From 9c3ec2525eaa16cb5da1edbe2646219541c4e2c7 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Thu, 11 Jul 2019 12:50:04 -0400 Subject: [PATCH 01/10] add plaintext/2.0.0 (with ugly protoc hack) --- crypto/key.go | 26 ++- go.mod | 1 + go.sum | 4 + sec/insecure/insecure.go | 171 ++++++++++++-- sec/insecure/insecure_test.go | 161 +++++++++++++ sec/insecure/pb/Makefile | 11 + sec/insecure/pb/plaintext.pb.go | 402 ++++++++++++++++++++++++++++++++ sec/insecure/pb/plaintext.proto | 11 + 8 files changed, 764 insertions(+), 23 deletions(-) create mode 100644 sec/insecure/insecure_test.go create mode 100644 sec/insecure/pb/Makefile create mode 100644 sec/insecure/pb/plaintext.pb.go create mode 100644 sec/insecure/pb/plaintext.proto diff --git a/crypto/key.go b/crypto/key.go index 50167dbe..a3ce9070 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -276,29 +276,43 @@ func UnmarshalPublicKey(data []byte) (PubKey, error) { if err != nil { return nil, err } + return PublicKeyFromProto(*pmes) +} - um, ok := PubKeyUnmarshallers[pmes.GetType()] +func PublicKeyFromProto(keyMessage pb.PublicKey) (PubKey, error) { + um, ok := PubKeyUnmarshallers[keyMessage.GetType()] if !ok { return nil, ErrBadKeyType } - return um(pmes.GetData()) + return um(keyMessage.GetData()) } // MarshalPublicKey converts a public key object into a protobuf serialized // public key func MarshalPublicKey(k PubKey) ([]byte, error) { - pbmes := new(pb.PublicKey) - pbmes.Type = k.Type() - data, err := k.Raw() + pbmes, err := PublicKeyToProto(k) if err != nil { return nil, err } - pbmes.Data = data return proto.Marshal(pbmes) } +// PublicKeyToProto converts a public key object into an unserialized protobuf +// PublicKey message. +func PublicKeyToProto(k PubKey) (*pb.PublicKey, error) { + data, err := k.Raw() + if err != nil { + return nil, err + } + + pbmes := new(pb.PublicKey) + pbmes.Type = k.Type() + pbmes.Data = data + return pbmes, nil +} + // UnmarshalPrivateKey converts a protobuf serialized private key into its // representative object func UnmarshalPrivateKey(data []byte) (PrivKey, error) { diff --git a/go.mod b/go.mod index 6932c043..f0feeac3 100644 --- a/go.mod +++ b/go.mod @@ -7,6 +7,7 @@ require ( github.com/ipfs/go-cid v0.0.2 github.com/jbenet/goprocess v0.1.3 github.com/libp2p/go-flow-metrics v0.0.1 + github.com/libp2p/go-msgio v0.0.4 github.com/minio/sha256-simd v0.1.0 github.com/mr-tron/base58 v1.1.2 github.com/multiformats/go-multiaddr v0.0.4 diff --git a/go.sum b/go.sum index f2aa900e..d5de3697 100644 --- a/go.sum +++ b/go.sum @@ -51,8 +51,12 @@ github.com/kisielk/gotool v1.0.0 h1:AV2c/EiW3KqPNT9ZKl07ehoAGi4C5/01Cfbblndcapg= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kkdai/bstream v0.0.0-20161212061736-f391b8402d23 h1:FOOIBWrEkLgmlgGfMuZT83xIwfPDxEI2OHu6xUmJMFE= github.com/kkdai/bstream v0.0.0-20161212061736-f391b8402d23/go.mod h1:J+Gs4SYgM6CZQHDETBtE9HaSEkGmuNXF86RwHhHUvq4= +github.com/libp2p/go-buffer-pool v0.0.1 h1:9Rrn/H46cXjaA2HQ5Y8lyhOS1NhTkZ4yuEs2r3Eechg= +github.com/libp2p/go-buffer-pool v0.0.1/go.mod h1:xtyIz9PMobb13WaxR6Zo1Pd1zXJKYg0a8KiIvDp3TzQ= github.com/libp2p/go-flow-metrics v0.0.1 h1:0gxuFd2GuK7IIP5pKljLwps6TvcuYgvG7Atqi3INF5s= github.com/libp2p/go-flow-metrics v0.0.1/go.mod h1:Iv1GH0sG8DtYN3SVJ2eG221wMiNpZxBdp967ls1g+k8= +github.com/libp2p/go-msgio v0.0.4 h1:agEFehY3zWJFUHK6SEMR7UYmk2z6kC3oeCM7ybLhguA= +github.com/libp2p/go-msgio v0.0.4/go.mod h1:63lBBgOTDKQL6EWazRMCwXsEeEeK9O2Cd+0+6OOuipQ= github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 h1:lYpkrQH5ajf0OXOcUbGjvZxxijuBwbbmlSxLiuofa+g= github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ= github.com/minio/sha256-simd v0.0.0-20190131020904-2d45a736cd16 h1:5W7KhL8HVF3XCFOweFD3BNESdnO8ewyYTFT2R+/b8FQ= diff --git a/sec/insecure/insecure.go b/sec/insecure/insecure.go index 801569cb..2bffe4f8 100644 --- a/sec/insecure/insecure.go +++ b/sec/insecure/insecure.go @@ -5,29 +5,35 @@ package insecure import ( "context" + "fmt" + "github.com/gogo/protobuf/proto" + "github.com/libp2p/go-msgio" "net" "github.com/libp2p/go-libp2p-core/peer" "github.com/libp2p/go-libp2p-core/sec" ci "github.com/libp2p/go-libp2p-core/crypto" + pb "github.com/libp2p/go-libp2p-core/sec/insecure/pb" ) // ID is the multistream-select protocol ID that should be used when identifying // this security transport. -const ID = "/plaintext/1.0.0" +const ID = "/plaintext/2.0.0" // Transport is a no-op stream security transport. It provides no // security and simply mocks the security and identity methods to // return peer IDs known ahead of time. type Transport struct { - id peer.ID + id peer.ID + key ci.PrivKey } // New constructs a new insecure transport. -func New(id peer.ID) *Transport { +func New(id peer.ID, key ci.PrivKey) *Transport { return &Transport{ - id: id, + id: id, + key: key, } } @@ -36,33 +42,163 @@ func (t *Transport) LocalPeer() peer.ID { return t.id } -// LocalPrivateKey returns nil. This transport is not secure. +// LocalPrivateKey returns the local private key. +// This key is used only for identity generation and provides no security. func (t *Transport) LocalPrivateKey() ci.PrivKey { - return nil + return t.key } // SecureInbound *pretends to secure* an outbound connection to the given peer. +// It sends the local peer's ID and public key, and receives the same from the remote peer. +// No validation is performed as to the authenticity or ownership of the provided public key, +// and the key exchange provides no security. +// +// SecureInbound may fail if the remote peer sends an ID and public key that are inconsistent +// with each other, or if a network error occurs during the ID exchange. func (t *Transport) SecureInbound(ctx context.Context, insecure net.Conn) (sec.SecureConn, error) { - return &Conn{ + conn := &Conn{ Conn: insecure, local: t.id, - }, nil + localPrivKey: t.key, + } + + err := conn.runHandshakeSync(ctx) + if err != nil { + return nil, err + } + + return conn, nil } // SecureOutbound *pretends to secure* an outbound connection to the given peer. +// It sends the local peer's ID and public key, and receives the same from the remote peer. +// No validation is performed as to the authenticity or ownership of the provided public key, +// and the key exchange provides no security. +// +// SecureOutbound may fail if the remote peer sends an ID and public key that are inconsistent +// with each other, or if the ID sent by the remote peer does not match the one dialed. It may +// also fail if a network error occurs during the ID exchange. func (t *Transport) SecureOutbound(ctx context.Context, insecure net.Conn, p peer.ID) (sec.SecureConn, error) { - return &Conn{ - Conn: insecure, - local: t.id, - remote: p, - }, nil + conn := &Conn{ + Conn: insecure, + local: t.id, + localPrivKey: t.key, + } + + err := conn.runHandshakeSync(ctx) + if err != nil { + return nil, err + } + + if p != conn.remote { + return nil, fmt.Errorf("remote peer sent unexpected peer ID. expected=%s received=%s", + p, conn.remote) + } + + if !p.MatchesPublicKey(conn.remotePubKey) { + return nil, fmt.Errorf("remote public key does not match expected peer ID") + } + + return conn, nil } // Conn is the connection type returned by the insecure transport. type Conn struct { net.Conn + local peer.ID remote peer.ID + + localPrivKey ci.PrivKey + remotePubKey ci.PubKey +} + +func makeExchangeMessage(privkey ci.PrivKey) (*pb.Exchange, error) { + pubkey, err := ci.PublicKeyToProto(privkey.GetPublic()) + if err != nil { + return nil, err + } + id, err := peer.IDFromPrivateKey(privkey) + if err != nil { + return nil, err + } + + return &pb.Exchange{ + Id: []byte(id), + Pubkey: pubkey, + }, nil +} + +func (ic *Conn) runHandshakeSync(ctx context.Context) error { + insecureM := msgio.NewReadWriter(ic.Conn) + + // Generate an Exchange message + msg, err := makeExchangeMessage(ic.localPrivKey) + if err != nil { + return err + } + + msgBytes, err := proto.Marshal(msg) + if err != nil { + return err + } + + // Send our Exchange and read theirs + remoteExchangeBytes, err := readWriteMsg(insecureM, msgBytes) + if err != nil { + return err + } + + remoteMsg := new(pb.Exchange) + err = proto.Unmarshal(remoteExchangeBytes, remoteMsg) + if err != nil { + return err + } + + // Pull remote ID and public key from message + remotePubkey, err := ci.PublicKeyFromProto(*remoteMsg.Pubkey) + if err != nil { + return err + } + + remoteID, err := peer.IDFromPublicKey(remotePubkey) + if err != nil { + return err + } + + // Validate that ID matches public key + if !remoteID.MatchesPublicKey(remotePubkey) { + calculatedID, _ := peer.IDFromPublicKey(remotePubkey) + return fmt.Errorf("remote peer id does not match public key. id=%s calculated_id=%s", + remoteID, calculatedID) + } + + // Add remote ID and key to conn state + ic.remotePubKey = remotePubkey + ic.remote = remoteID + return nil +} + +// read and write a message at the same time. +func readWriteMsg(c msgio.ReadWriter, out []byte) ([]byte, error) { + wresult := make(chan error) + go func() { + wresult <- c.WriteMsg(out) + }() + + msg, err1 := c.ReadMsg() + + // Always wait for the read to finish. + err2 := <-wresult + + if err1 != nil { + return nil, err1 + } + if err2 != nil { + c.ReleaseMsg(msg) + return nil, err2 + } + return msg, nil } // LocalPeer returns the local peer ID. @@ -76,14 +212,15 @@ func (ic *Conn) RemotePeer() peer.ID { return ic.remote } -// RemotePublicKey returns nil. This connection is not secure +// RemotePublicKey returns whatever public key was given by the remote peer. +// Note that no verification of ownership is done, as this connection is not secure. func (ic *Conn) RemotePublicKey() ci.PubKey { - return nil + return ic.remotePubKey } -// LocalPrivateKey returns nil. This connection is not secure. +// LocalPrivateKey returns the private key for the local peer. func (ic *Conn) LocalPrivateKey() ci.PrivKey { - return nil + return ic.localPrivKey } var _ sec.SecureTransport = (*Transport)(nil) diff --git a/sec/insecure/insecure_test.go b/sec/insecure/insecure_test.go new file mode 100644 index 00000000..539969d6 --- /dev/null +++ b/sec/insecure/insecure_test.go @@ -0,0 +1,161 @@ +package insecure + +import ( + "bytes" + "github.com/libp2p/go-libp2p-core/peer" + "github.com/libp2p/go-libp2p-core/sec" + "context" + "io" + "net" + "testing" + + ci "github.com/libp2p/go-libp2p-core/crypto" +) + +// Run a set of sessions through the session setup and verification. +func TestConnections(t *testing.T) { + clientTpt := newTestTransport(t, ci.RSA, 1024) + serverTpt := newTestTransport(t, ci.Ed25519, 1024) + + testConnection(t, clientTpt, serverTpt) +} + +func newTestTransport(t *testing.T, typ, bits int) *Transport { + priv, pub, err := ci.GenerateKeyPair(typ, bits) + if err != nil { + t.Fatal(err) + } + id, err := peer.IDFromPublicKey(pub) + if err != nil { + t.Fatal(err) + } + + return &Transport{ + id: id, + key: priv, + } +} + + +// Create a new pair of connected TCP sockets. +func newConnPair(t *testing.T) (net.Conn, net.Conn) { + lstnr, err := net.Listen("tcp", "localhost:0") + if err != nil { + t.Fatalf("Failed to listen: %v", err) + return nil, nil + } + + var clientErr error + var client net.Conn + addr := lstnr.Addr() + done := make(chan struct{}) + + go func() { + defer close(done) + client, clientErr = net.Dial(addr.Network(), addr.String()) + }() + + server, err := lstnr.Accept() + <-done + + lstnr.Close() + + if err != nil { + t.Fatalf("Failed to accept: %v", err) + } + + if clientErr != nil { + t.Fatalf("Failed to connect: %v", clientErr) + } + + return client, server +} + +// Create a new pair of connected sessions