keejef
/
session-desktop
mirror of https://github.com/oxen-io/session-desktop
2
0
Fork 0
Code Issues 8 Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
unstable
feature/update-crowdin-translations
master
audit2
show
audit
v1.9.1
v1.9.0
v1.8.6
v1.8.5
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.9
v1.7.8
v1.7.7
v1.7.6
v1.7.5
v1.7.4
v1.7.3
v1.7.2
v1.7.1
v1.7.0
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.11
v1.6.10
v1.6.1
v1.6.0
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.11
v1.4.10
v1.4.1
v1.4.0
v1.3.1
v1.3.0
v1.2.1
v1.2.0
v1.14.3
v1.14.2
v1.14.1
v1.14.0
v1.13.2
v1.13.1
v1.13.0
v1.12.5
v1.12.4
v1.12.3
v1.12.2
v1.12.1
v1.12.0
v1.11.5
v1.11.4
v1.11.3
v1.11.2
v1.11.1
v1.11.0
v1.10.8
v1.10.7
v1.10.6
v1.10.5
v1.10.4
v1.10.3
v1.10.2
v1.10.1
v1.10.0
v1.1.2
v1.1.1
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '14894a916e'
${ noResults }
session-desktop/libtextsecure/crypto.js

230 lines
7.5 KiB
JavaScript
Raw Normal View History Unescape Escape

Eslintify all of libtextsecure
7 years ago
/* global libsignal, crypto, textsecure, dcodeIO, window */
/* eslint-disable more/no-then, no-bitwise */
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
Eslintify all of libtextsecure
7 years ago
// eslint-disable-next-line func-names
(function() {
const { encrypt, decrypt, calculateMAC, verifyMAC } = libsignal.crypto;
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
Eslintify all of libtextsecure
7 years ago
const PROFILE_IV_LENGTH = 12; // bytes
const PROFILE_KEY_LENGTH = 32; // bytes
const PROFILE_TAG_LENGTH = 128; // bits
const PROFILE_NAME_PADDED_LENGTH = 26; // bytes
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
function verifyDigest(data, theirDigest) {
Eslintify all of libtextsecure
7 years ago
return crypto.subtle.digest({ name: 'SHA-256' }, data).then(ourDigest => {
const a = new Uint8Array(ourDigest);
const b = new Uint8Array(theirDigest);
let result = 0;
for (let i = 0; i < theirDigest.byteLength; i += 1) {
result |= a[i] ^ b[i];
}
if (result !== 0) {
throw new Error('Bad digest');
}
});
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
}
function calculateDigest(data) {
return crypto.subtle.digest({ name: 'SHA-256' }, data);
}
window.textsecure = window.textsecure || {};
window.textsecure.crypto = {
// Decrypts message into a raw string
Eslintify all of libtextsecure
7 years ago
decryptWebsocketMessage(message, signalingKey) {
const decodedMessage = message.toArrayBuffer();
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
Eslintify all of libtextsecure
7 years ago
if (signalingKey.byteLength !== 52) {
throw new Error('Got invalid length signalingKey');
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
}
if (decodedMessage.byteLength < 1 + 16 + 10) {
throw new Error('Got invalid length message');
}
Eslintify all of libtextsecure
7 years ago
if (new Uint8Array(decodedMessage)[0] !== 1) {
throw new Error(`Got bad version number: ${decodedMessage[0]}`);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
}
Eslintify all of libtextsecure
7 years ago
const aesKey = signalingKey.slice(0, 32);
const macKey = signalingKey.slice(32, 32 + 20);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
Eslintify all of libtextsecure
7 years ago
const iv = decodedMessage.slice(1, 1 + 16);
const ciphertext = decodedMessage.slice(
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
1 + 16,
decodedMessage.byteLength - 10
);
Eslintify all of libtextsecure
7 years ago
const ivAndCiphertext = decodedMessage.slice(
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
0,
decodedMessage.byteLength - 10
);
Eslintify all of libtextsecure
7 years ago
const mac = decodedMessage.slice(
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
decodedMessage.byteLength - 10,
decodedMessage.byteLength
);
Eslintify all of libtextsecure
7 years ago
return verifyMAC(ivAndCiphertext, macKey, mac, 10).then(() =>
decrypt(aesKey, ciphertext, iv)
);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
},
Eslintify all of libtextsecure
7 years ago
decryptAttachment(encryptedBin, keys, theirDigest) {
if (keys.byteLength !== 64) {
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
throw new Error('Got invalid length attachment keys');
}
if (encryptedBin.byteLength < 16 + 32) {
throw new Error('Got invalid length attachment');
}
Eslintify all of libtextsecure
7 years ago
const aesKey = keys.slice(0, 32);
const macKey = keys.slice(32, 64);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
Eslintify all of libtextsecure
7 years ago
const iv = encryptedBin.slice(0, 16);
const ciphertext = encryptedBin.slice(16, encryptedBin.byteLength - 32);
const ivAndCiphertext = encryptedBin.slice(
0,
encryptedBin.byteLength - 32
);
const mac = encryptedBin.slice(
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
encryptedBin.byteLength - 32,
encryptedBin.byteLength
);
Eslintify all of libtextsecure
7 years ago
return verifyMAC(ivAndCiphertext, macKey, mac, 32)
.then(() => {
Throttle typing events, fix profile logging, fix group typing
7 years ago
if (!theirDigest) {
throw new Error('Failure: Ask sender to update Signal and resend.');
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
}
Throttle typing events, fix profile logging, fix group typing
7 years ago
return verifyDigest(encryptedBin, theirDigest);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
})
Eslintify all of libtextsecure
7 years ago
.then(() => decrypt(aesKey, ciphertext, iv));
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
},
Eslintify all of libtextsecure
7 years ago
encryptAttachment(plaintext, keys, iv) {
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
if (
!(plaintext instanceof ArrayBuffer) &&
!ArrayBuffer.isView(plaintext)
) {
throw new TypeError(
Eslintify all of libtextsecure
7 years ago
`\`plaintext\` must be an \`ArrayBuffer\` or \`ArrayBufferView\`; got: ${typeof plaintext}`
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
);
}
Eslintify all of libtextsecure
7 years ago
if (keys.byteLength !== 64) {
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
throw new Error('Got invalid length attachment keys');
}
Eslintify all of libtextsecure
7 years ago
if (iv.byteLength !== 16) {
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
throw new Error('Got invalid length attachment iv');
}
Eslintify all of libtextsecure
7 years ago
const aesKey = keys.slice(0, 32);
const macKey = keys.slice(32, 64);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
Eslintify all of libtextsecure
7 years ago
return encrypt(aesKey, plaintext, iv).then(ciphertext => {
const ivAndCiphertext = new Uint8Array(16 + ciphertext.byteLength);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
ivAndCiphertext.set(new Uint8Array(iv));
ivAndCiphertext.set(new Uint8Array(ciphertext), 16);
Eslintify all of libtextsecure
7 years ago
return calculateMAC(macKey, ivAndCiphertext.buffer).then(mac => {
const encryptedBin = new Uint8Array(16 + ciphertext.byteLength + 32);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
encryptedBin.set(ivAndCiphertext);
encryptedBin.set(new Uint8Array(mac), 16 + ciphertext.byteLength);
Eslintify all of libtextsecure
7 years ago
return calculateDigest(encryptedBin.buffer).then(digest => ({
ciphertext: encryptedBin.buffer,
digest,
}));
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
});
});
},
Eslintify all of libtextsecure
7 years ago
encryptProfile(data, key) {
const iv = libsignal.crypto.getRandomBytes(PROFILE_IV_LENGTH);
if (key.byteLength !== PROFILE_KEY_LENGTH) {
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
throw new Error('Got invalid length profile key');
}
Eslintify all of libtextsecure
7 years ago
if (iv.byteLength !== PROFILE_IV_LENGTH) {
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
throw new Error('Got invalid length profile iv');
}
return crypto.subtle
.importKey('raw', key, { name: 'AES-GCM' }, false, ['encrypt'])
Eslintify all of libtextsecure
7 years ago
.then(keyForEncryption =>
crypto.subtle
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
.encrypt(
Eslintify all of libtextsecure
7 years ago
{ name: 'AES-GCM', iv, tagLength: PROFILE_TAG_LENGTH },
keyForEncryption,
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
data
)
Eslintify all of libtextsecure
7 years ago
.then(ciphertext => {
const ivAndCiphertext = new Uint8Array(
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
PROFILE_IV_LENGTH + ciphertext.byteLength
Verify `makeAttachmentPointer` and `encryptAttachment` arguments The underlying `crypto.subtle.encrypt` API requires it.
8 years ago
);
Profiles (#1453) * Add AES-GCM encryption for profiles With tests. * Add profileKey to DataMessage protobuf // FREEBIE * Decrypt and save profile names // FREEBIE * Save incoming profile keys * Move pad/unpad to crypto module // FREEBIE * Support fetching avatars from the cdn // FREEBIE * Translate failed authentication errors When AES-GCM authentication fails, webcrypto returns a very generic error. The same error is thrown for invalid length inputs, but our earlier checks in decryptProfile should rule out those failure modes and leave us safe to assume that we either had bad ciphertext or the wrong key. // FREEBIE * Handle profile avatars (wip) and log decrypt errors // FREEBIE * Display profile avatars Synced contact avatars will still override profile avatars. * Display profile names in convo list Only if we don't have a synced contact name. // FREEBIE * Make cdn url an environment config Use different ones for staging and production // FREEBIE * Display profile name in conversation header * Display profile name in group messages * Update conversation header if profile avatar changes // FREEBIE * Style profile names small with ~ * Save profileKeys from contact sync messages // FREEBIE * Save profile keys from provisioning messages For standalone accounts, generate a random profile key. // FREEBIE * Special case for one-time sync of our profile key Android will use a contact sync message to sync a profile key from Android clients who have just upgraded and generated their profile key. Normally we should receive this data in a provisioning message. // FREEBIE * Infer profile sharing from synced data messages * Populate profile keys on outgoing messages Requires that `profileSharing` be set on the conversation. // FREEBIE * Support for the profile key update flag When receiving a message with this flag, don't init a message record, just process the profile key and move on. // FREEBIE * Display profile names in group member list * Refresh contact's profile on profile key changes // FREEBIE * Catch errors on profile save // FREEBIE * Save our own synced contact info Don't return early if we get a contact sync for our own number // FREEBIE
8 years ago
ivAndCiphertext.set(new Uint8Array(iv));
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
ivAndCiphertext.set(
new Uint8Array(ciphertext),
PROFILE_IV_LENGTH
);
Profiles (#1453) * Add AES-GCM encryption for profiles With tests. * Add profileKey to DataMessage protobuf // FREEBIE * Decrypt and save profile names // FREEBIE * Save incoming profile keys * Move pad/unpad to crypto module // FREEBIE * Support fetching avatars from the cdn // FREEBIE * Translate failed authentication errors When AES-GCM authentication fails, webcrypto returns a very generic error. The same error is thrown for invalid length inputs, but our earlier checks in decryptProfile should rule out those failure modes and leave us safe to assume that we either had bad ciphertext or the wrong key. // FREEBIE * Handle profile avatars (wip) and log decrypt errors // FREEBIE * Display profile avatars Synced contact avatars will still override profile avatars. * Display profile names in convo list Only if we don't have a synced contact name. // FREEBIE * Make cdn url an environment config Use different ones for staging and production // FREEBIE * Display profile name in conversation header * Display profile name in group messages * Update conversation header if profile avatar changes // FREEBIE * Style profile names small with ~ * Save profileKeys from contact sync messages // FREEBIE * Save profile keys from provisioning messages For standalone accounts, generate a random profile key. // FREEBIE * Special case for one-time sync of our profile key Android will use a contact sync message to sync a profile key from Android clients who have just upgraded and generated their profile key. Normally we should receive this data in a provisioning message. // FREEBIE * Infer profile sharing from synced data messages * Populate profile keys on outgoing messages Requires that `profileSharing` be set on the conversation. // FREEBIE * Support for the profile key update flag When receiving a message with this flag, don't init a message record, just process the profile key and move on. // FREEBIE * Display profile names in group member list * Refresh contact's profile on profile key changes // FREEBIE * Catch errors on profile save // FREEBIE * Save our own synced contact info Don't return early if we get a contact sync for our own number // FREEBIE
