Commit Graph

25 Commits

Author SHA1 Message Date
Oliver Gugger
7dfe4018ce
multi: use btcd's btcec/v2 and btcutil modules
This commit was previously split into the following parts to ease
review:
 - 2d746f68: replace imports
 - 4008f0fd: use ecdsa.Signature
 - 849e33d1: remove btcec.S256()
 - b8f6ebbd: use v2 library correctly
 - fa80bca9: bump go modules
2022-03-09 19:02:37 +01:00
yyforyongyu
e06768e4eb
brontide: fix typo 2020-12-04 23:07:53 +08:00
yyforyongyu
fb67b58d3f
brontide+tor:add timeout value for network connections 2020-09-16 11:50:03 +08:00
Oliver Gugger
535a22c590
server+brontide: use ECDH interface for brontide handshake 2020-05-20 09:06:56 +02:00
Conner Fromknecht
6bc32871fd
brontide/conn: expose WriteMessage and Flush on brontide.Conn
This commit exposes the WriteMessage and Flush interfaces of the
underlying brontide.Machine, such that callers can have greater
flexibility in when blocking network operations take place.
2019-04-22 16:04:53 -07:00
Conner Fromknecht
73cf352daa
brontide/conn: migrate to WriteMessage + Flush
This commit modifies WriteMessage to only perform encryption on the
passed plaintext, and buffer the ciphertext within the connection
object. We then modify internal uses of WriteMessage to follow with a
call to Flush, which actually writes the message to the wire.
Additionally, since WriteMessage does not actually perform the write
itself, the io.Writer argument is removed from the function signature
and all call sites.
2019-04-22 16:03:56 -07:00
Conner Fromknecht
8ac8d95b54
brontide/conn: expose ReadNextHeader+ReadNextBody 2019-02-21 20:11:19 -08:00
Conner Fromknecht
41940c6c9e
brontide/conn: handle read timeout errors 2019-02-15 18:13:52 -08:00
Conner Fromknecht
1ded697e8d
multi: sort import paths with gofmt 2018-08-02 18:20:49 -07:00
Olaoluwa Osuntokun
6f60f139f4 multi: switch over import paths from roasbeef/* to btcsuite/* 2018-07-13 17:05:39 -07:00
practicalswift
663c396235 multi: fix a-vs-an typos 2018-04-17 19:02:04 -07:00
Olaoluwa Osuntokun
d82f67cc1d
brontide: decrease handshake timeout to 1s 2018-04-02 15:56:47 -07:00
practicalswift
a93736d21e multi: comprehensive typo fixes across all packages 2018-02-06 19:11:11 -08:00
MeshCollider
945be73bca brontide: Make dialer parameter in brontide.Dial non-optional 2018-02-05 17:37:46 -08:00
nsa
8c482f2be7 multi: Added a NetInterface to clean up config.go
This commit adds a new interface named NetInterface and two
implementations of it: RegularNet & TorProxyNet. These two structs
are used in config.go in an attempt to clean up the code and
abstract away the dialer and DNS functions.
2018-02-05 17:37:46 -08:00
nsa
e2142c778f multi: Added Tor support
This commit adds Tor support. Users can set the --TorSocks flag
to specify which port Tor's SOCKS5 proxy is listening on so that
lnd can connect to it. When this flag is set, ALL traffic gets
routed over Tor including DNS traffic. Special functions for
DNS lookups were added, and since Tor doesn't natively support
SRV requests, the proxySRV function routes connects us to
a DNS server via Tor and SRV requests can be issued directly
to the DNS server.

Co-authored-by: MeshCollider <dobsonsa68@gmail.com>
2018-02-05 17:37:46 -08:00
Olaoluwa Osuntokun
c64811a5f3
brontide: set read deadlines on socket during initial handshake
This commit fixes a lingering issue within lnd, which can cause a
server to freeze up, and not handle any incoming connections properly,
or cause clients to freeze and not return in a timely manner from a
failed connection attempt.

To avoid this, each time we need to read from the socket during the
initial brontide handshake, we add a 15 second read deadline. If we
don’t successfully read from the buffer during that time frame, then
the Read method will return a timeout error.

With this in place, we ensure that the main listener goroutine will
never be blocked waiting on a remote party to write ActOne.
2017-10-04 14:58:20 -07:00
Olaoluwa Osuntokun
994a3c10ca
brontide+lnwire: fix linter issues 2017-04-20 15:50:13 -07:00
Olaoluwa Osuntokun
38d3c72dc8
brontide: add new ReadMessage method to brontide.Conn
This commit adds a new message to the brontide.Conn struct which allows
callers to read an _entire_ message from the stream. As defined now,
brontide is a message crypto messaging protocol. Previously the only
method that allowed callers to read attempted to hide this feature with
a stream-like abstraction. However, having this as the sole interface
is at odds with the message oriented Lightning wire protocol, and isn’t
sufficient to allow parsing messages that have been padded as is
allowed by the protocol.

This new ReadNextMessage is intended to be used by higher level systems
which implement the Lightning p2p protocol.
2017-04-20 15:35:35 -07:00
Andrey Samokhvalov
fd97a4bd19 lnd: partially fix golint warnings 2017-03-13 16:30:23 -07:00
Olaoluwa Osuntokun
d046efb502
brontide: exclude MAC length from cipher text packet length prefix
Pervasively we would include the length of the MAC in the length prefix
for cipher text packets. As a result, the MAC would eat into the total
payload size. To remedy this, we now exclude the MAC from the length
prefix for cipher text packets, and instead account for the length of
the MAC on the packet when reading messages.
2017-01-07 21:21:52 -08:00
Olaoluwa Osuntokun
60f66fe2d7
brontide: implement handshake versioning enforcement per the spec 2016-11-30 19:11:58 -08:00
Olaoluwa Osuntokun
767c550d65
brontide: implement message chunking for the net.Conn implementation
This commit implements message chunking within the implementation of
net.Conn which implements our initial handshake, then uses the crypto
to read/write messages.

With this change it’s now possible to send message larger than 65535
bytes over a p2p crypto connection by properly chunking the messages on
the side of the connection that’s writing.
2016-11-07 19:45:06 -08:00
Olaoluwa Osuntokun
9850e8667e
brontide: modify the Dial function to take a *lnwire.NetAddress 2016-10-26 19:04:27 -07:00
Olaoluwa Osuntokun
ab97d9693f
brontide: an authenticated key agreement protocol in three acts
This commit introduces Brontide: an authenticated key agreement
protocol in three acts. Brontide is the successor to lndc within lnd,
and ultimately within the greater Lighting Network. Brontide uses the
Noise_XK handshake for initial key agreement, then implements an AEAD
scheme which encrypts+authenticates both packets, and the lengths of
the packets on the wire. The initial authentication handshake preserves
the responder’s identity by never transmitting it to the initiator and
performing mutual authentication via an incremental Triple-DH based on
ECDH of secp256k1 and an HKDF which uses SHA-256.

Bronzed isn’t yet integrated within the wider daemon yet. Full
integration will land in a future pull request.
2016-10-17 19:41:29 -07:00