Skip to content
Snippets Groups Projects
Commit 61840dd3 authored by Richard T. Carback III's avatar Richard T. Carback III
Browse files

Merge branch 'XX-4574' into 'release'

Do some basic sanity checks on DM and Channel Sends

See merge request !568
parents 72060204 9e4c23fe
No related branches found
No related tags found
2 merge requests!568Do some basic sanity checks on DM and Channel Sends,!515Release
...@@ -10,6 +10,7 @@ package channels ...@@ -10,6 +10,7 @@ package channels
import ( import (
"bytes" "bytes"
"crypto/ed25519" "crypto/ed25519"
"crypto/hmac"
"encoding/base64" "encoding/base64"
"fmt" "fmt"
"time" "time"
...@@ -60,10 +61,12 @@ const ( ...@@ -60,10 +61,12 @@ const (
// SendAdminReplayTag is the base tag used when generating a debug tag for an // SendAdminReplayTag is the base tag used when generating a debug tag for an
// admin replay message. // admin replay message.
SendAdminReplayTag = "ChAdminReplay" SendAdminReplayTag = "ChAdminReplay"
// The size of the nonce used in the message ID.
messageNonceSize = 4
) )
// The size of the nonce used in the message ID. var emptyChannelID = &id.ID{}
const messageNonceSize = 4
// Prints current time without the monotonic clock (m=) for easier reading // Prints current time without the monotonic clock (m=) for easier reading
func dateNow() string { return netTime.Now().Round(0).String() } func dateNow() string { return netTime.Now().Round(0).String() }
...@@ -93,6 +96,11 @@ func (m *manager) SendGeneric(channelID *id.ID, messageType MessageType, ...@@ -93,6 +96,11 @@ func (m *manager) SendGeneric(channelID *id.ID, messageType MessageType,
msg []byte, validUntil time.Duration, tracked bool, params cmix.CMIXParams) ( msg []byte, validUntil time.Duration, tracked bool, params cmix.CMIXParams) (
message.ID, rounds.Round, ephemeral.Id, error) { message.ID, rounds.Round, ephemeral.Id, error) {
if hmac.Equal(channelID.Bytes(), emptyChannelID.Bytes()) {
return message.ID{}, rounds.Round{}, ephemeral.Id{},
errors.New("cannot send to channel id with all 0s")
}
// Reject the send if the user is muted in the channel they are sending to // Reject the send if the user is muted in the channel they are sending to
if m.events.mutedUsers.isMuted(channelID, m.me.PubKey) { if m.events.mutedUsers.isMuted(channelID, m.me.PubKey) {
return message.ID{}, rounds.Round{}, ephemeral.Id{}, return message.ID{}, rounds.Round{}, ephemeral.Id{},
...@@ -386,6 +394,11 @@ func (m *manager) SendAdminGeneric(channelID *id.ID, messageType MessageType, ...@@ -386,6 +394,11 @@ func (m *manager) SendAdminGeneric(channelID *id.ID, messageType MessageType,
msg []byte, validUntil time.Duration, tracked bool, params cmix.CMIXParams) ( msg []byte, validUntil time.Duration, tracked bool, params cmix.CMIXParams) (
message.ID, rounds.Round, ephemeral.Id, error) { message.ID, rounds.Round, ephemeral.Id, error) {
if hmac.Equal(channelID.Bytes(), emptyChannelID.Bytes()) {
return message.ID{}, rounds.Round{}, ephemeral.Id{},
errors.New("cannot send to channel id with all 0s")
}
// Note: We log sends on exit, and append what happened to the message // Note: We log sends on exit, and append what happened to the message
// this cuts down on clutter in the log. // this cuts down on clutter in the log.
