Sign and Check ToFU Server Bundle #321

Merged
sarah merged 2 commits from tapir_server into master 2020-10-01 21:17:14 +00:00
Owner
No description provided.
sarah added the
tapir-server
label 2020-10-01 17:15:37 +00:00
dan was assigned by sarah 2020-10-01 17:15:37 +00:00
erinn was assigned by sarah 2020-10-01 17:15:37 +00:00
Member
Drone Build Status: success https://build.openprivacy.ca/cwtch.im/cwtch/828
dan reviewed 2020-10-01 19:25:51 +00:00
dan left a comment
Owner

maybe one logic error (see comment) but otherwise looks good to me

maybe one logic error (see comment) but otherwise looks good to me
@ -243,0 +256,4 @@
return model.InconsistentKeyBundleError
}
}
// we haven't seen this key associated with the server before
Owner

we don't record anywhere if we def didnt see the key or exit the function so we will ALWAS fall through to adding, even if it already exists in the bundle?

we don't record anywhere if we def didnt see the key or exit the function so we will ALWAS fall through to adding, even if it already exists in the bundle?
Author
Owner

We can't do anything with the bundle until we've confirmed it isn't malicious so we first iterate through all the keys and then if that check passes we just publish the update key attributes (which yeah means if the user calls addserver twice on the same bundle it it will do some unnecessary work, but it simplifies the function a lot).

We can't do anything with the bundle until we've confirmed it isn't malicious so we first iterate through all the keys and then if that check passes we just publish the update key attributes (which yeah means if the user calls addserver twice on the same bundle it it will do some unnecessary work, but it simplifies the function a lot).
Owner

gave you a comment in meatspace to doublecheck that serialization is order preserving, then lgtm +1

gave you a comment in meatspace to doublecheck that serialization is order preserving, then lgtm +1
Member
Drone Build Status: success https://build.openprivacy.ca/cwtch.im/cwtch/830
sarah merged commit f9b345fc10 into master 2020-10-01 21:17:13 +00:00
Member
Drone Build Status: success https://build.openprivacy.ca/cwtch.im/cwtch/832
Sign in to join this conversation.
No description provided.