jonny
/
Signal-Desktop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Signal-Desktop/js/signal_protocol_store.js

1031 lines
34 KiB
JavaScript
Raw Normal View History

Format all source code using Prettier
2018-04-27 21:25:04 +00:00
(function() {
'use strict';
var TIMESTAMP_THRESHOLD = 5 * 1000; // 5 seconds
var Direction = {
SENDING: 1,
RECEIVING: 2,
};
var VerifiedStatus = {
DEFAULT: 0,
VERIFIED: 1,
UNVERIFIED: 2,
};
function validateVerifiedStatus(status) {
if (
status === VerifiedStatus.DEFAULT ||
status === VerifiedStatus.VERIFIED ||
status === VerifiedStatus.UNVERIFIED
) {
return true;
Add identityKey model validation This will enforce that all identity record attributes are valid and present before allowing the record to be saved. This is necessary since we will be exposing a lower-level method to save an identity with explicit values for firstUse, nonblockingApproval, and verified status.
2017-06-13 19:38:44 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
return false;
}
Add identityKey model validation This will enforce that all identity record attributes are valid and present before allowing the record to be saved. This is necessary since we will be exposing a lower-level method to save an identity with explicit values for firstUse, nonblockingApproval, and verified status.
2017-06-13 19:38:44 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
var StaticByteBufferProto = new dcodeIO.ByteBuffer().__proto__;
var StaticArrayBufferProto = new ArrayBuffer().__proto__;
var StaticUint8ArrayProto = new Uint8Array().__proto__;
Fix reference errors in isStringable // FREEBIE
2016-04-26 22:15:23 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
function isStringable(thing) {
return (
thing === Object(thing) &&
(thing.__proto__ == StaticArrayBufferProto ||
thing.__proto__ == StaticUint8ArrayProto ||
thing.__proto__ == StaticByteBufferProto)
);
}
function convertToArrayBuffer(thing) {
if (thing === undefined) {
return undefined;
}
if (thing === Object(thing)) {
if (thing.__proto__ == StaticArrayBufferProto) {
return thing;
}
//TODO: Several more cases here...
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
if (thing instanceof Array) {
// Assuming Uint16Array from curve25519
var res = new ArrayBuffer(thing.length * 2);
var uint = new Uint16Array(res);
for (var i = 0; i < thing.length; i++) {
uint[i] = thing[i];
}
return res;
}
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
var str;
if (isStringable(thing)) {
str = stringObject(thing);
} else if (typeof thing == 'string') {
str = thing;
} else {
throw new Error(
'Tried to convert a non-stringable thing of type ' +
typeof thing +
' to an array buffer'
);
}
var res = new ArrayBuffer(str.length);
var uint = new Uint8Array(res);
for (var i = 0; i < str.length; i++) {
uint[i] = str.charCodeAt(i);
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
return res;
}
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
function equalArrayBuffers(ab1, ab2) {
if (!(ab1 instanceof ArrayBuffer && ab2 instanceof ArrayBuffer)) {
return false;
}
if (ab1.byteLength !== ab2.byteLength) {
return false;
Store identity keys in indexeddb Let device storage request them from axolotl store rather than storing a copy.
2015-04-21 22:54:25 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
var result = 0;
var ta1 = new Uint8Array(ab1);
var ta2 = new Uint8Array(ab2);
for (var i = 0; i < ab1.byteLength; ++i) {
result = result | (ta1[i] ^ ta2[i]);
}
return result === 0;
}
Store identity keys in indexeddb Let device storage request them from axolotl store rather than storing a copy.
