Browse Source

Removing older group verification checks that are superceded by v3 onions

update_group_checks
Sarah Jamie Lewis 1 year ago
parent
commit
7b63fe79de
1 changed files with 5 additions and 18 deletions
  1. +5
    -18
      model/profile.go

+ 5
- 18
model/profile.go View File

@@ -38,7 +38,7 @@ type Profile struct {

// MaxGroupMessageLength is the maximum length of a message posted to a server group.
// TODO: Should this be per server?
const MaxGroupMessageLength = 1024
const MaxGroupMessageLength = 1800

func (p *PublicProfile) init() {
p.Attributes = make(map[string]string)
@@ -261,6 +261,7 @@ func (p *Profile) StartGroupWithMessage(server string, initialMessage []byte) (g
return "", nil, err
}
groupID = group.GroupID
group.Owner = p.Onion
signedGroupID := p.SignMessage(groupID + server)
group.SignGroup(signedGroupID)
invite, err = group.Invite(initialMessage)
@@ -295,7 +296,6 @@ func (p *Profile) ProcessInvite(gci *protocol.GroupChatInvite, peerHostname stri
func (p *Profile) AddGroup(group *Group) {
existingGroup, exists := p.Groups[group.GroupID]
if !exists {
// TODO More robust error handling (confirm this onion checksum is correct)
decodedPub, _ := base32.StdEncoding.DecodeString(strings.ToUpper(group.Owner[:56]))
valid := ed25519.Verify(ed25519.PublicKey(decodedPub[:32]), []byte(group.GroupID+group.GroupServer), group.SignedGroupID)
if valid {
@@ -318,21 +318,6 @@ func (p *Profile) AttemptDecryption(ciphertext []byte, signature []byte) (bool,
for _, group := range p.Groups {
success, dgm := group.DecryptMessage(ciphertext)
if success {

// Assert that we know the owner of the group
owner, ok := p.Contacts[group.Owner]
if ok {
valid := ed25519.Verify(owner.Ed25519PublicKey, []byte(group.GroupID+group.GroupServer), dgm.SignedGroupId)
// If we can decrypt the message, but the group id is wrong that means that
// this message is from someone who was not invited to the group.
// As such this group has been compromised, probably by one of the other members.
// We set the flag to be handled by the UX and reject the message.
if !valid {
group.Compromised()
return false, "", nil
}
}

verified := p.VerifyGroupMessage(dgm.GetOnion(), group.GroupID, dgm.GetText(), dgm.GetTimestamp(), ciphertext, signature)

// So we have a message that has a valid group key, but the signature can't be verified.
@@ -340,12 +325,14 @@ func (p *Profile) AttemptDecryption(ciphertext []byte, signature []byte) (bool,
// Either way, someone who has the private key is being detectably bad so we are just going to throw this message away and mark the group as Compromised.
if !verified {
group.Compromised()
return false, "", nil
return false, group.GroupID, nil
}

return true, group.GroupID, group.AddMessage(dgm, signature)
}
}

// If we couldn't find a group to decrypt the message with we just return false. This is an expected case
return false, "", nil
}



Loading…
Cancel
Save