diff --git a/keyserver/src/push/crypto.js b/keyserver/src/push/crypto.js --- a/keyserver/src/push/crypto.js +++ b/keyserver/src/push/crypto.js @@ -11,13 +11,18 @@ NotificationTargetDevice, } from './types.js'; import { encryptAndUpdateOlmSession } from '../updaters/olm-session-updater.js'; +import { getOlmUtility } from '../utils/olm-utils.js'; async function encryptIOSNotification( cookieID: string, notification: apn.Notification, codeVersion?: ?number, notificationSizeValidator?: apn.Notification => boolean, -): Promise<{ +notification: apn.Notification, +payloadSizeExceeded: boolean }> { +): Promise<{ + +notification: apn.Notification, + +payloadSizeExceeded: boolean, + +encryptedPayloadHash?: string, +}> { invariant( !notification.collapseId, 'Collapsible notifications encryption currently not implemented', @@ -71,9 +76,11 @@ }; } + const encryptedPayloadHash = getOlmUtility().sha256(serializedPayload.body); return { notification: encryptedNotification, payloadSizeExceeded: !!dbPersistConditionViolated, + encryptedPayloadHash, }; } catch (e) { console.log('Notification encryption failed: ' + e); @@ -217,6 +224,7 @@ +deviceToken: string, +notification: apn.Notification, +payloadSizeExceeded: boolean, + +encryptedPayloadHash?: string, }>, > { const notificationPromises = devices.map( diff --git a/keyserver/src/push/send.js b/keyserver/src/push/send.js --- a/keyserver/src/push/send.js +++ b/keyserver/src/push/send.js @@ -794,9 +794,10 @@ if (devicesWithExcessiveSize.length === 0) { return notifsWithMessageInfos.map( - ({ notification: notif, deviceToken }) => ({ + ({ notification: notif, deviceToken, encryptedPayloadHash }) => ({ notification: notif, deviceToken, + encryptedPayloadHash, }), ); } @@ -809,15 +810,17 @@ const targetedNotifsWithMessageInfos = notifsWithMessageInfos .filter(({ payloadSizeExceeded }) => !payloadSizeExceeded) - .map(({ notification: notif, deviceToken }) => ({ + .map(({ notification: notif, deviceToken, encryptedPayloadHash }) => ({ notification: notif, deviceToken, + encryptedPayloadHash, })); const targetedNotifsWithoutMessageInfos = notifsWithoutMessageInfos.map( - ({ notification: notif, deviceToken }) => ({ + ({ notification: notif, deviceToken, encryptedPayloadHash }) => ({ notification: notif, deviceToken, + encryptedPayloadHash, }), ); @@ -1053,6 +1056,7 @@ codeVersion: number, stateVersion: number, errors?: $ReadOnlyArray, + encryptedPayloadHashes?: $ReadOnlyArray, }; type APNsResult = { info: NotificationInfo, @@ -1090,6 +1094,17 @@ if (response.errors) { delivery.errors = response.errors; } + + const encryptedPayloadHashes = []; + for (const targetedNotification of targetedNotifications) { + if (targetedNotification.encryptedPayloadHash) { + encryptedPayloadHashes.push(targetedNotification.encryptedPayloadHash); + } + } + if (encryptedPayloadHashes.length !== 0) { + delivery.encryptedPayloadHashes = encryptedPayloadHashes; + } + const result: APNsResult = { info: notificationInfo, delivery, diff --git a/keyserver/src/push/types.js b/keyserver/src/push/types.js --- a/keyserver/src/push/types.js +++ b/keyserver/src/push/types.js @@ -5,6 +5,7 @@ export type TargetedAPNsNotification = { +notification: apn.Notification, +deviceToken: string, + +encryptedPayloadHash?: string, }; type AndroidNotificationPayloadBase = {