Verify the remote pubkey and peer_id

- Add `from_bytes` in RSAPublicKey and Secp256k1PublicKey - Add `pubkey_from_protobuf` to parse pubkey from protobuf - Verify key and peer_id in `InsecureSession.run_handshake`
2019-08-20 23:54:33 +08:00 · 2019-08-20 23:54:33 +08:00 · 921bfb65cc
commit 921bfb65cc
parent ef476e555b
5 changed files with 62 additions and 6 deletions
--- a/libp2p/crypto/rsa.py
+++ b/libp2p/crypto/rsa.py
@ -11,6 +11,11 @@ class RSAPublicKey(PublicKey):
    def to_bytes(self) -> bytes:
        return self.impl.export_key("DER")

+    @classmethod
+    def from_bytes(cls, key_bytes: bytes) -> "RSAPublicKey":
+        rsakey = RSA.import_key(key_bytes)
+        return cls(rsakey)
+
    def get_type(self) -> KeyType:
        return KeyType.RSA

@ -30,6 +35,11 @@ class RSAPrivateKey(PrivateKey):
    def to_bytes(self) -> bytes:
        return self.impl.export_key("DER")

+    @classmethod
+    def from_bytes(cls, key_bytes: bytes) -> "RSAPrivateKey":
+        rsakey = RSA.import_key(key_bytes)
+        return cls(rsakey)
+
    def get_type(self) -> KeyType:
        return KeyType.RSA

--- a/libp2p/crypto/secp256k1.py
+++ b/libp2p/crypto/secp256k1.py
@ -10,6 +10,11 @@ class Secp256k1PublicKey(PublicKey):
    def to_bytes(self) -> bytes:
        return self.impl.format()

+    @classmethod
+    def from_bytes(cls, key_bytes: bytes) -> "Secp256k1PublicKey":
+        secp256k1_pubkey = coincurve.PublicKey(key_bytes)
+        return cls(secp256k1_pubkey)
+
    def get_type(self) -> KeyType:
        return KeyType.Secp256k1

--- a/libp2p/crypto/utils.py
+++ b/libp2p/crypto/utils.py
@ -0,0 +1,16 @@
+from .keys import PublicKey
+from .pb import crypto_pb2 as protobuf
+from .rsa import RSAPublicKey
+from .secp256k1 import Secp256k1PublicKey
+
+
+def pubkey_from_protobuf(pubkey_pb: protobuf.PublicKey) -> PublicKey:
+    if pubkey_pb.key_type == protobuf.RSA:
+        return RSAPublicKey.from_bytes(pubkey_pb.data)
+    # TODO: Test against secp256k1 keys
+    elif pubkey_pb.key_type == protobuf.Secp256k1:
+        return Secp256k1PublicKey.from_bytes(pubkey_pb.data)
+    else:
+        raise ValueError(
+            f"unsupported key_type={pubkey_pb.key_type}, data={pubkey_pb.data!r}"
+        )
--- a/libp2p/security/base_session.py
+++ b/libp2p/security/base_session.py
@ -13,6 +13,12 @@ class BaseSession(ISecureConn):
    is only meant to be used in clases that derive from it.
    """

+    local_peer: ID
+    local_private_key: PrivateKey
+    conn: IRawConnection
+    remote_peer_id: ID
+    remote_permanent_pubkey: PublicKey
+
    def __init__(
        self, transport: BaseSecureTransport, conn: IRawConnection, peer_id: ID
    ) -> None:
--- a/libp2p/security/insecure/transport.py
+++ b/libp2p/security/insecure/transport.py
@ -1,4 +1,5 @@
 from libp2p.crypto.keys import PublicKey
+from libp2p.crypto.utils import pubkey_from_protobuf
 from libp2p.network.connection.raw_connection_interface import IRawConnection
 from libp2p.peer.id import ID
 from libp2p.security.base_session import BaseSession
@ -23,13 +24,31 @@ class InsecureSession(BaseSession):
        encoded_msg_bytes = encode_fixedint_prefixed(msg_bytes)
        await self.write(encoded_msg_bytes)

-        msg_bytes_other_side = await read_fixedint_prefixed(self.conn)
-        msg_other_side = plaintext_pb2.Exchange()
-        msg_other_side.ParseFromString(msg_bytes_other_side)
+        remote_msg_bytes = await read_fixedint_prefixed(self.conn)
+        remote_msg = plaintext_pb2.Exchange()
+        remote_msg.ParseFromString(remote_msg_bytes)

-        # TODO: Verify public key with peer id
-        # TODO: Store public key
-        self.remote_peer_id = ID(msg_other_side.id)
+        # Verify if the given `pubkey` matches the given `peer_id`
+        try:
+            remote_pubkey = pubkey_from_protobuf(remote_msg.pubkey)
+        except ValueError as error:
+            raise SecurityUpgradeFailure(
+                f"unknown protocol of remote_msg.pubkey={remote_msg.pubkey}"
+            ) from error
+        remote_peer_id = ID(remote_msg.id)
+        remote_peer_id_from_pubkey = ID.from_pubkey(remote_pubkey)
+        if remote_peer_id_from_pubkey != remote_peer_id:
+            raise SecurityUpgradeFailure(
+                "peer id and pubkey from the remote mismatch: "
+                f"remote_peer_id={remote_peer_id}, remote_pubkey={remote_pubkey}, "
+                f"remote_peer_id_from_pubkey={remote_peer_id_from_pubkey}"
+            )
+
+        # Nothing is wrong. Store the `pubkey` and `peer_id` in the session.
+        self.remote_permanent_pubkey = remote_pubkey
+        self.remote_peer_id = ID(remote_msg.id)
+
+        # TODO: Store `pubkey` and `peer_id` to `PeerStore`


 class InsecureTransport(BaseSecureTransport):