From 12844590f5ec0e1be22a9d81636829b2943bc9cf Mon Sep 17 00:00:00 2001 From: Matt Corallo Date: Thu, 15 Jan 2015 21:52:50 -1000 Subject: [PATCH] Move prekey sigcheck to libaxolotl --- libaxolotl/protocol.js | 31 ++++++++++++++++++------------- libtextsecure/api.js | 5 +---- libtextsecure/sendmessage.js | 1 + 3 files changed, 20 insertions(+), 17 deletions(-) diff --git a/libaxolotl/protocol.js b/libaxolotl/protocol.js index 6af2ba11..ccd5c01b 100644 --- a/libaxolotl/protocol.js +++ b/libaxolotl/protocol.js @@ -567,6 +567,7 @@ window.axolotl.protocol = function() { try { delete deviceObject['signedKey']; delete deviceObject['signedKeyId']; + delete deviceObject['signedKeySignature']; delete deviceObject['preKey']; delete deviceObject['preKeyId']; } catch(_) {} @@ -586,19 +587,23 @@ window.axolotl.protocol = function() { preKeyMsg.registrationId = axolotl.api.getMyRegistrationId(); if (session === undefined) { - return axolotl.crypto.createKeyPair().then(function(baseKey) { - preKeyMsg.preKeyId = deviceObject.preKeyId; - preKeyMsg.signedPreKeyId = deviceObject.signedKeyId; - preKeyMsg.baseKey = toArrayBuffer(baseKey.pubKey); - return initSession(true, baseKey, undefined, deviceObject.encodedNumber, - toArrayBuffer(deviceObject.identityKey), toArrayBuffer(deviceObject.preKey), toArrayBuffer(deviceObject.signedKey)) - .then(function(new_session) { - session = new_session; - session.pendingPreKey = { preKeyId: deviceObject.preKeyId, signedKeyId: deviceObject.signedKeyId, baseKey: baseKey.pubKey }; - return doEncryptPushMessageContent().then(function(message) { - preKeyMsg.message = message; - var result = String.fromCharCode((3 << 4) | 3) + getString(preKeyMsg.encode()); - return {type: 3, body: result}; + var deviceIdentityKey = toArrayBuffer(deviceObject.identityKey); + var deviceSignedKey = toArrayBuffer(deviceObject.signedKey); + return axolotl.crypto.Ed25519Verify(deviceIdentityKey, deviceSignedKey, toArrayBuffer(deviceObject.signedKeySignature)).then(function() { + return axolotl.crypto.createKeyPair().then(function(baseKey) { + preKeyMsg.preKeyId = deviceObject.preKeyId; + preKeyMsg.signedPreKeyId = deviceObject.signedKeyId; + preKeyMsg.baseKey = toArrayBuffer(baseKey.pubKey); + return initSession(true, baseKey, undefined, deviceObject.encodedNumber, + deviceIdentityKey, toArrayBuffer(deviceObject.preKey), deviceSignedKey) + .then(function(new_session) { + session = new_session; + session.pendingPreKey = { preKeyId: deviceObject.preKeyId, signedKeyId: deviceObject.signedKeyId, baseKey: baseKey.pubKey }; + return doEncryptPushMessageContent().then(function(message) { + preKeyMsg.message = message; + var result = String.fromCharCode((3 << 4) | 3) + getString(preKeyMsg.encode()); + return {type: 3, body: result}; + }); }); }); }); diff --git a/libtextsecure/api.js b/libtextsecure/api.js index 09f4b3b7..45dac575 100644 --- a/libtextsecure/api.js +++ b/libtextsecure/api.js @@ -196,15 +196,12 @@ window.textsecure.api = function () { for (var i = 0; i < res.devices.length; i++) { res.devices[i].signedPreKey.publicKey = StringView.base64ToBytes(res.devices[i].signedPreKey.publicKey); res.devices[i].signedPreKey.signature = StringView.base64ToBytes(res.devices[i].signedPreKey.signature); - promises[i] = window.axolotl.crypto.Ed25519Verify(res.identityKey, res.devices[i].signedPreKey.publicKey, res.devices[i].signedPreKey.signature); res.devices[i].preKey.publicKey = StringView.base64ToBytes(res.devices[i].preKey.publicKey); //TODO: Is this still needed? //if (res.devices[i].keyId === undefined) // res.devices[i].keyId = 0; } - return Promise.all(promises).then(function() { - return res; - }); + return res; }); }; diff --git a/libtextsecure/sendmessage.js b/libtextsecure/sendmessage.js index 9c9922a7..2d496f58 100644 --- a/libtextsecure/sendmessage.js +++ b/libtextsecure/sendmessage.js @@ -30,6 +30,7 @@ window.textsecure.messaging = function() { preKeyId: response.devices[i].preKey.keyId, signedKey: response.devices[i].signedPreKey.publicKey, signedKeyId: response.devices[i].signedPreKey.keyId, + signedKeySignature: response.devices[i].signedPreKey.signature, registrationId: response.devices[i].registrationId }); }