From 9f476c6775db0e3be0104607c0892f0beb3dba36 Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Thu, 24 Oct 2024 14:22:03 +0000 Subject: [PATCH 01/12] net: add Dash network message short IDs, allocate range 128 onwards Also, add add `getqrinfo` and `qrinfo` to `allNetMessageTypes[]` and `netMessageTypesViolateBlocksOnly[]` --- src/net.cpp | 97 +++++++++++++++++++++++++++++++++++++++--- src/protocol.cpp | 7 ++- src/test/net_tests.cpp | 8 +++- 3 files changed, 105 insertions(+), 7 deletions(-) diff --git a/src/net.cpp b/src/net.cpp index 7bd90d097387..7ebff7d05bf9 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -1015,7 +1015,7 @@ namespace { * Only message types that are actually implemented in this codebase need to be listed, as other * messages get ignored anyway - whether we know how to decode them or not. */ -const std::array V2_MESSAGE_IDS = { +const std::array V2_BITCOIN_IDS = { "", // 12 bytes follow encoding the message type like in V1 NetMsgType::ADDR, NetMsgType::BLOCK, @@ -1052,6 +1052,91 @@ const std::array V2_MESSAGE_IDS = { "" }; +/** List of short messages allocated in Dash's reserved namespace, in order. + * + * Slots should not be reused unless the switchover has already been done + * by a protocol upgrade, the old message is no longer supported by the client + * and a new slot wasn't already allotted for the message. + */ +const std::array V2_DASH_IDS = { + NetMsgType::SPORK, + NetMsgType::GETSPORKS, + NetMsgType::SENDDSQUEUE, + NetMsgType::DSACCEPT, + NetMsgType::DSVIN, + NetMsgType::DSFINALTX, + NetMsgType::DSSIGNFINALTX, + NetMsgType::DSCOMPLETE, + NetMsgType::DSSTATUSUPDATE, + NetMsgType::DSTX, + NetMsgType::DSQUEUE, + NetMsgType::SYNCSTATUSCOUNT, + NetMsgType::MNGOVERNANCESYNC, + NetMsgType::MNGOVERNANCEOBJECT, + NetMsgType::MNGOVERNANCEOBJECTVOTE, + NetMsgType::GETMNLISTDIFF, + NetMsgType::MNLISTDIFF, + NetMsgType::QSENDRECSIGS, + NetMsgType::QFCOMMITMENT, + NetMsgType::QCONTRIB, + NetMsgType::QCOMPLAINT, + NetMsgType::QJUSTIFICATION, + NetMsgType::QPCOMMITMENT, + NetMsgType::QWATCH, + NetMsgType::QSIGSESANN, + NetMsgType::QSIGSHARESINV, + NetMsgType::QGETSIGSHARES, + NetMsgType::QBSIGSHARES, + NetMsgType::QSIGREC, + NetMsgType::QSIGSHARE, + NetMsgType::QGETDATA, + NetMsgType::QDATA, + NetMsgType::CLSIG, + NetMsgType::ISDLOCK, + NetMsgType::MNAUTH, + NetMsgType::GETHEADERS2, + NetMsgType::SENDHEADERS2, + NetMsgType::HEADERS2, + NetMsgType::GETQUORUMROTATIONINFO, + NetMsgType::QUORUMROTATIONINFO +}; + +/** A complete set of short IDs + * + * Bitcoin takes up short IDs upto 128 (lower half) while Dash can take + * up short IDs between 128 and 256 (upper half) most of the array will + * have entries that correspond to nothing. + * + * To distinguish between entries that are *meant* to correspond to + * nothing versus empty space, use IsValidV2ShortID() + */ +constexpr std::array V2ShortIDs() { + static_assert(std::size(V2_BITCOIN_IDS) <= 128); + static_assert(std::size(V2_DASH_IDS) <= 128); + + std::array ret{}; + for (size_t idx{0}; idx < std::size(ret); idx++) { + if (idx < 128 && idx < std::size(V2_BITCOIN_IDS)) { + ret[idx] = V2_BITCOIN_IDS[idx]; + } else if (idx >= 128 && idx - 128 < std::size(V2_DASH_IDS)) { + ret[idx] = V2_DASH_IDS[idx - 128]; + } else { + ret[idx] = ""; + } + } + + return ret; +} + +bool IsValidV2ShortID(uint8_t first_byte) { + // Since we have filled the namespace of short IDs, we have to preserve + // the expected behaviour of coming up short when going beyond Bitcoin's + // and Dash's *used* slots. We do this by checking if the byte is within + // the range where a valid message is expected to reside. + return first_byte < std::size(V2_BITCOIN_IDS) || + (first_byte >= 128 && static_cast(first_byte - 128) < std::size(V2_DASH_IDS)); +} + class V2MessageMap { std::unordered_map m_map; @@ -1059,8 +1144,10 @@ class V2MessageMap public: V2MessageMap() noexcept { - for (size_t i = 1; i < std::size(V2_MESSAGE_IDS); ++i) { - m_map.emplace(V2_MESSAGE_IDS[i], i); + for (size_t i = 1; i < std::size(V2ShortIDs()); ++i) { + if (IsValidV2ShortID(i)) { + m_map.emplace(V2ShortIDs()[i], i); + } } } @@ -1524,9 +1611,9 @@ std::optional V2Transport::GetMessageType(Span& cont if (first_byte != 0) { // Short (1 byte) encoding. - if (first_byte < std::size(V2_MESSAGE_IDS)) { + if (IsValidV2ShortID(first_byte)) { // Valid short message id. - return V2_MESSAGE_IDS[first_byte]; + return std::string{V2ShortIDs()[first_byte]}; } else { // Unknown short message id. return std::nullopt; diff --git a/src/protocol.cpp b/src/protocol.cpp index f77bda78fcc8..e3499646b10b 100644 --- a/src/protocol.cpp +++ b/src/protocol.cpp @@ -166,7 +166,10 @@ const static std::string allNetMessageTypes[] = { NetMsgType::MNAUTH, NetMsgType::GETHEADERS2, NetMsgType::SENDHEADERS2, - NetMsgType::HEADERS2}; + NetMsgType::HEADERS2, + NetMsgType::GETQUORUMROTATIONINFO, + NetMsgType::QUORUMROTATIONINFO +}; const static std::vector allNetMessageTypesVec(std::begin(allNetMessageTypes), std::end(allNetMessageTypes)); /** Message types that are not allowed by blocks-relay-only policy. @@ -184,6 +187,7 @@ const static std::string netMessageTypesViolateBlocksOnly[] = { NetMsgType::DSSTATUSUPDATE, NetMsgType::DSTX, NetMsgType::DSVIN, + NetMsgType::GETQUORUMROTATIONINFO, NetMsgType::QBSIGSHARES, NetMsgType::QCOMPLAINT, NetMsgType::QCONTRIB, @@ -197,6 +201,7 @@ const static std::string netMessageTypesViolateBlocksOnly[] = { NetMsgType::QSIGSESANN, NetMsgType::QSIGSHARE, NetMsgType::QSIGSHARESINV, + NetMsgType::QUORUMROTATIONINFO, NetMsgType::QWATCH, NetMsgType::TX, }; diff --git a/src/test/net_tests.cpp b/src/test/net_tests.cpp index 806bf0daadb8..800aa6fea73d 100644 --- a/src/test/net_tests.cpp +++ b/src/test/net_tests.cpp @@ -1537,7 +1537,13 @@ BOOST_AUTO_TEST_CASE(v2transport_test) tester.CompareSessionIDs(); auto msg_data_1 = g_insecure_rand_ctx.randbytes(MAX_PROTOCOL_MESSAGE_LENGTH); // test that receiving max size payload works auto msg_data_2 = g_insecure_rand_ctx.randbytes(MAX_PROTOCOL_MESSAGE_LENGTH); // test that sending max size payload works - tester.SendMessage(uint8_t(InsecureRandRange(223) + 33), {}); // unknown short id + tester.SendMessage([]() { + if (g_insecure_rand_ctx.randbool()) { + return static_cast(InsecureRandRange(95) + 33); // Bitcoin's range + } else { + return static_cast(InsecureRandRange(88) + 40 + 128); // Dash's range + } + }(), {}); // unknown short id tester.SendMessage(uint8_t(2), msg_data_1); // "block" short id tester.AddMessage("blocktxn", msg_data_2); // schedule blocktxn to be sent to us ret = tester.Interact(); From 32500f2acd5bae24075ce871635b79aa18eb6229 Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Sun, 14 May 2023 15:49:08 +0200 Subject: [PATCH 02/12] merge bitcoin#27653: add unit test coverage for Python ECDSA implementation --- test/functional/test_framework/key.py | 33 +++++++++++++++++---------- 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/test/functional/test_framework/key.py b/test/functional/test_framework/key.py index fc3ef17f7d1b..d2f0c934b1d0 100644 --- a/test/functional/test_framework/key.py +++ b/test/functional/test_framework/key.py @@ -287,24 +287,33 @@ def sign_schnorr(key, msg, aux=None, flip_p=False, flip_r=False): class TestFrameworkKey(unittest.TestCase): - def test_schnorr(self): - """Test the Python Schnorr implementation.""" + def test_ecdsa_and_schnorr(self): + """Test the Python ECDSA and Schnorr implementations.""" + def random_bitflip(sig): + sig = list(sig) + sig[random.randrange(len(sig))] ^= (1 << (random.randrange(8))) + return bytes(sig) + byte_arrays = [generate_privkey() for _ in range(3)] + [v.to_bytes(32, 'big') for v in [0, ORDER - 1, ORDER, 2**256 - 1]] keys = {} - for privkey in byte_arrays: # build array of key/pubkey pairs - pubkey, _ = compute_xonly_pubkey(privkey) - if pubkey is not None: - keys[privkey] = pubkey + for privkey_bytes in byte_arrays: # build array of key/pubkey pairs + privkey = ECKey() + privkey.set(privkey_bytes, compressed=True) + if privkey.is_valid: + keys[privkey] = privkey.get_pubkey() for msg in byte_arrays: # test every combination of message, signing key, verification key for sign_privkey, _ in keys.items(): - sig = sign_schnorr(sign_privkey, msg) + sig_ecdsa = sign_privkey.sign_ecdsa(msg) + sig_schnorr = sign_schnorr(sign_privkey.get_bytes(), msg) for verify_privkey, verify_pubkey in keys.items(): + verify_xonly_pubkey = verify_pubkey.get_bytes()[1:] if verify_privkey == sign_privkey: - self.assertTrue(verify_schnorr(verify_pubkey, sig, msg)) - sig = list(sig) - sig[random.randrange(64)] ^= (1 << (random.randrange(8))) # damaging signature should break things - sig = bytes(sig) - self.assertFalse(verify_schnorr(verify_pubkey, sig, msg)) + self.assertTrue(verify_pubkey.verify_ecdsa(sig_ecdsa, msg)) + self.assertTrue(verify_schnorr(verify_xonly_pubkey, sig_schnorr, msg)) + sig_ecdsa = random_bitflip(sig_ecdsa) # damaging signature should break things + sig_schnorr = random_bitflip(sig_schnorr) + self.assertFalse(verify_pubkey.verify_ecdsa(sig_ecdsa, msg)) + self.assertFalse(verify_schnorr(verify_xonly_pubkey, sig_schnorr, msg)) def test_schnorr_testvectors(self): """Implement the BIP340 test vectors (read from bip340_test_vectors.csv).""" From 6b2a8b5988ce4cdd78ba48ce835fb77b8eecc233 Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Thu, 24 Oct 2024 14:23:01 +0000 Subject: [PATCH 03/12] merge bitcoin#24748: functional tests for v2 P2P encryption --- src/net.cpp | 10 +- src/net.h | 5 +- src/rpc/client.cpp | 1 + src/rpc/masternode.cpp | 12 +- src/rpc/net.cpp | 12 +- test/functional/feature_addrman.py | 3 +- test/functional/feature_reindex.py | 2 +- test/functional/p2p_v2_earlykeyresponse.py | 87 ++++++ test/functional/p2p_v2_encrypted.py | 134 ++++++++ test/functional/p2p_v2_transport.py | 3 +- test/functional/rpc_net.py | 5 +- test/functional/test_framework/messages.py | 7 + test/functional/test_framework/p2p.py | 223 +++++++++++--- test/functional/test_framework/test_node.py | 50 ++- test/functional/test_framework/v2_p2p.py | 325 ++++++++++++++++++++ test/functional/test_runner.py | 2 + 16 files changed, 809 insertions(+), 72 deletions(-) create mode 100755 test/functional/p2p_v2_earlykeyresponse.py create mode 100755 test/functional/p2p_v2_encrypted.py create mode 100644 test/functional/test_framework/v2_p2p.py diff --git a/src/net.cpp b/src/net.cpp index 7ebff7d05bf9..b2275390177a 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -2131,7 +2131,7 @@ void CConnman::CreateNodeFromAcceptedSocket(std::unique_ptr&& sock, RandAddEvent((uint32_t)id); } -bool CConnman::AddConnection(const std::string& address, ConnectionType conn_type) +bool CConnman::AddConnection(const std::string& address, ConnectionType conn_type, bool use_v2transport = false) { AssertLockNotHeld(m_unused_i2p_sessions_mutex); std::optional max_connections; @@ -2164,7 +2164,7 @@ bool CConnman::AddConnection(const std::string& address, ConnectionType conn_typ CSemaphoreGrant grant(*semOutbound, true); if (!grant) return false; - OpenNetworkConnection(CAddress(), false, std::move(grant), address.c_str(), conn_type, /*use_v2transport=*/false); + OpenNetworkConnection(CAddress(), false, std::move(grant), address.c_str(), conn_type, /*use_v2transport=*/use_v2transport); return true; } @@ -3783,7 +3783,7 @@ void CConnman::ThreadOpenMasternodeConnections(CDeterministicMNManager& dmnman, mn_metaman.GetMetaInfo(connectToDmn->proTxHash)->SetLastOutboundAttempt(nANow); - OpenMasternodeConnection(CAddress(connectToDmn->pdmnState->addr, NODE_NETWORK), isProbe); + OpenMasternodeConnection(CAddress(connectToDmn->pdmnState->addr, NODE_NETWORK), /*use_v2transport=*/GetLocalServices() & NODE_P2P_V2, isProbe); // should be in the list now if connection was opened bool connected = ForNode(connectToDmn->pdmnState->addr, CConnman::AllNodes, [&](CNode* pnode) { if (pnode->fDisconnect) { @@ -3893,9 +3893,9 @@ void CConnman::OpenNetworkConnection(const CAddress& addrConnect, bool fCountFai } } -void CConnman::OpenMasternodeConnection(const CAddress &addrConnect, MasternodeProbeConn probe) { +void CConnman::OpenMasternodeConnection(const CAddress &addrConnect, bool use_v2transport, MasternodeProbeConn probe) { OpenNetworkConnection(addrConnect, false, {}, /*strDest=*/nullptr, ConnectionType::OUTBOUND_FULL_RELAY, - /*use_v2transport=*/false, MasternodeConn::IsConnection, probe); + use_v2transport, MasternodeConn::IsConnection, probe); } Mutex NetEventsInterface::g_msgproc_mutex; diff --git a/src/net.h b/src/net.h index effa460e517a..63498cbc9a3d 100644 --- a/src/net.h +++ b/src/net.h @@ -1283,7 +1283,7 @@ friend class CNode; MasternodeConn masternode_connection = MasternodeConn::IsNotConnection, MasternodeProbeConn masternode_probe_connection = MasternodeProbeConn::IsNotConnection) EXCLUSIVE_LOCKS_REQUIRED(!m_unused_i2p_sessions_mutex, !mutexMsgProc); - void OpenMasternodeConnection(const CAddress& addrConnect, MasternodeProbeConn probe = MasternodeProbeConn::IsConnection) + void OpenMasternodeConnection(const CAddress& addrConnect, bool use_v2transport, MasternodeProbeConn probe = MasternodeProbeConn::IsConnection) EXCLUSIVE_LOCKS_REQUIRED(!m_unused_i2p_sessions_mutex, !mutexMsgProc); bool CheckIncomingNonce(uint64_t nonce); @@ -1476,13 +1476,14 @@ friend class CNode; * @param[in] address Address of node to try connecting to * @param[in] conn_type ConnectionType::OUTBOUND, ConnectionType::BLOCK_RELAY, * ConnectionType::ADDR_FETCH or ConnectionType::FEELER + * @param[in] use_v2transport Set to true if node attempts to connect using BIP 324 v2 transport protocol. * @return bool Returns false if there are no available * slots for this connection: * - conn_type not a supported ConnectionType * - Max total outbound connection capacity filled * - Max connection capacity for type is filled */ - bool AddConnection(const std::string& address, ConnectionType conn_type) + bool AddConnection(const std::string& address, ConnectionType conn_type, bool use_v2transport) EXCLUSIVE_LOCKS_REQUIRED(!m_unused_i2p_sessions_mutex, !mutexMsgProc); bool AddPendingMasternode(const uint256& proTxHash); diff --git a/src/rpc/client.cpp b/src/rpc/client.cpp index 0cfef54e6536..c97421afd256 100644 --- a/src/rpc/client.cpp +++ b/src/rpc/client.cpp @@ -233,6 +233,7 @@ static const CRPCConvertParam vRPCConvertParams[] = { "sendmsgtopeer", 0, "peer_id" }, { "stop", 0, "wait" }, { "addnode", 2, "v2transport" }, + { "addconnection", 2, "v2transport" }, { "verifychainlock", 2, "blockHeight" }, { "verifyislock", 3, "maxHeight" }, { "submitchainlock", 2, "blockHeight" }, diff --git a/src/rpc/masternode.cpp b/src/rpc/masternode.cpp index ab424d442c8c..0c1cd33c86d1 100644 --- a/src/rpc/masternode.cpp +++ b/src/rpc/masternode.cpp @@ -38,6 +38,7 @@ static RPCHelpMan masternode_connect() "Connect to given masternode\n", { {"address", RPCArg::Type::STR, RPCArg::Optional::NO, "The address of the masternode to connect"}, + {"v2transport", RPCArg::Type::BOOL, RPCArg::Default{false}, "Attempt to connect using BIP324 v2 transport protocol"}, }, RPCResults{}, RPCExamples{""}, @@ -50,12 +51,19 @@ static RPCHelpMan masternode_connect() throw JSONRPCError(RPC_INTERNAL_ERROR, strprintf("Incorrect masternode address %s", strAddress)); } + bool use_v2transport = !request.params[1].isNull() && ParseBoolV(request.params[1], "v2transport"); + const NodeContext& node = EnsureAnyNodeContext(request.context); CConnman& connman = EnsureConnman(node); - connman.OpenMasternodeConnection(CAddress(addr.value(), NODE_NETWORK)); - if (!connman.IsConnected(CAddress(addr.value(), NODE_NETWORK), CConnman::AllNodes)) + if (use_v2transport && !(connman.GetLocalServices() & NODE_P2P_V2)) { + throw JSONRPCError(RPC_INVALID_PARAMETER, "Error: Adding v2transport connections requires -v2transport init flag to be set."); + } + + connman.OpenMasternodeConnection(CAddress(addr.value(), NODE_NETWORK), use_v2transport); + if (!connman.IsConnected(CAddress(addr.value(), NODE_NETWORK), CConnman::AllNodes)) { throw JSONRPCError(RPC_INTERNAL_ERROR, strprintf("Couldn't connect to masternode %s", strAddress)); + } return "successfully connected"; }, diff --git a/src/rpc/net.cpp b/src/rpc/net.cpp index cb69c3112a38..cd4a991cb054 100644 --- a/src/rpc/net.cpp +++ b/src/rpc/net.cpp @@ -371,6 +371,7 @@ static RPCHelpMan addconnection() { {"address", RPCArg::Type::STR, RPCArg::Optional::NO, "The IP address and port to attempt connecting to."}, {"connection_type", RPCArg::Type::STR, RPCArg::Optional::NO, "Type of connection to open (\"outbound-full-relay\", \"block-relay-only\", \"addr-fetch\" or \"feeler\")."}, + {"v2transport", RPCArg::Type::BOOL, RPCArg::Default{false}, "Attempt to connect using BIP324 v2 transport protocol"}, }, RPCResult{ RPCResult::Type::OBJ, "", "", @@ -379,8 +380,8 @@ static RPCHelpMan addconnection() { RPCResult::Type::STR, "connection_type", "Type of connection opened." }, }}, RPCExamples{ - HelpExampleCli("addconnection", "\"192.168.0.6:8333\" \"outbound-full-relay\"") - + HelpExampleRpc("addconnection", "\"192.168.0.6:8333\" \"outbound-full-relay\"") + HelpExampleCli("addconnection", "\"192.168.0.6:8333\" \"outbound-full-relay\" true") + + HelpExampleRpc("addconnection", "\"192.168.0.6:8333\" \"outbound-full-relay\" true") }, [&](const RPCHelpMan& self, const JSONRPCRequest& request) -> UniValue { @@ -403,11 +404,16 @@ static RPCHelpMan addconnection() } else { throw JSONRPCError(RPC_INVALID_PARAMETER, self.ToString()); } + bool use_v2transport = !request.params[2].isNull() && request.params[2].get_bool(); NodeContext& node = EnsureAnyNodeContext(request.context); CConnman& connman = EnsureConnman(node); - const bool success = connman.AddConnection(address, conn_type); + if (use_v2transport && !(connman.GetLocalServices() & NODE_P2P_V2)) { + throw JSONRPCError(RPC_INVALID_PARAMETER, "Error: Adding v2transport connections requires -v2transport init flag to be set."); + } + + const bool success = connman.AddConnection(address, conn_type, use_v2transport); if (!success) { throw JSONRPCError(RPC_CLIENT_NODE_CAPACITY_REACHED, "Error: Already at capacity for specified connection type."); } diff --git a/test/functional/feature_addrman.py b/test/functional/feature_addrman.py index 6c4028820155..2d00e269665f 100755 --- a/test/functional/feature_addrman.py +++ b/test/functional/feature_addrman.py @@ -8,8 +8,7 @@ import re import struct -from test_framework.messages import ser_uint256, hash256 -from test_framework.p2p import MAGIC_BYTES +from test_framework.messages import ser_uint256, hash256, MAGIC_BYTES from test_framework.test_framework import BitcoinTestFramework from test_framework.test_node import ErrorMatch from test_framework.util import assert_equal diff --git a/test/functional/feature_reindex.py b/test/functional/feature_reindex.py index 588d8766ad30..0a12c216adbc 100755 --- a/test/functional/feature_reindex.py +++ b/test/functional/feature_reindex.py @@ -12,7 +12,7 @@ import os from test_framework.test_framework import BitcoinTestFramework -from test_framework.p2p import MAGIC_BYTES +from test_framework.messages import MAGIC_BYTES from test_framework.util import assert_equal diff --git a/test/functional/p2p_v2_earlykeyresponse.py b/test/functional/p2p_v2_earlykeyresponse.py new file mode 100755 index 000000000000..19c1154e5a43 --- /dev/null +++ b/test/functional/p2p_v2_earlykeyresponse.py @@ -0,0 +1,87 @@ +#!/usr/bin/env python3 +# Copyright (c) 2022 The Bitcoin Core developers +# Distributed under the MIT software license, see the accompanying +# file COPYING or http://www.opensource.org/licenses/mit-license.php. + +import random + +from test_framework.test_framework import BitcoinTestFramework +from test_framework.crypto.ellswift import ellswift_create +from test_framework.util import random_bytes +from test_framework.p2p import P2PInterface +from test_framework.v2_p2p import EncryptedP2PState + + +class TestEncryptedP2PState(EncryptedP2PState): + """ Modify v2 P2P protocol functions for testing that "The responder waits until one byte is received which does + not match the 16 bytes consisting of the network magic followed by "version\x00\x00\x00\x00\x00"." (see BIP 324) + + - if `send_net_magic` is True, send first 4 bytes of ellswift (match network magic) else send remaining 60 bytes + - `can_data_be_received` is a variable used to assert if data is received on recvbuf. + - v2 TestNode shouldn't respond back if we send V1_PREFIX and data shouldn't be received on recvbuf. + This state is represented using `can_data_be_received` = False. + - v2 TestNode responds back when mismatch from V1_PREFIX happens and data can be received on recvbuf. + This state is represented using `can_data_be_received` = True. + """ + + def __init__(self): + super().__init__(initiating=True, net='regtest') + self.send_net_magic = True + self.can_data_be_received = False + + def initiate_v2_handshake(self, garbage_len=random.randrange(4096)): + """Initiator begins the v2 handshake by sending its ellswift bytes and garbage. + Here, the 64 bytes ellswift is assumed to have it's 4 bytes match network magic bytes. It is sent in 2 phases: + 1. when `send_network_magic` = True, send first 4 bytes of ellswift (matches network magic bytes) + 2. when `send_network_magic` = False, send remaining 60 bytes of ellswift + """ + if self.send_net_magic: + self.privkey_ours, self.ellswift_ours = ellswift_create() + self.sent_garbage = random_bytes(garbage_len) + self.send_net_magic = False + return b"\xfc\xc1\xb7\xdc" + else: + self.can_data_be_received = True + return self.ellswift_ours[4:] + self.sent_garbage + + +class PeerEarlyKey(P2PInterface): + """Custom implementation of P2PInterface which uses modified v2 P2P protocol functions for testing purposes.""" + def __init__(self): + super().__init__() + self.v2_state = None + + def connection_made(self, transport): + """64 bytes ellswift is sent in 2 parts during `initial_v2_handshake()`""" + self.v2_state = TestEncryptedP2PState() + super().connection_made(transport) + + def data_received(self, t): + # check that data can be received on recvbuf only when mismatch from V1_PREFIX happens (send_net_magic = False) + assert self.v2_state.can_data_be_received and not self.v2_state.send_net_magic + + +class P2PEarlyKey(BitcoinTestFramework): + def set_test_params(self): + self.num_nodes = 1 + self.disable_mocktime = True + self.extra_args = [["-v2transport=1", "-peertimeout=3"]] + + def run_test(self): + self.log.info('Sending ellswift bytes in parts to ensure that response from responder is received only when') + self.log.info('ellswift bytes have a mismatch from the 16 bytes(network magic followed by "version\\x00\\x00\\x00\\x00\\x00")') + node0 = self.nodes[0] + self.log.info('Sending first 4 bytes of ellswift which match network magic') + self.log.info('If a response is received, assertion failure would happen in our custom data_received() function') + # send happens in `initiate_v2_handshake()` in `connection_made()` + peer1 = node0.add_p2p_connection(PeerEarlyKey(), wait_for_verack=False, send_version=False, supports_v2_p2p=True) + self.log.info('Sending remaining ellswift and garbage which are different from V1_PREFIX. Since a response is') + self.log.info('expected now, our custom data_received() function wouldn\'t result in assertion failure') + ellswift_and_garbage_data = peer1.v2_state.initiate_v2_handshake() + peer1.send_raw_message(ellswift_and_garbage_data) + peer1.wait_for_disconnect(timeout=5) + self.log.info('successful disconnection when MITM happens in the key exchange phase') + + +if __name__ == '__main__': + P2PEarlyKey().main() diff --git a/test/functional/p2p_v2_encrypted.py b/test/functional/p2p_v2_encrypted.py new file mode 100755 index 000000000000..05755dece05a --- /dev/null +++ b/test/functional/p2p_v2_encrypted.py @@ -0,0 +1,134 @@ +#!/usr/bin/env python3 +# Copyright (c) 2022 The Bitcoin Core developers +# Distributed under the MIT software license, see the accompanying +# file COPYING or http://www.opensource.org/licenses/mit-license.php. +""" +Test encrypted v2 p2p proposed in BIP 324 +""" +from test_framework.blocktools import ( + create_block, + create_coinbase, +) +from test_framework.p2p import ( + P2PDataStore, + P2PInterface, +) +from test_framework.test_framework import BitcoinTestFramework +from test_framework.util import ( + assert_equal, + assert_greater_than, + check_node_connections, +) +from test_framework.crypto.chacha20 import REKEY_INTERVAL + + +class P2PEncrypted(BitcoinTestFramework): + def set_test_params(self): + self.num_nodes = 2 + self.extra_args = [["-v2transport=1"], ["-v2transport=1"]] + + def setup_network(self): + self.setup_nodes() + + def generate_blocks(self, node, number): + test_blocks = [] + last_block = node.getbestblockhash() + tip = int(last_block, 16) + tipheight = node.getblockcount() + last_block_time = node.getblock(last_block)['time'] + for _ in range(number): + # Create some blocks + block = create_block(tip, create_coinbase(tipheight + 1), last_block_time + 1) + block.solve() + test_blocks.append(block) + tip = block.sha256 + tipheight += 1 + last_block_time += 1 + return test_blocks + + def create_test_block(self, txs): + block = create_block(self.tip, create_coinbase(self.tipheight + 1), self.last_block_time + 600, txlist=txs) + block.solve() + return block + + def run_test(self): + node0, node1 = self.nodes[0], self.nodes[1] + self.log.info("Check inbound connection to v2 TestNode from v2 P2PConnection is v2") + peer1 = node0.add_p2p_connection(P2PInterface(), wait_for_verack=True, supports_v2_p2p=True) + assert peer1.supports_v2_p2p + assert_equal(node0.getpeerinfo()[-1]["transport_protocol_type"], "v2") + + self.log.info("Check inbound connection to v2 TestNode from v1 P2PConnection is v1") + peer2 = node0.add_p2p_connection(P2PInterface(), wait_for_verack=True, supports_v2_p2p=False) + assert not peer2.supports_v2_p2p + assert_equal(node0.getpeerinfo()[-1]["transport_protocol_type"], "v1") + + self.log.info("Check outbound connection from v2 TestNode to v1 P2PConnection advertised as v1 is v1") + peer3 = node0.add_outbound_p2p_connection(P2PInterface(), p2p_idx=0, supports_v2_p2p=False, advertise_v2_p2p=False) + assert not peer3.supports_v2_p2p + assert_equal(node0.getpeerinfo()[-1]["transport_protocol_type"], "v1") + + # v2 TestNode performs downgrading here + self.log.info("Check outbound connection from v2 TestNode to v1 P2PConnection advertised as v2 is v1") + peer4 = node0.add_outbound_p2p_connection(P2PInterface(), p2p_idx=1, supports_v2_p2p=False, advertise_v2_p2p=True) + assert