Icaro Motta 919277be38
feat(pairing)_: Fallback pairing seed (#5614) (#5627)
* feat(pairing)!: Add extra parameters and remove v2 compatibility

This commit includes the following changes:

I have added a flag to maintain 2.29 compatibility.

Breaking change in connection string

The local pairing code that was parsing the connection string had a few non-upgradable features:

It was strictly checking the number of parameters, throwing an error if the number was different. This made it impossible to add parameters to it without breaking.
It was strictly checking the version number. This made increasing the version number impossible as older client would just refuse to connect.
The code has been changed so that:

Two parameters have been added, installation-id and key-uid. Those are needed for the fallback flow.
I have also removed version from the payload, since it wasn't used.

This means that we don't support v1 anymore. V2 parsing is supported . Going forward there's a clear strategy on how to update the protocol (append parameters, don't change existing one).

https://www.youtube.com/watch?v=oyLBGkS5ICk Is a must watch video for understanding the strategy

Changed MessengerResponse to use internally a map of installations rather than an array (minor)
Just moving towards maps as arrays tend to lead to subtle bugs.

Moved pairing methods to messenger_pairing.go
Just moved some methods

Added 2 new methods for the fallback flow
FinishPairingThroughSeedPhraseProcess
https://github.com/status-im/status-go/pull/5567/files#diff-1ad620b07fa3bd5fbc96c9f459d88829938a162bf1aaf41c61dea6e38b488d54R29

EnableAndSyncInstallation

https://github.com/status-im/status-go/pull/5567/files#diff-1ad620b07fa3bd5fbc96c9f459d88829938a162bf1aaf41c61dea6e38b488d54R18

Flow for clients
Client A1 is logged in
Client A2 is logged out

Client A1 shows a QR code
Client A2 scans a QR code
If connection fails on A2, the user will be prompted to enter a seed phrase.
If the generated account matches the key-uid from the QR code, A2 should call FinishPairingThroughSeedPhraseProcess with the installation id passed in the QR code. This will send installation information over waku. The user should be shown its own installation id and prompted to check the other device.
Client A1 will receive new installation data through waku, if they are still on the qr code page, they should show a popup to the user showing the received installation id, and a way to Enable and Sync, which should call the EnableAndSyncInstallation endpoint. This should finish the fallback syncing flow.
Current issues
Currently I haven't tested that all the data is synced after finishing the flow. I see that the two devices are paired correctly, but for example the DisplayName is not changed on the receiving device. I haven't had time to look into it further.

* test_: add more test for connection string parser

* fix_: fix panic when parse old connection string

* test_: add comments for TestMessengerPairAfterSeedPhrase

* fix_: correct error description

* feat_:rename FinishPairingThroughSeedPhraseProcess to EnableInstallationAndPair

* fix_: delete leftover

* fix_: add UniqueKey method

* fix_: unify the response for InputConnectionStringForBootstrapping

* fix_: remove fields installationID and keyUID in GethStatusBackend

* fix_: rename messenger_pairing to messenger_pairing_and_syncing

---------

Co-authored-by: frank <lovefree103@gmail.com>
Co-authored-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2024-07-30 13:03:43 -03:00

