mirror of https://github.com/status-im/nim-eth.git
Merge branch 'master' into eip-7742
This commit is contained in:
commit
660d8e8c40
|
@ -20,7 +20,8 @@ requires "nim >= 1.6.0",
|
||||||
"testutils",
|
"testutils",
|
||||||
"unittest2",
|
"unittest2",
|
||||||
"results",
|
"results",
|
||||||
"minilru"
|
"minilru",
|
||||||
|
"snappy"
|
||||||
|
|
||||||
let nimc = getEnv("NIMC", "nim") # Which nim compiler to use
|
let nimc = getEnv("NIMC", "nim") # Which nim compiler to use
|
||||||
let lang = getEnv("NIMLANG", "c") # Which backend (c/cpp/js)
|
let lang = getEnv("NIMLANG", "c") # Which backend (c/cpp/js)
|
||||||
|
|
|
@ -7,30 +7,17 @@
|
||||||
|
|
||||||
{.push raises: [].}
|
{.push raises: [].}
|
||||||
|
|
||||||
import std/typetraits, ./base, ../rlp
|
import
|
||||||
|
std/typetraits, ./base, ../rlp,
|
||||||
|
../rlp/results as rlp_results
|
||||||
|
|
||||||
export base, rlp
|
export base, rlp, rlp_results
|
||||||
|
|
||||||
# TODO why is rlp serialization of `Opt` here and not in rlp?
|
|
||||||
proc append*[T](w: var RlpWriter, val: Opt[T]) =
|
|
||||||
mixin append
|
|
||||||
|
|
||||||
if val.isSome:
|
|
||||||
w.append(val.get())
|
|
||||||
else:
|
|
||||||
w.append("")
|
|
||||||
|
|
||||||
template read*[T](rlp: var Rlp, val: var T) =
|
template read*[T](rlp: var Rlp, val: var T) =
|
||||||
mixin read
|
mixin read
|
||||||
val = rlp.read(type val)
|
val = rlp.read(type val)
|
||||||
|
|
||||||
proc read*[T](rlp: var Rlp, val: var Opt[T]) {.raises: [RlpError].} =
|
|
||||||
mixin read
|
|
||||||
if rlp.blobLen != 0:
|
|
||||||
val = Opt.some(rlp.read(T))
|
|
||||||
else:
|
|
||||||
rlp.skipElem
|
|
||||||
|
|
||||||
proc read*(rlp: var Rlp, T: type StUint): T {.raises: [RlpError].} =
|
proc read*(rlp: var Rlp, T: type StUint): T {.raises: [RlpError].} =
|
||||||
if rlp.isBlob:
|
if rlp.isBlob:
|
||||||
let bytes = rlp.toBytes
|
let bytes = rlp.toBytes
|
||||||
|
|
|
@ -18,49 +18,16 @@ type
|
||||||
address* : Address
|
address* : Address
|
||||||
amount* : uint64
|
amount* : uint64
|
||||||
|
|
||||||
DepositRequest* = object # EIP-6110
|
|
||||||
pubkey* : Bytes48
|
|
||||||
withdrawalCredentials*: Bytes32
|
|
||||||
amount* : uint64
|
|
||||||
signature* : Bytes96
|
|
||||||
index* : uint64
|
|
||||||
|
|
||||||
WithdrawalRequest* = object # EIP-7002
|
|
||||||
sourceAddress* : Address
|
|
||||||
validatorPubkey*: Bytes48
|
|
||||||
amount* : uint64
|
|
||||||
|
|
||||||
ConsolidationRequest* = object # EIP-7251
|
|
||||||
sourceAddress*: Address
|
|
||||||
sourcePubkey* : Bytes48
|
|
||||||
targetPubkey* : Bytes48
|
|
||||||
|
|
||||||
RequestType* = enum
|
|
||||||
DepositRequestType # EIP-6110
|
|
||||||
WithdrawalRequestType # EIP-7002
|
|
||||||
ConsolidationRequestType # EIP-7251
|
|
||||||
|
|
||||||
Request* = object
|
|
||||||
case requestType*: RequestType
|
|
||||||
of DepositRequestType:
|
|
||||||
deposit*: DepositRequest
|
|
||||||
of WithdrawalRequestType:
|
|
||||||
withdrawal*: WithdrawalRequest
|
|
||||||
of ConsolidationRequestType:
|
|
||||||
consolidation*: ConsolidationRequest
|
|
||||||
|
|
||||||
BlockBody* = object
|
BlockBody* = object
|
||||||
transactions*: seq[Transaction]
|
transactions*: seq[Transaction]
|
||||||
uncles*: seq[Header]
|
uncles*: seq[Header]
|
||||||
withdrawals*: Opt[seq[Withdrawal]] # EIP-4895
|
withdrawals*: Opt[seq[Withdrawal]] # EIP-4895
|
||||||
requests*: Opt[seq[Request]] # EIP-7865
|
|
||||||
|
|
||||||
Block* = object
|
Block* = object
|
||||||
header* : Header
|
header* : Header
|
||||||
transactions*: seq[Transaction]
|
transactions*: seq[Transaction]
|
||||||
uncles* : seq[Header]
|
uncles* : seq[Header]
|
||||||
withdrawals*: Opt[seq[Withdrawal]] # EIP-4895
|
withdrawals*: Opt[seq[Withdrawal]] # EIP-4895
|
||||||
requests*: Opt[seq[Request]] # EIP-7865
|
|
||||||
|
|
||||||
const
|
const
|
||||||
EMPTY_UNCLE_HASH* = hash32"1dcc4de8dec75d7aab85b567b6ccd41ad312451b948a7413f0a142fd40d49347"
|
EMPTY_UNCLE_HASH* = hash32"1dcc4de8dec75d7aab85b567b6ccd41ad312451b948a7413f0a142fd40d49347"
|
||||||
|
@ -77,15 +44,3 @@ func init*(T: type Block, header: Header, body: BlockBody): T =
|
||||||
template txs*(blk: Block): seq[Transaction] =
|
template txs*(blk: Block): seq[Transaction] =
|
||||||
# Legacy name emulation
|
# Legacy name emulation
|
||||||
blk.transactions
|
blk.transactions
|
||||||
|
|
||||||
func `==`*(a, b: Request): bool =
|
|
||||||
if a.requestType != b.requestType:
|
|
||||||
return false
|
|
||||||
|
|
||||||
case a.requestType
|
|
||||||
of DepositRequestType:
|
|
||||||
a.deposit == b.deposit
|
|
||||||
of WithdrawalRequestType:
|
|
||||||
a.withdrawal == b.withdrawal
|
|
||||||
of ConsolidationRequestType:
|
|
||||||
a.consolidation == b.consolidation
|
|
||||||
|
|
|
@ -12,146 +12,3 @@ import ./[addresses_rlp, blocks, base_rlp, hashes_rlp], ../rlp
|
||||||
from stew/objects import checkedEnumAssign
|
from stew/objects import checkedEnumAssign
|
||||||
|
|
||||||
export addresses_rlp, blocks, base_rlp, hashes_rlp, rlp
|
export addresses_rlp, blocks, base_rlp, hashes_rlp, rlp
|
||||||
|
|
||||||
proc append*(rlpWriter: var RlpWriter, request: DepositRequest) =
|
|
||||||
rlpWriter.appendRawBytes([DepositRequestType.byte])
|
|
||||||
rlpWriter.startList(5)
|
|
||||||
rlpWriter.append(request.pubkey)
|
|
||||||
rlpWriter.append(request.withdrawalCredentials)
|
|
||||||
rlpWriter.append(request.amount)
|
|
||||||
rlpWriter.append(request.signature)
|
|
||||||
rlpWriter.append(request.index)
|
|
||||||
|
|
||||||
proc read*(rlp: var Rlp, T: type DepositRequest): T {.raises: [RlpError].} =
|
|
||||||
if not rlp.hasData:
|
|
||||||
raise (ref MalformedRlpError)(
|
|
||||||
msg: "DepositRequestType expected but source RLP is empty"
|
|
||||||
)
|
|
||||||
let reqType = rlp.readRawByte()
|
|
||||||
if reqType != DepositRequestType:
|
|
||||||
raise (ref UnsupportedRlpError)(msg: "Unexpected DepositRequestType: " & $reqType)
|
|
||||||
|
|
||||||
var res: DepositRequest
|
|
||||||
rlp.tryEnterList()
|
|
||||||
rlp.read(res.pubkey)
|
|
||||||
rlp.read(res.withdrawalCredentials)
|
|
||||||
rlp.read(res.amount)
|
|
||||||
rlp.read(res.signature)
|
|
||||||
rlp.read(res.index)
|
|
||||||
if rlp.hasData:
|
|
||||||
raise (ref MalformedRlpError)(msg: "Extra data after DepositRequest")
|
|
||||||
res
|
|
||||||
|
|
||||||
proc append*(rlpWriter: var RlpWriter, request: WithdrawalRequest) =
|
|
||||||
rlpWriter.appendRawBytes([WithdrawalRequestType.byte])
|
|
||||||
rlpWriter.startList(3)
|
|
||||||
rlpWriter.append(request.sourceAddress)
|
|
||||||
rlpWriter.append(request.validatorPubkey)
|
|
||||||
rlpWriter.append(request.amount)
|
|
||||||
|
|
||||||
proc read*(rlp: var Rlp, T: type WithdrawalRequest): T {.raises: [RlpError].} =
|
|
||||||
if not rlp.hasData:
|
|
||||||
raise (ref MalformedRlpError)(
|
|
||||||
msg: "WithdrawalRequestType expected but source RLP is empty"
|
|
||||||
)
|
|
||||||
let reqType = rlp.readRawByte()
|
|
||||||
if reqType != WithdrawalRequestType:
|
|
||||||
raise
|
|
||||||
(ref UnsupportedRlpError)(msg: "Unexpected WithdrawalRequestType: " & $reqType)
|
|
||||||
|
|
||||||
var res: WithdrawalRequest
|
|
||||||
rlp.tryEnterList()
|
|
||||||
rlp.read(res.sourceAddress)
|
|
||||||
rlp.read(res.validatorPubkey)
|
|
||||||
rlp.read(res.amount)
|
|
||||||
if rlp.hasData:
|
|
||||||
raise (ref MalformedRlpError)(msg: "Extra data after WithdrawalRequest")
|
|
||||||
res
|
|
||||||
|
|
||||||
proc append*(rlpWriter: var RlpWriter, request: ConsolidationRequest) =
|
|
||||||
rlpWriter.appendRawBytes([ConsolidationRequestType.byte])
|
|
||||||
rlpWriter.startList(3)
|
|
||||||
rlpWriter.append(request.sourceAddress)
|
|
||||||
rlpWriter.append(request.sourcePubkey)
|
|
||||||
rlpWriter.append(request.targetPubkey)
|
|
||||||
|
|
||||||
proc read*(rlp: var Rlp, T: type ConsolidationRequest): T {.raises: [RlpError].} =
|
|
||||||
if not rlp.hasData:
|
|
||||||
raise (ref MalformedRlpError)(
|
|
||||||
msg: "ConsolidationRequestType expected but source RLP is empty"
|
|
||||||
)
|
|
||||||
let reqType = rlp.readRawByte()
|
|
||||||
if reqType != ConsolidationRequestType:
|
|
||||||
raise
|
|
||||||
(ref UnsupportedRlpError)(msg: "Unexpected ConsolidationRequestType: " & $reqType)
|
|
||||||
|
|
||||||
var res: ConsolidationRequest
|
|
||||||
rlp.tryEnterList()
|
|
||||||
rlp.read(res.sourceAddress)
|
|
||||||
rlp.read(res.sourcePubkey)
|
|
||||||
rlp.read(res.targetPubkey)
|
|
||||||
if rlp.hasData:
|
|
||||||
raise (ref MalformedRlpError)(msg: "Extra data after ConsolidationRequest")
|
|
||||||
res
|
|
||||||
|
|
||||||
proc append*(rlpWriter: var RlpWriter, request: Request) =
|
|
||||||
case request.requestType
|
|
||||||
of DepositRequestType:
|
|
||||||
rlpWriter.append(request.deposit)
|
|
||||||
of WithdrawalRequestType:
|
|
||||||
rlpWriter.append(request.withdrawal)
|
|
||||||
of ConsolidationRequestType:
|
|
||||||
rlpWriter.append(request.consolidation)
|
|
||||||
|
|
||||||
proc append*(rlpWriter: var RlpWriter, reqs: seq[Request] | openArray[Request]) =
|
|
||||||
rlpWriter.startList(reqs.len)
|
|
||||||
for req in reqs:
|
|
||||||
rlpWriter.append(rlp.encode(req))
|
|
||||||
|
|
||||||
proc read*(rlp: var Rlp, T: type Request): T {.raises: [RlpError].} =
|
|
||||||
if not rlp.hasData:
|
|
||||||
raise newException(MalformedRlpError, "Request expected but source RLP is empty")
|
|
||||||
if not rlp.isSingleByte:
|
|
||||||
raise newException(
|
|
||||||
MalformedRlpError, "RequestType byte is out of range, must be 0x00 to 0x7f"
|
|
||||||
)
|
|
||||||
|
|
||||||
let reqType = rlp.getByteValue
|
|
||||||
rlp.position += 1
|
|
||||||
|
|
||||||
var reqVal: RequestType
|
|
||||||
if checkedEnumAssign(reqVal, reqType):
|
|
||||||
result = Request(requestType: reqVal)
|
|
||||||
rlp.tryEnterList()
|
|
||||||
case reqVal
|
|
||||||
of DepositRequestType:
|
|
||||||
rlp.read(result.deposit.pubkey)
|
|
||||||
rlp.read(result.deposit.withdrawalCredentials)
|
|
||||||
rlp.read(result.deposit.amount)
|
|
||||||
rlp.read(result.deposit.signature)
|
|
||||||
rlp.read(result.deposit.index)
|
|
||||||
of WithdrawalRequestType:
|
|
||||||
rlp.read(result.withdrawal.sourceAddress)
|
|
||||||
rlp.read(result.withdrawal.validatorPubkey)
|
|
||||||
rlp.read(result.withdrawal.amount)
|
|
||||||
of ConsolidationRequestType:
|
|
||||||
rlp.read(result.consolidation.sourceAddress)
|
|
||||||
rlp.read(result.consolidation.sourcePubkey)
|
|
||||||
rlp.read(result.consolidation.targetPubkey)
|
|
||||||
else:
|
|
||||||
raise (ref UnsupportedRlpError)(msg: "Unexpected RequestType: " & $reqType)
|
|
||||||
|
|
||||||
proc read*(
|
|
||||||
rlp: var Rlp, T: (type seq[Request]) | (type openArray[Request])
|
|
||||||
): seq[Request] {.raises: [RlpError].} =
|
|
||||||
if not rlp.isList:
|
|
||||||
raise newException(
|
|
||||||
RlpTypeMismatch, "Requests list expected, but source RLP is not a list"
|
|
||||||
)
|
|
||||||
|
|
||||||
var reqs: seq[Request]
|
|
||||||
for item in rlp:
|
|
||||||
var rr = rlpFromBytes(rlp.read(seq[byte]))
|
|
||||||
reqs.add rr.read(Request)
|
|
||||||
|
|
||||||
reqs
|
|
||||||
|
|
|
@ -30,5 +30,11 @@ template keccakHash*(v: Address): Hash32 {.deprecated.} =
|
||||||
|
|
||||||
from nimcrypto/hash import MDigest
|
from nimcrypto/hash import MDigest
|
||||||
|
|
||||||
converter toMDigest*(v: Hash32): MDigest[256] {.deprecated.} =
|
# TODO https://github.com/nim-lang/Nim/issues/24241
|
||||||
|
when (NimMajor, NimMinor) >= (2, 12) or defined(ethDigestConverterWarning):
|
||||||
|
{.pragma: convdeprecated, deprecated.}
|
||||||
|
else:
|
||||||
|
{.pragma: convdeprecated.}
|
||||||
|
|
||||||
|
converter toMDigest*(v: Hash32): MDigest[256] {.convdeprecated.} =
|
||||||
MDigest[256](data: v.data)
|
MDigest[256](data: v.data)
|
||||||
|
|
|
@ -33,14 +33,11 @@ type
|
||||||
EthAccount* = Account
|
EthAccount* = Account
|
||||||
EthAddress* = Address
|
EthAddress* = Address
|
||||||
EthBlock* = Block
|
EthBlock* = Block
|
||||||
EthConsolidationRequest* = ConsolidationRequest
|
|
||||||
EthDepositRequest* = DepositRequest
|
|
||||||
EthHash32* = Hash32
|
EthHash32* = Hash32
|
||||||
EthHeader* = Header
|
EthHeader* = Header
|
||||||
EthTransaction* = Transaction
|
EthTransaction* = Transaction
|
||||||
EthReceipt* = Receipt
|
EthReceipt* = Receipt
|
||||||
EthWithdrawal* = Withdrawal
|
EthWithdrawal* = Withdrawal
|
||||||
EthWithdrawalRequest* = WithdrawalRequest
|
|
||||||
|
|
||||||
func init*(T: type BlockHashOrNumber, str: string): T {.raises: [ValueError].} =
|
func init*(T: type BlockHashOrNumber, str: string): T {.raises: [ValueError].} =
|
||||||
if str.startsWith "0x":
|
if str.startsWith "0x":
|
||||||
|
|
|
@ -6,13 +6,13 @@
|
||||||
|
|
||||||
import
|
import
|
||||||
"."/[
|
"."/[
|
||||||
accounts_rlp, addresses_rlp, base_rlp, blocks_rlp, eth_types, hashes_rlp,
|
accounts_rlp, addresses_rlp, base_rlp, eth_types, hashes_rlp,
|
||||||
headers_rlp, receipts_rlp, times_rlp, transactions_rlp,
|
headers_rlp, receipts_rlp, times_rlp, transactions_rlp,
|
||||||
],
|
],
|
||||||
../rlp
|
../rlp
|
||||||
|
|
||||||
export
|
export
|
||||||
accounts_rlp, addresses_rlp, base_rlp, blocks_rlp, eth_types, hashes_rlp,
|
accounts_rlp, addresses_rlp, base_rlp, eth_types, hashes_rlp,
|
||||||
headers_rlp, receipts_rlp, times_rlp, transactions_rlp, rlp
|
headers_rlp, receipts_rlp, times_rlp, transactions_rlp, rlp
|
||||||
|
|
||||||
proc append*(rlpWriter: var RlpWriter, value: BlockHashOrNumber) =
|
proc append*(rlpWriter: var RlpWriter, value: BlockHashOrNumber) =
|
||||||
|
|
10
eth/p2p.nim
10
eth/p2p.nim
|
@ -27,7 +27,7 @@ proc addCapability*(node: EthereumNode,
|
||||||
|
|
||||||
let pos = lowerBound(node.protocols, p, rlpx.cmp)
|
let pos = lowerBound(node.protocols, p, rlpx.cmp)
|
||||||
node.protocols.insert(p, pos)
|
node.protocols.insert(p, pos)
|
||||||
node.capabilities.insert(p.asCapability, pos)
|
node.capabilities.insert(p.capability, pos)
|
||||||
|
|
||||||
if p.networkStateInitializer != nil and networkState.isNil:
|
if p.networkStateInitializer != nil and networkState.isNil:
|
||||||
node.protocolStates[p.index] = p.networkStateInitializer(node)
|
node.protocolStates[p.index] = p.networkStateInitializer(node)
|
||||||
|
@ -79,12 +79,11 @@ proc newEthereumNode*(
|
||||||
networkId: NetworkId,
|
networkId: NetworkId,
|
||||||
clientId = "nim-eth-p2p",
|
clientId = "nim-eth-p2p",
|
||||||
addAllCapabilities = true,
|
addAllCapabilities = true,
|
||||||
useCompression: bool = false,
|
|
||||||
minPeers = 10,
|
minPeers = 10,
|
||||||
bootstrapNodes: seq[ENode] = @[],
|
bootstrapNodes: seq[ENode] = @[],
|
||||||
bindUdpPort: Port,
|
bindUdpPort: Port,
|
||||||
bindTcpPort: Port,
|
bindTcpPort: Port,
|
||||||
bindIp = IPv4_any(),
|
bindIp = IPv6_any(),
|
||||||
rng = newRng()): EthereumNode =
|
rng = newRng()): EthereumNode =
|
||||||
|
|
||||||
if rng == nil: # newRng could fail
|
if rng == nil: # newRng could fail
|
||||||
|
@ -105,11 +104,6 @@ proc newEthereumNode*(
|
||||||
keys.seckey, address, bootstrapNodes, bindUdpPort, bindIp, rng)
|
keys.seckey, address, bootstrapNodes, bindUdpPort, bindIp, rng)
|
||||||
|
|
||||||
result.rng = rng
|
result.rng = rng
|
||||||
|
|
||||||
when useSnappy:
|
|
||||||
result.protocolVersion = if useCompression: devp2pSnappyVersion
|
|
||||||
else: devp2pVersion
|
|
||||||
|
|
||||||
result.protocolStates.newSeq protocolCount()
|
result.protocolStates.newSeq protocolCount()
|
||||||
|
|
||||||
result.peerPool = newPeerPool(
|
result.peerPool = newPeerPool(
|
||||||
|
|
532
eth/p2p/auth.nim
532
eth/p2p/auth.nim
|
@ -8,7 +8,10 @@
|
||||||
# MIT license (LICENSE-MIT)
|
# MIT license (LICENSE-MIT)
|
||||||
#
|
#
|
||||||
|
|
||||||
## This module implements Ethereum RLPx authentication
|
## This module implements Ethereum EIP-8 RLPx authentication - pre-EIP-8
|
||||||
|
## messages are not supported
|
||||||
|
## https://github.com/ethereum/devp2p/blob/5713591d0366da78a913a811c7502d9ca91d29a8/rlpx.md#initial-handshake
|
||||||
|
## https://github.com/ethereum/EIPs/blob/b479473414cf94445b450c266a9dedc079a12158/EIPS/eip-8.md
|
||||||
|
|
||||||
{.push raises: [].}
|
{.push raises: [].}
|
||||||
|
|
||||||
|
@ -25,79 +28,70 @@ export results
|
||||||
type keccak256 = keccak.keccak256
|
type keccak256 = keccak.keccak256
|
||||||
|
|
||||||
const
|
const
|
||||||
SupportedRlpxVersion* = 4'u8
|
|
||||||
|
|
||||||
# Auth message sizes
|
# Auth message sizes
|
||||||
|
MsgLenLenEIP8* = 2
|
||||||
|
## auth-size = size of enc-auth-body, encoded as a big-endian 16-bit integer
|
||||||
|
## ack-size = size of enc-ack-body, encoded as a big-endian 16-bit integer
|
||||||
|
|
||||||
# Pre EIP8
|
MinPadLenEIP8* = 100
|
||||||
PlainAuthMessageV4Length* = 194
|
MaxPadLenEIP8* = 300
|
||||||
AuthMessageV4Length* = 307
|
## Padding makes message length unpredictable which makes packet filtering
|
||||||
|
## a tiny bit harder - although not necessary any more, we always add at
|
||||||
|
## least 100 bytes of padding to make the message distinguishable from
|
||||||
|
## pre-EIP8 and at most 200 to stay within recommendation
|
||||||
|
|
||||||
# EIP8
|
# signature + pubkey + nonce + version + rlp encoding overhead
|
||||||
# signature + pubkey + nounce + version + rlp encoding overhead
|
|
||||||
# 65 + 64 + 32 + 1 + 7 = 169
|
# 65 + 64 + 32 + 1 + 7 = 169
|
||||||
PlainAuthMessageEIP8Length = 169
|
PlainAuthMessageEIP8Length = 169
|
||||||
PlainAuthMessageMaxEIP8* = PlainAuthMessageEIP8Length + 255 # with padding
|
PlainAuthMessageMaxEIP8 = PlainAuthMessageEIP8Length + MaxPadLenEIP8
|
||||||
# Min. encrypted message + size prefix = 284
|
# Min. encrypted message + size prefix = 284
|
||||||
AuthMessageEIP8Length* = PlainAuthMessageEIP8Length + eciesOverheadLength + 2
|
AuthMessageEIP8Length* =
|
||||||
AuthMessageMaxEIP8* = AuthMessageEIP8Length + 255 # with padding
|
eciesEncryptedLength(PlainAuthMessageEIP8Length) + MsgLenLenEIP8
|
||||||
|
AuthMessageMaxEIP8* = AuthMessageEIP8Length + MaxPadLenEIP8
|
||||||
|
## Minimal output buffer size to pass into `authMessage`
|
||||||
|
|
||||||
# Ack message sizes
|
# Ack message sizes
|
||||||
|
|
||||||
# Pre EIP8
|
|
||||||
PlainAckMessageV4Length* = 97
|
|
||||||
AckMessageV4Length* = 210
|
|
||||||
|
|
||||||
# EIP 8
|
|
||||||
# pubkey + nounce + version + rlp encoding overhead
|
# pubkey + nounce + version + rlp encoding overhead
|
||||||
# 64 + 32 + 1 + 5 = 102
|
# 64 + 32 + 1 + 5 = 102
|
||||||
PlainAckMessageEIP8Length* = 102
|
PlainAckMessageEIP8Length = 102
|
||||||
PlainAckMessageMaxEIP8* = PlainAckMessageEIP8Length + 255 # with padding
|
PlainAckMessageMaxEIP8 = PlainAckMessageEIP8Length + MaxPadLenEIP8
|
||||||
# Min. encrypted message + size prefix = 217
|
# Min. encrypted message + size prefix = 217
|
||||||
AckMessageEIP8Length* = PlainAckMessageEIP8Length + eciesOverheadLength + 2
|
AckMessageEIP8Length* =
|
||||||
AckMessageMaxEIP8* = AckMessageEIP8Length + 255 # with padding
|
eciesEncryptedLength(PlainAckMessageEIP8Length) + MsgLenLenEIP8
|
||||||
|
AckMessageMaxEIP8* = AckMessageEIP8Length + MaxPadLenEIP8
|
||||||
|
## Minimal output buffer size to pass into `ackMessage`
|
||||||
|
|
||||||
|
Vsn = [byte 4]
|
||||||
|
## auth-vsn = 4
|
||||||
|
## ack-vsn = 4
|
||||||
|
|
||||||
type
|
type
|
||||||
Nonce* = array[KeyLength, byte]
|
Nonce* = array[KeyLength, byte]
|
||||||
|
|
||||||
AuthMessageV4* {.packed.} = object
|
|
||||||
signature: array[RawSignatureSize, byte]
|
|
||||||
keyhash: array[keccak256.sizeDigest, byte]
|
|
||||||
pubkey: array[RawPublicKeySize, byte]
|
|
||||||
nonce: array[keccak256.sizeDigest, byte]
|
|
||||||
flag: byte
|
|
||||||
|
|
||||||
AckMessageV4* {.packed.} = object
|
|
||||||
pubkey: array[RawPublicKeySize, byte]
|
|
||||||
nonce: array[keccak256.sizeDigest, byte]
|
|
||||||
flag: byte
|
|
||||||
|
|
||||||
HandshakeFlag* = enum
|
HandshakeFlag* = enum
|
||||||
Initiator, ## `Handshake` owner is connection initiator
|
Initiator ## `Handshake` owner is connection initiator
|
||||||
Responder, ## `Handshake` owner is connection responder
|
Responder ## `Handshake` owner is connection responder
|
||||||
EIP8 ## Flag indicates that EIP-8 handshake is used
|
|
||||||
|
|
||||||
AuthError* = enum
|
AuthError* = enum
|
||||||
EcdhError = "auth: ECDH shared secret could not be calculated"
|
EcdhError = "auth: ECDH shared secret could not be calculated"
|
||||||
BufferOverrun = "auth: buffer overrun"
|
BufferOverrun = "auth: buffer overrun"
|
||||||
SignatureError = "auth: signature could not be obtained"
|
SignatureError = "auth: signature could not be obtained"
|
||||||
EciesError = "auth: ECIES encryption/decryption error"
|
EciesError = "auth: ECIES encryption/decryption error"
|
||||||
InvalidPubKey = "auth: invalid public key"
|
InvalidPubKey = "auth: invalid public key"
|
||||||
InvalidAuth = "auth: invalid Authentication message"
|
InvalidAuth = "auth: invalid Authentication message"
|
||||||
InvalidAck = "auth: invalid Authentication ACK message"
|
InvalidAck = "auth: invalid Authentication ACK message"
|
||||||
RlpError = "auth: error while decoding RLP stream"
|
RlpError = "auth: error while decoding RLP stream"
|
||||||
IncompleteError = "auth: data incomplete"
|
IncompleteError = "auth: data incomplete"
|
||||||
|
|
||||||
Handshake* = object
|
Handshake* = object
|
||||||
version*: uint8 ## protocol version
|
flags*: set[HandshakeFlag] ## handshake flags
|
||||||
flags*: set[HandshakeFlag] ## handshake flags
|
host*: KeyPair ## host keypair
|
||||||
host*: KeyPair ## host keypair
|
ephemeral*: KeyPair ## ephemeral host keypair
|
||||||
ephemeral*: KeyPair ## ephemeral host keypair
|
remoteHPubkey*: PublicKey ## remote host public key
|
||||||
remoteHPubkey*: PublicKey ## remote host public key
|
remoteEPubkey*: PublicKey ## remote host ephemeral public key
|
||||||
remoteEPubkey*: PublicKey ## remote host ephemeral public key
|
initiatorNonce*: Nonce ## initiator nonce
|
||||||
initiatorNonce*: Nonce ## initiator nonce
|
responderNonce*: Nonce ## responder nonce
|
||||||
responderNonce*: Nonce ## responder nonce
|
|
||||||
expectedLength*: int ## expected incoming message length
|
|
||||||
|
|
||||||
ConnectionSecret* = object
|
ConnectionSecret* = object
|
||||||
aesKey*: array[aes256.sizeKey, byte]
|
aesKey*: array[aes256.sizeKey, byte]
|
||||||
|
@ -111,291 +105,163 @@ template toa(a, b, c: untyped): untyped =
|
||||||
toOpenArray((a), (b), (b) + (c) - 1)
|
toOpenArray((a), (b), (b) + (c) - 1)
|
||||||
|
|
||||||
proc mapErrTo[T, E](r: Result[T, E], v: static AuthError): AuthResult[T] =
|
proc mapErrTo[T, E](r: Result[T, E], v: static AuthError): AuthResult[T] =
|
||||||
r.mapErr(proc (e: E): AuthError = v)
|
r.mapErr(
|
||||||
|
proc(e: E): AuthError =
|
||||||
|
v
|
||||||
|
)
