keejef
/
session-desktop
mirror of https://github.com/oxen-io/session-desktop
2
0
Fork 0
Code Issues 8 Projects Releases Wiki Activity

Untested send-encrypted support

Browse Source
pull/749/head
Matt Corallo 11 years ago
parent fe570c754a
commit e932536dfd
2 changed files with 96 additions and 48 deletions
Show Stats Download Patch File Download Diff File

76
js/helpers.js
Unescape Escape View File

@ -365,8 +365,9 @@ function postNaclMessage(message, callback) {
if (message["priv"] !== undefined) { if (message["priv"] !== undefined) {
pass.priv = toArrayBuffer(message.priv); pass.priv = toArrayBuffer(message.priv);
if (pass.priv.byteLength != 32) if (pass.priv.byteLength != 32)
throw "Invalid NACL Message"; throw "Invalid NaCL Message";
} } else
throw "Invalid NaCL Message";
if (message["pub"] !== undefined) { if (message["pub"] !== undefined) {
var pub = toArrayBuffer(message.pub); var pub = toArrayBuffer(message.pub);
var pubView = new Uint8Array(pub); var pubView = new Uint8Array(pub);
@ -378,7 +379,7 @@ function postNaclMessage(message, callback) {
} else if (pub.byteLength == 32) } else if (pub.byteLength == 32)
pass.pub = pub; pass.pub = pub;
else else
throw "Invalid NACL Message"; throw "Invalid NaCL Message";
} }
common.naclModule.postMessage(pass); common.naclModule.postMessage(pass);
} }
@ -523,6 +524,13 @@ var crypto_tests = {};
.toString(CryptoJS.enc.Latin1); .toString(CryptoJS.enc.Latin1);
} }
var encryptAESCTR = function(plaintext, key, counter) {
return CryptoJS.AES.encrypt(btoa(getString(plaintext)),
CryptoJS.enc.Latin1.parse(getString(key)),
{mode: CryptoJS.mode.CTR, iv: CryptoJS.enc.Latin1.parse(""), padding: CryptoJS.pad.NoPadding})
.toString(CryptoJS.enc.Latin1);
}
var verifyMACWithVersionByte = function(data, key, mac, version) { var verifyMACWithVersionByte = function(data, key, mac, version) {
if (version === undefined) if (version === undefined)
version = 1; version = 1;
@ -534,6 +542,13 @@ var crypto_tests = {};
throw "Bad MAC"; throw "Bad MAC";
} }
var calculateMACWithVersionByte = function(data, key, version) {
if (version === undefined)
version = 1;
return HMACSHA256(String.fromCharCode(version) + getString(data), key);
}
/****************************** /******************************
*** Ratchet implementation *** *** Ratchet implementation ***
******************************/ ******************************/
@ -651,12 +666,11 @@ var crypto_tests = {};
var chain = session[getString(message.ephemeralKey)]; var chain = session[getString(message.ephemeralKey)];
fillMessageKeys(chain, message.counter); fillMessageKeys(chain, message.counter);
var keys = HKDF(chain.messageKeys[message.counter], '', "WhisperMessageKeys"); var keys = HKDF(chain.messageKeys[message.counter], '', "WhisperMessageKeys");
verifyMACWithVersionByte(messageProto, keys[1], mac, (2 << 4) | 2); delete chain.messageKeys[message.counter];
verifyMACWithVersionByte(messageProto, keys[1], mac, (2 << 4) | 2);
var plaintext = decryptAESCTR(message.ciphertext, keys[0], message.counter); var plaintext = decryptAESCTR(message.ciphertext, keys[0], message.counter);
delete chain.messageKeys[message.counter];
//TODO: removeOldChains(session); //TODO: removeOldChains(session);
@ -714,9 +728,26 @@ var crypto_tests = {};
var doEncryptPushMessageContent = function(callback) { var doEncryptPushMessageContent = function(callback) {
var msg = new WhisperMessageProtobuf(); var msg = new WhisperMessageProtobuf();
var plaintext = pushMessageContent.encode(); var plaintext = pushMessageContent.encode();
msg.ephemeralKey = getString(session.currentRatchet.ephemeralKeyPair.pubKey);
var chain = session[msg.ephemeralKey];
fillMessageKeys(chain, chain.counter + 1);
var keys = HKDF(chain.messageKeys[chain.counter], '', "WhisperMessageKeys");
