status-im
/
status-go
mirror of https://github.com/status-im/status-go.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
status-go/protocol/encryption/protocol.go

912 lines
26 KiB
Go
Raw Normal View History

integrate status-protocol-go
2019-07-17 22:25:42 +00:00
package encryption
import (
"bytes"
"crypto/ecdsa"
feat: Add an expiration and periodical publishing for community grants (#5024) * feat_: add periodical publishing for community grants feat_: Validate grant when receiving it feat_: add expiration for grants feat_: add test for grants expiration fix_: move grants test to profile showcase, fix a few bugs * feat_: use one group mesage to update grants * chore_: review fixes
2024-04-17 14:53:51 +00:00
"crypto/rand"
conslidate protocol databases
2019-07-30 06:14:13 +00:00
"database/sql"
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
"fmt"
"go.uber.org/zap"
Send all encryption keys
2022-09-21 16:05:29 +00:00
"github.com/golang/protobuf/proto"
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
"github.com/pkg/errors"
Create a home submodule for Eth node bridges- Rename StatusBackend to GethStatusBackend
2019-11-23 17:57:05 +00:00
"github.com/status-im/status-go/eth-node/crypto"
Remove unnecessary logs & fix flaky test
2020-11-24 12:36:52 +00:00
"github.com/status-im/status-go/eth-node/types"
Create a home submodule for Eth node bridges- Rename StatusBackend to GethStatusBackend
2019-11-23 17:57:05 +00:00
Move to monorepo structure (#1684) Move to a monorepo structure with submodules - Rename status-protocol-go to status-go/protocol
2019-11-21 16:19:22 +00:00
"github.com/status-im/status-go/protocol/encryption/multidevice"
"github.com/status-im/status-go/protocol/encryption/publisher"
"github.com/status-im/status-go/protocol/encryption/sharedsecret"
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
)
//go:generate protoc --go_out=. ./protocol_message.proto
const (
protocolVersion = 1
sharedSecretNegotiationVersion = 1
partitionedTopicMinVersion = 1
defaultMinVersion = 0
Add index to hash ratchet & cache processed description
2024-02-29 09:51:38 +00:00
maxKeysChannelSize = 10000
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
)
type PartitionTopicMode int
const (
PartitionTopicNoSupport PartitionTopicMode = iota
PartitionTopicV1
)
type ProtocolMessageSpec struct {
Message *ProtocolMessage
// Installations is the targeted devices
Installations []*multidevice.Installation
// SharedSecret is a shared secret established among the installations
move contact code to subscription
2020-07-31 12:22:05 +00:00
SharedSecret *sharedsecret.Secret
// AgreedSecret indicates whether the shared secret has been agreed
AgreedSecret bool
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
// Public means that the spec contains a public wrapped message
Public bool
}
func (p *ProtocolMessageSpec) MinVersion() uint32 {
if len(p.Installations) == 0 {
return defaultMinVersion
}
version := p.Installations[0].Version
for _, installation := range p.Installations[1:] {
if installation.Version < version {
version = installation.Version
}
}
return version
}
func (p *ProtocolMessageSpec) PartitionedTopicMode() PartitionTopicMode {
if p.MinVersion() >= partitionedTopicMinVersion {
return PartitionTopicV1
}
return PartitionTopicNoSupport
}
type Protocol struct {
move installations to subscription
2020-07-31 09:08:09 +00:00
encryptor *encryptor
secret *sharedsecret.SharedSecret
multidevice *multidevice.Multidevice
publisher *publisher.Publisher
subscriptions *Subscriptions
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
logger *zap.Logger
}
var (
// ErrNoPayload means that there was no payload found in the received protocol message.
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
ErrNoPayload = errors.New("no payload")
ErrNoRatchetKey = errors.New("no ratchet key for given keyID")
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
)
// New creates a new ProtocolService instance
func New(
conslidate protocol databases
2019-07-30 06:14:13 +00:00
db *sql.DB,
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
installationID string,
logger *zap.Logger,
conslidate protocol databases
2019-07-30 06:14:13 +00:00
) *Protocol {
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
return NewWithEncryptorConfig(
conslidate protocol databases
2019-07-30 06:14:13 +00:00
db,
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
installationID,
defaultEncryptorConfig(installationID, logger),
logger,
)
}
conslidate protocol databases
2019-07-30 06:14:13 +00:00
// DB and migrations are shared between encryption package
// and its sub-packages.
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
func NewWithEncryptorConfig(
conslidate protocol databases
2019-07-30 06:14:13 +00:00
db *sql.DB,
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
installationID string,
encryptorConfig encryptorConfig,
logger *zap.Logger,
conslidate protocol databases
2019-07-30 06:14:13 +00:00
) *Protocol {
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
return &Protocol{
conslidate protocol databases
2019-07-30 06:14:13 +00:00
encryptor: newEncryptor(db, encryptorConfig),
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
secret: sharedsecret.New(db, logger),
multidevice: multidevice.New(db, &multidevice.Config{
MaxInstallations: 3,
ProtocolVersion: protocolVersion,
InstallationID: installationID,
}),
move contact code to subscription
2020-07-31 12:22:05 +00:00
publisher: publisher.New(logger),
logger: logger.With(zap.Namespace("Protocol")),
conslidate protocol databases
2019-07-30 06:14:13 +00:00
}
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
}
move installations to subscription
2020-07-31 09:08:09 +00:00
type Subscriptions struct {
Add index to hash ratchet & cache processed description
2024-02-29 09:51:38 +00:00
SharedSecrets []*sharedsecret.Secret
SendContactCode <-chan struct{}
NewHashRatchetKeys chan []*HashRatchetInfo
Quit chan struct{}
move installations to subscription
2020-07-31 09:08:09 +00:00
}
func (p *Protocol) Start(myIdentity *ecdsa.PrivateKey) (*Subscriptions, error) {
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
// Propagate currently cached shared secrets.
