Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F3380985
D11591.id39045.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
13 KB
Referenced Files
None
Subscribers
None
D11591.id39045.diff
View Options
diff --git a/native/cpp/CommonCpp/CryptoTools/CryptoModule.h b/native/cpp/CommonCpp/CryptoTools/CryptoModule.h
--- a/native/cpp/CommonCpp/CryptoTools/CryptoModule.h
+++ b/native/cpp/CommonCpp/CryptoTools/CryptoModule.h
@@ -58,8 +58,9 @@
const std::string &targetDeviceId,
const OlmBuffer &encryptedMessage,
const OlmBuffer &idKeys,
+ int sessionVersion,
const bool overwrite = true);
- void initializeOutboundForSendingSession(
+ int initializeOutboundForSendingSession(
const std::string &targetDeviceId,
const OlmBuffer &idKeys,
const OlmBuffer &preKeys,
diff --git a/native/cpp/CommonCpp/CryptoTools/CryptoModule.cpp b/native/cpp/CommonCpp/CryptoTools/CryptoModule.cpp
--- a/native/cpp/CommonCpp/CryptoTools/CryptoModule.cpp
+++ b/native/cpp/CommonCpp/CryptoTools/CryptoModule.cpp
@@ -261,8 +261,17 @@
const std::string &targetDeviceId,
const OlmBuffer &encryptedMessage,
const OlmBuffer &idKeys,
+ int sessionVersion,
const bool overwrite) {
if (this->hasSessionFor(targetDeviceId)) {
+ std::shared_ptr<Session> existingSession =
+ getSessionByDeviceId(targetDeviceId);
+ if (existingSession->getVersion() > sessionVersion) {
+ throw std::runtime_error{"OLM_SESSION_ALREADY_CREATED"};
+ } else if (existingSession->getVersion() == sessionVersion) {
+ throw std::runtime_error{"OLM_SESSION_CREATION_RACE_CONDITION"};
+ }
+
if (overwrite) {
this->sessions.erase(this->sessions.find(targetDeviceId));
} else {
@@ -276,16 +285,21 @@
this->keys.identityKeys.data(),
encryptedMessage,
idKeys);
+ newSession->setVersion(sessionVersion);
this->sessions.insert(make_pair(targetDeviceId, std::move(newSession)));
}
-void CryptoModule::initializeOutboundForSendingSession(
+int CryptoModule::initializeOutboundForSendingSession(
const std::string &targetDeviceId,
const OlmBuffer &idKeys,
const OlmBuffer &preKeys,
const OlmBuffer &preKeySignature,
const OlmBuffer &oneTimeKey) {
+ int newSessionVersion = 1;
if (this->hasSessionFor(targetDeviceId)) {
+ std::shared_ptr<Session> existingSession =
+ getSessionByDeviceId(targetDeviceId);
+ newSessionVersion = existingSession->getVersion() + 1;
Logger::log(
"olm session overwritten for the device with id: " + targetDeviceId);
this->sessions.erase(this->sessions.find(targetDeviceId));
@@ -297,7 +311,9 @@
preKeys,
preKeySignature,
oneTimeKey);
+ newSession->setVersion(newSessionVersion);
this->sessions.insert(make_pair(targetDeviceId, std::move(newSession)));
+ return newSessionVersion;
}
bool CryptoModule::hasSessionFor(const std::string &targetDeviceId) {
diff --git a/native/cpp/CommonCpp/NativeModules/CommCoreModule.h b/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
--- a/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
+++ b/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
@@ -132,7 +132,8 @@
jsi::Runtime &rt,
jsi::String identityKeys,
jsi::Object encryptedDataJSI,
- jsi::String deviceID) override;
+ jsi::String deviceID,
+ double sessionVersion) override;
virtual jsi::Value
encrypt(jsi::Runtime &rt, jsi::String message, jsi::String deviceID) override;
virtual jsi::Value decrypt(
diff --git a/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp b/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
