diff --git a/_locales/en/messages.json b/_locales/en/messages.json index f079b38d0..17e41fc90 100644 --- a/_locales/en/messages.json +++ b/_locales/en/messages.json @@ -891,8 +891,18 @@ "description": "Confirmation dialog text that asks the user if they really wish to delete the conversation. Answer buttons use the strings 'ok' and 'cancel'. The deletion is permanent, i.e. it cannot be undone." }, + "sessionResetFailed": { + "message": "Secure session reset failed", + "description": + "your secure session could not been transmitted to the other participant." + }, + "sessionResetOngoing": { + "message": "Secure session reset in progress", + "description": + "your secure session is currently being reset, waiting for the reset acknowledgment." + }, "sessionEnded": { - "message": "Secure session reset", + "message": "Secure session reset succeeded", "description": "This is a past tense, informational message. In other words, your secure session has been reset." }, diff --git a/js/background.js b/js/background.js index ebc613361..dc94d55ba 100644 --- a/js/background.js +++ b/js/background.js @@ -347,6 +347,10 @@ return; } + if (message.isEndSession()) { + return; + } + if (message.hasErrors()) { return; } diff --git a/js/models/conversations.js b/js/models/conversations.js index 75478a0b7..2fc0b9480 100644 --- a/js/models/conversations.js +++ b/js/models/conversations.js @@ -53,6 +53,16 @@ friends: 4, }); + // Possible session reset states + const SessionResetEnum = Object.freeze({ + // No ongoing reset + none: 0, + // we initiated the session reset + initiated: 1, + // we received the session reset + request_received: 2, + }); + const COLORS = [ 'red', 'deep_orange', @@ -75,6 +85,7 @@ verified: textsecure.storage.protocol.VerifiedStatus.DEFAULT, friendRequestStatus: FriendRequestStatusEnum.none, unlockTimestamp: null, // Timestamp used for expiring friend requests. + sessionResetStatus: SessionResetEnum.none, }; }, @@ -1420,31 +1431,82 @@ isSearchable() { return !this.get('left'); }, - - async endSession() { - if (this.isPrivate()) { - const now = Date.now(); - const message = this.messageCollection.add({ - conversationId: this.id, - type: 'outgoing', - sent_at: now, - received_at: now, - destination: this.id, - recipients: this.getRecipients(), - flags: textsecure.protobuf.DataMessage.Flags.END_SESSION, + async setSessionResetStatus(newStatus) { + // Ensure that the new status is a valid SessionResetEnum value + if (!(newStatus in Object.values(SessionResetEnum))) + return; + if (this.get('sessionResetStatus') !== newStatus) { + this.set({ sessionResetStatus: newStatus }); + await window.Signal.Data.updateConversation(this.id, this.attributes, { + Conversation: Whisper.Conversation, }); + } + }, + async onSessionResetInitiated() { + await this.setSessionResetStatus(SessionResetEnum.initiated); + }, + async onSessionResetReceived() { + await this.setSessionResetStatus(SessionResetEnum.request_received); + // send empty message, this will trigger the new session to propagate + // to the reset initiator. + await window.libloki.sendEmptyMessage(this.id); + }, - const id = await window.Signal.Data.saveMessage(message.attributes, { - Message: Whisper.Message, - }); - message.set({ id }); + isSessionResetReceived() { + return this.get('sessionResetStatus') === SessionResetEnum.request_received; + }, - const options = this.getSendOptions(); - message.send( - this.wrapSend( - textsecure.messaging.resetSession(this.id, now, options) - ) - ); + isSessionResetOngoing() { + return this.get('sessionResetStatus') !