|
||||||
|
|
||||||
proc init*(
|
proc init*(
|
||||||
T: type Handshake, rng: var HmacDrbgContext, host: KeyPair,
|
T: type Handshake,
|
||||||
flags: set[HandshakeFlag] = {Initiator},
|
rng: var HmacDrbgContext,
|
||||||
version: uint8 = SupportedRlpxVersion): T =
|
host: KeyPair,
|
||||||
|
flags: set[HandshakeFlag],
|
||||||
|
): T =
|
||||||
## Create new `Handshake` object.
|
## Create new `Handshake` object.
|
||||||
var
|
var
|
||||||
initiatorNonce: Nonce
|
initiatorNonce: Nonce
|
||||||
responderNonce: Nonce
|
responderNonce: Nonce
|
||||||
expectedLength: int
|
|
||||||
ephemeral = KeyPair.random(rng)
|
ephemeral = KeyPair.random(rng)
|
||||||
|
|
||||||
if Initiator in flags:
|
if Initiator in flags:
|
||||||
expectedLength = AckMessageV4Length
|
|
||||||
rng.generate(initiatorNonce)
|
rng.generate(initiatorNonce)
|
||||||
else:
|
else:
|
||||||
expectedLength = AuthMessageV4Length
|
|
||||||
rng.generate(responderNonce)
|
rng.generate(responderNonce)
|
||||||
|
|
||||||
return T(
|
return T(
|
||||||
version: version,
|
|
||||||
flags: flags,
|
flags: flags,
|
||||||
host: host,
|
host: host,
|
||||||
ephemeral: ephemeral,
|
ephemeral: ephemeral,
|
||||||
initiatorNonce: initiatorNonce,
|
initiatorNonce: initiatorNonce,
|
||||||
responderNonce: responderNonce,
|
responderNonce: responderNonce,
|
||||||
expectedLength: expectedLength
|
|
||||||
)
|
)
|
||||||
|
|
||||||
proc authMessagePreEIP8(h: var Handshake,
|
proc authMessage*(
|
||||||
rng: var HmacDrbgContext,
|
h: var Handshake,
|
||||||
pubkey: PublicKey,
|
rng: var HmacDrbgContext,
|
||||||
output: var openArray[byte],
|
pubkey: PublicKey,
|
||||||
outlen: var int,
|
output: var openArray[byte],
|
||||||
flag: byte = 0,
|
): AuthResult[int] =
|
||||||
encrypt: bool = true): AuthResult[void] =
|
## Create EIP8 authentication message - returns length of encoded message
|
||||||
## Create plain pre-EIP8 authentication message.
|
## The output should be a buffer of AuthMessageMaxEIP8 bytes at least.
|
||||||
var
|
if len(output) < AuthMessageMaxEIP8:
|
||||||
buffer: array[PlainAuthMessageV4Length, byte]
|
return err(AuthError.BufferOverrun)
|
||||||
outlen = 0
|
|
||||||
let header = cast[ptr AuthMessageV4](addr buffer[0])
|
|
||||||
|
|
||||||
var secret = ecdhSharedSecret(h.host.seckey, pubkey)
|
var padsize = int(rng.generate(byte))
|
||||||
secret.data = secret.data xor h.initiatorNonce
|
while padsize > (MaxPadLenEIP8 - MinPadLenEIP8):
|
||||||
|
|
||||||
let signature = sign(h.ephemeral.seckey, SkMessage(secret.data))
|
|
||||||
secret.clear()
|
|
||||||
|
|
||||||
h.remoteHPubkey = pubkey
|
|
||||||
header.signature = signature.toRaw()
|
|
||||||
header.keyhash = keccak256.digest(h.ephemeral.pubkey.toRaw()).data
|
|
||||||
header.pubkey = h.host.pubkey.toRaw()
|
|
||||||
header.nonce = h.initiatorNonce
|
|
||||||
header.flag = flag
|
|
||||||
if encrypt:
|
|
||||||
if len(output) < AuthMessageV4Length:
|
|
||||||
return err(AuthError.BufferOverrun)
|
|
||||||
if eciesEncrypt(rng, buffer, output, h.remoteHPubkey).isErr:
|
|
||||||
return err(AuthError.EciesError)
|
|
||||||
outlen = AuthMessageV4Length
|
|
||||||
else:
|
|
||||||
if len(output) < PlainAuthMessageV4Length:
|
|
||||||
return err(AuthError.BufferOverrun)
|
|
||||||
copyMem(addr output[0], addr buffer[0], PlainAuthMessageV4Length)
|
|
||||||
outlen = PlainAuthMessageV4Length
|
|
||||||
|
|
||||||
ok()
|
|
||||||
|
|
||||||
proc authMessageEIP8(h: var Handshake,
|
|
||||||
rng: var HmacDrbgContext,
|
|
||||||
pubkey: PublicKey,
|
|
||||||
output: var openArray[byte],
|
|
||||||
outlen: var int,
|
|
||||||
flag: byte = 0,
|
|
||||||
encrypt: bool = true): AuthResult[void] =
|
|
||||||
## Create EIP8 authentication message.
|
|
||||||
var
|
|
||||||
buffer: array[PlainAuthMessageMaxEIP8, byte]
|
|
||||||
|
|
||||||
doAssert(EIP8 in h.flags)
|
|
||||||
outlen = 0
|
|
||||||
|
|
||||||
var secret = ecdhSharedSecret(h.host.seckey, pubkey)
|
|
||||||
secret.data = secret.data xor h.initiatorNonce
|
|
||||||
|
|
||||||
let signature = sign(h.ephemeral.seckey, SkMessage(secret.data))
|
|
||||||
secret.clear()
|
|
||||||
|
|
||||||
h.remoteHPubkey = pubkey
|
|
||||||
var payload = rlp.encodeList(signature.toRaw(),
|
|
||||||
h.host.pubkey.toRaw(),
|
|
||||||
h.initiatorNonce,
|
|
||||||
[byte(h.version)])
|
|
||||||
doAssert(len(payload) == PlainAuthMessageEIP8Length)
|
|
||||||
let
|
|
||||||
pencsize = eciesEncryptedLength(len(payload))
|
|
||||||
|
|
||||||
var padsize = int(rng.generate(byte)) # aka rand(max)
|
|
||||||
while padsize <= (AuthMessageV4Length - (pencsize + 2)):
|
|
||||||
padsize = int(rng.generate(byte))
|
padsize = int(rng.generate(byte))
|
||||||
|
padsize += MinPadLenEIP8
|
||||||
|
|
||||||
# It is possible to make packet size constant by uncommenting this line
|
|
||||||
# padsize = 24
|
|
||||||
let
|
let
|
||||||
|
pencsize = eciesEncryptedLength(PlainAuthMessageEIP8Length)
|
||||||
wosize = pencsize + padsize
|
wosize = pencsize + padsize
|
||||||
fullsize = wosize + 2
|
fullsize = wosize + 2
|
||||||
|
|
||||||
rng.generate(toa(buffer, PlainAuthMessageEIP8Length, padsize))
|
doAssert fullsize <= len(output), "We checked against max possible length above"
|
||||||
|
|
||||||
if encrypt:
|
|
||||||
if len(output) < fullsize:
|
|
||||||
return err(AuthError.BufferOverrun)
|
|
||||||
|
|
||||||
copyMem(addr buffer[0], addr payload[0], len(payload))
|
|
||||||
|
|
||||||
let wosizeBE = uint16(wosize).toBytesBE()
|
|
||||||
output[0..<2] = wosizeBE
|
|
||||||
if eciesEncrypt(rng, toa(buffer, 0, len(payload) + padsize),
|
|
||||||
toa(output, 2, wosize), pubkey,
|
|
||||||
toa(output, 0, 2)).isErr:
|
|
||||||
return err(AuthError.EciesError)
|
|
||||||
outlen = fullsize
|
|
||||||
else:
|
|
||||||
let plainsize = len(payload) + padsize
|
|
||||||
if len(output) < plainsize:
|
|
||||||
return err(AuthError.BufferOverrun)
|
|
||||||
copyMem(addr output[0], addr buffer[0], plainsize)
|
|
||||||
outlen = plainsize
|
|
||||||
|
|
||||||
ok()
|
|
||||||
|
|
||||||
proc ackMessagePreEIP8(h: var Handshake,
|
|
||||||
rng: var HmacDrbgContext,
|
|
||||||
output: var openArray[byte],
|
|
||||||
outlen: var int,
|
|
||||||
flag: byte = 0,
|
|
||||||
encrypt: bool = true): AuthResult[void] =
|
|
||||||
## Create plain pre-EIP8 authentication ack message.
|
|
||||||
var buffer: array[PlainAckMessageV4Length, byte]
|
|
||||||
outlen = 0
|
|
||||||
let header = cast[ptr AckMessageV4](addr buffer[0])
|
|
||||||
header.pubkey = h.ephemeral.pubkey.toRaw()
|
|
||||||
header.nonce = h.responderNonce
|
|
||||||
header.flag = flag
|
|
||||||
if encrypt:
|
|
||||||
if len(output) < AckMessageV4Length:
|
|
||||||
return err(AuthError.BufferOverrun)
|
|
||||||
if eciesEncrypt(rng, buffer, output, h.remoteHPubkey).isErr:
|
|
||||||
return err(AuthError.EciesError)
|
|
||||||
outlen = AckMessageV4Length
|
|
||||||
else:
|
|
||||||
if len(output) < PlainAckMessageV4Length:
|
|
||||||
return err(AuthError.BufferOverrun)
|
|
||||||
copyMem(addr output[0], addr buffer[0], PlainAckMessageV4Length)
|
|
||||||
outlen = PlainAckMessageV4Length
|
|
||||||
|
|
||||||
ok()
|
|
||||||
|
|
||||||
proc ackMessageEIP8(h: var Handshake,
|
|
||||||
rng: var HmacDrbgContext,
|
|
||||||
output: var openArray[byte],
|
|
||||||
outlen: var int,
|
|
||||||
flag: byte = 0,
|
|
||||||
encrypt: bool = true): AuthResult[void] =
|
|
||||||
## Create EIP8 authentication ack message.
|
|
||||||
var
|
|
||||||
buffer: array[PlainAckMessageMaxEIP8, byte]
|
|
||||||
padsize: array[1, byte]
|
|
||||||
doAssert(EIP8 in h.flags)
|
|
||||||
var payload = rlp.encodeList(h.ephemeral.pubkey.toRaw(),
|
|
||||||
h.responderNonce,
|
|
||||||
[byte(h.version)])
|
|
||||||
doAssert(len(payload) == PlainAckMessageEIP8Length)
|
|
||||||
outlen = 0
|
|
||||||
let pencsize = eciesEncryptedLength(len(payload))
|
|
||||||
while true:
|
|
||||||
generate(rng, padsize)
|
|
||||||
if int(padsize[0]) > (AckMessageV4Length - (pencsize + 2)):
|
|
||||||
break
|
|
||||||
# It is possible to make packet size constant by uncommenting this line
|
|
||||||
# padsize = 0
|
|
||||||
let wosize = pencsize + int(padsize[0])
|
|
||||||
let fullsize = wosize + 2
|
|
||||||
if int(padsize[0]) > 0:
|
|
||||||
rng.generate(toa(buffer, PlainAckMessageEIP8Length, int(padsize[0])))
|
|
||||||
|
|
||||||
copyMem(addr buffer[0], addr payload[0], len(payload))
|
|
||||||
if encrypt:
|
|
||||||
if len(output) < fullsize:
|
|
||||||
return err(AuthError.BufferOverrun)
|
|
||||||
output[0..<2] = uint16(wosize).toBytesBE()
|
|
||||||
if eciesEncrypt(rng, toa(buffer, 0, len(payload) + int(padsize[0])),
|
|
||||||
toa(output, 2, wosize), h.remoteHPubkey,
|
|
||||||
toa(output, 0, 2)).isErr:
|
|
||||||
return err(AuthError.EciesError)
|
|
||||||
outlen = fullsize
|
|
||||||
else:
|
|
||||||
let plainsize = len(payload) + int(padsize[0])
|
|
||||||
if len(output) < plainsize:
|
|
||||||
return err(AuthError.BufferOverrun)
|
|
||||||
copyMem(addr output[0], addr buffer[0], plainsize)
|
|
||||||
outlen = plainsize
|
|
||||||
|
|
||||||
ok()
|
|
||||||
|
|
||||||
template authSize*(h: Handshake, encrypt: bool = true): int =
|
|
||||||
## Get number of bytes needed to store AuthMessage.
|
|
||||||
if EIP8 in h.flags:
|
|
||||||
if encrypt: (AuthMessageMaxEIP8) else: (PlainAuthMessageMaxEIP8)
|
|
||||||
else:
|
|
||||||
if encrypt: (AuthMessageV4Length) else: (PlainAuthMessageV4Length)
|
|
||||||
|
|
||||||
template ackSize*(h: Handshake, encrypt: bool = true): int =
|
|
||||||
## Get number of bytes needed to store AckMessage.
|
|
||||||
if EIP8 in h.flags:
|
|
||||||
if encrypt: (AckMessageMaxEIP8) else: (PlainAckMessageMaxEIP8)
|
|
||||||
else:
|
|
||||||
if encrypt: (AckMessageV4Length) else: (PlainAckMessageV4Length)
|
|
||||||
|
|
||||||
proc authMessage*(h: var Handshake, rng: var HmacDrbgContext,
|
|
||||||
pubkey: PublicKey,
|
|
||||||
output: var openArray[byte],
|
|
||||||
outlen: var int, flag: byte = 0,
|
|
||||||
encrypt: bool = true): AuthResult[void] =
|
|
||||||
## Create new AuthMessage for specified `pubkey` and store it inside
|
|
||||||
## of `output`, size of generated AuthMessage will stored in `outlen`.
|
|
||||||
if EIP8 in h.flags:
|
|
||||||
authMessageEIP8(h, rng, pubkey, output, outlen, flag, encrypt)
|
|
||||||
else:
|
|
||||||
authMessagePreEIP8(h, rng, pubkey, output, outlen, flag, encrypt)
|
|
||||||
|
|
||||||
proc ackMessage*(h: var Handshake, rng: var HmacDrbgContext,
|
|
||||||
output: var openArray[byte],
|
|
||||||
outlen: var int, flag: byte = 0,
|
|
||||||
encrypt: bool = true): AuthResult[void] =
|
|
||||||
## Create new AckMessage and store it inside of `output`, size of generated
|
|
||||||
## AckMessage will stored in `outlen`.
|
|
||||||
if EIP8 in h.flags:
|
|
||||||
ackMessageEIP8(h, rng, output, outlen, flag, encrypt)
|
|
||||||
else:
|
|
||||||
ackMessagePreEIP8(h, rng, output, outlen, flag, encrypt)
|
|
||||||
|
|
||||||
proc decodeAuthMessageV4(h: var Handshake, m: openArray[byte]): AuthResult[void] =
|
|
||||||
## Decodes V4 AuthMessage.
|
|
||||||
var
|
|
||||||
buffer: array[PlainAuthMessageV4Length, byte]
|
|
||||||
|
|
||||||
doAssert(Responder in h.flags)
|
|
||||||
if eciesDecrypt(m, buffer, h.host.seckey).isErr:
|
|
||||||
return err(EciesError)
|
|
||||||
|
|
||||||
let
|
|
||||||
header = cast[ptr AuthMessageV4](addr buffer[0])
|
|
||||||
pubkey = ? PublicKey.fromRaw(header.pubkey).mapErrTo(InvalidPubKey)
|
|
||||||
signature = ? Signature.fromRaw(header.signature).mapErrTo(SignatureError)
|
|
||||||
|
|
||||||
var secret = ecdhSharedSecret(h.host.seckey, pubkey)
|
var secret = ecdhSharedSecret(h.host.seckey, pubkey)
|
||||||
secret.data = secret.data xor header.nonce
|
secret.data = secret.data xor h.initiatorNonce
|
||||||
|
|
||||||
var recovered = recover(signature, SkMessage(secret.data))
|
let signature = sign(h.ephemeral.seckey, SkMessage(secret.data))
|
||||||
secret.clear()
|
secret.clear()
|
||||||
|
|
||||||
h.remoteEPubkey = ? recovered.mapErrTo(SignatureError)
|
|
||||||
h.initiatorNonce = header.nonce
|
|
||||||
h.remoteHPubkey = pubkey
|
h.remoteHPubkey = pubkey
|
||||||
|
var payload =
|
||||||
|
rlp.encodeList(signature.toRaw(), h.host.pubkey.toRaw(), h.initiatorNonce, Vsn)
|
||||||
|
doAssert(len(payload) == PlainAuthMessageEIP8Length)
|
||||||
|
|
||||||
ok()
|
var buffer {.noinit.}: array[PlainAuthMessageMaxEIP8, byte]
|
||||||
|
copyMem(addr buffer[0], addr payload[0], len(payload))
|
||||||
|
rng.generate(toa(buffer, PlainAuthMessageEIP8Length, padsize))
|
||||||
|
|
||||||
proc decodeAuthMessageEIP8(h: var Handshake, m: openArray[byte]): AuthResult[void] =
|
let wosizeBE = uint16(wosize).toBytesBE()
|
||||||
|
output[0 ..< 2] = wosizeBE
|
||||||
|
if eciesEncrypt(
|
||||||
|
rng,
|
||||||
|
toa(buffer, 0, len(payload) + padsize),
|
||||||
|
toa(output, 2, wosize),
|
||||||
|
pubkey,
|
||||||
|
toa(output, 0, 2),
|
||||||
|
).isErr:
|
||||||
|
return err(AuthError.EciesError)
|
||||||
|
|
||||||
|
ok(fullsize)
|
||||||
|
|
||||||
|
proc ackMessage*(
|
||||||
|
h: var Handshake, rng: var HmacDrbgContext, output: var openArray[byte]
|
||||||
|
): AuthResult[int] =
|
||||||
|
## Create EIP8 authentication ack message - returns length of encoded message
|
||||||
|
## The output should be a buffer of AckMessageMaxEIP8 bytes at least.
|
||||||
|
if len(output) < AckMessageMaxEIP8:
|
||||||
|
return err(AuthError.BufferOverrun)
|
||||||
|
|
||||||
|
var padsize = int(rng.generate(byte))
|
||||||
|
while padsize > (MaxPadLenEIP8 - MinPadLenEIP8):
|
||||||
|
padsize = int(rng.generate(byte))
|
||||||
|
padsize += MinPadLenEIP8
|
||||||
|
|
||||||
|
let
|
||||||
|
pencsize = eciesEncryptedLength(PlainAckMessageEIP8Length)
|
||||||
|
wosize = pencsize + padsize
|
||||||
|
fullsize = wosize + 2
|
||||||
|
|
||||||
|
doAssert fullsize <= len(output), "We checked against max possible length above"
|
||||||
|
|
||||||
|
var
|
||||||
|
buffer: array[PlainAckMessageMaxEIP8, byte]
|
||||||
|
payload = rlp.encodeList(h.ephemeral.pubkey.toRaw(), h.responderNonce, Vsn)
|
||||||
|
doAssert(len(payload) == PlainAckMessageEIP8Length)
|
||||||
|
|
||||||
|
copyMem(addr buffer[0], addr payload[0], PlainAckMessageEIP8Length)
|
||||||
|
rng.generate(toa(buffer, PlainAckMessageEIP8Length, padsize))
|
||||||
|
|
||||||
|
output[0 ..< MsgLenLenEIP8] = uint16(wosize).toBytesBE()
|
||||||
|
|
||||||
|
if eciesEncrypt(
|
||||||
|
rng,
|
||||||
|
toa(buffer, 0, PlainAckMessageEIP8Length + padsize),
|
||||||
|
toa(output, MsgLenLenEIP8, wosize),
|
||||||
|
h.remoteHPubkey,
|
||||||
|
toa(output, 0, MsgLenLenEIP8),
|
||||||
|
).isErr:
|
||||||
|
return err(AuthError.EciesError)
|
||||||
|
ok(fullsize)
|
||||||
|
|
||||||
|
func decodeMsgLen(input: openArray[byte]): AuthResult[int] =
|
||||||
|
if input.len < 2:
|
||||||
|
return err(AuthError.IncompleteError)
|
||||||
|
ok(int(uint16.fromBytesBE(input)) + 2)
|
||||||
|
|
||||||
|
func decodeAuthMsgLen*(h: Handshake, input: openArray[byte]): AuthResult[int] =
|
||||||
|
let len = ?decodeMsgLen(input)
|
||||||
|
if len < AuthMessageEIP8Length:
|
||||||
|
return err(AuthError.IncompleteError)
|
||||||
|
ok(len)
|
||||||
|
|
||||||
|
func decodeAckMsgLen*(h: Handshake, input: openArray[byte]): AuthResult[int] =
|
||||||
|
let len = ?decodeMsgLen(input)
|
||||||
|
if len < AckMessageEIP8Length:
|
||||||
|
return err(AuthError.IncompleteError)
|
||||||
|
ok(len)
|
||||||
|
|
||||||
|
proc decodeAuthMessage*(h: var Handshake, m: openArray[byte]): AuthResult[void] =
|
||||||
## Decodes EIP-8 AuthMessage.
|
## Decodes EIP-8 AuthMessage.
|
||||||
let size = uint16.fromBytesBE(m)
|
let
|
||||||
h.expectedLength = 2 + int(size)
|
expectedLength = ?h.decodeAuthMsgLen(m)
|
||||||
|
size = expectedLength - MsgLenLenEIP8
|
||||||
|
|
||||||
# Check if the prefixed size is => than the minimum
|
# Check if the prefixed size is => than the minimum
|
||||||
if h.expectedLength < AuthMessageEIP8Length:
|
if expectedLength < AuthMessageEIP8Length:
|
||||||
return err(AuthError.IncompleteError)
|
return err(AuthError.IncompleteError)
|
||||||
|
|
||||||
if h.expectedLength > len(m):
|
if expectedLength > len(m):
|
||||||
return err(AuthError.IncompleteError)
|
return err(AuthError.IncompleteError)
|
||||||
|
|
||||||
var buffer = newSeq[byte](eciesDecryptedLength(int(size)))
|
var buffer = newSeq[byte](eciesDecryptedLength(size))
|
||||||
if eciesDecrypt(
|
if eciesDecrypt(
|
||||||
toa(m, 2, int(size)), buffer, h.host.seckey, toa(m, 0, 2)).isErr:
|
toa(m, MsgLenLenEIP8, int(size)), buffer, h.host.seckey, toa(m, 0, MsgLenLenEIP8)
|
||||||
|
).isErr:
|
||||||
return err(AuthError.EciesError)
|
return err(AuthError.EciesError)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
var reader = rlpFromBytes(buffer)
|
var reader = rlpFromBytes(buffer)
|
||||||
if not reader.isList() or reader.listLen() < 4:
|
if not reader.isList() or reader.listLen() < 4:
|
||||||
|
@ -412,11 +278,9 @@ proc decodeAuthMessageEIP8(h: var Handshake, m: openArray[byte]): AuthResult[voi
|
||||||
signatureBr = reader.listElem(0).toBytes()
|
signatureBr = reader.listElem(0).toBytes()
|
||||||
pubkeyBr = reader.listElem(1).toBytes()
|
pubkeyBr = reader.listElem(1).toBytes()
|
||||||
nonceBr = reader.listElem(2).toBytes()
|
nonceBr = reader.listElem(2).toBytes()
|
||||||
versionBr = reader.listElem(3).toBytes()
|
|
||||||
|
|
||||||
let
|
signature = ?Signature.fromRaw(signatureBr).mapErrTo(SignatureError)
|
||||||
signature = ? Signature.fromRaw(signatureBr).mapErrTo(SignatureError)
|
pubkey = ?PublicKey.fromRaw(pubkeyBr).mapErrTo(InvalidPubKey)
|
||||||
pubkey = ? PublicKey.fromRaw(pubkeyBr).mapErrTo(InvalidPubKey)
|
|
||||||
nonce = toArray(KeyLength, nonceBr)
|
nonce = toArray(KeyLength, nonceBr)
|
||||||
|
|
||||||
var secret = ecdhSharedSecret(h.host.seckey, pubkey)
|
var secret = ecdhSharedSecret(h.host.seckey, pubkey)
|
||||||
|
@ -425,100 +289,52 @@ proc decodeAuthMessageEIP8(h: var Handshake, m: openArray[byte]): AuthResult[voi
|
||||||
let recovered = recover(signature, SkMessage(secret.data))
|
let recovered = recover(signature, SkMessage(secret.data))
|
||||||
secret.clear()
|
secret.clear()
|
||||||
|
|
||||||
h.remoteEPubkey = ? recovered.mapErrTo(SignatureError)
|
h.remoteEPubkey = ?recovered.mapErrTo(SignatureError)
|
||||||
h.initiatorNonce = nonce
|
h.initiatorNonce = nonce
|
||||||
h.remoteHPubkey = pubkey
|
h.remoteHPubkey = pubkey
|
||||||
h.version = versionBr[0]
|
|
||||||
ok()
|
ok()
|
||||||
except CatchableError:
|
except CatchableError:
|
||||||
err(AuthError.RlpError)
|
err(AuthError.RlpError)
|
||||||
|
|
||||||
proc decodeAckMessageEIP8*(h: var Handshake, m: openArray[byte]): AuthResult[void] =
|
proc decodeAckMessage*(h: var Handshake, m: openArray[byte]): AuthResult[void] =
|
||||||
## Decodes EIP-8 AckMessage.
|
## Decodes EIP-8 AckMessage.
|
||||||
let size = uint16.fromBytesBE(m)
|
let
|
||||||
h.expectedLength = 2 + int(size)
|
expectedLength = ?h.decodeAckMsgLen(m)
|
||||||
|
size = expectedLength - MsgLenLenEIP8
|
||||||
|
|
||||||
# Check if the prefixed size is => than the minimum
|
# Check if the prefixed size is => than the minimum
|
||||||
if h.expectedLength < AckMessageEIP8Length:
|
if expectedLength > len(m):
|
||||||
return err(AuthError.IncompleteError)
|
return err(AuthError.IncompleteError)
|
||||||
|
|
||||||
if h.expectedLength > len(m):
|
var buffer = newSeq[byte](eciesDecryptedLength(size))
|
||||||
return err(AuthError.IncompleteError)
|
|
||||||
|
|
||||||
var buffer = newSeq[byte](eciesDecryptedLength(int(size)))
|
|
||||||
if eciesDecrypt(
|
if eciesDecrypt(
|
||||||
toa(m, 2, int(size)), buffer, h.host.seckey, toa(m, 0, 2)).isErr:
|
toa(m, MsgLenLenEIP8, size), buffer, h.host.seckey, toa(m, 0, MsgLenLenEIP8)
|
||||||
|
).isErr:
|
||||||
return err(AuthError.EciesError)
|
return err(AuthError.EciesError)
|
||||||
try:
|
try:
|
||||||
var reader = rlpFromBytes(buffer)
|
var reader = rlpFromBytes(buffer)
|
||||||
|
# The last element, the version, is ignored
|
||||||
if not reader.isList() or reader.listLen() < 3:
|
if not reader.isList() or reader.listLen() < 3:
|
||||||
return err(AuthError.InvalidAck)
|
return err(AuthError.InvalidAck)
|
||||||
if reader.listElem(0).blobLen != RawPublicKeySize:
|
if reader.listElem(0).blobLen != RawPublicKeySize:
|
||||||
return err(AuthError.InvalidAck)
|
return err(AuthError.InvalidAck)
|
||||||
if reader.listElem(1).blobLen != KeyLength:
|
if reader.listElem(1).blobLen != KeyLength:
|
||||||
return err(AuthError.InvalidAck)
|
return err(AuthError.InvalidAck)
|
||||||
if reader.listElem(2).blobLen != 1:
|
|
||||||
return err(AuthError.InvalidAck)
|
|
||||||
let
|
let
|
||||||
pubkeyBr = reader.listElem(0).toBytes()
|
pubkeyBr = reader.listElem(0).toBytes()
|
||||||
nonceBr = reader.listElem(1).toBytes()
|
nonceBr = reader.listElem(1).toBytes()
|
||||||
versionBr = reader.listElem(2).toBytes()
|
|
||||||
|
|
||||||
h.remoteEPubkey = ? PublicKey.fromRaw(pubkeyBr).mapErrTo(InvalidPubKey)
|
h.remoteEPubkey = ?PublicKey.fromRaw(pubkeyBr).mapErrTo(InvalidPubKey)
|
||||||
h.responderNonce = toArray(KeyLength, nonceBr)
|
h.responderNonce = toArray(KeyLength, nonceBr)
|
||||||
h.version = versionBr[0]
|
|
||||||
|
|
||||||
ok()
|
ok()
|
||||||
except CatchableError:
|
except CatchableError:
|
||||||
err(AuthError.RlpError)
|
err(AuthError.RlpError)
|
||||||
|
|
||||||
proc decodeAckMessageV4(h: var Handshake, m: openArray[byte]): AuthResult[void] =
|
|
||||||
## Decodes V4 AckMessage.
|
|
||||||
var
|
|
||||||
buffer: array[PlainAckMessageV4Length, byte]
|
|
||||||
doAssert(Initiator in h.flags)
|
|
||||||
|
|
||||||
if eciesDecrypt(m, buffer, h.host.seckey).isErr:
|
|
||||||
return err(AuthError.EciesError)
|
|
||||||
var header = cast[ptr AckMessageV4](addr buffer[0])
|
|
||||||
|
|
||||||
h.remoteEPubkey = ? PublicKey.fromRaw(header.pubkey).mapErrTo(InvalidPubKey)
|
|
||||||
h.responderNonce = header.nonce
|
|
||||||
|
|
||||||
ok()
|
|
||||||
|
|
||||||
proc decodeAuthMessage*(h: var Handshake, input: openArray[byte]): AuthResult[void] =
|
|
||||||
## Decodes AuthMessage from `input`.
|
|
||||||
# Using the smallest min. message length of the two types
|
|
||||||
if len(input) < AuthMessageEIP8Length:
|
|
||||||
return err(AuthError.IncompleteError)
|
|
||||||
|
|
||||||
if len(input) == AuthMessageV4Length:
|
|
||||||
let res = h.decodeAuthMessageV4(input)
|
|
||||||
if res.isOk(): return res
|
|
||||||
|
|
||||||
let res = h.decodeAuthMessageEIP8(input)
|
|
||||||
if res.isOk():
|
|
||||||
h.flags.incl(EIP8)
|
|
||||||
res
|
|
||||||
|
|
||||||
proc decodeAckMessage*(h: var Handshake, input: openArray[byte]): AuthResult[void] =
