thegamer/Cable-Desktop
2
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Move attachment/websocket [en|de]cryption to libtextsecure

Browse source
This commit is contained in:
Matt Corallo 2015-01-15 18:11:08 -10:00 committed by lilia
parent a9617068a2
commit 403ae4376d
7 changed files with 88 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Gruntfile.js
View file

@ -92,6 +92,7 @@ module.exports = function(grunt) {
'libtextsecure/axolotl_wrapper.js', 'libtextsecure/axolotl_wrapper.js',
'libtextsecure/libaxolotl_concat.js', 'libtextsecure/libaxolotl_concat.js',
'libtextsecure/crypto.js',
'libtextsecure/storage.js', 'libtextsecure/storage.js',
'libtextsecure/storage/devices.js', 'libtextsecure/storage/devices.js',
'libtextsecure/protobufs.js', 'libtextsecure/protobufs.js',

2
js/background.js
View file

@ -37,7 +37,7 @@
new WebSocketResource(socket, function(request) { new WebSocketResource(socket, function(request) {
// TODO: handle different types of requests. for now we only expect // TODO: handle different types of requests. for now we only expect
// PUT /messages <encrypted IncomingPushMessageSignal> // PUT /messages <encrypted IncomingPushMessageSignal>
textsecure.protocol.decryptWebsocketMessage(request.body).then(function(plaintext) { textsecure.crypto.decryptWebsocketMessage(request.body).then(function(plaintext) {
var proto = textsecure.protobuf.IncomingPushMessageSignal.decode(plaintext); var proto = textsecure.protobuf.IncomingPushMessageSignal.decode(plaintext);
// After this point, decoding errors are not the server's // After this point, decoding errors are not the server's
// fault, and we should handle them gracefully and tell the // fault, and we should handle them gracefully and tell the

2
libaxolotl/crypto.js
View file

@ -17,7 +17,7 @@
window.axolotl = window.axolotl || {}; window.axolotl = window.axolotl || {};
/* /*
* textsecure.crypto * axolotl.crypto
* glues together various implementations into a single interface * glues together various implementations into a single interface
* for all low-level crypto operations, * for all low-level crypto operations,
*/ */

52
libaxolotl/protocol.js
View file

@ -527,58 +527,6 @@ window.textsecure.protocol = function() {
}); });
} }
// Decrypts message into a raw string
self.decryptWebsocketMessage = function(message) {
var signaling_key = textsecure.storage.getEncrypted("signaling_key"); //TODO: in crypto_storage
var aes_key = toArrayBuffer(signaling_key.substring(0, 32));
var mac_key = toArrayBuffer(signaling_key.substring(32, 32 + 20));
var decodedMessage = message.toArrayBuffer();
if (new Uint8Array(decodedMessage)[0] != 1)
throw new Error("Got bad version number: " + decodedMessage[0]);
var iv = decodedMessage.slice(1, 1 + 16);
var ciphertext = decodedMessage.slice(1 + 16, decodedMessage.byteLength - 10);
var ivAndCiphertext = decodedMessage.slice(0, decodedMessage.byteLength - 10);
var mac = decodedMessage.slice(decodedMessage.byteLength - 10, decodedMessage.byteLength);
return verifyMAC(ivAndCiphertext, mac_key, mac).then(function() {
return window.axolotl.crypto.decrypt(aes_key, ciphertext, iv);
});
};
self.decryptAttachment = function(encryptedBin, keys) {
var aes_key = keys.slice(0, 32);
var mac_key = keys.slice(32, 64);
var iv = encryptedBin.slice(0, 16);
var ciphertext = encryptedBin.slice(16, encryptedBin.byteLength - 32);
var ivAndCiphertext = encryptedBin.slice(0, encryptedBin.byteLength - 32);
var mac = encryptedBin.slice(encryptedBin.byteLength - 32, encryptedBin.byteLength);
return verifyMAC(ivAndCiphertext, mac_key, mac).then(function() {
return window.axolotl.crypto.decrypt(aes_key, ciphertext, iv);
});
};
self.encryptAttachment = function(plaintext, keys, iv) {
var aes_key = keys.slice(0, 32);
var mac_key = keys.slice(32, 64);
return window.axolotl.crypto.encrypt(aes_key, plaintext, iv).then(function(ciphertext) {
var ivAndCiphertext = new Uint8Array(16 + ciphertext.byteLength);
ivAndCiphertext.set(new Uint8Array(iv));
ivAndCiphertext.set(new Uint8Array(ciphertext), 16);
return axolotl.crypto.sign(mac_key, ivAndCiphertext.buffer).then(function(mac) {
var encryptedBin = new Uint8Array(16 + ciphertext.byteLength + 32);
encryptedBin.set(ivAndCiphertext);
encryptedBin.set(new Uint8Array(mac), 16 + ciphertext.byteLength);
return encryptedBin.buffer;
});
});
};
// return Promise(encoded [PreKey]WhisperMessage) // return Promise(encoded [PreKey]WhisperMessage)
self.encryptMessageFor = function(deviceObject, pushMessageContent) { self.encryptMessageFor = function(deviceObject, pushMessageContent) {
var session = crypto_storage.getOpenSession(deviceObject.encodedNumber); var session = crypto_storage.getOpenSession(deviceObject.encodedNumber);

