litep2p/

peer_id.rs

// Copyright 2018 Parity Technologies (UK) Ltd.
// Copyright 2023 litep2p developers
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the "Software"),
// to deal in the Software without restriction, including without limitation
// the rights to use, copy, modify, merge, publish, distribute, sublicense,
// and/or sell copies of the Software, and to permit persons to whom the
// Software is furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
// FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.

#![allow(clippy::wrong_self_convention)]

use crate::crypto::PublicKey;

use multiaddr::{Multiaddr, Protocol};
use multihash_codetable::{Code, MultihashDigest};
use rand::Rng;
use serde::{Deserialize, Serialize};
use thiserror::Error;

use std::{convert::TryFrom, fmt, str::FromStr};

/// Public keys with byte-lengths smaller than `MAX_INLINE_KEY_LENGTH` will be
/// automatically used as the peer id using an identity multihash.
const MAX_INLINE_KEY_LENGTH: usize = 42;
pub(crate) const MULTIHASH_IDENTITY_CODE: u64 = 0x00;
type Multihash = multihash::Multihash<64>;

/// Identifier of a peer of the network.
///
/// The data is a CIDv0 compatible multihash of the protobuf encoded public key of the peer
/// as specified in [specs/peer-ids](https://github.com/libp2p/specs/blob/master/peer-ids/peer-ids.md).
#[derive(Clone, Copy, Eq, Hash, Ord, PartialEq, PartialOrd)]
pub struct PeerId {
    multihash: Multihash,
}

impl fmt::Debug for PeerId {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        f.debug_tuple("PeerId").field(&self.to_base58()).finish()
    }
}

impl fmt::Display for PeerId {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        self.to_base58().fmt(f)
    }
}

impl PeerId {
    /// Builds a `PeerId` from a public key.
    pub fn from_public_key(key: &PublicKey) -> PeerId {
        Self::from_public_key_protobuf(&key.to_protobuf_encoding())
    }

    /// Builds a `PeerId` from a public key in protobuf encoding.
    pub fn from_public_key_protobuf(key_enc: &[u8]) -> PeerId {
        let multihash = if key_enc.len() <= MAX_INLINE_KEY_LENGTH {
            Multihash::wrap(MULTIHASH_IDENTITY_CODE, key_enc)
                .expect("key_enc.len() <= MAX_INLINE_KEY_LENGTH which fits in Multihash<64>")
        } else {
            Code::Sha2_256.digest(key_enc)
        };

        PeerId { multihash }
    }

    /// Parses a `PeerId` from bytes.
    pub fn from_bytes(data: &[u8]) -> Result<PeerId, ParseError> {
        let multihash = Multihash::from_bytes(data).map_err(|error| {
            tracing::debug!(?error, "failed to decode peer ID bytes as multihash",);
            ParseError::MultiHash
        })?;

        PeerId::from_multihash(multihash).map_err(|multihash| {
            tracing::debug!(
                code = multihash.code(),
                digest_len = multihash.digest().len(),
                "decoded multihash is not a valid peer ID",
            );
            ParseError::MultiHash
        })
    }

    /// Tries to turn a `Multihash` into a `PeerId`.
    ///
    /// If the multihash does not use a valid hashing algorithm for peer IDs,
    /// or the hash value does not satisfy the constraints for a hashed
    /// peer ID, it is returned as an `Err`.
    ///
    /// Accepts anything that converts into `multihash::Multihash<64>`,
    /// including `multiaddr::PeerId` which implements that conversion.
    pub fn from_multihash(multihash: impl Into<Multihash>) -> Result<PeerId, Multihash> {
        let multihash = multihash.into();

        match multihash.code() {
            code if code == u64::from(Code::Sha2_256) => Ok(PeerId { multihash }),
            MULTIHASH_IDENTITY_CODE if multihash.digest().len() <= MAX_INLINE_KEY_LENGTH =>
                Ok(PeerId { multihash }),
            _ => Err(multihash),
        }
    }

