libp2p/go-libp2p-core
1
0
Fork 0
mirror of https://github.com/libp2p/go-libp2p-core.git synced 2024-12-26 23:30:27 +08:00
Code Issues Projects Releases Wiki Activity
287 Commits 76 Branches 54 Tags 1.3 MiB
2dc986f623
Commit Graph

287 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Steven Allen
bf79471ef0 fix(key size): forbid small openssl RSA keys 
Also, add a test.
 2019-10-21 15:52:27 -07:00
Wes Morgan
69fe90d32d
Update golang.org/x/crypto to latest version 
There was a breaking change in the previous version that has since been
reverted.
 2019-10-17 11:20:42 -06:00
Steven Allen
0bdeee6376 ci: bump to go 1.12 2019-10-02 08:45:34 -07:00
Steven Allen
dc718fa4da feat: support encoding/decoding peer IDs as CIDs _in text_ 2019-10-02 08:45:33 -07:00
Steven Allen
2f75277a8d
Merge pull request #62 from libp2p/mgoelzer-keystretcher-comment 
Comment that KeyStretcher() is pending deprecation
 2019-09-30 10:08:43 -07:00
Mike Goelzer
e331ba838c
Comment that KeyStretcher is pre-deprecation 2019-09-30 09:58:09 -07:00
Steven Allen
0c42806002
Merge pull request #59 from adam-hanna/master 
adds ability to create keys from crypto.PrivateKey types
 2019-09-30 09:23:17 -07:00
Steven Allen
469ed581a0
Merge pull request #48 from libp2p/fix/fallback-cmp 
fix: use fallback comparison for ed25519 keys
 2019-09-27 15:33:55 -07:00
Steven Allen
26b960839d
Merge pull request #61 from libp2p/dep/update 
chore(dep): update deps
 2019-09-25 11:24:15 -07:00
Steven Allen
ac53ea6aa0 chore(dep): update deps 
* Update gogo protobuf to 1.3.0
* Update go-multiaddr to move protocol definitions _into_ go-multiaddr itself.
* update opencensus to 0.22.1
* update golang.org/x/crypto
* update sha256-simd to fix webasm build.
* update btcd (used by sekp keys)
 2019-09-25 11:12:15 -07:00
Steven Allen
e0ae17a661
Merge pull request #60 from libp2p/fix/constant-time-compare 
crypto: improve key comparison logic
 2019-09-25 10:41:26 -07:00
Steven Allen
c3facda1a2 crypto: use basicEquals for ECDSA 
The check was incomplete as it didn't test the curve. This switches us to use
basicEquals (which is also constant-time).

