refactor: crypto and pnet (#469)

* feat: add initial plaintext 2 module * refactor: initial refactor of pnet * chore: fix lint * fix: update plaintext api usage * test: use plaintext for test crypto * chore: update deps test: update dialer suite scope * feat: add connection protection to the upgrader * refactor: cleanup and lint fix * chore: remove unncessary transforms * chore: temporarily disable bundlesize * chore: add missing dep * fix: use it-handshake to prevent overreading * chore(fix): PR feedback updates * chore: apply suggestions from code review Co-Authored-By: Vasco Santos <vasco.santos@moxy.studio>
2025-06-23 05:51:37 +00:00 · 2019-11-04 14:05:58 +01:00
parent 5e1dbc21a2
commit fe2a8eddbb
19 changed files with 577 additions and 309 deletions
--- a/src/upgrader.js
+++ b/src/upgrader.js
@ -32,11 +32,20 @@ class Upgrader {
   * @param {PeerId} options.localPeer
   * @param {Map<string, Crypto>} options.cryptos
   * @param {Map<string, Muxer>} options.muxers
+   * @param {function(Connection)} options.onConnection Called when a connection is upgraded
+   * @param {function(Connection)} options.onConnectionEnd
   */
-  constructor ({ localPeer, cryptos, muxers, onConnectionEnd = () => {}, onConnection = () => {} }) {
+  constructor ({
+    localPeer,
+    cryptos,
+    muxers,
+    onConnectionEnd = () => {},
+    onConnection = () => {}
+  }) {
    this.localPeer = localPeer
    this.cryptos = cryptos || new Map()
    this.muxers = muxers || new Map()
+    this.protector = null
    this.protocols = new Map()
    this.onConnection = onConnection
    this.onConnectionEnd = onConnectionEnd
@ -55,13 +64,21 @@ class Upgrader {
    let Muxer
    let cryptoProtocol

+    log('Starting the inbound connection upgrade')
+
+    // Protect
+    let protectedConn = maConn
+    if (this.protector) {
+      protectedConn = await this.protector.protect(maConn)
+    }
+
    try {
      // Encrypt the connection
      ({
        conn: encryptedConn,
        remotePeer,
        protocol: cryptoProtocol
-      } = await this._encryptInbound(this.localPeer, maConn, this.cryptos))
+      } = await this._encryptInbound(this.localPeer, protectedConn, this.cryptos))

      // Multiplex the connection
      ;({ stream: muxedConnection, Muxer } = await this._multiplexInbound(encryptedConn, this.muxers))
@ -104,13 +121,21 @@ class Upgrader {
    let cryptoProtocol
    let Muxer

+    log('Starting the outbound connection upgrade')
+
+    // Protect
+    let protectedConn = maConn
+    if (this.protector) {
+      protectedConn = await this.protector.protect(maConn)
+    }
+
    try {
      // Encrypt the connection
      ({
        conn: encryptedConn,
        remotePeer,
        protocol: cryptoProtocol
-      } = await this._encryptOutbound(this.localPeer, maConn, remotePeerId, this.cryptos))
+      } = await this._encryptOutbound(this.localPeer, protectedConn, remotePeerId, this.cryptos))

      // Multiplex the connection
      ;({ stream: muxedConnection, Muxer } = await this._multiplexOutbound(encryptedConn, this.muxers))
@ -241,7 +266,7 @@ class Upgrader {
  async _encryptInbound (localPeer, connection, cryptos) {
    const mss = new Multistream.Listener(connection)
    const protocols = Array.from(cryptos.keys())
-    log('selecting inbound crypto protocol', protocols)
+    log('handling inbound crypto protocol selection', protocols)

    try {
      const { stream, protocol } = await mss.handle(protocols)