From 81bfa90943c5eca0229244f11bd2f88f76ddc229 Mon Sep 17 00:00:00 2001 From: Maxim Shishmarev Date: Thu, 28 Nov 2019 13:07:05 +1100 Subject: [PATCH 1/2] Prompting the user to reset session on invalid ciphertext --- _locales/en/messages.json | 13 +++++++ background.html | 1 + js/background.js | 48 +++++++++++++++++++++++++ js/models/conversations.js | 12 ++++++- js/models/messages.js | 28 +++++++++++++++ js/views/app_view.js | 4 +++ js/views/confirm_session_reset_view.js | 50 ++++++++++++++++++++++++++ js/views/message_view.js | 5 +++ libtextsecure/message_receiver.js | 10 ++++-- libtextsecure/sendmessage.js | 8 ++++- protos/SignalService.proto | 1 + test/index.html | 1 + 12 files changed, 176 insertions(+), 5 deletions(-) create mode 100644 js/views/confirm_session_reset_view.js diff --git a/_locales/en/messages.json b/_locales/en/messages.json index e02144a3a..2be7d3fb0 100644 --- a/_locales/en/messages.json +++ b/_locales/en/messages.json @@ -2241,5 +2241,18 @@ }, "noFriendsToAdd": { "message": "no friends to add" + }, + "couldNotDecryptMessage": { + "message": "Couldn't decrypt a message" + }, + "confirmSessionRestore": { + "message": + "Would you like to start a new session with $pubkey$? Only do so if you know this pubkey.", + "placeholders": { + "pubkey": { + "content": "$1", + "example": "" + } + } } } diff --git a/background.html b/background.html index 0f34c7317..3fc66dda1 100644 --- a/background.html +++ b/background.html @@ -819,6 +819,7 @@ + diff --git a/js/background.js b/js/background.js index 294bddfd6..515731138 100644 --- a/js/background.js +++ b/js/background.js @@ -998,6 +998,12 @@ } }); + Whisper.events.on('showSessionRestoreConfirmation', options => { + if (appView) { + appView.showSessionRestoreConfirmation(options); + } + }); + Whisper.events.on('showNicknameDialog', options => { if (appView) { appView.showNicknameDialog(options); @@ -1889,6 +1895,48 @@ } async function onError(ev) { + const noSession = + ev.error && + ev.error.message && + ev.error.message.indexOf('No record for device') === 0; + const pubkey = ev.proto.source; + + if (noSession) { + const convo = await ConversationController.getOrCreateAndWait( + pubkey, + 'private' + ); + + if (!convo.get('sessionRestoreSeen')) { + convo.set({ sessionRestoreSeen: true }); + + await window.Signal.Data.updateConversation( + convo.id, + convo.attributes, + { Conversation: Whisper.Conversation } + ); + + window.Whisper.events.trigger('showSessionRestoreConfirmation', { + pubkey, + onOk: async () => { + convo.sendMessage('', null, null, null, null, { + sessionRestoration: true, + }); + }, + }); + } else { + window.log.verbose( + `Already seen session restore for pubkey: ${pubkey}` + ); + if (ev.confirm) { + ev.confirm(); + } + } + + // We don't want to display any failed messages in the conversation: + return; + } + const { error } = ev; window.log.error('background onError:', Errors.toLogFormat(error)); diff --git a/js/models/conversations.js b/js/models/conversations.js index c3d230fbc..244d5f2f1 100644 --- a/js/models/conversations.js +++ b/js/models/conversations.js @@ -1423,7 +1423,8 @@ attachments, quote, preview, - groupInvitation = null + groupInvitation = null, + otherOptions = {} ) { this.clearTypingTimers(); @@ -1514,9 +1515,17 @@ messageWithSchema.source = textsecure.storage.user.getNumber(); messageWithSchema.sourceDevice = 1; } + + let sessionRestoration = false; + + if (otherOptions) { + sessionRestoration = otherOptions.sessionRestoration || false; + } + const attributes = { ...messageWithSchema, groupInvitation, + sessionRestoration, id: window.getGuid(), }; @@ -1597,6 +1606,7 @@ } options.groupInvitation = groupInvitation; + options.sessionRestoration = sessionRestoration; const groupNumbers = this.getRecipients(); diff --git a/js/models/messages.js b/js/models/messages.js index eaed842cf..4c74c22f4 100644 --- a/js/models/messages.js +++ b/js/models/messages.js @@ -102,6 +102,8 @@ this.propsForResetSessionNotification = this.getPropsForResetSessionNotification(); } else if (this.isGroupUpdate()) { this.propsForGroupNotification = this.getPropsForGroupNotification(); + } else if (this.isSessionRestoration()) { + // do nothing } else if (this.isFriendRequest()) { this.propsForFriendRequest = this.getPropsForFriendRequest(); } else if (this.isGroupInvitation()) { @@ -270,6 +272,13 @@ isGroupInvitation() { return !!this.get('groupInvitation'); }, + isSessionRestoration() { + const flag = textsecure.protobuf.DataMessage.Flags.SESSION_RESTORE; + // eslint-disable-next-line no-bitwise + const sessionRestoreFlag = !!