83
libtextsecure/crypto.js Normal file
View file

@ -0,0 +1,83 @@
/* vim: ts=4:sw=4:expandtab
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
;(function(){
'use strict';
// Various wrappers around low-level crypto operation for specific functions
var verifyMAC = function(data, key, mac) {
return axolotl.crypto.sign(key, data).then(function(calculated_mac) {
if (!isEqual(calculated_mac, mac, true))
throw new Error("Bad MAC");
});
}
window.textsecure = window.textsecure || {};
window.textsecure.crypto = {
// Decrypts message into a raw string
decryptWebsocketMessage: function(message) {
var signaling_key = axolotl.api.storage.get("signaling_key"); //TODO: in crypto_storage
var aes_key = toArrayBuffer(signaling_key.substring(0, 32));
var mac_key = toArrayBuffer(signaling_key.substring(32, 32 + 20));
var decodedMessage = message.toArrayBuffer();
if (new Uint8Array(decodedMessage)[0] != 1)
throw new Error("Got bad version number: " + decodedMessage[0]);
var iv = decodedMessage.slice(1, 1 + 16);
var ciphertext = decodedMessage.slice(1 + 16, decodedMessage.byteLength - 10);
var ivAndCiphertext = decodedMessage.slice(0, decodedMessage.byteLength - 10);
var mac = decodedMessage.slice(decodedMessage.byteLength - 10, decodedMessage.byteLength);
return verifyMAC(ivAndCiphertext, mac_key, mac).then(function() {
return window.axolotl.crypto.decrypt(aes_key, ciphertext, iv);
});
},
decryptAttachment: function(encryptedBin, keys) {
var aes_key = keys.slice(0, 32);
var mac_key = keys.slice(32, 64);
var iv = encryptedBin.slice(0, 16);
var ciphertext = encryptedBin.slice(16, encryptedBin.byteLength - 32);
var ivAndCiphertext = encryptedBin.slice(0, encryptedBin.byteLength - 32);
var mac = encryptedBin.slice(encryptedBin.byteLength - 32, encryptedBin.byteLength);
return verifyMAC(ivAndCiphertext, mac_key, mac).then(function() {
return window.axolotl.crypto.decrypt(aes_key, ciphertext, iv);
});
},
encryptAttachment: function(plaintext, keys, iv) {
var aes_key = keys.slice(0, 32);
var mac_key = keys.slice(32, 64);
return window.axolotl.crypto.encrypt(aes_key, plaintext, iv).then(function(ciphertext) {
var ivAndCiphertext = new Uint8Array(16 + ciphertext.byteLength);
ivAndCiphertext.set(new Uint8Array(iv));
ivAndCiphertext.set(new Uint8Array(ciphertext), 16);
return axolotl.crypto.sign(mac_key, ivAndCiphertext.buffer).then(function(mac) {
var encryptedBin = new Uint8Array(16 + ciphertext.byteLength + 32);
encryptedBin.set(ivAndCiphertext);
encryptedBin.set(new Uint8Array(mac), 16 + ciphertext.byteLength);
return encryptedBin.buffer;
});
});
}
};
})();

2
libtextsecure/helpers.js
View file

@ -137,7 +137,7 @@ var handleAttachment = function(attachment) {
} }
function decryptAttachment(encrypted) { function decryptAttachment(encrypted) {
return textsecure.protocol.decryptAttachment( return textsecure.crypto.decryptAttachment(
encrypted, encrypted,
attachment.key.toArrayBuffer() attachment.key.toArrayBuffer()
); );

2
libtextsecure/sendmessage.js
View file

@ -234,7 +234,7 @@ window.textsecure.messaging = function() {
proto.key = axolotl.crypto.getRandomBytes(64); proto.key = axolotl.crypto.getRandomBytes(64);
var iv = axolotl.crypto.getRandomBytes(16); var iv = axolotl.crypto.getRandomBytes(16);
return textsecure.protocol.encryptAttachment(attachment.data, proto.key, iv).then(function(encryptedBin) { return textsecure.crypto.encryptAttachment(attachment.data, proto.key, iv).then(function(encryptedBin) {
return textsecure.api.putAttachment(encryptedBin).then(function(id) { return textsecure.api.putAttachment(encryptedBin).then(function(id) {
proto.id = id; proto.id = id;
proto.contentType = attachment.contentType; proto.contentType = attachment.contentType;