keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Don’t encrypt/decrypt avatar URL or digest.

Browse Source 
// FREEBIE
pull/1/head
Matthew Chen 8 years ago
parent cc789c7df5
commit 83d01eed76
3 changed files with 23 additions and 26 deletions
Show Stats Download Patch File Download Diff File

4
Signal/src/Profiles/OWSProfileManager.h
Unescape Escape View File

@ -62,8 +62,8 @@ extern NSString *const kNSNotificationName_OtherUsersProfileDidChange;
- (void)updateProfileForRecipientId:(NSString *)recipientId - (void)updateProfileForRecipientId:(NSString *)recipientId
profileNameEncrypted:(NSData *_Nullable)profileNameEncrypted profileNameEncrypted:(NSData *_Nullable)profileNameEncrypted
avatarUrlEncrypted:(NSData *_Nullable)avatarUrlEncrypted avatarUrlData:(NSData *_Nullable)avatarUrlData
avatarDigestEncrypted:(NSData *_Nullable)avatarDigestEncrypted; avatarDigest:(NSData *_Nullable)avatarDigest;
@end @end

23
Signal/src/Profiles/OWSProfileManager.m
Unescape Escape View File

@ -424,10 +424,9 @@ static const NSInteger kProfileKeyLength = 16;
dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{ dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{
// TODO: Do we need to use NSDataBase64EncodingOptions? // TODO: Do we need to use NSDataBase64EncodingOptions?
NSString *_Nullable localProfileNameEncrypted = NSString *_Nullable localProfileNameBase64 = [[self encryptProfileString:localProfileName] base64EncodedString];
[[self encryptProfileString:localProfileName] base64EncodedString]; NSString *_Nullable avatarUrlBase64 = [[avatarUrl dataUsingEncoding:NSUTF8StringEncoding] base64EncodedString];
NSString *_Nullable avatarUrlEncrypted = [[self encryptProfileString:avatarUrl] base64EncodedString]; NSString *_Nullable avatarDigestBase64 = [avatarDigest base64EncodedString];
NSString *_Nullable avatarDigestEncrypted = [[self encryptProfileData:avatarDigest] base64EncodedString];
// TODO: // TODO:
if (YES) { if (YES) {
@ -669,8 +668,8 @@ static const NSInteger kProfileKeyLength = 16;
- (void)updateProfileForRecipientId:(NSString *)recipientId - (void)updateProfileForRecipientId:(NSString *)recipientId
profileNameEncrypted:(NSData *_Nullable)profileNameEncrypted profileNameEncrypted:(NSData *_Nullable)profileNameEncrypted
avatarUrlEncrypted:(NSData *_Nullable)avatarUrlEncrypted avatarUrlData:(NSData *_Nullable)avatarUrlData
avatarDigestEncrypted:(NSData *_Nullable)avatarDigestEncrypted avatarDigest:(NSData *_Nullable)avatarDigest
{ {
OWSAssert(recipientId.length > 0); OWSAssert(recipientId.length > 0);
@ -681,8 +680,8 @@ static const NSInteger kProfileKeyLength = 16;
NSString *_Nullable profileName = NSString *_Nullable profileName =
[self decryptProfileString:profileNameEncrypted profileKey:userProfile.profileKey]; [self decryptProfileString:profileNameEncrypted profileKey:userProfile.profileKey];
NSString *_Nullable avatarUrl = [self decryptProfileString:avatarUrlEncrypted profileKey:userProfile.profileKey]; NSString *_Nullable avatarUrl
NSData *_Nullable avatarDigest = [self decryptProfileData:avatarDigestEncrypted profileKey:userProfile.profileKey]; = (avatarUrlData ? [[NSString alloc] initWithData:avatarUrlData encoding:NSUTF8StringEncoding] : nil);
if (!avatarUrl || !avatarDigest) { if (!avatarUrl || !avatarDigest) {
// If either avatar url or digest is missing, skip both. // If either avatar url or digest is missing, skip both.
@ -745,8 +744,8 @@ static const NSInteger kProfileKeyLength = 16;
return nil; return nil;
} }
// TODO: Decrypt. // TODO: Decrypt. For now, return the input.
return nil; return encryptedData;
} }
+ (NSString *_Nullable)decryptProfileString:(NSData *_Nullable)encryptedData profileKey:(NSData *)profileKey + (NSString *_Nullable)decryptProfileString:(NSData *_Nullable)encryptedData profileKey:(NSData *)profileKey
@ -770,8 +769,8 @@ static const NSInteger kProfileKeyLength = 16;
return nil; return nil;
} }
// TODO: Encrypt. // TODO: Encrypt. For now, return the input.
return nil; return data;
} }
+ (NSData *_Nullable)encryptProfileString:(NSString *_Nullable)value profileKey:(NSData *)profileKey + (NSData *_Nullable)encryptProfileString:(NSString *_Nullable)value profileKey:(NSData *)profileKey

