search

atsign-foundation / at_client_sdk

The Dart implementation of atSDK used for implementing Atsign's technology into other software
https://pub.dev/publishers/atsign.org/packages
BSD 3-Clause "New" or "Revised" License
1.47k stars 31 forks source link

Invalid or corrupted pad block when using AtClient.get #1071

Open Xlin123 opened 1 year ago

Xlin123 commented 1 year ago

Describe the bug

Using AtClient.get with shared symmetric keys will throw an invalid pad block exception.

This issue fixed the sync_service, changes for this will most likely need to be done in decryption_service.

Steps to reproduce

  1. Using Dart REPL, make sure to add dependency override for at_client using git
  2. use /get on a shared symmetric key
  3. error

Expected behavior

@gkc mentioned that he wanted at least a better exception but ideally the better solution would be the decrypted value for “our” copy, or an exception for “their” copy.

  1. alice retrieving their copy of the symmetric key that alice created for bob/get shared_key.bob@alice ==> should be decryptable by alice
  2. alice retrieving bob's copy of the symmetric key that alice created for bob /get @bob:shared_key@alice==> not decryptable by alice, as alice encrypted this with bob's public key, and alice does not have bob's private key
  3. alice retrieving their copy of the symmetric key that bob created for alice/get @alice:shared_key@bob==> should be decryptable by alice
  4. alice retrieving bob's copy of the symmetric key that bob created for alice ==> this is not actually possible, it is only ever visible to bob in bob's atServer

Screenshots

image

Smartphones

No response

Were you using an atApplication when the bug was found?

No response

Additional context

No response

Xlin123 commented 1 year ago

bug is fixed as of now, just need to write tests.