protocols/noise: Add NoiseConfig::with_prologue
#2903
Conversation
|
That was surprisingly simple :) |
transports/noise/src/lib.rs
Outdated
| /// Set the noise prologue. | ||
| /// | ||
| /// The prologue can contain arbitrary data and will be hashed into the noise handshake. | ||
| /// For the handshake to succeed, both parties must set the same prologue. | ||
| pub fn with_prologue(&mut self, prologue: Vec<u8>) -> &mut Self { | ||
| self.prologue = prologue; | ||
| self | ||
| } |
There was a problem hiding this comment.
I made this a with_ function instead of exposing it in every constructor because it is often not needed and this way, we can keep the entire prologue functionality hidden from users that just want to use regular noise for their connections.
Having said that, if we agree to merge #2887, then most users don't need to touch NoiseConfig anyway so perhaps it should just be a regular constructor parameter?
transports/noise/src/lib.rs
Outdated
| @@ -185,6 +199,7 @@ where | |||
| let session = self | |||
| .params | |||
| .into_builder() | |||
| .prologue(self.prologue.as_ref()) | |||
There was a problem hiding this comment.
Do I understand correctly that setting no prologue is equal to setting an empty prologue?
There was a problem hiding this comment.
Yes, that is my understanding. The prologue is hashed into the protocol. Appending an empty slice vs appending nothing is not going to change the final hash.
What would you like the test to do? I am not against it but perhaps it would be better to have a test on the WebRTC level where we check that the handshake fails if we provide different certificates. That is the functionality we want. Doing that through the noise prologue is an implementation detail so it can of feels like we'd have a test there anyway, making this one redundant? |
I've tried to create an abstraction in-between that tests that we are passing the prologue on correctly. While doing that, I noticed some code duplication between the various protocols. That got me thinking on why we even support so many handshake types when the specification only mentions a particular one. What do you think of removing the others? |
| .build_responder() | ||
| .map_err(NoiseError::from); | ||
| let config = self.legacy; | ||
| let identity = self.dh_keys.clone().into_identity(); |
There was a problem hiding this comment.
I had to clone the keys here to make the borrow-checker happy. Not ideal but it removes a bit of duplication. I am taking suggestions on how to do it better :)
There was a problem hiding this comment.
How about implementing into_responder on ProtocolParams and not on NoiseConfig?
There was a problem hiding this comment.
We'd have to pass the prologue and keys as an argument then. I guess we can do that :)
There was a problem hiding this comment.
Unfortunately, that doesn't work well with the tests I've written. Passing the prologue in breaks the abstraction layer and the tests will no longer reflect the same usage as the code.
If we decide to merge #2909, more optimizations might be possible!
I am getting the impression that the abstractions within I think it would make sense to simplify this, even if it means there will be a slight duplication between the |
I think this dates back to the initial Noise specification days where it wasn't quite clear yet which handshake pattern to use. I don't have a strong opinion here, though an intuition to keep supporting them. |
|
🙏 test looks good to me. |
There was a problem hiding this comment.
I am fine merging here despite the clone. I doubt this would ever be a performance issue.
Thanks @thomaseizinger for the work. Sorry @melekes for the delay for #2622.
|
Interoperability test failures are due to libp2p/test-plans#41. Merging here. |
Description
Allows users to set the noise prologue of the handshake.
Links to any relevant issues
Open Questions
Change checklist