Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: added a check to handle self symmetric shared #1072

Draft
wants to merge 38 commits into
base: trunk
Choose a base branch
from
Draft

fix: added a check to handle self symmetric shared #1072

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
617fe5a
fix: added a check to handle self symmetric shared
Xlin123 Jun 20, 2023
026831f
fix: removed import that i added
Xlin123 Jun 20, 2023
cfc3b7f
fix: removed uneeded regex
Xlin123 Jun 20, 2023
63cb2b8
fix: trying at_chops
Xlin123 Jun 21, 2023
b7a8e6f
fix: self key should be done
Xlin123 Jun 21, 2023
dc9fa27
fix: added more detailed exception
Xlin123 Jun 23, 2023
b1822a7
fix(shared_key_decryption): added exception
Xlin123 Jun 23, 2023
54847ec
fix: fixed line endings back to 80
Xlin123 Jun 25, 2023
15a411d
feat: made a test for the bug
Xlin123 Jun 28, 2023
ef18d4f
Merge branch 'trunk' into xlin-corruptpadblock
Xlin123 Jun 28, 2023
0903676
fix: changed sharedWith to sharedBy
Xlin123 Jun 28, 2023
3cce56e
fix: shared keys no longer go to encrypt the value as an aes key
Xlin123 Jun 28, 2023
58a1eb0
fix: AtKeyResult cast issue fixed
Xlin123 Jun 28, 2023
80025a6
fix: using .result instead of toString
Xlin123 Jun 28, 2023
a1b1ce4
fix: .result for self keys
Xlin123 Jun 28, 2023
8b226b9
fix: localKeys are also throwing corrupted pad blocks
Xlin123 Jun 28, 2023
cafd457
Merge branch 'trunk' into xlin-corruptpadblock
gkc Jul 7, 2023
a58d9e5
feat: added functional tests
Xlin123 Jul 10, 2023
e88239f
chore: looking inside vip ( there's probably a better way to do this )
Xlin123 Jul 12, 2023
c166615
chore: trying something
Xlin123 Jul 12, 2023
40648d4
chore: fixing small errors
Xlin123 Jul 12, 2023
fc82fc8
fix: missing atChops null check
Xlin123 Jul 12, 2023
352afc0
fix: a bunch of dumb mistakes
Xlin123 Jul 12, 2023
a3ae63e
fix: formatting and loading keys
Xlin123 Jul 12, 2023
d4cc7d4
Revert "fix: formatting and loading keys"
Xlin123 Jul 12, 2023
431608a
ci:
Xlin123 Oct 17, 2023
907fc64
Merge branch 'trunk' into xlin-corruptpadblock
Xlin123 Oct 17, 2023
a59221f
ci:
Xlin123 Oct 17, 2023
bec41f2
ci: ran dart format
Xlin123 Oct 17, 2023
4703eaf
ci: wavi is getting appended as namespace? it should exist...
Xlin123 Oct 17, 2023
9423ae6
ci: what.
Xlin123 Oct 17, 2023
fc69d04
ci:
Xlin123 Oct 17, 2023
63fa8df
ci: whyyyyy
Xlin123 Oct 17, 2023
8268851
ci: pls
Xlin123 Oct 17, 2023
7f44ae8
ci: sorry for running 30000 workflows
Xlin123 Oct 17, 2023
f53832b
ci: im
Xlin123 Oct 17, 2023
0811dbd
ci: 🛠
Xlin123 Oct 17, 2023
051a67b
ci: PLEAAASE
Xlin123 Oct 17, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions packages/at_client/lib/src/decryption_service/local_key_decryption.dart
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import 'package:at_chops/at_chops.dart';
import 'package:at_client/at_client.dart';
import 'package:at_client/src/decryption_service/decryption.dart';
import 'package:at_client/src/encryption_service/abstract_atkey_encryption.dart';
Expand All @@ -10,10 +11,12 @@ import 'package:at_utils/at_logger.dart';
class LocalKeyDecryption extends AbstractAtKeyEncryption
implements AtKeyDecryption {
late final AtSignLogger _logger;
late final AtClient _atClient;