secrets, err := p.secret.All()
if err != nil {
move installations to subscription
2020-07-31 09:08:09 +00:00
return nil, errors.Wrap(err, "failed to get all secrets")
}
p.subscriptions = &Subscriptions{
Add index to hash ratchet & cache processed description
2024-02-29 09:51:38 +00:00
SharedSecrets: secrets,
SendContactCode: p.publisher.Start(),
NewHashRatchetKeys: make(chan []*HashRatchetInfo, maxKeysChannelSize),
Quit: make(chan struct{}),
move shared secrets to subscription
2020-07-31 09:46:38 +00:00
}
move installations to subscription
2020-07-31 09:08:09 +00:00
return p.subscriptions, nil
}
func (p *Protocol) Stop() error {
p.publisher.Stop()
if p.subscriptions != nil {
close(p.subscriptions.Quit)
}
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
return nil
}
Generate gfycat and identicon in status-protocol-go (#1611)
2019-09-26 07:01:17 +00:00
func (p *Protocol) addBundle(myIdentityKey *ecdsa.PrivateKey, msg *ProtocolMessage) error {
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
// Get a bundle
installations, err := p.multidevice.GetOurActiveInstallations(&myIdentityKey.PublicKey)
if err != nil {
return err
}
bundle, err := p.encryptor.CreateBundle(myIdentityKey, installations)
if err != nil {
return err
}
Generate gfycat and identicon in status-protocol-go (#1611)
2019-09-26 07:01:17 +00:00
msg.Bundles = []*Bundle{bundle}
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
return nil
}
// BuildPublicMessage marshals a public chat message given the user identity private key and a payload
func (p *Protocol) BuildPublicMessage(myIdentityKey *ecdsa.PrivateKey, payload []byte) (*ProtocolMessageSpec, error) {
// Build message not encrypted
message := &ProtocolMessage{
InstallationId: p.encryptor.config.InstallationID,
PublicMessage: payload,
}
Generate gfycat and identicon in status-protocol-go (#1611)
2019-09-26 07:01:17 +00:00
err := p.addBundle(myIdentityKey, message)
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
if err != nil {
return nil, err
}
return &ProtocolMessageSpec{Message: message, Public: true}, nil
}
Communities encryption
2021-09-21 15:47:04 +00:00
// BuildEncryptedMessage returns a 1:1 chat message and optionally a negotiated topic given the user identity private key, the recipient's public key, and a payload
func (p *Protocol) BuildEncryptedMessage(myIdentityKey *ecdsa.PrivateKey, publicKey *ecdsa.PublicKey, payload []byte) (*ProtocolMessageSpec, error) {
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
// Get recipients installations.
activeInstallations, err := p.multidevice.GetActiveInstallations(publicKey)
if err != nil {
return nil, err
}
// Encrypt payload
Communities encryption
2021-09-21 15:47:04 +00:00
encryptedMessagesByInstalls, installations, err := p.encryptor.EncryptPayload(publicKey, myIdentityKey, activeInstallations, payload)
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
if err != nil {
return nil, err
}
// Build message
message := &ProtocolMessage{
Communities encryption
2021-09-21 15:47:04 +00:00
InstallationId: p.encryptor.config.InstallationID,
EncryptedMessage: encryptedMessagesByInstalls,
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
}
Generate gfycat and identicon in status-protocol-go (#1611)
2019-09-26 07:01:17 +00:00
err = p.addBundle(myIdentityKey, message)
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
if err != nil {
return nil, err
}
// Check who we are sending the message to, and see if we have a shared secret
// across devices
var installationIDs []string
Communities encryption
2021-09-21 15:47:04 +00:00
for installationID := range message.GetEncryptedMessage() {
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
if installationID != noInstallationID {
installationIDs = append(installationIDs, installationID)
}
}
sharedSecret, agreed, err := p.secret.Agreed(myIdentityKey, p.encryptor.config.InstallationID, publicKey, installationIDs)
if err != nil {
return nil, err
}
spec := &ProtocolMessageSpec{
move contact code to subscription
2020-07-31 12:22:05 +00:00
SharedSecret: sharedSecret,
AgreedSecret: agreed,
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
Message: message,
Installations: installations,
}
return spec, nil
}
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
func (p *Protocol) GenerateHashRatchetKey(groupID []byte) (*HashRatchetKeyCompatibility, error) {
Communities encryption integration
2022-05-27 09:14:40 +00:00
return p.encryptor.GenerateHashRatchetKey(groupID)
}
fix: sync&backup channels encryption keys fixes: status-im/status-desktop#13356
2024-02-21 10:54:33 +00:00
// Deprecated: This function is deprecated as it does not marshal groupID. Kept for backward compatibility.
