|
|
|
|
/*
|
|
|
|
|
* vim: ts=4:sw=4:expandtab
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
var TextSecureServer = (function() {
|
|
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
function validateResponse(response, schema) {
|
|
|
|
|
try {
|
|
|
|
|
for (var i in schema) {
|
|
|
|
|
switch (schema[i]) {
|
|
|
|
|
case 'object':
|
|
|
|
|
case 'string':
|
|
|
|
|
case 'number':
|
|
|
|
|
if (typeof response[i] !== schema[i]) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} catch(ex) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
8 years ago
|
|
|
function createSocket(url) {
|
|
|
|
|
var requestOptions = { ca: window.config.certificateAuthorities };
|
|
|
|
|
return new nodeWebSocket(url, null, null, null, requestOptions);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var XMLHttpRequest = nodeXMLHttpRequest;
|
|
|
|
|
window.setImmediate = nodeSetImmediate;
|
|
|
|
|
|
|
|
|
|
// Promise-based async xhr routine
|
|
|
|
|
function promise_ajax(url, options) {
|
|
|
|
|
return new Promise(function (resolve, reject) {
|
|
|
|
|
if (!url) {
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
8 years ago
|
|
|
url = options.host + '/' + options.path;
|
|
|
|
|
}
|
|
|
|
|
console.log(options.type, url);
|
|
|
|
|
var xhr = new XMLHttpRequest();
|
|
|
|
|
xhr.open(options.type, url, true /*async*/);
|
|
|
|
|
|
|
|
|
|
if ( options.responseType ) {
|
|
|
|
|
xhr[ 'responseType' ] = options.responseType;
|
|
|
|
|
}
|
|
|
|
|
if (options.user && options.password) {
|
|
|
|
|
xhr.setRequestHeader("Authorization", "Basic " + btoa(getString(options.user) + ":" + getString(options.password)));
|
|
|
|
|
}
|
|
|
|
|
if (options.contentType) {
|
|
|
|
|
xhr.setRequestHeader( "Content-Type", options.contentType );
|
|
|
|
|
}
|
|
|
|
|
xhr.setRequestHeader( 'X-Signal-Agent', 'OWD' );
|
|
|
|
|
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
8 years ago
|
|
|
if (options.certificateAuthorities) {
|
|
|
|
|
xhr.setCertificateAuthorities(options.certificateAuthorities);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
xhr.onload = function() {
|
|
|
|
|
var result = xhr.response;
|
|
|
|
|
if ( (!xhr.responseType || xhr.responseType === "text") &&
|
|
|
|
|
typeof xhr.responseText === "string" ) {
|
|
|
|
|
result = xhr.responseText;
|
|
|
|
|
}
|
|
|
|
|
if (options.dataType === 'json') {
|
|
|
|
|
try { result = JSON.parse(xhr.responseText + ''); } catch(e) {}
|
|
|
|
|
if (options.validateResponse) {
|
|
|
|
|
if (!validateResponse(result, options.validateResponse)) {
|
|
|
|
|
console.log(options.type, url, xhr.status, 'Error');
|
|
|
|
|
reject(HTTPError(xhr.status, result, options.stack));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ( 0 <= xhr.status && xhr.status < 400) {
|
|
|
|
|
console.log(options.type, url, xhr.status, 'Success');
|
|
|
|
|
resolve(result, xhr.status);
|
|
|
|
|
} else {
|
|
|
|
|
console.log(options.type, url, xhr.status, 'Error');
|
|
|
|
|
reject(HTTPError(xhr.status, result, options.stack));
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
xhr.onerror = function() {
|
|
|
|
|
console.log(options.type, url, xhr.status, 'Error');
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
8 years ago
|
|
|
console.log(xhr.statusText);
|
|
|
|
|
reject(HTTPError(xhr.status, xhr.statusText, options.stack));
|
|
|
|
|
};
|
|
|
|
|
xhr.send( options.data || null );
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function retry_ajax(url, options, limit, count) {
|
|
|
|
|
count = count || 0;
|
|
|
|
|
limit = limit || 3;
|
|
|
|
|
count++;
|
|
|
|
|
return promise_ajax(url, options).catch(function(e) {
|
|
|
|
|
if (e.name === 'HTTPError' && e.code === -1 && count < limit) {
|
|
|
|
|
return new Promise(function(resolve) {
|
|
|
|
|
setTimeout(function() {
|
|
|
|
|
resolve(retry_ajax(url, options, limit, count));
|
|
|
|
|
}, 1000);
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
throw e;
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function ajax(url, options) {
|
|
|
|
|
options.stack = new Error().stack; // just in case, save stack here.