== SessionResetEnum.none; + }, + + async createAndStoreEndSessionMessage(attributes) { + const now = Date.now(); + const message = this.messageCollection.add({ + conversationId: this.id, + type: 'outgoing', + sent_at: now, + received_at: now, + destination: this.id, + recipients: this.getRecipients(), + flags: textsecure.protobuf.DataMessage.Flags.END_SESSION, + ...attributes, + }); + + const id = await window.Signal.Data.saveMessage(message.attributes, { + Message: Whisper.Message, + }); + message.set({ id }); + return message; + }, + + async onNewSessionAdopted() { + if (this.get('sessionResetStatus') === SessionResetEnum.initiated) { + // send empty message to confirm that we have adopted the new session + await window.libloki.sendEmptyMessage(this.id); + } + await this.createAndStoreEndSessionMessage({ type: 'incoming', endSessionType: 'done' }); + await this.setSessionResetStatus(SessionResetEnum.none); + }, + + async endSession() { + if (this.isPrivate()) { + // Only create a new message if *we* initiated the session reset. + // On the receiver side, the actual message containing the END_SESSION flag + // will ensure the "session reset" message will be added to their conversation. + if (this.get('sessionResetStatus') !== SessionResetEnum.request_received) { + await this.onSessionResetInitiated(); + const message = await this.createAndStoreEndSessionMessage({ type: 'outgoing', endSessionType: 'ongoing' }); + const options = this.getSendOptions(); + await message.send( + this.wrapSend( + textsecure.messaging.resetSession(this.id, message.get('sent_at'), options) + ) + ); + if (message.hasErrors()) { + await this.setSessionResetStatus(SessionResetEnum.none); + } + } } }, diff --git a/js/models/messages.js b/js/models/messages.js index d528b524e..23ee2fb3c 100644 --- a/js/models/messages.js +++ b/js/models/messages.js @@ -108,6 +108,15 @@ // eslint-disable-next-line no-bitwise return !!(this.get('flags') & flag); }, + getEndSessionTranslationKey() { + const sessionType = this.get('endSessionType'); + if (sessionType === 'ongoing') { + return 'sessionResetOngoing'; + } else if (sessionType === 'failed') { + return 'sessionResetFailed'; + } + return 'sessionEnded'; + }, isExpirationTimerUpdate() { const flag = textsecure.protobuf.DataMessage.Flags.EXPIRATION_TIMER_UPDATE; @@ -174,7 +183,7 @@ return messages.join(', '); } if (this.isEndSession()) { - return i18n('sessionEnded'); + return i18n(this.getEndSessionTranslationKey()); } if (this.isIncoming() && this.hasErrors()) { return i18n('incomingError'); @@ -294,8 +303,9 @@ }; }, getPropsForResetSessionNotification() { - // It doesn't need anything right now! - return {}; + return { + sessionResetMessageKey: this.getEndSessionTranslationKey(), + }; }, async acceptFriendRequest() { @@ -1126,6 +1136,10 @@ }); errors = errors.concat(this.get('errors') || []); + if (this.isEndSession) { + this.set({ endSessionType: 'failed'}); + } + this.set({ errors }); await window.Signal.Data.saveMessage(this.attributes, { Message: Whisper.Message, @@ -1303,6 +1317,11 @@ message.get('received_at') ); } + } else { + const endSessionType = conversation.isSessionResetReceived() + ? 'ongoing' + : 'done'; + this.set({ endSessionType }); } if (type === 'incoming' || type === 'friend-request') { const readSync = Whisper.ReadSyncs.forMessage(message); diff --git a/libloki/libloki-protocol.js b/libloki/libloki-protocol.js index 2ce4e2520..5c23b8fce 100644 --- a/libloki/libloki-protocol.js +++ b/libloki/libloki-protocol.js @@ -128,6 +128,10 @@ } async function sendFriendRequestAccepted(pubKey) { + return sendEmptyMessage(pubKey); + } + + async function sendEmptyMessage(pubKey) { // empty content message const content = new textsecure.protobuf.Content(); @@ -159,4 +163,5 @@ window.libloki.saveContactPreKeyBundle = saveContactPreKeyBundle; window.libloki.removeContactPreKeyBundle = removeContactPreKeyBundle; window.libloki.sendFriendRequestAccepted = sendFriendRequestAccepted; + window.libloki.sendEmptyMessage = sendEmptyMessage; })(); diff --git a/libtextsecure/message_receiver.js b/libtextsecure/message_receiver.js index d7249fcce..5c07badb0 100644 --- a/libtextsecure/message_receiver.js +++ b/libtextsecure/message_receiver.js @@ -717,11 +717,72 @@ MessageReceiver.prototype.extend({ deviceId: parseInt(textsecure.storage.user.getDeviceId(), 10), }; + let conversation; + try { + conversation = await window.ConversationController.getOrCreateAndWait(envelope.source, 