Page MenuHomePhabricator

[crypto] make sure short format of prekey is expected when creating an outbound session
ClosedPublic

Authored by varun on Mar 13 2024, 5:22 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Dec 24, 6:22 AM
Unknown Object (File)
Tue, Dec 24, 6:22 AM
Unknown Object (File)
Tue, Dec 24, 6:22 AM
Unknown Object (File)
Tue, Dec 24, 6:22 AM
Unknown Object (File)
Sun, Dec 1, 6:47 AM
Unknown Object (File)
Fri, Nov 29, 7:27 PM
Unknown Object (File)
Thu, Nov 28, 6:25 PM
Unknown Object (File)
Nov 25 2024, 5:42 AM
Subscribers

Details

Summary

on native, we were still uploading the long prekey format to the identity service. additionally, web and native, we were still expecting the long format when trying to create an outbound session.

changes in this diff:

  • expect short format on native/web when creating an outbound session
  • dedup prekeyBlob parsing
  • add prekey parsing to getOlmSessionInitializationData

Depends on D11312

Test Plan
  1. created notif session on native
  2. created notif session on web
  3. created content session on native

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

lib/actions/user-actions.js
768–779 ↗(On Diff #38046)

we can't change the keyserver response so instead we parse the prekey blobs here

lib/types/crypto-types.js
20–21 ↗(On Diff #38046)

i think this type was wrong. the stringified object looks like this:

"{curve25519: {AAAAAQ: "VQ+FGbgCmIowfBp6Z9IOXd07+L9U0SVLS4gdZ5wMmj0"}}"

varun requested review of this revision.Mar 13 2024, 5:38 PM
marcin requested changes to this revision.Mar 14 2024, 9:44 AM
marcin added inline comments.
lib/types/crypto-types.js
20 ↗(On Diff #38046)

Nit: Would be nice to somehow indicate that this map will only ever contain one key. Not sure how to achieve this flow though.

lib/utils/olm-utils.js
68 ↗(On Diff #38046)

How about old native/web client versions whose C++ code expects long format? There might be users running older app versions who log-out then log-in and want to instantiate session.

I would introduce second method - getAccountPrekeySetLegacy that is the version of getAccountPrekeySet prior to this diff and call the right one based on checking code version. This way we will avoid issues and it will be easy to remove this code in future when we update minimal supported code version.

This revision now requires changes to proceed.Mar 14 2024, 9:44 AM
varun requested review of this revision.Mar 14 2024, 9:30 PM
varun added inline comments.
lib/types/crypto-types.js
20 ↗(On Diff #38046)

i think that would have to be enforced at runtime, unfortunately

lib/utils/olm-utils.js
68 ↗(On Diff #38046)

getAccountPrekeysSet is logically the same as before. i just dedup'd some code

marcin added inline comments.
lib/utils/olm-utils.js
68 ↗(On Diff #38046)

Sorry for that - you are right.

This revision is now accepted and ready to land.Mar 15 2024, 1:41 AM

I would be good to land this soon, as it's blocking some folks