not peer4.supports_v2_p2p + assert_equal(node0.getpeerinfo()[-1]["transport_protocol_type"], "v1") + + self.log.info("Check outbound connection from v2 TestNode to v2 P2PConnection advertised as v2 is v2") + peer5 = node0.add_outbound_p2p_connection(P2PInterface(), p2p_idx=2, supports_v2_p2p=True, advertise_v2_p2p=True) + assert peer5.supports_v2_p2p + assert_equal(node0.getpeerinfo()[-1]["transport_protocol_type"], "v2") + + self.log.info("Check if version is sent and verack is received in inbound/outbound connections") + assert_equal(len(node0.getpeerinfo()), 5) # check if above 5 connections are present in node0's getpeerinfo() + for peer in node0.getpeerinfo(): + assert_greater_than(peer['bytessent_per_msg']['version'], 0) + assert_greater_than(peer['bytesrecv_per_msg']['verack'], 0) + + self.log.info("Testing whether blocks propagate - check if tips sync when number of blocks >= REKEY_INTERVAL") + # tests whether rekeying (which happens every REKEY_INTERVAL packets) works correctly + test_blocks = self.generate_blocks(node0, REKEY_INTERVAL+1) + + for i in range(2): + peer6 = node0.add_p2p_connection(P2PDataStore(), supports_v2_p2p=True) + assert peer6.supports_v2_p2p + assert_equal(node0.getpeerinfo()[-1]["transport_protocol_type"], "v2") + + # Consider: node0 <-- peer6. node0 and node1 aren't connected here. + # Construct the following topology: node1 <--> node0 <-- peer6 + # and test that blocks produced by peer6 will be received by node1 if sent normally + # and won't be received by node1 if sent as decoy messages + + # First, check whether blocks produced be peer6 are received by node0 if sent normally + # and not received by node0 if sent as decoy messages. + if i: + # check that node0 receives blocks produced by peer6 + self.log.info("Check if blocks produced by node0's p2p connection is received by node0") + peer6.send_blocks_and_test(test_blocks, node0, success=True) # node0's tip advances + else: + # check that node0 doesn't receive blocks produced by peer6 since they are sent as decoy messages + self.log.info("Check if blocks produced by node0's p2p connection sent as decoys aren't received by node0") + peer6.send_blocks_and_test(test_blocks, node0, success=False, is_decoy=True) # node0's tip doesn't advance + + # Then, connect node0 and node1 using v2 and check whether the blocks are received by node1 + self.connect_nodes(0, 1, peer_advertises_v2=True) + self.log.info("Wait for node1 to receive all the blocks from node0") + self.sync_all() + self.log.info("Make sure node0 and node1 have same block tips") + assert_equal(node0.getbestblockhash(), node1.getbestblockhash()) + + self.disconnect_nodes(0, 1) + + self.log.info("Check the connections opened as expected") + check_node_connections(node=node0, num_in=4, num_out=3) + + self.log.info("Check inbound connection to v1 TestNode from v2 P2PConnection is v1") + self.restart_node(0, ["-v2transport=0"]) + peer1 = node0.add_p2p_connection(P2PInterface(), wait_for_verack=True, supports_v2_p2p=True) + assert not peer1.supports_v2_p2p + assert_equal(node0.getpeerinfo()[-1]["transport_protocol_type"], "v1") + check_node_connections(node=node0, num_in=1, num_out=0) + + +if __name__ == '__main__': + P2PEncrypted().main() diff --git a/test/functional/p2p_v2_transport.py b/test/functional/p2p_v2_transport.py index 4c566df1a900..8e0c25f97280 100755 --- a/test/functional/p2p_v2_transport.py +++ b/test/functional/p2p_v2_transport.py @@ -7,8 +7,7 @@ """ import socket -from test_framework.messages import NODE_P2P_V2 -from test_framework.p2p import MAGIC_BYTES +from test_framework.messages import MAGIC_BYTES, NODE_P2P_V2 from test_framework.test_framework import BitcoinTestFramework from test_framework.util import ( assert_equal, diff --git a/test/functional/rpc_net.py b/test/functional/rpc_net.py index d7d7d5d0c481..6dde4afccaef 100755 --- a/test/functional/rpc_net.py +++ b/test/functional/rpc_net.py @@ -253,7 +253,10 @@ def test_getaddednodeinfo(self): def test_service_flags(self): self.log.info("Test service flags") self.nodes[0].add_p2p_connection(P2PInterface(), services=(1 << 4) | (1 << 63)) - assert_equal(['UNKNOWN[2^4]', 'UNKNOWN[2^63]'], self.nodes[0].getpeerinfo()[-1]['servicesnames']) + if self.options.v2transport: + assert_equal(['UNKNOWN[2^4]', 'P2P_V2', 'UNKNOWN[2^63]'], self.nodes[0].getpeerinfo()[-1]['servicesnames']) + else: + assert_equal(['UNKNOWN[2^4]', 'UNKNOWN[2^63]'], self.nodes[0].getpeerinfo()[-1]['servicesnames']) self.nodes[0].disconnect_p2ps() def test_getnodeaddresses(self): diff --git a/test/functional/test_framework/messages.py b/test/functional/test_framework/messages.py index da8345b8818b..100b91c9a23e 100755 --- a/test/functional/test_framework/messages.py +++ b/test/functional/test_framework/messages.py @@ -63,6 +63,13 @@ FILTER_TYPE_BASIC = 0 +MAGIC_BYTES = { + "mainnet": b"\xbf\x0c\x6b\xbd", # mainnet + "testnet3": b"\xce\xe2\xca\xff", # testnet3 + "regtest": b"\xfc\xc1\xb7\xdc", # regtest + "devnet": b"\xe2\xca\xff\xce", # devnet +} + def sha256(s): return hashlib.sha256(s).digest() diff --git a/test/functional/test_framework/p2p.py b/test/functional/test_framework/p2p.py index 2be688ee6948..1053b9ee47ce 100755 --- a/test/functional/test_framework/p2p.py +++ b/test/functional/test_framework/p2p.py @@ -79,6 +79,7 @@ MSG_TX, MSG_TYPE_MASK, NODE_NETWORK, + MAGIC_BYTES, sha256, ) from test_framework.util import ( @@ -86,6 +87,11 @@ p2p_port, wait_until_helper, ) +from test_framework.v2_p2p import ( + EncryptedP2PState, + MSGTYPE_TO_SHORTID, + SHORTID, +) logger = logging.getLogger("TestFramework.p2p") @@ -155,13 +161,6 @@ b"spork": None, } -MAGIC_BYTES = { - "mainnet": b"\xbf\x0c\x6b\xbd", # mainnet - "testnet3": b"\xce\xe2\xca\xff", # testnet3 - "regtest": b"\xfc\xc1\xb7\xdc", # regtest - "devnet": b"\xe2\xca\xff\xce", # devnet -} - class P2PConnection(asyncio.Protocol): """A low-level connection object to a node's P2P interface. @@ -180,11 +179,20 @@ def __init__(self): # The underlying transport of the connection. # Should only call methods on this from the NetworkThread, c.f. call_soon_threadsafe self._transport = None + # This lock is acquired before sending messages over the socket. There's an implied lock order and + # p2p_lock must not be acquired after _send_lock as it could result in deadlocks. + self._send_lock = threading.Lock() + self.v2_state = None # EncryptedP2PState object needed for v2 p2p connections + self.reconnect = False # set if reconnection needs to happen @property def is_connected(self): return self._transport is not None + @property + def supports_v2_p2p(self): + return self.v2_state is not None + def peer_connect_helper(self, dstaddr, dstport, net, timeout_factor, uacomment): assert not self.is_connected self.timeout_factor = timeout_factor @@ -207,16 +215,21 @@ def peer_connect_helper(self, dstaddr, dstport, net, timeout_factor, uacomment): else: self.strSubVer = P2P_SUBVERSION % "" - def peer_connect(self, dstaddr, dstport, *, net, timeout_factor, uacomment=None): + def peer_connect(self, dstaddr, dstport, *, net, timeout_factor, supports_v2_p2p, uacomment=None): self.peer_connect_helper(dstaddr, dstport, net, timeout_factor, uacomment) + if supports_v2_p2p: + self.v2_state = EncryptedP2PState(initiating=True, net=net) loop = NetworkThread.network_event_loop logger.debug('Connecting to Dash Node: %s:%d' % (self.dstaddr, self.dstport)) coroutine = loop.create_connection(lambda: self, host=self.dstaddr, port=self.dstport) return lambda: loop.call_soon_threadsafe(loop.create_task, coroutine) - def peer_accept_connection(self, connect_id, connect_cb=lambda: None, *, net, timeout_factor, uacomment=None): + def peer_accept_connection(self, connect_id, connect_cb=lambda: None, *, net, timeout_factor, supports_v2_p2p, reconnect, uacomment=None): self.peer_connect_helper('0', 0, net, timeout_factor, uacomment) + self.reconnect = reconnect + if supports_v2_p2p: + self.v2_state = EncryptedP2PState(initiating=False, net=net) logger.debug('Listening for Dash Node with id: {}'.format(connect_id)) return lambda: NetworkThread.listen(self, connect_cb, idx=connect_id) @@ -232,14 +245,22 @@ def connection_made(self, transport): assert not self._transport logger.debug("Connected & Listening: %s:%d" % (self.dstaddr, self.dstport)) self._transport = transport - if self.on_connection_send_msg: + # in an inbound connection to the TestNode with P2PConnection as the initiator, [TestNode <---- P2PConnection] + # send the initial handshake immediately + if self.supports_v2_p2p and self.v2_state.initiating and not self.v2_state.tried_v2_handshake: + send_handshake_bytes = self.v2_state.initiate_v2_handshake() + self.send_raw_message(send_handshake_bytes) + # if v2 connection, send `on_connection_send_msg` after initial v2 handshake. + # if reconnection situation, send `on_connection_send_msg` after version message is received in `on_version()`. + if self.on_connection_send_msg and not self.supports_v2_p2p and not self.reconnect: self.send_message(self.on_connection_send_msg) self.on_connection_send_msg = None # Never used again self.on_open() def connection_lost(self, exc): """asyncio callback when a connection is closed.""" - if exc: + # don't display warning if reconnection needs to be attempted using v1 P2P + if exc and not self.reconnect: logger.warning("Connection lost to {}:{} due to {}".format(self.dstaddr, self.dstport, exc)) else: logger.debug("Closed connection to: %s:%d" % (self.dstaddr, self.dstport)) @@ -247,13 +268,62 @@ def connection_lost(self, exc): self.recvbuf = b"" self.on_close() + # v2 handshake method + def v2_handshake(self): + """v2 handshake performed before P2P messages are exchanged (see BIP324). P2PConnection is the initiator + (in inbound connections to TestNode) and the responder (in outbound connections from TestNode). + Performed by: + * initiator using `initiate_v2_handshake()`, `complete_handshake()` and `authenticate_handshake()` + * responder using `respond_v2_handshake()`, `complete_handshake()` and `authenticate_handshake()` + + `initiate_v2_handshake()` is immediately done by the initiator when the connection is established in + `connection_made()`. The rest of the initial v2 handshake functions are handled here. + """ + if not self.v2_state.peer: + if not self.v2_state.initiating and not self.v2_state.sent_garbage: + # if the responder hasn't sent garbage yet, the responder is still reading ellswift bytes + # reads ellswift bytes till the first mismatch from 12 bytes V1_PREFIX + length, send_handshake_bytes = self.v2_state.respond_v2_handshake(BytesIO(self.recvbuf)) + self.recvbuf = self.recvbuf[length:] + if send_handshake_bytes == -1: + self.v2_state = None + return + elif send_handshake_bytes: + self.send_raw_message(send_handshake_bytes) + elif send_handshake_bytes == b"": + return # only after send_handshake_bytes are sent can `complete_handshake()` be done + + # `complete_handshake()` reads the remaining ellswift bytes from recvbuf + # and sends response after deriving shared ECDH secret using received ellswift bytes + length, response = self.v2_state.complete_handshake(BytesIO(self.recvbuf)) + self.recvbuf = self.recvbuf[length:] + if response: + self.send_raw_message(response) + else: + return # only after response is sent can `authenticate_handshake()` be done + + # `self.v2_state.peer` is instantiated only after shared ECDH secret/BIP324 derived keys and ciphers + # is derived in `complete_handshake()`. + # so `authenticate_handshake()` which uses the BIP324 derived ciphers gets called after `complete_handshake()`. + assert self.v2_state.peer + length, is_mac_auth = self.v2_state.authenticate_handshake(self.recvbuf) + if not is_mac_auth: + raise ValueError("invalid v2 mac tag in handshake authentication") + self.recvbuf = self.recvbuf[length:] + if self.v2_state.tried_v2_handshake and self.on_connection_send_msg: + self.send_message(self.on_connection_send_msg) + self.on_connection_send_msg = None + # Socket read methods def data_received(self, t): """asyncio callback when data is read from the socket.""" if len(t) > 0: self.recvbuf += t - self._on_data() + if self.supports_v2_p2p and not self.v2_state.tried_v2_handshake: + self.v2_handshake() + else: + self._on_data() def _on_data(self): """Try to read P2P messages from the recv buffer. @@ -263,23 +333,48 @@ def _on_data(self): the on_message callback for processing.""" try: while True: - if len(self.recvbuf) < 4: - return - if self.recvbuf[:4] != self.magic_bytes: - raise ValueError("magic bytes mismatch: {} != {}".format(repr(self.magic_bytes), repr(self.recvbuf))) - if len(self.recvbuf) < 4 + 12 + 4 + 4: - return - msgtype = self.recvbuf[4:4+12].split(b"\x00", 1)[0] - msglen = struct.unpack("= MIN_P2P_VERSION_SUPPORTED, "Version {} received. Test framework only supports versions greater than {}".format(message.nVersion, MIN_P2P_VERSION_SUPPORTED) + # reconnection using v1 P2P has happened since version message can be processed, previously unsent version message is sent using v1 P2P here + if self.reconnect: + if self.on_connection_send_msg: + self.send_message(self.on_connection_send_msg) + self.on_connection_send_msg = None + self.reconnect = False if self.support_addrv2: self.send_message(msg_sendaddrv2()) self.send_message(msg_verack()) @@ -511,6 +624,13 @@ def wait_for_disconnect(self, timeout=60): test_function = lambda: not self.is_connected self.wait_until(test_function, timeout=timeout, check_connected=False) + def wait_for_reconnect(self, timeout=60): + def test_function(): + if not (self.is_connected and self.last_message.get('version') and self.v2_state is None): + return False + return True + self.wait_until(test_function, timeout=timeout, check_connected=False) + # Message receiving helper methods def wait_for_tx(self, txid, timeout=60): @@ -661,6 +781,11 @@ def listen(cls, p2p, callback, port=None, addr=None, idx=1): if addr is None: addr = '127.0.0.1' + def exception_handler(loop, context): + if not p2p.reconnect: + loop.default_exception_handler(context) + + cls.network_event_loop.set_exception_handler(exception_handler) coroutine = cls.create_listen_server(addr, port, callback, p2p) cls.network_event_loop.call_soon_threadsafe(cls.network_event_loop.create_task, coroutine) @@ -674,7 +799,9 @@ def peer_protocol(): protocol function from that dict, and returns it so the event loop can start executing it.""" response = cls.protos.get((addr, port)) - cls.protos[(addr, port)] = None + # remove protocol function from dict only when reconnection doesn't need to happen/already happened + if not proto.reconnect: + cls.protos[(addr, port)] = None return response if (addr, port) not in cls.listeners: @@ -760,7 +887,7 @@ def on_getheaders(self, message): if response is not None: self.send_message(response) - def send_blocks_and_test(self, blocks, node, *, success=True, force_send=False, reject_reason=None, expect_disconnect=False, timeout=60): + def send_blocks_and_test(self, blocks, node, *, success=True, force_send=False, reject_reason=None, expect_disconnect=False, timeout=60, is_decoy=False): """Send blocks to test node and test whether the tip advances. - add all blocks to our block_store @@ -779,9 +906,11 @@ def send_blocks_and_test(self, blocks, node, *, success=True, force_send=False, reject_reason = [reject_reason] if reject_reason else [] with node.assert_debug_log(expected_msgs=reject_reason): + if is_decoy: # since decoy messages are ignored by the recipient - no need to wait for response + force_send = True if force_send: for b in blocks: - self.send_message(msg_block(block=b)) + self.send_message(msg_block(block=b), is_decoy) else: self.send_message(msg_headers([CBlockHeader(block) for block in blocks])) self.wait_until( diff --git a/test/functional/test_framework/test_node.py b/test/functional/test_framework/test_node.py index 7080149b5d7a..c257a4b1b784 100755 --- a/test/functional/test_framework/test_node.py +++ b/test/functional/test_framework/test_node.py @@ -24,7 +24,8 @@ from .authproxy import JSONRPCException from .descriptors import descsum_create -from .p2p import P2P_SUBVERSION +from .messages import NODE_P2P_V2 +from .p2p import P2P_SERVICES, P2P_SUBVERSION from .util import ( MAX_NODES, assert_equal, @@ -631,18 +632,30 @@ def assert_start_raises_init_error(self, extra_args=None, expected_msg=None, mat assert_msg += "with expected error " + expected_msg self._raise_assertion_error(assert_msg) - def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=True, **kwargs): + def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=True, supports_v2_p2p=False, **kwargs): """Add an inbound p2p connection to the node. This method adds the p2p connection to the self.p2ps list and also - returns the connection to the caller.""" + returns the connection to the caller. + + When self.use_v2transport is True, TestNode advertises NODE_P2P_V2 service flag + + An inbound connection is made from TestNode <------ P2PConnection + - if TestNode doesn't advertise NODE_P2P_V2 service, P2PConnection sends version message and v1 P2P is followed + - if TestNode advertises NODE_P2P_V2 service, (and if P2PConnections supports v2 P2P) + P2PConnection sends ellswift bytes and v2 P2P is followed + """ if 'dstport' not in kwargs: kwargs['dstport'] = p2p_port(self.index) if 'dstaddr' not in kwargs: kwargs['dstaddr'] = '127.0.0.1' p2p_conn.p2p_connected_to_node = True - p2p_conn.peer_connect(**kwargs, send_version=send_version, net=self.chain, timeout_factor=self.timeout_factor)() + if self.use_v2transport: + kwargs['services'] = kwargs.get('services', P2P_SERVICES) | NODE_P2P_V2 + supports_v2_p2p = self.use_v2transport and supports_v2_p2p + p2p_conn.peer_connect(**kwargs, send_version=send_version, net=self.chain, timeout_factor=self.timeout_factor, supports_v2_p2p=supports_v2_p2p)() + self.p2ps.append(p2p_conn) p2p_conn.wait_until(lambda: p2p_conn.is_connected, check_connected=False) if send_version: @@ -672,7 +685,7 @@ def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=Tru return p2p_conn - def add_outbound_p2p_connection(self, p2p_conn, *, wait_for_verack=True, p2p_idx, connection_type="outbound-full-relay", **kwargs): + def add_outbound_p2p_connection(self, p2p_conn, *, wait_for_verack=True, p2p_idx, connection_type="outbound-full-relay", supports_v2_p2p=False, advertise_v2_p2p=False, **kwargs): """Add an outbound p2p connection from node. Must be an "outbound-full-relay", "block-relay-only", "addr-fetch" or "feeler" connection. @@ -682,14 +695,37 @@ def add_outbound_p2p_connection(self, p2p_conn, *, wait_for_verack=True, p2p_idx p2p_idx must be different for simultaneously connected peers. When reusing it for the next peer after disconnecting the previous one, it is necessary to wait for the disconnect to finish to avoid a race condition. + + Parameters: + supports_v2_p2p: whether p2p_conn supports v2 P2P or not + advertise_v2_p2p: whether p2p_conn is advertised to support v2 P2P or not + + An outbound connection is made from TestNode -------> P2PConnection + - if P2PConnection doesn't advertise_v2_p2p, TestNode sends version message and v1 P2P is followed + - if P2PConnection both supports_v2_p2p and advertise_v2_p2p, TestNode sends ellswift bytes and v2 P2P is followed + - if P2PConnection doesn't supports_v2_p2p but advertise_v2_p2p, + TestNode sends ellswift bytes and P2PConnection disconnects, + TestNode reconnects by sending version message and v1 P2P is followed """ def addconnection_callback(address, port): self.log.debug("Connecting to %s:%d %s" % (address, port, connection_type)) - self.addconnection('%s:%d' % (address, port), connection_type) + self.addconnection('%s:%d' % (address, port), connection_type, advertise_v2_p2p) p2p_conn.p2p_connected_to_node = False - p2p_conn.peer_accept_connection(connect_cb=addconnection_callback, connect_id=p2p_idx + 1, net=self.chain, timeout_factor=self.timeout_factor, **kwargs)() + if advertise_v2_p2p: + kwargs['services'] = kwargs.get('services', P2P_SERVICES) | NODE_P2P_V2 + assert self.use_v2transport # only a v2 TestNode could make a v2 outbound connection + + # if P2PConnection is advertised to support v2 P2P when it doesn't actually support v2 P2P, + # reconnection needs to be attempted using v1 P2P by sending version message + reconnect = advertise_v2_p2p and not supports_v2_p2p + # P2PConnection needs to be advertised to support v2 P2P so that ellswift bytes are sent instead of msg_version + supports_v2_p2p = supports_v2_p2p and advertise_v2_p2p + p2p_conn.peer_accept_connection(connect_cb=addconnection_callback, connect_id=p2p_idx + 1, net=self.chain, timeout_factor=self.timeout_factor, supports_v2_p2p=supports_v2_p2p, reconnect=reconnect, **kwargs)() + + if reconnect: + p2p_conn.wait_for_reconnect() if connection_type == "feeler": # feeler connections are closed as soon as the node receives a `version` message diff --git a/test/functional/test_framework/v2_p2p.py b/test/functional/test_framework/v2_p2p.py new file mode 100644 index 000000000000..50c21cc948f0 --- /dev/null +++ b/test/functional/test_framework/v2_p2p.py @@ -0,0 +1,325 @@ +#!/usr/bin/env python3 +# Copyright (c) 2022 The Bitcoin Core developers +# Distributed under the MIT software license, see the accompanying +# file COPYING or http://www.opensource.org/licenses/mit-license.php. +"""Class for v2 P2P protocol (see BIP 324)""" + +import logging +import random + +from .crypto.bip324_cipher import FSChaCha20Poly1305 +from .crypto.chacha20 import FSChaCha20 +from .crypto.ellswift import ellswift_create, ellswift_ecdh_xonly +from .crypto.hkdf import hkdf_sha256 +from .key import TaggedHash +from .messages import MAGIC_BYTES +from .util import random_bytes + +logger = logging.getLogger("TestFramework.v2_p2p") + +CHACHA20POLY1305_EXPANSION = 16 +HEADER_LEN = 1 +IGNORE_BIT_POS = 7 +LENGTH_FIELD_LEN = 3 +MAX_GARBAGE_LEN = 4095 +TRANSPORT_VERSION = b'' + +SHORTID = { + 1: b"addr", + 2: b"block", + 3: b"blocktxn", + 4: b"cmpctblock", + 5: b"", # Dash does not support "feefilter" + 6: b"filteradd", + 7: b"filterclear", + 8: b"filterload", + 9: b"getblocks", + 10: b"getblocktxn", + 11: b"getdata", + 12: b"getheaders", + 13: b"headers", + 14: b"inv", + 15: b"mempool", + 16: b"merkleblock", + 17: b"notfound", + 18: b"ping", + 19: b"pong", + 20: b"sendcmpct", + 21: b"tx", + 22: b"getcfilters", + 23: b"cfilter", + 24: b"getcfheaders", + 25: b"cfheaders", + 26: b"getcfcheckpt", + 27: b"cfcheckpt", + 28: b"addrv2", + 128: b"spork", # Dash short IDs start from 128 onwards + 129: b"getsporks", + 130: b"senddsq", + 131: b"dsa", + 132: b"dsi", + 133: b"dsf", + 134: b"dss", + 135: b"dsc", + 136: b"dssu", + 137: b"dstx", + 138: b"dsq", + 139: b"ssc", + 140: b"govsync", + 141: b"govobj", + 142: b"govobjvote", + 143: b"getmnlistd", + 144: b"mnlistdiff", + 145: b"qsendrecsigs", + 146: b"qfcommit", + 147: b"qcontrib", + 148: b"qcomplaint", + 149: b"qjustify", + 150: b"qpcommit", + 151: b"qwatch", + 152: b"qsigsesann", + 153: b"qsigsinv", + 154: b"qgetsigs", + 155: b"qbsigs", + 156: b"qsigrec", + 157: b"qsigshare", + 158: b"qgetdata", + 159: b"qdata", + 160: b"clsig", + 161: b"isdlock", + 162: b"mnauth", + 163: b"getheaders2", + 164: b"sendheaders2", + 165: b"headers2", + 166: b"getqrinfo", + 167: b"qrinfo", +} + +# Dictionary which contains short message type ID for the P2P message +MSGTYPE_TO_SHORTID = {msgtype: shortid for shortid, msgtype in SHORTID.items()} + + +class EncryptedP2PState: + """A class for managing the state when v2 P2P protocol is used. Performs initial v2 handshake and encrypts/decrypts + P2P messages. P2PConnection uses an object of this class. + + + Args: + initiating (bool): defines whether the P2PConnection is an initiator or responder. + - initiating = True for inbound connections in the test framework [TestNode <------- P2PConnection] + - initiating = False for outbound connections in the test framework [TestNode -------> P2PConnection] + + net (string): chain used (regtest, signet etc..) + + Methods: + perform an advanced form of diffie-hellman handshake to instantiate the encrypted transport. before exchanging + any P2P messages, 2 nodes perform this handshake in order to determine a shared secret that is unique to both + of them and use it to derive keys to encrypt/decrypt P2P messages. + - initial v2 handshakes is performed by: (see BIP324 section #overall-handshake-pseudocode) + 1. initiator using initiate_v2_handshake(), complete_handshake() and authenticate_handshake() + 2. responder using respond_v2_handshake(), complete_handshake() and authenticate_handshake() + - initialize_v2_transport() sets various BIP324 derived keys and ciphers. + + encrypt/decrypt v2 P2P messages using v2_enc_packet() and v2_receive_packet(). + """ + def __init__(self, *, initiating, net): + self.initiating = initiating # True if initiator + self.net = net + self.peer = {} # object with various BIP324 derived keys and ciphers + self.privkey_ours = None + self.ellswift_ours = None + self.sent_garbage = b"" + self.received_garbage = b"" + self.received_prefix = b"" # received ellswift bytes till the first mismatch from 16 bytes v1_prefix + self.tried_v2_handshake = False # True when the initial handshake is over + # stores length of packet contents to detect whether first 3 bytes (which contains length of packet contents) + # has been decrypted. set to -1 if decryption hasn't been done yet. + self.contents_len = -1 + self.found_garbage_terminator = False + + @staticmethod + def v2_ecdh(priv, ellswift_theirs, ellswift_ours, initiating): + """Compute BIP324 shared secret. + + Returns: + bytes - BIP324 shared secret + """ + ecdh_point_x32 = ellswift_ecdh_xonly(ellswift_theirs, priv) + if initiating: + # Initiating, place our public key encoding first. + return TaggedHash("bip324_ellswift_xonly_ecdh", ellswift_ours + ellswift_theirs + ecdh_point_x32) + else: + # Responding, place their public key encoding first. + return TaggedHash("bip324_ellswift_xonly_ecdh", ellswift_theirs + ellswift_ours + ecdh_point_x32) + + def generate_keypair_and_garbage(self): + """Generates ellswift keypair and 4095 bytes garbage at max""" + self.privkey_ours, self.ellswift_ours = ellswift_create() + garbage_len = random.randrange(MAX_GARBAGE_LEN + 1) + self.sent_garbage = random_bytes(garbage_len) + logger.debug(f"sending {garbage_len} bytes of garbage data") + return self.ellswift_ours + self.sent_garbage + + def initiate_v2_handshake(self): + """Initiator begins the v2 handshake by sending