session: add GroupID field to Session

Add the new `GroupID1` field to the `Session` struct and ensure that the
new fields are properly serialised and deserialised.  The `GroupID` is
the ID of the first Session in a set of linked sessions.

Author: ellemouton

session/interface.go

@@ -63,6 +63,11 @@ type Session struct {
 	RemotePublicKey   *btcec.PublicKey
 	FeatureConfig     *FeaturesConfig
 	WithPrivacyMapper bool
+
+	// GroupID is the Session ID of the very first Session in the linked
+	// group of sessions. If this is the very first session in the group
+	// then this will be the same as ID.
+	GroupID ID
 }
 
 // MacaroonBaker is a function type for baking a super macaroon.
@@ -73,7 +78,7 @@ type MacaroonBaker func(ctx context.Context, rootKeyID uint64,
 func NewSession(id ID, localPrivKey *btcec.PrivateKey, label string, typ Type,
 	expiry time.Time, serverAddr string, devServer bool, perms []bakery.Op,
 	caveats []macaroon.Caveat, featureConfig FeaturesConfig,
-	privacy bool) (*Session, error) {
+	privacy bool, linkedGroupID *ID) (*Session, error) {
 
 	_, pairingSecret, err := mailbox.NewPassphraseEntropy()
 	if err != nil {
@@ -82,6 +87,15 @@ func NewSession(id ID, localPrivKey *btcec.PrivateKey, label string, typ Type,
 
 	macRootKey := NewSuperMacaroonRootKeyID(id)
 
+	// The group ID will by default be the same as the Session ID
+	// unless this session links to a previous session.
+	groupID := id
+	if linkedGroupID != nil {
+		// If this session is linked to a previous session, then the
+		// group ID is the same as the linked session's group ID.
+		groupID = *linkedGroupID
+	}
+
 	sess := &Session{
 		ID:                id,
 		Label:             label,
@@ -97,6 +111,7 @@ func NewSession(id ID, localPrivKey *btcec.PrivateKey, label string, typ Type,
 		LocalPublicKey:    localPrivKey.PubKey(),
 		RemotePublicKey:   nil,
 		WithPrivacyMapper: privacy,
+		GroupID:           groupID,
 	}
 
 	if perms != nil || caveats != nil {

session/store.go

@@ -67,6 +67,19 @@ func (db *DB) CreateSession(session *Session) error {
 				session.LocalPublicKey.SerializeCompressed())
 		}
 
+		// If this is a linked session (meaning the group ID is
+		// different from the ID) the make sure that the Group ID of
+		// this session is an ID known by the store. We can do this by
+		// checking that an entry for this ID exists in the id-to-key
+		// index.
+		if session.ID != session.GroupID {
+			_, err = getKeyForID(sessionBucket, session.GroupID)
+			if err != nil {
+				return fmt.Errorf("unknown linked session "+
+					"%x: %w", session.GroupID, err)
+			}
+		}
+
 		// Add the mapping from session ID to session key to the ID
 		// index.
 		err = addIDToKeyPair(sessionBucket, session.ID, sessionKey)

session/store_test.go

@@ -19,10 +19,10 @@ func TestBasicSessionStore(t *testing.T) {
 	})
 
 	// Create a few sessions.
-	s1 := newSession(t, db, "session 1")
-	s2 := newSession(t, db, "session 2")
-	s3 := newSession(t, db, "session 3")
-	s4 := newSession(t, db, "session 3")
+	s1 := newSession(t, db, "session 1", nil)
+	s2 := newSession(t, db, "session 2", nil)
+	s3 := newSession(t, db, "session 3", nil)
+	s4 := newSession(t, db, "session 4", nil)
 
 	// Persist session 1. This should now succeed.
 	require.NoError(t, db.CreateSession(s1))
@@ -34,6 +34,7 @@ func TestBasicSessionStore(t *testing.T) {
 	// Change the local pub key of session 4 such that it has the same
 	// ID as session 1.
 	s4.ID = s1.ID
+	s4.GroupID = s1.GroupID
 
 	// Now try to insert session 4. This should fail due to an entry for
 	// the ID already existing.
@@ -84,14 +85,41 @@ func TestBasicSessionStore(t *testing.T) {
 	require.Equal(t, session1.State, StateRevoked)
 }
 