delete chain.messageKeys[chain.counter];
msg.counter = chain.counter;
//TODO //TODO
msg.ciphertext = plaintext;//TODO: WAT? msg.previousCounter = 1;
callback(msg.encode());
msg.ciphertext = encryptAESCTR(plaintext, keys[0], chain.counter);
var encodedMsg = getString(msg.encode());
var mac = calculateMACWithVersionByte(encodedMsg, keys[1], (2 << 4) | 2);
var result = String.fromCharCode((2 << 4) | 2) + encodedMsg + mac.substring(0, 8);
crypto_storage.saveSession(deviceObject.encodedNumber, session);
callback(result);
} }
if (session === undefined) { if (session === undefined) {
@ -724,16 +755,20 @@ var crypto_tests = {};
preKeyMsg.identityKey = getString(crypto_storage.getStoredPubKey("identityKey")); preKeyMsg.identityKey = getString(crypto_storage.getStoredPubKey("identityKey"));
createNewKeyPair(function(baseKey) { createNewKeyPair(function(baseKey) {
preKeyMsg.baseKey = getString(baseKey.pubKey); preKeyMsg.baseKey = getString(baseKey.pubKey);
preKeyMsg.preKeyId = preKey.keyId; preKeyMsg.preKeyId = deviceObject.preKeyId;
initSession();//TODO initSession(true, baseKey, deviceObject.encodedNumber, deviceObject.identityKey, deviceObject.publicKey, function() {
doEncryptPushMessageContent(function(message) { //TODO: Delete preKey info now?
preKeyMsg.message = getString(message); session = crypto_storage.getSession(deviceObject.encodedNumber);
callback(getString(preKeyMsg.encode())); //TODO: We need to step ratchet here, I think
doEncryptPushMessageContent(function(message) {
preKeyMsg.message = getString(message);
callback({type: 3, body: getString(preKeyMsg.encode())});
});
}); });
}); });
} else } else
doEncryptPushMessageContent(function(message) { doEncryptPushMessageContent(function(message) {
callback(getString(message)); callback({type: 1, body: getString(message)});
}); });
} }
@ -899,7 +934,8 @@ function getKeysForNumber(number, success_callback, error_callback) {
saveDeviceObject({ saveDeviceObject({
encodedNumber: number + "." + response[i].deviceId, encodedNumber: number + "." + response[i].deviceId,
identityKey: response[i].identityKey, identityKey: response[i].identityKey,
publicKey: response[i].publicKey publicKey: response[i].publicKey,
preKeyId: response[i].keyId
}); });
} catch (e) { } catch (e) {
error_callback(e); error_callback(e);
@ -914,19 +950,19 @@ function getKeysForNumber(number, success_callback, error_callback) {
} }
// success_callback(server success/failure map), error_callback(error_msg) // success_callback(server success/failure map), error_callback(error_msg)
// message == PushMessageContentProto (NOT STRING)
function sendMessageToDevices(deviceObjectList, message, success_callback, error_callback) { function sendMessageToDevices(deviceObjectList, message, success_callback, error_callback) {
if (message.type === undefined)
message.type = 0; //TODO: Change to 1 for ciphertext instead of plaintext
var jsonData = []; var jsonData = [];
for (var i = 0; i < deviceObjectList.legnth; i++) { for (var i = 0; i < deviceObjectList.legnth; i++) {
var encryptedMsg = encryptMessageFor(deviceObjectList[i], message);
jsonData[jsonData.length] = { jsonData[jsonData.length] = {
type: message.type, type: encryptedMsg.type,
destination: deviceObjectList[i].encodedNumber, destination: deviceObjectList[i].encodedNumber,
body: encryptMessageFor(deviceObjectList[i], message.message), //TODO: Protobuf? body: encryptedMsg.body,
relay: deviceObjectList[i].relay, relay: deviceObjectList[i].relay,
timestamp: new Date().getTime() timestamp: new Date().getTime()
}; };
//TODO: need to encrypt with session key?
} }
doAjax({call: 'messages', httpType: 'POST', do_auth: true, jsonData: jsonData, doAjax({call: 'messages', httpType: 'POST', do_auth: true, jsonData: jsonData,
success_callback: function(result) { success_callback: function(result) {

