fix: rotate webrtc direct certificates (#3073)

Lowers the validity of webrtc direct certs to two weeks similar to webtransport and updates listening multiaddrs after the cert has been renewed.

The validity is lowered because the longest `setTimeout` we can do is just under a month, otherwise we overflow the max value we can pass to `setTimeout`.

Author: achingbrain

packages/transport-webrtc/src/constants.ts

@@ -129,4 +129,9 @@ export const DEFAULT_CERTIFICATE_PRIVATE_KEY_TYPE = 'ECDSA'
 /**
  * How long the certificate is valid for
  */
-export const DEFAULT_CERTIFICATE_LIFESPAN = 365
+export const DEFAULT_CERTIFICATE_LIFESPAN = 1_209_600_000
+
+/**
+ * Renew the certificate this long before it expires
+ */
+export const DEFAULT_CERTIFICATE_RENEWAL_THRESHOLD = 86_400_000

packages/transport-webrtc/src/private-to-public/listener.ts

@@ -84,6 +84,7 @@ export class WebRTCDirectListener extends TypedEventEmitter<ListenerEvents> impl
 
     // inform the transport manager our addresses have changed
     init.emitter.addEventListener('certificate:renew', evt => {
+      this.log('received new TLS certificate', evt.detail.certhash)
       this.certificate = evt.detail
       this.safeDispatchEvent('listening')
     })

packages/transport-webrtc/src/private-to-public/transport.ts

@@ -1,5 +1,5 @@
 import { generateKeyPair, privateKeyToCryptoKeyPair } from '@libp2p/crypto/keys'
-import { NotFoundError, NotStartedError, TypedEventEmitter, serviceCapabilities, transportSymbol } from '@libp2p/interface'
+import { InvalidParametersError, NotFoundError, NotStartedError, TypedEventEmitter, serviceCapabilities, transportSymbol } from '@libp2p/interface'
 import { peerIdFromString } from '@libp2p/peer-id'
 import { WebRTCDirect } from '@multiformats/multiaddr-matcher'
 import { BasicConstraintsExtension, X509Certificate, X509CertificateGenerator } from '@peculiar/x509'
@@ -9,7 +9,7 @@ import { sha256 } from 'multiformats/hashes/sha2'
 import { raceSignal } from 'race-signal'
 import { equals as uint8ArrayEquals } from 'uint8arrays/equals'
 import { fromString as uint8ArrayFromString } from 'uint8arrays/from-string'
-import { DEFAULT_CERTIFICATE_DATASTORE_KEY, DEFAULT_CERTIFICATE_LIFESPAN, DEFAULT_CERTIFICATE_PRIVATE_KEY_NAME } from '../constants.js'
+import { DEFAULT_CERTIFICATE_DATASTORE_KEY, DEFAULT_CERTIFICATE_LIFESPAN, DEFAULT_CERTIFICATE_PRIVATE_KEY_NAME, DEFAULT_CERTIFICATE_RENEWAL_THRESHOLD } from '../constants.js'
 import { genUfrag } from '../util.js'
 import { WebRTCDirectListener } from './listener.js'
 import { connect } from './utils/connect.js'
@@ -23,8 +23,6 @@ import type { Keychain } from '@libp2p/keychain'
 import type { Multiaddr } from '@multiformats/multiaddr'
 import type { Datastore } from 'interface-datastore'
 
-const ONE_DAY_MS = 86_400_000
-
 export interface WebRTCDirectTransportComponents {
   peerId: PeerId
   privateKey: PrivateKey
@@ -88,16 +86,16 @@ export interface WebRTCTransportDirectInit {
   certificateKeychainName?: string
 
   /**
-   * Number of days a certificate should be valid for
+   * Number of ms a certificate should be valid for (defaults to 14 days)
    *
-   * @default 365
+   * @default 2_592_000_000
    */
   certificateLifespan?: number
 
