Chapril/xmpp.chapril.org-conversejs
Chapril/xmpp.chapril.org-conversejs
24
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

Only include key and not whole payload from libsignal

Browse Source
This commit is contained in:
JC Brand 2018-08-31 13:57:49 +02:00
parent 18c7ba4ad8
commit ed9afe9afb
4 changed files with 20 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES.md
View File

@ -10,10 +10,11 @@
- #421 XEP-0308: Last Message Correction
- #497 XEP-0384: OMEMO encrypted messaging
- #968 Use nickname from VCard when joining a room
- #1081 Allow for shift-enter to insert newlines
- #1091 There's now only one CSS file for all view modes.
- #1094 Show room members who aren't currently online
- #1106 Support for Roster Versioning
- #1081 Allow for shift-enter to insert newlines
- #1137 Autocompletion and support for [XEP-0372 References](https://xmpp.org/extensions/xep-0372.html), specifically section "3.2 Mentions".
- It's now also possible to edit your VCard via the UI
- Automatically grow/shrink input as text is entered/removed
- MP4 and MP3 files when sent as XEP-0066 Out of Band Data, are now playable directly in chat
@ -24,7 +25,6 @@
If the device is trusted, localStorage is used and user data is cached indefinitely.
- Initial support for [XEP-0357 Push Notifications](https://xmpp.org/extensions/xep-0357.html), specifically registering an "App Server".
- Add support for logging in via OAuth (see the [oauth_providers](https://conversejs.org/docs/html/configurations.html#oauth-providers) setting)
- Add support for [XEP-0372 References](https://xmpp.org/extensions/xep-0372.html), specifically section "3.2 Mentions".
### Bugfixes

9
dist/converse.js vendored
View File

@ -71811,12 +71811,11 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
decrypt(attrs) {
const _converse = this.__super__._converse,
address = new libsignal.SignalProtocolAddress(attrs.from, parseInt(attrs.encrypted.device_id, 10)),
session_cipher = new window.libsignal.SessionCipher(_converse.omemo_store, address),
libsignal_payload = JSON.parse(atob(attrs.encrypted.key)); // https://xmpp.org/extensions/xep-0384.html#usecases-receiving
session_cipher = new window.libsignal.SessionCipher(_converse.omemo_store, address); // https://xmpp.org/extensions/xep-0384.html#usecases-receiving
if (attrs.encrypted.prekey === 'true') {
let plaintext;
return session_cipher.decryptPreKeyWhisperMessage(libsignal_payload.body, 'binary').then(key_and_tag => {
return session_cipher.decryptPreKeyWhisperMessage(atob(attrs.encrypted.key), 'binary').then(key_and_tag => {
if (attrs.encrypted.payload) {
const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag));
return this.decryptMessage(_.extend(attrs.encrypted, {
@ -71844,7 +71843,7 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
return attrs;
});
} else {
return session_cipher.decryptWhisperMessage(libsignal_payload.body, 'binary').then(key_and_tag => {
return session_cipher.decryptWhisperMessage(atob(attrs.encrypted.key), 'binary').then(key_and_tag => {
const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag));
return this.decryptMessage(_.extend(attrs.encrypted, {
'key': aes_data.key,
@ -71943,7 +71942,7 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
prekey = 3 == parseInt(payload.type, 10);
stanza.c('key', {
'rid': device.get('id')
}).t(btoa(JSON.stringify(dicts[i].payload)));
}).t(btoa(payload.body));
if (prekey) {
stanza.attrs({

