Page MenuHomePhabricator
Differential D8061

[identity] validate signed message from keyserver
ClosedPublic
Actions

Authored by varun on Jun 1 2023, 1:35 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Apr 18, 3:36 AM
Unknown Object (File)
Thu, Apr 18, 3:36 AM
Unknown Object (File)
Thu, Apr 18, 3:36 AM
Unknown Object (File)
Thu, Apr 18, 3:36 AM
Unknown Object (File)
Thu, Apr 18, 3:34 AM
Unknown Object (File)
Feb 27 2024, 5:51 AM
Unknown Object (File)
Feb 27 2024, 5:51 AM
Unknown Object (File)
Feb 27 2024, 5:51 AM
View All 21 Files
Subscribers
ashoat
tomek

Details

Reviewers
jon
bartek
Commits
rCOMMcfb023497056: [identity] validate signed message from keyserver
Summary

introduce a new function that validates the signed keyserver message sent as part of registration start request (for claiming a reserved username)

checks that the message is the right format, the username in the message matches the username in the gRPC request field, and the timestamp is valid. once we have the keyserver public key available, we should actually verify the signature.

Depends on D8060

Test Plan

tested in subsequent diff which uses the new validate function

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

varun created this revision.Jun 1 2023, 1:35 PM
Herald added subscribers: tomek, ashoat. · View Herald TranscriptJun 1 2023, 1:35 PM
varun added a child revision: D8062: [identity] register_reserved_password_user_start method.Jun 1 2023, 1:38 PM
Harbormaster completed remote builds in B19966: Diff 27374.Jun 1 2023, 1:54 PM
varun requested review of this revision.Jun 1 2023, 1:54 PM
jon accepted this revision.Jun 2 2023, 8:32 AM

rust looks fine. Not a big fan of parsing text for certain values though.

services/identity/src/reserved_users.rs
16 ↗(On Diff #27374)

we can't just return a JSON object, or something similar?

This revision is now accepted and ready to land.Jun 2 2023, 8:32 AM
varun added inline comments.Jun 4 2023, 8:47 PM
services/identity/src/reserved_users.rs
16 ↗(On Diff #27374)

yeah we can have the message for signing be a stringified JSON object

varun updated this revision to Diff 27432.Jun 4 2023, 9:12 PM

address feedback

varun requested review of this revision.Jun 4 2023, 9:13 PM
varun added 1 blocking reviewer(s): jon.

I changed a decent amount of this code so requesting review again

Harbormaster completed remote builds in B20015: Diff 27432.Jun 4 2023, 9:30 PM
bartek accepted this revision.Jun 5 2023, 12:01 AM
jon accepted this revision.Jun 5 2023, 9:36 AM
This revision is now accepted and ready to land.Jun 5 2023, 9:36 AM
Closed by commit rCOMMcfb023497056: [identity] validate signed message from keyserver (authored by varun). · Explain WhyJun 6 2023, 12:07 PM
This revision was automatically updated to reflect the committed changes.
varun added a commit: rCOMMcfb023497056: [identity] validate signed message from keyserver.

Revision Contents
Changeset List

PathSize
services/
identity/
1 line
src/
1 line
56 lines

Diff 27506

View Options

services/identity/Cargo.lock

Loading...
View Options

services/identity/Cargo.toml

Loading...
View Options

services/identity/src/main.rs

Loading...
View Options

services/identity/src/reserved_users.rs

Loading...