based off of the provided +// session generators. +func connect(t *testing.T, clientTpt, serverTpt *Transport) (sec.SecureConn, sec.SecureConn) { + client, server := newConnPair(t) + + // Connect the client and server sessions + done := make(chan struct{}) + + var clientConn sec.SecureConn + var clientErr error + go func() { + defer close(done) + clientConn, clientErr = clientTpt.SecureOutbound(context.TODO(), client, serverTpt.LocalPeer()) + }() + + serverConn, serverErr := serverTpt.SecureInbound(context.TODO(), server) + <-done + + if serverErr != nil { + t.Fatal(serverErr) + } + + if clientErr != nil { + t.Fatal(clientErr) + } + + return clientConn, serverConn +} + +// Check the peer IDs +func testIDs(t *testing.T, clientTpt, serverTpt *Transport, clientConn, serverConn sec.SecureConn) { + if clientConn.LocalPeer() != clientTpt.LocalPeer() { + t.Fatal("Client Local Peer ID mismatch.") + } + + if clientConn.RemotePeer() != serverTpt.LocalPeer() { + t.Fatal("Client Remote Peer ID mismatch.") + } + + if clientConn.LocalPeer() != serverConn.RemotePeer() { + t.Fatal("Server Local Peer ID mismatch.") + } +} + +// Check the keys +func testKeys(t *testing.T, clientTpt, serverTpt *Transport, clientConn, serverConn sec.SecureConn) { + sk := serverConn.LocalPrivateKey() + pk := sk.GetPublic() + + if !sk.Equals(serverTpt.LocalPrivateKey()) { + t.Error("Private key Mismatch.") + } + + if !pk.Equals(clientConn.RemotePublicKey()) { + t.Error("Public key mismatch.") + } +} + +// Check sending and receiving messages +func testReadWrite(t *testing.T, clientConn, serverConn sec.SecureConn) { + before := []byte("hello world") + _, err := clientConn.Write(before) + if err != nil { + t.Fatal(err) + } + + after := make([]byte, len(before)) + _, err = io.ReadFull(serverConn, after) + if err != nil { + t.Fatal(err) + } + + if !bytes.Equal(before, after) { + t.Errorf("Message mismatch. %v != %v", before, after) + } +} + +// Setup a new session with a pair of locally connected sockets +func testConnection(t *testing.T, clientTpt, serverTpt *Transport) { + clientConn, serverConn := connect(t, clientTpt, serverTpt) + + testIDs(t, clientTpt, serverTpt, clientConn, serverConn) + testKeys(t, clientTpt, serverTpt, clientConn, serverConn) + testReadWrite(t, clientConn, serverConn) + + clientConn.Close() + serverConn.Close() +} \ No newline at end of file diff --git a/sec/insecure/pb/Makefile b/sec/insecure/pb/Makefile new file mode 100644 index 00000000..c6f73f03 --- /dev/null +++ b/sec/insecure/pb/Makefile @@ -0,0 +1,11 @@ +PB = $(wildcard *.proto) +GO = $(PB:.proto=.pb.go) + +all: $(GO) + +%.pb.go: %.proto + protoc --proto_path=$(GOPATH)/src:../../..:. --gogofaster_out=. $< + +clean: + rm -f *.pb.go + rm -f *.go diff --git a/sec/insecure/pb/plaintext.pb.go b/sec/insecure/pb/plaintext.pb.go new file mode 100644 index 00000000..ed60da02 --- /dev/null +++ b/sec/insecure/pb/plaintext.pb.go @@ -0,0 +1,402 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: plaintext.proto + +package plaintext_pb + +import ( + pb "github.com/libp2p/go-libp2p-core/crypto/pb" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package + +type Exchange struct { + Id []byte `protobuf:"bytes,1,opt,name=id" json:"id"` + Pubkey *pb.PublicKey `protobuf:"bytes,2,opt,name=pubkey" json:"pubkey,omitempty"` +} + +func (m *Exchange) Reset() { *m = Exchange{} } +func (m *Exchange) String() string { return proto.CompactTextString(m) } +func (*Exchange) ProtoMessage() {} +func (*Exchange) Descriptor() ([]byte, []int) { + return fileDescriptor_aba144f73931b711, []int{0} +} +func (m *Exchange) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Exchange) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Exchange.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalTo(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Exchange) XXX_Merge(src proto.Message) { + xxx_messageInfo_Exchange.Merge(m, src) +} +func (m *Exchange) XXX_Size() int { + return m.Size() +} +func (m *Exchange) XXX_DiscardUnknown() { + xxx_messageInfo_Exchange.DiscardUnknown(m) +} + +var xxx_messageInfo_Exchange proto.InternalMessageInfo + +func (m *Exchange) GetId() []byte { + if m != nil { + return m.Id + } + return nil +} + +func (m *Exchange) GetPubkey() *pb.PublicKey { + if m != nil { + return m.Pubkey + } + return nil +} + +func init() { + proto.RegisterType((*Exchange)(nil), "plaintext.pb.Exchange") +} + +func init() { proto.RegisterFile("plaintext.proto", fileDescriptor_aba144f73931b711) } + +var fileDescriptor_aba144f73931b711 = []byte{ + // 159 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x2f, 0xc8, 0x49, 0xcc, + 0xcc, 0x2b, 0x49, 0xad, 0x28, 0xd1, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0xe2, 0x41, 0x12, 0x48, + 0x92, 0x12, 0x4b, 0x2e, 0xaa, 0x2c, 0x28, 0xc9, 0xd7, 0x2f, 0x48, 0xd2, 0x87, 0xb0, 0x20, 0xaa, + 0x94, 0xfc, 0xb8, 0x38, 0x5c, 0x2b, 0x92, 0x33, 0x12, 0xf3, 0xd2, 0x53, 0x85, 0x44, 0xb8, 0x98, + 0x32, 0x53, 0x24, 0x18, 0x15, 0x18, 0x35, 0x78, 0x9c, 0x58, 0x4e, 0xdc, 0x93, 0x67, 0x08, 0x62, + 0xca, 0x4c, 0x11, 0xd2, 0xe1, 0x62, 0x2b, 0x28, 0x4d, 0xca, 0x4e, 0xad, 0x94, 0x60, 0x52, 0x60, + 0xd4, 0xe0, 0x36, 0x12, 0xd1, 0x83, 0x19, 0x90, 0xa4, 0x17, 0x50, 0x9a, 0x94, 0x93, 0x99, 0xec, + 0x9d, 0x5a, 0x19, 0x04, 0x55, 0xe3, 0x24, 0x71, 0xe2, 0x91, 0x1c, 0xe3, 0x85, 0x47, 0x72, 0x8c, + 0x0f, 0x1e, 0xc9, 0x31, 0x4e, 0x78, 0x2c, 0xc7, 0x70, 0xe1, 0xb1, 0x1c, 0xc3, 0x8d, 0xc7, 0x72, + 0x0c, 0x80, 0x00, 0x00, 0x00, 0xff, 0xff, 0x2b, 0x97, 0xbc, 0x9e, 0xa1, 0x00, 0x00, 0x00, +} + +func (m *Exchange) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Exchange) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if m.Id != nil { + dAtA[i] = 0xa + i++ + i = encodeVarintPlaintext(dAtA, i, uint64(len(m.Id))) + i += copy(dAtA[i:], m.Id) + } + if m.Pubkey != nil { + dAtA[i] = 0x12 + i++ + i = encodeVarintPlaintext(dAtA, i, uint64(m.Pubkey.Size())) + n1, err := m.Pubkey.