github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/kbfs/kbfsmd/root_metadata_v3.go (about) 1 // Copyright 2016 Keybase Inc. All rights reserved. 2 // Use of this source code is governed by a BSD 3 // license that can be found in the LICENSE file. 4 5 package kbfsmd 6 7 import ( 8 "fmt" 9 "runtime" 10 11 goerrors "github.com/go-errors/errors" 12 "github.com/keybase/client/go/kbfs/kbfscodec" 13 "github.com/keybase/client/go/kbfs/kbfscrypto" 14 "github.com/keybase/client/go/kbfs/tlf" 15 "github.com/keybase/client/go/protocol/keybase1" 16 "github.com/keybase/go-codec/codec" 17 "github.com/pkg/errors" 18 "golang.org/x/net/context" 19 ) 20 21 // WriterMetadataV3 stores the metadata for a TLF that is 22 // only editable by users with writer permissions. 23 type WriterMetadataV3 struct { 24 // Serialized, possibly encrypted, version of the PrivateMetadata 25 SerializedPrivateMetadata []byte `codec:"data"` 26 27 // The last KB user with writer permissions to this TLF 28 // who modified this WriterMetadata 29 LastModifyingWriter keybase1.UID `codec:"lmw"` 30 31 // For public and single-team TLFs (since those don't have any 32 // keys at all). 33 Writers []keybase1.UserOrTeamID `codec:",omitempty"` 34 // Writers identified by unresolved social assertions. 35 UnresolvedWriters []keybase1.SocialAssertion `codec:"uw,omitempty"` 36 // Pointer to the writer key bundle for private TLFs. 37 WKeyBundleID TLFWriterKeyBundleID `codec:"wkid"` 38 // Latest key generation. 39 LatestKeyGen KeyGen `codec:"lkg"` 40 41 // The directory ID, signed over to make verification easier 42 ID tlf.ID 43 // The branch ID, currently only set if this is in unmerged per-device history. 44 BID BranchID 45 // Flags 46 WFlags WriterFlags 47 48 // Estimated disk usage at this revision 49 DiskUsage uint64 50 // Estimated MD disk usage at this revision 51 MDDiskUsage uint64 `codec:",omitempty"` 52 // The total number of bytes in new data blocks 53 RefBytes uint64 54 // The total number of bytes in unreferenced blocks 55 UnrefBytes uint64 56 // The total number of bytes in new MD blocks 57 MDRefBytes uint64 `codec:",omitempty"` 58 59 codec.UnknownFieldSetHandler 60 } 61 62 // RootMetadataV3 is the MD that is signed by the reader or 63 // writer. Unlike RootMetadata, it contains exactly the serializable 64 // metadata. 65 type RootMetadataV3 struct { 66 // The metadata that is only editable by the writer. 67 WriterMetadata WriterMetadataV3 `codec:"wmd"` 68 69 // The last KB user who modified this RootMetadata 70 LastModifyingUser keybase1.UID 71 // Flags 72 Flags MetadataFlags 73 // The revision number 74 Revision Revision 75 // Pointer to the previous root block ID 76 PrevRoot ID 77 78 // For private TLFs. Any unresolved social assertions for readers. 79 UnresolvedReaders []keybase1.SocialAssertion `codec:"ur,omitempty"` 80 // Pointer to the reader key bundle for private TLFs. 81 RKeyBundleID TLFReaderKeyBundleID `codec:"rkid"` 82 83 // ConflictInfo is set if there's a conflict for the given folder's 84 // handle after a social assertion resolution. 85 ConflictInfo *tlf.HandleExtension `codec:"ci,omitempty"` 86 // FinalizedInfo is set if there are no more valid writer keys capable 87 // of writing to the given folder. 88 FinalizedInfo *tlf.HandleExtension `codec:"fi,omitempty"` 89 90 // KBMerkleRoot is now DEPRECATED, and shouldn't be relied on for 91 // future features. Below is the original text for historians: 92 // 93 // The root of the global Keybase Merkle tree at the time this 94 // update was created (from the writer's perspective). This field 95 // was added to V3 after it was live for a while, and older 96 // clients that don't know about this field yet might copy it into 97 // new updates via the unknown fields copier. Which means new MD 98 // updates might end up referring to older Merkle roots. That's 99 // ok since this is just a hint anyway, and shouldn't be fully 100 // trusted when checking MD updates against the Merkle tree. 101 // NOTE: this is a pointer in order to get the correct "omitempty" 102 // behavior, so that old MDs are still verifiable. 103 KBMerkleRoot *keybase1.MerkleRootV2 `codec:"mr,omitempty"` 104 105 codec.UnknownFieldSetHandler 106 } 107 108 // TODO: Use pkg/errors instead. 109 type missingKeyBundlesError struct { 110 stack []uintptr 111 } 112 113 func (e missingKeyBundlesError) Error() string { 114 s := "Missing key bundles: \n" 115 for _, pc := range e.stack { 116 f := goerrors.NewStackFrame(pc) 117 s += f.String() 118 } 119 return s 120 } 121 122 func makeMissingKeyBundlesError() missingKeyBundlesError { 123 stack := make([]uintptr, 20) 124 n := runtime.Callers(2, stack) 125 return missingKeyBundlesError{stack[:n]} 126 } 127 128 // ExtraMetadataV3 contains references to key bundles stored outside of metadata 129 // blocks. This only ever exists in memory and is never serialized itself. 130 type ExtraMetadataV3 struct { 131 wkb TLFWriterKeyBundleV3 132 rkb TLFReaderKeyBundleV3 133 // Set if wkb is new and should be sent to the server on an MD 134 // put. 135 wkbNew bool 136 // Set if rkb is new and should be sent to the server on an MD 137 // put. 138 rkbNew bool 139 } 140 141 // NewExtraMetadataV3 creates a new ExtraMetadataV3 given a pair of key bundles 142 func NewExtraMetadataV3( 143 wkb TLFWriterKeyBundleV3, rkb TLFReaderKeyBundleV3, 144 wkbNew, rkbNew bool) *ExtraMetadataV3 { 145 return &ExtraMetadataV3{wkb, rkb, wkbNew, rkbNew} 146 } 147 148 // MetadataVersion implements the ExtraMetadata interface for ExtraMetadataV3. 149 func (extra ExtraMetadataV3) MetadataVersion() MetadataVer { 150 return SegregatedKeyBundlesVer 151 } 152 153 func (extra *ExtraMetadataV3) updateNew(wkbNew, rkbNew bool) { 154 extra.wkbNew = extra.wkbNew || wkbNew 155 extra.rkbNew = extra.rkbNew || rkbNew 156 } 157 158 // DeepCopy implements the ExtraMetadata interface for ExtraMetadataV3. 159 func (extra ExtraMetadataV3) DeepCopy(codec kbfscodec.Codec) ( 160 ExtraMetadata, error) { 161 wkb, err := extra.wkb.DeepCopy(codec) 162 if err != nil { 163 return nil, err 164 } 165 rkb, err := extra.rkb.DeepCopy(codec) 166 if err != nil { 167 return nil, err 168 } 169 return NewExtraMetadataV3(wkb, rkb, extra.wkbNew, extra.rkbNew), nil 170 } 171 172 // MakeSuccessorCopy implements the ExtraMetadata interface for ExtraMetadataV3. 173 func (extra ExtraMetadataV3) MakeSuccessorCopy(codec kbfscodec.Codec) ( 174 ExtraMetadata, error) { 175 wkb, err := extra.wkb.DeepCopy(codec) 176 if err != nil { 177 return nil, err 178 } 179 rkb, err := extra.rkb.DeepCopy(codec) 180 if err != nil { 181 return nil, err 182 } 183 return NewExtraMetadataV3(wkb, rkb, false, false), nil 184 } 185 186 // GetWriterKeyBundle returns the contained writer key bundle. 