Integrate identity keys with libp2p-noise for authentication. (libp2p…

…#1027) * Integrate use of identity keys into libp2p-noise. In order to make libp2p-noise usable with a `Swarm`, which requires a `Transport::Output` that is a pair of a peer ID and an implementation of `StreamMuxer`, it is necessary to bridge the gap between static DH public keys and public identity keys from which peer IDs are derived. Because the DH static keys and the identity keys need not be related, it is thus generally necessary that the public identity keys are exchanged as part of the Noise handshake, which the Noise protocol accomodates for through the use of handshake message payloads. The implementation of the existing (IK, IX, XX) handshake patterns is thus changed to send the public identity keys in the handshake payloads. Additionally, to facilitate the use of any identity keypair with Noise handshakes, the static DH public keys are signed using the identity keypairs and the signatures sent alongside the public identity key in handshake payloads, unless the static DH public key is "linked" to the public identity key by other means, e.g. when an Ed25519 identity keypair is (re)used as an X25519 keypair. * libp2p-noise doesn't build for wasm. Thus the development transport needs to be still constructed with secio for transport security when building for wasm. * Documentation tweaks. * For consistency, avoid wildcard enum imports. * For consistency, avoid wildcard enum imports. * Slightly simplify io::handshake::State::finish. * Simplify creation of 2-byte arrays. * Remove unnecessary cast and obey 100 char line limit. * Update protocols/noise/src/protocol.rs Co-Authored-By: romanb <romanb@users.noreply.github.com> * Address more review comments. * Cosmetics * Cosmetics * Give authentic DH keypairs a distinct type. This has a couple of advantages: * Signing the DH public key only needs to happen once, before creating a `NoiseConfig` for an authenticated handshake. * The identity keypair only needs to be borrowed and can be dropped if it is not used further outside of the Noise protocol, since it is no longer needed during Noise handshakes. * It is explicit in the construction of a `NoiseConfig` for a handshake pattern, whether it operates with a plain `Keypair` or a keypair that is authentic w.r.t. a public identity key and future handshake patterns may be built with either. * The function signatures for constructing `NoiseConfig`s for handshake patterns are simplified and a few unnecessary trait bounds removed. * Post-merge corrections. * Add note on experimental status of libp2p-noise.
tomaka · May 7, 2019 · 8537eb3 · 8537eb3
1 parent e44b443
commit 8537eb3
Show file tree

Hide file tree

Showing 16 changed files with 1,205 additions and 558 deletions.
diff --git a/core/src/nodes/raw_swarm.rs b/core/src/nodes/raw_swarm.rs
@@ -994,8 +994,8 @@ where
         TConnInfo: Clone,
         TPeerId: AsRef<[u8]> + Send + 'static,
     {
-        // Start by polling the listeners for events, but only
-        // if numer of incoming connection does not exceed the limit.
+        // Start by polling the listeners for events, but only if the number
+        // of incoming connections does not exceed the limit.
         match self.incoming_limit {
             Some(x) if self.incoming_negotiated().count() >= (x as usize)
                 => (),

diff --git a/protocols/noise/Cargo.toml b/protocols/noise/Cargo.toml
@@ -13,9 +13,10 @@ futures = "0.1"
 lazy_static = "1.2"
 libp2p-core = { version = "0.7.0", path = "../../core" }
 log = "0.4"
+protobuf = "2.3"
 rand = "0.6.5"
 ring = { version = "0.14", features = ["use_heap"], default-features = false }
-snow = { version = "0.5.1", features = ["ring-resolver"], default-features = false }
+snow = { version = "0.5.2", features = ["ring-resolver"], default-features = false }
 tokio-io = "0.1"
 x25519-dalek = "0.5"
 zeroize = "0.5"

diff --git a/protocols/noise/make_proto.sh b/protocols/noise/make_proto.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+sudo docker run --rm -v `pwd`:/usr/code:z -w /usr/code rust /bin/bash -c " \
+    apt-get update; \
+    apt-get install -y protobuf-compiler; \
+    cargo install --version 2.3.0 protobuf-codegen; \
+    protoc --rust_out ./src/io/handshake/ ./src/io/handshake/payload.proto"
+
+sudo chown $USER:$USER ./src/io/handshake/payload.rs
diff --git a/protocols/noise/src/error.rs b/protocols/noise/src/error.rs
@@ -18,6 +18,7 @@
 // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 // DEALINGS IN THE SOFTWARE.
 
