Merge #300

300: use noise authentication with the XX handshake r=koivunej a=ljedrz The new `0.23` release of `libp2p` seems to have fixed the `noise` incompatibility issues with `go-ipfs`, so update it, drop `SECIO` and use `noise-xx` instead. While I've successfully tested this both ways against a `go-ipfs-0.6` node, an extra manual test won't hurt 😉. fixes https://github.com/rs-ipfs/rust-ipfs/issues/75 fixes https://github.com/rs-ipfs/rust-ipfs/issues/175 Co-authored-by: ljedrz <ljedrz@gmail.com>
2020-08-12 13:46:16 +00:00 · 2020-08-12 13:46:16 +00:00 · fbf4d55100
commit fbf4d55100
parent b17aae2c06 83447e8ec3
5 changed files with 198 additions and 100 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -1,37 +1,57 @@
 # This file is automatically @generated by Cargo.
 # It is not intended for manual editing.
 [[package]]
-name = "aes-ctr"
-version = "0.3.0"
+name = "aead"
+version = "0.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d2e5b0458ea3beae0d1d8c0f3946564f8e10f90646cf78c06b4351052058d1ee"
+checksum = "7fc95d1bdb8e6666b2b217308eeeb09f2d6728d104be3e31916cc74d15420331"
+dependencies = [
+ "generic-array 0.14.3",
+]
+
+[[package]]
+name = "aes"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f7001367fde4c768a19d1029f0a8be5abd9308e1119846d5bd9ad26297b8faf5"
 dependencies = [
 "aes-soft",
 "aesni",
- "ctr",
- "stream-cipher",
+ "block-cipher",
+]
+
+[[package]]
+name = "aes-gcm"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "86f5007801316299f922a6198d1d09a0bae95786815d066d5880d13f7c45ead1"
+dependencies = [
+ "aead",
+ "aes",
+ "block-cipher",
+ "ghash",
+ "subtle 2.2.3",
 ]

 [[package]]
 name = "aes-soft"
-version = "0.3.3"
+version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cfd7e7ae3f9a1fb5c03b389fc6bb9a51400d0c13053f0dca698c832bfd893a0d"
+checksum = "4925647ee64e5056cf231608957ce7c81e12d6d6e316b9ce1404778cc1d35fa7"
 dependencies = [
- "block-cipher-trait",
+ "block-cipher",
 "byteorder 1.3.4",
 "opaque-debug 0.2.3",
 ]

 [[package]]
 name = "aesni"
-version = "0.6.0"
+version = "0.7.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2f70a6b5f971e473091ab7cfb5ffac6cde81666c4556751d8d5620ead8abf100"
+checksum = "d050d39b0b7688b3a3254394c3e30a9d66c41dcf9b05b0e2dbdc623f6505d264"
 dependencies = [
- "block-cipher-trait",
+ "block-cipher",
 "opaque-debug 0.2.3",
- "stream-cipher",
 ]

 [[package]]
@ -178,6 +198,12 @@ dependencies = [
 "syn",
 ]

+[[package]]
+name = "atomic"
+version = "0.4.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "64f46ca51dca4837f1520754d1c8c36636356b81553d928dc9c177025369a06e"
+
 [[package]]
 name = "atomic-waker"
 version = "1.0.0"
@ -244,6 +270,19 @@ dependencies = [
 "unsigned-varint 0.3.3",
 ]

+[[package]]
+name = "blake2"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "84ce5b6108f8e154604bd4eb76a2f726066c3464d5a552a4229262a18c9bb471"
+dependencies = [
+ "byte-tools",
+ "byteorder 1.3.4",
+ "crypto-mac 0.8.0",
+ "digest 0.9.0",
+ "opaque-debug 0.2.3",
+]
+
 [[package]]
 name = "blake2b_simd"
 version = "0.5.10"
@ -288,12 +327,12 @@ dependencies = [
 ]

 [[package]]
-name = "block-cipher-trait"
-version = "0.6.2"
+name = "block-cipher"
+version = "0.7.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1c924d49bd09e7c06003acda26cd9742e796e34282ec6c1189404dee0c1f4774"
+checksum = "fa136449e765dc7faa244561ccae839c394048667929af599b5d931ebe7b7f10"
 dependencies = [
- "generic-array 0.12.3",
+ "generic-array 0.14.3",
 ]