|
|
|
|
|
return retry_ajax(url, options);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function HTTPError(code, response, stack) {
|
|
|
|
|
if (code > 999 || code < 100) {
|
|
|
|
|
code = -1;
|
|
|
|
|
}
|
|
|
|
|
var e = new Error();
|
|
|
|
|
e.name = 'HTTPError';
|
|
|
|
|
e.code = code;
|
|
|
|
|
e.stack = stack;
|
|
|
|
|
if (response) {
|
|
|
|
|
e.response = response;
|
|
|
|
|
}
|
|
|
|
|
return e;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var URL_CALLS = {
|
|
|
|
|
accounts : "v1/accounts",
|
|
|
|
|
devices : "v1/devices",
|
|
|
|
|
keys : "v2/keys",
|
|
|
|
|
signed : "v2/keys/signed",
|
|
|
|
|
messages : "v1/messages",
|
|
|
|
|
attachment : "v1/attachments",
|
|
|
|
|
profile : "v1/profile"
|
|
|
|
|
};
|
|
|
|
|
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
8 years ago
|
|
|
function TextSecureServer(url, username, password) {
|
|
|
|
|
if (typeof url !== 'string') {
|
|
|
|
|
throw new Error('Invalid server url');
|
|
|
|
|
}
|
|
|
|
|
this.url = url;
|
|
|
|
|
this.username = username;
|
|
|
|
|
this.password = password;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TextSecureServer.prototype = {
|
|
|
|
|
constructor: TextSecureServer,
|
|
|
|
|
ajax: function(param) {
|
|
|
|
|
if (!param.urlParameters) {
|
|
|
|
|
param.urlParameters = '';
|
|
|
|
|
}
|
|
|
|
|
return ajax(null, {
|
|
|
|
|
host : this.url,
|
|
|
|
|
path : URL_CALLS[param.call] + param.urlParameters,
|
|
|
|
|
type : param.httpType,
|
|
|
|
|
data : param.jsonData && textsecure.utils.jsonThing(param.jsonData),
|
|
|
|
|
contentType : 'application/json; charset=utf-8',
|
|
|
|
|
dataType : 'json',
|
|
|
|
|
user : this.username,
|
|
|
|
|
password : this.password,
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
8 years ago
|
|
|
validateResponse: param.validateResponse,
|
|
|
|
|
certificateAuthorities: window.config.certificateAuthorities
|
|
|
|
|
}).catch(function(e) {
|
|
|
|
|
var code = e.code;
|
|
|
|
|
if (code === 200) {
|
|
|
|
|
// happens sometimes when we get no response
|
|
|
|
|
// (TODO: Fix server to return 204? instead)
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
var message;
|
|
|
|
|
switch (code) {
|
|
|
|
|
case -1:
|
|
|
|
|
message = "Failed to connect to the server, please check your network connection.";
|
|
|
|
|
break;
|
|
|
|
|
case 413:
|
|
|
|
|
message = "Rate limit exceeded, please try again later.";
|
|
|
|
|
break;
|
|
|
|
|
case 403:
|
|
|
|
|
message = "Invalid code, please try again.";
|
|
|
|
|
break;
|
|
|
|
|
case 417:
|
|
|
|
|
// TODO: This shouldn't be a thing?, but its in the API doc?
