D7586.id26395.diff
No OneTemporary
Actions

Size

8 KB

Referenced Files

None

Subscribers

None

D7586.id26395.diff
View Options

	diff --git a/keyserver/src/endpoints.js b/keyserver/src/endpoints.js
	--- a/keyserver/src/endpoints.js
	+++ b/keyserver/src/endpoints.js
	@@ -18,7 +18,10 @@
	calendarQueryUpdateResponder,
	} from './responders/entry-responders.js';
	import type { JSONResponder } from './responders/handlers.js';
	-import { getSessionPublicKeysResponder } from './responders/keys-responders.js';
	+import {
	+ getSessionPublicKeysResponder,
	+ getOlmSessionInitializationDataResponder,
	+} from './responders/keys-responders.js';
	import { inviteLinkVerificationResponder } from './responders/link-responders.js';
	import { messageReportCreationResponder } from './responders/message-report-responder.js';
	import {
	@@ -274,6 +277,10 @@
	responder: uploadMediaMetadataResponder,
	requiredPolicies: baseLegalPolicies,
	},
	+ get_olm_session_initialization_data: {
	+ responder: getOlmSessionInitializationDataResponder,
	+ requiredPolicies: [],
	+ },
	};

	export { jsonEndpoints };
	diff --git a/keyserver/src/responders/keys-responders.js b/keyserver/src/responders/keys-responders.js
	--- a/keyserver/src/responders/keys-responders.js
	+++ b/keyserver/src/responders/keys-responders.js
	@@ -1,18 +1,31 @@
	// @flow

	+import type { Account as OlmAccount } from '@commapp/olm';
	import t, { type TUnion } from 'tcomb';

	-import type { GetSessionPublicKeysArgs } from 'lib/types/request-types.js';
	+import type {
	+ OlmSessionInitializationInfo,
	+ GetOlmSessionInitializationDataResponse,
	+ GetSessionPublicKeysArgs,
	+} from 'lib/types/request-types.js';
	import {
	type SessionPublicKeys,
	sessionPublicKeysValidator,
	} from 'lib/types/session-types.js';
	+import { ServerError } from 'lib/utils/errors.js';
	import { tShape, tNull } from 'lib/utils/validation-utils.js';

	import { fetchSessionPublicKeys } from '../fetchers/key-fetchers.js';
	import type { Viewer } from '../session/viewer.js';
	+import { fetchCallUpdateOlmAccount } from '../updaters/olm-account-updater.js';
	+import { validateAccountPrekey } from '../utils/olm-utils.js';
	import { validateInput } from '../utils/validation-utils.js';

	+type AccountKeysSet = {
	+ +identityKeys: string,
	+ ...OlmSessionInitializationInfo,
	+};
	+
	const getSessionPublicKeysInputValidator = tShape({
	session: t.String,
	});
	@@ -33,4 +46,95 @@
	return await fetchSessionPublicKeys(request.session);
	}

