Details

Reviewers

ashoat
• jon

Commits

rCOMMf4c627481d6e: Implement endpoint on the keyserver to get one time keys and prekey to…

Summary

This differential implements an endpoint on the keyserver to get data necessary to initialize olm session with the client.

Test Plan

Call commCoreModule.initializeCryptoAccount() (it is called in log-in-panel via nativeLogInExtraInfoSelector). This ensures notifications session is initialized. Then call this endpoint to get necessary data to initialize sesion for notifications. Pass obtained data to
commCoreModule.initializeNotificationsSession().

Diff Detail

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

marcin created this revision.Apr 24 2023, 6:43 AM

Herald added a subscriber: ashoat. · View Herald TranscriptApr 24 2023, 6:43 AM

marcin added a parent revision: D7570: Implement prekey lifecycle on the keyserver.Apr 24 2023, 6:44 AM

Harbormaster completed remote builds in B18697: Diff 25607.Apr 24 2023, 7:01 AM

marcin requested review of this revision.Apr 24 2023, 7:01 AM

I think we'll need to find a way to synchronize any updates to Olm accounts / sessions so that we only do one such update at a time

keyserver/src/responders/keys-responders.js
57 ↗	(On Diff #25607)	There is a serious issue here, which is that we are not returning a signed prekey. I created ENG-3754 to track
66 ↗	(On Diff #25607)	There appears to be a serious risk of a data race here causing one update to overwrite another

This revision now requires changes to proceed.Apr 24 2023, 8:21 AM

ashoat added inline comments.Apr 24 2023, 9:07 AM

keyserver/src/responders/keys-responders.js
37 ↗	(On Diff #25607)	Let's name this `getOlmNotifSessionInitializationDataResponder` and only support `notifications`
57 ↗	(On Diff #25607)	Clarification: this should be signed by the notif identity's signing key. The client will trust that, because it is inside the signed identity keys blob, which is itself signed by the primary identity's signing key
63 ↗	(On Diff #25607)	Let's avoid sending these identity keys... instead, let's return the signed identity keys blob

ashoat added a reviewer: • jon.Apr 25 2023, 11:06 AM

marcin added inline comments.Apr 26 2023, 5:42 AM

keyserver/src/responders/keys-responders.js
37 ↗	(On Diff #25607)	Done renaming
57 ↗	(On Diff #25607)	Will be monitoring: https://linear.app/comm/issue/ENG-3754/signing-the-prekey. If it is not done by the time I want to land this diff, I will sign prekey here and send signature with the response to the client, where it will be verified with `crypto::CryptoModule::verifySignature(...)`;
66 ↗	(On Diff #25607)	Novel approach should mitigate the risk.

Use transactional olm account updater.
Rename to getOlm{Notifs}SessionInitializationData...`.
Respond with SignedIdentityKeysBlob instead of plain identity keys.

Harbormaster completed remote builds in B18805: Diff 25761.Apr 26 2023, 6:01 AM

ashoat mentioned this in D7570: Implement prekey lifecycle on the keyserver.Apr 26 2023, 6:41 AM

Boilerplate to use dispatchActionPromise

marcin added a child revision: D7631: Implement utilities and database query wrapper to create new olm session on eht keyserver side.Apr 27 2023, 6:24 AM

Harbormaster completed remote builds in B18849: Diff 25818.Apr 27 2023, 6:36 AM

ashoat requested changes to this revision.Apr 27 2023, 8:09 AM

ashoat added a subscriber: anunay.

ashoat added inline comments.

keyserver/src/responders/keys-responders.js
38 ↗	(On Diff #25818)	We can remove this and assume the client will always want just a single one-time key
54 ↗	(On Diff #25818)	We can call `account.prekey_signature()` here to get the prekey signature
62 ↗	(On Diff #25818)	We'll need to do this for the content account as well
58 ↗	(On Diff #25761)	Did you mean this?
lib/types/request-types.js
202 ↗	(On Diff #25818)	Since this endpoint will only be used for a client to connect with the keyserver, I think we will always ask for a single one-time key, and we can remove `GetOlmNotifsSessionInitializationDataRequest` altogether
205–209 ↗	(On Diff #25818)	Following the discussion in today's encryption sync, I think this type should look like this: type OlmAccountSessionInitializationInfo = { +prekey: string, +prekeySignature: string, +oneTimeKey: string, }; export type GetOlmSessionInitializationDataResponse = { +signedIdentityKeysBlob: SignedIdentityKeysBlob, +contentInitializationInfo: OlmAccountSessionInitializationInfo, +notifInitializationInfo: OlmAccountSessionInitializationInfo, };
207 ↗	(On Diff #25761)	Based on this comment on Linear, it appears that we will need to also include a prekey signature here. (Worth confirming with @anunay)

This revision now requires changes to proceed.Apr 27 2023, 8:09 AM

(Removing most reviewers to clear out their queues, feel free to re-add yourself if you're interested)

ashoat added inline comments.Apr 27 2023, 8:32 AM

keyserver/src/responders/keys-responders.js
41 ↗	(On Diff #25818)	We should rename this (and all related names) to not mention "Notifs" anymore, since it will have to initialize both `OlmAccount`s now

marcin added inline comments.May 2 2023, 2:29 AM

lib/types/request-types.js
205–209 ↗	(On Diff #25818)	Looking at the Linear issues it looks like we don't need to send prekey signature anymore

marcin added inline comments.May 2 2023, 4:31 AM

lib/types/request-types.js
205–209 ↗	(On Diff #25818)	Please ignore the comment above.

Return data for both accounts.

Harbormaster completed remote builds in B18985: Diff 26002.May 2 2023, 8:48 AM

Great work here! Mostly requesting changes to get rid of the any type. You'll also potentially need to refactor the use of fetchCallUpdateOlmAccount following my feedback in D7568

keyserver/src/responders/keys-responders.js
50 ↗	(On Diff #26002)	My feedback here was not addressed
81 ↗	(On Diff #26002)	You should never submit a diff with `any`. If you do, you should always annotate and attempt to justify it. Please find a way to remove this `any`
117 ↗	(On Diff #26002)	Get rid of `any`