 [[package]]
@ -410,6 +449,29 @@ version = "0.1.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822"

+[[package]]
+name = "chacha20"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "086c0f07ac275808b7bf9a39f2fd013aae1498be83632814c8c4e0bd53f2dc58"
+dependencies = [
+ "stream-cipher",
+ "zeroize",
+]
+
+[[package]]
+name = "chacha20poly1305"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "18b0c90556d8e3fec7cf18d84a2f53d27b21288f2fe481b830fadcf809e48205"
+dependencies = [
+ "aead",
+ "chacha20",
+ "poly1305",
+ "stream-cipher",
+ "zeroize",
+]
+
 [[package]]
 name = "chrono"
 version = "0.4.13"
@ -573,6 +635,16 @@ dependencies = [
 "subtle 1.0.0",
 ]

+[[package]]
+name = "crypto-mac"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b584a330336237c1eecd3e94266efb216c56ed91225d634cb2991c5f3fd1aeab"
+dependencies = [
+ "generic-array 0.14.3",
+ "subtle 2.2.3",
+]
+
 [[package]]
 name = "csv"
 version = "1.1.3"
@ -595,15 +667,6 @@ dependencies = [
 "memchr",
 ]

-[[package]]
-name = "ctr"
-version = "0.3.2"
-source = "git+https://github.com/koivunej/stream-ciphers.git?branch=ctr128-64to128#32000ad390674f0a25f5f85b8964e4a3403ed06a"
-dependencies = [
- "block-cipher-trait",
- "stream-cipher",
-]
-
 [[package]]
 name = "cuckoofilter"
 version = "0.3.2"
@ -1080,6 +1143,15 @@ dependencies = [
 "wasi",
 ]

+[[package]]
+name = "ghash"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d6e27f0689a6e15944bdce7e45425efb87eaa8ab0c6e87f11d0987a9133e2531"
+dependencies = [
+ "polyval",
+]
+
 [[package]]
 name = "h2"
 version = "0.2.6"
@ -1175,7 +1247,7 @@ version = "0.7.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5dcb5e64cda4c23119ab41ba960d1e170a774c8e4b9d9e6a9bc18aabf5e59695"
 dependencies = [
- "crypto-mac",
+ "crypto-mac 0.7.0",
 "digest 0.8.1",
 ]

@ -1485,10 +1557,11 @@ dependencies = [

 [[package]]
 name = "libp2p"
-version = "0.22.0"
+version = "0.23.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0306a49ee6a89468f96089906f36b0eef82c988dcfc8acf3e2dcd6ad1c859f85"
+checksum = "b1ebb6c031584a5af181fe3a1e4b074af5d0b1a3b31663200f0251f4bcff6b5c"
 dependencies = [
+ "atomic",
 "bytes 0.5.6",
 "futures 0.3.5",
 "lazy_static",
@ -1499,8 +1572,8 @@ dependencies = [
 "libp2p-kad",
 "libp2p-mdns",
 "libp2p-mplex",
+ "libp2p-noise",
 "libp2p-ping",
- "libp2p-secio",
 "libp2p-swarm",
 "libp2p-tcp",
 "libp2p-yamux",
@ -1654,6 +1727,28 @@ dependencies = [
 "unsigned-varint 0.4.0",
 ]

+[[package]]
+name = "libp2p-noise"
+version = "0.22.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e594f2de0c23c2b7ad14802c991a2e68e95315c6a6c7715e53801506f20135d"
+dependencies = [
+ "bytes 0.5.6",
+ "curve25519-dalek",
+ "futures 0.3.5",
+ "lazy_static",
+ "libp2p-core",
+ "log",
+ "prost",
+ "prost-build",
+ "rand 0.7.3",
+ "sha2 0.8.2",
+ "snow",
+ "static_assertions",
+ "x25519-dalek",
+ "zeroize",
+]
+
 [[package]]
 name = "libp2p-ping"
 version = "0.20.0"
@ -1669,36 +1764,6 @@ dependencies = [
 "wasm-timer",
 ]

