devp2p 0.1.0

data/lib/devp2p/command.rb

@@ -0,0 +1,82 @@
+# -*- encoding : ascii-8bit -*-
+
+module DEVp2p
+
+  class Command
+
+    extend Configurable
+    add_config(
+      cmd_id: 0,
+      structure: {}, # {arg_name: RLP::Sedes.type}
+      decode_strict: true
+    )
+
+    class <<self
+      def encode_payload(data)
+        if data.is_a?(Hash)
+          raise ArgumentError, 'structure must be hash of arg names and sedes' unless structure.instance_of?(Hash)
+          data = structure.keys.map {|k| data[k] }
+        end
+
+        case structure
+        when RLP::Sedes::CountableList
+          RLP.encode data, structure
+        when Hash
+          raise ArgumentError, 'structure and data length mismatch' unless data.size == structure.size
+          RLP.encode data, sedes: RLP::Sedes::List.new(elements: sedes)
+        else
+          raise InvalidCommandStructure
+        end
+      end
+
+      def decode_payload(rlp_data)
+        case structure
+        when RLP::Sedes::CountableList
+          decoder = structure
+        when Hash
+          decoder = RLP::Sedes::List.new(elements: sedes, strict: decode_strict)
+        else
+          raise InvalidCommandStructure
+        end
+
+        data = RLP.decode rlp_data, sedes: decoder
+        data = structure.keys.zip(data).to_h if structure.is_a?(Hash)
+        data
+      rescue
+        puts "error in decode: #{$!}"
+        puts "rlp:"
+        puts RLP.decode(rlp_data)
+        raise $!
+      end
+
+      def sedes
+        @sedes ||= structure.values
+      end
+    end
+
+    attr :receive_callbacks
+
+    def initialize
+      raise InvalidCommandStructure unless [Hash, RLP::Sedes::CountableList].any? {|c| structure.is_a?(c) }
+      @receive_callbacks = []
+    end
+
+    # optionally implement create
+    def create(proto, *args)
+      options = args.last.is_a?(Hash) ? args.pop : {}
+      raise ArgumentError, "proto #{proto} must be protocol" unless proto.is_a?(BaseProtocol)
+      raise ArgumentError, "command structure mismatch" if !options.empty? && structure.instance_of?(RLP::Sedes::CountableList)
+      options.empty? ? args : options
+    end
+
+    # optionally implement receive
+    def receive(proto, data)
+      if structure.instance_of?(RLP::Sedes::CountableList)
+        receive_callbacks.each {|cb| cb.call(proto, data) }
+      else
+        receive_callbacks.each {|cb| cb.call(proto, **data) }
+      end
+    end
+  end
+
+end

data/lib/devp2p/configurable.rb

@@ -0,0 +1,32 @@
+# -*- encoding : ascii-8bit -*-
+
+module DEVp2p
+  module Configurable
+
+    def add_config(configs)
+      raise ArgumentError, 'self must be a class' unless self.class == Class
+
+      configs.each do |name, default|
+        singleton_class.send(:define_method, name) do |*args|
+          iv = "@#{name}"
+          if args.empty?
+            if instance_variable_defined?(iv)
+              instance_variable_get(iv)
+            else
+              v = superclass.respond_to?(:add_config) && superclass.respond_to?(name) ?
+                superclass.public_send(name) : default
+              instance_variable_set(iv, v)
+            end
+          else
+            instance_variable_set(iv, args.first)
+          end
+        end
+
+        define_method(name) do |*args|
+          self.class.public_send name, *args
+        end
+      end
+    end
+
+  end
+end

