-
Notifications
You must be signed in to change notification settings - Fork 448
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add support for message signing
BREAKING CHANGE: as .publish should now sign messages (via _buildMessage) it now requires a callback since signing is async. This also adds an options param to the pubsub constructor to allow for disabling signing. While this change shouldnt break things upstream, implementations need to be sure to call _buildMessage for each message they will publish.
- Loading branch information
Showing
8 changed files
with
170 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
'use strict' | ||
|
||
const { Message } = require('./index') | ||
const SignPrefix = Buffer.from('libp2p-pubsub:') | ||
|
||
module.exports.SignPrefix = SignPrefix | ||
|
||
/** | ||
* Signs the provided message with the given `peerId` | ||
* | ||
* @param {PeerId} peerId | ||
* @param {Message} message | ||
* @param {function(Error, Message)} callback | ||
* @returns {void} | ||
*/ | ||
module.exports.signMessage = function (peerId, message, callback) { | ||
// Get the message in bytes, and prepend with the pubsub prefix | ||
const bytes = Buffer.concat([ | ||
SignPrefix, | ||
Message.encode(message) | ||
]) | ||
|
||
// Sign the bytes with the private key | ||
peerId.privKey.sign(bytes, (err, signature) => { | ||
if (err) return callback(err) | ||
|
||
callback(null, { | ||
...message, | ||
signature: signature, | ||
key: peerId.pubKey.bytes | ||
}) | ||
}) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
/* eslint-env mocha */ | ||
/* eslint max-nested-callbacks: ["error", 5] */ | ||
'use strict' | ||
|
||
const chai = require('chai') | ||
chai.use(require('dirty-chai')) | ||
const expect = chai.expect | ||
|
||
const { Message } = require('../src/message') | ||
const { signMessage, SignPrefix } = require('../src/message/sign') | ||
const PeerId = require('peer-id') | ||
const { randomSeqno } = require('../src/utils') | ||
|
||
describe('message signing', () => { | ||
let peerId | ||
before((done) => { | ||
peerId = PeerId.create({ | ||
bits: 1024 | ||
}, (err, id) => { | ||
peerId = id | ||
done(err) | ||
}) | ||
}) | ||
|
||
it('should be able to sign a message', (done) => { | ||
const message = { | ||
from: 'QmABC', | ||
data: 'hello', | ||
seqno: randomSeqno(), | ||
topicIDs: ['test-topic'] | ||
} | ||
|
||
const bytesToSign = Buffer.concat([SignPrefix, Message.encode(message)]) | ||
|
||
peerId.privKey.sign(bytesToSign, (err, expectedSignature) => { | ||
if (err) return done(err) | ||
|
||
signMessage(peerId, message, (err, signedMessage) => { | ||
if (err) return done(err) | ||
|
||
// Check the signature and public key | ||
expect(signedMessage.signature).to.eql(expectedSignature) | ||
expect(signedMessage.key).to.eql(peerId.pubKey.bytes) | ||
|
||
// Verify the signature | ||
peerId.pubKey.verify(bytesToSign, signedMessage.signature, (err, verified) => { | ||
expect(verified).to.eql(true) | ||
done(err) | ||
}) | ||
}) | ||
}) | ||
}) | ||
}) |