|
|
||||||
## Decodes AckMessage from `input`.
|
|
||||||
# Using the smallest min. message length of the two types
|
|
||||||
if len(input) < AckMessageV4Length:
|
|
||||||
return err(AuthError.IncompleteError)
|
|
||||||
|
|
||||||
if len(input) == AckMessageV4Length:
|
|
||||||
let res = h.decodeAckMessageV4(input)
|
|
||||||
if res.isOk(): return res
|
|
||||||
|
|
||||||
let res = h.decodeAckMessageEIP8(input)
|
|
||||||
if res.isOk(): h.flags.incl(EIP8)
|
|
||||||
res
|
|
||||||
|
|
||||||
proc getSecrets*(
|
proc getSecrets*(
|
||||||
h: Handshake, authmsg: openArray[byte],
|
h: Handshake, authmsg: openArray[byte], ackmsg: openArray[byte]
|
||||||
ackmsg: openArray[byte]): ConnectionSecret =
|
): ConnectionSecret =
|
||||||
## Derive secrets from handshake `h` using encrypted AuthMessage `authmsg` and
|
## Derive secrets from handshake `h` using encrypted AuthMessage `authmsg` and
|
||||||
## encrypted AckMessage `ackmsg`.
|
## encrypted AckMessage `ackmsg`.
|
||||||
var
|
var
|
||||||
|
|
|
@ -9,24 +9,27 @@
|
||||||
|
|
||||||
import
|
import
|
||||||
std/[times, net],
|
std/[times, net],
|
||||||
chronos, stint, nimcrypto/keccak, chronicles,
|
chronos,
|
||||||
stew/objects, results,
|
stint,
|
||||||
|
nimcrypto/keccak,
|
||||||
|
chronicles,
|
||||||
|
stew/objects,
|
||||||
|
results,
|
||||||
../rlp,
|
../rlp,
|
||||||
../common/keys,
|
../common/keys,
|
||||||
"."/[kademlia, enode]
|
"."/[kademlia, enode]
|
||||||
|
|
||||||
export
|
export Node, results
|
||||||
Node, results
|
|
||||||
|
|
||||||
logScope:
|
logScope:
|
||||||
topics = "eth p2p discovery"
|
topics = "eth p2p discovery"
|
||||||
|
|
||||||
const
|
const
|
||||||
# UDP packet constants.
|
# UDP packet constants.
|
||||||
MAC_SIZE = 256 div 8 # 32
|
MAC_SIZE = 256 div 8 # 32
|
||||||
SIG_SIZE = 520 div 8 # 65
|
SIG_SIZE = 520 div 8 # 65
|
||||||
HEAD_SIZE = MAC_SIZE + SIG_SIZE # 97
|
HEAD_SIZE = MAC_SIZE + SIG_SIZE # 97
|
||||||
EXPIRATION = 60 # let messages expire after N seconds
|
EXPIRATION = 60 # let messages expire after N seconds
|
||||||
PROTO_VERSION = 4
|
PROTO_VERSION = 4
|
||||||
|
|
||||||
type
|
type
|
||||||
|
@ -55,9 +58,14 @@ proc append*(w: var RlpWriter, a: IpAddress) =
|
||||||
of IpAddressFamily.IPv4:
|
of IpAddressFamily.IPv4:
|
||||||
w.append(a.address_v4)
|
w.append(a.address_v4)
|
||||||
|
|
||||||
proc append(w: var RlpWriter, p: Port) = w.append(p.uint)
|
proc append(w: var RlpWriter, p: Port) =
|
||||||
proc append(w: var RlpWriter, pk: PublicKey) = w.append(pk.toRaw())
|
w.append(p.uint)
|
||||||
proc append(w: var RlpWriter, h: MDigest[256]) = w.append(h.data)
|
|
||||||
|
proc append(w: var RlpWriter, pk: PublicKey) =
|
||||||
|
w.append(pk.toRaw())
|
||||||
|
|
||||||
|
proc append(w: var RlpWriter, h: MDigest[256]) =
|
||||||
|
w.append(h.data)
|
||||||
|
|
||||||
proc pack(cmdId: CommandId, payload: openArray[byte], pk: PrivateKey): seq[byte] =
|
proc pack(cmdId: CommandId, payload: openArray[byte], pk: PrivateKey): seq[byte] =
|
||||||
## Create and sign a UDP message to be sent to a remote node.
|
## Create and sign a UDP message to be sent to a remote node.
|
||||||
|
@ -65,11 +73,13 @@ proc pack(cmdId: CommandId, payload: openArray[byte], pk: PrivateKey): seq[byte]
|
||||||
## See https://github.com/ethereum/devp2p/blob/master/rlpx.md#node-discovery for information on
|
## See https://github.com/ethereum/devp2p/blob/master/rlpx.md#node-discovery for information on
|
||||||
## how UDP packets are structured.
|
## how UDP packets are structured.
|
||||||
|
|
||||||
# TODO: There is a lot of unneeded allocations here
|
result = newSeq[byte](HEAD_SIZE + 1 + payload.len)
|
||||||
let encodedData = @[cmdId.byte] & @payload
|
result[HEAD_SIZE] = cmdId.byte
|
||||||
let signature = @(pk.sign(encodedData).toRaw())
|
result[HEAD_SIZE + 1 ..< result.len] = payload
|
||||||
let msgHash = keccak256.digest(signature & encodedData)
|
result[MAC_SIZE ..< MAC_SIZE + SIG_SIZE] =
|
||||||
result = @(msgHash.data) & signature & encodedData
|
pk.sign(result.toOpenArray(HEAD_SIZE, result.high)).toRaw()
|
||||||
|
result[0 ..< MAC_SIZE] =
|
||||||
|
keccak256.digest(result.toOpenArray(MAC_SIZE, result.high)).data
|
||||||
|
|
||||||
proc validateMsgHash(msg: openArray[byte]): DiscResult[MDigest[256]] =
|
proc validateMsgHash(msg: openArray[byte]): DiscResult[MDigest[256]] =
|
||||||
if msg.len > HEAD_SIZE:
|
if msg.len > HEAD_SIZE:
|
||||||
|
@ -85,20 +95,20 @@ proc validateMsgHash(msg: openArray[byte]): DiscResult[MDigest[256]] =
|
||||||
proc recoverMsgPublicKey(msg: openArray[byte]): DiscResult[PublicKey] =
|
proc recoverMsgPublicKey(msg: openArray[byte]): DiscResult[PublicKey] =
|
||||||
if msg.len <= HEAD_SIZE:
|
if msg.len <= HEAD_SIZE:
|
||||||
return err("disc: can't get public key")
|
return err("disc: can't get public key")
|
||||||
let sig = ? Signature.fromRaw(msg.toOpenArray(MAC_SIZE, HEAD_SIZE))
|
let sig = ?Signature.fromRaw(msg.toOpenArray(MAC_SIZE, HEAD_SIZE))
|
||||||
recover(sig, msg.toOpenArray(HEAD_SIZE, msg.high))
|
recover(sig, msg.toOpenArray(HEAD_SIZE, msg.high))
|
||||||
|
|
||||||
proc unpack(msg: openArray[byte]): tuple[cmdId: CommandId, payload: seq[byte]]
|
proc unpack(
|
||||||
{.raises: [DiscProtocolError].} =
|
msg: openArray[byte]
|
||||||
|
): tuple[cmdId: CommandId, payload: seq[byte]] {.raises: [DiscProtocolError].} =
|
||||||
# Check against possible RangeDefect
|
# Check against possible RangeDefect
|
||||||
if msg[HEAD_SIZE].int < CommandId.low.ord or
|
if msg[HEAD_SIZE].int < CommandId.low.ord or msg[HEAD_SIZE].int > CommandId.high.ord:
|
||||||
msg[HEAD_SIZE].int > CommandId.high.ord:
|
|
||||||
raise newException(DiscProtocolError, "Unsupported packet id")
|
raise newException(DiscProtocolError, "Unsupported packet id")
|
||||||
|
|
||||||
result = (cmdId: msg[HEAD_SIZE].CommandId, payload: msg[HEAD_SIZE + 1 .. ^1])
|
(cmdId: msg[HEAD_SIZE].CommandId, payload: msg[HEAD_SIZE + 1 .. ^1])
|
||||||
|
|
||||||
proc expiration(): uint32 =
|
proc expiration(): uint64 =
|
||||||
result = uint32(epochTime() + EXPIRATION)
|
uint64(getTime().toUnix() + EXPIRATION)
|
||||||
|
|
||||||
# Wire protocol
|
# Wire protocol
|
||||||
|
|
||||||
|
@ -110,15 +120,16 @@ proc send(d: DiscoveryProtocol, n: Node, data: seq[byte]) =
|
||||||
when defined(chronicles_log_level):
|
when defined(chronicles_log_level):
|
||||||
try:
|
try:
|
||||||
# readError will raise FutureError
|
# readError will raise FutureError
|
||||||
debug "Discovery send failed", msg = f.readError.msg
|
debug "Discovery send failed",
|
||||||
|
msg = f.readError.msg, address = $n.node.address
|
||||||
except FutureError as exc:
|
except FutureError as exc:
|
||||||
error "Failed to get discovery send future error", msg=exc.msg
|
error "Failed to get discovery send future error", msg = exc.msg
|
||||||
|
|
||||||
f.addCallback cb
|
f.addCallback cb
|
||||||
|
|
||||||
proc sendPing*(d: DiscoveryProtocol, n: Node): seq[byte] =
|
proc sendPing*(d: DiscoveryProtocol, n: Node): seq[byte] =
|
||||||
let payload = rlp.encode((PROTO_VERSION.uint, d.address, n.node.address,
|
let payload =
|
||||||
expiration()))
|
rlp.encode((PROTO_VERSION.uint, d.address, n.node.address, expiration()))
|
||||||
let msg = pack(cmdPing, payload, d.privKey)
|
let msg = pack(cmdPing, payload, d.privKey)
|
||||||
result = msg[0 ..< MAC_SIZE]
|
result = msg[0 ..< MAC_SIZE]
|
||||||
trace ">>> ping ", n
|
trace ">>> ping ", n
|
||||||
|
@ -135,7 +146,7 @@ proc sendFindNode*(d: DiscoveryProtocol, n: Node, targetNodeId: NodeId) =
|
||||||
data[32 .. ^1] = targetNodeId.toByteArrayBE()
|
data[32 .. ^1] = targetNodeId.toByteArrayBE()
|
||||||
let payload = rlp.encode((data, expiration()))
|
let payload = rlp.encode((data, expiration()))
|
||||||
let msg = pack(cmdFindNode, payload, d.privKey)
|
let msg = pack(cmdFindNode, payload, d.privKey)
|
||||||
trace ">>> find_node to ", n#, ": ", msg.toHex()
|
trace ">>> find_node to ", n #, ": ", msg.toHex()
|
||||||
d.send(n, msg)
|
d.send(n, msg)
|
||||||
|
|
||||||
proc sendNeighbours*(d: DiscoveryProtocol, node: Node, neighbours: seq[Node]) =
|
proc sendNeighbours*(d: DiscoveryProtocol, node: Node, neighbours: seq[Node]) =
|
||||||
|
@ -152,18 +163,23 @@ proc sendNeighbours*(d: DiscoveryProtocol, node: Node, neighbours: seq[Node]) =
|
||||||
nodes.setLen(0)
|
nodes.setLen(0)
|
||||||
|
|
||||||
for i, n in neighbours:
|
for i, n in neighbours:
|
||||||
nodes.add((n.node.address.ip, n.node.address.udpPort,
|
nodes.add(
|
||||||
n.node.address.tcpPort, n.node.pubkey))
|
(n.node.address.ip, n.node.address.udpPort, n.node.address.tcpPort, n.node.pubkey)
|
||||||
|
)
|
||||||
if nodes.len == MAX_NEIGHBOURS_PER_PACKET:
|
if nodes.len == MAX_NEIGHBOURS_PER_PACKET:
|
||||||
flush()
|
flush()
|
||||||
|
|
||||||
if nodes.len != 0: flush()
|
if nodes.len != 0:
|
||||||
|
flush()
|
||||||
|
|
||||||
proc newDiscoveryProtocol*(
|
proc newDiscoveryProtocol*(
|
||||||
privKey: PrivateKey, address: Address,
|
privKey: PrivateKey,
|
||||||
|
address: Address,
|
||||||
bootstrapNodes: openArray[ENode],
|
bootstrapNodes: openArray[ENode],
|
||||||
bindPort: Port, bindIp = IPv4_any(),
|
bindPort: Port,
|
||||||
rng = newRng()): DiscoveryProtocol =
|
bindIp = IPv6_any(),
|
||||||
|
rng = newRng(),
|
||||||
|
): DiscoveryProtocol =
|
||||||
let
|
let
|
||||||
localNode = newNode(privKey.toPublicKey(), address)
|
localNode = newNode(privKey.toPublicKey(), address)
|
||||||
discovery = DiscoveryProtocol(
|
discovery = DiscoveryProtocol(
|
||||||
|
@ -171,27 +187,32 @@ proc newDiscoveryProtocol*(
|
||||||
address: address,
|
address: address,
|
||||||
localNode: localNode,
|
localNode: localNode,
|
||||||
bindIp: bindIp,
|
bindIp: bindIp,
|
||||||
bindPort: bindPort)
|
bindPort: bindPort,
|
||||||
|
)
|
||||||
kademlia = newKademliaProtocol(localNode, discovery, rng = rng)
|
kademlia = newKademliaProtocol(localNode, discovery, rng = rng)
|
||||||
|
|
||||||
discovery.kademlia = kademlia
|
discovery.kademlia = kademlia
|
||||||
|
|
||||||
for n in bootstrapNodes: discovery.bootstrapNodes.add(newNode(n))
|
for n in bootstrapNodes:
|
||||||
|
discovery.bootstrapNodes.add(newNode(n))
|
||||||
|
|
||||||
discovery
|
discovery
|
||||||
|
|
||||||
proc recvPing(d: DiscoveryProtocol, node: Node, msgHash: MDigest[256])
|
proc recvPing(
|
||||||
{.raises: [ValueError].} =
|
d: DiscoveryProtocol, node: Node, msgHash: MDigest[256]
|
||||||
|
) {.raises: [ValueError].} =
|
||||||
d.kademlia.recvPing(node, msgHash)
|
d.kademlia.recvPing(node, msgHash)
|
||||||
|
|
||||||
proc recvPong(d: DiscoveryProtocol, node: Node, payload: seq[byte])
|
proc recvPong(
|
||||||
{.raises: [RlpError].} =
|
d: DiscoveryProtocol, node: Node, payload: seq[byte]
|
||||||
|
) {.raises: [RlpError].} =
|
||||||
let rlp = rlpFromBytes(payload)
|
let rlp = rlpFromBytes(payload)
|
||||||
let tok = rlp.listElem(1).toBytes()
|
let tok = rlp.listElem(1).toBytes()
|
||||||
d.kademlia.recvPong(node, tok)
|
d.kademlia.recvPong(node, tok)
|
||||||
|
|
||||||
proc recvNeighbours(d: DiscoveryProtocol, node: Node, payload: seq[byte])
|
proc recvNeighbours(
|
||||||
{.raises: [RlpError].} =
|
d: DiscoveryProtocol, node: Node, payload: seq[byte]
|
||||||
|
) {.raises: [RlpError].} =
|
||||||
let rlp = rlpFromBytes(payload)
|
let rlp = rlpFromBytes(payload)
|
||||||
let neighboursList = rlp.listElem(0)
|
let neighboursList = rlp.listElem(0)
|
||||||
let sz = neighboursList.listLen()
|
let sz = neighboursList.listLen()
|
||||||
|
@ -203,11 +224,9 @@ proc recvNeighbours(d: DiscoveryProtocol, node: Node, payload: seq[byte])
|
||||||
var ip: IpAddress
|
var ip: IpAddress
|
||||||
case ipBlob.len
|
case ipBlob.len
|
||||||
of 4:
|
of 4:
|
||||||
ip = IpAddress(
|
ip = IpAddress(family: IpAddressFamily.IPv4, address_v4: toArray(4, ipBlob))
|
||||||
family: IpAddressFamily.IPv4, address_v4: toArray(4, ipBlob))
|
|
||||||
of 16:
|
of 16:
|
||||||
ip = IpAddress(
|
ip = IpAddress(family: IpAddressFamily.IPv6, address_v6: toArray(16, ipBlob))
|
||||||
family: IpAddressFamily.IPv6, address_v6: toArray(16, ipBlob))
|
|
||||||
else:
|
else:
|
||||||
error "Wrong ip address length!"
|
error "Wrong ip address length!"
|
||||||
continue
|
continue
|
||||||
|
@ -222,8 +241,9 @@ proc recvNeighbours(d: DiscoveryProtocol, node: Node, payload: seq[byte])
|
||||||
neighbours.add(newNode(pk[], Address(ip: ip, udpPort: udpPort, tcpPort: tcpPort)))
|
neighbours.add(newNode(pk[], Address(ip: ip, udpPort: udpPort, tcpPort: tcpPort)))
|
||||||
d.kademlia.recvNeighbours(node, neighbours)
|
d.kademlia.recvNeighbours(node, neighbours)
|
||||||
|
|
||||||
proc recvFindNode(d: DiscoveryProtocol, node: Node, payload: openArray[byte])
|
proc recvFindNode(
|
||||||
{.raises: [RlpError, ValueError].} =
|
d: DiscoveryProtocol, node: Node, payload: openArray[byte]
|
||||||
|
) {.raises: [RlpError, ValueError].} =
|
||||||
let rlp = rlpFromBytes(payload)
|
let rlp = rlpFromBytes(payload)
|
||||||
trace "<<< find_node from ", node
|
trace "<<< find_node from ", node
|
||||||
let rng = rlp.listElem(0).toBytes
|
let rng = rlp.listElem(0).toBytes
|
||||||
|
@ -234,8 +254,9 @@ proc recvFindNode(d: DiscoveryProtocol, node: Node, payload: openArray[byte])
|
||||||
else:
|
else:
|
||||||
trace "Invalid target public key received"
|
trace "Invalid target public key received"
|
||||||
|
|
||||||
proc expirationValid(cmdId: CommandId, rlpEncodedPayload: openArray[byte]):
|
proc expirationValid(
|
||||||
bool {.raises: [DiscProtocolError, RlpError].} =
|
cmdId: CommandId, rlpEncodedPayload: openArray[byte]
|
||||||
|
): bool {.raises: [DiscProtocolError, RlpError].} =
|
||||||
## Can only raise `DiscProtocolError` and all of `RlpError`
|
## Can only raise `DiscProtocolError` and all of `RlpError`
|
||||||
# Check if there is a payload
|
# Check if there is a payload
|
||||||
if rlpEncodedPayload.len <= 0:
|
if rlpEncodedPayload.len <= 0:
|
||||||
|
@ -250,8 +271,9 @@ proc expirationValid(cmdId: CommandId, rlpEncodedPayload: openArray[byte]):
|
||||||
else:
|
else:
|
||||||
raise newException(DiscProtocolError, "Invalid RLP list for this packet id")
|
raise newException(DiscProtocolError, "Invalid RLP list for this packet id")
|
||||||
|
|
||||||
proc receive*(d: DiscoveryProtocol, a: Address, msg: openArray[byte])
|
proc receive*(
|
||||||
{.raises: [DiscProtocolError, RlpError, ValueError].} =
|
d: DiscoveryProtocol, a: Address, msg: openArray[byte]
|
||||||
|
) {.raises: [DiscProtocolError, RlpError, ValueError].} =
|
||||||
# Note: export only needed for testing
|
# Note: export only needed for testing
|
||||||
let msgHash = validateMsgHash(msg)
|
let msgHash = validateMsgHash(msg)
|
||||||
if msgHash.isOk():
|
if msgHash.isOk():
|
||||||
|
@ -280,17 +302,20 @@ proc receive*(d: DiscoveryProtocol, a: Address, msg: openArray[byte])
|
||||||
else:
|
else:
|
||||||
notice "Wrong msg mac from ", a
|
notice "Wrong msg mac from ", a
|
||||||
|
|
||||||
proc processClient(transp: DatagramTransport, raddr: TransportAddress):
|
proc processClient(
|
||||||
Future[void] {.async: (raises: []).} =
|
transp: DatagramTransport, raddr: TransportAddress
|
||||||
|
): Future[void] {.async: (raises: []).} =
|
||||||
var proto = getUserData[DiscoveryProtocol](transp)
|
var proto = getUserData[DiscoveryProtocol](transp)
|
||||||
let buf = try: transp.getMessage()
|
let buf =
|
||||||
except TransportOsError as e:
|
try:
|
||||||
# This is likely to be local network connection issues.
|
transp.getMessage()
|
||||||
warn "Transport getMessage", exception = e.name, msg = e.msg
|
except TransportOsError as e:
|
||||||
return
|
# This is likely to be local network connection issues.
|
||||||
except TransportError as exc:
|
warn "Transport getMessage", exception = e.name, msg = e.msg
|
||||||
debug "getMessage error", msg = exc.msg
|
return
|
||||||
return
|
except TransportError as exc:
|
||||||
|
debug "getMessage error", msg = exc.msg
|
||||||
|
return
|
||||||
try:
|
try:
|
||||||
let a = Address(ip: raddr.address, udpPort: raddr.port, tcpPort: raddr.port)
|
let a = Address(ip: raddr.address, udpPort: raddr.port, tcpPort: raddr.port)
|
||||||
proto.receive(a, buf)
|
proto.receive(a, buf)
|
||||||
|
@ -326,26 +351,30 @@ proc randomNodes*(d: DiscoveryProtocol, count: int): seq[Node] =
|
||||||
d.kademlia.randomNodes(count)
|
d.kademlia.randomNodes(count)
|
||||||
|
|
||||||
when isMainModule:
|
when isMainModule:
|
||||||
import logging, stew/byteutils
|
import stew/byteutils, ./bootnodes
|
||||||
|
|
||||||
const LOCAL_BOOTNODES = [
|
|
||||||
"enode://6456719e7267e061161c88720287a77b80718d2a3a4ff5daeba614d029dc77601b75e32190aed1c9b0b9ccb6fac3bcf000f48e54079fa79e339c25d8e9724226@127.0.0.1:30301"
|
|
||||||
]
|
|
||||||
|
|
||||||
addHandler(newConsoleLogger())
|
|
||||||
|
|
||||||
block:
|
block:
|
||||||
let m = hexToSeqByte"79664bff52ee17327b4a2d8f97d8fb32c9244d719e5038eb4f6b64da19ca6d271d659c3ad9ad7861a928ca85f8d8debfbe6b7ade26ad778f2ae2ba712567fcbd55bc09eb3e74a893d6b180370b266f6aaf3fe58a0ad95f7435bf3ddf1db940d20102f2cb842edbd4d182944382765da0ab56fb9e64a85a597e6bb27c656b4f1afb7e06b0fd4e41ccde6dba69a3c4a150845aaa4de2"
|
let m =
|
||||||
|
hexToSeqByte"79664bff52ee17327b4a2d8f97d8fb32c9244d719e5038eb4f6b64da19ca6d271d659c3ad9ad7861a928ca85f8d8debfbe6b7ade26ad778f2ae2ba712567fcbd55bc09eb3e74a893d6b180370b266f6aaf3fe58a0ad95f7435bf3ddf1db940d20102f2cb842edbd4d182944382765da0ab56fb9e64a85a597e6bb27c656b4f1afb7e06b0fd4e41ccde6dba69a3c4a150845aaa4de2"
|
||||||
discard validateMsgHash(m).expect("valid hash")
|
discard validateMsgHash(m).expect("valid hash")
|
||||||
var remotePubkey = recoverMsgPublicKey(m).expect("valid key")
|
var remotePubkey = recoverMsgPublicKey(m).expect("valid key")
|
||||||
|
|
||||||
let (cmdId, payload) = unpack(m)
|
let (cmdId, payload) = unpack(m)
|
||||||
doAssert(payload == hexToSeqByte"f2cb842edbd4d182944382765da0ab56fb9e64a85a597e6bb27c656b4f1afb7e06b0fd4e41ccde6dba69a3c4a150845aaa4de2")
|
doAssert(
|
||||||
|
payload ==
|
||||||
|
hexToSeqByte"f2cb842edbd4d182944382765da0ab56fb9e64a85a597e6bb27c656b4f1afb7e06b0fd4e41ccde6dba69a3c4a150845aaa4de2"
|
||||||
|
)
|
||||||
doAssert(cmdId == cmdPong)
|
doAssert(cmdId == cmdPong)
|
||||||
doAssert(remotePubkey == PublicKey.fromHex(
|
doAssert(
|
||||||
"78de8a0916848093c73790ead81d1928bec737d565119932b98c6b100d944b7a95e94f847f689fc723399d2e31129d182f7ef3863f2b4c820abbf3ab2722344d")[])
|
remotePubkey ==
|
||||||
|
PublicKey.fromHex(
|
||||||
|
"78de8a0916848093c73790ead81d1928bec737d565119932b98c6b100d944b7a95e94f847f689fc723399d2e31129d182f7ef3863f2b4c820abbf3ab2722344d"
|
||||||
|
)[]
|
||||||
|
)
|
||||||
|
|
||||||
let privKey = PrivateKey.fromHex("a2b50376a79b1a8c8a3296485572bdfbf54708bb46d3c25d73d2723aaaf6a617")[]
|
let privKey = PrivateKey.fromHex(
|
||||||
|
"a2b50376a79b1a8c8a3296485572bdfbf54708bb46d3c25d73d2723aaaf6a617"
|
||||||
|
)[]
|
||||||
|
|
||||||
# echo privKey
|
# echo privKey
|
||||||
|
|
||||||
|
@ -355,14 +384,14 @@ when isMainModule:
|
||||||
# let (remotePubkey, cmdId, payload) = unpack(m)
|
# let (remotePubkey, cmdId, payload) = unpack(m)
|
||||||
# doAssert(remotePubkey.raw_key.toHex == privKey.public_key.raw_key.toHex)
|
# doAssert(remotePubkey.raw_key.toHex == privKey.public_key.raw_key.toHex)
|
||||||
|
|
||||||
var bootnodes = newSeq[ENode]()
|
var nodes = newSeq[ENode]()
|
||||||
for item in LOCAL_BOOTNODES:
|
for item in MainnetBootnodes:
|
||||||
bootnodes.add(ENode.fromString(item)[])
|
nodes.add(ENode.fromString(item)[])
|
||||||
|
|
||||||
let listenPort = Port(30310)
|
let listenPort = Port(30310)
|
||||||
var address = Address(udpPort: listenPort, tcpPort: listenPort)
|
var address = Address(udpPort: listenPort, tcpPort: listenPort)
|
||||||
address.ip.family = IpAddressFamily.IPv4
|
address.ip.family = IpAddressFamily.IPv4
|
||||||
let discovery = newDiscoveryProtocol(privkey, address, bootnodes, listenPort)
|
let discovery = newDiscoveryProtocol(privKey, address, nodes, bindPort = listenPort)
|
||||||
|
|
||||||
echo discovery.localNode.node.pubkey
|
echo discovery.localNode.node.pubkey
|
||||||
echo "this_node.id: ", discovery.localNode.id.toHex()
|
echo "this_node.id: ", discovery.localNode.id.toHex()
|
||||||
|
@ -372,5 +401,6 @@ when isMainModule:
|
||||||
proc test() {.async.} =
|
proc test() {.async.} =
|
||||||
{.gcsafe.}:
|
{.gcsafe.}:
|
||||||
await discovery.bootstrap()
|
await discovery.bootstrap()
|
||||||
|
for node in discovery.randomNodes(discovery.kademlia.nodesDiscovered):
|
||||||
|
echo node
|
||||||
waitFor test()
|
waitFor test()
|
||||||
|
|
|
@ -545,7 +545,8 @@ proc randomNodes*(r: RoutingTable, maxAmount: int,
|
||||||
# while it will take less total time compared to e.g. an (async)
|
# while it will take less total time compared to e.g. an (async)
|
||||||
# randomLookup, the time might be wasted as all nodes are possibly seen
|
# randomLookup, the time might be wasted as all nodes are possibly seen
|
||||||
# already.
|
# already.
|
||||||
while len(seen) < maxAmount:
|
# We check against the number of nodes to avoid an infinite loop in case of a filter.
|
||||||
|
while len(result) < maxAmount and len(seen) < sz:
|
||||||
let bucket = r.rng[].sample(r.buckets)
|
let bucket = r.rng[].sample(r.buckets)
|
||||||
if bucket.nodes.len != 0:
|
if bucket.nodes.len != 0:
|
||||||
let node = r.rng[].sample(bucket.nodes)
|
let node = r.rng[].sample(bucket.nodes)
|
||||||
|
|
|
@ -49,7 +49,6 @@ type
|
||||||
istart, iend: UInt256
|
istart, iend: UInt256
|
||||||
nodes: seq[Node]
|
nodes: seq[Node]
|
||||||
replacementCache: seq[Node]
|
replacementCache: seq[Node]
|
||||||
lastUpdated: float # epochTime
|
|
||||||
|
|
||||||
CommandId* = enum
|
CommandId* = enum
|
||||||
cmdPing = 1
|
cmdPing = 1
|
||||||
|
@ -216,7 +215,6 @@ proc add(k: KBucket, n: Node): Node =
|
||||||
## If the bucket is full, we add the node to the bucket's replacement cache and return the
|
## If the bucket is full, we add the node to the bucket's replacement cache and return the
|
||||||
## node at the head of the list (i.e. the least recently seen), which should be evicted if it
|
## node at the head of the list (i.e. the least recently seen), which should be evicted if it
|
||||||
## fails to respond to a ping.
|
## fails to respond to a ping.
|
||||||
k.lastUpdated = epochTime()
|
|
||||||
let nodeIdx = k.nodes.find(n)
|
let nodeIdx = k.nodes.find(n)
|
||||||
if nodeIdx != -1:
|
if nodeIdx != -1:
|
||||||
k.nodes.delete(nodeIdx)
|
k.nodes.delete(nodeIdx)
|
||||||
|
|
|
@ -16,7 +16,7 @@ let protocolManager = ProtocolManager()
|
||||||
proc registerProtocol*(proto: ProtocolInfo) {.gcsafe.} =
|
proc registerProtocol*(proto: ProtocolInfo) {.gcsafe.} =
|
||||||
{.gcsafe.}:
|
{.gcsafe.}:
|
||||||
proto.index = protocolManager.protocols.len
|
proto.index = protocolManager.protocols.len
|
||||||
if proto.name == "p2p":
|
if proto.capability.name == "p2p":
|
||||||
doAssert(proto.index == 0)
|
doAssert(proto.index == 0)
|
||||||
protocolManager.protocols.add proto
|
protocolManager.protocols.add proto
|
||||||
|
|
||||||
|
|
|
@ -25,7 +25,7 @@
|
||||||
import
|
import
|
||||||
std/[options, sequtils, macrocache],
|
std/[options, sequtils, macrocache],
|
||||||
results,
|
results,
|
||||||
stew/shims/macros, chronos, faststreams/outputs
|
stew/shims/macros, chronos
|
||||||
|
|
||||||
type
|
type
|
||||||
MessageKind* = enum
|
MessageKind* = enum
|
||||||
|
@ -35,7 +35,7 @@ type
|
||||||
msgResponse
|
msgResponse
|
||||||
|
|
||||||
Message* = ref object
|
Message* = ref object
|
||||||
id*: Opt[uint64]
|
id*: uint64
|
||||||
ident*: NimNode
|
ident*: NimNode
|
||||||
kind*: MessageKind
|
kind*: MessageKind
|
||||||
procDef*: NimNode
|
procDef*: NimNode
|
||||||
|
@ -351,15 +351,17 @@ proc init*(T: type P2PProtocol, backendFactory: BackendFactory,
|
||||||
if not result.backend.afterProtocolInit.isNil:
|
if not result.backend.afterProtocolInit.isNil:
|
||||||
result.backend.afterProtocolInit(result)
|
result.backend.afterProtocolInit(result)
|
||||||
|
|
||||||
proc augmentUserHandler(p: P2PProtocol, userHandlerProc: NimNode, msgId = Opt.none(uint64)) =
|
proc augmentUserHandler(p: P2PProtocol, userHandlerProc: NimNode, canRaise: bool, msgId = Opt.none(uint64)) =
|
||||||
## This procs adds a set of common helpers available in all messages handlers
|
## This procs adds a set of common helpers available in all messages handlers
|
||||||
## (e.g. `perProtocolMsgId`, `peer.state`, etc).
|
## (e.g. `perProtocolMsgId`, `peer.state`, etc).
|
||||||
|
|
||||||
userHandlerProc.addPragma ident"gcsafe"
|
|
||||||
|
|
||||||
# we only take the pragma
|
# we only take the pragma
|
||||||
let dummy = quote do:
|
let dummy = if canRaise:
|
||||||
proc dummy(): Future[void] {.async: (raises: [EthP2PError]).}
|
quote do:
|
||||||
|
proc dummy(): Future[void] {.async: (raises: [CancelledError, EthP2PError]).}
|
||||||
|
else:
|
||||||
|
quote do:
|
||||||
|
proc dummy(): Future[void] {.async: (raises: []).}
|
||||||
|
|
||||||
if p.isRlpx:
|
if p.isRlpx:
|
||||||
userHandlerProc.addPragma dummy.pragma[0]
|
userHandlerProc.addPragma dummy.pragma[0]
|
||||||
|
@ -402,27 +404,16 @@ proc augmentUserHandler(p: P2PProtocol, userHandlerProc: NimNode, msgId = Opt.no
|
||||||
template networkState(`peerVar`: `PeerType`): `NetworkStateType` {.used.} =
|
template networkState(`peerVar`: `PeerType`): `NetworkStateType` {.used.} =
|
||||||
`NetworkStateType`(`getNetworkState`(`peerVar`.network, `protocolInfo`))
|
`NetworkStateType`(`getNetworkState`(`peerVar`.network, `protocolInfo`))
|
||||||
|
|
||||||
proc addExceptionHandler(userHandlerProc: NimNode) =
|
|
||||||
let bodyTemp = userHandlerProc.body
|
|
||||||
userHandlerProc.body = quote do:
|
|
||||||
try:
|
|
||||||
`bodyTemp`
|
|
||||||
except CancelledError as exc:
|
|
||||||
raise newException(EthP2PError, exc.msg)
|
|
||||||
except CatchableError as exc:
|
|
||||||
raise newException(EthP2PError, exc.msg)
|
|
||||||
|
|
||||||
proc addPreludeDefs(userHandlerProc: NimNode, definitions: NimNode) =
|
proc addPreludeDefs(userHandlerProc: NimNode, definitions: NimNode) =
|
||||||
userHandlerProc.body[0].add definitions
|
userHandlerProc.body[0].add definitions
|
||||||
|
|
||||||
proc eventHandlerToProc(p: P2PProtocol, doBlock: NimNode, handlerName: string): NimNode =
|
proc eventHandlerToProc(p: P2PProtocol, doBlock: NimNode, handlerName: string, canRaise: bool): NimNode =
|
||||||
## Turns a "named" do block to a regular async proc
|
## Turns a "named" do block to a regular async proc
|
||||||
## (e.g. onPeerConnected do ...)
|
## (e.g. onPeerConnected do ...)
|
||||||
result = newTree(nnkProcDef)
|
result = newTree(nnkProcDef)
|
||||||
doBlock.copyChildrenTo(result)
|
doBlock.copyChildrenTo(result)
|
||||||
result.name = ident(p.name & handlerName) # genSym(nskProc, p.name & handlerName)
|
result.name = ident(p.name & handlerName) # genSym(nskProc, p.name & handlerName)
|
||||||
p.augmentUserHandler result
|
p.augmentUserHandler result, canRaise
|
||||||
result.addExceptionHandler()
|
|
||||||
|
|
||||||
proc addTimeoutParam(procDef: NimNode, defaultValue: int64) =
|
proc addTimeoutParam(procDef: NimNode, defaultValue: int64) =
|
||||||
var
|
var
|
||||||
|
@ -477,7 +468,7 @@ proc newMsg(protocol: P2PProtocol, kind: MessageKind, msgId: uint64,
|
||||||
recBody = newTree(nnkDistinctTy, recName)
|
recBody = newTree(nnkDistinctTy, recName)
|
||||||
|
|
||||||
result = Message(protocol: protocol,
|
result = Message(protocol: protocol,
|
||||||
id: Opt.some(msgId),
|
id: msgId,
|
||||||
ident: msgIdent,
|
ident: msgIdent,
|
||||||
kind: kind,
|
kind: kind,
|
||||||
procDef: procDef,
|
procDef: procDef,
|
||||||
|
@ -489,7 +480,7 @@ proc newMsg(protocol: P2PProtocol, kind: MessageKind, msgId: uint64,
|
||||||
if procDef.body.kind != nnkEmpty:
|
if procDef.body.kind != nnkEmpty:
|
||||||
var userHandler = copy procDef
|
var userHandler = copy procDef
|
||||||
|
|
||||||
protocol.augmentUserHandler userHandler, Opt.some(msgId)
|
protocol.augmentUserHandler userHandler, true, Opt.some(msgId)
|
||||||
userHandler.name = ident(msgName & "UserHandler")
|
userHandler.name = ident(msgName & "UserHandler")
|
||||||
|
|
||||||
# Request and Response handlers get an extra `reqId` parameter if the
|
# Request and Response handlers get an extra `reqId` parameter if the
|
||||||
|
@ -518,7 +509,6 @@ proc newMsg(protocol: P2PProtocol, kind: MessageKind, msgId: uint64,
|
||||||
of msgResponse: userHandler.applyDecorator protocol.incomingResponseDecorator
|
of msgResponse: userHandler.applyDecorator protocol.incomingResponseDecorator
|
||||||
else: discard
|
else: discard
|
||||||
|
|
||||||
userHandler.addExceptionHandler()
|
|
||||||
result.userHandler = userHandler
|
result.userHandler = userHandler
|
||||||
protocol.outRecvProcs.add result.userHandler
|
protocol.outRecvProcs.add result.userHandler
|
||||||
|
|
||||||
|
@ -543,7 +533,7 @@ proc addMsg(p: P2PProtocol, msgId: uint64, procDef: NimNode) =
|
||||||
let
|
let
|
||||||
responseIdent = ident($procDef.name & "Response")
|
responseIdent = ident($procDef.name & "Response")
|
||||||
response = Message(protocol: p,
|
response = Message(protocol: p,
|
||||||
id: Opt.none(uint64),
|
id: msgId,
|
||||||
ident: responseIdent,
|
ident: responseIdent,
|
||||||
kind: msgResponse,
|
kind: msgResponse,
|
||||||
recName: returnType,
|
recName: returnType,
|
||||||
|
@ -589,7 +579,10 @@ proc createSendProc*(msg: Message,
|
||||||
name = if nameSuffix.len == 0: msg.identWithExportMarker
|
name = if nameSuffix.len == 0: msg.identWithExportMarker
|
||||||
else: ident($msg.ident & nameSuffix)
|
else: ident($msg.ident & nameSuffix)
|
||||||
|
|
||||||
pragmas = if procType == nnkProcDef: newTree(nnkPragma, ident"gcsafe")
|
dummy = quote do:
|
||||||
|
proc dummy(): Future[void] {.async: (raises: [CancelledError, EthP2PError], raw: true).}
|
||||||
|
|
||||||
|
pragmas = if procType == nnkProcDef: dummy.pragma
|
||||||
else: newEmptyNode()
|
else: newEmptyNode()
|
||||||
|
|
||||||
var def = newNimNode(procType).add(
|
var def = newNimNode(procType).add(
|
||||||
|
@ -641,7 +634,7 @@ proc createSendProc*(msg: Message,
|
||||||
of msgNotification:
|
of msgNotification:
|
||||||
discard
|
discard
|
||||||
|
|
||||||
def[3][0] = if procType == nnkMacroDef:
|
def[3][0] = if procType in [nnkMacroDef, nnkTemplateDef]:
|
||||||
ident "untyped"
|
ident "untyped"
|
||||||
elif msg.kind == msgRequest and not isRawSender:
|
elif msg.kind == msgRequest and not isRawSender:
|
||||||
Fut(msg.requestResultType)
|
Fut(msg.requestResultType)
|
||||||
|
@ -699,77 +692,6 @@ proc writeParamsAsRecord*(params: openArray[NimNode],
|
||||||
var `writer` = init(WriterType(`Format`), `outputStream`)
|
var `writer` = init(WriterType(`Format`), `outputStream`)
|
||||||
writeValue(`writer`, `param`)
|
writeValue(`writer`, `param`)
|
||||||
|
|
||||||
proc useStandardBody*(sendProc: SendProc,
|
|
||||||
preSerializationStep: proc(stream: NimNode): NimNode,
|
|
||||||
postSerializationStep: proc(stream: NimNode): NimNode,
|
|
||||||
sendCallGenerator: proc (peer, bytes: NimNode): NimNode) =
|
|
||||||
let
|
|
||||||
msg = sendProc.msg
|
|
||||||
msgBytes = ident "msgBytes"
|
|
||||||
recipient = sendProc.peerParam
|
|
||||||
sendCall = sendCallGenerator(recipient, msgBytes)
|
|
||||||
|
|
||||||
if sendProc.msgParams.len == 0:
|
|
||||||
sendProc.setBody quote do:
|
|
||||||
var `msgBytes`: seq[byte]
|
|
||||||
`sendCall`
|
|
||||||
return
|
|
||||||
|
|
||||||
let
|
|
||||||
outputStream = ident "outputStream"
|
|
||||||
|
|
||||||
msgRecName = msg.recName
|
|
||||||
Format = msg.protocol.backend.SerializationFormat
|
|
||||||
|
|
||||||
preSerialization = if preSerializationStep.isNil: newStmtList()
|
|
||||||
else: preSerializationStep(outputStream)
|
|
||||||
|
|
||||||
serialization = writeParamsAsRecord(sendProc.msgParams,
|
|
||||||
outputStream, Format, msgRecName)
|
|
||||||
|
|
||||||
postSerialization = if postSerializationStep.isNil: newStmtList()
|
|
||||||
else: postSerializationStep(outputStream)
|
|
||||||
|
|
||||||
tracing = when not tracingEnabled:
|
|
||||||
newStmtList()
|
|
||||||
else:
|
|
||||||
logSentMsgFields(recipient,
|
|
||||||
msg.protocol.protocolInfo,
|
|
||||||
$msg.ident,
|
|
||||||
sendProc.msgParams)
|
|
||||||
|
|
||||||
sendProc.setBody quote do:
|
|
||||||
mixin init, WriterType, beginRecord, endRecord, getOutput
|
|
||||||
|
|
||||||
var `outputStream` = memoryOutput()
|
|
||||||
`preSerialization`
|
|
||||||
`serialization`
|
|
||||||
`postSerialization`
|
|
||||||
`tracing`
|
|
||||||
let `msgBytes` = getOutput(`outputStream`)
|
|
||||||
`sendCall`
|
|
||||||
|
|
||||||
proc correctSerializerProcParams(params: NimNode) =
|
|
||||||
# A serializer proc is just like a send proc, but:
|
|
||||||
# 1. it has a void return type
|
|
||||||
params[0] = ident "void"
|
|
||||||
# 2. The peer params is replaced with OutputStream
|
|
||||||
params[1] = newIdentDefs(streamVar, bindSym "OutputStream")
|
|
||||||
# 3. The timeout param is removed
|
|
||||||
params.del(params.len - 1)
|
|
||||||
|
|
||||||
proc createSerializer*(msg: Message, procType = nnkProcDef): NimNode =
|
|
||||||
var serializer = msg.createSendProc(procType, nameSuffix = "Serializer")
|
|
||||||
correctSerializerProcParams serializer.def.params
|
|
||||||
|
|
||||||
serializer.setBody writeParamsAsRecord(
|
|
||||||
serializer.msgParams,
|
|
||||||
streamVar,
|
|
||||||
msg.protocol.backend.SerializationFormat,
|
|
||||||
msg.recName)
|
|
||||||
|
|
||||||
return serializer.def
|
|
||||||
|
|
||||||
proc defineThunk*(msg: Message, thunk: NimNode) =
|
proc defineThunk*(msg: Message, thunk: NimNode) =
|
||||||
let protocol = msg.protocol
|
let protocol = msg.protocol
|
||||||
|
|
||||||
|
@ -822,9 +744,9 @@ proc netInit*(p: P2PProtocol): NimNode =
|
||||||
p.backend.NetworkType,
|
p.backend.NetworkType,
|
||||||
p.NetworkStateType)
|
p.NetworkStateType)
|
||||||
|
|
||||||
proc createHandshakeTemplate*(msg: Message,
|
proc createHandshakeTemplate*(
|
||||||
rawSendProc, handshakeImpl,
|
msg: Message, rawSendProc, handshakeImpl, nextMsg: NimNode
|
||||||
nextMsg: NimNode): SendProc =
|
): SendProc =
|
||||||
let
|
let
|
||||||
handshakeExchanger = msg.createSendProc(procType = nnkTemplateDef)
|
handshakeExchanger = msg.createSendProc(procType = nnkTemplateDef)
|
||||||
forwardCall = newCall(rawSendProc).appendAllInputParams(handshakeExchanger.def)
|
forwardCall = newCall(rawSendProc).appendAllInputParams(handshakeExchanger.def)
|
||||||
|
@ -834,19 +756,13 @@ proc createHandshakeTemplate*(msg: Message,
|
||||||
forwardCall[1] = peerVar
|
forwardCall[1] = peerVar
|
||||||
forwardCall.del(forwardCall.len - 1)
|
forwardCall.del(forwardCall.len - 1)
|
||||||
|
|
||||||
let peerVar = genSym(nskLet ,"peer")
|
let peerVar = genSym(nskLet, "peer")
|
||||||
handshakeExchanger.setBody quote do:
|
handshakeExchanger.setBody quote do:
|
||||||
try:
|
let `peerVar` = `peerValue`
|
||||||
let `peerVar` = `peerValue`
|
let sendingFuture = `forwardCall`
|
||||||
let sendingFuture = `forwardCall`
|
`handshakeImpl`[`msgRecName`](
|
||||||
`handshakeImpl`(`peerVar`,
|
`peerVar`, sendingFuture, `nextMsg`(`peerVar`, `msgRecName`), `timeoutVar`
|
||||||
sendingFuture,
|
)
|
||||||
`nextMsg`(`peerVar`, `msgRecName`),
|
|
||||||
`timeoutVar`)
|
|
||||||
except PeerDisconnected as exc:
|
|
||||||
raise newException(EthP2PError, exc.msg)
|
|
||||||
except P2PInternalError as exc:
|
|
||||||
raise newException(EthP2PError, exc.msg)
|
|
||||||
|
|
||||||
return handshakeExchanger
|
return handshakeExchanger
|
||||||
|
|
||||||
|
@ -915,10 +831,10 @@ proc processProtocolBody*(p: P2PProtocol, protocolBody: NimNode) =
|
||||||
inc nextId
|
inc nextId
|
||||||
|
|
||||||
elif eqIdent(n[0], "onPeerConnected"):
|
elif eqIdent(n[0], "onPeerConnected"):
|
||||||
p.onPeerConnected = p.eventHandlerToProc(n[1], "PeerConnected")
|
p.onPeerConnected = p.eventHandlerToProc(n[1], "PeerConnected", true)
|
||||||
|
|
||||||
elif eqIdent(n[0], "onPeerDisconnected"):
|
elif eqIdent(n[0], "onPeerDisconnected"):
|
||||||
p.onPeerDisconnected = p.eventHandlerToProc(n[1], "PeerDisconnected")
|
p.onPeerDisconnected = p.eventHandlerToProc(n[1], "PeerDisconnected", false)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
error(repr(n) & " is not a recognized call in P2P protocol definitions", n)
|
error(repr(n) & " is not a recognized call in P2P protocol definitions", n)
|
||||||
|
@ -965,11 +881,8 @@ proc genTypeSection*(p: P2PProtocol): NimNode =
|
||||||
if msg.procDef == nil:
|
if msg.procDef == nil:
|
||||||
continue
|
continue
|
||||||
|
|
||||||
# FIXME: Can `msg.id` be missing, at all?
|
|
||||||
doAssert msg.id.isSome()
|
|
||||||
|
|
||||||
let
|
let
|
||||||
msgId = msg.id.value
|
msgId = msg.id
|
||||||
msgName = msg.ident
|
msgName = msg.ident
|
||||||
msgRecName = msg.recName
|
msgRecName = msg.recName
|
||||||
msgStrongRecName = msg.strongRecName
|
msgStrongRecName = msg.strongRecName
|
||||||
|
@ -1019,7 +932,7 @@ proc genCode*(p: P2PProtocol): NimNode =
|
||||||
regBody.add newCall(p.backend.registerProtocol, protocolVar)
|
regBody.add newCall(p.backend.registerProtocol, protocolVar)
|
||||||
|
|
||||||
result.add quote do:
|
result.add quote do:
|
||||||
proc `protocolReg`() {.raises: [RlpError].} =
|
proc `protocolReg`() =
|
||||||
let `protocolVar` = `protocolInit`
|
let `protocolVar` = `protocolInit`
|
||||||
`regBody`
|
`regBody`
|
||||||
`protocolReg`()
|
`protocolReg`()
|
||||||
|
@ -1054,12 +967,11 @@ macro emitForSingleBackend(
|
||||||
|
|
||||||
result = p.genCode()
|
result = p.genCode()
|
||||||
|
|
||||||
when defined(p2pProtocolDebug):
|
try:
|
||||||
try:
|
result.storeMacroResult true
|
||||||
result.storeMacroResult true
|
except IOError:
|
||||||
except IOError:
|
# IO error so the generated nim code might not be stored, don't sweat it.
|
||||||
# IO error so the generated nim code might not be stored, don't sweat it.
|
discard
|
||||||
discard
|
|
||||||
|
|
||||||
macro emitForAllBackends(backendSyms: typed, options: untyped, body: untyped): untyped =
|
macro emitForAllBackends(backendSyms: typed, options: untyped, body: untyped): untyped =
|
||||||
let name = $(options[0])
|
let name = $(options[0])
|
||||||
|
|
|
@ -15,12 +15,9 @@ import
|
||||||
chronos,
|
chronos,
|
||||||
results,
|
results,
|
||||||
".."/../[rlp], ../../common/[base, keys],
|
".."/../[rlp], ../../common/[base, keys],
|
||||||
".."/[enode, kademlia, discovery, rlpxcrypt]
|
".."/[enode, kademlia, discovery, rlpxtransport]
|
||||||
|
|
||||||
export base.NetworkId
|
export base.NetworkId, rlpxtransport, kademlia
|
||||||
|
|
||||||
const
|
|
||||||
useSnappy* = defined(useSnappy)
|
|
||||||
|
|
||||||
type
|
type
|
||||||
EthereumNode* = ref object
|
EthereumNode* = ref object
|
||||||
|
@ -39,8 +36,6 @@ type
|
||||||
listeningServer*: StreamServer
|
listeningServer*: StreamServer
|
||||||
protocolStates*: seq[RootRef]
|
protocolStates*: seq[RootRef]
|
||||||
discovery*: DiscoveryProtocol
|
discovery*: DiscoveryProtocol
|
||||||
when useSnappy:
|
|
||||||
protocolVersion*: uint64
|
|
||||||
rng*: ref HmacDrbgContext
|
rng*: ref HmacDrbgContext
|
||||||
|
|
||||||
Peer* = ref object
|
Peer* = ref object
|
||||||
|
@ -48,16 +43,15 @@ type
|
||||||
network*: EthereumNode
|
network*: EthereumNode
|
||||||
|
|
||||||
# Private fields:
|
# Private fields:
|
||||||
transport*: StreamTransport
|
transport*: RlpxTransport
|
||||||
dispatcher*: Dispatcher
|
dispatcher*: Dispatcher
|
||||||
lastReqId*: Opt[uint64]
|
lastReqId*: Opt[uint64]
|
||||||
secretsState*: SecretState
|
|
||||||
connectionState*: ConnectionState
|
connectionState*: ConnectionState
|
||||||
protocolStates*: seq[RootRef]
|
protocolStates*: seq[RootRef]
|
||||||
outstandingRequests*: seq[Deque[OutstandingRequest]] # per `msgId` table
|
outstandingRequests*: seq[Deque[OutstandingRequest]] # per `msgId` table
|
||||||
awaitedMessages*: seq[FutureBase] # per `msgId` table
|
awaitedMessages*: seq[FutureBase] # per `msgId` table
|
||||||
when useSnappy:
|
snappyEnabled*: bool
|
||||||
snappyEnabled*: bool
|
clientId*: string
|
||||||
|
|
||||||
SeenNode* = object
|
SeenNode* = object
|
||||||
nodeId*: NodeId
|
nodeId*: NodeId
|
||||||
|
@ -111,8 +105,7 @@ type
|
||||||
protocols*: seq[ProtocolInfo]
|
protocols*: seq[ProtocolInfo]
|
||||||
|
|
||||||
ProtocolInfo* = ref object
|
ProtocolInfo* = ref object
|
||||||
name*: string
|
capability*: Capability
|
||||||
version*: uint64
|
|
||||||
messages*: seq[MessageInfo]
|
messages*: seq[MessageInfo]
|
||||||
index*: int # the position of the protocol in the
|
index*: int # the position of the protocol in the
|
||||||
# ordered list of supported protocols
|
# ordered list of supported protocols
|
||||||
|
@ -120,8 +113,9 @@ type
|
||||||
# Private fields:
|
# Private fields:
|
||||||
peerStateInitializer*: PeerStateInitializer
|
peerStateInitializer*: PeerStateInitializer
|
||||||
networkStateInitializer*: NetworkStateInitializer
|
networkStateInitializer*: NetworkStateInitializer
|
||||||
handshake*: HandshakeStep
|
|
||||||
disconnectHandler*: DisconnectionHandler
|
onPeerConnected*: OnPeerConnectedHandler
|
||||||
|
onPeerDisconnected*: OnPeerDisconnectedHandler
|
||||||
|
|
||||||
MessageInfo* = ref object
|
MessageInfo* = ref object
|
||||||
id*: uint64 # this is a `msgId` (as opposed to a `reqId`)
|
id*: uint64 # this is a `msgId` (as opposed to a `reqId`)
|
||||||
|
@ -132,6 +126,7 @@ type
|
||||||
printer*: MessageContentPrinter
|
printer*: MessageContentPrinter
|
||||||
requestResolver*: RequestResolver
|
requestResolver*: RequestResolver
|
||||||
nextMsgResolver*: NextMsgResolver
|
nextMsgResolver*: NextMsgResolver
|
||||||
|
failResolver*: FailResolver
|
||||||
|
|
||||||
Dispatcher* = ref object # private
|
Dispatcher* = ref object # private
|
||||||
# The dispatcher stores the mapping of negotiated message IDs between
|
# The dispatcher stores the mapping of negotiated message IDs between
|
||||||
|
@ -157,13 +152,12 @@ type
|
||||||
OutstandingRequest* = object
|
OutstandingRequest* = object
|
||||||
id*: uint64 # a `reqId` that may be used for response
|
id*: uint64 # a `reqId` that may be used for response
|
||||||
future*: FutureBase
|
future*: FutureBase
|
||||||
timeoutAt*: Moment
|
|
||||||
|
|
||||||
# Private types:
|
# Private types:
|
||||||
MessageHandlerDecorator* = proc(msgId: uint64, n: NimNode): NimNode
|
MessageHandlerDecorator* = proc(msgId: uint64, n: NimNode): NimNode
|
||||||
|
|
||||||
ThunkProc* = proc(x: Peer, msgId: uint64, data: Rlp): Future[void]
|
ThunkProc* = proc(x: Peer, data: Rlp): Future[void]
|
||||||
{.gcsafe, async: (raises: [RlpError, EthP2PError]).}
|
{.async: (raises: [CancelledError, EthP2PError]).}
|
||||||
|
|
||||||
MessageContentPrinter* = proc(msg: pointer): string
|
MessageContentPrinter* = proc(msg: pointer): string
|
||||||
{.gcsafe, raises: [].}
|
{.gcsafe, raises: [].}
|
||||||
|
@ -174,17 +168,20 @@ type
|
||||||
NextMsgResolver* = proc(msgData: Rlp, future: FutureBase)
|
NextMsgResolver* = proc(msgData: Rlp, future: FutureBase)
|
||||||
{.gcsafe, raises: [RlpError].}
|
{.gcsafe, raises: [RlpError].}
|
||||||
|
|
||||||
|
FailResolver* = proc(reason: DisconnectionReason, future: FutureBase)
|
||||||
|
{.gcsafe, raises: [].}
|
||||||
|
|
||||||
PeerStateInitializer* = proc(peer: Peer): RootRef
|
PeerStateInitializer* = proc(peer: Peer): RootRef
|
||||||
{.gcsafe, raises: [].}
|
{.gcsafe, raises: [].}
|
||||||
|
|
||||||
NetworkStateInitializer* = proc(network: EthereumNode): RootRef
|
NetworkStateInitializer* = proc(network: EthereumNode): RootRef
|
||||||
{.gcsafe, raises: [].}
|
{.gcsafe, raises: [].}
|
||||||
|
|
||||||
HandshakeStep* = proc(peer: Peer): Future[void]
|
OnPeerConnectedHandler* = proc(peer: Peer): Future[void]
|
||||||
{.gcsafe, async: (raises: [EthP2PError]).}
|
{.async: (raises: [CancelledError, EthP2PError]).}
|
||||||
|
|
||||||
DisconnectionHandler* = proc(peer: Peer, reason: DisconnectionReason):
|
OnPeerDisconnectedHandler* = proc(peer: Peer, reason: DisconnectionReason):
|
||||||
Future[void] {.gcsafe, async: (raises: [EthP2PError]).}
|
Future[void] {.async: (raises: []).}
|
||||||
|
|
||||||
ConnectionState* = enum
|
ConnectionState* = enum
|
||||||
None,
|
None,
|
||||||
|
@ -209,12 +206,14 @@ type
|
||||||
ClientQuitting = 0x08,
|
ClientQuitting = 0x08,
|
||||||
UnexpectedIdentity = 0x09,
|
UnexpectedIdentity = 0x09,
|
||||||
SelfConnection = 0x0A,
|
SelfConnection = 0x0A,
|
||||||
MessageTimeout = 0x0B,
|
PingTimeout = 0x0B,
|
||||||
SubprotocolReason = 0x10
|
SubprotocolReason = 0x10
|
||||||
|
|
||||||
Address = enode.Address
|
Address = enode.Address
|
||||||
|
|
||||||
proc `$`*(peer: Peer): string = $peer.remote
|
proc `$`*(peer: Peer): string = $peer.remote
|
||||||
|
|
||||||
|
proc `$`*(v: Capability): string = v.name & "/" & $v.version
|
||||||
|
|
||||||
proc toENode*(v: EthereumNode): ENode =
|
proc toENode*(v: EthereumNode): ENode =
|
||||||
ENode(pubkey: v.keys.pubkey, address: v.address)
|
ENode(pubkey: v.keys.pubkey, address: v.address)
|
||||||
|
|
1568
eth/p2p/rlpx.nim
1568
eth/p2p/rlpx.nim
File diff suppressed because it is too large
Load Diff
|
@ -38,7 +38,8 @@ type
|
||||||
IncompleteError = "rlpx: data incomplete"
|
IncompleteError = "rlpx: data incomplete"
|
||||||
IncorrectArgs = "rlpx: incorrect arguments"
|
IncorrectArgs = "rlpx: incorrect arguments"
|
||||||
|
|
||||||
RlpxHeader* = array[16, byte]
|
RlpxEncryptedHeader* = array[RlpHeaderLength + RlpMacLength, byte]
|
||||||
|
RlpxHeader* = array[RlpHeaderLength, byte]
|
||||||
|
|
||||||
RlpxResult*[T] = Result[T, RlpxError]
|
RlpxResult*[T] = Result[T, RlpxError]