data/lib/devp2p/connection_monitor.rb

@@ -0,0 +1,77 @@
+# -*- encoding : ascii-8bit -*-
+
+module DEVp2p
+
+  ##
+  # monitors the connection by sending pings and checking pongs
+  #
+  class ConnectionMonitor
+    include Celluloid
+
+    def initialize(proto)
+      @proto = proto
+
+      logger.debug "init"
+      raise ArgumentError, 'protocol must be P2PProtocol' unless proto.is_a?(P2PProtocol)
+
+      @samples = []
+      @last_response = @last_request = Time.now
+
+      @ping_interval = 15
+      @response_delay_threshold = 120
+      @max_samples = 1000
+
+      track_response = ->(proto, **data) {
+        @last_response = Time.now
+        @samples.unshift(@last_response - @last_request)
+        @samples.pop if @samples.size > @max_samples
+      }
+      @proto.receive_pong_callbacks.push(track_response)
+
+      monitor = Actor.current
+      @proto.receive_hello_callbacks.push(->(p, **kwargs) { monitor.start })
+    end
+
+    def latency(num_samples=@max_samples)
+      num_samples = [num_samples, @samples.size].min
+      return 1 unless num_samples > 0
+      (0...num_samples).map {|i| @samples[i] }.reduce(0, &:+)
+    end
+
+    def run
+      logger.debug 'started', monitor: Actor.current
+      loop do
+        logger.debug 'pinging', monitor: Actor.current
+        @proto.send_ping
+
+        now = @last_request = Time.now
+        sleep @ping_interval
+        logger.debug('latency', peer: @proto, latency: ("%.3f" % latency))
+
+        if now - @last_response > @response_delay_threshold
+          logger.debug "unresponsive_peer", monitor: Actor.current
+          @proto.peer.report_error 'not responding to ping'
+          @proto.stop
+          terminate
+        end
+      end
+    end
+
+    def start
+      async.run
+    end
+
+    def stop
+      logger.debug 'stopped', monitor: Actor.current
+      terminate
+    end
+
+    private
+
+    def logger
+      @logger ||= Logger.new("#{@proto.peer.config[:p2p][:listen_port]}.p2p.ctxmonitor.#{object_id}")
+    end
+
+  end
+
+end

data/lib/devp2p/control.rb

@@ -0,0 +1,32 @@
+module DEVp2p
+  module Control
+
+    def initialize_control
+      @stopped = false
+      @killed = false
+    end
+
+    def run
+      _run
+    end
+
+    def start
+      @stopped = false
+      async.run unless killed?
+    end
+
+    def stop
+      @stopped = true
+      @killed = true
+    end
+
+    def stopped?
+      @stopped
+    end
+
+    def killed?
+      @killed
+    end
+
+  end
+end

