Bug 1153806 - Enable encryption of Loop room context data. r=mikedeboer
☠☠ backed out by 6be8f0db2eea ☠ ☠
authorMark Banner <standard8@mozilla.com>
Fri, 01 May 2015 13:41:38 +0100
changeset 273356 cf10c6adab483c7f53bc3a6df8237df531be3d88
parent 273355 89a69f4178775107fd56ce0fc314e6da3389fe14
child 273357 6be8f0db2eea828f000147add6428e04c06af13a
push id863
push userraliiev@mozilla.com
push dateMon, 03 Aug 2015 13:22:43 +0000
treeherdermozilla-release@f6321b14228d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmikedeboer
bugs1153806
milestone40.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1153806 - Enable encryption of Loop room context data. r=mikedeboer
browser/components/loop/modules/LoopRooms.jsm
browser/components/loop/test/xpcshell/test_looprooms.js
browser/components/loop/test/xpcshell/test_looprooms_encryption_in_fxa.js
--- a/browser/components/loop/modules/LoopRooms.jsm
+++ b/browser/components/loop/modules/LoopRooms.jsm
@@ -227,21 +227,16 @@ let LoopRoomsInternal = {
       serverRoomData.roomName = roomData.decryptedContext.roomName;
 
       return {
         all: roomData,
         encrypted: serverRoomData
       };
     }
 
-    // For now, disable encryption/context if context is disabled
-    if (!MozLoopService.getLoopPref("contextInConverations.enabled")) {
-      return getUnencryptedData();
-    }
-
     var newRoomData = extend({}, roomData);
 
     if (!newRoomData.context) {
       newRoomData.context = {};
     }
 
     // First get the room key.
     let key = yield this.promiseGetOrCreateRoomKey(newRoomData);
@@ -740,17 +735,18 @@ let LoopRoomsInternal = {
       let {all, encrypted} = yield this.promiseEncryptRoomData(roomData);
 
       // For patch, we only send the context data.
       let sendData = {
         context: encrypted.context
       };
 
       // If we're not encrypting currently, then only send the roomName.
-      if (!Services.prefs.getBoolPref("loop.contextInConverations.enabled")) {
+      // XXX This should go away once bug 1153788 is fixed.
+      if (!sendData.context) {
         sendData = {
           roomName: newRoomName
         };
       } else {
         // This might be an upgrade to encrypted rename, so store the key
         // just in case.
         yield this.roomsCache.setKey(this.sessionType, all.roomToken, all.roomKey);
       }
--- a/browser/components/loop/test/xpcshell/test_looprooms.js
+++ b/browser/components/loop/test/xpcshell/test_looprooms.js
@@ -6,18 +6,16 @@
 
 Cu.import("resource://services-common/utils.js");
 Cu.import("resource:///modules/loop/LoopRooms.jsm");
 Cu.import("resource:///modules/Chat.jsm");
 Cu.import("resource://gre/modules/Promise.jsm");
 
 let openChatOrig = Chat.open;
 
-const kContextEnabledPref = "loop.contextInConverations.enabled";
-
 const kGuestKey = "uGIs-kGbYt1hBBwjyW7MLQ";
 
 // Rooms details as responded by the server.
 const kRoomsResponses = new Map([
   ["_nxD4V4FflQ", {
     roomToken: "_nxD4V4FflQ",
     // Encrypted with roomKey "FliIGLUolW-xkKZVWstqKw".
     // roomKey is wrapped with kGuestKey.
@@ -287,24 +285,20 @@ add_task(function* setup_server() {
   loopServer.registerPathHandler("/rooms", (req, res) => {
     res.setStatusLine(null, 200, "OK");
 
     if (req.method == "POST") {
       Assert.ok(req.bodyInputStream, "POST request should have a payload");
       let body = CommonUtils.readBytesFromInputStream(req.bodyInputStream);
       let data = JSON.parse(body);
 
