306 lines
11 KiB
JavaScript
306 lines
11 KiB
JavaScript
/* global libsignal */
|
|
import difference from 'lodash-es/difference';
|
|
import invokeMap from 'lodash-es/invokeMap';
|
|
import log from '@converse/headless/log';
|
|
import range from 'lodash-es/range';
|
|
import omit from 'lodash-es/omit';
|
|
import { Model } from '@converse/skeletor/src/model.js';
|
|
import { generateDeviceID } from './utils.js';
|
|
import { _converse, api, converse } from '@converse/headless/core';
|
|
|
|
const { Strophe, $build, u } = converse.env;
|
|
|
|
|
|
const OMEMOStore = Model.extend({
|
|
Direction: {
|
|
SENDING: 1,
|
|
RECEIVING: 2
|
|
},
|
|
|
|
getIdentityKeyPair () {
|
|
const keypair = this.get('identity_keypair');
|
|
return Promise.resolve({
|
|
'privKey': u.base64ToArrayBuffer(keypair.privKey),
|
|
'pubKey': u.base64ToArrayBuffer(keypair.pubKey)
|
|
});
|
|
},
|
|
|
|
getLocalRegistrationId () {
|
|
return Promise.resolve(parseInt(this.get('device_id'), 10));
|
|
},
|
|
|
|
isTrustedIdentity (identifier, identity_key, direction) { // eslint-disable-line no-unused-vars
|
|
if (identifier === null || identifier === undefined) {
|
|
throw new Error("Can't check identity key for invalid key");
|
|
}
|
|
if (!(identity_key instanceof ArrayBuffer)) {
|
|
throw new Error('Expected identity_key to be an ArrayBuffer');
|
|
}
|
|
const trusted = this.get('identity_key' + identifier);
|
|
if (trusted === undefined) {
|
|
return Promise.resolve(true);
|
|
}
|
|
return Promise.resolve(u.arrayBufferToBase64(identity_key) === trusted);
|
|
},
|
|
|
|
loadIdentityKey (identifier) {
|
|
if (identifier === null || identifier === undefined) {
|
|
throw new Error("Can't load identity_key for invalid identifier");
|
|
}
|
|
return Promise.resolve(u.base64ToArrayBuffer(this.get('identity_key' + identifier)));
|
|
},
|
|
|
|
saveIdentity (identifier, identity_key) {
|
|
if (identifier === null || identifier === undefined) {
|
|
throw new Error("Can't save identity_key for invalid identifier");
|
|
}
|
|
const address = new libsignal.SignalProtocolAddress.fromString(identifier);
|
|
const existing = this.get('identity_key' + address.getName());
|
|
const b64_idkey = u.arrayBufferToBase64(identity_key);
|
|
this.save('identity_key' + address.getName(), b64_idkey);
|
|
|
|
if (existing && b64_idkey !== existing) {
|
|
return Promise.resolve(true);
|
|
} else {
|
|
return Promise.resolve(false);
|
|
}
|
|
},
|
|
|
|
getPreKeys () {
|
|
return this.get('prekeys') || {};
|
|
},
|
|
|
|
loadPreKey (key_id) {
|
|
const res = this.getPreKeys()[key_id];
|
|
if (res) {
|
|
return Promise.resolve({
|
|
'privKey': u.base64ToArrayBuffer(res.privKey),
|
|
'pubKey': u.base64ToArrayBuffer(res.pubKey)
|
|
});
|
|
}
|
|
return Promise.resolve();
|
|
},
|
|
|
|
storePreKey (key_id, key_pair) {
|
|
const prekey = {};
|
|
prekey[key_id] = {
|
|
'pubKey': u.arrayBufferToBase64(key_pair.pubKey),
|
|
'privKey': u.arrayBufferToBase64(key_pair.privKey)
|
|
};
|
|
this.save('prekeys', Object.assign(this.getPreKeys(), prekey));
|
|
return Promise.resolve();
|
|
},
|
|
|
|
removePreKey (key_id) {
|
|
this.save('prekeys', omit(this.getPreKeys(), key_id));
|
|
return Promise.resolve();
|
|
},
|
|
|
|
loadSignedPreKey (keyId) { // eslint-disable-line no-unused-vars
|
|
const res = this.get('signed_prekey');
|
|
if (res) {
|
|
return Promise.resolve({
|
|
'privKey': u.base64ToArrayBuffer(res.privKey),
|
|
'pubKey': u.base64ToArrayBuffer(res.pubKey)
|
|
});
|
|
}
|
|
return Promise.resolve();
|
|
},
|
|
|
|
storeSignedPreKey (spk) {
|
|
if (typeof spk !== 'object') {
|
|
// XXX: We've changed the signature of this method from the
|
|
// example given in InMemorySignalProtocolStore.
