Quic secure transport implementation (#407)

Quic secure transport implementation

---------

Co-authored-by: Anton Nashatyrev <[email protected]>

Author: ianopolous

.github/workflows/build.yml

@@ -12,12 +12,16 @@ jobs:
         with:
           distribution: temurin
           java-version: 11
+      - name: Install and run ipfs
+        run: ./install-run-ipfs.sh
 
       - name: Setup Gradle
         uses: gradle/gradle-build-action@v2
 
       - name: Setup Android SDK
-        uses: android-actions/setup-android@v2
+        uses: android-actions/setup-android@v3
+        with:
+          cmdline-tools-version: 8512546
 
       - name: Execute Gradle build
         run: ./gradlew -s build dokkaJar

install-run-ipfs.sh

@@ -0,0 +1,13 @@
+#! /bin/sh
+wget https://dist.ipfs.io/kubo/v0.34.1/kubo_v0.34.1_linux-amd64.tar.gz -O /tmp/kubo_linux-amd64.tar.gz
+hash="$(sha256sum /tmp/kubo_linux-amd64.tar.gz)"
+expected=42045802fe60c64fb01350bc071190c534d600fe269759c06e27e22b2012fd3e
+if [[ "$hash" != "$expected" ]]
+then
+    echo "incorrect ipfs hash!" 1>&2
+    exit 64
+fi
+tar -xvf /tmp/kubo_linux-amd64.tar.gz
+export PATH=$PATH:$PWD/kubo/
+ipfs init
+ipfs daemon --routing=dhtserver &

libp2p/build.gradle.kts

@@ -14,6 +14,8 @@ dependencies {
     api("io.netty:netty-transport")
     implementation("io.netty:netty-handler")
     implementation("io.netty:netty-codec-http")
+    implementation("io.netty:netty-transport-classes-epoll")
+    implementation("io.netty.incubator:netty-incubator-codec-native-quic")
 
     api("com.google.protobuf:protobuf-java")
 
@@ -22,10 +24,20 @@ dependencies {
 
     implementation("org.bouncycastle:bcprov-jdk18on")
     implementation("org.bouncycastle:bcpkix-jdk18on")
-    implementation("org.bouncycastle:bctls-jdk18on")
 
     testImplementation(project(":tools:schedulers"))
 
+    testImplementation("io.netty.incubator:netty-incubator-codec-native-quic::linux-x86_64")
+    testImplementation("io.netty.incubator:netty-incubator-codec-native-quic::linux-aarch_64")
+    testImplementation("io.netty.incubator:netty-incubator-codec-native-quic::osx-x86_64")
+    testImplementation("io.netty.incubator:netty-incubator-codec-native-quic::osx-aarch_64")
+    testImplementation("io.netty.incubator:netty-incubator-codec-native-quic::windows-x86_64")
+    testImplementation("io.netty:netty-tcnative-boringssl-static:2.0.70.Final:linux-x86_64")
+    testImplementation("io.netty:netty-tcnative-boringssl-static:2.0.70.Final:linux-aarch_64")
+    testImplementation("io.netty:netty-tcnative-boringssl-static:2.0.70.Final:osx-x86_64")
+    testImplementation("io.netty:netty-tcnative-boringssl-static:2.0.70.Final:osx-aarch_64")
+    testImplementation("io.netty:netty-tcnative-boringssl-static:2.0.70.Final:windows-x86_64")
+
     testFixturesApi("org.apache.logging.log4j:log4j-core")
     testFixturesImplementation(project(":tools:schedulers"))
     testFixturesImplementation("io.netty:netty-transport-classes-epoll")

libp2p/src/main/java/io/libp2p/core/dsl/HostBuilder.java

@@ -1,7 +1,7 @@
 package io.libp2p.core.dsl;
 
 import io.libp2p.core.Host;
-import io.libp2p.core.crypto.PrivKey;
+import io.libp2p.core.crypto.*;
 import io.libp2p.core.multistream.ProtocolBinding;
 import io.libp2p.core.mux.*;
 import io.libp2p.core.security.SecureChannel;
@@ -57,11 +57,23 @@ public final HostBuilder protocol(ProtocolBinding<?>... protocols) {
     return this;
   }
 
+  @SafeVarargs
+  public final HostBuilder secureTransport(
+      BiFunction<PrivKey, List<? extends ProtocolBinding<?>>, Transport>... transports) {
+    secureTransports_.addAll(Arrays.asList(transports));
+    return this;
+  }
+
   public final HostBuilder listen(String... addresses) {
     listenAddresses_.addAll(Arrays.asList(addresses));
     return this;
   }
 
+  public HostBuilder keyType(KeyType keyType) {
+    this.keyType = keyType;
+    return this;
+  }
+
   public final HostBuilder builderModifier(Consumer<BuilderJ> builderModifier) {
     this.builderModifier = builderModifier;
     return this;
@@ -72,8 +84,9 @@ public Host build() {
     return BuilderJKt.hostJ(
         defaultMode_.asBuilderDefault(),
         b -> {
-          b.getIdentity().random();
+          b.getIdentity().random(keyType);
 
