diff --git a/packages/connection-encrypter-plaintext/src/index.ts b/packages/connection-encrypter-plaintext/src/index.ts index 8b286535a0..85f00c5588 100644 --- a/packages/connection-encrypter-plaintext/src/index.ts +++ b/packages/connection-encrypter-plaintext/src/index.ts @@ -31,6 +31,7 @@ import type { Uint8ArrayList } from 'uint8arraylist' const PROTOCOL = '/plaintext/2.0.0' export interface PlaintextComponents { + peerId: PeerId logger: ComponentLogger } @@ -44,20 +45,22 @@ export interface PlaintextInit { class Plaintext implements ConnectionEncrypter { public protocol: string = PROTOCOL + private readonly peerId: PeerId private readonly log: Logger private readonly timeout: number constructor (components: PlaintextComponents, init: PlaintextInit = {}) { + this.peerId = components.peerId this.log = components.logger.forComponent('libp2p:plaintext') this.timeout = init.timeout ?? 1000 } - async secureInbound > = MultiaddrConnection> (localId: PeerId, conn: Stream, remoteId?: PeerId): Promise> { - return this._encrypt(localId, conn, remoteId) + async secureInbound > = MultiaddrConnection> (conn: Stream, remoteId?: PeerId): Promise> { + return this._encrypt(this.peerId, conn, remoteId) } - async secureOutbound > = MultiaddrConnection> (localId: PeerId, conn: Stream, remoteId?: PeerId): Promise> { - return this._encrypt(localId, conn, remoteId) + async secureOutbound > = MultiaddrConnection> (conn: Stream, remoteId?: PeerId): Promise> { + return this._encrypt(this.peerId, conn, remoteId) } /** diff --git a/packages/connection-encrypter-plaintext/test/index.spec.ts b/packages/connection-encrypter-plaintext/test/index.spec.ts index e564e64e87..0f7536d382 100644 --- a/packages/connection-encrypter-plaintext/test/index.spec.ts +++ b/packages/connection-encrypter-plaintext/test/index.spec.ts @@ -19,6 +19,7 @@ describe('plaintext', () => { let remotePeer: PeerId let wrongPeer: PeerId let encrypter: ConnectionEncrypter + let encrypterRemote: ConnectionEncrypter beforeEach(async () => { [localPeer, remotePeer, wrongPeer] = await Promise.all([ @@ -28,6 +29,11 @@ describe('plaintext', () => { ]) encrypter = plaintext()({ + peerId: localPeer, + logger: defaultLogger() + }) + encrypterRemote = plaintext()({ + peerId: remotePeer, logger: defaultLogger() }) }) @@ -46,8 +52,8 @@ describe('plaintext', () => { }) await Promise.all([ - encrypter.secureInbound(remotePeer, inbound), - encrypter.secureOutbound(localPeer, outbound, wrongPeer) + encrypterRemote.secureInbound(inbound), + encrypter.secureOutbound(outbound, wrongPeer) ]).then(() => expect.fail('should have failed'), (err) => { expect(err).to.exist() expect(err).to.have.property('code', UnexpectedPeerError.code) @@ -67,8 +73,8 @@ describe('plaintext', () => { }) await expect(Promise.all([ - encrypter.secureInbound(localPeer, inbound), - encrypter.secureOutbound(remotePeer, outbound, localPeer) + encrypter.secureInbound(inbound), + encrypterRemote.secureOutbound(outbound, localPeer) ])) .to.eventually.be.rejected.with.property('code', InvalidCryptoExchangeError.code) }) diff --git a/packages/interface-compliance-tests/src/connection-encryption/index.ts b/packages/interface-compliance-tests/src/connection-encryption/index.ts index 625cfb6c1d..8261d84b20 100644 --- a/packages/interface-compliance-tests/src/connection-encryption/index.ts +++ b/packages/interface-compliance-tests/src/connection-encryption/index.ts @@ -12,6 +12,7 @@ import type { ConnectionEncrypter, PeerId } from '@libp2p/interface' export default (common: TestSetup): void => { describe('interface-connection-encrypter compliance tests', () => { let crypto: ConnectionEncrypter + let cryptoRemote: ConnectionEncrypter let localPeer: PeerId let remotePeer: PeerId let mitmPeer: PeerId @@ -19,11 +20,13 @@ export default (common: TestSetup): void => { before(async () => { [ crypto, + cryptoRemote, localPeer, remotePeer, mitmPeer ] = await Promise.all([ common.setup(), + common.setup({ peerId: PeerIdFactory.createFromJSON(peers[1]) }), PeerIdFactory.createFromJSON(peers[0]), PeerIdFactory.createFromJSON(peers[1]), PeerIdFactory.createFromJSON(peers[2]) @@ -46,8 +49,8 @@ export default (common: TestSetup): void => { inboundResult, outboundResult ] = await Promise.all([ - crypto.secureInbound(remotePeer, localConn), - crypto.secureOutbound(localPeer, remoteConn, remotePeer) + cryptoRemote.secureInbound(localConn), + crypto.secureOutbound(remoteConn, remotePeer) ]) // Echo