its ellswift bytes and garbage + + Returns: + bytes - bytes to be sent to the peer when starting the v2 handshake as an initiator + """ + return self.generate_keypair_and_garbage() + + def respond_v2_handshake(self, response): + """Responder begins the v2 handshake by sending its ellswift bytes and garbage. However, the responder + sends this after having received at least one byte that mismatches 16-byte v1_prefix. + + Returns: + 1. int - length of bytes that were consumed so that recvbuf can be updated + 2. bytes - bytes to be sent to the peer when starting the v2 handshake as a responder. + - returns b"" if more bytes need to be received before we can respond and start the v2 handshake. + - returns -1 to downgrade the connection to v1 P2P. + """ + v1_prefix = MAGIC_BYTES[self.net] + b'version\x00\x00\x00\x00\x00' + while len(self.received_prefix) < 16: + byte = response.read(1) + # return b"" if we need to receive more bytes + if not byte: + return len(self.received_prefix), b"" + self.received_prefix += byte + if self.received_prefix[-1] != v1_prefix[len(self.received_prefix) - 1]: + return len(self.received_prefix), self.generate_keypair_and_garbage() + # return -1 to decide v1 only after all 16 bytes processed + return len(self.received_prefix), -1 + + def complete_handshake(self, response): + """ Instantiates the encrypted transport and + sends garbage terminator + optional decoy packets + transport version packet. + Done by both initiator and responder. + + Returns: + 1. int - length of bytes that were consumed. returns 0 if all 64 bytes from ellswift haven't been received yet. + 2. bytes - bytes to be sent to the peer when completing the v2 handshake + """ + ellswift_theirs = self.received_prefix + response.read(64 - len(self.received_prefix)) + # return b"" if we need to receive more bytes + if len(ellswift_theirs) != 64: + return 0, b"" + ecdh_secret = self.v2_ecdh(self.privkey_ours, ellswift_theirs, self.ellswift_ours, self.initiating) + self.initialize_v2_transport(ecdh_secret) + # Send garbage terminator + msg_to_send = self.peer['send_garbage_terminator'] + # Optionally send decoy packets after garbage terminator. + aad = self.sent_garbage + for decoy_content_len in [random.randint(1, 100) for _ in range(random.randint(0, 10))]: + msg_to_send += self.v2_enc_packet(decoy_content_len * b'\x00', aad=aad, ignore=True) + aad = b'' + # Send version packet. + msg_to_send += self.v2_enc_packet(TRANSPORT_VERSION, aad=aad) + return 64 - len(self.received_prefix), msg_to_send + + def authenticate_handshake(self, response): + """ Ensures that the received optional decoy packets and transport version packet are authenticated. + Marks the v2 handshake as complete. Done by both initiator and responder. + + Returns: + 1. int - length of bytes that were processed so that recvbuf can be updated + 2. bool - True if the authentication was successful/more bytes need to be received and False otherwise + """ + processed_length = 0 + + # Detect garbage terminator in the received bytes + if not self.found_garbage_terminator: + received_garbage = response[:16] + response = response[16:] + processed_length = len(received_garbage) + for i in range(MAX_GARBAGE_LEN + 1): + if received_garbage[-16:] == self.peer['recv_garbage_terminator']: + # Receive, decode, and ignore version packet. + # This includes skipping decoys and authenticating the received garbage. + self.found_garbage_terminator = True + self.received_garbage = received_garbage[:-16] + break + else: + # don't update recvbuf since more bytes need to be received + if len(response) == 0: + return 0, True + received_garbage += response[:1] + processed_length += 1 + response = response[1:] + else: + # disconnect since garbage terminator was not seen after 4 KiB of garbage. + return processed_length, False + + # Process optional decoy packets and transport version packet + while not self.tried_v2_handshake: + length, contents = self.v2_receive_packet(response, aad=self.received_garbage) + if length == -1: + return processed_length, False + elif length == 0: + return processed_length, True + processed_length += length + self.received_garbage = b"" + # decoy packets have contents = None. v2 handshake is complete only when version packet + # (can be empty with contents = b"") with contents != None is received. + if contents is not None: + self.tried_v2_handshake = True + return processed_length, True + response = response[length:] + + def initialize_v2_transport(self, ecdh_secret): + """Sets the peer object with various BIP324 derived keys and ciphers.""" + peer = {} + salt = b'bitcoin_v2_shared_secret' + MAGIC_BYTES[self.net] + for name in ('initiator_L', 'initiator_P', 'responder_L', 'responder_P', 'garbage_terminators', 'session_id'): + peer[name] = hkdf_sha256(salt=salt, ikm=ecdh_secret, info=name.encode('utf-8'), length=32) + if self.initiating: + self.peer['send_L'] = FSChaCha20(peer['initiator_L']) + self.peer['send_P'] = FSChaCha20Poly1305(peer['initiator_P']) + self.peer['send_garbage_terminator'] = peer['garbage_terminators'][:16] + self.peer['recv_L'] = FSChaCha20(peer['responder_L']) + self.peer['recv_P'] = FSChaCha20Poly1305(peer['responder_P']) + self.peer['recv_garbage_terminator'] = peer['garbage_terminators'][16:] + else: + self.peer['send_L'] = FSChaCha20(peer['responder_L']) + self.peer['send_P'] = FSChaCha20Poly1305(peer['responder_P']) + self.peer['send_garbage_terminator'] = peer['garbage_terminators'][16:] + self.peer['recv_L'] = FSChaCha20(peer['initiator_L']) + self.peer['recv_P'] = FSChaCha20Poly1305(peer['initiator_P']) + self.peer['recv_garbage_terminator'] = peer['garbage_terminators'][:16] + self.peer['session_id'] = peer['session_id'] + + def v2_enc_packet(self, contents, aad=b'', ignore=False): + """Encrypt a BIP324 packet. + + Returns: + bytes - encrypted packet contents + """ + assert len(contents) <= 2**24 - 1 + header = (ignore << IGNORE_BIT_POS).to_bytes(HEADER_LEN, 'little') + plaintext = header + contents + aead_ciphertext = self.peer['send_P'].encrypt(aad, plaintext) + enc_plaintext_len = self.peer['send_L'].crypt(len(contents).to_bytes(LENGTH_FIELD_LEN, 'little')) + return enc_plaintext_len + aead_ciphertext + + def v2_receive_packet(self, response, aad=b''): + """Decrypt a BIP324 packet + + Returns: + 1. int - number of bytes consumed (or -1 if error) + 2. bytes - contents of decrypted non-decoy packet if any (or None otherwise) + """ + if self.contents_len == -1: + if len(response) < LENGTH_FIELD_LEN: + return 0, None + enc_contents_len = response[:LENGTH_FIELD_LEN] + self.contents_len = int.from_bytes(self.peer['recv_L'].crypt(enc_contents_len), 'little') + response = response[LENGTH_FIELD_LEN:] + if len(response) < HEADER_LEN + self.contents_len + CHACHA20POLY1305_EXPANSION: + return 0, None + aead_ciphertext = response[:HEADER_LEN + self.contents_len + CHACHA20POLY1305_EXPANSION] + plaintext = self.peer['recv_P'].decrypt(aad, aead_ciphertext) + if plaintext is None: + return -1, None # disconnect + header = plaintext[:HEADER_LEN] + length = LENGTH_FIELD_LEN + HEADER_LEN + self.contents_len + CHACHA20POLY1305_EXPANSION + self.contents_len = -1 + return length, None if (header[0] & (1 << IGNORE_BIT_POS)) else plaintext[HEADER_LEN:] diff --git a/test/functional/test_runner.py b/test/functional/test_runner.py index 7573bd7df19b..c7303237f4b3 100755 --- a/test/functional/test_runner.py +++ b/test/functional/test_runner.py @@ -243,6 +243,8 @@ 'p2p_invalid_tx.py', 'p2p_invalid_tx.py --v2transport', 'p2p_v2_transport.py', + 'p2p_v2_encrypted.py', + 'p2p_v2_earlykeyresponse.py', 'feature_assumevalid.py', 'example_test.py', 'wallet_txn_doublespend.py --legacy-wallet', From e2788189fddd0ee2775258e95701a82a2f56ebcf Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Tue, 30 Jan 2024 17:53:52 -0500 Subject: [PATCH 04/12] merge bitcoin#29352: fix intermittent failure in p2p_v2_earlykeyresponse --- test/functional/p2p_v2_earlykeyresponse.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/test/functional/p2p_v2_earlykeyresponse.py b/test/functional/p2p_v2_earlykeyresponse.py index 19c1154e5a43..ff6e7519fda3 100755 --- a/test/functional/p2p_v2_earlykeyresponse.py +++ b/test/functional/p2p_v2_earlykeyresponse.py @@ -50,6 +50,7 @@ class PeerEarlyKey(P2PInterface): def __init__(self): super().__init__() self.v2_state = None + self.connection_opened = False def connection_made(self, transport): """64 bytes ellswift is sent in 2 parts during `initial_v2_handshake()`""" @@ -60,6 +61,8 @@ def data_received(self, t): # check that data can be received on recvbuf only when mismatch from V1_PREFIX happens (send_net_magic = False) assert self.v2_state.can_data_be_received and not self.v2_state.send_net_magic + def on_open(self): + self.connection_opened = True class P2PEarlyKey(BitcoinTestFramework): def set_test_params(self): @@ -75,6 +78,7 @@ def run_test(self): self.log.info('If a response is received, assertion failure would happen in our custom data_received() function') # send happens in `initiate_v2_handshake()` in `connection_made()` peer1 = node0.add_p2p_connection(PeerEarlyKey(), wait_for_verack=False, send_version=False, supports_v2_p2p=True) + self.wait_until(lambda: peer1.connection_opened) self.log.info('Sending remaining ellswift and garbage which are different from V1_PREFIX. Since a response is') self.log.info('expected now, our custom data_received() function wouldn\'t result in assertion failure') ellswift_and_garbage_data = peer1.v2_state.initiate_v2_handshake() From 5ee15faba0544e7f882e29a9dc7eec2a2847d0f5 Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Fri, 2 Feb 2024 11:59:05 -0500 Subject: [PATCH 05/12] merge bitcoin#29372: fix intermittent failure in `rpc_setban.py --v2transport` --- test/functional/rpc_setban.py | 9 ++++++++- test/functional/test_runner.py | 1 + 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/test/functional/rpc_setban.py b/test/functional/rpc_setban.py index 36873f964b3e..c3ba6bc9b47d 100755 --- a/test/functional/rpc_setban.py +++ b/test/functional/rpc_setban.py @@ -4,6 +4,7 @@ # file COPYING or http://www.opensource.org/licenses/mit-license.php. """Test the setban rpc call.""" +from contextlib import ExitStack from test_framework.test_framework import BitcoinTestFramework from test_framework.util import ( p2p_port @@ -28,7 +29,13 @@ def run_test(self): self.nodes[1].setban("127.0.0.1", "add") # Node 0 should not be able to reconnect - with self.nodes[1].assert_debug_log(expected_msgs=['dropped (banned)\n'], timeout=50): + context = ExitStack() + context.enter_context(self.nodes[1].assert_debug_log(expected_msgs=['dropped (banned)\n'], timeout=50)) + # When disconnected right after connecting, a v2 node will attempt to reconnect with v1. + # Wait for that to happen so that it cannot mess with later tests. + if self.options.v2transport: + context.enter_context(self.nodes[0].assert_debug_log(expected_msgs=['trying v1 connection'], timeout=50)) + with context: self.restart_node(1, []) self.nodes[0].addnode("127.0.0.1:" + str(p2p_port(1)), "onetry") diff --git a/test/functional/test_runner.py b/test/functional/test_runner.py index c7303237f4b3..4c88adc02545 100755 --- a/test/functional/test_runner.py +++ b/test/functional/test_runner.py @@ -235,6 +235,7 @@ 'p2p_filter.py', 'p2p_blocksonly.py', 'rpc_setban.py', + 'rpc_setban.py --v2transport', 'mining_prioritisetransaction.py', 'p2p_invalid_locator.py', 'p2p_invalid_block.py', From bd2fe6103d308f78e6e859460430cc080f534b4a Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Mon, 14 Oct 2024 21:49:11 +0000 Subject: [PATCH 06/12] merge bitcoin#29460: assert rpc error for addnode v2transport not enabled --- test/functional/p2p_v2_transport.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/test/functional/p2p_v2_transport.py b/test/functional/p2p_v2_transport.py index 8e0c25f97280..3ad599522252 100755 --- a/test/functional/p2p_v2_transport.py +++ b/test/functional/p2p_v2_transport.py @@ -12,6 +12,7 @@ from test_framework.util import ( assert_equal, p2p_port, + assert_raises_rpc_error ) @@ -59,6 +60,11 @@ def run_test(self): # V1 nodes can sync with each other assert_equal(self.nodes[2].getblockcount(), 0) assert_equal(self.nodes[3].getblockcount(), 0) + + # addnode rpc error when v2transport requested but not enabled + ip_port = "127.0.0.1:{}".format(p2p_port(3)) + assert_raises_rpc_error(-8, "Error: v2transport requested but not enabled (see -v2transport)", self.nodes[2].addnode, node=ip_port, command='add', v2transport=True) + with self.nodes[2].assert_debug_log(expected_msgs=[], unexpected_msgs=[sending_handshake, downgrading_to_v1]): self.connect_nodes(2, 3, peer_advertises_v2=False) From 4cce72fc3e46efbf7270d83ce75b5a1d323a8cd0 Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Mon, 14 Oct 2024 21:49:39 +0000 Subject: [PATCH 07/12] test: add missing debug log assertion in `p2p_invalid_messages.py` --- test/functional/p2p_invalid_messages.