From e0eb8cdf5d663a45a5d2e5ee89532a870d8eb99b Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Wed, 6 Apr 2022 12:37:31 +0100
Subject: [PATCH 1/4] add support for WebTransport

---
 multiaddr_test.go | 1 +
 protocols.go      | 7 +++++++
 2 files changed, 8 insertions(+)

diff --git a/multiaddr_test.go b/multiaddr_test.go
index ee6ecf2..0f4445b 100644
--- a/multiaddr_test.go
+++ b/multiaddr_test.go
@@ -157,6 +157,7 @@ func TestConstructSucceeds(t *testing.T) {
 		"/ip4/127.0.0.1/tcp/1234",
 		"/ip4/127.0.0.1/tcp/1234/",
 		"/ip4/127.0.0.1/udp/1234/quic",
+		"/ip4/127.0.0.1/udp/1234/quic/webtransport",
 		"/ip4/127.0.0.1/ipfs/QmcgpsyWgH8Y8ajJz1Cu72KnS5uo2Aa2LpzU7kinSupNKC",
 		"/ip4/127.0.0.1/ipfs/QmcgpsyWgH8Y8ajJz1Cu72KnS5uo2Aa2LpzU7kinSupNKC/tcp/1234",
 		"/ip4/127.0.0.1/ipfs/k2k4r8oqamigqdo6o7hsbfwd45y70oyynp98usk7zmyfrzpqxh1pohl7",
diff --git a/protocols.go b/protocols.go
index 5895894..9f6cd64 100644
--- a/protocols.go
+++ b/protocols.go
@@ -15,6 +15,7 @@ const (
 	P_IP6ZONE           = 0x002A
 	P_IPCIDR            = 0x002B
 	P_QUIC              = 0x01CC
+	P_WEBTRANSPORT      = 0x01D1
 	P_SCTP              = 0x0084
 	P_CIRCUIT           = 0x0122
 	P_UDT               = 0x012D
@@ -178,6 +179,11 @@ var (
 		Code:  P_QUIC,
 		VCode: CodeToVarint(P_QUIC),
 	}
+	protoWEBTRANSPORT = Protocol{
+		Name:  "webtransport",
+		Code:  P_WEBTRANSPORT,
+		VCode: CodeToVarint(P_WEBTRANSPORT),
+	}
 	protoHTTP = Protocol{
 		Name:  "http",
 		Code:  P_HTTP,
@@ -257,6 +263,7 @@ func init() {
 		protoUTP,
 		protoUDT,
 		protoQUIC,
+		protoWEBTRANSPORT,
 		protoHTTP,
 		protoHTTPS,
 		protoP2P,

From 494efd07c65fa2abf7707270417dc3a3fde6e6f3 Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Wed, 6 Apr 2022 12:49:20 +0100
Subject: [PATCH 2/4] add support for certhash

---
 go.mod            |  2 +-
 multiaddr_test.go |  5 +++++
 protocols.go      |  9 +++++++++
 transcoders.go    | 12 ++++++++++++
 4 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index 837669a..8cd2d22 100644
--- a/go.mod
+++ b/go.mod
@@ -4,6 +4,7 @@ go 1.17
 
