282 lines
14 KiB
JavaScript
282 lines
14 KiB
JavaScript
/*
|
|
* vim: ts=4:sw=4:expandtab
|
|
*/
|
|
|
|
|
|
;(function () {
|
|
'use strict';
|
|
window.textsecure = window.textsecure || {};
|
|
|
|
var ARCHIVE_AGE = 7 * 24 * 60 * 60 * 1000;
|
|
|
|
function AccountManager(url, ports, username, password) {
|
|
this.server = new TextSecureServer(url, ports, username, password);
|
|
this.pending = Promise.resolve();
|
|
}
|
|
|
|
AccountManager.prototype = new textsecure.EventTarget();
|
|
AccountManager.prototype.extend({
|
|
constructor: AccountManager,
|
|
requestVoiceVerification: function(number) {
|
|
return this.server.requestVerificationVoice(number);
|
|
},
|
|
requestSMSVerification: function(number) {
|
|
return this.server.requestVerificationSMS(number);
|
|
},
|
|
registerSingleDevice: function(number, verificationCode) {
|
|
var registerKeys = this.server.registerKeys.bind(this.server);
|
|
var createAccount = this.createAccount.bind(this);
|
|
var generateKeys = this.generateKeys.bind(this, 100);
|
|
var registrationDone = this.registrationDone.bind(this);
|
|
return this.queueTask(function() {
|
|
return libsignal.KeyHelper.generateIdentityKeyPair().then(function(identityKeyPair) {
|
|
return createAccount(number, verificationCode, identityKeyPair).
|
|
then(generateKeys).
|
|
then(registerKeys).
|
|
then(registrationDone);
|
|
});
|
|
});
|
|
},
|
|
registerSecondDevice: function(setProvisioningUrl, confirmNumber, progressCallback) {
|
|
var createAccount = this.createAccount.bind(this);
|
|
var generateKeys = this.generateKeys.bind(this, 100, progressCallback);
|
|
var registrationDone = this.registrationDone.bind(this);
|
|
var registerKeys = this.server.registerKeys.bind(this.server);
|
|
var getSocket = this.server.getProvisioningSocket.bind(this.server);
|
|
var queueTask = this.queueTask.bind(this);
|
|
var provisioningCipher = new libsignal.ProvisioningCipher();
|
|
var gotProvisionEnvelope = false;
|
|
return provisioningCipher.getPublicKey().then(function(pubKey) {
|
|
return new Promise(function(resolve, reject) {
|
|
var socket = getSocket();
|
|
socket.onclose = function(e) {
|
|
console.log('websocket closed', e.code);
|
|
if (!gotProvisionEnvelope) {
|
|
reject(new Error('websocket closed'));
|
|
}
|
|
};
|
|
var wsr = new WebSocketResource(socket, {
|
|
keepalive: { path: '/v1/keepalive/provisioning' },
|
|
handleRequest: function(request) {
|
|
if (request.path === "/v1/address" && request.verb === "PUT") {
|
|
var proto = textsecure.protobuf.ProvisioningUuid.decode(request.body);
|
|
setProvisioningUrl([
|
|
'tsdevice:/?uuid=', proto.uuid, '&pub_key=',
|
|
encodeURIComponent(btoa(getString(pubKey)))
|
|
].join(''));
|
|
request.respond(200, 'OK');
|
|
} else if (request.path === "/v1/message" && request.verb === "PUT") {
|
|
var envelope = textsecure.protobuf.ProvisionEnvelope.decode(request.body, 'binary');
|
|
request.respond(200, 'OK');
|
|
gotProvisionEnvelope = true;
|
|
wsr.close();
|
|
resolve(provisioningCipher.decrypt(envelope).then(function(provisionMessage) {
|
|
return queueTask(function() {
|
|
return confirmNumber(provisionMessage.number).then(function(deviceName) {
|
|
if (typeof deviceName !== 'string' || deviceName.length === 0) {
|
|
throw new Error('Invalid device name');
|
|
}
|
|
return createAccount(
|
|
provisionMessage.number,
|
|
provisionMessage.provisioningCode,
|
|
provisionMessage.identityKeyPair,
|
|
deviceName,
|
|
provisionMessage.userAgent
|
|
).then(generateKeys).
|
|
then(registerKeys).
