bug fixes, compatibility changes for typescript implementation - added "type" literal field in all JSON payloads for easier discrimination/parsing, changed format of signature to the raw integers r||s instead of DER representation. unfortunately very hard to find support in java/typescript for that

Author: lukvmil

pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "koi-net"
-version = "1.1.0-beta.5"
+version = "1.1.0-beta.6"
 description = "Implementation of KOI-net protocol in Python"
 authors = [
     {name = "Luke Miller", email = "[email protected]"}

src/koi_net/network/error_handler.py

@@ -1,5 +1,5 @@
 from logging import getLogger
-from koi_net.protocol.errors import ErrorTypes
+from koi_net.protocol.errors import ErrorType
 from koi_net.protocol.event import EventType
 from rid_lib.types import KoiNetNode
 from ..processor.interface import ProcessorInterface
@@ -36,15 +36,15 @@ def handle_connection_error(self, node: KoiNetNode):
 
     def handle_protocol_error(
         self, 
-        error_type: ErrorTypes, 
+        error_type: ErrorType, 
         node: KoiNetNode
     ):
         logger.info(f"Handling protocol error {error_type} for node {node!r}")
         match error_type:
-            case ErrorTypes.UnknownNode:
+            case ErrorType.UnknownNode:
                 logger.info("Peer doesn't know me, attempting handshake...")
                 self.actor.handshake_with(node)
 
-            case ErrorTypes.InvalidKey: ...
-            case ErrorTypes.InvalidSignature: ...
-            case ErrorTypes.InvalidTarget: ...
+            case ErrorType.InvalidKey: ...
+            case ErrorType.InvalidSignature: ...
+            case ErrorType.InvalidTarget: ...

src/koi_net/network/graph.py

@@ -41,7 +41,7 @@ def generate(self):
                 logger.debug(f"Added edge {rid!r} ({edge_profile.source} -> {edge_profile.target})")
         logger.debug("Done")
 
-    def get_edge(self, source: KoiNetNode, target: KoiNetNode,) -> EdgeProfile | None:
+    def get_edge(self, source: KoiNetNode, target: KoiNetNode,) -> KoiNetEdge | None:
         """Returns edge RID given the RIDs of a source and target node."""
         if (source, target) in self.dg.edges:
             edge_data = self.dg.get_edge_data(source, target)

src/koi_net/protocol/api_models.py

@@ -1,51 +1,60 @@
 """Pydantic models for request and response/payload objects in the KOI-net API."""
 
-from pydantic import BaseModel
+from typing import Literal
+from pydantic import BaseModel, Field
 from rid_lib import RID, RIDType
 from rid_lib.ext import Bundle, Manifest
 from .event import Event
-from .errors import ErrorTypes
+from .errors import ErrorType
 
 
 # REQUEST MODELS
 
 class PollEvents(BaseModel):
-    rid: RID
+    type: Literal["poll_events"] = Field("poll_events")
     limit: int = 0
 
 class FetchRids(BaseModel):
+    type: Literal["fetch_rids"] = Field("fetch_rids")
     rid_types: list[RIDType] = []
 
 class FetchManifests(BaseModel):
+    type: Literal["fetch_manifests"] = Field("fetch_manifests")
     rid_types: list[RIDType] = []
     rids: list[RID] = []
 
 class FetchBundles(BaseModel):
+    type: Literal["fetch_bundles"] = Field("fetch_bundles")
     rids: list[RID]
 
 
 # RESPONSE/PAYLOAD MODELS
 
 class RidsPayload(BaseModel):
+    type: Literal["rids_payload"] = Field("rids_payload")
     rids: list[RID]
 
 class ManifestsPayload(BaseModel):
+    type: Literal["manifests_payload"] = Field("manifests_payload")
     manifests: list[Manifest]
     not_found: list[RID] = []
 
 class BundlesPayload(BaseModel):
+    type: Literal["bundles_payload"] = Field("bundles_payload")
     bundles: list[Bundle]
     not_found: list[RID] = []
     deferred: list[RID] = []
 
 class EventsPayload(BaseModel):
+    type: Literal["events_payload"] = Field("events_payload")
     events: list[Event]
 
 
 # ERROR MODELS
 
 class ErrorResponse(BaseModel):
-    error: ErrorTypes
+    type: Literal["error_response"] = Field("error_response")
+    error: ErrorType
 
 # TYPES
 

src/koi_net/protocol/envelope.py

@@ -27,7 +27,7 @@ def verify_with(self, pub_key: PublicKey):
         )
 
         logger.debug(f"Verifying envelope: {unsigned_envelope.model_dump_json()}")
-        
+                
         pub_key.verify(
             self.signature,
             unsigned_envelope.model_dump_json().encode()

src/koi_net/protocol/errors.py

@@ -1,23 +1,23 @@
 from enum import StrEnum
 
 
-class ErrorTypes(StrEnum):
+class ErrorType(StrEnum):
     UnknownNode = "unknown_node"
     InvalidKey = "invalid_key"
     InvalidSignature = "invalid_signature"
     InvalidTarget = "invalid_target"
 
 class ProtocolError(Exception):
-    error_type: ErrorTypes
+    error_type: ErrorType
 
 class UnknownNodeError(ProtocolError):
-    error_type = ErrorTypes.UnknownNode
+    error_type = ErrorType.UnknownNode
 
 class InvalidKeyError(ProtocolError):
-    error_type = ErrorTypes.InvalidKey
+    error_type = ErrorType.InvalidKey
 
