Page MenuHomePhabricator

[client-backup] call C++ function for secure generating random string
ClosedPublic

Authored by kamil on Aug 21 2023, 5:02 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Dec 15, 1:56 AM
Unknown Object (File)
Sun, Dec 15, 1:56 AM
Unknown Object (File)
Sun, Dec 15, 1:54 AM
Unknown Object (File)
Sun, Dec 15, 1:29 AM
Unknown Object (File)
Tue, Nov 26, 5:16 AM
Unknown Object (File)
Sat, Nov 23, 1:46 AM
Unknown Object (File)
Nov 22 2024, 9:26 PM
Unknown Object (File)
Nov 22 2024, 11:59 AM
Subscribers

Details

Summary

ENG-4498.

Placing this here to execute this on crypto thread.

Depends on D8886

Test Plan

Call commCoreModule.generateRandomString.

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kamil held this revision as a draft.
kamil published this revision for review.Aug 21 2023, 6:39 AM
native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
848 ↗(On Diff #30135)

Is CommCoreModule the best place for this? I vaguely recall that we had been separating some stuff out into other files

marcin added inline comments.
native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
848 ↗(On Diff #30135)

Nit: The size argument should be integer.

848 ↗(On Diff #30135)

Is CommCoreModule the best place for this? I vaguely recall that we had been separating some stuff out into other files

I recall a conversation with @kamil where he shared similar concerns about over-populating CommCoreModule and planned to refactor the code if there iso enough time at the end of the month. The reason for not doing ot now is that it is not so straightforward since there are already some methods in CommCoreModule like getUserPublicKeys that utilize cryptoThread and are called from JS. So we either have to:

  • move all methods accessing cryptoThread to a separate turbo module (CommCryptoModule?)
  • Implement GlobalCryptoSingleton and split crypto methods between CommCoreModule and CommCryptoModule
857 ↗(On Diff #30135)

I am afraid that this might not be the right way of checking for exception here. I have recently experienced it myself that exception thrown from purely Objective-C iOS code (@throw [NSException....]) is not caught within C++ try{}...catch{}. I am not sure about Java. Since generateRandomString uses native secureRandomBytes we should check that throwing an exception from Objective C and Java is detected here.

@kamil could you please check before landing if we are able to catch Objective-C or Java exception here by using try{} .. catch{}? If not then please create a follow up task and assign it to me.

This revision is now accepted and ready to land.Aug 22 2023, 2:01 AM
native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
848 ↗(On Diff #30135)

Thanks @marcin for replying - cryptoThread is the only reason it is here, not in CommUtilsModule or another place.

Nit: The size argument should be integer.

I don't think so, number is represented as double - check generated files.

857 ↗(On Diff #30135)

You're right C++ can't catch NSException - but it should be fine the way it is.

iOS:
We use SecRandomCopyBytes which does not throw, but returns a result, if something went wrong we throw C++ exception - not Objective-C.

Android:
We use nextBytes which is not marked as throwable.

native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
848 ↗(On Diff #30135)

Thanks for explaining, @marcin!