From 5e5c96f1ea2fdf35b0c10b06166304afd0e2b7e9 Mon Sep 17 00:00:00 2001 From: NIC619 Date: Thu, 17 Oct 2019 14:29:58 +0800 Subject: [PATCH 1/8] Add `DecryptionFailedException` MsgioException --- libp2p/io/exceptions.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libp2p/io/exceptions.py b/libp2p/io/exceptions.py index b8e4e01..e49ac2d 100644 --- a/libp2p/io/exceptions.py +++ b/libp2p/io/exceptions.py @@ -21,3 +21,6 @@ class MissingLengthException(MsgioException): class MissingMessageException(MsgioException): pass + +class DecryptionFailedException(MsgioException): + pass From 29bf623d2cb030ca19b7408fc345a4f9d336a68d Mon Sep 17 00:00:00 2001 From: NIC619 Date: Thu, 17 Oct 2019 14:30:30 +0800 Subject: [PATCH 2/8] Raise `DecryptionFailedException` when failed to decrypt read msg --- libp2p/security/secio/transport.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/libp2p/security/secio/transport.py b/libp2p/security/secio/transport.py index e1aa022..7950446 100644 --- a/libp2p/security/secio/transport.py +++ b/libp2p/security/secio/transport.py @@ -4,6 +4,7 @@ import itertools from typing import Optional, Tuple import multihash +from crypto.authenticated_encryption import InvalidMACException from libp2p.crypto.authenticated_encryption import ( EncryptionParameters as AuthenticatedEncryptionParameters, @@ -16,7 +17,7 @@ from libp2p.crypto.ecc import ECCPublicKey from libp2p.crypto.key_exchange import create_ephemeral_key_pair from libp2p.crypto.keys import PrivateKey, PublicKey from libp2p.crypto.serialization import deserialize_public_key -from libp2p.io.exceptions import IOException +from libp2p.io.exceptions import DecryptionFailedException, IOException from libp2p.io.msgio import MsgIOReadWriter from libp2p.network.connection.raw_connection_interface import IRawConnection from libp2p.peer.id import ID as PeerID @@ -122,7 +123,11 @@ class SecureSession(BaseSession): async def read_msg(self) -> bytes: msg = await self.conn.read_msg() - return self.remote_encrypter.decrypt_if_valid(msg) + try: + decrypted_msg = self.remote_encrypter.decrypt_if_valid(msg) + except InvalidMACException: + raise DecryptionFailedException + return decrypted_msg async def write(self, data: bytes) -> int: await self.write_msg(data) From da08d37c38a4533ea77de803280be4caffe61682 Mon Sep 17 00:00:00 2001 From: NIC619 Date: Thu, 17 Oct 2019 15:03:18 +0800 Subject: [PATCH 3/8] Add `SedesException` SecioException --- libp2p/security/secio/exceptions.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libp2p/security/secio/exceptions.py b/libp2p/security/secio/exceptions.py index c03fda4..d86ce3b 100644 --- a/libp2p/security/secio/exceptions.py +++ b/libp2p/security/secio/exceptions.py @@ -28,3 +28,7 @@ class IncompatibleChoices(SecioException): class InconsistentNonce(SecioException): pass + + +class SedesException(SecioException): + pass From 49bd460e3787f6dcf75ad6a54db67dd9485efe52 Mon Sep 17 00:00:00 2001 From: NIC619 Date: Thu, 17 Oct 2019 15:19:39 +0800 Subject: [PATCH 4/8] Catch `SedesException` in `deserialize_public_key` --- libp2p/security/insecure/transport.py | 3 +++ libp2p/security/secio/transport.py | 7 ++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/libp2p/security/insecure/transport.py b/libp2p/security/insecure/transport.py index 81e7047..5f6ea91 100644 --- a/libp2p/security/insecure/transport.py +++ b/libp2p/security/insecure/transport.py @@ -1,5 +1,6 @@ from typing import Optional +from libp2p.crypto.exceptions import MissingDeserializerError from libp2p.crypto.keys import PrivateKey, PublicKey from libp2p.crypto.pb import crypto_pb2 from libp2p.crypto.serialization import deserialize_public_key @@ -82,6 +83,8 @@ class