Skip to content

fix: notify() generates iv_nonce and a fresh session_id per call#522

Open
cconstab wants to merge 1 commit into
trunkfrom
fix/notify-iv-nonce-and-session-id
Open

fix: notify() generates iv_nonce and a fresh session_id per call#522
cconstab wants to merge 1 commit into
trunkfrom
fix/notify-iv-nonce-and-session-id

Conversation

@cconstab

@cconstab cconstab commented Jul 2, 2026

Copy link
Copy Markdown
Member

notify() had two defects, both in at_client/atclient.py:

  1. Crashes without a nonce. It read at_key.metadata.iv_nonce and passed it
    straight to aes_encrypt_from_base64; if the caller hadn't set it, AES-CTR raised
    nonce must be bytes-like. Callers had to set metadata.iv_nonce manually.
  2. Shared session_id. The signature default session_id=str(uuid.uuid4()) is
    evaluated once at import, so every notify() without an explicit id reused the same
    id for the process lifetime. The atServer dedups by notification id, so duplicate /
    rapid notifications were silently dropped.

Fix: generate the nonce inside notify() when unset (and store it on the key's
metadata so it travels with the notification for the receiver to decrypt), and default
session_id to None, minting a fresh UUID per call.

Tests: test/notify_test.py — network-free:

  • session_id default is None (regression against the import-time UUID)
  • notify() sets iv_nonce when the key has none (mocked network)

Found while building a production integration on atsdk; both were reproducible in
isolation.

notify() crashed when the AtKey had no iv_nonce ('nonce must be bytes-like'),
forcing callers to set metadata.iv_nonce manually. It also used a signature
default session_id=str(uuid.uuid4()), which is evaluated once at import, so every
notify() without an explicit id reused the same one and the server deduped the
duplicates.

Generate the AES nonce inside notify() when unset (and store it on the key's
metadata so it travels with the notification), and default session_id to None,
generating a fresh UUID per call.

Adds network-free unit tests for both behaviours.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant