-
Notifications
You must be signed in to change notification settings - Fork 876
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement secio #33
Implement secio #33
Conversation
|
||
// Custom algorithm translated from reference implementations. Needs to be the same algorithm | ||
// amongst all implementations. | ||
fn stretch_key(key: &SigningKey, result: &mut [u8]) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
seems like something that should be tested (just skimming)
Just realized I had committed some non-secio-related changes. I force-pushed to remove them. |
protoc --rust_out . keys.proto" | ||
|
||
mv -f structs.rs ./src/structs_proto.rs | ||
mv -f keys.rs ./src/keys_proto.rs |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🎉 we should use the same snippet in parity repo!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
neat!
libp2p-secio/src/codec/encode.rs
Outdated
let mut out_buffer = BytesMut::with_capacity(capacity); | ||
// Note: Alternatively to `extend`, we could also call `advance_mut()`, which will add | ||
// uninitialized bytes to the buffer. But that's unsafe. | ||
out_buffer.extend((0..item.len()).map(|_| 0)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
imo, repeat take looks better ;)
out_buffer.extend(repeat(0).take(item.len());
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
According to my (very simplistic) bench, extend_from_slice
is 3× faster than extending from iterator (373±93 ns/iter vs 1,045±18 ns/iter).
Maybe we can use it here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
requires an allocation in this case though
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
libp2p-secio/src/handshake.rs
Outdated
|
||
let future = future::ok::<_, SecioError>(context) | ||
// Generate our nonce. | ||
.and_then(|mut context| { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bad indentation, use tabs
stretch_key(&key1, &mut output); | ||
assert_eq!( | ||
&output, | ||
&[ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for the very bad formatting, but I think the option to fix that in rustfmt doesn't work.
rustfmt
also likes to convert tabs into spaces for some reason, but only at some specific places.
Ready for review!
Successfully tested against both the Go and JS implementations.
Two contentious points that still exist:
The
ring
library doesn't like some stuff inside DER public keys. Therefore I have to remove the 24 first bytes from public keys generated by OpenSSL and sent by remote implementations in order to make it work. This is obviously not a great solution, but writing a DER parser is not a trivial task.Right now this only accepts RSA keys, because the Go and JS implementations only use RSA, despite the fact that the protocol also accepts Ed25519 and Secp256k1.