InsecureSession(BaseSession): raise HandshakeFailure( f"unknown `key_type` of remote_msg.pubkey={remote_msg.pubkey}" ) + except MissingDeserializerError as error: + raise HandshakeFailure(error) peer_id_from_received_pubkey = ID.from_pubkey(received_pubkey) if peer_id_from_received_pubkey != received_peer_id: raise HandshakeFailure( diff --git a/libp2p/security/secio/transport.py b/libp2p/security/secio/transport.py index 7950446..f3e3fde 100644 --- a/libp2p/security/secio/transport.py +++ b/libp2p/security/secio/transport.py @@ -14,6 +14,7 @@ from libp2p.crypto.authenticated_encryption import ( ) from libp2p.crypto.authenticated_encryption import MacAndCipher as Encrypter from libp2p.crypto.ecc import ECCPublicKey +from libp2p.crypto.exceptions import MissingDeserializerError from libp2p.crypto.key_exchange import create_ephemeral_key_pair from libp2p.crypto.keys import PrivateKey, PublicKey from libp2p.crypto.serialization import deserialize_public_key @@ -31,6 +32,7 @@ from .exceptions import ( InvalidSignatureOnExchange, PeerMismatchException, SecioException, + SedesException, SelfEncryption, ) from .pb.spipe_pb2 import Exchange, Propose @@ -168,7 +170,10 @@ class Proposal: nonce = protobuf.rand public_key_protobuf_bytes = protobuf.public_key - public_key = deserialize_public_key(public_key_protobuf_bytes) + try: + public_key = deserialize_public_key(public_key_protobuf_bytes) + except MissingDeserializerError as error: + raise SedesException(error) exchanges = protobuf.exchanges ciphers = protobuf.ciphers hashes = protobuf.hashes From 5063f0e2a6b41d31d15b573aacf672693e3dad9f Mon Sep 17 00:00:00 2001 From: NIC619 Date: Thu, 17 Oct 2019 15:34:11 +0800 Subject: [PATCH 5/8] Fix lint --- libp2p/crypto/ed25519.py | 4 ++-- libp2p/io/exceptions.py | 1 + libp2p/security/secio/transport.py | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/libp2p/crypto/ed25519.py b/libp2p/crypto/ed25519.py index 11a1668..cde2641 100644 --- a/libp2p/crypto/ed25519.py +++ b/libp2p/crypto/ed25519.py @@ -1,12 +1,12 @@ from Crypto.Hash import SHA256 + +from libp2p.crypto.keys import KeyPair, KeyType, PrivateKey, PublicKey from nacl.exceptions import BadSignatureError from nacl.public import PrivateKey as PrivateKeyImpl from nacl.public import PublicKey as PublicKeyImpl from nacl.signing import SigningKey, VerifyKey import nacl.utils as utils -from libp2p.crypto.keys import KeyPair, KeyType, PrivateKey, PublicKey - class Ed25519PublicKey(PublicKey): def __init__(self, impl: PublicKeyImpl) -> None: diff --git a/libp2p/io/exceptions.py b/libp2p/io/exceptions.py index e49ac2d..d4e1dfa 100644 --- a/libp2p/io/exceptions.py +++ b/libp2p/io/exceptions.py @@ -22,5 +22,6 @@ class MissingLengthException(MsgioException): class MissingMessageException(MsgioException): pass + class DecryptionFailedException(MsgioException): pass diff --git a/libp2p/security/secio/transport.py b/libp2p/security/secio/transport.py index f3e3fde..3667e7b 100644 --- a/libp2p/security/secio/transport.py +++ b/libp2p/security/secio/transport.py @@ -3,8 +3,8 @@ import io import itertools from typing import Optional, Tuple -import multihash from crypto.authenticated_encryption import InvalidMACException +import multihash from libp2p.crypto.authenticated_encryption import ( EncryptionParameters as AuthenticatedEncryptionParameters, From 211e2f6dd0a320100542033c2526e194d8f67c6f Mon Sep 17 00:00:00 2001 From: NIC619 Date: Thu, 17 Oct 2019 15:52:57 +0800 Subject: [PATCH 6/8] Catch `PeerDataError` in `PeerStore.get` --- libp2p/peer/peerstore.