Commit Graph

56 Commits

Author SHA1 Message Date
Brian Meek
374bb62823
update btcec dependency (#247) 2022-04-20 02:00:42 -07:00
Steven Allen
648dc3fba2
feat: harden encoding/decoding functions against panics (#243)
* feat: harden encoding/decoding functions against panics

Part of https://github.com/libp2p/go-libp2p/issues/1389

These kinds of functions:

1. Handle user input.
2. Often have out-of-bounds, null pointer, etc bugs.
3. Have completely isolated logic where local panics are unlikely to
   cause memory corruption elsewhere.

* test: add a panic catcher test
2022-04-18 12:40:37 -07:00
web3-bot
f927693924
sync: update CI config files (#241)
* bump go.mod to Go 1.17 and run go fix

* update .github/workflows/automerge.yml

* update .github/workflows/go-test.yml

* update .github/workflows/go-check.yml

* remove unneeded nil check in ECDSAPublicKey.Verify

Co-authored-by: web3-bot <web3-bot@users.noreply.github.com>
Co-authored-by: Marten Seemann <martenseemann@gmail.com>
2022-04-10 02:38:48 -07:00
Richard Ramos
98db48ef81
generate ecdsa public key from an input public key (#219) 2021-12-01 23:24:12 -08:00
web3-bot
8a10694282
sync: update CI config files (#209)
* bump go.mod to Go 1.16 and run go fix

* run go mod tidy

* run gofmt -s

* update .github/workflows/automerge.yml

* update .github/workflows/go-test.yml

* update .github/workflows/go-check.yml

Co-authored-by: web3-bot <web3-bot@users.noreply.github.com>
2021-08-22 08:55:33 -07:00
Marten Seemann
1262f60147
remove deprecated key stretching struct / function (#203)
This was needed for secio.
2021-07-22 12:28:42 -07:00
Marten Seemann
d28ef6339a
remove deprecated Bytes method from the Key interface (#204) 2021-07-22 12:18:09 -07:00
Marten Seemann
becdceadda
fix benchmark of key verifications (#190) 2021-03-30 16:14:00 -07:00
Marten Seemann
ea8b36912f
fix staticcheck errors (#191)
* run go mod tidy

* omit receiver name if unused

* remove unused type testkey in tests

* fix duplicate import of go-multiaddr

* fix use of deprecated peer.IDB58{Encode,Decode}

* use bytes.Equal instead of bytes.Compare

* fix unnecessary assigments to blank identifier

* use time.Until instead of t.Sub(time.Now())

* fix use of deprecated go-multihash.ID

* add missing error check in envelope test

* fix error check in tests
2021-03-30 16:13:36 -07:00
Vibhav Pant
d3e1a0646b
add functions for converting libp2p keys to stdlib variants (#125) 2020-03-06 09:46:59 +00:00
Yusef Napora
7b2888dfdb
Signed envelopes & routing records (#73)
* add SignedEnvelope type

* use struct for SignedEnvelope instead of exposing protobuf directly

* doc comments for envelopes

* tests for SignedEnvelopes

* add helpers to make routing records for Host

* fix doc comment

* go fmt

* add method to peerstore to retrieve signed routing records

* update to match spec changes

* just use nanoseconds

* use proto3  &  rename fields to match spec changes

* use proto3 for routing records

* make envelope fields private & validate on unmarshal

* use buffer pool for envelope signatures

* tests for RoutingState

* go fmt

* rename Equals -> Equal, add some comments

* use test helpers

* get rid of unsigned RoutingState struct, only expose SignedRoutingState

* rm batching SignedRoutingStates accessor in peerstore

the datastore peerstore implementation doesn't support batched reads, so
it's no more efficient to get a bunch of states at once than it
is to call SignedRoutingState multiple times.

* whitespace

* expose struct fields & remove accessors

* use camelCase in protos for consistency

* use multiformats uvarint for length-prefixes

* remove payloadType check when unmarhaling

* rm stray ref to golang/protobuf

* define CertifiedAddrBook to avoid breaking API change

* add events for updated addresses and routing state

* remove SignedRoutingStateFromHost helper

moving this to go-libp2p

* add routing state records, extend peerstore API

* fix: rebuild protos with new gogofaster generator

* filter private addrs from signed routing records

* envelope: use byte slices from pool; adjust interface.

* move envelope to record package.

* move protobuf files; adjust imports everywhere.

* rename RoutingStateRecord -> PeerRecord

also removes embedded reference to Envelope from the record,
as that was confusing.

as a result, the CertifiedAddrBook now accepts/returns
record.SignedEnvelope instead of a specialized type.

