Removing older group verification checks that are superceded by v3 onions
This commit is contained in:
부모
9bf6679572
커밋
7b63fe79de
|
@ -38,7 +38,7 @@ type Profile struct {
|
|||
|
||||
// MaxGroupMessageLength is the maximum length of a message posted to a server group.
|
||||
// TODO: Should this be per server?
|
||||
const MaxGroupMessageLength = 1024
|
||||
const MaxGroupMessageLength = 1800
|
||||
|
||||
func (p *PublicProfile) init() {
|
||||
p.Attributes = make(map[string]string)
|
||||
|
@ -261,6 +261,7 @@ func (p *Profile) StartGroupWithMessage(server string, initialMessage []byte) (g
|
|||
return "", nil, err
|
||||
}
|
||||
groupID = group.GroupID
|
||||
group.Owner = p.Onion
|
||||
signedGroupID := p.SignMessage(groupID + server)
|
||||
group.SignGroup(signedGroupID)
|
||||
invite, err = group.Invite(initialMessage)
|
||||
|
@ -295,7 +296,6 @@ func (p *Profile) ProcessInvite(gci *protocol.GroupChatInvite, peerHostname stri
|
|||
func (p *Profile) AddGroup(group *Group) {
|
||||
existingGroup, exists := p.Groups[group.GroupID]
|
||||
if !exists {
|
||||
// TODO More robust error handling (confirm this onion checksum is correct)
|
||||
decodedPub, _ := base32.StdEncoding.DecodeString(strings.ToUpper(group.Owner[:56]))
|
||||
valid := ed25519.Verify(ed25519.PublicKey(decodedPub[:32]), []byte(group.GroupID+group.GroupServer), group.SignedGroupID)
|
||||
if valid {
|
||||
|
@ -318,21 +318,6 @@ func (p *Profile) AttemptDecryption(ciphertext []byte, signature []byte) (bool,
|
|||
for _, group := range p.Groups {
|
||||
success, dgm := group.DecryptMessage(ciphertext)
|
||||
if success {
|
||||
|
||||
// Assert that we know the owner of the group
|
||||
owner, ok := p.Contacts[group.Owner]
|
||||
if ok {
|
||||
valid := ed25519.Verify(owner.Ed25519PublicKey, []byte(group.GroupID+group.GroupServer), dgm.SignedGroupId)
|
||||
// If we can decrypt the message, but the group id is wrong that means that
|
||||
// this message is from someone who was not invited to the group.
|
||||
// As such this group has been compromised, probably by one of the other members.
|
||||
// We set the flag to be handled by the UX and reject the message.
|
||||
if !valid {
|
||||
group.Compromised()
|
||||
return false, "", nil
|
||||
}
|
||||
}
|
||||
|
||||
verified := p.VerifyGroupMessage(dgm.GetOnion(), group.GroupID, dgm.GetText(), dgm.GetTimestamp(), ciphertext, signature)
|
||||
|
||||
// So we have a message that has a valid group key, but the signature can't be verified.
|
||||
|
@ -340,12 +325,14 @@ func (p *Profile) AttemptDecryption(ciphertext []byte, signature []byte) (bool,
|
|||
// Either way, someone who has the private key is being detectably bad so we are just going to throw this message away and mark the group as Compromised.
|
||||
if !verified {
|
||||
group.Compromised()
|
||||
return false, "", nil
|
||||
return false, group.GroupID, nil
|
||||
}
|
||||
|
||||
return true, group.GroupID, group.AddMessage(dgm, signature)
|
||||
}
|
||||
}
|
||||
|
||||
// If we couldn't find a group to decrypt the message with we just return false. This is an expected case
|
||||
return false, "", nil
|
||||
}
|
||||
|
||||
|
|
불러오는 중...
Reference in New Issue