Skip to content
This repository was archived by the owner on Dec 21, 2021. It is now read-only.

Read/write streamMessage.newGroupKey & enable key revocation #205

Merged
merged 14 commits into from
May 11, 2021
Merged

Read/write streamMessage.newGroupKey & enable key revocation #205

merged 14 commits into from
May 11, 2021

Conversation

@timoxley
Copy link
Contributor

@timoxley timoxley commented Feb 25, 2021
edited
Loading

  • Adds support for reading and writing streamMessage.newGroupKey.
  • Tests that revoking subscription permissions and rekeying actually removes subscribers from the stream.
  • Expands subscription logging

This PR used to be on top of Persist Groupkeys PR #204 but that PR is going to take some more work. I've reworked this to be on top of master now.

@linear
Copy link

linear bot commented Feb 25, 2021

NET-208 Add revocation based on monitoring subscriber set

Melchior started on this, but it never got merged. https://github.com/streamr-dev/streamr-client-javascript/pull/130/files

@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch from 692d091 to 0a5520f Compare March 8, 2021 14:42
@timoxley timoxley force-pushed the NET-208-revocation branch from 2a3fa16 to 8c59343 Compare March 10, 2021 15:52
@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch from 0a5520f to f471814 Compare March 10, 2021 15:52
@timoxley timoxley force-pushed the NET-208-revocation branch from 8c59343 to 829e07d Compare March 10, 2021 15:54
@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch from f471814 to 69a53ef Compare March 10, 2021 16:12
@timoxley timoxley force-pushed the NET-208-revocation branch from 829e07d to cf1e73b Compare March 10, 2021 16:12
@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch from 69a53ef to 4a26fda Compare March 10, 2021 16:15
@timoxley timoxley force-pushed the NET-208-revocation branch from cf1e73b to 65f0a5a Compare March 10, 2021 16:23
@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch from 4a26fda to ed74cd6 Compare March 11, 2021 17:27
@timoxley timoxley force-pushed the NET-208-revocation branch 2 times, most recently from dcc795a to 55c9db5 Compare March 11, 2021 18:15
@timoxley timoxley mentioned this pull request Mar 11, 2021
Merged
@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch from 787eab5 to e4f3ef2 Compare March 11, 2021 19:52
@timoxley timoxley force-pushed the NET-208-revocation branch from e9db0f1 to a81527c Compare March 11, 2021 20:00
@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch from e4f3ef2 to e312814 Compare March 11, 2021 20:05
@timoxley timoxley force-pushed the NET-208-revocation branch 2 times, most recently from 692e3da to 17983bc Compare March 11, 2021 20:20
@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch 2 times, most recently from 24dd13a to bbe667c Compare March 11, 2021 20:24
@timoxley timoxley force-pushed the NET-208-revocation branch 2 times, most recently from 2fc2465 to 3f25bbb Compare March 11, 2021 20:46
@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch from bbe667c to c6a4cdc Compare March 11, 2021 20:51
@timoxley timoxley force-pushed the NET-208-revocation branch from 3f25bbb to 01a878b Compare March 11, 2021 20:54
@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch from c6a4cdc to 485ad88 Compare March 11, 2021 21:04
@timoxley timoxley force-pushed the NET-208-revocation branch from 01a878b to 18c6908 Compare March 11, 2021 21:05
@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch from 485ad88 to 596c415 Compare March 12, 2021 13:43
@timoxley timoxley force-pushed the NET-208-revocation branch from f13777c to 2d3972e Compare March 12, 2021 13:43
@timoxley timoxley force-pushed the NET-156-persist-groupkeys branch 2 times, most recently from 806f8f0 to caf282d Compare March 17, 2021 13:22
@timoxley timoxley changed the base branch from NET-156-persist-groupkeys to master March 23, 2021 15:48
@timoxley timoxley requested a review from teogeb March 23, 2021 15:53
teogeb
teogeb reviewed Mar 23, 2021
View reviewed changes
teogeb
teogeb reviewed Mar 23, 2021
View reviewed changes
teogeb
teogeb reviewed Mar 23, 2021
View reviewed changes
src/stream/KeyExchange.js
return !nextGroupKey && store.size === 0
return nextGroupKeys.length === 0 && store.size === 0
},
useGroupKey() {
Copy link
Contributor

@teogeb teogeb Mar 23, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This method could be plural as it generates an array of GroupKeys?