2015-04-21 22:54:25 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
var Model = Backbone.Model.extend({ database: Whisper.Database });
var PreKey = Model.extend({ storeName: 'preKeys' });
var PreKeyCollection = Backbone.Collection.extend({
storeName: 'preKeys',
database: Whisper.Database,
model: PreKey,
});
var SignedPreKey = Model.extend({ storeName: 'signedPreKeys' });
var SignedPreKeyCollection = Backbone.Collection.extend({
storeName: 'signedPreKeys',
database: Whisper.Database,
model: SignedPreKey,
});
var Session = Model.extend({ storeName: 'sessions' });
var SessionCollection = Backbone.Collection.extend({
storeName: 'sessions',
database: Whisper.Database,
model: Session,
fetchSessionsForNumber: function(number) {
return this.fetch({ range: [number + '.1', number + '.' + ':'] });
},
});
var Unprocessed = Model.extend({ storeName: 'unprocessed' });
var UnprocessedCollection = Backbone.Collection.extend({
storeName: 'unprocessed',
database: Whisper.Database,
model: Unprocessed,
comparator: 'timestamp',
});
var IdentityRecord = Model.extend({
storeName: 'identityKeys',
validAttributes: [
'id',
'publicKey',
'firstUse',
'timestamp',
'verified',
'nonblockingApproval',
],
validate: function(attrs, options) {
var attributeNames = _.keys(attrs);
var validAttributes = this.validAttributes;
var allValid = _.all(attributeNames, function(attributeName) {
return _.contains(validAttributes, attributeName);
});
if (!allValid) {
return new Error('Invalid identity key attribute names');
}
var allPresent = _.all(validAttributes, function(attributeName) {
return _.contains(attributeNames, attributeName);
});
if (!allPresent) {
return new Error('Missing identity key attributes');
}
Add identityKey model validation This will enforce that all identity record attributes are valid and present before allowing the record to be saved. This is necessary since we will be exposing a lower-level method to save an identity with explicit values for firstUse, nonblockingApproval, and verified status.
2017-06-13 19:38:44 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
if (typeof attrs.id !== 'string') {
return new Error('Invalid identity key id');
}
if (!(attrs.publicKey instanceof ArrayBuffer)) {
return new Error('Invalid identity key publicKey');
}
if (typeof attrs.firstUse !== 'boolean') {
return new Error('Invalid identity key firstUse');
}
if (typeof attrs.timestamp !== 'number' || !(attrs.timestamp >= 0)) {
return new Error('Invalid identity key timestamp');
}
if (!validateVerifiedStatus(attrs.verified)) {
return new Error('Invalid identity key verified');
Add identityKey model validation This will enforce that all identity record attributes are valid and present before allowing the record to be saved. This is necessary since we will be exposing a lower-level method to save an identity with explicit values for firstUse, nonblockingApproval, and verified status.
2017-06-13 19:38:44 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
if (typeof attrs.nonblockingApproval !== 'boolean') {
return new Error('Invalid identity key nonblockingApproval');
}
},
});
var Group = Model.extend({ storeName: 'groups' });
var Item = Model.extend({ storeName: 'items' });
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
function SignalProtocolStore() {}
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
SignalProtocolStore.prototype = {
constructor: SignalProtocolStore,
getIdentityKeyPair: function() {
var item = new Item({ id: 'identityKey' });
return new Promise(function(resolve, reject) {
item.fetch().then(function() {
resolve(item.get('value'));
}, reject);
});
},
getLocalRegistrationId: function() {
var item = new Item({ id: 'registrationId' });
return new Promise(function(resolve, reject) {
item.fetch().then(function() {
resolve(item.get('value'));
}, reject);
});
},
/* Returns a prekeypair object or undefined */
loadPreKey: function(keyId) {
var prekey = new PreKey({ id: keyId });
return new Promise(function(resolve) {
prekey.fetch().then(
function() {
console.log('Successfully fetched prekey:', keyId);
resolve({
pubKey: prekey.get('publicKey'),
privKey: prekey.get('privateKey'),
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
});
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
},
function() {
console.log('Failed to fetch prekey:', keyId);
resolve();
}
);
});
},
storePreKey: function(keyId, keyPair) {
var prekey = new PreKey({
