session-desktop/ts/session/crypto/MessageEncrypter.ts

import { EncryptionType } from '../types/EncryptionType';
import { SignalService } from '../../protobuf';
import { UserUtil } from '../../util';
import { CipherTextObject } from '../../../libtextsecure/libsignal-protocol';
import { encryptWithSenderKey } from '../../session/medium_group/ratchet';
import { PubKey } from '../types';
import { StringUtils } from '../utils';

/**
 * Add padding to a message buffer
 * @param messageBuffer The buffer to add padding to.
 */
export function padPlainTextBuffer(messageBuffer: Uint8Array): Uint8Array {
  const plaintext = new Uint8Array(
    getPaddedMessageLength(messageBuffer.byteLength + 1) - 1
  );
  plaintext.set(new Uint8Array(messageBuffer));
  plaintext[messageBuffer.byteLength] = 0x80;

  return plaintext;
}

function getPaddedMessageLength(originalLength: number): number {
  const messageLengthWithTerminator = originalLength + 1;
  let messagePartCount = Math.floor(messageLengthWithTerminator / 160);

  if (messageLengthWithTerminator % 160 !== 0) {
    messagePartCount += 1;
  }

  return messagePartCount * 160;
}

type EncryptResult = {
  envelopeType: SignalService.Envelope.Type;
  cipherText: Uint8Array;
};

/**
 * Encrypt `plainTextBuffer` with given `encryptionType` for `device`.
 *
 * @param device The device `PubKey` to encrypt for.
 * @param plainTextBuffer The unpadded plaintext buffer.
 * @param encryptionType The type of encryption.
 * @returns The envelope type and the base64 encoded cipher text
 */
export async function encrypt(
  device: PubKey,
  plainTextBuffer: Uint8Array,
  encryptionType: EncryptionType
): Promise<EncryptResult> {
  const plainText = padPlainTextBuffer(plainTextBuffer);

  if (encryptionType === EncryptionType.MediumGroup) {
    return encryptForMediumGroup(device, plainText);
  }

  const address = new window.libsignal.SignalProtocolAddress(device.key, 1);

  let innerCipherText: CipherTextObject;
  if (encryptionType === EncryptionType.Fallback) {
    const cipher = new window.libloki.crypto.FallBackSessionCipher(address);
    innerCipherText = await cipher.encrypt(plainText.buffer);
  } else {
    const cipher = new window.libsignal.SessionCipher(
      window.textsecure.storage.protocol,
      address
    );
    innerCipherText = await cipher.encrypt(plainText.buffer);
  }

  return encryptUsingSealedSender(device, innerCipherText);
}

export async function encryptForMediumGroup(
  device: PubKey,
  plainTextBuffer: Uint8Array
): Promise<EncryptResult> {
  const ourKey = (await UserUtil.getCurrentDevicePubKey()) as string;

  // "Device" does not really make sense for medium groups, but
  // that's where the group pubkey is currently stored
  const groupId = device.key;

  const { ciphertext, keyIdx } = await encryptWithSenderKey(
    plainTextBuffer,
    groupId,
    ourKey
  );

  // We should include ciphertext idx in the message
  const content = SignalService.MediumGroupCiphertext.encode({
    ciphertext,
    source: new Uint8Array(StringUtils.encode(ourKey, 'hex')),
    keyIdx,
  }).finish();

  // Encrypt for the group's identity key to hide source and key idx:
  const {
    ciphertext: ciphertextOuter,
    ephemeralKey,
  } = await window.libloki.crypto.encryptForPubkey(groupId, content);

  const contentOuter = SignalService.MediumGroupContent.encode({
    ciphertext: ciphertextOuter,
    ephemeralKey: new Uint8Array(ephemeralKey),
  }).finish();

  const envelopeType = SignalService.Envelope.Type.MEDIUM_GROUP_CIPHERTEXT;

  return { envelopeType, cipherText: contentOuter };
}

async function encryptUsingSealedSender(
  device: PubKey,
  innerCipherText: CipherTextObject
): Promise<{
  envelopeType: SignalService.Envelope.Type;
  cipherText: Uint8Array;
}> {
  const ourNumber = await UserUtil.getCurrentDevicePubKey();
  if (!ourNumber) {
    throw new Error('Failed to fetch current device public key.');
  }

