Page MenuHomePhabricator
Differential D7082

[keyserver] Handle `SIGNED_IDENTITY_KEYS_BLOB` response
ClosedPublic
Actions

Authored by atul on Mar 15 2023, 1:42 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Nov 19, 10:00 AM
Unknown Object (File)
Tue, Nov 19, 10:00 AM
Unknown Object (File)
Tue, Nov 19, 10:00 AM
Unknown Object (File)
Tue, Nov 19, 9:59 AM
Unknown Object (File)
Tue, Nov 19, 9:36 AM
Unknown Object (File)
Fri, Nov 8, 3:32 AM
Unknown Object (File)
Wed, Nov 6, 3:12 AM
Unknown Object (File)
Mon, Nov 4, 11:35 PM
View All Files
Subscribers
tomek

Details

Reviewers
ashoat
marcin
Commits
rCOMM734df39d7857: [keyserver] Handle `SIGNED_IDENTITY_KEYS_BLOB` response
Summary

When we receive a SIGNED_IDENTITY_KEYS_BLOB response from the client, we want to verify the signature of the payload and then update the signed_identity_keys column of the cookies row in the DB.

(I didn't know what the right approach for error-handling here was, so I'm just continueing through the loop if the signedIdentityKeysBlob object is malformed?)

Depends on D7070

Test Plan
  1. Nuke signed_identity_keys column for all rows of cookies table:

c83d33.png (1×856 px, 92 KB)

  1. Refresh the page on web so handleInitialClientSocketMessage gets hit on the keyserver
  2. Observe that the web client constructs and sends a valid signedIdentityKeysBlob by setting breakpoints in keyserver:

0ebd50.png (1×3 px, 722 KB)

  1. Step through processClientResponses on the keyserver and make sure cookies table is updated as expected:

a1b039.png (118×3 px, 68 KB)

  1. "Refresh" the native app running in iOS Simulator so handleInitialClientSocketMessage gets hit on the keyserver.
  2. Observe that the native client constructs and sends a valid signedIdentityKeysBlob by setting breakpoints in keyserver:

5692a0.png (2×3 px, 1 MB)

  1. Step through processClientResponses on the keyserver and make sure cookies table is updated as expected:

08719d.png (162×2 px, 91 KB)

Diff Detail

Repository
rCOMM Comm
Branch
arcpatch-D7082 (branched from master)
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

atul created this revision.Mar 15 2023, 1:42 PM
Herald added a subscriber: tomek. · View Herald TranscriptMar 15 2023, 1:42 PM
atul published this revision for review.Mar 15 2023, 1:43 PM

This is the last diff in the stack that I planned on putting up Monday/Tuesday, but ran into issues with D7081. Going to do some additional testing before landing to be extra careful.

atul edited the test plan for this revision. (Show Details)Mar 15 2023, 1:45 PM
ashoat accepted this revision.Mar 15 2023, 1:54 PM
ashoat added inline comments.
keyserver/src/socket/session-utils.js
213–223 ↗(On Diff #23771)

Parts of this seem copy-pasted, wonder if it's easy to factor out

This revision is now accepted and ready to land.Mar 15 2023, 1:54 PM
Harbormaster completed remote builds in B17354: Diff 23771.Mar 15 2023, 1:57 PM
atul added inline comments.Mar 15 2023, 4:24 PM
keyserver/src/socket/session-utils.js
213–223 ↗(On Diff #23771)

The signedIdentityKeysBlob verification in user-responders (for login/register/SIWE) can definitely be factored out since they're identical + error handling is the same. Error handling is slightly different here. I'll create a task.

atul updated this revision to Diff 23777.Mar 15 2023, 4:32 PM

rebase before landing

keyserver/src/socket/session-utils.js
213–223 ↗(On Diff #23771)

https://linear.app/comm/issue/ENG-3337/consider-factoring-out-signedidentitykeyblob-verification

This revision was landed with ongoing or failed builds.Mar 15 2023, 4:35 PM
Closed by commit rCOMM734df39d7857: [keyserver] Handle `SIGNED_IDENTITY_KEYS_BLOB` response (authored by atul). · Explain Why
This revision was automatically updated to reflect the committed changes.
atul added a commit: rCOMM734df39d7857: [keyserver] Handle `SIGNED_IDENTITY_KEYS_BLOB` response.
Harbormaster completed remote builds in B17358: Diff 23777.Mar 15 2023, 4:47 PM

Revision Contents
Changeset List

PathSize
keyserver/
src/
socket/
30 lines

Diff 23777

View Options

keyserver/src/socket/session-utils.js

Loading...