signal-desktop/ts/textsecure/ProvisioningCipher.ts

// Copyright 2020 Signal Messenger, LLC
// SPDX-License-Identifier: AGPL-3.0-only

/* eslint-disable more/no-then */
/* eslint-disable max-classes-per-file */

import { KeyPairType } from './Types.d';
import { ProvisionEnvelopeClass } from '../textsecure.d';
import {
  decryptAes256CbcPkcsPadding,
  deriveSecrets,
  bytesFromString,
  verifyHmacSha256,
} from '../Crypto';
import { calculateAgreement, createKeyPair, generateKeyPair } from '../Curve';

type ProvisionDecryptResult = {
  identityKeyPair: KeyPairType;
  number?: string;
  uuid?: string;
  provisioningCode?: string;
  userAgent?: string;
  readReceipts?: boolean;
  profileKey?: ArrayBuffer;
};

class ProvisioningCipherInner {
  keyPair?: KeyPairType;

  async decrypt(
    provisionEnvelope: ProvisionEnvelopeClass
  ): Promise<ProvisionDecryptResult> {
    const masterEphemeral = provisionEnvelope.publicKey.toArrayBuffer();
    const message = provisionEnvelope.body.toArrayBuffer();
    if (new Uint8Array(message)[0] !== 1) {
      throw new Error('Bad version number on ProvisioningMessage');
    }

    const iv = message.slice(1, 16 + 1);
    const mac = message.slice(message.byteLength - 32, message.byteLength);
    const ivAndCiphertext = message.slice(0, message.byteLength - 32);
    const ciphertext = message.slice(16 + 1, message.byteLength - 32);

    if (!this.keyPair) {
      throw new Error('ProvisioningCipher.decrypt: No keypair!');
    }

    const ecRes = calculateAgreement(masterEphemeral, this.keyPair.privKey);
    const keys = deriveSecrets(
      ecRes,
      new ArrayBuffer(32),
      bytesFromString('TextSecure Provisioning Message')
    );
    await verifyHmacSha256(ivAndCiphertext, keys[1], mac, 32);

    const plaintext = await decryptAes256CbcPkcsPadding(
      keys[0],
      ciphertext,
      iv
    );
    const provisionMessage = window.textsecure.protobuf.ProvisionMessage.decode(
      plaintext
    );
    const privKey = provisionMessage.identityKeyPrivate.toArrayBuffer();

    const keyPair = createKeyPair(privKey);
    window.normalizeUuids(
      provisionMessage,
      ['uuid'],
      'ProvisioningCipher.decrypt'
    );

    const ret: ProvisionDecryptResult = {
      identityKeyPair: keyPair,
      number: provisionMessage.number,
      uuid: provisionMessage.uuid,
      provisioningCode: provisionMessage.provisioningCode,
      userAgent: provisionMessage.userAgent,
      readReceipts: provisionMessage.readReceipts,
    };
    if (provisionMessage.profileKey) {
      ret.profileKey = provisionMessage.profileKey.toArrayBuffer();
    }
    return ret;
  }

  async getPublicKey(): Promise<ArrayBuffer> {
    if (!this.keyPair) {
      this.keyPair = generateKeyPair();
    }

    if (!this.keyPair) {
      throw new Error('ProvisioningCipher.decrypt: No keypair!');
    }

    return this.keyPair.pubKey;
  }
}

export default class ProvisioningCipher {
  constructor() {
    const inner = new ProvisioningCipherInner();

    this.decrypt = inner.decrypt.bind(inner);
    this.getPublicKey = inner.getPublicKey.bind(inner);
  }

  decrypt: (
    provisionEnvelope: ProvisionEnvelopeClass
  ) => Promise<ProvisionDecryptResult>;

  getPublicKey: () => Promise<ArrayBuffer>;
}
Add license headers across the project 2020-10-30 20:34:04 +00:00			`// Copyright 2020 Signal Messenger, LLC`
			`// SPDX-License-Identifier: AGPL-3.0-only`

