From b34d72b4f5c2c2d2be9feba37b680abfcd8a11e9 Mon Sep 17 00:00:00 2001 From: Tiger Date: Sat, 23 May 2020 17:31:48 +0530 Subject: [PATCH 1/2] add support for openssl Signed-off-by: Tiger --- conn.go | 9 ++- crypto.go | 102 +++++++++---------------- go.mod | 4 + go.sum | 17 +++++ identity.go | 126 +++++++++++++++++++++++++++++++ openssl.go | 185 ++++++++++++++++++++++++++++++++++++++++++++++ transport.go | 25 ++++--- transport_test.go | 16 +++- 8 files changed, 401 insertions(+), 83 deletions(-) create mode 100644 identity.go create mode 100644 openssl.go diff --git a/conn.go b/conn.go index cf32fa4..689e385 100644 --- a/conn.go +++ b/conn.go @@ -1,15 +1,20 @@ package libp2ptls import ( - "crypto/tls" + "net" ci "github.com/libp2p/go-libp2p-core/crypto" "github.com/libp2p/go-libp2p-core/peer" "github.com/libp2p/go-libp2p-core/sec" ) +type handshakeConn interface { + net.Conn + Handshake() error +} + type conn struct { - *tls.Conn + net.Conn localPeer peer.ID privKey ci.PrivKey diff --git a/crypto.go b/crypto.go index e6d6d5f..002686a 100644 --- a/crypto.go +++ b/crypto.go @@ -1,16 +1,15 @@ +// +build !openssl + package libp2ptls import ( - "crypto/ecdsa" - "crypto/elliptic" "crypto/rand" "crypto/tls" "crypto/x509" "crypto/x509/pkix" - "encoding/asn1" "errors" "fmt" - "math/big" + "net" "time" "golang.org/x/sys/cpu" @@ -19,20 +18,10 @@ import ( "github.com/libp2p/go-libp2p-core/peer" ) -const certValidityPeriod = 100 * 365 * 24 * time.Hour // ~100 years -const certificatePrefix = "libp2p-tls-handshake:" -const alpn string = "libp2p" - -var extensionID = getPrefixedExtensionID([]int{1, 1}) - -type signedKey struct { - PubKey []byte - Signature []byte -} - // Identity is used to secure connections type Identity struct { - config tls.Config + config tls.Config + privateKey ic.PrivKey } // NewIdentity creates a new identity @@ -57,6 +46,25 @@ func NewIdentity(privKey ic.PrivKey) (*Identity, error) { }, nil } +func newIdentity(sk ic.PrivKey) (identity, error) { + return NewIdentity(sk) +} + +// CreateServerConn creates server connection to do the tls handshake. +func (i *Identity) CreateServerConn(insecure net.Conn) (handshakeConn, <-chan ic.PubKey, error) { + config, keyCh := i.ConfigForAny() + conn := tls.Server(insecure, config) + return conn, keyCh, nil +} + +// CreateClientConn creates client connection to do the tls handshake. +func (i *Identity) CreateClientConn(insecure net.Conn, remote peer.ID) (handshakeConn, + <-chan ic.PubKey, error) { + config, keyCh := i.ConfigForPeer(remote) + conn := tls.Client(insecure, config) + return conn, keyCh, nil +} + // ConfigForAny is a short-hand for ConfigForPeer(""). func (i *Identity) ConfigForAny() (*tls.Config, <-chan ic.PubKey) { return i.ConfigForPeer("") @@ -92,12 +100,9 @@ func (i *Identity) ConfigForPeer(remote peer.ID) (*tls.Config, <-chan ic.PubKey) if err != nil { return err } - if remote != "" && !remote.MatchesPublicKey(pubKey) { - peerID, err := peer.IDFromPublicKey(pubKey) - if err != nil { - peerID = peer.ID(fmt.Sprintf("(not determined: %s)", err.Error())) - } - return fmt.Errorf("peer IDs don't match: expected %s, got %s", remote, peerID) + err = validateRemote(pubKey, remote) + if err != nil { + return err } keyCh <- pubKey return nil @@ -132,74 +137,37 @@ func PubKeyFromCertChain(chain []*x509.Certificate) (ic.PubKey, error) { if !found { return nil, errors.New("expected certificate to contain the key extension") } - var sk signedKey - if _, err := asn1.Unmarshal(keyExt.Value, &sk); err != nil { - return nil, fmt.Errorf("unmarshalling signed certificate failed: %s", err) - } - pubKey, err := ic.UnmarshalPublicKey(sk.PubKey) - if err != nil { - return nil, fmt.Errorf("unmarshalling public key failed: %s", err) - } + certKeyPub, err := x509.MarshalPKIXPublicKey(cert.PublicKey) if err != nil { return nil, err } - valid, err := pubKey.Verify(append([]byte(certificatePrefix), certKeyPub...), sk.Signature) - if err != nil { - return nil, fmt.Errorf("signature verification failed: %s", err) - } - if !valid { - return nil, errors.New("signature invalid") - } - return pubKey, nil + return unmarshalExtenstionPublicKey(keyExt.Value, certKeyPub) } func keyToCertificate(sk ic.PrivKey) (*tls.Certificate, error) { - certKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + config, err := newCertificateConfig(sk) if err != nil { return nil, err } - keyBytes, err := ic.MarshalPublicKey(sk.GetPublic()) - if err != nil { - return nil, err - } - certKeyPub, err := x509.MarshalPKIXPublicKey(certKey.Public()) - if err != nil { - return nil, err - } - signature, err := sk.Sign(append([]byte(certificatePrefix), certKeyPub...)) - if err != nil { - return nil, err - } - value, err := asn1.Marshal(signedKey{ - PubKey: keyBytes, - Signature: signature, - }) - if err != nil { - return nil, err - } - - sn, err := rand.Int(rand.Reader, big.NewInt(1<<62)) - if err != nil { - return nil, err - } tmpl := &x509.Certificate{ - SerialNumber: sn, + SerialNumber: config.serialNumber, NotBefore: time.Time{}, NotAfter: time.Now().Add(certValidityPeriod), // after calling CreateCertificate, these will end up in Certificate.Extensions ExtraExtensions: []pkix.Extension{ - {Id: extensionID, Value: value}, + {Id: extensionID, Value: config.extensionValue}, }, } - certDER, err := x509.CreateCertificate(rand.Reader, tmpl, tmpl, certKey.Public(), certKey) + certDER, err := x509.CreateCertificate(rand.Reader, tmpl, tmpl, config.certKey.Public(), + config.certKey) if err != nil { return nil, err } return &tls.Certificate{ Certificate: [][]byte{certDER}, - PrivateKey: certKey, + PrivateKey: config.certKey, }, nil } diff --git a/go.mod b/go.mod index 8fa4f35..bf67f6f 100644 --- a/go.mod +++ b/go.mod @@ -1,9 +1,13 @@ module github.com/libp2p/go-libp2p-tls +replace github.com/libp2p/go-openssl => /home/schoolboy/go-openssl + go 1.14 require ( github.com/libp2p/go-libp2p-core v0.3.0 + github.com/libp2p/go-libp2p-crypto v0.1.0 + github.com/libp2p/go-openssl v0.0.5 github.com/onsi/ginkgo v1.12.0 github.com/onsi/gomega v1.9.0 golang.org/x/sys v0.0.0-20191206220618-eeba5f6aabab diff --git a/go.sum b/go.sum index d5892b0..365c995 100644 --- a/go.sum +++ b/go.sum @@ -1,11 +1,13 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/aead/siphash v1.0.1/go.mod h1:Nywa3cDsYNNK3gaciGTWPwHt0wlpNV15vwmswBAUSII= +github.com/btcsuite/btcd v0.0.0-20190213025234-306aecffea32/go.mod h1:DrZx5ec/dmnfpw9KyYoQyYo7d0KEvTkk/5M/vbZjAr8= github.com/btcsuite/btcd v0.0.0-20190824003749-130ea5bddde3 h1:A/EVblehb75cUgXA5njHPn0kLAsykn6mJGz7rnmW5W0= github.com/btcsuite/btcd v0.0.0-20190824003749-130ea5bddde3/go.mod h1:3J08xEfcugPacsc34/LKRU2yO7YmuT8yt28J8k2+rrI= github.com/btcsuite/btcd v0.20.1-beta h1:Ik4hyJqN8Jfyv3S4AGBOmyouMsYE3EdYODkMbQjwPGw= github.com/btcsuite/btcd v0.20.1-beta/go.mod h1:wVuoA8VJLEcwgqHBwHmzLRazpKxTv13Px/pDuV7OomQ= github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f/go.mod h1:TdznJufoqS23FtqVCzL0ZqgP5MqXbb4fg/WgDys70nA= +github.com/btcsuite/btcutil v0.0.0-20190207003914-4c204d697803/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg= github.com/btcsuite/btcutil v0.0.0-20190425235716-9e5f4b9a998d/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg= github.com/btcsuite/go-socks v0.0.0-20170105172521-4720035b7bfd/go.mod h1:HHNXQzUsZCxOoE+CPiyCTO6x34Zs86zZUiwtpXoGdtg= github.com/btcsuite/goleveldb v0.0.0-20160330041536-7834afc9e8cd/go.mod h1:F+uVaaLLH7j4eDXPRvw78tMflu7Ie2bzYOH4Y8rRKBY= @@ -21,6 +23,7 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls= github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= @@ -37,15 +40,18 @@ github.com/gxed/hashland/murmur3 v0.0.1 h1:SheiaIt0sda5K+8FLz952/1iWS9zrnKsEJaOJ github.com/gxed/hashland/murmur3 v0.0.1/go.mod h1:KjXop02n4/ckmZSnY2+HKcLud/tcmvhST0bie/0lS48= github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/ipfs/go-cid v0.0.1/go.mod h1:GHWU/WuQdMPmIosc4Yn1bcCT7dSeX4lBafM7iqUPQvM= github.com/ipfs/go-cid v0.0.3 h1:UIAh32wymBpStoe83YCzwVQQ5Oy/H0FdxvUS6DJDzms= github.com/ipfs/go-cid v0.0.3/go.mod h1:GHWU/WuQdMPmIosc4Yn1bcCT7dSeX4lBafM7iqUPQvM= github.com/jbenet/go-cienv v0.1.0/go.mod h1:TqNnHUmJgXau0nCzC7kXWeotg3J9W34CUv5Djy1+FlA= +github.com/jbenet/goprocess v0.0.0-20160826012719-b497e2f366b8/go.mod h1:Ly/wlsjFq/qrU3Rar62tu1gASgGw6chQbSh/XgIIXCY= github.com/jbenet/goprocess v0.1.3 h1:YKyIEECS/XvcfHtBzxtjBBbWK+MbvA6dG8ASiqwvr10= github.com/jbenet/goprocess v0.1.3/go.mod h1:5yspPrukOVuOLORacaBi858NqyClJPQxYZlqdZVfqY4= github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jrick/logrotate v1.0.0/go.mod h1:LNinyqDIJnpAur+b8yyulnQw/wDuN1+BYKlTRt3OuAQ= github.com/kami-zh/go-capturer v0.0.0-20171211120116-e492ea43421d/go.mod h1:P2viExyCEfeWGU259JnaQ34Inuec4R38JCyBx2edgD0= +github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kkdai/bstream