diff --git a/src/nodes/NodeManager.ts b/src/nodes/NodeManager.ts index fdb95fa44..56b266ca5 100644 --- a/src/nodes/NodeManager.ts +++ b/src/nodes/NodeManager.ts @@ -1478,6 +1478,37 @@ class NodeManager { }); } + public async handleClaimNetworkNode( + requestingNodeId: NodeId, + input: AgentRPCRequestParams, + tran?: DBTransaction, + ): Promise> { + if (tran == null) { + return this.db.withTransactionF((tran) => this.handleClaimNetworkNode(requestingNodeId, input, tran)); + } + const signedClaim = claimsUtils.parseSignedClaim( + input.signedTokenEncoded, + ); + const token = Token.fromSigned(signedClaim); + // Verify if the token is signed + if ( + !token.verifyWithPublicKey( + keysUtils.publicKeyFromNodeId(requestingNodeId), + ) + ) { + throw new claimsErrors.ErrorSinglySignedClaimVerificationFailed(); + } + // If verified, add your own signature to the received claim + token.signWithPrivateKey(this.keyRing.keyPair); + // Return the signed claim + const doublySignedClaim = token.toSigned(); + const halfSignedClaimEncoded = + claimsUtils.generateSignedClaim(doublySignedClaim); + return { + signedTokenEncoded: halfSignedClaimEncoded, + }; + } + /** * Adds a node to the node graph. This assumes that you have already authenticated the node * Updates the node if the node already exists diff --git a/src/nodes/agent/handlers/NodesNetworkClaimSign.ts b/src/nodes/agent/handlers/NodesNetworkClaimSign.ts new file mode 100644 index 000000000..747aaa5a0 --- /dev/null +++ b/src/nodes/agent/handlers/NodesNetworkClaimSign.ts @@ -0,0 +1,38 @@ +import type { + AgentRPCRequestParams, + AgentRPCResponseResult, + HolePunchSignalMessage, + AddressMessage, + NetworkEntryRequestMessage, + AgentClaimMessage, +} from '../types'; +import type NodeManager from '../../../nodes/NodeManager'; +import type { JSONValue } from '../../../types'; +import { UnaryHandler } from '@matrixai/rpc'; +import * as agentErrors from '../errors'; +import * as agentUtils from '../utils'; + +class NodesNetworkClaimVerify extends UnaryHandler< + { + nodeManager: NodeManager; + }, + AgentRPCRequestParams, + AgentRPCResponseResult<{}> +> { + public handle = async ( + input: AgentRPCRequestParams, + _cancel, + meta: Record | undefined, + ): Promise> => { + const { nodeManager } = this.container; + // Connections should always be validated + const requestingNodeId = agentUtils.nodeIdFromMeta(meta); + if (requestingNodeId == null) { + throw new agentErrors.ErrorAgentNodeIdMissing(); + } + nodeManager.handleClaimNetworkNode(requestingNodeId, input); + return {}; + }; +} + +export default NodesNetworkClaimVerify; diff --git a/src/nodes/agent/handlers/NodesNetworkEntryInitial.ts b/src/nodes/agent/handlers/NodesNetworkClaimVerify.ts similarity index 100% rename from src/nodes/agent/handlers/NodesNetworkEntryInitial.ts rename to src/nodes/agent/handlers/NodesNetworkClaimVerify.ts diff --git a/src/nodes/agent/handlers/NodesNetworkEntryFinal.ts b/src/nodes/agent/handlers/NodesNetworkEntryFinal.ts deleted file mode 100644 index 76f480036..000000000 --- a/src/nodes/agent/handlers/NodesNetworkEntryFinal.ts +++ /dev/null @@ -1,35 +0,0 @@ -import type { - AgentRPCRequestParams, - AgentRPCResponseResult, - HolePunchSignalMessage, - AddressMessage, - NetworkEntryResultMessage, -} from '../types'; -import type NodeConnectionManager from '../../../nodes/NodeConnectionManager'; -import type { Host, Port } from '../../../network/types'; -import type { JSONValue } from '../../../types'; -import { UnaryHandler } from '@matrixai/rpc'; -import * as agentErrors from '../errors'; -import * as agentUtils from '../utils'; -import { never } from '../../../utils'; -import * as keysUtils from '../../../keys/utils'; -import * as ids from '../../../ids'; -import * as x509 from '@peculiar/x509'; - -class NodesNetworkAuthenticate extends UnaryHandler< - { - nodeConnectionManager: NodeConnectionManager; - }, - AgentRPCRequestParams, - AgentRPCResponseResult<{}> -> { - public handle = async ( - input: AgentRPCRequestParams, - _cancel, - meta: Record | undefined, - ): Promise> => { - return {}; - }; -} - -export default NodesNetworkAuthenticate;