-func newSession(t *testing.T, db Store, label string) *Session {
+// TestLinkingSessions tests that session linking works as expected.
+func TestLinkingSessions(t *testing.T) {
+	// Set up a new DB.
+	db, err := NewDB(t.TempDir(), "test.db")
+	require.NoError(t, err)
+	t.Cleanup(func() {
+		_ = db.Close()
+	})
+
+	// Create a new session with no previous link.
+	s1 := newSession(t, db, "session 1", nil)
+
+	// Create another session and link it to the first.
+	s2 := newSession(t, db, "session 2", &s1.GroupID)
+
+	// Try to persist the second session and assert that it fails due to the
+	// linked session not existing in the DB yet.
+	require.ErrorContains(t, db.CreateSession(s2), "unknown linked session")
+
+	// Now persist the first session and retry persisting the second one
+	// and assert that this now works.
+	require.NoError(t, db.CreateSession(s1))
+	require.NoError(t, db.CreateSession(s2))
+}
+
+func newSession(t *testing.T, db Store, label string,
+	linkedGroupID *ID) *Session {
+
 	id, priv, err := db.GetUnusedIDAndKeyPair()
 	require.NoError(t, err)
 
 	session, err := NewSession(
 		id, priv, label, TypeMacaroonAdmin,
 		time.Date(99999, 1, 1, 0, 0, 0, 0, time.UTC),
-		"foo.bar.baz:1234", true, nil, nil, nil, true,
+		"foo.bar.baz:1234", true, nil, nil, nil, true, linkedGroupID,
 	)
 	require.NoError(t, err)
 

session/tlv.go

@@ -28,6 +28,7 @@ const (
 	typeFeaturesConfig  tlv.Type = 14
 	typeWithPrivacy     tlv.Type = 15
 	typeRevokedAt       tlv.Type = 16
+	typeGroupID         tlv.Type = 17
 
 	// typeMacaroon is no longer used, but we leave it defined for backwards
 	// compatibility.
@@ -54,6 +55,28 @@ func SerializeSession(w io.Writer, session *Session) error {
 		return fmt.Errorf("session cannot be nil")
 	}
 
+	tlvRecords, err := constructSessionTLVRecords(session, true)
+	if err != nil {
+		return err
+	}
+
+	tlvStream, err := tlv.NewStream(tlvRecords...)
+	if err != nil {
+		return err
+	}
+
+	return tlvStream.Encode(w)
+}
+
+// constructSessionTlvRecords takes a Session and gathers all the TLV records
+// that need to be serialised for the session. The withGroupID boolean can be
+// used to exclude the tlv record for the GroupID of the session. This should
+// only ever be set to true for testing purposes to ensure that older sessions
+// which did do not have the GroupID serialised still correctly deserialize and
+// set the correct GroupID in the Session struct.
+func constructSessionTLVRecords(session *Session, withGroupID bool) (
+	[]tlv.Record, error) {
+
 	var (
 		label         = []byte(session.Label)
 		state         = uint8(session.State)
@@ -140,12 +163,14 @@ func SerializeSession(w io.Writer, session *Session) error {
 		tlv.MakePrimitiveRecord(typeRevokedAt, &revokedAt),
 	)
 
-	tlvStream, err := tlv.NewStream(tlvRecords...)
-	if err != nil {
-		return err
+	if withGroupID {
+		groupID := session.GroupID[:]
+		tlvRecords = append(tlvRecords, tlv.MakePrimitiveRecord(
+			typeGroupID, &groupID,
+		))
 	}
 
-	return tlvStream.Encode(w)
+	return tlvRecords, nil
 }
 
 // DeserializeSession deserializes a session from the given reader, expecting
@@ -159,6 +184,7 @@ func DeserializeSession(r io.Reader) (*Session, error) {
 		expiry, createdAt, revokedAt   uint64
 		macRecipe                      MacaroonRecipe
 		featureConfig                  FeaturesConfig
+		groupID                        []byte
 	)
 	tlvStream, err := tlv.NewStream(
 		tlv.MakePrimitiveRecord(typeLabel, &label),
@@ -186,6 +212,7 @@ func DeserializeSession(r io.Reader) (*Session, error) {
 		),
 		tlv.MakePrimitiveRecord(typeWithPrivacy, &privacy),
 		tlv.MakePrimitiveRecord(typeRevokedAt, &revokedAt),
+		tlv.MakePrimitiveRecord(typeGroupID, &groupID),
 	)
 	if err != nil {
 		return nil, err
@@ -228,6 +255,15 @@ func DeserializeSession(r io.Reader) (*Session, error) {
 		session.FeatureConfig = &featureConfig
 	}
 
+	// The GroupID field might not be set for older sessions. So we attempt
+	// to read it from the DB, otherwise we set the group ID to the session
+	// ID.
+	if t, ok := parsedTypes[typeGroupID]; ok && t == nil {
+		copy(session.GroupID[:], groupID)
+	} else {
+		session.GroupID = session.ID
+	}
+
 	return session, nil
 }