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n1 + } + return i, nil +} + +func encodeVarintPlaintext(dAtA []byte, offset int, v uint64) int { + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return offset + 1 +} +func (m *Exchange) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Id != nil { + l = len(m.Id) + n += 1 + l + sovPlaintext(uint64(l)) + } + if m.Pubkey != nil { + l = m.Pubkey.Size() + n += 1 + l + sovPlaintext(uint64(l)) + } + return n +} + +func sovPlaintext(x uint64) (n int) { + for { + n++ + x >>= 7 + if x == 0 { + break + } + } + return n +} +func sozPlaintext(x uint64) (n int) { + return sovPlaintext(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (m *Exchange) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowPlaintext + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Exchange: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Exchange: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Id", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowPlaintext + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthPlaintext + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthPlaintext + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Id = append(m.Id[:0], dAtA[iNdEx:postIndex]...) + if m.Id == nil { + m.Id = []byte{} + } + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Pubkey", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowPlaintext + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthPlaintext + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthPlaintext + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Pubkey == nil { + m.Pubkey = &pb.PublicKey{} + } + if err := m.Pubkey.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipPlaintext(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthPlaintext + } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthPlaintext + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipPlaintext(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowPlaintext + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowPlaintext + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + return iNdEx, nil + case 1: + iNdEx += 8 + return iNdEx, nil + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowPlaintext + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthPlaintext + } + iNdEx += length + if iNdEx < 0 { + return 0, ErrInvalidLengthPlaintext + } + return iNdEx, nil + case 3: + for { + var innerWire uint64 + var start int = iNdEx + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowPlaintext + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + innerWire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + innerWireType := int(innerWire & 0x7) + if innerWireType == 4 { + break + } + next, err := skipPlaintext(dAtA[start:]) + if err != nil { + return 0, err + } + iNdEx = start + next + if iNdEx < 0 { + return 0, ErrInvalidLengthPlaintext + } + } + return iNdEx, nil + case 4: + return iNdEx, nil + case 5: + iNdEx += 4 + return iNdEx, nil + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + } + panic("unreachable") +} + +var ( + ErrInvalidLengthPlaintext = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowPlaintext = fmt.Errorf("proto: integer overflow") +) diff --git a/sec/insecure/pb/plaintext.proto b/sec/insecure/pb/plaintext.proto new file mode 100644 index 00000000..88d3ed02 --- /dev/null +++ b/sec/insecure/pb/plaintext.proto @@ -0,0 +1,11 @@ +syntax = "proto2"; + +package plaintext.pb; + +// TODO(yusef): can we add the dir to the include path and avoid relative import? +import "crypto/pb/crypto.proto"; + +message Exchange { + optional bytes id = 1; + optional crypto.pb.PublicKey pubkey = 2; +} From f2cf104cf7059988207eecb06337d1fb89769f18 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Thu, 11 Jul 2019 12:54:34 -0400 Subject: [PATCH 02/10] gofmt --- sec/insecure/insecure.go | 8 ++++---- sec/insecure/insecure_test.go | 3 +-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/sec/insecure/insecure.go b/sec/insecure/insecure.go index 2bffe4f8..1aa86fb1 100644 --- a/sec/insecure/insecure.go +++ b/sec/insecure/insecure.go @@ -57,8 +57,8 @@ func (t *Transport) LocalPrivateKey() ci.PrivKey { // with each other, or if a network error occurs during the ID exchange. func (t *Transport) SecureInbound(ctx context.Context, insecure net.Conn) (sec.SecureConn, error) { conn := &Conn{ - Conn: insecure, - local: t.id, + Conn: insecure, + local: t.id, localPrivKey: t.key, } @@ -80,8 +80,8 @@ func (t *Transport) SecureInbound(ctx context.Context, insecure net.Conn) (sec.S // also fail if a network error occurs during the ID exchange. func (t *Transport) SecureOutbound(ctx context.Context, insecure net.Conn, p peer.ID) (sec.SecureConn, error) { conn := &Conn{ - Conn: insecure, - local: t.id, + Conn: insecure, + local: t.id, localPrivKey: t.key, } diff --git a/sec/insecure/insecure_test.go b/sec/insecure/insecure_test.go index 539969d6..c95cff64 100644 --- a/sec/insecure/insecure_test.go +++ b/sec/insecure/insecure_test.go @@ -36,7 +36,6 @@ func newTestTransport(t *testing.T, typ, bits int) *Transport { } } - // Create a new pair of connected TCP sockets. func newConnPair(t *testing.T) (net.Conn, net.Conn) { lstnr, err := net.Listen("tcp", "localhost:0") @@ -158,4 +157,4 @@ func testConnection(t *testing.T, clientTpt, serverTpt *Transport) { clientConn.Close() serverConn.Close() -} \ No newline at end of file +} From d23f421085579d85b672f9bf98627bdc09976963 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Thu, 11 Jul 2019 12:58:17 -0400 Subject: [PATCH 03/10] gofmt (for real this time) --- sec/insecure/insecure_test.go | 2 +- sec/insecure/pb/plaintext.pb.