+          secureTransports_.forEach(st -> b.getSecureTransports().add(st::apply));
           transports_.forEach(t -> b.getTransports().add(t::apply));
           secureChannels_.forEach(
               sc -> b.getSecureChannels().add((k, m) -> sc.apply(k, (List<StreamMuxer>) m)));
@@ -85,6 +98,10 @@ public Host build() {
   } // build
 
   private DefaultMode defaultMode_;
+  private KeyType keyType = KeyType.ECDSA;
+  private List<BiFunction<PrivKey, List<? extends ProtocolBinding<?>>, Transport>>
+      secureTransports_ = new ArrayList<>();
+
   private List<Function<ConnectionUpgrader, Transport>> transports_ = new ArrayList<>();
   private List<BiFunction<PrivKey, List<StreamMuxer>, SecureChannel>> secureChannels_ =
       new ArrayList<>();

libp2p/src/main/kotlin/io/libp2p/core/dsl/BuilderJ.kt

@@ -19,6 +19,7 @@ class BuilderJ : Builder() {
     public override val identity = super.identity
     public override val secureChannels = super.secureChannels
     public override val muxers = super.muxers
+    public override val secureTransports = super.secureTransports
     public override val transports = super.transports
     public override val addressBook = super.addressBook
     public override val protocols = super.protocols

libp2p/src/main/kotlin/io/libp2p/core/dsl/Builders.kt

@@ -37,6 +37,7 @@ import io.netty.handler.logging.LoggingHandler
 import java.util.concurrent.CopyOnWriteArrayList
 
 typealias TransportCtor = (ConnectionUpgrader) -> Transport
+typealias SecureTransportCtor = (PrivKey, List<ProtocolBinding<*>>) -> Transport
 typealias SecureChannelCtor = (PrivKey, List<StreamMuxer>) -> SecureChannel
 typealias IdentityFactory = () -> PrivKey
 
@@ -58,6 +59,7 @@ open class Builder {
     protected open val secureChannels = SecureChannelsBuilder()
     protected open val muxers = MuxersBuilder()
     protected open val transports = TransportsBuilder()
+    protected open val secureTransports = SecureTransportsBuilder()
     protected open val addressBook = AddressBookBuilder()
     protected open val protocols = ProtocolsBuilder()
     protected open val connectionHandlers = ConnectionHandlerBuilder()
@@ -126,9 +128,9 @@ open class Builder {
         if (def == Defaults.None) {
             if (identity.factory == null) throw IllegalStateException("No identity builder")
 
-            if (transports.values.isEmpty()) throw HostConfigurationException("at least one transport is required")
-            if (secureChannels.values.isEmpty()) throw HostConfigurationException("at least one secure channel is required")
-            if (muxers.values.isEmpty()) throw HostConfigurationException("at least one muxer is required")
+            if (secureTransports.isEmpty() && transports.values.isEmpty()) throw HostConfigurationException("at least one transport is required")
+            if (secureTransports.isEmpty() && secureChannels.values.isEmpty()) throw HostConfigurationException("at least one secure channel or secure transport is required")
+            if (secureTransports.isEmpty() && muxers.values.isEmpty()) throw HostConfigurationException("at least one muxer or secure transport is required")
         }
         if (def == Defaults.Standard) {
             if (identity.factory == null) identity.random()
@@ -189,15 +191,20 @@ open class Builder {
 
         val upgrader = ConnectionUpgrader(secureMultistreamProtocol, secureChannels, muxerMultistreamProtocol, muxers)
 
-        val transports = transports.values.map { it(upgrader) }
+        val allTransports =
+            listOf(
+                transports.values.map { it(upgrader) },
+                secureTransports.values.map { it(privKey, updatableProtocols) }
+            ).flatten()
+
         val addressBook = addressBook.impl
 
         val connHandlerProtocols = protocols.values.mapNotNull { it as? ConnectionHandler }
         val broadcastConnHandler = ConnectionHandler.createBroadcast(
             connHandlerProtocols +
                 connectionHandlers.values
         )
-        val networkImpl = NetworkImpl(transports, broadcastConnHandler)
+        val networkImpl = NetworkImpl(allTransports, broadcastConnHandler)
 
         return HostImpl(
             privKey,
@@ -230,6 +237,7 @@ class AddressBookBuilder {
     fun memory(): AddressBookBuilder = apply { impl = MemoryAddressBook() }
 }
 
+class SecureTransportsBuilder : Enumeration<SecureTransportCtor>()
 class TransportsBuilder : Enumeration<TransportCtor>()
 class SecureChannelsBuilder : Enumeration<SecureChannelCtor>()
 class MuxersBuilder : Enumeration<StreamMuxerProtocol>()

libp2p/src/main/kotlin/io/libp2p/core/multiformats/Protocol.kt

@@ -42,6 +42,8 @@ enum class Protocol(
     DNS6(55, LENGTH_PREFIXED_VAR_SIZE, "dns6", UTF8_PARSER, UTF8_STRINGIFIER, UTF8_VALIDATOR),
     DNSADDR(56, LENGTH_PREFIXED_VAR_SIZE, "dnsaddr", UTF8_PARSER, UTF8_STRINGIFIER, UTF8_VALIDATOR),
     SCTP(132, 16, "sctp", UINT16_PARSER, UINT16_STRINGIFIER),
+    WEBRTC_DIRECT(280, 0, "webrtc-direct"),
+    WEBRTC(28, 0, "webrtc"),
     UTP(301, 0, "utp"),
     UDT(302, 0, "udt"),
     UNIX(400, LENGTH_PREFIXED_VAR_SIZE, "unix", UNIX_PATH_PARSER, UTF8_STRINGIFIER, UTF8_VALIDATOR, isPath = true),