Downgrade Ciphersuite

This commit is contained in:
Jazz Turner-Baggs 2026-06-13 08:57:52 -07:00
parent c727948c3f
commit 8303bd85ba
No known key found for this signature in database
2 changed files with 8 additions and 9 deletions

View File

@ -39,7 +39,7 @@ impl std::fmt::Debug for GroupV1Convo {
impl GroupV1Convo {
// Create a new conversation with the creator as the only participant.
pub fn new<S: ExternalServices>(cx: &mut ServiceContext<S>) -> Result<Self, ChatError> {
let config = Self::mls_create_config();
let config = Self::mls_create_config(cx);
let mls_group = MlsGroup::new(
&cx.mls_provider,
&cx.mls_identity,
@ -105,9 +105,9 @@ impl GroupV1Convo {
Ok(())
}
fn mls_create_config() -> MlsGroupCreateConfig {
fn mls_create_config<S: ExternalServices>(cx: &mut ServiceContext<S>) -> MlsGroupCreateConfig {
MlsGroupCreateConfig::builder()
.ciphersuite(Ciphersuite::MLS_256_XWING_CHACHA20POLY1305_SHA256_Ed25519)
.ciphersuite(cx.mls_provider.crypto().supported_ciphersuites()[0])
.use_ratchet_tree_extension(true) // This is handy for now, until there is central store for this data
.build()
}

View File

@ -1,8 +1,6 @@
mod identity;
mod mls_provider;
use crypto::Ed25519VerifyingKey;
pub use identity::MlsIdentityProvider;
use chat_proto::logoschat::envelope::EnvelopeV1;
use crypto::Ed25519VerifyingKey;
use de_mls::protos::de_mls::messages::v1::MemberWelcome;
@ -31,6 +29,9 @@ use crate::{
};
use crate::{IdentId, IdentIdRef, IdentityProvider};
// Downgraded from MLS_256_XWING_CHACHA20POLY1305_SHA256_Ed25519 until demls accepts an external provider
const CIPHER_SUITE: Ciphersuite = Ciphersuite::MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519;
// Define unique Identifiers derivations used in InboxV2
fn delivery_address_for(ident_id: IdentIdRef) -> String {
blake2b_hex::<hash_size::DeliveryAddr>(&["InboxV2|", "delivery_address|", ident_id.as_str()])
@ -201,15 +202,13 @@ impl InboxV2 {
cx: &ServiceContext<S>,
) -> Result<KeyPackage, ChatError> {
let capabilities = Capabilities::builder()
.ciphersuites(vec![
Ciphersuite::MLS_256_XWING_CHACHA20POLY1305_SHA256_Ed25519,
])
.ciphersuites(vec![CIPHER_SUITE])
.extensions(vec![ExtensionType::ApplicationId])
.build();
let a = KeyPackage::builder()
.leaf_node_capabilities(capabilities)
.build(
Ciphersuite::MLS_256_XWING_CHACHA20POLY1305_SHA256_Ed25519,
CIPHER_SUITE,
&cx.mls_provider,
&cx.mls_identity,
cx.mls_identity.get_credential(),