diff --git a/keyserver/addons/rust-node-addon/src/identity_client/mod.rs b/keyserver/addons/rust-node-addon/src/identity_client/mod.rs --- a/keyserver/addons/rust-node-addon/src/identity_client/mod.rs +++ b/keyserver/addons/rust-node-addon/src/identity_client/mod.rs @@ -9,11 +9,13 @@ use client_proto::identity_client_service_client::IdentityClientServiceClient; use client_proto::{ AddReservedUsernamesRequest, DeviceKeyUpload, DeviceType, IdentityKeyInfo, - InboundKeyInfo, PreKey, RegistrationFinishRequest, RegistrationStartRequest, + PreKey, RegistrationFinishRequest, RegistrationStartRequest, RemoveReservedUsernameRequest, }; use grpc_clients::identity::authenticated::ChainedInterceptedAuthClient; -use grpc_clients::identity::protos::authenticated::UploadOneTimeKeysRequest; +use grpc_clients::identity::protos::authenticated::{ + InboundKeyInfo, UploadOneTimeKeysRequest, +}; use grpc_clients::identity::protos::unauthenticated as client_proto; use grpc_clients::identity::shared::CodeVersionLayer; use lazy_static::lazy_static; diff --git a/native/native_rust_library/src/lib.rs b/native/native_rust_library/src/lib.rs --- a/native/native_rust_library/src/lib.rs +++ b/native/native_rust_library/src/lib.rs @@ -2,12 +2,12 @@ use comm_opaque2::client::{Login, Registration}; use comm_opaque2::grpc::opaque_error_to_grpc_status as handle_error; use grpc_clients::identity::protos::authenticated::{ - OutboundKeysForUserRequest, UpdateUserPasswordFinishRequest, + OutboundKeyInfo, OutboundKeysForUserRequest, UpdateUserPasswordFinishRequest, UpdateUserPasswordStartRequest, }; use grpc_clients::identity::protos::client::{ DeviceKeyUpload, DeviceType, Empty, IdentityKeyInfo, - OpaqueLoginFinishRequest, OpaqueLoginStartRequest, OutboundKeyInfo, PreKey, + OpaqueLoginFinishRequest, OpaqueLoginStartRequest, PreKey, RegistrationFinishRequest, RegistrationStartRequest, WalletLoginRequest, }; use grpc_clients::identity::{get_auth_client, get_unauthenticated_client}; diff --git a/services/identity/src/grpc_services/authenticated.rs b/services/identity/src/grpc_services/authenticated.rs --- a/services/identity/src/grpc_services/authenticated.rs +++ b/services/identity/src/grpc_services/authenticated.rs @@ -25,9 +25,10 @@ } use auth_proto::{ find_user_id_request, identity_client_service_server::IdentityClientService, - FindUserIdRequest, FindUserIdResponse, KeyserverKeysResponse, - OutboundKeyInfo, OutboundKeysForUserRequest, RefreshUserPreKeysRequest, - UploadOneTimeKeysRequest, + FindUserIdRequest, FindUserIdResponse, InboundKeyInfo, + InboundKeysForUserRequest, InboundKeysForUserResponse, KeyserverKeysResponse, + OutboundKeyInfo, OutboundKeysForUserRequest, OutboundKeysForUserResponse, + RefreshUserPreKeysRequest, UploadOneTimeKeysRequest, }; use client::{Empty, IdentityKeyInfo}; use tracing::{debug, error}; @@ -127,9 +128,8 @@ async fn get_outbound_keys_for_user( &self, - request: tonic::Request, - ) -> Result, tonic::Status> - { + request: tonic::Request, + ) -> Result, tonic::Status> { let message = request.into_inner(); let devices_map = self @@ -146,7 +146,7 @@ device_info, auth_type: None, }; - match client::OutboundKeyInfo::try_from(device_info_with_auth) { + match OutboundKeyInfo::try_from(device_info_with_auth) { Ok(key_info) => Some((key, key_info)), Err(_) => { error!("Failed to transform device info for key {}", key); @@ -156,16 +156,15 @@ }) .collect::>(); - Ok(tonic::Response::new(client::OutboundKeysForUserResponse { + Ok(tonic::Response::new(OutboundKeysForUserResponse { devices: transformed_devices, })) } async fn get_inbound_keys_for_user( &self, - request: tonic::Request, - ) -> Result, tonic::Status> - { + request: tonic::Request, + ) -> Result, tonic::Status> { let message = request.into_inner(); let devices_map = self @@ -182,7 +181,7 @@ device_info, auth_type: None, }; - match client::InboundKeyInfo::try_from(device_info_with_auth) { + match InboundKeyInfo::try_from(device_info_with_auth) { Ok(key_info) => Some((key, key_info)), Err(_) => { error!