Page MenuHomePhabricator

[lib] Add function to verify device lists
ClosedPublic

Authored by bartek on May 8 2024, 12:03 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Dec 21, 6:30 PM
Unknown Object (File)
Sat, Dec 21, 6:30 PM
Unknown Object (File)
Sat, Dec 21, 6:30 PM
Unknown Object (File)
Sat, Dec 21, 6:30 PM
Unknown Object (File)
Sat, Dec 21, 6:30 PM
Unknown Object (File)
Tue, Dec 3, 3:19 AM
Unknown Object (File)
Nov 17 2024, 2:49 AM
Unknown Object (File)
Nov 17 2024, 2:49 AM
Subscribers

Details

Summary

Added function that verifies device lists timestamps and signatures on client side - Whitepaper 6.2.4
Now, we use Identity Service as a source of truth for device list updates.
Signatures are optional at this point, unsigned lists should still be accepted.

Depends on D11901, D11907

Test Plan

Added unit tests in D11930. More detailed plan will be performed when the function is used.

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

bartek held this revision as a draft.
bartek published this revision for review.May 8 2024, 11:51 PM
lib/shared/device-list-utils.js
10–23 ↗(On Diff #39911)

Should we make all of these fields read-only by prefixing them with a +? (eg. { +valid: true })

Instead of calling JSON.parse to get RawDeviceList I would extract code parsing code with asserting from here to a separate function and use it here in all call sites.

This revision is now accepted and ready to land.May 10 2024, 4:04 AM

Make types read-only. Extract function to parse raw device list.

This revision was automatically updated to reflect the committed changes.