|
||||||
|
|
||||||
|
@ -61,8 +62,8 @@ proc sxor[T](a: var openArray[T], b: openArray[T]) {.inline.} =
|
||||||
proc initSecretState*(secrets: ConnectionSecret, context: var SecretState) =
|
proc initSecretState*(secrets: ConnectionSecret, context: var SecretState) =
|
||||||
## Initialized `context` with values from `secrets`.
|
## Initialized `context` with values from `secrets`.
|
||||||
|
|
||||||
# FIXME: Yes, the encryption is insecure,
|
# This scheme is insecure, see:
|
||||||
# see: https://github.com/ethereum/devp2p/issues/32
|
# https://github.com/ethereum/devp2p/issues/32
|
||||||
# https://github.com/ethereum/py-evm/blob/master/p2p/peer.py#L159-L160
|
# https://github.com/ethereum/py-evm/blob/master/p2p/peer.py#L159-L160
|
||||||
var iv: array[context.aesenc.sizeBlock, byte]
|
var iv: array[context.aesenc.sizeBlock, byte]
|
||||||
context.aesenc.init(secrets.aesKey, iv)
|
context.aesenc.init(secrets.aesKey, iv)
|
||||||
|
@ -132,8 +133,8 @@ proc encrypt*(c: var SecretState, header: openArray[byte],
|
||||||
var frameMac = tmpmac.finish()
|
var frameMac = tmpmac.finish()
|
||||||
tmpmac.clear()
|
tmpmac.clear()
|
||||||
# return header_ciphertext + header_mac + frame_ciphertext + frame_mac
|
# return header_ciphertext + header_mac + frame_ciphertext + frame_mac
|
||||||
copyMem(addr output[headerMacPos], addr headerMac.data[0], RlpHeaderLength)
|
copyMem(addr output[headerMacPos], addr headerMac.data[0], RlpMacLength)
|
||||||
copyMem(addr output[frameMacPos], addr frameMac.data[0], RlpHeaderLength)
|
copyMem(addr output[frameMacPos], addr frameMac.data[0], RlpMacLength)
|
||||||
ok()
|
ok()
|
||||||
|
|
||||||
proc encryptMsg*(msg: openArray[byte], secrets: var SecretState): seq[byte] =
|
proc encryptMsg*(msg: openArray[byte], secrets: var SecretState): seq[byte] =
|
||||||
|
@ -159,21 +160,19 @@ proc encryptMsg*(msg: openArray[byte], secrets: var SecretState): seq[byte] =
|
||||||
proc getBodySize*(a: RlpxHeader): int =
|
proc getBodySize*(a: RlpxHeader): int =
|
||||||
(int(a[0]) shl 16) or (int(a[1]) shl 8) or int(a[2])
|
(int(a[0]) shl 16) or (int(a[1]) shl 8) or int(a[2])
|
||||||
|
|
||||||
proc decryptHeader*(c: var SecretState, data: openArray[byte],
|
proc decryptHeader*(c: var SecretState, data: openArray[byte]): RlpxResult[RlpxHeader] =
|
||||||
output: var openArray[byte]): RlpxResult[void] =
|
|
||||||
## Decrypts header `data` using SecretState `c` context and store
|
## Decrypts header `data` using SecretState `c` context and store
|
||||||
## result into `output`.
|
## result into `output`.
|
||||||
##
|
##
|
||||||
## `header` must be exactly `RlpHeaderLength + RlpMacLength` length.
|
## `header` must be at least `RlpHeaderLength + RlpMacLength` length.
|
||||||
## `output` must be at least `RlpHeaderLength` length.
|
|
||||||
var
|
var
|
||||||
tmpmac: keccak256
|
tmpmac: keccak256
|
||||||
aes: array[RlpHeaderLength, byte]
|
aes: array[RlpHeaderLength, byte]
|
||||||
|
|
||||||
if len(data) != RlpHeaderLength + RlpMacLength:
|
if len(data) < RlpHeaderLength + RlpMacLength:
|
||||||
return err(IncompleteError)
|
return err(IncompleteError)
|
||||||
if len(output) < RlpHeaderLength:
|
|
||||||
return err(IncorrectArgs)
|
|
||||||
# mac_secret = self.ingress_mac.digest()[:HEADER_LEN]
|
# mac_secret = self.ingress_mac.digest()[:HEADER_LEN]
|
||||||
tmpmac = c.imac
|
tmpmac = c.imac
|
||||||
var macsec = tmpmac.finish()
|
var macsec = tmpmac.finish()
|
||||||
|
@ -187,33 +186,17 @@ proc decryptHeader*(c: var SecretState, data: openArray[byte],
|
||||||
tmpmac = c.imac
|
tmpmac = c.imac
|
||||||
var expectMac = tmpmac.finish()
|
var expectMac = tmpmac.finish()
|
||||||
# if not bytes_eq(expected_header_mac, header_mac):
|
# if not bytes_eq(expected_header_mac, header_mac):
|
||||||
let headerMacPos = RlpHeaderLength
|
if not equalMem(unsafeAddr data[RlpHeaderLength],
|
||||||
if not equalMem(cast[pointer](unsafeAddr data[headerMacPos]),
|
addr expectMac.data[0], RlpMacLength):
|
||||||
cast[pointer](addr expectMac.data[0]), RlpMacLength):
|
return err(IncorrectMac)
|
||||||
result = err(IncorrectMac)
|
|
||||||
else:
|
|
||||||
# return self.aes_dec.update(header_ciphertext)
|
|
||||||
c.aesdec.decrypt(toa(data, 0, RlpHeaderLength), output)
|
|
||||||
result = ok()
|
|
||||||
|
|
||||||
proc decryptHeaderAndGetMsgSize*(c: var SecretState,
|
# return self.aes_dec.update(header_ciphertext)
|
||||||
encryptedHeader: openArray[byte],
|
var output: RlpxHeader
|
||||||
outSize: var int,
|
c.aesdec.decrypt(toa(data, 0, RlpHeaderLength), output)
|
||||||
outHeader: var RlpxHeader): RlpxResult[void] =
|
ok(output)
|
||||||
result = decryptHeader(c, encryptedHeader, outHeader)
|
|
||||||
if result.isOk():
|
|
||||||
outSize = outHeader.getBodySize
|
|
||||||
|
|
||||||
proc decryptHeaderAndGetMsgSize*(c: var SecretState,
|
|
||||||
encryptedHeader: openArray[byte],
|
|
||||||
outSize: var int): RlpxResult[void] =
|
|
||||||
var decryptedHeader: RlpxHeader
|
|
||||||
result = decryptHeader(c, encryptedHeader, decryptedHeader)
|
|
||||||
if result.isOk():
|
|
||||||
outSize = decryptedHeader.getBodySize
|
|
||||||
|
|
||||||
proc decryptBody*(c: var SecretState, data: openArray[byte], bodysize: int,
|
proc decryptBody*(c: var SecretState, data: openArray[byte], bodysize: int,
|
||||||
output: var openArray[byte], outlen: var int): RlpxResult[void] =
|
output: var openArray[byte]): RlpxResult[void] =
|
||||||
## Decrypts body `data` using SecretState `c` context and store
|
## Decrypts body `data` using SecretState `c` context and store
|
||||||
## result into `output`.
|
## result into `output`.
|
||||||
##
|
##
|
||||||
|
@ -224,7 +207,6 @@ proc decryptBody*(c: var SecretState, data: openArray[byte], bodysize: int,
|
||||||
var
|
var
|
||||||
tmpmac: keccak256
|
tmpmac: keccak256
|
||||||
aes: array[RlpHeaderLength, byte]
|
aes: array[RlpHeaderLength, byte]
|
||||||
outlen = 0
|
|
||||||
let rsize = roundup16(bodysize)
|
let rsize = roundup16(bodysize)
|
||||||
if len(data) < rsize + RlpMacLength:
|
if len(data) < rsize + RlpMacLength:
|
||||||
return err(IncompleteError)
|
return err(IncompleteError)
|
||||||
|
@ -245,8 +227,7 @@ proc decryptBody*(c: var SecretState, data: openArray[byte], bodysize: int,
|
||||||
let bodyMacPos = rsize
|
let bodyMacPos = rsize
|
||||||
if not equalMem(cast[pointer](unsafeAddr data[bodyMacPos]),
|
if not equalMem(cast[pointer](unsafeAddr data[bodyMacPos]),
|
||||||
cast[pointer](addr expectMac.data[0]), RlpMacLength):
|
cast[pointer](addr expectMac.data[0]), RlpMacLength):
|
||||||
result = err(IncorrectMac)
|
err(IncorrectMac)
|
||||||
else:
|
else:
|
||||||
c.aesdec.decrypt(toa(data, 0, rsize), output)
|
c.aesdec.decrypt(toa(data, 0, rsize), output)
|
||||||
outlen = bodysize
|
ok()
|
||||||
result = ok()
|
|
||||||
|
|
|
@ -0,0 +1,243 @@
|
||||||
|
# nim-eth
|
||||||
|
# Copyright (c) 2018-2024 Status Research & Development GmbH
|
||||||
|
# Licensed and distributed under either of
|
||||||
|
# * MIT license (license terms in the root directory or at
|
||||||
|
# https://opensource.org/licenses/MIT).
|
||||||
|
# * Apache v2 license (license terms in the root directory or at
|
||||||
|
# https://www.apache.org/licenses/LICENSE-2.0).
|
||||||
|
# at your option. This file may not be copied, modified, or distributed except
|
||||||
|
# according to those terms.
|
||||||
|
|
||||||
|
{.push raises: [], gcsafe.}
|
||||||
|
|
||||||
|
import results, chronos, ../common/keys, ./[auth, rlpxcrypt]
|
||||||
|
|
||||||
|
export results, keys
|
||||||
|
|
||||||
|
type
|
||||||
|
RlpxTransport* = ref object
|
||||||
|
stream: StreamTransport
|
||||||
|
state: SecretState
|
||||||
|
pubkey*: PublicKey
|
||||||
|
|
||||||
|
RlpxTransportError* = object of CatchableError
|
||||||
|
|
||||||
|
template `^`(arr): auto =
|
||||||
|
# passes a stack array with a matching `arrLen` variable as an open array
|
||||||
|
arr.toOpenArray(0, `arr Len` - 1)
|
||||||
|
|
||||||
|
proc initiatorHandshake(
|
||||||
|
rng: ref HmacDrbgContext,
|
||||||
|
keys: KeyPair,
|
||||||
|
stream: StreamTransport,
|
||||||
|
remotePubkey: PublicKey,
|
||||||
|
): Future[ConnectionSecret] {.
|
||||||
|
async: (raises: [CancelledError, TransportError, RlpxTransportError])
|
||||||
|
.} =
|
||||||
|
# https://github.com/ethereum/devp2p/blob/5713591d0366da78a913a811c7502d9ca91d29a8/rlpx.md#initial-handshake
|
||||||
|
var
|
||||||
|
handshake = Handshake.init(rng[], keys, {Initiator})
|
||||||
|
authMsg: array[AuthMessageMaxEIP8, byte]
|
||||||
|
|
||||||
|
let
|
||||||
|
authMsgLen = handshake.authMessage(rng[], remotePubkey, authMsg).expect(
|
||||||
|
"No errors with correctly sized buffer"
|
||||||
|
)
|
||||||
|
|
||||||
|
writeRes = await stream.write(addr authMsg[0], authMsgLen)
|
||||||
|
if writeRes != authMsgLen:
|
||||||
|
# TOOD raising a chronos error here is a hack - rework using something else
|
||||||
|
raise (ref TransportIncompleteError)(msg: "Could not write RLPx handshake header")
|
||||||
|
|
||||||
|
var ackMsg = newSeqOfCap[byte](1024)
|
||||||
|
ackMsg.setLen(MsgLenLenEIP8)
|
||||||
|
await stream.readExactly(addr ackMsg[0], len(ackMsg))
|
||||||
|
|
||||||
|
let ackMsgLen = handshake.decodeAckMsgLen(ackMsg).valueOr:
|
||||||
|
raise
|
||||||
|
(ref RlpxTransportError)(msg: "Could not decode handshake ack length: " & $error)
|
||||||
|
|
||||||
|
ackMsg.setLen(ackMsgLen)
|
||||||
|
await stream.readExactly(addr ackMsg[MsgLenLenEIP8], ackMsgLen - MsgLenLenEIP8)
|
||||||
|
|
||||||
|
handshake.decodeAckMessage(ackMsg).isOkOr:
|
||||||
|
raise (ref RlpxTransportError)(msg: "Could not decode handshake ack: " & $error)
|
||||||
|
|
||||||
|
handshake.getSecrets(^authMsg, ackMsg)
|
||||||
|
|
||||||
|
proc responderHandshake(
|
||||||
|
rng: ref HmacDrbgContext, keys: KeyPair, stream: StreamTransport
|
||||||
|
): Future[(ConnectionSecret, PublicKey)] {.
|
||||||
|
async: (raises: [CancelledError, TransportError, RlpxTransportError])
|
||||||
|
.} =
|
||||||
|
# https://github.com/ethereum/devp2p/blob/5713591d0366da78a913a811c7502d9ca91d29a8/rlpx.md#initial-handshake
|
||||||
|
var
|
||||||
|
handshake = Handshake.init(rng[], keys, {auth.Responder})
|
||||||
|
authMsg = newSeqOfCap[byte](1024)
|
||||||
|
|
||||||
|
authMsg.setLen(MsgLenLenEIP8)
|
||||||
|
await stream.readExactly(addr authMsg[0], len(authMsg))
|
||||||
|
|
||||||
|
let authMsgLen = handshake.decodeAuthMsgLen(authMsg).valueOr:
|
||||||
|
raise
|
||||||
|
(ref RlpxTransportError)(msg: "Could not decode handshake auth length: " & $error)
|
||||||
|
|
||||||
|
authMsg.setLen(authMsgLen)
|
||||||
|
await stream.readExactly(addr authMsg[MsgLenLenEIP8], authMsgLen - MsgLenLenEIP8)
|
||||||
|
|
||||||
|
handshake.decodeAuthMessage(authMsg).isOkOr:
|
||||||
|
raise (ref RlpxTransportError)(
|
||||||
|
msg: "Could not decode handshake auth message: " & $error
|
||||||
|
)
|
||||||
|
|
||||||
|
var ackMsg: array[AckMessageMaxEIP8, byte]
|
||||||
|
let ackMsgLen =
|
||||||
|
handshake.ackMessage(rng[], ackMsg).expect("no errors with correcly sized buffer")
|
||||||
|
|
||||||
|
var res = await stream.write(addr ackMsg[0], ackMsgLen)
|
||||||
|
if res != ackMsgLen:
|
||||||
|
# TOOD raising a chronos error here is a hack - rework using something else
|
||||||
|
raise (ref TransportIncompleteError)(msg: "Could not write RLPx ack message")
|
||||||
|
|
||||||
|
(handshake.getSecrets(authMsg, ^ackMsg), handshake.remoteHPubkey)
|
||||||
|
|
||||||
|
proc connect*(
|
||||||
|
_: type RlpxTransport,
|
||||||
|
rng: ref HmacDrbgContext,
|
||||||
|
keys: KeyPair,
|
||||||
|
address: TransportAddress,
|
||||||
|
remotePubkey: PublicKey,
|
||||||
|
): Future[RlpxTransport] {.
|
||||||
|
async: (raises: [CancelledError, TransportError, RlpxTransportError])
|
||||||
|
.} =
|
||||||
|
var stream = await connect(address)
|
||||||
|
|
||||||
|
try:
|
||||||
|
let secrets = await initiatorHandshake(rng, keys, stream, remotePubkey)
|
||||||
|
var res = RlpxTransport(stream: move(stream), pubkey: remotePubkey)
|
||||||
|
initSecretState(secrets, res.state)
|
||||||
|
res
|
||||||
|
finally:
|
||||||
|
if stream != nil:
|
||||||
|
stream.close()
|
||||||
|
|
||||||
|
proc accept*(
|
||||||
|
_: type RlpxTransport,
|
||||||
|
rng: ref HmacDrbgContext,
|
||||||
|
keys: KeyPair,
|
||||||
|
stream: StreamTransport,
|
||||||
|
): Future[RlpxTransport] {.
|
||||||
|
async: (raises: [CancelledError, TransportError, RlpxTransportError])
|
||||||
|
.} =
|
||||||
|
var stream = stream
|
||||||
|
try:
|
||||||
|
let (secrets, remotePubkey) = await responderHandshake(rng, keys, stream)
|
||||||
|
var res = RlpxTransport(stream: move(stream), pubkey: remotePubkey)
|
||||||
|
initSecretState(secrets, res.state)
|
||||||
|
res
|
||||||
|
finally:
|
||||||
|
if stream != nil:
|
||||||
|
stream.close()
|
||||||
|
|
||||||
|
proc recvMsg*(
|
||||||
|
transport: RlpxTransport
|
||||||
|
): Future[seq[byte]] {.
|
||||||
|
async: (raises: [CancelledError, TransportError, RlpxTransportError])
|
||||||
|
.} =
|
||||||
|
## Read an RLPx frame from the given peer
|
||||||
|
var msgHeaderEnc: RlpxEncryptedHeader
|
||||||
|
await transport.stream.readExactly(addr msgHeaderEnc[0], msgHeaderEnc.len)
|
||||||
|
|
||||||
|
let msgHeader = decryptHeader(transport.state, msgHeaderEnc).valueOr:
|
||||||
|
raise (ref RlpxTransportError)(msg: "Cannot decrypt RLPx frame header")
|
||||||
|
|
||||||
|
# The header has more fields than the size, but they are unused / obsolete.
|
||||||
|
# Although some clients set them, we don't check this in the spirit of EIP-8
|
||||||
|
# https://github.com/ethereum/devp2p/blob/5713591d0366da78a913a811c7502d9ca91d29a8/rlpx.md#framing
|
||||||
|
|
||||||
|
let msgSize = msgHeader.getBodySize()
|
||||||
|
let remainingBytes = encryptedLength(msgSize) - 32
|
||||||
|
|
||||||
|
var encryptedBytes = newSeq[byte](remainingBytes)
|
||||||
|
await transport.stream.readExactly(addr encryptedBytes[0], len(encryptedBytes))
|
||||||
|
|
||||||
|
let decryptedMaxLength = decryptedLength(msgSize) # Padded length
|
||||||
|
var msgBody = newSeq[byte](decryptedMaxLength)
|
||||||
|
|
||||||
|
if decryptBody(transport.state, encryptedBytes, msgSize, msgBody).isErr():
|
||||||
|
raise (ref RlpxTransportError)(msg: "Cannot decrypt message body")
|
||||||
|
|
||||||
|
reset(encryptedBytes) # Release memory (TODO: in-place decryption)
|
||||||
|
|
||||||
|
msgBody.setLen(msgSize) # Remove padding
|
||||||
|
msgBody
|
||||||
|
|
||||||
|
proc sendMsg*(
|
||||||
|
transport: RlpxTransport, data: seq[byte]
|
||||||
|
) {.async: (raises: [CancelledError, TransportError, RlpxTransportError]).} =
|
||||||
|
let cipherText = encryptMsg(data, transport.state)
|
||||||
|
var res = await transport.stream.write(cipherText)
|
||||||
|
if res != len(cipherText):
|
||||||
|
# TOOD raising a chronos error here is a hack - rework using something else
|
||||||
|
raise (ref TransportIncompleteError)(msg: "Could not complete writing message")
|
||||||
|
|
||||||
|
proc remoteAddress*(
|
||||||
|
transport: RlpxTransport
|
||||||
|
): TransportAddress {.raises: [TransportOsError].} =
|
||||||
|
transport.stream.remoteAddress()
|
||||||
|
|
||||||
|
proc closed*(transport: RlpxTransport): bool =
|
||||||
|
transport.stream != nil and transport.stream.closed
|
||||||
|
|
||||||
|
proc close*(transport: RlpxTransport) =
|
||||||
|
if transport.stream != nil:
|
||||||
|
transport.stream.close()
|
||||||
|
|
||||||
|
proc closeWait*(
|
||||||
|
transport: RlpxTransport
|
||||||
|
): Future[void] {.async: (raises: [], raw: true).} =
|
||||||
|
transport.stream.closeWait()
|
||||||
|
|
||||||
|
when isMainModule:
|
||||||
|
# Simple CLI application for negotiating an RLPx connection with a peer
|
||||||
|
|
||||||
|
import stew/byteutils, std/cmdline, std/strutils, eth/rlp
|
||||||
|
if paramCount() < 3:
|
||||||
|
echo "rlpxtransport ip port pubkey"
|
||||||
|
quit 1
|
||||||
|
|
||||||
|
let
|
||||||
|
rng = newRng()
|
||||||
|
kp = KeyPair.random(rng[])
|
||||||
|
|
||||||
|
echo "Local key: ", toHex(kp.pubkey.toRaw())
|
||||||
|
|
||||||
|
let client = waitFor RlpxTransport.connect(
|
||||||
|
rng,
|
||||||
|
kp,
|
||||||
|
initTAddress(paramStr(1), parseInt(paramStr(2))),
|
||||||
|
PublicKey.fromHex(paramStr(3))[],
|
||||||
|
)
|
||||||
|
|
||||||
|
proc encodeMsg(msgId: uint64, msg: auto): seq[byte] =
|
||||||
|
var rlpWriter = initRlpWriter()
|
||||||
|
rlpWriter.append msgId
|
||||||
|
rlpWriter.appendRecordType(msg, typeof(msg).rlpFieldsCount > 1)
|
||||||
|
rlpWriter.finish
|
||||||
|
|
||||||
|
waitFor client.sendMsg(
|
||||||
|
encodeMsg(
|
||||||
|
uint64 0, (uint64 4, "nimbus", @[("eth", uint64 68)], uint64 0, kp.pubkey.toRaw())
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
while true:
|
||||||
|
echo "Reading message"
|
||||||
|
var data = waitFor client.recvMsg()
|
||||||
|
var rlp = rlpFromBytes(data)
|
||||||
|
let msgId = rlp.read(uint64)
|
||||||
|
if msgId == 0:
|
||||||
|
echo "Hello: ",
|
||||||
|
rlp.read((uint64, string, seq[(string, uint64)], uint64, seq[byte]))
|
||||||
|
else:
|
||||||
|
echo "Unknown message ", msgId, " ", toHex(data)
|
13
eth/rlp.nim
13
eth/rlp.nim
|
@ -448,9 +448,6 @@ func readImpl(
|
||||||
else:
|
else:
|
||||||
rlp.bytes.len()
|
rlp.bytes.len()
|
||||||
|
|
||||||
template getUnderlyingType[T](_: Option[T]): untyped =
|
|
||||||
T
|
|
||||||
|
|
||||||
template getUnderlyingType[T](_: Opt[T]): untyped =
|
template getUnderlyingType[T](_: Opt[T]): untyped =
|
||||||
T
|
T
|
||||||
|
|
||||||
|
@ -458,16 +455,6 @@ func readImpl(
|
||||||
type FieldType {.used.} = type field
|
type FieldType {.used.} = type field
|
||||||
when hasCustomPragmaFixed(RecordType, fieldName, rlpCustomSerialization):
|
when hasCustomPragmaFixed(RecordType, fieldName, rlpCustomSerialization):
|
||||||
field = rlp.read(result, FieldType)
|
field = rlp.read(result, FieldType)
|
||||||
elif field is Option:
|
|
||||||
# this works for optional fields at the end of an object/tuple
|
|
||||||
# if the optional field is followed by a mandatory field,
|
|
||||||
# custom serialization for a field or for the parent object
|
|
||||||
# will be better
|
|
||||||
type UT = getUnderlyingType(field)
|
|
||||||
if rlp.position < payloadEnd:
|
|
||||||
field = some(rlp.read(UT))
|
|
||||||
else:
|
|
||||||
field = none(UT)
|
|
||||||
elif field is Opt:
|
elif field is Opt:
|
||||||
# this works for optional fields at the end of an object/tuple
|
# this works for optional fields at the end of an object/tuple
|
||||||
# if the optional field is followed by a mandatory field,
|
# if the optional field is followed by a mandatory field,
|
||||||
|
|
|
@ -1,17 +0,0 @@
|
||||||
import
|
|
||||||
std/options,
|
|
||||||
../rlp
|
|
||||||
|
|
||||||
proc read*[T](rlp: var Rlp, O: type Option[T]): O {.inline.} =
|
|
||||||
mixin read
|
|
||||||
if not rlp.isEmpty:
|
|
||||||
result = some read(rlp, T)
|
|
||||||
|
|
||||||
proc append*(writer: var RlpWriter, value: Option) =
|
|
||||||
if value.isSome:
|
|
||||||
writer.append value.get
|
|
||||||
else:
|
|
||||||
writer.append ""
|
|
||||||
|
|
||||||
export
|
|
||||||
options, rlp
|
|
|
@ -0,0 +1,22 @@
|
||||||
|
import ../rlp
|
||||||
|
import writer
|
||||||
|
import pkg/results
|
||||||
|
|
||||||
|
export
|
||||||
|
rlp, results
|
||||||
|
|
||||||
|
proc append*[T](w: var RlpWriter, val: Opt[T]) =
|
||||||
|
mixin append
|
||||||
|
|
||||||
|
if val.isSome:
|
||||||
|
w.append(val.get())
|
||||||
|
else:
|
||||||
|
w.append("")
|
||||||
|
|
||||||
|
proc read*[T](rlp: var Rlp, val: var Opt[T]) {.raises: [RlpError].} =
|
||||||
|
mixin read
|
||||||
|
if rlp.blobLen != 0:
|
||||||
|
val = Opt.some(rlp.read(T))
|
||||||
|
else:
|
||||||
|
rlp.skipElem
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
import
|
import
|
||||||
std/options,
|
std/options,
|
||||||
results,
|
pkg/results,
|
||||||
stew/[arraybuf, assign2, bitops2, shims/macros],
|
stew/[arraybuf, assign2, bitops2, shims/macros],
|
||||||
./priv/defs
|
./priv/defs
|
||||||
|
|
||||||
|
@ -8,7 +8,7 @@ export arraybuf
|
||||||
|
|
||||||
type
|
type
|
||||||
RlpWriter* = object
|
RlpWriter* = object
|
||||||
pendingLists: seq[tuple[remainingItems, outBytes: int]]
|
pendingLists: seq[tuple[remainingItems, startPos: int]]
|
||||||
output: seq[byte]
|
output: seq[byte]
|
||||||
|
|
||||||
RlpIntBuf* = ArrayBuf[9, byte]
|
RlpIntBuf* = ArrayBuf[9, byte]
|
||||||
|
@ -41,7 +41,7 @@ func writeCount(bytes: var auto, count: int, baseMarker: byte) =
|
||||||
origLen = bytes.len
|
origLen = bytes.len
|
||||||
lenPrefixBytes = uint64(count).bytesNeeded
|
lenPrefixBytes = uint64(count).bytesNeeded
|
||||||
|
|
||||||
bytes.setLen(origLen + int(lenPrefixBytes) + 1)
|
bytes.setLen(origLen + lenPrefixBytes + 1)
|
||||||
bytes[origLen] = baseMarker + (THRESHOLD_LIST_LEN - 1) + byte(lenPrefixBytes)
|
bytes[origLen] = baseMarker + (THRESHOLD_LIST_LEN - 1) + byte(lenPrefixBytes)
|
||||||
bytes.writeBigEndian(uint64(count), bytes.len - 1, lenPrefixBytes)
|
bytes.writeBigEndian(uint64(count), bytes.len - 1, lenPrefixBytes)
|
||||||
|
|
||||||
|
@ -60,17 +60,16 @@ proc initRlpWriter*: RlpWriter =
|
||||||
# expected to be short-lived, it doesn't hurt to allocate this buffer
|
# expected to be short-lived, it doesn't hurt to allocate this buffer
|
||||||
result.output = newSeqOfCap[byte](2000)
|
result.output = newSeqOfCap[byte](2000)
|
||||||
|
|
||||||
proc decRet(n: var int, delta: int): int =
|
|
||||||
n -= delta
|
|
||||||
n
|
|
||||||
|
|
||||||
proc maybeClosePendingLists(self: var RlpWriter) =
|
proc maybeClosePendingLists(self: var RlpWriter) =
|
||||||
while self.pendingLists.len > 0:
|
while self.pendingLists.len > 0:
|
||||||
let lastListIdx = self.pendingLists.len - 1
|
let lastListIdx = self.pendingLists.len - 1
|
||||||
doAssert self.pendingLists[lastListIdx].remainingItems >= 1
|
doAssert self.pendingLists[lastListIdx].remainingItems > 0
|
||||||
if decRet(self.pendingLists[lastListIdx].remainingItems, 1) == 0:
|
|
||||||
|
self.pendingLists[lastListIdx].remainingItems -= 1
|
||||||
|
# if one last item is remaining in the list
|
||||||
|
if self.pendingLists[lastListIdx].remainingItems == 0:
|
||||||
# A list have been just finished. It was started in `startList`.
|
# A list have been just finished. It was started in `startList`.
|
||||||
let listStartPos = self.pendingLists[lastListIdx].outBytes
|
let listStartPos = self.pendingLists[lastListIdx].startPos
|
||||||
self.pendingLists.setLen lastListIdx
|
self.pendingLists.setLen lastListIdx
|
||||||
|
|
||||||
# How many bytes were written since the start?
|
# How many bytes were written since the start?
|
||||||
|
@ -104,33 +103,21 @@ proc appendRawBytes*(self: var RlpWriter, bytes: openArray[byte]) =
|
||||||
self.output.len - bytes.len, self.output.len - 1), bytes)
|
self.output.len - bytes.len, self.output.len - 1), bytes)
|
||||||
self.maybeClosePendingLists()
|
self.maybeClosePendingLists()
|
||||||
|
|
||||||
proc appendRawList(self: var RlpWriter, bytes: openArray[byte]) =
|
|
||||||
self.output.writeCount(bytes.len, LIST_START_MARKER)
|
|
||||||
self.appendRawBytes(bytes)
|
|
||||||
|
|
||||||
proc startList*(self: var RlpWriter, listSize: int) =
|
proc startList*(self: var RlpWriter, listSize: int) =
|
||||||
if listSize == 0:
|
if listSize == 0:
|
||||||
self.appendRawList([])
|
self.output.writeCount(0, LIST_START_MARKER)
|
||||||
|
self.appendRawBytes([])
|
||||||
else:
|
else:
|
||||||
self.pendingLists.add((listSize, self.output.len))
|
self.pendingLists.add((listSize, self.output.len))
|
||||||
|
|
||||||
proc appendBlob(self: var RlpWriter, data: openArray[byte], startMarker: byte) =
|
proc appendBlob(self: var RlpWriter, data: openArray[byte]) =
|
||||||
if data.len == 1 and byte(data[0]) < BLOB_START_MARKER:
|
if data.len == 1 and byte(data[0]) < BLOB_START_MARKER:
|
||||||
self.output.add byte(data[0])
|
self.output.add byte(data[0])
|
||||||
self.maybeClosePendingLists()
|
self.maybeClosePendingLists()
|
||||||
else:
|
else:
|
||||||
self.output.writeCount(data.len, startMarker)
|
self.output.writeCount(data.len, BLOB_START_MARKER)
|
||||||
self.appendRawBytes(data)
|
self.appendRawBytes(data)
|
||||||
|
|
||||||
proc appendImpl(self: var RlpWriter, data: string) =
|
|
||||||
appendBlob(self, data.toOpenArrayByte(0, data.high), BLOB_START_MARKER)
|
|
||||||
|
|
||||||
proc appendBlob(self: var RlpWriter, data: openArray[byte]) =
|
|
||||||
appendBlob(self, data, BLOB_START_MARKER)
|
|
||||||
|
|
||||||
proc appendBlob(self: var RlpWriter, data: openArray[char]) =
|
|
||||||
appendBlob(self, data.toOpenArrayByte(0, data.high), BLOB_START_MARKER)
