Move ProProof into session_protocol.hpp

Pro proof is part of the session protocol and is required by some of the
higher-level helper functions in the crypto layer. Because of this we were
having some circular dependency issues, Debian 12 ARM build was complaining that
session_protocol.cpp was calling out to functions in
session/config/pro.h which sits in a layer above us.

This created a circular dependency and upon re-assessment the pro proof
structures really belong in the protocol layer. What does belong in the
config section is the top-level pro config object that contains the
Session Pro rotating key pair and the proof itself.

Author: Doy-lee

include/session/config/pro.h

@@ -9,132 +9,13 @@ extern "C" {
 #include <stdint.h>
 
 #include "../export.h"
-#include "../types.h"
-
-typedef enum PRO_STATUS {  // See session::ProStatus
-    PRO_STATUS_NIL,
-    PRO_STATUS_INVALID_PRO_BACKEND_SIG,
-    PRO_STATUS_INVALID_USER_SIG,
-    PRO_STATUS_VALID,
-    PRO_STATUS_EXPIRED,
-} PRO_STATUS;
-
-typedef struct pro_signed_message {
-    span_u8 sig;
-    span_u8 msg;
-} pro_signed_message;
-
-typedef struct pro_proof {
-    uint8_t version;
-    uint8_t gen_index_hash[32];
-    uint8_t rotating_pubkey[32];
-    uint64_t expiry_unix_ts;
-    uint8_t sig[64];
-} pro_proof;
+#include "session/session_protocol.h"
 
 typedef struct pro_config {
     uint8_t rotating_privkey[64];
     pro_proof proof;
 } pro_pro_config;
 
-/// API: pro/pro_proof_hash
-///
-/// Generate the 32 byte hash that is to be signed by the rotating key or Session Pro Backend key to
-/// embed in the envelope or proof respectively which other clients use to authenticate the validity
-/// of a proof.
-///
-/// Inputs:
-/// - `proof` -- Proof to calculate the hash from
-///
-/// Outputs:
-/// - `bytes32` -- The 32 byte hash calculated from the proof
-LIBSESSION_EXPORT bytes32 pro_proof_hash(pro_proof const* proof);
-
-/// API: pro/pro_proof_verify_signature
-///
-/// Verify the proof was signed by the `verify_pubkey`
-///
-/// Inputs:
-/// - `proof` -- Proof to verify
-/// - `verify_pubkey` -- Array of bytes containing the public key to (typically the Session Pro
-///   Backend public key) verify the proof against.
-/// - `verify_pubkey_len` -- Length of the `verify_pubkey` this must be 32 bytes, but is
-///   parameterised to detect errors about incorrectly sized arrays by the caller.
-///
-/// Outputs:
-/// - `bool` -- True if verified, false otherwise
-LIBSESSION_EXPORT bool pro_proof_verify_signature(
-        pro_proof const* proof, uint8_t const* verify_pubkey, size_t verify_pubkey_len);
-
-/// API: pro/pro_proof_verify_message
-///
-/// Check if the `rotating_pubkey` in the proof was the signatory of the message and signature
-/// passed in. This function throws if an signature is passed in that isn't 64 bytes.
-///
-/// Inputs:
-/// - `proof` -- Proof to verify
-/// - `sig` -- Signature to verify with the `rotating_pubkey`. The signature should have
-///   originally been signed over `msg` passed in.
-/// - `sig_len` -- Length of the signature, should be 64 bytes
-/// - `msg` -- Message that the signature signed over with. It will be verified using the
-///   embedded `rotating_pubkey`.
-/// - `msg_len` -- Length of the message
-///
-/// Outputs:
-/// - `bool` -- True if verified, false otherwise (bad signature, or, invalid arguments).
-LIBSESSION_EXPORT bool pro_proof_verify_message(
-        pro_proof const* proof,
-        uint8_t const* sig,
-        size_t sig_len,
-        uint8_t const* msg,
-        size_t msg_len);
-
-/// API: pro/pro_proof_is_active
-///
-/// Check if the Pro proof is currently entitled to Pro given the `unix_ts` with respect to the
-/// proof's `expiry_unix_ts`
-///
-/// Inputs:
-/// - `proof` -- Proof to verify
-/// - `unix_ts_s` -- The unix timestamp in seconds to check the proof expiry time against
-///
-/// Outputs:
-/// - `bool` -- True if expired, false otherwise
-LIBSESSION_EXPORT bool pro_proof_is_active(pro_proof const* proof, uint64_t unix_ts_s);
-
-/// API: pro/pro_proof_status
-///
-/// Evaluate the status of the pro proof by checking it is signed by the `verify_pubkey`, it has
-/// not expired via `unix_ts_s` and optionally verify that the `signed_msg` was signed by the
-/// `rotating_pubkey` embedded in the proof.
-///
-/// Internally this function calls `pro_proof_verify_signature`, `pro_proof_verify_message` and
-/// optionally `pro_proof_is_active` in sequence. This function fails if an invalidly sized public
-/// key or signature are passed in. They must be 32 and 64 bytes respectively, the appropriate
-/// invalid status will be returned.
-///
-/// Inputs:
-/// - `proof` -- Proof to verify
-/// - `verify_pubkey` -- 32 byte Ed25519 public key of the corresponding secret key to check if
-///   they are the original signatory of the proof.
-/// - `verify_pubkey_len` -- Length of the `verify_pubkey` should be 32 bytes
-///   they are the original signatory of the proof.
-/// - `unix_ts` -- Unix timestamp in seconds to compared against the embedded `expiry_unix_ts`
-///   to determine if the proof has expired or not
-/// - `signed_msg` -- Optionally set the payload to the message with the signature to verify if
-///   the embedded `rotating_pubkey` in the proof signed the given message.
-///
-/// Outputs:
-/// - `status` - The derived status given the components of the message. If `signed_msg` is
-///   not set then this function can never return `PRO_STATUS_INVALID_USER_SIG` from the set of
-///   possible enum values. Otherwise this funtion can return all possible values.
-LIBSESSION_EXPORT PRO_STATUS pro_proof_status(
-        pro_proof const* proof,
-        const uint8_t* verify_pubkey,
-        size_t verify_pubkey_len,
-        uint64_t unix_ts_s,
-        const pro_signed_message* signed_msg);
-
 /// API: pro/pro_verify
 ///
 /// Verify the proof was signed by the `verify_pubkey` and that the `rotating_privkey` in the `pro`