21
spec/omemo.js
View File

@ -188,8 +188,8 @@
`<body>This is an OMEMO encrypted message which your client doesnt seem to support. Find more information on https://conversations.im/omemo</body>`+
`<encrypted xmlns='eu.siacs.conversations.axolotl'>`+
`<header sid='123456789'>`+
`<key rid='482886413b977930064a5888b92134fe'>eyJ0eXBlIjoxLCJib2R5IjoiYzFwaDNSNzNYNyIsInJlZ2lzdHJhdGlvbklkIjoiMTMzNyJ9</key>`+
`<key rid='555'>eyJ0eXBlIjoxLCJib2R5IjoiYzFwaDNSNzNYNyIsInJlZ2lzdHJhdGlvbklkIjoiMTMzNyJ9</key>`+
`<key rid='482886413b977930064a5888b92134fe'>YzFwaDNSNzNYNw==</key>`+
`<key rid='555'>YzFwaDNSNzNYNw==</key>`+
`<iv>${sent_stanza.nodeTree.querySelector('iv').textContent}</iv>`+
`</header>`+
`<payload>${sent_stanza.nodeTree.querySelector('payload').textContent}</payload>`+
@ -203,11 +203,6 @@
// XXX: Normally the key will be encrypted via libsignal.
// However, we're mocking libsignal in the tests, so we include
// it as plaintext in the message.
const key = btoa(JSON.stringify({
'type': 1,
'body': obj.key_and_tag,
'registrationId': '1337'
}));
const stanza = $msg({
'from': contact_jid,
'to': _converse.connection.jid,
@ -216,7 +211,7 @@
}).c('body').t('This is a fallback message').up()
.c('encrypted', {'xmlns': Strophe.NS.OMEMO})
.c('header', {'sid': '555'})
.c('key', {'rid': _converse.omemo_store.get('device_id')}).t(key).up()
.c('key', {'rid': _converse.omemo_store.get('device_id')}).t(btoa(obj.key_and_tag)).up()
.c('iv').t(obj.iv)
.up().up()
.c('payload').t(obj.payload);
@ -249,11 +244,6 @@
// XXX: Normally the key will be encrypted via libsignal.
// However, we're mocking libsignal in the tests, so we include
// it as plaintext in the message.
const key = btoa(JSON.stringify({
'type': 1,
'body': obj.key_and_tag,
'registrationId': '1337'
}));
const stanza = $msg({
'from': contact_jid,
'to': _converse.connection.jid,
@ -262,7 +252,10 @@
}).c('body').t('This is a fallback message').up()
.c('encrypted', {'xmlns': Strophe.NS.OMEMO})
.c('header', {'sid': '555'})
.c('key', {'prekey': 'true', 'rid': _converse.omemo_store.get('device_id')}).t(key).up()
.c('key', {
'prekey': 'true',
'rid': _converse.omemo_store.get('device_id')
}).t(btoa(obj.key_and_tag)).up()
.c('iv').t(obj.iv)
.up().up()
.c('payload').t(obj.payload);

15
src/converse-omemo.js
View File

@ -241,13 +241,12 @@
decrypt (attrs) {
const { _converse } = this.__super__,
address = new libsignal.SignalProtocolAddress(attrs.from, parseInt(attrs.encrypted.device_id, 10)),
session_cipher = new window.libsignal.SessionCipher(_converse.omemo_store, address),
libsignal_payload = JSON.parse(atob(attrs.encrypted.key));
session_cipher = new window.libsignal.SessionCipher(_converse.omemo_store, address);
// https://xmpp.org/extensions/xep-0384.html#usecases-receiving
if (attrs.encrypted.prekey === 'true') {
let plaintext;
return session_cipher.decryptPreKeyWhisperMessage(libsignal_payload.body, 'binary')
return session_cipher.decryptPreKeyWhisperMessage(atob(attrs.encrypted.key), 'binary')
.then(key_and_tag => {
if (attrs.encrypted.payload) {
const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag));
@ -264,17 +263,17 @@
} else {
return _.extend(attrs, {'is_only_key': true});
}
}).catch((e) => {
}).catch(e => {
this.reportDecryptionError(e);
return attrs;
});
} else {
return session_cipher.decryptWhisperMessage(libsignal_payload.body, 'binary')
return session_cipher.decryptWhisperMessage(atob(attrs.encrypted.key), 'binary')
.then(key_and_tag => {
const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag));
return this.decryptMessage(_.extend(attrs.encrypted, {'key': aes_data.key, 'tag': aes_data.tag}));
}).then(plaintext => _.extend(attrs, {'plaintext': plaintext}))
.catch((e) => {
.catch(e => {
this.reportDecryptionError(e);
return attrs;
});
@ -324,7 +323,7 @@
KEY_ALGO,
true, // extractable
["encrypt", "decrypt"] // key usages
).then((result) => {
).then(result => {
key = result;
const algo = {
'name': 'AES-GCM',
@ -362,7 +361,7 @@
device = dicts[i].device,
prekey = 3 == parseInt(payload.type, 10);
stanza.c('key', {'rid': device.get('id') }).t(btoa(JSON.stringify(dicts[i].payload)));
stanza.c('key', {'rid': device.get('id') }).t(btoa(payload.body));
if (prekey) {
stanza.attrs({'prekey': prekey});
}