首页 发现 帮助
注册 登录
thegamer
/
Cable-Desktop
2
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: 7ce05545d9
分支列表 标签列表
Cable-Desktop
/
libtextsecure
/
ProvisioningCipher.js

ProvisioningCipher.js 2.3 KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 
  1. (function() {
    2. 

  2. 'use strict';
    3. 

  3. 

  4. function ProvisioningCipher() {}
    5. 

  5. 

  6. ProvisioningCipher.prototype = {
    7. 

  7.     decrypt: function(provisionEnvelope) {
    8. 

  8.         var masterEphemeral = provisionEnvelope.publicKey.toArrayBuffer();
    9. 

  9.         var message = provisionEnvelope.body.toArrayBuffer();
    10. 

  10.         if (new Uint8Array(message)[0] != 1) {
    11. 

  11.             throw new Error("Bad version number on ProvisioningMessage");
    12. 

  12.         }
    13. 

  13. 

  14.         var iv = message.slice(1, 16 + 1);
    15. 

  15.         var mac = message.slice(message.byteLength - 32, message.byteLength);
    16. 

  16.         var ivAndCiphertext = message.slice(0, message.byteLength - 32);
    17. 

  17.         var ciphertext = message.slice(16 + 1, message.byteLength - 32);
    18. 

  18. 

  19.         return libsignal.Curve.async.calculateAgreement(
    20. 

  20.             masterEphemeral, this.keyPair.privKey
    21. 

  21.         ).then(function(ecRes) {
    22. 

  22.             return libsignal.HKDF.deriveSecrets(
    23. 

  23.                 ecRes, new ArrayBuffer(32), "TextSecure Provisioning Message"
    24. 

  24.             );
    25. 

  25.         }).then(function(keys) {
    26. 

  26.             return libsignal.crypto.verifyMAC(ivAndCiphertext, keys[1], mac, 32).then(function() {
    27. 

  27.                 return libsignal.crypto.decrypt(keys[0], ciphertext, iv);
    28. 

  28.             });
    29. 

  29.         }).then(function(plaintext) {
    30. 

  30.             var provisionMessage = textsecure.protobuf.ProvisionMessage.decode(plaintext);
    31. 

  31.             var privKey = provisionMessage.identityKeyPrivate.toArrayBuffer();
    32. 

  32. 

  33.             return libsignal.Curve.async.createKeyPair(privKey).then(function(keyPair) {
    34. 

  34.                 return {
    35. 

  35.                     identityKeyPair  : keyPair,
    36. 

  36.                     number           : provisionMessage.number,
    37. 

  37.                     provisioningCode : provisionMessage.provisioningCode,
    38. 

  38.                     userAgent        : provisionMessage.userAgent
    39. 

  39.                 };
    40. 

  40.             });
    41. 

  41.         });
    42. 

  42.     },
    43. 

  43.     getPublicKey: function() {
    44. 

  44.       return Promise.resolve().then(function() {
    45. 

  45.           if (!this.keyPair) {
    46. 

  46.               return libsignal.Curve.async.generateKeyPair().then(function(keyPair) {
    47. 

  47.                   this.keyPair = keyPair;
    48. 

  48.               }.bind(this));
    49. 

  49.           }
    50. 

  50.       }.bind(this)).then(function() {
    51. 

  51.           return this.keyPair.pubKey;
    52. 

  52.       }.bind(this));
    53. 

  53.     }
    54. 

  54. };
    55. 

  55. 

  56. libsignal.ProvisioningCipher = function() {
    57. 

  57.     var cipher = new ProvisioningCipher();
    58. 

  58. 

  59.     this.decrypt      = cipher.decrypt.bind(cipher);
    60. 

  60.     this.getPublicKey = cipher.getPublicKey.bind(cipher);
    61. 

  61. };
    62. 

  62. 

  63. })();
    64.