|
|
||||||
|
|
||||||
proc appendInt(self: var RlpWriter, i: SomeUnsignedInt) =
|
proc appendInt(self: var RlpWriter, i: SomeUnsignedInt) =
|
||||||
# this is created as a separate proc as an extra precaution against
|
# this is created as a separate proc as an extra precaution against
|
||||||
# any overloading resolution problems when matching the IntLike concept.
|
# any overloading resolution problems when matching the IntLike concept.
|
||||||
|
@ -138,64 +125,47 @@ proc appendInt(self: var RlpWriter, i: SomeUnsignedInt) =
|
||||||
|
|
||||||
self.maybeClosePendingLists()
|
self.maybeClosePendingLists()
|
||||||
|
|
||||||
|
|
||||||
|
template appendImpl(self: var RlpWriter, data: openArray[byte]) =
|
||||||
|
self.appendBlob(data)
|
||||||
|
|
||||||
|
template appendImpl(self: var RlpWriter, data: openArray[char]) =
|
||||||
|
self.appendBlob(data.toOpenArrayByte(0, data.high))
|
||||||
|
|
||||||
|
template appendImpl(self: var RlpWriter, data: string) =
|
||||||
|
self.appendBlob(data.toOpenArrayByte(0, data.high))
|
||||||
|
|
||||||
template appendImpl(self: var RlpWriter, i: SomeUnsignedInt) =
|
template appendImpl(self: var RlpWriter, i: SomeUnsignedInt) =
|
||||||
appendInt(self, i)
|
self.appendInt(i)
|
||||||
|
|
||||||
template appendImpl(self: var RlpWriter, e: enum) =
|
template appendImpl(self: var RlpWriter, e: enum) =
|
||||||
appendImpl(self, int(e))
|
# TODO: check for negative enums
|
||||||
|
self.appendInt(uint64(e))
|
||||||
|
|
||||||
template appendImpl(self: var RlpWriter, b: bool) =
|
template appendImpl(self: var RlpWriter, b: bool) =
|
||||||
appendImpl(self, int(b))
|
self.appendInt(uint64(b))
|
||||||
|
|
||||||
proc appendImpl[T](self: var RlpWriter, listOrBlob: openArray[T]) =
|
proc appendImpl[T](self: var RlpWriter, list: openArray[T]) =
|
||||||
mixin append
|
mixin append
|
||||||
|
|
||||||
# TODO: This append proc should be overloaded by `openArray[byte]` after
|
self.startList list.len
|
||||||
# nim bug #7416 is fixed.
|
for i in 0 ..< list.len:
|
||||||
when T is (byte or char):
|
self.append list[i]
|
||||||
self.appendBlob(listOrBlob)
|
|
||||||
else:
|
|
||||||
self.startList listOrBlob.len
|
|
||||||
for i in 0 ..< listOrBlob.len:
|
|
||||||
self.append listOrBlob[i]
|
|
||||||
|
|
||||||
proc hasOptionalFields(T: type): bool =
|
proc countOptionalFields(T: type): int {.compileTime.} =
|
||||||
mixin enumerateRlpFields
|
mixin enumerateRlpFields
|
||||||
|
|
||||||
proc helper: bool =
|
var dummy: T
|
||||||
var dummy: T
|
|
||||||
result = false
|
|
||||||
template detectOptionalField(RT, n, x) {.used.} =
|
|
||||||
when x is Option or x is Opt:
|
|
||||||
return true
|
|
||||||
enumerateRlpFields(dummy, detectOptionalField)
|
|
||||||
|
|
||||||
const res = helper()
|
|
||||||
return res
|
|
||||||
|
|
||||||
proc optionalFieldsNum(x: openArray[bool]): int =
|
|
||||||
# count optional fields backward
|
|
||||||
for i in countdown(x.len-1, 0):
|
|
||||||
if x[i]: inc result
|
|
||||||
else: break
|
|
||||||
|
|
||||||
proc checkedOptionalFields(T: type, FC: static[int]): int =
|
|
||||||
mixin enumerateRlpFields
|
|
||||||
|
|
||||||
var
|
|
||||||
i = 0
|
|
||||||
dummy: T
|
|
||||||
res: array[FC, bool]
|
|
||||||
|
|
||||||
|
# closure signature matches the one in object_serialization.nim
|
||||||
template op(RT, fN, f) =
|
template op(RT, fN, f) =
|
||||||
res[i] = f is Option or f is Opt
|
when f is Option or f is Opt:
|
||||||
inc i
|
inc result
|
||||||
|
else: # this will count only optional fields at the end
|
||||||
|
result = 0
|
||||||
|
|
||||||
enumerateRlpFields(dummy, op)
|
enumerateRlpFields(dummy, op)
|
||||||
|
|
||||||
# ignoring first optional fields
|
|
||||||
optionalFieldsNum(res) - 1
|
|
||||||
|
|
||||||
proc genPrevFields(obj: NimNode, fd: openArray[FieldDescription], hi, lo: int): NimNode =
|
proc genPrevFields(obj: NimNode, fd: openArray[FieldDescription], hi, lo: int): NimNode =
|
||||||
result = newStmtList()
|
result = newStmtList()
|
||||||
for i in countdown(hi, lo):
|
for i in countdown(hi, lo):
|
||||||
|
@ -230,32 +200,21 @@ macro genOptionalFieldsValidation(obj: untyped, T: type, num: static[int]): unty
|
||||||
doAssert obj.blobGasUsed.isSome == obj.excessBlobGas.isSome,
|
doAssert obj.blobGasUsed.isSome == obj.excessBlobGas.isSome,
|
||||||
"blobGasUsed and excessBlobGas must both be present or absent"
|
"blobGasUsed and excessBlobGas must both be present or absent"
|
||||||
|
|
||||||
macro countFieldsRuntimeImpl(obj: untyped, T: type, num: static[int]): untyped =
|
|
||||||
let
|
|
||||||
Tresolved = getType(T)[1]
|
|
||||||
fd = recordFields(Tresolved.getImpl)
|
|
||||||
res = ident("result")
|
|
||||||
mlen = fd.len - num
|
|
||||||
|
|
||||||
result = newStmtList()
|
|
||||||
result.add quote do:
|
|
||||||
`res` = `mlen`
|
|
||||||
|
|
||||||
for i in countdown(fd.high, fd.len-num):
|
|
||||||
let fieldName = fd[i].name
|
|
||||||
result.add quote do:
|
|
||||||
`res` += `obj`.`fieldName`.isSome.ord
|
|
||||||
|
|
||||||
proc countFieldsRuntime(obj: object|tuple): int =
|
proc countFieldsRuntime(obj: object|tuple): int =
|
||||||
# count mandatory fields and non empty optional fields
|
mixin enumerateRlpFields
|
||||||
type ObjType = type obj
|
|
||||||
|
|
||||||
const
|
var numOptionals: int = 0
|
||||||
fieldsCount = ObjType.rlpFieldsCount
|
|
||||||
# include first optional fields
|
|
||||||
cof = checkedOptionalFields(ObjType, fieldsCount) + 1
|
|
||||||
|
|
||||||
countFieldsRuntimeImpl(obj, ObjType, cof)
|
template op(RT, fN, f) {.used.} =
|
||||||
|
when f is Option or f is Opt:
|
||||||
|
if f.isSome: # if optional and non empty
|
||||||
|
inc numOptionals
|
||||||
|
else: # if mandatory field
|
||||||
|
inc result
|
||||||
|
numOptionals = 0 # count only optionals at the end (after mandatory)
|
||||||
|
|
||||||
|
enumerateRlpFields(obj, op)
|
||||||
|
result += numOptionals
|
||||||
|
|
||||||
proc appendRecordType*(self: var RlpWriter, obj: object|tuple, wrapInList = wrapObjsInList) =
|
proc appendRecordType*(self: var RlpWriter, obj: object|tuple, wrapInList = wrapObjsInList) =
|
||||||
mixin enumerateRlpFields, append
|
mixin enumerateRlpFields, append
|
||||||
|
@ -263,25 +222,22 @@ proc appendRecordType*(self: var RlpWriter, obj: object|tuple, wrapInList = wrap
|
||||||
type ObjType = type obj
|
type ObjType = type obj
|
||||||
|
|
||||||
const
|
const
|
||||||
hasOptional = hasOptionalFields(ObjType)
|
cof = countOptionalFields(ObjType)
|
||||||
fieldsCount = ObjType.rlpFieldsCount
|
|
||||||
|
|
||||||
when hasOptional:
|
when cof > 0:
|
||||||
const
|
# ignoring first optional fields
|
||||||
cof = checkedOptionalFields(ObjType, fieldsCount)
|
genOptionalFieldsValidation(obj, ObjType, cof - 1)
|
||||||
when cof > 0:
|
|
||||||
genOptionalFieldsValidation(obj, ObjType, cof)
|
|
||||||
|
|
||||||
if wrapInList:
|
if wrapInList:
|
||||||
when hasOptional:
|
when cof > 0:
|
||||||
self.startList(obj.countFieldsRuntime)
|
self.startList(obj.countFieldsRuntime)
|
||||||
else:
|
else:
|
||||||
self.startList(fieldsCount)
|
self.startList(ObjType.rlpFieldsCount)
|
||||||
|
|
||||||
template op(RecordType, fieldName, field) {.used.} =
|
template op(RecordType, fieldName, field) {.used.} =
|
||||||
when hasCustomPragmaFixed(RecordType, fieldName, rlpCustomSerialization):
|
when hasCustomPragmaFixed(RecordType, fieldName, rlpCustomSerialization):
|
||||||
append(self, obj, field)
|
append(self, obj, field)
|
||||||
elif (field is Option or field is Opt) and hasOptional:
|
elif (field is Option or field is Opt) and cof > 0:
|
||||||
# this works for optional fields at the end of an object/tuple
|
# this works for optional fields at the end of an object/tuple
|
||||||
# if the optional field is followed by a mandatory field,
|
# if the optional field is followed by a mandatory field,
|
||||||
# custom serialization for a field or for the parent object
|
# custom serialization for a field or for the parent object
|
||||||
|
@ -293,20 +249,16 @@ proc appendRecordType*(self: var RlpWriter, obj: object|tuple, wrapInList = wrap
|
||||||
|
|
||||||
enumerateRlpFields(obj, op)
|
enumerateRlpFields(obj, op)
|
||||||
|
|
||||||
proc appendImpl(self: var RlpWriter, data: object) {.inline.} =
|
template appendImpl(self: var RlpWriter, data: object) =
|
||||||
self.appendRecordType(data)
|
self.appendRecordType(data)
|
||||||
|
|
||||||
proc appendImpl(self: var RlpWriter, data: tuple) {.inline.} =
|
template appendImpl(self: var RlpWriter, data: tuple) =
|
||||||
self.appendRecordType(data)
|
self.appendRecordType(data)
|
||||||
|
|
||||||
# We define a single `append` template with a pretty low specificity
|
# We define a single `append` template with a pretty low specificity
|
||||||
# score in order to facilitate easier overloading with user types:
|
# score in order to facilitate easier overloading with user types:
|
||||||
template append*[T](w: var RlpWriter; data: T) =
|
template append*[T](w: var RlpWriter; data: T) =
|
||||||
when data is (enum|bool):
|
appendImpl(w, data)
|
||||||
# TODO detect negative enum values at compile time?
|
|
||||||
appendImpl(w, uint64(data))
|
|
||||||
else:
|
|
||||||
appendImpl(w, data)
|
|
||||||
|
|
||||||
template append*(w: var RlpWriter; data: SomeSignedInt) =
|
template append*(w: var RlpWriter; data: SomeSignedInt) =
|
||||||
{.error: "Signed integer encoding is not defined for rlp".}
|
{.error: "Signed integer encoding is not defined for rlp".}
|
||||||
|
|
|
@ -246,53 +246,3 @@ template genTestOpt(TT) =
|
||||||
|
|
||||||
genTestOpt(BlockBodyOpt)
|
genTestOpt(BlockBodyOpt)
|
||||||
genTestOpt(EthBlockOpt)
|
genTestOpt(EthBlockOpt)
|
||||||
|
|
||||||
suite "EIP-7865 tests":
|
|
||||||
const reqs = [
|
|
||||||
Request(
|
|
||||||
requestType: DepositRequestType,
|
|
||||||
deposit: DepositRequest(
|
|
||||||
pubkey : bytes48"0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
|
|
||||||
withdrawalCredentials: bytes32"0xBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",
|
|
||||||
amount : 1,
|
|
||||||
signature : bytes96"0xCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
|
|
||||||
index : 3,
|
|
||||||
)
|
|
||||||
),
|
|
||||||
Request(
|
|
||||||
requestType: WithdrawalRequestType,
|
|
||||||
withdrawal: WithdrawalRequest(
|
|
||||||
sourceAddress : address"0xDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
|
|
||||||
validatorPubkey: bytes48"0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
|
|
||||||
amount : 7,
|
|
||||||
)
|
|
||||||
),
|
|
||||||
Request(
|
|
||||||
requestType: ConsolidationRequestType,
|
|
||||||
consolidation: ConsolidationRequest(
|
|
||||||
sourceAddress: address"0xEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE",
|
|
||||||
sourcePubkey : bytes48"0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
|
|
||||||
targetPubkey : bytes48"0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
|
|
||||||
)
|
|
||||||
)
|
|
||||||
]
|
|
||||||
|
|
||||||
test "rlp roundtrip":
|
|
||||||
let
|
|
||||||
body = BlockBody(
|
|
||||||
withdrawals: Opt.some(@[Withdrawal()]),
|
|
||||||
requests: Opt.some(@reqs)
|
|
||||||
)
|
|
||||||
|
|
||||||
blk = EthBlock(
|
|
||||||
withdrawals: Opt.some(@[Withdrawal()]),
|
|
||||||
requests: Opt.some(@reqs)
|
|
||||||
)
|
|
||||||
|
|
||||||
encodedBody = rlp.encode(body)
|
|
||||||
encodedBlock = rlp.encode(blk)
|
|
||||||
decodedBody = rlp.decode(encodedBody, BlockBody)
|
|
||||||
decodedBlk = rlp.decode(encodedBlock, EthBlock)
|
|
||||||
|
|
||||||
check decodedBody == body
|
|
||||||
check decodedBlk == blk
|
|
||||||
|
|
|
@ -6,4 +6,5 @@ import
|
||||||
./test_ecies,
|
./test_ecies,
|
||||||
./test_enode,
|
./test_enode,
|
||||||
./test_rlpx_thunk,
|
./test_rlpx_thunk,
|
||||||
|
./test_rlpxtransport,
|
||||||
./test_protocol_handlers
|
./test_protocol_handlers
|
|
@ -14,87 +14,6 @@ import
|
||||||
nimcrypto/[utils, keccak],
|
nimcrypto/[utils, keccak],
|
||||||
../../eth/common/keys, ../../eth/p2p/auth
|
../../eth/common/keys, ../../eth/p2p/auth
|
||||||
|
|
||||||
# This was generated by `print` actual auth message generated by
|
|
||||||
# https://github.com/ethereum/py-evm/blob/master/tests/p2p/test_auth.py
|
|
||||||
const pyevmAuth = """
|
|
||||||
22034ad2e7545e2b0bf02ecb1e40db478dfbbf7aeecc834aec2523eb2b7e74ee
|
|
||||||
77ba40c70a83bfe9f2ab91f0131546dcf92c3ee8282d9907fee093017fd0302d
|
|
||||||
0034fdb5419558137e0d44cd13d319afe5629eeccb47fd9dfe55cc6089426e46
|
|
||||||
cc762dd8a0636e07a54b31169eba0c7a20a1ac1ef68596f1f283b5c676bae406
|
|
||||||
4abfcce24799d09f67e392632d3ffdc12e3d6430dcb0ea19c318343ffa7aae74
|
|
||||||
d4cd26fecb93657d1cd9e9eaf4f8be720b56dd1d39f190c4e1c6b7ec66f077bb
|
|
||||||
1100"""
|
|
||||||
|
|
||||||
# This data comes from https://gist.github.com/fjl/3a78780d17c755d22df2
|
|
||||||
const data = [
|
|
||||||
("initiator_private_key",
|
|
||||||
"5e173f6ac3c669587538e7727cf19b782a4f2fda07c1eaa662c593e5e85e3051"),
|
|
||||||
("receiver_private_key",
|
|
||||||
"c45f950382d542169ea207959ee0220ec1491755abe405cd7498d6b16adb6df8"),
|
|
||||||
("initiator_ephemeral_private_key",
|
|
||||||
"19c2185f4f40634926ebed3af09070ca9e029f2edd5fae6253074896205f5f6c"),
|
|
||||||
("receiver_ephemeral_private_key",
|
|
||||||
"d25688cf0ab10afa1a0e2dba7853ed5f1e5bf1c631757ed4e103b593ff3f5620"),
|
|
||||||
("auth_plaintext",
|
|
||||||
"""884c36f7ae6b406637c1f61b2f57e1d2cab813d24c6559aaf843c3f48962f32f
|
|
||||||
46662c066d39669b7b2e3ba14781477417600e7728399278b1b5d801a519aa57
|
|
||||||
0034fdb5419558137e0d44cd13d319afe5629eeccb47fd9dfe55cc6089426e46
|
|
||||||
cc762dd8a0636e07a54b31169eba0c7a20a1ac1ef68596f1f283b5c676bae406
|
|
||||||
4abfcce24799d09f67e392632d3ffdc12e3d6430dcb0ea19c318343ffa7aae74
|
|
||||||
d4cd26fecb93657d1cd9e9eaf4f8be720b56dd1d39f190c4e1c6b7ec66f077bb
|
|
||||||
1100"""),
|
|
||||||
("authresp_plaintext",
|
|
||||||
"""802b052f8b066640bba94a4fc39d63815c377fced6fcb84d27f791c9921ddf3e
|
|
||||||
9bf0108e298f490812847109cbd778fae393e80323fd643209841a3b7f110397
|
|
||||||
f37ec61d84cea03dcc5e8385db93248584e8af4b4d1c832d8c7453c0089687a7
|
|
||||||
00"""),
|
|
||||||
("auth_ciphertext",
|
|
||||||
"""04a0274c5951e32132e7f088c9bdfdc76c9d91f0dc6078e848f8e3361193dbdc
|
|
||||||
43b94351ea3d89e4ff33ddcefbc80070498824857f499656c4f79bbd97b6c51a
|
|
||||||
514251d69fd1785ef8764bd1d262a883f780964cce6a14ff206daf1206aa073a
|
|
||||||
2d35ce2697ebf3514225bef186631b2fd2316a4b7bcdefec8d75a1025ba2c540
|
|
||||||
4a34e7795e1dd4bc01c6113ece07b0df13b69d3ba654a36e35e69ff9d482d88d
|
|
||||||
2f0228e7d96fe11dccbb465a1831c7d4ad3a026924b182fc2bdfe016a6944312
|
|
||||||
021da5cc459713b13b86a686cf34d6fe6615020e4acf26bf0d5b7579ba813e77
|
|
||||||
23eb95b3cef9942f01a58bd61baee7c9bdd438956b426a4ffe238e61746a8c93
|
|
||||||
d5e10680617c82e48d706ac4953f5e1c4c4f7d013c87d34a06626f498f34576d
|
|
||||||
c017fdd3d581e83cfd26cf125b6d2bda1f1d56"""),
|
|
||||||
("authresp_ciphertext",
|
|
||||||
"""049934a7b2d7f9af8fd9db941d9da281ac9381b5740e1f64f7092f3588d4f87f
|
|
||||||
5ce55191a6653e5e80c1c5dd538169aa123e70dc6ffc5af1827e546c0e958e42
|
|
||||||
dad355bcc1fcb9cdf2cf47ff524d2ad98cbf275e661bf4cf00960e74b5956b79
|
|
||||||
9771334f426df007350b46049adb21a6e78ab1408d5e6ccde6fb5e69f0f4c92b
|
|
||||||
b9c725c02f99fa72b9cdc8dd53cff089e0e73317f61cc5abf6152513cb7d833f
|
|
||||||
09d2851603919bf0fbe44d79a09245c6e8338eb502083dc84b846f2fee1cc310
|
|
||||||
d2cc8b1b9334728f97220bb799376233e113"""),
|
|
||||||
("ecdhe_shared_secret",
|
|
||||||
"e3f407f83fc012470c26a93fdff534100f2c6f736439ce0ca90e9914f7d1c381"),
|
|
||||||
("initiator_nonce",
|
|
||||||
"cd26fecb93657d1cd9e9eaf4f8be720b56dd1d39f190c4e1c6b7ec66f077bb11"),
|
|
||||||
("receiver_nonce",
|
|
||||||
"f37ec61d84cea03dcc5e8385db93248584e8af4b4d1c832d8c7453c0089687a7"),
|
|
||||||
("aes_secret",
|
|
||||||
"c0458fa97a5230830e05f4f20b7c755c1d4e54b1ce5cf43260bb191eef4e418d"),
|
|
||||||
("mac_secret",
|
|
||||||
"48c938884d5067a1598272fcddaa4b833cd5e7d92e8228c0ecdfabbe68aef7f1"),
|
|
||||||
("token",
|
|
||||||
"3f9ec2592d1554852b1f54d228f042ed0a9310ea86d038dc2b401ba8cd7fdac4"),
|
|
||||||
("initial_egress_MAC",
|
|
||||||
"09771e93b1a6109e97074cbe2d2b0cf3d3878efafe68f53c41bb60c0ec49097e"),
|
|
||||||
("initial_ingress_MAC",
|
|
||||||
"75823d96e23136c89666ee025fb21a432be906512b3dd4a3049e898adb433847"),
|
|
||||||
("initiator_hello_packet",
|
|
||||||
"""6ef23fcf1cec7312df623f9ae701e63b550cdb8517fefd8dd398fc2acd1d935e
|
|
||||||
6e0434a2b96769078477637347b7b01924fff9ff1c06df2f804df3b0402bbb9f
|
|
||||||
87365b3c6856b45e1e2b6470986813c3816a71bff9d69dd297a5dbd935ab578f
|
|
||||||
6e5d7e93e4506a44f307c332d95e8a4b102585fd8ef9fc9e3e055537a5cec2e9"""),
|
|
||||||
("receiver_hello_packet",
|
|
||||||
"""6ef23fcf1cec7312df623f9ae701e63be36a1cdd1b19179146019984f3625d4a
|
|
||||||
6e0434a2b96769050577657247b7b02bc6c314470eca7e3ef650b98c83e9d7dd
|
|
||||||
4830b3f718ff562349aead2530a8d28a8484604f92e5fced2c6183f304344ab0
|
|
||||||
e7c301a0c05559f4c25db65e36820b4b909a226171a60ac6cb7beea09376d6d8""")
|
|
||||||
]
|
|
||||||
|
|
||||||
# These test vectors were copied from EIP8 specification
|
# These test vectors were copied from EIP8 specification
|
||||||
# https://github.com/ethereum/EIPs/blob/master/EIPS/eip-8.md
|
# https://github.com/ethereum/EIPs/blob/master/EIPS/eip-8.md
|
||||||
const eip8data = [
|
const eip8data = [
|
||||||
|
@ -110,17 +29,6 @@ const eip8data = [
|
||||||
"7e968bba13b6c50e2c4cd7f241cc0d64d1ac25c7f5952df231ac6a2bda8ee5d6"),
|
"7e968bba13b6c50e2c4cd7f241cc0d64d1ac25c7f5952df231ac6a2bda8ee5d6"),
|
||||||
("receiver_nonce",
|
("receiver_nonce",
|
||||||
"559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd"),
|
"559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd"),
|
||||||
("auth_ciphertext_v4",
|
|
||||||
"""048ca79ad18e4b0659fab4853fe5bc58eb83992980f4c9cc147d2aa31532efd29
|
|
||||||
a3d3dc6a3d89eaf913150cfc777ce0ce4af2758bf4810235f6e6ceccfee1acc6b
|
|
||||||
22c005e9e3a49d6448610a58e98744ba3ac0399e82692d67c1f58849050b3024e
|
|
||||||
21a52c9d3b01d871ff5f210817912773e610443a9ef142e91cdba0bd77b5fdf07
|
|
||||||
69b05671fc35f83d83e4d3b0b000c6b2a1b1bba89e0fc51bf4e460df3105c444f
|
|
||||||
14be226458940d6061c296350937ffd5e3acaceeaaefd3c6f74be8e23e0f45163
|
|
||||||
cc7ebd76220f0128410fd05250273156d548a414444ae2f7dea4dfca2d43c057a
|
|
||||||
db701a715bf59f6fb66b2d1d20f2c703f851cbf5ac47396d9ca65b6260bd141ac
|
|
||||||
4d53e2de585a73d1750780db4c9ee4cd4d225173a4592ee77e2bd94d0be3691f3
|
|
||||||
b406f9bba9b591fc63facc016bfa8"""),
|
|
||||||
("auth_ciphertext_eip8",
|
("auth_ciphertext_eip8",
|
||||||
"""01b304ab7578555167be8154d5cc456f567d5ba302662433674222360f08d5f15
|
"""01b304ab7578555167be8154d5cc456f567d5ba302662433674222360f08d5f15
|
||||||
34499d3678b513b0fca474f3a514b18e75683032eb63fccb16c156dc6eb2c0b15
|
34499d3678b513b0fca474f3a514b18e75683032eb63fccb16c156dc6eb2c0b15
|
||||||
|
@ -151,14 +59,6 @@ const eip8data = [
|
||||||
f37407ac044b55be0908ecb94d4ed172ece66fd31bfdadf2b97a8bc690163ee11
|
f37407ac044b55be0908ecb94d4ed172ece66fd31bfdadf2b97a8bc690163ee11
|
||||||
f5b575a4b44e36e2bfb2f0fce91676fd64c7773bac6a003f481fddd0bae0a1f31
|
f5b575a4b44e36e2bfb2f0fce91676fd64c7773bac6a003f481fddd0bae0a1f31
|
||||||
aa27504e2a533af4cef3b623f4791b2cca6d490"""),
|
aa27504e2a533af4cef3b623f4791b2cca6d490"""),
|
||||||
("authack_ciphertext_v4",
|
|
||||||
"""049f8abcfa9c0dc65b982e98af921bc0ba6e4243169348a236abe9df5f93aa69d
|
|
||||||
99cadddaa387662b0ff2c08e9006d5a11a278b1b3331e5aaabf0a32f01281b6f4
|
|
||||||
ede0e09a2d5f585b26513cb794d9635a57563921c04a9090b4f14ee42be1a5461
|
|
||||||
049af4ea7a7f49bf4c97a352d39c8d02ee4acc416388c1c66cec761d2bc1c72da
|
|
||||||
6ba143477f049c9d2dde846c252c111b904f630ac98e51609b3b1f58168ddca65
|
|
||||||
05b7196532e5f85b259a20c45e1979491683fee108e9660edbf38f3add489ae73
|
|
||||||
e3dda2c71bd1497113d5c755e942d1"""),
|
|
||||||
("authack_ciphertext_eip8",
|
("authack_ciphertext_eip8",
|
||||||
"""01ea0451958701280a56482929d3b0757da8f7fbe5286784beead59d95089c217
|
"""01ea0451958701280a56482929d3b0757da8f7fbe5286784beead59d95089c217
|
||||||
c9b917788989470b0e330cc6e4fb383c0340ed85fab836ec9fb8a49672712aeab
|
c9b917788989470b0e330cc6e4fb383c0340ed85fab836ec9fb8a49672712aeab
|
||||||
|
@ -204,12 +104,6 @@ const eip8data = [
|
||||||
|
|
||||||
let rng = newRng()
|
let rng = newRng()
|
||||||
|
|
||||||
proc testValue(s: string): string =
|
|
||||||
for item in data:
|
|
||||||
if item[0] == s:
|
|
||||||
result = item[1]
|
|
||||||
break
|
|
||||||
|
|
||||||
proc testE8Value(s: string): string =
|
proc testE8Value(s: string): string =
|
||||||
for item in eip8data:
|
for item in eip8data:
|
||||||
if item[0] == s:
|
if item[0] == s:
|
||||||
|
@ -217,118 +111,6 @@ proc testE8Value(s: string): string =
|
||||||
break
|
break
|
||||||
|
|
||||||
suite "Ethereum P2P handshake test suite":
|
suite "Ethereum P2P handshake test suite":
|
||||||
block:
|
|
||||||
proc newTestHandshake(flags: set[HandshakeFlag]): Handshake =
|
|
||||||
if Initiator in flags:
|
|
||||||
let pk = PrivateKey.fromHex(testValue("initiator_private_key"))[]
|
|
||||||
result = Handshake.init(rng[], pk.toKeyPair(), flags)
|
|
||||||
|
|
||||||
let epki = testValue("initiator_ephemeral_private_key")
|
|
||||||
result.ephemeral = PrivateKey.fromHex(epki)[].toKeyPair()
|
|
||||||
let nonce = fromHex(stripSpaces(testValue("initiator_nonce")))
|
|
||||||
result.initiatorNonce[0..^1] = nonce[0..^1]
|
|
||||||
elif Responder in flags:
|
|
||||||
let pk = PrivateKey.fromHex(testValue("receiver_private_key"))[]
|
|
||||||
result = Handshake.init(rng[], pk.toKeyPair(), flags)
|
|
||||||
let epkr = testValue("receiver_ephemeral_private_key")
|
|
||||||
result.ephemeral = PrivateKey.fromHex(epkr)[].toKeyPair()
|
|
||||||
let nonce = fromHex(stripSpaces(testValue("receiver_nonce")))
|
|
||||||
result.responderNonce[0..^1] = nonce[0..^1]
|
|
||||||
|
|
||||||
test "Create plain auth message":
|
|
||||||
var initiator = newTestHandshake({Initiator})
|
|
||||||
var responder = newTestHandshake({Responder})
|
|
||||||
var m0 = newSeq[byte](initiator.authSize(false))
|
|
||||||
var k0 = 0
|
|
||||||
initiator.authMessage(
|
|
||||||
rng[], responder.host.pubkey, m0, k0, 0, false).expect("auth success")
|
|
||||||
var expect1 = fromHex(stripSpaces(testValue("auth_plaintext")))
|
|
||||||
var expect2 = fromHex(stripSpaces(pyevmAuth))
|
|
||||||
check:
|
|
||||||
m0[65..^1] == expect1[65..^1]
|
|
||||||
m0[0..^1] == expect2[0..^1]
|
|
||||||
|
|
||||||
test "Auth message decoding":
|
|
||||||
var initiator = newTestHandshake({Initiator})
|
|
||||||
var responder = newTestHandshake({Responder})
|
|
||||||
var m0 = newSeq[byte](initiator.authSize())
|
|
||||||
var k0 = 0
|
|
||||||
let remoteEPubkey0 = initiator.ephemeral.pubkey
|
|
||||||
let remoteHPubkey0 = initiator.host.pubkey
|
|
||||||
|
|
||||||
initiator.authMessage(
|
|
||||||
rng[], responder.host.pubkey, m0, k0).expect("auth success")
|
|
||||||
responder.decodeAuthMessage(m0).expect("decode success")
|
|
||||||
check:
|
|
||||||
responder.initiatorNonce[0..^1] == initiator.initiatorNonce[0..^1]
|
|
||||||
responder.remoteEPubkey == remoteEPubkey0
|
|
||||||
responder.remoteHPubkey == remoteHPubkey0
|
|
||||||
|
|
||||||
test "ACK message expectation":
|
|
||||||
var initiator = newTestHandshake({Initiator})
|
|
||||||
var responder = newTestHandshake({Responder})
|
|
||||||
var m0 = newSeq[byte](initiator.authSize())
|
|
||||||
var m1 = newSeq[byte](responder.ackSize(false))
|
|
||||||
var k0 = 0
|
|
||||||
var k1 = 0
|
|
||||||
var expect0 = fromHex(stripSpaces(testValue("authresp_plaintext")))
|
|
||||||
initiator.authMessage(
|
|
||||||
rng[], responder.host.pubkey, m0, k0).expect("auth success")
|
|
||||||
responder.decodeAuthMessage(m0).expect("decode success")
|
|
||||||
responder.ackMessage(rng[], m1, k1, 0, false).expect("ack success")
|
|
||||||
check:
|
|
||||||
m1 == expect0
|
|
||||||
responder.initiatorNonce == initiator.initiatorNonce
|
|
||||||
|
|
||||||
test "ACK message decoding":
|
|
||||||
var initiator = newTestHandshake({Initiator})
|
|
||||||
var responder = newTestHandshake({Responder})
|
|
||||||
var m0 = newSeq[byte](initiator.authSize())
|
|
||||||
var m1 = newSeq[byte](responder.ackSize())
|
|
||||||
var k0 = 0
|
|
||||||
var k1 = 0
|
|
||||||
|
|
||||||