  const certificate = SignalService.SenderCertificate.create({
    sender: ourNumber,
    senderDevice: 1,
  });

  const cipher = new window.Signal.Metadata.SecretSessionCipher(
    window.textsecure.storage.protocol
  );
  const cipherTextBuffer = await cipher.encrypt(
    device.key,
    certificate,
    innerCipherText
  );

  return {
    envelopeType: SignalService.Envelope.Type.UNIDENTIFIED_SENDER,
    cipherText: new Uint8Array(cipherTextBuffer),
  };
}
basic classes for message sending 6 years ago			`import { EncryptionType } from '../types/EncryptionType';`
			`import { SignalService } from '../../protobuf';`
Added more types. Finalise MessageEncrypter. 5 years ago			`import { UserUtil } from '../../util';`
Fixed libsignal-protocol declaration 5 years ago			`import { CipherTextObject } from '../../../libtextsecure/libsignal-protocol';`
Use message queue for medium group chat messages 5 years ago			`import { encryptWithSenderKey } from '../../session/medium_group/ratchet';`
pubkeys-in-message-encryptor-init 5 years ago			`import { PubKey } from '../types';`
make medium group pubkey be in bytes rather than str 5 years ago			`import { StringUtils } from '../utils';`
basic classes for message sending 6 years ago
Added comments 5 years ago			`/**`
			`* Add padding to a message buffer`
			`* @param messageBuffer The buffer to add padding to.`
			`*/`
Added more types. Finalise MessageEncrypter. 5 years ago			`export function padPlainTextBuffer(messageBuffer: Uint8Array): Uint8Array {`
basic classes for message sending 6 years ago			`const plaintext = new Uint8Array(`
			`getPaddedMessageLength(messageBuffer.byteLength + 1) - 1`
			`);`
			`plaintext.set(new Uint8Array(messageBuffer));`
			`plaintext[messageBuffer.byteLength] = 0x80;`

			`return plaintext;`
			`}`

			`function getPaddedMessageLength(originalLength: number): number {`
			`const messageLengthWithTerminator = originalLength + 1;`
			`let messagePartCount = Math.floor(messageLengthWithTerminator / 160);`

			`if (messageLengthWithTerminator % 160 !== 0) {`
			`messagePartCount += 1;`
			`}`

			`return messagePartCount * 160;`
			`}`

Use message queue for medium group chat messages 5 years ago			`type EncryptResult = {`
			`envelopeType: SignalService.Envelope.Type;`
			`cipherText: Uint8Array;`
			`};`

Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago			`/**`
			* Encrypt `plainTextBuffer` with given `encryptionType` for `device`.
			`*`
pubkeys-in-message-encryptor-init 5 years ago			* @param device The device `PubKey` to encrypt for.
Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago			`* @param plainTextBuffer The unpadded plaintext buffer.`
			`* @param encryptionType The type of encryption.`
			`* @returns The envelope type and the base64 encoded cipher text`
			`*/`
			`export async function encrypt(`
pubkeys-in-message-encryptor-init 5 years ago			`device: PubKey,`
basic classes for message sending 6 years ago			`plainTextBuffer: Uint8Array,`
			`encryptionType: EncryptionType`
Use message queue for medium group chat messages 5 years ago			`): Promise<EncryptResult> {`
basic classes for message sending 6 years ago			`const plainText = padPlainTextBuffer(plainTextBuffer);`
Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago
			`if (encryptionType === EncryptionType.MediumGroup) {`
fix padding for medium group 5 years ago			`return encryptForMediumGroup(device, plainText);`
Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago			`}`

Fix medium group sending for single device users; protocol changes 5 years ago			`const address = new window.libsignal.SignalProtocolAddress(device.key, 1);`

