Page MenuHomePhabricator

D11658.id39181.diff
No OneTemporary

D11658.id39181.diff

diff --git a/services/commtest/src/identity/device.rs b/services/commtest/src/identity/device.rs
--- a/services/commtest/src/identity/device.rs
+++ b/services/commtest/src/identity/device.rs
@@ -2,6 +2,7 @@
use grpc_clients::identity::{get_auth_client, get_unauthenticated_client};
use rand::{distributions::Alphanumeric, Rng};
+use crate::identity::olm_account_infos::generate_random_olm_key;
use crate::identity::olm_account_infos::{
ClientPublicKeys, DEFAULT_CLIENT_KEYS,
};
@@ -69,11 +70,11 @@
payload_signature: "foo".to_string(),
}),
content_upload: Some(Prekey {
- prekey: "content_prekey".to_string(),
+ prekey: generate_random_olm_key(),
prekey_signature: "content_prekey_sig".to_string(),
}),
notif_upload: Some(Prekey {
- prekey: "notif_prekey".to_string(),
+ prekey: generate_random_olm_key(),
prekey_signature: "notif_prekey_sig".to_string(),
}),
one_time_content_prekeys: Vec::new(),
@@ -151,11 +152,11 @@
payload_signature: "foo".to_string(),
}),
content_upload: Some(Prekey {
- prekey: "content_prekey".to_string(),
+ prekey: generate_random_olm_key(),
prekey_signature: "content_prekey_sig".to_string(),
}),
notif_upload: Some(Prekey {
- prekey: "notif_prekey".to_string(),
+ prekey: generate_random_olm_key(),
prekey_signature: "notif_prekey_sig".to_string(),
}),
one_time_content_prekeys: Vec::new(),
diff --git a/services/commtest/src/identity/olm_account_infos.rs b/services/commtest/src/identity/olm_account_infos.rs
--- a/services/commtest/src/identity/olm_account_infos.rs
+++ b/services/commtest/src/identity/olm_account_infos.rs
@@ -48,7 +48,7 @@
};
}
-pub fn get_random_otk() -> String {
+pub fn generate_random_olm_key() -> String {
rand::thread_rng()
.sample_iter(&Alphanumeric)
.take(43)
diff --git a/services/commtest/tests/identity_keyserver_tests.rs b/services/commtest/tests/identity_keyserver_tests.rs
--- a/services/commtest/tests/identity_keyserver_tests.rs
+++ b/services/commtest/tests/identity_keyserver_tests.rs
@@ -1,7 +1,7 @@
use commtest::identity::device::{
register_user_device, DEVICE_TYPE, PLACEHOLDER_CODE_VERSION,
};
-use commtest::identity::olm_account_infos::get_random_otk;
+use commtest::identity::olm_account_infos::generate_random_olm_key;
use commtest::service_addr;
use grpc_clients::identity::{
get_auth_client,
@@ -26,8 +26,8 @@
.await
.expect("Couldn't connect to identity service");
- let content_one_time_prekey = get_random_otk();
- let notif_one_time_prekey = get_random_otk();
+ let content_one_time_prekey = generate_random_olm_key();
+ let notif_one_time_prekey = generate_random_olm_key();
let upload_request = UploadOneTimeKeysRequest {
content_one_time_prekeys: vec![content_one_time_prekey.clone()],
diff --git a/services/commtest/tests/identity_one_time_key_tests.rs b/services/commtest/tests/identity_one_time_key_tests.rs
--- a/services/commtest/tests/identity_one_time_key_tests.rs
+++ b/services/commtest/tests/identity_one_time_key_tests.rs
@@ -1,7 +1,7 @@
use commtest::identity::device::{
register_user_device, DEVICE_TYPE, PLACEHOLDER_CODE_VERSION,
};
-use commtest::identity::olm_account_infos::get_random_otk;
+use commtest::identity::olm_account_infos::generate_random_olm_key;
use commtest::service_addr;
