Init handshake

calimero-network · Nov 12, 2024 · b915d70 · b915d70
1 parent ee2e576
commit b915d70
Show file tree

Hide file tree

Showing 6 changed files with 49 additions and 65 deletions.
diff --git a/crates/node/src/sync.rs b/crates/node/src/sync.rs
@@ -16,7 +16,7 @@ use crate::types::{InitPayload, StreamMessage};
 use crate::Node;
 
 mod blobs;
-mod key_share;
+mod key;
 mod state;
 
 #[derive(Copy, Clone, Debug)]
@@ -227,7 +227,7 @@ impl Node {
                 )
                 .await?
             }
-            InitPayload::KeyShare {} => {
+            InitPayload::KeyShare => {
                 self.handle_key_share_request(context, their_identity, stream)
                     .await?
             }

diff --git a/crates/node/src/sync/blobs.rs b/crates/node/src/sync/blobs.rs
@@ -162,7 +162,7 @@ impl Node {
                 party_id: our_identity,
                 payload: InitPayload::BlobShare { blob_id },
             },
-            Some(shared_key),
+            None,
         )
         .await?;
 

diff --git a/crates/node/src/sync/key_share.rs → crates/node/src/sync/key.rs b/crates/node/src/sync/key_share.rs → crates/node/src/sync/key.rs
@@ -23,7 +23,7 @@ impl Node {
             &StreamMessage::Init {
                 context_id: context.id,
                 party_id: our_identity,
-                payload: InitPayload::KeyShare {},
+                payload: InitPayload::KeyShare,
             },
             None,
         )
@@ -33,15 +33,35 @@ impl Node {
             bail!("connection closed while awaiting state sync handshake");
         };
 
-        let (sender_key, their_identity) = match ack {
+        let their_identity = match ack {
+            StreamMessage::Init {
+                party_id,
+                payload: InitPayload::KeyShare,
+                ..
+            } => party_id,
+            unexpected @ (StreamMessage::Init { .. }
+            | StreamMessage::Message { .. }
+            | StreamMessage::OpaqueError) => {
+                bail!("unexpected message: {:?}", unexpected)
+            }
+        };
+
+        let private_key = self
+            .ctx_manager
+            .get_private_key(context.id, our_identity)?
+            .ok_or_eyre("expected own identity to have private key")?;
+
+        let shared_key = SharedKey::new(&private_key, &their_identity);
+
+        let Some(ack) = recv(stream, self.sync_config.timeout, Some(shared_key)).await? else {
+            bail!("connection closed while awaiting state sync handshake");
+        };
+
+        let sender_key = match ack {
             StreamMessage::Message {
-                payload:
-                    MessagePayload::KeyShare {
-                        sender_key,
-                        public_key: their_identity,
-                    },
+                payload: MessagePayload::KeyShare { sender_key },
                 ..
-            } => (sender_key, their_identity),
+            } => sender_key,
             unexpected @ (StreamMessage::Init { .. }
             | StreamMessage::Message { .. }
             | StreamMessage::OpaqueError) => {
@@ -90,6 +110,17 @@ impl Node {
             bail!("no identities found for context: {}", context.id);
         };
 
+        send(
+            stream,
+            &StreamMessage::Init {
+                context_id: context.id,
+                party_id: our_identity,
+                payload: InitPayload::KeyShare,
+            },
+            None,
+        )
+        .await?;
+
         let sender_key = self
             .ctx_manager
             .get_sender_key(&context.id, &our_identity)?
@@ -103,10 +134,7 @@ impl Node {
             stream,
             &StreamMessage::Message {
                 sequence_id: sequencer.next(),
-                payload: MessagePayload::KeyShare {
-                    sender_key,
-                    public_key: our_identity,
-                },
+                payload: MessagePayload::KeyShare { sender_key },
             },
             Some(shared_key), // or None?
         )

diff --git a/crates/node/src/sync/state.rs b/crates/node/src/sync/state.rs
@@ -144,8 +144,7 @@ impl Node {
                     application_id: context.application_id,
                 },
             },
-            None, // I think it should be None here,
-                  // because the first recv in the function above has to have some way of decrypting it?
+            None,
         )
         .await?;
 

diff --git a/crates/node/src/types.rs b/crates/node/src/types.rs
@@ -47,21 +47,14 @@ pub enum InitPayload {
         root_hash: Hash,
         application_id: ApplicationId,
     },
-    KeyShare {},
+    KeyShare,
 }
-// this I was encrypting
+
 #[derive(Debug, BorshSerialize, BorshDeserialize)]
 pub enum MessagePayload<'a> {
-    StateSync {
-        artifact: Cow<'a, [u8]>,
-    },
-    BlobShare {
-        chunk: Cow<'a, [u8]>,
-    },
-    KeyShare {
-        sender_key: PrivateKey,
-        public_key: PublicKey,
-    },
+    StateSync { artifact: Cow<'a, [u8]> },
+    BlobShare { chunk: Cow<'a, [u8]> },
+    KeyShare { sender_key: PrivateKey },
 }
 
 #[derive(Deserialize)]

diff --git a/file.patch b/file.patch