func (p *Protocol) GetAllHRKeysMarshaledV1(groupID []byte) ([]byte, error) {
keys, err := p.GetAllHRKeys(groupID)
Sync community encryption keys
2022-11-07 17:30:00 +00:00
if err != nil {
return nil, err
}
fix: sync&backup channels encryption keys fixes: status-im/status-desktop#13356
2024-02-21 10:54:33 +00:00
if keys == nil {
return nil, nil
}
return proto.Marshal(keys)
}
func (p *Protocol) GetAllHRKeysMarshaledV2(groupID []byte) ([]byte, error) {
keys, err := p.GetAllHRKeys(groupID)
if err != nil {
return nil, err
}
if keys == nil {
Sync community encryption keys
2022-11-07 17:30:00 +00:00
return nil, nil
}
Communities encryption
2021-09-21 15:47:04 +00:00
fix: sync&backup channels encryption keys fixes: status-im/status-desktop#13356
2024-02-21 10:54:33 +00:00
header := &HRHeader{
SeqNo: 0,
GroupId: groupID,
Keys: keys,
}
return proto.Marshal(header)
}
func (p *Protocol) GetAllHRKeys(groupID []byte) (*HRKeys, error) {
ratchets, err := p.encryptor.persistence.GetKeysForGroup(groupID)
if err != nil {
return nil, err
}
if len(ratchets) == 0 {
return nil, nil
}
return p.GetHRKeys(ratchets), nil
Sync community encryption keys
2022-11-07 17:30:00 +00:00
}
Implemented testing to check rekeying is happening
2023-05-24 14:25:10 +00:00
// GetKeyIDsForGroup returns a slice of key IDs belonging to a given group ID
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
func (p *Protocol) GetKeysForGroup(groupID []byte) ([]*HashRatchetKeyCompatibility, error) {
return p.encryptor.persistence.GetKeysForGroup(groupID)
Implemented testing to check rekeying is happening
2023-05-24 14:25:10 +00:00
}
fix: sync&backup channels encryption keys fixes: status-im/status-desktop#13356
2024-02-21 10:54:33 +00:00
func (p *Protocol) GetHRKeys(ratchets []*HashRatchetKeyCompatibility) *HRKeys {
Send all encryption keys
2022-09-21 16:05:29 +00:00
keys := &HRKeys{}
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
for _, ratchet := range ratchets {
Send all encryption keys
2022-09-21 16:05:29 +00:00
key := &HRKey{
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
DeprecatedKeyId: ratchet.DeprecatedKeyID(),
Key: ratchet.Key,
Timestamp: ratchet.Timestamp,
Send all encryption keys
2022-09-21 16:05:29 +00:00
}
keys.Keys = append(keys.Keys, key)
}
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
return keys
Sync community encryption keys
2022-11-07 17:30:00 +00:00
}
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
// BuildHashRatchetRekeyGroup builds a public message
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
// with the new key
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
func (p *Protocol) BuildHashRatchetReKeyGroupMessage(myIdentityKey *ecdsa.PrivateKey, recipients []*ecdsa.PublicKey, groupID []byte, payload []byte, ratchet *HashRatchetKeyCompatibility) (*ProtocolMessageSpec, error) {
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
var err error
if ratchet == nil {
ratchet, err = p.GenerateHashRatchetKey(groupID)
if err != nil {
return nil, err
}
}
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
message, err := buildGroupRekeyMessage(myIdentityKey, groupID, ratchet.Timestamp, ratchet.Key, recipients)
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
if err != nil {
return nil, err
}
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
keys := &HRKeys{
RekeyGroup: message,
}
spec := &ProtocolMessageSpec{
Public: true,
Message: &ProtocolMessage{
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
InstallationId: p.encryptor.config.InstallationID,
EncryptedMessage: map[string]*EncryptedMessageProtocol{noInstallationID: &EncryptedMessageProtocol{
HRHeader: &HRHeader{
SeqNo: 0,
GroupId: groupID,
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
Keys: keys,
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
},
Payload: payload,
},
},
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
},
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
}
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
return spec, nil
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
}
Sync community encryption keys
2022-11-07 17:30:00 +00:00
// BuildHashRatchetKeyExchangeMessage builds a 1:1 message
// containing newly generated hash ratchet key
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
func (p *Protocol) BuildHashRatchetKeyExchangeMessage(myIdentityKey *ecdsa.PrivateKey, publicKey *ecdsa.PublicKey, groupID []byte, ratchets []*HashRatchetKeyCompatibility) (*ProtocolMessageSpec, error) {
Sync community encryption keys
2022-11-07 17:30:00 +00:00
fix: sync&backup channels encryption keys fixes: status-im/status-desktop#13356
2024-02-21 10:54:33 +00:00
keys := p.GetHRKeys(ratchets)
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
encodedKeys, err := proto.Marshal(keys)
Communities encryption
2021-09-21 15:47:04 +00:00
if err != nil {
return nil, err
}
Send all encryption keys
2022-09-21 16:05:29 +00:00
response, err := p.BuildEncryptedMessage(myIdentityKey, publicKey, encodedKeys)
Communities encryption
2021-09-21 15:47:04 +00:00
if err != nil {
return nil, err
}
// Loop through installations and assign HRHeader
// SeqNo=0 has a special meaning for HandleMessage
// and signifies a message with hash ratchet key payload
for _, v := range response.Message.EncryptedMessage {
v.HRHeader = &HRHeader{
SeqNo: 0,
GroupId: groupID,
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
Keys: keys,
}
}
return response, err
}
func (p *Protocol) BuildHashRatchetKeyExchangeMessageWithPayload(myIdentityKey *ecdsa.PrivateKey, publicKey *ecdsa.PublicKey, groupID []byte, ratchets []*HashRatchetKeyCompatibility, payload []byte) (*ProtocolMessageSpec, error) {
fix: sync&backup channels encryption keys fixes: status-im/status-desktop#13356
2024-02-21 10:54:33 +00:00
keys := p.GetHRKeys(ratchets)
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
response, err := p.BuildEncryptedMessage(myIdentityKey, publicKey, payload)
if err != nil {
return nil, err
}
// Loop through installations and assign HRHeader
// SeqNo=0 has a special meaning for HandleMessage
// and signifies a message with hash ratchet key payload