v0.0.0-20161212061736-f391b8402d23/go.mod h1:J+Gs4SYgM6CZQHDETBtE9HaSEkGmuNXF86RwHhHUvq4= @@ -55,16 +61,22 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/libp2p/go-flow-metrics v0.0.1/go.mod h1:Iv1GH0sG8DtYN3SVJ2eG221wMiNpZxBdp967ls1g+k8= github.com/libp2p/go-flow-metrics v0.0.2/go.mod h1:HeoSNUrOJVK1jEpDqVEiUOIXqhbnS27omG0uWU5slZs= github.com/libp2p/go-flow-metrics v0.0.3/go.mod h1:HeoSNUrOJVK1jEpDqVEiUOIXqhbnS27omG0uWU5slZs= +github.com/libp2p/go-libp2p-core v0.0.1/go.mod h1:g/VxnTZ/1ygHxH3dKok7Vno1VfpvGcGip57wjTU4fco= github.com/libp2p/go-libp2p-core v0.2.5 h1:iP1PIiIrlRrGbE1fYq2918yBc5NlCH3pFuIPSWU9hds= github.com/libp2p/go-libp2p-core v0.2.5/go.mod h1:6+5zJmKhsf7yHn1RbmYDu08qDUpIUxGdqHuEZckmZOA= github.com/libp2p/go-libp2p-core v0.3.0 h1:F7PqduvrztDtFsAa/bcheQ3azmNo+Nq7m8hQY5GiUW8= github.com/libp2p/go-libp2p-core v0.3.0/go.mod h1:ACp3DmS3/N64c2jDzcV429ukDpicbL6+TrrxANBjPGw= +github.com/libp2p/go-libp2p-crypto v0.1.0 h1:k9MFy+o2zGDNGsaoZl0MA3iZ75qXxr9OOoAZF+sD5OQ= +github.com/libp2p/go-libp2p-crypto v0.1.0/go.mod h1:sPUokVISZiy+nNuTTH/TY+leRSxnFj/2GLjtOTW90hI= github.com/libp2p/go-openssl v0.0.3 h1:wjlG7HvQkt4Fq4cfH33Ivpwp0omaElYEi9z26qaIkIk= github.com/libp2p/go-openssl v0.0.3/go.mod h1:unDrJpgy3oFr+rqXsarWifmJuNnJR4chtO1HmaZjggc= github.com/libp2p/go-openssl v0.0.4 h1:d27YZvLoTyMhIN4njrkr8zMDOM4lfpHIp6A+TK9fovg= github.com/libp2p/go-openssl v0.0.4/go.mod h1:unDrJpgy3oFr+rqXsarWifmJuNnJR4chtO1HmaZjggc= +github.com/libp2p/go-openssl v0.0.5 h1:pQkejVhF0xp08D4CQUcw8t+BFJeXowja6RVcb5p++EA= +github.com/libp2p/go-openssl v0.0.5/go.mod h1:unDrJpgy3oFr+rqXsarWifmJuNnJR4chtO1HmaZjggc= github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329 h1:2gxZ0XQIU/5z3Z3bUBu+FXuk2pFbkN6tcwi/pjyaDic= github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= @@ -78,12 +90,14 @@ github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771/go.mod h1:B5e1 github.com/minio/sha256-simd v0.1.1 h1:5QHSlgo3nt5yKOJrC7W8w7X+NFl8cMPZm96iu8kKUJU= github.com/minio/sha256-simd v0.1.1/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM= github.com/mr-tron/base58 v1.1.0/go.mod h1:xcD2VGqlgYjBdcBLw+TuYLr8afG+Hj8g2eTVqeSzSU8= +github.com/mr-tron/base58 v1.1.1/go.mod h1:xcD2VGqlgYjBdcBLw+TuYLr8afG+Hj8g2eTVqeSzSU8= github.com/mr-tron/base58 v1.1.2 h1:ZEw4I2EgPKDJ2iEw0cNmLB3ROrEmkOtXIkaG7wZg+78= github.com/mr-tron/base58 v1.1.2/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= github.com/mr-tron/base58 v1.1.3 h1:v+sk57XuaCKGXpWtVBX8YJzO7hMGx4Aajh4TQbdEFdc= github.com/mr-tron/base58 v1.1.3/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= github.com/multiformats/go-base32 v0.0.3 h1:tw5+NhuwaOjJCC5Pp82QuXbrmLzWg7uxlMFp8Nq/kkI= github.com/multiformats/go-base32 v0.0.3/go.mod h1:pLiuGC8y0QR3Ue4Zug5UzK9LjgbkL8NSQj0zQ5Nz/AA= +github.com/multiformats/go-multiaddr v0.0.2/go.mod h1:xKVEak1K9cS1VdmPZW3LSIb6lgmoS58qz/pzqmAxV44= github.com/multiformats/go-multiaddr v0.1.1 h1:rVAztJYMhCQ7vEFr8FvxW3mS+HF2eY/oPbOMeS0ZDnE= github.com/multiformats/go-multiaddr v0.1.1/go.mod h1:aMKBKNEYmzmDmxfX88/vz+J5IU55txyt0p4aiWVohjo= github.com/multiformats/go-multiaddr v0.2.0 h1:lR52sFwcTCuQb6bTfnXF6zA2XfyYvyd+5a9qECv/J90= @@ -119,6 +133,7 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/smola/gocompat v0.2.0 h1:6b1oIMlUXIpz//VKEDzPVBK8KG7beVwmHIUEBIs/Pns= github.com/smola/gocompat v0.2.0/go.mod h1:1B0MlxbmoZNo3h8guHp8HztB3BSYR5itql9qtVc0ypY= +github.com/spacemonkeygo/openssl v0.0.0-20181017203307-c2dcc5cca94a/go.mod h1:7AyxJNCJ7SBZ1MfVQCWD6Uqo2oubI2Eq2y2eqf+A5r0= github.com/spacemonkeygo/spacelog v0.0.0-20180420211403-2296661a0572 h1:RC6RW7j+1+HkWaX/Yh71Ee5ZHaHYt7ZP4sQgUrm6cDU= github.com/spacemonkeygo/spacelog v0.0.0-20180420211403-2296661a0572/go.mod h1:w0SWMsp6j9O/dk4/ZpIhL+3CkG8ofA2vuv7k+ltqUMc= github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= @@ -134,6 +149,7 @@ go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= golang.org/x/crypto v0.0.0-20170930174604-9419663f5a44/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190225124518-7f87c0fbb88b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8 h1:1wopBVtVdWnn03fZelqdXTqk7U7zPQCb+T4rbU9ZEoU= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -173,6 +189,7 @@ golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181130052023-1c3d964395ce/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= diff --git a/identity.go