|
|
// Should be fine because the libsignal code doesn't
|
|
// actually call this method.
|
|
throw new Error('storeSignedPreKey: expected an object');
|
|
}
|
|
this.save('signed_prekey', {
|
|
'id': spk.keyId,
|
|
'privKey': u.arrayBufferToBase64(spk.keyPair.privKey),
|
|
'pubKey': u.arrayBufferToBase64(spk.keyPair.pubKey),
|
|
// XXX: The InMemorySignalProtocolStore does not pass
|
|
// in or store the signature, but we need it when we
|
|
// publish our bundle and this method isn't called from
|
|
// within libsignal code, so we modify it to also store
|
|
// the signature.
|
|
'signature': u.arrayBufferToBase64(spk.signature)
|
|
});
|
|
return Promise.resolve();
|
|
},
|
|
|
|
removeSignedPreKey (key_id) {
|
|
if (this.get('signed_prekey')['id'] === key_id) {
|
|
this.unset('signed_prekey');
|
|
this.save();
|
|
}
|
|
return Promise.resolve();
|
|
},
|
|
|
|
loadSession (identifier) {
|
|
return Promise.resolve(this.get('session' + identifier));
|
|
},
|
|
|
|
storeSession (identifier, record) {
|
|
return Promise.resolve(this.save('session' + identifier, record));
|
|
},
|
|
|
|
removeSession (identifier) {
|
|
return Promise.resolve(this.unset('session' + identifier));
|
|
},
|
|
|
|
removeAllSessions (identifier) {
|
|
const keys = Object.keys(this.attributes).filter(key =>
|
|
key.startsWith('session' + identifier) ? key : false
|
|
);
|
|
const attrs = {};
|
|
keys.forEach(key => { attrs[key] = undefined; });
|
|
this.save(attrs);
|
|
return Promise.resolve();
|
|
},
|
|
|
|
publishBundle () {
|
|
const signed_prekey = this.get('signed_prekey');
|
|
const node = `${Strophe.NS.OMEMO_BUNDLES}:${this.get('device_id')}`;
|
|
const item = $build('item')
|
|
.c('bundle', { 'xmlns': Strophe.NS.OMEMO })
|
|
.c('signedPreKeyPublic', { 'signedPreKeyId': signed_prekey.id })
|
|
.t(signed_prekey.pubKey).up()
|
|
.c('signedPreKeySignature')
|
|
.t(signed_prekey.signature).up()
|
|
.c('identityKey')
|
|
.t(this.get('identity_keypair').pubKey).up()
|
|
.c('prekeys');
|
|
|
|
Object.values(this.get('prekeys')).forEach((prekey, id) =>
|
|
item
|
|
.c('preKeyPublic', { 'preKeyId': id })
|
|
.t(prekey.pubKey)
|
|
.up()
|
|
);
|
|
const options = { 'pubsub#access_model': 'open' };
|
|
return api.pubsub.publish(null, node, item, options, false);
|
|
},
|
|
|
|
async generateMissingPreKeys () {
|
|
const missing_keys = difference(
|
|
invokeMap(range(0, _converse.NUM_PREKEYS), Number.prototype.toString),
|
|
Object.keys(this.getPreKeys())
|
|
);
|
|
if (missing_keys.length < 1) {
|
|
log.warn('No missing prekeys to generate for our own device');
|
|
return Promise.resolve();
|
|
}
|
|
const keys = await Promise.all(
|
|
missing_keys.map(id => libsignal.KeyHelper.generatePreKey(parseInt(id, 10)))
|
|
);
|
|
keys.forEach(k => this.storePreKey(k.keyId, k.keyPair));
|
|
const marshalled_keys = Object.keys(this.getPreKeys()).map(k => ({
|
|
'id': k.keyId,
|
|
'key': u.arrayBufferToBase64(k.pubKey)
|
|
}));
|
|
const devicelist = await api.omemo.devicelists.get(_converse.bare_jid);
|
|
const device = devicelist.devices.get(this.get('device_id'));
|
|
const bundle = await device.getBundle();
|
|
device.save('bundle', Object.assign(bundle, { 'prekeys': marshalled_keys }));
|
|
},
|
|
|
|
/**
|
|
* Generates, stores and then returns pre-keys.