log := fmt.Sprintf( log := fmt.Sprintf(
......
...@@ -64,7 +64,9 @@ func Test_manager_SendGeneric(t *testing.T) { ...@@ -64,7 +64,9 @@ func Test_manager_SendGeneric(t *testing.T) {
}, crng), }, crng),
} }
channelID := new(id.ID) rng := crng.GetStream()
defer rng.Close()
channelID, _ := id.NewRandomID(rng, id.User)
messageType := Text messageType := Text
msg := []byte("hello world") msg := []byte("hello world")
validUntil := time.Hour validUntil := time.Hour
...@@ -215,7 +217,9 @@ func Test_manager_SendMessage(t *testing.T) { ...@@ -215,7 +217,9 @@ func Test_manager_SendMessage(t *testing.T) {
}, crng), }, crng),
} }
channelID := new(id.ID) rng := crng.GetStream()
defer rng.Close()
channelID, _ := id.NewRandomID(rng, id.User)
messageType := Text messageType := Text
msg := "hello world" msg := "hello world"
validUntil := time.Hour validUntil := time.Hour
...@@ -300,7 +304,9 @@ func Test_manager_SendReply(t *testing.T) { ...@@ -300,7 +304,9 @@ func Test_manager_SendReply(t *testing.T) {
}, crng), }, crng),
} }
channelID := new(id.ID) rng := crng.GetStream()
defer rng.Close()
channelID, _ := id.NewRandomID(rng, id.User)
messageType := Text messageType := Text
msg := "hello world" msg := "hello world"
validUntil := time.Hour validUntil := time.Hour
...@@ -387,7 +393,9 @@ func Test_manager_SendReaction(t *testing.T) { ...@@ -387,7 +393,9 @@ func Test_manager_SendReaction(t *testing.T) {
}, crng), }, crng),
} }
channelID := new(id.ID) rng := crng.GetStream()
defer rng.Close()
channelID, _ := id.NewRandomID(rng, id.User)
messageType := Reaction messageType := Reaction
msg := "🍆" msg := "🍆"
params := new(cmix.CMIXParams) params := new(cmix.CMIXParams)
......
...@@ -54,6 +54,11 @@ const ( ...@@ -54,6 +54,11 @@ const (
messageNonceSize = 4 messageNonceSize = 4
) )
var (
emptyPubKeyBytes = make([]byte, ed25519.PublicKeySize)
emptyPubKey = ed25519.PublicKey(emptyPubKeyBytes)
)
// SendText is used to send a formatted message to another user. // SendText is used to send a formatted message to another user.
func (dc *dmClient) SendText(partnerPubKey *ed25519.PublicKey, func (dc *dmClient) SendText(partnerPubKey *ed25519.PublicKey,
partnerToken uint32, partnerToken uint32,
...@@ -156,6 +161,21 @@ func (dc *dmClient) Send(partnerEdwardsPubKey *ed25519.PublicKey, ...@@ -156,6 +161,21 @@ func (dc *dmClient) Send(partnerEdwardsPubKey *ed25519.PublicKey,
params cmix.CMIXParams) ( params cmix.CMIXParams) (
cryptoMessage.ID, rounds.Round, ephemeral.Id, error) { cryptoMessage.ID, rounds.Round, ephemeral.Id, error) {
if partnerToken == 0 {
return cryptoMessage.ID{}, rounds.Round{},
ephemeral.Id{},
errors.Errorf("invalid dmToken value: %d", partnerToken)
}
if partnerEdwardsPubKey == nil ||
partnerEdwardsPubKey.Equal(emptyPubKey) {
return cryptoMessage.ID{}, rounds.Round{},
ephemeral.Id{},
errors.Errorf("invalid public key value: %v",
partnerEdwardsPubKey)
}
partnerPubKey := ecdh.Edwards2ECDHNIKEPublicKey(partnerEdwardsPubKey) partnerPubKey := ecdh.Edwards2ECDHNIKEPublicKey(partnerEdwardsPubKey)
partnerID := deriveReceptionID(partnerPubKey.Bytes(), partnerToken) partnerID := deriveReceptionID(partnerPubKey.Bytes(), partnerToken)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment