refactor: crypto and pnet (#469)

* feat: add initial plaintext 2 module * refactor: initial refactor of pnet * chore: fix lint * fix: update plaintext api usage * test: use plaintext for test crypto * chore: update deps test: update dialer suite scope * feat: add connection protection to the upgrader * refactor: cleanup and lint fix * chore: remove unncessary transforms * chore: temporarily disable bundlesize * chore: add missing dep * fix: use it-handshake to prevent overreading * chore(fix): PR feedback updates * chore: apply suggestions from code review Co-Authored-By: Vasco Santos <vasco.santos@moxy.studio>
2025-06-29 08:51:34 +00:00 · 2019-11-04 14:05:58 +01:00
parent 5e1dbc21a2
commit fe2a8eddbb
19 changed files with 577 additions and 309 deletions
--- a/src/insecure/plaintext.js
+++ b/src/insecure/plaintext.js
@ -0,0 +1,67 @@
+'use strict'
+
+const handshake = require('it-handshake')
+const lp = require('it-length-prefixed')
+const PeerId = require('peer-id')
+const debug = require('debug')
+const log = debug('libp2p:plaintext')
+log.error = debug('libp2p:plaintext:error')
+const { UnexpectedPeerError, InvalidCryptoExchangeError } = require('libp2p-interfaces/src/crypto/errors')
+
+const { Exchange, KeyType } = require('./proto')
+const protocol = '/plaintext/2.0.0'
+
+function lpEncodeExchange (exchange) {
+  const pb = Exchange.encode(exchange)
+  return lp.encode.single(pb)
+}
+
+async function encrypt (localId, conn, remoteId) {
+  const shake = handshake(conn)
+
+  // Encode the public key and write it to the remote peer
+  shake.write(lpEncodeExchange({
+    id: localId.toBytes(),
+    pubkey: {
+      Type: KeyType.RSA, // TODO: dont hard code
+      Data: localId.marshalPubKey()
+    }
+  }))
+
+  log('write pubkey exchange to peer %j', remoteId)
+
+  // Get the Exchange message
+  const response = (await lp.decodeFromReader(shake.reader).next()).value
+  const id = Exchange.decode(response.slice())
+  log('read pubkey exchange from peer %j', remoteId)
+
+  let peerId
+  try {
+    peerId = await PeerId.createFromPubKey(id.pubkey.Data)
+  } catch (err) {
+    log.error(err)
+    throw new InvalidCryptoExchangeError('Remote did not provide its public key')
+  }
+
+  if (remoteId && !peerId.isEqual(remoteId)) {
+    throw new UnexpectedPeerError()
+  }
+
+  log('plaintext key exchange completed successfully with peer %j', peerId)
+
+  shake.rest()
+  return {
+    conn: shake.stream,
+    remotePeer: peerId
+  }
+}
+
+module.exports = {
+  protocol,
+  secureInbound: (localId, conn, remoteId) => {
+    return encrypt(localId, conn, remoteId)
+  },
+  secureOutbound: (localId, conn, remoteId) => {
+    return encrypt(localId, conn, remoteId)
+  }
+}