mit-dci · Varunram · Nov 21, 2018 · Nov 21, 2018
diff --git a/litrpc/netcmds.go b/litrpc/netcmds.go
@@ -82,7 +82,6 @@ func (r *LitRPC) Connect(args ConnectArgs, reply *ConnectReply) error {
 		// use string as is, try to convert to ln address
 		connectAdr = args.LNAddr
 	}
-
 	err = r.Node.DialPeer(connectAdr)
 	if err != nil {
 		return err

diff --git a/lncore/peers.go b/lncore/peers.go
@@ -22,6 +22,7 @@ type PeerInfo struct {
 	LnAddr   *LnAddr `json:"lnaddr"`
 	Nickname *string `json:"name"`
 	NetAddr  *string `json:"netaddr"` // ip address, port, I guess
+	Pubkey   *string `json:pubkey`
 
 	// TEMP This is again, for adapting to the old system.
 	PeerIdx uint32 `json:"hint_peeridx"`

diff --git a/lndc/conn.go b/lndc/conn.go
@@ -2,6 +2,7 @@ package lndc
 
 import (
 	"bytes"
+	"encoding/hex"
 	"fmt"
 	"io"
 	"math"
@@ -29,15 +30,28 @@ type Conn struct {
 
 // A compile-time assertion to ensure that Conn meets the net.Conn interface.
 var _ net.Conn = (*Conn)(nil)
+var Noise_XK bool
 
 // Dial attempts to establish an encrypted+authenticated connection with the
 // remote peer located at address which has remotePub as its long-term static
 // public key. In the case of a handshake failure, the connection is closed and
 // a non-nil error is returned.
-func Dial(localPriv *koblitz.PrivateKey, ipAddr string, remotePKH string,
+func Dial(localPriv *koblitz.PrivateKey, ipAddr string, remoteAddress string,
 	dialer func(string, string) (net.Conn, error)) (*Conn, error) {
+	var remotePKH string
+	var remotePK [33]byte
+	if remoteAddress[0:3] == "ln1" { // its a remote PKH
+		remotePKH = remoteAddress
+	} else if len(remoteAddress) == 66 { // hex encoded remotePK
+		temp, _ := hex.DecodeString(remoteAddress)
+		copy(remotePK[:], temp)
+		logging.Info("Got remote PK: ", remotePK, " using noise_xk to connect")
+		Noise_XK = true
+		SetConsts()
+	}
 	var conn net.Conn
 	var err error
+
 	conn, err = dialer("tcp", ipAddr)
 	logging.Info("ipAddr is", ipAddr)
 	if err != nil {
@@ -50,7 +64,7 @@ func Dial(localPriv *koblitz.PrivateKey, ipAddr string, remotePKH string,
 	}
 
 	// Initiate the handshake by sending the first act to the receiver.
-	actOne, err := b.noise.GenActOne()
+	actOne, err := b.noise.GenActOne(remotePK)
 	if err != nil {
 		b.conn.Close()
 		return nil, err
@@ -69,22 +83,29 @@ func Dial(localPriv *koblitz.PrivateKey, ipAddr string, remotePKH string,
 	// remotePub), then read the second act after which we'll be able to
 	// send our static public key to the remote peer with strong forward
 	// secrecy.
-	var actTwo [ActTwoSize]byte
+	actTwo := make([]byte, ActTwoSize)
 	if _, err := io.ReadFull(conn, actTwo[:]); err != nil {
 		b.conn.Close()
 		return nil, err
 	}
-	s, err := b.noise.RecvActTwo(actTwo)
-	if err != nil {
-		b.conn.Close()
-		return nil, err
+	if !Noise_XK {
+		remotePK, err = b.noise.RecvActTwo(actTwo)
+		if err != nil {
+			b.conn.Close()
+			return nil, err
+		}
+	} else {
+		if _, err := b.noise.RecvActTwo(actTwo); err != nil {
+			b.conn.Close()
+			return nil, err
+		}
 	}
-
-	logging.Info("Received pubkey", s)
-	if lnutil.LitAdrFromPubkey(s) != remotePKH {
+	logging.Infoln("Received pubkey: ", remotePK)
+	if lnutil.LitAdrFromPubkey(remotePK) != remotePKH && !Noise_XK {
+		// for noise_XK dont check PKH and PK because we'd have already checked this
+		// the last time we connected to this guy
 		return nil, fmt.Errorf("Remote PKH doesn't match. Quitting!")
 	}
-	logging.Infof("Received PKH %s matches", lnutil.LitAdrFromPubkey(s))
 
 	// Finally, complete the handshake by sending over our encrypted static
 	// key and execute the final ECDH operation.

diff --git a/lndc/listener.go b/lndc/listener.go
@@ -8,6 +8,7 @@ import (
 	"time"
 
 	"github.com/mit-dci/lit/crypto/koblitz"
+	"github.com/mit-dci/lit/logging"
 )
 
 // defaultHandshakes is the maximum number of handshakes that can be done in
@@ -115,20 +116,27 @@ func (l *Listener) doHandshake(conn net.Conn) {
 	// Attempt to carry out the first act of the handshake protocol. If the
 	// connecting node doesn't know our long-term static public key, then
 	// this portion will fail with a non-nil error.
-	var actOne [ActOneSize]byte
+	actOne := make([]byte, ActOneSize)
 	if _, err := io.ReadFull(conn, actOne[:]); err != nil {
 		lndcConn.conn.Close()
 		l.rejectConn(err)
 		return
 	}
+
+	if actOne[0] == 0 { // remote node wants to connect via XK
+		HandshakeVersion = byte(0)
+		ActTwoSize = 50
+		logging.Infof("remote node wants to connect via noise_xk")
+	} // no need for else as default covers XX
+
 	if err := lndcConn.noise.RecvActOne(actOne); err != nil {
 		lndcConn.conn.Close()
 		l.rejectConn(err)
 		return
 	}
 	// Next, progress the handshake processes by sending over our ephemeral
 	// key for the session along with an authenticating tag.
-	actTwo, err := lndcConn.noise.GenActTwo()
+	actTwo, err := lndcConn.noise.GenActTwo(HandshakeVersion)
 	if err != nil {
 		lndcConn.conn.Close()
 		l.rejectConn(err)
@@ -154,7 +162,7 @@ func (l *Listener) doHandshake(conn net.Conn) {
 	// Finally, finish the handshake processes by reading and decrypting
 	// the connection peer's static public key. If this succeeds then both
 	// sides have mutually authenticated each other.
-	var actThree [ActThreeSize]byte
+	actThree := make([]byte, ActThreeSize)
 	if _, err := io.ReadFull(conn, actThree[:]); err != nil {
 		lndcConn.conn.Close()
 		l.rejectConn(err)