mirror of
https://github.com/status-im/nim-libp2p.git
synced 2025-01-23 19:30:15 +00:00
c02fca25f8
* Start ChaCha20Poly1305 integration (BearSSL) * Add Curve25519 (BearSSL) required operations for noise * Fix curve mulgen iterate/derive * Fix misleading header * Add chachapoly proper test * Curve25519 integration tests (failing, something is wrong) * Add few converters, finish c25519 integration tests * Remove implicit converters * removed internal globals * Start noise implementation * Fix public() using proper bear mulgen * Noise protocol WIP * Noise progress * Add a quick nim version of HKDF * Converted hkdf to iterator, useful for noise * Noise protocol implementation progress * Noise progress * XX handshake almost there * noise progress * Noise, testing handshake with test vectors * Noise handshake progress, still wrong somewhere! * Noise handshake success! * Full verified noise XX handshake completed * Fix and rewrite test to be similar to switch one * Start with connection upgrade * Switch chachapoly to CT implementations * Improve HKDF implementation * Use a type insted of tuple for HandshakeResult * Remove unnecessary Let * More cosmetic fixes * Properly check randomBytes result * Fix chachapoly signature * Noise full circle (altho dispatcher is nil cursed) * Allow nil aads in chachapoly routines * Noise implementation up to running full test * Use bearssl HKDF as well * Directly use bearssl rng for curve25519 keys * Add a (disabled/no CI) noise interop test server * WIP on fixing interop issues * More fixes in noise implementation for interop * bump chronos requirement (nimble) * Add a chachapoly test for very small size payloads * Noise, more tracing * Add 2 properly working noise tests * Fix payload packing, following the spec properly (and not go version but rather rust) * Sanity, replace discard with asyncCheck * Small fixes and optimization * Use stew endian2 rather then system endian module * Update nimble deps (chronos) * Minor cosmetic/code sanity fixes * Noise, handle Nonce max * Noise tests, make sure to close secured conns * More polish, improve code readability too * More polish and testing again which test fails * Further polishing * Restore noise tests * Remove useless Future[void] * Remove useless CipherState initializer * add a proper read wait future in second noise test * Remove noise generic secure implementation for now * Few fixes to run eth2 sim * Add more debug info in noise traces * Merge size + payload write in sendEncryptedMessage * Revert secure interface, add outgoing property directly in newNoise * remove sendEncrypted and receiveEncrypted * Use openarray in chachapoly and curve25519 helpers
87 lines
2.8 KiB
Nim
87 lines
2.8 KiB
Nim
## Nim-LibP2P
|
|
## Copyright (c) 2019 Status Research & Development GmbH
|
|
## Licensed under either of
|
|
## * Apache License, version 2.0, ([LICENSE-APACHE](LICENSE-APACHE))
|
|
## * MIT license ([LICENSE-MIT](LICENSE-MIT))
|
|
## at your option.
|
|
## This file may not be copied, modified, or distributed except according to
|
|
## those terms.
|
|
|
|
import options
|
|
import chronos
|
|
import chronicles
|
|
import ../protocol,
|
|
../../stream/bufferstream,
|
|
../../crypto/crypto,
|
|
../../connection,
|
|
../../peerinfo
|
|
|
|
type
|
|
Secure* = ref object of LPProtocol # base type for secure managers
|
|
SecureConn* = ref object of Connection
|
|
|
|
method readMessage*(c: SecureConn): Future[seq[byte]] {.async, base.} =
|
|
doAssert(false, "Not implemented!")
|
|
|
|
method writeMessage*(c: SecureConn, data: seq[byte]) {.async, base.} =
|
|
doAssert(false, "Not implemented!")
|
|
|
|
method handshake(s: Secure,
|
|
conn: Connection,
|
|
initiator: bool = false): Future[SecureConn] {.async, base.} =
|
|
doAssert(false, "Not implemented!")
|
|
|
|
proc readLoop(sconn: SecureConn, stream: BufferStream) {.async.} =
|
|
try:
|
|
while not sconn.closed:
|
|
let msg = await sconn.readMessage()
|
|
if msg.len == 0:
|
|
trace "stream EOF"
|
|
return
|
|
|
|
await stream.pushTo(msg)
|
|
except CatchableError as exc:
|
|
trace "exception occurred SecioConn.readLoop", exc = exc.msg
|
|
finally:
|
|
if not sconn.closed:
|
|
await sconn.close()
|
|
trace "ending secio readLoop", isclosed = sconn.closed()
|
|
|
|
proc handleConn*(s: Secure, conn: Connection, initiator: bool = false): Future[Connection] {.async, gcsafe.} =
|
|
var sconn = await s.handshake(conn, initiator)
|
|
proc writeHandler(data: seq[byte]) {.async, gcsafe.} =
|
|
trace "sending encrypted bytes", bytes = data.toHex()
|
|
await sconn.writeMessage(data)
|
|
|
|
var stream = newBufferStream(writeHandler)
|
|
asyncCheck readLoop(sconn, stream)
|
|
result = newConnection(stream)
|
|
result.closeEvent.wait()
|
|
.addCallback do (udata: pointer):
|
|
trace "wrapped connection closed, closing upstream"
|
|
if not isNil(sconn) and not sconn.closed:
|
|
asyncCheck sconn.close()
|
|
|
|
result.peerInfo = PeerInfo.init(sconn.peerInfo.publicKey.get())
|
|
|
|
method init*(s: Secure) {.gcsafe.} =
|
|
proc handle(conn: Connection, proto: string) {.async, gcsafe.} =
|
|
trace "handling connection"
|
|
try:
|
|
asyncCheck s.handleConn(conn, false)
|
|
trace "connection secured"
|
|
except CatchableError as exc:
|
|
if not conn.closed():
|
|
warn "securing connection failed", msg = exc.msg
|
|
await conn.close()
|
|
|
|
s.handler = handle
|
|
|
|
method secure*(s: Secure, conn: Connection): Future[Connection] {.async, base, gcsafe.} =
|
|
try:
|
|
result = await s.handleConn(conn, true)
|
|
except CatchableError as exc:
|
|
warn "securing connection failed", msg = exc.msg
|
|
if not conn.closed():
|
|
await conn.close()
|