From 83447e8ec34705a3898d90ee22345a3964468422 Mon Sep 17 00:00:00 2001 From: ljedrz Date: Wed, 24 Jun 2020 11:20:16 +0200 Subject: [PATCH] feat: use noise authentication with the XX handshake Signed-off-by: ljedrz --- Cargo.lock | 276 +++++++++++++++++++++++++++++-------------- Cargo.toml | 5 +- src/config.rs | 2 +- src/lib.rs | 2 +- src/p2p/transport.rs | 13 +- 5 files changed, 198 insertions(+), 100 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8e55f582..a35ff195 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1,37 +1,57 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. [[package]] -name = "aes-ctr" -version = "0.3.0" +name = "aead" +version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d2e5b0458ea3beae0d1d8c0f3946564f8e10f90646cf78c06b4351052058d1ee" +checksum = "7fc95d1bdb8e6666b2b217308eeeb09f2d6728d104be3e31916cc74d15420331" +dependencies = [ + "generic-array 0.14.3", +] + +[[package]] +name = "aes" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f7001367fde4c768a19d1029f0a8be5abd9308e1119846d5bd9ad26297b8faf5" dependencies = [ "aes-soft", "aesni", - "ctr", - "stream-cipher", + "block-cipher", +] + +[[package]] +name = "aes-gcm" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86f5007801316299f922a6198d1d09a0bae95786815d066d5880d13f7c45ead1" +dependencies = [ + "aead", + "aes", + "block-cipher", + "ghash", + "subtle 2.2.3", ] [[package]] name = "aes-soft" -version = "0.3.3" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cfd7e7ae3f9a1fb5c03b389fc6bb9a51400d0c13053f0dca698c832bfd893a0d" +checksum = "4925647ee64e5056cf231608957ce7c81e12d6d6e316b9ce1404778cc1d35fa7" dependencies = [ - "block-cipher-trait", + "block-cipher", "byteorder 1.3.4", "opaque-debug 0.2.3", ] [[package]] name = "aesni" -version = "0.6.0" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f70a6b5f971e473091ab7cfb5ffac6cde81666c4556751d8d5620ead8abf100" +checksum = "d050d39b0b7688b3a3254394c3e30a9d66c41dcf9b05b0e2dbdc623f6505d264" dependencies = [ - "block-cipher-trait", + "block-cipher", "opaque-debug 0.2.3", - "stream-cipher", ] [[package]] @@ -178,6 +198,12 @@ dependencies = [ "syn", ] +[[package]] +name = "atomic" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64f46ca51dca4837f1520754d1c8c36636356b81553d928dc9c177025369a06e" + [[package]] name = "atomic-waker" version = "1.0.0" @@ -244,6 +270,19 @@ dependencies = [ "unsigned-varint 0.3.3", ] +[[package]] +name = "blake2" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "84ce5b6108f8e154604bd4eb76a2f726066c3464d5a552a4229262a18c9bb471" +dependencies = [ + "byte-tools", + "byteorder 1.3.4", + "crypto-mac 0.8.0", + "digest 0.9.0", + "opaque-debug 0.2.3", +] + [[package]] name = "blake2b_simd" version = "0.5.10" @@ -288,12 +327,12 @@ dependencies = [ ] [[package]] -name = "block-cipher-trait" -version = "0.6.2" +name = "block-cipher" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c924d49bd09e7c06003acda26cd9742e796e34282ec6c1189404dee0c1f4774" +checksum = "fa136449e765dc7faa244561ccae839c394048667929af599b5d931ebe7b7f10" dependencies = [ - "generic-array 0.12.3", + "generic-array 0.14.3", ] [[package]] @@ -410,6 +449,29 @@ version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" +[[package]] +name = "chacha20" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "086c0f07ac275808b7bf9a39f2fd013aae1498be83632814c8c4e0bd53f2dc58" +dependencies = [ + "stream-cipher", + "zeroize", +] + +[[package]] +name = "chacha20poly1305" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "18b0c90556d8e3fec7cf18d84a2f53d27b21288f2fe481b830fadcf809e48205" +dependencies = [ + "aead", + "chacha20", + "poly1305", + "stream-cipher", + "zeroize", +] + [[package]] name = "chrono" version = "0.4.13" @@ -573,6 +635,16 @@ dependencies = [ "subtle 1.0.0", ] +[[package]] +name = "crypto-mac" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b584a330336237c1eecd3e94266efb216c56ed91225d634cb2991c5f3fd1aeab" +dependencies = [ + "generic-array 0.14.3", + "subtle 2.2.3", +] + [[package]] name = "csv" version = "1.1.3" @@ -595,15 +667,6 @@ dependencies = [ "memchr", ] -[[package]] -name = "ctr" -version = "0.3.2" -source = "git+https://github.com/koivunej/stream-ciphers.git?branch=ctr128-64to128#32000ad390674f0a25f5f85b8964e4a3403ed06a" -dependencies = [ - "block-cipher-trait", - "stream-cipher", -] - [[package]] name = "cuckoofilter" version = "0.3.2" @@ -1080,6 +1143,15 @@ dependencies = [ "wasi", ] +[[package]] +name = "ghash" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6e27f0689a6e15944bdce7e45425efb87eaa8ab0c6e87f11d0987a9133e2531" +dependencies = [ + "polyval", +] + [[package]] name = "h2" version = "0.2.6" @@ -1175,7 +1247,7 @@ version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5dcb5e64cda4c23119ab41ba960d1e170a774c8e4b9d9e6a9bc18aabf5e59695" dependencies = [ - "crypto-mac", + "crypto-mac 0.7.0", "digest 0.8.1", ] @@ -1485,10 +1557,11 @@ dependencies = [ [[package]] name = "libp2p" -version = "0.22.0" +version = "0.23.