187 func (extra ExtraMetadataV3) GetWriterKeyBundle() TLFWriterKeyBundleV3 { 188 return extra.wkb 189 } 190 191 // GetReaderKeyBundle returns the contained reader key bundle. 192 func (extra ExtraMetadataV3) GetReaderKeyBundle() TLFReaderKeyBundleV3 { 193 return extra.rkb 194 } 195 196 // IsWriterKeyBundleNew returns whether or not the writer key bundle 197 // is new and should be sent to the server on an MD put. 198 func (extra ExtraMetadataV3) IsWriterKeyBundleNew() bool { 199 return extra.wkbNew 200 } 201 202 // IsReaderKeyBundleNew returns whether or not the reader key bundle 203 // is new and should be sent to the server on an MD put. 204 func (extra ExtraMetadataV3) IsReaderKeyBundleNew() bool { 205 return extra.rkbNew 206 } 207 208 // MakeInitialRootMetadataV3 creates a new RootMetadataV3 object with 209 // revision RevisionInitial, and the given TLF ID and handle. Note 210 // that if the given ID/handle are private, rekeying must be done 211 // separately. Since they are data-compatible, this also creates V4 212 // MD objects. 213 func MakeInitialRootMetadataV3(tlfID tlf.ID, h tlf.Handle) ( 214 *RootMetadataV3, error) { 215 switch { 216 case h.TypeForKeying() == tlf.TeamKeying && 217 tlfID.Type() == tlf.SingleTeam && h.Type() != tlf.SingleTeam: 218 fallthrough 219 case h.TypeForKeying() != tlf.TeamKeying && tlfID.Type() != h.Type(): 220 return nil, errors.New("TlfID and TlfHandle disagree on TLF type") 221 default: 222 } 223 224 var writers []keybase1.UserOrTeamID 225 if h.TypeForKeying() != tlf.PrivateKeying { 226 writers = make([]keybase1.UserOrTeamID, len(h.Writers)) 227 copy(writers, h.Writers) 228 } 229 230 var unresolvedWriters, unresolvedReaders []keybase1.SocialAssertion 231 if len(h.UnresolvedWriters) > 0 { 232 unresolvedWriters = make( 233 []keybase1.SocialAssertion, len(h.UnresolvedWriters)) 234 copy(unresolvedWriters, h.UnresolvedWriters) 235 } 236 237 if len(h.UnresolvedReaders) > 0 { 238 unresolvedReaders = make( 239 []keybase1.SocialAssertion, len(h.UnresolvedReaders)) 240 copy(unresolvedReaders, h.UnresolvedReaders) 241 } 242 243 return &RootMetadataV3{ 244 WriterMetadata: WriterMetadataV3{ 245 Writers: writers, 246 ID: tlfID, 247 UnresolvedWriters: unresolvedWriters, 248 }, 249 Revision: RevisionInitial, 250 UnresolvedReaders: unresolvedReaders, 251 // Normally an MD wouldn't start out with extensions, but this 252 // is useful for tests. 253 ConflictInfo: h.ConflictInfo, 254 FinalizedInfo: h.FinalizedInfo, 255 }, nil 256 } 257 258 // TlfID implements the RootMetadata interface for RootMetadataV3. 259 func (md *RootMetadataV3) TlfID() tlf.ID { 260 return md.WriterMetadata.ID 261 } 262 263 // KeyGenerationsToUpdate implements the RootMetadata interface 264 // for RootMetadataV3. 265 func (md *RootMetadataV3) KeyGenerationsToUpdate() (KeyGen, KeyGen) { 266 latest := md.LatestKeyGeneration() 267 if latest < FirstValidKeyGen { 268 return 0, 0 269 } 270 // We only keep track of the latest key generation in extra. 271 return latest, latest + 1 272 } 273 274 // LatestKeyGeneration implements the RootMetadata interface for 275 // RootMetadataV3. 276 func (md *RootMetadataV3) LatestKeyGeneration() KeyGen { 277 if md.TypeForKeying() == tlf.PublicKeying { 278 return PublicKeyGen 279 } 280 return md.WriterMetadata.LatestKeyGen 281 } 282 283 func (md *RootMetadataV3) haveOnlyUserRKeysChanged( 284 codec kbfscodec.Codec, prevMD *RootMetadataV3, 285 user keybase1.UID, prevRkb, rkb TLFReaderKeyBundleV3) (bool, error) { 286 if len(rkb.Keys) != len(prevRkb.Keys) { 287 return false, nil 288 } 289 for u, keys := range rkb.Keys { 290 if u != user { 291 prevKeys := prevRkb.Keys[u] 292 keysEqual, err := kbfscodec.Equal(codec, keys, prevKeys) 293 if err != nil { 294 return false, err 295 } 296 if !keysEqual { 297 return false, nil 298 } 299 } 300 } 301 return true, nil 302 } 303 304 // IsValidRekeyRequest implements the RootMetadata interface for RootMetadataV3. 305 func (md *RootMetadataV3) IsValidRekeyRequest( 306 codec kbfscodec.Codec, prevBareMd RootMetadata, 307 user keybase1.UID, prevExtra, extra ExtraMetadata) ( 308 bool, error) { 309 if !md.IsWriterMetadataCopiedSet() { 310 // Not a copy. 311 return false, nil 312 } 313 prevMd, ok := prevBareMd.(*RootMetadataV3) 314 if !ok { 315 // Not the same type so not a copy. 316 return false, nil 317 } 318 prevExtraV3, ok := prevExtra.(*ExtraMetadataV3) 319 if !ok { 320 return false, errors.New("Invalid previous extra metadata") 321 } 322 extraV3, ok := extra.(*ExtraMetadataV3) 323 if !ok { 324 return false, errors.New("Invalid extra metadata") 325 } 326 writerEqual, err := kbfscodec.Equal( 327 codec, md.WriterMetadata, prevMd.WriterMetadata) 328 if err != nil { 329 return false, err 330 } 331 if !writerEqual { 332 // Copy mismatch. 333 return false, nil 334 } 335 onlyUserRKeysChanged, err := md.haveOnlyUserRKeysChanged( 336 codec, prevMd, user, prevExtraV3.rkb, extraV3.rkb) 337 if err != nil { 338 return false, err 339 } 340 if !onlyUserRKeysChanged { 341 // Keys outside of this user's reader key set have changed. 342 return false, nil 343 } 344 return true, nil 345 } 346 347 // MergedStatus implements the RootMetadata interface for RootMetadataV3. 348 func (md *RootMetadataV3) MergedStatus() MergeStatus { 349 if md.WriterMetadata.WFlags&MetadataFlagUnmerged != 0 { 350 return Unmerged 351 } 352 return Merged 353 } 354 355 // IsRekeySet implements the RootMetadata interface for RootMetadataV3. 356 func (md *RootMetadataV3) IsRekeySet() bool { 357 return md.Flags&MetadataFlagRekey != 0 358 } 359 360 // IsWriterMetadataCopiedSet implements the RootMetadata interface for RootMetadataV3. 361 func (md *RootMetadataV3) IsWriterMetadataCopiedSet() bool { 362 return md.Flags&MetadataFlagWriterMetadataCopied != 0 363 } 364 365 // IsFinal implements the RootMetadata interface for RootMetadataV3. 366 func (md *RootMetadataV3) IsFinal() bool { 367 return md.Flags&MetadataFlagFinal != 0 368 } 369 370 func (md *RootMetadataV3) checkNonPrivateExtra(extra ExtraMetadata) error { 371 if md.TypeForKeying() == tlf.PrivateKeying { 372 return errors.New("checkNonPrivateExtra called on private TLF") 373 } 374 375 if extra != nil { 376 return errors.Errorf("Expected nil, got %T", extra) 377 } 378 379 return nil 380 } 381 382 func (md *RootMetadataV3) getTLFKeyBundles(extra ExtraMetadata) ( 383 *TLFWriterKeyBundleV3, *TLFReaderKeyBundleV3, error) { 384 if md.TypeForKeying() != tlf.PrivateKeying { 385 return nil, nil, InvalidNonPrivateTLFOperation{ 386 md.TlfID(), "getTLFKeyBundles", md.Version(), 387 } 388 } 389 390 if extra == nil { 391 return nil, nil, makeMissingKeyBundlesError() 392 } 393 394 extraV3, ok := extra.