Page MenuHomePhabricator

[identity] validate signed message from keyserver
ClosedPublic

Authored by varun on Jun 1 2023, 1:35 PM.
Tags
None
Referenced Files
F3500719: D8061.diff
Fri, Dec 20, 2:27 AM
Unknown Object (File)
Nov 18 2024, 1:51 PM
Unknown Object (File)
Nov 9 2024, 11:01 AM
Unknown Object (File)
Nov 1 2024, 5:48 AM
Unknown Object (File)
Nov 1 2024, 5:48 AM
Unknown Object (File)
Nov 1 2024, 5:48 AM
Unknown Object (File)
Nov 1 2024, 5:48 AM
Unknown Object (File)
Nov 1 2024, 5:40 AM
Subscribers

Details

Summary

introduce a new function that validates the signed keyserver message sent as part of registration start request (for claiming a reserved username)

checks that the message is the right format, the username in the message matches the username in the gRPC request field, and the timestamp is valid. once we have the keyserver public key available, we should actually verify the signature.

Depends on D8060

Test Plan

tested in subsequent diff which uses the new validate function

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

varun requested review of this revision.Jun 1 2023, 1:54 PM

rust looks fine. Not a big fan of parsing text for certain values though.

services/identity/src/reserved_users.rs
16 ↗(On Diff #27374)

we can't just return a JSON object, or something similar?

This revision is now accepted and ready to land.Jun 2 2023, 8:32 AM
services/identity/src/reserved_users.rs
16 ↗(On Diff #27374)

yeah we can have the message for signing be a stringified JSON object

varun requested review of this revision.Jun 4 2023, 9:13 PM
varun added 1 blocking reviewer(s): jon.

I changed a decent amount of this code so requesting review again

This revision is now accepted and ready to land.Jun 5 2023, 9:36 AM