include/session/config/pro.hpp

@@ -1,143 +1,22 @@
 #pragma once
 
-#include <session/config/pro.h>
-
-#include <chrono>
-#include <cstdint>
 #include <session/config.hpp>
 #include <session/config/base.hpp>
-#include <session/sodium_array.hpp>
-#include <session/types.hpp>
+#include <session/session_protocol.hpp>
 
 namespace session::config {
 
-enum ProProofVersion { ProProofVersion_v0 };
-
-enum class ProStatus {
-    // Pro proof sig was not signed by the Pro backend key
-    InvalidProBackendSig = PRO_STATUS_INVALID_PRO_BACKEND_SIG,
-    // Pro sig in the envelope was not signed by the Rotating key
-    InvalidUserSig = PRO_STATUS_INVALID_USER_SIG,
-    Valid = PRO_STATUS_VALID,      // Proof is verified; has not expired
-    Expired = PRO_STATUS_EXPIRED,  // Proof is verified; has expired
-};
-
-struct ProSignedMessage {
-    std::span<const uint8_t> sig;
-    std::span<const uint8_t> msg;
-};
-
-/// keys used currently or in the past (so that we don't reuse):
-///
-/// @ - version
-/// g - gen_index_hash
-/// r - rotating ed25519 pubkey
-/// e - expiry unix timestamp (in seconds)
-/// s - proof signature, signed by the Session Pro Backend's ed25519 key
-class ProProof {
-  public:
-    /// Version of the proof set by the Session Pro Backend
-    std::uint8_t version;
-
-    /// Hash of the generation index set by the Session Pro Backend
-    array_uc32 gen_index_hash;
-
-    /// The public key that the Session client registers their Session Pro entitlement under.
-    /// Session clients must sign messages with this key along side the sending of this proof for
-    /// the network to authenticate their usage of the proof
-    array_uc32 rotating_pubkey;
-
-    /// Unix epoch timestamp to which this proof's entitlement to Session Pro features is valid to
-    std::chrono::sys_seconds expiry_unix_ts;
-
-    /// Signature over the contents of the proof. It is signed by the Session Pro Backend key which
-    /// is the entity responsible for issueing tamper-proof Sesison Pro certificates for Session
-    /// clients.
-    array_uc64 sig;
-
-    /// API: pro/Proof::verify_signature
-    ///
-    /// Verify that the proof's contents was not tampered with by hashing the proof and checking
-    /// that the hash was signed by the secret key of the given Ed25519 public key.
-    ///
-    /// For Session Pro intents and purposes, we expect proofs to be signed by the Session Pro
-    /// Backend public key. This function throws if an incorrectly sized key is passed in.
-    ///
-    /// Inputs:
-    /// - `verify_pubkey` -- 32 byte Ed25519 public key of the corresponding secret key to check if
-    /// they are the original signatory of the proof.
-    ///
-    /// Outputs:
-    /// - `bool` - True if the given key was the signatory of the proof, false otherwise
-    bool verify_signature(const std::span<const uint8_t>& verify_pubkey) const;
-
-    /// API: pro/Proof::verify_message
-    ///
-    /// Check if the `rotating_pubkey` in the proof was the signatory of the message and signature
-    /// passed in. This function throws if an signature is passed in that isn't 64 bytes.
-    ///
-    /// Inputs:
-    /// - `sig` -- Signature to verify with the `rotating_pubkey`. The signature should have
-    ///   originally been signed over `msg` passed in.
-    /// - `msg` -- Message that the signature signed over with. It will be verified using the
-    ///   embedded `rotating_pubkey`.
-    ///
