|
|
|
|
/* global
|
|
|
|
|
window,
|
|
|
|
|
libsignal,
|
|
|
|
|
textsecure,
|
|
|
|
|
StringView,
|
|
|
|
|
Multibase,
|
|
|
|
|
TextEncoder,
|
|
|
|
|
TextDecoder,
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
crypto,
|
|
|
|
|
dcodeIO
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
// eslint-disable-next-line func-names
|
|
|
|
|
(function() {
|
|
|
|
|
window.libloki = window.libloki || {};
|
|
|
|
|
|
|
|
|
|
class FallBackDecryptionError extends Error {}
|
|
|
|
|
|
|
|
|
|
const IV_LENGTH = 16;
|
|
|
|
|
|
|
|
|
|
async function DHEncrypt(symmetricKey, plainText) {
|
|
|
|
|
const iv = libsignal.crypto.getRandomBytes(IV_LENGTH);
|
|
|
|
|
const ciphertext = await libsignal.crypto.encrypt(
|
|
|
|
|
symmetricKey,
|
|
|
|
|
plainText,
|
|
|
|
|
iv
|
|
|
|
|
);
|
|
|
|
|
const ivAndCiphertext = new Uint8Array(
|
|
|
|
|
iv.byteLength + ciphertext.byteLength
|
|
|
|
|
);
|
|
|
|
|
ivAndCiphertext.set(new Uint8Array(iv));
|
|
|
|
|
ivAndCiphertext.set(new Uint8Array(ciphertext), iv.byteLength);
|
|
|
|
|
return ivAndCiphertext;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function DHDecrypt(symmetricKey, ivAndCiphertext) {
|
|
|
|
|
const iv = ivAndCiphertext.slice(0, IV_LENGTH);
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
const ciphertext = ivAndCiphertext.slice(IV_LENGTH);
|
|
|
|
|
return libsignal.crypto.decrypt(symmetricKey, ciphertext, iv);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
class FallBackSessionCipher {
|
|
|
|
|
constructor(address) {
|
|
|
|
|
this.identityKeyString = address.getName();
|
|
|
|
|
this.pubKey = StringView.hexToArrayBuffer(address.getName());
|
|
|
|
|
}
|
|
|
|
|
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
// Should we use ephemeral key pairs here rather than long term keys on each side?
|
|
|
|
|
async encrypt(plaintext) {
|
|
|
|
|
const myKeyPair = await textsecure.storage.protocol.getIdentityKeyPair();
|
|
|
|
|
const myPrivateKey = myKeyPair.privKey;
|
|
|
|
|
const symmetricKey = libsignal.Curve.calculateAgreement(
|
|
|
|
|
this.pubKey,
|
|
|
|
|
myPrivateKey
|
|
|
|
|
);
|
|
|
|
|
const ivAndCiphertext = await DHEncrypt(symmetricKey, plaintext);
|
|
|
|
|
return {
|
|
|
|
|
type: textsecure.protobuf.Envelope.Type.FRIEND_REQUEST,
|
|
|
|
|
body: ivAndCiphertext,
|
|
|
|
|
registrationId: null,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async decrypt(ivAndCiphertext) {
|
|
|
|
|
const myKeyPair = await textsecure.storage.protocol.getIdentityKeyPair();
|
|
|
|
|
const myPrivateKey = myKeyPair.privKey;
|
|
|
|
|
const symmetricKey = libsignal.Curve.calculateAgreement(
|
|
|
|
|
this.pubKey,
|
|
|
|
|
myPrivateKey
|
|
|
|
|
);
|
|
|
|
|
try {
|
|
|
|
|
return await DHDecrypt(symmetricKey, ivAndCiphertext);
|
|
|
|
|
} catch (e) {
|
|
|
|
|
throw new FallBackDecryptionError(
|
|
|
|
|
`Could not decrypt message from ${
|
|
|
|
|
this.identityKeyString
|
|
|
|
|
} using FallBack encryption.`
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const base32zIndex = Multibase.names.indexOf('base32z');
|
|
|
|
|
const base32zCode = Multibase.codes[base32zIndex];
|
|
|
|
|
|
|
|
|
|
function bufferToArrayBuffer(buf) {
|
|
|
|
|
const ab = new ArrayBuffer(buf.length);
|
|
|
|
|
const view = new Uint8Array(ab);
|
|
|
|
|
for (let i = 0; i < buf.length; i += 1) {
|
|
|
|
|
view[i] = buf[i];
|
|
|
|
|
}
|
|
|
|
|
return ab;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function decodeSnodeAddressToPubKey(snodeAddress) {
|
|
|
|
|
const snodeAddressClean = snodeAddress
|
|
|
|
|
.replace('.snode', '')
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
.replace('https://', '')
|
|
|
|
|
.replace('http://', '');
|
|
|
|
|
return Multibase.decode(`${base32zCode}${snodeAddressClean}`);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