|
|
then(registrationDone);
|
|
});
|
|
});
|
|
}));
|
|
} else {
|
|
console.log('Unknown websocket message', request.path);
|
|
}
|
|
}
|
|
});
|
|
});
|
|
});
|
|
},
|
|
refreshPreKeys: function() {
|
|
var generateKeys = this.generateKeys.bind(this, 100);
|
|
var registerKeys = this.server.registerKeys.bind(this.server);
|
|
|
|
return this.queueTask(function() {
|
|
return this.server.getMyKeys().then(function(preKeyCount) {
|
|
console.log('prekey count ' + preKeyCount);
|
|
if (preKeyCount < 10) {
|
|
return generateKeys().then(registerKeys);
|
|
}
|
|
});
|
|
}.bind(this));
|
|
},
|
|
rotateSignedPreKey: function() {
|
|
return this.queueTask(function() {
|
|
var signedKeyId = textsecure.storage.get('signedKeyId', 1);
|
|
|
|
if (typeof signedKeyId != 'number') {
|
|
throw new Error('Invalid signedKeyId');
|
|
}
|
|
var store = textsecure.storage.protocol;
|
|
var server = this.server;
|
|
var cleanSignedPreKeys = this.cleanSignedPreKeys;
|
|
return store.getIdentityKeyPair().then(function(identityKey) {
|
|
return libsignal.KeyHelper.generateSignedPreKey(identityKey, signedKeyId);
|
|
}).then(function(res) {
|
|
return server.setSignedPreKey({
|
|
keyId : res.keyId,
|
|
publicKey : res.keyPair.pubKey,
|
|
signature : res.signature
|
|
}).then(function() {
|
|
textsecure.storage.put('signedKeyId', signedKeyId + 1);
|
|
textsecure.storage.remove('signedKeyRotationRejected');
|
|
return store.storeSignedPreKey(res.keyId, res.keyPair).then(function() {
|
|
return cleanSignedPreKeys();
|
|
});
|
|
}).catch(function(e) {
|
|
if (e instanceof Error && e.name == 'HTTPError' && e.code >= 400 && e.code <= 599) {
|
|
var rejections = 1 + textsecure.storage.get('signedKeyRotationRejected', 0);
|
|
textsecure.storage.put('signedKeyRotationRejected', rejections);
|
|
console.log('Signed key rotation rejected count:', rejections);
|
|
}
|
|
});
|
|
});
|
|
}.bind(this));
|
|
},
|
|
queueTask: function(task) {
|
|
return this.pending = this.pending.then(task, task);
|
|
},
|
|
cleanSignedPreKeys: function() {
|
|
var nextSignedKeyId = textsecure.storage.get('signedKeyId');
|
|
if (typeof nextSignedKeyId != 'number') {
|
|
return Promise.resolve();
|
|
}
|
|
var activeSignedPreKeyId = nextSignedKeyId - 1;
|
|
|
|
var store = textsecure.storage.protocol;
|
|
return store.loadSignedPreKeys().then(function(allRecords) {
|
|
var oldRecords = allRecords.filter(function(record) {
|
|
return record.keyId !== activeSignedPreKeyId;
|
|
});
|
|
oldRecords.sort(function(a, b) {
|
|
return (a.created_at || 0) - (b.created_at || 0);
|
|
});
|
|
|
|
console.log("Active signed prekey: " + activeSignedPreKeyId);
|
|
console.log("Old signed prekey record count: " + oldRecords.length);
|
|
|
|
oldRecords.forEach(function(oldRecord) {
|
|
if ( oldRecord.keyId > activeSignedPreKeyId - 3 ) {
|
|
// keep at least the last 3 signed keys
|
|
return;
|
|
}
|
|
var created_at = oldRecord.created_at || 0;
|
|
var archiveDuration = Date.now() - created_at;
|
|
if (archiveDuration > ARCHIVE_AGE) {
|
|
console.log("Removing signed prekey record:",
|
|
oldRecord.keyId, "with timestamp:", created_at);
|
|
store.removeSignedPreKey(oldRecord.keyId);
|
|
}
|
|
});
|
|
});
|
|
},
|
|
createAccount: function(number, verificationCode, identityKeyPair, deviceName, userAgent) {
|
|
var signalingKey = libsignal.crypto.getRandomBytes(32 + 20);
|
|
var password = btoa(getString(libsignal.crypto.getRandomBytes(16)));
|
|
password = password.substring(0, password.length - 2);