b/identity.go new file mode 100644 index 0000000..a2e016b --- /dev/null +++ b/identity.go @@ -0,0 +1,126 @@ +package libp2ptls + +import ( + "crypto/ecdsa" + "crypto/elliptic" + "crypto/rand" + "crypto/x509" + "encoding/asn1" + "errors" + "fmt" + "math/big" + "net" + "time" + + ic "github.com/libp2p/go-libp2p-core/crypto" + "github.com/libp2p/go-libp2p-core/peer" +) + +const certValidityPeriod = 100 * 365 * 24 * time.Hour // ~100 years +const certificatePrefix = "libp2p-tls-handshake:" +const alpn string = "libp2p" + +var extensionID = getPrefixedExtensionID([]int{1, 1}) + +// getExtensionString returns libp2p's object id in string format. +func getExtensionString(inputs []int) string { + out := "" + for i, input := range inputs { + out += fmt.Sprintf("%d", input) + if i != len(inputs)-1 { + out += "." + } + } + return out +} + +func validateRemote(pubKey ic.PubKey, remote peer.ID) error { + if remote != "" && !remote.MatchesPublicKey(pubKey) { + peerID, err := peer.IDFromPublicKey(pubKey) + if err != nil { + peerID = peer.ID(fmt.Sprintf("(not determined: %s)", err.Error())) + } + return fmt.Errorf("peer IDs don't match: expected %s, got %s", remote, peerID) + } + return nil +} + +func unmarshalExtenstionPublicKey(value []byte, certKeyPub []byte) (ic.PubKey, error) { + var sk signedKey + if _, err := asn1.Unmarshal(value, &sk); err != nil { + return nil, fmt.Errorf("unmarshalling signed certificate failed: %s", err) + } + pubKey, err := ic.UnmarshalPublicKey(sk.PubKey) + if err != nil { + return nil, fmt.Errorf("unmarshalling public key failed: %s", err) + } + valid, err := pubKey.Verify(append([]byte(certificatePrefix), certKeyPub...), sk.Signature) + if err != nil { + return nil, fmt.Errorf("signature verification failed: %s", err) + } + if !valid { + return nil, errors.New("signature invalid") + } + return pubKey, nil +} + +type signedKey struct { + PubKey []byte + Signature []byte +} + +// certificateConfig contains config to create certificate. +type certificateConfig struct { + // Certificate Private and Public key pair. + certKey *ecdsa.PrivateKey + // Custom Extenstion value. It contains public key and signature. + extensionValue []byte + // Certificate's serial number. + serialNumber *big.Int +} + +// newCertificateConfig returns certificateConfig. +func newCertificateConfig(sk ic.PrivKey) (*certificateConfig, error) { + certKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + if err != nil { + return nil, err + } + + keyBytes, err := ic.MarshalPublicKey(sk.GetPublic()) + if err != nil { + return nil, err + } + certKeyPub, err := x509.MarshalPKIXPublicKey(certKey.Public()) + if err != nil { + return nil, err + } + signature, err := sk.Sign(append([]byte(certificatePrefix), certKeyPub...)) + if err != nil { + return nil, err + } + value, err := asn1.Marshal(signedKey{ + PubKey: keyBytes, + Signature: signature, + }) + if err != nil { + return nil, err + } + + sn, err := rand.Int(rand.Reader, big.NewInt(1<<62)) + if err != nil { + return nil, err + } + return &certificateConfig{ + serialNumber: sn, + extensionValue: value, + certKey: certKey, + }, nil +} + +// identity is used to secure connection. +type identity interface { + // CreateServerConn creates server connection to do the tls handshake. + CreateServerConn(insecure net.Conn) (handshakeConn, <-chan ic.PubKey, error) + // CreateClientConn creates client connection to do the tls handshake. + CreateClientConn(insecure net.Conn, remote peer.ID) (handshakeConn, <-chan ic.PubKey, error) +} diff --git a/openssl.go b/openssl.go new file mode 100644 index 0000000..d7b3669 --- /dev/null +++ b/openssl.go @@ -0,0 +1,185 @@ +// +build openssl + +package libp2ptls + +import ( + "crypto/x509" + "encoding/pem" + "errors" + "fmt" + "net" + "time" + + ic "github.com/libp2p/go-libp2p-core/crypto" + "github.com/libp2p/go-libp2p-core/peer" + "github.com/libp2p/go-openssl" +) + +// libp2pNID is the NID for the libp2p-tls oid. +var libp2pNID openssl.NID = openssl.CreateObjectIdentifier(getExtensionString(extensionID), + "libp2p-tls", + "Object Identifier for libp2p-tls") + +// openSSLIdentity is used to +type openSSLIdentity struct { + certificate *openssl.Certificate + privateKey openssl.PrivateKey +} + +// newOpenSSLIdentity create openSSLIdentity. +func newOpenSSLIdentity(sk ic.PrivKey) (*openSSLIdentity, error) { + cert, privKey, err := createOpenSSLCertificate(sk) + if err != nil { + return nil, err + } + return &openSSLIdentity{ + certificate: cert, + privateKey: privKey, + }, nil +} + +func newIdentity(sk ic.PrivKey) (identity, error) { + return newOpenSSLIdentity(sk) +} + +// CreateServerConn creates server connection to do the tls handshake. +func (o *openSSLIdentity) CreateServerConn(insecure net.Conn) (handshakeConn, + <-chan ic.PubKey, error) { + opensslCtx, keyCh, err := o.createOpenSSLCtx("") + if err := opensslCtx.UsePrivateKey(o.privateKey); err != nil { + return nil, nil, err + } + conn, err := openssl.Server(insecure, opensslCtx) + if err != nil { + return nil, nil, err + } + return conn, keyCh, nil +} + +// CreateClientConn creates client connection to do the tls handshake. +func (o *openSSLIdentity) CreateClientConn(insecure net.Conn, remote peer.ID) (handshakeConn, + <-chan ic.PubKey, error) { + opensslCtx, keyCh, err := o.createOpenSSLCtx(remote) + + conn, err := openssl.Client(insecure, opensslCtx) + if err != nil { + return nil, nil, err + } + return conn, keyCh, nil +} + +func (o *openSSLIdentity) createOpenSSLCtx(remote peer.ID) (*openssl.Ctx, + <-chan ic.PubKey, error) { + keyCh := make(chan ic.PubKey, 4) + opensslCtx, err := openssl.NewCtxWithVersion(openssl.TLSv1_2) + if err != nil { + return nil, nil, err + } + + // Add the certificate. + if err := opensslCtx.UseCertificate(o.certificate); err != nil { + return nil, nil, err + } + + // Enable two way tls. + opensslCtx.SetVerifyMode(openssl.VerifyPeer) + + opensslCtx.SetVerifyCallback(func(a bool, store *openssl.CertificateStoreCtx) bool { + cert := store.GetCurrentCert() + pubKey, err := pubKeyFromOpenSSLCertificate(cert) + if err != nil { + return false + } + err = validateRemote(pubKey, remote) + if err != nil { + return false + } + keyCh <- pubKey + return true + }) + + if err = opensslCtx.SetNextProtos([]string{alpn}); err != nil { + return nil, nil, err + } + + if err := opensslCtx.UsePrivateKey(o.privateKey); err != nil { + return nil, nil, err + } + return opensslCtx, keyCh, nil +} + +// pubKeyFromOpenSSLCertificate extracts the public key from the custom extension. +func pubKeyFromOpenSSLCertificate(cert *openssl.Certificate) (ic.PubKey, error) { + extValue := cert.GetExtensionValue(libp2pNID) + if len(extValue) == 0 { + return nil, errors.New("unable to find extension value") + } + + pubKey, err := cert.PublicKey() + if err != nil { + return nil, err + } + certKeyPub, err := pubKey.MarshalPKIXPublicKeyDER() + if err != nil { + return nil, err + } + return unmarshalExtenstionPublicKey(extValue, certKeyPub) +} + +// createOpenSSLCertificate creates openssl certificate and returns the certificate and it's +// private key. +func createOpenSSLCertificate(sk ic.PrivKey) (*openssl.Certificate, openssl.PrivateKey, error) { + config, err := newCertificateConfig(sk) + if err != nil { + return nil, nil, err + } + info := &openssl.CertificateInfo{ + Issued: time.Since(time.Time{}), + Expires: time.Since(time.Now().Add(certValidityPeriod)), + Serial: config.serialNumber, + Country: "US", + CommonName: "libp2p", + Organization: "libp2p", + } + + // Create the public key in pem format. + encodedPublicKey, err := x509.MarshalPKIXPublicKey(config.certKey.Public()) + if err != nil { + return nil, nil, err + } + + pemPublicKey := pem.EncodeToMemory(&pem.Block{Type: "PUBLIC KEY", Bytes: encodedPublicKey}) + pubKey, err := openssl.LoadPublicKeyFromPEM(pemPublicKey) + if err != nil { + return nil, nil, err + } + + // Create a certificate with the given public key, + certificate, err := openssl.NewCertificate(info, pubKey) + if err != nil { + return nil, nil, err + } + + // Add the custom extension. + config.extensionValue = append(config.extensionValue, 0) + fmt.Println(len(config.extensionValue)) + err = certificate.AddCustomExtension(openssl.NID(libp2pNID), config.extensionValue) + if err != nil { + return nil, nil, err + } + encodedPrivateKey, err := x509.MarshalPKCS8PrivateKey(config.certKey) + if err != nil { + return nil, nil, err + } + pemPrivateKey := pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: encodedPrivateKey}) + privKey, err := openssl.LoadPrivateKeyFromPEM(pemPrivateKey) + if err != nil { + return nil, nil, err + } + + // Self sign the certificate. + if err = certificate.Sign(privKey, openssl.EVP_SHA512); err != nil { + return