class LokiSnodeChannel {
|
|
|
|
|
constructor() {
|
|
|
|
|
this._ephemeralKeyPair = libsignal.Curve.generateKeyPair();
|
|
|
|
|
// Signal protocol prepends with "0x05"
|
|
|
|
|
this._ephemeralKeyPair.pubKey = this._ephemeralKeyPair.pubKey.slice(1);
|
|
|
|
|
this._ephemeralPubKeyHex = StringView.arrayBufferToHex(
|
|
|
|
|
this._ephemeralKeyPair.pubKey
|
|
|
|
|
);
|
|
|
|
|
this._cache = {};
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async _getSymmetricKey(snodeAddress) {
|
|
|
|
|
if (snodeAddress in this._cache) {
|
|
|
|
|
return this._cache[snodeAddress];
|
|
|
|
|
}
|
|
|
|
|
const ed25519PubKey = decodeSnodeAddressToPubKey(snodeAddress);
|
|
|
|
|
const sodium = await window.getSodium();
|
|
|
|
|
const curve25519PubKey = sodium.crypto_sign_ed25519_pk_to_curve25519(
|
|
|
|
|
ed25519PubKey
|
|
|
|
|
);
|
|
|
|
|
const snodePubKeyArrayBuffer = bufferToArrayBuffer(curve25519PubKey);
|
|
|
|
|
const symmetricKey = libsignal.Curve.calculateAgreement(
|
|
|
|
|
snodePubKeyArrayBuffer,
|
|
|
|
|
this._ephemeralKeyPair.privKey
|
|
|
|
|
);
|
|
|
|
|
this._cache[snodeAddress] = symmetricKey;
|
|
|
|
|
return symmetricKey;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
getChannelPublicKeyHex() {
|
|
|
|
|
return this._ephemeralPubKeyHex;
|
|
|
|
|
}
|
|
|
|
|
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
async decrypt(snodeAddress, ivAndCiphertextBase64) {
|
|
|
|
|
const ivAndCiphertext = dcodeIO.ByteBuffer.wrap(
|
|
|
|
|
ivAndCiphertextBase64,
|
|
|
|
|
'base64'
|
|
|
|
|
).toArrayBuffer();
|
|
|
|
|
const symmetricKey = await this._getSymmetricKey(snodeAddress);
|
|
|
|
|
try {
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
const decrypted = await DHDecrypt(symmetricKey, ivAndCiphertext);
|
|
|
|
|
const decoder = new TextDecoder();
|
|
|
|
|
return decoder.decode(decrypted);
|
|
|
|
|
} catch (e) {
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
return ivAndCiphertext;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async encrypt(snodeAddress, plainText) {
|
|
|
|
|
if (typeof plainText === 'string') {
|
|
|
|
|
const textEncoder = new TextEncoder();
|
|
|
|
|
// eslint-disable-next-line no-param-reassign
|
|
|
|
|
plainText = textEncoder.encode(plainText);
|
|
|
|
|
}
|
|
|
|
|
const symmetricKey = await this._getSymmetricKey(snodeAddress);
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
const ciphertext = await DHEncrypt(symmetricKey, plainText);
|
|
|
|
|
return dcodeIO.ByteBuffer.wrap(ciphertext).toString('base64');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
async function generateSignatureForPairing(secondaryPubKey, type) {
|
|
|
|
|
const pubKeyArrayBuffer = StringView.hexToArrayBuffer(secondaryPubKey);
|
|
|
|
|
// Make sure the signature includes the pairing action (pairing or unpairing)
|
|
|
|
|
const len = pubKeyArrayBuffer.byteLength;
|
|
|
|
|
const data = new Uint8Array(len + 1);
|
|
|
|
|
data.set(new Uint8Array(pubKeyArrayBuffer), 0);
|
|
|
|
|
data[len] = type;
|
|
|
|
|
|
|
|
|
|
const myKeyPair = await textsecure.storage.protocol.getIdentityKeyPair();
|
|
|
|
|
const signature = await libsignal.Curve.async.calculateSignature(
|
|
|
|
|
myKeyPair.privKey,
|
|
|
|
|
data.buffer
|
|
|
|
|
);
|
|
|
|
|
return signature;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function verifyAuthorisation(authorisation) {
|
|
|
|
|
const {
|
|
|
|
|
primaryDevicePubKey,
|
|
|
|
|
secondaryDevicePubKey,
|
|
|
|
|
requestSignature,
|
|
|
|
|
grantSignature,
|
|
|
|
|
} = authorisation;
|
|
|
|
|
const isGrant = !!grantSignature;
|
|
|
|
|
if (!primaryDevicePubKey || !secondaryDevicePubKey) {
|
|
|
|
|
window.log.warn(
|
|
|
|
|
'Received a pairing request with missing pubkeys. Ignored.'
