use libp2p keys from PeerId argument

src/handshake.ts

@@ -5,10 +5,6 @@ import { KeyPair, PeerId } from "./@types/libp2p";
 import { bytes, bytes32 } from "./@types/basic";
 import { NoiseSession } from "./@types/handshake";
 import {
-  createHandshakePayload,
-  getHandshakePayload,
-  signEarlyDataPayload,
-  signPayload,
   verifySignedPayload,
 } from "./utils";
 import { logger } from "./logger";
@@ -19,8 +15,7 @@ export class Handshake {
   public isInitiator: boolean;
   public session: NoiseSession;
 
-  private libp2pPrivateKey: bytes;
-  private libp2pPublicKey: bytes;
+  private payload: bytes;
   private prologue: bytes32;
   private staticKeys: KeyPair;
   private connection: WrappedConnection;
@@ -29,8 +24,7 @@ export class Handshake {
 
   constructor(
     isInitiator: boolean,
-    libp2pPrivateKey: bytes,
-    libp2pPublicKey: bytes,
+    payload: bytes,
     prologue: bytes32,
     staticKeys: KeyPair,
     connection: WrappedConnection,
@@ -38,8 +32,7 @@ export class Handshake {
     handshake?: XXHandshake,
   ) {
     this.isInitiator = isInitiator;
-    this.libp2pPrivateKey = libp2pPrivateKey;
-    this.libp2pPublicKey = libp2pPublicKey;
+    this.payload = payload;
     this.prologue = prologue;
     this.staticKeys = staticKeys;
     this.connection = connection;
@@ -81,16 +74,7 @@ export class Handshake {
       logger("All good with the signature!");
     } else {
       logger('Stage 1 - Responder sending out first message with signed payload and static key.');
-      const signedPayload = signPayload(this.libp2pPrivateKey, getHandshakePayload(this.staticKeys.publicKey));
-      const signedEarlyDataPayload = signEarlyDataPayload(this.libp2pPrivateKey, Buffer.alloc(0));
-      const handshakePayload = await createHandshakePayload(
-        this.libp2pPublicKey,
-        this.libp2pPrivateKey,
-        signedPayload,
-        signedEarlyDataPayload,
-      );
-
-      const messageBuffer = this.xx.sendMessage(this.session, handshakePayload);
+      const messageBuffer = this.xx.sendMessage(this.session, this.payload);
       this.connection.writeLP(encodeMessageBuffer(messageBuffer));
       logger('Stage 1 - Responder sent the second handshake message with signed payload.')
     }
@@ -100,15 +84,7 @@ export class Handshake {
   async finish(earlyData?: bytes): Promise<void> {
     if (this.isInitiator) {
       logger('Stage 2 - Initiator sending third handshake message.');
-      const signedPayload = signPayload(this.libp2pPrivateKey, getHandshakePayload(this.staticKeys.publicKey));
-      const signedEarlyDataPayload = signEarlyDataPayload(this.libp2pPrivateKey, earlyData || Buffer.alloc(0));
-      const handshakePayload = await createHandshakePayload(
-        this.libp2pPublicKey,
-        this.libp2pPrivateKey,
-        signedPayload,
-        signedEarlyDataPayload
-      );
-      const messageBuffer = this.xx.sendMessage(this.session, handshakePayload);
+      const messageBuffer = this.xx.sendMessage(this.session, this.payload);
       this.connection.writeLP(encodeMessageBuffer(messageBuffer));
       logger('Stage 2 - Initiator sent message with signed payload.');
     } else {

src/noise.ts

@@ -7,7 +7,14 @@ import pipe from 'it-pipe';
 import lp from 'it-length-prefixed';
 
 import { Handshake } from "./handshake";
-import { generateKeypair } from "./utils";
+import {
+  createHandshakePayload,
+  generateKeypair,
+  getHandshakePayload,
+  getPayload,
+  signEarlyDataPayload,
+  signPayload
+} from "./utils";
 import { uint16BEDecode, uint16BEEncode } from "./encoder";
 import { decryptStream, encryptStream } from "./crypto";
 import { bytes } from "./@types/basic";
@@ -19,12 +26,10 @@ export type WrappedConnection = ReturnType<typeof Wrap>;
 export class Noise implements NoiseConnection {
   public protocol = "/noise";
 
-  private readonly privateKey: bytes;
   private readonly staticKeys: KeyPair;
   private readonly earlyData?: bytes;
 