    /// Tries to extract a [`PeerId`] from the given [`Multiaddr`].
    ///
    /// In case the given [`Multiaddr`] ends with `/p2p/<peer-id>`, this function
    /// will return the encapsulated [`PeerId`], otherwise it will return `None`.
    pub fn try_from_multiaddr(address: &Multiaddr) -> Option<PeerId> {
        address.iter().last().and_then(|p| match p {
            Protocol::P2p(peer_id) => PeerId::from_multihash(peer_id).ok(),
            _ => None,
        })
    }

    /// Generates a random peer ID from a cryptographically secure PRNG.
    ///
    /// This is useful for randomly walking on a DHT, or for testing purposes.
    pub fn random() -> PeerId {
        let peer_id = rand::thread_rng().gen::<[u8; 32]>();
        PeerId {
            multihash: Multihash::wrap(MULTIHASH_IDENTITY_CODE, &peer_id)
                .expect("The digest size is never too large"),
        }
    }

    /// Returns a raw bytes representation of this `PeerId`.
    pub fn to_bytes(&self) -> Vec<u8> {
        self.multihash.to_bytes()
    }

    /// Returns a base-58 encoded string of this `PeerId`.
    pub fn to_base58(&self) -> String {
        bs58::encode(self.to_bytes()).into_string()
    }

    /// Checks whether the public key passed as parameter matches the public key of this `PeerId`.
    ///
    /// Returns `None` if this `PeerId`s hash algorithm is not supported when encoding the
    /// given public key, otherwise `Some` boolean as the result of an equality check.
    pub fn is_public_key(&self, public_key: &PublicKey) -> Option<bool> {
        let enc = public_key.to_protobuf_encoding();

        let expected = match self.multihash.code() {
            code if code == u64::from(Code::Sha2_256) => Code::Sha2_256.digest(&enc),
            MULTIHASH_IDENTITY_CODE => Multihash::wrap(MULTIHASH_IDENTITY_CODE, &enc).expect(
                "identity key enc fits in Multihash<64> since it passed from_public_key_protobuf",
            ),
            _ => return None,
        };

        Some(expected == self.multihash)
    }

    /// Converts this peer ID into a `multiaddr` peer ID.
    ///
    /// This is a fallible conversion for callers that want to avoid relying on
    /// the internal invariant that litep2p and multiaddr peer IDs accept the
    /// same multihash forms.
    pub fn to_multiaddr_peer_id(&self) -> Result<multiaddr::PeerId, Multihash> {
        multiaddr::PeerId::try_from(*self.as_ref())
    }
}

impl From<PublicKey> for PeerId {
    fn from(key: PublicKey) -> PeerId {
        PeerId::from_public_key(&key)
    }
}

impl From<&PublicKey> for PeerId {
    fn from(key: &PublicKey) -> PeerId {
        PeerId::from_public_key(key)
    }
}

impl TryFrom<Vec<u8>> for PeerId {
    type Error = Vec<u8>;

    fn try_from(value: Vec<u8>) -> Result<Self, Self::Error> {
        PeerId::from_bytes(&value).map_err(|_| value)
    }
}

impl TryFrom<Multihash> for PeerId {
    type Error = Multihash;

    fn try_from(value: Multihash) -> Result<Self, Self::Error> {
        PeerId::from_multihash(value)
    }
}

impl AsRef<Multihash> for PeerId {
    fn as_ref(&self) -> &Multihash {
        &self.multihash
    }
}

impl From<PeerId> for Multihash {
    fn from(peer_id: PeerId) -> Self {
        peer_id.multihash
    }
}

impl From<PeerId> for Vec<u8> {
    fn from(peer_id: PeerId) -> Self {
        peer_id.to_bytes()
    }
}

