Crypto invite link format changes (keybase#23410)

turlodales · Apr 2, 2020 · 6e63d7b · 6e63d7b
1 parent ad0457e
commit 6e63d7b
Show file tree

Hide file tree

Showing 6 changed files with 85 additions and 22 deletions.
diff --git a/go/teams/chain_parse.go b/go/teams/chain_parse.go
@@ -1,6 +1,7 @@
 package teams
 
 import (
+	"encoding/hex"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -15,6 +16,7 @@ import (
 type SCTeamName string
 type SCTeamID string
 type SCTeamInviteID string
+type SCTeamInviteIDShort string
 type SCTeamBoxSummaryHash string
 
 // SCTeamEntropy is used to render stubbed out links unguessable.
@@ -332,6 +334,22 @@ func (i SCTeamInviteID) Eq(i2 keybase1.TeamInviteID) bool {
 	return tmp.Eq(i2)
 }
 
+func (i SCTeamInviteID) ToShortInviteID() (SCTeamInviteIDShort, error) {
+	decoded, err := hex.DecodeString(string(i))
+	if err != nil {
+		return "", err
+	}
+	return SCTeamInviteIDShort(libkb.Encode58(decoded)), nil
+}
+
+func (i SCTeamInviteIDShort) ToInviteID() (SCTeamInviteID, error) {
+	decoded, err := libkb.Decode58(string(i))
+	if err != nil {
+		return "", err
+	}
+	return SCTeamInviteID(hex.EncodeToString(decoded)), nil
+}
+
 func (i SCTeamInvite) TeamInvite(mctx libkb.MetaContext, r keybase1.TeamRole, inviter keybase1.UserVersion) (keybase1.TeamInvite, error) {
 	id, err := i.ID.TeamInviteID()
 	if err != nil {

diff --git a/go/teams/list.go b/go/teams/list.go
@@ -479,8 +479,16 @@ func ComputeInvitelinkDisplayName(mctx libkb.MetaContext, team *Team, invite key
 	}
 
 	ikey := keyAndLabel.Invitelink().I
+	sikey, err := GenerateSIKeyInvitelink(ikey)
+	if err != nil {
+		return name, err
+	}
+	id, err := sikey.GenerateShortTeamInviteID()
+	if err != nil {
+		return name, err
+	}
 
-	url, err := GenerateInvitelinkURL(mctx, ikey)
+	url, err := GenerateInvitelinkURL(mctx, ikey, id)
 	if err != nil {
 		return name, err
 	}

diff --git a/go/teams/seitan.go b/go/teams/seitan.go
@@ -162,19 +162,33 @@ func (ikey SeitanIKey) GenerateSIKey() (sikey SeitanSIKey, err error) {
 	return sikey, nil
 }
 
-func generateTeamInviteID(secretKey []byte, payload []byte) (id SCTeamInviteID, err error) {
+func generateTeamInviteIDRaw(secretKey []byte, payload []byte) ([]byte, error) {
 	mac := hmac.New(sha512.New, secretKey)
-	_, err = mac.Write(payload)
-	if err != nil {
-		return id, err
+	if _, err := mac.Write(payload); err != nil {
+		return nil, err
 	}
-
 	out := mac.Sum(nil)
 	out = out[0:15]
 	out = append(out, libkb.InviteIDTag)
+	return out, nil
+}
+
+func generateTeamInviteID(secretKey []byte, payload []byte) (id SCTeamInviteID, err error) {
+	out, err := generateTeamInviteIDRaw(secretKey, payload)
+	if err != nil {
+		return id, err
+	}
 	id = SCTeamInviteID(hex.EncodeToString(out))
 	return id, nil
+}
 
+func generateShortTeamInviteID(secretKey []byte, payload []byte) (id SCTeamInviteIDShort, err error) {
+	out, err := generateTeamInviteIDRaw(secretKey, payload)
+	if err != nil {
+		return id, err
+	}
+	id = SCTeamInviteIDShort(libkb.Encode58(out))
+	return id, nil
 }
 
 func (sikey SeitanSIKey) GenerateTeamInviteID() (id SCTeamInviteID, err error) {

diff --git a/go/teams/seitan_invitelink.go b/go/teams/seitan_invitelink.go
@@ -43,14 +43,26 @@ func GenerateSIKeyInvitelink(ikey keybase1.SeitanIKeyInvitelink) (sikey SeitanSI
 	return sikey, nil
 }
 
+func (sikey SeitanSIKeyInvitelink) generateMsgpackPayload() ([]byte, error) {
+	return msgpack.Encode(NewSeitanInviteIDPayload(SeitanVersionInvitelink))
+}
+
 func (sikey SeitanSIKeyInvitelink) GenerateTeamInviteID() (id SCTeamInviteID, err error) {
-	payload, err := msgpack.Encode(NewSeitanInviteIDPayload(SeitanVersionInvitelink))
+	payload, err := sikey.generateMsgpackPayload()
 	if err != nil {
 		return id, err
 	}
 	return generateTeamInviteID(sikey[:], payload)
 }
 
