From 7186f28019cacafcf00f01b5cc5416a702a38e80 Mon Sep 17 00:00:00 2001 From: sachaaaaa Date: Thu, 7 Feb 2019 17:58:24 +1100 Subject: [PATCH] Ensure a session is always initiated using the prekey assigned to the contact --- libloki/storage.js | 29 +++++++++++++++++++++++++++++ libtextsecure/message_receiver.js | 15 ++++++++++++--- libtextsecure/protobufs.js | 1 + protos/WhisperTextProtocol.proto | 28 ++++++++++++++++++++++++++++ 4 files changed, 70 insertions(+), 3 deletions(-) create mode 100644 protos/WhisperTextProtocol.proto diff --git a/libloki/storage.js b/libloki/storage.js index e8870795c..8d61881bd 100644 --- a/libloki/storage.js +++ b/libloki/storage.js @@ -85,10 +85,39 @@ ]); } + async function verifyFriendRequestAcceptPreKey(pubKey, buffer) { + const storedPreKey = await textsecure.storage.protocol.loadPreKeyForContact( + pubKey + ); + if (!storedPreKey) { + throw new Error( + 'Received a friend request from a pubkey for which no prekey bundle was created' + ); + } + // need to pop the version + // eslint-disable-next-line no-unused-vars + const version = buffer.readUint8(); + const preKeyProto = window.textsecure.protobuf.PreKeyWhisperMessage.decode( + buffer + ); + if (!preKeyProto) { + throw new Error( + 'Could not decode PreKeyWhisperMessage while attempting to match the preKeyId' + ); + } + const { preKeyId } = preKeyProto; + if (storedPreKey.keyId !== preKeyId) { + throw new Error( + 'Received a preKeyWhisperMessage (friend request accept) from an unknown source' + ); + } + } + window.libloki.storage = { getPreKeyBundleForContact, saveContactPreKeyBundle, removeContactPreKeyBundle, + verifyFriendRequestAcceptPreKey, }; // Libloki protocol store diff --git a/libtextsecure/message_receiver.js b/libtextsecure/message_receiver.js index e0f308750..2e8bb94e4 100644 --- a/libtextsecure/message_receiver.js +++ b/libtextsecure/message_receiver.js @@ -730,9 +730,18 @@ MessageReceiver.prototype.extend({ case textsecure.protobuf.Envelope.Type.PREKEY_BUNDLE: window.log.info('prekey message from', this.getEnvelopeId(envelope)); promise = captureActiveSession(sessionCipher) - .then(() => - this.decryptPreKeyWhisperMessage(ciphertext, sessionCipher, address) - ) + .then(async () => { + const buffer = dcodeIO.ByteBuffer.wrap(ciphertext); + await window.libloki.storage.verifyFriendRequestAcceptPreKey( + envelope.source, + buffer + ); + return this.decryptPreKeyWhisperMessage( + ciphertext, + sessionCipher, + address + ); + }) .then(handleSessionReset); break; case textsecure.protobuf.Envelope.Type.UNIDENTIFIED_SENDER: diff --git a/libtextsecure/protobufs.js b/libtextsecure/protobufs.js index 80c91e9e5..3622ff467 100644 --- a/libtextsecure/protobufs.js +++ b/libtextsecure/protobufs.js @@ -35,6 +35,7 @@ loadProtoBufs('SignalService.proto'); loadProtoBufs('SubProtocol.proto'); loadProtoBufs('DeviceMessages.proto'); + loadProtoBufs('WhisperTextProtocol.proto'); // Just for encrypting device names loadProtoBufs('DeviceName.proto'); diff --git a/protos/WhisperTextProtocol.proto b/protos/WhisperTextProtocol.proto new file mode 100644 index 000000000..1c3e97018 --- /dev/null +++ b/protos/WhisperTextProtocol.proto @@ -0,0 +1,28 @@ +package signalservice; + +option java_package = "org.whispersystems.libsignal.protocol"; +option java_outer_classname = "WhisperProtos"; + +message WhisperMessage { + optional bytes ephemeralKey = 1; + optional uint32 counter = 2; + optional uint32 previousCounter = 3; + optional bytes ciphertext = 4; // PushMessageContent +} + +message PreKeyWhisperMessage { + optional uint32 registrationId = 5; + optional uint32 preKeyId = 1; + optional uint32 signedPreKeyId = 6; + optional bytes baseKey = 2; + optional bytes identityKey = 3; + optional bytes message = 4; // WhisperMessage +} + +message KeyExchangeMessage { + optional uint32 id = 1; + optional bytes baseKey = 2; + optional bytes ephemeralKey = 3; + optional bytes identityKey = 4; + optional bytes baseKeySignature = 5; +} \ No newline at end of file