LocalKeyDecryption(AtClient atClient) : super(atClient) {
_logger =
AtSignLogger('LocalKeyDecryption (${atClient.getCurrentAtSign()})');
_atClient = atClient;
}

@override
Expand All @@ -23,6 +26,26 @@ class LocalKeyDecryption extends AbstractAtKeyEncryption
intent: Intent.decryptData,
exceptionScenario: ExceptionScenario.decryptionFailed);
}

if (atKey.key == "shared_key") {
if (atKey.sharedWith != _atClient.getCurrentAtSign()) {
throw AtKeyException(
"This symmetric shared key cannot be decrypted using your private key.",
intent: Intent.fetchData,
exceptionScenario: ExceptionScenario.decryptionFailed);
}
if (_atClient.atChops == null) {
var privateKey =
await _atClient.getLocalSecondary()!.getEncryptionPrivateKey();
// ignore: deprecated_member_use_from_same_package
EncryptionUtil.decryptKey(encryptedValue, privateKey!);
} else {
return _atClient.atChops!
.decryptString(encryptedValue.toString(), EncryptionKeyType.rsa2048)
.result;
}
}

// Get the shared key.
var symmetricKey = await getMyCopyOfSharedSymmetricKey(atKey);

Expand Down
25 changes: 22 additions & 3 deletions packages/at_client/lib/src/decryption_service/self_key_decryption.dart
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import 'package:at_chops/at_chops.dart';
import 'package:at_client/at_client.dart';
import 'package:at_client/src/decryption_service/decryption.dart';
import 'package:at_client/src/response/default_response_parser.dart';
Expand All @@ -8,8 +9,8 @@ import 'package:at_client/src/response/default_response_parser.dart';
/// llookup:phone.wavi@bob
/// llookup:@bob:phone@bob
class SelfKeyDecryption implements AtKeyDecryption {
final AtClient _atClient;
SelfKeyDecryption(this._atClient);
final AtClient _atClient;
@override
Future<dynamic> decrypt(AtKey atKey, dynamic encryptedValue) async {
if (encryptedValue == null ||
Expand All @@ -19,7 +20,26 @@ class SelfKeyDecryption implements AtKeyDecryption {
intent: Intent.decryptData,
exceptionScenario: ExceptionScenario.decryptionFailed);
}

if (atKey.key == "shared_key") {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The copy alice will create for themselves of a shared key they cut for bob will be shared_key.bob@alice. Will this test work? What happens when you use this branch with your REPL?

if (atKey.sharedBy != _atClient.getCurrentAtSign()) {
throw AtKeyException(
"This symmetric shared key cannot be decrypted using your private key.",
intent: Intent.fetchData,
exceptionScenario: ExceptionScenario.decryptionFailed);
}
if (_atClient.atChops == null) {
var privateKey =
await _atClient.getLocalSecondary()!.getEncryptionPrivateKey();
_atClient.encryptionService!.logger
.info(encryptedValue + " " + privateKey);
// ignore: deprecated_member_use_from_same_package
EncryptionUtil.decryptKey(encryptedValue, privateKey!);
} else {
return _atClient.atChops!
.decryptString(encryptedValue.toString(), EncryptionKeyType.rsa2048)
.result;
}
}
var selfEncryptionKey =
await _atClient.getLocalSecondary()!.getEncryptionSelfKey();
if ((selfEncryptionKey == null || selfEncryptionKey.isEmpty) ||
Expand All @@ -28,7 +48,6 @@ class SelfKeyDecryption implements AtKeyDecryption {
intent: Intent.fetchSelfEncryptionKey,
exceptionScenario: ExceptionScenario.fetchEncryptionKeys);
}