impl From<PeerId> for multiaddr::PeerId {
    /// Converts this peer ID into a `multiaddr` peer ID.
    ///
    /// # Panics
    ///
    /// Panics only if `PeerId`'s internal invariant has been violated. Safe
    /// constructors accept the same multihash forms that `multiaddr::PeerId`
    /// accepts, so this conversion should not fail for any valid `PeerId`.
    fn from(peer_id: PeerId) -> Self {
        peer_id
            .to_multiaddr_peer_id()
            .expect("litep2p PeerId is always a valid multiaddr PeerId")
    }
}

impl Serialize for PeerId {
    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
    where
        S: serde::Serializer,
    {
        if serializer.is_human_readable() {
            serializer.serialize_str(&self.to_base58())
        } else {
            serializer.serialize_bytes(&self.to_bytes()[..])
        }
    }
}

impl<'de> Deserialize<'de> for PeerId {
    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
    where
        D: serde::Deserializer<'de>,
    {
        use serde::de::*;

        struct PeerIdVisitor;

        impl Visitor<'_> for PeerIdVisitor {
            type Value = PeerId;

            fn expecting(&self, f: &mut fmt::Formatter) -> fmt::Result {
                write!(f, "valid peer id")
            }

            fn visit_bytes<E>(self, v: &[u8]) -> Result<Self::Value, E>
            where
                E: Error,
            {
                PeerId::from_bytes(v).map_err(|_| Error::invalid_value(Unexpected::Bytes(v), &self))
            }

            fn visit_str<E>(self, v: &str) -> Result<Self::Value, E>
            where
                E: Error,
            {
                PeerId::from_str(v).map_err(|_| Error::invalid_value(Unexpected::Str(v), &self))
            }
        }

        if deserializer.is_human_readable() {
            deserializer.deserialize_str(PeerIdVisitor)
        } else {
            deserializer.deserialize_bytes(PeerIdVisitor)
        }
    }
}

#[derive(Debug, Error)]
pub enum ParseError {
    #[error("base-58 decode error: {0}")]
    B58(#[from] bs58::decode::Error),
    #[error("decoding multihash failed")]
    MultiHash,
}

impl FromStr for PeerId {
    type Err = ParseError;

    #[inline]
    fn from_str(s: &str) -> Result<Self, Self::Err> {
        let bytes = bs58::decode(s).into_vec()?;
        PeerId::from_bytes(&bytes)
    }
}

#[cfg(test)]
mod tests {
    use super::{ParseError, MAX_INLINE_KEY_LENGTH, MULTIHASH_IDENTITY_CODE};
    use crate::{crypto::ed25519::Keypair, PeerId};
    use multiaddr::{Multiaddr, Protocol};
    use multihash::Multihash;
    use multihash_codetable::Code;

    #[test]
    fn peer_id_is_public_key() {
        let key = Keypair::generate().public();
        let peer_id = key.to_peer_id();
        assert_eq!(peer_id.is_public_key(&key.into()), Some(true));
    }

    #[test]
    fn peer_id_into_bytes_then_from_bytes() {
        let peer_id = Keypair::generate().public().to_peer_id();
        let second = PeerId::from_bytes(&peer_id.to_bytes()).unwrap();
        assert_eq!(peer_id, second);
    }

    #[test]
    fn peer_id_to_base58_then_back() {
        let peer_id = Keypair::generate().public().to_peer_id();
        let second: PeerId = peer_id.to_base58().parse().unwrap();
        assert_eq!(peer_id, second);
    }

    #[test]
    fn random_peer_id_is_valid() {
        for _ in 0..5000 {
            let peer_id = PeerId::random();
            assert_eq!(peer_id, PeerId::from_bytes(&peer_id.to_bytes()).unwrap());
        }
    }

