varun-r-mallya/py-libp2p
1
0
Fork 0
mirror of https://github.com/varun-r-mallya/py-libp2p.git synced 2026-02-09 22:50:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Noise: complete handshake process

Browse Source 
TODO
- Figure out why `state.rs` is erased at some moment(even handshake
is not done).
- Refactor
- Add tests
This commit is contained in:
mhchia
2020-02-16 00:42:49 +08:00
parent 8a4ebd4cbb
commit d0290d2b5a
6 changed files with 176 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
libp2p/security/noise/patterns.py
View File

@ -3,14 +3,25 @@ from abc import ABC, abstractmethod
from noise.connection import Keypair as NoiseKeypair
from noise.connection import NoiseConnection as NoiseState
from libp2p.crypto.ed25519 import Ed25519PublicKey
from libp2p.crypto.keys import PrivateKey
from libp2p.network.connection.raw_connection_interface import IRawConnection
from libp2p.peer.id import ID
from libp2p.security.secure_conn_interface import ISecureConn
from .connection import NoiseConnection
from .exceptions import HandshakeHasNotFinished
from .exceptions import (
HandshakeHasNotFinished,
InvalidSignature,
NoiseStateError,
PeerIDMismatchesPubkey,
)
from .io import NoiseHandshakeReadWriter
from .messages import (
NoiseHandshakePayload,
make_handshake_payload_sig,
verify_handshake_payload_sig,
)
class IPattern(ABC):
@ -30,6 +41,7 @@ class BasePattern(IPattern):
noise_static_key: PrivateKey
local_peer: ID
libp2p_privkey: PrivateKey
early_data: bytes
def create_noise_state(self) -> NoiseState:
noise_state = NoiseState.from_name(self.protocol_name)
@ -38,59 +50,102 @@ class BasePattern(IPattern):
)
return noise_state
def make_handshake_payload(self) -> NoiseHandshakePayload:
signature = make_handshake_payload_sig(
self.libp2p_privkey, self.noise_static_key.get_public_key()
)
return NoiseHandshakePayload(self.libp2p_privkey.get_public_key(), signature)
class PatternXX(BasePattern):
def __init__(
self, local_peer: ID, libp2p_privkey: PrivateKey, noise_static_key: PrivateKey
self,
local_peer: ID,
libp2p_privkey: PrivateKey,
noise_static_key: PrivateKey,
early_data: bytes = None,
) -> None:
self.protocol_name = b"Noise_XX_25519_ChaChaPoly_SHA256"
self.local_peer = local_peer
self.libp2p_privkey = libp2p_privkey
self.noise_static_key = noise_static_key
self.early_data = early_data
async def handshake_inbound(self, conn: IRawConnection) -> ISecureConn:
noise_state = self.create_noise_state()
noise_state.set_as_responder()
noise_state.start_handshake()
state = noise_state.noise_protocol.handshake_state
read_writer = NoiseHandshakeReadWriter(conn, noise_state)
# TODO: Parse and save the payload from the other side.
_ = await read_writer.read_msg()
# TODO: Send our payload.
our_payload = b"server"
await read_writer.write_msg(our_payload)
# Consume msg#1
await read_writer.read_msg()
# TODO: Parse and save another payload from the other side.
_ = await read_writer.read_msg()
# Send msg#2, which should include our handshake payload.
our_payload = self.make_handshake_payload()
msg_2 = our_payload.serialize()
await read_writer.write_msg(msg_2)
# Receive msg#3
msg_3 = await read_writer.read_msg()
peer_handshake_payload = NoiseHandshakePayload.deserialize(msg_3)
if state.rs is None:
raise NoiseStateError
remote_pubkey = Ed25519PublicKey.from_bytes(state.rs.public_bytes)
if not verify_handshake_payload_sig(peer_handshake_payload, remote_pubkey):
raise InvalidSignature
remote_peer_id_from_pubkey = ID.from_pubkey(peer_handshake_payload.id_pubkey)
# TODO: Add a specific exception
if not noise_state.handshake_finished:
raise HandshakeHasNotFinished(
"handshake done but it is not marked as finished in `noise_state`"
"handshake is done but it is not marked as finished in `noise_state`"
)
# FIXME: `remote_peer` should be derived from the messages.
return NoiseConnection(self.local_peer, self.libp2p_privkey, None, conn, False)
return NoiseConnection(
self.local_peer,
self.libp2p_privkey,
remote_peer_id_from_pubkey,
conn,
False,
)
async def handshake_outbound(
self, conn: IRawConnection, remote_peer: ID
) -> ISecureConn:
noise_state = self.create_noise_state()
read_writer = NoiseHandshakeReadWriter(conn, noise_state)
noise_state.set_as_initiator()
noise_state.start_handshake()
await read_writer.write_msg(b"")
state = noise_state.noise_protocol.handshake_state
# TODO: Parse and save the payload from the other side.
_ = await read_writer.read_msg()
msg_1 = b""
await read_writer.write_msg(msg_1)
# TODO: Send our payload.
our_payload = b"client"
await read_writer.write_msg(our_payload)
msg_2 = await read_writer.read_msg()
peer_handshake_payload = NoiseHandshakePayload.deserialize(msg_2)
if state.rs is None:
raise NoiseStateError
remote_pubkey = Ed25519PublicKey.from_bytes(state.rs.public_bytes)
if not verify_handshake_payload_sig(peer_handshake_payload, remote_pubkey):
raise InvalidSignature
remote_peer_id_from_pubkey = ID.from_pubkey(peer_handshake_payload.id_pubkey)
if remote_peer_id_from_pubkey != remote_peer:
raise PeerIDMismatchesPubkey(
"peer id does not correspond to the received pubkey: "
f"remote_peer={remote_peer}, "
f"remote_peer_id_from_pubkey={remote_peer_id_from_pubkey}"
)
our_payload = self.make_handshake_payload()
msg_3 = our_payload.serialize()
await read_writer.write_msg(msg_3)
# TODO: Add a specific exception
if not noise_state.handshake_finished:
raise Exception
raise HandshakeHasNotFinished(
"handshake is done but it is not marked as finished in `noise_state`"
)
return NoiseConnection(
self.local_peer, self.libp2p_privkey, remote_peer, conn, False