|
|
|
|
|
message = "Number already registered.";
|
|
|
|
|
break;
|
|
|
|
|
case 401:
|
|
|
|
|
message = "Invalid authentication, most likely someone re-registered and invalidated our registration.";
|
|
|
|
|
break;
|
|
|
|
|
case 404:
|
|
|
|
|
message = "Number is not registered.";
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
message = "The server rejected our query, please file a bug report.";
|
|
|
|
|
}
|
|
|
|
|
e.message = message
|
|
|
|
|
throw e;
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
getProfile: function(number) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : 'profile',
|
|
|
|
|
httpType : 'GET',
|
|
|
|
|
urlParameters : '/' + number,
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
requestVerificationSMS: function(number) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : 'accounts',
|
|
|
|
|
httpType : 'GET',
|
|
|
|
|
urlParameters : '/sms/code/' + number,
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
requestVerificationVoice: function(number) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : 'accounts',
|
|
|
|
|
httpType : 'GET',
|
|
|
|
|
urlParameters : '/voice/code/' + number,
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
confirmCode: function(number, code, password, signaling_key, registrationId, deviceName) {
|
|
|
|
|
var jsonData = {
|
|
|
|
|
signalingKey : btoa(getString(signaling_key)),
|
|
|
|
|
supportsSms : false,
|
|
|
|
|
fetchesMessages : true,
|
|
|
|
|
registrationId : registrationId,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
var call, urlPrefix, schema;
|
|
|
|
|
if (deviceName) {
|
|
|
|
|
jsonData.name = deviceName;
|
|
|
|
|
call = 'devices';
|
|
|
|
|
urlPrefix = '/';
|
|
|
|
|
schema = { deviceId: 'number' };
|
|
|
|
|
} else {
|
|
|
|
|
call = 'accounts';
|
|
|
|
|
urlPrefix = '/code/';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
this.username = number;
|
|
|
|
|
this.password = password;
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : call,
|
|
|
|
|
httpType : 'PUT',
|
|
|
|
|
urlParameters : urlPrefix + code,
|
|
|
|
|
jsonData : jsonData,
|
|
|
|
|
validateResponse : schema
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
getDevices: function(number) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : 'devices',
|
|
|
|
|
httpType : 'GET',
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
registerKeys: function(genKeys) {
|
|
|
|
|
var keys = {};
|
|
|
|
|
keys.identityKey = btoa(getString(genKeys.identityKey));
|
|
|
|
|
keys.signedPreKey = {
|
|
|
|
|
keyId: genKeys.signedPreKey.keyId,
|
|
|
|
|
publicKey: btoa(getString(genKeys.signedPreKey.publicKey)),
|
|
|
|
|
signature: btoa(getString(genKeys.signedPreKey.signature))
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
keys.preKeys = [];
|
|
|
|
|
var j = 0;
|
|
|
|
|
for (var i in genKeys.preKeys) {
|
|
|
|
|
keys.preKeys[j++] = {
|
|
|
|
|
keyId: genKeys.preKeys[i].keyId,
|
|
|
|
|
publicKey: btoa(getString(genKeys.preKeys[i].publicKey))
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// This is just to make the server happy
|
|
|
|
|
// (v2 clients should choke on publicKey)
|
|
|
|
|
keys.lastResortKey = {keyId: 0x7fffFFFF, publicKey: btoa("42")};
|
|
|
|
|
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : 'keys',
|
|
|
|
|
httpType : 'PUT',
|
|
|
|
|
jsonData : keys,
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
setSignedPreKey: function(signedPreKey) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : 'signed',
|
|
|
|
|
httpType : 'PUT',
|
|
|
|
|
jsonData : {
|
|
|
|
|
keyId: signedPreKey.keyId,
|
|
|
|
|
publicKey: btoa(getString(signedPreKey.publicKey)),
|
|
|
|
|
signature: btoa(getString(signedPreKey.signature))
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
getMyKeys: function(number, deviceId) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : 'keys',
|
|
|