id: keyId,
publicKey: keyPair.pubKey,
privateKey: keyPair.privKey,
});
return new Promise(function(resolve) {
prekey.save().always(function() {
resolve();
});
});
},
removePreKey: function(keyId) {
var prekey = new PreKey({ id: keyId });
this.trigger('removePreKey');
return new Promise(function(resolve) {
var deferred = prekey.destroy();
if (!deferred) {
return resolve();
}
return deferred.then(resolve, function(error) {
console.log(
'removePreKey error:',
error && error.stack ? error.stack : error
);
resolve();
});
});
},
clearPreKeyStore: function() {
return new Promise(function(resolve) {
var preKeys = new PreKeyCollection();
preKeys.sync('delete', preKeys, {}).always(resolve);
});
},
/* Returns a signed keypair object or undefined */
loadSignedPreKey: function(keyId) {
var prekey = new SignedPreKey({ id: keyId });
return new Promise(function(resolve) {
prekey
.fetch()
.then(function() {
console.log(
'Successfully fetched signed prekey:',
prekey.get('id')
);
resolve({
pubKey: prekey.get('publicKey'),
privKey: prekey.get('privateKey'),
created_at: prekey.get('created_at'),
keyId: prekey.get('id'),
confirmed: prekey.get('confirmed'),
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
});
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
})
.fail(function() {
console.log('Failed to fetch signed prekey:', keyId);
resolve();
});
});
},
loadSignedPreKeys: function() {
if (arguments.length > 0) {
return Promise.reject(
new Error('loadSignedPreKeys takes no arguments')
);
}
var signedPreKeys = new SignedPreKeyCollection();
return new Promise(function(resolve) {
signedPreKeys.fetch().then(function() {
resolve(
signedPreKeys.map(function(prekey) {
return {
pubKey: prekey.get('publicKey'),
privKey: prekey.get('privateKey'),
created_at: prekey.get('created_at'),
keyId: prekey.get('id'),
confirmed: prekey.get('confirmed'),
};
})
);
});
});
},
storeSignedPreKey: function(keyId, keyPair, confirmed) {
var prekey = new SignedPreKey({
id: keyId,
publicKey: keyPair.pubKey,
privateKey: keyPair.privKey,
created_at: Date.now(),
confirmed: Boolean(confirmed),
});
return new Promise(function(resolve) {
prekey.save().always(function() {
resolve();
});
});
},
removeSignedPreKey: function(keyId) {
var prekey = new SignedPreKey({ id: keyId });
return new Promise(function(resolve, reject) {
var deferred = prekey.destroy();
if (!deferred) {
return resolve();
}
deferred.then(resolve, reject);
});
},
clearSignedPreKeysStore: function() {
return new Promise(function(resolve) {
var signedPreKeys = new SignedPreKeyCollection();
signedPreKeys.sync('delete', signedPreKeys, {}).always(resolve);
});
},
loadSession: function(encodedNumber) {
if (encodedNumber === null || encodedNumber === undefined) {
throw new Error('Tried to get session for undefined/null number');
}
return new Promise(function(resolve) {
var session = new Session({ id: encodedNumber });
session.fetch().always(function() {
resolve(session.get('record'));
});
});
},
storeSession: function(encodedNumber, record) {
if (encodedNumber === null || encodedNumber === undefined) {
throw new Error('Tried to put session for undefined/null number');
}
return new Promise(function(resolve) {
var number = textsecure.utils.unencodeNumber(encodedNumber)[0];
var deviceId = parseInt(
textsecure.utils.unencodeNumber(encodedNumber)[1]
);
var session = new Session({ id: encodedNumber });
session.fetch().always(function() {
session
.save({
record: record,
deviceId: deviceId,
number: number,
})
.fail(function(e) {
console.log('Failed to save session', encodedNumber, e);
})
.always(function() {
resolve();
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
});
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
});
});
},
getDeviceIds: function(number) {
if (number === null || number === undefined) {
throw new Error('Tried to get device ids for undefined/null number');
}
return new Promise(function(resolve) {
var sessions = new SessionCollection();
sessions.fetchSessionsForNumber(number).always(function() {
resolve(sessions.pluck('deviceId'));
});
});
},
removeSession: function(encodedNumber) {
console.log('deleting session for ', encodedNumber);
return new Promise(function(resolve) {
var session = new Session({ id: encodedNumber });
session
.fetch()
.then(function() {
session.destroy().then(resolve);
})
.fail(resolve);
});
},
removeAllSessions: function(number) {
if (number === null || number === undefined) {