 class InvalidSignatureError(ProtocolError):
-    error_type = ErrorTypes.InvalidSignature
+    error_type = ErrorType.InvalidSignature
 
 class InvalidTargetError(ProtocolError):
-    error_type = ErrorTypes.InvalidTarget
+    error_type = ErrorType.InvalidTarget

src/koi_net/protocol/secure.py

@@ -1,22 +1,64 @@
 import logging
-from base64 import urlsafe_b64decode, urlsafe_b64encode
+from base64 import b64decode, b64encode
 from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives.asymmetric import ec
 from cryptography.hazmat.primitives import serialization
 from rid_lib.ext.utils import sha256_hash
+from cryptography.hazmat.primitives.asymmetric.utils import (
+    decode_dss_signature, 
+    encode_dss_signature
+)
 
 logger = logging.getLogger(__name__)
 
 
+def der_to_raw_signature(der_signature: bytes, curve=ec.SECP256R1()) -> bytes:
+    """Convert a DER-encoded signature to raw r||s format."""
+    
+    # Decode the DER signature to get r and s
+    r, s = decode_dss_signature(der_signature)
+    
+    # Determine byte length based on curve bit size
+    byte_length = (curve.key_size + 7) // 8
+    
+    # Convert r and s to big-endian byte arrays of fixed length
+    r_bytes = r.to_bytes(byte_length, byteorder='big')
+    s_bytes = s.to_bytes(byte_length, byteorder='big')
+    
+    # Concatenate r and s
+    return r_bytes + s_bytes
+
+
+def raw_to_der_signature(raw_signature: bytes, curve=ec.SECP256R1()) -> bytes:
+    """Convert a raw r||s signature to DER format."""
+    
+    # Determine byte length based on curve bit size
+    byte_length = (curve.key_size + 7) // 8
+    
+    # Split the raw signature into r and s components
+    if len(raw_signature) != 2 * byte_length:
+        raise ValueError(f"Raw signature must be {2 * byte_length} bytes for {curve.name}")
+    
+    r_bytes = raw_signature[:byte_length]
+    s_bytes = raw_signature[byte_length:]
+    
+    # Convert bytes to integers
+    r = int.from_bytes(r_bytes, byteorder='big')
+    s = int.from_bytes(s_bytes, byteorder='big')
+    
+    # Encode as DER
+    return encode_dss_signature(r, s)
+
+
 class PrivateKey:
     priv_key: ec.EllipticCurvePrivateKey
 
     def __init__(self, priv_key):
         self.priv_key = priv_key
-        
+    
     @classmethod
     def generate(cls):
-        return cls(priv_key=ec.generate_private_key(ec.SECP192R1()))
+        return cls(priv_key=ec.generate_private_key(ec.SECP256R1()))
 
     def public_key(self) -> "PublicKey":
         return PublicKey(self.priv_key.public_key())
@@ -40,12 +82,14 @@ def to_pem(self, password: str) -> str:
     def sign(self, message: bytes) -> str:
         hashed_message = sha256_hash(message.decode())
 
-        signature = urlsafe_b64encode(
-            self.priv_key.sign(
-                data=message,
-                signature_algorithm=ec.ECDSA(hashes.SHA256())
-            )
-        ).decode()
+        der_signature_bytes = self.priv_key.sign(
+            data=message,
+            signature_algorithm=ec.ECDSA(hashes.SHA256())
+        )
+        
+        raw_signature_bytes = der_to_raw_signature(der_signature_bytes)
+        
+        signature = b64encode(raw_signature_bytes).decode()
 
         logger.debug(f"Signing message with [{self.public_key().to_der()}]")
         logger.debug(f"hash: {hashed_message}")
@@ -78,29 +122,39 @@ def to_pem(self) -> str:
     def from_der(cls, pub_key_der: str):        
         return cls(
             pub_key=serialization.load_der_public_key(
-                data=urlsafe_b64decode(pub_key_der)
+                data=b64decode(pub_key_der)
             )
         )
 
     def to_der(self) -> str:
-        return urlsafe_b64encode(
+        return b64encode(
             self.pub_key.public_bytes(
                 encoding=serialization.Encoding.DER,
                 format=serialization.PublicFormat.SubjectPublicKeyInfo
             )
         ).decode()
 
+        
     def verify(self, signature: str, message: bytes) -> bool:
-        hashed_message = sha256_hash(message.decode())
+        # hashed_message = sha256_hash(message.decode())
+        
+        # print(message.hex())
+        # print()
+        # print(hashed_message)
+        # print()
+        # print(message.decode())
 
-        logger.debug(f"Verifying message with [{self.to_der()}]")
-        logger.debug(f"hash: {hashed_message}")
-        logger.debug(f"signature: {signature}")
+        # logger.debug(f"Verifying message with [{self.to_der()}]")
+        # logger.debug(f"hash: {hashed_message}")
+        # logger.debug(f"signature: {signature}")
+        
+        raw_signature_bytes = b64decode(signature)
+        der_signature_bytes = raw_to_der_signature(raw_signature_bytes)
 
         # NOTE: throws cryptography.exceptions.InvalidSignature on failure
 
         self.pub_key.verify(
-            signature=urlsafe_b64decode(signature),
+            signature=der_signature_bytes,
             data=message,
             signature_algorithm=ec.ECDSA(hashes.SHA256())
         )