mirror of
https://github.com/fluencelabs/js-libp2p-noise
synced 2025-04-26 02:12:15 +00:00
Fix merging updated payload signing
This commit is contained in:
Belma Gutlic
parent
29f16c481f
commit
ad45be5e7b
@ -10,8 +10,7 @@ export class IKHandshake implements IHandshake {
|
|||||||
public isInitiator: boolean;
|
public isInitiator: boolean;
|
||||||
public session: NoiseSession;
|
public session: NoiseSession;
|
||||||
|
|
||||||
private libp2pPrivateKey: bytes;
|
private payload: bytes;
|
||||||
private libp2pPublicKey: bytes;
|
|
||||||
private prologue: bytes32;
|
private prologue: bytes32;
|
||||||
private staticKeypair: KeyPair;
|
private staticKeypair: KeyPair;
|
||||||
private connection: WrappedConnection;
|
private connection: WrappedConnection;
|
||||||
@ -20,8 +19,7 @@ export class IKHandshake implements IHandshake {
|
|||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
isInitiator: boolean,
|
isInitiator: boolean,
|
||||||
libp2pPrivateKey: bytes,
|
payload: bytes,
|
||||||
libp2pPublicKey: bytes,
|
|
||||||
prologue: bytes32,
|
prologue: bytes32,
|
||||||
staticKeypair: KeyPair,
|
staticKeypair: KeyPair,
|
||||||
connection: WrappedConnection,
|
connection: WrappedConnection,
|
||||||
@ -29,8 +27,7 @@ export class IKHandshake implements IHandshake {
|
|||||||
handshake?: IK,
|
handshake?: IK,
|
||||||
) {
|
) {
|
||||||
this.isInitiator = isInitiator;
|
this.isInitiator = isInitiator;
|
||||||
this.libp2pPrivateKey = libp2pPrivateKey;
|
this.payload = payload;
|
||||||
this.libp2pPublicKey = libp2pPublicKey;
|
|
||||||
this.prologue = prologue;
|
this.prologue = prologue;
|
||||||
this.staticKeypair = staticKeypair;
|
this.staticKeypair = staticKeypair;
|
||||||
this.connection = connection;
|
this.connection = connection;
|
||||||
|
|||||||
@ -21,8 +21,7 @@ export class XXFallbackHandshake extends XXHandshake {
|
|||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
isInitiator: boolean,
|
isInitiator: boolean,
|
||||||
libp2pPrivateKey: bytes,
|
payload: bytes,
|
||||||
libp2pPublicKey: bytes,
|
|
||||||
prologue: bytes32,
|
prologue: bytes32,
|
||||||
staticKeypair: KeyPair,
|
staticKeypair: KeyPair,
|
||||||
connection: WrappedConnection,
|
connection: WrappedConnection,
|
||||||
@ -31,7 +30,7 @@ export class XXFallbackHandshake extends XXHandshake {
|
|||||||
ephemeralKeys?: KeyPair,
|
ephemeralKeys?: KeyPair,
|
||||||
handshake?: XX,
|
handshake?: XX,
|
||||||
) {
|
) {
|
||||||
super(isInitiator, libp2pPrivateKey, libp2pPublicKey, prologue, staticKeypair, connection, remotePeer, handshake);
|
super(isInitiator, payload, prologue, staticKeypair, connection, remotePeer, handshake);
|
||||||
if (ephemeralKeys) {
|
if (ephemeralKeys) {
|
||||||
this.ephemeralKeys = ephemeralKeys;
|
this.ephemeralKeys = ephemeralKeys;
|
||||||
}
|
}
|
||||||
@ -60,7 +59,6 @@ export class XXFallbackHandshake extends XXHandshake {
|
|||||||
if (this.isInitiator) {
|
if (this.isInitiator) {
|
||||||
logger('XX Fallback Stage 1 - Initiator waiting to receive first message from responder...');
|
logger('XX Fallback Stage 1 - Initiator waiting to receive first message from responder...');
|
||||||
const receivedMessageBuffer = decode1(this.initialMsg);
|
const receivedMessageBuffer = decode1(this.initialMsg);
|
||||||
logger("Initiator receivedMessageBuffer in stage 1", receivedMessageBuffer);
|
|
||||||
const plaintext = this.xx.recvMessage(this.session, receivedMessageBuffer);
|
const plaintext = this.xx.recvMessage(this.session, receivedMessageBuffer);
|
||||||
logger('XX Fallback Stage 1 - Initiator received the message. Got remote\'s static key.');
|
logger('XX Fallback Stage 1 - Initiator received the message. Got remote\'s static key.');
|
||||||
|
|
||||||
@ -73,16 +71,7 @@ export class XXFallbackHandshake extends XXHandshake {
|
|||||||
logger("All good with the signature!");
|
logger("All good with the signature!");
|
||||||
} else {
|
} else {
|
||||||
logger('XX Fallback Stage 1 - Responder sending out first message with signed payload and static key.');
|
logger('XX Fallback Stage 1 - Responder sending out first message with signed payload and static key.');
|
||||||
const signedPayload = signPayload(this.libp2pPrivateKey, getHandshakePayload(this.staticKeypair.publicKey));
|
const messageBuffer = this.xx.sendMessage(this.session, this.payload);
|
||||||
const signedEarlyDataPayload = signEarlyDataPayload(this.libp2pPrivateKey, Buffer.alloc(0));
|
|
||||||
const handshakePayload = await createHandshakePayload(
|
|
||||||
this.libp2pPublicKey,
|
|
||||||
this.libp2pPrivateKey,
|
|
||||||
signedPayload,
|
|
||||||
signedEarlyDataPayload,
|
|
||||||
);
|
|
||||||
|
|
||||||
const messageBuffer = this.xx.sendMessage(this.session, handshakePayload);
|
|
||||||
this.connection.writeLP(encode1(messageBuffer));
|
this.connection.writeLP(encode1(messageBuffer));
|
||||||
logger('XX Fallback Stage 1 - Responder sent the second handshake message with signed payload.')
