-
Notifications
You must be signed in to change notification settings - Fork 0
encryption
Generally all nodes and devices connect via TLS directly.
For additional privacy Commands content are encrypted with a Signal like protocol from one Resource to another.
To know if a Command is encrypted or not the command slug is part of the message sent. This also allows a server to apply additional logic to the message. If this is not needed the slug can be part of the encrypted payload. If the outside slug is emtpy/null it is asumed that the payload is encrypted and contains the actual slug.
Since the best and lightest library we found for encryption was libsodium we tried to implement the Signal protocol with it. Commands are transmitted in an encrypted form between resources if possible. The managing server and proxy servers may or may not have the encryption keys they won't attempt execution if they don't have.
As in Signal at install time an identity, an rotating and a few empheral keys are generated and uploaded to the server.
-- todo
Since the recipient device should not know from which device exactly the message originated from, it only sees commands comming from the userId. It then looks up the encryption keys in local storage and attempts decryption and vertification.
If it is successfull the receive-key is ratchet forward.
If there isn't a session yet chat setup headers are retrieved from the message header.
If that isn't possible up to MAX_MESSAGE_TANSMIT are stored and it is attempted to retrieve the keys from the sender.