|
|
|
|
|
);
|
|
|
|
|
return false;
|
|
|
|
|
} else if (!requestSignature) {
|
|
|
|
|
window.log.warn(
|
|
|
|
|
'Received a pairing request with missing request signature. Ignored.'
|
|
|
|
|
);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
const verify = async (signature, signatureType) => {
|
|
|
|
|
const encoding = typeof signature === 'string' ? 'base64' : undefined;
|
|
|
|
|
await this.verifyPairingSignature(
|
|
|
|
|
primaryDevicePubKey,
|
|
|
|
|
secondaryDevicePubKey,
|
|
|
|
|
dcodeIO.ByteBuffer.wrap(signature, encoding).toArrayBuffer(),
|
|
|
|
|
signatureType
|
|
|
|
|
);
|
|
|
|
|
};
|
|
|
|
|
try {
|
|
|
|
|
await verify(requestSignature, PairingType.REQUEST);
|
|
|
|
|
} catch (e) {
|
|
|
|
|
window.log.warn(
|
|
|
|
|
'Could not verify pairing request authorisation signature. Ignoring message.'
|
|
|
|
|
);
|
|
|
|
|
window.log.error(e);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
// can't have grant without requestSignature?
|
|
|
|
|
if (isGrant) {
|
|
|
|
|
try {
|
|
|
|
|
await verify(grantSignature, PairingType.GRANT);
|
|
|
|
|
} catch (e) {
|
|
|
|
|
window.log.warn(
|
|
|
|
|
'Could not verify pairing grant authorisation signature. Ignoring message.'
|
|
|
|
|
);
|
|
|
|
|
window.log.error(e);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// FIXME: rename to include the fact it's relative to YOUR device
|
|
|
|
|
async function validateAuthorisation(authorisation) {
|
|
|
|
|
const {
|
|
|
|
|
primaryDevicePubKey,
|
|
|
|
|
secondaryDevicePubKey,
|
|
|
|
|
grantSignature,
|
|
|
|
|
} = authorisation;
|
|
|
|
|
const alreadySecondaryDevice = !!window.storage.get('isSecondaryDevice');
|
|
|
|
|
const ourPubKey = textsecure.storage.user.getNumber();
|
|
|
|
|
const isRequest = !grantSignature;
|
|
|
|
|
if (isRequest && alreadySecondaryDevice) {
|
|
|
|
|
window.log.warn(
|
|
|
|
|
'Received a pairing request while being a secondary device. Ignored.'
|
|
|
|
|
);
|
|
|
|
|
return false;
|
|
|
|
|
} else if (isRequest && primaryDevicePubKey !== ourPubKey) {
|
|
|
|
|
window.log.warn(
|
|
|
|
|
'Received a pairing request addressed to another pubkey. Ignored.'
