check identify request against known pubkey

libp2p/identify.nim

@@ -7,10 +7,12 @@
 ## This file may not be copied, modified, or distributed except according to
 ## those terms.
 
+import options
 import chronos
 import protobuf/minprotobuf, peerinfo, 
        protocol as proto, connection,
-       peer, crypto/crypto, multiaddress
+       peer, crypto/crypto, multiaddress,
+       crypto/crypto
 
 const IdentifyCodec* = "/ipfs/id/1.0.0"
 const IdentifyPushCodec* = "/ipfs/id/push/1.0.0"
@@ -20,10 +22,7 @@ const AgentVersion* = "nim-libp2p/0.0.1"
 #TODO: implment push identify, leaving out for now as it is not essential
 
 type
-  # TODO: we're doing protobuf manualy, this is only temporary
+  IdentityNoMatchError* = object of CatchableError
-  ProtoField[T] = object
-    index: int
-    field: T
 
   IdentifyInfo* = object
     pubKey*: PublicKey
@@ -92,11 +91,18 @@ method init*(p: Identify) =
 
   p.handler = handle
 
-proc identify*(p: Identify, conn: Connection): Future[IdentifyInfo] {.async.} = 
+proc identify*(p: Identify, 
+               conn: Connection, 
+               remotePeerInfo: Option[PeerInfo] = none(PeerInfo)): 
+               Future[IdentifyInfo] {.async.} = 
   var message = await conn.readLp()
   if len(message) == 0:
     raise newException(CatchableError, "Incorrect or empty message received!")
   result = decodeMsg(message)
+  if remotePeerInfo.isSome and 
+      remotePeerInfo.get().peerId.publicKey != result.pubKey:
+    raise newException(IdentityNoMatchError, 
+      "Peer's remote public key doesn't match")
 
 proc push*(p: Identify, conn: Connection) {.async.} =
   await conn.write(IdentifyPushCodec)

tests/testidentify.nim

@@ -1,4 +1,4 @@
-import unittest
+import unittest, options
 import chronos, strutils, sequtils
 import ../libp2p/identify, ../libp2p/multiaddress, 
        ../libp2p/peerinfo, ../libp2p/peer, 
@@ -17,6 +17,8 @@ suite "Identify":
         var peerInfo: PeerInfo
         peerInfo.peerId = PeerID.init(remoteSeckey)
         peerInfo.addrs.add(ma)
+        peerInfo.protocols.add("/test/proto1/1.0.0")
+        peerInfo.protocols.add("/test/proto2/1.0.0")
 
         let identifyProto = newIdentify(peerInfo)
         let msListen = newMultistream()
@@ -48,6 +50,7 @@ suite "Identify":
         check id.addrs[0] == ma
         check id.protoVersion == ProtoVersion
         check id.agentVersion == AgentVersion
+        check id.protos == @["/test/proto1/1.0.0", "/test/proto2/1.0.0"]
 
       await allFutures(receiver(), sender())
       result = true
@@ -55,3 +58,44 @@ suite "Identify":
     check:
       waitFor(testHandle()) == true
   
+  test "handle failed identify":
+    proc testHandleError() {.async.} =
+      let ma: MultiAddress = Multiaddress.init("/ip4/127.0.0.1/tcp/53361")
+
+      let remoteSeckey = PrivateKey.random(RSA)
+      var remotePeerInfo: PeerInfo
+      remotePeerInfo.peerId = PeerID.init(remoteSeckey)
+      remotePeerInfo.addrs.add(ma)
+
+      let identifyProto1 = newIdentify(remotePeerInfo)
+      let msListen = newMultistream()
+
+      msListen.addHandler(IdentifyCodec, identifyProto1)
+      proc connHandler(conn: Connection): Future[void] {.async, gcsafe.} =
+        await msListen.handle(conn)
+
+      let transport1: TcpTransport = newTransport(TcpTransport)
+      await transport1.listen(ma, connHandler)
+
+      let msDial = newMultistream()
+      let transport2: TcpTransport = newTransport(TcpTransport)
+      let conn = await transport2.dial(ma)
+
+      let seckey = PrivateKey.random(RSA)
+      var localPeerInfo: PeerInfo
+      localPeerInfo.peerId = PeerID.init(seckey)
+      localPeerInfo.addrs.add(ma)
+
+      let identifyProto2 = newIdentify(localPeerInfo)
+      let res = await msDial.select(conn, IdentifyCodec)
+
+      let wrongSec = PrivateKey.random(RSA)
+      var wrongRemotePeer: PeerInfo
+      wrongRemotePeer.peerId = PeerID.init(wrongSec)
+
+      let id = await identifyProto2.identify(conn, some(wrongRemotePeer))
+      await conn.close()
+
+    expect IdentityNoMatchError:
+      waitFor(testHandleError())
+