-    /// Outputs:
-    /// - `bool` - True if the message was signed by the embedded `rotating_pubkey` false otherwise.
-    bool verify_message(std::span<const uint8_t> sig, const std::span<const uint8_t> msg) const;
-
-    /// API: pro/Proof::is_active
-    ///
-    /// Check if Pro proof is currently entitled to Pro given the `unix_ts` with respect to the
-    /// proof's `expiry_unix_ts`
-    ///
-    /// Inputs:
-    /// - `unix_ts` -- Unix timestamp in seconds to compared against the embedded `expiry_unix_ts`
-    ///   to determine if the proof has expired or not
-    ///
-    /// Outputs:
-    /// - `bool` - True if proof is active (i.e. has not expired), false otherwise.
-    bool is_active(std::chrono::sys_seconds unix_ts) const;
-
-    /// API: pro/Proof::status
-    ///
-    /// Evaluate the status of the pro proof by checking it is signed by the `verify_pubkey`, it has
-    /// not expired via `unix_ts` and optionally verify that the `signed_msg` was signed by the
-    /// `rotating_pubkey` embedded in the proof.
-    ///
-    /// Internally this function calls `verify_signature`, `verify_message` and optionally
-    /// `is_active` in sequence. This function throws if an invalidly sized public key or signature
-    /// are passed in. They must be 32 and 64 bytes respectively.
-    ///
-    /// Inputs:
-    /// - `verify_pubkey` -- 32 byte Ed25519 public key of the corresponding secret key to check if
-    ///   they are the original signatory of the proof.
-    /// - `unix_ts` -- Unix timestamp in seconds to compared against the embedded `expiry_unix_ts`
-    ///   to determine if the proof has expired or not
-    /// - `signed_msg` -- Optionally set the payload to the message with the signature to verify if
-    ///   the embedded `rotating_pubkey` in the proof signed the given message.
-    ///
-    /// Outputs:
-    /// - `ProStatus` - The derived status given the components of the message. If `signed_msg` is
-    ///   not set then this function can never return `ProStatus::InvalidUserSig` from the set of
-    ///   possible enum values. Otherwise this funtion can return all possible values.
-    ProStatus status(
-            std::span<const uint8_t> verify_pubkey,
-            std::chrono::sys_seconds unix_ts,
-            const std::optional<ProSignedMessage>& signed_msg);
-
-    /// API: pro/Proof::hash
-    ///
-    /// Create a 32-byte hash from the proof. This hash is the payload that is signed in the proof.
-    array_uc32 hash() const;
-
-    bool load(const dict& root);
-};
-
 /// keys used currently or in the past (so that we don't reuse):
 ///
-/// r - rotating ed25519 privkey
-/// p - proof
+/// p + pro data
+///   |
+///   +-- @ - version
+///   +-- g - gen_index_hash
+///   +-- r - rotating ed25519 pubkey
+///   +-- e - expiry unix timestamp (in seconds)
+///   +-- s - proof signature, signed by the Session Pro Backend's ed25519 key
+///   +-- r - rotating ed25519 privkey
+///   +-- p - proof
 class ProConfig {
   public:
     /// Private key for the public key key specified in the proof. This is synced between clients

include/session/pro_backend.hpp

@@ -1,7 +1,8 @@
 #pragma once
 
-#include <session/config/pro.hpp>
+#include <chrono>
 #include <session/types.hpp>
+#include <string>
 
 namespace session::pro_backend {
 

include/session/session_encrypt.hpp

@@ -1,5 +1,7 @@
 #pragma once
 
+#include <stdint.h>
+
 #include <optional>
 #include <span>
 #include <string>