Merge pull request #405 from mhchia/feature/noise

Noise: skeleton of transport and connection

Makefile

@@ -17,6 +17,7 @@ PB = libp2p/crypto/pb/crypto.proto \
 	libp2p/pubsub/pb/rpc.proto \
 	libp2p/security/insecure/pb/plaintext.proto \
 	libp2p/security/secio/pb/spipe.proto \
+	libp2p/security/noise/pb/noise.proto \
 	libp2p/identity/identify/pb/identify.proto
 PY = $(PB:.proto=_pb2.py)
 PYI = $(PB:.proto=_pb2.pyi)

docs/libp2p.security.noise.pb.rst

@@ -0,0 +1,22 @@
+libp2p.security.noise.pb package
+================================
+
+Submodules
+----------
+
+libp2p.security.noise.pb.noise\_pb2 module
+------------------------------------------
+
+.. automodule:: libp2p.security.noise.pb.noise_pb2
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+
+Module contents
+---------------
+
+.. automodule:: libp2p.security.noise.pb
+   :members:
+   :undoc-members:
+   :show-inheritance:

docs/libp2p.security.noise.rst

@@ -0,0 +1,45 @@
+libp2p.security.noise package
+=============================
+
+Subpackages
+-----------
+
+.. toctree::
+
+   libp2p.security.noise.pb
+
+Submodules
+----------
+
+libp2p.security.noise.connection module
+---------------------------------------
+
+.. automodule:: libp2p.security.noise.connection
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+libp2p.security.noise.patterns module
+-------------------------------------
+
+.. automodule:: libp2p.security.noise.patterns
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+libp2p.security.noise.transport module
+--------------------------------------
+
+.. automodule:: libp2p.security.noise.transport
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+
+Module contents
+---------------
+
+.. automodule:: libp2p.security.noise
+   :members:
+   :undoc-members:
+   :show-inheritance:

docs/libp2p.security.rst

@@ -6,8 +6,9 @@ Subpackages
 
 .. toctree::
 
-    libp2p.security.insecure
-    libp2p.security.secio
+   libp2p.security.insecure
+   libp2p.security.noise
+   libp2p.security.secio
 
 Submodules
 ----------
@@ -16,55 +17,55 @@ libp2p.security.base\_session module
 ------------------------------------
 
 .. automodule:: libp2p.security.base_session
-    :members:
-    :undoc-members:
-    :show-inheritance:
+   :members:
+   :undoc-members:
+   :show-inheritance:
 
 libp2p.security.base\_transport module
 --------------------------------------
 
 .. automodule:: libp2p.security.base_transport
-    :members:
-    :undoc-members:
-    :show-inheritance:
+   :members:
+   :undoc-members:
+   :show-inheritance:
 
 libp2p.security.exceptions module
 ---------------------------------
 
 .. automodule:: libp2p.security.exceptions
-    :members:
-    :undoc-members:
-    :show-inheritance:
+   :members:
+   :undoc-members:
+   :show-inheritance:
 
 libp2p.security.secure\_conn\_interface module
 ----------------------------------------------
 
 .. automodule:: libp2p.security.secure_conn_interface
-    :members:
-    :undoc-members:
-    :show-inheritance:
+   :members:
+   :undoc-members:
+   :show-inheritance:
 
 libp2p.security.secure\_transport\_interface module
 ---------------------------------------------------
 
 .. automodule:: libp2p.security.secure_transport_interface
-    :members:
-    :undoc-members:
-    :show-inheritance:
+   :members:
+   :undoc-members:
+   :show-inheritance:
 
 libp2p.security.security\_multistream module
 --------------------------------------------
 
 .. automodule:: libp2p.security.security_multistream
-    :members:
-    :undoc-members:
-    :show-inheritance:
+   :members:
+   :undoc-members:
+   :show-inheritance:
 
 
 Module contents
 ---------------
 
 .. automodule:: libp2p.security
-    :members:
-    :undoc-members:
-    :show-inheritance:
+   :members:
+   :undoc-members:
+   :show-inheritance:

libp2p/io/abc.py

@@ -14,7 +14,7 @@ async def read(self, n: int = None) -> bytes:
 
 class Writer(ABC):
     @abstractmethod
-    async def write(self, data: bytes) -> int:
+    async def write(self, data: bytes) -> None:
         ...
 
 

libp2p/io/msgio.py

@@ -31,9 +31,8 @@ class MsgIOWriter(WriteCloser):
     def __init__(self, write_closer: WriteCloser) -> None:
         self.write_closer = write_closer
 
-    async def write(self, data: bytes) -> int:
+    async def write(self, data: bytes) -> None:
         await self.write_msg(data)
-        return len(data)
 
     async def write_msg(self, msg: bytes) -> None:
         data = encode_msg_with_length(msg)

libp2p/network/stream/net_stream.py

@@ -51,14 +51,14 @@ async def read(self, n: int = None) -> bytes:
         except MuxedStreamReset as error:
             raise StreamReset() from error
 
-    async def write(self, data: bytes) -> int:
+    async def write(self, data: bytes) -> None:
         """
         write to stream.
 