--- a/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
+++ b/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
@@ -1163,16 +1163,18 @@
taskType job = [=, &innerRt]() {
std::string error;
crypto::EncryptedData initialEncryptedData;
+ int sessionVersion;
try {
- this->contentCryptoModule->initializeOutboundForSendingSession(
- deviceIDCpp,
- std::vector<uint8_t>(
- identityKeysCpp.begin(), identityKeysCpp.end()),
- std::vector<uint8_t>(prekeyCpp.begin(), prekeyCpp.end()),
- std::vector<uint8_t>(
- prekeySignatureCpp.begin(), prekeySignatureCpp.end()),
- std::vector<uint8_t>(
- oneTimeKeyCpp.begin(), oneTimeKeyCpp.end()));
+ sessionVersion =
+ this->contentCryptoModule->initializeOutboundForSendingSession(
+ deviceIDCpp,
+ std::vector<uint8_t>(
+ identityKeysCpp.begin(), identityKeysCpp.end()),
+ std::vector<uint8_t>(prekeyCpp.begin(), prekeyCpp.end()),
+ std::vector<uint8_t>(
+ prekeySignatureCpp.begin(), prekeySignatureCpp.end()),
+ std::vector<uint8_t>(
+ oneTimeKeyCpp.begin(), oneTimeKeyCpp.end()));
const std::string initMessage = "{\"type\": \"init\"}";
initialEncryptedData =
@@ -1198,7 +1200,13 @@
"messageType",
static_cast<int>(initialEncryptedData.messageType));
- promise->resolve(std::move(initialEncryptedDataJSI));
+ auto outboundSessionCreationResultJSI = jsi::Object(innerRt);
+ outboundSessionCreationResultJSI.setProperty(
+ innerRt, "encryptedData", initialEncryptedDataJSI);
+ outboundSessionCreationResultJSI.setProperty(
+ innerRt, "sessionVersion", sessionVersion);
+
+ promise->resolve(std::move(outboundSessionCreationResultJSI));
});
};
this->cryptoThread->scheduleTask(job);
@@ -1209,7 +1217,8 @@
jsi::Runtime &rt,
jsi::String identityKeys,
jsi::Object encryptedDataJSI,
- jsi::String deviceID) {
+ jsi::String deviceID,
+ double sessionVersion) {
auto identityKeysCpp{identityKeys.utf8(rt)};
size_t messageType =
std::lround(encryptedDataJSI.getProperty(rt, "messageType").asNumber());
@@ -1227,7 +1236,8 @@
std::vector<uint8_t>(
encryptedMessageCpp.begin(), encryptedMessageCpp.end()),
std::vector<uint8_t>(
- identityKeysCpp.begin(), identityKeysCpp.end()));
+ identityKeysCpp.begin(), identityKeysCpp.end()),
+ static_cast<int>(sessionVersion));
crypto::EncryptedData encryptedData{
std::vector<uint8_t>(
encryptedMessageCpp.begin(), encryptedMessageCpp.end()),
diff --git a/native/cpp/CommonCpp/_generated/commJSI-generated.cpp b/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
--- a/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
+++ b/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
@@ -109,7 +109,7 @@
return static_cast<CommCoreModuleSchemaCxxSpecJSI *>(&turboModule)->initializeContentOutboundSession(rt, args[0].asString(rt), args[1].asString(rt), args[2].asString(rt), args[3].asString(rt), args[4].asString(rt));
}
static jsi::Value __hostFunction_CommCoreModuleSchemaCxxSpecJSI_initializeContentInboundSession(jsi::Runtime &rt, TurboModule &turboModule, const jsi::Value* args, size_t count) {
- return static_cast<CommCoreModuleSchemaCxxSpecJSI *>(&turboModule)->initializeContentInboundSession(rt, args[0].asString(rt), args[1].asObject(rt), args[2].asString(rt));
+ return static_cast<CommCoreModuleSchemaCxxSpecJSI *>(&turboModule)->initializeContentInboundSession(rt, args[0].asString(rt), args[1].asObject(rt), args[2].asString(rt), args[3].asNumber());