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sec/insecure/insecure_test.go b/sec/insecure/insecure_test.go index c95cff64..5c26f5d4 100644 --- a/sec/insecure/insecure_test.go +++ b/sec/insecure/insecure_test.go @@ -2,9 +2,9 @@ package insecure import ( "bytes" + "context" "github.com/libp2p/go-libp2p-core/peer" "github.com/libp2p/go-libp2p-core/sec" - "context" "io" "net" "testing" diff --git a/sec/insecure/pb/plaintext.pb.go b/sec/insecure/pb/plaintext.pb.go index ed60da02..34cc6914 100644 --- a/sec/insecure/pb/plaintext.pb.go +++ b/sec/insecure/pb/plaintext.pb.go @@ -4,9 +4,9 @@ package plaintext_pb import ( - pb "github.com/libp2p/go-libp2p-core/crypto/pb" fmt "fmt" proto "github.com/gogo/protobuf/proto" + pb "github.com/libp2p/go-libp2p-core/crypto/pb" io "io" math "math" ) From 5a543a79bd89d75c9697f852638b8fe56da862f4 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Thu, 11 Jul 2019 17:19:26 -0400 Subject: [PATCH 04/10] add `go_package` option to proto files --- crypto/pb/Makefile | 11 +++++++++-- crypto/pb/crypto.pb.go | 12 +++++++----- crypto/pb/crypto.proto | 1 + sec/insecure/pb/Makefile | 11 +++++++++-- sec/insecure/pb/plaintext.pb.go | 11 +++++++---- sec/insecure/pb/plaintext.proto | 2 +- 6 files changed, 34 insertions(+), 14 deletions(-) diff --git a/crypto/pb/Makefile b/crypto/pb/Makefile index df34e54b..bcfbd60f 100644 --- a/crypto/pb/Makefile +++ b/crypto/pb/Makefile @@ -1,10 +1,17 @@ PB = $(wildcard *.proto) GO = $(PB:.proto=.pb.go) +OUTDIR = ./out + all: $(GO) -%.pb.go: %.proto - protoc --proto_path=$(GOPATH)/src:. --gogofaster_out=. $< +$(OUTDIR): + mkdir -p $(OUTDIR) + +%.pb.go: %.proto $(OUTDIR) + protoc --proto_path=$(GOPATH)/src:../../..:. --gogofaster_out=$(OUTDIR) $< && \ + find $(OUTDIR) -name $@ -exec mv '{}' . \; && \ + rm -rf $(OUTDIR) clean: rm -f *.pb.go diff --git a/crypto/pb/crypto.pb.go b/crypto/pb/crypto.pb.go index 5fa7aec7..08b9fac7 100644 --- a/crypto/pb/crypto.pb.go +++ b/crypto/pb/crypto.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-gogo. DO NOT EDIT. // source: crypto.proto -package crypto_pb +package pb import ( fmt "fmt" @@ -181,7 +181,7 @@ func init() { func init() { proto.RegisterFile("crypto.proto", fileDescriptor_527278fb02d03321) } var fileDescriptor_527278fb02d03321 = []byte{ - // 203 bytes of a gzipped FileDescriptorProto + // 239 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x49, 0x2e, 0xaa, 0x2c, 0x28, 0xc9, 0xd7, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0xe2, 0x84, 0xf1, 0x92, 0x94, 0x82, 0xb9, 0x38, 0x03, 0x4a, 0x93, 0x72, 0x32, 0x93, 0xbd, 0x53, 0x2b, 0x85, 0x74, 0xb8, 0x58, 0x42, 0x2a, @@ -192,9 +192,11 @@ var fileDescriptor_527278fb02d03321 = []byte{ 0xaa, 0x41, 0x88, 0x9d, 0x8b, 0x39, 0x28, 0xd8, 0x51, 0x80, 0x41, 0x88, 0x9b, 0x8b, 0xdd, 0x35, 0xc5, 0xc8, 0xd4, 0xd4, 0xd0, 0x52, 0x80, 0x51, 0x88, 0x97, 0x8b, 0x33, 0x38, 0x35, 0xb9, 0xc0, 0xc8, 0xd4, 0x2c, 0xdb, 0x50, 0x80, 0x49, 0x88, 0x93, 0x8b, 0xd5, 0xd5, 0xd9, 0x25, 0xd8, 0x51, - 0x80, 0xd9, 0x49, 0xe2, 0xc4, 0x23, 0x39, 0xc6, 0x0b, 0x8f, 0xe4, 0x18, 0x1f, 0x3c, 0x92, 0x63, - 0x9c, 0xf0, 0x58, 0x8e, 0xe1, 0xc2, 0x63, 0x39, 0x86, 0x1b, 0x8f, 0xe5, 0x18, 0x00, 0x01, 0x00, - 0x00, 0xff, 0xff, 0x13, 0xbe, 0xd4, 0xff, 0x19, 0x01, 0x00, 0x00, + 0x80, 0xd9, 0xc9, 0xe5, 0xc4, 0x23, 0x39, 0xc6, 0x0b, 0x8f, 0xe4, 0x18, 0x1f, 0x3c, 0x92, 0x63, + 0x9c, 0xf0, 0x58, 0x8e, 0xe1, 0xc2, 0x63, 0x39, 0x86, 0x1b, 0x8f, 0xe5, 0x18, 0xa2, 0xb4, 0xd2, + 0x33, 0x4b, 0x32, 0x4a, 0x93, 0xf4, 0x92, 0xf3, 0x73, 0xf5, 0x73, 0x32, 0x93, 0x0a, 0x8c, 0x0a, + 0xf4, 0xd3, 0xf3, 0x75, 0x21, 0x2c, 0xdd, 0xe4, 0xfc, 0xa2, 0x54, 0x7d, 0x88, 0x73, 0xf5, 0x0b, + 0x92, 0x00, 0x01, 0x00, 0x00, 0xff, 0xff, 0x9a, 0xd1, 0x49, 0xbf, 0x45, 0x01, 0x00, 0x00, } func (m *PublicKey) Marshal() (dAtA []byte, err error) { diff --git a/crypto/pb/crypto.proto b/crypto/pb/crypto.proto index cb5cee8a..2a69e271 100644 --- a/crypto/pb/crypto.proto +++ b/crypto/pb/crypto.proto @@ -1,6 +1,7 @@ syntax = "proto2"; package crypto.pb; +option go_package = "github.com/libp2p/go-libp2p-core/crypto/pb"; enum KeyType { RSA = 0; diff --git a/sec/insecure/pb/Makefile b/sec/insecure/pb/Makefile index c6f73f03..bcfbd60f 100644 --- a/sec/insecure/pb/Makefile +++ b/sec/insecure/pb/Makefile @@ -1,10 +1,17 @@ PB = $(wildcard *.proto) GO = $(PB:.proto=.pb.go) +OUTDIR = ./out + all: $(GO) -%.pb.go: %.proto - protoc --proto_path=$(GOPATH)/src:../../..:. --gogofaster_out=. $< +$(OUTDIR): + mkdir -p $(OUTDIR) + +%.pb.go: %.proto $(OUTDIR) + protoc --proto_path=$(GOPATH)/src:../../..:. --gogofaster_out=$(OUTDIR) $< && \ + find $(OUTDIR) -name $@ -exec mv '{}' . \; && \ + rm -rf $(OUTDIR) clean: rm -f *.pb.go diff --git a/sec/insecure/pb/plaintext.pb.go b/sec/insecure/pb/plaintext.pb.go index 34cc6914..0143b212 100644 --- a/sec/insecure/pb/plaintext.pb.go +++ b/sec/insecure/pb/plaintext.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-gogo. DO NOT EDIT. // source: plaintext.proto -package plaintext_pb +package pb import ( fmt "fmt" @@ -81,7 +81,7 @@ func init() { func init() { proto.RegisterFile("plaintext.proto", fileDescriptor_aba144f73931b711) } var fileDescriptor_aba144f73931b711 = []byte{ - // 159 bytes of a gzipped FileDescriptorProto + // 204 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x2f, 0xc8, 0x49, 0xcc, 0xcc, 0x2b, 0x49, 0xad, 0x28, 0xd1, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0xe2, 0x41, 0x12, 0x48, 0x92, 0x12, 0x4b, 0x2e, 0xaa, 0x2c, 0x28, 0xc9, 0xd7, 0x2f, 0x48, 0xd2, 0x87, 0xb0, 0x20, 0xaa, @@ -89,9 +89,12 @@ var fileDescriptor_aba144f73931b711 = []byte{ 0x32, 0x53, 0x24, 0x18, 0x15, 0x18, 0x35, 0x78, 0x9c, 0x58, 0x4e, 0xdc, 0x93, 0x67, 0x08, 0x62, 0xca, 0x4c, 0x11, 0xd2, 0xe1, 0x62, 0x2b, 0x28, 0x4d, 0xca, 0x4e, 0xad, 0x94, 0x60, 0x52, 0x60, 0xd4, 0xe0, 0x36, 0x12, 0xd1, 0x83, 0x19, 0x90, 0xa4, 0x17, 0x50, 0x9a, 0x94, 