Details

Reviewers

tomek
bartek
ashoat
atul

Commits

rCOMM079d30b229ce: Implement function to encrypt relevant parts of iOS notification

Summary

This differential implements a function that encrypts parts of iOS notification payload that are important to user's privacy

Test Plan

Pull cookie of currently logged in user from MariaDB.
Call this function in the keyserver code where iOS notification is constructed with hardcoded cookie id.
Send notification to the physical iOS device. Log content of send notification and ensure relevant fields are encrypted.

Diff Detail

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

marcin created this revision.May 15 2023, 8:18 AM

Herald added a subscriber: ashoat. · View Herald TranscriptMay 15 2023, 8:18 AM

marcin added a parent revision: D7797: Implement olm session updater that has encrypting functionality.May 15 2023, 8:27 AM

marcin added a child revision: D7815: Send encrypted notifications to iOS devices.

Harbormaster completed remote builds in B19343: Diff 26469.May 15 2023, 8:38 AM

marcin requested review of this revision.May 15 2023, 8:38 AM

I can't tell where these functions will be used, so it's a little harder to review

keyserver/src/push/crypto.js
1 ↗	(On Diff #26469)	Newline here
38 ↗	(On Diff #26469)	Can we save space and set this to `1`?
42 ↗	(On Diff #26469)	We can remove the `async` keyword here
46–48 ↗	(On Diff #26469)	We can use a shorthand
52 ↗	(On Diff #26469)	Does `encryptIOSNotification` need to be exported?

Back to you

This revision now requires changes to proceed.May 15 2023, 9:57 AM

Validate every notification field before encryption attempt
Encrypt more fields in notification payload

Harbormaster completed remote builds in B19411: Diff 26554.May 16 2023, 9:00 AM

atul resigned from this revision.May 16 2023, 9:39 AM

One request inline; please address before landing, or feel free to re-request review if you disagree or if I'm missing something

keyserver/src/push/crypto.js
41 ↗	(On Diff #26554)	Can we construct a new `Notification` rather than mutating the existing one?

This revision is now accepted and ready to land.May 16 2023, 9:56 AM

Create new notification instead of mutating the existing one

Harbormaster completed remote builds in B19450: Diff 26611.May 17 2023, 5:38 AM

I should have been more specific

keyserver/src/push/crypto.js
12 ↗	(On Diff #26611)	Rather than cloning the existing notification, can you create a new empty one, and fill in its fields as necessary?

Return apn.Notifications object in case of encryption failure. Previous apprhac used '...' syntax, and it failed further since the returned object didn't have 'length()' method.

ashoat added inline comments.May 18 2023, 9:50 AM

keyserver/src/push/crypto.js
12 ↗	(On Diff #26651)	Let's construct a new `apn.Notification` instead of cloning the one we're passed in

Harbormaster completed remote builds in B19486: Diff 26651.May 18 2023, 9:59 AM

marcin mentioned this in D7814: Implement method in NSE to decrypt notification.May 19 2023, 7:46 AM

Create new notification instead of copying

Harbormaster completed remote builds in B19599: Diff 26784.May 22 2023, 7:14 AM

ashoat added inline comments.May 22 2023, 10:41 AM

keyserver/src/push/crypto.js
33–34 ↗	(On Diff #26784)	Nit: can we swap the order here?
39–40 ↗	(On Diff #26784)	Nit: can we swap the order here?
75 ↗	(On Diff #26784)	Is this line necessary now that we're no longer cloning the notification? I think `undefined` is the default value