Page MenuHomePhabricator
Differential D8929

[keyserver] modify createPickledOlmSession
ClosedPublic
Actions

Authored by varun on Aug 23 2023, 8:17 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Jul 5, 2:14 PM
Unknown Object (File)
Wed, Jul 3, 8:56 PM
Unknown Object (File)
Tue, Jul 2, 10:05 AM
Unknown Object (File)
Tue, Jul 2, 9:59 AM
Unknown Object (File)
Mon, Jul 1, 8:05 PM
Unknown Object (File)
Sat, Jun 22, 11:30 PM
Unknown Object (File)
Wed, Jun 19, 7:14 PM
Unknown Object (File)
Wed, Jun 19, 7:14 PM
View All 57 Files
Subscribers
ashoat
tomek

Details

Reviewers
marcin
ashoat
Commits
rCOMM14fd52f4f194: [keyserver] modify createPickledOlmSession
Summary

if the other party's curve25519 olm identity key and one-time key are available, call create_inbound_from instead of create_inbound

Test Plan

tested in subsequent diff

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

varun created this revision.Aug 23 2023, 8:17 AM
Herald added subscribers: tomek, ashoat. · View Herald TranscriptAug 23 2023, 8:17 AM
Harbormaster completed remote builds in B22044: Diff 30260.Aug 23 2023, 8:36 AM
varun requested review of this revision.Aug 23 2023, 8:36 AM
ashoat added a comment.Aug 23 2023, 2:04 PM

Skipping request changes to avoid blocking this diff while I'm out

keyserver/src/utils/olm-utils.js
59 ↗(On Diff #30260)

The third param here should be the initialEncryptedMessage, not the oneTimeKey. You probably got confused by seeing oneTimeKeyMessage in the API... this is poorly-named by the Olm authors. It's the first message received from the "outbound" user, both for create_inbound and create_inbound_from

The "inbound" side never needs a oneTimKey – this is only necessary for the "outbound" side

marcin requested changes to this revision.Aug 24 2023, 2:47 AM
marcin added inline comments.
keyserver/src/utils/olm-utils.js
59 ↗(On Diff #30260)

Thanks for catching this @ashoat!. This is a serious issue. we should call it with initialEncryptedMessage and remove oneTimeKeys from argument list.

Additionally I think the reason we use create_inbound_from instead of create_inbound is that the former is more secure. Therefore it should be our preferred way so theirCurve25519Key should not be an optional parameter. However it might take some serious refactor of notification encryption work so you can just leave it optional and create high priority task for me to make it required parameter.

This revision now requires changes to proceed.Aug 24 2023, 2:47 AM
varun updated this revision to Diff 31148.Sep 14 2023, 11:32 AM

remove oneTimeKey and correct create_inbound_from args

varun added a comment.Sep 14 2023, 11:33 AM

https://linear.app/comm/issue/ENG-4944/remove-create-inbound-call-from-createpickledolmsession

Harbormaster completed remote builds in B22638: Diff 31148.Sep 14 2023, 11:51 AM
ashoat accepted this revision.Sep 14 2023, 12:19 PM
marcin accepted this revision.Sep 18 2023, 2:47 AM
This revision is now accepted and ready to land.Sep 18 2023, 2:47 AM
Closed by commit rCOMM14fd52f4f194: [keyserver] modify createPickledOlmSession (authored by varun). · Explain WhySep 25 2023, 1:44 PM
This revision was automatically updated to reflect the committed changes.
varun added a commit: rCOMM14fd52f4f194: [keyserver] modify createPickledOlmSession.

Revision Contents
Changeset List

PathSize
keyserver/
src/
utils/
13 lines

Diff 31418

View Options

keyserver/src/utils/olm-utils.js

Loading...