Note: This key type isn't used by anyone in-practice (to the best of my
knowledge).
 2019-09-24 10:41:53 -07:00
Steven Allen
d68e65376d crypto: make the ECDSA receiver consistent 2019-09-24 10:41:53 -07:00
Steven Allen
947196bbb7 crypto: use constant time compare when decoding private keys 
In practice, this is impossible to exploit without being able to corrupt the
private key which would allow a much simpler guess-and-check attack. However,
it's still a bad practice to compare private key material like this.
 2019-09-24 10:40:54 -07:00
Steven Allen
3b4a4b474f mod: require go 1.12 2019-09-24 10:31:44 -07:00
adam
2b32a36d90
incorporates code review comments from @raulk; changes KeyPairFromKey to KeyPairFromStdKey and improves godoc. 2019-09-20 23:37:38 -07:00
adam
23811ec09b
fixes typo 2019-09-19 16:24:24 -07:00
adam
316b0af70d
incorporates code review from @Stebalien 2019-09-19 16:21:08 -07:00
adam
0468ff83df
adds ability to create keys from crypto.PrivateKey types 2019-09-19 15:16:52 -07:00
Jorik Schellekens
dd55087854
The docs seem to lie 
The docs seem to lie about what these methods do.
This is the naive solution since it's my first day looking
at go but would it be possible to get these methods
to marshal to public or private key correctly by passing
a type to them?
 2019-09-04 13:53:57 +01:00
Steven Allen
b74f60b9cc
Merge pull request #55 from libp2p/bug/rsa-key-test-failure 
Ensure all tests pass without weak RSA key flag
 2019-08-28 09:05:45 -07:00
Cole Brown
961a767ba5 Remove weak RSA flag from CI 2019-08-28 11:35:23 -04:00
Cole Brown
d50ea9bc1f Ensure all tests pass without weak RSA key flag 2019-08-28 11:34:22 -04:00
Kevin Mai-Husan Chia
cd824a7045
Get remoteID from pb message 2019-08-23 12:31:04 +08:00
Steven Allen
f61804b905
Merge pull request #50 from ralexstokes/use-clearer-multihash-code 
Compare multihash `Code` to `IDENTITY` when extracting public key
 2019-08-14 14:58:53 -07:00
Alex Stokes
e6f5a2cbcc
Uses v0.0.7 of go-multihash that includes the correct symbol 2019-08-14 14:51:45 -07:00
Alex Stokes
686c1736fd
Compare multihash Code to IDENTITY when extracting public key 
This PR is a non-substantive change with the goal of making this method
`ExtractPublicKey` from a `peer.ID` clearer to the reader. This goal is
accomplished by using the full name of the identity hash code `IDENTITY` instead
of the deprecated `ID` code. This change makes its clearer to the reader that
there is a trivial way to compute the public key given the digest. Without this
change it is easy to confuse `ID` with a concept relating to peer IDs (and thus
implying this function somehow computes a hash pre-image to get the
corrresponding public key.
 2019-08-14 14:27:04 -07:00
bigs
d204016fc6
Merge pull request #45 from libp2p/feat/event-bus-signature 
Return error in Emit
 2019-08-06 16:32:28 -04:00
Cole Brown
baf7d1a4e3 Return error in Emit 2019-08-06 12:55:08 -04:00
bigs
9698a72f45
Merge pull request #31 from libp2p/bug/remove-blowfish-support 
Remove support for blowfish
 2019-08-06 12:29:59 -04:00
Cole Brown
47983a3ab5 Add test for panic on unknown cipher type 2019-08-06 12:15:40 -04:00
Cole Brown
58281f5c6d Add note about panic to KeyStretcher comments 2019-08-06 11:18:41 -04:00
Steven Allen
1461eb16af fix: use fallback comparison for ed25519 keys 2019-08-01 17:45:55 -07:00
Steven Allen
33faefebfc
Merge pull request #46 from libp2p/feat/cherry-pick-stabalize 
cherry-pick key optimizations from stabilize
 2019-08-01 17:30:46 -07:00
Steven Allen
b47dbc0e29 dep: update go-openssl 
Add freebsd/openbsd openssl support.
 2019-08-01 16:42:13 -07:00
Steven Allen
1e3fcd96e1 dep: add back missing go.sum lines 2019-08-01 16:37:58 -07:00
Steven Allen
543dbe6c29 nit: simplify equality check 2019-08-01 16:37:58 -07:00
Steven Allen
963cc997b2 remove non-constant-time private key comparison 2019-08-01 16:37:58 -07:00
Steven Allen
9a4415d1a6 use a fallback basicEquals function everywhere 
This also ensures we check that the types are equal, even if we're comparing
directly with `k1.Equals(k2)` instead of `KeyEquals(k1, k2)`.
 2019-08-01 16:37:58 -07:00
dignifiedquire
2df9672ee4 use equal method from openssl 
uses https://github.com/spacemonkeygo/openssl/pull/126
 2019-08-01 16:37:58 -07:00
dignifiedquire
bab5f6dd95 fixup: openssl 2019-08-01 16:37:30 -07:00
dignifiedquire
da42c385fc fix: do not allocate when comparing keys 2019-08-01 16:37:30 -07:00
Steven Allen
3390f7d16d
Merge pull request #47 from libp2p/fix/go-mod-tidy 
chore: tidy
 2019-08-01 16:37:17 -07:00
Steven Allen
35e24d3b6b chore: tidy 2019-08-01 16:36:54 -07:00
bigs
a7cc4bffb1
Merge pull request #34 from libp2p/bug/weak-rsa-keys 
Raise minimum bits required for RSA key to 2048
 2019-08-01 15:28:04 -08:00
Cole Brown
f1175dbc91 Rename constant for weak RSA key environment variable 2019-08-01 19:05:47 -04:00
Cole Brown
d95ff26e5e UNSAFE -> WEAK in RSA key environment variable 2019-08-01 13:57:48 -04:00
Yusef Napora
62b2c6c482
bring back plaintext 2.0.0 with new constructor (#42) 
* bring back plaintext 2.0.0 with new constructor

* fix deprecation comment

* rm unused context argument

* only check remote id validity if we actually have keys

* bring back msgio & simultaneous read/write
 2019-07-30 16:46:24 -04:00
Steven Allen
be90519893
Merge pull request #44 from libp2p/fix/43 
avoid duplicate randomly generated keys/peer-ids
 2019-07-25 10:10:45 -07:00
Jakub Sztandera
f9ca60b486 Add compat check (#40) 
License: MIT
Signed-off-by: Jakub Sztandera <kubuxu@protonmail.ch>
 2019-07-25 15:51:06 +01:00