// identityConfig initializes a new identity.
func identityConfig(out io.Writer, nbits int) (Identity, error) {
// TODO guard higher up
ident := Identity{}
if nbits < 1024 {
return ident, errors.New("Bitsize less than 1024 is considered unsafe.")
}
fmt.Fprintf(out, "generating %v-bit RSA keypair...", nbits)
sk, pk, err := ci.GenerateKeyPair(ci.RSA, nbits)
if err != nil {
return ident, err
}
fmt.Fprintf(out, "done\n")
// currently storing key unencrypted. in the future we need to encrypt it.
// TODO(security)
skbytes, err := sk.Bytes()
if err != nil {
return ident, err
}
ident.PrivKey = base64.StdEncoding.EncodeToString(skbytes)
id, err := peer.IDFromPublicKey(pk)
if err != nil {
return ident, err
}
ident.PeerID = id.Pretty()
fmt.Fprintf(out, "peer identity: %s\n", ident.PeerID)
return ident, nil
}
func RandPeerNetParams() (*PeerNetParams, error) {
var p PeerNetParams
var err error
p.Addr = ZeroLocalTCPAddress
p.PrivKey, p.PubKey, err = RandTestKeyPair(512)
if err != nil {
return nil, err
}
p.ID, err = peer.IDFromPublicKey(p.PubKey)
if err != nil {
return nil, err
}
if err := p.checkKeys(); err != nil {
return nil, err
}
return &p, nil
}
func (dht *IpfsDHT) getPublicKeyFromNode(ctx context.Context, p peer.ID) (ci.PubKey, error) {
// check locally, just in case...
pk := dht.peerstore.PubKey(p)
if pk != nil {
return pk, nil
}
pkkey := routing.KeyForPublicKey(p)
pmes, err := dht.getValueSingle(ctx, p, pkkey)
if err != nil {
return nil, err
}
// node doesn't have key :(
record := pmes.GetRecord()
if record == nil {
return nil, fmt.Errorf("node not responding with its public key: %s", p)
}
// Success! We were given the value. we don't need to check
// validity because a) we can't. b) we know the hash of the
// key we're looking for.
val := record.GetValue()
log.Debug("dht got a value from other peer.")
pk, err = ci.UnmarshalPublicKey(val)
if err != nil {
return nil, err
}
id, err := peer.IDFromPublicKey(pk)
if err != nil {
return nil, err
}
if id != p {
return nil, fmt.Errorf("public key does not match id: %s", p)
}
// ok! it's valid. we got it!
log.Debugf("dht got public key from node itself.")
return pk, nil
}
func setupPeer(a args) (peer.ID, peer.Peerstore, error) {
if a.keybits < 1024 {
return "", nil, errors.New("Bitsize less than 1024 is considered unsafe.")
}
out("generating key pair...")
sk, pk, err := ci.GenerateKeyPair(ci.RSA, a.keybits)
if err != nil {
return "", nil, err
}
p, err := peer.IDFromPublicKey(pk)
if err != nil {
return "", nil, err
}
ps := peer.NewPeerstore()
ps.AddPrivKey(p, sk)
ps.AddPubKey(p, pk)
out("local peer id: %s", p)
return p, ps, nil
}
func TestPrexistingRecord(t *testing.T) {
dstore := dssync.MutexWrap(ds.NewMapDatastore())
d := mockrouting.NewServer().ClientWithDatastore(context.Background(), testutil.RandIdentityOrFatal(t), dstore)
resolver := NewRoutingResolver(d, 0)
publisher := NewRoutingPublisher(d, dstore)
privk, pubk, err := testutil.RandTestKeyPair(512)
if err != nil {
t.Fatal(err)
}
id, err := peer.IDFromPublicKey(pubk)
if err != nil {
t.Fatal(err)
}
// Make a good record and put it in the datastore
h := path.FromString("/ipfs/QmZULkCELmmk5XNfCgTnCyFgAVxBRBXyDHGGMVoLFLiXEN")
eol := time.Now().Add(time.Hour)
err = PutRecordToRouting(context.Background(), privk, h, 0, eol, d, id)
if err != nil {
t.Fatal(err)
}
// Now, with an old record in the system already, try and publish a new one
err = publisher.Publish(context.Background(), privk, h)
if err != nil {
t.Fatal(err)
}
err = verifyCanResolve(resolver, id.Pretty(), h)
if err != nil {
t.Fatal(err)
}
}