New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[network, crypto] Compressed serialization, key conversions and message signing #1129
Conversation
51cca1a
to
92f77d1
Compare
92f77d1
to
64ded2e
Compare
Codecov Report
@@ Coverage Diff @@
## master #1129 +/- ##
==========================================
+ Coverage 53.11% 53.30% +0.18%
==========================================
Files 323 323
Lines 21857 21928 +71
==========================================
+ Hits 11610 11688 +78
+ Misses 8667 8648 -19
- Partials 1580 1592 +12
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
|
abb4a80
to
7fd970e
Compare
7fd970e
to
173f71f
Compare
fadabd0
to
4907ea0
Compare
crypto/bls.go
Outdated
|
||
// decodePublicKeyCompressed decodes a slice of bytes into a public key. | ||
// This function includes a membership check in G2 and rejects the infinity point. | ||
func (a *blsBLS12381Algo) decodePublicKeyCompressed(publicKeyBytes []byte) (PublicKey, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This might be a bit misleading because the default choice is made here. This means we can enable an uncompressed setting while function's name is still ..Compressed
.
I suggest we just keep decodePublicKey
.
We could decide in the future to either:
- remove the possibility to have uncompressed settings entirely.
- support both compression formats dynamically.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK. I inverted the delegation made by the compressed functions in 1dd2bf7 Note that the coherence check on Encode
is a bit fugly.
In the PR summary, I think we can also remove the line below since it hasn't been addressed yet.
|
case lcrypto_pb.KeyType_ECDSA: | ||
pubB, err := lpk.Raw() | ||
if err != nil { | ||
return nil, lcrypto.ErrBadKeyType |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe making more distinct error types helps to spot the issue upon happening, i.e., this error type is the same as the next case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This error and the next will not actually happen: I'm marshalling the key material and then reinterpreting it as bytes using the underlying x509 library manually, because libp2p deprecated its Bytes
function. This is just bypassing lack of access to private members.
Message signing and verification is re-activated in the commit titled "[network] re-activate message signing & verification", included in this PR. |
cc18b84
to
cb9aef6
Compare
My bad, I missed the change! Thanks |
Looks good to me, but will leave to @tarakby to more closely review the crypto changes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for adding the compressed form to the interface 🏄
This will allow us to perform identity checks for e.g. matching protocol-level identities to the proven network-level IDs
ensure signerIDs are populated in pubSub tests
- check for parametrization of compression
as existing DecodeCompressed implementations already check for validity
a08b3c7
to
d1e58f6
Compare
1138: skip connecting to invalid identities in the identity table and log error instead of fatal r=vishalchangrani a=vishalchangrani Found one more place where it was `log.fatal` on a bad identity. 1163: [network] Check the OriginID of a libp2p message corresponds to its authenticated source r=huitseeker a=huitseeker Contributes to #1115. Follow-up of #1129. Edit: there was no problem with the integration tests, 🤦 However, TestMiddlewareTestSuit/TestUnsubscribe is still flaky based on the delay in the last step (sending the message once a mesh has formed). But it is problematic on master, see [[1]](https://github.com/onflow/flow-go/runs/3357056741) [[2]](https://github.com/onflow/flow-go/runs/3356508175), so this is not relevant to this PR per se. Co-authored-by: Vishal <1117327+vishalchangrani@users.noreply.github.com> Co-authored-by: François Garillot <francois.garillot@dapperlabs.com>
1028: adding secure-rpc-addr to access node systemd file r=vishalchangrani a=vishalchangrani 1163: [network] Check the OriginID of a libp2p message corresponds to its authenticated source r=huitseeker a=huitseeker Contributes to #1115. Follow-up of #1129. Edit: there was no problem with the integration tests, 🤦 However, TestMiddlewareTestSuit/TestUnsubscribe is still flaky based on the delay in the last step (sending the message once a mesh has formed). But it is problematic on master, see [[1]](https://github.com/onflow/flow-go/runs/3357056741) [[2]](https://github.com/onflow/flow-go/runs/3356508175), so this is not relevant to this PR per se. Co-authored-by: vishal <1117327+vishalchangrani@users.noreply.github.com> Co-authored-by: Simon Zhu <simon.zsiyan@gmail.com> Co-authored-by: Vishal <1117327+vishalchangrani@users.noreply.github.com> Co-authored-by: François Garillot <francois.garillot@dapperlabs.com>
1028: adding secure-rpc-addr to access node systemd file r=vishalchangrani a=vishalchangrani 1163: [network] Check the OriginID of a libp2p message corresponds to its authenticated source r=huitseeker a=huitseeker Contributes to #1115. Follow-up of #1129. Edit: there was no problem with the integration tests, 🤦 However, TestMiddlewareTestSuit/TestUnsubscribe is still flaky based on the delay in the last step (sending the message once a mesh has formed). But it is problematic on master, see [[1]](https://github.com/onflow/flow-go/runs/3357056741) [[2]](https://github.com/onflow/flow-go/runs/3356508175), so this is not relevant to this PR per se. Co-authored-by: vishal <1117327+vishalchangrani@users.noreply.github.com> Co-authored-by: Simon Zhu <simon.zsiyan@gmail.com> Co-authored-by: Vishal <1117327+vishalchangrani@users.noreply.github.com> Co-authored-by: François Garillot <francois.garillot@dapperlabs.com>
1163: [network] Check the OriginID of a libp2p message corresponds to its authenticated source r=huitseeker a=huitseeker Contributes to #1115. Follow-up of #1129. Edit: there was no problem with the integration tests, 🤦 However, TestMiddlewareTestSuit/TestUnsubscribe is still flaky based on the delay in the last step (sending the message once a mesh has formed). But it is problematic on master, see [[1]](https://github.com/onflow/flow-go/runs/3357056741) [[2]](https://github.com/onflow/flow-go/runs/3356508175), so this is not relevant to this PR per se. Co-authored-by: François Garillot <francois.garillot@dapperlabs.com>
1163: [network] Check the OriginID of a libp2p message corresponds to its authenticated source r=huitseeker a=huitseeker Contributes to #1115. Follow-up of #1129. Edit: there was no problem with the integration tests, 🤦 However, TestMiddlewareTestSuit/TestUnsubscribe is still flaky based on the delay in the last step (sending the message once a mesh has formed). But it is problematic on master, see [[1]](https://github.com/onflow/flow-go/runs/3357056741) [[2]](https://github.com/onflow/flow-go/runs/3356508175), so this is not relevant to this PR per se. Co-authored-by: François Garillot <francois.garillot@dapperlabs.com>
1180: [bootstrap] Key Generation for Unstaked Access Nodes r=huitseeker a=huitseeker This introduces a generator for the unstaked Access Nodes, which by convention only have positive secp256k1 keys. The keys in question have a specific format (positive ECDSA Secp256k1 keys) because: - they are meant to serve ephemeral nodes, - allow a bijection between flow.NodeID, flow.NetworkPublicKey, libp2p.PeerID, libp2p.PublicKey - hence allowing us to only retain the minimum amount of information for these nodes. For this bijection, see #1165 and #1129. This is to be used in a bootstrap of the unstaked Access Node post #1133. For now, having this in master allows the direct bootstrapping of network in tests by creating suitable libp2p peers. Co-authored-by: François Garillot <francois.garillot@dapperlabs.com>
This:
crypto.PublicKey
.checks the OriginID contained in a message with respect to the (now cryptographically-verified) libp2p source, closes [Network] Verify originID against libp2p ID #1115Edit: Splitting this in 2 PRs, to work on the concurrency issues w/ @vishalchangrani : this is the straightwforward crypto PR that will go easier