use grpc_clients::identity::{
get_auth_client, protos::authenticated::UploadOneTimeKeysRequest,
@@ -23,8 +23,14 @@
.expect("Couldn't connect to identity service");
let upload_request = UploadOneTimeKeysRequest {
- content_one_time_prekeys: vec![get_random_otk(), get_random_otk()],
- notif_one_time_prekeys: vec![get_random_otk(), get_random_otk()],
+ content_one_time_prekeys: vec![
+ generate_random_olm_key(),
+ generate_random_olm_key(),
+ ],
+ notif_one_time_prekeys: vec![
+ generate_random_olm_key(),
+ generate_random_olm_key(),
+ ],
};
identity_client
diff --git a/services/commtest/tests/identity_tunnelbroker_tests.rs b/services/commtest/tests/identity_tunnelbroker_tests.rs
--- a/services/commtest/tests/identity_tunnelbroker_tests.rs
+++ b/services/commtest/tests/identity_tunnelbroker_tests.rs
@@ -1,7 +1,7 @@
use commtest::identity::device::{
register_user_device, DEVICE_TYPE, PLACEHOLDER_CODE_VERSION,
};
-use commtest::identity::olm_account_infos::get_random_otk;
+use commtest::identity::olm_account_infos::generate_random_olm_key;
use commtest::service_addr;
use commtest::tunnelbroker::socket::{create_socket, receive_message};
use futures_util::StreamExt;
@@ -48,8 +48,8 @@
.await
.expect("Couldn't connect to identity service");
- let content_one_time_prekeys = vec![get_random_otk()];
- let notif_one_time_prekeys = vec![get_random_otk()];
+ let content_one_time_prekeys = vec![generate_random_olm_key()];
+ let notif_one_time_prekeys = vec![generate_random_olm_key()];
let upload_request = UploadOneTimeKeysRequest {
content_one_time_prekeys,
notif_one_time_prekeys,
diff --git a/services/identity/src/database/device_list.rs b/services/identity/src/database/device_list.rs
--- a/services/identity/src/database/device_list.rs
+++ b/services/identity/src/database/device_list.rs
@@ -26,6 +26,7 @@
error::{DeviceListError, Error},
grpc_services::protos::{self, unauth::DeviceType},
grpc_utils::DeviceKeysInfo,
+ olm::is_valid_olm_key,
};
use super::DatabaseClient;
@@ -80,8 +81,14 @@
upload: FlattenedDeviceKeyUpload,
code_version: u64,
login_time: DateTime<Utc>,
- ) -> Self {
- Self {
+ ) -> Result<Self, Error> {
+ if !is_valid_olm_key(&upload.content_prekey)
+ || !is_valid_olm_key(&upload.notif_prekey)
+ {
+ error!("Invalid prekey format");
+ return Err(Error::InvalidFormat);
+ }
+ let device_row = Self {
user_id: user_id.into(),
device_id: upload.device_id_key,
device_type: DeviceType::from_str_name(upload.device_type.as_str_name())
@@ -100,7 +107,8 @@
},
code_version,
login_time,
- }
+ };
+ Ok(device_row)
}
}
@@ -503,6 +511,12 @@
content_prekey: Prekey,
notif_prekey: Prekey,
) -> Result<(), Error> {
+ if !is_valid_olm_key(&content_prekey.prekey)
+ || !is_valid_olm_key(&notif_prekey.prekey)
+ {
+ error!("Invalid prekey format");
+ return Err(Error::InvalidFormat);
+ }
self
.client
.update_item()
@@ -691,7 +705,7 @@
device_key_upload,
code_version,
login_time,
- );
+ )?;
let device_id = new_device.device_id.clone();
self
@@ -735,7 +749,7 @@
device_key_upload,
code_version,
login_time,
- );
+ )?;
if device_ids.iter().any(|id| &new_device.device_id == id) {
warn!(

File Metadata

Mime Type
text/plain
Expires
Mon, Nov 25, 3:39 PM (20 h, 59 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2579904
Default Alt Text
D11658.id39181.diff (6 KB)

Event Timeline