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/functional/p2p_invalid_messages.py b/test/functional/p2p_invalid_messages.py index 6d4495b4714f..08103bb80412 100755 --- a/test/functional/p2p_invalid_messages.py +++ b/test/functional/p2p_invalid_messages.py @@ -118,7 +118,7 @@ def test_checksum(self): def test_size(self): self.log.info("Test message with oversized payload disconnects peer") conn = self.nodes[0].add_p2p_connection(P2PDataStore()) - with self.nodes[0].assert_debug_log(['']): + with self.nodes[0].assert_debug_log(['Header error: Size too large (badmsg, 3145729 bytes)']): msg = msg_unrecognized(str_data="d"*(VALID_DATA_LIMIT + 1)) msg = conn.build_message(msg) conn.send_raw_message(msg) From 54972e8fa0ba2eacd4c3b68db50bff830d22969d Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Mon, 14 Oct 2024 21:48:13 +0000 Subject: [PATCH 08/12] merge bitcoin#29358: use v2 everywhere for P2PConnection if --v2transport is enabled --- test/functional/feature_block.py | 4 ++ test/functional/feature_maxuploadtarget.py | 5 ++- test/functional/p2p_ibd_stalling.py | 3 +- test/functional/p2p_invalid_messages.py | 45 ++++++++++++++++----- test/functional/p2p_timeouts.py | 29 +++++++------ test/functional/p2p_v2_earlykeyresponse.py | 2 +- test/functional/rpc_net.py | 13 +++--- test/functional/test_framework/test_node.py | 16 +++++++- 8 files changed, 81 insertions(+), 36 deletions(-) diff --git a/test/functional/feature_block.py b/test/functional/feature_block.py index 460cf4571d01..9776a549d0a3 100755 --- a/test/functional/feature_block.py +++ b/test/functional/feature_block.py @@ -1277,6 +1277,10 @@ def run_test(self): b89a = self.update_block("89a", [tx]) self.send_blocks([b89a], success=False, reject_reason='bad-txns-inputs-missingorspent', reconnect=True) + # Don't use v2transport for the large reorg, which is too slow with the unoptimized python ChaCha20 implementation + if self.options.v2transport: + self.nodes[0].disconnect_p2ps() + self.helper_peer = self.nodes[0].add_p2p_connection(P2PDataStore(), supports_v2_p2p=False) self.log.info("Test a re-org of ~2 days' worth of blocks (1088 blocks)") self.move_tip(88) diff --git a/test/functional/feature_maxuploadtarget.py b/test/functional/feature_maxuploadtarget.py index 8b2f8f4cf570..4c9f37129dd3 100755 --- a/test/functional/feature_maxuploadtarget.py +++ b/test/functional/feature_maxuploadtarget.py @@ -68,7 +68,8 @@ def run_test(self): p2p_conns = [] for _ in range(3): - p2p_conns.append(self.nodes[0].add_p2p_connection(TestP2PConn())) + # Don't use v2transport in this test (too slow with the unoptimized python ChaCha20 implementation) + p2p_conns.append(self.nodes[0].add_p2p_connection(TestP2PConn(), supports_v2_p2p=False)) # Now mine a big block mine_large_block(self, self.nodes[0], self.utxo_cache) @@ -150,7 +151,7 @@ def run_test(self): self.restart_node(0, ["-whitelist=download@127.0.0.1", "-maxuploadtarget=1", "-blockmaxsize=999000", "-mocktime="+str(current_mocktime)]) # Reconnect to self.nodes[0] - peer = self.nodes[0].add_p2p_connection(TestP2PConn()) + peer = self.nodes[0].add_p2p_connection(TestP2PConn(), supports_v2_p2p=False) #retrieve 20 blocks which should be enough to break the 1MB limit getdata_request.inv = [CInv(MSG_BLOCK, big_new_block)] diff --git a/test/functional/p2p_ibd_stalling.py b/test/functional/p2p_ibd_stalling.py index 11380abd62b0..49a297b02454 100755 --- a/test/functional/p2p_ibd_stalling.py +++ b/test/functional/p2p_ibd_stalling.py @@ -83,7 +83,8 @@ def run_test(self): # Need to wait until 1023 blocks are received - the magic total bytes number is a workaround in lack of an rpc # returning the number of downloaded (but not connected) blocks. - self.wait_until(lambda: self.total_bytes_recv_for_blocks() == 172761) + bytes_recv = 172761 if not self.options.v2transport else 169692 + self.wait_until(lambda: self.total_bytes_recv_for_blocks() == bytes_recv) self.all_sync_send_with_ping(peers) # If there was a peer marked for stalling, it would get disconnected diff --git a/test/functional/p2p_invalid_messages.py b/test/functional/p2p_invalid_messages.py index 08103bb80412..c22f6e122d1a 100755 --- a/test/functional/p2p_invalid_messages.py +++ b/test/functional/p2p_invalid_messages.py @@ -90,6 +90,9 @@ def test_duplicate_version_msg(self): self.nodes[0].disconnect_p2ps() def test_magic_bytes(self): + # Skip with v2, magic bytes are v1-specific + if self.options.v2transport: + return self.log.info("Test message with invalid magic bytes disconnects peer") conn = self.nodes[0].add_p2p_connection(P2PDataStore()) with self.nodes[0].assert_debug_log(['Header error: Wrong MessageStart ffffffff received']): @@ -101,6 +104,9 @@ def test_magic_bytes(self): self.nodes[0].disconnect_p2ps() def test_checksum(self): + # Skip with v2, the checksum is v1-specific + if self.options.v2transport: + return self.log.info("Test message with invalid checksum logs an error") conn = self.nodes[0].add_p2p_connection(P2PDataStore()) with self.nodes[0].assert_debug_log(['Header error: Wrong checksum (badmsg, 2 bytes), expected 78df0a04 was ffffffff']): @@ -118,7 +124,11 @@ def test_checksum(self): def test_size(self): self.log.info("Test message with oversized payload disconnects peer") conn = self.nodes[0].add_p2p_connection(P2PDataStore()) - with self.nodes[0].assert_debug_log(['Header error: Size too large (badmsg, 3145729 bytes)']): + error_msg = ( + ['V2 transport error: packet too large (3145742 bytes)'] if self.options.v2transport + else ['Header error: Size too large (badmsg, 3145729 bytes)'] + ) + with self.nodes[0].assert_debug_log(error_msg): msg = msg_unrecognized(str_data="d"*(VALID_DATA_LIMIT + 1)) msg = conn.build_message(msg) conn.send_raw_message(msg) @@ -128,15 +138,26 @@ def test_size(self): def test_msgtype(self): self.log.info("Test message with invalid message type logs an error") conn = self.nodes[0].add_p2p_connection(P2PDataStore()) - with self.nodes[0].assert_debug_log(['Header error: Invalid message type']): + if self.options.v2transport: + msgtype = 99 # not defined msg = msg_unrecognized(str_data="d") - msg = conn.build_message(msg) - # Modify msgtype - msg = msg[:7] + b'\x00' + msg[7 + 1:] - conn.send_raw_message(msg) - conn.sync_with_ping(timeout=1) - # Check that traffic is accounted for (24 bytes header + 2 bytes payload) - assert_equal(self.nodes[0].getpeerinfo()[0]['bytesrecv_per_msg']['*other*'], 26) + contents = msgtype.to_bytes(1, 'big') + msg.serialize() + tmsg = conn.v2_state.v2_enc_packet(contents, ignore=False) + with self.nodes[0].assert_debug_log(['V2 transport error: invalid message type']): + conn.send_raw_message(tmsg) + conn.sync_with_ping(timeout=1) + # Check that traffic is accounted for (20 bytes plus 3 bytes contents) + assert_equal(self.nodes[0].getpeerinfo()[0]['bytesrecv_per_msg']['*other*'], 23) + else: + with self.nodes[0].assert_debug_log(['Header error: Invalid message type']): + msg = msg_unrecognized(str_data="d") + msg = conn.build_message(msg) + # Modify msgtype + msg = msg[:7] + b'\x00' + msg[7 + 1:] + conn.send_raw_message(msg) + conn.sync_with_ping(timeout=1) + # Check that traffic is accounted for (24 bytes header + 2 bytes payload) + assert_equal(self.nodes[0].getpeerinfo()[0]['bytesrecv_per_msg']['*other*'], 26) self.nodes[0].disconnect_p2ps() def test_oversized_msg(self, msg, size): @@ -164,8 +185,10 @@ def test_oversized_headers2_msg(self): def test_resource_exhaustion(self): self.log.info("Test node stays up despite many large junk messages") - conn = self.nodes[0].add_p2p_connection(P2PDataStore()) - conn2 = self.nodes[0].add_p2p_connection(P2PDataStore()) + # Don't use v2 here - the non-optimised encryption would take too long to encrypt + # the large messages + conn = self.nodes[0].add_p2p_connection(P2PDataStore(), supports_v2_p2p=False) + conn2 = self.nodes[0].add_p2p_connection(P2PDataStore(), supports_v2_p2p=False) msg_at_size = msg_unrecognized(str_data="b" * VALID_DATA_LIMIT) assert len(msg_at_size.serialize()) == MAX_PROTOCOL_MESSAGE_LENGTH diff --git a/test/functional/p2p_timeouts.py b/test/functional/p2p_timeouts.py index 7f68f19fd4ab..b3890ad9f39c 100755 --- a/test/functional/p2p_timeouts.py +++ b/test/functional/p2p_timeouts.py @@ -69,11 +69,8 @@ def run_test(self): with self.nodes[0].assert_debug_log(['Unsupported message "ping" prior to verack from peer=0']): no_verack_node.send_message(msg_ping()) - # With v2, non-version messages before the handshake would be interpreted as part of the key exchange. - # Therefore, don't execute this part of the test if v2transport is chosen. - if not self.options.v2transport: - with self.nodes[0].assert_debug_log(['non-version message before version handshake. Message "ping" from peer=1']): - no_version_node.send_message(msg_ping()) + with self.nodes[0].assert_debug_log(['non-version message before version handshake. Message "ping" from peer=1']): + no_version_node.send_message(msg_ping()) self.mock_forward(1) assert "version" in no_verack_node.last_message @@ -83,14 +80,20 @@ def run_test(self): assert no_send_node.is_connected no_verack_node.send_message(msg_ping()) - if not self.options.v2transport: - no_version_node.send_message(msg_ping()) - - expected_timeout_logs = [ - "version handshake timeout peer=0", - f"socket no message in first 3 seconds, {'0' if self.options.v2transport else '1'} 0 peer=1", - "socket no message in first 3 seconds, 0 0 peer=2", - ] + no_version_node.send_message(msg_ping()) + + if self.options.v2transport: + expected_timeout_logs = [ + "version handshake timeout peer=0", + "version handshake timeout peer=1", + "version handshake timeout peer=2", + ] + else: + expected_timeout_logs = [ + "version handshake timeout peer=0", + "socket no message in first 3 seconds, 1 0 peer=1", + "socket no message in first 3 seconds, 0 0 peer=2", + ] with self.nodes[0].assert_debug_log(expected_msgs=expected_timeout_logs): self.mock_forward(3) diff --git a/test/functional/p2p_v2_earlykeyresponse.py b/test/functional/p2p_v2_earlykeyresponse.py index ff6e7519fda3..28a27caa7fd8 100755 --- a/test/functional/p2p_v2_earlykeyresponse.py +++ b/test/functional/p2p_v2_earlykeyresponse.py @@ -77,7 +77,7 @@ def run_test(self): self.log.info('Sending first 4 bytes of ellswift which match network magic') self.log.info('If a response is received, assertion failure would happen in our custom data_received() function') # send happens in `initiate_v2_handshake()` in `connection_made()` - peer1 = node0.add_p2p_connection(PeerEarlyKey(), wait_for_verack=False, send_version=False, supports_v2_p2p=True) + peer1 = node0.add_p2p_connection(PeerEarlyKey(), wait_for_verack=False, send_version=False, supports_v2_p2p=True, wait_for_v2_handshake=False) self.wait_until(lambda: peer1.connection_opened) self.log.info('Sending remaining ellswift and garbage which are different from V1_PREFIX. Since a response is') self.log.info('expected now, our custom data_received() function wouldn\'t result in assertion failure') diff --git a/test/functional/rpc_net.py b/test/functional/rpc_net.py index 6dde4afccaef..1fed96ef5f40 100755 --- a/test/functional/rpc_net.py +++ b/test/functional/rpc_net.py @@ -118,6 +118,9 @@ def test_getpeerinfo(self): peer_info = self.nodes[0].getpeerinfo()[no_version_peer_id] peer_info.pop("addr") peer_info.pop("addrbind") + # The next two fields will vary for v2 connections because we send a rng-based number of decoy messages + peer_info.pop("bytesrecv") + peer_info.pop("bytessent") assert_equal( peer_info, { @@ -126,9 +129,7 @@ def test_getpeerinfo(self): "addr_relay_enabled": False, "bip152_hb_from": False, "bip152_hb_to": False, - "bytesrecv": 0, "bytesrecv_per_msg": {}, - "bytessent": 0, "bytessent_per_msg": {}, "connection_type": "inbound", "conntime": no_version_peer_conntime, @@ -137,21 +138,21 @@ def test_getpeerinfo(self): "inflight": [], "last_block": 0, "last_transaction": 0, - "lastrecv": 0, - "lastsend": 0, + "lastrecv": 0 if not self.options.v2transport else no_version_peer_conntime, + "lastsend": 0 if not self.options.v2transport else no_version_peer_conntime, "masternode": False, "network": "not_publicly_routable", "permissions": [], "relaytxes": False, "services": "0000000000000000", "servicesnames": [], - "session_id": "", + "session_id": "" if not self.options.v2transport else no_version_peer.v2_state.peer['session_id'].hex(), "startingheight": -1, "subver": "", "synced_blocks": -1, "synced_headers": -1, "timeoffset": 0, - "transport_protocol_type": "v1" if not self.options.v2transport else "detecting", + "transport_protocol_type": "v1" if not self.options.v2transport else "v2", "version": 0, }, ) diff --git a/test/functional/test_framework/test_node.py b/test/functional/test_framework/test_node.py index c257a4b1b784..456cb688e07a 100755 --- a/test/functional/test_framework/test_node.py +++ b/test/functional/test_framework/test_node.py @@ -632,7 +632,7 @@ def assert_start_raises_init_error(self, extra_args=None, expected_msg=None, mat assert_msg += "with expected error " + expected_msg self._raise_assertion_error(assert_msg) - def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=True, supports_v2_p2p=False, **kwargs): + def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=True, supports_v2_p2p=None, wait_for_v2_handshake=True, **kwargs): """Add an inbound p2p connection to the node. This method adds the p2p connection to the self.p2ps list and also @@ -649,6 +649,9 @@ def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=Tru kwargs['dstport'] = p2p_port(self.index) if 'dstaddr' not in kwargs: kwargs['dstaddr'] = '127.0.0.1' + if supports_v2_p2p is None: + supports_v2_p2p = self.use_v2transport + p2p_conn.p2p_connected_to_node = True if self.use_v2transport: @@ -658,6 +661,8 @@ def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=Tru self.p2ps.append(p2p_conn) p2p_conn.wait_until(lambda: p2p_conn.is_connected, check_connected=False) + if supports_v2_p2p and wait_for_v2_handshake: + p2p_conn.wait_until(lambda: p2p_conn.v2_state.tried_v2_handshake) if send_version: p2p_conn.wait_until(lambda: not p2p_conn.on_connection_send_msg) if wait_for_verack: @@ -685,7 +690,7 @@ def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=Tru return p2p_conn - def add_outbound_p2p_connection(self, p2p_conn, *, wait_for_verack=True, p2p_idx, connection_type="outbound-full-relay", supports_v2_p2p=False, advertise_v2_p2p=False, **kwargs): + def add_outbound_p2p_connection(self, p2p_conn, *, wait_for_verack=True, p2p_idx, connection_type="outbound-full-relay", supports_v2_p2p=None, advertise_v2_p2p=None, **kwargs): """Add an outbound p2p connection from node. Must be an "outbound-full-relay", "block-relay-only", "addr-fetch" or "feeler" connection. @@ -713,6 +718,11 @@ def addconnection_callback(address, port): self.addconnection('%s:%d' % (address, port), connection_type, advertise_v2_p2p) p2p_conn.p2p_connected_to_node = False + if supports_v2_p2p is None: + supports_v2_p2p = self.use_v2transport + if advertise_v2_p2p is None: + advertise_v2_p2p = self.use_v2transport + if advertise_v2_p2p: kwargs['services'] = kwargs.get('services', P2P_SERVICES) | NODE_P2P_V2 assert self.use_v2transport # only a v2 TestNode could make a v2 outbound connection @@ -735,6 +745,8 @@ def addconnection_callback(address, port): p2p_conn.wait_for_connect() self.p2ps.append(p2p_conn) + if supports_v2_p2p: + p2p_conn.wait_until(lambda: p2p_conn.v2_state.tried_v2_handshake) p2p_conn.wait_until(lambda: not p2p_conn.on_connection_send_msg) if wait_for_verack: p2p_conn.wait_for_verack() From 062aaf11e4530e3c7935d64567af460e105d1d60 Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Thu, 29 Feb 2024 10:39:40 +0530 Subject: [PATCH 09/12] merge bitcoin#29511: Fix intermittent failure in rpc_net.py --v2transport --- test/functional/rpc_net.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/functional/rpc_net.py b/test/functional/rpc_net.py index 1fed96ef5f40..5cc1dc617b05 100755 --- a/test/functional/rpc_net.py +++ b/test/functional/rpc_net.py @@ -115,6 +115,8 @@ def test_getpeerinfo(self): no_version_peer_conntime = self.mocktime with self.nodes[0].assert_debug_log([f"Added connection peer={no_version_peer_id}"]): no_version_peer = self.nodes[0].add_p2p_connection(P2PInterface(), send_version=False, wait_for_verack=False) + if self.options.v2transport: + self.wait_until(lambda: self.nodes[0].getpeerinfo()[no_version_peer_id]["transport_protocol_type"] == "v2") peer_info = self.nodes[0].getpeerinfo()[no_version_peer_id] peer_info.pop("addr") peer_info.pop("addrbind") From 2455862c9fde2e73d5e6777b33db60daefc65832 Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Tue, 6 Feb 2024 00:40:26 +0100 Subject: [PATCH 10/12] merge bitcoin#29390: speedup bip324_cipher.py unit test --- test/functional/test_framework/crypto/bip324_cipher.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/test/functional/test_framework/crypto/bip324_cipher.py b/test/functional/test_framework/crypto/bip324_cipher.py index 56190647f222..c9f0fa015128 100644 --- a/test/functional/test_framework/crypto/bip324_cipher.py +++ b/test/functional/test_framework/crypto/bip324_cipher.py @@ -25,6 +25,8 @@ def pad16(x): def aead_chacha20_poly1305_encrypt(key, nonce, aad, plaintext): """Encrypt a plaintext using ChaCha20Poly1305.""" + if plaintext is None: + return None ret = bytearray() msg_len = len(plaintext) for i in range((msg_len + 63) // 64): @@ -42,7 +44,7 @@ def aead_chacha20_poly1305_encrypt(key, nonce, aad, plaintext): def aead_chacha20_poly1305_decrypt(key, nonce, aad, ciphertext): """Decrypt a ChaCha20Poly1305 ciphertext.""" - if len(ciphertext) < 16: + if ciphertext is None or len(ciphertext) < 16: return None msg_len = len(ciphertext) - 16 poly1305 = Poly1305(chacha20_block(key, nonce, 0)[:32]) @@ -191,11 +193,11 @@ def test_fschacha20poly1305aead(self): dec_aead = FSChaCha20Poly1305(key) for _ in range(msg_idx): - enc_aead.encrypt(b"", b"") + enc_aead.encrypt(b"", None) ciphertext = enc_aead.encrypt(aad, plain) self.assertEqual(hex_cipher, ciphertext.hex()) for _ in range(msg_idx): - dec_aead.decrypt(b"", bytes(16)) + dec_aead.decrypt(b"", None) plaintext = dec_aead.decrypt(aad, ciphertext) self.assertEqual(plain, plaintext) From cc6b88ee373c30c0376075e7a83cd183c23b609f Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Wed, 17 Jan 2024 08:48:03 +0100 Subject: [PATCH 11/12] merge bitcoin-core/gui#788: update session ID tooltip --- src/qt/forms/debugwindow.ui | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/qt/forms/debugwindow.ui b/src/qt/forms/debugwindow.ui index c45f6bcaeb47..7ac2e5de6cde 100644 --- a/src/qt/forms/debugwindow.ui +++ b/src/qt/forms/debugwindow.ui @@ -1005,7 +1005,7 @@ - The BIP324 session ID string in hex, if any. + The BIP324 session ID string in hex. Session ID From 4735b8297917b3844a879a7e4e507bb5dcb3fba6 Mon Sep 17 00:00:00 2001 From: Kittywhiskers Van Gogh <63189531+kwvg@users.noreply.github.com> Date: Tue, 30 Jan 2024 19:27:21 +0530 Subject: [PATCH 12/12] merge bitcoin#29431: disconnection scenarios during v2 handshake --- src/net.cpp | 6 +- test/functional/p2p_v2_earlykeyresponse.py | 91 ---------- test/functional/p2p_v2_misbehaving.py | 178 ++++++++++++++++++++ test/functional/test_framework/key.py | 6 +- test/functional/test_framework/p2p.py | 2 + test/functional/test_framework/test_node.py | 5 +- test/functional/test_framework/util.py | 6 + test/functional/test_framework/v2_p2p.py | 12 +- test/functional/test_runner.py | 2 +- 9 files changed, 201 insertions(+), 107 deletions(-) delete mode 100755 test/functional/p2p_v2_earlykeyresponse.py create mode 100755 test/functional/p2p_v2_misbehaving.py diff --git a/src/net.cpp b/src/net.cpp index b2275390177a..156d6775090e 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -2401,7 +2401,11 @@ bool CConnman::InactivityCheck(const CNode& node) const } if (!node.fSuccessfullyConnected) { - LogPrint(BCLog::NET, "version handshake timeout peer=%d\n", node.GetId()); + if (node.m_transport->GetInfo().transport_type == TransportProtocolType::DETECTING) { + LogPrint(BCLog::NET, "V2 handshake timeout peer=%d\n", node.GetId()); + } else { + LogPrint(BCLog::NET, "version handshake timeout peer=%d\n", node.GetId()); + } return true; } diff --git a/test/functional/p2p_v2_earlykeyresponse.py b/test/functional/p2p_v2_earlykeyresponse.py deleted file mode 100755 index 28a27caa7fd8..000000000000 --- a/test/functional/p2p_v2_earlykeyresponse.py +++ /dev/null @@ -1,91 +0,0 @@ -#!/usr/bin/env python3 -# Copyright (c) 2022 The Bitcoin Core developers -# Distributed under the MIT software license, see the accompanying -# file COPYING or http://www.opensource.org/licenses/mit-license.php. - -import random - -from test_framework.test_framework import BitcoinTestFramework -from test_framework.crypto.ellswift import ellswift_create -from test_framework.util import random_bytes -from test_framework.p2p import P2PInterface -from test_framework.v2_p2p import EncryptedP2PState - - -class TestEncryptedP2PState(EncryptedP2PState): - """ Modify v2 P2P protocol functions for testing that "The responder waits until one byte is received which does - not match the 16 bytes consisting of the network magic followed by "version\x00\x00\x00\x00\x00"." (see BIP 324) - - - if `send_net_magic` is True, send first 4 bytes of ellswift (match network magic) else send remaining 60 bytes - - `can_data_be_received` is a variable used to assert if data is received on recvbuf. - - v2 TestNode shouldn't respond back if we send V1_PREFIX and data shouldn't be received on recvbuf. - This state is represented using `can_data_be_received` = False. - - v2 TestNode responds back when mismatch from V1_PREFIX happens and data can be received on recvbuf. - This state is represented using `can_data_be_received` = True. - """ - - def __init__(self): - super().__init__(initiating=True, net='regtest') - self.send_net_magic = True - self.can_data_be_received = False - - def initiate_v2_handshake(self, garbage_len=random.randrange(4096)): - """Initiator begins the v2 handshake by sending its ellswift bytes and garbage. - Here, the 64 bytes ellswift is assumed to have it's 4 bytes match network magic bytes. It is sent in 2 phases: - 1. when `send_network_magic` = True, send first 4 bytes of ellswift (matches network magic bytes) - 2. when `send_network_magic` = False, send remaining 60 bytes of ellswift - """ - if self.send_net_magic: - self.privkey_ours, self.ellswift_ours = ellswift_create() - self.sent_garbage = random_bytes(garbage_len) - self.send_net_magic = False - return b"\xfc\xc1\xb7\xdc" - else: - self.can_data_be_received = True - return self.ellswift_ours[4:] + self.sent_garbage - - -class PeerEarlyKey(P2PInterface): - """Custom implementation of P2PInterface which uses modified v2 P2P protocol functions for testing purposes.""" - def __init__(self): - super().__init__() - self.v2_state = None - self.connection_opened = False - - def connection_made(self, transport): - """64 bytes ellswift is sent in 2 parts during `initial_v2_handshake()`""" - self.v2_state = TestEncryptedP2PState() - super().connection_made(transport) - - def data_received(self, t): - # check that data can be received on recvbuf only when mismatch from V1_PREFIX happens (send_net_magic = False) - assert self.v2_state.can_data_be_received and not self.v2_state.send_net_magic - - def on_open(self): - self.connection_opened = True - -class P2PEarlyKey(BitcoinTestFramework): - def set_test_params(self): - self.num_nodes = 1 - self.disable_mocktime = True - self.extra_args = [["-v2transport=1", "-peertimeout=3"]] - - def run_test(self): - self.log.info('Sending ellswift bytes in parts to ensure that response from responder is received only when') - self.log.info('ellswift bytes have a mismatch from the 16 bytes(network magic followed by "version\\x00\\x00\\x00\\x00\\x00")') - node0 = self.nodes[0] - self.log.info('Sending first 4 bytes of ellswift which match network magic') - self.log.info('If a response is received, assertion failure would happen in our custom data_received() function') - # send happens in `initiate_v2_handshake()` in `connection_made()` - peer1 = node0.add_p2p_connection(PeerEarlyKey(), wait_for_verack=False, send_version=False, supports_v2_p2p=True, wait_for_v2_handshake=False) - self.wait_until(lambda: peer1.connection_opened) - self.log.info('Sending remaining ellswift and garbage which are different from V1_PREFIX. Since a response is') - self.log.info('expected now, our custom data_received() function wouldn\'t result in assertion failure') - ellswift_and_garbage_data = peer1.v2_state.initiate_v2_handshake() - peer1.send_raw_message(ellswift_and_garbage_data) - peer1.wait_for_disconnect(timeout=5) - self.log.info('successful disconnection when MITM happens in the key exchange phase') - - -if __name__ == '__main__': - P2PEarlyKey().main() diff --git a/test/functional/p2p_v2_misbehaving.py b/test/functional/p2p_v2_misbehaving.py new file mode 100755 index 000000000000..60c2876cf5d2 --- /dev/null +++ b/test/functional/p2p_v2_misbehaving.py @@ -0,0 +1,178 @@ +#!/usr/bin/env python3 +# Copyright (c) 2022 The Bitcoin Core developers +# Distributed under the MIT software license, see the accompanying +# file COPYING or http://www.opensource.org/licenses/mit-license.php. + +import random +from enum import Enum + +from test_framework.messages import MAGIC_BYTES +from test_framework.util import random_bytes +from test_framework.p2p import P2PInterface +from test_framework.test_framework import BitcoinTestFramework +from test_framework.util import random_bitflip +from test_framework.v2_p2p import ( + EncryptedP2PState, + MAX_GARBAGE_LEN, +) + + +class TestType(Enum): + """ Scenarios to be tested: + + 1. EARLY_KEY_RESPONSE - The responder needs to wait until one byte is received which does not match the 16 bytes + consisting of network magic followed by "version\x00\x00\x00\x00\x00" before sending out its ellswift + garbage bytes + 2. EXCESS_GARBAGE - Disconnection happens when > MAX_GARBAGE_LEN bytes garbage is sent + 3. WRONG_GARBAGE_TERMINATOR - Disconnection happens when incorrect garbage terminator is sent + 4. WRONG_GARBAGE - Disconnection happens when garbage bytes that is sent is different from what the peer receives + 5. SEND_NO_AAD - Disconnection happens when AAD of first encrypted packet after the garbage terminator is not filled + 6. SEND_NON_EMPTY_VERSION_PACKET - non-empty version packet is simply ignored + """ + EARLY_KEY_RESPONSE = 0 + EXCESS_GARBAGE = 1 + WRONG_GARBAGE_TERMINATOR = 2 + WRONG_GARBAGE = 3 + SEND_NO_AAD = 4 + SEND_NON_EMPTY_VERSION_PACKET = 5 + + +class EarlyKeyResponseState(EncryptedP2PState): + """ Modify v2 P2P protocol functions for testing EARLY_KEY_RESPONSE scenario""" + def __init__(self, initiating, net): + super().