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0306a49ee6a89468f96089906f36b0eef82c988dcfc8acf3e2dcd6ad1c859f85" +checksum = "b1ebb6c031584a5af181fe3a1e4b074af5d0b1a3b31663200f0251f4bcff6b5c" dependencies = [ + "atomic", "bytes 0.5.6", "futures 0.3.5", "lazy_static", @@ -1499,8 +1572,8 @@ dependencies = [ "libp2p-kad", "libp2p-mdns", "libp2p-mplex", + "libp2p-noise", "libp2p-ping", - "libp2p-secio", "libp2p-swarm", "libp2p-tcp", "libp2p-yamux", @@ -1654,6 +1727,28 @@ dependencies = [ "unsigned-varint 0.4.0", ] +[[package]] +name = "libp2p-noise" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e594f2de0c23c2b7ad14802c991a2e68e95315c6a6c7715e53801506f20135d" +dependencies = [ + "bytes 0.5.6", + "curve25519-dalek", + "futures 0.3.5", + "lazy_static", + "libp2p-core", + "log", + "prost", + "prost-build", + "rand 0.7.3", + "sha2 0.8.2", + "snow", + "static_assertions", + "x25519-dalek", + "zeroize", +] + [[package]] name = "libp2p-ping" version = "0.20.0" @@ -1669,36 +1764,6 @@ dependencies = [ "wasm-timer", ] -[[package]] -name = "libp2p-secio" -version = "0.20.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5ff43513c383f7cdab2736eb98465fc4c5dd5d1988df89749dc8a68950349d56" -dependencies = [ - "aes-ctr", - "ctr", - "futures 0.3.5", - "hmac", - "js-sys", - "lazy_static", - "libp2p-core", - "log", - "parity-send-wrapper", - "pin-project", - "prost", - "prost-build", - "quicksink", - "rand 0.7.3", - "ring", - "rw-stream-sink", - "sha2 0.8.2", - "static_assertions", - "twofish", - "wasm-bindgen", - "wasm-bindgen-futures", - "web-sys", -] - [[package]] name = "libp2p-swarm" version = "0.20.1" @@ -2071,12 +2136,6 @@ dependencies = [ "url", ] -[[package]] -name = "parity-send-wrapper" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa9777aa91b8ad9dd5aaa04a9b6bcb02c7f1deb952fca5a66034d5e63afc5c6f" - [[package]] name = "parking" version = "1.0.6" @@ -2199,6 +2258,25 @@ dependencies = [ "web-sys", ] +[[package]] +name = "poly1305" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9b42192ab143ed7619bf888a7f9c6733a9a2153b218e2cd557cfdb52fbf9bb1" +dependencies = [ + "universal-hash", +] + +[[package]] +name = "polyval" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9a50142b55ab3ed0e9f68dfb3709f1d90d29da24e91033f28b96330643107dc" +dependencies = [ + "cfg-if", + "universal-hash", +] + [[package]] name = "ppv-lite86" version = "0.2.8" @@ -2316,17 +2394,6 @@ dependencies = [ "byteorder 1.3.4", ] -[[package]] -name = "quicksink" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77de3c815e5a160b1539c6592796801df2043ae35e123b46d73380cfa57af858" -dependencies = [ - "futures-core", - "futures-sink", - "pin-project-lite", -] - [[package]] name = "quote" version = "1.0.7" @@ -2511,6 +2578,7 @@ checksum = "952cd6b98c85bbc30efa1ba5783b8abf12fec8b3287ffa52605b9432313e34e4" dependencies = [ "cc", "libc", + "once_cell", "spin", "untrusted", "web-sys", @@ -2773,6 +2841,24 @@ dependencies = [ "winapi 0.3.9", ] +[[package]] +name = "snow" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32bf8474159a95551661246cda4976e89356999e3cbfef36f493dacc3fae1e8e" +dependencies = [ + "aes-gcm", + "blake2", + "chacha20poly1305", + "rand 0.7.3", + "rand_core 0.5.1", + "ring", + "rustc_version", + "sha2 0.9.1", + "subtle 2.2.3", + "x25519-dalek", +] + [[package]] name = "socket2" version = "0.3.12" @@ -2799,11 +2885,11 @@ checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" [[package]] name = "stream-cipher" -version = "0.3.2" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8131256a5896cabcf5eb04f4d6dacbe1aefda854b0d9896e09cb58829ec5638c" +checksum = "09f8ed9974042b8c3672ff3030a69fcc03b74c47c3d1ecb7755e8a3626011e88" dependencies = [ - "generic-array 0.12.3", + "generic-array 0.14.3", ] [[package]] @@ -3084,17 +3170,6 