Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

smp: command authorization #982

Merged
merged 33 commits into from
Feb 16, 2024
Merged

smp: command authorization #982

merged 33 commits into from
Feb 16, 2024

Conversation

epoberezkin
Copy link
Member

@epoberezkin epoberezkin commented Feb 4, 2024
edited

Scope:

  • supports crypto_box authenticators - planned to enable in SMPv7 for senders' commands only to provide sender repudiation on the server level (see RFC).
  • removes tlsunique from sent bytes, but uses it during signing and verifying (to prevent replay attacks) - this is controlled by implySessId property of THandle, as it is in different SMP and NTF protocol versions.
  • added batching to NTF protocol (no commands are batched, but until all clients migrate we cannot remove support for non-batched encoding.
  • raised min SMP protocol to v4 (batching).
  • correlation IDs are now random 24 bytes, to avoid future correlation by session by destination relays when commands will be sent via sending proxies. They are also used as nonces for authenticators.
  • handshake headers are extended to include public key, but client does not use its session key for anything as per-queue keys are used. See encryption RFC. Sending proxies would require a separate encryption layer for transmission in any case, so adding general transmission encryption inside TLS will not help it - so it is out of scope of this PR.

Test required: new/existing connections via 16 combinations of old (pre v5.5.3)/new clients and old/new servers participating in the connection (4 parties) - 32 tests in total.

The same testing will need to be repeated once server versions are raised in code; old (pre v5.5.3) clients will not work with the new servers but new clients will continue supporting old servers (see migration plan in Deniability RFC).

@epoberezkin epoberezkin changed the title smp: command authorization (WIP, does not compile) smp: command authorization Feb 4, 2024
@epoberezkin epoberezkin marked this pull request as draft February 5, 2024 00:02
@dpwiz @epoberezkin
transport: fetch and store server certificate (#985)
76eddfb 
* THandleParams (WIP, does not compile)

* transport: fetch and store server certificate

* smp: add getOnlinePubKey example to smpClientHandshake

* add server certs and sign authPub

* cleanup

* update

* style

* load server certs from test fixtures

* sign ntf authPubKey

* fix onServerCertificate

* increase delay before sending messages

* require certificate with key in SMP server handshake

---------

Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
@epoberezkin epoberezkin marked this pull request as ready for review February 14, 2024 11:26
@epoberezkin epoberezkin merged commit 416f1b1 into master Feb 16, 2024
3 checks passed
@epoberezkin epoberezkin deleted the ep/cmd-auth branch February 16, 2024 11:45
dpwiz added a commit that referenced this pull request Feb 16, 2024
@epoberezkin @dpwiz @spaced4ndy
smp: command authorization (#982)
e2aade5 
* smp: command authorization

* fix encoding, most tests

* remove old tests

* authorize via crypto_box

* extract authenticator to Crypto module

* make TransmissionAuth Maybe

* rfc

* support authenticators in NTF protocol, test matrix (no backwards compatibility yet from new clients to old servers)

* fix/add tests, add version config to "small" agent

* separate client and server versions for SMP protocol

* test batching SMP v7

* do not send session ID in each transmission

* refactor auth verification in the server, split tests

* server "warm up" fixes timing test

* uncomment SUB timing test

* comments, disable two timing tests

* rename version

* increase auth timing test failure threshold

* use different algorithms to authorize snd/rcv commands, use random correlation ID

* transport: fetch and store server certificate (#985)

* THandleParams (WIP, does not compile)

* transport: fetch and store server certificate

* smp: add getOnlinePubKey example to smpClientHandshake

* add server certs and sign authPub

* cleanup

* update

* style

* load server certs from test fixtures

* sign ntf authPubKey

* fix onServerCertificate

* increase delay before sending messages

* require certificate with key in SMP server handshake

---------

Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>

* remove dhSecret from THandle

* remove v8, merge all changes to one version

* parameterize THandle

* rfc: transmission ecnryption

* Revert "parameterize THandle"

This reverts commit 75adfc9.

* use batch syntax for ntf server commands

* separate encodeTransmission when there is no key

* typo

Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>

* rename

* diff

---------

Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@spaced4ndy spaced4ndy spaced4ndy left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@epoberezkin @spaced4ndy @dpwiz