|
logger('XX Fallback Stage 1 - Responder sent the second handshake message with signed payload.')
|
||||||
}
|
}
|
||||||
|
|||||||
@ -16,15 +16,13 @@ export class XXHandshake implements IHandshake {
|
|||||||
public isInitiator: boolean;
|
public isInitiator: boolean;
|
||||||
public session: NoiseSession;
|
public session: NoiseSession;
|
||||||
|
|
||||||
|
protected payload: bytes;
|
||||||
protected connection: WrappedConnection;
|
protected connection: WrappedConnection;
|
||||||
protected xx: XX;
|
protected xx: XX;
|
||||||
protected libp2pPrivateKey: bytes;
|
|
||||||
protected libp2pPublicKey: bytes;
|
|
||||||
protected staticKeypair: KeyPair;
|
protected staticKeypair: KeyPair;
|
||||||
protected remotePeer: PeerId;
|
protected remotePeer: PeerId;
|
||||||
|
|
||||||
private prologue: bytes32;
|
private prologue: bytes32;
|
||||||
private payload: bytes;
|
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
isInitiator: boolean,
|
isInitiator: boolean,
|
||||||
|
|||||||
15
src/noise.ts
15
src/noise.ts
@ -22,7 +22,7 @@ export type WrappedConnection = ReturnType<typeof Wrap>;
|
|||||||
type HandshakeParams = {
|
type HandshakeParams = {
|
||||||
connection: WrappedConnection;
|
connection: WrappedConnection;
|
||||||
isInitiator: boolean;
|
isInitiator: boolean;
|
||||||
libp2pPublicKey: bytes;
|
localPeer: PeerId;
|
||||||
remotePeer: PeerId;
|
remotePeer: PeerId;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -30,7 +30,6 @@ export class Noise implements NoiseConnection {
|
|||||||
public protocol = "/noise";
|
public protocol = "/noise";
|
||||||
|
|
||||||
private readonly prologue = Buffer.from(this.protocol);
|
private readonly prologue = Buffer.from(this.protocol);
|
||||||
private readonly privateKey: bytes;
|
|
||||||
private readonly staticKeys: KeyPair;
|
private readonly staticKeys: KeyPair;
|
||||||
private readonly earlyData?: bytes;
|
private readonly earlyData?: bytes;
|
||||||
|
|
||||||
@ -127,9 +126,9 @@ export class Noise implements NoiseConnection {
|
|||||||
ephemeralKeys: KeyPair,
|
ephemeralKeys: KeyPair,
|
||||||
initialMsg: bytes,
|
initialMsg: bytes,
|
||||||
): Promise<XXFallbackHandshake> {
|
): Promise<XXFallbackHandshake> {
|
||||||
const { isInitiator, libp2pPublicKey, remotePeer, connection } = params;
|
const { isInitiator, remotePeer, connection } = params;
|
||||||
const handshake =
|
const handshake =
|
||||||
new XXFallbackHandshake(isInitiator, payload, this.privateKey, libp2pPublicKey, this.prologue, this.staticKeys, connection, remotePeer, initialMsg, ephemeralKeys);
|
new XXFallbackHandshake(isInitiator, payload, this.prologue, this.staticKeys, connection, remotePeer, initialMsg, ephemeralKeys);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
await handshake.propose();
|
await handshake.propose();
|
||||||
@ -146,8 +145,8 @@ export class Noise implements NoiseConnection {
|
|||||||
params: HandshakeParams,
|
params: HandshakeParams,
|
||||||
payload: bytes,
|
payload: bytes,
|
||||||
): Promise<XXHandshake> {
|
): Promise<XXHandshake> {
|
||||||
const { isInitiator, libp2pPublicKey, remotePeer, connection } = params;
|
const { isInitiator, remotePeer, connection } = params;
|
||||||
const handshake = new XXHandshake(isInitiator, payload, this.privateKey, libp2pPublicKey, this.prologue, this.staticKeys, connection, remotePeer);
|
const handshake = new XXHandshake(isInitiator, payload, this.prologue, this.staticKeys, connection, remotePeer);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
await handshake.propose();
|
await handshake.propose();
|
||||||
@ -164,8 +163,8 @@ export class Noise implements NoiseConnection {
