switch default cipher suite to 2 (#4373)

Also, remove hard-coded default cipher suite in key-package related endpoints by requiring the query parameter.
wireapp · Dec 23, 2024 · ee3fbc3 · ee3fbc3
1 parent 783cd10
commit ee3fbc3
Show file tree

Hide file tree

Showing 18 changed files with 374 additions and 93 deletions.
diff --git a/changelog.d/0-release-notes/WPB-15004 b/changelog.d/0-release-notes/WPB-15004
@@ -0,0 +1,27 @@
+We changed the default MLS cipher suite from
+
+- MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519
+
+to
+
+- MLS_128_DHKEMP256_AES128GCM_SHA256_P256
+
+and the allowed MLS cipher suites from only
+
+- MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519
+
+to _only_
+
+- MLS_128_DHKEMP256_AES128GCM_SHA256_P256.
+
+ATTENTION: This breaks your MLS clients if they used the previous defaults
+before. This is even true if you allow several cipher suites, since current MLS
+clients only support _one_ cipher suite at a time.
+
+[Adjust the defaults in the server
+configuration](https://github.com/wireapp/wire-server/blob/develop/docs/src/developer/reference/config-options.md#mls)
+to switch the values of `defaultCipherSuite` and `allowedCipherSuites` back to
+the previous defaults, `1` and `[1]`, respectively. Once MLS clients support
+several cipher suites, you could even use `[1,2]` or a list of other cipher
+suites in `allowedCipherSuites`. Make sure that this list contains the currently
+used cipher suite!
diff --git a/charts/galley/values.yaml b/charts/galley/values.yaml
@@ -115,8 +115,8 @@ config:
           config:
             protocolToggleUsers: []
             defaultProtocol: proteus
-            allowedCipherSuites: [1]
-            defaultCipherSuite: 1
+            allowedCipherSuites: [2]
+            defaultCipherSuite: 2
             supportedProtocols: [proteus, mls] # must contain defaultProtocol
           lockStatus: unlocked
       searchVisibilityInbound:

diff --git a/docs/src/developer/reference/config-options.md b/docs/src/developer/reference/config-options.md
@@ -300,8 +300,8 @@ mls:
       protocolToggleUsers: []
       defaultProtocol: mls
       supportedProtocols: [proteus, mls] # must contain defaultProtocol
-      allowedCipherSuites: [1]
-      defaultCipherSuite: 1
+      allowedCipherSuites: [2]
+      defaultCipherSuite: 2
     lockStatus: locked
 ```
 
@@ -316,8 +316,8 @@ mls:
     protocolToggleUsers: []
     defaultProtocol: mls
     supportedProtocols: [proteus, mls] # must contain defaultProtocol
-    allowedCipherSuites: [1]
-    defaultCipherSuite: 1
+    allowedCipherSuites: [2]
+    defaultCipherSuite: 2
 ```
 
 ### MLS End-to-End Identity

diff --git a/integration/test/API/Brig.hs b/integration/test/API/Brig.hs
@@ -358,16 +358,29 @@ countKeyPackages suite cid = do
     req
       & addQueryParams [("ciphersuite", suite.code)]
 
-deleteKeyPackages :: ClientIdentity -> [String] -> App Response
-deleteKeyPackages cid kps = do
+deleteKeyPackages :: Ciphersuite -> ClientIdentity -> [String] -> App Response
+deleteKeyPackages suite cid kps = do
   req <- baseRequest cid Brig Versioned ("/mls/key-packages/self/" <> cid.client)
-  submit "DELETE" $ req & addJSONObject ["key_packages" .= kps]
+  submit "DELETE" $
+    req
+      & addQueryParams [("ciphersuite", suite.code)]
+      & addJSONObject ["key_packages" .= kps]
 
-replaceKeyPackages :: ClientIdentity -> Maybe [Ciphersuite] -> [ByteString] -> App Response
-replaceKeyPackages cid mSuites kps = do
+replaceKeyPackages :: ClientIdentity -> [Ciphersuite] -> [ByteString] -> App Response
+replaceKeyPackages cid suites kps = do
   req <-
     baseRequest cid Brig Versioned $
       "/mls/key-packages/self/" <> cid.client
+  submit "PUT" $
+    req
+      & addQueryParams [("ciphersuites", intercalate "," (map (.code) suites))]
+      & addJSONObject ["key_packages" .= map (T.decodeUtf8 . Base64.encode) kps]
+
+replaceKeyPackagesV7 :: ClientIdentity -> Maybe [Ciphersuite] -> [ByteString] -> App Response
+replaceKeyPackagesV7 cid mSuites kps = do
+  req <-
+    baseRequest cid Brig (ExplicitVersion 7) $
+      "/mls/key-packages/self/" <> cid.client
   submit "PUT" $
     req
       & maybe id (\suites -> addQueryParams [("ciphersuites", intercalate "," (map (.code) suites))]) mSuites

diff --git a/integration/test/MLS/Util.hs b/integration/test/MLS/Util.hs
@@ -90,7 +90,7 @@ mlscli mConvId cs cid args mbstdin = do
       liftIO (createDirectory (bd </> cid2Str cid))
         `catch` \e ->
           if (isAlreadyExistsError e)
-            then assertFailure "client directory for mls state already exists"
+            then pure () -- creates a file per signature scheme
             else throwM e
 
       -- initialise new keystore
@@ -156,18 +156,27 @@ instance Default InitMLSClient where
 
 -- | Create new mls client and register with backend.
 createMLSClient :: (MakesValue u, HasCallStack) => Ciphersuite -> InitMLSClient -> u -> App ClientIdentity
-createMLSClient ciphersuite opts u = do
+createMLSClient ciphersuite = createMLSClientWithCiphersuites [ciphersuite]
+
+-- | Create new mls client and register with backend.
+createMLSClientWithCiphersuites :: (MakesValue u, HasCallStack) => [Ciphersuite] -> InitMLSClient -> u -> App ClientIdentity
+createMLSClientWithCiphersuites ciphersuites opts u = do
   cid <- createWireClient u opts.clientArgs
   setClientGroupState cid def {credType = opts.credType}
 
   -- set public key
-  pkey <- mlscli Nothing ciphersuite cid ["public-key"] Nothing
+  suitePKeys <- for ciphersuites $ \ciphersuite -> (ciphersuite,) <$> mlscli Nothing ciphersuite cid ["public-key"] Nothing
   bindResponse
     ( updateClient
         cid
         def
           { mlsPublicKeys =
-              Just (object [csSignatureScheme ciphersuite .= T.decodeUtf8 (Base64.encode pkey)])
+              Just
+                ( object
+                    [ csSignatureScheme ciphersuite .= T.decodeUtf8 (Base64.encode pkey)
+                      | (ciphersuite, pkey) <- suitePKeys
+                    ]
+                )
           }
     )
     $ \resp -> resp.status `shouldMatchInt` 200

diff --git a/integration/test/Test/FeatureFlags/Util.hs b/integration/test/Test/FeatureFlags/Util.hs
@@ -95,8 +95,8 @@ defAllFeatures =
                 [ "protocolToggleUsers" .= ([] :: [String]),
                   "defaultProtocol" .= "proteus",
                   "supportedProtocols" .= ["proteus", "mls"],
-                  "allowedCipherSuites" .= ([1] :: [Int]),
-                  "defaultCipherSuite" .= A.Number 1
+                  "allowedCipherSuites" .= ([2] :: [Int]),
+                  "defaultCipherSuite" .= A.Number 2
                 ]
           ],
       "searchVisibilityInbound" .= disabled,