    #[test]
    fn peer_id_from_multiaddr() {
        let address = "[::1]:1337".parse::<std::net::SocketAddr>().unwrap();
        let peer = PeerId::random();
        let address = Multiaddr::empty()
            .with(Protocol::from(address.ip()))
            .with(Protocol::Tcp(address.port()))
            .with(Protocol::P2p(peer.into()));

        assert_eq!(peer, PeerId::try_from_multiaddr(&address).unwrap());
    }

    #[test]
    fn peer_id_from_multiaddr_no_peer_id() {
        let address = "[::1]:1337".parse::<std::net::SocketAddr>().unwrap();
        let address = Multiaddr::empty()
            .with(Protocol::from(address.ip()))
            .with(Protocol::Tcp(address.port()));

        assert!(PeerId::try_from_multiaddr(&address).is_none());
    }

    #[test]
    fn peer_id_from_bytes() {
        let peer = PeerId::random();
        let bytes = peer.to_bytes();

        assert_eq!(PeerId::try_from(bytes).unwrap(), peer);
    }

    #[test]
    fn peer_id_as_multihash() {
        let peer = PeerId::random();
        let multihash = Multihash::from(peer);

        assert_eq!(&multihash, peer.as_ref());
        assert_eq!(PeerId::try_from(multihash).unwrap(), peer);
    }

    #[test]
    fn serialize_deserialize() {
        let peer = PeerId::random();
        let serialized = serde_json::to_string(&peer).unwrap();
        let deserialized = serde_json::from_str(&serialized).unwrap();

        assert_eq!(peer, deserialized);
    }

    #[test]
    fn invalid_multihash() {
        fn test() -> crate::Result<PeerId> {
            let bytes = [
                0x16, 0x20, 0x64, 0x4b, 0xcc, 0x7e, 0x56, 0x43, 0x73, 0x04, 0x09, 0x99, 0xaa, 0xc8,
                0x9e, 0x76, 0x22, 0xf3, 0xca, 0x71, 0xfb, 0xa1, 0xd9, 0x72, 0xfd, 0x94, 0xa3, 0x1c,
                0x3b, 0xfb, 0xf2, 0x4e, 0x39, 0x38,
            ];

            PeerId::from_multihash(Multihash::from_bytes(&bytes).unwrap()).map_err(From::from)
        }
        let _error = test().unwrap_err();
    }

    // --- from_public_key_protobuf ---

    #[test]
    fn from_public_key_protobuf_small_key_uses_identity_hash() {
        let key = Keypair::generate();
        let enc = crate::crypto::PublicKey::from(key.public()).to_protobuf_encoding();
        assert!(
            enc.len() <= MAX_INLINE_KEY_LENGTH,
            "ed25519 protobuf key must fit inline"
        );

        let peer_id = PeerId::from_public_key_protobuf(&enc);
        assert_eq!(peer_id.as_ref().code(), MULTIHASH_IDENTITY_CODE);
    }

    #[test]
    fn from_public_key_protobuf_identity_hash_stores_raw_bytes_not_rehash() {
        // The identity multihash must store the key bytes verbatim, not hash them.
        let key = Keypair::generate();
        let enc = crate::crypto::PublicKey::from(key.public()).to_protobuf_encoding();

        let peer_id = PeerId::from_public_key_protobuf(&enc);
        assert_eq!(peer_id.as_ref().digest(), enc.as_slice());
    }

    #[test]
    fn from_public_key_protobuf_large_key_uses_sha256() {
        // Any encoding longer than MAX_INLINE_KEY_LENGTH (42) must use SHA-256.
        let enc = vec![0u8; MAX_INLINE_KEY_LENGTH + 1];
        let peer_id = PeerId::from_public_key_protobuf(&enc);
        assert_eq!(peer_id.as_ref().code(), u64::from(Code::Sha2_256));
    }

    #[test]
    fn from_public_key_protobuf_sha256_digest_is_hash_of_key_not_key_itself() {
        // SHA-256 path must hash the key, not store it verbatim.
        let enc = vec![0u8; MAX_INLINE_KEY_LENGTH + 1];
        let peer_id = PeerId::from_public_key_protobuf(&enc);
        // digest is 32 bytes (SHA-256 output), not the original key length
        assert_eq!(peer_id.as_ref().digest().len(), 32);
        assert_ne!(peer_id.as_ref().digest(), enc.as_slice());
    }