data/lib/devp2p/crypto.rb

@@ -0,0 +1,73 @@
+# -*- encoding : ascii-8bit -*-
+
+require 'secp256k1' # bitcoin-secp256k1
+require 'digest/sha3'
+
+require 'devp2p/crypto/ecies'
+require 'devp2p/crypto/ecc_x'
+
+module DEVp2p
+  module Crypto
+
+    extend self
+
+    def mk_privkey(seed)
+      Crypto.keccak256 seed
+    end
+
+    def privtopub(privkey)
+      priv = Secp256k1::PrivateKey.new privkey: privkey, raw: true
+
+      pub = priv.pubkey.serialize(compressed: false)
+      raise InvalidKeyError, 'invalid pubkey' unless pub.size == 65 && pub[0] == "\x04"
+
+      pub[1,64]
+    end
+
+    def keccak256(x)
+      Digest::SHA3.new(256).digest(x)
+    end
+
+    def hmac_sha256(key, msg)
+      OpenSSL::HMAC.digest 'sha256', key, msg
+    end
+
+    def ecdsa_sign(msghash, privkey)
+      raise ArgumentError, 'msghash length must be 32' unless msghash.size == 32
+
+      priv = Secp256k1::PrivateKey.new privkey: privkey, raw: true
+      sig = priv.ecdsa_recoverable_serialize priv.ecdsa_sign_recoverable(msghash, raw: true)
+      "#{sig[0]}#{sig[1].chr}"
+    end
+
+    def ecdsa_recover(msghash, sig)
+      raise ArgumentError, 'msghash length must be 32' unless msghash.size == 32
+      raise ArgumentError, 'signature length must be 65' unless sig.size == 65
+
+      pub = Secp256k1::PublicKey.new flags: Secp256k1::ALL_FLAGS
+      recsig = pub.ecdsa_recoverable_deserialize sig[0,64], sig[64].ord
+      pub.public_key = pub.ecdsa_recover msghash, recsig, raw: true
+      pub.serialize(compressed: false)[1..-1]
+    end
+
+    def ecdsa_verify(pubkey, sig, msg)
+      raise ArgumentError, 'invalid signature length' unless sig.size == 65
+      raise ArgumentError, 'invalid pubkey length' unless pubkey.size == 64
+
+      pub = Secp256k1::PublicKey.new pubkey: "\x04#{pubkey}", raw: true
+      raw_sig = pub.ecdsa_recoverable_convert pub.ecdsa_recoverable_deserialize(sig[0,64], sig[64].ord)
+
+      pub.ecdsa_verify msg, raw_sig, raw: true
+    end
+    alias verify ecdsa_verify
+
+    ##
+    # Encrypt data with ECIES method using the public key of the recipient.
+    #
+    def encrypt(data, raw_pubkey)
+      raise ArgumentError, "invalid pubkey of length #{raw_pubkey.size}" unless raw_pubkey.size == 64
+      Crypto::ECIES.encrypt data, raw_pubkey
+    end
+
+  end
+end