(*ExtraMetadataV3) 395 if !ok { 396 return nil, nil, errors.Errorf( 397 "Expected *ExtraMetadataV3, got %T", extra) 398 } 399 400 return &extraV3.wkb, &extraV3.rkb, nil 401 } 402 403 // GetTLFKeyBundlesForTest returns the writer and reader key bundles 404 // from extra. 405 func (md *RootMetadataV3) GetTLFKeyBundlesForTest(extra ExtraMetadata) ( 406 *TLFWriterKeyBundleV3, *TLFReaderKeyBundleV3, error) { 407 return md.getTLFKeyBundles(extra) 408 } 409 410 func (md *RootMetadataV3) isNonTeamWriter( 411 ctx context.Context, user keybase1.UID, 412 cryptKey kbfscrypto.CryptPublicKey, extra ExtraMetadata) (bool, error) { 413 switch md.TlfID().Type() { 414 case tlf.Public: 415 err := md.checkNonPrivateExtra(extra) 416 if err != nil { 417 return false, err 418 } 419 420 for _, w := range md.WriterMetadata.Writers { 421 if w == user.AsUserOrTeam() { 422 return true, nil 423 } 424 } 425 return false, nil 426 case tlf.Private: 427 wkb, _, err := md.getTLFKeyBundles(extra) 428 if err != nil { 429 return false, err 430 } 431 return wkb.IsWriter(user, cryptKey), nil 432 default: 433 return false, errors.Errorf("Unknown TLF type: %s", md.TlfID().Type()) 434 } 435 } 436 437 // IsWriter implements the RootMetadata interface for RootMetadataV3. 438 func (md *RootMetadataV3) IsWriter( 439 ctx context.Context, user keybase1.UID, 440 cryptKey kbfscrypto.CryptPublicKey, verifyingKey kbfscrypto.VerifyingKey, 441 teamMemChecker TeamMembershipChecker, extra ExtraMetadata, 442 offline keybase1.OfflineAvailability) (bool, error) { 443 switch md.TypeForKeying() { 444 case tlf.TeamKeying: 445 err := md.checkNonPrivateExtra(extra) 446 if err != nil { 447 return false, err 448 } 449 450 tid, err := md.WriterMetadata.Writers[0].AsTeam() 451 if err != nil { 452 return false, err 453 } 454 455 // TODO: Eventually this will have to use a Merkle sequence 456 // number to check historic versions. 457 isWriter, err := teamMemChecker.IsTeamWriter( 458 ctx, tid, user, verifyingKey, offline) 459 if err != nil { 460 return false, err 461 } 462 return isWriter, nil 463 default: 464 return md.isNonTeamWriter(ctx, user, cryptKey, extra) 465 } 466 } 467 468 // IsReader implements the RootMetadata interface for RootMetadataV3. 469 func (md *RootMetadataV3) IsReader( 470 ctx context.Context, user keybase1.UID, 471 cryptKey kbfscrypto.CryptPublicKey, teamMemChecker TeamMembershipChecker, 472 extra ExtraMetadata, offline keybase1.OfflineAvailability) (bool, error) { 473 switch md.TypeForKeying() { 474 case tlf.PublicKeying: 475 err := md.checkNonPrivateExtra(extra) 476 if err != nil { 477 return false, err 478 } 479 return true, nil 480 case tlf.PrivateKeying: 481 // Writers are also readers. 482 isWriter, err := md.isNonTeamWriter(ctx, user, cryptKey, extra) 483 if err != nil { 484 return false, err 485 } 486 if isWriter { 487 return true, nil 488 } 489 490 _, rkb, err := md.getTLFKeyBundles(extra) 491 if err != nil { 492 return false, err 493 } 494 return rkb.IsReader(user, cryptKey), nil 495 case tlf.TeamKeying: 496 err := md.checkNonPrivateExtra(extra) 497 if err != nil { 498 return false, err 499 } 500 501 tid, err := md.WriterMetadata.Writers[0].AsTeam() 502 if err != nil { 503 return false, err 504 } 505 506 if tid.IsPublic() { 507 return true, nil 508 } 509 510 // TODO: Eventually this will have to use a Merkle sequence 511 // number to check historic versions. 512 isReader, err := teamMemChecker.IsTeamReader(ctx, tid, user, offline) 513 if err != nil { 514 return false, err 515 } 516 return isReader, nil 517 default: 518 panic(fmt.Sprintf("Unknown TLF keying type: %s", md.TypeForKeying())) 519 } 520 } 521 522 // DeepCopy implements the RootMetadata interface for RootMetadataV3. 523 func (md *RootMetadataV3) DeepCopy( 524 codec kbfscodec.Codec) (MutableRootMetadata, error) { 525 var newMd RootMetadataV3 526 if err := kbfscodec.Update(codec, &newMd, md); err != nil { 527 return nil, err 528 } 529 return &newMd, nil 530 } 531 532 // MakeSuccessorCopy implements the ImmutableRootMetadata interface for RootMetadataV3. 533 func (md *RootMetadataV3) MakeSuccessorCopy( 534 codec kbfscodec.Codec, extra ExtraMetadata, _ MetadataVer, 535 _ func() ([]kbfscrypto.TLFCryptKey, error), isReadableAndWriter bool) ( 536 MutableRootMetadata, ExtraMetadata, error) { 537 var extraCopy ExtraMetadata 538 if extra != nil { 539 var err error 540 extraCopy, err = extra.MakeSuccessorCopy(codec) 541 if err != nil { 542 return nil, nil, err 543 } 544 } 545 mdCopy, err := md.DeepCopy(codec) 546 if err != nil { 547 return nil, nil, err 548 } 549 // TODO: If there is ever a RootMetadataV4 this will need to perform the conversion. 550 return mdCopy, extraCopy, nil 551 } 552 553 // CheckValidSuccessor implements the RootMetadata interface for RootMetadataV3. 554 func (md *RootMetadataV3) CheckValidSuccessor( 555 currID ID, nextMd RootMetadata) error { 556 // (1) Verify current metadata is non-final. 557 if md.IsFinal() { 558 return MetadataIsFinalError{} 559 } 560 561 // (2) Check TLF ID. 562 if nextMd.TlfID() != md.TlfID() { 563 return MDTlfIDMismatch{ 564 CurrID: md.TlfID(), 565 NextID: nextMd.TlfID(), 566 } 567 } 568 569 // (3) Check revision. 570 if nextMd.RevisionNumber() != md.RevisionNumber()+1 { 571 return MDRevisionMismatch{ 572 Rev: nextMd.RevisionNumber(), 573 Curr: md.RevisionNumber(), 574 } 575 } 576 577 // (4) Check PrevRoot pointer. 578 expectedPrevRoot := currID 579 if nextMd.IsFinal() { 580 expectedPrevRoot = md.GetPrevRoot() 581 } 582 if nextMd.GetPrevRoot() != expectedPrevRoot { 583 return MDPrevRootMismatch{ 584 prevRoot: nextMd.GetPrevRoot(), 585 expectedPrevRoot: expectedPrevRoot, 586 } 587 } 588 589 // (5) Check branch ID. 590 if md.MergedStatus() == nextMd.MergedStatus() && md.BID() != nextMd.BID() { 591 return errors.Errorf("Unexpected branch ID on successor: %s vs. %s", 592 md.BID(), nextMd.BID()) 593 } else if md.MergedStatus() == Unmerged && nextMd.MergedStatus() == Merged { 594 return errors.New("merged MD can't follow unmerged MD") 595 } 596 597 // (6) Check disk usage. 