throw new Error('Tried to remove sessions for undefined/null number');
}
return new Promise(function(resolve, reject) {
var sessions = new SessionCollection();
sessions.fetchSessionsForNumber(number).always(function() {
var promises = [];
while (sessions.length > 0) {
promises.push(
new Promise(function(res, rej) {
sessions
.pop()
.destroy()
.then(res, rej);
})
);
}
Promise.all(promises).then(resolve, reject);
});
});
},
archiveSiblingSessions: function(identifier) {
var address = libsignal.SignalProtocolAddress.fromString(identifier);
return this.getDeviceIds(address.getName()).then(function(deviceIds) {
var deviceIds = _.without(deviceIds, address.getDeviceId());
return Promise.all(
deviceIds.map(function(deviceId) {
var sibling = new libsignal.SignalProtocolAddress(
address.getName(),
deviceId
);
console.log('closing session for', sibling.toString());
var sessionCipher = new libsignal.SessionCipher(
textsecure.storage.protocol,
sibling
);
return sessionCipher.closeOpenSessionForDevice();
})
);
});
},
archiveAllSessions: function(number) {
return this.getDeviceIds(number).then(function(deviceIds) {
return Promise.all(
deviceIds.map(function(deviceId) {
var address = new libsignal.SignalProtocolAddress(number, deviceId);
console.log('closing session for', address.toString());
var sessionCipher = new libsignal.SessionCipher(
textsecure.storage.protocol,
address
);
return sessionCipher.closeOpenSessionForDevice();
})
);
});
},
clearSessionStore: function() {
return new Promise(function(resolve) {
var sessions = new SessionCollection();
sessions.sync('delete', sessions, {}).always(resolve);
});
},
isTrustedIdentity: function(identifier, publicKey, direction) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to get identity key for undefined/null key');
}
var number = textsecure.utils.unencodeNumber(identifier)[0];
var isOurNumber = number === textsecure.storage.user.getNumber();
var identityRecord = new IdentityRecord({ id: number });
return new Promise(function(resolve) {
identityRecord.fetch().always(resolve);
}).then(
function() {
var existing = identityRecord.get('publicKey');
if (isOurNumber) {
return equalArrayBuffers(existing, publicKey);
}
Fixup refreshPreKeys and call it whenever a prekey is deleted
2015-05-05 20:29:42 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
switch (direction) {
case Direction.SENDING:
return this.isTrustedForSending(publicKey, identityRecord);
case Direction.RECEIVING:
return true;
default:
throw new Error('Unknown direction: ' + direction);
}
}.bind(this)
);
},
isTrustedForSending: function(publicKey, identityRecord) {
var existing = identityRecord.get('publicKey');
Move refresh prekeys out of SignalProtocolStore Use an event/listener instead // FREEBIE
2017-05-22 22:24:24 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
if (!existing) {
console.log('isTrustedForSending: Nothing here, returning true...');
return true;
}
if (!equalArrayBuffers(existing, publicKey)) {
console.log("isTrustedForSending: Identity keys don't match...");
return false;
}
if (identityRecord.get('verified') === VerifiedStatus.UNVERIFIED) {
console.log('Needs unverified approval!');
return false;
}
if (this.isNonBlockingApprovalRequired(identityRecord)) {
console.log('isTrustedForSending: Needs non-blocking approval!');
return false;
}
return true;
},
loadIdentityKey: function(identifier) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to get identity key for undefined/null key');
}
var number = textsecure.utils.unencodeNumber(identifier)[0];
return new Promise(function(resolve) {
var identityRecord = new IdentityRecord({ id: number });
identityRecord.fetch().always(function() {
resolve(identityRecord.get('publicKey'));
});
});
},
saveIdentity: function(identifier, publicKey, nonblockingApproval) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to put identity key for undefined/null key');
}
if (!(publicKey instanceof ArrayBuffer)) {
publicKey = convertToArrayBuffer(publicKey);
}
if (typeof nonblockingApproval !== 'boolean') {
nonblockingApproval = false;
}
var number = textsecure.utils.unencodeNumber(identifier)[0];
return new Promise(
function(resolve, reject) {
var identityRecord = new IdentityRecord({ id: number });
identityRecord.fetch().always(
function() {
var oldpublicKey = identityRecord.get('publicKey');
if (!oldpublicKey) {
// Lookup failed, or the current key was removed, so save this one.
