Hello everybody!
I want to make nodes to authenticate right after establishing connection and close it if auth went wrong.
Let us think that two peers have exchanged some ids before the connection and both of this peers store somewhere info like {id1: shared_key, id2: shared_key_2}
Flow looks like this:
- peerA connects to peerB
- peerA writes 32byte id to this connection and peerB reads it
- peerB checks if this id is stored somewhere and if answer is yes then gives some 32-byte nonce to peerA
- peerA reads this nonce, signs it with known shared key and gives the answer to peerB
- peerB signs it with shared key and then compares with signature, given from peerA. If matches - connection continues, if not - connection is dropped.
Looks like we want to have PSK but not only one, but different for different peers.
I’ve already looked into the ConnectionGater and 1) it doesnt work for me, i want to see some usage example. I created conngater and wrote just return false foreach intercept function, but it still makes some connections
2) I dont know where to dig to some functionality like ConnectionSender (if conngater works for peerb, i still need some actions from peera)
Are there any suggestable solutions or probably some info to read? Because I want to find the place where we manipulate with incoming connections and with outgoing connections in code, but i am completely lost