0x93, 0x99, 0xec, - 0x9d, 0x5a, 0x19, 0x04, 0x55, 0xe3, 0x24, 0x71, 0xe2, 0x91, 0x1c, 0xe3, 0x85, 0x47, 0x72, 0x8c, + 0x9d, 0x5a, 0x19, 0x04, 0x55, 0xe3, 0xe4, 0x75, 0xe2, 0x91, 0x1c, 0xe3, 0x85, 0x47, 0x72, 0x8c, 0x0f, 0x1e, 0xc9, 0x31, 0x4e, 0x78, 0x2c, 0xc7, 0x70, 0xe1, 0xb1, 0x1c, 0xc3, 0x8d, 0xc7, 0x72, - 0x0c, 0x80, 0x00, 0x00, 0x00, 0xff, 0xff, 0x2b, 0x97, 0xbc, 0x9e, 0xa1, 0x00, 0x00, 0x00, + 0x0c, 0x51, 0x06, 0xe9, 0x99, 0x25, 0x19, 0xa5, 0x49, 0x7a, 0xc9, 0xf9, 0xb9, 0xfa, 0x39, 0x99, + 0x49, 0x05, 0x46, 0x05, 0xfa, 0xe9, 0xf9, 0xba, 0x10, 0x96, 0x6e, 0x72, 0x7e, 0x51, 0xaa, 0x7e, + 0x71, 0x6a, 0xb2, 0x7e, 0x66, 0x5e, 0x71, 0x6a, 0x72, 0x69, 0x51, 0xaa, 0x7e, 0x41, 0x12, 0x20, + 0x00, 0x00, 0xff, 0xff, 0x02, 0xef, 0xd6, 0x84, 0xd3, 0x00, 0x00, 0x00, } func (m *Exchange) Marshal() (dAtA []byte, err error) { diff --git a/sec/insecure/pb/plaintext.proto b/sec/insecure/pb/plaintext.proto index 88d3ed02..59d9d514 100644 --- a/sec/insecure/pb/plaintext.proto +++ b/sec/insecure/pb/plaintext.proto @@ -1,8 +1,8 @@ syntax = "proto2"; package plaintext.pb; +option go_package = "github.com/libp2p/go-libp2p-core/sec/insecure/pb"; -// TODO(yusef): can we add the dir to the include path and avoid relative import? import "crypto/pb/crypto.proto"; message Exchange { From 01c9fdfb6c4d021d34dcd0eecfb17f297375f15d Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Thu, 11 Jul 2019 17:32:29 -0400 Subject: [PATCH 05/10] Revert "add `go_package` option to proto files" 5a543a79bd89d75c9697f852638b8fe56da862f4 --- crypto/pb/Makefile | 11 ++--------- crypto/pb/crypto.pb.go | 12 +++++------- crypto/pb/crypto.proto | 1 - sec/insecure/pb/Makefile | 11 ++--------- sec/insecure/pb/plaintext.pb.go | 11 ++++------- sec/insecure/pb/plaintext.proto | 2 +- 6 files changed, 14 insertions(+), 34 deletions(-) diff --git a/crypto/pb/Makefile b/crypto/pb/Makefile index bcfbd60f..df34e54b 100644 --- a/crypto/pb/Makefile +++ b/crypto/pb/Makefile @@ -1,17 +1,10 @@ PB = $(wildcard *.proto) GO = $(PB:.proto=.pb.go) -OUTDIR = ./out - all: $(GO) -$(OUTDIR): - mkdir -p $(OUTDIR) - -%.pb.go: %.proto $(OUTDIR) - protoc --proto_path=$(GOPATH)/src:../../..:. --gogofaster_out=$(OUTDIR) $< && \ - find $(OUTDIR) -name $@ -exec mv '{}' . \; && \ - rm -rf $(OUTDIR) +%.pb.go: %.proto + protoc --proto_path=$(GOPATH)/src:. --gogofaster_out=. $< clean: rm -f *.pb.go diff --git a/crypto/pb/crypto.pb.go b/crypto/pb/crypto.pb.go index 08b9fac7..5fa7aec7 100644 --- a/crypto/pb/crypto.pb.go +++ b/crypto/pb/crypto.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-gogo. DO NOT EDIT. // source: crypto.proto -package pb +package crypto_pb import ( fmt "fmt" @@ -181,7 +181,7 @@ func init() { func init() { proto.RegisterFile("crypto.proto", fileDescriptor_527278fb02d03321) } var fileDescriptor_527278fb02d03321 = []byte{ - // 239 bytes of a gzipped FileDescriptorProto + // 203 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x49, 0x2e, 0xaa, 0x2c, 0x28, 0xc9, 0xd7, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0xe2, 0x84, 0xf1, 0x92, 0x94, 0x82, 0xb9, 0x38, 0x03, 0x4a, 0x93, 0x72, 0x32, 0x93, 0xbd, 0x53, 0x2b, 0x85, 0x74, 0xb8, 0x58, 0x42, 0x2a, @@ -192,11 +192,9 @@ var fileDescriptor_527278fb02d03321 = []byte{ 0xaa, 0x41, 0x88, 0x9d, 0x8b, 0x39, 0x28, 0xd8, 0x51, 0x80, 0x41, 0x88, 0x9b, 0x8b, 0xdd, 0x35, 0xc5, 0xc8, 0xd4, 0xd4, 0xd0, 0x52, 0x80, 0x51, 0x88, 0x97, 0x8b, 0x33, 0x38, 0x35, 0xb9, 0xc0, 0xc8, 0xd4, 0x2c, 0xdb, 0x50, 0x80, 0x49, 0x88, 0x93, 0x8b, 0xd5, 0xd5, 0xd9, 0x25, 0xd8, 0x51, - 0x80, 0xd9, 0xc9, 0xe5, 0xc4, 0x23, 0x39, 0xc6, 0x0b, 0x8f, 0xe4, 0x18, 0x1f, 0x3c, 0x92, 0x63, - 0x9c, 0xf0, 0x58, 0x8e, 0xe1, 0xc2, 0x63, 0x39, 0x86, 0x1b, 0x8f, 0xe5, 0x18, 0xa2, 0xb4, 0xd2, - 0x33, 0x4b, 0x32, 0x4a, 0x93, 0xf4, 0x92, 0xf3, 0x73, 0xf5, 0x73, 0x32, 0x93, 0x0a, 0x8c, 0x0a, - 0xf4, 0xd3, 0xf3, 0x75, 0x21, 0x2c, 0xdd, 0xe4, 0xfc, 0xa2, 0x54, 0x7d, 0x88, 0x73, 0xf5, 0x0b, - 0x92, 0x00, 0x01, 0x00, 0x00, 0xff, 0xff, 0x9a, 0xd1, 0x49, 0xbf, 0x45, 0x01, 0x00, 0x00, + 0x80, 0xd9, 0x49, 0xe2, 0xc4, 0x23, 0x39, 0xc6, 0x0b, 0x8f, 0xe4, 0x18, 0x1f, 0x3c, 0x92, 0x63, + 0x9c, 0xf0, 0x58, 0x8e, 0xe1, 0xc2, 0x63, 0x39, 0x86, 0x1b, 0x8f, 0xe5, 0x18, 0x00, 0x01, 0x00, + 0x00, 0xff, 0xff, 0x13, 0xbe, 0xd4, 0xff, 0x19, 0x01, 0x00, 0x00, } func (m *PublicKey) Marshal() (dAtA []byte, err error) { diff --git a/crypto/pb/crypto.proto b/crypto/pb/crypto.proto index 2a69e271..cb5cee8a 100644 --- a/crypto/pb/crypto.proto +++ b/crypto/pb/crypto.proto @@ -1,7 +1,6 @@ syntax = "proto2"; package crypto.pb; -option go_package = "github.com/libp2p/go-libp2p-core/crypto/pb"; enum KeyType { RSA = 0; diff --git a/sec/insecure/pb/Makefile b/sec/insecure/pb/Makefile index bcfbd60f..c6f73f03 100644 --- a/sec/insecure/pb/Makefile +++ b/sec/insecure/pb/Makefile @@ -1,17 +1,10 @@ PB = $(wildcard *.proto) GO = $(PB:.proto=.pb.go) -OUTDIR = ./out - all: $(GO) -$(OUTDIR): - mkdir -p $(OUTDIR) - -%.pb.go: %.proto $(OUTDIR) - protoc --proto_path=$(GOPATH)/src:../../..:. --gogofaster_out=$(OUTDIR) $< && \ - find $(OUTDIR) -name $@ -exec mv '{}' . \; && \ - rm -rf $(OUTDIR) +%.pb.go: %.proto + protoc --proto_path=$(GOPATH)/src:../../..:. --gogofaster_out=. $< clean: rm -f *.pb.go diff --git a/sec/insecure/pb/plaintext.pb.go b/sec/insecure/pb/plaintext.pb.go index 0143b212..34cc6914 100644 --- a/sec/insecure/pb/plaintext.pb.go +++ b/sec/insecure/pb/plaintext.