|
|||||||
params: HandshakeParams,
|
params: HandshakeParams,
|
||||||
payload: bytes,
|
payload: bytes,
|
||||||
): Promise<IKHandshake> {
|
): Promise<IKHandshake> {
|
||||||
const { isInitiator, libp2pPublicKey, remotePeer, connection } = params;
|
const { isInitiator, localPeer, remotePeer, connection } = params;
|
||||||
const handshake = new IKHandshake(isInitiator, payload, this.privateKey, libp2pPublicKey, this.prologue, this.staticKeys, connection, remotePeer);
|
const handshake = new IKHandshake(isInitiator, payload, this.prologue, this.staticKeys, connection, remotePeer);
|
||||||
|
|
||||||
// TODO
|
// TODO
|
||||||
|
|
||||||
|
|||||||
@ -57,9 +57,8 @@ describe("Noise", () => {
|
|||||||
const staticKeys = generateKeypair();
|
const staticKeys = generateKeypair();
|
||||||
const xx = new XX();
|
const xx = new XX();
|
||||||
|
|
||||||
const handshake = new XXHandshake(false, libp2pPrivKey, libp2pPubKey, prologue, staticKeys, wrapped, localPeer, xx);
|
|
||||||
const payload = await getPayload(remotePeer, staticKeys.publicKey);
|
const payload = await getPayload(remotePeer, staticKeys.publicKey);
|
||||||
const handshake = new Handshake(false, payload, prologue, staticKeys, wrapped, localPeer, xx);
|
const handshake = new XXHandshake(false, payload, prologue, staticKeys, wrapped, localPeer, xx);
|
||||||
|
|
||||||
let receivedMessageBuffer = decode0((await wrapped.readLP()).slice());
|
let receivedMessageBuffer = decode0((await wrapped.readLP()).slice());
|
||||||
// The first handshake message contains the initiator's ephemeral public key
|
// The first handshake message contains the initiator's ephemeral public key
|
||||||
@ -67,9 +66,9 @@ describe("Noise", () => {
|
|||||||
xx.recvMessage(handshake.session, receivedMessageBuffer);
|
xx.recvMessage(handshake.session, receivedMessageBuffer);
|
||||||
|
|
||||||
// Stage 1
|
// Stage 1
|
||||||
const { privateKey: libp2pPrivKey, publicKey: libp2pPubKey } = getKeyPairFromPeerId(remotePeer);
|
const { publicKey: libp2pPubKey } = getKeyPairFromPeerId(remotePeer);
|
||||||
const signedPayload = await signPayload(remotePeer, getHandshakePayload(staticKeys.publicKey));
|
const signedPayload = await signPayload(remotePeer, getHandshakePayload(staticKeys.publicKey));
|
||||||
const handshakePayload = await createHandshakePayload(libp2pPubKey, libp2pPrivKey, signedPayload);
|
const handshakePayload = await createHandshakePayload(libp2pPubKey, signedPayload);
|
||||||
|
|
||||||
const messageBuffer = xx.sendMessage(handshake.session, handshakePayload);
|
const messageBuffer = xx.sendMessage(handshake.session, handshakePayload);
|
||||||
wrapped.writeLP(encode1(messageBuffer));
|
wrapped.writeLP(encode1(messageBuffer));
|
||||||
|
|||||||
@ -3,17 +3,13 @@ import {Buffer} from "buffer";
|
|||||||
import Duplex from 'it-pair/duplex';
|
import Duplex from 'it-pair/duplex';
|
||||||
|
|
||||||
import {
|
import {
|
||||||
createHandshakePayload,
|
|
||||||
generateKeypair,
|
generateKeypair,
|
||||||
getHandshakePayload,
|
getPayload,
|
||||||
signPayload
|
|
||||||
} from "../src/utils";
|
} from "../src/utils";
|
||||||
import {generateEd25519Keys, getKeyPairFromPeerId} from "./utils";
|
|
||||||
import {XXFallbackHandshake} from "../src/handshake-xx-fallback";
|
import {XXFallbackHandshake} from "../src/handshake-xx-fallback";
|
||||||
import {createPeerIdsFromFixtures} from "./fixtures/peer";
|
import {createPeerIdsFromFixtures} from "./fixtures/peer";
|
||||||
import {assert} from "chai";
|
import {assert} from "chai";
|
||||||
import {decode1, encode0, encode1} from "../src/encoder";
|