server @@ -73,8 +76,8 @@ export default (common: TestSetup): void => { inboundResult, outboundResult ] = await Promise.all([ - crypto.secureInbound(remotePeer, localConn), - crypto.secureOutbound(localPeer, remoteConn, remotePeer) + cryptoRemote.secureInbound(localConn), + crypto.secureOutbound(remoteConn, remotePeer) ]) // Inbound should return the initiator (local) peer @@ -87,8 +90,8 @@ export default (common: TestSetup): void => { const [localConn, remoteConn] = createMaConnPair() await Promise.all([ - crypto.secureInbound(remotePeer, localConn, mitmPeer), - crypto.secureOutbound(localPeer, remoteConn, remotePeer) + cryptoRemote.secureInbound(localConn, mitmPeer), + crypto.secureOutbound(remoteConn, remotePeer) ]).then(() => expect.fail(), (err) => { expect(err).to.exist() expect(err).to.have.property('code', UnexpectedPeerError.code) diff --git a/packages/interface/src/connection-encrypter/index.ts b/packages/interface/src/connection-encrypter/index.ts index 8b2aac4729..40e85919e4 100644 --- a/packages/interface/src/connection-encrypter/index.ts +++ b/packages/interface/src/connection-encrypter/index.ts @@ -15,14 +15,14 @@ export interface ConnectionEncrypter { * pass it for extra verification, otherwise it will be determined during * the handshake. */ - secureOutbound > = MultiaddrConnection> (localPeer: PeerId, connection: Stream, remotePeer?: PeerId): Promise> + secureOutbound > = MultiaddrConnection> (connection: Stream, remotePeer?: PeerId): Promise> /** * Decrypt incoming data. If the remote PeerId is known, * pass it for extra verification, otherwise it will be determined during * the handshake */ - secureInbound > = MultiaddrConnection> (localPeer: PeerId, connection: Stream, remotePeer?: PeerId): Promise> + secureInbound > = MultiaddrConnection> (connection: Stream, remotePeer?: PeerId): Promise> } export interface SecuredConnection { diff --git a/packages/libp2p/src/upgrader.ts b/packages/libp2p/src/upgrader.ts index 0c15295af3..32ce9955aa 100644 --- a/packages/libp2p/src/upgrader.ts +++ b/packages/libp2p/src/upgrader.ts @@ -637,7 +637,7 @@ export class DefaultUpgrader implements Upgrader { connection.log('encrypting inbound connection using', protocol) return { - ...await encrypter.secureInbound(this.components.peerId, stream), + ...await encrypter.secureInbound(stream), protocol } } catch (err: any) { @@ -673,7 +673,7 @@ export class DefaultUpgrader implements Upgrader { connection.log('encrypting outbound connection to %p using %p', remotePeerId) return { - ...await encrypter.secureOutbound(this.components.peerId, stream, remotePeerId), + ...await encrypter.secureOutbound(stream, remotePeerId), protocol } } catch (err: any) { diff --git a/packages/transport-webtransport/src/index.ts b/packages/transport-webtransport/src/index.ts index 7f2446687e..6ede9e916c 100644 --- a/packages/transport-webtransport/src/index.ts +++ b/packages/transport-webtransport/src/index.ts @@ -82,10 +82,6 @@ class WebTransportTransport implements Transport { options?.signal?.throwIfAborted() this.log('dialing %s', ma) - const localPeer = this.components.peerId - if (localPeer === undefined) { - throw new Error('Need a local peerid') - } options = options ?? {} @@ -167,7 +163,7 @@ class WebTransportTransport implements Transport { cleanUpWTSession('remote_close') }) - if (!await this.authenticateWebTransport(wt, localPeer, remotePeer, certhashes)) { + if (!await this.authenticateWebTransport(wt, remotePeer, certhashes)) { throw new Error('Failed to authenticate webtransport') } @@ -213,7 +209,7 @@ class WebTransportTransport implements Transport { } } - async authenticateWebTransport (wt: InstanceType, localPeer: PeerId, remotePeer: PeerId, certhashes: Array>): Promise { + async authenticateWebTransport (wt: InstanceType, remotePeer: PeerId, certhashes: Array>): Promise { const stream = await wt.createBidirectionalStream() const writer = stream.writable.getWriter() const reader = stream.readable.getReader() @@ -246,7 +242,7 @@ class WebTransportTransport implements Transport { const n = noise()(this.components) - const { remoteExtensions } = await n.secureOutbound(localPeer, duplex, remotePeer) + const { remoteExtensions } = await n.secureOutbound(duplex, remotePeer) // We're done with this authentication stream writer.close().catch((err: Error) => {