nil, nil, err + } + return certificate, privKey, nil +} diff --git a/transport.go b/transport.go index 214853c..7ae87e0 100644 --- a/transport.go +++ b/transport.go @@ -2,7 +2,6 @@ package libp2ptls import ( "context" - "crypto/tls" "errors" "net" "os" @@ -24,7 +23,7 @@ const ID = "/tls/1.0.0" // Transport constructs secure communication sessions for a peer. type Transport struct { - identity *Identity + identity identity localPeer peer.ID privKey ci.PrivKey @@ -41,11 +40,11 @@ func New(key ci.PrivKey) (*Transport, error) { privKey: key, } - identity, err := NewIdentity(key) + i, err := newIdentity(key) if err != nil { return nil, err } - t.identity = identity + t.identity = i return t, nil } @@ -53,8 +52,11 @@ var _ sec.SecureTransport = &Transport{} // SecureInbound runs the TLS handshake as a server. func (t *Transport) SecureInbound(ctx context.Context, insecure net.Conn) (sec.SecureConn, error) { - config, keyCh := t.identity.ConfigForAny() - cs, err := t.handshake(ctx, tls.Server(insecure, config), keyCh) + conn, keyCh, err := t.identity.CreateServerConn(insecure) + if err != nil { + return nil, err + } + cs, err := t.handshake(ctx, conn, keyCh) if err != nil { insecure.Close() } @@ -69,8 +71,11 @@ func (t *Transport) SecureInbound(ctx context.Context, insecure net.Conn) (sec.S // If the handshake fails, the server will close the connection. The client will // notice this after 1 RTT when calling Read. func (t *Transport) SecureOutbound(ctx context.Context, insecure net.Conn, p peer.ID) (sec.SecureConn, error) { - config, keyCh := t.identity.ConfigForPeer(p) - cs, err := t.handshake(ctx, tls.Client(insecure, config), keyCh) + conn, keyCh, err := t.identity.CreateClientConn(insecure, p) + if err != nil { + return nil, err + } + cs, err := t.handshake(ctx, conn, keyCh) if err != nil { insecure.Close() } @@ -79,7 +84,7 @@ func (t *Transport) SecureOutbound(ctx context.Context, insecure net.Conn, p pee func (t *Transport) handshake( ctx context.Context, - tlsConn *tls.Conn, + tlsConn handshakeConn, keyCh <-chan ci.PubKey, ) (sec.SecureConn, error) { // There's no way to pass a context to tls.Conn.Handshake(). @@ -139,7 +144,7 @@ func (t *Transport) handshake( return conn, nil } -func (t *Transport) setupConn(tlsConn *tls.Conn, remotePubKey ci.PubKey) (sec.SecureConn, error) { +func (t *Transport) setupConn(tlsConn net.Conn, remotePubKey ci.PubKey) (sec.SecureConn, error) { remotePeerID, err := peer.IDFromPublicKey(remotePubKey) if err != nil { return nil, err diff --git a/transport_test.go b/transport_test.go index 2b5be8f..c9dd10b 100644 --- a/transport_test.go +++ b/transport_test.go @@ -378,9 +378,13 @@ var _ = Describe("Transport", func() { It(fmt.Sprintf("fails if the client presents an invalid cert: %s", t.name), func() { serverTransport, err := New(serverKey) Expect(err).ToNot(HaveOccurred()) - clientTransport, err := New(clientKey) + i, err := NewIdentity(clientKey) + Expect(err).ToNot(HaveOccurred()) + clientTransport := &Transport{ + identity: i, + } Expect(err).ToNot(HaveOccurred()) - t.apply(clientTransport.identity) + t.apply(i) clientInsecureConn, serverInsecureConn := connect() @@ -406,9 +410,13 @@ var _ = Describe("Transport", func() { }) It(fmt.Sprintf("fails if the server presents an invalid cert: %s", t.name), func() { - serverTransport, err := New(serverKey) + i, err := NewIdentity(serverKey) + Expect(err).ToNot(HaveOccurred()) + serverTransport := &Transport{ + identity: i, + } Expect(err).ToNot(HaveOccurred()) - t.apply(serverTransport.identity) + t.apply(i) clientTransport, err := New(clientKey) Expect(err).ToNot(HaveOccurred()) From bcf8aa40ab83fa49f05681de066f0cb97aa27351 Mon Sep 17 00:00:00 2001 From: Tiger Date: Thu, 16 Jul 2020 18:23:43 +0530 Subject: [PATCH 2/2] fix go mod Signed-off-by: Tiger --- go.mod | 5 +---- go.sum | 37 ++----------------------------------- 2 files changed, 3 insertions(+), 39 deletions(-) diff --git a/go.mod b/go.mod index bf67f6f..dd39746 100644 --- a/go.mod +++ b/go.mod @@ -1,13 +1,10 @@ module github.com/libp2p/go-libp2p-tls -replace github.com/libp2p/go-openssl => /home/schoolboy/go-openssl - go 1.14 require ( github.com/libp2p/go-libp2p-core v0.3.0 - github.com/libp2p/go-libp2p-crypto v0.1.0 - github.com/libp2p/go-openssl v0.0.5 + github.com/libp2p/go-openssl v0.0.6 github.com/onsi/ginkgo v1.12.0 github.com/onsi/gomega v1.9.0 golang.org/x/sys