`Trusted Entitlements`: new Signature format by NachoSoto · Pull Request #2679 · RevenueCat/purchases-ios

NachoSoto · 2023-06-21T21:02:33Z

New format:

32 bytes: intermediate public key
4 bytes: Expiration (in days since epoch)
64 bytes: intermediate public key signature, signed with the root private key
16 bytes: salt
64 bytes: payload signature:
- salt
- nonce (if present)
- request time (as int string)
- etag (if present)
- payload

This also adds support for optional nonces for "static" signatures, which is required for #2667.

NachoSoto · 2023-06-22T22:15:04Z

The fix for this is quite long so it's coming in a separate PR.

tonidero

Should we hold off merging this to main until everything is ready so we don't break things in main? This looks good though!

tonidero · 2023-06-23T07:51:43Z

So this will be the key used to verify the intermediate key correct? Should we rename it to make it clearer?

I still need to figure out that part.

I left this here so tests pass, but in the last PR this will be reverted, since the actual public key hasn't changed.

tonidero · 2023-06-23T08:09:46Z

This is nice! ❤️

NachoSoto · 2023-06-23T15:46:16Z

Should we hold off merging this to main until everything is ready so we don't break things in main?

Yeah for sure 👍🏻
I'm trying to get integration tests pointing to the canary at least so we can start verifying those.

tonidero

Looks good!

tonidero · 2023-06-30T07:34:32Z

+            return false
+        }
+
+        // Fixme: verify public key


Is this still needed?

That's done in #2715 :)

NachoSoto · 2023-06-30T16:31:37Z

⚠️ Disabling for now.

NachoSoto · 2023-06-30T16:31:44Z

⚠️ Disabling for now.

Last step of the new Signature format. Follow up to #2679 and #2698. This reverts the public key change in #2679, since that was the intermediate key. This now extracts the new intermediate public key from the signature, and verifies it using the public key.

NachoSoto added the refactor label Jun 21, 2023

NachoSoto requested a review from a team June 21, 2023 21:02

NachoSoto commented Jun 22, 2023

View reviewed changes

Comment thread Sources/Security/Signing.swift Outdated

NachoSoto force-pushed the nacho/sdk-3164-ios-dont-parse-nonce-for-offerings-and-entitlement-mapping branch 10 times, most recently from af640da to 76c0c54 Compare June 22, 2023 22:12

NachoSoto changed the title ~~[WIP] Trusted Entitlements: new Signature format~~ Trusted Entitlements: new Signature format Jun 22, 2023

NachoSoto marked this pull request as ready for review June 22, 2023 22:12

NachoSoto commented Jun 22, 2023

View reviewed changes

This was referenced Jun 22, 2023

Refactor: extract ErrorResponse into its own file #2697

Merged

Trusted Entitlements: update handling of 304 responses #2698

Merged

tonidero reviewed Jun 23, 2023

View reviewed changes

NachoSoto force-pushed the nacho/sdk-3164-ios-dont-parse-nonce-for-offerings-and-entitlement-mapping branch 5 times, most recently from 250270c to b0782ab Compare June 26, 2023 21:07

NachoSoto requested review from aboedo and bisho June 26, 2023 22:25

NachoSoto mentioned this pull request Jun 26, 2023

Signing: extract and verify intermediate key #2715

Merged

tonidero reviewed Jun 27, 2023

View reviewed changes

Comment thread Sources/Security/Signing+ResponseVerification.swift

NachoSoto force-pushed the nacho/sdk-3164-ios-dont-parse-nonce-for-offerings-and-entitlement-mapping branch from b0782ab to a11ae88 Compare June 27, 2023 14:29

NachoSoto force-pushed the nacho/sdk-3164-ios-dont-parse-nonce-for-offerings-and-entitlement-mapping branch 3 times, most recently from 62010bf to e654254 Compare June 29, 2023 19:02

tonidero approved these changes Jun 30, 2023

View reviewed changes

Trusted Entitlements: updated signature format

1700575

NachoSoto force-pushed the nacho/sdk-3164-ios-dont-parse-nonce-for-offerings-and-entitlement-mapping branch from 9d3ee66 to 92b1d1c Compare June 30, 2023 16:06

NachoSoto enabled auto-merge (squash) June 30, 2023 16:09

NachoSoto disabled auto-merge June 30, 2023 16:09

NachoSoto enabled auto-merge (squash) June 30, 2023 16:12

NachoSoto disabled auto-merge June 30, 2023 16:12

NachoSoto enabled auto-merge (squash) June 30, 2023 16:13

NachoSoto commented Jun 30, 2023

View reviewed changes

NachoSoto force-pushed the nacho/sdk-3164-ios-dont-parse-nonce-for-offerings-and-entitlement-mapping branch 3 times, most recently from be175cc to 6d66630 Compare June 30, 2023 17:29

Disable signature integration tests for now

4d8fd34

NachoSoto force-pushed the nacho/sdk-3164-ios-dont-parse-nonce-for-offerings-and-entitlement-mapping branch from 6d66630 to 4d8fd34 Compare June 30, 2023 18:10

NachoSoto merged commit d457cb0 into main Jun 30, 2023

NachoSoto deleted the nacho/sdk-3164-ios-dont-parse-nonce-for-offerings-and-entitlement-mapping branch June 30, 2023 18:50

RCGitBot mentioned this pull request Jul 7, 2023

[AUTOMATIC] Release/4.24.1 #2773

Merged

Uh oh!

Conversation

NachoSoto commented Jun 21, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

New format:

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

tonidero left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

NachoSoto commented Jun 23, 2023

Uh oh!

Uh oh!

tonidero left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

NachoSoto Jun 30, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

NachoSoto commented Jun 21, 2023 •

edited

Loading

NachoSoto Jun 30, 2023 •

edited

Loading