-  constructor(privateKey: bytes, staticNoiseKey?: bytes, earlyData?: bytes) {
-    this.privateKey = privateKey;
+  constructor(staticNoiseKey?: bytes, earlyData?: bytes) {
     this.earlyData = earlyData || Buffer.alloc(0);
 
     if (staticNoiseKey) {
@@ -47,8 +52,7 @@ export class Noise implements NoiseConnection {
    */
   public async secureOutbound(localPeer: PeerId, connection: any, remotePeer: PeerId): Promise<SecureOutbound> {
     const wrappedConnection = Wrap(connection);
-    const libp2pPublicKey = localPeer.marshalPubKey();
-    const handshake = await this.performHandshake(wrappedConnection, true, libp2pPublicKey, remotePeer);
+    const handshake = await this.performHandshake(wrappedConnection, true, localPeer, remotePeer);
     const conn = await this.createSecureConnection(wrappedConnection, handshake);
 
     return {
@@ -66,8 +70,7 @@ export class Noise implements NoiseConnection {
    */
   public async secureInbound(localPeer: PeerId, connection: any, remotePeer: PeerId): Promise<SecureOutbound> {
     const wrappedConnection = Wrap(connection);
-    const libp2pPublicKey = localPeer.marshalPubKey();
-    const handshake = await this.performHandshake(wrappedConnection, false, libp2pPublicKey, remotePeer);
+    const handshake = await this.performHandshake(wrappedConnection, false, localPeer, remotePeer);
     const conn = await this.createSecureConnection(wrappedConnection, handshake);
 
     return {
@@ -79,11 +82,12 @@ export class Noise implements NoiseConnection {
   private async performHandshake(
     connection: WrappedConnection,
     isInitiator: boolean,
-    libp2pPublicKey: bytes,
+    localPeer: PeerId,
     remotePeer: PeerId,
   ): Promise<Handshake> {
     const prologue = Buffer.from(this.protocol);
-    const handshake = new Handshake(isInitiator, this.privateKey, libp2pPublicKey, prologue, this.staticKeys, connection, remotePeer);
+    const payload = await getPayload(localPeer, this.staticKeys.publicKey);
+    const handshake = new Handshake(isInitiator, payload, prologue, this.staticKeys, connection, remotePeer);
 
     try {
       await handshake.propose();
@@ -119,5 +123,4 @@ export class Noise implements NoiseConnection {
     return user;
   }
 
-
 }

src/utils.ts

@@ -23,6 +23,22 @@ export function generateKeypair(): KeyPair {
   }
 }
 
+export async function getPayload(
+  localPeer: PeerId,
+  staticPublicKey: bytes,
+  earlyData?: bytes,
+): Promise<bytes> {
+  const signedPayload = await signPayload(localPeer, getHandshakePayload(staticPublicKey));
+  const signedEarlyDataPayload = await signEarlyDataPayload(localPeer, earlyData || Buffer.alloc(0));
+
+  return await createHandshakePayload(
+    localPeer.marshalPubKey(),
+    localPeer.marshalPrivKey(),
+    signedPayload,
+    signedEarlyDataPayload
+  );
+}
+
 export async function createHandshakePayload(
   libp2pPublicKey: bytes,
   libp2pPrivateKey: bytes,
@@ -46,8 +62,8 @@ export async function createHandshakePayload(
 }
 
 
-export function signPayload(libp2pPrivateKey: bytes, payload: bytes) {
-  return ed25519.sign(payload, libp2pPrivateKey);
+export async function signPayload(peerId: PeerId, payload: bytes): Promise<bytes> {
+  return peerId.privKey.sign(payload);
 }
 
 type EarlyDataPayload = {
@@ -55,9 +71,9 @@ type EarlyDataPayload = {
   libp2pDataSignature: bytes;
 }
 
-export function signEarlyDataPayload(libp2pPrivateKey: bytes, earlyData: bytes): EarlyDataPayload {
+export async function signEarlyDataPayload(peerId: PeerId, earlyData: bytes): Promise<EarlyDataPayload> {
   const payload = getEarlyDataPayload(earlyData);
-  const signedPayload = signPayload(libp2pPrivateKey, payload);
+  const signedPayload = await signPayload(peerId, payload);
 
   return {
     libp2pData: payload,
@@ -84,8 +100,8 @@ export async function verifySignedPayload(noiseStaticKey: bytes, plaintext: byte
 
   const generatedPayload = getHandshakePayload(noiseStaticKey);
   // Unmarshaling from PublicKey protobuf and taking key buffer only.
-  const publicKey = crypto.keys.unmarshalPublicKey(receivedPayload.libp2pKey).marshal();
-  if (!ed25519.verify(generatedPayload, receivedPayload.noiseStaticKeySignature, publicKey)) {
+  const publicKey = crypto.keys.unmarshalPublicKey(receivedPayload.libp2pKey);
+  if (!publicKey.verify(generatedPayload, receivedPayload.noiseStaticKeySignature)) {
     throw new Error("Static key doesn't match to peer that signed payload!");
   }
 }

test/handshake.test.ts

@@ -4,7 +4,7 @@ import {Buffer} from "buffer";
 import Wrap from "it-pb-rpc";
 
 import {Handshake} from "../src/handshake";
-import {generateKeypair} from "../src/utils";
+import {generateKeypair, getPayload} from "../src/utils";
 import {createPeerIdsFromFixtures} from "./fixtures/peer";
 import {getKeyPairFromPeerId} from "./utils";
 
@@ -26,11 +26,11 @@ describe("Handshake", () => {
       const staticKeysInitiator = generateKeypair();
       const staticKeysResponder = generateKeypair();
 
-      const { privateKey: initiatorPrivKey, publicKey: initiatorPubKey } = getKeyPairFromPeerId(peerA);
-      const handshakeInitator = new Handshake(true, initiatorPrivKey, initiatorPubKey, prologue, staticKeysInitiator, connectionFrom, peerB);
+      const initPayload = await getPayload(peerA, staticKeysInitiator.publicKey);
+      const handshakeInitator = new Handshake(true, initPayload, prologue, staticKeysInitiator, connectionFrom, peerB);
 
-      const { privateKey: responderPrivKey, publicKey: responderPubKey } = getKeyPairFromPeerId(peerB);
-      const handshakeResponder = new Handshake(false, responderPrivKey, responderPubKey, prologue, staticKeysResponder, connectionTo, peerA);
+      const respPayload = await getPayload(peerB, staticKeysResponder.publicKey);
+      const handshakeResponder = new Handshake(false, respPayload, prologue, staticKeysResponder, connectionTo, peerA);
 
       await handshakeInitator.propose();
       await handshakeResponder.propose();
@@ -71,11 +71,11 @@ describe("Handshake", () => {
       const staticKeysInitiator = generateKeypair();
       const staticKeysResponder = generateKeypair();
 
-      const { privateKey: initiatorPrivKey, publicKey: initiatorPubKey } = getKeyPairFromPeerId(peerA);
-      const handshakeInitator = new Handshake(true, initiatorPrivKey, initiatorPubKey, prologue, staticKeysInitiator, connectionFrom, fakePeer);
+      const initPayload = await getPayload(peerA, staticKeysInitiator.publicKey);
+      const handshakeInitator = new Handshake(true, initPayload, prologue, staticKeysInitiator, connectionFrom, fakePeer);
 
-      const { privateKey: responderPrivKey, publicKey: responderPubKey } = getKeyPairFromPeerId(peerB);
-      const handshakeResponder = new Handshake(false, responderPrivKey, responderPubKey, prologue, staticKeysResponder, connectionTo, peerA);
+      const respPayload = await getPayload(peerB, staticKeysResponder.publicKey);
+      const handshakeResponder = new Handshake(false, respPayload, prologue, staticKeysResponder, connectionTo, peerA);
 
       await handshakeInitator.propose();
       await handshakeResponder.propose();
@@ -99,11 +99,11 @@ describe("Handshake", () => {
       const staticKeysInitiator = generateKeypair();
       const staticKeysResponder = generateKeypair();
 
-      const { privateKey: initiatorPrivKey, publicKey: initiatorPubKey } = getKeyPairFromPeerId(peerA);
-      const handshakeInitator = new Handshake(true, initiatorPrivKey, initiatorPubKey, prologue, staticKeysInitiator, connectionFrom, peerB);
+      const initPayload = await getPayload(peerA, staticKeysInitiator.publicKey);
+      const handshakeInitator = new Handshake(true, initPayload, prologue, staticKeysInitiator, connectionFrom, peerB);
 