|
|
*
|
|
* Pre-keys are one half of a X3DH key exchange and are published as part
|
|
* of the device bundle.
|
|
*
|
|
* For a new contact or device to establish an encrypted session, it needs
|
|
* to use a pre-key, which it chooses randomly from the list of available
|
|
* ones.
|
|
*/
|
|
async generatePreKeys () {
|
|
const amount = _converse.NUM_PREKEYS;
|
|
const { KeyHelper } = libsignal;
|
|
const keys = await Promise.all(
|
|
range(0, amount).map(id => KeyHelper.generatePreKey(id))
|
|
);
|
|
|
|
keys.forEach(k => this.storePreKey(k.keyId, k.keyPair));
|
|
|
|
return keys.map(k => ({
|
|
'id': k.keyId,
|
|
'key': u.arrayBufferToBase64(k.keyPair.pubKey)
|
|
}));
|
|
},
|
|
|
|
/**
|
|
* Generate the cryptographic data used by the X3DH key agreement protocol
|
|
* in order to build a session with other devices.
|
|
*
|
|
* By generating a bundle, and publishing it via PubSub, we allow other
|
|
* clients to download it and start asynchronous encrypted sessions with us,
|
|
* even if we're offline at that time.
|
|
*/
|
|
async generateBundle () {
|
|
// The first thing that needs to happen if a client wants to
|
|
// start using OMEMO is they need to generate an IdentityKey
|
|
// and a Device ID.
|
|
|
|
// The IdentityKey is a Curve25519 public/private Key pair.
|
|
const identity_keypair = await libsignal.KeyHelper.generateIdentityKeyPair();
|
|
const identity_key = u.arrayBufferToBase64(identity_keypair.pubKey);
|
|
|
|
// The Device ID is a randomly generated integer between 1 and 2^31 - 1.
|
|
const device_id = await generateDeviceID();
|
|
|
|
this.save({
|
|
'device_id': device_id,
|
|
'identity_keypair': {
|
|
'privKey': u.arrayBufferToBase64(identity_keypair.privKey),
|
|
'pubKey': identity_key
|
|
},
|
|
'identity_key': identity_key
|
|
});
|
|
|
|
const signed_prekey = await libsignal.KeyHelper.generateSignedPreKey(identity_keypair, 0);
|
|
this.storeSignedPreKey(signed_prekey);
|
|
|
|
const prekeys = await this.generatePreKeys();
|
|
|
|
const bundle = { identity_key, device_id, prekeys };
|
|
bundle['signed_prekey'] = {
|
|
'id': signed_prekey.keyId,
|
|
'public_key': u.arrayBufferToBase64(signed_prekey.keyPair.pubKey),
|
|
'signature': u.arrayBufferToBase64(signed_prekey.signature)
|
|
};
|
|
|
|
const devicelist = await api.omemo.devicelists.get(_converse.bare_jid);
|
|
const device = await devicelist.devices.create(
|
|
{ 'id': bundle.device_id, 'jid': _converse.bare_jid },
|
|
{ 'promise': true }
|
|
);
|
|
device.save('bundle', bundle);
|
|
},
|
|
|
|
fetchSession () {
|
|
if (this._setup_promise === undefined) {
|
|
this._setup_promise = new Promise((resolve, reject) => {
|
|
this.fetch({
|
|
'success': () => {
|
|
if (!this.get('device_id')) {
|
|
this.generateBundle().then(resolve).catch(reject);
|
|
} else {
|
|
resolve();
|
|
}
|
|
},
|
|
'error': (model, resp) => {
|
|
log.warn("Could not fetch OMEMO session from cache, we'll generate a new one.");
|
|
log.warn(resp);
|
|
this.generateBundle().then(resolve).catch(reject);
|
|
}
|
|
});
|
|
});
|
|
}
|
|
return this._setup_promise;
|
|
}
|
|
});
|
|
|
|
export default OMEMOStore;
|