fluencelabs/js-libp2p-noise
1
0
Fork 0
mirror of https://github.com/fluencelabs/js-libp2p-noise synced 2025-04-25 16:32:27 +00:00
Code Issues Projects Releases Wiki Activity

Verify payload in stage 1

Browse Source
This commit is contained in:
morrigan 2019-12-02 13:18:31 +01:00
parent 7b03a3df3b
commit bf9ae90a5e
4 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/handshake.ts
View File

@ -80,7 +80,7 @@ export class Handshake {
if (!libp2pRemotekey) {
throw new Error("Missing remote's libp2p public key, can't verify signature.");
}
verifySignedPayload(receivedMessageBuffer.ns, plaintext, libp2pRemotekey);
await verifySignedPayload(receivedMessageBuffer.ns, plaintext, libp2pRemotekey);
} else {
logger('Stage 1 - Responder sending out first message with signed payload and static key.');
const signedPayload = signPayload(this.libp2pPrivateKey, getHandshakePayload(this.staticKeys.publicKey));

7
src/noise.ts
View File

@ -47,7 +47,7 @@ export class Noise implements NoiseConnection {
public async secureOutbound(localPeer: PeerId, connection: any, remotePeer: PeerId): Promise<SecureOutbound> {
const wrappedConnection = Wrap(connection);
const libp2pPublicKey = localPeer.pubKey.marshal();
const handshake = await this.performHandshake(wrappedConnection, true, libp2pPublicKey);
const handshake = await this.performHandshake(wrappedConnection, true, libp2pPublicKey, remotePeer);
const conn = await this.createSecureConnection(wrappedConnection, handshake);
return {
@ -66,7 +66,7 @@ export class Noise implements NoiseConnection {
public async secureInbound(localPeer: PeerId, connection: any, remotePeer: PeerId): Promise<SecureOutbound> {
const wrappedConnection = Wrap(connection);
const libp2pPublicKey = localPeer.pubKey.marshal();
const handshake = await this.performHandshake(wrappedConnection, false, libp2pPublicKey);
const handshake = await this.performHandshake(wrappedConnection, false, libp2pPublicKey, remotePeer);
const conn = await this.createSecureConnection(wrappedConnection, handshake);
return {
@ -79,12 +79,13 @@ export class Noise implements NoiseConnection {
connection: WrappedConnection,
isInitiator: boolean,
libp2pPublicKey: bytes,
remotePeer: PeerId,
): Promise<Handshake> {
const prologue = Buffer.from(this.protocol);
const handshake = new Handshake(isInitiator, this.privateKey, libp2pPublicKey, prologue, this.staticKeys, connection);
await handshake.propose(this.earlyData);
await handshake.exchange();
await handshake.exchange(remotePeer.pubKey.marshal());
await handshake.finish();
return handshake;

8
src/utils.ts
View File

@ -90,11 +90,13 @@ export async function verifyPeerId(peerId: bytes, publicKey: bytes) {
}
}
export function verifySignedPayload(noiseStaticKey: bytes, plaintext: bytes, libp2pPublicKey: bytes) {
export async function verifySignedPayload(noiseStaticKey: bytes, plaintext: bytes, libp2pPublicKey: bytes) {
const NoiseHandshakePayload = await loadPayloadProto();
const receivedPayload = NoiseHandshakePayload.toObject(NoiseHandshakePayload.decode(plaintext));
const generatedPayload = getHandshakePayload(noiseStaticKey);
if (!ed25519.verify(generatedPayload, signature, libp2pPublicKey)) {
throw new Error("Static key doesn't match to peer that signed payload!");
if (!ed25519.verify(generatedPayload, receivedPayload.noiseStaticKeySignature, libp2pPublicKey)) {
Promise.reject("Static key doesn't match to peer that signed payload!");
}
}

2
test/handshake.test.ts
View File

@ -31,7 +31,7 @@ describe("Handshake", () => {
await handshakeResponder.propose();
await handshakeResponder.exchange();
await handshakeInitator.exchange();
await handshakeInitator.exchange(peerB.pubKey.marshal());
await handshakeInitator.finish();
await handshakeResponder.finish();