Skip to content

Commit

Permalink
Merge pull request #11 from libp2p/tls13
Browse files Browse the repository at this point in the history
use TLS 1.3
  • Loading branch information
marten-seemann authored Feb 17, 2019
2 parents a16ab88 + 1c09b02 commit df91dee
Show file tree
Hide file tree
Showing 3 changed files with 34 additions and 26 deletions.
1 change: 1 addition & 0 deletions p2p/security/tls/crypto.go
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@ func generateConfig(privKey ic.PrivKey) (*tls.Config, error) {
return nil, err
}
return &tls.Config{
MinVersion: tls.VersionTLS13,
InsecureSkipVerify: true, // This is not insecure here. We will verify the cert chain ourselves.
ClientAuth: tls.RequireAnyClientCert,
Certificates: []tls.Certificate{{
Expand Down
31 changes: 22 additions & 9 deletions p2p/security/tls/transport.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,19 @@ import (
"context"
"crypto/tls"
"net"
"os"

cs "github.com/libp2p/go-conn-security"
ci "github.com/libp2p/go-libp2p-crypto"
peer "github.com/libp2p/go-libp2p-peer"
)

// TLS 1.3 is opt-in in Go 1.12
// Activate it by setting the tls13 GODEBUG flag.
func init() {
os.Setenv("GODEBUG", os.Getenv("GODEBUG")+",tls13=1")
}

// ID is the protocol ID (used when negotiating with multistream)
const ID = "/tls/1.0.0"

Expand Down Expand Up @@ -43,32 +50,38 @@ var _ cs.Transport = &Transport{}
// SecureInbound runs the TLS handshake as a server.
func (t *Transport) SecureInbound(ctx context.Context, insecure net.Conn) (cs.Conn, error) {
serv := tls.Server(insecure, t.identity.Config)
return t.handshake(ctx, insecure, serv)
return t.handshake(ctx, serv)
}

// SecureOutbound runs the TLS handshake as a client.
// Note that SecureOutbound will not return an error if the server doesn't
// accept the certificate. This is due to the fact that in TLS 1.3, the client
// sends its certificate and the ClientFinished in the same flight, and can send
// application data immediately afterwards.
// If the handshake fails, the server will close the connection. The client will
// notice this after 1 RTT when calling Read.
func (t *Transport) SecureOutbound(ctx context.Context, insecure net.Conn, p peer.ID) (cs.Conn, error) {
cl := tls.Client(insecure, t.identity.ConfigForPeer(p))
return t.handshake(ctx, insecure, cl)
return t.handshake(ctx, cl)
}

func (t *Transport) handshake(
ctx context.Context,
// in Go 1.10, we need to close the underlying net.Conn
// in Go 1.11 this was fixed, and tls.Conn.Close() works as well
insecure net.Conn,
tlsConn *tls.Conn,
func (t *Transport) handshake(ctx context.Context, tlsConn *tls.Conn,
) (cs.Conn, error) {
// There's no way to pass a context to tls.Conn.Handshake().
// See https://github.com/golang/go/issues/18482.
// Close the connection instead.
select {
case <-ctx.Done():
tlsConn.Close()
default:
}
done := make(chan struct{})
defer close(done)
go func() {
select {
case <-done:
case <-ctx.Done():
insecure.Close()
tlsConn.Close()
}
}()

Expand Down
28 changes: 11 additions & 17 deletions p2p/security/tls/transport_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,18 +26,19 @@ var _ = Describe("Transport", func() {
createPeer := func() (peer.ID, ic.PrivKey) {
var priv ic.PrivKey
if mrand.Int()%2 == 0 {
fmt.Fprintln(GinkgoWriter, " using an ECDSA key")
fmt.Fprintf(GinkgoWriter, " using an ECDSA key: ")
var err error
priv, _, err = ic.GenerateECDSAKeyPair(rand.Reader)
Expect(err).ToNot(HaveOccurred())
} else {
fmt.Fprintln(GinkgoWriter, " using an RSA key")
fmt.Fprintf(GinkgoWriter, " using an RSA key: ")
var err error
priv, _, err = ic.GenerateRSAKeyPair(1024, rand.Reader)
Expect(err).ToNot(HaveOccurred())
}
id, err := peer.IDFromPrivateKey(priv)
Expect(err).ToNot(HaveOccurred())
fmt.Fprintln(GinkgoWriter, id.Pretty())
return id, priv
}

Expand Down Expand Up @@ -65,7 +66,7 @@ var _ = Describe("Transport", func() {
Expect(err).ToNot(HaveOccurred())
identity.Config.Certificates[0].PrivateKey = key
case *ecdsa.PrivateKey:
key, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
Expect(err).ToNot(HaveOccurred())
identity.Config.Certificates[0].PrivateKey = key
default:
Expand Down Expand Up @@ -194,17 +195,14 @@ var _ = Describe("Transport", func() {
go func() {
defer GinkgoRecover()
_, err := serverTransport.SecureInbound(context.Background(), serverInsecureConn)
Expect(err).To(HaveOccurred())
Expect(err.Error()).To(Or(
ContainSubstring("crypto/rsa: verification error"),
ContainSubstring("ECDSA verification failure"),
))
Expect(err).To(MatchError("tls: invalid certificate signature"))
close(done)
}()

_, err = clientTransport.SecureOutbound(context.Background(), clientInsecureConn, serverID)
Expect(err).To(HaveOccurred())
Expect(err.Error()).To(ContainSubstring("tls: bad certificate"))
conn, err := clientTransport.SecureOutbound(context.Background(), clientInsecureConn, serverID)
Expect(err).ToNot(HaveOccurred())
_, err = conn.Read([]byte{0})
Expect(err).To(MatchError("remote error: tls: error decrypting message"))
Eventually(done).Should(BeClosed())
})

Expand All @@ -222,16 +220,12 @@ var _ = Describe("Transport", func() {
defer GinkgoRecover()
_, err := serverTransport.SecureInbound(context.Background(), serverInsecureConn)
Expect(err).To(HaveOccurred())
// TLS returns a weird error here: "remote error: tls: unexpected message"
Expect(err.Error()).To(ContainSubstring("remote error: tls:"))
close(done)
}()

_, err = clientTransport.SecureOutbound(context.Background(), clientInsecureConn, serverID)
Expect(err).To(HaveOccurred())
Expect(err.Error()).To(Or(
ContainSubstring("crypto/rsa: verification error"),
ContainSubstring("ECDSA verification failure"),
))
Expect(err).To(MatchError("tls: invalid certificate signature"))
Eventually(done).Should(BeClosed())
})
})

0 comments on commit df91dee

Please sign in to comment.