|
|
httpType : 'GET',
|
|
|
|
|
validateResponse : {count: 'number'}
|
|
|
|
|
}).then(function(res) {
|
|
|
|
|
return res.count;
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
getKeysForNumber: function(number, deviceId) {
|
|
|
|
|
if (deviceId === undefined)
|
|
|
|
|
deviceId = "*";
|
|
|
|
|
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : 'keys',
|
|
|
|
|
httpType : 'GET',
|
|
|
|
|
urlParameters : "/" + number + "/" + deviceId,
|
|
|
|
|
validateResponse : {identityKey: 'string', devices: 'object'}
|
|
|
|
|
}).then(function(res) {
|
|
|
|
|
if (res.devices.constructor !== Array) {
|
|
|
|
|
throw new Error("Invalid response");
|
|
|
|
|
}
|
|
|
|
|
res.identityKey = StringView.base64ToBytes(res.identityKey);
|
|
|
|
|
res.devices.forEach(function(device) {
|
|
|
|
|
if ( !validateResponse(device, {signedPreKey: 'object'}) ||
|
|
|
|
|
!validateResponse(device.signedPreKey, {publicKey: 'string', signature: 'string'}) ) {
|
|
|
|
|
throw new Error("Invalid signedPreKey");
|
|
|
|
|
}
|
|
|
|
|
if ( device.preKey ) {
|
|
|
|
|
if ( !validateResponse(device, {preKey: 'object'}) ||
|
|
|
|
|
!validateResponse(device.preKey, {publicKey: 'string'})) {
|
|
|
|
|
throw new Error("Invalid preKey");
|
|
|
|
|
}
|
|
|
|
|
device.preKey.publicKey = StringView.base64ToBytes(device.preKey.publicKey);
|
|
|
|
|
}
|
|
|
|
|
device.signedPreKey.publicKey = StringView.base64ToBytes(device.signedPreKey.publicKey);
|
|
|
|
|
device.signedPreKey.signature = StringView.base64ToBytes(device.signedPreKey.signature);
|
|
|
|
|
});
|
|
|
|
|
return res;
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
sendMessages: function(destination, messageArray, timestamp) {
|
|
|
|
|
var jsonData = { messages: messageArray, timestamp: timestamp};
|
|
|
|
|
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : 'messages',
|
|
|
|
|
httpType : 'PUT',
|
|
|
|
|
urlParameters : '/' + destination,
|
|
|
|
|
jsonData : jsonData,
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
getAttachment: function(id) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : 'attachment',
|
|
|
|
|
httpType : 'GET',
|
|
|
|
|
urlParameters : '/' + id,
|
|
|
|
|
validateResponse : {location: 'string'}
|
|
|
|
|
}).then(function(response) {
|
|
|
|
|
return ajax(response.location, {
|
|
|
|
|
type : "GET",
|
|
|
|
|
responseType: "arraybuffer",
|
|
|
|
|
contentType : "application/octet-stream"
|
|
|
|
|
});
|
|
|
|
|
}.bind(this));
|
|
|
|
|
},
|
|
|
|
|
putAttachment: function(encryptedBin) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call : 'attachment',
|
|
|
|
|
httpType : 'GET',
|
|
|
|
|
}).then(function(response) {
|
|
|
|
|
return ajax(response.location, {
|
|
|
|
|
type : "PUT",
|
|
|
|
|
contentType : "application/octet-stream",
|
|
|
|
|
data : encryptedBin,
|
|
|
|
|
processData : false,
|
|
|
|
|
}).then(function() {
|
|
|
|
|
return response.idString;
|
|
|
|
|
}.bind(this));
|
|
|
|
|
}.bind(this));
|
|
|
|
|
},
|
|
|
|
|
getMessageSocket: function() {
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
8 years ago
|
|
|
console.log('opening message socket', this.url);
|
|
|
|
|
return createSocket(this.url.replace('https://', 'wss://').replace('http://', 'ws://')
|
|
|
|
|
+ '/v1/websocket/?login=' + encodeURIComponent(this.username)
|
|
|
|
|
+ '&password=' + encodeURIComponent(this.password)
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
8 years ago
|
|
|
+ '&agent=OWD');
|
|
|
|
|
},
|
|
|
|
|
getProvisioningSocket: function () {
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
8 years ago
|
|
|
console.log('opening provisioning socket', this.url);
|
|
|
|
|
return createSocket(this.url.replace('https://', 'wss://').replace('http://', 'ws://')
|
|
|
|
|
+ '/v1/websocket/provisioning/?agent=OWD');
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return TextSecureServer;
|
|
|
|
|
})();
|