console.log('Saving new identity...');
identityRecord
.save({
publicKey: publicKey,
firstUse: true,
timestamp: Date.now(),
verified: VerifiedStatus.DEFAULT,
nonblockingApproval: nonblockingApproval,
})
.then(function() {
resolve(false);
}, reject);
} else if (!equalArrayBuffers(oldpublicKey, publicKey)) {
console.log('Replacing existing identity...');
var previousStatus = identityRecord.get('verified');
var verifiedStatus;
if (
previousStatus === VerifiedStatus.VERIFIED ||
previousStatus === VerifiedStatus.UNVERIFIED
) {
verifiedStatus = VerifiedStatus.UNVERIFIED;
} else {
verifiedStatus = VerifiedStatus.DEFAULT;
A variety of logging improvements to track down bugs (#1832) * Log when we get a blocked numbers sync message * Save three old signed keys in addition to the current active * Remove the mystery from all the error-related log messages * Log successful load of signed key - to help debug prekey errors * removeSignedPreKey: Don't hang or crash in error cases * Log on top-level unhandled promise rejection * Remove trailing comma in param list, Electron 1.6 does not like * Harden top-level error handler for strange object shapes
2017-11-30 19:56:29 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
identityRecord
.save({
publicKey: publicKey,
firstUse: false,
timestamp: Date.now(),
verified: verifiedStatus,
nonblockingApproval: nonblockingApproval,
})
.then(
function() {
this.trigger('keychange', number);
this.archiveSiblingSessions(identifier).then(function() {
resolve(true);
}, reject);
}.bind(this),
reject
);
} else if (this.isNonBlockingApprovalRequired(identityRecord)) {
console.log('Setting approval status...');
identityRecord
.save({
nonblockingApproval: nonblockingApproval,
})
.then(function() {
resolve(false);
}, reject);
} else {
resolve(false);
}
}.bind(this)
);
}.bind(this)
);
},
isNonBlockingApprovalRequired: function(identityRecord) {
return (
!identityRecord.get('firstUse') &&
Date.now() - identityRecord.get('timestamp') < TIMESTAMP_THRESHOLD &&
!identityRecord.get('nonblockingApproval')
);
},
saveIdentityWithAttributes: function(identifier, attributes) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to put identity key for undefined/null key');
}
var number = textsecure.utils.unencodeNumber(identifier)[0];
return new Promise(function(resolve, reject) {
var identityRecord = new IdentityRecord({ id: number });
identityRecord.set(attributes);
if (identityRecord.isValid()) {
// false if invalid attributes
identityRecord.save().then(resolve);
} else {
reject(identityRecord.validationError);
}
});
},
setApproval: function(identifier, nonblockingApproval) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to set approval for undefined/null identifier');
}
if (typeof nonblockingApproval !== 'boolean') {
throw new Error('Invalid approval status');
}
var number = textsecure.utils.unencodeNumber(identifier)[0];
return new Promise(function(resolve, reject) {
var identityRecord = new IdentityRecord({ id: number });
identityRecord.fetch().then(function() {
identityRecord
.save({
nonblockingApproval: nonblockingApproval,
})
.then(
function() {
resolve();
},
function() {
// catch
reject(new Error('No identity record for ' + number));
}
);
});
});
},
setVerified: function(identifier, verifiedStatus, publicKey) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to set verified for undefined/null key');
}
if (!validateVerifiedStatus(verifiedStatus)) {
throw new Error('Invalid verified status');
}
if (arguments.length > 2 && !(publicKey instanceof ArrayBuffer)) {
throw new Error('Invalid public key');
}
return new Promise(function(resolve, reject) {
var identityRecord = new IdentityRecord({ id: identifier });
identityRecord.fetch().then(
function() {
if (
!publicKey ||
equalArrayBuffers(identityRecord.get('publicKey'), publicKey)
) {
identityRecord.set({ verified: verifiedStatus });
A variety of logging improvements to track down bugs (#1832) * Log when we get a blocked numbers sync message * Save three old signed keys in addition to the current active * Remove the mystery from all the error-related log messages * Log successful load of signed key - to help debug prekey errors * removeSignedPreKey: Don't hang or crash in error cases * Log on top-level unhandled promise rejection * Remove trailing comma in param list, Electron 1.6 does not like * Harden top-level error handler for strange object shapes