598 expectedUsage := md.DiskUsage() 599 if !nextMd.IsWriterMetadataCopiedSet() { 600 expectedUsage += nextMd.RefBytes() - nextMd.UnrefBytes() 601 } 602 if nextMd.DiskUsage() != expectedUsage { 603 return MDDiskUsageMismatch{ 604 expectedDiskUsage: expectedUsage, 605 actualDiskUsage: nextMd.DiskUsage(), 606 } 607 } 608 expectedMDUsage := md.MDDiskUsage() 609 if !nextMd.IsWriterMetadataCopiedSet() { 610 expectedMDUsage += nextMd.MDRefBytes() 611 } 612 // Add an exception for the case where MDRefBytes is equal, since 613 // it probably indicates an older client just copied the previous 614 // MDRefBytes value as an unknown field. 615 if nextMd.MDDiskUsage() != expectedMDUsage && 616 md.MDRefBytes() != nextMd.MDRefBytes() { 617 return MDDiskUsageMismatch{ 618 expectedDiskUsage: expectedMDUsage, 619 actualDiskUsage: nextMd.MDDiskUsage(), 620 } 621 } 622 623 // TODO: Check that the successor (bare) TLF handle is the 624 // same or more resolved. 625 626 return nil 627 } 628 629 // CheckValidSuccessorForServer implements the RootMetadata interface for RootMetadataV3. 630 func (md *RootMetadataV3) CheckValidSuccessorForServer( 631 currID ID, nextMd RootMetadata) error { 632 err := md.CheckValidSuccessor(currID, nextMd) 633 switch err := err.(type) { 634 case nil: 635 break 636 637 case MDRevisionMismatch: 638 return ServerErrorConflictRevision{ 639 Expected: err.Curr + 1, 640 Actual: err.Rev, 641 } 642 643 case MDPrevRootMismatch: 644 return ServerErrorConflictPrevRoot{ 645 Expected: err.expectedPrevRoot, 646 Actual: err.prevRoot, 647 } 648 649 case MDDiskUsageMismatch: 650 return ServerErrorConflictDiskUsage{ 651 Expected: err.expectedDiskUsage, 652 Actual: err.actualDiskUsage, 653 } 654 655 default: 656 return ServerError{Err: err} 657 } 658 659 return nil 660 } 661 662 // isBackedByTeam returns true if md is for a TLF backed by a team. It could be 663 // either a SingleTeam TLF or a private/public TLF backed by an implicit team. 664 func (md *RootMetadataV3) isBackedByTeam() bool { 665 if len(md.WriterMetadata.UnresolvedWriters) != 0 { 666 return false 667 } 668 if len(md.WriterMetadata.Writers) != 1 { 669 return false 670 } 671 if !md.WriterMetadata.Writers[0].IsTeamOrSubteam() { 672 return false 673 } 674 return true 675 } 676 677 // TypeForKeying implements the RootMetadata interface for RootMetadataV3. 678 func (md *RootMetadataV3) TypeForKeying() tlf.KeyingType { 679 if md.isBackedByTeam() { 680 return tlf.TeamKeying 681 } 682 return md.TlfID().Type().ToKeyingType() 683 } 684 685 // MakeBareTlfHandle implements the RootMetadata interface for RootMetadataV3. 686 func (md *RootMetadataV3) MakeBareTlfHandle(extra ExtraMetadata) ( 687 tlf.Handle, error) { 688 var writers, readers []keybase1.UserOrTeamID 689 if md.TypeForKeying() == tlf.PrivateKeying { 690 wkb, rkb, err := md.getTLFKeyBundles(extra) 691 if err != nil { 692 return tlf.Handle{}, err 693 } 694 writers = make([]keybase1.UserOrTeamID, 0, len(wkb.Keys)) 695 readers = make([]keybase1.UserOrTeamID, 0, len(rkb.Keys)) 696 for w := range wkb.Keys { 697 writers = append(writers, w.AsUserOrTeam()) 698 } 699 for r := range rkb.Keys { 700 // TODO: Return an error instead if r is 701 // PublicUID. Maybe return an error if r is in 702 // WKeys also. Or do all this in 703 // MakeBareTlfHandle. 704 if _, ok := wkb.Keys[r]; !ok && 705 r != keybase1.PublicUID { 706 readers = append(readers, r.AsUserOrTeam()) 707 } 708 } 709 } else { 710 err := md.checkNonPrivateExtra(extra) 711 if err != nil { 712 return tlf.Handle{}, err 713 } 714 715 writers = md.WriterMetadata.Writers 716 if md.TypeForKeying() == tlf.PublicKeying { 717 readers = []keybase1.UserOrTeamID{keybase1.PublicUID.AsUserOrTeam()} 718 } 719 } 720 721 return tlf.MakeHandle( 722 writers, readers, 723 md.WriterMetadata.UnresolvedWriters, md.UnresolvedReaders, 724 md.TlfHandleExtensions()) 725 } 726 727 // TlfHandleExtensions implements the RootMetadata interface for RootMetadataV3. 728 func (md *RootMetadataV3) TlfHandleExtensions() ( 729 extensions []tlf.HandleExtension) { 730 if md.ConflictInfo != nil { 731 extensions = append(extensions, *md.ConflictInfo) 732 } 733 if md.FinalizedInfo != nil { 734 extensions = append(extensions, *md.FinalizedInfo) 735 } 736 return extensions 737 } 738 739 // PromoteReaders implements the RootMetadata interface for 740 // RootMetadataV3. 741 func (md *RootMetadataV3) PromoteReaders( 742 readersToPromote map[keybase1.UID]bool, extra ExtraMetadata) error { 743 if md.TypeForKeying() != tlf.PrivateKeying { 744 return InvalidNonPrivateTLFOperation{md.TlfID(), "PromoteReaders", md.Version()} 745 } 746 747 if len(readersToPromote) == 0 { 748 return nil 749 } 750 751 wkb, rkb, err := md.getTLFKeyBundles(extra) 752 if err != nil { 753 return err 754 } 755 756 for reader := range readersToPromote { 757 dkim, ok := rkb.Keys[reader] 758 if !ok { 759 return errors.Errorf("Could not find %s in rkb", reader) 760 } 761 // TODO: This is incorrect, since dkim contains offsets info 762 // rkb.TLFEphemeralPublicKeys, which don't directly translate 763 // to offsets into wkb.TLFEphemeralPublicKeys. 764 // 765 // Also, doing this may leave some entries in 766 // rkb.TLFEphemeralPublicKeys unreferenced, so they should be 767 // removed. 768 // 769 // See KBFS-1719. 770 wkb.Keys[reader] = dkim 771 delete(rkb.Keys, reader) 772 } 773 return nil 774 } 775 776 // RevokeRemovedDevices implements the RootMetadata interface for 777 // RootMetadataV3. 778 func (md *RootMetadataV3) RevokeRemovedDevices( 779 updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys, 780 extra ExtraMetadata) (ServerHalfRemovalInfo, error) { 781 if md.TypeForKeying() != tlf.PrivateKeying { 782 return nil, InvalidNonPrivateTLFOperation{ 783 md.TlfID(), "RevokeRemovedDevices", md.Version()} 784 } 785 786 wkb, rkb, err := md.getTLFKeyBundles(extra) 787 if err != nil { 788 return nil, err 789 } 790 791 wRemovalInfo := wkb.Keys.RemoveDevicesNotIn(updatedWriterKeys) 792 rRemovalInfo := rkb.Keys.RemoveDevicesNotIn(updatedReaderKeys) 793 return wRemovalInfo.MergeUsers(rRemovalInfo) 794 } 795 796 // GetUserDevicePublicKeys implements the RootMetadata interface 797 // for RootMetadataV3. 798 func (md *RootMetadataV3) GetUserDevicePublicKeys(extra ExtraMetadata) ( 799 writerDeviceKeys, readerDeviceKeys UserDevicePublicKeys, err error) { 800 if md.TypeForKeying() != tlf.PrivateKeying { 801 return nil, nil, InvalidNonPrivateTLFOperation{ 802 md.TlfID(), "GetUserDevicePublicKeys", md.Version()} 803 } 804 805 wkb, rkb, err := md.getTLFKeyBundles(extra) 806 if err != nil { 807 return nil, nil, err 808 } 809 810 return wkb.Keys.ToPublicKeys(), rkb.Keys.ToPublicKeys(), nil 811 } 812 813 // GetTLFCryptKeyParams implements the RootMetadata interface for RootMetadataV3. 