Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Functions to verify hashtags #191

Merged
merged 1 commit into from
Jun 21, 2024
Merged

Functions to verify hashtags #191

merged 1 commit into from
Jun 21, 2024

Conversation

andrewgdotcom
Copy link
Contributor

@andrewgdotcom andrewgdotcom commented Dec 10, 2023
edited
Loading

It is sometimes desirable(*) to check the plausibility of a signature over a piece of data based on its HashTag, in situations where we are unable to fully verify the signature (e.g. due to a third-party signing key being unavailable). This implements the necessary functions by mirroring the corresponding signature verification functions.

It is difficult to implement these functions at the application level, due to lack of access to private methods such as userIdSignatureHash(), serializeWithoutHeaders() etc.

(It crossed my mind that it might be worth factorising out the common code from VerifySignature and VerifyHashTag, but that would require care handling the mutated hash and the version exception)

(* hockeypuck/hockeypuck#283)

@andrewgdotcom andrewgdotcom marked this pull request as draft December 10, 2023 19:50
@andrewgdotcom andrewgdotcom marked this pull request as ready for review May 27, 2024 10:10
@andrewgdotcom
Copy link
Contributor Author

These have been tested in hockeypuck for the last few months without known issues.

twiss
twiss approved these changes Jun 21, 2024
View reviewed changes
Copy link
Member

@twiss twiss left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apologies for the late review. It looks reasonable to me 👍

@twiss twiss merged commit 774879c into ProtonMail:main Jun 21, 2024
6 checks passed
@andrewgdotcom andrewgdotcom deleted the upstream-verify-hashtags branch June 21, 2024 16:23
@andrewgdotcom
Copy link
Contributor Author

I suspect the build checks in this PR were stale at time of merging, they pre-date the big merge commit in 4deafc1 in which several key functions have changed their signatures. I can't build main currently on my machine, I'll try to submit a remedial patch asap.

@andrewgdotcom
Copy link
Contributor Author

Also note that this PR did not touch the v2 API (because it didn't exist when I wrote it!). It may therefore need to be duplicated.

@twiss
Copy link
Member

twiss commented Jun 21, 2024
edited
Loading

Ah right, my bad. Thanks!

The v2 API doesn't duplicate the packet subpackage, so I don't think it should need to be duplicated.

@andrewgdotcom andrewgdotcom mentioned this pull request Jun 21, 2024
Merged
lubux pushed a commit that referenced this pull request Jun 24, 2024
@andrewgdotcom
Update to use PrepareVerify (#210)
3a86725 
Fixes the build issues with  #191
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@twiss twiss twiss approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@andrewgdotcom @twiss