js-libp2p/src/insecure/plaintext.js

'use strict'

const debug = require('debug')
const log = Object.assign(debug('libp2p:plaintext'), {
  error: debug('libp2p:plaintext:err')
})
const handshake = require('it-handshake')
const lp = require('it-length-prefixed')
const PeerId = require('peer-id')
const { UnexpectedPeerError, InvalidCryptoExchangeError } = require('libp2p-interfaces/src/crypto/errors')

const { Exchange, KeyType } = require('./proto')
const protocol = '/plaintext/2.0.0'

/**
 * @typedef {import('libp2p-interfaces/src/connection').Connection} Connection
 */

function lpEncodeExchange (exchange) {
  const pb = Exchange.encode(exchange)
  return lp.encode.single(pb)
}

/**
 * Encrypt connection.
 *
 * @param {PeerId} localId
 * @param {Connection} conn
 * @param {PeerId} [remoteId]
 */
async function encrypt (localId, conn, remoteId) {
  const shake = handshake(conn)

  // Encode the public key and write it to the remote peer
  shake.write(lpEncodeExchange({
    id: localId.toBytes(),
    pubkey: {
      Type: KeyType.RSA, // TODO: dont hard code
      Data: localId.marshalPubKey()
    }
  }))

  log('write pubkey exchange to peer %j', remoteId)

  // Get the Exchange message
  const response = (await lp.decode.fromReader(shake.reader).next()).value
  const id = Exchange.decode(response.slice())
  log('read pubkey exchange from peer %j', remoteId)

  let peerId
  try {
    peerId = await PeerId.createFromPubKey(id.pubkey.Data)
  } catch (err) {
    log.error(err)
    throw new InvalidCryptoExchangeError('Remote did not provide its public key')
  }

  if (remoteId && !peerId.equals(remoteId)) {
    throw new UnexpectedPeerError()
  }

  log('plaintext key exchange completed successfully with peer %j', peerId)

  shake.rest()
  return {
    conn: shake.stream,
    remotePeer: peerId
  }
}

module.exports = {
  protocol,
  secureInbound: (localId, conn, remoteId) => {
    return encrypt(localId, conn, remoteId)
  },
  secureOutbound: (localId, conn, remoteId) => {
    return encrypt(localId, conn, remoteId)
  }
}
refactor: crypto and pnet (#469) * feat: add initial plaintext 2 module * refactor: initial refactor of pnet * chore: fix lint * fix: update plaintext api usage * test: use plaintext for test crypto * chore: update deps test: update dialer suite scope * feat: add connection protection to the upgrader * refactor: cleanup and lint fix * chore: remove unncessary transforms * chore: temporarily disable bundlesize * chore: add missing dep * fix: use it-handshake to prevent overreading * chore(fix): PR feedback updates * chore: apply suggestions from code review Co-Authored-By: Vasco Santos <vasco.santos@moxy.studio> 2019-11-04 14:05:58 +01:00			`'use strict'`

chore: add typedefs (#802) 2020-12-10 14:48:14 +01:00			`const debug = require('debug')`
			`const log = Object.assign(debug('libp2p:plaintext'), {`
			`error: debug('libp2p:plaintext:err')`
			`})`
refactor: crypto and pnet (#469) * feat: add initial plaintext 2 module * refactor: initial refactor of pnet * chore: fix lint * fix: update plaintext api usage * test: use plaintext for test crypto * chore: update deps test: update dialer suite scope * feat: add connection protection to the upgrader * refactor: cleanup and lint fix * chore: remove unncessary transforms * chore: temporarily disable bundlesize * chore: add missing dep * fix: use it-handshake to prevent overreading * chore(fix): PR feedback updates * chore: apply suggestions from code review Co-Authored-By: Vasco Santos <vasco.santos@moxy.studio> 2019-11-04 14:05:58 +01:00			`const handshake = require('it-handshake')`
			`const lp = require('it-length-prefixed')`
			`const PeerId = require('peer-id')`
			`const { UnexpectedPeerError, InvalidCryptoExchangeError } = require('libp2p-interfaces/src/crypto/errors')`