v0.0.0-20191206220618-eeba5f6aabab diff --git a/go.sum b/go.sum index 365c995..cc09687 100644 --- a/go.sum +++ b/go.sum @@ -1,13 +1,9 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/aead/siphash v1.0.1/go.mod h1:Nywa3cDsYNNK3gaciGTWPwHt0wlpNV15vwmswBAUSII= -github.com/btcsuite/btcd v0.0.0-20190213025234-306aecffea32/go.mod h1:DrZx5ec/dmnfpw9KyYoQyYo7d0KEvTkk/5M/vbZjAr8= -github.com/btcsuite/btcd v0.0.0-20190824003749-130ea5bddde3 h1:A/EVblehb75cUgXA5njHPn0kLAsykn6mJGz7rnmW5W0= -github.com/btcsuite/btcd v0.0.0-20190824003749-130ea5bddde3/go.mod h1:3J08xEfcugPacsc34/LKRU2yO7YmuT8yt28J8k2+rrI= github.com/btcsuite/btcd v0.20.1-beta h1:Ik4hyJqN8Jfyv3S4AGBOmyouMsYE3EdYODkMbQjwPGw= github.com/btcsuite/btcd v0.20.1-beta/go.mod h1:wVuoA8VJLEcwgqHBwHmzLRazpKxTv13Px/pDuV7OomQ= github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f/go.mod h1:TdznJufoqS23FtqVCzL0ZqgP5MqXbb4fg/WgDys70nA= -github.com/btcsuite/btcutil v0.0.0-20190207003914-4c204d697803/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg= github.com/btcsuite/btcutil v0.0.0-20190425235716-9e5f4b9a998d/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg= github.com/btcsuite/go-socks v0.0.0-20170105172521-4720035b7bfd/go.mod h1:HHNXQzUsZCxOoE+CPiyCTO6x34Zs86zZUiwtpXoGdtg= github.com/btcsuite/goleveldb v0.0.0-20160330041536-7834afc9e8cd/go.mod h1:F+uVaaLLH7j4eDXPRvw78tMflu7Ie2bzYOH4Y8rRKBY= @@ -23,7 +19,6 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls= github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= @@ -40,18 +35,15 @@ github.com/gxed/hashland/murmur3 v0.0.1 h1:SheiaIt0sda5K+8FLz952/1iWS9zrnKsEJaOJ github.com/gxed/hashland/murmur3 v0.0.1/go.mod h1:KjXop02n4/ckmZSnY2+HKcLud/tcmvhST0bie/0lS48= github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ipfs/go-cid v0.0.1/go.mod h1:GHWU/WuQdMPmIosc4Yn1bcCT7dSeX4lBafM7iqUPQvM= github.com/ipfs/go-cid v0.0.3 h1:UIAh32wymBpStoe83YCzwVQQ5Oy/H0FdxvUS6DJDzms= github.com/ipfs/go-cid v0.0.3/go.mod h1:GHWU/WuQdMPmIosc4Yn1bcCT7dSeX4lBafM7iqUPQvM= github.com/jbenet/go-cienv v0.1.0/go.mod h1:TqNnHUmJgXau0nCzC7kXWeotg3J9W34CUv5Djy1+FlA= -github.com/jbenet/goprocess v0.0.0-20160826012719-b497e2f366b8/go.mod h1:Ly/wlsjFq/qrU3Rar62tu1gASgGw6chQbSh/XgIIXCY= github.com/jbenet/goprocess v0.1.3 h1:YKyIEECS/XvcfHtBzxtjBBbWK+MbvA6dG8ASiqwvr10= github.com/jbenet/goprocess v0.1.3/go.mod h1:5yspPrukOVuOLORacaBi858NqyClJPQxYZlqdZVfqY4= github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jrick/logrotate v1.0.0/go.mod h1:LNinyqDIJnpAur+b8yyulnQw/wDuN1+BYKlTRt3OuAQ= github.com/kami-zh/go-capturer v0.0.0-20171211120116-e492ea43421d/go.mod h1:P2viExyCEfeWGU259JnaQ34Inuec4R38JCyBx2edgD0= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kkdai/bstream v0.0.0-20161212061736-f391b8402d23/go.mod h1:J+Gs4SYgM6CZQHDETBtE9HaSEkGmuNXF86RwHhHUvq4= @@ -61,22 +53,13 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/libp2p/go-flow-metrics v0.0.1/go.mod h1:Iv1GH0sG8DtYN3SVJ2eG221wMiNpZxBdp967ls1g+k8= -github.com/libp2p/go-flow-metrics v0.0.2/go.mod h1:HeoSNUrOJVK1jEpDqVEiUOIXqhbnS27omG0uWU5slZs= github.com/libp2p/go-flow-metrics v0.0.3/go.mod h1:HeoSNUrOJVK1jEpDqVEiUOIXqhbnS27omG0uWU5slZs= -github.com/libp2p/go-libp2p-core v0.0.1/go.mod h1:g/VxnTZ/1ygHxH3dKok7Vno1VfpvGcGip57wjTU4fco= -github.com/libp2p/go-libp2p-core v0.2.5 h1:iP1PIiIrlRrGbE1fYq2918yBc5NlCH3pFuIPSWU9hds= -github.com/libp2p/go-libp2p-core v0.2.5/go.mod h1:6+5zJmKhsf7yHn1RbmYDu08qDUpIUxGdqHuEZckmZOA= github.com/libp2p/go-libp2p-core v0.3.0 h1:F7PqduvrztDtFsAa/bcheQ3azmNo+Nq7m8hQY5GiUW8= github.com/libp2p/go-libp2p-core v0.3.0/go.mod h1:ACp3DmS3/N64c2jDzcV429ukDpicbL6+TrrxANBjPGw= -github.com/libp2p/go-libp2p-crypto v0.1.0 h1:k9MFy+o2zGDNGsaoZl0MA3iZ75qXxr9OOoAZF+sD5OQ= -github.com/libp2p/go-libp2p-crypto v0.1.0/go.mod h1:sPUokVISZiy+nNuTTH/TY+leRSxnFj/2GLjtOTW90hI= -github.com/libp2p/go-openssl v0.0.3 h1:wjlG7HvQkt4Fq4cfH33Ivpwp0omaElYEi9z26qaIkIk= -github.com/libp2p/go-openssl v0.0.3/go.mod h1:unDrJpgy3oFr+rqXsarWifmJuNnJR4chtO1HmaZjggc= github.com/libp2p/go-openssl v0.0.4 h1:d27YZvLoTyMhIN4njrkr8zMDOM4lfpHIp6A+TK9fovg= github.com/libp2p/go-openssl v0.0.4/go.mod h1:unDrJpgy3oFr+rqXsarWifmJuNnJR4chtO1HmaZjggc= -github.com/libp2p/go-openssl v0.0.5 h1:pQkejVhF0xp08D4CQUcw8t+BFJeXowja6RVcb5p++EA= -github.com/libp2p/go-openssl v0.0.5/go.mod h1:unDrJpgy3oFr+rqXsarWifmJuNnJR4chtO1HmaZjggc= +github.com/libp2p/go-openssl v0.0.6 