'private'); + } catch (e) { + window.log.info('Error getting conversation: ', envelope.source); + } + const getCurrentSessionBaseKey = async () => { + const record = await sessionCipher.getRecord(address.toString()); + if (!record) + return null; + const openSession = record.getOpenSession(); + if (!openSession) + return null; + const { baseKey } = openSession.indexInfo; + return baseKey + }; + const captureActiveSession = async () => { + this.activeSessionBaseKey = await getCurrentSessionBaseKey(sessionCipher); + }; + const restoreActiveSession = async () => { + const record = await sessionCipher.getRecord(address.toString()); + if (!record) + return + record.archiveCurrentState(); + const sessionToRestore = record.sessions[this.activeSessionBaseKey]; + record.promoteState(sessionToRestore); + record.updateSessionState(sessionToRestore); + await textsecure.storage.protocol.storeSession(address.toString(), record.serialize()); + }; + const deleteAllSessionExcept = async (sessionBaseKey) => { + const record = await sessionCipher.getRecord(address.toString()); + if (!record) + return + const sessionToKeep = record.sessions[sessionBaseKey]; + record.sessions = {} + record.updateSessionState(sessionToKeep); + await textsecure.storage.protocol.storeSession(address.toString(), record.serialize()); + }; + let handleSessionReset; + if (conversation.isSessionResetOngoing()) { + handleSessionReset = async (result) => { + const currentSessionBaseKey = await getCurrentSessionBaseKey(sessionCipher); + if (this.activeSessionBaseKey && currentSessionBaseKey !== this.activeSessionBaseKey) { + if (conversation.isSessionResetReceived()) { + await restoreActiveSession(); + } else { + await deleteAllSessionExcept(currentSessionBaseKey); + await conversation.onNewSessionAdopted(); + } + } else if (conversation.isSessionResetReceived()) { + await deleteAllSessionExcept(this.activeSessionBaseKey); + await conversation.onNewSessionAdopted(); + } + return result; + }; + } else { + handleSessionReset = async (result) => result; + } + switch (envelope.type) { case textsecure.protobuf.Envelope.Type.CIPHERTEXT: window.log.info('message from', this.getEnvelopeId(envelope)); - promise = sessionCipher.decryptWhisperMessage(ciphertext) - .then(this.unpad); + promise = captureActiveSession() + .then(() => sessionCipher.decryptWhisperMessage(ciphertext)) + .then(this.unpad) + .then(handleSessionReset); break; case textsecure.protobuf.Envelope.Type.FRIEND_REQUEST: { window.log.info('friend-request message from ', envelope.source); @@ -731,11 +792,13 @@ MessageReceiver.prototype.extend({ } case textsecure.protobuf.Envelope.Type.PREKEY_BUNDLE: window.log.info('prekey message from', this.getEnvelopeId(envelope)); - promise = this.decryptPreKeyWhisperMessage( - ciphertext, - sessionCipher, - address - ); + promise = captureActiveSession(sessionCipher) + .then(() => this.decryptPreKeyWhisperMessage( + ciphertext, + sessionCipher, + address + )) + .then(handleSessionReset); break; case textsecure.protobuf.Envelope.Type.UNIDENTIFIED_SENDER: window.log.info('received unidentified sender message'); @@ -1282,19 +1345,42 @@ MessageReceiver.prototype.extend({ async handleEndSession(number) { window.log.info('got end session'); const deviceIds = await textsecure.storage.protocol.getDeviceIds(number); + const identityKey = StringView.hexToArrayBuffer(number); + let conversation; + try { + conversation = window.ConversationController.get(number); + } catch (e) { + window.log.error('Error getting conversation: ', number); + } - return Promise.all( - deviceIds.map(deviceId => { + // Bail early if a session reset is already ongoing + if (conversation.isSessionResetOngoing()) { + return; + } + + await Promise.all( + deviceIds.map(async deviceId => { const address = new libsignal.SignalProtocolAddress(number, deviceId); - const sessionCipher = new libsignal.SessionCipher( + // Instead of deleting the sessions now, + // we process the new prekeys and initiate a new