cwtch.im
/
cwtch
16
20
Fork 16
Code Issues 10 Pull Requests 2 Releases 163 Wiki Activity

Replace old GroupID with new Dervied GroupID #357

Merged
erinn merged 6 commits from groupwiring into master 2021-05-18 19:37:18 +00:00
Conversation 5 Commits 6 Files Changed 9 +209 -53
sarah commented 2021-05-14 18:31:23 +00:00
Owner
Copy Link

As we move towards a group model that allows for different management
constitutions we need to deprecate our old group security model that relied
on "owners" and transitive signing/verification checks.

This new model derives GroupID from the GroupKey and the GroupServer
binding it both. This allows participants to know if a message was
intended for the same group they are apart of (as GroupID is included
in every encrypted/signed message to Groups) while allowing more dynamic
management protocols to be built on top of the (now agnostic) group protocols.

This PR also adds more validation logic to invites and provides the ValidateInvite
function to allow the UI to validate invites separately from processing them.

As we move towards a group model that allows for different management constitutions we need to deprecate our old group security model that relied on "owners" and transitive signing/verification checks. This new model derives GroupID from the GroupKey and the GroupServer binding it both. This allows participants to know if a message was intended for the same group they are apart of (as GroupID is included in every encrypted/signed message to Groups) while allowing more dynamic management protocols to be built on top of the (now agnostic) group protocols. This PR also adds more validation logic to invites and provides the ValidateInvite function to allow the UI to validate invites separately from processing them.
erinn was assigned by sarah 2021-05-14 18:31:23 +00:00
buildbot commented 2021-05-14 18:38:18 +00:00
Member
Copy Link

Drone Build Status: success

https://build.openprivacy.ca/cwtch.im/cwtch/129

Drone Build Status: success https://build.openprivacy.ca/cwtch.im/cwtch/129
buildbot commented 2021-05-18 19:18:28 +00:00
Member
Copy Link

Drone Build Status: success

https://build.openprivacy.ca/cwtch.im/cwtch/131

Drone Build Status: success https://build.openprivacy.ca/cwtch.im/cwtch/131
buildbot commented 2021-05-18 19:19:43 +00:00
Member
Copy Link

Drone Build Status: failure

https://build.openprivacy.ca/cwtch.im/cwtch/133

Drone Build Status: failure https://build.openprivacy.ca/cwtch.im/cwtch/133
erinn approved these changes 2021-05-18 19:21:17 +00:00
model/group.go Outdated
@ -224,0 +236,4 @@
func ValidateInvite(invite string) (*groups.GroupInvite, error) {
// We prefix invites for groups with torv3
if strings.HasPrefix(invite, GroupInvitePrefix) {
data, err := base64.StdEncoding.DecodeString(invite[5:])
erinn commented 2021-05-18 19:11:25 +00:00
Owner
Copy Link

invite[len(GroupInvitePrefix):]

invite[len(GroupInvitePrefix):]
model/group.go Outdated
@ -224,0 +243,4 @@
func ValidateInvite(invite string) (*groups.GroupInvite, error) {
// We prefix invites for groups with torv3
if strings.HasPrefix(invite, GroupInvitePrefix) {
data, err := base64.StdEncoding.DecodeString(invite[5:])
erinn commented 2021-05-18 19:14:10 +00:00
Owner
Copy Link

invite[len(GroupInvitePrefix):]

invite[len(GroupInvitePrefix):]
buildbot commented 2021-05-18 19:35:30 +00:00
Member
Copy Link

Drone Build Status: success

https://build.openprivacy.ca/cwtch.im/cwtch/135

Drone Build Status: success https://build.openprivacy.ca/cwtch.im/cwtch/135
erinn merged commit 0957aefdff into master 2021-05-18 19:37:18 +00:00
buildbot commented 2021-05-18 19:41:55 +00:00
Member
Copy Link

Drone Build Status: success

https://build.openprivacy.ca/cwtch.im/cwtch/137

Drone Build Status: success https://build.openprivacy.ca/cwtch.im/cwtch/137
Sign in to join this conversation.
Reviewers
No reviewers
erinn
Labels
Clear labels   
applications

   
BLOCKED

   
bug

   
design

   
duplicate

   
enhancement

   
fixed?

   
funding-needed

   
help wanted

   
infrastructure

   
invalid

   
payments

   
qubes

   
question

   
ready-for-implementation

   
refactor

   
spam

   
tapir-server

   
testing

   
tor

   
wontfix
No Label
applications
BLOCKED
bug
design
duplicate
enhancement
fixed?
funding-needed
help wanted
infrastructure
invalid
payments
qubes
question
ready-for-implementation
refactor
spam
tapir-server
testing
tor
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
erinn
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: cwtch.im/cwtch#357
No description provided.
Delete Branch "groupwiring"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?