Revert "update insecure transport to plaintext/2.0.0"

crypto/key.go

@@ -278,44 +278,27 @@ func UnmarshalPublicKey(data []byte) (PubKey, error) {
 	if err != nil {
 		return nil, err
 	}
-	return PublicKeyFromProto(*pmes)
-}
 
-// PublicKeyFromProto converts an unserialized protobuf PublicKey message
-// into its representative object. To convert a serialized public key,
-// see UnmarshalPublicKey.
-func PublicKeyFromProto(keyMessage pb.PublicKey) (PubKey, error) {
-	um, ok := PubKeyUnmarshallers[keyMessage.GetType()]
+	um, ok := PubKeyUnmarshallers[pmes.GetType()]
 	if !ok {
 		return nil, ErrBadKeyType
 	}
 
-	return um(keyMessage.GetData())
+	return um(pmes.GetData())
 }
 
 // MarshalPublicKey converts a public key object into a protobuf serialized
 // public key
 func MarshalPublicKey(k PubKey) ([]byte, error) {
-	pbmes, err := PublicKeyToProto(k)
-	if err != nil {
-		return nil, err
-	}
-
-	return proto.Marshal(pbmes)
-}
-
-// PublicKeyToProto converts a public key object into an unserialized protobuf
-// PublicKey message.
-func PublicKeyToProto(k PubKey) (*pb.PublicKey, error) {
+	pbmes := new(pb.PublicKey)
+	pbmes.Type = k.Type()
 	data, err := k.Raw()
 	if err != nil {
 		return nil, err
 	}
-
-	pbmes := new(pb.PublicKey)
-	pbmes.Type = k.Type()
 	pbmes.Data = data
-	return pbmes, nil
+
+	return proto.Marshal(pbmes)
 }
 
 // UnmarshalPrivateKey converts a protobuf serialized private key into its

go.mod

@@ -7,7 +7,6 @@ require (
 	github.com/ipfs/go-cid v0.0.2
 	github.com/jbenet/goprocess v0.1.3
 	github.com/libp2p/go-flow-metrics v0.0.1
-	github.com/libp2p/go-msgio v0.0.4
 	github.com/minio/sha256-simd v0.1.0
 	github.com/mr-tron/base58 v1.1.2
 	github.com/multiformats/go-multiaddr v0.0.4

go.sum

@@ -51,12 +51,8 @@ github.com/kisielk/gotool v1.0.0 h1:AV2c/EiW3KqPNT9ZKl07ehoAGi4C5/01Cfbblndcapg=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/kkdai/bstream v0.0.0-20161212061736-f391b8402d23 h1:FOOIBWrEkLgmlgGfMuZT83xIwfPDxEI2OHu6xUmJMFE=
 github.com/kkdai/bstream v0.0.0-20161212061736-f391b8402d23/go.mod h1:J+Gs4SYgM6CZQHDETBtE9HaSEkGmuNXF86RwHhHUvq4=
-github.com/libp2p/go-buffer-pool v0.0.1 h1:9Rrn/H46cXjaA2HQ5Y8lyhOS1NhTkZ4yuEs2r3Eechg=
-github.com/libp2p/go-buffer-pool v0.0.1/go.mod h1:xtyIz9PMobb13WaxR6Zo1Pd1zXJKYg0a8KiIvDp3TzQ=
 github.com/libp2p/go-flow-metrics v0.0.1 h1:0gxuFd2GuK7IIP5pKljLwps6TvcuYgvG7Atqi3INF5s=
 github.com/libp2p/go-flow-metrics v0.0.1/go.mod h1:Iv1GH0sG8DtYN3SVJ2eG221wMiNpZxBdp967ls1g+k8=
-github.com/libp2p/go-msgio v0.0.4 h1:agEFehY3zWJFUHK6SEMR7UYmk2z6kC3oeCM7ybLhguA=
-github.com/libp2p/go-msgio v0.0.4/go.mod h1:63lBBgOTDKQL6EWazRMCwXsEeEeK9O2Cd+0+6OOuipQ=
 github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 h1:lYpkrQH5ajf0OXOcUbGjvZxxijuBwbbmlSxLiuofa+g=
 github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ=
 github.com/minio/sha256-simd v0.0.0-20190131020904-2d45a736cd16 h1:5W7KhL8HVF3XCFOweFD3BNESdnO8ewyYTFT2R+/b8FQ=

sec/insecure/insecure.go

@@ -5,172 +5,64 @@ package insecure
 
 import (
 	"context"
-	"fmt"
-	"github.com/libp2p/go-libp2p-core/network"
 	"net"
 
 	"github.com/libp2p/go-libp2p-core/peer"
 	"github.com/libp2p/go-libp2p-core/sec"
 
-	ggio "github.com/gogo/protobuf/io"
 	ci "github.com/libp2p/go-libp2p-core/crypto"
-	pb "github.com/libp2p/go-libp2p-core/sec/insecure/pb"
 )
 
 // ID is the multistream-select protocol ID that should be used when identifying
 // this security transport.
-const ID = "/plaintext/2.0.0"
+const ID = "/plaintext/1.0.0"
 
 // Transport is a no-op stream security transport. It provides no
-// security and simply mocks the security methods. Identity methods
-// return the local peer's ID and private key, and whatever the remote
-// peer presents as their ID and public key.
-// No authentication of the remote identity is performed.
+// security and simply mocks the security and identity methods to
+// return peer IDs known ahead of time.
 type Transport struct {
-	id  peer.ID
-	key ci.PrivKey
+	id peer.ID
 }
 
 // New constructs a new insecure transport.
-func New(id peer.ID, key ci.PrivKey) *Transport {
+func New(id peer.ID) *Transport {
 	return &Transport{
-		id:  id,
-		key: key,
+		id: id,
 	}
 }
 