Migrate textsecure to eslint Co-authored-by: Chris Svenningsen <chris@carbonfive.com> 2020-09-24 21:53:21 +00:00			`/* eslint-disable more/no-then */`
			`/* eslint-disable max-classes-per-file */`
Moves libtextsecure to Typescript * Starting to work through lint errors * libsignal-protocol: Update changes for primary repo compatibility * Step 1: task_with_timeout rename * Step 2: Apply the changes to TaskWithTimeout.ts * Step 1: All to-be-converted libtextsecure/.js files moved Step 2: No Typescript errors! * Get libtextsecure tests passing again * TSLint errors down to 1 * Compilation succeeds, no lint errors or test failures * WebSocketResources - update import for case-sensitive filesystems * Fixes for lint-deps * Remove unnecessary @ts-ignore * Fix inability to message your own contact after link * Add log message for the end of migration 20 * lint fix 2020-04-13 17:37:29 +00:00
decrypt/encrypt with libsignal-client, remove libsignal-protocol-javascript 2021-04-16 23:13:13 +00:00			`import { KeyPairType } from './Types.d';`
Moves libtextsecure to Typescript * Starting to work through lint errors * libsignal-protocol: Update changes for primary repo compatibility * Step 1: task_with_timeout rename * Step 2: Apply the changes to TaskWithTimeout.ts * Step 1: All to-be-converted libtextsecure/.js files moved Step 2: No Typescript errors! * Get libtextsecure tests passing again * TSLint errors down to 1 * Compilation succeeds, no lint errors or test failures * WebSocketResources - update import for case-sensitive filesystems * Fixes for lint-deps * Remove unnecessary @ts-ignore * Fix inability to message your own contact after link * Add log message for the end of migration 20 * lint fix 2020-04-13 17:37:29 +00:00			`import { ProvisionEnvelopeClass } from '../textsecure.d';`
decrypt/encrypt with libsignal-client, remove libsignal-protocol-javascript 2021-04-16 23:13:13 +00:00			`import {`
			`decryptAes256CbcPkcsPadding,`
			`deriveSecrets,`
			`bytesFromString,`
			`verifyHmacSha256,`
			`} from '../Crypto';`
			`import { calculateAgreement, createKeyPair, generateKeyPair } from '../Curve';`
Moves libtextsecure to Typescript * Starting to work through lint errors * libsignal-protocol: Update changes for primary repo compatibility * Step 1: task_with_timeout rename * Step 2: Apply the changes to TaskWithTimeout.ts * Step 1: All to-be-converted libtextsecure/.js files moved Step 2: No Typescript errors! * Get libtextsecure tests passing again * TSLint errors down to 1 * Compilation succeeds, no lint errors or test failures * WebSocketResources - update import for case-sensitive filesystems * Fixes for lint-deps * Remove unnecessary @ts-ignore * Fix inability to message your own contact after link * Add log message for the end of migration 20 * lint fix 2020-04-13 17:37:29 +00:00
			`type ProvisionDecryptResult = {`
			`identityKeyPair: KeyPairType;`
			`number?: string;`
			`uuid?: string;`
			`provisioningCode?: string;`
			`userAgent?: string;`
			`readReceipts?: boolean;`
			`profileKey?: ArrayBuffer;`
			`};`

			`class ProvisioningCipherInner {`
			`keyPair?: KeyPairType;`

			`async decrypt(`
			`provisionEnvelope: ProvisionEnvelopeClass`
			`): Promise<ProvisionDecryptResult> {`
			`const masterEphemeral = provisionEnvelope.publicKey.toArrayBuffer();`
			`const message = provisionEnvelope.body.toArrayBuffer();`
			`if (new Uint8Array(message)[0] !== 1) {`
			`throw new Error('Bad version number on ProvisioningMessage');`
			`}`

			`const iv = message.slice(1, 16 + 1);`
			`const mac = message.slice(message.byteLength - 32, message.byteLength);`
			`const ivAndCiphertext = message.slice(0, message.byteLength - 32);`
			`const ciphertext = message.slice(16 + 1, message.byteLength - 32);`

			`if (!this.keyPair) {`
			`throw new Error('ProvisioningCipher.decrypt: No keypair!');`
			`}`

decrypt/encrypt with libsignal-client, remove libsignal-protocol-javascript 2021-04-16 23:13:13 +00:00			`const ecRes = calculateAgreement(masterEphemeral, this.keyPair.privKey);`
			`const keys = deriveSecrets(`
			`ecRes,`
			`new ArrayBuffer(32),`
			`bytesFromString('TextSecure Provisioning Message')`
			`);`
			`await verifyHmacSha256(ivAndCiphertext, keys[1], mac, 32);`

			`const plaintext = await decryptAes256CbcPkcsPadding(`
			`keys[0],`
			`ciphertext,`
			`iv`
			`);`
			`const provisionMessage = window.textsecure.protobuf.ProvisionMessage.decode(`
			`plaintext`
			`);`
			`const privKey = provisionMessage.identityKeyPrivate.toArrayBuffer();`

			`const keyPair = createKeyPair(privKey);`
			`window.normalizeUuids(`
			`provisionMessage,`
			`['uuid'],`
			`'ProvisioningCipher.decrypt'`
			`);`