814 func (md *RootMetadataV3) GetTLFCryptKeyParams( 815 keyGen KeyGen, user keybase1.UID, 816 key kbfscrypto.CryptPublicKey, extra ExtraMetadata) ( 817 kbfscrypto.TLFEphemeralPublicKey, 818 kbfscrypto.EncryptedTLFCryptKeyClientHalf, 819 kbfscrypto.TLFCryptKeyServerHalfID, bool, error) { 820 if keyGen != md.LatestKeyGeneration() { 821 return kbfscrypto.TLFEphemeralPublicKey{}, 822 kbfscrypto.EncryptedTLFCryptKeyClientHalf{}, 823 kbfscrypto.TLFCryptKeyServerHalfID{}, false, 824 TLFCryptKeyNotPerDeviceEncrypted{md.TlfID(), keyGen} 825 } 826 wkb, rkb, err := md.getTLFKeyBundles(extra) 827 if err != nil { 828 return kbfscrypto.TLFEphemeralPublicKey{}, 829 kbfscrypto.EncryptedTLFCryptKeyClientHalf{}, 830 kbfscrypto.TLFCryptKeyServerHalfID{}, false, err 831 } 832 isWriter := true 833 dkim := wkb.Keys[user] 834 if dkim == nil { 835 dkim = rkb.Keys[user] 836 if dkim == nil { 837 return kbfscrypto.TLFEphemeralPublicKey{}, 838 kbfscrypto.EncryptedTLFCryptKeyClientHalf{}, 839 kbfscrypto.TLFCryptKeyServerHalfID{}, false, nil 840 } 841 isWriter = false 842 } 843 info, ok := dkim[key] 844 if !ok { 845 return kbfscrypto.TLFEphemeralPublicKey{}, 846 kbfscrypto.EncryptedTLFCryptKeyClientHalf{}, 847 kbfscrypto.TLFCryptKeyServerHalfID{}, false, nil 848 } 849 850 var publicKeys kbfscrypto.TLFEphemeralPublicKeys 851 var keyType string 852 if isWriter { 853 publicKeys = wkb.TLFEphemeralPublicKeys 854 keyType = "writer" 855 } else { 856 publicKeys = rkb.TLFEphemeralPublicKeys 857 keyType = "reader" 858 } 859 keyCount := len(publicKeys) 860 index := info.EPubKeyIndex 861 if index >= keyCount { 862 return kbfscrypto.TLFEphemeralPublicKey{}, 863 kbfscrypto.EncryptedTLFCryptKeyClientHalf{}, 864 kbfscrypto.TLFCryptKeyServerHalfID{}, false, 865 errors.Errorf("Invalid %s key index %d >= %d", 866 keyType, index, keyCount) 867 } 868 return publicKeys[index], info.ClientHalf, info.ServerHalfID, true, nil 869 } 870 871 // CheckWKBID returns an error if the ID of the given writer key 872 // bundle doesn't match the given one. 873 func CheckWKBID(codec kbfscodec.Codec, 874 wkbID TLFWriterKeyBundleID, wkb TLFWriterKeyBundleV3) error { 875 computedWKBID, err := MakeTLFWriterKeyBundleID(codec, wkb) 876 if err != nil { 877 return err 878 } 879 880 if wkbID != computedWKBID { 881 return errors.Errorf("Expected WKB ID %s, got %s", 882 wkbID, computedWKBID) 883 } 884 885 return nil 886 } 887 888 // CheckRKBID returns an error if the ID of the given reader key 889 // bundle doesn't match the given one. 890 func CheckRKBID(codec kbfscodec.Codec, 891 rkbID TLFReaderKeyBundleID, rkb TLFReaderKeyBundleV3) error { 892 computedRKBID, err := MakeTLFReaderKeyBundleID(codec, rkb) 893 if err != nil { 894 return err 895 } 896 897 if rkbID != computedRKBID { 898 return errors.Errorf("Expected RKB ID %s, got %s", 899 rkbID, computedRKBID) 900 } 901 902 return nil 903 } 904 905 // IsValidAndSigned implements the RootMetadata interface for RootMetadataV3. 906 func (md *RootMetadataV3) IsValidAndSigned( 907 ctx context.Context, codec kbfscodec.Codec, 908 teamMemChecker TeamMembershipChecker, extra ExtraMetadata, 909 writerVerifyingKey kbfscrypto.VerifyingKey, 910 offline keybase1.OfflineAvailability) error { 911 if md.TypeForKeying() == tlf.PrivateKeying { 912 wkb, rkb, err := md.getTLFKeyBundles(extra) 913 if err != nil { 914 return err 915 } 916 917 err = CheckWKBID(codec, md.GetTLFWriterKeyBundleID(), *wkb) 918 if err != nil { 919 return err 920 } 921 922 err = CheckRKBID(codec, md.GetTLFReaderKeyBundleID(), *rkb) 923 if err != nil { 924 return err 925 } 926 } else { 927 err := md.checkNonPrivateExtra(extra) 928 if err != nil { 929 return err 930 } 931 } 932 933 if md.IsFinal() { 934 if md.Revision < RevisionInitial+1 { 935 return errors.Errorf("Invalid final revision %d", md.Revision) 936 } 937 938 if md.Revision == (RevisionInitial + 1) { 939 if md.PrevRoot != (ID{}) { 940 return errors.Errorf("Invalid PrevRoot %s for initial final revision", md.PrevRoot) 941 } 942 } else { 943 if md.PrevRoot == (ID{}) { 944 return errors.New("No PrevRoot for non-initial final revision") 945 } 946 } 947 } else { 948 if md.Revision < RevisionInitial { 949 return errors.Errorf("Invalid revision %d", md.Revision) 950 } 951 952 if md.Revision == RevisionInitial { 953 if md.PrevRoot != (ID{}) { 954 return errors.Errorf("Invalid PrevRoot %s for initial revision", md.PrevRoot) 955 } 956 } else { 957 if md.PrevRoot == (ID{}) { 958 return errors.New("No PrevRoot for non-initial revision") 959 } 960 } 961 } 962 963 if len(md.WriterMetadata.SerializedPrivateMetadata) == 0 { 964 return errors.New("No private metadata") 965 } 966 967 if (md.MergedStatus() == Merged) != (md.BID() == NullBranchID) { 968 return errors.Errorf("Branch ID %s doesn't match merged status %s", 969 md.BID(), md.MergedStatus()) 970 } 971 972 handle, err := md.MakeBareTlfHandle(extra) 973 if err != nil { 974 return err 975 } 976 977 writer := md.LastModifyingWriter() 978 user := md.LastModifyingUser 979 var isWriter, isReader bool 980 if md.TypeForKeying() == tlf.TeamKeying { 981 tid, err := md.WriterMetadata.Writers[0].AsTeam() 982 if err != nil { 983 return err 984 } 985 986 isWriter, err = teamMemChecker.IsTeamWriter( 987 ctx, tid, writer, writerVerifyingKey, offline) 988 if err != nil { 989 return err 990 } 991 992 isReader, err = teamMemChecker.IsTeamReader(ctx, tid, user, offline) 993 if err != nil { 994 return err 995 } 996 } else { 997 isWriter = handle.IsWriter(writer.AsUserOrTeam()) 998 isReader = handle.IsReader(user.AsUserOrTeam()) 999 } 1000 1001 // Make sure the last writer is valid. 1002 if !isWriter { 1003 return errors.Errorf("Invalid modifying writer %s", writer) 1004 } 1005 // Make sure the last modifier is valid. 1006 if !isReader { 1007 return errors.Errorf("Invalid modifying user %s", user) 1008 } 1009 1010 return nil 1011 } 1012 1013 // IsLastModifiedBy implements the RootMetadata interface for 1014 // RootMetadataV3. 1015 func (md *RootMetadataV3) IsLastModifiedBy( 1016 uid keybase1.UID, key kbfscrypto.VerifyingKey) error { 1017 // Verify the user and device are the writer. 1018 writer := md.LastModifyingWriter() 1019 if !md.IsWriterMetadataCopiedSet() { 1020 if writer != uid { 1021 return errors.Errorf("Last writer %s != %s", writer, uid) 1022 } 1023 } 1024 1025 // Verify the user and device are the last modifier. 