feat: add ErrPeerIDMismatch error type to replace ad-hoc errors

libp2p · Aug 25, 2023 · 88879a4 · 88879a4
1 parent fea268b
commit 88879a4
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 4 deletions.
diff --git a/core/sec/security.go b/core/sec/security.go
@@ -3,6 +3,7 @@ package sec
 
 import (
 	"context"
+	"fmt"
 	"net"
 
 	"github.com/libp2p/go-libp2p/core/network"
@@ -29,3 +30,14 @@ type SecureTransport interface {
 	// ID is the protocol ID of the security protocol.
 	ID() protocol.ID
 }
+
+type ErrPeerIDMismatch struct {
+	Expected peer.ID
+	Actual   peer.ID
+}
+
+func (e ErrPeerIDMismatch) Error() string {
+	return fmt.Sprintf("peer id mismatch: expected %s, but remote key matches %s", e.Expected, e.Actual)
+}
+
+var _ error = (*ErrPeerIDMismatch)(nil)
diff --git a/p2p/security/noise/handshake.go b/p2p/security/noise/handshake.go
@@ -12,6 +12,7 @@ import (
 
 	"github.com/libp2p/go-libp2p/core/crypto"
 	"github.com/libp2p/go-libp2p/core/peer"
+	"github.com/libp2p/go-libp2p/core/sec"
 	"github.com/libp2p/go-libp2p/internal/sha256"
 	"github.com/libp2p/go-libp2p/p2p/security/noise/pb"
 
@@ -276,7 +277,7 @@ func (s *secureSession) handleRemoteHandshakePayload(payload []byte, remoteStati
 
 	// check the peer ID if enabled
 	if s.checkPeerID && s.remoteID != id {
-		return nil, fmt.Errorf("peer id mismatch: expected %s, but remote key matches %s", s.remoteID.Pretty(), id.Pretty())
+		return nil, sec.ErrPeerIDMismatch{Expected: s.remoteID, Actual: id}
 	}
 
 	// verify payload is signed by asserted remote libp2p key.

diff --git a/p2p/security/tls/crypto.go b/p2p/security/tls/crypto.go
@@ -18,6 +18,7 @@ import (
 
 	ic "github.com/libp2p/go-libp2p/core/crypto"
 	"github.com/libp2p/go-libp2p/core/peer"
+	"github.com/libp2p/go-libp2p/core/sec"
 )
 
 const certValidityPeriod = 100 * 365 * 24 * time.Hour // ~100 years
@@ -129,7 +130,7 @@ func (i *Identity) ConfigForPeer(remote peer.ID) (*tls.Config, <-chan ic.PubKey)
 			if err != nil {
 				peerID = peer.ID(fmt.Sprintf("(not determined: %s)", err.Error()))
 			}
-			return fmt.Errorf("peer IDs don't match: expected %s, got %s", remote, peerID)
+			return sec.ErrPeerIDMismatch{Expected: remote, Actual: peerID}
 		}
 		keyCh <- pubKey
 		return nil

diff --git a/p2p/security/tls/transport_test.go b/p2p/security/tls/transport_test.go
@@ -376,7 +376,8 @@ func TestPeerIDMismatch(t *testing.T) {
 		thirdPartyID, _ := createPeer(t)
 		_, err = clientTransport.SecureOutbound(context.Background(), clientInsecureConn, thirdPartyID)
 		require.Error(t, err)
-		require.Contains(t, err.Error(), "peer IDs don't match")
+		var mismatchErr sec.ErrPeerIDMismatch
+		require.ErrorAs(t, err, &mismatchErr)
 
 		var serverErr error
 		select {
@@ -412,7 +413,8 @@ func TestPeerIDMismatch(t *testing.T) {
 			t.Fatal("expected handshake to return on the server side")
 		}
 		require.Error(t, serverErr)
-		require.Contains(t, serverErr.Error(), "peer IDs don't match")
+		var mismatchErr sec.ErrPeerIDMismatch
+		require.ErrorAs(t, serverErr, &mismatchErr)
 	})
 }