fluencelabs/js-libp2p-noise
1
0
Fork 0
mirror of https://github.com/fluencelabs/js-libp2p-noise synced 2025-06-22 20:11:41 +00:00
Code Issues Projects Releases Wiki Activity

use libp2p keys from PeerId argument

Browse Source
This commit is contained in:
Belma Gutlic
2020-01-07 16:59:41 +01:00
parent b084207c52
commit ddfacf81e8
6 changed files with 65 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/handshake.ts
View File

@ -5,10 +5,6 @@ import { KeyPair, PeerId } from "./@types/libp2p";
import { bytes, bytes32 } from "./@types/basic";
import { NoiseSession } from "./@types/handshake";
import {
createHandshakePayload,
getHandshakePayload,
signEarlyDataPayload,
signPayload,
verifySignedPayload,
} from "./utils";
import { logger } from "./logger";
@ -19,8 +15,7 @@ export class Handshake {
public isInitiator: boolean;
public session: NoiseSession;
private libp2pPrivateKey: bytes;
private libp2pPublicKey: bytes;
private payload: bytes;
private prologue: bytes32;
private staticKeys: KeyPair;
private connection: WrappedConnection;
@ -29,8 +24,7 @@ export class Handshake {
constructor(
isInitiator: boolean,
libp2pPrivateKey: bytes,
libp2pPublicKey: bytes,
payload: bytes,
prologue: bytes32,
staticKeys: KeyPair,
connection: WrappedConnection,
@ -38,8 +32,7 @@ export class Handshake {
handshake?: XXHandshake,
) {
this.isInitiator = isInitiator;
this.libp2pPrivateKey = libp2pPrivateKey;
this.libp2pPublicKey = libp2pPublicKey;
this.payload = payload;
this.prologue = prologue;
this.staticKeys = staticKeys;
this.connection = connection;
@ -81,16 +74,7 @@ export class Handshake {
logger("All good with the signature!");
} else {
logger('Stage 1 - Responder sending out first message with signed payload and static key.');
const signedPayload = signPayload(this.libp2pPrivateKey, getHandshakePayload(this.staticKeys.publicKey));
const signedEarlyDataPayload = signEarlyDataPayload(this.libp2pPrivateKey, Buffer.alloc(0));
const handshakePayload = await createHandshakePayload(
this.libp2pPublicKey,
this.libp2pPrivateKey,
signedPayload,
signedEarlyDataPayload,
);
const messageBuffer = this.xx.sendMessage(this.session, handshakePayload);
const messageBuffer = this.xx.sendMessage(this.session, this.payload);
this.connection.writeLP(encodeMessageBuffer(messageBuffer));
logger('Stage 1 - Responder sent the second handshake message with signed payload.')
}
@ -100,15 +84,7 @@ export class Handshake {
async finish(earlyData?: bytes): Promise<void> {
if (this.isInitiator) {
logger('Stage 2 - Initiator sending third handshake message.');
const signedPayload = signPayload(this.libp2pPrivateKey, getHandshakePayload(this.staticKeys.publicKey));
const signedEarlyDataPayload = signEarlyDataPayload(this.libp2pPrivateKey, earlyData || Buffer.alloc(0));
const handshakePayload = await createHandshakePayload(
this.libp2pPublicKey,
this.libp2pPrivateKey,
signedPayload,
signedEarlyDataPayload
);
const messageBuffer = this.xx.sendMessage(this.session, handshakePayload);
const messageBuffer = this.xx.sendMessage(this.session, this.payload);
this.connection.writeLP(encodeMessageBuffer(messageBuffer));
logger('Stage 2 - Initiator sent message with signed payload.');
} else {