68
js/test.js
Unescape Escape View File

@ -186,30 +186,48 @@ registerOnLoadFunction(function() {
var T1 = hexToArrayBuffer("3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf"); var T1 = hexToArrayBuffer("3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf");
var T2 = hexToArrayBuffer("34007208d5b887185865"); var T2 = hexToArrayBuffer("34007208d5b887185865");
callback(getString(OKM[0]) == getString(T1) && getString(OKM[1]).substring(0, 10) == getString(T2)); callback(getString(OKM[0]) == getString(T1) && getString(OKM[1]).substring(0, 10) == getString(T2));
}, "HMAC RFC5869 Test vectors"); }, "HMAC RFC5869 Test vectors");*/
var axolotlTestVectors = { var axolotlTestVectors = {
aliceIdentityPriv: hexToArrayBuffer("d8dab419978a2693f2842691931e4c8aaa09a11e8a94b5817cc4f81a1c474a62"), aliceIdentityPriv: hexToArrayBuffer("08ebc1e1fdbbc88d1a833a9d8c287328d4f749b7b7eb20afda0957dc05efc258"),
aliceIdentityPub: hexToArrayBuffer("0502e9e6c0528ea9e44d8cb759aeaa02ae3eccbe3107de4f0815240b414744fd22"), aliceIdentityPub: hexToArrayBuffer("05b9c152cb9fefb0a12df319ae50c728c7909a8a080fcf22d5e1842352186d3870"),
bobIdentityPriv: hexToArrayBuffer("18bd2244222329293a303343759e8e9feb4a4e2771273111528ef97abb6a567e"), bobIdentityPriv: hexToArrayBuffer("08491ea8a9aff03a724cfb44411502f3e974010e62b6db2703b9506a2e18554e"),
bobIdentityPub: hexToArrayBuffer("05b1cb0b5f1e5c93d20a3db2af0ab2512d39d91e6b671ee8e462a62658ba064a5b"), bobIdentityPub: hexToArrayBuffer("0562d9efab60407ac5f4b1bec9c3341db4b279f24a87234c9ff36a1f868fdd8104"),
aliceLastResort: hexToArrayBuffer("8825a933b97d40f65ea37701800900f10d8ba6dff6979a5634e0dc6de8d9b24f"), alicePre0: hexToArrayBuffer("886ec9c65f0c8c1281ca4c8115e3baf5c2ac75d2762826a3cf098c2a093b2250"),
bobLastResort: hexToArrayBuffer("c054dbefd8eee42ff3c1bb873def01f05411304ee07014ff86088c11f57b8e76"), bobPre0: hexToArrayBuffer("009aa1809dbd29b15d3cc4c3c04ae45413b6396f286de46775e748c6daf36545"),
alicePre0: hexToArrayBuffer("384db59677ea9545f1da2c10426b463fb3180bd30d294ad69cd91b44e3a3ad43"), aliceToBob: hexToArrayBuffer("08031205414c4943452203424f4228cfb3dbeec92832860122080012210503d7fa229643c84d5b33d42e50985fc64b77e0b4ec32c52000ce81e857b1ec141a2105b9c152cb9fefb0a12df319ae50c728c7909a8a080fcf22d5e1842352186d3870223b220a21052a59b346373f79d2aee25503b071fd4704a40db12afd6288519eeccf9aacec5b10001801220917468a49c79f0588a5037512abf4f66557"),
alicePre1: hexToArrayBuffer("a841ece2aab82a0542c59c0daca5bd0ae36bc81b3f375ba0ffcc73ab2feacf6f"),
bobPre0: hexToArrayBuffer("10b6b52b867f79e330a5fa3b46fd6a542a1dc21d1103f4d2e8f741c0dd989474"),
bobPre1: hexToArrayBuffer("70be59ec978e3aaa95b64635b09ad1a614c2eda2142ac577b1eb6b1ec8e7f270"),
aliceToBob: hexToArrayBuffer("08031205414c4943452203424f4228c3dfc6cac92832860122080012210518761fa74e002dbbbb140ca7950fb83a3aab3dd4fb7b75ec87eea17f0cde7e0a1a210502e9e6c0528ea9e44d8cb759aeaa02ae3eccbe3107de4f0815240b414744fd22223b220a2105fbad228c11ab8098c3fcb9c16ff1f9df705dce81ea4b6e3df988148e254270751000180122093cfc98c3bc5557b31ffe8deba6900bcfe6"),
plain: hexToArrayBuffer("0a07486920426f6221"), plain: hexToArrayBuffer("0a07486920426f6221"),
sessionKey: hexToArrayBuffer("34400f1fde8f3b96beb435c280a6e93b829679b7e948a85c2f7250c6bfd419dd411a0e9cb5f62cd8b39e2ba23e013763169eb40a"), sessionKey: hexToArrayBuffer("3d71b56ab9763865905597a90c6746640a946bf3a11632b31a87990579925f92f2132869dbf3f22646d00a68430ecd29cb38186b"),
encryptedMessage: hexToArrayBuffer("415733486e6d3165754275487778594d2f4b744a556e63364f67386e45754d6868663054704f486b45494b786c33616a79544552665531354c7539687a426736572f38546b7255583957653542724572724b3867367544554348425257555646774c4662614c67497446722f3242492f56434c31307a49666e2b765457524d324474475a46345a36553869717633566179443273354330417274386d6f48517342524970535a59387841566e584464572f466c4e7632706f6c5a6a2f464e597635552b56335933324552417572327464344a44654e6c544d4c6d4b7456387252384f354d7546626e735074336846456d496d374d7633573039673d3d") encryptedMessage: hexToArrayBuffer("415a326e6f457937756a6c5355785876342f6b5856346970342b6d45636f636c35424d396c4978364f525948696438634f4a68374c4e2f48534b776a4755556f304e73582f634255742b6a58464b6357697368364b363441315963316f5a47304168676466734e572b53484f313131306e664b6e6c47595445723661624e57556b394c515145706b6f52385746626c5952312b636a4b576d554d5131646f477a376b345955415055544e4d474b78413349694135797575706d6544453173545359552b736133575876366f5a7a624a614275486b5044345a4f3773416b34667558434135466e724e2f462f34445a61586952696f4a76744849413d3d"),