session. + // The old sessions will get deleted once the correspondant + // has switch the the new session. + const [preKey, signedPreKey] = await Promise.all([ + textsecure.storage.protocol.loadContactPreKey(number), + textsecure.storage.protocol.loadContactSignedPreKey(number), + ]); + if (preKey === undefined || signedPreKey === undefined) { + return; + } + const device = { identityKey, deviceId, preKey, signedPreKey, registrationId: 0 } + const builder = new libsignal.SessionBuilder( textsecure.storage.protocol, address ); - - window.log.info('deleting sessions for', address.toString()); - return sessionCipher.deleteAllSessionsForDevice(); + builder.processPreKey(device); }) ); + await conversation.onSessionResetReceived(); }, processDecrypted(envelope, decrypted, source) { /* eslint-disable no-bitwise, no-param-reassign */ diff --git a/libtextsecure/outgoing_message.js b/libtextsecure/outgoing_message.js index 620d6db30..e32056d22 100644 --- a/libtextsecure/outgoing_message.js +++ b/libtextsecure/outgoing_message.js @@ -119,7 +119,12 @@ OutgoingMessage.prototype = { if (device.registrationId === 0) { window.log.info('device registrationId 0!'); } - return builder.processPreKey(device).then(() => true).catch(error => { + return builder.processPreKey(device).then(async () => { + // TODO: only remove the keys that were used above! + await window.libloki.removePreKeyBundleForNumber(number); + return true; + } + ).catch(error => { if (error.message === 'Identity key changed') { // eslint-disable-next-line no-param-reassign error.timestamp = this.timestamp; @@ -285,12 +290,17 @@ OutgoingMessage.prototype = { // Check if we need to attach the preKeys let sessionCipher; - if (this.messageType === 'friend-request') { + const isFriendRequest = this.messageType === 'friend-request'; + const flags = this.message.dataMessage ? this.message.dataMessage.get_flags() : null; + const isEndSession = flags === textsecure.protobuf.DataMessage.Flags.END_SESSION; + if (isFriendRequest || isEndSession) { // Encrypt them with the fallback const pkb = await libloki.getPreKeyBundleForContact(number); const preKeyBundleMessage = new textsecure.protobuf.PreKeyBundleMessage(pkb); this.message.preKeyBundleMessage = preKeyBundleMessage; window.log.info('attaching prekeys to outgoing message'); + } + if (isFriendRequest) { sessionCipher = fallBackCipher; } else { sessionCipher = new libsignal.SessionCipher( diff --git a/libtextsecure/sendmessage.js b/libtextsecure/sendmessage.js index 9eb2ec626..66c3978be 100644 --- a/libtextsecure/sendmessage.js +++ b/libtextsecure/sendmessage.js @@ -691,6 +691,17 @@ MessageSender.prototype = { window.log.error(prefix, error && error.stack ? error.stack : error); throw error; }; + // The actual deletion of the session now happens later + // as we need to ensure the other contact has successfully + // switch to a new session first. + return this.sendIndividualProto( + number, + proto, + timestamp, + silent, + options + ).catch(logError('resetSession/sendToContact error:')); + /* const deleteAllSessions = targetNumber => textsecure.storage.protocol.getDeviceIds(targetNumber).then(deviceIds => Promise.all( @@ -741,6 +752,7 @@ MessageSender.prototype = { ).catch(logError('resetSession/sendSync error:')); return Promise.all([sendToContact, sendSync]); + */ }, sendMessageToGroup( diff --git a/ts/components/conversation/ResetSessionNotification.tsx b/ts/components/conversation/ResetSessionNotification.tsx index 19141a869..f964a629a 100644 --- a/ts/components/conversation/ResetSessionNotification.tsx +++ b/ts/components/conversation/ResetSessionNotification.tsx @@ -4,15 +4,16 @@ import { Localizer } from '../../types/Util'; interface Props { i18n: Localizer; + sessionResetMessageKey: string; } export class ResetSessionNotification extends React.Component { public render() { - const { i18n } = this.props; + const { i18n, sessionResetMessageKey } = this.props; return (
- {i18n('sessionEnded')} + { i18n(sessionResetMessageKey) }
); }