diff --git a/transports/noise/CHANGELOG.md b/transports/noise/CHANGELOG.md index 7bbab360..4deec2a4 100644 --- a/transports/noise/CHANGELOG.md +++ b/transports/noise/CHANGELOG.md @@ -1,3 +1,9 @@ +# 0.41.1 [unreleased] + +- Deprecate non-compliant noise implementation. We intend to remove it in a future release without replacement. See [PR 3227]. + +[PR 3227]: https://github.com/libp2p/rust-libp2p/pull/3227 + # 0.41.0 - Remove `prost::Error` from public API. See [PR 3058]. diff --git a/transports/noise/Cargo.toml b/transports/noise/Cargo.toml index f0bf2864..50aacafe 100644 --- a/transports/noise/Cargo.toml +++ b/transports/noise/Cargo.toml @@ -3,7 +3,7 @@ name = "libp2p-noise" edition = "2021" rust-version = "1.60.0" description = "Cryptographic handshake protocol using the noise framework." -version = "0.41.0" +version = "0.41.1" authors = ["Parity Technologies "] license = "MIT" repository = "https://github.com/libp2p/rust-libp2p" diff --git a/transports/noise/src/lib.rs b/transports/noise/src/lib.rs index 45e5540d..52f13cca 100644 --- a/transports/noise/src/lib.rs +++ b/transports/noise/src/lib.rs @@ -60,7 +60,9 @@ mod protocol; pub use io::handshake::RemoteIdentity; pub use io::NoiseOutput; -pub use protocol::{x25519::X25519, x25519_spec::X25519Spec}; +#[allow(deprecated)] +pub use protocol::x25519::X25519; +pub use protocol::x25519_spec::X25519Spec; pub use protocol::{AuthenticKeypair, Keypair, KeypairIdentity, PublicKey, SecretKey}; pub use protocol::{Protocol, ProtocolParams, IK, IX, XX}; diff --git a/transports/noise/src/protocol.rs b/transports/noise/src/protocol.rs index 5a4ea04f..7ec9746d 100644 --- a/transports/noise/src/protocol.rs +++ b/transports/noise/src/protocol.rs @@ -245,7 +245,7 @@ impl snow::resolvers::CryptoResolver for Resolver { fn resolve_dh(&self, choice: &snow::params::DHChoice) -> Option> { if let snow::params::DHChoice::Curve25519 = choice { - Some(Box::new(Keypair::::default())) + Some(Box::new(Keypair::::default())) } else { None } @@ -308,7 +308,7 @@ impl snow::types::Random for Rng {} #[cfg(test)] mod tests { use super::*; - use crate::X25519; + use crate::X25519Spec; use once_cell::sync::Lazy; #[test] @@ -334,9 +334,9 @@ mod tests { } fn xx_builder(prologue: &'static [u8]) -> snow::Builder<'static> { - X25519::params_xx().into_builder(prologue, TEST_KEY.secret(), None) + X25519Spec::params_xx().into_builder(prologue, TEST_KEY.secret(), None) } // Hack to work around borrow-checker. - static TEST_KEY: Lazy> = Lazy::new(Keypair::::new); + static TEST_KEY: Lazy> = Lazy::new(Keypair::::new); } diff --git a/transports/noise/src/protocol/x25519.rs b/transports/noise/src/protocol/x25519.rs index 067f67ca..182d9905 100644 --- a/transports/noise/src/protocol/x25519.rs +++ b/transports/noise/src/protocol/x25519.rs @@ -23,6 +23,8 @@ //! **Note**: This set of protocols is not interoperable with other //! libp2p implementations. +#![allow(deprecated)] + use crate::{NoiseConfig, NoiseError, Protocol, ProtocolParams}; use curve25519_dalek::edwards::CompressedEdwardsY; use libp2p_core::UpgradeInfo; @@ -56,6 +58,10 @@ static PARAMS_XX: Lazy = Lazy::new(|| { /// A X25519 key. #[derive(Clone)] +#[deprecated( + since = "0.41.1", + note = "Will be removed because it is not compliant with the official libp2p specification. Use `X25519Spec` instead." +)] pub struct X25519([u8; 32]); impl AsRef<[u8]> for X25519 { @@ -135,15 +141,6 @@ impl Protocol for X25519 { } impl Keypair { - /// An "empty" keypair as a starting state for DH computations in `snow`, - /// which get manipulated through the `snow::types::Dh` interface. - pub(super) fn default() -> Self { - Keypair { - secret: SecretKey(X25519([0u8; 32])), - public: PublicKey(X25519([0u8; 32])), - } - } - /// Create a new X25519 keypair. pub fn new() -> Keypair { let mut sk_bytes = [0u8; 32]; diff --git a/transports/noise/src/protocol/x25519_spec.rs b/transports/noise/src/protocol/x25519_spec.rs index e114f107..87973463 100644 --- a/transports/noise/src/protocol/x25519_spec.rs +++ b/transports/noise/src/protocol/x25519_spec.rs @@ -29,7 +29,7 @@ use rand::Rng; use x25519_dalek::{x25519, X25519_BASEPOINT_BYTES}; use zeroize::Zeroize; -use super::{x25519::X25519, *}; +use super::*; /// Prefix of static key signatures for domain separation. const STATIC_KEY_DOMAIN: &str = "noise-libp2p-static-key:"; @@ -51,6 +51,15 @@ impl Zeroize for X25519Spec { } impl Keypair { + /// An "empty" keypair as a