8 years ago
return ivAndCiphertext.buffer;
Eslintify all of libtextsecure
7 years ago
})
);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
},
Eslintify all of libtextsecure
7 years ago
decryptProfile(data, key) {
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
if (data.byteLength < 12 + 16 + 1) {
Eslintify all of libtextsecure
7 years ago
throw new Error(`Got too short input: ${data.byteLength}`);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
}
Eslintify all of libtextsecure
7 years ago
const iv = data.slice(0, PROFILE_IV_LENGTH);
const ciphertext = data.slice(PROFILE_IV_LENGTH, data.byteLength);
if (key.byteLength !== PROFILE_KEY_LENGTH) {
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
throw new Error('Got invalid length profile key');
}
Eslintify all of libtextsecure
7 years ago
if (iv.byteLength !== PROFILE_IV_LENGTH) {
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
throw new Error('Got invalid length profile iv');
}
Eslintify all of libtextsecure
7 years ago
const error = new Error(); // save stack
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
return crypto.subtle
.importKey('raw', key, { name: 'AES-GCM' }, false, ['decrypt'])
Eslintify all of libtextsecure
7 years ago
.then(keyForEncryption =>
crypto.subtle
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
.decrypt(
Eslintify all of libtextsecure
7 years ago
{ name: 'AES-GCM', iv, tagLength: PROFILE_TAG_LENGTH },
keyForEncryption,
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
ciphertext
)
Eslintify all of libtextsecure
7 years ago
.catch(e => {
Profiles (#1453) * Add AES-GCM encryption for profiles With tests. * Add profileKey to DataMessage protobuf // FREEBIE * Decrypt and save profile names // FREEBIE * Save incoming profile keys * Move pad/unpad to crypto module // FREEBIE * Support fetching avatars from the cdn // FREEBIE * Translate failed authentication errors When AES-GCM authentication fails, webcrypto returns a very generic error. The same error is thrown for invalid length inputs, but our earlier checks in decryptProfile should rule out those failure modes and leave us safe to assume that we either had bad ciphertext or the wrong key. // FREEBIE * Handle profile avatars (wip) and log decrypt errors // FREEBIE * Display profile avatars Synced contact avatars will still override profile avatars. * Display profile names in convo list Only if we don't have a synced contact name. // FREEBIE * Make cdn url an environment config Use different ones for staging and production // FREEBIE * Display profile name in conversation header * Display profile name in group messages * Update conversation header if profile avatar changes // FREEBIE * Style profile names small with ~ * Save profileKeys from contact sync messages // FREEBIE * Save profile keys from provisioning messages For standalone accounts, generate a random profile key. // FREEBIE * Special case for one-time sync of our profile key Android will use a contact sync message to sync a profile key from Android clients who have just upgraded and generated their profile key. Normally we should receive this data in a provisioning message. // FREEBIE * Infer profile sharing from synced data messages * Populate profile keys on outgoing messages Requires that `profileSharing` be set on the conversation. // FREEBIE * Support for the profile key update flag When receiving a message with this flag, don't init a message record, just process the profile key and move on. // FREEBIE * Display profile names in group member list * Refresh contact's profile on profile key changes // FREEBIE * Catch errors on profile save // FREEBIE * Save our own synced contact info Don't return early if we get a contact sync for our own number // FREEBIE
8 years ago
if (e.name === 'OperationError') {
// bad mac, basically.