-[[package]]
-name = "libp2p-secio"
-version = "0.20.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5ff43513c383f7cdab2736eb98465fc4c5dd5d1988df89749dc8a68950349d56"
-dependencies = [
- "aes-ctr",
- "ctr",
- "futures 0.3.5",
- "hmac",
- "js-sys",
- "lazy_static",
- "libp2p-core",
- "log",
- "parity-send-wrapper",
- "pin-project",
- "prost",
- "prost-build",
- "quicksink",
- "rand 0.7.3",
- "ring",
- "rw-stream-sink",
- "sha2 0.8.2",
- "static_assertions",
- "twofish",
- "wasm-bindgen",
- "wasm-bindgen-futures",
- "web-sys",
-]
-
 [[package]]
 name = "libp2p-swarm"
 version = "0.20.1"
@ -2071,12 +2136,6 @@ dependencies = [
 "url",
 ]

-[[package]]
-name = "parity-send-wrapper"
-version = "0.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "aa9777aa91b8ad9dd5aaa04a9b6bcb02c7f1deb952fca5a66034d5e63afc5c6f"
-
 [[package]]
 name = "parking"
 version = "1.0.6"
@ -2199,6 +2258,25 @@ dependencies = [
 "web-sys",
 ]

+[[package]]
+name = "poly1305"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d9b42192ab143ed7619bf888a7f9c6733a9a2153b218e2cd557cfdb52fbf9bb1"
+dependencies = [
+ "universal-hash",
+]
+
+[[package]]
+name = "polyval"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d9a50142b55ab3ed0e9f68dfb3709f1d90d29da24e91033f28b96330643107dc"
+dependencies = [
+ "cfg-if",
+ "universal-hash",
+]
+
 [[package]]
 name = "ppv-lite86"
 version = "0.2.8"
@ -2316,17 +2394,6 @@ dependencies = [
 "byteorder 1.3.4",
 ]

-[[package]]
-name = "quicksink"
-version = "0.1.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "77de3c815e5a160b1539c6592796801df2043ae35e123b46d73380cfa57af858"
-dependencies = [
- "futures-core",
- "futures-sink",
- "pin-project-lite",
-]
-
 [[package]]
 name = "quote"
 version = "1.0.7"
@ -2511,6 +2578,7 @@ checksum = "952cd6b98c85bbc30efa1ba5783b8abf12fec8b3287ffa52605b9432313e34e4"
 dependencies = [
 "cc",
 "libc",
+ "once_cell",
 "spin",
 "untrusted",
 "web-sys",
@ -2773,6 +2841,24 @@ dependencies = [
 "winapi 0.3.9",
 ]

+[[package]]
+name = "snow"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "32bf8474159a95551661246cda4976e89356999e3cbfef36f493dacc3fae1e8e"
+dependencies = [
+ "aes-gcm",
+ "blake2",
+ "chacha20poly1305",
+ "rand 0.7.3",
+ "rand_core 0.5.1",
+ "ring",
+ "rustc_version",
+ "sha2 0.9.1",
+ "subtle 2.2.3",
+ "x25519-dalek",
+]
+
 [[package]]
 name = "socket2"
 version = "0.3.12"
@ -2799,11 +2885,11 @@ checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f"

 [[package]]
 name = "stream-cipher"
-version = "0.3.2"
+version = "0.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8131256a5896cabcf5eb04f4d6dacbe1aefda854b0d9896e09cb58829ec5638c"
+checksum = "09f8ed9974042b8c3672ff3030a69fcc03b74c47c3d1ecb7755e8a3626011e88"
 dependencies = [
- "generic-array 0.12.3",
+ "generic-array 0.14.3",
 ]

 [[package]]
@ -3084,17 +3170,6 @@ version = "0.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "59547bce71d9c38b83d9c0e92b6066c4253371f15005def0c30d9657f50c7642"

-[[package]]
-name = "twofish"
-version = "0.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "712d261e83e727c8e2dbb75dacac67c36e35db36a958ee504f2164fc052434e1"
-dependencies = [
- "block-cipher-trait",
- "byteorder 1.3.4",
- "opaque-debug 0.2.3",
-]
-
 [[package]]
 name = "twoway"
 version = "0.2.1"
@ -3174,6 +3249,16 @@ version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564"

+[[package]]
+name = "universal-hash"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8326b2c654932e3e4f9196e69d08fdf7cfd718e1dc6f66b347e6024a0c961402"
+dependencies = [
+ "generic-array 0.14.3",
+ "subtle 2.2.3",
+]
+
 [[package]]
 name = "unsigned-varint"
 version = "0.3.3"
@ -3463,6 +3548,17 @@ dependencies = [
 "winapi-build",
 ]