			`const { Exchange, KeyType } = require('./proto')`
			`const protocol = '/plaintext/2.0.0'`

chore: add typedefs (#802) 2020-12-10 14:48:14 +01:00			`/**`
			`* @typedef {import('libp2p-interfaces/src/connection').Connection} Connection`
			`*/`

refactor: crypto and pnet (#469) * feat: add initial plaintext 2 module * refactor: initial refactor of pnet * chore: fix lint * fix: update plaintext api usage * test: use plaintext for test crypto * chore: update deps test: update dialer suite scope * feat: add connection protection to the upgrader * refactor: cleanup and lint fix * chore: remove unncessary transforms * chore: temporarily disable bundlesize * chore: add missing dep * fix: use it-handshake to prevent overreading * chore(fix): PR feedback updates * chore: apply suggestions from code review Co-Authored-By: Vasco Santos <vasco.santos@moxy.studio> 2019-11-04 14:05:58 +01:00			`function lpEncodeExchange (exchange) {`
			`const pb = Exchange.encode(exchange)`
			`return lp.encode.single(pb)`
			`}`

chore: add typedefs (#802) 2020-12-10 14:48:14 +01:00			`/**`
			`* Encrypt connection.`
			`*`
			`* @param {PeerId} localId`
			`* @param {Connection} conn`
			`* @param {PeerId} [remoteId]`
			`*/`
refactor: crypto and pnet (#469) * feat: add initial plaintext 2 module * refactor: initial refactor of pnet * chore: fix lint * fix: update plaintext api usage * test: use plaintext for test crypto * chore: update deps test: update dialer suite scope * feat: add connection protection to the upgrader * refactor: cleanup and lint fix * chore: remove unncessary transforms * chore: temporarily disable bundlesize * chore: add missing dep * fix: use it-handshake to prevent overreading * chore(fix): PR feedback updates * chore: apply suggestions from code review Co-Authored-By: Vasco Santos <vasco.santos@moxy.studio> 2019-11-04 14:05:58 +01:00			`async function encrypt (localId, conn, remoteId) {`
			`const shake = handshake(conn)`

			`// Encode the public key and write it to the remote peer`
			`shake.write(lpEncodeExchange({`
			`id: localId.toBytes(),`
			`pubkey: {`
			`Type: KeyType.RSA, // TODO: dont hard code`
			`Data: localId.marshalPubKey()`
			`}`
			`}))`

			`log('write pubkey exchange to peer %j', remoteId)`

			`// Get the Exchange message`
chore: update it-length-prefixed (#476) fix: decode.fromReader usage 2019-11-13 16:38:07 +01:00			`const response = (await lp.decode.fromReader(shake.reader).next()).value`
refactor: crypto and pnet (#469) * feat: add initial plaintext 2 module * refactor: initial refactor of pnet * chore: fix lint * fix: update plaintext api usage * test: use plaintext for test crypto * chore: update deps test: update dialer suite scope * feat: add connection protection to the upgrader * refactor: cleanup and lint fix * chore: remove unncessary transforms * chore: temporarily disable bundlesize * chore: add missing dep * fix: use it-handshake to prevent overreading * chore(fix): PR feedback updates * chore: apply suggestions from code review Co-Authored-By: Vasco Santos <vasco.santos@moxy.studio> 2019-11-04 14:05:58 +01:00			`const id = Exchange.decode(response.slice())`
			`log('read pubkey exchange from peer %j', remoteId)`

			`let peerId`
			`try {`
			`peerId = await PeerId.createFromPubKey(id.pubkey.Data)`
			`} catch (err) {`
			`log.error(err)`
			`throw new InvalidCryptoExchangeError('Remote did not provide its public key')`
			`}`

chore: address review 2020-07-15 11:40:57 +02:00			`if (remoteId && !peerId.equals(remoteId)) {`
refactor: crypto and pnet (#469) * feat: add initial plaintext 2 module * refactor: initial refactor of pnet * chore: fix lint * fix: update plaintext api usage * test: use plaintext for test crypto * chore: update deps test: update dialer suite scope * feat: add connection protection to the upgrader * refactor: cleanup and lint fix * chore: remove unncessary transforms * chore: temporarily disable bundlesize * chore: add missing dep * fix: use it-handshake to prevent overreading * chore(fix): PR feedback updates * chore: apply suggestions from code review Co-Authored-By: Vasco Santos <vasco.santos@moxy.studio> 2019-11-04 14:05:58 +01:00			`throw new UnexpectedPeerError()`
			`}`

			`log('plaintext key exchange completed successfully with peer %j', peerId)`

			`shake.rest()`
			`return {`
			`conn: shake.stream,`
			`remotePeer: peerId`
			`}`
			`}`

			`module.exports = {`
			`protocol,`
			`secureInbound: (localId, conn, remoteId) => {`
			`return encrypt(localId, conn, remoteId)`
			`},`
			`secureOutbound: (localId, conn, remoteId) => {`
			`return encrypt(localId, conn, remoteId)`
			`}`
			`}`