__init__(initiating=initiating, net=net) + self.can_data_be_received = False # variable used to assert if data is received on recvbuf. + + def initiate_v2_handshake(self): + """Send ellswift and garbage bytes in 2 parts when TestType = (EARLY_KEY_RESPONSE)""" + self.generate_keypair_and_garbage() + return b"" + + +class ExcessGarbageState(EncryptedP2PState): + """Generate > MAX_GARBAGE_LEN garbage bytes""" + def generate_keypair_and_garbage(self): + garbage_len = MAX_GARBAGE_LEN + random.randrange(1, MAX_GARBAGE_LEN + 1) + return super().generate_keypair_and_garbage(garbage_len) + + +class WrongGarbageTerminatorState(EncryptedP2PState): + """Add option for sending wrong garbage terminator""" + def generate_keypair_and_garbage(self): + garbage_len = random.randrange(MAX_GARBAGE_LEN//2) + return super().generate_keypair_and_garbage(garbage_len) + + def complete_handshake(self, response): + length, handshake_bytes = super().complete_handshake(response) + # first 16 bytes returned by complete_handshake() is the garbage terminator + wrong_garbage_terminator = random_bitflip(handshake_bytes[:16]) + return length, wrong_garbage_terminator + handshake_bytes[16:] + + +class WrongGarbageState(EncryptedP2PState): + """Generate tampered garbage bytes""" + def generate_keypair_and_garbage(self): + garbage_len = random.randrange(1, MAX_GARBAGE_LEN) + ellswift_garbage_bytes = super().generate_keypair_and_garbage(garbage_len) + # assume that garbage bytes sent to TestNode were tampered with + return ellswift_garbage_bytes[:64] + random_bitflip(ellswift_garbage_bytes[64:]) + + +class NoAADState(EncryptedP2PState): + """Add option for not filling first encrypted packet after garbage terminator with AAD""" + def generate_keypair_and_garbage(self): + garbage_len = random.randrange(1, MAX_GARBAGE_LEN) + return super().generate_keypair_and_garbage(garbage_len) + + def complete_handshake(self, response): + self.sent_garbage = b'' # do not authenticate the garbage which is sent + return super().complete_handshake(response) + + +class NonEmptyVersionPacketState(EncryptedP2PState): + """"Add option for sending non-empty transport version packet.""" + def complete_handshake(self, response): + self.transport_version = random_bytes(5) + return super().complete_handshake(response) + + +class MisbehavingV2Peer(P2PInterface): + """Custom implementation of P2PInterface which uses modified v2 P2P protocol functions for testing purposes.""" + def __init__(self, test_type): + super().__init__() + self.test_type = test_type + + def connection_made(self, transport): + if self.test_type == TestType.EARLY_KEY_RESPONSE: + self.v2_state = EarlyKeyResponseState(initiating=True, net='regtest') + elif self.test_type == TestType.EXCESS_GARBAGE: + self.v2_state = ExcessGarbageState(initiating=True, net='regtest') + elif self.test_type == TestType.WRONG_GARBAGE_TERMINATOR: + self.v2_state = WrongGarbageTerminatorState(initiating=True, net='regtest') + elif self.test_type == TestType.WRONG_GARBAGE: + self.v2_state = WrongGarbageState(initiating=True, net='regtest') + elif self.test_type == TestType.SEND_NO_AAD: + self.v2_state = NoAADState(initiating=True, net='regtest') + elif TestType.SEND_NON_EMPTY_VERSION_PACKET: + self.v2_state = NonEmptyVersionPacketState(initiating=True, net='regtest') + super().connection_made(transport) + + def data_received(self, t): + if self.test_type == TestType.EARLY_KEY_RESPONSE: + # check that data can be received on recvbuf only when mismatch from V1_PREFIX happens + assert self.v2_state.can_data_be_received + else: + super().data_received(t) + + +class EncryptedP2PMisbehaving(BitcoinTestFramework): + def set_test_params(self): + self.num_nodes = 1 + self.disable_mocktime = True + self.extra_args = [["-v2transport=1", "-peertimeout=3"]] + + def run_test(self): + self.test_earlykeyresponse() + self.test_v2disconnection() + + def test_earlykeyresponse(self): + self.log.info('Sending ellswift bytes in parts to ensure that response from responder is received only when') + self.log.info('ellswift bytes have a mismatch from the 16 bytes(network magic followed by "version\\x00\\x00\\x00\\x00\\x00")') + node0 = self.nodes[0] + self.log.info('Sending first 4 bytes of ellswift which match network magic') + self.log.info('If a response is received, assertion failure would happen in our custom data_received() function') + peer1 = node0.add_p2p_connection(MisbehavingV2Peer(TestType.EARLY_KEY_RESPONSE), wait_for_verack=False, send_version=False, supports_v2_p2p=True, wait_for_v2_handshake=False) + peer1.send_raw_message(MAGIC_BYTES['regtest']) + self.log.info('Sending remaining ellswift and garbage which are different from V1_PREFIX. Since a response is') + self.log.info('expected now, our custom data_received() function wouldn\'t result in assertion failure') + peer1.v2_state.can_data_be_received = True + peer1.send_raw_message(peer1.v2_state.ellswift_ours[4:] + peer1.v2_state.sent_garbage) + with node0.assert_debug_log(['V2 handshake timeout peer=0']): + peer1.wait_for_disconnect(timeout=5) + self.log.info('successful disconnection since modified ellswift was sent as response') + + def test_v2disconnection(self): + # test v2 disconnection scenarios + node0 = self.nodes[0] + expected_debug_message = [ + [], # EARLY_KEY_RESPONSE + ["V2 transport error: missing garbage terminator, peer=1"], # EXCESS_GARBAGE + ["V2 handshake timeout peer=2"], # WRONG_GARBAGE_TERMINATOR + ["V2 transport error: packet decryption failure"], # WRONG_GARBAGE + ["V2 transport error: packet decryption failure"], # SEND_NO_AAD + [], # SEND_NON_EMPTY_VERSION_PACKET + ] + for test_type in TestType: + if test_type == TestType.EARLY_KEY_RESPONSE: + continue + elif test_type == TestType.SEND_NON_EMPTY_VERSION_PACKET: + node0.add_p2p_connection(MisbehavingV2Peer(test_type), wait_for_verack=True, send_version=True, supports_v2_p2p=True) + self.log.info(f"No disconnection for {test_type.name}") + else: + with node0.assert_debug_log(expected_debug_message[test_type.value], timeout=5): + peer = node0.add_p2p_connection(MisbehavingV2Peer(test_type), wait_for_verack=False, send_version=False, supports_v2_p2p=True, expect_success=False) + peer.wait_for_disconnect() + self.log.info(f"Expected disconnection for {test_type.name}") + + +if __name__ == '__main__': + EncryptedP2PMisbehaving().main() diff --git a/test/functional/test_framework/key.py b/test/functional/test_framework/key.py index d2f0c934b1d0..4a3973f36d83 100644 --- a/test/functional/test_framework/key.py +++ b/test/functional/test_framework/key.py @@ -14,6 +14,7 @@ import unittest from test_framework.crypto import secp256k1 +from test_framework.util import random_bitflip # Order of the secp256k1 curve ORDER = secp256k1.GE.ORDER @@ -289,11 +290,6 @@ def sign_schnorr(key, msg, aux=None, flip_p=False, flip_r=False): class TestFrameworkKey(unittest.TestCase): def test_ecdsa_and_schnorr(self): """Test the Python ECDSA and Schnorr implementations.""" - def random_bitflip(sig): - sig = list(sig) - sig[random.randrange(len(sig))] ^= (1 << (random.randrange(8))) - return bytes(sig) - byte_arrays = [generate_privkey() for _ in range(3)] + [v.to_bytes(32, 'big') for v in [0, ORDER - 1, ORDER, 2**256 - 1]] keys = {} for privkey_bytes in byte_arrays: # build array of key/pubkey pairs diff --git a/test/functional/test_framework/p2p.py b/test/functional/test_framework/p2p.py index 1053b9ee47ce..c6e1d08f1b42 100755 --- a/test/functional/test_framework/p2p.py +++ b/test/functional/test_framework/p2p.py @@ -249,6 +249,7 @@ def connection_made(self, transport): # send the initial handshake immediately if self.supports_v2_p2p and self.v2_state.initiating and not self.v2_state.tried_v2_handshake: send_handshake_bytes = self.v2_state.initiate_v2_handshake() + logger.debug(f"sending {len(self.v2_state.sent_garbage)} bytes of garbage data") self.send_raw_message(send_handshake_bytes) # if v2 connection, send `on_connection_send_msg` after initial v2 handshake. # if reconnection situation, send `on_connection_send_msg` after version message is received in `on_version()`. @@ -289,6 +290,7 @@ def v2_handshake(self): self.v2_state = None return elif send_handshake_bytes: + logger.debug(f"sending {len(self.v2_state.sent_garbage)} bytes of garbage data") self.send_raw_message(send_handshake_bytes) elif send_handshake_bytes == b"": return # only after send_handshake_bytes are sent can `complete_handshake()` be done diff --git a/test/functional/test_framework/test_node.py b/test/functional/test_framework/test_node.py index 456cb688e07a..0f2bd413eb77 100755 --- a/test/functional/test_framework/test_node.py +++ b/test/functional/test_framework/test_node.py @@ -632,7 +632,7 @@ def assert_start_raises_init_error(self, extra_args=None, expected_msg=None, mat assert_msg += "with expected error " + expected_msg self._raise_assertion_error(assert_msg) - def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=True, supports_v2_p2p=None, wait_for_v2_handshake=True, **kwargs): + def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=True, supports_v2_p2p=None, wait_for_v2_handshake=True, expect_success=True, **kwargs): """Add an inbound p2p connection to the node. This method adds the p2p connection to the self.p2ps list and also @@ -652,7 +652,6 @@ def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=Tru if supports_v2_p2p is None: supports_v2_p2p = self.use_v2transport - p2p_conn.p2p_connected_to_node = True if self.use_v2transport: kwargs['services'] = kwargs.get('services', P2P_SERVICES) | NODE_P2P_V2 @@ -660,6 +659,8 @@ def add_p2p_connection(self, p2p_conn, *, wait_for_verack=True, send_version=Tru p2p_conn.peer_connect(**kwargs, send_version=send_version, net=self.chain, timeout_factor=self.timeout_factor, supports_v2_p2p=supports_v2_p2p)() self.p2ps.append(p2p_conn) + if not expect_success: + return p2p_conn p2p_conn.wait_until(lambda: p2p_conn.is_connected, check_connected=False) if supports_v2_p2p and wait_for_v2_handshake: p2p_conn.wait_until(lambda: p2p_conn.v2_state.tried_v2_handshake) diff --git a/test/functional/test_framework/util.py b/test/functional/test_framework/util.py index 4e40bc7f1888..010193ac4303 100644 --- a/test/functional/test_framework/util.py +++ b/test/functional/test_framework/util.py @@ -219,6 +219,12 @@ def str_to_b64str(string): return b64encode(string.encode('utf-8')).decode('ascii') +def random_bitflip(data): + data = list(data) + data[random.randrange(len(data))] ^= (1 << (random.randrange(8))) + return bytes(data) + + def satoshi_round(amount): return Decimal(amount).quantize(Decimal('0.00000001'), rounding=ROUND_DOWN) diff --git a/test/functional/test_framework/v2_p2p.py b/test/functional/test_framework/v2_p2p.py index 50c21cc948f0..97830a4665bb 100644 --- a/test/functional/test_framework/v2_p2p.py +++ b/test/functional/test_framework/v2_p2p.py @@ -4,7 +4,6 @@ # file COPYING or http://www.opensource.org/licenses/mit-license.php. """Class for v2 P2P protocol (see BIP 324)""" -import logging import random from .crypto.bip324_cipher import FSChaCha20Poly1305 @@ -15,14 +14,12 @@ from .messages import MAGIC_BYTES from .util import random_bytes -logger = logging.getLogger("TestFramework.v2_p2p") CHACHA20POLY1305_EXPANSION = 16 HEADER_LEN = 1 IGNORE_BIT_POS = 7 LENGTH_FIELD_LEN = 3 MAX_GARBAGE_LEN = 4095 -TRANSPORT_VERSION = b'' SHORTID = { 1: b"addr", @@ -136,6 +133,7 @@ def __init__(self, *, initiating, net): # has been decrypted. set to -1 if decryption hasn't been done yet. self.contents_len = -1 self.found_garbage_terminator = False + self.transport_version = b'' @staticmethod def v2_ecdh(priv, ellswift_theirs, ellswift_ours, initiating): @@ -152,12 +150,12 @@ def v2_ecdh(priv, ellswift_theirs, ellswift_ours, initiating): # Responding, place their public key encoding first. return TaggedHash("bip324_ellswift_xonly_ecdh", ellswift_theirs + ellswift_ours + ecdh_point_x32) - def generate_keypair_and_garbage(self): + def generate_keypair_and_garbage(self, garbage_len=None): """Generates ellswift keypair and 4095 bytes garbage at max""" self.privkey_ours, self.ellswift_ours = ellswift_create() - garbage_len = random.randrange(MAX_GARBAGE_LEN + 1) + if garbage_len is None: + garbage_len = random.randrange(MAX_GARBAGE_LEN + 1) self.sent_garbage = random_bytes(garbage_len) - logger.debug(f"sending {garbage_len} bytes of garbage data") return self.ellswift_ours + self.sent_garbage def initiate_v2_handshake(self): @@ -213,7 +211,7 @@ def complete_handshake(self, response): msg_to_send += self.v2_enc_packet(decoy_content_len * b'\x00', aad=aad, ignore=True) aad = b'' # Send version packet. - msg_to_send += self.v2_enc_packet(TRANSPORT_VERSION, aad=aad) + msg_to_send += self.v2_enc_packet(self.transport_version, aad=aad) return 64 - len(self.received_prefix), msg_to_send def authenticate_handshake(self, response): diff --git a/test/functional/test_runner.py b/test/functional/test_runner.py index 4c88adc02545..42e54fc5783a 100755 --- a/test/functional/test_runner.py +++ b/test/functional/test_runner.py @@ -245,7 +245,7 @@ 'p2p_invalid_tx.py --v2transport', 'p2p_v2_transport.py', 'p2p_v2_encrypted.py', - 'p2p_v2_earlykeyresponse.py', + 'p2p_v2_misbehaving.py', 'feature_assumevalid.py', 'example_test.py', 'wallet_txn_doublespend.py --legacy-wallet',