2017-11-30 19:56:29 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
if (identityRecord.isValid()) {
identityRecord.save({}).then(function() {
resolve();
}, reject);
} else {
reject(identityRecord.validationError);
}
} else {
console.log('No identity record for specified publicKey');
resolve();
Add loadSignedPreKeys to SignalProtocolStore
2017-02-16 02:16:33 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
},
function() {
// catch
reject(new Error('No identity record for ' + identifier));
}
);
});
},
getVerified: function(identifier) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to set verified for undefined/null key');
}
return new Promise(function(resolve, reject) {
var identityRecord = new IdentityRecord({ id: identifier });
identityRecord.fetch().then(
function() {
var verifiedStatus = identityRecord.get('verified');
if (validateVerifiedStatus(verifiedStatus)) {
resolve(verifiedStatus);
} else {
resolve(VerifiedStatus.DEFAULT);
}
},
function() {
// catch
reject(new Error('No identity record for ' + identifier));
}
);
});
},
// Resolves to true if a new identity key was saved
processContactSyncVerificationState: function(
identifier,
verifiedStatus,
publicKey
) {
if (verifiedStatus === VerifiedStatus.UNVERIFIED) {
return this.processUnverifiedMessage(
identifier,
verifiedStatus,
publicKey
);
} else {
return this.processVerifiedMessage(
identifier,
verifiedStatus,
publicKey
);
}
},
// This function encapsulates the non-Java behavior, since the mobile apps don't
// currently receive contact syncs and therefore will see a verify sync with
// UNVERIFIED status
processUnverifiedMessage: function(identifier, verifiedStatus, publicKey) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to set verified for undefined/null key');
}
if (publicKey !== undefined && !(publicKey instanceof ArrayBuffer)) {
throw new Error('Invalid public key');
}
return new Promise(
function(resolve, reject) {
var identityRecord = new IdentityRecord({ id: identifier });
var isPresent = false;
var isEqual = false;
identityRecord
.fetch()
.then(function() {
isPresent = true;
if (publicKey) {
isEqual = equalArrayBuffers(
publicKey,
identityRecord.get('publicKey')
);
}
})
.always(
function() {
if (
isPresent &&
isEqual &&
identityRecord.get('verified') !== VerifiedStatus.UNVERIFIED
) {
return textsecure.storage.protocol
.setVerified(identifier, verifiedStatus, publicKey)
.then(resolve, reject);
removeSignedPrekey: Be resilient to delete returning nothing (#1769)
2017-11-15 00:37:44 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
if (!isPresent || !isEqual) {
return textsecure.storage.protocol
.saveIdentityWithAttributes(identifier, {
publicKey: publicKey,
verified: verifiedStatus,
firstUse: false,
timestamp: Date.now(),
nonblockingApproval: true,
})
.then(
function() {
if (isPresent && !isEqual) {
this.trigger('keychange', identifier);
return this.archiveAllSessions(identifier).then(
function() {
// true signifies that we overwrote a previous key with a new one
return resolve(true);
},
reject
);
}
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
return resolve();
}.bind(this),
reject
);
}
Move Session storage to axolotlstore
2015-04-21 20:30:22 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
// The situation which could get us here is:
// 1. had a previous key
// 2. new key is the same
// 3. desired new status is same as what we had before
return resolve();
}.bind(this)
);
}.bind(this)
);
},
// This matches the Java method as of
// https://github.com/signalapp/Signal-Android/blob/d0bb68e1378f689e4d10ac6a46014164992ca4e4/src/org/thoughtcrime/securesms/util/IdentityUtil.java#L188
processVerifiedMessage: function(identifier, verifiedStatus, publicKey) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to set verified for undefined/null key');
}
if (!validateVerifiedStatus(verifiedStatus)) {
throw new Error('Invalid verified status');
}
if (publicKey !== undefined && !(publicKey instanceof ArrayBuffer)) {