	-export { getSessionPublicKeysResponder };
	+async function retrieveAccountKeysSet(
	+ account: OlmAccount,
	+): Promise<AccountKeysSet> {
	+ const identityKeys = account.identity_keys();
	+
	+ await validateAccountPrekey(account);
	+ const prekey = account.prekey();
	+ // Until transfer of prekeys to the identity service is implemented
	+ // prekeys will be marked as published each time it is accessed
	+ // to establish olm notifs session to mitigate the risk of prekeys
	+ // being in use for long enough to cause security concerns
	+ account.mark_prekey_as_published();
	+ const prekeySignature = account.prekey_signature();
	+
	+ if (!prekeySignature) {
	+ throw new ServerError('prekey_validation_failure');
	+ }
	+
	+ account.generate_one_time_keys(1);
	+ const oneTimeKey = account.one_time_keys();
	+ account.mark_keys_as_published();
	+
	+ return { identityKeys, oneTimeKey, prekey, prekeySignature };
	+}
	+
	+async function getOlmSessionInitializationDataResponder(
	+ viewer: Viewer,
	+): Promise<GetOlmSessionInitializationDataResponse> {
	+ await validateInput(viewer, null, null);
	+
	+ const {
	+ identityKeys: notificationsIdentityKeys,
	+ prekey: notificationsPrekey,
	+ prekeySignature: notificationsPrekeySignature,
	+ oneTimeKey: notificationsOneTimeKey,
	+ } = await fetchCallUpdateOlmAccount('notifications', retrieveAccountKeysSet);
	+
	+ const contentAccountCallback = async (account: OlmAccount) => {
	+ const {
	+ identityKeys: contentIdentityKeys,
	+ oneTimeKey,
	+ prekey,
	+ prekeySignature,
	+ } = await retrieveAccountKeysSet(account);
	+
	+ const identityKeysBlob = {
	+ primaryIdentityPublicKeys: JSON.parse(contentIdentityKeys),
	+ notificationIdentityPublicKeys: JSON.parse(notificationsIdentityKeys),
	+ };
	+ const identityKeysBlobPayload = JSON.stringify(identityKeysBlob);
	+ const signedIdentityKeysBlob = {
	+ payload: identityKeysBlobPayload,
	+ signature: account.sign(identityKeysBlobPayload),
	+ };
	+
	+ return {
	+ signedIdentityKeysBlob,
	+ oneTimeKey,
	+ prekey,
	+ prekeySignature,
	+ };
	+ };
	+
	+ const {
	+ signedIdentityKeysBlob,
	+ prekey: contentPrekey,
	+ prekeySignature: contentPrekeySignature,
	+ oneTimeKey: contentOneTimeKey,
	+ } = await fetchCallUpdateOlmAccount('content', contentAccountCallback);
	+
	+ const notifInitializationInfo = {
	+ prekey: notificationsPrekey,
	+ prekeySignature: notificationsPrekeySignature,
	+ oneTimeKey: notificationsOneTimeKey,
	+ };
	+ const contentInitializationInfo = {
	+ prekey: contentPrekey,
	+ prekeySignature: contentPrekeySignature,
	+ oneTimeKey: contentOneTimeKey,
	+ };
	+
	+ return {
	+ signedIdentityKeysBlob,
	+ contentInitializationInfo,
	+ notifInitializationInfo,
	+ };
	+}
	+
	+export {
	+ getSessionPublicKeysResponder,
	+ getOlmSessionInitializationDataResponder,
	+};
	diff --git a/lib/actions/user-actions.js b/lib/actions/user-actions.js
	--- a/lib/actions/user-actions.js
	+++ b/lib/actions/user-actions.js
	@@ -14,7 +14,10 @@
	UpdateUserAvatarRequest,
	UpdateUserAvatarResponse,
	} from '../types/avatar-types.js';
	-import type { GetSessionPublicKeysArgs } from '../types/request-types.js';
	+import type {
	+ GetSessionPublicKeysArgs,
	+ GetOlmSessionInitializationDataResponse,
	+} from '../types/request-types.js';
	import type { UserSearchResult } from '../types/search-types.js';
	import type {
	SessionPublicKeys,
	@@ -235,6 +238,20 @@
	return await callServerEndpoint('get_session_public_keys', data);
	};

