From 3e7ffe1d9ed3d274cd5009526221f44556541051 Mon Sep 17 00:00:00 2001 From: Anton Kaliaev Date: Thu, 13 Oct 2022 13:07:37 +0400 Subject: [PATCH] set the Noise prologue in the WebRTC handshake (#2807) Updates https://github.com/paritytech/smoldot/pull/2759 See https://github.com/melekes/rust-libp2p/pull/10 and https://github.com/libp2p/specs/pull/412#discussion_r978398623 Co-authored-by: Pierre Krieger --- src/libp2p/collection/multi_stream.rs | 30 ++++++++++++++++++++++----- 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/src/libp2p/collection/multi_stream.rs b/src/libp2p/collection/multi_stream.rs index 2174a4429f..a10df25a4b 100644 --- a/src/libp2p/collection/multi_stream.rs +++ b/src/libp2p/collection/multi_stream.rs @@ -25,7 +25,7 @@ use super::{ NotificationsOutErr, OverlayNetwork, PeerId, ShutdownCause, SubstreamId, }; -use alloc::{collections::VecDeque, string::ToString as _, sync::Arc}; +use alloc::{collections::VecDeque, string::ToString as _, sync::Arc, vec::Vec}; use core::{ hash::Hash, iter, @@ -140,16 +140,36 @@ where request_response_protocols: Arc<[ConfigRequestResponse]>, ping_protocol: Arc, ) -> Self { - // We only support one kind of handshake at the moment. Make sure (at compile time) that - // the value provided as parameter is indeed the one expected. - let MultiStreamHandshakeKind::WebRtc { .. } = handshake_kind; + // In the WebRTC handshake, the Noise prologue must be set to `"libp2p-webrtc-noise:"` + // followed with the multihash-encoded fingerprints of the initiator's certificate + // and the receiver's certificate. + // TODO: we currently assume that the local node is always the initiator + // See . + let noise_prologue = { + let MultiStreamHandshakeKind::WebRtc { + local_tls_certificate_multihash, + remote_tls_certificate_multihash, + } = handshake_kind; + const PREFIX: &[u8] = b"libp2p-webrtc-noise:"; + let mut out = Vec::with_capacity( + PREFIX.len() + + local_tls_certificate_multihash.len() + + remote_tls_certificate_multihash.len(), + ); + out.extend_from_slice(PREFIX); + // Since smoldot always acts as a client (at least right now), we don't need to change + // the order of fingerprints. + out.extend_from_slice(&local_tls_certificate_multihash); + out.extend_from_slice(&remote_tls_certificate_multihash); + out + }; MultiStreamConnectionTask { connection: MultiStreamConnectionTaskInner::Handshake { handshake: Some(noise::HandshakeInProgress::new(noise::Config { key: &noise_key, is_initiator: true, // TODO: is_initiator? - prologue: &[], // TODO: this prologue isn't correct, WebRTC requires passing certificate fingerprints + prologue: &noise_prologue, })), opened_substream: None, extra_open_substreams: hashbrown::HashMap::with_capacity_and_hasher(