2024-11-05 15:30:41 +00:00
|
|
|
# nim-eth
|
|
|
|
# Copyright (c) 2018-2024 Status Research & Development GmbH
|
|
|
|
# Licensed and distributed under either of
|
|
|
|
# * MIT license (license terms in the root directory or at
|
|
|
|
# https://opensource.org/licenses/MIT).
|
|
|
|
# * Apache v2 license (license terms in the root directory or at
|
|
|
|
# https://www.apache.org/licenses/LICENSE-2.0).
|
|
|
|
# at your option. This file may not be copied, modified, or distributed except
|
|
|
|
# according to those terms.
|
|
|
|
|
|
|
|
{.push raises: [], gcsafe.}
|
|
|
|
|
|
|
|
import results, chronos, ../common/keys, ./[auth, rlpxcrypt]
|
|
|
|
|
|
|
|
export results, keys
|
|
|
|
|
|
|
|
type
|
|
|
|
RlpxTransport* = ref object
|
|
|
|
stream: StreamTransport
|
|
|
|
state: SecretState
|
|
|
|
pubkey*: PublicKey
|
|
|
|
|
|
|
|
RlpxTransportError* = object of CatchableError
|
|
|
|
|
|
|
|
template `^`(arr): auto =
|
|
|
|
# passes a stack array with a matching `arrLen` variable as an open array
|
|
|
|
arr.toOpenArray(0, `arr Len` - 1)
|
|
|
|
|
|
|
|
proc initiatorHandshake(
|
|
|
|
rng: ref HmacDrbgContext,
|
|
|
|
keys: KeyPair,
|
|
|
|
stream: StreamTransport,
|
|
|
|
remotePubkey: PublicKey,
|
|
|
|
): Future[ConnectionSecret] {.
|
|
|
|
async: (raises: [CancelledError, TransportError, RlpxTransportError])
|
|
|
|
.} =
|
|
|
|
# https://github.com/ethereum/devp2p/blob/5713591d0366da78a913a811c7502d9ca91d29a8/rlpx.md#initial-handshake
|
|
|
|
var
|
|
|
|
handshake = Handshake.init(rng[], keys, {Initiator})
|
|
|
|
authMsg: array[AuthMessageMaxEIP8, byte]
|
|
|
|
|
|
|
|
let
|
|
|
|
authMsgLen = handshake.authMessage(rng[], remotePubkey, authMsg).expect(
|
|
|
|
"No errors with correctly sized buffer"
|
|
|
|
)
|
|
|
|
|
|
|
|
writeRes = await stream.write(addr authMsg[0], authMsgLen)
|
|
|
|
if writeRes != authMsgLen:
|
2024-11-08 02:44:04 +00:00
|
|
|
# TOOD raising a chronos error here is a hack - rework using something else
|
|
|
|
raise (ref TransportIncompleteError)(msg: "Could not write RLPx handshake header")
|
2024-11-05 15:30:41 +00:00
|
|
|
|
|
|
|
var ackMsg = newSeqOfCap[byte](1024)
|
|
|
|
ackMsg.setLen(MsgLenLenEIP8)
|
|
|
|
await stream.readExactly(addr ackMsg[0], len(ackMsg))
|
|
|
|
|
|
|
|
let ackMsgLen = handshake.decodeAckMsgLen(ackMsg).valueOr:
|
|
|
|
raise
|
|
|
|
(ref RlpxTransportError)(msg: "Could not decode handshake ack length: " & $error)
|
|
|
|
|
|
|
|
ackMsg.setLen(ackMsgLen)
|
|
|
|
await stream.readExactly(addr ackMsg[MsgLenLenEIP8], ackMsgLen - MsgLenLenEIP8)
|
|
|
|
|
|
|
|
handshake.decodeAckMessage(ackMsg).isOkOr:
|
|
|
|
raise (ref RlpxTransportError)(msg: "Could not decode handshake ack: " & $error)
|
|
|
|
|
|
|
|
handshake.getSecrets(^authMsg, ackMsg)
|
|
|
|
|
|
|
|
proc responderHandshake(
|
|
|
|
rng: ref HmacDrbgContext, keys: KeyPair, stream: StreamTransport
|
|
|
|
): Future[(ConnectionSecret, PublicKey)] {.
|
|
|
|
async: (raises: [CancelledError, TransportError, RlpxTransportError])
|
|
|
|
.} =
|
|
|
|
# https://github.com/ethereum/devp2p/blob/5713591d0366da78a913a811c7502d9ca91d29a8/rlpx.md#initial-handshake
|
|
|
|
var
|
|
|
|
handshake = Handshake.init(rng[], keys, {auth.Responder})
|
|
|
|
authMsg = newSeqOfCap[byte](1024)
|
|
|
|
|
|
|
|
authMsg.setLen(MsgLenLenEIP8)
|
|
|
|
await stream.readExactly(addr authMsg[0], len(authMsg))
|
|
|
|
|
|
|
|
let authMsgLen = handshake.decodeAuthMsgLen(authMsg).valueOr:
|
|
|
|
raise
|
|
|
|
(ref RlpxTransportError)(msg: "Could not decode handshake auth length: " & $error)
|
|
|
|
|
|
|
|
authMsg.setLen(authMsgLen)
|
|
|
|
await stream.readExactly(addr authMsg[MsgLenLenEIP8], authMsgLen - MsgLenLenEIP8)
|
|
|
|
|
|
|
|
handshake.decodeAuthMessage(authMsg).isOkOr:
|
|
|
|
raise (ref RlpxTransportError)(
|
|
|
|
msg: "Could not decode handshake auth message: " & $error
|
|
|
|
)
|
|
|
|
|
|
|
|
var ackMsg: array[AckMessageMaxEIP8, byte]
|
|
|
|
let ackMsgLen =
|
|
|
|
handshake.ackMessage(rng[], ackMsg).expect("no errors with correcly sized buffer")
|
|
|
|
|
|
|
|
var res = await stream.write(addr ackMsg[0], ackMsgLen)
|
|
|
|
if res != ackMsgLen:
|
2024-11-08 02:44:04 +00:00
|
|
|
# TOOD raising a chronos error here is a hack - rework using something else
|
|
|
|
raise (ref TransportIncompleteError)(msg: "Could not write RLPx ack message")
|
2024-11-05 15:30:41 +00:00
|
|
|
|
|
|
|
(handshake.getSecrets(authMsg, ^ackMsg), handshake.remoteHPubkey)
|
|
|
|
|
|
|
|
proc connect*(
|
|
|
|
_: type RlpxTransport,
|
|
|
|
rng: ref HmacDrbgContext,
|
|
|
|
keys: KeyPair,
|
|
|
|
address: TransportAddress,
|
|
|
|
remotePubkey: PublicKey,
|
|
|
|
): Future[RlpxTransport] {.
|
|
|
|
async: (raises: [CancelledError, TransportError, RlpxTransportError])
|
|
|
|
.} =
|
|
|
|
var stream = await connect(address)
|
|
|
|
|
|
|
|
try:
|
|
|
|
let secrets = await initiatorHandshake(rng, keys, stream, remotePubkey)
|
|
|
|
var res = RlpxTransport(stream: move(stream), pubkey: remotePubkey)
|
|
|
|
initSecretState(secrets, res.state)
|
|
|
|
res
|
|
|
|
finally:
|
|
|
|
if stream != nil:
|
|
|
|
stream.close()
|
|
|
|
|
|
|
|
proc accept*(
|
|
|
|
_: type RlpxTransport,
|
|
|
|
rng: ref HmacDrbgContext,
|
|
|
|
keys: KeyPair,
|
|
|
|
stream: StreamTransport,
|
|
|
|
): Future[RlpxTransport] {.
|
|
|
|
async: (raises: [CancelledError, TransportError, RlpxTransportError])
|
|
|
|
.} =
|
|
|
|
var stream = stream
|
|
|
|
try:
|
|
|
|
let (secrets, remotePubkey) = await responderHandshake(rng, keys, stream)
|
|
|
|
var res = RlpxTransport(stream: move(stream), pubkey: remotePubkey)
|
|
|
|
initSecretState(secrets, res.state)
|
|
|
|
res
|
|
|
|
finally:
|
|
|
|
if stream != nil:
|
|
|
|
stream.close()
|
|
|
|
|
|
|
|
proc recvMsg*(
|
|
|
|
transport: RlpxTransport
|
|
|
|
): Future[seq[byte]] {.
|
|
|
|
async: (raises: [CancelledError, TransportError, RlpxTransportError])
|
|
|
|
.} =
|
|
|
|
## Read an RLPx frame from the given peer
|
|
|
|
var msgHeaderEnc: RlpxEncryptedHeader
|
|
|
|
await transport.stream.readExactly(addr msgHeaderEnc[0], msgHeaderEnc.len)
|
|
|
|
|
|
|
|
let msgHeader = decryptHeader(transport.state, msgHeaderEnc).valueOr:
|
|
|
|
raise (ref RlpxTransportError)(msg: "Cannot decrypt RLPx frame header")
|
|
|
|
|
2024-11-08 02:44:04 +00:00
|
|
|
# The header has more fields than the size, but they are unused / obsolete.
|
|
|
|
# Although some clients set them, we don't check this in the spirit of EIP-8
|
2024-11-05 15:30:41 +00:00
|
|
|
# https://github.com/ethereum/devp2p/blob/5713591d0366da78a913a811c7502d9ca91d29a8/rlpx.md#framing
|
|
|
|
|
|
|
|
let msgSize = msgHeader.getBodySize()
|
|
|
|
let remainingBytes = encryptedLength(msgSize) - 32
|
|
|
|
|
|
|
|
var encryptedBytes = newSeq[byte](remainingBytes)
|
|
|
|
await transport.stream.readExactly(addr encryptedBytes[0], len(encryptedBytes))
|
|
|
|
|
|
|
|
let decryptedMaxLength = decryptedLength(msgSize) # Padded length
|
|
|
|
var msgBody = newSeq[byte](decryptedMaxLength)
|
|
|
|
|
|
|
|
if decryptBody(transport.state, encryptedBytes, msgSize, msgBody).isErr():
|
|
|
|
raise (ref RlpxTransportError)(msg: "Cannot decrypt message body")
|
|
|
|
|
|
|
|
reset(encryptedBytes) # Release memory (TODO: in-place decryption)
|
|
|
|
|
|
|
|
msgBody.setLen(msgSize) # Remove padding
|
|
|
|
msgBody
|
|
|
|
|
|
|
|
proc sendMsg*(
|
|
|
|
transport: RlpxTransport, data: seq[byte]
|
|
|
|
) {.async: (raises: [CancelledError, TransportError, RlpxTransportError]).} =
|
|
|
|
let cipherText = encryptMsg(data, transport.state)
|
|
|
|
var res = await transport.stream.write(cipherText)
|
|
|
|
if res != len(cipherText):
|
2024-11-08 02:44:04 +00:00
|
|
|
# TOOD raising a chronos error here is a hack - rework using something else
|
|
|
|
raise (ref TransportIncompleteError)(msg: "Could not complete writing message")
|
2024-11-05 15:30:41 +00:00
|
|
|
|
|
|
|
proc remoteAddress*(
|
|
|
|
transport: RlpxTransport
|
|
|
|
): TransportAddress {.raises: [TransportOsError].} =
|
|
|
|
transport.stream.remoteAddress()
|
|
|
|
|
|
|
|
proc closed*(transport: RlpxTransport): bool =
|
|
|
|
transport.stream != nil and transport.stream.closed
|
|
|
|
|
|
|
|
proc close*(transport: RlpxTransport) =
|
|
|
|
if transport.stream != nil:
|
|
|
|
transport.stream.close()
|
|
|
|
|
|
|
|
proc closeWait*(
|
|
|
|
transport: RlpxTransport
|
|
|
|
): Future[void] {.async: (raises: [], raw: true).} =
|
|
|
|
transport.stream.closeWait()
|
|
|
|
|
|
|
|
when isMainModule:
|
|
|
|
# Simple CLI application for negotiating an RLPx connection with a peer
|
|
|
|
|
|
|
|
import stew/byteutils, std/cmdline, std/strutils, eth/rlp
|
|
|
|
if paramCount() < 3:
|
|
|
|
echo "rlpxtransport ip port pubkey"
|
|
|
|
quit 1
|
|
|
|
|
|
|
|
let
|
|
|
|
rng = newRng()
|
|
|
|
kp = KeyPair.random(rng[])
|
|
|
|
|
|
|
|
echo "Local key: ", toHex(kp.pubkey.toRaw())
|
|
|
|
|
|
|
|
let client = waitFor RlpxTransport.connect(
|
|
|
|
rng,
|
|
|
|
kp,
|
|
|
|
initTAddress(paramStr(1), parseInt(paramStr(2))),
|
|
|
|
PublicKey.fromHex(paramStr(3))[],
|
|
|
|
)
|
|
|
|
|
|
|
|
proc encodeMsg(msgId: uint64, msg: auto): seq[byte] =
|
|
|
|
var rlpWriter = initRlpWriter()
|
|
|
|
rlpWriter.append msgId
|
|
|
|
rlpWriter.appendRecordType(msg, typeof(msg).rlpFieldsCount > 1)
|
|
|
|
rlpWriter.finish
|
|
|
|
|
|
|
|
waitFor client.sendMsg(
|
|
|
|
encodeMsg(
|
|
|
|
uint64 0, (uint64 4, "nimbus", @[("eth", uint64 68)], uint64 0, kp.pubkey.toRaw())
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
|
|
|
while true:
|
|
|
|
echo "Reading message"
|
|
|
|
var data = waitFor client.recvMsg()
|
|
|
|
var rlp = rlpFromBytes(data)
|
|
|
|
let msgId = rlp.read(uint64)
|
|
|
|
if msgId == 0:
|
|
|
|
echo "Hello: ",
|
|
|
|
rlp.read((uint64, string, seq[(string, uint64)], uint64, seq[byte]))
|
|
|
|
else:
|
|
|
|
echo "Unknown message ", msgId, " ", toHex(data)
|