("Failed to transform device info for key {}", key); @@ -192,7 +191,7 @@ }) .collect::>(); - Ok(tonic::Response::new(client::InboundKeysForUserResponse { + Ok(tonic::Response::new(InboundKeysForUserResponse { devices: transformed_devices, })) } diff --git a/services/identity/src/grpc_utils.rs b/services/identity/src/grpc_utils.rs --- a/services/identity/src/grpc_utils.rs +++ b/services/identity/src/grpc_utils.rs @@ -5,10 +5,9 @@ use crate::{ client_service::client_proto::{ - DeviceKeyUpload, IdentityKeyInfo, InboundKeyInfo, OpaqueLoginStartRequest, - OutboundKeyInfo, PreKey, RegistrationStartRequest, - ReservedRegistrationStartRequest, ReservedWalletLoginRequest, - WalletLoginRequest, + DeviceKeyUpload, IdentityKeyInfo, OpaqueLoginStartRequest, PreKey, + RegistrationStartRequest, ReservedRegistrationStartRequest, + ReservedWalletLoginRequest, WalletLoginRequest, }, constants::{ CONTENT_ONE_TIME_KEY, NOTIF_ONE_TIME_KEY, @@ -21,6 +20,7 @@ USERS_TABLE_DEVICES_MAP_SOCIAL_PROOF_ATTRIBUTE_NAME, }, database::DeviceKeys, + grpc_services::authenticated::auth_proto::{InboundKeyInfo, OutboundKeyInfo}, token::AuthType, }; diff --git a/shared/protos/identity_authenticated.proto b/shared/protos/identity_authenticated.proto --- a/shared/protos/identity_authenticated.proto +++ b/shared/protos/identity_authenticated.proto @@ -10,6 +10,7 @@ // token through an interceptor, thus avoiding the need to explicitly pass // the credentials on every request service IdentityClientService { + // X3DH actions // Replenish one-time preKeys rpc UploadOneTimeKeys(UploadOneTimeKeysRequest) @@ -25,13 +26,13 @@ // - Identity keys (both Content and Notif Keys) // - PreKey (including preKey signature) // - One-time PreKey - rpc GetOutboundKeysForUser(OutboundKeysForUserRequest) - returns (identity.client.OutboundKeysForUserResponse) {} + rpc GetOutboundKeysForUser(OutboundKeysForUserRequest) returns + (OutboundKeysForUserResponse) {} // Called by receivers of a communication request. The reponse will only // return identity keys (both content and notif keys) and related prekeys per // device, but will not contain one-time keys. - rpc GetInboundKeysForUser(InboundKeysForUserRequest) - returns (identity.client.InboundKeysForUserResponse) {} + rpc GetInboundKeysForUser(InboundKeysForUserRequest) returns + (InboundKeysForUserResponse) {} // Called by user to update password and receive new access token rpc UpdateUserPasswordStart(UpdateUserPasswordStartRequest) returns @@ -84,6 +85,13 @@ optional OutboundKeyInfo keyserverInfo = 1; } +// GetOutboundKeysForUser + +message OutboundKeysForUserResponse { + // Map is keyed on devices' public ed25519 key used for signing + map devices = 1; +} + // Information needed by a device to establish communcation when responding // to a request. // The device receiving a request only needs the content key and prekey. @@ -91,6 +99,19 @@ string userID = 1; } +// GetInboundKeysForUser + +message InboundKeyInfo { + identity.client.IdentityKeyInfo identityInfo = 1; + identity.client.PreKey contentPrekey = 2; + identity.client.PreKey notifPrekey = 3; +} + +message InboundKeysForUserResponse { + // Map is keyed on devices' public ed25519 key used for signing + map devices = 1; +} + message InboundKeysForUserRequest { string userID = 1; } diff --git a/shared/protos/identity_client.proto b/shared/protos/identity_client.proto --- a/shared/protos/identity_client.proto +++ b/shared/protos/identity_client.proto @@ -214,35 +214,6 @@ string nonce = 1; } -// GetOutboundKeysForUser - -// Information needed when establishing communication to someone else's device -message OutboundKeyInfo { - IdentityKeyInfo identityInfo = 1; - PreKey contentPrekey = 2; - PreKey notifPrekey = 3; - optional string oneTimeContentPrekey = 4; - optional string oneTimeNotifPrekey = 5; -} - -message OutboundKeysForUserResponse { - // Map is keyed on devices' public ed25519 key used for signing - map devices = 1; -} - -// GetInboundKeysForUser - -message InboundKeyInfo { - IdentityKeyInfo identityInfo = 1; - PreKey contentPrekey = 2; - PreKey notifPrekey = 3; -} - -message InboundKeysForUserResponse { - // Map is keyed on devices' public ed25519 key used for signing - map devices = 1; -} - // VerifyUserAccessToken message VerifyUserAccessTokenRequest {