs.s.privateKey.toString('hex')}
+    LOCAL_EPHEMEREAL_KEY ${hs.e.privateKey.toString('hex')}
+    REMOTE_STATIC_KEY ${hs.rs.toString('hex')}
+    REMOTE_EPHEMEREAL_KEY ${hs.re.toString('hex')}
+    ENCRYPTION_KEY ${hs.ss.cs.k.toString('hex')}
+  `
+
+  sessionKeyLogger(log);
+}