h1:BFqTHVDt6V60Y7xU9f89FwljvFl/CEqZYO1vlfa2DCE= +github.com/libp2p/go-openssl v0.0.6/go.mod h1:unDrJpgy3oFr+rqXsarWifmJuNnJR4chtO1HmaZjggc= github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329 h1:2gxZ0XQIU/5z3Z3bUBu+FXuk2pFbkN6tcwi/pjyaDic= github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= @@ -90,16 +73,12 @@ github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771/go.mod h1:B5e1 github.com/minio/sha256-simd v0.1.1 h1:5QHSlgo3nt5yKOJrC7W8w7X+NFl8cMPZm96iu8kKUJU= github.com/minio/sha256-simd v0.1.1/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM= github.com/mr-tron/base58 v1.1.0/go.mod h1:xcD2VGqlgYjBdcBLw+TuYLr8afG+Hj8g2eTVqeSzSU8= -github.com/mr-tron/base58 v1.1.1/go.mod h1:xcD2VGqlgYjBdcBLw+TuYLr8afG+Hj8g2eTVqeSzSU8= github.com/mr-tron/base58 v1.1.2 h1:ZEw4I2EgPKDJ2iEw0cNmLB3ROrEmkOtXIkaG7wZg+78= github.com/mr-tron/base58 v1.1.2/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= github.com/mr-tron/base58 v1.1.3 h1:v+sk57XuaCKGXpWtVBX8YJzO7hMGx4Aajh4TQbdEFdc= github.com/mr-tron/base58 v1.1.3/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= github.com/multiformats/go-base32 v0.0.3 h1:tw5+NhuwaOjJCC5Pp82QuXbrmLzWg7uxlMFp8Nq/kkI= github.com/multiformats/go-base32 v0.0.3/go.mod h1:pLiuGC8y0QR3Ue4Zug5UzK9LjgbkL8NSQj0zQ5Nz/AA= -github.com/multiformats/go-multiaddr v0.0.2/go.mod h1:xKVEak1K9cS1VdmPZW3LSIb6lgmoS58qz/pzqmAxV44= -github.com/multiformats/go-multiaddr v0.1.1 h1:rVAztJYMhCQ7vEFr8FvxW3mS+HF2eY/oPbOMeS0ZDnE= -github.com/multiformats/go-multiaddr v0.1.1/go.mod h1:aMKBKNEYmzmDmxfX88/vz+J5IU55txyt0p4aiWVohjo= github.com/multiformats/go-multiaddr v0.2.0 h1:lR52sFwcTCuQb6bTfnXF6zA2XfyYvyd+5a9qECv/J90= github.com/multiformats/go-multiaddr v0.2.0/go.mod h1:0nO36NvPpyV4QzvTLi/lafl2y95ncPj0vFwVF6k6wJ4= github.com/multiformats/go-multibase v0.0.1 h1:PN9/v21eLywrFWdFNsFKaU04kLJzuYzmrJR+ubhT9qA= @@ -115,25 +94,18 @@ github.com/multiformats/go-varint v0.0.1/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXS github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.7.0 h1:WSHQ+IS43OoUrWtD1/bbclrwK8TTH5hzp+umCiuxHgs= github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.3 h1:OoxbjfXVZyod1fmWYhI7SEyaD8B00ynP3T+D5GiyHOY= -github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.11.0 h1:JAKSXpt1YjtLA7YpPiqO9ss6sNXEsPfSGdwN0UHqzrw= -github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.0 h1:Iw5WCbBcaAAd0fpRb1c9r5YCylv4XDoCSigm1zLevwU= github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg= github.com/onsi/gomega v1.4.3 h1:RE1xgDvH7imwFD45h+u2SgIfERHlS2yNG4DObb5BSKU= github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1 h1:K0jcRCwNQM3vFGh1ppMtDh/+7ApJrjldlX8fA0jDTLQ= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.8.1 h1:C5Dqfs/LeauYDX0jJXIe2SWmwCbGzx9yF8C8xy3Lh34= -github.com/onsi/gomega v1.8.1/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= github.com/onsi/gomega v1.9.0 h1:R1uwffexN6Pr340GtYRIdZmAiN4J+iw6WG4wog1DUXg= github.com/onsi/gomega v1.9.0/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/smola/gocompat v0.2.0 h1:6b1oIMlUXIpz//VKEDzPVBK8KG7beVwmHIUEBIs/Pns= github.com/smola/gocompat v0.2.0/go.mod h1:1B0MlxbmoZNo3h8guHp8HztB3BSYR5itql9qtVc0ypY= -github.com/spacemonkeygo/openssl v0.0.0-20181017203307-c2dcc5cca94a/go.mod h1:7AyxJNCJ7SBZ1MfVQCWD6Uqo2oubI2Eq2y2eqf+A5r0= github.com/spacemonkeygo/spacelog v0.0.0-20180420211403-2296661a0572 h1:RC6RW7j+1+HkWaX/Yh71Ee5ZHaHYt7ZP4sQgUrm6cDU= github.com/spacemonkeygo/spacelog v0.0.0-20180420211403-2296661a0572/go.mod h1:w0SWMsp6j9O/dk4/ZpIhL+3CkG8ofA2vuv7k+ltqUMc= github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= @@ -144,17 +116,13 @@ github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/x-cray/logrus-prefixed-formatter v0.5.2/go.mod h1:2duySbKsL6M18s5GU7VPsoEPHyzalCE06qoARUCeBBE= -go.opencensus.io v0.22.1/go.mod h1:Ap50jQcDJrx6rB6VgeeFPtuPIf3wMRvRfrfYDO6+BmA= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= golang.org/x/crypto v0.0.0-20170930174604-9419663f5a44/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190225124518-7f87c0fbb88b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8 h1:1wopBVtVdWnn03fZelqdXTqk7U7zPQCb+T4rbU9ZEoU= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= @@ -189,7 +157,6 @@ golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181130052023-1c3d964395ce/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=