keejef
/
session-desktop
mirror of https://github.com/oxen-io/session-desktop
2
0
Fork 0
Code Issues 8 Projects Releases Wiki Activity

moved verifySignature of opengroup messages to a worker

Browse Source
pull/1783/head
Audric Ackermann 4 years ago
parent 5b0b165ba9
commit c1ffe23b1e
No known key found for this signature in database
GPG Key ID: 999F434D76324AD4
5 changed files with 26 additions and 49 deletions
Show Stats Download Patch File Download Diff File

1
.prettierignore
Unescape Escape View File

@ -31,6 +31,7 @@ js/curve/**
js/Mp3LameEncoder.min.js js/Mp3LameEncoder.min.js
js/WebAudioRecorderMp3.js js/WebAudioRecorderMp3.js
libtextsecure/libsignal-protocol.js libtextsecure/libsignal-protocol.js
js/util_worker.js
libtextsecure/test/blanket_mocha.js libtextsecure/test/blanket_mocha.js
test/blanket_mocha.js test/blanket_mocha.js
mnemonic_languages/** mnemonic_languages/**

4
Gruntfile.js
Unescape Escape View File

@ -33,8 +33,8 @@ module.exports = grunt => {
const utilWorkerComponents = [ const utilWorkerComponents = [
'node_modules/bytebuffer/dist/bytebuffer.js', 'node_modules/bytebuffer/dist/bytebuffer.js',
'node_modules/libsodium/dist/modules/libsodium.js', 'js/curve/curve25519_compiled.js',
'node_modules/libsodium-wrappers/dist/modules/libsodium-wrappers.js', 'js/curve/curve25519_wrapper.js',
'js/util_worker_tasks.js', 'js/util_worker_tasks.js',
]; ];

2
js/curve/curve25519_wrapper.js
Unescape Escape View File

@ -1,5 +1,5 @@
/* vim: ts=4:sw=4:expandtab */ /* vim: ts=4:sw=4:expandtab */
var Internal = global.Internal || {}; var Internal = typeof global === 'undefined' ? {} : global.Internal || {};
(function() { (function() {
'use strict'; 'use strict';

21
js/util_worker_tasks.js
Unescape Escape View File

@ -1,4 +1,4 @@
/* global dcodeIO, libsignal */ /* global dcodeIO */
/* eslint-disable strict */ /* eslint-disable strict */
const functions = { const functions = {
@ -43,14 +43,21 @@ function fromBase64ToArrayBuffer(value) {
return dcodeIO.ByteBuffer.wrap(value, 'base64').toArrayBuffer(); return dcodeIO.ByteBuffer.wrap(value, 'base64').toArrayBuffer();
} }
async function verifySignature(senderPubKey, messageData, signature) { async function verifySignature(senderPubKey, messageBase64, signatureBase64) {
try { try {
const result = sodium.crypto_sign_verify_detached(signature, messageData, senderPubKey); const messageData = new Uint8Array(fromBase64ToArrayBuffer(messageBase64));
console.warn('sodium result', result); const signature = new Uint8Array(fromBase64ToArrayBuffer(signatureBase64));
return result;
// libsignal.Curve.async.verifySignature(senderPubKey, messageData, signature); // verify returns true if the signature is not correct
const verifyRet = Internal.curve25519.verify(senderPubKey, messageData, signature);
if (verifyRet) {
console.warn('Invalid signature');
return false;
}
return true;
} catch (e) { } catch (e) {
console.warn('verifySignature:', e); console.warn('verifySignature got an error:', e);
return false; return false;
} }
} }

47
ts/opengroup/opengroupV2/ApiUtil.ts
Unescape Escape View File

@ -44,7 +44,7 @@ export type OpenGroupV2InfoJoinable = OpenGroupV2Info & {
export const parseMessages = async ( export const parseMessages = async (
rawMessages: Array<Record<string, any>> rawMessages: Array<Record<string, any>>
): Promise<Array<OpenGroupMessageV2>> => { ): Promise<Array<OpenGroupMessageV2>> => {
if (!rawMessages) { if (!rawMessages || rawMessages.length === 0) {
window?.log?.info('no new messages'); window?.log?.info('no new messages');
return []; return [];
} }
@ -64,50 +64,19 @@ export const parseMessages = async (
continue; continue;
} }
// Validate the message signature // Validate the message signature
console.time(`worker1-${opengroupv2Message?.serverId}`);
const senderPubKey = PubKey.cast(opengroupv2Message.sender).withoutPrefix(); const senderPubKey = PubKey.cast(opengroupv2Message.sender).withoutPrefix();
const signature = (await window.callWorker(
'fromBase64ToArrayBuffer',
opengroupv2Message.base64EncodedSignature
)) as ArrayBuffer;
console.timeEnd(`worker1-${opengroupv2Message?.serverId}`);
console.time(`worker2-${opengroupv2Message?.serverId}`);
const messageData = (await window.callWorker(
'fromBase64ToArrayBuffer',
opengroupv2Message.base64EncodedData
)) as ArrayBuffer;
console.timeEnd(`worker2-${opengroupv2Message?.serverId}`);
// throws if signature failed
console.time(`verifySignature-${opengroupv2Message?.serverId}`);
// const senderEd = (await getSodium()).crypto_sign_ed25519_sk_to_curve25519( const signatureValid = (await window.callWorker(
// fromHexToArray(senderPubKey), 'verifySignature',
// 'uint8array' fromHexToArray(senderPubKey),
// ); opengroupv2Message.base64EncodedData,
opengroupv2Message.base64EncodedSignature
const valid = (await getSodium()).crypto_sign_verify_detached( )) as boolean;
new Uint8Array(signature), if (!signatureValid) {
new Uint8Array(messageData),
fromHexToArray(senderPubKey)
);
// const signatureValid = (await window.callWorker(
// 'verifySignature',
// fromHexToArray(senderPubKey),
// new Uint8Array(messageData),
// new Uint8Array(signature)
// )) as boolean;
if (!valid) {
console.timeEnd(`verifySignature-${opengroupv2Message?.serverId}`);
throw new Error('opengroup message signature invalisd'); throw new Error('opengroup message signature invalisd');
} }
console.timeEnd(`verifySignature-${opengroupv2Message?.serverId}`);
parsedMessages.push(opengroupv2Message); parsedMessages.push(opengroupv2Message);
// as we are not running in a worker, just give some time for UI events
await sleepFor(5);
} catch (e) { } catch (e) {
window?.log?.error('An error happened while fetching getMessages output:', e); window?.log?.error('An error happened while fetching getMessages output:', e);
} }

Write Preview
Loading…
Cancel
Save