Copy link
Contributor Author

@timoxley timoxley Mar 23, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hm, sort of, it could probably do with some docs though.

Basically it's giving you the current + (optional) next group key.

If there's two values, it'll encrypt the message with the first, but embed the second in the stream message (encrypted with the first), then the next time you call useGroupKey you will get that second value in the first position, and an empty value second position, until a new group key is assigned. When a new group key is assigned, it'll use the existing key one more time, embedding the next key, then start using the new key from there on.

Something like this:

setGroupKey(keyA)
useGroupKey() // => [keyA, undefined]
useGroupKey() // => [keyA, undefined]
setGroupKey(keyB)
useGroupKey() // => [keyA, keyB]
useGroupKey() // => [keyB, undefined]
useGroupKey() // => [keyB, undefined]
setGroupKey(keyC)
useGroupKey() // => [keyB, keyC]
useGroupKey() // => [keyC, undefined]
// etc

Where useGroupKey is called before encrypting each message.
Iff there's a second value, it will be set as the streamMessage.newGroupKey

Copy link
Contributor

@teogeb teogeb Mar 23, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On possibility would be to introduce some helper data type, like GroupKeyQueue. It would encapsulate this e.g. max length handling.

teogeb
teogeb reviewed Mar 23, 2021
View reviewed changes
timoxley
timoxley commented Mar 23, 2021
View reviewed changes
timoxley
timoxley commented Mar 23, 2021
View reviewed changes
src/stream/KeyExchange.js
}
})

async function getGroupKey(streamMessage) {
Copy link
Contributor Author

@timoxley timoxley Mar 23, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

getGroupKey definitely has a confusing name now though, since it returns an array of keys, one of which should be the one you're after, or an empty array.

@timoxley timoxley force-pushed the NET-208-revocation branch 3 times, most recently from b4c4a97 to bb743a9 Compare March 29, 2021 19:33
@timoxley timoxley force-pushed the NET-208-revocation branch 2 times, most recently from 6c0814c to ea5a17f Compare May 10, 2021 19:47
timoxley added 14 commits May 10, 2021 16:38
@timoxley
feat(encryption): Support reading & writing newGroupKey. Delays actua…
b74b748 
…l groupKey change until message after next.
@timoxley
feat(encryption): Add client.rekey(streamId). Test revocation works.
da847fe 
Avoid test assertions in event handlers.
@timoxley
Add failing multiple publishers + late subscriber test.
c4cfb2d
@timoxley
test: Passing integration/Encryption.test.js with revoke tests.
9f849e8 
Cleaned up, but still WIP encryption/subscription error handling.

Tracking down unhandled error.

Fix unhandled rejection in keyexchange. Improve subscription error handling.

Update Encryption tests.

Passing integration/Encryption.test.js with revoke tests.

Fix publish/Encrypt typing.
@timoxley
Linting.
6e52f77
@timoxley
Fixing MultipleClients test. WIP.
5b3224a
@timoxley
types(subscribe): Fix subscription & stream validateOptions types.
f2c7386
@timoxley
refactor(test): Tidy MultipleClients late sub test.
7c7c7d1
@timoxley
types(client): Explicitly type top-level groupkey handling methods.
0f30ab2
@timoxley
refactor(keyexchange): Tidy up useGroupKey with switch instead of mul…
3d7602a 
…tiple if + early return.
@timoxley
test(multipleclients): Fix late sub test.
7a8ed9f
@timoxley
fix(keyexchange): Fix bad switch case boolean.
b035419
@timoxley
test(keyexchange): Add test repeats & reduce test timeout for Encrypt…
793fb54 
…ion tests.
@timoxley
test: Make MultipleClients test more reliable.
e229b81
@timoxley timoxley force-pushed the NET-208-revocation branch from ea5a17f to e229b81 Compare May 10, 2021 20:38
@timoxley timoxley merged commit ad2db70 into master May 11, 2021
@timoxley timoxley deleted the NET-208-revocation branch May 11, 2021 17:34
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@teogeb teogeb teogeb left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@timoxley @teogeb