data/lib/devp2p/crypto/ecc_x.rb

@@ -0,0 +1,133 @@
+# -*- encoding : ascii-8bit -*-
+
+require 'securerandom'
+
+module DEVp2p
+  module Crypto
+    class ECCx
+
+      CURVE = 'secp256k1'.freeze
+
+      class <<self
+        def valid_key?(raw_pubkey, raw_privkey=nil)
+          return false unless raw_pubkey.size == 64
+
+          group = OpenSSL::PKey::EC::Group.new CURVE
+          bn = OpenSSL::BN.new Utils.encode_hex("\x04#{raw_pubkey}"), 16
+          point = OpenSSL::PKey::EC::Point.new group, bn
+
+          key = OpenSSL::PKey::EC.new(CURVE)
+          key.public_key = point
+          key.private_key = OpenSSL::BN.new Utils.big_endian_to_int(raw_privkey) if raw_privkey
+          key.check_key
+
+          true
+        rescue
+          false
+        end
+
+        def generate_key
+          curve = OpenSSL::PKey::EC.new(CURVE)
+          curve.generate_key
+
+          raw_privkey = Utils.zpad Utils.int_to_big_endian(curve.private_key.to_i), 32
+          raw_pubkey = Utils.int_to_big_endian(curve.public_key.to_bn.to_i)
+          raise InvalidKeyError, 'invalid pubkey' unless raw_pubkey.size == 65 && raw_pubkey[0] == "\x04"
+
+          [raw_privkey, raw_pubkey[1,64]]
+        end
+
+        ##
+        # Compute public key with the local private key and returns a 256bits
+        # shared key
+        #
+        def get_ecdh_key(curve, raw_pubkey)
+          pubkey = raw_pubkey_to_openssl_pubkey raw_pubkey
+          curve.dh_compute_key pubkey
+        end
+
+        def raw_pubkey_to_openssl_pubkey(raw_pubkey)
+          return unless raw_pubkey
+
+          bn = OpenSSL::BN.new Utils.encode_hex("\x04#{raw_pubkey}"), 16
+          group = OpenSSL::PKey::EC::Group.new CURVE
+          OpenSSL::PKey::EC::Point.new group, bn
+        end
+
+        def raw_privkey_to_openssl_privkey(raw_privkey)
+          return unless raw_privkey
+
+          OpenSSL::BN.new Utils.big_endian_to_int(raw_privkey)
+        end
+      end
+
+      attr :raw_pubkey
+
+      def initialize(raw_privkey=nil, raw_pubkey=nil)
+        if raw_privkey && raw_pubkey
+          raise ArgumentError, 'must not provide pubkey with privkey'
+        elsif raw_privkey
+          raw_pubkey = Crypto.privtopub raw_privkey
+        elsif raw_pubkey
+          raise ArgumentError, 'invalid pubkey length' unless raw_pubkey.size == 64
+        else
+          raw_privkey, raw_pubkey = self.class.generate_key
+        end
+
+        if self.class.valid_key?(raw_pubkey, raw_privkey)
+          @raw_pubkey, @raw_privkey = raw_pubkey, raw_privkey
+          @pubkey_x, @pubkey_y = decode_pubkey raw_pubkey
+          set_curve
+        else
+          @raw_pubkey, @raw_privkey = nil, nil
+          @pubkey_x, @pubkey_y = nil, nil
+          raise InvalidKeyError, "bad ECC keys"
+        end
+      end
+
+      def sign(data)
+        sig = Crypto.ecdsa_sign data, @raw_privkey
+        raise InvalidSignatureError unless sig.size == 65
+        sig
+      end
+
+      def verify(sig, msg)
+        raise ArgumentError, 'invalid signature length' unless sig.size == 65
+        Crypto.ecdsa_verify @raw_pubkey, sig, msg
+      end
+
+      def get_ecdh_key(raw_pubkey)
+        self.class.get_ecdh_key curve, raw_pubkey
+      end
+
+      def ecies_encrypt(*args)
+        ECIES.encrypt *args
+      end
+      alias encrypt ecies_encrypt
+
+      def ecies_decrypt(*args)
+        ECIES.decrypt curve, *args
+      end
+      alias decrypt ecies_decrypt
+
+      def curve
+        @curve ||= OpenSSL::PKey::EC.new(CURVE)
+      end
+
+      private
+
+      def decode_pubkey(raw_pubkey)
+        return [nil, nil] unless raw_pubkey
+
+        raise ArgumentError, 'invalid pubkey length' unless raw_pubkey.size == 64
+        [raw_pubkey[0,32], raw_pubkey[32,32]]
+      end
+
+      def set_curve
+        curve.public_key = self.class.raw_pubkey_to_openssl_pubkey(@raw_pubkey)
+        curve.private_key = self.class.raw_privkey_to_openssl_privkey(@raw_privkey)
+      end
+
+    end
+  end
+end

