Sign connect request

nymtech · Jul 22, 2024 · 29f1a5c · 29f1a5c
1 parent 034adf7
commit 29f1a5c
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 7 deletions.
diff --git a/nym-vpn-core/Cargo.toml b/nym-vpn-core/Cargo.toml
@@ -31,7 +31,7 @@ members = [
 # nym-id = { path = "../../nym/common/nym-id" }
 # nym-ip-packet-requests = { path = "../../nym/common/ip-packet-requests" }
 # nym-node-requests = { path = "../../nym/nym-node/nym-node-requests" }
-# nym-pemstore = { path = "../../nym/common/nym-pemstore" }
+# nym-pemstore = { path = "../../nym/common/pemstore" }
 # nym-sdk = { path = "../../nym/sdk/rust/nym-sdk" }
 # nym-task = { path = "../../nym/common/task" }
 # nym-topology = { path = "../../nym/common/topology" }

diff --git a/nym-vpn-core/crates/nym-ip-packet-client/Cargo.toml b/nym-vpn-core/crates/nym-ip-packet-client/Cargo.toml
@@ -9,11 +9,11 @@ edition.workspace = true
 license.workspace = true
 
 [dependencies]
+futures.workspace = true
 nym-gateway-directory = { path = "../nym-gateway-directory" }
 nym-ip-packet-requests.workspace = true
 nym-sdk.workspace = true
-tracing.workspace = true
 thiserror.workspace = true
 tokio.workspace = true
 tracing-subscriber.workspace = true
-futures.workspace = true
+tracing.workspace = true
diff --git a/nym-vpn-core/crates/nym-ip-packet-client/src/lib.rs b/nym-vpn-core/crates/nym-ip-packet-client/src/lib.rs
@@ -7,12 +7,12 @@ use nym_ip_packet_requests::{
         DynamicConnectResponse, DynamicConnectResponseReply, IpPacketResponse,
         IpPacketResponseData, StaticConnectResponse, StaticConnectResponseReply,
     },
-    v7::request::IpPacketRequest,
+    v7::{request::IpPacketRequest, signature::SignedRequest},
     IpPair,
 };
 use nym_sdk::mixnet::{
-    MixnetClient, MixnetClientSender, MixnetMessageSender, Recipient, ReconstructedMessage,
-    TransmissionLane,
+    ed25519, MixnetClient, MixnetClientSender, MixnetMessageSender, Recipient,
+    ReconstructedMessage, TransmissionLane,
 };
 use tracing::{debug, error};
 
@@ -41,6 +41,10 @@ impl SharedMixnetClient {
         Ok(())
     }
 
+    pub async fn sign(&self, data: &[u8]) -> ed25519::Signature {
+        self.lock().await.as_ref().unwrap().sign(data)
+    }
+
     pub fn inner(&self) -> Arc<tokio::sync::Mutex<Option<MixnetClient>>> {
         self.0.clone()
     }
@@ -141,7 +145,7 @@ impl IprClient {
         enable_two_hop: bool,
     ) -> Result<u64> {
         let hops = enable_two_hop.then_some(0);
-        let (request, request_id) = if let Some(ips) = ips {
+        let (mut request, request_id) = if let Some(ips) = ips {
             debug!("Sending static connect request with ips: {ips}");
             IpPacketRequest::new_static_connect_request(ips, self.nym_address, hops, None, None)
         } else {
@@ -150,6 +154,14 @@ impl IprClient {
         };
         debug!("Sent connect request with version v{}", request.version);
 
+        // With the request constructed, we need to sign it
+        if let Some(Ok(data_to_sign)) = request.data.signable_request() {
+            let signature = self.mixnet_client.sign(&data_to_sign).await;
+            request.data.add_signature(signature);
+        } else {
+            error!("Failed to add signature to connect the request");
+        }
+
         self.mixnet_sender
             .send(nym_sdk::mixnet::InputMessage::new_regular_with_custom_hops(
                 ip_packet_router_address,