Page MenuHomePhabricator
Differential D9181

[keyserver] Generate an AES256 key (ephemeral) to encode
ClosedPublic
Actions

Authored by rohan on Sep 13 2023, 9:04 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Oct 12, 4:13 PM
Unknown Object (File)
Thu, Oct 3, 4:11 PM
Unknown Object (File)
Wed, Oct 2, 10:45 PM
Unknown Object (File)
Tue, Oct 1, 7:27 PM
Unknown Object (File)
Tue, Oct 1, 6:40 PM
Unknown Object (File)
Thu, Sep 19, 9:33 AM
Unknown Object (File)
Sep 10 2024, 10:03 AM
Unknown Object (File)
Sep 10 2024, 10:03 AM
View All 62 Files
Subscribers
anunay
ashoat
tomek

Details

Reviewers
atul
varun
patryk
ginsu
Commits
rCOMM1470feaff259: [keyserver] Generate an AES256 key (ephemeral) to encode
Summary

The first key we want to encode into the QR code is the AES-256 ephemeral key. The next diff will be the device id.

Depends on D9180

Addresses ENG-4778

Test Plan

Confirmed that the ephemeral key is encoded in the URL. Essentially repeating the test plan from D9093

Screenshot 2023-09-13 at 12.00.11 PM.png (1×3 px, 1 MB)

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

rohan created this revision.Sep 13 2023, 9:04 AM
Herald added subscribers: tomek, ashoat. · View Herald TranscriptSep 13 2023, 9:04 AM
rohan mentioned this in D9180: [keyserver] Print out a QR code to the terminal.Sep 13 2023, 9:05 AM
rohan edited the test plan for this revision. (Show Details)Sep 13 2023, 9:08 AM
Harbormaster completed remote builds in B22593: Diff 31062.Sep 13 2023, 9:21 AM
rohan requested review of this revision.Sep 13 2023, 9:21 AM
ashoat added a comment.Sep 13 2023, 9:42 AM

Can we use any random string as an AES-256 key? Or are there some additional requirements?

rohan added a comment.Sep 13 2023, 9:53 AM
In D9181#270238, @ashoat wrote:

Can we use any random string as an AES-256 key? Or are there some additional requirements?

On the whitepaper, it says

Every user device (except the primary one) must link itself to the user account. There must already be an primary device registered with Comm that corresponds to the user. The two devices use a QR code to share a 128-bit AES secret key sk, which is used to secure communication between them during the protocol.

Unless I missed something, my understanding was that there was no specific requirements to the key, though feel free to correct me.

(As a side note, I'm noticing its a 128-bit key and not a 256-bit key, so I should probably use crypto.randomBytes(16) instead and update this)

ashoat added a subscriber: anunay.Sep 13 2023, 10:09 AM

We actually want a 256-bit key. I think @anunay is in the process of updating that

ginsu resigned from this revision.Sep 13 2023, 1:32 PM

Seems reasonable, but not super familiar with the requirements

rohan added a child revision: D9202: [keyserver/web/native] Covert AES-256 key from Uint8Array representation to hex string representation.Sep 14 2023, 8:03 AM
varun accepted this revision.Sep 20 2023, 9:48 PM

Can we use any random string as an AES-256 key? Or are there some additional requirements?

The key must be exactly 256 bits in length and it just needs to be a random sequence of bytes. No other requirements.

This revision is now accepted and ready to land.Sep 20 2023, 9:48 PM
Closed by commit rCOMM1470feaff259: [keyserver] Generate an AES256 key (ephemeral) to encode (authored by rohan). · Explain WhySep 22 2023, 7:40 AM
This revision was automatically updated to reflect the committed changes.
rohan added a commit: rCOMM1470feaff259: [keyserver] Generate an AES256 key (ephemeral) to encode.

Revision Contents
Changeset List

PathSize
keyserver/
src/
3 lines

Diff 31369

View Options

keyserver/src/keyserver.js

Loading...