(this.get('flags') & flag); + + return !!this.get('sessionRestoration') || sessionRestoreFlag; + }, getNotificationText() { const description = this.getDescription(); if (description) { @@ -390,6 +399,16 @@ } const conversation = await this.getSourceDeviceConversation(); + // If we somehow received an old friend request (e.g. after having restored + // from seed, we won't be able to accept it, we should initiate our own + // friend request to reset the session: + if (conversation.get('sessionRestoreSeen')) { + conversation.sendMessage('', null, null, null, null, { + sessionRestoration: true, + }); + return; + } + this.set({ friendStatus: 'accepted' }); await window.Signal.Data.saveMessage(this.attributes, { Message: Whisper.Message, @@ -1922,6 +1941,15 @@ initialMessage.flags === textsecure.protobuf.DataMessage.Flags.BACKGROUND_FRIEND_REQUEST; + if ( + // eslint-disable-next-line no-bitwise + initialMessage.flags & + textsecure.protobuf.DataMessage.Flags.SESSION_RESTORE + ) { + // Show that the session reset is "in progress" even though we had a valid session + this.set({ endSessionType: 'ongoing' }); + } + if (message.isFriendRequest() && backgroundFrReq) { // Check if the contact is a member in one of our private groups: const groupMember = window diff --git a/js/views/app_view.js b/js/views/app_view.js index 582c9d79d..d981f62eb 100644 --- a/js/views/app_view.js +++ b/js/views/app_view.js @@ -250,6 +250,10 @@ const dialog = new Whisper.UpdateGroupDialogView(groupConvo); this.el.append(dialog.el); }, + showSessionRestoreConfirmation(options) { + const dialog = new Whisper.ConfirmSessionResetView(options); + this.el.append(dialog.el); + }, showLeaveGroupDialog(groupConvo) { const dialog = new Whisper.LeaveGroupDialogView(groupConvo); this.el.append(dialog.el); diff --git a/js/views/confirm_session_reset_view.js b/js/views/confirm_session_reset_view.js new file mode 100644 index 000000000..aa34e420f --- /dev/null +++ b/js/views/confirm_session_reset_view.js @@ -0,0 +1,50 @@ +/* global Whisper, i18n */ + +// eslint-disable-next-line func-names +(function() { + 'use strict'; + + window.Whisper = window.Whisper || {}; + + Whisper.ConfirmSessionResetView = Whisper.View.extend({ + className: 'loki-dialog modal', + initialize({ pubkey, onOk }) { + this.title = i18n('couldNotDecryptMessage'); + + this.onOk = onOk; + this.messageText = i18n('confirmSessionRestore', pubkey); + this.okText = i18n('yes'); + this.cancelText = i18n('cancel'); + + this.close = this.close.bind(this); + this.confirm = this.confirm.bind(this); + + this.$el.focus(); + this.render(); + }, + render() { + this.dialogView = new Whisper.ReactWrapperView({ + className: 'leave-group-dialog', + Component: window.Signal.Components.ConfirmDialog, + props: { + titleText: this.title, + messageText: this.messageText, + okText: this.okText, + cancelText: this.cancelText, + onConfirm: this.confirm, + onClose: this.close, + }, + }); + + this.$el.append(this.dialogView.el); + return this; + }, + async confirm() { + this.onOk(); + this.close(); + }, + close() { + this.remove(); + }, + }); +})(); diff --git a/js/views/message_view.js b/js/views/message_view.js index 32d87a78b..1f82fcdb3 100644 --- a/js/views/message_view.js +++ b/js/views/message_view.js @@ -69,6 +69,11 @@ Component: Components.GroupNotification, props: this.model.propsForGroupNotification, }; + } else if (this.model.isSessionRestoration()) { + return { + Component: Components.ResetSessionNotification, + props: this.model.getPropsForResetSessionNotification(), + }; } else if (this.model.propsForFriendRequest) { return { Component: Components.FriendRequest, diff --git a/libtextsecure/message_receiver.js b/libtextsecure/message_receiver.js index f98acbb53..d978d0a06 100644 --- a/libtextsecure/message_receiver.js +++ b/libtextsecure/message_receiver.js @@ -821,7 +821,6 @@ MessageReceiver.prototype.extend({ } else { handleSessionReset = async result => result; } - switch (envelope.type) { case textsecure.protobuf.Envelope.Type.CIPHERTEXT: window.log.info('message from', this.getEnvelopeId(envelope)); @@ -971,6 +970,9 @@ MessageReceiver.prototype.extend({ .catch(error => { let errorToThrow = error; + const noSession = + error && error.message.indexOf('No record for device') === 0; + if (error && error.message === 'Unknown identity key') { // create an error that the UI will pick up and ask the // user if they want to re-negotiate @@ -980,8 +982,8 @@ MessageReceiver.prototype.extend({ buffer.toArrayBuffer(), error.identityKey ); - } else { - // re-throw + } else if (!noSession) { + // We want to handle "no-session" error, not re-throw it throw error; } const ev = new Event('error'); @@ -1850,6 +1852,8 @@ MessageReceiver.prototype.extend({ decrypted.attachments = []; } else if (decrypted.flags & FLAGS.BACKGROUND_FRIEND_REQUEST) { // do nothing + } else if (decrypted.flags & FLAGS.SESSION_RESTORE) { + // do nothing } else if (decrypted.flags & FLAGS.UNPAIRING_REQUEST) { // do nothing } else if (decrypted.flags !== 0) { diff --git a/libtextsecure/sendmessage.js b/libtextsecure/sendmessage.js index a021fd9df..d0d578787 100644 --- a/libtextsecure/sendmessage.js +++ b/libtextsecure/sendmessage.js @@ -28,6 +28,7 @@ function Message(options) { this.profileKey = options.profileKey; this.profile = options.profile; this.groupInvitation = options.groupInvitation; + this.sessionRestoration = options.sessionRestoration || false; if (!(this.recipients instanceof Array)) { throw new Error('Invalid recipient list'); @@ -171,6 +172,10 @@ Message.prototype = { ); } + if (this.sessionRestoration) { + proto.flags = textsecure.protobuf.DataMessage.Flags.SESSION_RESTORE; + } + this.dataMessage = proto; return proto; }, @@ -952,7 +957,7 @@ MessageSender.prototype = { ? textsecure.protobuf.DataMessage.Flags.BACKGROUND_FRIEND_REQUEST : undefined; - const { groupInvitation } = options; + const { groupInvitation, sessionRestoration } = options; return this.sendMessage( { @@ -968,6 +973,7 @@ MessageSender.prototype = { profile, flags, groupInvitation, + sessionRestoration, }, options ); diff --git a/protos/SignalService.proto b/protos/SignalService.proto index e76906d2b..9335e32a5 100644 --- a/protos/SignalService.proto +++ b/protos/SignalService.proto @@ -105,6 +105,7 @@ message DataMessage { END_SESSION = 1; EXPIRATION_TIMER_UPDATE = 2; PROFILE_KEY_UPDATE = 4; + SESSION_RESTORE = 64; UNPAIRING_REQUEST = 128; BACKGROUND_FRIEND_REQUEST = 256; } diff --git a/test/index.html b/test/index.html index cdeaea87e..1e2c31aad 100644 --- a/test/index.html +++ b/test/index.html @@ -576,6 +576,7 @@ + From 19786108a3cdbbb3ed4aa97045d35d1d28a8f2ee Mon Sep 17 00:00:00 2001 From: Maxim Shishmarev Date: Fri, 29 Nov 2019 16:05:21 +1100 Subject: [PATCH 2/2] address reviews --- js/background.js | 2 +- js/models/conversations.js | 6 +----- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/js/background.js b/js/background.js index 515731138..479f4ecb1 100644 --- a/js/background.js +++ b/js/background.js @@ -1918,7 +1918,7 @@ window.Whisper.events.trigger('showSessionRestoreConfirmation', { pubkey, - onOk: async () => { + onOk: () => { convo.sendMessage('', null, null, null, null, { sessionRestoration: true, }); diff --git a/js/models/conversations.js b/js/models/conversations.js index 244d5f2f1..2d102d59c 100644 --- a/js/models/conversations.js +++ b/js/models/conversations.js @@ -1516,11 +1516,7 @@ messageWithSchema.sourceDevice = 1; } - let sessionRestoration = false; - - if (otherOptions) { - sessionRestoration = otherOptions.sessionRestoration || false; - } + const { sessionRestoration = false } = otherOptions; const attributes = { ...messageWithSchema,