1026 user := md.GetLastModifyingUser() 1027 if user != uid { 1028 return errors.Errorf("Last modifier %s != %s", user, uid) 1029 } 1030 1031 return nil 1032 } 1033 1034 // LastModifyingWriter implements the RootMetadata interface for RootMetadataV3. 1035 func (md *RootMetadataV3) LastModifyingWriter() keybase1.UID { 1036 return md.WriterMetadata.LastModifyingWriter 1037 } 1038 1039 // GetLastModifyingUser implements the RootMetadata interface for RootMetadataV3. 1040 func (md *RootMetadataV3) GetLastModifyingUser() keybase1.UID { 1041 return md.LastModifyingUser 1042 } 1043 1044 // RefBytes implements the RootMetadata interface for RootMetadataV3. 1045 func (md *RootMetadataV3) RefBytes() uint64 { 1046 return md.WriterMetadata.RefBytes 1047 } 1048 1049 // UnrefBytes implements the RootMetadata interface for RootMetadataV3. 1050 func (md *RootMetadataV3) UnrefBytes() uint64 { 1051 return md.WriterMetadata.UnrefBytes 1052 } 1053 1054 // MDRefBytes implements the RootMetadata interface for RootMetadataV3. 1055 func (md *RootMetadataV3) MDRefBytes() uint64 { 1056 return md.WriterMetadata.MDRefBytes 1057 } 1058 1059 // DiskUsage implements the RootMetadata interface for RootMetadataV3. 1060 func (md *RootMetadataV3) DiskUsage() uint64 { 1061 return md.WriterMetadata.DiskUsage 1062 } 1063 1064 // MDDiskUsage implements the RootMetadata interface for RootMetadataV3. 1065 func (md *RootMetadataV3) MDDiskUsage() uint64 { 1066 return md.WriterMetadata.MDDiskUsage 1067 } 1068 1069 // SetRefBytes implements the MutableRootMetadata interface for RootMetadataV3. 1070 func (md *RootMetadataV3) SetRefBytes(refBytes uint64) { 1071 md.WriterMetadata.RefBytes = refBytes 1072 } 1073 1074 // SetUnrefBytes implements the MutableRootMetadata interface for RootMetadataV3. 1075 func (md *RootMetadataV3) SetUnrefBytes(unrefBytes uint64) { 1076 md.WriterMetadata.UnrefBytes = unrefBytes 1077 } 1078 1079 // SetMDRefBytes implements the MutableRootMetadata interface for RootMetadataV3. 1080 func (md *RootMetadataV3) SetMDRefBytes(mdRefBytes uint64) { 1081 md.WriterMetadata.MDRefBytes = mdRefBytes 1082 } 1083 1084 // SetDiskUsage implements the MutableRootMetadata interface for RootMetadataV3. 1085 func (md *RootMetadataV3) SetDiskUsage(diskUsage uint64) { 1086 md.WriterMetadata.DiskUsage = diskUsage 1087 } 1088 1089 // SetMDDiskUsage implements the MutableRootMetadata interface for RootMetadataV3. 1090 func (md *RootMetadataV3) SetMDDiskUsage(mdDiskUsage uint64) { 1091 md.WriterMetadata.MDDiskUsage = mdDiskUsage 1092 } 1093 1094 // AddRefBytes implements the MutableRootMetadata interface for RootMetadataV3. 1095 func (md *RootMetadataV3) AddRefBytes(refBytes uint64) { 1096 md.WriterMetadata.RefBytes += refBytes 1097 } 1098 1099 // AddUnrefBytes implements the MutableRootMetadata interface for RootMetadataV3. 1100 func (md *RootMetadataV3) AddUnrefBytes(unrefBytes uint64) { 1101 md.WriterMetadata.UnrefBytes += unrefBytes 1102 } 1103 1104 // AddMDRefBytes implements the MutableRootMetadata interface for RootMetadataV3. 1105 func (md *RootMetadataV3) AddMDRefBytes(mdRefBytes uint64) { 1106 md.WriterMetadata.MDRefBytes += mdRefBytes 1107 } 1108 1109 // AddDiskUsage implements the MutableRootMetadata interface for RootMetadataV3. 1110 func (md *RootMetadataV3) AddDiskUsage(diskUsage uint64) { 1111 md.WriterMetadata.DiskUsage += diskUsage 1112 } 1113 1114 // AddMDDiskUsage implements the MutableRootMetadata interface for RootMetadataV3. 1115 func (md *RootMetadataV3) AddMDDiskUsage(mdDiskUsage uint64) { 1116 md.WriterMetadata.MDDiskUsage += mdDiskUsage 1117 } 1118 1119 // RevisionNumber implements the RootMetadata interface for RootMetadataV3. 1120 func (md *RootMetadataV3) RevisionNumber() Revision { 1121 return md.Revision 1122 } 1123 1124 // BID implements the RootMetadata interface for RootMetadataV3. 1125 func (md *RootMetadataV3) BID() BranchID { 1126 return md.WriterMetadata.BID 1127 } 1128 1129 // GetPrevRoot implements the RootMetadata interface for RootMetadataV3. 1130 func (md *RootMetadataV3) GetPrevRoot() ID { 1131 return md.PrevRoot 1132 } 1133 1134 // ClearRekeyBit implements the MutableRootMetadata interface for RootMetadataV3. 1135 func (md *RootMetadataV3) ClearRekeyBit() { 1136 md.Flags &= ^MetadataFlagRekey 1137 } 1138 1139 // ClearWriterMetadataCopiedBit implements the MutableRootMetadata interface for RootMetadataV3. 1140 func (md *RootMetadataV3) ClearWriterMetadataCopiedBit() { 1141 md.Flags &= ^MetadataFlagWriterMetadataCopied 1142 } 1143 1144 // IsUnmergedSet implements the MutableRootMetadata interface for RootMetadataV3. 1145 func (md *RootMetadataV3) IsUnmergedSet() bool { 1146 return (md.WriterMetadata.WFlags & MetadataFlagUnmerged) != 0 1147 } 1148 1149 // SetUnmerged implements the MutableRootMetadata interface for RootMetadataV3. 1150 func (md *RootMetadataV3) SetUnmerged() { 1151 md.WriterMetadata.WFlags |= MetadataFlagUnmerged 1152 } 1153 1154 // SetBranchID implements the MutableRootMetadata interface for RootMetadataV3. 1155 func (md *RootMetadataV3) SetBranchID(bid BranchID) { 1156 md.WriterMetadata.BID = bid 1157 } 1158 1159 // SetPrevRoot implements the MutableRootMetadata interface for RootMetadataV3. 1160 func (md *RootMetadataV3) SetPrevRoot(mdID ID) { 1161 md.PrevRoot = mdID 1162 } 1163 1164 // GetSerializedPrivateMetadata implements the RootMetadata interface for RootMetadataV3. 1165 func (md *RootMetadataV3) GetSerializedPrivateMetadata() []byte { 1166 return md.WriterMetadata.SerializedPrivateMetadata 1167 } 1168 1169 // SetSerializedPrivateMetadata implements the MutableRootMetadata interface for RootMetadataV3. 1170 func (md *RootMetadataV3) SetSerializedPrivateMetadata(spmd []byte) { 1171 md.WriterMetadata.SerializedPrivateMetadata = spmd 1172 } 1173 1174 // GetSerializedWriterMetadata implements the RootMetadata interface for RootMetadataV3. 1175 func (md *RootMetadataV3) GetSerializedWriterMetadata( 1176 codec kbfscodec.Codec) ([]byte, error) { 1177 return codec.Encode(md.WriterMetadata) 1178 } 1179 1180 // SignWriterMetadataInternally implements the MutableRootMetadata interface for RootMetadataV2. 1181 func (md *RootMetadataV3) SignWriterMetadataInternally( 1182 ctx context.Context, codec kbfscodec.Codec, 1183 signer kbfscrypto.Signer) error { 1184 // Nothing to do. 1185 // 1186 // TODO: Set a flag, and a way to check it so that we can 1187 // verify that this is called before sending to the server. 1188 return nil 1189 } 1190 1191 // SetLastModifyingWriter implements the MutableRootMetadata interface for RootMetadataV3. 