starting state for DH computations in `snow`, + /// which get manipulated through the `snow::types::Dh` interface. + pub(super) fn default() -> Self { + Keypair { + secret: SecretKey(X25519Spec([0u8; 32])), + public: PublicKey(X25519Spec([0u8; 32])), + } + } + /// Create a new X25519 keypair. pub fn new() -> Keypair { let mut sk_bytes = [0u8; 32]; @@ -110,15 +119,18 @@ impl UpgradeInfo for NoiseConfig { /// interoperable with other libp2p implementations. impl Protocol for X25519Spec { fn params_ik() -> ProtocolParams { - X25519::params_ik() + #[allow(deprecated)] + x25519::X25519::params_ik() } fn params_ix() -> ProtocolParams { - X25519::params_ix() + #[allow(deprecated)] + x25519::X25519::params_ix() } fn params_xx() -> ProtocolParams { - X25519::params_xx() + #[allow(deprecated)] + x25519::X25519::params_xx() } fn public_from_bytes(bytes: &[u8]) -> Result, NoiseError> { diff --git a/transports/noise/tests/smoke.rs b/transports/noise/tests/smoke.rs index 56b5e139..c92435e4 100644 --- a/transports/noise/tests/smoke.rs +++ b/transports/noise/tests/smoke.rs @@ -28,7 +28,6 @@ use libp2p_core::upgrade::{apply_inbound, apply_outbound, Negotiated}; use libp2p_core::{identity, transport, upgrade}; use libp2p_noise::{ Keypair, NoiseAuthenticated, NoiseConfig, NoiseError, NoiseOutput, RemoteIdentity, X25519Spec, - X25519, }; use libp2p_tcp as tcp; use log::info; @@ -47,7 +46,7 @@ fn core_upgrade_compat() { } #[test] -fn xx_spec() { +fn xx() { let _ = env_logger::try_init(); fn prop(mut messages: Vec) -> bool { messages.truncate(5); @@ -95,51 +94,6 @@ fn xx_spec() { .quickcheck(prop as fn(Vec) -> bool) } -#[test] -fn xx() { - let _ = env_logger::try_init(); - fn prop(mut messages: Vec) -> bool { - messages.truncate(5); - let server_id = identity::Keypair::generate_ed25519(); - let client_id = identity::Keypair::generate_ed25519(); - - let server_id_public = server_id.public(); - let client_id_public = client_id.public(); - - let server_dh = Keypair::::new().into_authentic(&server_id).unwrap(); - let server_transport = tcp::async_io::Transport::default() - .and_then(move |output, endpoint| { - upgrade::apply( - output, - NoiseConfig::xx(server_dh), - endpoint, - upgrade::Version::V1, - ) - }) - .and_then(move |out, _| expect_identity(out, &client_id_public)) - .boxed(); - - let client_dh = Keypair::::new().into_authentic(&client_id).unwrap(); - let client_transport = tcp::async_io::Transport::default() - .and_then(move |output, endpoint| { - upgrade::apply( - output, - NoiseConfig::xx(client_dh), - endpoint, - upgrade::Version::V1, - ) - }) - .and_then(move |out, _| expect_identity(out, &server_id_public)) - .boxed(); - - run(server_transport, client_transport, messages); - true - } - QuickCheck::new() - .max_tests(30) - .quickcheck(prop as fn(Vec) -> bool) -} - #[test] fn ix() { let _ = env_logger::try_init(); @@ -151,7 +105,9 @@ fn ix() { let server_id_public = server_id.public(); let client_id_public = client_id.public(); - let server_dh = Keypair::::new().into_authentic(&server_id).unwrap(); + let server_dh = Keypair::::new() + .into_authentic(&server_id) + .unwrap(); let server_transport = tcp::async_io::Transport::default() .and_then(move |output, endpoint| { upgrade::apply( @@ -164,7 +120,9 @@ fn ix() { .and_then(move |out, _| expect_identity(out, &client_id_public)) .boxed(); - let client_dh = Keypair::::new().into_authentic(&client_id).unwrap(); + let client_dh = Keypair::::new() + .into_authentic(&client_id) + .unwrap(); let client_transport = tcp::async_io::Transport::default() .and_then(move |output, endpoint| { upgrade::apply( @@ -196,7 +154,9 @@ fn ik_xx() { let client_id = identity::Keypair::generate_ed25519(); let client_id_public = client_id.public(); - let server_dh = Keypair::::new().into_authentic(&server_id).unwrap(); + let server_dh = Keypair::::new() + .into_authentic(&server_id) + .unwrap(); let server_dh_public = server_dh.public_dh_key().clone(); let server_transport = tcp::async_io::Transport::default() .and_then(move |output, endpoint| { @@ -213,7 +173,9 @@ fn ik_xx() { .and_then(move |out, _| expect_identity(out, &client_id_public)) .boxed(); - let client_dh = Keypair::::new().into_authentic(&client_id).unwrap(); + let client_dh = Keypair::::new() + .into_authentic(&client_id) + .unwrap(); let server_id_public2 = server_id_public.clone(); let client_transport = tcp::async_io::Transport::default() .and_then(move |output, endpoint| {