throw new Error('Invalid public key');
}
return new Promise(
function(resolve, reject) {
var identityRecord = new IdentityRecord({ id: identifier });
var isPresent = false;
var isEqual = false;
identityRecord
.fetch()
.then(function() {
isPresent = true;
if (publicKey) {
isEqual = equalArrayBuffers(
publicKey,
identityRecord.get('publicKey')
);
}
})
.always(
function() {
if (!isPresent && verifiedStatus === VerifiedStatus.DEFAULT) {
console.log('No existing record for default status');
return resolve();
Update isTrustedIdentity for directional trust // FREEBIE
2017-05-24 22:11:03 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
if (
isPresent &&
isEqual &&
identityRecord.get('verified') !== VerifiedStatus.DEFAULT &&
verifiedStatus === VerifiedStatus.DEFAULT
) {
return textsecure.storage.protocol
.setVerified(identifier, verifiedStatus, publicKey)
.then(resolve, reject);
Update isTrustedIdentity for directional trust // FREEBIE
2017-05-24 22:11:03 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
if (
verifiedStatus === VerifiedStatus.VERIFIED &&
(!isPresent ||
(isPresent && !isEqual) ||
(isPresent &&
identityRecord.get('verified') !==
VerifiedStatus.VERIFIED))
) {
return textsecure.storage.protocol
.saveIdentityWithAttributes(identifier, {
publicKey: publicKey,
verified: verifiedStatus,
firstUse: false,
timestamp: Date.now(),
nonblockingApproval: true,
})
.then(
function() {
if (isPresent && !isEqual) {
this.trigger('keychange', identifier);
return this.archiveAllSessions(identifier).then(
function() {
// true signifies that we overwrote a previous key with a new one
return resolve(true);
},
reject
);
Add verified status // FREEBIE
2017-06-12 19:55:16 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
return resolve();
}.bind(this),
reject
);
Add new methods to identity store // FREEBIE
2017-06-13 19:39:26 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
// We get here if we got a new key and the status is DEFAULT. If the
// message is out of date, we don't want to lose whatever more-secure
// state we had before.
return resolve();
}.bind(this)
);
}.bind(this)
);
},
isUntrusted: function(identifier) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to set verified for undefined/null key');
}
return new Promise(function(resolve, reject) {
var identityRecord = new IdentityRecord({ id: identifier });
identityRecord.fetch().then(
function() {
if (
Date.now() - identityRecord.get('timestamp') <
TIMESTAMP_THRESHOLD &&
!identityRecord.get('nonblockingApproval') &&
!identityRecord.get('firstUse')
) {
resolve(true);
Unify processVerifiedMessage with Java implementation This removes our support for the New Key/DEFAULT case, which iOS will sync to us. Why? Because it ensures that in out of date scenarios, we don't lose the higher-security state we were in previously. FREEBIE
2017-07-12 21:53:56 +00:00
} else {
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
resolve(false);
Add special handling for verification sync processVerifiedMessage checks the current state of the database against the identity key from an incoming verification sync message to determine whether or how to update our local record. When syncing a DEFAULT status and we have no local record, it's a no-op, but we'll log it. When syncing a DEFAULT status and we have non-default record with the same key, mark it as default. When syncing a VERIFIED status and either: 1. we have no key on record, 2. we have have a different key on record, or 3. we have the same key on record, but not verified mark it as verified. Otherwise do nothing. References: https://github.com/WhisperSystems/Signal-Android/blob/master/src/org/thoughtcrime/securesms/util/IdentityUtil.java#L129 // FREEBIE Ensure processVerified resolves
2017-06-17 01:17:38 +00:00
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
},
function() {
// catch
reject(new Error('No identity record for ' + identifier));
}
);
});
},
Move to npm for several dependencies mustache jQuery underscore backbone mocha chai intl-tel-input
2018-05-20 03:53:12 +00:00
removeIdentityKey: async function(number) {
const identityRecord = new IdentityRecord({ id: number });
try {
await wrapDeferred(identityRecord.fetch());