1192 func (md *RootMetadataV3) SetLastModifyingWriter(user keybase1.UID) { 1193 md.WriterMetadata.LastModifyingWriter = user 1194 } 1195 1196 // SetLastModifyingUser implements the MutableRootMetadata interface for RootMetadataV3. 1197 func (md *RootMetadataV3) SetLastModifyingUser(user keybase1.UID) { 1198 md.LastModifyingUser = user 1199 } 1200 1201 // SetRekeyBit implements the MutableRootMetadata interface for RootMetadataV3. 1202 func (md *RootMetadataV3) SetRekeyBit() { 1203 md.Flags |= MetadataFlagRekey 1204 } 1205 1206 // SetFinalBit implements the MutableRootMetadata interface for RootMetadataV3. 1207 func (md *RootMetadataV3) SetFinalBit() { 1208 md.Flags |= MetadataFlagFinal 1209 } 1210 1211 // SetWriterMetadataCopiedBit implements the MutableRootMetadata interface for RootMetadataV3. 1212 func (md *RootMetadataV3) SetWriterMetadataCopiedBit() { 1213 md.Flags |= MetadataFlagWriterMetadataCopied 1214 } 1215 1216 // SetRevision implements the MutableRootMetadata interface for RootMetadataV3. 1217 func (md *RootMetadataV3) SetRevision(revision Revision) { 1218 md.Revision = revision 1219 } 1220 1221 func (md *RootMetadataV3) updateKeyBundles(codec kbfscodec.Codec, 1222 extra ExtraMetadata, 1223 updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys, 1224 ePubKey kbfscrypto.TLFEphemeralPublicKey, 1225 ePrivKey kbfscrypto.TLFEphemeralPrivateKey, 1226 tlfCryptKey kbfscrypto.TLFCryptKey) (UserDeviceKeyServerHalves, error) { 1227 if md.TypeForKeying() != tlf.PrivateKeying { 1228 return nil, InvalidNonPrivateTLFOperation{ 1229 md.TlfID(), "updateKeyBundles", md.Version()} 1230 } 1231 1232 wkb, rkb, err := md.getTLFKeyBundles(extra) 1233 if err != nil { 1234 return nil, err 1235 } 1236 1237 // No need to explicitly handle the reader rekey case. 1238 1239 var newWriterIndex int 1240 if len(updatedWriterKeys) > 0 { 1241 newWriterIndex = len(wkb.TLFEphemeralPublicKeys) 1242 } 1243 wServerHalves, err := wkb.Keys.FillInUserInfos( 1244 newWriterIndex, updatedWriterKeys, 1245 ePrivKey, tlfCryptKey) 1246 if err != nil { 1247 return nil, err 1248 } 1249 // If we didn't fill in any new writer infos, don't add a new 1250 // writer ephemeral key. 1251 if len(wServerHalves) > 0 { 1252 wkb.TLFEphemeralPublicKeys = 1253 append(wkb.TLFEphemeralPublicKeys, ePubKey) 1254 } 1255 1256 var newReaderIndex int 1257 if len(updatedReaderKeys) > 0 { 1258 newReaderIndex = len(rkb.TLFEphemeralPublicKeys) 1259 } 1260 rServerHalves, err := rkb.Keys.FillInUserInfos( 1261 newReaderIndex, updatedReaderKeys, 1262 ePrivKey, tlfCryptKey) 1263 if err != nil { 1264 return nil, err 1265 } 1266 // If we didn't fill in any new reader infos, don't add a new 1267 // reader ephemeral key. 1268 if len(rServerHalves) > 0 { 1269 rkb.TLFEphemeralPublicKeys = 1270 append(rkb.TLFEphemeralPublicKeys, ePubKey) 1271 } 1272 1273 return wServerHalves.MergeUsers(rServerHalves) 1274 } 1275 1276 // AddKeyGeneration implements the MutableRootMetadata interface 1277 // for RootMetadataV3. 1278 func (md *RootMetadataV3) AddKeyGeneration( 1279 codec kbfscodec.Codec, currExtra ExtraMetadata, 1280 updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys, 1281 ePubKey kbfscrypto.TLFEphemeralPublicKey, 1282 ePrivKey kbfscrypto.TLFEphemeralPrivateKey, 1283 pubKey kbfscrypto.TLFPublicKey, 1284 currCryptKey, nextCryptKey kbfscrypto.TLFCryptKey) ( 1285 nextExtra ExtraMetadata, 1286 serverHalves UserDeviceKeyServerHalves, err error) { 1287 if md.TypeForKeying() != tlf.PrivateKeying { 1288 return nil, nil, InvalidNonPrivateTLFOperation{ 1289 md.TlfID(), "AddKeyGeneration", md.Version()} 1290 } 1291 1292 if len(updatedWriterKeys) == 0 { 1293 return nil, nil, errors.New( 1294 "updatedWriterKeys unexpectedly empty") 1295 } 1296 1297 if nextCryptKey == (kbfscrypto.TLFCryptKey{}) { 1298 return nil, nil, errors.New("Zero next crypt key") 1299 } 1300 1301 latestKeyGen := md.LatestKeyGeneration() 1302 var encryptedHistoricKeys kbfscrypto.EncryptedTLFCryptKeys 1303 if currCryptKey == (kbfscrypto.TLFCryptKey{}) { 1304 if latestKeyGen >= FirstValidKeyGen { 1305 return nil, nil, errors.Errorf( 1306 "Zero current crypt key with latest key generation %d", 1307 latestKeyGen) 1308 } 1309 } else { 1310 currExtraV3, ok := currExtra.(*ExtraMetadataV3) 1311 if !ok { 1312 return nil, nil, errors.New("Invalid curr extra metadata") 1313 } 1314 1315 existingWriterKeys := currExtraV3.wkb.Keys.ToPublicKeys() 1316 if !existingWriterKeys.Equals(updatedWriterKeys) { 1317 return nil, nil, fmt.Errorf( 1318 "existingWriterKeys=%+v != updatedWriterKeys=%+v", 1319 existingWriterKeys, updatedWriterKeys) 1320 } 1321 1322 existingReaderKeys := currExtraV3.rkb.Keys.ToPublicKeys() 1323 if !existingReaderKeys.Equals(updatedReaderKeys) { 1324 return nil, nil, fmt.Errorf( 1325 "existingReaderKeys=%+v != updatedReaderKeys=%+v", 1326 existingReaderKeys, updatedReaderKeys) 1327 } 1328 1329 if latestKeyGen < FirstValidKeyGen { 1330 return nil, nil, errors.New( 1331 "Non-zero current crypt key with no existing key generations") 1332 } 1333 var historicKeys []kbfscrypto.TLFCryptKey 1334 if latestKeyGen > FirstValidKeyGen { 1335 var err error 1336 historicKeys, err = kbfscrypto.DecryptTLFCryptKeys( 1337 codec, 1338 currExtraV3.wkb.EncryptedHistoricTLFCryptKeys, 1339 currCryptKey) 1340 if err != nil { 1341 return nil, nil, err 1342 } 1343 expectedHistoricKeyCount := 1344 int(md.LatestKeyGeneration() - FirstValidKeyGen) 1345 if len(historicKeys) != expectedHistoricKeyCount { 1346 return nil, nil, errors.Errorf( 1347 "Expected %d historic keys, got %d", 1348 expectedHistoricKeyCount, 1349 len(historicKeys)) 1350 } 1351 } 1352 historicKeys = append(historicKeys, currCryptKey) 1353 var err error 1354 encryptedHistoricKeys, err = kbfscrypto.EncryptTLFCryptKeys( 1355 codec, historicKeys, nextCryptKey) 1356 if err != nil { 1357 return nil, nil, err 1358 } 1359 } 1360 1361 newWriterKeys := TLFWriterKeyBundleV3{ 1362 Keys: make(UserDeviceKeyInfoMapV3), 1363 TLFPublicKey: pubKey, 1364 EncryptedHistoricTLFCryptKeys: encryptedHistoricKeys, 1365 } 1366 newReaderKeys := TLFReaderKeyBundleV3{ 1367 Keys: make(UserDeviceKeyInfoMapV3), 1368 } 1369 md.WriterMetadata.LatestKeyGen++ 1370 nextExtra = NewExtraMetadataV3(newWriterKeys, newReaderKeys, true, true) 1371 1372 serverHalves, err = md.updateKeyBundles(codec, nextExtra, 1373 updatedWriterKeys, updatedReaderKeys, 1374 ePubKey, ePrivKey, nextCryptKey) 1375 if err != nil { 1376 return nil, nil, err 1377 } 1378 1379 return nextExtra, serverHalves, nil 1380 } 1381 1382 // SetLatestKeyGenerationForTeamTLF implements the 1383 // MutableRootMetadata interface for RootMetadataV3. 