Implement secio #33
Implement secio #33
Conversation
|
|
||
| // Custom algorithm translated from reference implementations. Needs to be the same algorithm | ||
| // amongst all implementations. | ||
| fn stretch_key(key: &SigningKey, result: &mut [u8]) { |
There was a problem hiding this comment.
seems like something that should be tested (just skimming)
|
Just realized I had committed some non-secio-related changes. I force-pushed to remove them. |
| protoc --rust_out . keys.proto" | ||
|
|
||
| mv -f structs.rs ./src/structs_proto.rs | ||
| mv -f keys.rs ./src/keys_proto.rs |
There was a problem hiding this comment.
🎉 we should use the same snippet in parity repo!
libp2p-secio/src/codec/encode.rs
Outdated
| let mut out_buffer = BytesMut::with_capacity(capacity); | ||
| // Note: Alternatively to `extend`, we could also call `advance_mut()`, which will add | ||
| // uninitialized bytes to the buffer. But that's unsafe. | ||
| out_buffer.extend((0..item.len()).map(|_| 0)); |
There was a problem hiding this comment.
imo, repeat take looks better ;)
out_buffer.extend(repeat(0).take(item.len());
There was a problem hiding this comment.
According to my (very simplistic) bench, extend_from_slice is 3× faster than extending from iterator (373±93 ns/iter vs 1,045±18 ns/iter).
Maybe we can use it here?
There was a problem hiding this comment.
requires an allocation in this case though
libp2p-secio/src/handshake.rs
Outdated
|
|
||
| let future = future::ok::<_, SecioError>(context) | ||
| // Generate our nonce. | ||
| .and_then(|mut context| { |
| stretch_key(&key1, &mut output); | ||
| assert_eq!( | ||
| &output, | ||
| &[ |
There was a problem hiding this comment.
Sorry for the very bad formatting, but I think the option to fix that in rustfmt doesn't work.
rustfmt also likes to convert tabs into spaces for some reason, but only at some specific places.
Ready for review!
Successfully tested against both the Go and JS implementations.
Two contentious points that still exist:
The
ringlibrary doesn't like some stuff inside DER public keys. Therefore I have to remove the 24 first bytes from public keys generated by OpenSSL and sent by remote implementations in order to make it work. This is obviously not a great solution, but writing a DER parser is not a trivial task.Right now this only accepts RSA keys, because the Go and JS implementations only use RSA, despite the fact that the protocol also accepts Ed25519 and Secp256k1.