 require (
 	github.com/ipfs/go-cid v0.0.7
+	github.com/multiformats/go-multibase v0.0.3
 	github.com/multiformats/go-multihash v0.0.14
 	github.com/multiformats/go-varint v0.0.6
 	github.com/stretchr/testify v1.7.0
@@ -16,7 +17,6 @@ require (
 	github.com/mr-tron/base58 v1.1.3 // indirect
 	github.com/multiformats/go-base32 v0.0.3 // indirect
 	github.com/multiformats/go-base36 v0.1.0 // indirect
-	github.com/multiformats/go-multibase v0.0.3 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/spaolacci/murmur3 v1.1.0 // indirect
 	golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8 // indirect
diff --git a/multiaddr_test.go b/multiaddr_test.go
index 0f4445b..023d94d 100644
--- a/multiaddr_test.go
+++ b/multiaddr_test.go
@@ -74,6 +74,7 @@ func TestConstructFails(t *testing.T) {
 		"/ip4/127.0.0.1/tcp/jfodsajfidosajfoidsa",
 		"/ip4/127.0.0.1/tcp",
 		"/ip4/127.0.0.1/quic/1234",
+		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash",
 		"/ip4/127.0.0.1/ipfs",
 		"/ip4/127.0.0.1/ipfs/tcp",
 		"/ip4/127.0.0.1/p2p",
@@ -158,6 +159,8 @@ func TestConstructSucceeds(t *testing.T) {
 		"/ip4/127.0.0.1/tcp/1234/",
 		"/ip4/127.0.0.1/udp/1234/quic",
 		"/ip4/127.0.0.1/udp/1234/quic/webtransport",
+		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/zt1Zv2yaZ",
+		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/zt1Zv2yaZ/certhash/zt1Zv2yaY",
 		"/ip4/127.0.0.1/ipfs/QmcgpsyWgH8Y8ajJz1Cu72KnS5uo2Aa2LpzU7kinSupNKC",
 		"/ip4/127.0.0.1/ipfs/QmcgpsyWgH8Y8ajJz1Cu72KnS5uo2Aa2LpzU7kinSupNKC/tcp/1234",
 		"/ip4/127.0.0.1/ipfs/k2k4r8oqamigqdo6o7hsbfwd45y70oyynp98usk7zmyfrzpqxh1pohl7",
@@ -543,6 +546,8 @@ func TestRoundTrip(t *testing.T) {
 		"/ip4/127.0.0.1/tcp/123/tls",
 		"/ip4/127.0.0.1/udp/123",
 		"/ip4/127.0.0.1/udp/123/ip6/::",
+		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/zt1Zv2yaZ",
+		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/zt1Zv2yaZ/certhash/zt1Zv2yaY",
 		"/p2p/QmbHVEEepCi7rn7VL7Exxpd2Ci9NNB6ifvqwhsrbRMgQFP",
 		"/p2p/QmbHVEEepCi7rn7VL7Exxpd2Ci9NNB6ifvqwhsrbRMgQFP/unix/a/b/c",
 	} {
diff --git a/protocols.go b/protocols.go
index 9f6cd64..28b3959 100644
--- a/protocols.go
+++ b/protocols.go
@@ -16,6 +16,7 @@ const (
 	P_IPCIDR            = 0x002B
 	P_QUIC              = 0x01CC
 	P_WEBTRANSPORT      = 0x01D1
+	P_CERTHASH          = 0x01D2
 	P_SCTP              = 0x0084
 	P_CIRCUIT           = 0x0122
 	P_UDT               = 0x012D
@@ -184,6 +185,13 @@ var (
 		Code:  P_WEBTRANSPORT,
 		VCode: CodeToVarint(P_WEBTRANSPORT),
 	}
+	protoCERTHASH = Protocol{
+		Name:       "certhash",
+		Code:       P_CERTHASH,
+		VCode:      CodeToVarint(P_CERTHASH),
+		Size:       LengthPrefixedVarSize,
+		Transcoder: TranscoderCertHash,
+	}
 	protoHTTP = Protocol{
 		Name:  "http",
 		Code:  P_HTTP,
@@ -264,6 +272,7 @@ func init() {
 		protoUDT,
 		protoQUIC,
 		protoWEBTRANSPORT,
+		protoCERTHASH,
 		protoHTTP,
 		protoHTTPS,
 		protoP2P,
diff --git a/transcoders.go b/transcoders.go
index 9238ffb..4434e97 100644
--- a/transcoders.go
+++ b/transcoders.go
@@ -11,6 +11,7 @@ import (
 	"strings"
 
 	"github.com/ipfs/go-cid"
+	"github.com/multiformats/go-multibase"
 	mh "github.com/multiformats/go-multihash"
 )
 
@@ -373,3 +374,14 @@ func dnsStB(s string) ([]byte, error) {
 func dnsBtS(b []byte) (string, error) {
 	return string(b), nil
 }
+
+var TranscoderCertHash = NewTranscoderFromFunctions(certHashStB, certHashBtS, nil)
+
+func certHashStB(s string) ([]byte, error) {
+	_, data, err := multibase.Decode(s)
+	return data, err
+}
+
+func certHashBtS(b []byte) (string, error) {
+	return multibase.Encode(multibase.Base58BTC, b)
+}

From db19e64f87e0b710c96231f345c5ed718eabad8d Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Mon, 20 Jun 2022 23:05:28 +0200
Subject: [PATCH 3/4] validate that certhashes are valid multihashes