|
|
var registrationId = libsignal.KeyHelper.generateRegistrationId();
|
|
|
|
return this.server.confirmCode(
|
|
number, verificationCode, password, signalingKey, registrationId, deviceName
|
|
).then(function(response) {
|
|
return textsecure.storage.protocol.clearSessionStore().then(function() {
|
|
textsecure.storage.remove('identityKey');
|
|
textsecure.storage.remove('signaling_key');
|
|
textsecure.storage.remove('password');
|
|
textsecure.storage.remove('registrationId');
|
|
textsecure.storage.remove('number_id');
|
|
textsecure.storage.remove('device_name');
|
|
textsecure.storage.remove('regionCode');
|
|
textsecure.storage.remove('userAgent');
|
|
|
|
// update our own identity key, which may have changed
|
|
// if we're relinking after a reinstall on the master device
|
|
var putIdentity = textsecure.storage.protocol.saveIdentity.bind(
|
|
null, number, identityKeyPair.pubKey
|
|
);
|
|
textsecure.storage.protocol.removeIdentityKey(number).then(putIdentity, putIdentity);
|
|
|
|
textsecure.storage.put('identityKey', identityKeyPair);
|
|
textsecure.storage.put('signaling_key', signalingKey);
|
|
textsecure.storage.put('password', password);
|
|
textsecure.storage.put('registrationId', registrationId);
|
|
if (userAgent) {
|
|
textsecure.storage.put('userAgent', userAgent);
|
|
}
|
|
|
|
textsecure.storage.user.setNumberAndDeviceId(number, response.deviceId || 1, deviceName);
|
|
textsecure.storage.put('regionCode', libphonenumber.util.getRegionCodeForNumber(number));
|
|
this.server.username = textsecure.storage.get('number_id');
|
|
}.bind(this));
|
|
}.bind(this));
|
|
},
|
|
generateKeys: function (count, progressCallback) {
|
|
if (typeof progressCallback !== 'function') {
|
|
progressCallback = undefined;
|
|
}
|
|
var startId = textsecure.storage.get('maxPreKeyId', 1);
|
|
var signedKeyId = textsecure.storage.get('signedKeyId', 1);
|
|
|
|
if (typeof startId != 'number') {
|
|
throw new Error('Invalid maxPreKeyId');
|
|
}
|
|
if (typeof signedKeyId != 'number') {
|
|
throw new Error('Invalid signedKeyId');
|
|
}
|
|
|
|
|
|
var store = textsecure.storage.protocol;
|
|
return store.getIdentityKeyPair().then(function(identityKey) {
|
|
var result = { preKeys: [], identityKey: identityKey.pubKey };
|
|
var promises = [];
|
|
|
|
for (var keyId = startId; keyId < startId+count; ++keyId) {
|
|
promises.push(
|
|
libsignal.KeyHelper.generatePreKey(keyId).then(function(res) {
|
|
store.storePreKey(res.keyId, res.keyPair);
|
|
result.preKeys.push({
|
|
keyId : res.keyId,
|
|
publicKey : res.keyPair.pubKey
|
|
});
|
|
if (progressCallback) { progressCallback(); }
|
|
})
|
|
);
|
|
}
|
|
|
|
promises.push(
|
|
libsignal.KeyHelper.generateSignedPreKey(identityKey, signedKeyId).then(function(res) {
|
|
store.storeSignedPreKey(res.keyId, res.keyPair);
|
|
result.signedPreKey = {
|
|
keyId : res.keyId,
|
|
publicKey : res.keyPair.pubKey,
|
|
signature : res.signature
|
|
};
|
|
})
|
|
);
|
|
|
|
textsecure.storage.put('maxPreKeyId', startId + count);
|
|
textsecure.storage.put('signedKeyId', signedKeyId + 1);
|
|
return Promise.all(promises).then(function() {
|
|
return this.cleanSignedPreKeys().then(function() {
|
|
return result;
|
|
});
|
|
}.bind(this));
|
|
}.bind(this));
|
|
},
|
|
registrationDone: function() {
|
|
console.log('registration done');
|
|
this.dispatchEvent(new Event('registration'));
|
|
}
|
|
});
|
|
textsecure.AccountManager = AccountManager;
|
|
|
|
}());
|