for _, v := range response.Message.EncryptedMessage {
v.HRHeader = &HRHeader{
SeqNo: 0,
GroupId: groupID,
Keys: keys,
Communities encryption
2021-09-21 15:47:04 +00:00
}
}
return response, err
}
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
func (p *Protocol) GetCurrentKeyForGroup(groupID []byte) (*HashRatchetKeyCompatibility, error) {
Communities encryption integration
2022-05-27 09:14:40 +00:00
return p.encryptor.persistence.GetCurrentKeyForGroup(groupID)
}
Communities encryption
2021-09-21 15:47:04 +00:00
// BuildHashRatchetMessage returns a hash ratchet chat message
func (p *Protocol) BuildHashRatchetMessage(groupID []byte, payload []byte) (*ProtocolMessageSpec, error) {
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
ratchet, err := p.encryptor.persistence.GetCurrentKeyForGroup(groupID)
Communities encryption
2021-09-21 15:47:04 +00:00
if err != nil {
return nil, err
}
// Encrypt payload
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
encryptedMessagesByInstalls, err := p.encryptor.EncryptHashRatchetPayload(ratchet, payload)
Communities encryption
2021-09-21 15:47:04 +00:00
if err != nil {
return nil, err
}
// Build message
message := &ProtocolMessage{
InstallationId: p.encryptor.config.InstallationID,
EncryptedMessage: encryptedMessagesByInstalls,
}
spec := &ProtocolMessageSpec{
Message: message,
}
return spec, nil
}
feat: Add an expiration and periodical publishing for community grants (#5024) * feat_: add periodical publishing for community grants feat_: Validate grant when receiving it feat_: add expiration for grants feat_: add test for grants expiration fix_: move grants test to profile showcase, fix a few bugs * feat_: use one group mesage to update grants * chore_: review fixes
2024-04-17 14:53:51 +00:00
func (p *Protocol) EncryptCommunityGrants(privateKey *ecdsa.PrivateKey, recipientGrants map[*ecdsa.PublicKey][]byte) (map[uint32][]byte, error) {
grants := make(map[uint32][]byte)
for recipientKey, grant := range recipientGrants {
feat(communities)_: introduce bloom filter members list iterates: status-im/status-desktop#15064
2024-06-27 15:29:03 +00:00
sharedKey, err := GenerateSharedKey(privateKey, recipientKey)
feat: Add an expiration and periodical publishing for community grants (#5024) * feat_: add periodical publishing for community grants feat_: Validate grant when receiving it feat_: add expiration for grants feat_: add test for grants expiration fix_: move grants test to profile showcase, fix a few bugs * feat_: use one group mesage to update grants * chore_: review fixes
2024-04-17 14:53:51 +00:00
if err != nil {
return nil, err
}
encryptedGrant, err := encrypt(grant, sharedKey, rand.Reader)
if err != nil {
return nil, err
}
kBytes := publicKeyMostRelevantBytes(recipientKey)
grants[kBytes] = encryptedGrant
}
return grants, nil
}
func (p *Protocol) DecryptCommunityGrant(myIdentityKey *ecdsa.PrivateKey, senderKey *ecdsa.PublicKey, grants map[uint32][]byte) ([]byte, error) {
kBytes := publicKeyMostRelevantBytes(&myIdentityKey.PublicKey)
ecryptedGrant, ok := grants[kBytes]
if !ok {
return nil, errors.New("can't find related grant in the map")
}
feat(communities)_: introduce bloom filter members list iterates: status-im/status-desktop#15064
2024-06-27 15:29:03 +00:00
sharedKey, err := GenerateSharedKey(myIdentityKey, senderKey)
feat: Add an expiration and periodical publishing for community grants (#5024) * feat_: add periodical publishing for community grants feat_: Validate grant when receiving it feat_: add expiration for grants feat_: add test for grants expiration fix_: move grants test to profile showcase, fix a few bugs * feat_: use one group mesage to update grants * chore_: review fixes
2024-04-17 14:53:51 +00:00
if err != nil {
return nil, err
}
return decrypt(ecryptedGrant, sharedKey)
}
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
func (p *Protocol) GetKeyExMessageSpecs(groupID []byte, identity *ecdsa.PrivateKey, recipients []*ecdsa.PublicKey, forceRekey bool) ([]*ProtocolMessageSpec, error) {
var ratchets []*HashRatchetKeyCompatibility
Communities encryption integration
2022-05-27 09:14:40 +00:00
var err error
if !forceRekey {
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
ratchets, err = p.encryptor.persistence.GetKeysForGroup(groupID)
Communities encryption integration
2022-05-27 09:14:40 +00:00
if err != nil {
return nil, err
}
}
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
if len(ratchets) == 0 || forceRekey {
ratchet, err := p.GenerateHashRatchetKey(groupID)
Communities encryption integration
2022-05-27 09:14:40 +00:00
if err != nil {
return nil, err
}
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
ratchets = []*HashRatchetKeyCompatibility{ratchet}
Communities encryption integration
2022-05-27 09:14:40 +00:00
}
specs := make([]*ProtocolMessageSpec, len(recipients))
for i, recipient := range recipients {
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
keyExMsg, err := p.BuildHashRatchetKeyExchangeMessage(identity, recipient, groupID, ratchets)
Communities encryption integration
2022-05-27 09:14:40 +00:00
if err != nil {
return nil, err
}
specs[i] = keyExMsg
}
return specs, nil
}
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
// BuildDHMessage builds a message with DH encryption so that it can be decrypted by any other device.
func (p *Protocol) BuildDHMessage(myIdentityKey *ecdsa.PrivateKey, destination *ecdsa.PublicKey, payload []byte) (*ProtocolMessageSpec, error) {
// Encrypt payload
encryptionResponse, err := p.encryptor.EncryptPayloadWithDH(destination, payload)
if err != nil {
return nil, err
}
// Build message
message := &ProtocolMessage{
Communities encryption
2021-09-21 15:47:04 +00:00
InstallationId: p.encryptor.config.InstallationID,
EncryptedMessage: encryptionResponse,
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
}
Generate gfycat and identicon in status-protocol-go (#1611)
2019-09-26 07:01:17 +00:00
err = p.addBundle(myIdentityKey, message)
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
if err != nil {
return nil, err
}
return &ProtocolMessageSpec{Message: message}, nil
}
// ProcessPublicBundle processes a received X3DH bundle.