+[[package]]
+name = "x25519-dalek"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "637ff90c9540fa3073bb577e65033069e4bae7c79d49d74aa3ffdf5342a53217"
+dependencies = [
+ "curve25519-dalek",
+ "rand_core 0.5.1",
+ "zeroize",
+]
+
 [[package]]
 name = "yamux"
 version = "0.4.7"
--- a/Cargo.toml
+++ b/Cargo.toml
@ -24,7 +24,7 @@ domain = { default-features = false, version = "0.5" }
 domain-resolv = { default-features = false, version = "0.5" }
 futures = { default-features = false, features = ["compat", "io-compat"], version = "0.3.5" }
 ipfs-unixfs = { path = "unixfs" }
-libp2p = { default-features = false, features = ["floodsub", "identify", "kad", "tcp-async-std", "mdns", "mplex", "ping", "secio", "yamux"], version = "0.22" }
+libp2p = { default-features = false, features = ["floodsub", "identify", "kad", "tcp-async-std", "mdns", "mplex", "noise", "ping", "yamux"], version = "0.23" }
 multibase = { default-features = false, version = "0.8" }
 multihash = { default-features = false, version = "0.11" }
 prost = { default-features = false, version = "0.6" }
@ -47,9 +47,6 @@ tracing-subscriber = { default-features = false, features = ["fmt", "tracing-log
 [workspace]
 members = [ "bitswap", "http", "unixfs" ]

-[patch.crates-io]
-ctr = { branch = "ctr128-64to128", git = "https://github.com/koivunej/stream-ciphers.git" }
-
 # at least these libp2p components need to be patched if you want to use a local version
 # libp2p = { path = "../libp2p" }
 # libp2p-core = { path = "../libp2p" }
--- a/src/config.rs
+++ b/src/config.rs
@ -161,7 +161,7 @@ impl ConfigFile {
        fs::write(path, string)
    }

-    pub fn secio_key_pair(&self) -> Keypair {
+    pub fn identity_key_pair(&self) -> Keypair {
        self.key.clone_keypair()
    }

--- a/src/lib.rs
+++ b/src/lib.rs
@ -194,7 +194,7 @@ impl Default for IpfsOptions {
            .join("rust-ipfs")
            .join("config.json");
        let config = ConfigFile::new(config_path).unwrap();
-        let keypair = config.secio_key_pair();
+        let keypair = config.identity_key_pair();
        let bootstrap = config.bootstrap();

        IpfsOptions {
--- a/src/p2p/transport.rs
+++ b/src/p2p/transport.rs
@ -2,9 +2,9 @@ use libp2p::core::muxing::StreamMuxerBox;
 use libp2p::core::transport::boxed::Boxed;
 use libp2p::core::transport::upgrade::Version;
 use libp2p::core::upgrade::SelectUpgrade;
-use libp2p::identity::Keypair;
+use libp2p::identity;
 use libp2p::mplex::MplexConfig;
-use libp2p::secio::SecioConfig;
+use libp2p::noise::{self, NoiseConfig};
 use libp2p::tcp::TcpConfig;
 use libp2p::yamux::Config as YamuxConfig;
 use libp2p::{PeerId, Transport};
@ -17,11 +17,16 @@ pub(crate) type TTransport = Boxed<(PeerId, StreamMuxerBox), Error>;
 /// Builds the transport that serves as a common ground for all connections.
 ///
 /// Set up an encrypted TCP transport over the Mplex protocol.
-pub fn build_transport(key: Keypair) -> TTransport {
+pub fn build_transport(keypair: identity::Keypair) -> TTransport {
+    let xx_keypair = noise::Keypair::<noise::X25519Spec>::new()
+        .into_authentic(&keypair)
+        .unwrap();
+    let noise_config = NoiseConfig::xx(xx_keypair).into_authenticated();
+
    TcpConfig::new()
        .nodelay(true)
        .upgrade(Version::V1)
-        .authenticate(SecioConfig::new(key))
+        .authenticate(noise_config)
        .multiplex(SelectUpgrade::new(
            YamuxConfig::default(),
            MplexConfig::new(),