-      if (Services.prefs.getBoolPref(kContextEnabledPref)) {
-        Assert.equal(data.roomOwner, kCreateRoomProps.roomOwner);
-        Assert.equal(data.maxSize, kCreateRoomProps.maxSize);
-        Assert.ok(!("decryptedContext" in data), "should not have any decrypted data");
-        Assert.ok("context" in data, "should have context");
-      } else {
-        Assert.deepEqual(data, kCreateRoomUnencryptedProps);
-      }
+      Assert.equal(data.roomOwner, kCreateRoomProps.roomOwner);
+      Assert.equal(data.maxSize, kCreateRoomProps.maxSize);
+      Assert.ok(!("decryptedContext" in data), "should not have any decrypted data");
+      Assert.ok("context" in data, "should have context");
 
       res.write(JSON.stringify(kCreateRoomData));
     } else {
       if (req.queryString) {
         let qs = parseQueryString(req.queryString);
         let room = kRoomsResponses.get("_nxD4V4FflQ");
         room.participants = kRoomUpdates[qs.version].participants;
         room.deleted = kRoomUpdates[qs.version].deleted;
@@ -341,25 +335,21 @@ add_task(function* setup_server() {
       if (req.method == "POST") {
         let data = getJSONData(req.bodyInputStream);
         res.setStatusLine(null, 200, "OK");
         res.write(JSON.stringify(data));
         res.processAsync();
         res.finish();
       } else if (req.method == "PATCH") {
         let data = getJSONData(req.bodyInputStream);
-        if (Services.prefs.getBoolPref(kContextEnabledPref)) {
-          Assert.ok("context" in data, "should have encrypted context");
-          // We return a fake encrypted name here as the context is
-          // encrypted.
-          returnRoomDetails(res, "fakeEncrypted");
-        } else {
-          Assert.ok(!("context" in data), "should not have encrypted context");
-          returnRoomDetails(res, data.roomName);
-        }
+
+        Assert.ok("context" in data, "should have encrypted context");
+        // We return a fake encrypted name here as the context is
+        // encrypted.
+        returnRoomDetails(res, "fakeEncrypted");
       } else {
         roomDetail.context = room.context;
         res.setStatusLine(null, 200, "OK");
         res.write(JSON.stringify(roomDetail));
         res.processAsync();
         res.finish();
       }
     });
@@ -403,30 +393,16 @@ add_task(function* test_getRoom() {
 // Test if fetching a room with incorrect token or return values yields an error.
 add_task(function* test_errorStates() {
   yield Assert.rejects(LoopRooms.promise("get", "error401"), /Not Found/, "Fetching a non-existent room should fail");
   yield Assert.rejects(LoopRooms.promise("get", "errorMalformed"), /SyntaxError/, "Wrong message format should reject");
 });
 
 // Test if creating a new room works as expected.
 add_task(function* test_createRoom() {
-  Services.prefs.setBoolPref(kContextEnabledPref, true);
-
-  var expectedRoom = extend({}, kCreateRoomProps);
-  expectedRoom.roomToken = kCreateRoomData.roomToken;
-
-  gExpectedAdds.push(expectedRoom);
-  let room = yield LoopRooms.promise("create", kCreateRoomProps);
-  compareRooms(room, expectedRoom);
-});
-
-// XXX Test unencrypted rooms. This will go away once we switch encryption on.
-add_task(function* test_createRoom_unencrypted() {
-  Services.prefs.setBoolPref(kContextEnabledPref, false);
-
   var expectedRoom = extend({}, kCreateRoomProps);
   expectedRoom.roomToken = kCreateRoomData.roomToken;
 
   gExpectedAdds.push(expectedRoom);
   let room = yield LoopRooms.promise("create", kCreateRoomProps);
   compareRooms(room, expectedRoom);
 });
 