func (p *Protocol) ProcessPublicBundle(myIdentityKey *ecdsa.PrivateKey, bundle *Bundle) ([]*multidevice.Installation, error) {
logger := p.logger.With(zap.String("site", "ProcessPublicBundle"))
if err := p.encryptor.ProcessPublicBundle(myIdentityKey, bundle); err != nil {
return nil, err
}
installations, enabled, err := p.recoverInstallationsFromBundle(myIdentityKey, bundle)
if err != nil {
return nil, err
}
// TODO(adam): why do we add installations using identity obtained from GetIdentity()
// instead of the output of crypto.CompressPubkey()? I tried the second option
// and the unit tests TestTopic and TestMaxDevices fail.
identityFromBundle := bundle.GetIdentity()
theirIdentity, err := ExtractIdentity(bundle)
if err != nil {
logger.Panic("unrecoverable error extracting identity", zap.Error(err))
}
compressedIdentity := crypto.CompressPubkey(theirIdentity)
if !bytes.Equal(identityFromBundle, compressedIdentity) {
logger.Panic("identity from bundle and compressed are not equal")
}
return p.multidevice.AddInstallations(bundle.GetIdentity(), bundle.GetTimestamp(), installations, enabled)
support local pairing after logged in as receiver; pair installation;(#3202)
2023-02-28 12:32:45 +00:00
}
feat: fallback pairing seed (#5614) * feat(pairing)!: Add extra parameters and remove v2 compatibility This commit includes the following changes: I have added a flag to maintain 2.29 compatibility. Breaking change in connection string The local pairing code that was parsing the connection string had a few non-upgradable features: It was strictly checking the number of parameters, throwing an error if the number was different. This made it impossible to add parameters to it without breaking. It was strictly checking the version number. This made increasing the version number impossible as older client would just refuse to connect. The code has been changed so that: Two parameters have been added, installation-id and key-uid. Those are needed for the fallback flow. I have also removed version from the payload, since it wasn't used. This means that we don't support v1 anymore. V2 parsing is supported . Going forward there's a clear strategy on how to update the protocol (append parameters, don't change existing one). https://www.youtube.com/watch?v=oyLBGkS5ICk Is a must watch video for understanding the strategy Changed MessengerResponse to use internally a map of installations rather than an array (minor) Just moving towards maps as arrays tend to lead to subtle bugs. Moved pairing methods to messenger_pairing.go Just moved some methods Added 2 new methods for the fallback flow FinishPairingThroughSeedPhraseProcess https://github.com/status-im/status-go/pull/5567/files#diff-1ad620b07fa3bd5fbc96c9f459d88829938a162bf1aaf41c61dea6e38b488d54R29 EnableAndSyncInstallation https://github.com/status-im/status-go/pull/5567/files#diff-1ad620b07fa3bd5fbc96c9f459d88829938a162bf1aaf41c61dea6e38b488d54R18 Flow for clients Client A1 is logged in Client A2 is logged out Client A1 shows a QR code Client A2 scans a QR code If connection fails on A2, the user will be prompted to enter a seed phrase. If the generated account matches the key-uid from the QR code, A2 should call FinishPairingThroughSeedPhraseProcess with the installation id passed in the QR code. This will send installation information over waku. The user should be shown its own installation id and prompted to check the other device. Client A1 will receive new installation data through waku, if they are still on the qr code page, they should show a popup to the user showing the received installation id, and a way to Enable and Sync, which should call the EnableAndSyncInstallation endpoint. This should finish the fallback syncing flow. Current issues Currently I haven't tested that all the data is synced after finishing the flow. I see that the two devices are paired correctly, but for example the DisplayName is not changed on the receiving device. I haven't had time to look into it further. * test_: add more test for connection string parser * fix_: fix panic when parse old connection string * test_: add comments for TestMessengerPairAfterSeedPhrase * fix_: correct error description * feat_:rename FinishPairingThroughSeedPhraseProcess to EnableInstallationAndPair * fix_: delete leftover * fix_: add UniqueKey method * fix_: unify the response for InputConnectionStringForBootstrapping * fix_: remove fields installationID and keyUID in GethStatusBackend * fix_: rename messenger_pairing to messenger_pairing_and_syncing --------- Co-authored-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2024-07-30 09:14:05 +00:00
func (p *Protocol) AddInstallation(identity []byte, timestamp int64, installation *multidevice.Installation, enabled bool) ([]*multidevice.Installation, error) {
return p.multidevice.AddInstallations(identity, timestamp, []*multidevice.Installation{installation}, enabled)
}
support local pairing after logged in as receiver; pair installation;(#3202)
2023-02-28 12:32:45 +00:00
func (p *Protocol) GetMultiDevice() *multidevice.Multidevice {
return p.multidevice
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
}
// recoverInstallationsFromBundle extracts installations from the bundle.
// It returns extracted installations and true if the installations
// are ours, i.e. the bundle was created by our identity key.
func (p *Protocol) recoverInstallationsFromBundle(myIdentityKey *ecdsa.PrivateKey, bundle *Bundle) ([]*multidevice.Installation, bool, error) {
var installations []*multidevice.Installation
theirIdentity, err := ExtractIdentity(bundle)
if err != nil {
return nil, false, err
}
myIdentityStr := fmt.Sprintf("0x%x", crypto.FromECDSAPub(&myIdentityKey.PublicKey))
theirIdentityStr := fmt.Sprintf("0x%x", crypto.FromECDSAPub(theirIdentity))
// Any device from other peers will be considered enabled, ours needs to
// be explicitly enabled.
enabled := theirIdentityStr != myIdentityStr
signedPreKeys := bundle.GetSignedPreKeys()
for installationID, signedPreKey := range signedPreKeys {
if installationID != p.multidevice.InstallationID() {
installations = append(installations, &multidevice.Installation{
Identity: theirIdentityStr,
ID: installationID,
Version: signedPreKey.GetProtocolVersion(),
})
}
}
return installations, enabled, nil
}
// GetBundle retrieves or creates a X3DH bundle, given a private identity key.