---
 multiaddr_test.go | 8 ++++----
 transcoders.go    | 8 +++++++-
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/multiaddr_test.go b/multiaddr_test.go
index 023d94d..dffd797 100644
--- a/multiaddr_test.go
+++ b/multiaddr_test.go
@@ -75,6 +75,7 @@ func TestConstructFails(t *testing.T) {
 		"/ip4/127.0.0.1/tcp",
 		"/ip4/127.0.0.1/quic/1234",
 		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash",
+		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/b2uaraocy6yrdblb4sfptaddgimjmmp", // 1 character missing from certhash
 		"/ip4/127.0.0.1/ipfs",
 		"/ip4/127.0.0.1/ipfs/tcp",
 		"/ip4/127.0.0.1/p2p",
@@ -159,8 +160,8 @@ func TestConstructSucceeds(t *testing.T) {
 		"/ip4/127.0.0.1/tcp/1234/",
 		"/ip4/127.0.0.1/udp/1234/quic",
 		"/ip4/127.0.0.1/udp/1234/quic/webtransport",
-		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/zt1Zv2yaZ",
-		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/zt1Zv2yaZ/certhash/zt1Zv2yaY",
+		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/b2uaraocy6yrdblb4sfptaddgimjmmpy",
+		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/b2uaraocy6yrdblb4sfptaddgimjmmpy/certhash/zQmbWTwYGcmdyK9CYfNBcfs9nhZs17a6FQ4Y8oea278xx41",
 		"/ip4/127.0.0.1/ipfs/QmcgpsyWgH8Y8ajJz1Cu72KnS5uo2Aa2LpzU7kinSupNKC",
 		"/ip4/127.0.0.1/ipfs/QmcgpsyWgH8Y8ajJz1Cu72KnS5uo2Aa2LpzU7kinSupNKC/tcp/1234",
 		"/ip4/127.0.0.1/ipfs/k2k4r8oqamigqdo6o7hsbfwd45y70oyynp98usk7zmyfrzpqxh1pohl7",
@@ -546,8 +547,7 @@ func TestRoundTrip(t *testing.T) {
 		"/ip4/127.0.0.1/tcp/123/tls",
 		"/ip4/127.0.0.1/udp/123",
 		"/ip4/127.0.0.1/udp/123/ip6/::",
-		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/zt1Zv2yaZ",
-		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/zt1Zv2yaZ/certhash/zt1Zv2yaY",
+		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/zQmbWTwYGcmdyK9CYfNBcfs9nhZs17a6FQ4Y8oea278xx41",
 		"/p2p/QmbHVEEepCi7rn7VL7Exxpd2Ci9NNB6ifvqwhsrbRMgQFP",
 		"/p2p/QmbHVEEepCi7rn7VL7Exxpd2Ci9NNB6ifvqwhsrbRMgQFP/unix/a/b/c",
 	} {
diff --git a/transcoders.go b/transcoders.go
index 4434e97..8707be6 100644
--- a/transcoders.go
+++ b/transcoders.go
@@ -379,7 +379,13 @@ var TranscoderCertHash = NewTranscoderFromFunctions(certHashStB, certHashBtS, ni
 
 func certHashStB(s string) ([]byte, error) {
 	_, data, err := multibase.Decode(s)
-	return data, err
+	if err != nil {
+		return nil, err
+	}
+	if _, err := mh.Decode(data); err != nil {
+		return nil, err
+	}
+	return data, nil
 }
 
 func certHashBtS(b []byte) (string, error) {

From adec8516f7674e7a6df41def118ffca8380693f5 Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Mon, 20 Jun 2022 23:08:50 +0200
Subject: [PATCH 4/4] switch to Base64Url encoding for certhashes

---
 multiaddr_test.go | 2 +-
 transcoders.go    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/multiaddr_test.go b/multiaddr_test.go
index dffd797..1eb9d73 100644
--- a/multiaddr_test.go
+++ b/multiaddr_test.go
@@ -547,7 +547,7 @@ func TestRoundTrip(t *testing.T) {
 		"/ip4/127.0.0.1/tcp/123/tls",
 		"/ip4/127.0.0.1/udp/123",
 		"/ip4/127.0.0.1/udp/123/ip6/::",
-		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/zQmbWTwYGcmdyK9CYfNBcfs9nhZs17a6FQ4Y8oea278xx41",
+		"/ip4/127.0.0.1/udp/1234/quic/webtransport/certhash/uEiDDq4_xNyDorZBH3TlGazyJdOWSwvo4PUo5YHFMrvDE8g",
 		"/p2p/QmbHVEEepCi7rn7VL7Exxpd2Ci9NNB6ifvqwhsrbRMgQFP",
 		"/p2p/QmbHVEEepCi7rn7VL7Exxpd2Ci9NNB6ifvqwhsrbRMgQFP/unix/a/b/c",
 	} {
diff --git a/transcoders.go b/transcoders.go
index 8707be6..764bb29 100644
--- a/transcoders.go
+++ b/transcoders.go
@@ -389,5 +389,5 @@ func certHashStB(s string) ([]byte, error) {
 }
 
 func certHashBtS(b []byte) (string, error) {
-	return multibase.Encode(multibase.Base58BTC, b)
+	return multibase.Encode(multibase.Base64url, b)
 }