420 lines
12 KiB
Go

package pairing
import (
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"encoding/json"
"net"
"time"
"github.com/ethereum/go-ethereum/log"
"go.uber.org/zap"
"github.com/status-im/status-go/timesource"
"github.com/status-im/status-go/api"
"github.com/status-im/status-go/logutils"
"github.com/status-im/status-go/server"
)
/*
|--------------------------------------------------------------------------
| type BaseServer struct {
|--------------------------------------------------------------------------
|
|
|
*/
type BaseServer struct {
server.Server
challengeGiver *ChallengeGiver
config ServerConfig
}
// NewBaseServer returns a *BaseServer init from the given *SenderServerConfig
func NewBaseServer(logger *zap.Logger, e *PayloadEncryptor, config *ServerConfig) (*BaseServer, error) {
cg, err := NewChallengeGiver(e, logger)
if err != nil {
return nil, err
}
bs := &BaseServer{
Server: server.NewServer(
config.Cert,
config.ListenIP.String(),
nil,
logger,
),
challengeGiver: cg,
config: *config,
}
bs.SetTimeout(config.Timeout)
return bs, nil
}
// MakeConnectionParams generates a *ConnectionParams based on the Server's current state
func (s *BaseServer) MakeConnectionParams() (*ConnectionParams, error) {
return NewConnectionParams(s.config.IPAddresses, s.MustGetPort(), s.config.PK, s.config.EK, s.config.InstallationID, s.config.KeyUID), nil
}
func MakeServerConfig(config *ServerConfig) error {
tlsKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
return err
}
AESKey := make([]byte, 32)
_, err = rand.Read(AESKey)
if err != nil {
return err
}
ips, err := server.GetLocalAddressesForPairingServer()
if err != nil {
return err
}
now := timesource.GetCurrentTime()
log.Debug("pairing server generate cert", "system time", time.Now().String(), "timesource time", now.String())
tlsCert, _, err := GenerateCertFromKey(tlsKey, now, ips, []string{})
if err != nil {
return err
}
config.PK = &tlsKey.PublicKey
config.EK = AESKey
config.Cert = &tlsCert
config.IPAddresses = ips
config.ListenIP = net.IPv4zero
return nil
}
/*
|--------------------------------------------------------------------------
| type SenderServer struct {
|--------------------------------------------------------------------------
|
| With AccountPayloadMounter, RawMessagePayloadMounter and InstallationPayloadMounterReceiver
|
*/
type SenderServer struct {
*BaseServer
accountMounter PayloadMounter
rawMessageMounter PayloadMounter
installationMounter PayloadMounterReceiver
backend *api.GethStatusBackend
}
// NewSenderServer returns a *SenderServer init from the given *SenderServerConfig
func NewSenderServer(backend *api.GethStatusBackend, config *SenderServerConfig) (*SenderServer, error) {
logger := logutils.ZapLogger().Named("SenderServer")
e := NewPayloadEncryptor(config.ServerConfig.EK)
bs, err := NewBaseServer(logger, e, config.ServerConfig)
if err != nil {
return nil, err
}
am, rmm, imr, err := NewPayloadMounters(logger, e, backend, config.SenderConfig)
if err != nil {
return nil, err
}
return &SenderServer{
BaseServer: bs,
accountMounter: am,
rawMessageMounter: rmm,
installationMounter: imr,
backend: backend,
}, nil
}
func (s *SenderServer) startSendingData() error {
logger := s.GetLogger()
beforeSending := func() {
if s.backend != nil {
err := s.backend.LocalPairingStarted()
if err != nil {
logger.Error("startSendingData backend.LocalPairingStarted()", zap.Error(err))
}
}
}
s.SetHandlers(server.HandlerPatternMap{
pairingChallenge: handlePairingChallenge(s.challengeGiver),
pairingSendAccount: middlewareChallenge(s.challengeGiver, handleSendAccount(logger, s.accountMounter, beforeSending)),
pairingSendSyncDevice: middlewareChallenge(s.challengeGiver, handlePairingSyncDeviceSend(logger, s.rawMessageMounter, beforeSending)),
// TODO implement refactor of installation data exchange to follow the send/receive pattern of