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "59547bce71d9c38b83d9c0e92b6066c4253371f15005def0c30d9657f50c7642" -[[package]] -name = "twofish" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "712d261e83e727c8e2dbb75dacac67c36e35db36a958ee504f2164fc052434e1" -dependencies = [ - "block-cipher-trait", - "byteorder 1.3.4", - "opaque-debug 0.2.3", -] - [[package]] name = "twoway" version = "0.2.1" @@ -3174,6 +3249,16 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564" +[[package]] +name = "universal-hash" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8326b2c654932e3e4f9196e69d08fdf7cfd718e1dc6f66b347e6024a0c961402" +dependencies = [ + "generic-array 0.14.3", + "subtle 2.2.3", +] + [[package]] name = "unsigned-varint" version = "0.3.3" @@ -3463,6 +3548,17 @@ dependencies = [ "winapi-build", ] +[[package]] +name = "x25519-dalek" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "637ff90c9540fa3073bb577e65033069e4bae7c79d49d74aa3ffdf5342a53217" +dependencies = [ + "curve25519-dalek", + "rand_core 0.5.1", + "zeroize", +] + [[package]] name = "yamux" version = "0.4.7" diff --git a/Cargo.toml b/Cargo.toml index ae734f22..fcb0eaa4 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -24,7 +24,7 @@ domain = { default-features = false, version = "0.5" } domain-resolv = { default-features = false, version = "0.5" } futures = { default-features = false, features = ["compat", "io-compat"], version = "0.3.5" } ipfs-unixfs = { path = "unixfs" } -libp2p = { default-features = false, features = ["floodsub", "identify", "kad", "tcp-async-std", "mdns", "mplex", "ping", "secio", "yamux"], version = "0.22" } +libp2p = { default-features = false, features = ["floodsub", "identify", "kad", "tcp-async-std", "mdns", "mplex", "noise", "ping", "yamux"], version = "0.23" } multibase = { default-features = false, version = "0.8" } multihash = { default-features = false, version = "0.11" } prost = { default-features = false, version = "0.6" } @@ -47,9 +47,6 @@ tracing-subscriber = { default-features = false, features = ["fmt", "tracing-log [workspace] members = [ "bitswap", "http", "unixfs" ] -[patch.crates-io] -ctr = { branch = "ctr128-64to128", git = "https://github.com/koivunej/stream-ciphers.git" } - # at least these libp2p components need to be patched if you want to use a local version # libp2p = { path = "../libp2p" } # libp2p-core = { path = "../libp2p" } diff --git a/src/config.rs b/src/config.rs index 73736842..039df456 100644 --- a/src/config.rs +++ b/src/config.rs @@ -161,7 +161,7 @@ impl ConfigFile { fs::write(path, string) } - pub fn secio_key_pair(&self) -> Keypair { + pub fn identity_key_pair(&self) -> Keypair { self.key.clone_keypair() } diff --git a/src/lib.rs b/src/lib.rs index 5d17e641..6a578c76 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -194,7 +194,7 @@ impl Default for IpfsOptions { .join("rust-ipfs") .join("config.json"); let config = ConfigFile::new(config_path).unwrap(); - let keypair = config.secio_key_pair(); + let keypair = config.identity_key_pair(); let bootstrap = config.bootstrap(); IpfsOptions { diff --git a/src/p2p/transport.rs b/src/p2p/transport.rs index a003e19a..b50d36f4 100644 --- a/src/p2p/transport.rs +++ b/src/p2p/transport.rs @@ -2,9 +2,9 @@ use libp2p::core::muxing::StreamMuxerBox; use libp2p::core::transport::boxed::Boxed; use libp2p::core::transport::upgrade::Version; use libp2p::core::upgrade::SelectUpgrade; -use libp2p::identity::Keypair; +use libp2p::identity; use libp2p::mplex::MplexConfig; -use libp2p::secio::SecioConfig; +use libp2p::noise::{self, NoiseConfig}; use libp2p::tcp::TcpConfig; use libp2p::yamux::Config as YamuxConfig; use libp2p::{PeerId, Transport}; @@ -17,11 +17,16 @@ pub(crate) type TTransport = Boxed<(PeerId, StreamMuxerBox), Error>; /// Builds the transport that serves as a common ground for all connections. /// /// Set up an encrypted TCP transport over the Mplex protocol. -pub fn build_transport(key: Keypair) -> TTransport { +pub fn build_transport(keypair: identity::Keypair) -> TTransport { + let xx_keypair = noise::Keypair::::new() + .into_authentic(&keypair) + .unwrap(); + let noise_config = NoiseConfig::xx(xx_keypair).into_authenticated(); + TcpConfig::new() .nodelay(true) .upgrade(Version::V1) - .authenticate(SecioConfig::new(key)) + .authenticate(noise_config) .multiplex(SelectUpgrade::new( YamuxConfig::default(), MplexConfig::new(),