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
error.message =
'Failed to decrypt profile data. Most likely the profile key has changed.';
Profiles (#1453) * Add AES-GCM encryption for profiles With tests. * Add profileKey to DataMessage protobuf // FREEBIE * Decrypt and save profile names // FREEBIE * Save incoming profile keys * Move pad/unpad to crypto module // FREEBIE * Support fetching avatars from the cdn // FREEBIE * Translate failed authentication errors When AES-GCM authentication fails, webcrypto returns a very generic error. The same error is thrown for invalid length inputs, but our earlier checks in decryptProfile should rule out those failure modes and leave us safe to assume that we either had bad ciphertext or the wrong key. // FREEBIE * Handle profile avatars (wip) and log decrypt errors // FREEBIE * Display profile avatars Synced contact avatars will still override profile avatars. * Display profile names in convo list Only if we don't have a synced contact name. // FREEBIE * Make cdn url an environment config Use different ones for staging and production // FREEBIE * Display profile name in conversation header * Display profile name in group messages * Update conversation header if profile avatar changes // FREEBIE * Style profile names small with ~ * Save profileKeys from contact sync messages // FREEBIE * Save profile keys from provisioning messages For standalone accounts, generate a random profile key. // FREEBIE * Special case for one-time sync of our profile key Android will use a contact sync message to sync a profile key from Android clients who have just upgraded and generated their profile key. Normally we should receive this data in a provisioning message. // FREEBIE * Infer profile sharing from synced data messages * Populate profile keys on outgoing messages Requires that `profileSharing` be set on the conversation. // FREEBIE * Support for the profile key update flag When receiving a message with this flag, don't init a message record, just process the profile key and move on. // FREEBIE * Display profile names in group member list * Refresh contact's profile on profile key changes // FREEBIE * Catch errors on profile save // FREEBIE * Save our own synced contact info Don't return early if we get a contact sync for our own number // FREEBIE
8 years ago
error.name = 'ProfileDecryptError';
throw error;
}
Eslintify all of libtextsecure
7 years ago
})
);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
},
Eslintify all of libtextsecure
7 years ago
encryptProfileName(name, key) {
const padded = new Uint8Array(PROFILE_NAME_PADDED_LENGTH);
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
padded.set(new Uint8Array(name));
return textsecure.crypto.encryptProfile(padded.buffer, key);
},
Eslintify all of libtextsecure
7 years ago
decryptProfileName(encryptedProfileName, key) {
const data = dcodeIO.ByteBuffer.wrap(
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
encryptedProfileName,
'base64'
).toArrayBuffer();
Eslintify all of libtextsecure
7 years ago
return textsecure.crypto.decryptProfile(data, key).then(decrypted => {
// unpad
const padded = new Uint8Array(decrypted);
let i;
for (i = padded.length; i > 0; i -= 1) {
if (padded[i - 1] !== 0x00) {
break;
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
}
Eslintify all of libtextsecure
7 years ago
}
Profiles (#1453) * Add AES-GCM encryption for profiles With tests. * Add profileKey to DataMessage protobuf // FREEBIE * Decrypt and save profile names // FREEBIE * Save incoming profile keys * Move pad/unpad to crypto module // FREEBIE * Support fetching avatars from the cdn // FREEBIE * Translate failed authentication errors When AES-GCM authentication fails, webcrypto returns a very generic error. The same error is thrown for invalid length inputs, but our earlier checks in decryptProfile should rule out those failure modes and leave us safe to assume that we either had bad ciphertext or the wrong key. // FREEBIE * Handle profile avatars (wip) and log decrypt errors // FREEBIE * Display profile avatars Synced contact avatars will still override profile avatars. * Display profile names in convo list Only if we don't have a synced contact name. // FREEBIE * Make cdn url an environment config Use different ones for staging and production // FREEBIE * Display profile name in conversation header * Display profile name in group messages * Update conversation header if profile avatar changes // FREEBIE * Style profile names small with ~ * Save profileKeys from contact sync messages // FREEBIE * Save profile keys from provisioning messages For standalone accounts, generate a random profile key. // FREEBIE * Special case for one-time sync of our profile key Android will use a contact sync message to sync a profile key from Android clients who have just upgraded and generated their profile key. Normally we should receive this data in a provisioning message. // FREEBIE * Infer profile sharing from synced data messages * Populate profile keys on outgoing messages Requires that `profileSharing` be set on the conversation. // FREEBIE * Support for the profile key update flag When receiving a message with this flag, don't init a message record, just process the profile key and move on. // FREEBIE * Display profile names in group member list * Refresh contact's profile on profile key changes // FREEBIE * Catch errors on profile save // FREEBIE * Save our own synced contact info Don't return early if we get a contact sync for our own number // FREEBIE
8 years ago
Eslintify all of libtextsecure
7 years ago
return dcodeIO.ByteBuffer.wrap(padded)
.slice(0, i)
.toArrayBuffer();
});
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
},
Copy getRandomBytes from libaxolotl to libtextsecure
11 years ago
Eslintify all of libtextsecure
7 years ago
getRandomBytes(size) {
Let's make it all pretty, shall we? We missed a couple directories with previous attempts to turn this on globally: app/ and libtextsecure/ Not to mention files in places we didn't expect: ts files that weren't in the ts directory! This turns prettier on for every file we care about (js, ts, tsx, md) everywhere in the project but for a few key parts.
8 years ago
return libsignal.crypto.getRandomBytes(size);
},
};
Move attachment/websocket [en|de]cryption to libtextsecure
11 years ago
})();