import {decode1, encode0, encode1} from "../src/encoder";
|
||||||
import {XX} from "../src/handshakes/xx";
|
|
||||||
|
|
||||||
describe("XX Fallback Handshake", () => {
|
describe("XX Fallback Handshake", () => {
|
||||||
let peerA, peerB, fakePeer;
|
let peerA, peerB, fakePeer;
|
||||||
@ -33,24 +29,17 @@ describe("XX Fallback Handshake", () => {
|
|||||||
const staticKeysResponder = generateKeypair();
|
const staticKeysResponder = generateKeypair();
|
||||||
const ephemeralKeys = generateKeypair();
|
const ephemeralKeys = generateKeypair();
|
||||||
|
|
||||||
const {privateKey: initiatorPrivKey, publicKey: initiatorPubKey} = getKeyPairFromPeerId(peerA);
|
|
||||||
const {privateKey: responderPrivKey, publicKey: responderPubKey} = getKeyPairFromPeerId(peerB);
|
|
||||||
|
|
||||||
// Initial msg for responder is IK first message from initiator
|
// Initial msg for responder is IK first message from initiator
|
||||||
const signedPayload = signPayload(initiatorPrivKey, getHandshakePayload(staticKeysInitiator.publicKey));
|
const handshakePayload = await getPayload(peerA, staticKeysInitiator.publicKey);
|
||||||
const handshakePayload = await createHandshakePayload(
|
|
||||||
initiatorPubKey,
|
|
||||||
initiatorPrivKey,
|
|
||||||
signedPayload,
|
|
||||||
);
|
|
||||||
const initialMsgR = encode0({
|
const initialMsgR = encode0({
|
||||||
ne: ephemeralKeys.publicKey,
|
ne: ephemeralKeys.publicKey,
|
||||||
ns: Buffer.alloc(0),
|
ns: Buffer.alloc(0),
|
||||||
ciphertext: handshakePayload,
|
ciphertext: handshakePayload,
|
||||||
});
|
});
|
||||||
|
|
||||||
|
const respPayload = await getPayload(peerB, staticKeysResponder.publicKey);
|
||||||
const handshakeResp =
|
const handshakeResp =
|
||||||
new XXFallbackHandshake(false, responderPrivKey, responderPubKey, prologue, staticKeysResponder, connectionTo, peerA, initialMsgR);
|
new XXFallbackHandshake(false, respPayload, prologue, staticKeysResponder, connectionTo, peerA, initialMsgR);
|
||||||
|
|
||||||
await handshakeResp.propose();
|
await handshakeResp.propose();
|
||||||
await handshakeResp.exchange();
|
await handshakeResp.exchange();
|
||||||
@ -59,7 +48,7 @@ describe("XX Fallback Handshake", () => {
|
|||||||
// This is the point where initiator falls back from IK
|
// This is the point where initiator falls back from IK
|
||||||
const initialMsgI = await connectionFrom.readLP();
|
const initialMsgI = await connectionFrom.readLP();
|
||||||
const handshakeInit =
|
const handshakeInit =
|
||||||
new XXFallbackHandshake(true, initiatorPrivKey, initiatorPubKey, prologue, staticKeysInitiator, connectionFrom, peerB, initialMsgI, ephemeralKeys);
|
new XXFallbackHandshake(true, handshakePayload, prologue, staticKeysInitiator, connectionFrom, peerB, initialMsgI, ephemeralKeys);
|
||||||
|
|
||||||
await handshakeInit.propose();
|
await handshakeInit.propose();
|
||||||
await handshakeInit.exchange();
|
await handshakeInit.exchange();
|
||||||
|
|||||||
@ -4,9 +4,8 @@ import {Buffer} from "buffer";
|
|||||||
import Wrap from "it-pb-rpc";
|
import Wrap from "it-pb-rpc";
|
||||||
|
|
||||||
import {XXHandshake} from "../src/handshake-xx";
|
import {XXHandshake} from "../src/handshake-xx";
|
||||||
import {generateKeypair} from "../src/utils";
|
import {generateKeypair, getPayload} from "../src/utils";
|
||||||
import {createPeerIdsFromFixtures} from "./fixtures/peer";
|
import {createPeerIdsFromFixtures} from "./fixtures/peer";
|
||||||
import {getKeyPairFromPeerId} from "./utils";
|
|
||||||
|
|
||||||
|
|
||||||
describe("XX Handshake", () => {
|
describe("XX Handshake", () => {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user