From ac91c30aeb8b0825a8e2bebdf292c41f98527dbe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?= <3857362+corrideat@users.noreply.github.com> Date: Fri, 6 Oct 2023 19:28:38 +0200 Subject: [PATCH 1/2] Bugfix: key rotation on watched contracts --- shared/domains/chelonia/internals.js | 15 +++++++-------- shared/domains/chelonia/utils.js | 8 ++++---- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js index 4a3dfd1029..29672ca757 100644 --- a/shared/domains/chelonia/internals.js +++ b/shared/domains/chelonia/internals.js @@ -88,10 +88,8 @@ const keyRotationHelper = (contractID: string, state: Object, config: Object, up const signingKeyId = findSuitableSecretKeyId(rootState[cID], requiredPermissions, ['sig'], foreignContractKey.ringLevel) - const encryptionKeyId = foreignContractKey._private - if (signingKeyId) { - return [[name, foreignContractKey.name, encryptionKeyId], signingKeyId, rootState[cID]._vm.authorizedKeys[signingKeyId].ringLevel] + return [[name, foreignContractKey.name], signingKeyId, rootState[cID]._vm.authorizedKeys[signingKeyId].ringLevel] } return undefined @@ -112,9 +110,6 @@ const keyRotationHelper = (contractID: string, state: Object, config: Object, up contractID: cID, contractName, data: keyNamesToUpdate.map(outputMapper).map((v, i) => { - if (keyNamesToUpdate[i][2]) { - return encryptedOutgoingData(rootState[cID], keyNamesToUpdate[i][2], v) - } return v }), signingKeyId @@ -667,7 +662,8 @@ export default (sbp('sbp/selectors/register', { [GIMessage.OP_KEY_UPDATE] (v: GIOpKeyUpdate) { if (!state._volatile) config.reactiveSet(state, '_volatile', Object.create(null)) if (!state._volatile.pendingKeyRevocations) config.reactiveSet(state._volatile, 'pendingKeyRevocations', Object.create(null)) - const [updatedKeys, keysToDelete] = validateKeyUpdatePermissions(contractID, signingKey, state, v) + const [updatedKeys, updatedMap] = validateKeyUpdatePermissions(contractID, signingKey, state, v) + const keysToDelete = ((Object.values(updatedMap): any): string[]) for (const keyId of keysToDelete) { if (has(state._volatile.pendingKeyRevocations, keyId)) { delete state._volatile.pendingKeyRevocations[keyId] @@ -689,7 +685,10 @@ export default (sbp('sbp/selectors/register', { const updatedKeysMap = Object.create(null) updatedKeys.forEach((key) => { - if (key.data) updatedKeysMap[key.name] = key + if (key.data) { + updatedKeysMap[key.name] = key + updatedKeysMap[key.name].oldKeyId = updatedMap[key.id] + } }) keyRotationHelper(contractID, state, config, updatedKeysMap, [GIMessage.OP_KEY_UPDATE], 'chelonia/out/keyUpdate', (name) => ({ diff --git a/shared/domains/chelonia/utils.js b/shared/domains/chelonia/utils.js index 52fc049b42..3e091d5834 100644 --- a/shared/domains/chelonia/utils.js +++ b/shared/domains/chelonia/utils.js @@ -217,8 +217,8 @@ export const validateKeyDelPermissions = (contractID: string, signingKey: GIKey, }) } -export const validateKeyUpdatePermissions = (contractID: string, signingKey: GIKey, state: Object, v: (GIKeyUpdate | EncryptedData)[]): [GIKey[], string[]] => { - const keysToDelete: string[] = [] +export const validateKeyUpdatePermissions = (contractID: string, signingKey: GIKey, state: Object, v: (GIKeyUpdate | EncryptedData)[]): [GIKey[], { [k: string]: string }] => { + const updatedMap = ((Object.create(null): any): { [k: string]: string }) const keys = v.map((wuk): GIKey | void => { const data = unwrapMaybeEncryptedData(wuk) if (!data) return undefined @@ -241,7 +241,7 @@ export const validateKeyUpdatePermissions = (contractID: string, signingKey: GIK throw new Error('Missing private key. Old key ID: ' + uk.oldKeyId) } if (uk.id && uk.id !== uk.oldKeyId) { - keysToDelete.push(uk.oldKeyId) + updatedMap[uk.id] = uk.oldKeyId } const updatedKey = { ...existingKey } // Set the corresponding updated attributes @@ -266,7 +266,7 @@ export const validateKeyUpdatePermissions = (contractID: string, signingKey: GIK return updatedKey }).filter(Boolean) validateKeyAddPermissions(contractID, signingKey, state, keys, true) - return [((keys: any): GIKey[]), keysToDelete] + return [((keys: any): GIKey[]), updatedMap] } export const keyAdditionProcessor = function (keys: (GIKey | EncryptedData)[], state: Object, contractID: string, signingKey: GIKey) { From f079b04008558a5b8b9796f74a42fdb24631f696 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?= <3857362+corrideat@users.noreply.github.com> Date: Fri, 6 Oct 2023 19:46:55 +0200 Subject: [PATCH 2/2] Fix message format for OP_KEY_SHARE --- frontend/controller/actions/identity.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/controller/actions/identity.js b/frontend/controller/actions/identity.js index f52ee1da7a..1e4c506a4d 100644 --- a/frontend/controller/actions/identity.js +++ b/frontend/controller/actions/identity.js @@ -538,7 +538,7 @@ export default (sbp('sbp/selectors/register', { id: newId, meta: { private: { - content: serializeKey(newKey, true) + content: encryptedOutgoingData(groupState, CEKid, serializeKey(newKey, true)) } } }))