Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(noise): add Noise Handshake processing and after-handshake encryption #934

Merged
merged 17 commits into from
Jun 3, 2022
Merged

feat(noise): add Noise Handshake processing and after-handshake encryption #934

merged 17 commits into from
Jun 3, 2022

Conversation

s1fr0
Copy link
Contributor

@s1fr0 s1fr0 commented Apr 1, 2022

This PR introduces data structures and procedures required to execute Noise Handshakes between Waku users according to Noise specification.

Specifically, it adds:

  • Generic processing of handshake pre-message and message patterns (processPreMessagePatternTokens, processMessagePatternPayload, processMessagePatternTokens). To add support to a new handshake, it suffices to add its definition in NoiseHandshakePatterns and add for it a new protocol ID in PayloadV2ProtocolIDs;
  • Generic 1 step handshake advancement (stepHandshake): given current user's state, processes the next handshake message.
  • Handshake finalization and symmetric state split (finalizeHandshake);
  • Procedures for after-handshake inbound/outbound symmetric encryption (writeMessage, readMessage);
  • Some tests for each supported handshake.

This PR extends #933 (which in turn extends #932, #931 and #930) and completes all the non-optional points of #881.

@status-im-auto
Copy link
Collaborator

status-im-auto commented Apr 1, 2022
edited
Loading

Jenkins Builds

Click to see older builds (8)
Commit #️⃣ Finished (UTC) Duration Platform Result
✔️ 8787149 #1 2022-04-01 19:42:21 ~19 min macos 📦bin
✔️ 8787149 #1 2022-04-01 19:43:29 ~20 min linux 📦bin
✔️ 36c4584 #2 2022-04-04 13:20:18 ~17 min linux 📦bin
✔️ 36c4584 #2 2022-04-04 13:23:30 ~20 min macos 📦bin
78fcdb1 #3 2022-05-14 16:20:16 ~33 min macos 📄log
✔️ 78fcdb1 #4 2022-05-16 17:08:23 ~24 min macos 📦bin
✔️ 5985790 #5 2022-05-20 16:05:42 ~18 min macos 📦bin
✔️ c35bd2f #6 2022-05-24 04:03:28 ~16 min macos 📦bin
Commit #️⃣ Finished (UTC) Duration Platform Result
f96d671 #7 2022-05-26 04:03:52 ~16 min macos 📄log
f96d671 #8 2022-05-27 21:39:31 ~1 min macos 📄log
✔️ f96d671 #9 2022-06-01 03:53:19 ~16 min macos 📦bin
✔️ 68a3911 #10 2022-06-03 04:05:23 ~18 min macos 📦bin

@s1fr0 s1fr0 marked this pull request as draft April 7, 2022 07:55
This was referenced Apr 10, 2022
Closed
Merged
@s1fr0 s1fr0 removed the request for review from oskarth May 20, 2022 15:08
@s1fr0 s1fr0 marked this pull request as ready for review May 20, 2022 17:36
@s1fr0
Copy link
Contributor Author

s1fr0 commented May 20, 2022

@staheri14 @jm-clius @kaiserd ready for review! Thanks!

jm-clius
jm-clius reviewed May 23, 2022
View reviewed changes
waku/v2/protocol/waku_noise/noise.nim

#################################
## Utilities
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a very long module. Any way this can be split up? noise_utils.nim, noise_types.nim, noise.nim could be a start, although the latter could perhaps be modularised even more between e.g. noise_state_machine.nim and noise_handshakes.nim.

Copy link
Contributor Author

@s1fr0 s1fr0 May 25, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jm-clius @staheri14 After internal discussion, we decided to not proceed (at the moment) with the split of the module in smaller submodules. Reasons for this include:

  • the necessity to make the majority of object private fields public;
  • most of already merged code will appear in the PR diff, thus making identifying and reviewing new parts difficult.

After all Noise features are implemented and merged, we can proceed with splitting the module in smaller submodules. By that time we might support already import foo {.all.} directive, that will ease such refactoring.

WIP PR for splitting the current Noise module in submodules: #979

@s1fr0 s1fr0 mentioned this pull request May 25, 2022
Merged
@s1fr0 s1fr0 requested a review from jm-clius May 27, 2022 21:37
jm-clius
jm-clius approved these changes May 30, 2022
View reviewed changes
Copy link
Contributor

@jm-clius jm-clius left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM :) Really good work.

staheri14
staheri14 reviewed May 31, 2022
View reviewed changes
Copy link
Contributor

@staheri14 staheri14 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good job! I have added some comments mostly covering what we have discussed in our 1:1 (just as a placeholder).

tests/v2/test_waku_noise.nim
@@ -321,7 +320,7 @@ procSuite "Waku Noise":
########################################

# We generate random input key material and we execute mixKey
var inputKeyMaterial = randomChaChaPolyKey(rng[])
var inputKeyMaterial = randomSeqByte(rng[], rand(1..128))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why this change? what has been the issue with the randomChaChaPolyKey proc?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, this was a bug coming from libp2p noise implementation, where it is still present. Input key material can be arbitrary input and not a only a ChaChaPolyKey.

waku/v2/protocol/waku_noise/noise.nim Outdated Show resolved Hide resolved
tests/v2/test_waku_noise.nim Outdated Show resolved Hide resolved
tests/v2/test_waku_noise.nim Outdated Show resolved Hide resolved
waku/v2/protocol/waku_noise/noise.nim Show resolved Hide resolved
tests/v2/test_waku_noise.nim Show resolved Hide resolved
waku/v2/protocol/waku_noise/noise.nim Outdated Show resolved Hide resolved
@staheri14
Copy link
Contributor

Also, the macOS CI checks are failing. @s1fr0

s1fr0 added a commit that referenced this pull request Jun 2, 2022
@s1fr0
fix(noise): update from #934
ecb3f53
staheri14
staheri14 approved these changes Jun 3, 2022
View reviewed changes
Copy link
Contributor

@staheri14 staheri14 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@s1fr0 s1fr0 merged commit c259f4c into master Jun 3, 2022
@s1fr0 s1fr0 deleted the noise-handshake-processing branch June 3, 2022 19:12
kaiserd added a commit that referenced this pull request Jun 7, 2022
@kaiserd
Merge remote-tracking branch 'origin/feat/sql-store' into feat/sql-store
3c04d3d 
* origin/feat/sql-store:
  feat(noise): add Noise Handshake processing and after-handshake encryption (#934)
  chore: update submodules (#987)
@s1fr0 s1fr0 added the track:conversational-security Conversational security track (Secure Messaging) label Jul 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jm-clius jm-clius jm-clius approved these changes

@staheri14 staheri14 staheri14 approved these changes

@kaiserd kaiserd Awaiting requested review from kaiserd

Assignees
No one assigned
Labels
track:conversational-security Conversational security track (Secure Messaging)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@s1fr0 @status-im-auto @staheri14 @jm-clius