// the other handlers.
// https://github.com/status-im/status-go/issues/3304
// receive installation data from receiver
pairingReceiveInstallation: middlewareChallenge(s.challengeGiver, handleReceiveInstallation(s.GetLogger(), s.installationMounter)),
})
return s.Start()
}
// MakeFullSenderServer generates a fully configured and randomly seeded SenderServer
func MakeFullSenderServer(backend *api.GethStatusBackend, config *SenderServerConfig) (*SenderServer, error) {
config.ServerConfig.InstallationID = backend.InstallationID()
config.ServerConfig.KeyUID = backend.KeyUID()
err := MakeServerConfig(config.ServerConfig)
if err != nil {
return nil, err
}
config.SenderConfig.DB = backend.GetMultiaccountDB()
return NewSenderServer(backend, config)
}
// StartUpSenderServer generates a SenderServer, starts the sending server
// and returns the ConnectionParams string to allow a ReceiverClient to make a successful connection.
func StartUpSenderServer(backend *api.GethStatusBackend, configJSON string) (string, error) {
conf := NewSenderServerConfig()
err := json.Unmarshal([]byte(configJSON), conf)
if err != nil {
return "", err
}
if len(conf.SenderConfig.ChatKey) == 0 {
err = validateAndVerifyPassword(conf, conf.SenderConfig)
if err != nil {
return "", err
}
}
ps, err := MakeFullSenderServer(backend, conf)
if err != nil {
return "", err
}
err = ps.startSendingData()
if err != nil {
return "", err
}
cp, err := ps.MakeConnectionParams()
if err != nil {
return "", err
}
return cp.ToString(), nil
}
/*
|--------------------------------------------------------------------------
| ReceiverServer
|--------------------------------------------------------------------------
|
| With AccountPayloadReceiver, RawMessagePayloadReceiver, InstallationPayloadMounterReceiver
|
*/
type ReceiverServer struct {
*BaseServer
accountReceiver PayloadReceiver
rawMessageReceiver PayloadReceiver
installationReceiver PayloadMounterReceiver
backend *api.GethStatusBackend
}
// NewReceiverServer returns a *SenderServer init from the given *ReceiverServerConfig
func NewReceiverServer(backend *api.GethStatusBackend, config *ReceiverServerConfig) (*ReceiverServer, error) {
logger := logutils.ZapLogger().Named("SenderServer")
e := NewPayloadEncryptor(config.ServerConfig.EK)
bs, err := NewBaseServer(logger, e, config.ServerConfig)
if err != nil {
return nil, err
}
ar, rmr, imr, err := NewPayloadReceivers(logger, e, backend, config.ReceiverConfig)
if err != nil {
return nil, err
}
return &ReceiverServer{
BaseServer: bs,
accountReceiver: ar,
rawMessageReceiver: rmr,
installationReceiver: imr,
backend: backend,
}, nil
}
func (s *ReceiverServer) startReceivingData() error {
logger := s.GetLogger()
beforeSending := func() {
if s.backend != nil {
err := s.backend.LocalPairingStarted()
if err != nil {
logger.Error("startSendingData backend.LocalPairingStarted()", zap.Error(err))
}
}
}
s.SetHandlers(server.HandlerPatternMap{
pairingChallenge: handlePairingChallenge(s.challengeGiver),
pairingReceiveAccount: handleReceiveAccount(logger, s.accountReceiver),
pairingReceiveSyncDevice: handleParingSyncDeviceReceive(logger, s.rawMessageReceiver),
// TODO implement refactor of installation data exchange to follow the send/receive pattern of
// the other handlers.
// https://github.com/status-im/status-go/issues/3304
// send installation data back to sender
pairingSendInstallation: middlewareChallenge(s.challengeGiver, handleSendInstallation(logger, s.installationReceiver, beforeSending)),
})
return s.Start()
}
// MakeFullReceiverServer generates a fully configured and randomly seeded ReceiverServer
func MakeFullReceiverServer(backend *api.GethStatusBackend, config *ReceiverServerConfig) (*ReceiverServer, error) {
config.ServerConfig.InstallationID = backend.InstallationID()
config.ServerConfig.KeyUID = backend.KeyUID()