+use libp2p_core::identity;
 use snow::SnowError;
 use std::{error::Error, fmt, io};
 
@@ -30,6 +31,10 @@ pub enum NoiseError {
     Noise(SnowError),
     /// A public key is invalid.
     InvalidKey,
+    /// A handshake payload is invalid.
+    InvalidPayload(protobuf::ProtobufError),
+    /// A signature was required and could not be created.
+    SigningError(identity::error::SigningError),
     #[doc(hidden)]
     __Nonexhaustive
 }
@@ -40,6 +45,8 @@ impl fmt::Display for NoiseError {
             NoiseError::Io(e) => write!(f, "{}", e),
             NoiseError::Noise(e) => write!(f, "{}", e),
             NoiseError::InvalidKey => f.write_str("invalid public key"),
+            NoiseError::InvalidPayload(e) => write!(f, "{}", e),
+            NoiseError::SigningError(e) => write!(f, "{}", e),
             NoiseError::__Nonexhaustive => f.write_str("__Nonexhaustive")
         }
     }
@@ -51,6 +58,8 @@ impl Error for NoiseError {
             NoiseError::Io(e) => Some(e),
             NoiseError::Noise(_) => None, // TODO: `SnowError` should implement `Error`.
             NoiseError::InvalidKey => None,
+            NoiseError::InvalidPayload(e) => Some(e),
+            NoiseError::SigningError(e) => Some(e),
             NoiseError::__Nonexhaustive => None
         }
     }
@@ -67,3 +76,16 @@ impl From<SnowError> for NoiseError {
         NoiseError::Noise(e)
     }
 }
+
+impl From<protobuf::ProtobufError> for NoiseError {
+    fn from(e: protobuf::ProtobufError) -> Self {
+        NoiseError::InvalidPayload(e)
+    }
+}
+
+impl From<identity::error::SigningError> for NoiseError {
+    fn from(e: identity::error::SigningError) -> Self {
+        NoiseError::SigningError(e)
+    }
+}
+
diff --git a/protocols/noise/src/io.rs b/protocols/noise/src/io.rs
@@ -18,7 +18,10 @@
 // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 // DEALINGS IN THE SOFTWARE.
 
-use crate::{NoiseError, Protocol, PublicKey};
+//! Noise protocol I/O.
+
+pub mod handshake;
+
 use futures::Poll;
 use log::{debug, trace};
 use snow;
@@ -34,7 +37,7 @@ struct Buffer {
     inner: Box<[u8; TOTAL_BUFFER_LEN]>
 }
 
-/// A mutable borrow of all byte byffers, backed by `Buffer`.
+/// A mutable borrow of all byte buffers, backed by `Buffer`.
 struct BufferBorrow<'a> {
     read: &'a mut [u8],
     read_crypto: &'a mut [u8],
@@ -52,47 +55,6 @@ impl Buffer {
     }
 }
 
-/// A type used during the handshake phase, exchanging key material with the remote.
-pub(super) struct Handshake<T>(NoiseOutput<T>);
-
-impl<T> Handshake<T> {
-    pub(super) fn new(io: T, session: snow::Session) -> Self {
-        Handshake(NoiseOutput::new(io, session))
-    }
-}
-
-impl<T: AsyncRead + AsyncWrite> Handshake<T> {
-    /// Send handshake message to remote.
-    pub(super) fn send(&mut self) -> Poll<(), io::Error> {
-        Ok(self.0.poll_write(&[])?.map(|_| ()))
-    }
-
-    /// Flush handshake message to remote.
-    pub(super) fn flush(&mut self) -> Poll<(), io::Error> {
-        self.0.poll_flush()
-    }
-
-    /// Receive handshake message from remote.
-    pub(super) fn receive(&mut self) -> Poll<(), io::Error> {
-        Ok(self.0.poll_read(&mut [])?.map(|_| ()))
-    }
-
-    /// Finish the handshake.
-    ///
-    /// This turns the noise session into transport mode and returns the remote's static
-    /// public key as well as the established session for further communication.
-    pub(super) fn finish<C>(self) -> Result<(PublicKey<C>, NoiseOutput<T>), NoiseError>
-    where
-        C: Protocol<C>
-    {
-        let s = self.0.session.into_transport_mode()?;
-        let p = s.get_remote_static()
-            .ok_or(NoiseError::InvalidKey)
-            .and_then(C::public_from_bytes)?;
-        Ok((p, NoiseOutput { session: s, .. self.0 }))
-    }
-}
-
 /// A noise session to a remote.
 ///
 /// `T` is the type of the underlying I/O resource.
@@ -388,6 +350,8 @@ impl<T: AsyncWrite> AsyncWrite for NoiseOutput<T> {
 /// When [`io::ErrorKind::WouldBlock`] is returned, the given buffer and offset
 /// may have been updated (i.e. a byte may have been read) and must be preserved
 /// for the next invocation.
+///
+/// Returns `None` if EOF has been encountered.
 fn read_frame_len<R: io::Read>(io: &mut R, buf: &mut [u8; 2], off: &mut usize)
     -> io::Result<Option<u16>>
 {
@@ -410,6 +374,8 @@ fn read_frame_len<R: io::Read>(io: &mut R, buf: &mut [u8; 2], off: &mut usize)
 /// When [`io::ErrorKind::WouldBlock`] is returned, the given offset
 /// may have been updated (i.e. a byte may have been written) and must
 /// be preserved for the next invocation.
+///
+/// Returns `false` if EOF has been encountered.
 fn write_frame_len<W: io::Write>(io: &mut W, buf: &[u8; 2], off: &mut usize)
     -> io::Result<bool>
 {