   /**
-   * Certificates will be renewed this many days before their expiry
+   * Certificates will be renewed this many ms before expiry (defaults to 1 day)
    *
-   * @default 5
+   * @default 86_400_000
    */
   certificateRenewalThreshold?: number
 }
@@ -114,13 +112,18 @@ export class WebRTCDirectTransport implements Transport, Startable {
   private certificate?: TransportCertificate
   private privateKey?: PrivateKey
   private readonly emitter: TypedEventTarget<WebRTCDirectTransportCertificateEvents>
+  private renewCertificateTask?: ReturnType<typeof setTimeout>
 
   constructor (components: WebRTCDirectTransportComponents, init: WebRTCTransportDirectInit = {}) {
     this.log = components.logger.forComponent('libp2p:webrtc-direct')
     this.components = components
     this.init = init
     this.emitter = new TypedEventEmitter()
 
+    if (init.certificateLifespan != null && init.certificateRenewalThreshold != null && init.certificateRenewalThreshold >= init.certificateLifespan) {
+      throw new InvalidParametersError('Certificate renewal threshold must be less than certificate lifespan')
+    }
+
     if (components.metrics != null) {
       this.metrics = {
         dialerEvents: components.metrics.registerCounterGroup('libp2p_webrtc-direct_dialer_events_total', {
@@ -144,7 +147,11 @@ export class WebRTCDirectTransport implements Transport, Startable {
   }
 
   async stop (): Promise<void> {
+    if (this.renewCertificateTask != null) {
+      clearTimeout(this.renewCertificateTask)
+    }
 
+    this.certificate = undefined
   }
 
   /**
@@ -225,14 +232,14 @@ export class WebRTCDirectTransport implements Transport, Startable {
     }
   }
 
-  private async getCertificate (): Promise<TransportCertificate> {
+  private async getCertificate (forceRenew?: boolean): Promise<TransportCertificate> {
     if (isTransportCertificate(this.init.certificate)) {
-      this.log.trace('using provided TLS certificate')
+      this.log('using provided TLS certificate')
       return this.init.certificate
     }
 
     const privateKey = await this.loadOrCreatePrivateKey()
-    const { pem, certhash } = await this.loadOrCreateCertificate(privateKey)
+    const { pem, certhash } = await this.loadOrCreateCertificate(privateKey, forceRenew)
 
     return {
       privateKey: await formatAsPem(privateKey),
@@ -276,8 +283,8 @@ export class WebRTCDirectTransport implements Transport, Startable {
     return this.privateKey
   }
 
-  private async loadOrCreateCertificate (privateKey: PrivateKey): Promise<{ pem: string, certhash: string }> {
-    if (this.certificate != null) {
+  private async loadOrCreateCertificate (privateKey: PrivateKey, forceRenew?: boolean): Promise<{ pem: string, certhash: string }> {
+    if (this.certificate != null && forceRenew !== true) {
       return this.certificate
     }
 
@@ -286,17 +293,45 @@ export class WebRTCDirectTransport implements Transport, Startable {
     const keyPair = await privateKeyToCryptoKeyPair(privateKey)
 
     try {
+      if (forceRenew === true) {
+        this.log.trace('forcing renewal of TLS certificate')
+        throw new NotFoundError()
+      }
+
       this.log.trace('checking for stored TLS certificate')
       cert = await this.loadCertificate(dsKey, keyPair)
     } catch (err: any) {
       if (err.name !== 'NotFoundError') {
         throw err
       }
 
-      this.log('generating TLS certificate using private key')
+      this.log.trace('generating new TLS certificate')
       cert = await this.createCertificate(dsKey, keyPair)
     }
 
+    // set timeout to renew certificate
+    let renewTime = (cert.notAfter.getTime() - (this.init.certificateRenewalThreshold ?? DEFAULT_CERTIFICATE_RENEWAL_THRESHOLD)) - Date.now()
+
+    if (renewTime < 0) {
+      renewTime = 100
+    }
+
+    this.log('will renew TLS certificate after %d ms', renewTime)
+
+    this.renewCertificateTask = setTimeout(() => {
+      this.log('renewing TLS certificate')
+      this.getCertificate(true)
+        .then(cert => {
+          this.certificate = cert
+          this.emitter.safeDispatchEvent('certificate:renew', {
+            detail: cert
+          })
+        })
+        .catch(err => {
+          this.log.error('could not renew certificate - %e', err)
+        })
+    }, renewTime)
+
     return {
       pem: cert.toString('pem'),
       certhash: base64url.encode((await sha256.digest(new Uint8Array(cert.rawData))).bytes)
@@ -308,14 +343,16 @@ export class WebRTCDirectTransport implements Transport, Startable {
     const cert = new X509Certificate(buf)
 