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/libp2p/peer/peerstore.py b/libp2p/peer/peerstore.py index c1eae37..a416c47 100644 --- a/libp2p/peer/peerstore.py +++ b/libp2p/peer/peerstore.py @@ -3,7 +3,7 @@ from typing import Any, Dict, List, Optional, Sequence from multiaddr import Multiaddr from .id import ID -from .peerdata import PeerData +from .peerdata import PeerData, PeerDataError from .peerinfo import PeerInfo from .peerstore_interface import IPeerStore @@ -54,7 +54,10 @@ class PeerStore(IPeerStore): def get(self, peer_id: ID, key: str) -> Any: if peer_id in self.peer_map: - val = self.peer_map[peer_id].get_metadata(key) + try: + val = self.peer_map[peer_id].get_metadata(key) + except PeerDataError as error: + raise PeerStoreError(error) return val raise PeerStoreError("peer ID not found") From 9889cb8ab14f3974a7d795a1767cadfa977b6db5 Mon Sep 17 00:00:00 2001 From: NIC619 Date: Fri, 18 Oct 2019 15:44:07 +0800 Subject: [PATCH 7/8] Fix wrong import --- libp2p/crypto/ed25519.py | 4 ++-- libp2p/security/secio/transport.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/libp2p/crypto/ed25519.py b/libp2p/crypto/ed25519.py index cde2641..11a1668 100644 --- a/libp2p/crypto/ed25519.py +++ b/libp2p/crypto/ed25519.py @@ -1,12 +1,12 @@ from Crypto.Hash import SHA256 - -from libp2p.crypto.keys import KeyPair, KeyType, PrivateKey, PublicKey from nacl.exceptions import BadSignatureError from nacl.public import PrivateKey as PrivateKeyImpl from nacl.public import PublicKey as PublicKeyImpl from nacl.signing import SigningKey, VerifyKey import nacl.utils as utils +from libp2p.crypto.keys import KeyPair, KeyType, PrivateKey, PublicKey + class Ed25519PublicKey(PublicKey): def __init__(self, impl: PublicKeyImpl) -> None: diff --git a/libp2p/security/secio/transport.py b/libp2p/security/secio/transport.py index 3667e7b..bd86251 100644 --- a/libp2p/security/secio/transport.py +++ b/libp2p/security/secio/transport.py @@ -3,7 +3,6 @@ import io import itertools from typing import Optional, Tuple -from crypto.authenticated_encryption import InvalidMACException import multihash from libp2p.crypto.authenticated_encryption import ( @@ -12,6 +11,7 @@ from libp2p.crypto.authenticated_encryption import ( from libp2p.crypto.authenticated_encryption import ( initialize_pair as initialize_pair_for_encryption, ) +from libp2p.crypto.authenticated_encryption import InvalidMACException from libp2p.crypto.authenticated_encryption import MacAndCipher as Encrypter from libp2p.crypto.ecc import ECCPublicKey from libp2p.crypto.exceptions import MissingDeserializerError From d52b093286c9b4c33b26bb9d4af9ee5a24e52c71 Mon Sep 17 00:00:00 2001 From: NIC619 Date: Fri, 18 Oct 2019 15:59:35 +0800 Subject: [PATCH 8/8] Fix mypy error --- libp2p/stream_muxer/mplex/mplex_stream.py | 2 +- libp2p/utils.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/libp2p/stream_muxer/mplex/mplex_stream.py b/libp2p/stream_muxer/mplex/mplex_stream.py index 7cc0564..8db4212 100644 --- a/libp2p/stream_muxer/mplex/mplex_stream.py +++ b/libp2p/stream_muxer/mplex/mplex_stream.py @@ -146,7 +146,7 @@ class MplexStream(IMuxedStream): :return: number of bytes written """ if self.event_local_closed.is_set(): - raise MplexStreamClosed(f"cannot write to closed stream: data={data}") + raise MplexStreamClosed(f"cannot write to closed stream: data={data!r}") flag = ( HeaderTags.MessageInitiator if self.is_initiator diff --git a/libp2p/utils.py b/libp2p/utils.py index 39c79e5..aeb7ae3 100644 --- a/libp2p/utils.py +++ b/libp2p/utils.py @@ -77,7 +77,7 @@ async def read_delim(reader: Reader) -> bytes: raise ParseError(f"`len(msg_bytes)` should not be 0") if msg_bytes[-1:] != b"\n": raise ParseError( - f'`msg_bytes` is not delimited by b"\\n": `msg_bytes`={msg_bytes}' + f'`msg_bytes` is not delimited by b"\\n": `msg_bytes`={msg_bytes!r}' ) return msg_bytes[:-1]