Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Encrypted profile pic #661

Merged
merged 8 commits into from Dec 2, 2019

Conversation

@sachaaaaa
Copy link
Collaborator

sachaaaaa commented Nov 26, 2019

  • Encrypt/decrypt picture when uploading/downloading
  • Prevent downloading our own picture right after having uploaded it (we already have the bytes)
  • set profileSharing on every conversation to true to enable sending the profileKey with every message

Note that the public chat side of things will come in the next PR.
EDIT: changes for public chat added in this PR but in a separate commit

  • set profileSharing to true only before sending a friend request (FR), or after becoming friend, for private chats
  • add logic in the AppDotNet API to store our profileKey in the user annotation
  • share our profileKey on the public chat only upon sending a message the first time
  • share our profileKey on the public chat every time it changes, unless we've never sent any messages

EDIT2: Major re-org of this PR, please review commit by commit :)

@sachaaaaa sachaaaaa requested review from msgmaxim and Mikunj Nov 26, 2019
@sachaaaaa sachaaaaa changed the title Encrypted profile pic for private message Encrypted profile pic Nov 26, 2019
@sachaaaaa

This comment has been minimized.

Copy link
Collaborator Author

sachaaaaa commented Nov 27, 2019

I doubt this PR tackles the multi-device case, where we show the primary device's avatar for a message sent by a secondary device. Am testing this now, will post any fixes in a new PR if necessary!

@sachaaaaa sachaaaaa force-pushed the sachaaaaa:encrypted_avatar branch from acc24e9 to acc1998 Nov 29, 2019
@sachaaaaa

This comment has been minimized.

Copy link
Collaborator Author

sachaaaaa commented Nov 29, 2019

I have force-pushed a brand new history for this branch.
This should have everything for encrypted profile pics, with all specific changes split into separate commits.

@sachaaaaa sachaaaaa requested a review from neuroscr Nov 29, 2019
@@ -254,6 +266,14 @@ class LokiAppDotNetServerAPI {
return res.response.data.annotations || [];
}

async setAvatar(url, profileKey) {
let value = null;
if (url && profileKey) {

This comment has been minimized.

Copy link
@Mikunj

Mikunj Nov 29, 2019

Collaborator

would it be good to check for an empty url here too?

js/modules/loki_app_dot_net_api.js Show resolved Hide resolved
@@ -254,6 +266,14 @@ class LokiAppDotNetServerAPI {
return res.response.data.annotations || [];
}

async setAvatar(url, profileKey) {
let value = null;

This comment has been minimized.

Copy link
@neuroscr

neuroscr Dec 1, 2019

This should be undefined. A null is preserved but an undefined will clean up the complete annotation. This is post Sacha, I can change this after the PR.


// FIXME: this is not file-server specific
// and is currently called by LokiAppDotNetAPI.
// LokiAppDotNetAPI (base) should not know about LokiFileServer.

This comment has been minimized.

Copy link
@neuroscr

neuroscr Dec 1, 2019

This may need to be discussed. This isn't the specific function (though it has the same name) that LokiAppDotNetAPI calls, it uses the lokiFileServerAPIFactory which is like a global singleton (analogous to our LokiPublicChatAPI).

Though I guess the concept of home server will disable when we share private keys.

@neuroscr neuroscr merged commit a3abf3b into loki-project:clearnet Dec 2, 2019
2 checks passed
2 checks passed
continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.