25
src/noise.ts
View File

@ -7,7 +7,14 @@ import pipe from 'it-pipe';
import lp from 'it-length-prefixed';
import { Handshake } from "./handshake";
import { generateKeypair } from "./utils";
import {
createHandshakePayload,
generateKeypair,
getHandshakePayload,
getPayload,
signEarlyDataPayload,
signPayload
} from "./utils";
import { uint16BEDecode, uint16BEEncode } from "./encoder";
import { decryptStream, encryptStream } from "./crypto";
import { bytes } from "./@types/basic";
@ -19,12 +26,10 @@ export type WrappedConnection = ReturnType<typeof Wrap>;
export class Noise implements NoiseConnection {
public protocol = "/noise";
private readonly privateKey: bytes;
private readonly staticKeys: KeyPair;
private readonly earlyData?: bytes;
constructor(privateKey: bytes, staticNoiseKey?: bytes, earlyData?: bytes) {
this.privateKey = privateKey;
constructor(staticNoiseKey?: bytes, earlyData?: bytes) {
this.earlyData = earlyData || Buffer.alloc(0);
if (staticNoiseKey) {
@ -47,8 +52,7 @@ export class Noise implements NoiseConnection {
*/
public async secureOutbound(localPeer: PeerId, connection: any, remotePeer: PeerId): Promise<SecureOutbound> {
const wrappedConnection = Wrap(connection);
const libp2pPublicKey = localPeer.marshalPubKey();
const handshake = await this.performHandshake(wrappedConnection, true, libp2pPublicKey, remotePeer);
const handshake = await this.performHandshake(wrappedConnection, true, localPeer, remotePeer);
const conn = await this.createSecureConnection(wrappedConnection, handshake);
return {
@ -66,8 +70,7 @@ export class Noise implements NoiseConnection {
*/
public async secureInbound(localPeer: PeerId, connection: any, remotePeer: PeerId): Promise<SecureOutbound> {
const wrappedConnection = Wrap(connection);
const libp2pPublicKey = localPeer.marshalPubKey();
const handshake = await this.performHandshake(wrappedConnection, false, libp2pPublicKey, remotePeer);
const handshake = await this.performHandshake(wrappedConnection, false, localPeer, remotePeer);
const conn = await this.createSecureConnection(wrappedConnection, handshake);
return {
@ -79,11 +82,12 @@ export class Noise implements NoiseConnection {
private async performHandshake(
connection: WrappedConnection,
isInitiator: boolean,
libp2pPublicKey: bytes,
localPeer: PeerId,
remotePeer: PeerId,
): Promise<Handshake> {
const prologue = Buffer.from(this.protocol);
const handshake = new Handshake(isInitiator, this.privateKey, libp2pPublicKey, prologue, this.staticKeys, connection, remotePeer);
const payload = await getPayload(localPeer, this.staticKeys.publicKey);
const handshake = new Handshake(isInitiator, payload, prologue, this.staticKeys, connection, remotePeer);
try {
await handshake.propose();
@ -119,5 +123,4 @@ export class Noise implements NoiseConnection {
return user;
}
}

28
src/utils.ts
View File

@ -23,6 +23,22 @@ export function generateKeypair(): KeyPair {
}
}
export async function getPayload(
localPeer: PeerId,
staticPublicKey: bytes,
earlyData?: bytes,
): Promise<bytes> {
const signedPayload = await signPayload(localPeer, getHandshakePayload(staticPublicKey));
const signedEarlyDataPayload = await signEarlyDataPayload(localPeer, earlyData || Buffer.alloc(0));
return await createHandshakePayload(
localPeer.marshalPubKey(),
localPeer.marshalPrivKey(),
signedPayload,
signedEarlyDataPayload
);
}
export async function createHandshakePayload(
libp2pPublicKey: bytes,
libp2pPrivateKey: bytes,
@ -46,8 +62,8 @@ export async function createHandshakePayload(
}
export function signPayload(libp2pPrivateKey: bytes, payload: bytes) {
return ed25519.sign(payload, libp2pPrivateKey);
export async function signPayload(peerId: PeerId, payload: bytes): Promise<bytes> {
return peerId.privKey.sign(payload);
}
type EarlyDataPayload = {
@ -55,9 +71,9 @@ type EarlyDataPayload = {
libp2pDataSignature: bytes;
}
export function signEarlyDataPayload(libp2pPrivateKey: bytes, earlyData: bytes): EarlyDataPayload {
export async function signEarlyDataPayload(peerId: PeerId, earlyData: bytes): Promise<EarlyDataPayload> {
const payload = getEarlyDataPayload(earlyData);
const signedPayload = signPayload(libp2pPrivateKey, payload);
const signedPayload = await signPayload(peerId, payload);
return {
libp2pData: payload,
@ -84,8 +100,8 @@ export async function verifySignedPayload(noiseStaticKey: bytes, plaintext: byte
const generatedPayload = getHandshakePayload(noiseStaticKey);
// Unmarshaling from PublicKey protobuf and taking key buffer only.
const publicKey = crypto.keys.unmarshalPublicKey(receivedPayload.libp2pKey).marshal();
if (!ed25519.verify(generatedPayload, receivedPayload.noiseStaticKeySignature, publicKey)) {
const publicKey = crypto.keys.unmarshalPublicKey(receivedPayload.libp2pKey);
if (!publicKey.verify(generatedPayload, receivedPayload.noiseStaticKeySignature)) {
throw new Error("Static key doesn't match to peer that signed payload!");
}
}