}
static jsi::Value __hostFunction_CommCoreModuleSchemaCxxSpecJSI_encrypt(jsi::Runtime &rt, TurboModule &turboModule, const jsi::Value* args, size_t count) {
return static_cast<CommCoreModuleSchemaCxxSpecJSI *>(&turboModule)->encrypt(rt, args[0].asString(rt), args[1].asString(rt));
@@ -221,7 +221,7 @@
methodMap_["removeKeyserverDataFromNotifStorage"] = MethodMetadata {1, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_removeKeyserverDataFromNotifStorage};
methodMap_["getKeyserverDataFromNotifStorage"] = MethodMetadata {1, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_getKeyserverDataFromNotifStorage};
methodMap_["initializeContentOutboundSession"] = MethodMetadata {5, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_initializeContentOutboundSession};
- methodMap_["initializeContentInboundSession"] = MethodMetadata {3, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_initializeContentInboundSession};
+ methodMap_["initializeContentInboundSession"] = MethodMetadata {4, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_initializeContentInboundSession};
methodMap_["encrypt"] = MethodMetadata {2, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_encrypt};
methodMap_["decrypt"] = MethodMetadata {2, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_decrypt};
methodMap_["signMessage"] = MethodMetadata {1, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_signMessage};
diff --git a/native/cpp/CommonCpp/_generated/commJSI.h b/native/cpp/CommonCpp/_generated/commJSI.h
--- a/native/cpp/CommonCpp/_generated/commJSI.h
+++ b/native/cpp/CommonCpp/_generated/commJSI.h
@@ -51,7 +51,7 @@
virtual jsi::Value removeKeyserverDataFromNotifStorage(jsi::Runtime &rt, jsi::Array keyserverIDsToDelete) = 0;
virtual jsi::Value getKeyserverDataFromNotifStorage(jsi::Runtime &rt, jsi::Array keyserverIDs) = 0;
virtual jsi::Value initializeContentOutboundSession(jsi::Runtime &rt, jsi::String identityKeys, jsi::String prekey, jsi::String prekeySignature, jsi::String oneTimeKey, jsi::String deviceID) = 0;
- virtual jsi::Value initializeContentInboundSession(jsi::Runtime &rt, jsi::String identityKeys, jsi::Object encryptedContent, jsi::String deviceID) = 0;
+ virtual jsi::Value initializeContentInboundSession(jsi::Runtime &rt, jsi::String identityKeys, jsi::Object encryptedContent, jsi::String deviceID, double sessionVersion) = 0;
virtual jsi::Value encrypt(jsi::Runtime &rt, jsi::String message, jsi::String deviceID) = 0;
virtual jsi::Value decrypt(jsi::Runtime &rt, jsi::Object encryptedData, jsi::String deviceID) = 0;
virtual jsi::Value signMessage(jsi::Runtime &rt, jsi::String message) = 0;
@@ -345,13 +345,13 @@
return bridging::callFromJs<jsi::Value>(
rt, &T::initializeContentOutboundSession, jsInvoker_, instance_, std::move(identityKeys), std::move(prekey), std::move(prekeySignature), std::move(oneTimeKey), std::move(deviceID));
}
- jsi::Value initializeContentInboundSession(jsi::Runtime &rt, jsi::String identityKeys, jsi::Object encryptedContent, jsi::String deviceID) override {
+ jsi::Value initializeContentInboundSession(jsi::Runtime &rt, jsi::String identityKeys, jsi::Object encryptedContent, jsi::String deviceID, double sessionVersion) override {
static_assert(
- bridging::getParameterCount(&T::initializeContentInboundSession) == 4,
