From 7b63fe79de6f1b57a6e3ba49f395472b59851682 Mon Sep 17 00:00:00 2001 From: Sarah Jamie Lewis Date: Sat, 19 Jan 2019 13:09:38 -0800 Subject: [PATCH] Removing older group verification checks that are superceded by v3 onions --- model/profile.go | 23 +++++------------------ 1 file changed, 5 insertions(+), 18 deletions(-) diff --git a/model/profile.go b/model/profile.go index f69a83f..ee54f07 100644 --- a/model/profile.go +++ b/model/profile.go @@ -38,7 +38,7 @@ type Profile struct { // MaxGroupMessageLength is the maximum length of a message posted to a server group. // TODO: Should this be per server? -const MaxGroupMessageLength = 1024 +const MaxGroupMessageLength = 1800 func (p *PublicProfile) init() { p.Attributes = make(map[string]string) @@ -261,6 +261,7 @@ func (p *Profile) StartGroupWithMessage(server string, initialMessage []byte) (g return "", nil, err } groupID = group.GroupID + group.Owner = p.Onion signedGroupID := p.SignMessage(groupID + server) group.SignGroup(signedGroupID) invite, err = group.Invite(initialMessage) @@ -295,7 +296,6 @@ func (p *Profile) ProcessInvite(gci *protocol.GroupChatInvite, peerHostname stri func (p *Profile) AddGroup(group *Group) { existingGroup, exists := p.Groups[group.GroupID] if !exists { - // TODO More robust error handling (confirm this onion checksum is correct) decodedPub, _ := base32.StdEncoding.DecodeString(strings.ToUpper(group.Owner[:56])) valid := ed25519.Verify(ed25519.PublicKey(decodedPub[:32]), []byte(group.GroupID+group.GroupServer), group.SignedGroupID) if valid { @@ -318,21 +318,6 @@ func (p *Profile) AttemptDecryption(ciphertext []byte, signature []byte) (bool, for _, group := range p.Groups { success, dgm := group.DecryptMessage(ciphertext) if success { - - // Assert that we know the owner of the group - owner, ok := p.Contacts[group.Owner] - if ok { - valid := ed25519.Verify(owner.Ed25519PublicKey, []byte(group.GroupID+group.GroupServer), dgm.SignedGroupId) - // If we can decrypt the message, but the group id is wrong that means that - // this message is from someone who was not invited to the group. - // As such this group has been compromised, probably by one of the other members. - // We set the flag to be handled by the UX and reject the message. - if !valid { - group.Compromised() - return false, "", nil - } - } - verified := p.VerifyGroupMessage(dgm.GetOnion(), group.GroupID, dgm.GetText(), dgm.GetTimestamp(), ciphertext, signature) // So we have a message that has a valid group key, but the signature can't be verified. @@ -340,12 +325,14 @@ func (p *Profile) AttemptDecryption(ciphertext []byte, signature []byte) (bool, // Either way, someone who has the private key is being detectably bad so we are just going to throw this message away and mark the group as Compromised. if !verified { group.Compromised() - return false, "", nil + return false, group.GroupID, nil } return true, group.GroupID, group.AddMessage(dgm, signature) } } + + // If we couldn't find a group to decrypt the message with we just return false. This is an expected case return false, "", nil }