Page MenuHomePhabricator
Differential D6896

[web] Pass `signedIdentityKeysBlob` to `keyserver` on `siwe_auth`
ClosedPublic
Actions

Authored by atul on Feb 24 2023, 11:31 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, May 11, 12:03 AM
Unknown Object (File)
Sat, May 11, 12:03 AM
Unknown Object (File)
Sat, May 11, 12:03 AM
Unknown Object (File)
Sat, May 11, 12:03 AM
Unknown Object (File)
Sat, May 11, 12:03 AM
Unknown Object (File)
Fri, May 10, 7:30 AM
Unknown Object (File)
Fri, May 10, 7:30 AM
Unknown Object (File)
Fri, May 10, 7:30 AM
View All 65 Files
Subscribers
None

Details

Reviewers
ashoat
tomek
Commits
rCOMM0e56a7857d8c: [web] Pass `signedIdentityKeysBlob` to `keyserver` on `siwe_auth`
Summary

Include signedIdentityKeysBlob in siwe_auth request and update siweAuthRequestInputValidator to accept signedIdentityKeysBlob. Right now we don't do anything with the signedIdentityKeysBlob, but it's being passed to keyserver from web when hitting both login and siwe_auth endpoints.

Next up is

  1. Making sure that signedIdentityKeysBlob is valid (regex checks)
  2. Pulling out primary.ed25519 and verifying the payload signature (maybe an argument for leaving primaryIdentityPublicKey as part of the login request and maybe adding it to siwe_auth?)
  3. Stringifying the entire signedIdentityKeysBlob and storing it in the serverDB (going to do a migration to remove existing stuff first).

Depends on D6895

Test Plan

Set breakpoint in siweAuthResponder and observed that signedIdentityKeysBlob "made it through" and validator successfully validated request:

d5802c.png (1×2 px, 814 KB)

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

atul created this revision.Feb 24 2023, 11:31 PM
atul edited the summary of this revision. (Show Details)Feb 24 2023, 11:32 PM
Harbormaster completed remote builds in B16905: Diff 23096.Feb 24 2023, 11:46 PM
atul requested review of this revision.Feb 24 2023, 11:46 PM
atul added a child revision: D6897: [keyserver] Verify `signedIdentityKeysBlob` signature in `logInResponder`.Feb 25 2023, 1:18 AM
ashoat accepted this revision.Feb 26 2023, 5:40 AM

Nice!!

This revision is now accepted and ready to land.Feb 26 2023, 5:40 AM
ashoat added a comment.Feb 26 2023, 5:41 AM

PS looks like a missing screenshot in the Test Plan.

And RE this:

validator successfully validated request

Would be good to also validate that the signature can be verified on the keyserver side, but that can be done at a later step.

atul edited the test plan for this revision. (Show Details)Feb 26 2023, 5:18 PM
atul added a comment.Feb 26 2023, 5:54 PM

PS looks like a missing screenshot in the Test Plan.

Dang, swore I dragged it in... anyways updated Test Plan with screenshot

atul updated this revision to Diff 23128.Feb 26 2023, 6:02 PM

rebase + land

This revision was landed with ongoing or failed builds.Feb 26 2023, 6:03 PM
Closed by commit rCOMM0e56a7857d8c: [web] Pass `signedIdentityKeysBlob` to `keyserver` on `siwe_auth` (authored by atul). · Explain Why
This revision was automatically updated to reflect the committed changes.
atul added a commit: rCOMM0e56a7857d8c: [web] Pass `signedIdentityKeysBlob` to `keyserver` on `siwe_auth`.
Harbormaster completed remote builds in B16921: Diff 23128.Feb 26 2023, 6:17 PM

Revision Contents
Changeset List

PathSize
keyserver/
src/
responders/
1 line
web/
account/
62 lines

Diff 23129

View Options

keyserver/src/responders/user-responders.js

Loading...
View Options

web/account/siwe-login-form.react.js

Loading...