Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[TECH-676] Use properly LatestConfig to encrypt affidavit #217

Merged
merged 1 commit into from
Dec 14, 2022
Merged

[TECH-676] Use properly LatestConfig to encrypt affidavit #217

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions lib/av_client.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -396,9 +396,9 @@ export class AVClient implements IAVClient {

let encryptedAffidavit;

if (affidavit && this.latestConfig && this.latestConfig.castRequestItemAttachmentEncryptionKey) {
if (affidavit && this?.latestConfig?.items?.electionConfig?.content?.castRequestItemAttachmentEncryptionKey) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given we're using TypeScript, can we make these null assertions at the Type level? (i.e., fail when parsing the API response)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@MateuszMichalowski @unnunhexium WDYT?

Copy link
Contributor

@MateuszMichalowski MateuszMichalowski Dec 15, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are you referring to add union types with null possibility to these @av-lukas or you have something else in mind?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure how union types would be used here, but I'm referring to the fact that at this point in the lifecycle of the av_client, if the affidavit is present, then it also means that the client has been told to ask for one, via the configuration object. So, in that case, the castRequestItemAttachmentEncryptionKey should always be present, and the null checks shouldn't be necessary. The class that wraps it should enforce it to be present when parsing the request.

try {
encryptedAffidavit = dhEncrypt(this.latestConfig.castRequestItemAttachmentEncryptionKey, affidavit).toString()
encryptedAffidavit = dhEncrypt(this.latestConfig.items.electionConfig.content.castRequestItemAttachmentEncryptionKey, affidavit).toString()

castRequestItem.content['attachment'] = sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash(encryptedAffidavit))
} catch (err) {
Expand Down
3 changes: 1 addition & 2 deletions lib/av_client/types.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -272,7 +272,6 @@ export interface LatestConfig {
items: LatestConfigItems
receipt?: string
affidavit?: AffidavitConfig
castRequestItemAttachmentEncryptionKey?: string
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This element is not available on the root object.

}

export interface LatestConfigItems {
Expand Down Expand Up @@ -418,4 +417,4 @@ export interface ClientState {
voterGroup: string
}
}
}
}