🚀 [Feature Request]: UX for Public Key Infrastructure (PKI) updates for DM's and Admin Messages

[garthvh]

OS

iOS, iPadOS, macOS

Description

Tracking of the implementation of the PKI functionality, should be a useful guide for other clients implementing these display features. The underlying encryption work is done in the firmware so clients without visual indicators will still encrypt messages.

Security Config Settings View

• Edit keys with validation
• Secure input with an eyeball button to toggle the display of the three keys
• Independant Bluetooth Logs Boolean toggle
• Independant Legacy Admin Boolean toggle
• Dependent Managed Device Boolean toggle (must have legacy admin or and admin key to enable)
• Independant Serial Console Boolean toggle
• Dependent Serial Debug logs Boolean toggle (must have serial console enabled)

Contact List

• Green Lock on the contact list for contacts with a public key
• Red Lock with a slash on the contact list for contacts with a public key that does not match their recent messages
• Yellow Open Lock for existing DM messages using the shared key

User Message List

• lock on received messages that have a public key
• lock on sent messages that were sent with the public key (contingent on an error if this comparison fails at the device)

In app persistence data

• Update the public key on a user record if a new packet comes in with a key and we have no user yet, or we have a user with an empty key stored
• If a message arrives with a key that does not match the key we have stored for a user, don't update the user key and flip a keyMatch boolean value on user so we can warn users of a key mismatch. A boolean on the user is used so that we are not dependent on a comparison to a message that can be deleted. Store the new key on the user.

App Security Features

• Notify the user in a conversation if the public key has changed for a contact
• Allow a user to forget that node and let it come back in with a new key
• Ability to send admin messages to a remote node if we have a publicKey for it, even without an admin channel
• Set the keyMatch value to false if we get a pki failed error when sending a message
• When sending admin messages you will need to request a session key (and likely the related session key) to send an admin message.

Participation

• I am willing to submit a pull request for this issue.

Additional comments

No response

[garthvh]

[garthvh]