initiator.authMessage(
|
|
||||||
rng[], responder.host.pubkey, m0, k0).expect("auth success")
|
|
||||||
responder.decodeAuthMessage(m0).expect("decode success")
|
|
||||||
responder.ackMessage(rng[], m1, k1).expect("ack success")
|
|
||||||
initiator.decodeAckMessage(m1).expect("decode success")
|
|
||||||
let remoteEPubkey0 = responder.ephemeral.pubkey
|
|
||||||
let remoteHPubkey0 = responder.host.pubkey
|
|
||||||
check:
|
|
||||||
initiator.remoteEPubkey == remoteEPubkey0
|
|
||||||
initiator.remoteHPubkey == remoteHPubkey0
|
|
||||||
initiator.responderNonce == responder.responderNonce
|
|
||||||
|
|
||||||
test "Check derived secrets":
|
|
||||||
var initiator = newTestHandshake({Initiator})
|
|
||||||
var responder = newTestHandshake({Responder})
|
|
||||||
var authm = fromHex(stripSpaces(testValue("auth_ciphertext")))
|
|
||||||
var ackm = fromHex(stripSpaces(testValue("authresp_ciphertext")))
|
|
||||||
var taes = fromHex(stripSpaces(testValue("aes_secret")))
|
|
||||||
var tmac = fromHex(stripSpaces(testValue("mac_secret")))
|
|
||||||
var temac = fromHex(stripSpaces(testValue("initial_egress_MAC")))
|
|
||||||
var timac = fromHex(stripSpaces(testValue("initial_ingress_MAC")))
|
|
||||||
|
|
||||||
responder.decodeAuthMessage(authm).expect("decode success")
|
|
||||||
initiator.decodeAckMessage(ackm).expect("ack success")
|
|
||||||
var csecInitiator = initiator.getSecrets(authm, ackm)
|
|
||||||
var csecResponder = responder.getSecrets(authm, ackm)
|
|
||||||
check:
|
|
||||||
csecInitiator.aesKey == csecResponder.aesKey
|
|
||||||
csecInitiator.macKey == csecResponder.macKey
|
|
||||||
taes[0..^1] == csecInitiator.aesKey[0..^1]
|
|
||||||
tmac[0..^1] == csecInitiator.macKey[0..^1]
|
|
||||||
let iemac = csecInitiator.egressMac.finish()
|
|
||||||
let iimac = csecInitiator.ingressMac.finish()
|
|
||||||
let remac = csecResponder.egressMac.finish()
|
|
||||||
let rimac = csecResponder.ingressMac.finish()
|
|
||||||
check:
|
|
||||||
iemac.data[0..^1] == temac[0..^1]
|
|
||||||
iimac.data[0..^1] == timac[0..^1]
|
|
||||||
remac.data[0..^1] == timac[0..^1]
|
|
||||||
rimac.data[0..^1] == temac[0..^1]
|
|
||||||
|
|
||||||
block:
|
block:
|
||||||
proc newTestHandshake(flags: set[HandshakeFlag]): Handshake =
|
proc newTestHandshake(flags: set[HandshakeFlag]): Handshake =
|
||||||
if Initiator in flags:
|
if Initiator in flags:
|
||||||
|
@ -348,25 +130,6 @@ suite "Ethereum P2P handshake test suite":
|
||||||
let nonce = fromHex(stripSpaces(testE8Value("receiver_nonce")))
|
let nonce = fromHex(stripSpaces(testE8Value("receiver_nonce")))
|
||||||
result.responderNonce[0..^1] = nonce[0..^1]
|
result.responderNonce[0..^1] = nonce[0..^1]
|
||||||
|
|
||||||
test "AUTH/ACK v4 test vectors": # auth/ack v4
|
|
||||||
var initiator = newTestHandshake({Initiator})
|
|
||||||
var responder = newTestHandshake({Responder})
|
|
||||||
var m0 = fromHex(stripSpaces(testE8Value("auth_ciphertext_v4")))
|
|
||||||
responder.decodeAuthMessage(m0).expect("decode success")
|
|
||||||
check:
|
|
||||||
responder.initiatorNonce[0..^1] == initiator.initiatorNonce[0..^1]
|
|
||||||
let remoteEPubkey0 = initiator.ephemeral.pubkey
|
|
||||||
let remoteHPubkey0 = initiator.host.pubkey
|
|
||||||
check:
|
|
||||||
responder.remoteEPubkey == remoteEPubkey0
|
|
||||||
responder.remoteHPubkey == remoteHPubkey0
|
|
||||||
var m1 = fromHex(stripSpaces(testE8Value("authack_ciphertext_v4")))
|
|
||||||
initiator.decodeAckMessage(m1).expect("decode success")
|
|
||||||
let remoteEPubkey1 = responder.ephemeral.pubkey
|
|
||||||
check:
|
|
||||||
initiator.remoteEPubkey == remoteEPubkey1
|
|
||||||
initiator.responderNonce[0..^1] == responder.responderNonce[0..^1]
|
|
||||||
|
|
||||||
test "AUTH/ACK EIP-8 test vectors":
|
test "AUTH/ACK EIP-8 test vectors":
|
||||||
var initiator = newTestHandshake({Initiator})
|
var initiator = newTestHandshake({Initiator})
|
||||||
var responder = newTestHandshake({Responder})
|
var responder = newTestHandshake({Responder})
|
||||||
|
@ -390,8 +153,6 @@ suite "Ethereum P2P handshake test suite":
|
||||||
var csecInitiator = initiator.getSecrets(m0, m1)
|
var csecInitiator = initiator.getSecrets(m0, m1)
|
||||||
var csecResponder = responder.getSecrets(m0, m1)
|
var csecResponder = responder.getSecrets(m0, m1)
|
||||||
check:
|
check:
|
||||||
int(initiator.version) == 4
|
|
||||||
int(responder.version) == 4
|
|
||||||
csecInitiator.aesKey == csecResponder.aesKey
|
csecInitiator.aesKey == csecResponder.aesKey
|
||||||
csecInitiator.macKey == csecResponder.macKey
|
csecInitiator.macKey == csecResponder.macKey
|
||||||
taes[0..^1] == csecInitiator.aesKey[0..^1]
|
taes[0..^1] == csecInitiator.aesKey[0..^1]
|
||||||
|
@ -418,25 +179,21 @@ suite "Ethereum P2P handshake test suite":
|
||||||
initiator.decodeAckMessage(m1).expect("decode success")
|
initiator.decodeAckMessage(m1).expect("decode success")
|
||||||
let remoteEPubkey1 = responder.ephemeral.pubkey
|
let remoteEPubkey1 = responder.ephemeral.pubkey
|
||||||
check:
|
check:
|
||||||
int(initiator.version) == 57
|
|
||||||
int(responder.version) == 56
|
|
||||||
initiator.remoteEPubkey == remoteEPubkey1
|
initiator.remoteEPubkey == remoteEPubkey1
|
||||||
initiator.responderNonce[0..^1] == responder.responderNonce[0..^1]
|
initiator.responderNonce[0..^1] == responder.responderNonce[0..^1]
|
||||||
|
|
||||||
test "100 AUTH/ACK EIP-8 handshakes":
|
test "100 AUTH/ACK EIP-8 handshakes":
|
||||||
for i in 1..100:
|
for i in 1..100:
|
||||||
var initiator = newTestHandshake({Initiator, EIP8})
|
var initiator = newTestHandshake({Initiator})
|
||||||
var responder = newTestHandshake({Responder})
|
var responder = newTestHandshake({Responder})
|
||||||
var m0 = newSeq[byte](initiator.authSize())
|
var m0 = newSeq[byte](AuthMessageMaxEIP8)
|
||||||
var k0 = 0
|
let k0 = initiator.authMessage(
|
||||||
var k1 = 0
|
rng[], responder.host.pubkey, m0).expect("auth success")
|
||||||
initiator.authMessage(
|
|
||||||
rng[], responder.host.pubkey, m0, k0).expect("auth success")
|
|
||||||
m0.setLen(k0)
|
m0.setLen(k0)
|
||||||
responder.decodeAuthMessage(m0).expect("decode success")
|
responder.decodeAuthMessage(m0).expect("decode success")
|
||||||
check (EIP8 in responder.flags) == true
|
|
||||||
var m1 = newSeq[byte](responder.ackSize())
|
var m1 = newSeq[byte](AckMessageMaxEIP8)
|
||||||
responder.ackMessage(rng[], m1, k1).expect("ack success")
|
let k1 = responder.ackMessage(rng[], m1).expect("ack success")
|
||||||
m1.setLen(k1)
|
m1.setLen(k1)
|
||||||
initiator.decodeAckMessage(m1).expect("decode success")
|
initiator.decodeAckMessage(m1).expect("decode success")
|
||||||
var csecInitiator = initiator.getSecrets(m0, m1)
|
var csecInitiator = initiator.getSecrets(m0, m1)
|
||||||
|
@ -449,15 +206,13 @@ suite "Ethereum P2P handshake test suite":
|
||||||
for i in 1..100:
|
for i in 1..100:
|
||||||
var initiator = newTestHandshake({Initiator})
|
var initiator = newTestHandshake({Initiator})
|
||||||
var responder = newTestHandshake({Responder})
|
var responder = newTestHandshake({Responder})
|
||||||
var m0 = newSeq[byte](initiator.authSize())
|
var m0 = newSeq[byte](AuthMessageMaxEIP8)
|
||||||
var k0 = 0
|
let k0 = initiator.authMessage(
|
||||||
var k1 = 0
|
rng[], responder.host.pubkey, m0).expect("auth success")
|
||||||
initiator.authMessage(
|
|
||||||
rng[], responder.host.pubkey, m0, k0).expect("auth success")
|
|
||||||
m0.setLen(k0)
|
m0.setLen(k0)
|
||||||
responder.decodeAuthMessage(m0).expect("auth success")
|
responder.decodeAuthMessage(m0).expect("auth success")
|
||||||
var m1 = newSeq[byte](responder.ackSize())
|
var m1 = newSeq[byte](AckMessageMaxEIP8)
|
||||||
responder.ackMessage(rng[], m1, k1).expect("ack success")
|
let k1 = responder.ackMessage(rng[], m1).expect("ack success")
|
||||||
m1.setLen(k1)
|
m1.setLen(k1)
|
||||||
initiator.decodeAckMessage(m1).expect("ack success")
|
initiator.decodeAckMessage(m1).expect("ack success")
|
||||||
|
|
||||||
|
@ -507,10 +262,10 @@ suite "Ethereum P2P handshake test suite":
|
||||||
res.error == AuthError.IncompleteError
|
res.error == AuthError.IncompleteError
|
||||||
|
|
||||||
test "Invalid AckMessage - Minimum input size":
|
test "Invalid AckMessage - Minimum input size":
|
||||||
var initiator = newTestHandshake({Initiator, EIP8})
|
var initiator = newTestHandshake({Initiator,})
|
||||||
|
|
||||||
# 1 byte short on minimum size
|
# 1 byte short on minimum size
|
||||||
let m = newSeq[byte](AckMessageV4Length - 1)
|
let m = newSeq[byte](AckMessageEIP8Length - 1)
|
||||||
|
|
||||||
let res = initiator.decodeAckMessage(m)
|
let res = initiator.decodeAckMessage(m)
|
||||||
check:
|
check:
|
||||||
|
@ -518,7 +273,7 @@ suite "Ethereum P2P handshake test suite":
|
||||||
res.error == AuthError.IncompleteError
|
res.error == AuthError.IncompleteError
|
||||||
|
|
||||||
test "Invalid AckMessage - Minimum size prefix":
|
test "Invalid AckMessage - Minimum size prefix":
|
||||||
var initiator = newTestHandshake({Initiator, EIP8})
|
var initiator = newTestHandshake({Initiator})
|
||||||
|
|
||||||
# Minimum size for EIP8 AckMessage
|
# Minimum size for EIP8 AckMessage
|
||||||
var m = newSeq[byte](AckMessageEIP8Length)
|
var m = newSeq[byte](AckMessageEIP8Length)
|
||||||
|
@ -532,7 +287,7 @@ suite "Ethereum P2P handshake test suite":
|
||||||
res.error == AuthError.IncompleteError
|
res.error == AuthError.IncompleteError
|
||||||
|
|
||||||
test "Invalid AckMessage - Size prefix bigger than input":
|
test "Invalid AckMessage - Size prefix bigger than input":
|
||||||
var initiator = newTestHandshake({Initiator, EIP8})
|
var initiator = newTestHandshake({Initiator})
|
||||||
|
|
||||||
# Minimum size for EIP8 AckMessage
|
# Minimum size for EIP8 AckMessage
|
||||||
var m = newSeq[byte](AckMessageEIP8Length)
|
var m = newSeq[byte](AckMessageEIP8Length)
|
||||||
|
|
|
@ -11,176 +11,147 @@
|
||||||
|
|
||||||
import
|
import
|
||||||
unittest2,
|
unittest2,
|
||||||
nimcrypto/[utils, sysrand],
|
nimcrypto/[utils, keccak, sysrand],
|
||||||
../../eth/common/keys, ../../eth/p2p/[auth, rlpxcrypt]
|
../../eth/common/keys, ../../eth/p2p/[auth, rlpxcrypt]
|
||||||
|
|
||||||
const data = [
|
# EIP-8 test case
|
||||||
("initiator_private_key",
|
# https://github.com/ethereum/EIPs/blob/master/EIPS/eip-8.md#rlpx-handshake
|
||||||
"5e173f6ac3c669587538e7727cf19b782a4f2fda07c1eaa662c593e5e85e3051"),
|
|
||||||
("receiver_private_key",
|
const
|
||||||
"c45f950382d542169ea207959ee0220ec1491755abe405cd7498d6b16adb6df8"),
|
staticKeyA = fromHex("49a7b37aa6f6645917e7b807e9d1c00d4fa71f18343b0d4122a4d2df64dd6fee")
|
||||||
("initiator_ephemeral_private_key",
|
staticKeyB = fromHex("b71c71a67e1177ad4e901695e1b4b9ee17ae16c6668d313eac2f96dbcda3f291")
|
||||||
"19c2185f4f40634926ebed3af09070ca9e029f2edd5fae6253074896205f5f6c"),
|
ephemeralKeyA = fromHex("869d6ecf5211f1cc60418a13b9d870b22959d0c16f02bec714c960dd2298a32d")
|
||||||
("receiver_ephemeral_private_key",
|
ephemeralKeyB = fromHex("e238eb8e04fee6511ab04c6dd3c89ce097b11f25d584863ac2b6d5b35b1847e4")
|
||||||
"d25688cf0ab10afa1a0e2dba7853ed5f1e5bf1c631757ed4e103b593ff3f5620"),
|
nonceA = fromHex("7e968bba13b6c50e2c4cd7f241cc0d64d1ac25c7f5952df231ac6a2bda8ee5d6")
|
||||||
("auth_plaintext",
|
nonceB = fromHex("559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd")
|
||||||
"""884c36f7ae6b406637c1f61b2f57e1d2cab813d24c6559aaf843c3f48962f32f
|
|
||||||
46662c066d39669b7b2e3ba14781477417600e7728399278b1b5d801a519aa57
|
auth1 = fromHex(stripSpaces("""
|
||||||
0034fdb5419558137e0d44cd13d319afe5629eeccb47fd9dfe55cc6089426e46
|
048ca79ad18e4b0659fab4853fe5bc58eb83992980f4c9cc147d2aa31532efd29a3d3dc6a3d89eaf
|
||||||
cc762dd8a0636e07a54b31169eba0c7a20a1ac1ef68596f1f283b5c676bae406
|
913150cfc777ce0ce4af2758bf4810235f6e6ceccfee1acc6b22c005e9e3a49d6448610a58e98744
|
||||||
4abfcce24799d09f67e392632d3ffdc12e3d6430dcb0ea19c318343ffa7aae74
|
ba3ac0399e82692d67c1f58849050b3024e21a52c9d3b01d871ff5f210817912773e610443a9ef14
|
||||||
d4cd26fecb93657d1cd9e9eaf4f8be720b56dd1d39f190c4e1c6b7ec66f077bb
|
2e91cdba0bd77b5fdf0769b05671fc35f83d83e4d3b0b000c6b2a1b1bba89e0fc51bf4e460df3105
|
||||||
1100"""),
|
c444f14be226458940d6061c296350937ffd5e3acaceeaaefd3c6f74be8e23e0f45163cc7ebd7622
|
||||||
("authresp_plaintext",
|
0f0128410fd05250273156d548a414444ae2f7dea4dfca2d43c057adb701a715bf59f6fb66b2d1d2
|
||||||
"""802b052f8b066640bba94a4fc39d63815c377fced6fcb84d27f791c9921ddf3e
|
0f2c703f851cbf5ac47396d9ca65b6260bd141ac4d53e2de585a73d1750780db4c9ee4cd4d225173
|
||||||
9bf0108e298f490812847109cbd778fae393e80323fd643209841a3b7f110397
|
a4592ee77e2bd94d0be3691f3b406f9bba9b591fc63facc016bfa8"""))
|
||||||
f37ec61d84cea03dcc5e8385db93248584e8af4b4d1c832d8c7453c0089687a7
|
auth2 = fromHex(stripSpaces("""
|
||||||
00"""),
|
01b304ab7578555167be8154d5cc456f567d5ba302662433674222360f08d5f1534499d3678b513b
|
||||||
("auth_ciphertext",
|
0fca474f3a514b18e75683032eb63fccb16c156dc6eb2c0b1593f0d84ac74f6e475f1b8d56116b84
|
||||||
"""04a0274c5951e32132e7f088c9bdfdc76c9d91f0dc6078e848f8e3361193dbdc
|
9634a8c458705bf83a626ea0384d4d7341aae591fae42ce6bd5c850bfe0b999a694a49bbbaf3ef6c
|
||||||
43b94351ea3d89e4ff33ddcefbc80070498824857f499656c4f79bbd97b6c51a
|
da61110601d3b4c02ab6c30437257a6e0117792631a4b47c1d52fc0f8f89caadeb7d02770bf999cc
|
||||||
514251d69fd1785ef8764bd1d262a883f780964cce6a14ff206daf1206aa073a
|
147d2df3b62e1ffb2c9d8c125a3984865356266bca11ce7d3a688663a51d82defaa8aad69da39ab6
|
||||||
2d35ce2697ebf3514225bef186631b2fd2316a4b7bcdefec8d75a1025ba2c540
|
d5470e81ec5f2a7a47fb865ff7cca21516f9299a07b1bc63ba56c7a1a892112841ca44b6e0034dee
|
||||||
4a34e7795e1dd4bc01c6113ece07b0df13b69d3ba654a36e35e69ff9d482d88d
|
70c9adabc15d76a54f443593fafdc3b27af8059703f88928e199cb122362a4b35f62386da7caad09
|
||||||
2f0228e7d96fe11dccbb465a1831c7d4ad3a026924b182fc2bdfe016a6944312
|
c001edaeb5f8a06d2b26fb6cb93c52a9fca51853b68193916982358fe1e5369e249875bb8d0d0ec3
|
||||||
021da5cc459713b13b86a686cf34d6fe6615020e4acf26bf0d5b7579ba813e77
|
6f917bc5e1eafd5896d46bd61ff23f1a863a8a8dcd54c7b109b771c8e61ec9c8908c733c0263440e
|
||||||
23eb95b3cef9942f01a58bd61baee7c9bdd438956b426a4ffe238e61746a8c93
|
2aa067241aaa433f0bb053c7b31a838504b148f570c0ad62837129e547678c5190341e4f1693956c
|
||||||
d5e10680617c82e48d706ac4953f5e1c4c4f7d013c87d34a06626f498f34576d
|
3bf7678318e2d5b5340c9e488eefea198576344afbdf66db5f51204a6961a63ce072c8926c"""))
|
||||||
c017fdd3d581e83cfd26cf125b6d2bda1f1d56"""),
|
auth3 = fromHex(stripSpaces("""
|
||||||
("authresp_ciphertext",
|
01b8044c6c312173685d1edd268aa95e1d495474c6959bcdd10067ba4c9013df9e40ff45f5bfd6f7
|
||||||
"""049934a7b2d7f9af8fd9db941d9da281ac9381b5740e1f64f7092f3588d4f87f
|
2471f93a91b493f8e00abc4b80f682973de715d77ba3a005a242eb859f9a211d93a347fa64b597bf
|
||||||
5ce55191a6653e5e80c1c5dd538169aa123e70dc6ffc5af1827e546c0e958e42
|
280a6b88e26299cf263b01b8dfdb712278464fd1c25840b995e84d367d743f66c0e54a586725b7bb
|
||||||
dad355bcc1fcb9cdf2cf47ff524d2ad98cbf275e661bf4cf00960e74b5956b79
|
f12acca27170ae3283c1073adda4b6d79f27656993aefccf16e0d0409fe07db2dc398a1b7e8ee93b
|
||||||
9771334f426df007350b46049adb21a6e78ab1408d5e6ccde6fb5e69f0f4c92b
|
cd181485fd332f381d6a050fba4c7641a5112ac1b0b61168d20f01b479e19adf7fdbfa0905f63352
|
||||||
b9c725c02f99fa72b9cdc8dd53cff089e0e73317f61cc5abf6152513cb7d833f
|
bfc7e23cf3357657455119d879c78d3cf8c8c06375f3f7d4861aa02a122467e069acaf513025ff19
|
||||||
09d2851603919bf0fbe44d79a09245c6e8338eb502083dc84b846f2fee1cc310
|
6641f6d2810ce493f51bee9c966b15c5043505350392b57645385a18c78f14669cc4d960446c1757
|
||||||
d2cc8b1b9334728f97220bb799376233e113"""),
|
1b7c5d725021babbcd786957f3d17089c084907bda22c2b2675b4378b114c601d858802a55345a15
|
||||||
("ecdhe_shared_secret",
|
116bc61da4193996187ed70d16730e9ae6b3bb8787ebcaea1871d850997ddc08b4f4ea668fbf3740
|
||||||
"e3f407f83fc012470c26a93fdff534100f2c6f736439ce0ca90e9914f7d1c381"),
|
7ac044b55be0908ecb94d4ed172ece66fd31bfdadf2b97a8bc690163ee11f5b575a4b44e36e2bfb2
|
||||||
("initiator_nonce",
|
f0fce91676fd64c7773bac6a003f481fddd0bae0a1f31aa27504e2a533af4cef3b623f4791b2cca6
|
||||||
"cd26fecb93657d1cd9e9eaf4f8be720b56dd1d39f190c4e1c6b7ec66f077bb11"),
|
d490"""))
|
||||||
("receiver_nonce",
|
ack1 = fromHex(stripSpaces("""
|
||||||
"f37ec61d84cea03dcc5e8385db93248584e8af4b4d1c832d8c7453c0089687a7"),
|
049f8abcfa9c0dc65b982e98af921bc0ba6e4243169348a236abe9df5f93aa69d99cadddaa387662
|
||||||
("aes_secret",
|
b0ff2c08e9006d5a11a278b1b3331e5aaabf0a32f01281b6f4ede0e09a2d5f585b26513cb794d963
|
||||||
"c0458fa97a5230830e05f4f20b7c755c1d4e54b1ce5cf43260bb191eef4e418d"),
|
5a57563921c04a9090b4f14ee42be1a5461049af4ea7a7f49bf4c97a352d39c8d02ee4acc416388c
|
||||||
("mac_secret",
|
1c66cec761d2bc1c72da6ba143477f049c9d2dde846c252c111b904f630ac98e51609b3b1f58168d
|
||||||
"48c938884d5067a1598272fcddaa4b833cd5e7d92e8228c0ecdfabbe68aef7f1"),
|
dca6505b7196532e5f85b259a20c45e1979491683fee108e9660edbf38f3add489ae73e3dda2c71b
|
||||||
("token",
|
d1497113d5c755e942d1"""))
|
||||||
"3f9ec2592d1554852b1f54d228f042ed0a9310ea86d038dc2b401ba8cd7fdac4"),
|
ack2 = fromHex(stripSpaces("""
|
||||||
("initial_egress_MAC",
|
01ea0451958701280a56482929d3b0757da8f7fbe5286784beead59d95089c217c9b917788989470
|
||||||
"09771e93b1a6109e97074cbe2d2b0cf3d3878efafe68f53c41bb60c0ec49097e"),
|
b0e330cc6e4fb383c0340ed85fab836ec9fb8a49672712aeabbdfd1e837c1ff4cace34311cd7f4de
|
||||||
("initial_ingress_MAC",
|
05d59279e3524ab26ef753a0095637ac88f2b499b9914b5f64e143eae548a1066e14cd2f4bd7f814
|
||||||
"75823d96e23136c89666ee025fb21a432be906512b3dd4a3049e898adb433847"),
|
c4652f11b254f8a2d0191e2f5546fae6055694aed14d906df79ad3b407d94692694e259191cde171
|
||||||
("initiator_hello_packet",
|
ad542fc588fa2b7333313d82a9f887332f1dfc36cea03f831cb9a23fea05b33deb999e85489e645f
|
||||||
"""6ef23fcf1cec7312df623f9ae701e63b550cdb8517fefd8dd398fc2acd1d935e
|
6aab1872475d488d7bd6c7c120caf28dbfc5d6833888155ed69d34dbdc39c1f299be1057810f34fb
|
||||||
6e0434a2b96769078477637347b7b01924fff9ff1c06df2f804df3b0402bbb9f
|
e754d021bfca14dc989753d61c413d261934e1a9c67ee060a25eefb54e81a4d14baff922180c395d
|
||||||
87365b3c6856b45e1e2b6470986813c3816a71bff9d69dd297a5dbd935ab578f
|
3f998d70f46f6b58306f969627ae364497e73fc27f6d17ae45a413d322cb8814276be6ddd13b885b
|
||||||
6e5d7e93e4506a44f307c332d95e8a4b102585fd8ef9fc9e3e055537a5cec2e9"""),
|
201b943213656cde498fa0e9ddc8e0b8f8a53824fbd82254f3e2c17e8eaea009c38b4aa0a3f306e8
|
||||||
("receiver_hello_packet",
|
797db43c25d68e86f262e564086f59a2fc60511c42abfb3057c247a8a8fe4fb3ccbadde17514b7ac
|
||||||
"""6ef23fcf1cec7312df623f9ae701e63be36a1cdd1b19179146019984f3625d4a
|
8000cdb6a912778426260c47f38919a91f25f4b5ffb455d6aaaf150f7e5529c100ce62d6d92826a7
|
||||||
6e0434a2b96769050577657247b7b02bc6c314470eca7e3ef650b98c83e9d7dd
|
1778d809bdf60232ae21ce8a437eca8223f45ac37f6487452ce626f549b3b5fdee26afd2072e4bc7
|
||||||
4830b3f718ff562349aead2530a8d28a8484604f92e5fced2c6183f304344ab0
|
5833c2464c805246155289f4"""))
|
||||||
e7c301a0c05559f4c25db65e36820b4b909a226171a60ac6cb7beea09376d6d8""")
|
ack3 = fromHex(stripSpaces("""
|
||||||
]
|
01f004076e58aae772bb101ab1a8e64e01ee96e64857ce82b1113817c6cdd52c09d26f7b90981cd7
|
||||||
|
ae835aeac72e1573b8a0225dd56d157a010846d888dac7464baf53f2ad4e3d584531fa203658fab0
|
||||||
|
3a06c9fd5e35737e417bc28c1cbf5e5dfc666de7090f69c3b29754725f84f75382891c561040ea1d
|
||||||
|
dc0d8f381ed1b9d0d4ad2a0ec021421d847820d6fa0ba66eaf58175f1b235e851c7e2124069fbc20
|
||||||
|
2888ddb3ac4d56bcbd1b9b7eab59e78f2e2d400905050f4a92dec1c4bdf797b3fc9b2f8e84a482f3
|
||||||
|
d800386186712dae00d5c386ec9387a5e9c9a1aca5a573ca91082c7d68421f388e79127a5177d4f8
|
||||||
|
590237364fd348c9611fa39f78dcdceee3f390f07991b7b47e1daa3ebcb6ccc9607811cb17ce51f1
|
||||||
|
c8c2c5098dbdd28fca547b3f58c01a424ac05f869f49c6a34672ea2cbbc558428aa1fe48bbfd6115
|
||||||
|
8b1b735a65d99f21e70dbc020bfdface9f724a0d1fb5895db971cc81aa7608baa0920abb0a565c9c
|
||||||
|
436e2fd13323428296c86385f2384e408a31e104670df0791d93e743a3a5194ee6b076fb6323ca59
|
||||||
|
3011b7348c16cf58f66b9633906ba54a2ee803187344b394f75dd2e663a57b956cb830dd7a908d4f
|
||||||
|
39a2336a61ef9fda549180d4ccde21514d117b6c6fd07a9102b5efe710a32af4eeacae2cb3b1dec0
|
||||||
|
35b9593b48b9d3ca4c13d245d5f04169b0b1"""))
|
||||||
|
|
||||||
|
aesSecret2 = fromHex("80e8632c05fed6fc2a13b0f8d31a3cf645366239170ea067065aba8e28bac487")
|
||||||
|
macSecret2 = fromHex("2ea74ec5dae199227dff1af715362700e989d889d7a493cb0639691efb8e5f98")
|
||||||
|
|
||||||
let rng = newRng()
|
let rng = newRng()
|
||||||
|
|
||||||
proc testValue(s: string): string =
|
|
||||||
for item in data:
|
|
||||||
if item[0] == s:
|
|
||||||
result = item[1]
|
|
||||||
break
|
|
||||||
|
|
||||||
suite "Ethereum RLPx encryption/decryption test suite":
|
suite "Ethereum RLPx encryption/decryption test suite":
|
||||||
proc newTestHandshake(flags: set[HandshakeFlag]): Handshake =
|
proc newTestHandshake(flags: set[HandshakeFlag]): Handshake =
|
||||||
if Initiator in flags:
|
if Initiator in flags:
|
||||||
let pk = PrivateKey.fromHex(testValue("initiator_private_key"))[]
|
let pk = PrivateKey.fromRaw(staticKeyA)[]
|
||||||
result = Handshake.init(rng[], pk.toKeyPair(), flags)
|
result = Handshake.init(rng[], pk.toKeyPair(), flags)
|
||||||
let epki = testValue("initiator_ephemeral_private_key")
|
result.ephemeral = PrivateKey.fromRaw(ephemeralKeyA)[].toKeyPair()
|
||||||
result.ephemeral = PrivateKey.fromHex(epki)[].toKeyPair()
|
result.initiatorNonce[0..^1] = nonceA
|
||||||
let nonce = fromHex(stripSpaces(testValue("initiator_nonce")))
|
|
||||||
result.initiatorNonce[0..^1] = nonce[0..^1]
|
|
||||||
elif Responder in flags:
|
elif Responder in flags:
|
||||||
let pk = PrivateKey.fromHex(testValue("receiver_private_key"))[]
|
let pk = PrivateKey.fromRaw(staticKeyB)[]
|
||||||
result = Handshake.init(rng[], pk.toKeyPair(), flags)
|
result = Handshake.init(rng[], pk.toKeyPair(), flags)
|
||||||
let epkr = testValue("receiver_ephemeral_private_key")
|
result.ephemeral = PrivateKey.fromRaw(ephemeralKeyB)[].toKeyPair()
|
||||||
result.ephemeral = PrivateKey.fromHex(epkr)[].toKeyPair()
|
result.responderNonce[0..^1] = nonceB
|
||||||
let nonce = fromHex(stripSpaces(testValue("receiver_nonce")))
|
|
||||||
result.responderNonce[0..^1] = nonce[0..^1]
|
|
||||||
|
|
||||||
test "Encrypt/Decrypt Hello packet test vectors":
|
test "Fail on pre-EIP8 messages":
|
||||||
var initiator = newTestHandshake({Initiator})
|
var initiator = newTestHandshake({Initiator})
|
||||||
var responder = newTestHandshake({Responder})
|
var responder = newTestHandshake({Responder})
|
||||||
var authm = fromHex(stripSpaces(testValue("auth_ciphertext")))
|
check: responder.decodeAuthMessage(auth1).isErr()
|
||||||
var ackm = fromHex(stripSpaces(testValue("authresp_ciphertext")))
|
check: initiator.decodeAckMessage(ack1).isErr()
|
||||||
var stateInitiator0, stateInitiator1: SecretState
|
|
||||||
var stateResponder0, stateResponder1: SecretState
|
|
||||||
responder.decodeAuthMessage(authm).expect("success")
|
|
||||||
initiator.decodeAckMessage(ackm).expect("success")
|
|
||||||
|
|
||||||
var csecInitiator = initiator.getSecrets(authm, ackm)
|
test "Correct shared EIP-8 secret":
|
||||||
var csecResponder = responder.getSecrets(authm, ackm)
|
var initiator = newTestHandshake({Initiator})
|
||||||
initSecretState(csecInitiator, stateInitiator0)
|
var responder = newTestHandshake({Responder})
|
||||||
initSecretState(csecResponder, stateResponder0)
|
|
||||||
initSecretState(csecInitiator, stateInitiator1)
|
|
||||||
initSecretState(csecResponder, stateResponder1)
|
|
||||||
var packet0 = testValue("initiator_hello_packet")
|
|
||||||
var initiatorHello = fromHex(stripSpaces(packet0))
|
|
||||||
var packet1 = testValue("receiver_hello_packet")
|
|
||||||
var responderHello = fromHex(stripSpaces(packet1))
|
|
||||||
var header: array[RlpHeaderLength, byte]
|
|
||||||
|
|
||||||
block:
|
check: responder.decodeAuthMessage(auth2).isOk()
|
||||||
check stateResponder0.decryptHeader(toOpenArray(initiatorHello, 0, 31),
|
check: initiator.decodeAckMessage(ack2).isOk()
|
||||||
header).isOk()
|
|
||||||
let bodysize = getBodySize(header)
|
var csecResponder = responder.getSecrets(auth2, ack2)
|
||||||
check bodysize == 79
|
|
||||||
# we need body size to be rounded to 16 bytes boundary to properly
|
check:
