AtHeartEngineer/specs
1
0
Fork 0
mirror of https://github.com/vacp2p/specs.git synced 2026-01-09 15:28:03 -05:00
Code Issues Packages Projects Releases Wiki Activity

noise: remove interface definition (#452)

Browse Source
This commit is contained in:
Marten Seemann
2022-09-15 21:16:15 +03:00
committed by GitHub
parent 0fe750e09f
commit 2f65a89670
1 changed files with 0 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
noise/README.md
View File

@@ -52,12 +52,6 @@ and spec status.
- [Noise Protocol Name](#noise-protocol-name)
- [Wire Format](#wire-format)
- [Encryption and I/O](#encryption-and-io)
- [libp2p Interfaces and API](#libp2p-interfaces-and-api)
- [Initialization](#initialization)
- [Secure Transport Interface](#secure-transport-interface)
- [NoiseConnection](#noiseconnection)
- [SecureOutbound](#secureoutbound)
- [SecureInbound](#secureinbound)
- [Design Considerations](#design-considerations)
- [No Negotiation of Noise Protocols](#no-negotiation-of-noise-protocols)
- [Why the XX handshake pattern?](#why-the-xx-handshake-pattern)
@@ -115,10 +109,6 @@ section](#wire-format). The cryptographic primitives used to secure the channel
are described in the [Cryptographic Primitives
section](#cryptographic-primitives).
The [libp2p Interfaces and API section](#libp2p-interfaces-and-api) goes into
detail about how noise-libp2p integrates with the libp2p framework and offers a
suggested API for implementations to adapt to their respective language idioms.
## Negotiation
libp2p has an existing protocol negotiation mechanism which is used to reach
@@ -363,96 +353,6 @@ In the unlikely event that peers exchange more than `2^64 - 1` messages, they
MUST terminate the connection to avoid reusing nonces, in accordance with the
[Noise spec][npf-security].
## libp2p Interfaces and API
This section describes an abstract API for noise-libp2p. Implementations may
alter this API to conform to language idioms or patterns used by the targeted
libp2p implementation. Examples are written in pseudo-code that vaguely
resembles Swift.
### Initialization
The noise-libp2p module accepts the following inputs at initialization.
- The private libp2p identity key
- [optional] An early data payload to be sent in handshake messages
The private libp2p identity key is required for [static key
authentication](#static-key-authentication) and signing of early data (if
provided).
Implementations that support sending [early data in handshake
messages](#libp2p-data-in-handshake-messages) should accept this data at
initialization time, rather than accepting an early data payload for each new
connection. This ensures that no user or connection-specific data can be present
in the early data payload.
A minimal constructor could look like:
```
init(libp2pKey: PrivateKey) -> NoiseLibp2p
```
While one supporting all options might look like:
```
init(libp2pKey: PrivateKey, earlyData: ByteStringl) -> NoiseLibp2p
```
### Secure Transport Interface
noise-libp2p is designed to work with libp2p's **transport upgrade** pattern.
libp2p security modules conform to a secure transport interface, which provides
the `SecureOutbound` and `SecureInbound` methods described below.
`SecureOutbound` and `SecureInbound` each accept an `InsecureConnection` and
return a `NoiseConnection` on success.
The details of the `InsecureConnection` type are libp2p-implementation
dependent, but it is assumed to expose a bidirectional, reliable streaming
interface.
#### NoiseConnection
A `NoiseConnection` must conform to the libp2p secure transport interface in the
noise-libp2p implementation language by defining `SecureOutbound` and
`SecureInbound` connections, described below.
In addition to the secure transport interface defined by the libp2p framework, a
`NoiseConnection` MAY have an additional method to expose early data transmitted
by the remote peer during the handshake phase, if any. For example:
```
remoteEarlyData() -> ByteString?
```
Following a successful handshake, a `NoiseConnection` will transmit and receive
data over the `InsecureConnection` as described in [Encryption and
I/O](#encryption-and-io).
#### SecureOutbound
```
SecureOutbound(insecure: InsecureConnection, remotePeer: PeerId) -> Result<NoiseConnection, Error>
```
`SecureOutbound` initiates a noise-libp2p connection to `remotePeer` over the
provided `InsecureConnection`.
The `remotePeer` PeerId argument MUST be validated against the libp2p public
identity sent by the remote peer during the handshake. If a remote peer sends a
public key that is not capable of deriving their expected peer id, the
connection MUST be aborted.
#### SecureInbound
```
SecureInbound(insecure: InsecureConnection) -> Result<NoiseConnection, Error>
```
`SecureInbound` attempts to complete a noise-libp2p handshake initiated by a
remote peer over the given `InsecureConnection`.
## Design Considerations
### No Negotiation of Noise Protocols