data/lib/devp2p/crypto/ecies.rb

@@ -0,0 +1,134 @@
+# -*- encoding : ascii-8bit -*-
+
+module DEVp2p
+  module Crypto
+    class ECIES
+
+      CIPHER = 'AES-128-CTR'.freeze
+      CIPHER_BLOCK_SIZE = 16 # 128 / 8
+
+      ENCRYPT_OVERHEAD_LENGTH = 113
+
+      class <<self
+
+        ##
+        # ECIES Encrypt, where P = recipient publie key, is:
+        #
+        # 1. generate r = random value
+        # 2. generate shared-secret = kdf( ecdhAgree(r, P) )
+        # 3. generate R = rG [ same op as generating a public key ]
+        # 4. send 0x04 || R || AsymmetricEncrypt(shared-secret, plaintext) || tag
+        #
+        def encrypt(data, remote_pubkey, shared_mac_data='')
+          # 1. generate r = random value
+          ephem = ECCx.new
+
+          # 2. generate shared-secret = kdf( ecdhAgree(r, P) )
+          key_material = ephem.get_ecdh_key remote_pubkey
+          raise InvalidKeyError unless key_material.size == 32
+
+          key = kdf key_material, 32
+          raise InvalidKeyError unless key.size == 32
+          key_enc, key_mac = key[0,16], key[16,16]
+
+          key_mac = Digest::SHA256.digest(key_mac)
+          raise InvalidKeyError unless key_mac.size == 32
+
+          # 3. generate R = rG
+          ephem_pubkey = ephem.raw_pubkey
+
+          ctx = OpenSSL::Cipher.new(CIPHER)
+          ctx.encrypt
+          ctx.key = key_enc
+          iv = ctx.random_iv
+          ctx.iv = iv
+
+          ciphertext = ctx.update(data) + ctx.final
+          raise EncryptionError unless ciphertext.size == data.size
+
+          # 4. send 0x04 || R || AsymmetricEncrypt(shared-secret, plaintext) || tag
+          tag = Crypto.hmac_sha256 key_mac, "#{iv}#{ciphertext}#{shared_mac_data}"
+          raise InvalidMACError unless tag.size == 32
+          msg = "\x04#{ephem_pubkey}#{iv}#{ciphertext}#{tag}"
+
+          raise EncryptionError unless msg.size == ENCRYPT_OVERHEAD_LENGTH + data.size
+          msg
+        end
+
+        ##
+        # Decrypt data with ECIES method using the local private key
+        #
+        # ECIES Decrypt (performed by recipient):
+        #
+        # 1. generate shared-secret = kdf( ecdhAgree(myPrivKey, msg[1,64]) )
+        # 2. verify tag
+        # 3. decrypt
+        #
+        # ecdhAgree(r, recipientPublic) == ecdhAgree(recipientPrivate, R)
+        #   where R = r*G, recipientPublic = recipientPrivate * G
+        #
+        def decrypt(curve, data, shared_mac_data='')
+          raise DecryptionError, 'wrong ecies header' unless data[0] == "\x04"
+
+          # 1. generate shared-secret = kdf( ecdhAgree(myPrivKey, msg[1,64]) )
+          shared = data[1,64] # ephem_pubkey
+          raise DecryptionError, 'invalid shared secret' unless ECCx.valid_key?(shared)
+
+          key_material = ECCx.get_ecdh_key curve, shared
+          raise InvalidKeyError unless key_material.size == 32
+
+          key = kdf key_material, 32
+          raise InvalidKeyError unless key.size == 32
+          key_enc, key_mac = key[0,16], key[16,16]
+
+          key_mac = Digest::SHA256.digest(key_mac)
+          raise InvalidKeyError unless key_mac.size == 32
+
+          tag = data[-32..-1]
+          raise InvalidMACError unless tag.size == 32
+
+          # 2. verify tag
+          raise DecryptionError, 'Fail to verify data' unless Crypto.hmac_sha256(key_mac, "#{data[65...-32]}#{shared_mac_data}") == tag
+
+          # 3. decrypt
+          iv = data[65,CIPHER_BLOCK_SIZE]
+          ciphertext = data[(65+CIPHER_BLOCK_SIZE)...-32]
+          raise DecryptionError unless 1 + shared.size + iv.size + ciphertext.size + tag.size == data.size
+
+          ctx = OpenSSL::Cipher.new CIPHER
+          ctx.decrypt
+          ctx.key = key_enc
+          ctx.iv = iv
+
+          ctx.update(ciphertext) + ctx.final
+        end
+
+        ##
+        # interop w/go ecies implementation
+        #
+        # for sha3, blocksize is 136 bytes
+        # for sha256, blocksize is 64 bytes
+        #
+        # NIST SP 800-56a Concatenation Key Derivation Function (section 5.8.1)
+        #
+        def kdf(key_material, key_len)
+          s1 = ""
+          key = ""
+          hash_blocksize = 64
+          reps = ((key_len + 7) * 8) / (hash_blocksize * 8)
+          counter = 0
+          while counter <= reps
+            counter += 1
+            ctx = Digest::SHA256.new
+            ctx.update [counter].pack('I>')
+            ctx.update key_material
+            ctx.update s1
+            key += ctx.digest
+          end
+          key[0,key_len]
+        end
+
+      end
+    end
+  end
+end