DifferentDirection/Relay
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Summary Update.

Browse Source
This commit is contained in:
RuKira
2026-06-06 23:38:50 -04:00
parent dd75ca4b06
commit 2916d17868
30 changed files with 1231 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
RelayServer/Models/Crypto/ClientPublicKeys.cs
View File

@@ -1,11 +1,26 @@
using SurrealDb.Net.Models;
using SurrealDb.Net.Models;
namespace RelayServer.Models;
/// <summary>
/// Surreal record for the `client_public_keys` table. Stores the RSA public key each user
/// has registered. Written by HandleRegisterKey, read by DeliverToServerMembers and history
/// fetches to encrypt outbound messages per recipient.
///
/// When a client reinstalls and regenerates a keypair, the existing row is updated rather
/// than duplicated (ClientKeyService.RegisterOrUpdateKeyAsync).
/// </summary>
public class ClientPublicKeys : Record
{
/// <summary>Mixed-case username as the user registered it. Used as the lookup key.</summary>
public required string Username { get; set; }
/// <summary>Base64 SubjectPublicKeyInfo (DER) of the user's RSA public key.</summary>
public required string PublicKey { get; set; }
/// <summary>When the user first registered.</summary>
public required DateTime CreatedAt { get; set; }
/// <summary>When the key was last updated (key rotation, reinstall).</summary>
public required DateTime UpdatedAt { get; set; }
}
}

19
RelayServer/Models/Crypto/ServerEncryptionKeys.cs
View File

@@ -2,11 +2,28 @@ using SurrealDb.Net.Models;
namespace RelayServer.Models;
/// <summary>
/// Surreal record for the `server_encryption_keys` table. Stores both:
/// - The server's RSA keypair (for receiving encrypted client→server payloads).
/// - The single AES-256 key used to encrypt channel_messages at rest.
///
/// Generated once on first boot by ServerBootstrapService. Loaded into static fields on
/// ChatSocketBehavior at boot so handlers can use them without a DB round-trip.
/// </summary>
public class ServerEncryptionKeys : Record
{
/// <summary>Base64 AES-256 key used by ChannelCryptoService for at-rest message encryption.</summary>
public required string KeyBase64 { get; set; }
/// <summary>Base64 SubjectPublicKeyInfo of the server's RSA public key. Sent to clients on GetServerKey.</summary>
public required string PublicKey { get; set; }
/// <summary>Base64 PKCS8 of the server's RSA private key. Never leaves the server.</summary>
public required string PrivateKey { get; set; }
/// <summary>When the keys were generated.</summary>
public required DateTime CreatedAt { get; set; }
/// <summary>When the keys were last rotated. Currently same as CreatedAt — rotation isn't implemented.</summary>
public required DateTime UpdatedAt { get; set; }
}
}