|
|
|
|
|
);
|
|
|
|
|
return false;
|
|
|
|
|
} else if (isRequest && secondaryDevicePubKey === ourPubKey) {
|
|
|
|
|
window.log.warn('Received a pairing request from ourselves. Ignored.');
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return this.verifyAuthorisation(authorisation);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function verifyPairingSignature(
|
|
|
|
|
primaryDevicePubKey,
|
|
|
|
|
secondaryPubKey,
|
|
|
|
|
signature,
|
|
|
|
|
type
|
|
|
|
|
) {
|
|
|
|
|
const secondaryPubKeyArrayBuffer = StringView.hexToArrayBuffer(
|
|
|
|
|
secondaryPubKey
|
|
|
|
|
);
|
|
|
|
|
const primaryDevicePubKeyArrayBuffer = StringView.hexToArrayBuffer(
|
|
|
|
|
primaryDevicePubKey
|
|
|
|
|
);
|
|
|
|
|
const len = secondaryPubKeyArrayBuffer.byteLength;
|
|
|
|
|
const data = new Uint8Array(len + 1);
|
|
|
|
|
// For REQUEST type message, the secondary device signs the primary device pubkey
|
|
|
|
|
// For GRANT type message, the primary device signs the secondary device pubkey
|
|
|
|
|
let issuer;
|
|
|
|
|
if (type === PairingType.GRANT) {
|
|
|
|
|
data.set(new Uint8Array(secondaryPubKeyArrayBuffer));
|
|
|
|
|
issuer = primaryDevicePubKeyArrayBuffer;
|
|
|
|
|
} else if (type === PairingType.REQUEST) {
|
|
|
|
|
data.set(new Uint8Array(primaryDevicePubKeyArrayBuffer));
|
|
|
|
|
issuer = secondaryPubKeyArrayBuffer;
|
|
|
|
|
}
|
|
|
|
|
data[len] = type;
|
|
|
|
|
// Throws for invalid signature
|
|
|
|
|
await libsignal.Curve.async.verifySignature(issuer, data.buffer, signature);
|
|
|
|
|
}
|
|
|
|
|
async function decryptToken({ cipherText64, serverPubKey64 }) {
|
|
|
|
|
const ivAndCiphertext = new Uint8Array(
|
|
|
|
|
dcodeIO.ByteBuffer.fromBase64(cipherText64).toArrayBuffer()
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
const serverPubKey = new Uint8Array(
|
|
|
|
|
dcodeIO.ByteBuffer.fromBase64(serverPubKey64).toArrayBuffer()
|
|
|
|
|
);
|
|
|
|
|
const { privKey } = await textsecure.storage.protocol.getIdentityKeyPair();
|
|
|
|
|
const symmetricKey = libsignal.Curve.calculateAgreement(
|
|
|
|
|
serverPubKey,
|
|
|
|
|
privKey
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
const token = await DHDecrypt(symmetricKey, ivAndCiphertext);
|
|
|
|
|
|
|
|
|
|
const tokenString = dcodeIO.ByteBuffer.wrap(token).toString('utf8');
|
|
|
|
|
return tokenString;
|
|
|
|
|
}
|
|
|
|
|
const snodeCipher = new LokiSnodeChannel();
|
|
|
|
|
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
const sha512 = data => crypto.subtle.digest('SHA-512', data);
|
|
|
|
|
|
|
|
|
|
const PairingType = Object.freeze({
|
|
|
|
|
REQUEST: 1,
|
|
|
|
|
GRANT: 2,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
window.libloki.crypto = {
|
|
|
|
|
DHEncrypt,
|
|
|
|
|
DHDecrypt,
|
|
|
|
|
FallBackSessionCipher,
|
|
|
|
|
FallBackDecryptionError,
|
|
|
|
|
snodeCipher,
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
decryptToken,
|
|
|
|
|
generateSignatureForPairing,
|
|
|
|
|
verifyPairingSignature,
|
|
|
|
|
verifyAuthorisation,
|
|
|
|
|
validateAuthorisation,
|
|
|
|
|
PairingType,
|
|
|
|
|
// for testing
|
|
|
|
|
_LokiSnodeChannel: LokiSnodeChannel,
|
|
|
|
|
_decodeSnodeAddressToPubKey: decodeSnodeAddressToPubKey,
|
Session v1.0 changes (#802)
* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
5 years ago
|
|
|
sha512,
|
|
|
|
|
};
|
|
|
|
|
})();
|