			`const ret: ProvisionDecryptResult = {`
			`identityKeyPair: keyPair,`
			`number: provisionMessage.number,`
			`uuid: provisionMessage.uuid,`
			`provisioningCode: provisionMessage.provisioningCode,`
			`userAgent: provisionMessage.userAgent,`
			`readReceipts: provisionMessage.readReceipts,`
			`};`
			`if (provisionMessage.profileKey) {`
			`ret.profileKey = provisionMessage.profileKey.toArrayBuffer();`
			`}`
			`return ret;`
Moves libtextsecure to Typescript * Starting to work through lint errors * libsignal-protocol: Update changes for primary repo compatibility * Step 1: task_with_timeout rename * Step 2: Apply the changes to TaskWithTimeout.ts * Step 1: All to-be-converted libtextsecure/.js files moved Step 2: No Typescript errors! * Get libtextsecure tests passing again * TSLint errors down to 1 * Compilation succeeds, no lint errors or test failures * WebSocketResources - update import for case-sensitive filesystems * Fixes for lint-deps * Remove unnecessary @ts-ignore * Fix inability to message your own contact after link * Add log message for the end of migration 20 * lint fix 2020-04-13 17:37:29 +00:00			`}`
Migrate textsecure to eslint Co-authored-by: Chris Svenningsen <chris@carbonfive.com> 2020-09-24 21:53:21 +00:00
Moves libtextsecure to Typescript * Starting to work through lint errors * libsignal-protocol: Update changes for primary repo compatibility * Step 1: task_with_timeout rename * Step 2: Apply the changes to TaskWithTimeout.ts * Step 1: All to-be-converted libtextsecure/.js files moved Step 2: No Typescript errors! * Get libtextsecure tests passing again * TSLint errors down to 1 * Compilation succeeds, no lint errors or test failures * WebSocketResources - update import for case-sensitive filesystems * Fixes for lint-deps * Remove unnecessary @ts-ignore * Fix inability to message your own contact after link * Add log message for the end of migration 20 * lint fix 2020-04-13 17:37:29 +00:00			`async getPublicKey(): Promise<ArrayBuffer> {`
decrypt/encrypt with libsignal-client, remove libsignal-protocol-javascript 2021-04-16 23:13:13 +00:00			`if (!this.keyPair) {`
			`this.keyPair = generateKeyPair();`
			`}`

			`if (!this.keyPair) {`
			`throw new Error('ProvisioningCipher.decrypt: No keypair!');`
			`}`

			`return this.keyPair.pubKey;`
Moves libtextsecure to Typescript * Starting to work through lint errors * libsignal-protocol: Update changes for primary repo compatibility * Step 1: task_with_timeout rename * Step 2: Apply the changes to TaskWithTimeout.ts * Step 1: All to-be-converted libtextsecure/.js files moved Step 2: No Typescript errors! * Get libtextsecure tests passing again * TSLint errors down to 1 * Compilation succeeds, no lint errors or test failures * WebSocketResources - update import for case-sensitive filesystems * Fixes for lint-deps * Remove unnecessary @ts-ignore * Fix inability to message your own contact after link * Add log message for the end of migration 20 * lint fix 2020-04-13 17:37:29 +00:00			`}`
			`}`

			`export default class ProvisioningCipher {`
			`constructor() {`
			`const inner = new ProvisioningCipherInner();`

			`this.decrypt = inner.decrypt.bind(inner);`
			`this.getPublicKey = inner.getPublicKey.bind(inner);`
			`}`

			`decrypt: (`
			`provisionEnvelope: ProvisionEnvelopeClass`
			`) => Promise<ProvisionDecryptResult>;`
Migrate textsecure to eslint Co-authored-by: Chris Svenningsen <chris@carbonfive.com> 2020-09-24 21:53:21 +00:00
Moves libtextsecure to Typescript * Starting to work through lint errors * libsignal-protocol: Update changes for primary repo compatibility * Step 1: task_with_timeout rename * Step 2: Apply the changes to TaskWithTimeout.ts * Step 1: All to-be-converted libtextsecure/.js files moved Step 2: No Typescript errors! * Get libtextsecure tests passing again * TSLint errors down to 1 * Compilation succeeds, no lint errors or test failures * WebSocketResources - update import for case-sensitive filesystems * Fixes for lint-deps * Remove unnecessary @ts-ignore * Fix inability to message your own contact after link * Add log message for the end of migration 20 * lint fix 2020-04-13 17:37:29 +00:00			`getPublicKey: () => Promise<ArrayBuffer>;`
			`}`