func (p *Protocol) GetBundle(myIdentityKey *ecdsa.PrivateKey) (*Bundle, error) {
installations, err := p.multidevice.GetOurActiveInstallations(&myIdentityKey.PublicKey)
if err != nil {
return nil, err
}
return p.encryptor.CreateBundle(myIdentityKey, installations)
}
// EnableInstallation enables an installation for multi-device sync.
func (p *Protocol) EnableInstallation(myIdentityKey *ecdsa.PublicKey, installationID string) error {
return p.multidevice.EnableInstallation(myIdentityKey, installationID)
}
// DisableInstallation disables an installation for multi-device sync.
func (p *Protocol) DisableInstallation(myIdentityKey *ecdsa.PublicKey, installationID string) error {
return p.multidevice.DisableInstallation(myIdentityKey, installationID)
}
// GetOurInstallations returns all the installations available given an identity
func (p *Protocol) GetOurInstallations(myIdentityKey *ecdsa.PublicKey) ([]*multidevice.Installation, error) {
return p.multidevice.GetOurInstallations(myIdentityKey)
Move to protobuf for Message type (#1706) * Use a single Message type `v1/message.go` and `message.go` are the same now, and they embed `protobuf.ChatMessage` * Use `SendChatMessage` for sending chat messages, this is basically the old `Send` but a bit more flexible so we can send different message types (stickers,commands), and not just text. * Remove dedup from services/shhext. Because now we process in status-protocol, dedup makes less sense, as those messages are going to be processed anyway, so removing for now, we can re-evaluate if bringing it to status-go or not. * Change the various retrieveX method to a single one: `RetrieveAll` will be processing those messages that it can process (Currently only `Message`), and return the rest in `RawMessages` (still transit). The format for the response is: `Chats`: -> The chats updated by receiving the message `Messages`: -> The messages retrieved (already matched to a chat) `Contacts`: -> The contacts updated by the messages `RawMessages` -> Anything else that can't be parsed, eventually as we move everything to status-protocol-go this will go away.
2019-12-05 16:25:34 +00:00
}
// GetOurActiveInstallations returns all the active installations available given an identity
func (p *Protocol) GetOurActiveInstallations(myIdentityKey *ecdsa.PublicKey) ([]*multidevice.Installation, error) {
return p.multidevice.GetOurActiveInstallations(myIdentityKey)
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
}
// SetInstallationMetadata sets the metadata for our own installation
func (p *Protocol) SetInstallationMetadata(myIdentityKey *ecdsa.PublicKey, installationID string, data *multidevice.InstallationMetadata) error {
return p.multidevice.SetInstallationMetadata(myIdentityKey, installationID, data)
}
feat: Added `setInstallationName` method (#3294)
2023-03-20 12:51:17 +00:00
// SetInstallationName sets the metadata for our own installation
func (p *Protocol) SetInstallationName(myIdentityKey *ecdsa.PublicKey, installationID string, name string) error {
return p.multidevice.SetInstallationName(myIdentityKey, installationID, name)
}
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
// GetPublicBundle retrieves a public bundle given an identity
func (p *Protocol) GetPublicBundle(theirIdentityKey *ecdsa.PublicKey) (*Bundle, error) {
installations, err := p.multidevice.GetActiveInstallations(theirIdentityKey)
if err != nil {
return nil, err
}
return p.encryptor.GetPublicBundle(theirIdentityKey, installations)
}
// ConfirmMessageProcessed confirms and deletes message keys for the given messages
func (p *Protocol) ConfirmMessageProcessed(messageID []byte) error {
Add Metadata to messages, expose new messenger methods (#1571) * Add Metadata to messages, expose new messenger methods This commits modifies deduplicator so that it takes a `StatusMessage` instead of `WhisperMessage` and also returns a `Metadata` field which is then passed back by the client when confirming messages, which fixes the issue we had with not confirming pfs messages.
2019-08-20 11:20:25 +00:00
logger := p.logger.With(zap.String("site", "ConfirmMessageProcessed"))
Add logging of message-id
2021-10-29 14:29:28 +00:00
logger.Debug("confirming message", zap.String("messageID", types.EncodeHex(messageID)))
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
return p.encryptor.ConfirmMessageProcessed(messageID)
}
Send all encryption keys
2022-09-21 16:05:29 +00:00
type HashRatchetInfo struct {
GroupID []byte
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
KeyID []byte
Send all encryption keys
2022-09-21 16:05:29 +00:00
}
move contact code to subscription
2020-07-31 12:22:05 +00:00
type DecryptMessageResponse struct {
DecryptedMessage []byte
Installations []*multidevice.Installation
SharedSecrets []*sharedsecret.Secret
Send all encryption keys
2022-09-21 16:05:29 +00:00
HashRatchetInfo []*HashRatchetInfo
move shared secrets to subscription
2020-07-31 09:46:38 +00:00
}
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
func (p *Protocol) HandleHashRatchetKeysPayload(groupID, encodedKeys []byte, myIdentityKey *ecdsa.PrivateKey, theirIdentityKey *ecdsa.PublicKey) ([]*HashRatchetInfo, error) {
Sync community encryption keys
2022-11-07 17:30:00 +00:00
keys := &HRKeys{}
err := proto.Unmarshal(encodedKeys, keys)