    // --- is_public_key ---

    #[test]
    fn is_public_key_returns_false_for_different_key() {
        let key1 = Keypair::generate().public();
        let key2 = Keypair::generate().public();
        let peer_id = key1.to_peer_id();
        assert_eq!(peer_id.is_public_key(&key2.into()), Some(false));
    }

    // --- from_multihash ---

    #[test]
    fn from_multihash_rejects_unsupported_code() {
        // Code 0x16 (sha3-256) is not a valid peer ID hash.
        let bytes = [
            0x16, 0x20, 0x64, 0x4b, 0xcc, 0x7e, 0x56, 0x43, 0x73, 0x04, 0x09, 0x99, 0xaa, 0xc8,
            0x9e, 0x76, 0x22, 0xf3, 0xca, 0x71, 0xfb, 0xa1, 0xd9, 0x72, 0xfd, 0x94, 0xa3, 0x1c,
            0x3b, 0xfb, 0xf2, 0x4e, 0x39, 0x38,
        ];
        let mh = Multihash::from_bytes(&bytes).unwrap();
        assert!(PeerId::from_multihash(mh).is_err());
    }

    // --- from_bytes ---

    #[test]
    fn from_bytes_rejects_invalid_peer_id_multihash() {
        let bytes = [
            0x16, 0x20, 0x64, 0x4b, 0xcc, 0x7e, 0x56, 0x43, 0x73, 0x04, 0x09, 0x99, 0xaa, 0xc8,
            0x9e, 0x76, 0x22, 0xf3, 0xca, 0x71, 0xfb, 0xa1, 0xd9, 0x72, 0xfd, 0x94, 0xa3, 0x1c,
            0x3b, 0xfb, 0xf2, 0x4e, 0x39, 0x38,
        ];
        assert!(matches!(
            PeerId::from_bytes(&bytes),
            Err(ParseError::MultiHash)
        ));
    }

    #[test]
    fn from_bytes_rejects_invalid_multihash_bytes() {
        assert!(matches!(
            PeerId::from_bytes(&[0xff]),
            Err(ParseError::MultiHash)
        ));
    }

    #[test]
    fn from_str_rejects_invalid_base58() {
        assert!(matches!(
            "not base58: 0".parse::<PeerId>(),
            Err(ParseError::B58(_))
        ));
    }

    // --- identity and sha256 peer IDs roundtrip ---

    #[test]
    fn identity_peer_id_roundtrip_through_multiaddr() {
        // PeerId::random() uses identity hash; verify it survives a multiaddr roundtrip.
        let peer = PeerId::random();
        assert_eq!(peer.as_ref().code(), MULTIHASH_IDENTITY_CODE);

        let addr = Multiaddr::empty()
            .with(Protocol::Ip4("127.0.0.1".parse().unwrap()))
            .with(Protocol::Tcp(1234))
            .with(Protocol::P2p(peer.into()));

        assert_eq!(peer, PeerId::try_from_multiaddr(&addr).unwrap());
    }

    #[test]
    fn sha256_peer_id_roundtrip_through_multiaddr() {
        // Use a large synthetic key encoding to force sha256.
        let enc = vec![42u8; MAX_INLINE_KEY_LENGTH + 1];
        let peer = PeerId::from_public_key_protobuf(&enc);
        assert_eq!(peer.as_ref().code(), u64::from(Code::Sha2_256));

        let addr = Multiaddr::empty()
            .with(Protocol::Ip4("127.0.0.1".parse().unwrap()))
            .with(Protocol::Tcp(1234))
            .with(Protocol::P2p(peer.into()));

        assert_eq!(peer, PeerId::try_from_multiaddr(&addr).unwrap());
    }
}