     // check expiry date
-    const threshold = Date.now() - ((this.init.certificateLifespan ?? DEFAULT_CERTIFICATE_LIFESPAN) * ONE_DAY_MS)
+    const expiryTime = cert.notAfter.getTime() - (this.init.certificateRenewalThreshold ?? DEFAULT_CERTIFICATE_RENEWAL_THRESHOLD)
 
-    if (cert.notAfter.getTime() < threshold) {
+    if (Date.now() > expiryTime) {
       this.log('stored TLS certificate has expired')
       // act as if no certificate was present
       throw new NotFoundError()
     }
 
+    this.log('loaded certificate, expires in %d ms', expiryTime)
+
     // check public keys match
     const exportedCertKey = await cert.publicKey.export(crypto)
     const rawCertKey = await crypto.subtle.exportKey('raw', exportedCertKey)
@@ -329,12 +366,14 @@ export class WebRTCDirectTransport implements Transport, Startable {
       throw new NotFoundError()
     }
 
+    this.log('loaded certificate, expiry time is %o', expiryTime)
+
     return cert
   }
 
   async createCertificate (dsKey: Key, keyPair: CryptoKeyPair): Promise<X509Certificate> {
     const notBefore = new Date()
-    const notAfter = new Date(notBefore.getTime() + ((this.init.certificateLifespan ?? DEFAULT_CERTIFICATE_LIFESPAN) * ONE_DAY_MS))
+    const notAfter = new Date(Date.now() + (this.init.certificateLifespan ?? DEFAULT_CERTIFICATE_LIFESPAN))
 
     // have to set ms to 0 to work around https://github.com/PeculiarVentures/x509/issues/73
     notBefore.setMilliseconds(0)