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-gogo. DO NOT EDIT. // source: plaintext.proto -package pb +package plaintext_pb import ( fmt "fmt" @@ -81,7 +81,7 @@ func init() { func init() { proto.RegisterFile("plaintext.proto", fileDescriptor_aba144f73931b711) } var fileDescriptor_aba144f73931b711 = []byte{ - // 204 bytes of a gzipped FileDescriptorProto + // 159 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x2f, 0xc8, 0x49, 0xcc, 0xcc, 0x2b, 0x49, 0xad, 0x28, 0xd1, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0xe2, 0x41, 0x12, 0x48, 0x92, 0x12, 0x4b, 0x2e, 0xaa, 0x2c, 0x28, 0xc9, 0xd7, 0x2f, 0x48, 0xd2, 0x87, 0xb0, 0x20, 0xaa, @@ -89,12 +89,9 @@ var fileDescriptor_aba144f73931b711 = []byte{ 0x32, 0x53, 0x24, 0x18, 0x15, 0x18, 0x35, 0x78, 0x9c, 0x58, 0x4e, 0xdc, 0x93, 0x67, 0x08, 0x62, 0xca, 0x4c, 0x11, 0xd2, 0xe1, 0x62, 0x2b, 0x28, 0x4d, 0xca, 0x4e, 0xad, 0x94, 0x60, 0x52, 0x60, 0xd4, 0xe0, 0x36, 0x12, 0xd1, 0x83, 0x19, 0x90, 0xa4, 0x17, 0x50, 0x9a, 0x94, 0x93, 0x99, 0xec, - 0x9d, 0x5a, 0x19, 0x04, 0x55, 0xe3, 0xe4, 0x75, 0xe2, 0x91, 0x1c, 0xe3, 0x85, 0x47, 0x72, 0x8c, + 0x9d, 0x5a, 0x19, 0x04, 0x55, 0xe3, 0x24, 0x71, 0xe2, 0x91, 0x1c, 0xe3, 0x85, 0x47, 0x72, 0x8c, 0x0f, 0x1e, 0xc9, 0x31, 0x4e, 0x78, 0x2c, 0xc7, 0x70, 0xe1, 0xb1, 0x1c, 0xc3, 0x8d, 0xc7, 0x72, - 0x0c, 0x51, 0x06, 0xe9, 0x99, 0x25, 0x19, 0xa5, 0x49, 0x7a, 0xc9, 0xf9, 0xb9, 0xfa, 0x39, 0x99, - 0x49, 0x05, 0x46, 0x05, 0xfa, 0xe9, 0xf9, 0xba, 0x10, 0x96, 0x6e, 0x72, 0x7e, 0x51, 0xaa, 0x7e, - 0x71, 0x6a, 0xb2, 0x7e, 0x66, 0x5e, 0x71, 0x6a, 0x72, 0x69, 0x51, 0xaa, 0x7e, 0x41, 0x12, 0x20, - 0x00, 0x00, 0xff, 0xff, 0x02, 0xef, 0xd6, 0x84, 0xd3, 0x00, 0x00, 0x00, + 0x0c, 0x80, 0x00, 0x00, 0x00, 0xff, 0xff, 0x2b, 0x97, 0xbc, 0x9e, 0xa1, 0x00, 0x00, 0x00, } func (m *Exchange) Marshal() (dAtA []byte, err error) { diff --git a/sec/insecure/pb/plaintext.proto b/sec/insecure/pb/plaintext.proto index 59d9d514..88d3ed02 100644 --- a/sec/insecure/pb/plaintext.proto +++ b/sec/insecure/pb/plaintext.proto @@ -1,8 +1,8 @@ syntax = "proto2"; package plaintext.pb; -option go_package = "github.com/libp2p/go-libp2p-core/sec/insecure/pb"; +// TODO(yusef): can we add the dir to the include path and avoid relative import? import "crypto/pb/crypto.proto"; message Exchange { From 2363ef9ba4f5a1aa766e21142bf95c612243d329 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Thu, 11 Jul 2019 17:41:15 -0400 Subject: [PATCH 06/10] less hacky protobuf imports --- sec/insecure/pb/Makefile | 2 +- sec/insecure/pb/plaintext.pb.go | 20 +++++++++++--------- sec/insecure/pb/plaintext.proto | 3 +-- 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/sec/insecure/pb/Makefile b/sec/insecure/pb/Makefile index c6f73f03..4fb825a4 100644 --- a/sec/insecure/pb/Makefile +++ b/sec/insecure/pb/Makefile @@ -4,7 +4,7 @@ GO = $(PB:.proto=.pb.go) all: $(GO) %.pb.go: %.proto - protoc --proto_path=$(GOPATH)/src:../../..:. --gogofaster_out=. $< + protoc --proto_path=$(GOPATH)/src:../../../crypto/pb:. --gogofaster_out=. $< clean: rm -f *.pb.go diff --git a/sec/insecure/pb/plaintext.pb.go b/sec/insecure/pb/plaintext.pb.go index 34cc6914..68b12f0c 100644 --- a/sec/insecure/pb/plaintext.pb.go +++ b/sec/insecure/pb/plaintext.pb.go @@ -81,17 +81,19 @@ func init() { func init() { proto.RegisterFile("plaintext.proto", fileDescriptor_aba144f73931b711) } var fileDescriptor_aba144f73931b711 = []byte{ - // 159 bytes of a gzipped FileDescriptorProto + // 187 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x2f, 0xc8, 0x49, 0xcc, 0xcc, 0x2b, 0x49, 0xad, 0x28, 0xd1, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0xe2, 0x41, 0x12, 0x48, - 0x92, 0x12, 0x4b, 0x2e, 0xaa, 0x2c, 0x28, 0xc9, 0xd7, 0x2f, 0x48, 0xd2, 0x87, 0xb0, 0x20, 0xaa, - 0x94, 0xfc, 0xb8, 0x38, 0x5c, 0x2b, 0x92, 0x33, 0x12, 0xf3, 0xd2, 0x53, 0x85, 0x44, 0xb8, 0x98, - 0x32, 0x53, 0x24, 0x18, 0x15, 0x18, 0x35, 0x78, 0x9c, 0x58, 0x4e, 0xdc, 0x93, 0x67, 0x08, 0x62, - 0xca, 0x4c, 0x11, 0xd2, 0xe1, 0x62, 0x2b, 0x28, 0x4d, 0xca, 0x4e, 0xad, 0x94, 0x60, 0x52, 0x60, - 0xd4, 0xe0, 0x36, 0x12, 0xd1, 0x83, 0x19, 0x90, 0xa4, 0x17, 0x50, 0x9a, 0x94, 0x93, 0x99, 0xec, - 0x9d, 0x5a, 0x19, 0x04, 0x55, 0xe3, 0x24, 0x71, 0xe2, 0x91, 0x1c, 0xe3, 0x85, 0x47, 0x72, 0x8c, - 0x0f, 0x1e, 0xc9, 0x31, 0x4e, 0x78, 0x2c, 0xc7, 0x70, 0xe1, 0xb1, 0x1c, 0xc3, 0x8d, 0xc7, 0x72, - 0x0c, 0x80, 0x00, 0x00, 0x00, 0xff, 0xff, 0x2b, 0x97, 0xbc, 0x9e, 0xa1, 0x00, 0x00, 0x00, + 0x92, 0x32, 0x4f, 0xcf, 0x2c, 0xc9, 0x28, 0x4d, 0xd2, 0x4b, 0xce, 0xcf, 0xd5, 0xcf, 0xc9, 0x4c, + 0x2a, 0x30, 0x2a, 0xd0, 0x4f, 0xcf, 0xd7, 0x85, 0xb0, 0x74, 0x93, 0xf3, 0x8b, 0x52, 0xf5, 0x93, + 0x8b, 0x2a, 0x0b, 0x4a, 0xf2, 0xf5, 0x0b, 0x92, 0xa0, 0x2c, 0x88, 0x31, 0x4a, 0x7e, 0x5c, 0x1c, + 0xae, 0x15, 0xc9, 0x19, 0x89, 0x79, 0xe9, 0xa9, 0x42, 0x22, 0x5c, 0x4c, 0x99, 0x29, 0x12, 0x8c, + 0x0a, 0x8c, 0x1a, 0x3c, 0x4e, 0x2c, 0x27, 0xee, 0xc9, 0x33, 0x04, 0x31, 0x65, 0xa6, 0x08, 0xe9, + 0x70, 0xb1, 0x15, 0x94, 0x26, 0x65, 0xa7, 0x56, 0x4a, 0x30, 0x29, 0x30, 0x6a, 0x70, 0x1b, 0x89, + 0xe8, 0xc1, 0x0c, 0x48, 0xd2, 0x0b, 0x28, 0x4d, 0xca, 0xc9, 0x4c, 0xf6, 0x4e, 0xad, 0x0c, 0x82, + 0xaa, 0x71, 0x92, 0x38, 0xf1, 0x48, 0x8e, 0xf1, 0xc2, 0x23, 0x39, 0xc6, 0x07, 0x8f, 0xe4, 0x18, + 0x27, 0x3c, 0x96, 0x63, 0xb8, 0xf0, 0x58, 0x8e, 0xe1, 0xc6, 0x63, 0x39, 0x06, 0x40, 0x00, 0x00, + 0x00, 0xff, 0xff, 0x40, 0xde, 0x90, 0x0b, 0xc2, 0x00, 0x00, 0x00, } func (m *Exchange) Marshal() (dAtA []byte, err error) { diff --git a/sec/insecure/pb/plaintext.proto b/sec/insecure/pb/plaintext.proto index 88d3ed02..1e299df5 100644 --- a/sec/insecure/pb/plaintext.proto +++ b/sec/insecure/pb/plaintext.proto @@ -2,8 +2,7 @@ syntax = "proto2"; package plaintext.pb; -// TODO(yusef): can we add the dir to the include path and avoid relative import? -import "crypto/pb/crypto.proto"; +import "github.com/libp2p/go-libp2p-core/crypto/pb/crypto.proto"; message Exchange { optional bytes id = 1; From ca33db461cadca9f7da5a29dcc6877b3f17cad86 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Fri, 12 Jul 2019 10:40:14 -0400 Subject: [PATCH 07/10] add doc comment for PublicKeyFromProto --- crypto/key.