         :return: number of bytes written
         """
         try:
-            return await self.muxed_stream.write(data)
+            await self.muxed_stream.write(data)
         except MuxedStreamClosed as error:
             raise StreamClosed() from error
 

libp2p/security/insecure/transport.py

@@ -35,9 +35,8 @@ def __init__(
         super().__init__(local_peer, local_private_key, is_initiator, peer_id)
         self.conn = conn
 
-    async def write(self, data: bytes) -> int:
+    async def write(self, data: bytes) -> None:
         await self.conn.write(data)
-        return len(data)
 
     async def read(self, n: int = None) -> bytes:
         return await self.conn.read(n)

libp2p/security/noise/connection.py

@@ -0,0 +1,30 @@
+from libp2p.crypto.keys import PrivateKey
+from libp2p.network.connection.raw_connection_interface import IRawConnection
+from libp2p.peer.id import ID
+from libp2p.security.base_session import BaseSession
+
+
+class NoiseConnection(BaseSession):
+    conn: IRawConnection
+
+    def __init__(
+        self,
+        local_peer: ID,
+        local_private_key: PrivateKey,
+        remote_peer: ID,
+        conn: IRawConnection,
+        is_initiator: bool,
+    ) -> None:
+        super().__init__(local_peer, local_private_key, is_initiator, remote_peer)
+        self.conn = conn
+
+    async def read(self, n: int = None) -> bytes:
+        # TODO: Add decryption logic here
+        return await self.conn.read(n)
+
+    async def write(self, data: bytes) -> None:
+        # TODO: Add encryption logic here
+        await self.conn.write(data)
+
+    async def close(self) -> None:
+        await self.conn.close()

libp2p/security/noise/patterns.py

@@ -0,0 +1,116 @@
+from abc import ABC, abstractmethod
+
+from noise.connection import Keypair as NoiseKeypair
+from noise.connection import NoiseConnection as NoiseState
+
+from libp2p.crypto.keys import PrivateKey
+from libp2p.network.connection.raw_connection_interface import IRawConnection
+from libp2p.peer.id import ID
+from libp2p.security.secure_conn_interface import ISecureConn
+
+from .connection import NoiseConnection
+
+# FIXME: Choose a serious bound number.
+NUM_BYTES_TO_READ = 2048
+
+
+# TODO: Merged into `BasePattern`?
+class PreHandshakeConnection:
+    conn: IRawConnection
+
+    def __init__(self, conn: IRawConnection) -> None:
+        self.conn = conn
+
+    async def write_msg(self, data: bytes) -> None:
+        # TODO:
+        await self.conn.write(data)
+
+    async def read_msg(self) -> bytes:
+        return await self.conn.read(NUM_BYTES_TO_READ)
+
+
+class IPattern(ABC):
+    @abstractmethod
+    async def handshake_inbound(self, conn: IRawConnection) -> ISecureConn:
+        ...
+
+    @abstractmethod
+    async def handshake_outbound(
+        self, conn: IRawConnection, remote_peer: ID
+    ) -> ISecureConn:
+        ...
+
+
+class BasePattern(IPattern):
+    protocol_name: bytes
+    noise_static_key: PrivateKey
+    local_peer: ID
+    libp2p_privkey: PrivateKey
+
+    def create_noise_state(self) -> NoiseState:
+        noise_state = NoiseState.from_name(self.protocol_name)
+        noise_state.set_keypair_from_private_bytes(
+            NoiseKeypair.STATIC, self.noise_static_key.to_bytes()
+        )
+        return noise_state
+
+
+class PatternXX(BasePattern):
+    def __init__(
+        self, local_peer: ID, libp2p_privkey: PrivateKey, noise_static_key: PrivateKey
+    ) -> None:
+        self.protocol_name = b"Noise_XX_25519_ChaChaPoly_SHA256"
+        self.local_peer = local_peer
+        self.libp2p_privkey = libp2p_privkey
+        self.noise_static_key = noise_static_key
+
+    async def handshake_inbound(self, conn: IRawConnection) -> ISecureConn:
+        noise_state = self.create_noise_state()
+        handshake_conn = PreHandshakeConnection(conn)
+        noise_state.set_as_responder()
+        noise_state.start_handshake()
+        msg_0_encrypted = await handshake_conn.read_msg()
+        # TODO: Parse and save the payload from the other side.
+        _ = noise_state.read_message(msg_0_encrypted)
+
+        # TODO: Send our payload.
+        our_payload = b"server"
+        msg_1_encrypted = noise_state.write_message(our_payload)
+        await handshake_conn.write_msg(msg_1_encrypted)
+
+        msg_2_encrypted = await handshake_conn.read_msg()
+        # TODO: Parse and save another payload from the other side.
+        _ = noise_state.read_message(msg_2_encrypted)
+
+        # TODO: Add a specific exception
+        if not noise_state.handshake_finished:
+            raise Exception
+
+        # FIXME: `remote_peer` should be derived from the messages.
+        return NoiseConnection(self.local_peer, self.libp2p_privkey, None, conn, False)
+
+    async def handshake_outbound(
+        self, conn: IRawConnection, remote_peer: ID
+    ) -> ISecureConn:
+        noise_state = self.create_noise_state()
+        handshake_conn = PreHandshakeConnection(conn)
+        noise_state.set_as_initiator()
+        noise_state.start_handshake()
+        msg_0 = noise_state.write_message()
+        await handshake_conn.write_msg(msg_0)
+        msg_1_encrypted = await handshake_conn.read_msg()
+        # TODO: Parse and save the payload from the other side.
+        _ = noise_state.read_message(msg_1_encrypted)
+
+        # TODO: Send our payload.
+        our_payload = b"client"
+        msg_2_encrypted = noise_state.write_message(our_payload)
+        await handshake_conn.write_msg(msg_2_encrypted)
+
+        # TODO: Add a specific exception
+        if not noise_state.handshake_finished:
+            raise Exception
+
+        return NoiseConnection(
+            self.local_peer, self.libp2p_privkey, remote_peer, conn, False
+        )

libp2p/security/noise/pb/noise.proto

@@ -0,0 +1,5 @@
+message NoiseHandshakePayload {
+    optional bytes identity_key = 1;
+    optional bytes identity_sig = 2;
+    optional bytes data         = 3;
+}