return EncryptionUtil.decryptValue(encryptedValue,
DefaultResponseParser().parse(selfEncryptionKey).response,
ivBase64: atKey.metadata?.ivNonce);
Expand Down
18 changes: 18 additions & 0 deletions packages/at_client/lib/src/decryption_service/shared_key_decryption.dart
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,24 @@ class SharedKeyDecryption implements AtKeyDecryption {
intent: Intent.decryptData,
exceptionScenario: ExceptionScenario.decryptionFailed);
}
if (atKey.key == "shared_key") {
if (atKey.sharedWith != atClient.getCurrentAtSign()) {
throw AtKeyException(
"This symmetric shared key cannot be decrypted using your private key.",
intent: Intent.fetchData,
exceptionScenario: ExceptionScenario.decryptionFailed);
}
if (atClient.atChops == null) {
var privateKey =
await atClient.getLocalSecondary()!.getEncryptionPrivateKey();
// ignore: deprecated_member_use_from_same_package
EncryptionUtil.decryptKey(encryptedValue, privateKey!);
} else {
return atClient.atChops!
.decryptString(encryptedValue.toString(), EncryptionKeyType.rsa2048)
.result;
}
}
String? encryptedSharedKey;
if (atKey.metadata != null && atKey.metadata!.pubKeyCS != null) {
encryptedSharedKey = atKey.metadata!.sharedKeyEnc;
Expand Down
16 changes: 16 additions & 0 deletions packages/at_client/test/decryption_service_test.dart
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,22 @@ void main() {
'Failed to fetchData caused by\nConnection timeout');
}
});

test(
'A test to verify exception is thrown when symmetric shared key is trying to be decrypted by another atsign',
() {
var atKey =
(AtKey.shared('shared_key', namespace: 'wavi', sharedBy: '@murali')
..sharedWith('@sitaram'))
.build();
var sharedKeyDecryption = SharedKeyDecryption(mockAtClientImpl);
expect(
() => sharedKeyDecryption.decrypt(atKey, '123'),
throwsA(predicate((dynamic e) =>
e is AtKeyException &&
e.message ==
'This symmetric shared key cannot be decrypted using your private key.')));
});
});

group('A group of test to validate the decryption service manager', () {
Expand Down
43 changes: 43 additions & 0 deletions tests/at_functional_test/test/atclient_putText_test.dart
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import 'package:at_client/at_client.dart';
import 'package:at_functional_test/src/at_keys_intialializer.dart';
import 'package:test/test.dart';
import 'commit_log_compaction_test.dart';
import 'test_utils.dart';

/// The tests verify the put and get functionality where key is created using AtKey
Expand All @@ -18,6 +19,16 @@ void main() {
.setEncryptionKeys(atClientManager.atClient, atSign);
});

Future<void> switchAtsigns(String atsign) async {
var preference = TestUtils.getPreference(atsign);
atClientManager.setCurrentAtSign(atsign, null, preference);
await AtEncryptionKeysLoader.getInstance()
.setEncryptionKeys(atClientManager.atClient, atSign);
var list =
await atClientManager.atClient.getRemoteSecondary()!.atLookUp.scan();
atClientManager.atClient.encryptionService!.logger.info(list);
}

group('A group of tests to verify positive scenarios of put and get', () {
test('put method - create a key sharing to other atSign', () async {
// phone.wavi@alice🛠
Expand Down Expand Up @@ -78,4 +89,36 @@ void main() {
expect(getResult.value, value);
});
});

////////////
group('A group of tests to verify get of symmetric shared keys', () {
test('Positive test - self keys ', () async {
var atKey =
AtKey.self("shared_key", namespace: "bob🛠", sharedBy: "@alice🛠")
.build();

var result = await atClientManager.atClient.get(atKey);
expect(result, returnsNormally);
});

test('Positive test - shared keys ', () async {
await switchAtsigns("@bob🛠");
atClientManager.atClient.encryptionService!.logger
.info(atClientManager.atClient.getCurrentAtSign());
var atKey = AtKey.fromString("@bob🛠:shared_key@alice🛠");
var result = await atClientManager.atClient.get(atKey);
expect(result, returnsNormally);
});

test('Negative test - shared keys ', () async {
await switchAtsigns("@alice🛠");
var atKey = (AtKey.shared("shared_key", sharedBy: "@alice🛠")
..sharedWith("@bob🛠"))
.build();

expect(() async {
await atClientManager.atClient.get(atKey);
}, throwsException);
});
});
}
Loading