Added more types. Finalise MessageEncrypter. 5 years ago			`let innerCipherText: CipherTextObject;`
Made changes to how messages are sent. Instead of blocking the message queue when we don't have a session, we instead just send out a session request and send the queued messages using fallback encryption. This means that users will be able to message right away without having to wait. The only down side is that all messages sent before sessions are established will be using the weaker encryption. This change also means we have to detach session requests from envelope type (which is a good thing) and thus now a message is a session request if it contains a preKeyBundle. 5 years ago			`if (encryptionType === EncryptionType.Fallback) {`
Change back to old window syntax and allow stubbing of it 5 years ago			`const cipher = new window.libloki.crypto.FallBackSessionCipher(address);`
Added more types. Finalise MessageEncrypter. 5 years ago			`innerCipherText = await cipher.encrypt(plainText.buffer);`
Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago			`} else {`
Change back to old window syntax and allow stubbing of it 5 years ago			`const cipher = new window.libsignal.SessionCipher(`
			`window.textsecure.storage.protocol,`
Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago			`address`
			`);`
Added more types. Finalise MessageEncrypter. 5 years ago			`innerCipherText = await cipher.encrypt(plainText.buffer);`
Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago			`}`

Added more types. Finalise MessageEncrypter. 5 years ago			`return encryptUsingSealedSender(device, innerCipherText);`
Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago			`}`
linting 6 years ago
Use message queue for medium group chat messages 5 years ago			`export async function encryptForMediumGroup(`
			`device: PubKey,`
			`plainTextBuffer: Uint8Array`
			`): Promise<EncryptResult> {`
Lint 5 years ago			`const ourKey = (await UserUtil.getCurrentDevicePubKey()) as string;`
Use message queue for medium group chat messages 5 years ago
			`// "Device" does not really make sense for medium groups, but`
			`// that's where the group pubkey is currently stored`
			`const groupId = device.key;`

			`const { ciphertext, keyIdx } = await encryptWithSenderKey(`
			`plainTextBuffer,`
			`groupId,`
			`ourKey`
			`);`

			`// We should include ciphertext idx in the message`
			`const content = SignalService.MediumGroupCiphertext.encode({`
			`ciphertext,`
make medium group pubkey be in bytes rather than str 5 years ago			`source: new Uint8Array(StringUtils.encode(ourKey, 'hex')),`
Use message queue for medium group chat messages 5 years ago			`keyIdx,`
			`}).finish();`

			`// Encrypt for the group's identity key to hide source and key idx:`
			`const {`
			`ciphertext: ciphertextOuter,`
			`ephemeralKey,`
			`} = await window.libloki.crypto.encryptForPubkey(groupId, content);`

			`const contentOuter = SignalService.MediumGroupContent.encode({`
			`ciphertext: ciphertextOuter,`
			`ephemeralKey: new Uint8Array(ephemeralKey),`
			`}).finish();`

			`const envelopeType = SignalService.Envelope.Type.MEDIUM_GROUP_CIPHERTEXT;`

			`return { envelopeType, cipherText: contentOuter };`
			`}`

Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago			`async function encryptUsingSealedSender(`
pubkeys-in-message-encryptor-init 5 years ago			`device: PubKey,`
Added more types. Finalise MessageEncrypter. 5 years ago			`innerCipherText: CipherTextObject`
Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago			`): Promise<{`
			`envelopeType: SignalService.Envelope.Type;`
Implement MessageSender 5 years ago			`cipherText: Uint8Array;`
Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago			`}> {`
Added more types. Finalise MessageEncrypter. 5 years ago			`const ourNumber = await UserUtil.getCurrentDevicePubKey();`
			`if (!ourNumber) {`
			`throw new Error('Failed to fetch current device public key.');`
			`}`

			`const certificate = SignalService.SenderCertificate.create({`
			`sender: ourNumber,`
			`senderDevice: 1,`
			`});`

Change back to old window syntax and allow stubbing of it 5 years ago			`const cipher = new window.Signal.Metadata.SecretSessionCipher(`
			`window.textsecure.storage.protocol`
Added more types. Finalise MessageEncrypter. 5 years ago			`);`
			`const cipherTextBuffer = await cipher.encrypt(`
pubkeys-in-message-encryptor-init 5 years ago			`device.key,`
Added more types. Finalise MessageEncrypter. 5 years ago			`certificate,`
			`innerCipherText`
			`);`

basic classes for message sending 6 years ago			`return {`
Added libsignal-protocol typings. Added MessageEncrypter. 6 years ago			`envelopeType: SignalService.Envelope.Type.UNIDENTIFIED_SENDER,`
Implement MessageSender 5 years ago			`cipherText: new Uint8Array(cipherTextBuffer),`
basic classes for message sending 6 years ago			`};`
			`}`