Sender Key: Flags to disable, send to unrestricted

2021-08-03 18:02:35 -07:00 · 2021-08-03 18:02:35 -07:00 · f048066693
parent d5810d6bac
commit f048066693
3 changed files with 27 additions and 7 deletions
--- a/ts/RemoteConfig.ts
+++ b/ts/RemoteConfig.ts
@ -11,13 +11,14 @@ export type ConfigKeyType =
  | 'desktop.disableGV1'
  | 'desktop.groupCalling'
  | 'desktop.gv2'
-  | 'desktop.internalUser'
  | 'desktop.mandatoryProfileSharing'
  | 'desktop.mediaQuality.levels'
  | 'desktop.messageRequests'
  | 'desktop.retryReceiptLifespan'
  | 'desktop.retryRespondMaxAge'
  | 'desktop.screensharing2'
+  | 'desktop.senderKey.send'
+  | 'desktop.senderKey.retry'
  | 'desktop.storage'
  | 'desktop.storageWrite3'
  | 'desktop.worksAtSignal'
--- a/ts/util/handleRetry.ts
+++ b/ts/util/handleRetry.ts
@ -41,6 +41,13 @@ export async function onRetryRequest(event: RetryRequestEvent): Promise<void> {

  window.log.info(`onRetryRequest/${logId}: Starting...`);

+  if (!RemoteConfig.isEnabled('desktop.senderKey.retry')) {
+    window.log.warn(
+      `onRetryRequest/${logId}: Feature flag disabled, returning early.`
+    );
+    return;
+  }
+
  if (window.RETRY_DELAY) {
    window.log.warn(
      `onRetryRequest/${logId}: Delaying because RETRY_DELAY is set...`
@ -145,7 +152,10 @@ export async function onDecryptionError(
    await conversation.getProfiles();
  }

-  if (conversation.get('capabilities')?.senderKey) {
+  if (
+    conversation.get('capabilities')?.senderKey &&
+    RemoteConfig.isEnabled('desktop.senderKey.retry')
+  ) {
    await requestResend(decryptionError);
  } else {
    await startAutomaticSessionReset(decryptionError);
--- a/ts/util/sendToGroup.ts
+++ b/ts/util/sendToGroup.ts
@ -12,6 +12,7 @@ import {
  UnidentifiedSenderMessageContent,
 } from '@signalapp/signal-client';
 import { typedArrayToArrayBuffer as toArrayBuffer } from '../Crypto';
+import * as Bytes from '../Bytes';
 import { senderCertificateService } from '../services/senderCertificate';
 import {
  padMessage,
@ -42,6 +43,7 @@ import {
  multiRecipient410ResponseSchema,
 } from '../textsecure/WebAPI';
 import { SignalService as Proto } from '../protobuf';
+import * as RemoteConfig from '../RemoteConfig';

 import { strictAssert } from './assert';
 import { isGroupV2 } from './whatTypeOfConversation';
@ -57,6 +59,9 @@ const MAX_CONCURRENCY = 5;
 // sendWithSenderKey is recursive, but we don't want to loop back too many times.
 const MAX_RECURSION = 10;

+const ACCESS_KEY_LENGTH = 16;
+const ZERO_ACCESS_KEY = Bytes.toBase64(new Uint8Array(ACCESS_KEY_LENGTH));
+
 // TODO: remove once we move away from ArrayBuffers
 const FIXMEU8 = Uint8Array;

@ -142,6 +147,7 @@ export async function sendContentMessageToGroup({

  if (
    ourConversation?.get('capabilities')?.senderKey &&
+    RemoteConfig.isEnabled('desktop.senderKey.send') &&
    isGroupV2(conversation.attributes)
  ) {
    try {
@ -744,7 +750,6 @@ async function handle410Response(
 }

 function getXorOfAccessKeys(devices: Array<DeviceType>): Buffer {
-  const ACCESS_KEY_LENGTH = 16;
  const uuids = getUuidsFromDevices(devices);

  const result = Buffer.alloc(ACCESS_KEY_LENGTH);
@ -1008,13 +1013,17 @@ function getAccessKey(
 ): string | undefined {
  const { sealedSender, accessKey } = attributes;

-  if (
-    sealedSender === SEALED_SENDER.ENABLED ||
-    sealedSender === SEALED_SENDER.UNKNOWN
-  ) {
+  if (sealedSender === SEALED_SENDER.ENABLED) {
    return accessKey || undefined;
  }

+  if (
+    sealedSender === SEALED_SENDER.UNKNOWN ||
+    sealedSender === SEALED_SENDER.UNRESTRICTED
+  ) {
+    return ZERO_ACCESS_KEY;
+  }
+
  return undefined;
 }