- "Expected initializeContentInboundSession(...) to have 4 parameters");
+ bridging::getParameterCount(&T::initializeContentInboundSession) == 5,
+ "Expected initializeContentInboundSession(...) to have 5 parameters");
return bridging::callFromJs<jsi::Value>(
- rt, &T::initializeContentInboundSession, jsInvoker_, instance_, std::move(identityKeys), std::move(encryptedContent), std::move(deviceID));
+ rt, &T::initializeContentInboundSession, jsInvoker_, instance_, std::move(identityKeys), std::move(encryptedContent), std::move(deviceID), std::move(sessionVersion));
}
jsi::Value encrypt(jsi::Runtime &rt, jsi::String message, jsi::String deviceID) override {
static_assert(
diff --git a/native/crypto/olm-api.js b/native/crypto/olm-api.js
--- a/native/crypto/olm-api.js
+++ b/native/crypto/olm-api.js
@@ -7,6 +7,7 @@
type OlmAPI,
type OLMIdentityKeys,
type EncryptedData,
+ type OutboundSessionCreationResult,
} from 'lib/types/crypto-types.js';
import type { OlmSessionInitializationInfo } from 'lib/types/request-types.js';
@@ -19,10 +20,10 @@
getUserPublicKey: commCoreModule.getUserPublicKey,
encrypt: commCoreModule.encrypt,
decrypt: commCoreModule.decrypt,
- // $FlowFixMe
async contentInboundSessionCreator(
contentIdentityKeys: OLMIdentityKeys,
initialEncryptedData: EncryptedData,
+ sessionVersion: number,
): Promise<string> {
const identityKeys = JSON.stringify({
curve25519: contentIdentityKeys.curve25519,
@@ -32,13 +33,13 @@
identityKeys,
initialEncryptedData,
contentIdentityKeys.ed25519,
+ sessionVersion,
);
},
async contentOutboundSessionCreator(
contentIdentityKeys: OLMIdentityKeys,
contentInitializationInfo: OlmSessionInitializationInfo,
- // $FlowFixMe
- ): Promise<EncryptedData> {
+ ): Promise<OutboundSessionCreationResult> {
const { prekey, prekeySignature, oneTimeKey } = contentInitializationInfo;
const identityKeys = JSON.stringify({
curve25519: contentIdentityKeys.curve25519,
diff --git a/native/schema/CommCoreModuleSchema.js b/native/schema/CommCoreModuleSchema.js
--- a/native/schema/CommCoreModuleSchema.js
+++ b/native/schema/CommCoreModuleSchema.js
@@ -19,6 +19,7 @@
SignedPrekeys,
ClientPublicKeys,
EncryptedData,
+ OutboundSessionCreationResult,
} from 'lib/types/crypto-types.js';
import type { ClientDBDraftStoreOperation } from 'lib/types/draft-types.js';
import type { ClientDBMessageInfo } from 'lib/types/message-types.js';
@@ -110,11 +111,12 @@
prekeySignature: string,
oneTimeKey: string,
deviceID: string,
- ) => Promise<EncryptedData>;
+ ) => Promise<OutboundSessionCreationResult>;
+initializeContentInboundSession: (
identityKeys: string,
encryptedContent: Object,
deviceID: string,
+ sessionVersion: number,
) => Promise<string>;
+encrypt: (message: string, deviceID: string) => Promise<EncryptedData>;
+decrypt: (encryptedData: Object, deviceID: string) => Promise<string>;
@@ -160,6 +162,7 @@
identityKeys: string,
encryptedContent: EncryptedData,
deviceID: string,
+ sessionVersion: number,
) => Promise<string>;
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Fri, Nov 29, 3:29 AM (21 h, 34 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2595407
Default Alt Text
D11591.id39045.diff (13 KB)
Attached To
Mode
D11591: [native] update session creation code to handle versioning
Attached
Detach File
Event Timeline
Log In to Comment