* hoist Seq from PeerRecord to SignedEnvelope

* test that PeerRecords can't be signed by wrong key

* commit go.sum

* add Seq field to envelope signature

* fix proto_path in Makefile

* fix import ordering

* comments for PeerRecord proto message

also removes the seq field from PeerMessage proto,
since it was moved to the SignedEnvelope

* use Record type for envelope payloads

* rename SignedEnvelope -> Envelope, unmarshal payload in ConsumeEnvelope

* return buffer to pool before early return

* doc comments

* rename CertifiedAddrBook methods, update comments

* cache unmarshalled Record payload inside Envelope

* doc comments

* store reflect.Type when registering Record

* Revert "return buffer to pool before early return"

8d8da386f2

misread this - unsigned will be nil if there's an
error, so it was right the way it was

* use a DefaultRecord for unregistered PayloadTypes

instead of returning an error if we don't have a registered
Record for a given PayloadType, we can have a catch-all
DefaultRecord type that just preserves the original payload
as a []byte

* cleanup DefaultRecord code a bit

- removes unused error return from blankRecordForPayloadType
- just references instead of copying in DefaultRecord.UnmarshalRecord
  I figure this is likely safe, since we'll be unmarshalling from the
  payload of an Envelope, which shouldn't get altered after it's
  created.

* use explicit payloadType in MakeEnvelopeWithRecord

* Revert DefaultRecord commits

ae3bc7bdfb
a26c845a76

* doc comments

* move Seq field back to PeerRecord

* make diffs optional in EvtLocalAddressesUpdated

* more envelope tests

* replace MakeEnvelope with record.Seal

also:
- add Domain and Codec fields to Record interface

* fix import

* add interface check

* rename ProcessPeerRecord -> ConsumePeerRecord

also, adds bool `accepted` return value

* rename event field, add doc comment

* peer record protobuf: fix field casing.

* record protobuf: add docs and fix casing.

* cleanup: group imports.

* nit: split test/utils.go => test/{addrs,errors}.go.

Co-authored-by: Raúl Kripalani <raul.kripalani@gmail.com>
2020-02-10 14:53:24 -05:00
Raúl Kripalani
52a4260be5 Introduce routability and protocol events; cache unmarshalled RSA keys (#105)
* event: Add autonat events (#25)

* add events for identify (#26)

* implement caching for rsaKey.Bytes()

* store marshalled protobuf in cache for RsaPublicKey.Bytes()

* fix(crypto): fix build when openssl is enabled

* add godocs to routability events.

Co-authored-by: Łukasz Magiera <magik6k@users.noreply.github.com>
Co-authored-by: Whyrusleeping <why@ipfs.io>
Co-authored-by: Adin Schmahmann <adin.schmahmann@gmail.com>
Co-authored-by: Steven Allen <steven@stebalien.com>
2020-01-16 02:29:26 +01:00
Dmitry Yu Okunev
205fb711b9 Use standard library "crypto/ed25519" 2019-12-06 21:58:31 -05:00
Steven Allen
54a9d30499
Merge pull request #56 from JorikSchellekens/patch-1
Fix documentation missmatch for crypto methods.
2019-12-06 21:50:47 -05:00
Steven Allen
11af061e49 chore(dep): update protobuf 2019-10-28 13:07:54 -07:00
Steven Allen
bf79471ef0 fix(key size): forbid small openssl RSA keys
Also, add a test.
2019-10-21 15:52:27 -07:00
Mike Goelzer
e331ba838c
Comment that KeyStretcher is pre-deprecation 2019-09-30 09:58:09 -07:00
Steven Allen
0c42806002
Merge pull request #59 from adam-hanna/master
adds ability to create keys from crypto.PrivateKey types
2019-09-30 09:23:17 -07:00
Steven Allen
469ed581a0
Merge pull request #48 from libp2p/fix/fallback-cmp
fix: use fallback comparison for ed25519 keys
2019-09-27 15:33:55 -07:00
Steven Allen
c3facda1a2 crypto: use basicEquals for ECDSA
The check was incomplete as it didn't test the curve. This switches us to use
basicEquals (which is also constant-time).