if err != nil {
return nil, err
}
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
return p.HandleHashRatchetKeys(groupID, keys, myIdentityKey, theirIdentityKey)
}
fix: sync&backup channels encryption keys fixes: status-im/status-desktop#13356
2024-02-21 10:54:33 +00:00
func (p *Protocol) HandleHashRatchetHeadersPayload(encodedHeaders [][]byte) error {
for _, encodedHeader := range encodedHeaders {
header := &HRHeader{}
err := proto.Unmarshal(encodedHeader, header)
if err != nil {
return err
}
_, err = p.HandleHashRatchetKeys(header.GroupId, header.Keys, nil, nil)
if err != nil {
return err
}
}
return nil
}
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
func (p *Protocol) HandleHashRatchetKeys(groupID []byte, keys *HRKeys, myIdentityKey *ecdsa.PrivateKey, theirIdentityKey *ecdsa.PublicKey) ([]*HashRatchetInfo, error) {
if keys == nil {
return nil, nil
}
var info []*HashRatchetInfo
Sync community encryption keys
2022-11-07 17:30:00 +00:00
for _, key := range keys.Keys {
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
ratchet := &HashRatchetKeyCompatibility{
GroupID: groupID,
Timestamp: key.Timestamp,
Key: key.Key,
}
// If there's no timestamp, is coming from an older client
if key.Timestamp == 0 {
ratchet.Timestamp = uint64(key.DeprecatedKeyId)
}
keyID, err := ratchet.GetKeyID()
if err != nil {
return nil, err
}
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
p.logger.Debug("retrieved keys", zap.String("keyID", types.Bytes2Hex(keyID)))
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
Sync community encryption keys
2022-11-07 17:30:00 +00:00
// Payload contains hash ratchet key
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
err = p.encryptor.persistence.SaveHashRatchetKey(ratchet)
if err != nil {
return nil, err
}
info = append(info, &HashRatchetInfo{GroupID: groupID, KeyID: keyID})
}
if keys.RekeyGroup != nil {
if keys.RekeyGroup.Timestamp == 0 {
return nil, errors.New("timestamp can't be nil")
}
encryptionKey, err := decryptGroupRekeyMessage(myIdentityKey, theirIdentityKey, keys.RekeyGroup)
Sync community encryption keys
2022-11-07 17:30:00 +00:00
if err != nil {
return nil, err
}
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
if len(encryptionKey) != 0 {
ratchet := &HashRatchetKeyCompatibility{
GroupID: groupID,
Timestamp: keys.RekeyGroup.Timestamp,
Key: encryptionKey,
}
keyID, err := ratchet.GetKeyID()
if err != nil {
return nil, err
}
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
p.logger.Debug("retrieved group keys", zap.String("keyID", types.Bytes2Hex(keyID)))
Fix encryption id && rekey with a single message This commit changes the format of the encryption id to be based off 3 things: 1) The group id 2) The timestamp 3) The actual key Previously this was solely based on the timestamp and the group id, but this might lead to conflicts. Moreover the format of the key was an uint32 and so it would wrap periodically. The migration is a bit tricky, so first we cleared the cache of keys, that's easier than migrating, and second we set the new field hash_id to the concatenation of group_id / key_id. This might lead on some duplication in case keys are re-received, but it should not have an impact on the correctness of the code. I have added 2 tests covering compatibility between old/new clients, as this should not be a breaking change. It also adds a new message to rekey in a single go, instead of having to send multiple messages
2023-10-12 15:45:23 +00:00
// Payload contains hash ratchet key
err = p.encryptor.persistence.SaveHashRatchetKey(ratchet)
if err != nil {
return nil, err
}
info = append(info, &HashRatchetInfo{GroupID: groupID, KeyID: keyID})
}
Sync community encryption keys
2022-11-07 17:30:00 +00:00
}
Add index to hash ratchet & cache processed description
2024-02-29 09:51:38 +00:00
if p.subscriptions != nil {
p.subscriptions.NewHashRatchetKeys <- info
}
Sync community encryption keys
2022-11-07 17:30:00 +00:00
return info, nil
}
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
// HandleMessage unmarshals a message and processes it, decrypting it if it is a 1:1 message.
func (p *Protocol) HandleMessage(
myIdentityKey *ecdsa.PrivateKey,
theirPublicKey *ecdsa.PublicKey,
protocolMessage *ProtocolMessage,
messageID []byte,
move contact code to subscription
2020-07-31 12:22:05 +00:00
) (*DecryptMessageResponse, error) {
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
logger := p.logger.With(zap.String("site", "HandleMessage"))
move contact code to subscription
2020-07-31 12:22:05 +00:00
response := &DecryptMessageResponse{}
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
Remove unnecessary logs & fix flaky test
2020-11-24 12:36:52 +00:00
logger.Debug("received a protocol message",
zap.String("sender-public-key",
types.EncodeHex(crypto.FromECDSAPub(theirPublicKey))),
zap.String("my-installation-id", p.encryptor.config.InstallationID),
Add logging of message-id
2021-10-29 14:29:28 +00:00
zap.String("messageID", types.EncodeHex(messageID)))
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
if p.encryptor == nil {
return nil, errors.New("encryption service not initialized")
}
// Process bundles
for _, bundle := range protocolMessage.GetBundles() {
// Should we stop processing if the bundle cannot be verified?
