Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix for third party block reuse #230

Open
wants to merge 16 commits into
base: v5
Choose a base branch
from
Open

Fix for third party block reuse #230

wants to merge 16 commits into from

Conversation

Geal
Copy link
Contributor

@Geal Geal commented Oct 20, 2024

This changes the third party block signature format to prevent reuse of third party blocks across tokens, by including the previous block's signature in the signed data

@Geal Geal changed the base branch from main to v5 October 20, 2024 13:43
@Geal
Copy link
Contributor Author

Geal commented Oct 20, 2024
edited
Loading

I'm not decided yet on the best name for the functions still allowing the old format, between Biscuit::unsafe_deprecated_deserialize and UnverifiedBiscuit::unsafe_from

@Geal Geal requested a review from divarvel October 20, 2024 13:44
Geal
Geal commented Oct 20, 2024
View reviewed changes
biscuit-auth/src/crypto/mod.rs Outdated Show resolved Hide resolved
Geal
Geal commented Oct 20, 2024
View reviewed changes
biscuit-auth/src/crypto/mod.rs Outdated Show resolved Hide resolved
Geal
Geal commented Oct 20, 2024
View reviewed changes
biscuit-auth/src/crypto/mod.rs Outdated Show resolved Hide resolved
@codspeed-hq CodSpeed HQ
Copy link

codspeed-hq bot commented Oct 20, 2024
edited
Loading

CodSpeed Performance Report

Merging #230 will not alter performance

Comparing geal/third-party-reuse (4c2b1ad) with v5 (e59f41d)

Summary

✅ 12 untouched benchmarks

@divarvel
Copy link
Collaborator

I'm not decided yet on the best name for the functions still allowing the old format, between Biscuit::unsafe_deprecated_deserialize and UnverifiedBiscuit::unsafe_from

I’d go for the most explicit. I read unsafe_from in the diff and was a bit confused

@divarvel
Copy link
Collaborator

divarvel commented Oct 21, 2024
edited
Loading

I think we should document the signature scheme to make a few things clearer:

  • imo the version should be signed (if defined)
  • the previous key should not be signed if we sign the previous signature instead

@codecov Codecov
Copy link

codecov bot commented Nov 4, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 87.17949% with 15 lines in your changes missing coverage. Please review.

Project coverage is 69.70%. Comparing base (d90accd) to head (4c2b1ad).
Report is 1 commits behind head on v5.

Files with missing lines Patch % Lines
biscuit-auth/src/crypto/mod.rs 90.19% 5 Missing ⚠️
biscuit-auth/src/token/unverified.rs 69.23% 4 Missing ⚠️
biscuit-auth/src/token/third_party.rs 70.00% 3 Missing ⚠️
biscuit-auth/src/format/mod.rs 94.28% 2 Missing ⚠️
biscuit-auth/src/token/mod.rs 87.50% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##               v5     #230      +/-   ##
==========================================
+ Coverage   68.96%   69.70%   +0.74%     
==========================================
  Files          25       25              
  Lines        5922     5945      +23     
==========================================
+ Hits         4084     4144      +60     
+ Misses       1838     1801      -37

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@divarvel divarvel Awaiting requested review from divarvel

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Geal @divarvel