|
||||||
# encrypt/decrypt it.
|
csecResponder.aesKey == aesSecret2
|
||||||
var body = newSeq[byte](decryptedLength(bodysize))
|
csecResponder.macKey == macSecret2
|
||||||
var decrsize = 0
|
var tmpMac = csecResponder.ingressMac
|
||||||
check:
|
tmpMac.update("foo".toOpenArrayByte(0, 2))
|
||||||
stateResponder0.decryptBody(
|
check:
|
||||||
toOpenArray(initiatorHello, 32, len(initiatorHello) - 1),
|
tmpMac.finish().data == fromHex("0c7ec6340062cc46f5e9f1e3cf86f8c8c403c5a0964f5df0ebd34a75ddc86db5")
|
||||||
getBodySize(header), body, decrsize).isOk()
|
|
||||||
decrsize == 79
|
test "Can parse auth/ack with extra bytes":
|
||||||
body.setLen(decrsize)
|
var initiator = newTestHandshake({Initiator})
|
||||||
var hello = newSeq[byte](encryptedLength(bodysize))
|
var responder = newTestHandshake({Responder})
|
||||||
check:
|
check: responder.decodeAuthMessage(auth3).isOk()
|
||||||
stateInitiator1.encrypt(header, body, hello).isOk()
|
check: initiator.decodeAckMessage(ack3).isOk()
|
||||||
hello == initiatorHello
|
|
||||||
block:
|
|
||||||
check stateInitiator0.decryptHeader(toOpenArray(responderHello, 0, 31),
|
|
||||||
header).isOk()
|
|
||||||
let bodysize = getBodySize(header)
|
|
||||||
check bodysize == 79
|
|
||||||
# we need body size to be rounded to 16 bytes boundary to properly
|
|
||||||
# encrypt/decrypt it.
|
|
||||||
var body = newSeq[byte](decryptedLength(bodysize))
|
|
||||||
var decrsize = 0
|
|
||||||
check:
|
|
||||||
stateInitiator0.decryptBody(
|
|
||||||
toOpenArray(responderHello, 32, len(initiatorHello) - 1),
|
|
||||||
getBodySize(header), body, decrsize).isOk()
|
|
||||||
decrsize == 79
|
|
||||||
body.setLen(decrsize)
|
|
||||||
var hello = newSeq[byte](encryptedLength(bodysize))
|
|
||||||
check:
|
|
||||||
stateResponder1.encrypt(header, body, hello).isOk()
|
|
||||||
hello == responderHello
|
|
||||||
|
|
||||||
test "Continuous stream of different lengths (1000 times)":
|
test "Continuous stream of different lengths (1000 times)":
|
||||||
var initiator = newTestHandshake({Initiator})
|
var initiator = newTestHandshake({Initiator})
|
||||||
var responder = newTestHandshake({Responder})
|
var responder = newTestHandshake({Responder})
|
||||||
var m0 = newSeq[byte](initiator.authSize())
|
var m0 = newSeq[byte](AuthMessageMaxEIP8)
|
||||||
var k0 = 0
|
let k0 = initiator.authMessage(rng[], responder.host.pubkey,
|
||||||
var k1 = 0
|
m0).expect("correct buf size")
|
||||||
check initiator.authMessage(rng[], responder.host.pubkey,
|
|
||||||
m0, k0).isOk
|
|
||||||
m0.setLen(k0)
|
m0.setLen(k0)
|
||||||
check responder.decodeAuthMessage(m0).isOk
|
check responder.decodeAuthMessage(m0).isOk
|
||||||
var m1 = newSeq[byte](responder.ackSize())
|
var m1 = newSeq[byte](AckMessageMaxEIP8)
|
||||||
check responder.ackMessage(rng[], m1, k1).isOk
|
let k1 = responder.ackMessage(rng[], m1).expect("correct buf size")
|
||||||
m1.setLen(k1)
|
m1.setLen(k1)
|
||||||
check initiator.decodeAckMessage(m1).isOk
|
check initiator.decodeAckMessage(m1).isOk
|
||||||
|
|
||||||
|
@ -188,11 +159,9 @@ suite "Ethereum RLPx encryption/decryption test suite":
|
||||||
var csecResponder = responder.getSecrets(m0, m1)
|
var csecResponder = responder.getSecrets(m0, m1)
|
||||||
var stateInitiator: SecretState
|
var stateInitiator: SecretState
|
||||||
var stateResponder: SecretState
|
var stateResponder: SecretState
|
||||||
var iheader, rheader: array[16, byte]
|
var iheader: array[16, byte]
|
||||||
initSecretState(csecInitiator, stateInitiator)
|
initSecretState(csecInitiator, stateInitiator)
|
||||||
initSecretState(csecResponder, stateResponder)
|
initSecretState(csecResponder, stateResponder)
|
||||||
burnMem(iheader)
|
|
||||||
burnMem(rheader)
|
|
||||||
for i in 1..1000:
|
for i in 1..1000:
|
||||||
# initiator -> responder
|
# initiator -> responder
|
||||||
block:
|
block:
|
||||||
|
@ -205,23 +174,21 @@ suite "Ethereum RLPx encryption/decryption test suite":
|
||||||
randomBytes(ibody) == len(ibody)
|
randomBytes(ibody) == len(ibody)
|
||||||
stateInitiator.encrypt(iheader, ibody,
|
stateInitiator.encrypt(iheader, ibody,
|
||||||
encrypted).isOk()
|
encrypted).isOk()
|
||||||
stateResponder.decryptHeader(toOpenArray(encrypted, 0, 31),
|
let rheader = stateResponder.decryptHeader(
|
||||||
rheader).isOk()
|
toOpenArray(encrypted, 0, 31)).expect("valid data")
|
||||||
|
|
||||||
var length = getBodySize(rheader)
|
var length = getBodySize(rheader)
|
||||||
check length == len(ibody)
|
check length == len(ibody)
|
||||||
var rbody = newSeq[byte](decryptedLength(length))
|
var rbody = newSeq[byte](decryptedLength(length))
|
||||||
var decrsize = 0
|
|
||||||
check:
|
check:
|
||||||
stateResponder.decryptBody(
|
stateResponder.decryptBody(
|
||||||
toOpenArray(encrypted, 32, len(encrypted) - 1),
|
toOpenArray(encrypted, 32, len(encrypted) - 1),
|
||||||
length, rbody, decrsize).isOk()
|
length, rbody).isOk()
|
||||||
decrsize == length
|
rbody.setLen(length)
|
||||||
rbody.setLen(decrsize)
|
|
||||||
check:
|
check:
|
||||||
iheader == rheader
|
iheader == rheader
|
||||||
ibody == rbody
|
ibody == rbody
|
||||||
burnMem(iheader)
|
burnMem(iheader)
|
||||||
burnMem(rheader)
|
|
||||||
# responder -> initiator
|
# responder -> initiator
|
||||||
block:
|
block:
|
||||||
var ibody = newSeq[byte](i * 3)
|
var ibody = newSeq[byte](i * 3)
|
||||||
|
@ -233,20 +200,17 @@ suite "Ethereum RLPx encryption/decryption test suite":
|
||||||
randomBytes(ibody) == len(ibody)
|
randomBytes(ibody) == len(ibody)
|
||||||
stateResponder.encrypt(iheader, ibody,
|
stateResponder.encrypt(iheader, ibody,
|
||||||
encrypted).isOk()
|
encrypted).isOk()
|
||||||
stateInitiator.decryptHeader(toOpenArray(encrypted, 0, 31),
|
let rheader = stateInitiator.decryptHeader(
|
||||||
rheader).isOk()
|
toOpenArray(encrypted, 0, 31)).expect("valid data")
|
||||||
var length = getBodySize(rheader)
|
var length = getBodySize(rheader)
|
||||||
check length == len(ibody)
|
check length == len(ibody)
|
||||||
var rbody = newSeq[byte](decryptedLength(length))
|
var rbody = newSeq[byte](decryptedLength(length))
|
||||||
var decrsize = 0
|
|
||||||
check:
|
check:
|
||||||
stateInitiator.decryptBody(
|
stateInitiator.decryptBody(
|
||||||
toOpenArray(encrypted, 32, len(encrypted) - 1),
|
toOpenArray(encrypted, 32, len(encrypted) - 1),
|
||||||
length, rbody, decrsize).isOk()
|
length, rbody).isOk()
|
||||||
decrsize == length
|
|
||||||
rbody.setLen(length)
|
rbody.setLen(length)
|
||||||
check:
|
check:
|
||||||
iheader == rheader
|
iheader == rheader
|
||||||
ibody == rbody
|
ibody == rbody
|
||||||
burnMem(iheader)
|
burnMem(iheader)
|
||||||
burnMem(rheader)
|
|
||||||
|
|
|
@ -417,6 +417,9 @@ suite "Discovery v5 Tests":
|
||||||
let discoveredFiltered = lookupNode.randomNodes(10,
|
let discoveredFiltered = lookupNode.randomNodes(10,
|
||||||
("test", @[byte 1,2,3,4]))
|
("test", @[byte 1,2,3,4]))
|
||||||
check discoveredFiltered.len == 1 and discoveredFiltered.contains(targetNode)
|
check discoveredFiltered.len == 1 and discoveredFiltered.contains(targetNode)
|
||||||
|
let discoveredEmpty = lookupNode.randomNodes(10,
|
||||||
|
proc(n: Node) : bool = false)
|
||||||
|
check discoveredEmpty.len == 0
|
||||||
|
|
||||||
await lookupNode.closeWait()
|
await lookupNode.closeWait()
|
||||||
|
|
||||||
|
|
|
@ -31,8 +31,6 @@ p2pProtocol abc(version = 1,
|
||||||
|
|
||||||
onPeerDisconnected do (peer: Peer, reason: DisconnectionReason) {.gcsafe.}:
|
onPeerDisconnected do (peer: Peer, reason: DisconnectionReason) {.gcsafe.}:
|
||||||
peer.networkState.count -= 1
|
peer.networkState.count -= 1
|
||||||
if true:
|
|
||||||
raise newException(CatchableError, "Fake abc exception")
|
|
||||||
|
|
||||||
p2pProtocol xyz(version = 1,
|
p2pProtocol xyz(version = 1,
|
||||||
rlpxName = "xyz",
|
rlpxName = "xyz",
|
||||||
|
@ -45,8 +43,6 @@ p2pProtocol xyz(version = 1,
|
||||||
|
|
||||||
onPeerDisconnected do (peer: Peer, reason: DisconnectionReason) {.gcsafe.}:
|
onPeerDisconnected do (peer: Peer, reason: DisconnectionReason) {.gcsafe.}:
|
||||||
peer.networkState.count -= 1
|
peer.networkState.count -= 1
|
||||||
if true:
|
|
||||||
raise newException(CatchableError, "Fake xyz exception")
|
|
||||||
peer.state.status = "disconnected"
|
peer.state.status = "disconnected"
|
||||||
|
|
||||||
p2pProtocol hah(version = 1,
|
p2pProtocol hah(version = 1,
|
||||||
|
@ -77,11 +73,10 @@ suite "Testing protocol handlers":
|
||||||
|
|
||||||
await peer.disconnect(SubprotocolReason, true)
|
await peer.disconnect(SubprotocolReason, true)
|
||||||
check:
|
check:
|
||||||
# we want to check that even though the exceptions in the disconnect
|
# all disconnection handlers are called
|
||||||
# handlers, each handler still ran
|
|
||||||
node1.protocolState(abc).count == 0
|
node1.protocolState(abc).count == 0
|
||||||
node1.protocolState(xyz).count == 0
|
node1.protocolState(xyz).count == 0
|
||||||
peer.state(xyz).status == "connected"
|
peer.state(xyz).status == "disconnected"
|
||||||
|
|
||||||
asyncTest "Failing connection handler":
|
asyncTest "Failing connection handler":
|
||||||
let rng = newRng()
|
let rng = newRng()
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
"Invalid list when decoding for object": {
|
"Invalid list when decoding for object": {
|
||||||
"payload": "03",
|
"payload": "03",
|
||||||
"error": "MalformedRlpError",
|
"error": "PeerDisconnected",
|
||||||
"description": "Object parameters are expected to be encoded in an RLP list"
|
"description": "Object parameters are expected to be encoded in an RLP list"
|
||||||
},
|
},
|
||||||
"Message id that is not supported": {
|
"Message id that is not supported": {
|
||||||
|
@ -21,62 +21,62 @@
|
||||||
},
|
},
|
||||||
"No Hash nor Status, but empty list": {
|
"No Hash nor Status, but empty list": {
|
||||||
"payload": "20c1c0",
|
"payload": "20c1c0",
|
||||||
"error": "RlpTypeMismatch",
|
"error": "PeerDisconnected",
|
||||||
"description": "Decoding to HashOrStatus expects blob of size 1 or 32"
|
"description": "Decoding to HashOrStatus expects blob of size 1 or 32"
|
||||||
},
|
},
|
||||||
"No Hash nor Status, list instead of blob": {
|
"No Hash nor Status, list instead of blob": {
|
||||||
"payload": "20c2c1c0",
|
"payload": "20c2c1c0",
|
||||||
"error": "RlpTypeMismatch",
|
"error": "PeerDisconnected",
|
||||||
"description": "Decoding to HashOrStatus expects blob of size 1 or 32"
|
"description": "Decoding to HashOrStatus expects blob of size 1 or 32"
|
||||||
},
|
},
|
||||||
"No Hash nor Status, blob of 2 bytes": {
|
"No Hash nor Status, blob of 2 bytes": {
|
||||||
"payload": "20c4c3820011",
|
"payload": "20c4c3820011",
|
||||||
"error": "RlpTypeMismatch",
|
"error": "PeerDisconnected",
|
||||||
"description": "Decoding to HashOrStatus expects blob of size 1 or 32"
|
"description": "Decoding to HashOrStatus expects blob of size 1 or 32"
|
||||||
},
|
},
|
||||||
"No Hash nor Status, blob of 33 bytes": {
|
"No Hash nor Status, blob of 33 bytes": {
|
||||||
"payload": "20e3e2a100112233445566778899aabbccddeeff00112233445566778899aabbcceeddff33",
|
"payload": "20e3e2a100112233445566778899aabbccddeeff00112233445566778899aabbcceeddff33",
|
||||||
"error": "RlpTypeMismatch",
|
"error": "PeerDisconnected",
|
||||||
"description": "Decoding to HashOrStatus expects blob of size 1 or 32"
|
"description": "Decoding to HashOrStatus expects blob of size 1 or 32"
|
||||||
},
|
},
|
||||||
"Listing elements when no data": {
|
"Listing elements when no data": {
|
||||||
"payload": "01e1",
|
"payload": "01e1",
|
||||||
"error": "MalformedRlpError",
|
"error": "PeerDisconnected",
|
||||||
"description": "listElem to error on empty list"
|
"description": "listElem to error on empty list"
|
||||||
},
|
},
|
||||||
"Listing elements when invalid length": {
|
"Listing elements when invalid length": {
|
||||||
"payload": "01ffdada",
|
"payload": "01ffdada",
|
||||||
"error": "MalformedRlpError",
|
"error": "PeerDisconnected",
|
||||||
"description": "listElem to error on invalid size encoding"
|
"description": "listElem to error on invalid size encoding"
|
||||||
},
|
},
|
||||||
"Listing single element list when having more entries": {
|
"Listing single element list when having more entries": {
|
||||||
"payload": "01c20420",
|
"payload": "01c20420",
|
||||||
"error": "RlpTypeMismatch",
|
"error": "PeerDisconnected",
|
||||||
"description": "listElem to assert on not a single entry list"
|
"description": "listElem to assert on not a single entry list"
|
||||||
},
|
},
|
||||||
"Listing single element list when having empty list": {
|
"Listing single element list when having empty list": {
|
||||||
"payload": "01c0",
|
"payload": "01c0",
|
||||||
"error": "RlpTypeMismatch",
|
"error": "PeerDisconnected",
|
||||||
"description": "listElem to assert on not a single entry list"
|
"description": "listElem to assert on not a single entry list"
|
||||||
},
|
},
|
||||||
"DisconnectReason: single element list with entry out off enum range": {
|
"DisconnectReason: single element list with entry out off enum range": {
|
||||||
"payload": "01c111",
|
"payload": "01c111",
|
||||||
"error": "RlpTypeMismatch",
|
"error": "PeerDisconnected",
|
||||||
"description": "Disconnect reason code out of bounds 0..16 (got: 17)"
|
"description": "Disconnect reason code out of bounds 0..16 (got: 17)"
|
||||||
},
|
},
|
||||||
"DisconnectReason: single element out off enum range": {
|
"DisconnectReason: single element out off enum range": {
|
||||||
"payload": "0111",
|
"payload": "0111",
|
||||||
"error": "RlpTypeMismatch",
|
"error": "PeerDisconnected",
|
||||||
"description": "Disconnect reason code out of bounds 0..16 (got: 17)"
|
"description": "Disconnect reason code out of bounds 0..16 (got: 17)"
|
||||||
},
|
},
|
||||||
"DisconnectReason: single element list with enum hole value": {
|
"DisconnectReason: single element list with enum hole value": {
|
||||||
"payload": "01c10C",
|
"payload": "01c10C",
|
||||||
"error": "RlpTypeMismatch",
|
"error": "PeerDisconnected",
|
||||||
"description": "Error on Disconnect reason with enum hole value"
|
"description": "Error on Disconnect reason with enum hole value"
|
||||||
},
|
},
|
||||||
"DisconnectReason: single element with enum hole value": {
|
"DisconnectReason: single element with enum hole value": {
|
||||||
"payload": "010C",
|
"payload": "010C",
|
||||||
"error": "RlpTypeMismatch",
|
"error": "PeerDisconnected",
|
||||||
"description": "Error on Disconnect reason with enum hole value"
|
"description": "Error on Disconnect reason with enum hole value"
|
||||||
},
|
},
|
||||||
"devp2p hello packet version 22 + additional list elements for EIP-8": {
|
"devp2p hello packet version 22 + additional list elements for EIP-8": {
|
||||||
|
|
|
@ -0,0 +1,60 @@
|
||||||
|
{.used.}
|
||||||
|
|
||||||
|
import
|
||||||
|
unittest2,
|
||||||
|
chronos/unittest2/asynctests,
|
||||||
|
../../eth/common/keys,
|
||||||
|
../../eth/p2p/rlpxtransport
|
||||||
|
|
||||||
|
suite "RLPx transport":
|
||||||
|
setup:
|
||||||
|
let
|
||||||
|
rng = newRng()
|
||||||
|
keys1 = KeyPair.random(rng[])
|
||||||
|
keys2 = KeyPair.random(rng[])
|
||||||
|
server = createStreamServer(initTAddress("127.0.0.1:0"), {ReuseAddr})
|
||||||
|
|
||||||
|
teardown:
|
||||||
|
waitFor server.closeWait()
|
||||||
|
|
||||||
|
asyncTest "Connect/accept":
|
||||||
|
const msg = @[byte 0, 1, 2, 3]
|
||||||
|
proc serveClient(server: StreamServer) {.async.} =
|
||||||
|
let transp = await server.accept()
|
||||||
|
let a = await RlpxTransport.accept(rng, keys1, transp)
|
||||||
|
await a.sendMsg(msg)
|
||||||
|
await a.closeWait()
|
||||||
|
|
||||||
|
let serverFut = server.serveClient()
|
||||||
|
defer:
|
||||||
|
await serverFut.wait(1.seconds)
|
||||||
|
|
||||||
|
let client =
|
||||||
|
await RlpxTransport.connect(rng, keys2, server.localAddress(), keys1.pubkey)
|
||||||
|
|
||||||
|
defer:
|
||||||
|
await client.closeWait()
|
||||||
|
let rmsg = await client.recvMsg().wait(1.seconds)
|
||||||
|
|
||||||
|
check:
|
||||||
|
msg == rmsg
|
||||||
|
|
||||||
|
await serverFut
|
||||||
|
|
||||||
|
asyncTest "Detect invalid pubkey":
|
||||||
|
proc serveClient(server: StreamServer) {.async.} =
|
||||||
|
let transp = await server.accept()
|
||||||
|
discard await RlpxTransport.accept(rng, keys1, transp)
|
||||||
|
raiseAssert "should fail to accept due to pubkey error"
|
||||||
|
|
||||||
|
let serverFut = server.serveClient()
|
||||||
|
defer:
|
||||||
|
expect(RlpxTransportError):
|
||||||
|
await serverFut.wait(1.seconds)
|
||||||
|
|
||||||
|
let keys3 = KeyPair.random(rng[])
|
||||||
|
|
||||||
|
# accept side should close connections
|
||||||
|
expect(TransportError):
|
||||||
|
discard
|
||||||
|
await RlpxTransport.connect(rng, keys2, server.localAddress(), keys3.pubkey)
|
|
@ -2,4 +2,5 @@ import
|
||||||
./test_api_usage,
|
./test_api_usage,
|
||||||
./test_json_suite,
|
./test_json_suite,
|
||||||
./test_empty_string,
|
./test_empty_string,
|
||||||
./test_object_serialization
|
./test_object_serialization,
|
||||||
|
./test_optional_fields
|
||||||
|
|
|
@ -21,8 +21,7 @@ proc test_blockBodyTranscode() =
|
||||||
transactions: @[
|
transactions: @[
|
||||||
Transaction(nonce: 1)]),
|
Transaction(nonce: 1)]),
|
||||||
BlockBody(
|
BlockBody(
|
||||||
uncles: @[
|
uncles: @[Header(nonce: Bytes8([0x20u8,0,0,0,0,0,0,0]))]),
|
||||||
BlockHeader(nonce: BlockNonce([0x20u8,0,0,0,0,0,0,0]))]),
|
|
||||||
BlockBody(),
|
BlockBody(),
|
||||||
BlockBody(
|
BlockBody(
|
||||||
transactions: @[
|
transactions: @[
|
||||||
|
|
|
@ -0,0 +1,68 @@
|
||||||
|
{.used.}
|
||||||
|
|
||||||
|
import
|
||||||
|
../../eth/[rlp, common],
|
||||||
|
unittest2
|
||||||
|
|
||||||
|
# Optionals in between mandatory fields for the convenience of
|
||||||
|
# implementation. According to the spec all optionals appear
|
||||||
|
# after mandatory fields. Moreover, an empty optional field
|
||||||
|
# cannot and will not appear before a non-empty optional field
|
||||||
|
|
||||||
|
type ObjectWithOptionals = object
|
||||||
|
a* : uint64
|
||||||
|
b* : uint64
|
||||||
|
c* : Opt[uint64] # should not count this as optional
|
||||||
|
d* : Opt[uint64] # should not count this as optional
|
||||||
|
e* : uint64
|
||||||
|
f* : uint64
|
||||||
|
g* : uint64
|
||||||
|
h* : Opt[uint64] # should not count this as optional
|
||||||
|
i* : Opt[uint64] # should not count this as optional
|
||||||
|
j* : Opt[uint64] # should not count this as optional
|
||||||
|
k* : uint64
|
||||||
|
l* : Opt[uint64] # should count this as an optional
|
||||||
|
m* : Opt[uint64] # should count this as an optional
|
||||||
|
n* : Opt[uint64] # should count this as an optional
|
||||||
|
|
||||||
|
var
|
||||||
|
objWithEmptyOptional: ObjectWithOptionals
|
||||||
|
objWithNonEmptyOptional: ObjectWithOptionals
|
||||||
|
objWithNonEmptyTrailingOptionals: ObjectWithOptionals
|
||||||
|
objWithEmptyTrailingOptionals: ObjectWithOptionals
|
||||||
|
|
||||||
|
objWithNonEmptyOptional.c = Opt.some(0'u64)
|
||||||
|
objWithNonEmptyOptional.d = Opt.some(0'u64)
|
||||||
|
objWithNonEmptyOptional.h = Opt.some(0'u64)
|
||||||
|
objWithNonEmptyOptional.i = Opt.some(0'u64)
|
||||||
|
objWithNonEmptyOptional.j = Opt.some(0'u64)
|
||||||
|
objWithNonEmptyOptional.l = Opt.some(0'u64)
|
||||||
|
objWithNonEmptyOptional.m = Opt.some(0'u64)
|
||||||
|
objWithNonEmptyOptional.n = Opt.some(0'u64)
|
||||||
|
|
||||||
|
objWithNonEmptyTrailingOptionals.l = Opt.some(0'u64)
|
||||||
|
objWithNonEmptyTrailingOptionals.m = Opt.some(0'u64)
|
||||||
|
objWithNonEmptyTrailingOptionals.n = Opt.some(0'u64)
|
||||||
|
|
||||||
|
objWithEmptyTrailingOptionals.c = Opt.some(0'u64)
|
||||||
|
objWithEmptyTrailingOptionals.d = Opt.some(0'u64)
|
||||||
|
objWithEmptyTrailingOptionals.h = Opt.some(0'u64)
|
||||||
|
objWithEmptyTrailingOptionals.i = Opt.some(0'u64)
|
||||||
|
objWithEmptyTrailingOptionals.j = Opt.some(0'u64)
|
||||||
|
|
||||||
|
suite "test optional fields":
|
||||||
|
test "all optionals are empty":
|
||||||
|
let bytes = rlp.encode(objWithEmptyOptional)
|
||||||
|
check: bytes.len == 7 # 6 mandatory fields + prefix byte
|
||||||
|
|
||||||
|
test "all optionals are non empty":
|
||||||
|
let bytes = rlp.encode(objWithNonEmptyOptional)
|
||||||
|
check: bytes.len == 15 # 6 mandatory + 8 optional + prefix
|
||||||
|
|
||||||
|
test "Only trailing optionals are non empty":
|
||||||
|
let bytes = rlp.encode(objWithNonEmptyTrailingOptionals)
|
||||||
|
check: bytes.len == 10 # 6 mandatory + 3 trailing optional + prefix
|
||||||
|
|
||||||
|
test "Only trailing optionals are empty":
|
||||||
|
let bytes = rlp.encode(objWithEmptyTrailingOptionals)
|
||||||
|
check: bytes.len == 12 # 6 mandatory + 5 non trailing + prefix
|
Loading…
Reference in New Issue