err := MakeServerConfig(config.ServerConfig)
if err != nil {
return nil, err
}
// ignore err because we allow no active account here
activeAccount, _ := backend.GetActiveAccount()
if activeAccount != nil {
config.ReceiverConfig.LoggedInKeyUID = activeAccount.KeyUID
}
config.ReceiverConfig.DB = backend.GetMultiaccountDB()
return NewReceiverServer(backend, config)
}
// StartUpReceiverServer generates a ReceiverServer, starts the sending server
// and returns the ConnectionParams string to allow a SenderClient to make a successful connection.
func StartUpReceiverServer(backend *api.GethStatusBackend, configJSON string) (string, error) {
conf := NewReceiverServerConfig()
err := json.Unmarshal([]byte(configJSON), conf)
if err != nil {
return "", err
}
receiverConf := conf.ReceiverConfig
if err = setDefaultNodeConfig(receiverConf.NodeConfig); err != nil {
return "", err
}
err = validateAndVerifyNodeConfig(conf, receiverConf)
if err != nil {
return "", err
}
ps, err := MakeFullReceiverServer(backend, conf)
if err != nil {
return "", err
}
err = ps.startReceivingData()
if err != nil {
return "", err
}
cp, err := ps.MakeConnectionParams()
if err != nil {
return "", err
}
return cp.ToString(), nil
}
/*
|--------------------------------------------------------------------------
| type KeystoreFilesSenderServer struct {
|--------------------------------------------------------------------------
*/
type KeystoreFilesSenderServer struct {
*BaseServer
keystoreFilesMounter PayloadMounter
backend *api.GethStatusBackend
}
func NewKeystoreFilesSenderServer(backend *api.GethStatusBackend, config *KeystoreFilesSenderServerConfig) (*KeystoreFilesSenderServer, error) {
logger := logutils.ZapLogger().Named("SenderServer")
e := NewPayloadEncryptor(config.ServerConfig.EK)
bs, err := NewBaseServer(logger, e, config.ServerConfig)
if err != nil {
return nil, err
}
kfm, err := NewKeystoreFilesPayloadMounter(backend, e, config.SenderConfig, logger)
if err != nil {
return nil, err
}
return &KeystoreFilesSenderServer{
BaseServer: bs,
keystoreFilesMounter: kfm,
backend: backend,
}, nil
}
func (s *KeystoreFilesSenderServer) startSendingData() error {
logger := s.GetLogger()
beforeSending := func() {
if s.backend != nil {
err := s.backend.LocalPairingStarted()
if err != nil {
logger.Error("startSendingData backend.LocalPairingStarted()", zap.Error(err))
}
}
}
s.SetHandlers(server.HandlerPatternMap{
pairingChallenge: handlePairingChallenge(s.challengeGiver),
pairingSendAccount: middlewareChallenge(s.challengeGiver, handleSendAccount(logger, s.keystoreFilesMounter, beforeSending)),
})
return s.Start()
}
// MakeFullSenderServer generates a fully configured and randomly seeded KeystoreFilesSenderServer
func MakeKeystoreFilesSenderServer(backend *api.GethStatusBackend, config *KeystoreFilesSenderServerConfig) (*KeystoreFilesSenderServer, error) {
config.ServerConfig.InstallationID = backend.InstallationID()
config.ServerConfig.KeyUID = backend.KeyUID()
err := MakeServerConfig(config.ServerConfig)
if err != nil {
return nil, err
}
return NewKeystoreFilesSenderServer(backend, config)
}
// StartUpKeystoreFilesSenderServer generates a KeystoreFilesSenderServer, starts the sending server
// and returns the ConnectionParams string to allow a ReceiverClient to make a successful connection.
func StartUpKeystoreFilesSenderServer(backend *api.GethStatusBackend, configJSON string) (string, error) {
conf := NewKeystoreFilesSenderServerConfig()
err := json.Unmarshal([]byte(configJSON), conf)
if err != nil {
return "", err
}
err = validateKeystoreFilesConfig(backend, conf)
if err != nil {
return "", err
}
ps, err := MakeKeystoreFilesSenderServer(backend, conf)
if err != nil {
return "", err
}
err = ps.startSendingData()
if err != nil {
return "", err
}
cp, err := ps.MakeConnectionParams()
if err != nil {
return "", err
}
return cp.ToString(), nil
}