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/crypto/key.go b/crypto/key.go index a3ce9070..81a5abe5 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -279,6 +279,10 @@ func UnmarshalPublicKey(data []byte) (PubKey, error) { return PublicKeyFromProto(*pmes) } + +// PublicKeyFromProto converts an unserialized protobuf PublicKey message +// into its representative object. To convert a serialized public key, +// see UnmarshalPublicKey. func PublicKeyFromProto(keyMessage pb.PublicKey) (PubKey, error) { um, ok := PubKeyUnmarshallers[keyMessage.GetType()] if !ok { From 95ea1269b2e2672674c14376454f7863051811b7 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Fri, 12 Jul 2019 10:40:45 -0400 Subject: [PATCH 08/10] clean up handshake --- sec/insecure/insecure.go | 50 +++++++++------------------------------- 1 file changed, 11 insertions(+), 39 deletions(-) diff --git a/sec/insecure/insecure.go b/sec/insecure/insecure.go index 1aa86fb1..23685b20 100644 --- a/sec/insecure/insecure.go +++ b/sec/insecure/insecure.go @@ -6,13 +6,12 @@ package insecure import ( "context" "fmt" - "github.com/gogo/protobuf/proto" - "github.com/libp2p/go-msgio" "net" "github.com/libp2p/go-libp2p-core/peer" "github.com/libp2p/go-libp2p-core/sec" + ggio "github.com/gogo/protobuf/io" ci "github.com/libp2p/go-libp2p-core/crypto" pb "github.com/libp2p/go-libp2p-core/sec/insecure/pb" ) @@ -22,8 +21,10 @@ import ( const ID = "/plaintext/2.0.0" // Transport is a no-op stream security transport. It provides no -// security and simply mocks the security and identity methods to -// return peer IDs known ahead of time. +// security and simply mocks the security methods. Identity methods +// return the local peer's ID and private key, and whatever the remote +// peer presents as their ID and public key. +// No authentication of the remote identity is performed. type Transport struct { id peer.ID key ci.PrivKey @@ -37,7 +38,7 @@ func New(id peer.ID, key ci.PrivKey) *Transport { } } -// LocalPeer returns the transports local peer ID. +// LocalPeer returns the transport's local peer ID. func (t *Transport) LocalPeer() peer.ID { return t.id } @@ -95,10 +96,6 @@ func (t *Transport) SecureOutbound(ctx context.Context, insecure net.Conn, p pee p, conn.remote) } - if !p.MatchesPublicKey(conn.remotePubKey) { - return nil, fmt.Errorf("remote public key does not match expected peer ID") - } - return conn, nil } @@ -130,7 +127,9 @@ func makeExchangeMessage(privkey ci.PrivKey) (*pb.Exchange, error) { } func (ic *Conn) runHandshakeSync(ctx context.Context) error { - insecureM := msgio.NewReadWriter(ic.Conn) + const maxSize = 1<<16 + reader := ggio.NewDelimitedReader(ic.Conn, maxSize) + writer := ggio.NewDelimitedWriter(ic.Conn) // Generate an Exchange message msg, err := makeExchangeMessage(ic.localPrivKey) @@ -138,19 +137,14 @@ func (ic *Conn) runHandshakeSync(ctx context.Context) error { return err } - msgBytes, err := proto.Marshal(msg) - if err != nil { - return err - } - // Send our Exchange and read theirs - remoteExchangeBytes, err := readWriteMsg(insecureM, msgBytes) + err = writer.WriteMsg(msg) if err != nil { return err } remoteMsg := new(pb.Exchange) - err = proto.Unmarshal(remoteExchangeBytes, remoteMsg) + err = reader.ReadMsg(remoteMsg) if err != nil { return err } @@ -179,28 +173,6 @@ func (ic *Conn) runHandshakeSync(ctx context.Context) error { return nil } -// read and write a message at the same time. -func readWriteMsg(c msgio.ReadWriter, out []byte) ([]byte, error) { - wresult := make(chan error) - go func() { - wresult <- c.WriteMsg(out) - }() - - msg, err1 := c.ReadMsg() - - // Always wait for the read to finish. - err2 := <-wresult - - if err1 != nil { - return nil, err1 - } - if err2 != nil { - c.ReleaseMsg(msg) - return nil, err2 - } - return msg, nil -} - // LocalPeer returns the local peer ID. func (ic *Conn) LocalPeer() peer.ID { return ic.local From c5f2bcbfac5324594d575a20be5b470ea9619b3c Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Fri, 12 Jul 2019 10:57:09 -0400 Subject: [PATCH 09/10] go fmt, lol --- crypto/key.go | 1 - sec/insecure/insecure.go | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/crypto/key.go b/crypto/key.go index 81a5abe5..3bec9074 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -279,7 +279,6 @@ func UnmarshalPublicKey(data []byte) (PubKey, error) { return PublicKeyFromProto(*pmes) } - // PublicKeyFromProto converts an unserialized protobuf PublicKey message // into its representative object. To convert a serialized public key, // see UnmarshalPublicKey. diff --git a/sec/insecure/insecure.go b/sec/insecure/insecure.go index 23685b20..e4a892c9 100644 --- a/sec/insecure/insecure.go +++ b/sec/insecure/insecure.go @@ -127,7 +127,7 @@ func makeExchangeMessage(privkey ci.PrivKey) (*pb.Exchange, error) { } func (ic *Conn) runHandshakeSync(ctx context.Context) error { - const maxSize = 1<<16 + const maxSize = 1 << 16 reader := ggio.NewDelimitedReader(ic.Conn, maxSize) writer := ggio.NewDelimitedWriter(ic.Conn) From 18de79ca98fc88e494d54e0391311bc234dbca2f Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Fri, 12 Jul 2019 11:46:22 -0400 Subject: [PATCH 10/10] use network.MessageSizeMax for ggio reader --- sec/insecure/insecure.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sec/insecure/insecure.go b/sec/insecure/insecure.go index e4a892c9..5f6a1bb7 100644 --- a/sec/insecure/insecure.go +++ b/sec/insecure/insecure.go @@ -6,6 +6,7 @@ package insecure import ( "context" "fmt" + "github.com/libp2p/go-libp2p-core/network" "net" "github.com/libp2p/go-libp2p-core/peer" @@ -127,8 +128,7 @@ func makeExchangeMessage(privkey ci.PrivKey) (*pb.Exchange, error) { } func (ic *Conn) runHandshakeSync(ctx context.Context) error { - const maxSize = 1 << 16 - reader := ggio.NewDelimitedReader(ic.Conn, maxSize) + reader := ggio.NewDelimitedReader(ic.Conn, network.MessageSizeMax) writer := ggio.NewDelimitedWriter(ic.Conn) // Generate an Exchange message