move contact code to subscription
2020-07-31 12:22:05 +00:00
newInstallations, err := p.ProcessPublicBundle(myIdentityKey, bundle)
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
if err != nil {
return nil, err
}
move contact code to subscription
2020-07-31 12:22:05 +00:00
response.Installations = newInstallations
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
}
// Check if it's a public message
if publicMessage := protocolMessage.GetPublicMessage(); publicMessage != nil {
// Nothing to do, as already in cleartext
move contact code to subscription
2020-07-31 12:22:05 +00:00
response.DecryptedMessage = publicMessage
return response, nil
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
}
// Decrypt message
Communities encryption
2021-09-21 15:47:04 +00:00
if encryptedMessage := protocolMessage.GetEncryptedMessage(); encryptedMessage != nil {
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
message, err := p.encryptor.DecryptPayload(
myIdentityKey,
theirPublicKey,
protocolMessage.GetInstallationId(),
Communities encryption
2021-09-21 15:47:04 +00:00
encryptedMessage,
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
messageID,
)
Send all encryption keys
2022-09-21 16:05:29 +00:00
if err == ErrHashRatchetGroupIDNotFound {
msg := p.encryptor.GetMessage(encryptedMessage)
if msg != nil {
if header := msg.GetHRHeader(); header != nil {
response.HashRatchetInfo = append(response.HashRatchetInfo, &HashRatchetInfo{GroupID: header.GroupId, KeyID: header.KeyId})
}
}
return response, err
}
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
if err != nil {
return nil, err
}
Communities encryption
2021-09-21 15:47:04 +00:00
dmProtocol := encryptedMessage[p.encryptor.config.InstallationID]
if dmProtocol == nil {
dmProtocol = encryptedMessage[noInstallationID]
}
Add nil check for DirectMessageProtocol object
2021-12-02 11:55:30 +00:00
if dmProtocol != nil {
hrHeader := dmProtocol.HRHeader
if hrHeader != nil && hrHeader.SeqNo == 0 {
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
var hashRatchetKeys []*HashRatchetInfo
if hrHeader.Keys != nil {
hashRatchetKeys, err = p.HandleHashRatchetKeys(hrHeader.GroupId, hrHeader.Keys, myIdentityKey, theirPublicKey)
if err != nil {
return nil, err
}
} else {
// For backward compatibility
hashRatchetKeys, err = p.HandleHashRatchetKeysPayload(hrHeader.GroupId, message, myIdentityKey, theirPublicKey)
if err != nil {
return nil, err
}
Add nil check for DirectMessageProtocol object
2021-12-02 11:55:30 +00:00
}
Sync community encryption keys
2022-11-07 17:30:00 +00:00
response.HashRatchetInfo = hashRatchetKeys
Communities encryption
2021-09-21 15:47:04 +00:00
}
}
Generate gfycat and identicon in status-protocol-go (#1611)
2019-09-26 07:01:17 +00:00
bundles := protocolMessage.GetBundles()
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
version := getProtocolVersion(bundles, protocolMessage.GetInstallationId())
if version >= sharedSecretNegotiationVersion {
sharedSecret, err := p.secret.Generate(myIdentityKey, theirPublicKey, protocolMessage.GetInstallationId())
if err != nil {
return nil, err
}
move contact code to subscription
2020-07-31 12:22:05 +00:00
response.SharedSecrets = []*sharedsecret.Secret{sharedSecret}
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
}
move contact code to subscription
2020-07-31 12:22:05 +00:00
response.DecryptedMessage = message
return response, nil
integrate status-protocol-go
2019-07-17 22:25:42 +00:00
}
// Return error
return nil, ErrNoPayload
}
func (p *Protocol) ShouldAdvertiseBundle(publicKey *ecdsa.PublicKey, time int64) (bool, error) {
return p.publisher.ShouldAdvertiseBundle(publicKey, time)
}
func (p *Protocol) ConfirmBundleAdvertisement(publicKey *ecdsa.PublicKey, time int64) {
p.publisher.SetLastAck(publicKey, time)
}
func (p *Protocol) BuildBundleAdvertiseMessage(myIdentityKey *ecdsa.PrivateKey, publicKey *ecdsa.PublicKey) (*ProtocolMessageSpec, error) {
return p.BuildDHMessage(myIdentityKey, publicKey, nil)
}
func getProtocolVersion(bundles []*Bundle, installationID string) uint32 {
if installationID == "" {
return defaultMinVersion
}
for _, bundle := range bundles {
if bundle != nil {
signedPreKeys := bundle.GetSignedPreKeys()
if signedPreKeys == nil {
continue
}
signedPreKey := signedPreKeys[installationID]
if signedPreKey == nil {
return defaultMinVersion
}
return signedPreKey.GetProtocolVersion()
}
}
return defaultMinVersion
}
feat: encrypt `CommunityDescription` fields Extended `CommunityDescription` with a `privateData` map. This map associates each hash ratchet `key_id` and `seq_no` with an encrypted `CommunityDescription`. Each encrypted instance includes only data requiring encryption. closes: status-im/status-desktop#12851 closes: status-im/status-desktop#12852 closes: status-im/status-desktop#12853
2023-11-29 17:21:21 +00:00
func (p *Protocol) EncryptWithHashRatchet(groupID []byte, payload []byte) ([]byte, *HashRatchetKeyCompatibility, uint32, error) {
ratchet, err := p.encryptor.persistence.GetCurrentKeyForGroup(groupID)
if err != nil {
return nil, nil, 0, err
}
encryptedPayload, newSeqNo, err := p.encryptor.EncryptWithHR(ratchet, payload)
if err != nil {
return nil, nil, 0, err
}
return encryptedPayload, ratchet, newSeqNo, nil
}
func (p *Protocol) DecryptWithHashRatchet(keyID []byte, seqNo uint32, payload []byte) ([]byte, error) {
ratchet, err := p.encryptor.persistence.GetHashRatchetKeyByID(keyID)
if err != nil {
return nil, err
}
if ratchet == nil {
Fix encryption metadata issues #4613 This commit fixes a few issues with communities encryption: Key distribution was disconnected from the community description, this created a case where the key would arrive after the community description and that would result in the client thinking that it was kicked. To overcome this, we added a message that signals the user that is kicked. Also, we distribute the key with the community description so that there's no more issues with timing. This is a bit expensive for large communities, and it will require some further optimizations. Key distribution is now also connected to the request to join response, so there are no timing issues. Fixes an issue with key distribution (race condition) where the community would be modified before being compared, resulting in a comparison of two identical communities, which would result in no key being distributed. This commit only partially address the issue.
2024-01-23 16:56:51 +00:00
return nil, ErrNoRatchetKey
feat: encrypt `CommunityDescription` fields Extended `CommunityDescription` with a `privateData` map. This map associates each hash ratchet `key_id` and `seq_no` with an encrypted `CommunityDescription`. Each encrypted instance includes only data requiring encryption. closes: status-im/status-desktop#12851 closes: status-im/status-desktop#12852 closes: status-im/status-desktop#12853
2023-11-29 17:21:21 +00:00
}
return p.encryptor.DecryptWithHR(ratchet, seqNo, payload)
}