-// LocalPeer returns the transport's local peer ID.
+// LocalPeer returns the transports local peer ID.
 func (t *Transport) LocalPeer() peer.ID {
 	return t.id
 }
 
-// LocalPrivateKey returns the local private key.
-// This key is used only for identity generation and provides no security.
+// LocalPrivateKey returns nil. This transport is not secure.
 func (t *Transport) LocalPrivateKey() ci.PrivKey {
-	return t.key
+	return nil
 }
 
 // SecureInbound *pretends to secure* an outbound connection to the given peer.
-// It sends the local peer's ID and public key, and receives the same from the remote peer.
-// No validation is performed as to the authenticity or ownership of the provided public key,
-// and the key exchange provides no security.
-//
-// SecureInbound may fail if the remote peer sends an ID and public key that are inconsistent
-// with each other, or if a network error occurs during the ID exchange.
 func (t *Transport) SecureInbound(ctx context.Context, insecure net.Conn) (sec.SecureConn, error) {
-	conn := &Conn{
-		Conn:         insecure,
-		local:        t.id,
-		localPrivKey: t.key,
-	}
-
-	err := conn.runHandshakeSync(ctx)
-	if err != nil {
-		return nil, err
-	}
-
-	return conn, nil
+	return &Conn{
+		Conn:  insecure,
+		local: t.id,
+	}, nil
 }
 
 // SecureOutbound *pretends to secure* an outbound connection to the given peer.
-// It sends the local peer's ID and public key, and receives the same from the remote peer.
-// No validation is performed as to the authenticity or ownership of the provided public key,
-// and the key exchange provides no security.
-//
-// SecureOutbound may fail if the remote peer sends an ID and public key that are inconsistent
-// with each other, or if the ID sent by the remote peer does not match the one dialed. It may
-// also fail if a network error occurs during the ID exchange.
 func (t *Transport) SecureOutbound(ctx context.Context, insecure net.Conn, p peer.ID) (sec.SecureConn, error) {
-	conn := &Conn{
-		Conn:         insecure,
-		local:        t.id,
-		localPrivKey: t.key,
-	}
-
-	err := conn.runHandshakeSync(ctx)
-	if err != nil {
-		return nil, err
-	}
-
-	if p != conn.remote {
-		return nil, fmt.Errorf("remote peer sent unexpected peer ID. expected=%s received=%s",
-			p, conn.remote)
-	}
-
-	return conn, nil
+	return &Conn{
+		Conn:   insecure,
+		local:  t.id,
+		remote: p,
+	}, nil
 }
 
 // Conn is the connection type returned by the insecure transport.
 type Conn struct {
 	net.Conn
-
 	local  peer.ID
 	remote peer.ID
-
-	localPrivKey ci.PrivKey
-	remotePubKey ci.PubKey
-}
-
-func makeExchangeMessage(privkey ci.PrivKey) (*pb.Exchange, error) {
-	pubkey, err := ci.PublicKeyToProto(privkey.GetPublic())
-	if err != nil {
-		return nil, err
-	}
-	id, err := peer.IDFromPrivateKey(privkey)
-	if err != nil {
-		return nil, err
-	}
-
-	return &pb.Exchange{
-		Id:     []byte(id),
-		Pubkey: pubkey,
-	}, nil
-}
-
-func (ic *Conn) runHandshakeSync(ctx context.Context) error {
-	reader := ggio.NewDelimitedReader(ic.Conn, network.MessageSizeMax)
-	writer := ggio.NewDelimitedWriter(ic.Conn)
-
-	// Generate an Exchange message
-	msg, err := makeExchangeMessage(ic.localPrivKey)
-	if err != nil {
-		return err
-	}
-
-	// Send our Exchange and read theirs
-	err = writer.WriteMsg(msg)
-	if err != nil {
-		return err
-	}
-
-	remoteMsg := new(pb.Exchange)
-	err = reader.ReadMsg(remoteMsg)
-	if err != nil {
-		return err
-	}
-
-	// Pull remote ID and public key from message
-	remotePubkey, err := ci.PublicKeyFromProto(*remoteMsg.Pubkey)
-	if err != nil {
-		return err
-	}
-
-	remoteID, err := peer.IDFromPublicKey(remotePubkey)
-	if err != nil {
-		return err
-	}
-
-	// Validate that ID matches public key
-	if !remoteID.MatchesPublicKey(remotePubkey) {
-		calculatedID, _ := peer.IDFromPublicKey(remotePubkey)
-		return fmt.Errorf("remote peer id does not match public key. id=%s calculated_id=%s",
-			remoteID, calculatedID)
-	}
-
-	// Add remote ID and key to conn state
-	ic.remotePubKey = remotePubkey
-	ic.remote = remoteID
-	return nil
 }
 
 // LocalPeer returns the local peer ID.
@@ -184,15 +76,14 @@ func (ic *Conn) RemotePeer() peer.ID {
 	return ic.remote
 }
 
-// RemotePublicKey returns whatever public key was given by the remote peer.
-// Note that no verification of ownership is done, as this connection is not secure.
+// RemotePublicKey returns nil. This connection is not secure
 func (ic *Conn) RemotePublicKey() ci.PubKey {
-	return ic.remotePubKey
+	return nil
 }
 
-// LocalPrivateKey returns the private key for the local peer.
+// LocalPrivateKey returns nil. This connection is not secure.
 func (ic *Conn) LocalPrivateKey() ci.PrivKey {
-	return ic.localPrivKey
+	return nil
 }
 
 var _ sec.SecureTransport = (*Transport)(nil)