22
Signal/src/Profiles/ProfileFetcherJob.swift
Unescape Escape View File

@ -116,8 +116,8 @@ class ProfileFetcherJob: NSObject {
OWSProfileManager.shared().updateProfile(forRecipientId : signalServiceProfile.recipientId, OWSProfileManager.shared().updateProfile(forRecipientId : signalServiceProfile.recipientId,
profileNameEncrypted : signalServiceProfile.profileNameEncrypted, profileNameEncrypted : signalServiceProfile.profileNameEncrypted,
avatarUrlEncrypted : signalServiceProfile.avatarUrlEncrypted, avatarUrlData : signalServiceProfile.avatarUrlData,
avatarDigestEncrypted : signalServiceProfile.avatarDigestEncrypted) avatarDigest : signalServiceProfile.avatarDigest)
} }
private func verifyIdentityUpToDateAsync(recipientId: String, latestIdentityKey: Data) { private func verifyIdentityUpToDateAsync(recipientId: String, latestIdentityKey: Data) {
@ -146,14 +146,12 @@ struct SignalServiceProfile {
public let recipientId: String public let recipientId: String
public let identityKey: Data public let identityKey: Data
public let profileNameEncrypted: Data? public let profileNameEncrypted: Data?
public let avatarUrlEncrypted: Data? public let avatarUrlData: Data?
public let avatarDigestEncrypted: Data? public let avatarDigest: Data?
init(recipientId: String, rawResponse: Any?) throws { init(recipientId: String, rawResponse: Any?) throws {
self.recipientId = recipientId self.recipientId = recipientId
Logger.info("rawResponse: \(rawResponse)")
guard let responseDict = rawResponse as? [String: Any?] else { guard let responseDict = rawResponse as? [String: Any?] else {
throw ValidationError.invalid(description: "\(TAG) unexpected type: \(String(describing: rawResponse))") throw ValidationError.invalid(description: "\(TAG) unexpected type: \(String(describing: rawResponse))")
} }
@ -177,26 +175,26 @@ struct SignalServiceProfile {
profileNameEncrypted = data profileNameEncrypted = data
} }
var avatarUrlEncrypted: Data? = nil var avatarUrlData: Data? = nil
if let avatarUrlString = responseDict["avatar"] as? String { if let avatarUrlString = responseDict["avatar"] as? String {
guard let data = Data(base64Encoded: avatarUrlString) else { guard let data = Data(base64Encoded: avatarUrlString) else {
throw ValidationError.invalidAvatarUrl(description: "\(TAG) unable to parse avatar URL: \(avatarUrlString)") throw ValidationError.invalidAvatarUrl(description: "\(TAG) unable to parse avatar URL: \(avatarUrlString)")
} }
avatarUrlEncrypted = data avatarUrlData = data
} }
var avatarDigestEncrypted: Data? = nil var avatarDigest: Data? = nil
if let avatarDigestString = responseDict["avatarDigest"] as? String { if let avatarDigestString = responseDict["avatarDigest"] as? String {
guard let data = Data(base64Encoded: avatarDigestString) else { guard let data = Data(base64Encoded: avatarDigestString) else {
throw ValidationError.invalidAvatarDigest(description: "\(TAG) unable to parse avatar digest: \(avatarDigestString)") throw ValidationError.invalidAvatarDigest(description: "\(TAG) unable to parse avatar digest: \(avatarDigestString)")
} }
avatarDigestEncrypted = data avatarDigest = data
} }
// `removeKeyType` is an objc category method only on NSData, so temporarily cast. // `removeKeyType` is an objc category method only on NSData, so temporarily cast.
self.identityKey = (identityKeyWithType as NSData).removeKeyType() as Data self.identityKey = (identityKeyWithType as NSData).removeKeyType() as Data
self.profileNameEncrypted = profileNameEncrypted self.profileNameEncrypted = profileNameEncrypted
self.avatarUrlEncrypted = avatarUrlEncrypted self.avatarUrlData = avatarUrlData
self.avatarDigestEncrypted = avatarDigestEncrypted self.avatarDigest = avatarDigest
} }
} }

Write Preview
Loading…
Cancel
Save