	+const getOlmSessionInitializationDataActionTypes = Object.freeze({
	+ started: 'GET_OLM_SESSION_INITIALIZATION_DATA_STARTED',
	+ success: 'GET_OLM_SESSION_INITIALIZATION_DATA_SUCCESS',
	+ failed: 'GET_OLM_SESSION_INITIALIZATION_DATA_FAILED',
	+});
	+
	+const getOlmSessionInitializationData =
	+ (
	+ callServerEndpoint: CallServerEndpoint,
	+ ): (() => Promise<GetOlmSessionInitializationDataResponse>) =>
	+ async () => {
	+ return await callServerEndpoint('get_olm_session_initialization_data', {});
	+ };
	+
	const policyAcknowledgmentActionTypes = Object.freeze({
	started: 'POLICY_ACKNOWLEDGMENT_STARTED',
	success: 'POLICY_ACKNOWLEDGMENT_SUCCESS',
	@@ -273,6 +290,8 @@
	deleteAccount,
	deleteAccountActionTypes,
	getSessionPublicKeys,
	+ getOlmSessionInitializationDataActionTypes,
	+ getOlmSessionInitializationData,
	mergeUserInfos,
	logIn,
	logInActionTypes,
	diff --git a/lib/types/endpoints.js b/lib/types/endpoints.js
	--- a/lib/types/endpoints.js
	+++ b/lib/types/endpoints.js
	@@ -89,6 +89,7 @@
	SIWE_AUTH: 'siwe_auth',
	UPDATE_USER_AVATAR: 'update_user_avatar',
	UPLOAD_MEDIA_METADATA: 'upload_media_metadata',
	+ GET_OLM_SESSION_INITIALIZATION_DATA: 'get_olm_session_initialization_data',
	});
	type SocketPreferredEndpoint = $Values<typeof socketPreferredEndpoints>;

	diff --git a/lib/types/redux-types.js b/lib/types/redux-types.js
	--- a/lib/types/redux-types.js
	+++ b/lib/types/redux-types.js
	@@ -70,7 +70,10 @@
	QueueReportsPayload,
	ReportStore,
	} from './report-types.js';
	-import type { ProcessServerRequestsPayload } from './request-types.js';
	+import type {
	+ ProcessServerRequestsPayload,
	+ GetOlmSessionInitializationDataResponse,
	+} from './request-types.js';
	import type { UserSearchResult } from './search-types.js';
	import type { SetSessionPayload } from './session-types.js';
	import type {
	@@ -1008,6 +1011,22 @@
	+error: true,
	+payload: Error,
	+loadingInfo: LoadingInfo,
	+ }
	+ \| {
	+ +type: 'GET_OLM_SESSION_INITIALIZATION_DATA_STARTED',
	+ +loadingInfo?: LoadingInfo,
	+ +payload?: void,
	+ }
	+ \| {
	+ +type: 'GET_OLM_SESSION_INITIALIZATION_DATA_SUCCESS',
	+ +payload: GetOlmSessionInitializationDataResponse,
	+ +loadingInfo: LoadingInfo,
	+ }
	+ \| {
	+ +type: 'GET_OLM_SESSION_INITIALIZATION_DATA_FAILED',
	+ +error: true,
	+ +payload: Error,
	+ +loadingInfo: LoadingInfo,
	};

	export type ActionPayload = ?(Object \| Array<> \| $ReadOnlyArray<> \| string);
	diff --git a/lib/types/request-types.js b/lib/types/request-types.js
	--- a/lib/types/request-types.js
	+++ b/lib/types/request-types.js
	@@ -197,3 +197,15 @@
	export type GetSessionPublicKeysArgs = {
	+session: string,
	};
	+
	+export type OlmSessionInitializationInfo = {
	+ +prekey: string,
	+ +prekeySignature: string,
	+ +oneTimeKey: string,
	+};
	+
	+export type GetOlmSessionInitializationDataResponse = {
	+ +signedIdentityKeysBlob: SignedIdentityKeysBlob,
	+ +contentInitializationInfo: OlmSessionInitializationInfo,
	+ +notifInitializationInfo: OlmSessionInitializationInfo,
	+};

File Metadata

Mime Type: text/plain
Expires: Sun, Dec 22, 7:17 AM (6 h, 27 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 2690545
Default Alt Text: D7586.id26395.diff (8 KB)

D7586.id26395.diffNo OneTemporaryActions

D7586.id26395.diffView Options

File Metadata

Event Timeline

D7586.id26395.diff
No OneTemporary
Actions

D7586.id26395.diff
View Options