}; };
// Axolotl test vectors // Axolotl test vectors
TEST(function(callback) { TEST(function(callback) {
var v = axolotlTestVectors; var v = axolotlTestVectors;
storage.putEncrypted("25519KeyidentityKey", { pubKey: v.aliceIdentityPub, privKey: v.aliceIdentityPriv }); storage.putEncrypted("25519KeyidentityKey", { pubKey: v.aliceIdentityPub, privKey: v.aliceIdentityPriv });
callback(true); postNaclMessage({command: "privToPub", priv: v.alicePre0}, function(message) {
storage.putEncrypted("25519KeypreKey0", { pubKey: message.res, privKey: v.alicePre0 });
postNaclMessage({command: "privToPub", priv: v.bobPre0}, function(message) {
var bobsDevice = {encodedNumber: "BOB", identityKey: v.bobIdentityPub, publicKey: message.res, preKeyId: 0};
saveDeviceObject = bobsDevice;
var message = new PushMessageContentProtobuf();
message.body = "Hi Bob!";
crypto.encryptMessageFor(bobsDevice, message, function(encryptedMsg) {
callback(true);
});
/*storage.putEncrypted("signaling_key", v.sessionKey);
var aliceToBob = crypto.decryptWebsocketMessage(v.encryptedMessage);
if (getString(aliceToBob) != getString(v.aliceToBob))
callback(false);
storage.putEncrypted("25519KeypreKey16777215", { pubKey: message.res, privKey: v.bobLastResort });
var b64 = base64EncArr(new Uint8Array(v.aliceToBob));
crypto.handleIncomingPushMessageProto(IncomingPushMessageProtobuf.decode(b64), function(decrypted_message) {
callback(decrypted_message.body == "Hi Bob!" && decrypted_message.attachments.length == 0);
});*/
});
});
}, "Axolotl test vectors as alice", true); }, "Axolotl test vectors as alice", true);
// Axolotl test vectors // Axolotl test vectors
@ -218,19 +236,13 @@ encryptedMessage: hexToArrayBuffer("415733486e6d3165754275487778594d2f4b744a556e
storage.putEncrypted("25519KeyidentityKey", { pubKey: v.bobIdentityPub, privKey: v.bobIdentityPriv }); storage.putEncrypted("25519KeyidentityKey", { pubKey: v.bobIdentityPub, privKey: v.bobIdentityPriv });
postNaclMessage({command: "privToPub", priv: v.bobPre0}, function(message) { postNaclMessage({command: "privToPub", priv: v.bobPre0}, function(message) {
storage.putEncrypted("25519KeypreKey0", { pubKey: message.res, privKey: v.bobPre0 }); storage.putEncrypted("25519KeypreKey0", { pubKey: message.res, privKey: v.bobPre0 });
postNaclMessage({command: "privToPub", priv: v.bobPre1}, function(message) { storage.putEncrypted("signaling_key", v.sessionKey);
storage.putEncrypted("25519KeypreKey1", { pubKey: message.res, privKey: v.bobPre1 }); var aliceToBob = crypto.decryptWebsocketMessage(v.encryptedMessage);
postNaclMessage({command: "privToPub", priv: v.bobLastResort}, function(message) { if (getString(aliceToBob) != getString(v.aliceToBob))
storage.putEncrypted("25519KeypreKey16777215", { pubKey: message.res, privKey: v.bobLastResort }); callback(false);
storage.putEncrypted("signaling_key", v.sessionKey); var b64 = base64EncArr(new Uint8Array(toArrayBuffer(aliceToBob)));
var aliceToBob = crypto.decryptWebsocketMessage(v.encryptedMessage); crypto.handleIncomingPushMessageProto(IncomingPushMessageProtobuf.decode(b64), function(decrypted_message) {
if (getString(aliceToBob) != getString(v.aliceToBob)) callback(decrypted_message.body == "Hi Bob!" && decrypted_message.attachments.length == 0);
callback(false);
var b64 = base64EncArr(new Uint8Array(toArrayBuffer(aliceToBob)));
crypto.handleIncomingPushMessageProto(IncomingPushMessageProtobuf.decode(b64), function(decrypted_message) {
callback(decrypted_message.body == "Hi Bob!" && decrypted_message.attachments.length == 0);
});
});
}); });
}); });
}, "Axolotl test vectors as bob", true); }, "Axolotl test vectors as bob", true);

Write Preview
Loading…
Cancel
Save