+func (sikey SeitanSIKeyInvitelink) GenerateShortTeamInviteID() (id SCTeamInviteIDShort, err error) {
+	payload, err := sikey.generateMsgpackPayload()
+	if err != nil {
+		return id, err
+	}
+	return generateShortTeamInviteID(sikey[:], payload)
+}
+
 func generatePackedEncryptedKeyWithSecretKeyInvitelink(ikey keybase1.SeitanIKeyInvitelink,
 	secretKey keybase1.Bytes32, gen keybase1.PerTeamKeyGeneration, nonce keybase1.BoxNonce,
 	label keybase1.SeitanKeyLabel) (pkey SeitanPKey, encoded string, err error) {
@@ -104,21 +116,25 @@ func GenerateSeitanInvitelinkAcceptanceKey(sikey []byte, uid keybase1.UID, eldes
 }
 
 // bound from SeitanEncodedIKeyInvitelinkLength
-var invitelinkIKeyRxx = regexp.MustCompile(`/invite#i=([a-z0-9+]{16,28})`)
+var invitelinkIKeyRxx = regexp.MustCompile(`/i/t/([a-z0-9]{16})#([a-z0-9+]{16,28})`)
 
 func generateInvitelinkURLPrefix(mctx libkb.MetaContext) (string, error) {
 	serverRoot, err := mctx.G().Env.GetServerURI()
 	if err != nil {
 		return "", err
 	}
 	// NOTE: if you change this url, change invitelinkIKeyRxx too!
-	return fmt.Sprintf("%s/invite#i=", serverRoot), nil
+	return fmt.Sprintf("%s/i/t/", serverRoot), nil
 }
 
-func GenerateInvitelinkURL(mctx libkb.MetaContext, ikey keybase1.SeitanIKeyInvitelink) (string, error) {
+func GenerateInvitelinkURL(
+	mctx libkb.MetaContext,
+	ikey keybase1.SeitanIKeyInvitelink,
+	id SCTeamInviteIDShort,
+) (string, error) {
 	prefix, err := generateInvitelinkURLPrefix(mctx)
 	if err != nil {
 		return "", err
 	}
-	return fmt.Sprintf("%s%s", prefix, ikey), nil
+	return fmt.Sprintf("%s%s#%s", prefix, id, ikey), nil
 }
diff --git a/go/teams/service_helper.go b/go/teams/service_helper.go
@@ -1930,11 +1930,15 @@ func CreateInvitelink(mctx libkb.MetaContext, teamname string,
 	if err != nil {
 		return invitelink, err
 	}
-	ikey, err := t.InviteInvitelink(mctx.Ctx(), role, maxUses, etime)
+	ikey, id, err := t.InviteInvitelink(mctx.Ctx(), role, maxUses, etime)
 	if err != nil {
 		return invitelink, err
 	}
-	url, err := GenerateInvitelinkURL(mctx, ikey)
+	shortID, err := id.ToShortInviteID()
+	if err != nil {
+		return invitelink, err
+	}
+	url, err := GenerateInvitelinkURL(mctx, ikey, shortID)
 	if err != nil {
 		return invitelink, err
 	}

diff --git a/go/teams/teams.go b/go/teams/teams.go
@@ -1431,34 +1431,37 @@ func (t *Team) InviteSeitanV2(ctx context.Context, role keybase1.TeamRole, label
 	return ikey, err
 }
 
-func (t *Team) InviteInvitelink(ctx context.Context, role keybase1.TeamRole,
+func (t *Team) InviteInvitelink(
+	ctx context.Context,
+	role keybase1.TeamRole,
 	maxUses keybase1.TeamInviteMaxUses,
-	etime *keybase1.UnixTime) (ikey keybase1.SeitanIKeyInvitelink, err error) {
+	etime *keybase1.UnixTime,
+) (ikey keybase1.SeitanIKeyInvitelink, inviteID SCTeamInviteID, err error) {
 	defer t.G().CTraceTimed(ctx, fmt.Sprintf("InviteInviteLink: team: %v, role: %v, etime: %v, maxUses: %v", t.Name(), role, etime, maxUses), func() error { return err })()
 
 	// Experimental code: we are figuring out how to do invite links.
 
 	ikey, err = GenerateSeitanIKeyInvitelink()
 	if err != nil {
-		return ikey, err
+		return ikey, inviteID, err
 	}
 
 	sikey, err := GenerateSIKeyInvitelink(ikey)
 	if err != nil {
-		return ikey, err
+		return ikey, inviteID, err
 	}
 
-	inviteID, err := sikey.GenerateTeamInviteID()
+	inviteID, err = sikey.GenerateTeamInviteID()
 	if err != nil {
-		return ikey, err
+		return ikey, inviteID, err
 	}
 
 	// label is hardcoded for now, but could change in the future
 	label := keybase1.NewSeitanKeyLabelWithGeneric(keybase1.SeitanKeyLabelGeneric{L: "link"})
 
 	_, encoded, err := GeneratePackedEncryptedKeyInvitelink(ctx, ikey, t, label)
 	if err != nil {
-		return ikey, err
+		return ikey, inviteID, err
 	}
 
 	invite := SCTeamInvite{
@@ -1470,10 +1473,10 @@ func (t *Team) InviteInvitelink(ctx context.Context, role keybase1.TeamRole,
 	}
 
 	if err := t.postInvite(ctx, invite, role); err != nil {
-		return ikey, err
+		return ikey, inviteID, err
 	}
 
-	return ikey, err
+	return ikey, inviteID, err
 }
 
 func (t *Team) postInvite(ctx context.Context, invite SCTeamInvite, role keybase1.TeamRole) error {