Closed srichal closed 9 years ago
On steps 6 and 7 it would be good to call out that we will be moving the keys via HTTP request and response headers and not TLS because of the TLS issues you discuss in the stories article.
Could not do #1 as Matt's branch has issues where multiple cards are not being saved to the DB. Sent an email to Matt.
Could not work on #2 as JXcore build failed. Sent an email to Oguz.
Oguz provided a jxcore-binary that includes the needed crypto APIs. Using this, completed the code to create/save the pkcs12 content to a file. Completed code to check if the file exists and read the file to extract the public-key from it. Completed code to generate a public-key hash.
Completed code to read the entire cards-DB and check if an address-book entry of the device's publick-key hash is present. Added code to add the address-book entry if needed.
Need to perform the above two tasks synchronously. Then I will add a "TO:" drop-down list to each postcard and populate it with address-book entries.
Done: 1) Completed the task of "creating pkcs12 file" and "saving public-key-hash value in DB" synchronously. 2) Started the app using the correct user-id (public-key-hash) instead of a randomly generated id. 3) Populated the "from" & "to" fields in each postcard correctly.
To Do: 1) Do not show the card if the card-entry is an address. Code is done but the string-match function call is not working. Need to fix this. 2) Do not display any card on app-start. At this time, the only entry in the card-db is an address and so no card is shown. 3) Test cards sync between 2 phones.
Fixed the code that checks if an entry in the card-DB is a postcard entry or an addressbook entry. Accordingly, only postcard entries are added to the UI.
Tested the below use cases: 1) User-id is correctly added to the DB and shown in the "from" part of each postcard. 2) Added multiple cards to the DB and made sure only postcard entries are shown in the UI. 3) Deleted a postcard. 4) The DB entries are stable on app-end and app-restart.
TODO: 1) Submit a PR to story-00 branch of the Thali_CordovaPlugin. 2) Submit a PR to story-00 branch of the postcard app. 3) Test sync between two phones. 4) Add code to populate the "to" section of each postcard in the app when a new address is available because of sync with a 2nd device. 5) Make the "to" section a drop-down list instead of the current text box.
It's too late now but this really should have been filed against Thali_CordovaPlugin or maybe postcardapp. We don't really track issues in the Thali depot, it's just our blog now.
1) Re-base to Matt's story-0 branch.
2) Build new JX so that the recently added crypto APIs can be used to create the PKCS12 file and then extract the public-key from it.
3) Create a new DB to store the public key of all the devices including the current one. Prompt/add the current device's user-name and public-key on app startup. (DONE)
4) When the app starts advertising itself it must advertise its public key hash, not its name.
5) When connecting to a discovered endpoint via PouchDB the connection must validate that the proper public key was presented by the server and the client must present its public key.
6) When receiving a connection via PouchDB the connection must be validated to ensure that a proper public key and signature was used.
7) Whenever the user creates a new postcard they have to specify who the postcard is to. The possible values will be retrieved by a search on "addressbook-*" excluding the users own identity. (DONE - have to make the "to" filed a drop down list instead of a simple text-box).
8) When the app starts for the first time and the user enters the name, no postcard is added at this time. (DONE)
9) Was able to add one postcard using the old DB but could not create more. Need to fix this.