@@ -589,29 +565,21 @@ add_task(function* test_sendConnectionSt
 
   extraData.action = "status";
   extraData.sessionToken = "fakeStatusSessionToken";
   Assert.deepEqual(statusData, extraData);
 });
 
 // Test if renaming a room works as expected.
 add_task(function* test_renameRoom() {
-  Services.prefs.setBoolPref(kContextEnabledPref, true);
   let roomToken = "_nxD4V4FflQ";
   let renameData = yield LoopRooms.promise("rename", roomToken, "fakeName");
   Assert.equal(renameData.roomName, "fakeEncrypted", "should have set the new name");
 });
 
-add_task(function* test_renameRoom_unencrpyted() {
-  Services.prefs.setBoolPref(kContextEnabledPref, false);
-  let roomToken = "_nxD4V4FflQ";
-  let renameData = yield LoopRooms.promise("rename", roomToken, "fakeName");
-  Assert.equal(renameData.roomName, "fakeName", "should have set the new name");
-});
-
 add_task(function* test_roomDeleteNotifications() {
   gExpectedDeletes.push("_nxD4V4FflQ");
   roomsPushNotification("5", kChannelGuest);
   yield waitForCondition(() => gExpectedDeletes.length === 0);
 });
 
 // Test if deleting a room works as expected.
 add_task(function* test_deleteRoom() {
@@ -645,17 +613,16 @@ function run_test() {
   LoopRooms.on("delete", onRoomDeleted);
   LoopRooms.on("joined", onRoomJoined);
   LoopRooms.on("left", onRoomLeft);
   LoopRooms.on("refresh", onRefresh);
 
   do_register_cleanup(function () {
     // Revert original Chat.open implementation
     Chat.open = openChatOrig;
-    Services.prefs.clearUserPref(kContextEnabledPref);
     Services.prefs.clearUserPref("loop.key");
 
     MozLoopServiceInternal.fxAOAuthTokenData = null;
     MozLoopServiceInternal.fxAOAuthProfile = null;
 
     LoopRooms.off("add", onRoomAdded);
     LoopRooms.off("update", onRoomUpdated);
     LoopRooms.off("delete", onRoomDeleted);
--- a/browser/components/loop/test/xpcshell/test_looprooms_encryption_in_fxa.js
+++ b/browser/components/loop/test/xpcshell/test_looprooms_encryption_in_fxa.js
@@ -2,18 +2,16 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
  * You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 "use strict";
 
 Cu.import("resource://services-common/utils.js");
 const { LOOP_ROOMS_CACHE_FILENAME } = Cu.import("resource:///modules/loop/LoopRoomsCache.jsm", {});
 
-const kContextEnabledPref = "loop.contextInConverations.enabled";
-
 const kFxAKey = "uGIs-kGbYt1hBBwjyW7MLQ";
 
 // Rooms details as responded by the server.
 const kRoomsResponses = new Map([
   ["_nxD4V4FflQ", {
     // Encrypted with roomKey "FliIGLUolW-xkKZVWstqKw".
     // roomKey is wrapped with kFxAKey.
     context: {
@@ -246,24 +244,22 @@ add_task(function* test_create_room_save
 
   yield clearRoomsCache();
 });
 
 function run_test() {
   setupFakeLoopServer();
 
   Services.prefs.setCharPref("loop.key.fxa", kFxAKey);
-  Services.prefs.setBoolPref(kContextEnabledPref, true);
 
   // Pretend we're signed into FxA.
   MozLoopServiceInternal.fxAOAuthTokenData = { token_type: "bearer" };
   MozLoopServiceInternal.fxAOAuthProfile = { email: "fake@invalid.com" };
 
   do_register_cleanup(function () {
-    Services.prefs.clearUserPref(kContextEnabledPref);
     Services.prefs.clearUserPref("loop.key.fxa");
 
     MozLoopServiceInternal.fxAOAuthTokenData = null;
     MozLoopServiceInternal.fxAOAuthProfile = null;
   });
 
   run_next_test();
 }