-      const { privateKey: responderPrivKey, publicKey: responderPubKey } = getKeyPairFromPeerId(peerB);
-      const handshakeResponder = new Handshake(false, responderPrivKey, responderPubKey, prologue, staticKeysResponder, connectionTo, fakePeer);
+      const respPayload = await getPayload(peerB, staticKeysResponder.publicKey);
+      const handshakeResponder = new Handshake(false, respPayload, prologue, staticKeysResponder, connectionTo, fakePeer);
 
       await handshakeInitator.propose();
       await handshakeResponder.propose();

test/index.test.ts

@@ -3,7 +3,7 @@ import { Noise } from "../src";
 
 describe("Index", () => {
   it("should expose class with tag and required functions", () => {
-    const noise = new Noise(Buffer.from("privatekey"));
+    const noise = new Noise();
     expect(noise.protocol).to.equal('/noise');
     expect(typeof(noise.secureInbound)).to.equal('function');
     expect(typeof(noise.secureOutbound)).to.equal('function');

test/noise.test.ts

@@ -9,7 +9,7 @@ import {Handshake} from "../src/handshake";
 import {
   createHandshakePayload,
   generateKeypair,
-  getHandshakePayload,
+  getHandshakePayload, getPayload,
   signPayload
 } from "../src/utils";
 import { decodeMessageBuffer, encodeMessageBuffer } from "../src/encoder";
@@ -26,10 +26,8 @@ describe("Noise", () => {
 
   it("should communicate through encrypted streams", async() => {
     try {
-      const { privateKey: libp2pInitPrivKey } = getKeyPairFromPeerId(localPeer);
-      const { privateKey: libp2pRespPrivKey } = getKeyPairFromPeerId(remotePeer);
-      const noiseInit = new Noise(libp2pInitPrivKey);
-      const noiseResp = new Noise(libp2pRespPrivKey);
+      const noiseInit = new Noise();
+      const noiseResp = new Noise();
 
       const [inboundConnection, outboundConnection] = DuplexPair();
       const [outbound, inbound] = await Promise.all([
@@ -48,8 +46,7 @@ describe("Noise", () => {
   });
 
   it("should test that secureOutbound is spec compliant", async() => {
-    const { privateKey: libp2pInitPrivKey } = getKeyPairFromPeerId(localPeer);
-    const noiseInit = new Noise(libp2pInitPrivKey);
+    const noiseInit = new Noise();
     const [inboundConnection, outboundConnection] = DuplexPair();
 
     const [outbound, { wrapped, handshake }] = await Promise.all([
@@ -59,9 +56,9 @@ describe("Noise", () => {
         const prologue = Buffer.from('/noise');
         const staticKeys = generateKeypair();
         const xx = new XXHandshake();
-        const { privateKey: libp2pPrivKey, publicKey: libp2pPubKey } = getKeyPairFromPeerId(remotePeer);
 
-        const handshake = new Handshake(false, libp2pPrivKey, libp2pPubKey, prologue, staticKeys, wrapped, localPeer, xx);
+        const payload = await getPayload(remotePeer, staticKeys.publicKey);
+        const handshake = new Handshake(false, payload, prologue, staticKeys, wrapped, localPeer, xx);
 
         let receivedMessageBuffer = decodeMessageBuffer((await wrapped.readLP()).slice());
         // The first handshake message contains the initiator's ephemeral public key
@@ -69,7 +66,8 @@ describe("Noise", () => {
         xx.recvMessage(handshake.session, receivedMessageBuffer);
 
         // Stage 1
-        const signedPayload = signPayload(libp2pPrivKey, getHandshakePayload(staticKeys.publicKey));
+        const { privateKey: libp2pPrivKey, publicKey: libp2pPubKey } = getKeyPairFromPeerId(remotePeer);
+        const signedPayload = await signPayload(remotePeer, getHandshakePayload(staticKeys.publicKey));
         const handshakePayload = await createHandshakePayload(libp2pPubKey, libp2pPrivKey, signedPayload);
 
         const messageBuffer = xx.sendMessage(handshake.session, handshakePayload);
@@ -101,10 +99,8 @@ describe("Noise", () => {
 
   it("should test large payloads", async() => {
     try {
-      const { privateKey: libp2pInitPrivKey } = getKeyPairFromPeerId(localPeer);
-      const { privateKey: libp2pRespPrivKey } = getKeyPairFromPeerId(remotePeer);
-      const noiseInit = new Noise(libp2pInitPrivKey);
-      const noiseResp = new Noise(libp2pRespPrivKey);
+      const noiseInit = new Noise();
+      const noiseResp = new Noise();
 
       const [inboundConnection, outboundConnection] = DuplexPair();
       const [outbound, inbound] = await Promise.all([