await wrapDeferred(identityRecord.destroy());
return textsecure.storage.protocol.removeAllSessions(number);
} catch (error) {
throw new Error('Tried to remove identity for unknown number');
}
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
},
Cache messages on receipt, remove from cache when processed FREEBIE
2017-07-17 22:46:00 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
// Groups
getGroup: function(groupId) {
if (groupId === null || groupId === undefined) {
throw new Error('Tried to get group for undefined/null id');
}
return new Promise(function(resolve) {
var group = new Group({ id: groupId });
group.fetch().always(function() {
resolve(group.get('data'));
});
});
},
putGroup: function(groupId, group) {
if (groupId === null || groupId === undefined) {
throw new Error('Tried to put group key for undefined/null id');
}
if (group === null || group === undefined) {
throw new Error('Tried to put undefined/null group object');
}
var group = new Group({ id: groupId, data: group });
return new Promise(function(resolve) {
group.save().always(resolve);
});
},
removeGroup: function(groupId) {
if (groupId === null || groupId === undefined) {
throw new Error('Tried to remove group key for undefined/null id');
}
return new Promise(function(resolve) {
var group = new Group({ id: groupId });
group.destroy().always(resolve);
});
},
// Not yet processed messages - for resiliency
getAllUnprocessed: function() {
var collection;
return new Promise(function(resolve, reject) {
collection = new UnprocessedCollection();
return collection.fetch().then(resolve, reject);
}).then(function() {
// Return a plain array of plain objects
Move to npm for several dependencies mustache jQuery underscore backbone mocha chai intl-tel-input
2018-05-20 03:53:12 +00:00
return collection.map(model => model.attributes);
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
});
},
addUnprocessed: function(data) {
return new Promise(function(resolve, reject) {
var unprocessed = new Unprocessed(data);
return unprocessed.save().then(resolve, reject);
});
},
updateUnprocessed: function(id, updates) {
return new Promise(
function(resolve, reject) {
var unprocessed = new Unprocessed({
id: id,
});
return unprocessed.fetch().then(function() {
return unprocessed.save(updates).then(resolve, reject);
}, reject);
}.bind(this)
);
},
removeUnprocessed: function(id) {
return new Promise(
function(resolve, reject) {
var unprocessed = new Unprocessed({
id: id,
});
return unprocessed.destroy().then(resolve, reject);
}.bind(this)
);
},
removeAllData: function() {
// First the in-memory caches:
window.storage.reset(); // items store
ConversationController.reset(); // conversations store
// Then, the entire database:
return Whisper.Database.clear();
},
removeAllConfiguration: function() {
// First the in-memory cache for the items store:
window.storage.reset();
// Then anything in the database that isn't a message/conversation/group:
return Whisper.Database.clearStores([
'items',
'identityKeys',
'sessions',
'signedPreKeys',
'preKeys',
'unprocessed',
]);
},
};
_.extend(SignalProtocolStore.prototype, Backbone.Events);
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
Format all source code using Prettier
2018-04-27 21:25:04 +00:00
window.SignalProtocolStore = SignalProtocolStore;
window.SignalProtocolStore.prototype.Direction = Direction;
window.SignalProtocolStore.prototype.VerifiedStatus = VerifiedStatus;
Integrate libaxolotl async storage changes * Session records are now opaque strings, so treat them that way: - no more cross checking identity key and session records - Move hasOpenSession to axolotl wrapper - Remote registration ids must be fetched async'ly via protocol wrapper * Implement async AxolotlStore using textsecure.storage * Add some db stores and move prekeys and signed keys to indexeddb * Add storage tests * Rename identityKey storage key from libaxolotl25519KeyidentityKey to simply identityKey, since it's no longer hardcoded in libaxolotl * Rework registration and key-generation, keeping logic in libtextsecure and rendering in options.js. * Remove key_worker since workers are handled at the libaxolotl level now
2015-04-01 20:08:09 +00:00
})();