Skip to content

Commit

Permalink
update to new private network interfaces
Browse files Browse the repository at this point in the history
  • Loading branch information
marten-seemann authored and Stebalien committed Mar 10, 2020
1 parent 77b634b commit 8d2bdfd
Show file tree
Hide file tree
Showing 3 changed files with 188 additions and 36 deletions.
38 changes: 30 additions & 8 deletions core/node/libp2p/pnet.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,14 @@ import (
"fmt"
"time"

"github.com/ipfs/go-ipfs/repo"

"github.com/libp2p/go-libp2p"
host "github.com/libp2p/go-libp2p-core/host"
pnet "github.com/libp2p/go-libp2p-pnet"
"github.com/libp2p/go-libp2p-core/host"
"github.com/libp2p/go-libp2p-core/pnet"
"go.uber.org/fx"

"github.com/ipfs/go-ipfs/repo"
"golang.org/x/crypto/salsa20"
"golang.org/x/crypto/sha3"
)

type PNetFingerprint []byte
Expand All @@ -22,14 +24,14 @@ func PNet(repo repo.Repo) (opts Libp2pOpts, fp PNetFingerprint, err error) {
return opts, nil, err
}

protec, err := pnet.NewProtector(bytes.NewReader(swarmkey))
psk, err := pnet.DecodeV1PSK(bytes.NewReader(swarmkey))
if err != nil {
return opts, nil, fmt.Errorf("failed to configure private network: %s", err)
}
fp = protec.Fingerprint()

opts.Opts = append(opts.Opts, libp2p.PrivateNetwork(protec))
return opts, fp, nil
opts.Opts = append(opts.Opts, libp2p.PrivateNetwork(psk))

return opts, pnetFingerprint(psk), nil
}

func PNetChecker(repo repo.Repo, ph host.Host, lc fx.Lifecycle) error {
Expand Down Expand Up @@ -68,3 +70,23 @@ func PNetChecker(repo repo.Repo, ph host.Host, lc fx.Lifecycle) error {
})
return nil
}

func pnetFingerprint(psk pnet.PSK) []byte {
var pskArr [32]byte
copy(pskArr[:], psk)

enc := make([]byte, 64)
zeros := make([]byte, 64)
out := make([]byte, 16)

// We encrypt data first so we don't feed PSK to hash function.
// Salsa20 function is not reversible thus increasing our security margin.
salsa20.XORKeyStream(enc, zeros, []byte("finprint"), &pskArr)

// Then do Shake-128 hash to reduce its length.
// This way if for some reason Shake is broken and Salsa20 preimage is possible,
// attacker has only half of the bytes necessary to recreate psk.
sha3.ShakeSum128(out, enc)

return out
}
16 changes: 8 additions & 8 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -58,29 +58,28 @@ require (
github.com/jbenet/go-random v0.0.0-20190219211222-123a90aedc0c
github.com/jbenet/go-temp-err-catcher v0.0.0-20150120210811-aac704a3f4f2
github.com/jbenet/goprocess v0.1.3
github.com/libp2p/go-libp2p v0.5.2
github.com/libp2p/go-libp2p v0.5.3-0.20200310003131-9ad477ba8b7a
github.com/libp2p/go-libp2p-autonat-svc v0.1.0
github.com/libp2p/go-libp2p-circuit v0.1.4
github.com/libp2p/go-libp2p-connmgr v0.2.1
github.com/libp2p/go-libp2p-core v0.4.0
github.com/libp2p/go-libp2p-core v0.5.0
github.com/libp2p/go-libp2p-discovery v0.2.0
github.com/libp2p/go-libp2p-http v0.1.4
github.com/libp2p/go-libp2p-kad-dht v0.5.1
github.com/libp2p/go-libp2p-kbucket v0.2.3
github.com/libp2p/go-libp2p-loggables v0.1.0
github.com/libp2p/go-libp2p-mplex v0.2.1
github.com/libp2p/go-libp2p-peerstore v0.1.4
github.com/libp2p/go-libp2p-pnet v0.1.0
github.com/libp2p/go-libp2p-mplex v0.2.2
github.com/libp2p/go-libp2p-peerstore v0.2.0
github.com/libp2p/go-libp2p-pubsub v0.2.6
github.com/libp2p/go-libp2p-pubsub-router v0.2.1
github.com/libp2p/go-libp2p-quic-transport v0.2.3
github.com/libp2p/go-libp2p-quic-transport v0.3.1
github.com/libp2p/go-libp2p-record v0.1.2
github.com/libp2p/go-libp2p-routing-helpers v0.1.0
github.com/libp2p/go-libp2p-secio v0.2.1
github.com/libp2p/go-libp2p-swarm v0.2.2
github.com/libp2p/go-libp2p-testing v0.1.1
github.com/libp2p/go-libp2p-tls v0.1.3
github.com/libp2p/go-libp2p-yamux v0.2.1
github.com/libp2p/go-libp2p-yamux v0.2.2
github.com/libp2p/go-maddr-filter v0.0.5
github.com/libp2p/go-socket-activation v0.0.2
github.com/mattn/go-runewidth v0.0.8 // indirect
Expand All @@ -100,7 +99,8 @@ require (
github.com/whyrusleeping/multiaddr-filter v0.0.0-20160516205228-e903e4adabd7
github.com/whyrusleeping/tar-utils v0.0.0-20180509141711-8c6c8ba81d5c
go.uber.org/fx v1.10.0
golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9
golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae
gopkg.in/cheggaaa/pb.v1 v1.0.28
)

Expand Down
Loading

0 comments on commit 8d2bdfd

Please sign in to comment.