1384 func (md *RootMetadataV3) SetLatestKeyGenerationForTeamTLF(keyGen KeyGen) { 1385 if md.TypeForKeying() != tlf.TeamKeying { 1386 panic(fmt.Sprintf( 1387 "Can't call SetLatestKeyGenerationForTeamTLF on a %s TLF", 1388 md.TypeForKeying())) 1389 } 1390 1391 md.WriterMetadata.LatestKeyGen = keyGen 1392 } 1393 1394 // SetUnresolvedReaders implements the MutableRootMetadata interface for RootMetadataV3. 1395 func (md *RootMetadataV3) SetUnresolvedReaders(readers []keybase1.SocialAssertion) { 1396 md.UnresolvedReaders = readers 1397 } 1398 1399 // SetUnresolvedWriters implements the MutableRootMetadata interface for RootMetadataV3. 1400 func (md *RootMetadataV3) SetUnresolvedWriters(writers []keybase1.SocialAssertion) { 1401 md.WriterMetadata.UnresolvedWriters = writers 1402 } 1403 1404 // SetConflictInfo implements the MutableRootMetadata interface for RootMetadataV3. 1405 func (md *RootMetadataV3) SetConflictInfo(ci *tlf.HandleExtension) { 1406 md.ConflictInfo = ci 1407 } 1408 1409 // SetFinalizedInfo implements the MutableRootMetadata interface for RootMetadataV3. 1410 func (md *RootMetadataV3) SetFinalizedInfo(fi *tlf.HandleExtension) { 1411 md.FinalizedInfo = fi 1412 } 1413 1414 // SetWriters implements the MutableRootMetadata interface for RootMetadataV3. 1415 func (md *RootMetadataV3) SetWriters(writers []keybase1.UserOrTeamID) { 1416 md.WriterMetadata.Writers = writers 1417 } 1418 1419 // ClearForV4Migration implements the MutableRootMetadata interface 1420 // for RootMetadataV3. 1421 func (md *RootMetadataV3) ClearForV4Migration() { 1422 md.WriterMetadata.WKeyBundleID = TLFWriterKeyBundleID{} 1423 md.RKeyBundleID = TLFReaderKeyBundleID{} 1424 } 1425 1426 // SetTlfID implements the MutableRootMetadata interface for RootMetadataV3. 1427 func (md *RootMetadataV3) SetTlfID(tlf tlf.ID) { 1428 md.WriterMetadata.ID = tlf 1429 } 1430 1431 // ClearFinalBit implements the MutableRootMetadata interface for RootMetadataV3. 1432 func (md *RootMetadataV3) ClearFinalBit() { 1433 md.Flags &= ^MetadataFlagFinal 1434 } 1435 1436 // Version implements the MutableRootMetadata interface for RootMetadataV3. 1437 func (md *RootMetadataV3) Version() MetadataVer { 1438 if md.TlfID().Type() != tlf.SingleTeam && 1439 md.TypeForKeying() == tlf.TeamKeying { 1440 return ImplicitTeamsVer 1441 } 1442 return SegregatedKeyBundlesVer 1443 } 1444 1445 // GetCurrentTLFPublicKey implements the RootMetadata interface 1446 // for RootMetadataV3. 1447 func (md *RootMetadataV3) GetCurrentTLFPublicKey( 1448 extra ExtraMetadata) (kbfscrypto.TLFPublicKey, error) { 1449 wkb, _, err := md.getTLFKeyBundles(extra) 1450 if err != nil { 1451 return kbfscrypto.TLFPublicKey{}, err 1452 } 1453 return wkb.TLFPublicKey, nil 1454 } 1455 1456 // GetUnresolvedParticipants implements the RootMetadata interface for RootMetadataV3. 1457 func (md *RootMetadataV3) GetUnresolvedParticipants() []keybase1.SocialAssertion { 1458 writers := md.WriterMetadata.UnresolvedWriters 1459 readers := md.UnresolvedReaders 1460 users := make([]keybase1.SocialAssertion, 0, len(writers)+len(readers)) 1461 users = append(users, writers...) 1462 users = append(users, readers...) 1463 return users 1464 } 1465 1466 // UpdateKeyBundles implements the MutableRootMetadata interface 1467 // for RootMetadataV3. 1468 func (md *RootMetadataV3) UpdateKeyBundles(codec kbfscodec.Codec, 1469 extra ExtraMetadata, 1470 updatedWriterKeys, updatedReaderKeys UserDevicePublicKeys, 1471 ePubKey kbfscrypto.TLFEphemeralPublicKey, 1472 ePrivKey kbfscrypto.TLFEphemeralPrivateKey, 1473 tlfCryptKeys []kbfscrypto.TLFCryptKey) ( 1474 []UserDeviceKeyServerHalves, error) { 1475 if len(tlfCryptKeys) != 1 { 1476 return nil, fmt.Errorf( 1477 "(MDv3) Expected 1 TLF crypt key, got %d", 1478 len(tlfCryptKeys)) 1479 } 1480 1481 serverHalves, err := md.updateKeyBundles(codec, extra, 1482 updatedWriterKeys, updatedReaderKeys, 1483 ePubKey, ePrivKey, tlfCryptKeys[0]) 1484 if err != nil { 1485 return nil, err 1486 } 1487 1488 return []UserDeviceKeyServerHalves{serverHalves}, nil 1489 } 1490 1491 // GetTLFWriterKeyBundleID implements the RootMetadata interface for RootMetadataV3. 1492 func (md *RootMetadataV3) GetTLFWriterKeyBundleID() TLFWriterKeyBundleID { 1493 return md.WriterMetadata.WKeyBundleID 1494 } 1495 1496 // GetTLFReaderKeyBundleID implements the RootMetadata interface for RootMetadataV3. 1497 func (md *RootMetadataV3) GetTLFReaderKeyBundleID() TLFReaderKeyBundleID { 1498 return md.RKeyBundleID 1499 } 1500 1501 // FinalizeRekey implements the MutableRootMetadata interface for RootMetadataV3. 1502 func (md *RootMetadataV3) FinalizeRekey( 1503 codec kbfscodec.Codec, extra ExtraMetadata) error { 1504 extraV3, ok := extra.(*ExtraMetadataV3) 1505 if !ok { 1506 return errors.New("Invalid extra metadata") 1507 } 1508 oldWKBID := md.WriterMetadata.WKeyBundleID 1509 oldRKBID := md.RKeyBundleID 1510 1511 newWKBID, err := MakeTLFWriterKeyBundleID(codec, extraV3.wkb) 1512 if err != nil { 1513 return err 1514 } 1515 newRKBID, err := MakeTLFReaderKeyBundleID(codec, extraV3.rkb) 1516 if err != nil { 1517 return err 1518 } 1519 1520 md.WriterMetadata.WKeyBundleID = newWKBID 1521 md.RKeyBundleID = newRKBID 1522 1523 extraV3.updateNew(newWKBID != oldWKBID, newRKBID != oldRKBID) 1524 1525 return nil 1526 } 1527 1528 // StoresHistoricTLFCryptKeys implements the RootMetadata interface for RootMetadataV3. 1529 func (md *RootMetadataV3) StoresHistoricTLFCryptKeys() bool { 1530 return true 1531 } 1532 1533 // GetHistoricTLFCryptKey implements the RootMetadata interface for RootMetadataV3. 1534 func (md *RootMetadataV3) GetHistoricTLFCryptKey(codec kbfscodec.Codec, 1535 keyGen KeyGen, currentKey kbfscrypto.TLFCryptKey, extra ExtraMetadata) ( 1536 kbfscrypto.TLFCryptKey, error) { 1537 extraV3, ok := extra.(*ExtraMetadataV3) 1538 if !ok { 1539 return kbfscrypto.TLFCryptKey{}, errors.New( 1540 "Invalid extra metadata") 1541 } 1542 if keyGen < FirstValidKeyGen || keyGen >= md.LatestKeyGeneration() { 1543 return kbfscrypto.TLFCryptKey{}, errors.Errorf( 1544 "Invalid key generation %d", keyGen) 1545 } 1546 oldKeys, err := kbfscrypto.DecryptTLFCryptKeys( 1547 codec, extraV3.wkb.EncryptedHistoricTLFCryptKeys, currentKey) 1548 if err != nil { 1549 return kbfscrypto.TLFCryptKey{}, err 1550 } 1551 index := int(keyGen - FirstValidKeyGen) 1552 if index >= len(oldKeys) || index < 0 { 1553 return kbfscrypto.TLFCryptKey{}, errors.Errorf( 1554 "Index %d out of range (max: %d)", index, len(oldKeys)) 1555 } 1556 return oldKeys[index], nil 1557 }