packages/transport-webrtc/test/certificates.spec.ts

@@ -0,0 +1,192 @@
+/* eslint-disable @typescript-eslint/no-floating-promises */
+
+import { generateKeyPair } from '@libp2p/crypto/keys'
+import { start, stop } from '@libp2p/interface'
+import { keychain } from '@libp2p/keychain'
+import { defaultLogger } from '@libp2p/logger'
+import { peerIdFromPrivateKey } from '@libp2p/peer-id'
+import { multiaddr, type Multiaddr } from '@multiformats/multiaddr'
+import { expect } from 'aegir/chai'
+import { anySignal } from 'any-signal'
+import { MemoryDatastore } from 'datastore-core'
+import delay from 'delay'
+import { stubInterface } from 'sinon-ts'
+import { isNode, isElectronMain } from 'wherearewe'
+import { CODEC_CERTHASH } from '../src/constants.js'
+import { WebRTCDirectTransport } from '../src/private-to-public/transport.js'
+import type { WebRTCDirectTransportComponents } from '../src/private-to-public/transport.js'
+import type { Upgrader, Listener, Transport } from '@libp2p/interface'
+import type { TransportManager } from '@libp2p/interface-internal'
+
+describe('WebRTCDirect Transport - certificates', () => {
+  let components: WebRTCDirectTransportComponents
+  let listener: Listener
+  let upgrader: Upgrader
+  let transport: Transport
+
+  beforeEach(async () => {
+    const privateKey = await generateKeyPair('Ed25519')
+    const datastore = new MemoryDatastore()
+    const logger = defaultLogger()
+
+    components = {
+      peerId: peerIdFromPrivateKey(privateKey),
+      logger,
+      transportManager: stubInterface<TransportManager>(),
+      privateKey,
+      upgrader: stubInterface<Upgrader>({
+        createInboundAbortSignal: (signal) => {
+          return anySignal([
+            AbortSignal.timeout(5_000),
+            signal
+          ])
+        }
+      }),
+      datastore,
+      keychain: keychain()({
+        datastore,
+        logger
+      })
+    }
+
+    upgrader = stubInterface<Upgrader>()
+  })
+
+  afterEach(async () => {
+    await listener?.close()
+    await stop(transport)
+  })
+
+  it('should reuse the same certificate after a restart', async function () {
+    if (!isNode && !isElectronMain) {
+      return this.skip()
+    }
+
+    const ipv4 = multiaddr('/ip4/127.0.0.1/udp/0')
+
+    transport = new WebRTCDirectTransport(components)
+    await start(transport)
+    listener = transport.createListener({
+      upgrader
+    })
+    await listener.listen(ipv4)
+
+    const certHashes1 = getCerthashes(listener.getAddrs())
+    await listener.close()
+    await stop(transport)
+
+    transport = new WebRTCDirectTransport(components)
+    await start(transport)
+    listener = transport.createListener({
+      upgrader
+    })
+    await listener.listen(ipv4)
+
+    const certHashes2 = getCerthashes(listener.getAddrs())
+    await listener.close()
+    await stop(transport)
+
+    expect(certHashes1).to.have.lengthOf(1)
+    expect(certHashes1).to.have.nested.property('[0]').that.is.a('string')
+    expect(certHashes1).to.deep.equal(certHashes2)
+  })
+
+  it('should renew certificate that expires while stopped', async function () {
+    if (!isNode && !isElectronMain) {
+      return this.skip()
+    }
+
+    const ipv4 = multiaddr('/ip4/127.0.0.1/udp/0')
+
+    transport = new WebRTCDirectTransport(components, {
+      certificateLifespan: 500,
+      certificateRenewalThreshold: 100
+    })
+    await start(transport)
+    listener = transport.createListener({
+      upgrader
+    })
+    await listener.listen(ipv4)
+
+    const certHashes1 = getCerthashes(listener.getAddrs())
+
+    await listener.close()
+    await stop(transport)
+
+    // wait fo the cert to expire
+    await delay(1000)
+
+    await start(transport)
+    listener = transport.createListener({
+      upgrader
+    })
+    await listener.listen(ipv4)
+
+    const certHashes2 = getCerthashes(listener.getAddrs())
+
+    await listener.close()
+    await stop(transport)
+
+    expect(certHashes1).to.have.lengthOf(1)
+    expect(certHashes1).to.have.nested.property('[0]').that.is.a('string')
+    expect(certHashes2).to.have.lengthOf(1)
+    expect(certHashes2).to.have.nested.property('[0]').that.is.a('string')
+    expect(certHashes1).to.not.deep.equal(certHashes2)
+  })
+
+  it('should renew certificate before expiry', async function () {
+    if (!isNode && !isElectronMain) {
+      return this.skip()
+    }
+
+    await stop(transport)
+
+    const ipv4 = multiaddr('/ip4/127.0.0.1/udp/0')
+
+    transport = new WebRTCDirectTransport({
+      ...components,
+      datastore: new MemoryDatastore()
+    }, {
+      certificateLifespan: 2000,
+      certificateRenewalThreshold: 1900
+    })
+    await start(transport)
+    listener = transport.createListener({
+      upgrader
+    })
+    await listener.listen(ipv4)
+
+    const certHashes1 = getCerthashes(listener.getAddrs())
+
+    // wait until the certificate is still valid but we are within the renewal
+    // threshold
+    await delay(1000)
+
+    const certHashes2 = getCerthashes(listener.getAddrs())
+
+    await listener.close()
+    await stop(transport)
+
+    expect(certHashes1).to.have.lengthOf(1)
+    expect(certHashes1).to.have.nested.property('[0]').that.is.a('string')
+    expect(certHashes2).to.have.lengthOf(1)
+    expect(certHashes2).to.have.nested.property('[0]').that.is.a('string')
+    expect(certHashes1).to.not.deep.equal(certHashes2)
+  })
+})
+
+function getCerthashes (addrs: Multiaddr[]): string[] {
+  const output: string[] = []
+
+  addrs
+    .forEach(ma => {
+      ma.stringTuples()
+        .forEach(([key, value]) => {
+          if (key === CODEC_CERTHASH && value != null) {
+            output.push(value)
+          }
+        })
+    })
+
+  return output
+}