Note: This key type isn't used by anyone in-practice (to the best of my
knowledge).
2019-09-24 10:41:53 -07:00
Steven Allen
d68e65376d crypto: make the ECDSA receiver consistent 2019-09-24 10:41:53 -07:00
Steven Allen
947196bbb7 crypto: use constant time compare when decoding private keys
In practice, this is impossible to exploit without being able to corrupt the
private key which would allow a much simpler guess-and-check attack. However,
it's still a bad practice to compare private key material like this.
2019-09-24 10:40:54 -07:00
adam
2b32a36d90
incorporates code review comments from @raulk; changes KeyPairFromKey to KeyPairFromStdKey and improves godoc. 2019-09-20 23:37:38 -07:00
adam
23811ec09b
fixes typo 2019-09-19 16:24:24 -07:00
adam
316b0af70d
incorporates code review from @Stebalien 2019-09-19 16:21:08 -07:00
adam
0468ff83df
adds ability to create keys from crypto.PrivateKey types 2019-09-19 15:16:52 -07:00
Jorik Schellekens
dd55087854
The docs seem to lie
The docs seem to lie about what these methods do.
This is the naive solution since it's my first day looking
at go but would it be possible to get these methods
to marshal to public or private key correctly by passing
a type to them?
2019-09-04 13:53:57 +01:00
Cole Brown
d50ea9bc1f Ensure all tests pass without weak RSA key flag 2019-08-28 11:34:22 -04:00
bigs
9698a72f45
Merge pull request #31 from libp2p/bug/remove-blowfish-support
Remove support for blowfish
2019-08-06 12:29:59 -04:00
Cole Brown
47983a3ab5 Add test for panic on unknown cipher type 2019-08-06 12:15:40 -04:00
Cole Brown
58281f5c6d Add note about panic to KeyStretcher comments 2019-08-06 11:18:41 -04:00
Steven Allen
1461eb16af fix: use fallback comparison for ed25519 keys 2019-08-01 17:45:55 -07:00
Steven Allen
543dbe6c29 nit: simplify equality check 2019-08-01 16:37:58 -07:00
Steven Allen
963cc997b2 remove non-constant-time private key comparison 2019-08-01 16:37:58 -07:00
Steven Allen
9a4415d1a6 use a fallback basicEquals function everywhere
This also ensures we check that the types are equal, even if we're comparing
directly with `k1.Equals(k2)` instead of `KeyEquals(k1, k2)`.
2019-08-01 16:37:58 -07:00
dignifiedquire
2df9672ee4 use equal method from openssl
uses https://github.com/spacemonkeygo/openssl/pull/126
2019-08-01 16:37:58 -07:00
dignifiedquire
bab5f6dd95 fixup: openssl 2019-08-01 16:37:30 -07:00
dignifiedquire
da42c385fc fix: do not allocate when comparing keys 2019-08-01 16:37:30 -07:00
bigs
a7cc4bffb1
Merge pull request #34 from libp2p/bug/weak-rsa-keys
Raise minimum bits required for RSA key to 2048
2019-08-01 15:28:04 -08:00
Cole Brown
f1175dbc91 Rename constant for weak RSA key environment variable 2019-08-01 19:05:47 -04:00
Cole Brown
d95ff26e5e UNSAFE -> WEAK in RSA key environment variable 2019-08-01 13:57:48 -04:00
Yusef Napora
62b2c6c482
bring back plaintext 2.0.0 with new constructor (#42)
* bring back plaintext 2.0.0 with new constructor

* fix deprecation comment

* rm unused context argument

* only check remote id validity if we actually have keys

* bring back msgio & simultaneous read/write
2019-07-30 16:46:24 -04:00
Cole Brown
0ae8685baf Add defualt case with meaningful panic 2019-07-17 17:34:22 -04:00
Raúl Kripalani
8890e1b22b
Revert "update insecure transport to plaintext/2.0.0 (#37)" (#38)
This reverts commit b5729d89f3.
2019-07-15 00:10:22 +01:00
bigs
1d45af25d9
Merge pull request #33 from libp2p/bug/curve-name
Return error rather than panic in GenerateEKeyPair
2019-07-12 17:32:13 -04:00
Cole Brown
c7c0a1cdf0 Add test for unknown elliptic curves 2019-07-12 17:09:27 -04:00
bigs
c3f7bb216e
Merge pull request #32 from libp2p/bug/key-equality
Replace bytes.Equal -> subtle.ConstantTimeCompare
2019-07-12 16:45:22 -04:00
Cole Brown
652a852edd Use short-circuiting comparisons for public keys 2019-07-12 16:34:29 -04:00
Cole Brown
c817d49d02 Add env flag for allowing unsafe rsa keys in tests 2019-07-12 16:04:56 -04:00
Yusef Napora
b5729d89f3
update insecure transport to plaintext/2.0.0 (#37)
* add plaintext/2.0.0 (with ugly protoc hack)

* gofmt

* gofmt (for real this time)

* add `go_package` option to proto files

* Revert "add `go_package` option to proto files"

5a543a79bd

* less hacky protobuf imports

* add doc comment for PublicKeyFromProto

* clean up handshake

* go fmt, lol

* use network.MessageSizeMax for ggio reader
2019-07-12 13:24:30 -04:00