diff --git a/core/mls/mls-tools/crates/mls/src/lib.rs b/core/mls/mls-tools/crates/mls/src/lib.rs index 311f410b1f..85a9fbeba0 100644 --- a/core/mls/mls-tools/crates/mls/src/lib.rs +++ b/core/mls/mls-tools/crates/mls/src/lib.rs @@ -72,18 +72,6 @@ fn validate_group_info_message(group_info_message_bytes: Vec, expected_epoch ValidationResult::Valid } -fn validate_external_group_can_process_group_info_message(mut external_group: ExternalGroup, group_info_message_bytes: Vec) -> Result<(), ValidationResult> { - let group_info_message = match MlsMessage::from_bytes(&group_info_message_bytes) { - Ok(group_info_message) => group_info_message, - Err(_) => return Err(ValidationResult::InvalidGroupInfo) - }; - - match external_group.process_incoming_message(group_info_message) { - Ok(_) => return Ok(()), - Err(_) => Err(ValidationResult::InvalidGroupInfo.into()) - } -} - pub fn validate_initial_group_info_request(request: InitialGroupInfoRequest) -> InitialGroupInfoResponse { let external_client = create_external_client(); let external_group_snapshot = match ExternalSnapshot::from_bytes(&request.external_group_snapshot) { @@ -93,14 +81,14 @@ pub fn validate_initial_group_info_request(request: InitialGroupInfoRequest) -> } }; - let mut external_group = match external_client.load_group(external_group_snapshot) { + let external_group = match external_client.load_group(external_group_snapshot) { Ok(group) => group, Err(_) => return InitialGroupInfoResponse { result: ValidationResult::InvalidExternalGroup.into(), } }; - match validate_group_info_message(request.group_info_message.clone(), + match validate_group_info_message(request.group_info_message, 0, external_group.group_context().group_id()) { ValidationResult::Valid => {}, @@ -136,14 +124,6 @@ pub fn validate_initial_group_info_request(request: InitialGroupInfoRequest) -> result: ValidationResult::InvalidPublicSignatureKey.into(), }; } - - match validate_external_group_can_process_group_info_message(external_group, request.group_info_message) { - Ok(_) => {}, - Err(result) => return InitialGroupInfoResponse { - result: result.into(), - } - } - return InitialGroupInfoResponse { result: ValidationResult::Valid.into(), }; @@ -182,7 +162,7 @@ pub fn validate_external_join_request(request: ExternalJoinRequest) -> ExternalJ }; } - match validate_group_info_message(request.proposed_external_join_info_message.clone(), + match validate_group_info_message(request.proposed_external_join_info_message, external_group.group_context().epoch() + 1, external_group.group_context().group_id()) { ValidationResult::Valid => {}, @@ -231,13 +211,6 @@ pub fn validate_external_join_request(request: ExternalJoinRequest) -> ExternalJ true => {} } - match validate_external_group_can_process_group_info_message(external_group, request.proposed_external_join_info_message) { - Ok(_) => {}, - Err(result) => return ExternalJoinResponse { - result: result.into(), - } - } - return ExternalJoinResponse { result: ValidationResult::Valid.into(), }; @@ -339,7 +312,7 @@ pub fn validate_welcome_message_request(request: WelcomeMessageRequest) -> Welco }; } - match validate_group_info_message(request.group_info_message.clone(), + match validate_group_info_message(request.group_info_message, external_group.group_context().epoch() + 1, external_group.group_context().group_id()) { ValidationResult::Valid => {}, @@ -403,13 +376,6 @@ pub fn validate_welcome_message_request(request: WelcomeMessageRequest) -> Welco }; } - match validate_external_group_can_process_group_info_message(external_group, request.group_info_message) { - Ok(_) => {}, - Err(result) => return WelcomeMessageResponse { - result: result.into(), - } - } - return WelcomeMessageResponse { result: ValidationResult::Valid.into(), }; diff --git a/packages/sdk/src/tests/multi_ne/mls.test.ts b/packages/sdk/src/tests/multi_ne/mls.test.ts index f17e2c284f..54bee57168 100644 --- a/packages/sdk/src/tests/multi_ne/mls.test.ts +++ b/packages/sdk/src/tests/multi_ne/mls.test.ts @@ -268,22 +268,6 @@ describe('mlsTests', () => { ) }) - test('invalid group info for initialize group is rejected', async () => { - const { groupInfoMessage, externalGroupSnapshot } = - await createGroupInfoAndExternalSnapshot(bobMlsGroup) - // tamper with the message a little bit - const invalidGroupInfoMessage = groupInfoMessage - invalidGroupInfoMessage[invalidGroupInfoMessage.length - 2] += 1 // make it invalid - const payload = makeMlsPayloadInitializeGroup( - bobMlsClient.signaturePublicKey(), - externalGroupSnapshot, - groupInfoMessage, - ) - await expect(bobClient._debugSendMls(streamId, payload)).rejects.toThrow( - 'INVALID_GROUP_INFO', - ) - }) - test('clients can create MLS Groups in channels', async () => { const { groupInfoMessage, externalGroupSnapshot } = await createGroupInfoAndExternalSnapshot(bobMlsGroup) @@ -345,26 +329,6 @@ describe('mlsTests', () => { ) }) - test('Invalid group info for external commits is rejected', async () => { - const { commit, groupInfoMessage } = await commitExternal( - aliceMlsClient, - latestGroupInfoMessage, - latestExternalGroupSnapshot, - ) - // tamper with the message a little bit - const invalidGroupInfoMessage = groupInfoMessage - invalidGroupInfoMessage[invalidGroupInfoMessage.length - 2] += 1 // make it invalid - - const aliceMlsPayload = makeMlsPayloadExternalJoin( - aliceMlsClient.signaturePublicKey(), - commit, - invalidGroupInfoMessage, - ) - await expect(aliceClient._debugSendMls(streamId, aliceMlsPayload)).rejects.toThrow( - 'INVALID_GROUP_INFO', - ) - }) - test('Valid external commits are accepted', async () => { const { commit: aliceCommit, groupInfoMessage: aliceGroupInfoMessage } = await commitExternal( @@ -580,32 +544,6 @@ describe('mlsTests', () => { ) }) - test('invalid group info for welcome messages is rejected', async () => { - const mls = bobClient.streams.get(streamId)!.view.membershipContent.mls - const keyPackage = Object.values(mls.pendingKeyPackages)[0] - const kp = MlsMessage.fromBytes(keyPackage.keyPackage) - const commitOutput = await bobMlsGroup.addMember(kp) - await bobMlsGroup.clearPendingCommit() - const groupInfoMessage = commitOutput.externalCommitGroupInfo!.toBytes() - - // tamper with the message a little bit - const invalidGroupInfoMessage = groupInfoMessage - invalidGroupInfoMessage[invalidGroupInfoMessage.length - 2] += 1 // make it invalid - - const commit = commitOutput.commitMessage.toBytes() - const welcomeMessages = commitOutput.welcomeMessages.map((wm) => wm.toBytes()) - - const payload = makeMlsPayloadWelcomeMessage( - commit, - [keyPackage.signaturePublicKey], - invalidGroupInfoMessage, - welcomeMessages, - ) - await expect(aliceClient._debugSendMls(streamId, payload)).rejects.toThrow( - 'INVALID_GROUP_INFO', - ) - }) - test('clients can add other members from key packages', async () => { const mls = bobClient.streams.get(streamId)!.view.membershipContent.mls const keyPackage = Object.values(mls.pendingKeyPackages)[0]