2019-04-30 15:27:06 +08:00
|
|
|
import asyncio
|
2019-08-01 19:12:11 +08:00
|
|
|
|
2019-08-16 09:36:50 +08:00
|
|
|
from libp2p.crypto.keys import KeyPair
|
2019-08-08 14:24:54 +08:00
|
|
|
from libp2p.network.connection.raw_connection_interface import IRawConnection
|
|
|
|
from libp2p.peer.id import ID
|
2019-08-03 08:41:29 +08:00
|
|
|
from libp2p.security.base_transport import BaseSecureTransport
|
|
|
|
from libp2p.security.insecure.transport import InsecureSession
|
2019-08-03 13:36:19 +08:00
|
|
|
from libp2p.security.secure_conn_interface import ISecureConn
|
2019-08-20 16:42:34 +08:00
|
|
|
from libp2p.transport.exceptions import SecurityUpgradeFailure
|
2019-08-20 18:09:36 +08:00
|
|
|
from libp2p.utils import encode_fixedint_prefixed, read_fixedint_prefixed
|
2019-08-01 19:12:11 +08:00
|
|
|
|
2019-04-30 15:27:06 +08:00
|
|
|
|
2019-08-03 08:41:29 +08:00
|
|
|
class SimpleSecurityTransport(BaseSecureTransport):
|
2019-08-01 19:12:11 +08:00
|
|
|
key_phrase: str
|
|
|
|
|
2019-08-16 09:36:50 +08:00
|
|
|
def __init__(self, local_key_pair: KeyPair, key_phrase: str) -> None:
|
|
|
|
super().__init__(local_key_pair)
|
2019-04-30 15:27:06 +08:00
|
|
|
self.key_phrase = key_phrase
|
2019-05-02 01:54:19 +08:00
|
|
|
|
2019-08-08 14:22:06 +08:00
|
|
|
async def secure_inbound(self, conn: IRawConnection) -> ISecureConn:
|
2019-04-30 15:27:06 +08:00
|
|
|
"""
|
|
|
|
Secure the connection, either locally or by communicating with opposing node via conn,
|
|
|
|
for an inbound connection (i.e. we are not the initiator)
|
|
|
|
:return: secure connection object (that implements secure_conn_interface)
|
|
|
|
"""
|
2019-08-20 18:09:36 +08:00
|
|
|
await conn.write(encode_fixedint_prefixed(self.key_phrase.encode()))
|
|
|
|
incoming = (await read_fixedint_prefixed(conn)).decode()
|
2019-04-30 15:27:06 +08:00
|
|
|
|
|
|
|
if incoming != self.key_phrase:
|
2019-08-20 16:42:34 +08:00
|
|
|
raise SecurityUpgradeFailure(
|
2019-08-14 05:36:42 +08:00
|
|
|
"Key phrase differed between nodes. Expected " + self.key_phrase
|
|
|
|
)
|
2019-04-30 15:27:06 +08:00
|
|
|
|
2019-08-03 08:41:29 +08:00
|
|
|
session = InsecureSession(self, conn, ID(b""))
|
2019-08-20 16:42:34 +08:00
|
|
|
# NOTE: Here we calls `run_handshake` for both sides to exchange their public keys and
|
|
|
|
# peer ids, otherwise tests fail. However, it seems pretty weird that
|
|
|
|
# `SimpleSecurityTransport` sends peer id through `Insecure`.
|
2019-08-17 22:11:08 +08:00
|
|
|
await session.run_handshake()
|
2019-08-03 08:41:29 +08:00
|
|
|
# NOTE: this is abusing the abstraction we have here
|
|
|
|
# but this code may be deprecated soon and this exists
|
|
|
|
# mainly to satisfy a test that will go along w/ it
|
2019-08-22 15:58:10 +08:00
|
|
|
# FIXME: Enable type check back when we can deprecate the simple transport.
|
|
|
|
session.key_phrase = self.key_phrase # type: ignore
|
2019-08-03 08:41:29 +08:00
|
|
|
return session
|
2019-04-30 15:27:06 +08:00
|
|
|
|
2019-08-08 14:22:06 +08:00
|
|
|
async def secure_outbound(self, conn: IRawConnection, peer_id: ID) -> ISecureConn:
|
2019-04-30 15:27:06 +08:00
|
|
|
"""
|
|
|
|
Secure the connection, either locally or by communicating with opposing node via conn,
|
|
|
|
for an inbound connection (i.e. we are the initiator)
|
|
|
|
:return: secure connection object (that implements secure_conn_interface)
|
|
|
|
"""
|
2019-08-20 18:09:36 +08:00
|
|
|
await conn.write(encode_fixedint_prefixed(self.key_phrase.encode()))
|
|
|
|
incoming = (await read_fixedint_prefixed(conn)).decode()
|
2019-04-30 15:27:06 +08:00
|
|
|
|
|
|
|
# Force context switch, as this security transport is built for testing locally
|
|
|
|
# in a single event loop
|
|
|
|
await asyncio.sleep(0)
|
|
|
|
|
|
|
|
if incoming != self.key_phrase:
|
2019-08-20 16:42:34 +08:00
|
|
|
raise SecurityUpgradeFailure(
|
2019-08-14 05:36:42 +08:00
|
|
|
"Key phrase differed between nodes. Expected " + self.key_phrase
|
|
|
|
)
|
2019-04-30 15:27:06 +08:00
|
|
|
|
2019-08-03 08:41:29 +08:00
|
|
|
session = InsecureSession(self, conn, peer_id)
|
2019-08-20 16:42:34 +08:00
|
|
|
# NOTE: Here we calls `run_handshake` for both sides to exchange their public keys and
|
|
|
|
# peer ids, otherwise tests fail. However, it seems pretty weird that
|
|
|
|
# `SimpleSecurityTransport` sends peer id through `Insecure`.
|
2019-08-17 22:11:08 +08:00
|
|
|
await session.run_handshake()
|
2019-08-03 08:41:29 +08:00
|
|
|
# NOTE: this is abusing the abstraction we have here
|
|
|
|
# but this code may be deprecated soon and this exists
|
|
|
|
# mainly to satisfy a test that will go along w/ it
|
2019-08-22 15:58:10 +08:00
|
|
|
# FIXME: Enable type check back when we can deprecate the simple transport.
|
|
|
|
session.key_phrase = self.key_phrase # type: ignore
|
2019-08-03 08:41:29 +08:00
|
|
|
return session
|