2023-01-03 19:55:46 +00:00
|
|
|
// Copyright 2020 Signal Messenger, LLC
|
2020-10-30 20:34:04 +00:00
|
|
|
// SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
2022-09-21 16:18:48 +00:00
|
|
|
import type { ProfileKeyCredentialRequestContext } from '@signalapp/libsignal-client/zkgroup';
|
2020-04-15 23:12:28 +00:00
|
|
|
import {
|
2022-07-08 20:46:25 +00:00
|
|
|
AuthCredentialWithPni,
|
2020-09-09 02:25:05 +00:00
|
|
|
ClientZkAuthOperations,
|
|
|
|
ClientZkGroupCipher,
|
2020-04-15 23:12:28 +00:00
|
|
|
ClientZkProfileOperations,
|
2020-09-09 02:25:05 +00:00
|
|
|
GroupMasterKey,
|
|
|
|
GroupSecretParams,
|
2020-04-15 23:12:28 +00:00
|
|
|
ProfileKey,
|
2020-09-09 02:25:05 +00:00
|
|
|
ProfileKeyCiphertext,
|
2022-07-08 20:46:25 +00:00
|
|
|
ExpiringProfileKeyCredential,
|
2020-09-09 02:25:05 +00:00
|
|
|
ProfileKeyCredentialPresentation,
|
2022-07-08 20:46:25 +00:00
|
|
|
ExpiringProfileKeyCredentialResponse,
|
2020-04-15 23:12:28 +00:00
|
|
|
ServerPublicParams,
|
2020-09-09 02:25:05 +00:00
|
|
|
UuidCiphertext,
|
2022-03-08 21:07:52 +00:00
|
|
|
NotarySignature,
|
2022-03-24 21:47:21 +00:00
|
|
|
} from '@signalapp/libsignal-client/zkgroup';
|
2023-08-16 20:54:39 +00:00
|
|
|
import { Aci, Pni, type ServiceId } from '@signalapp/libsignal-client';
|
|
|
|
import type { ServiceIdString, AciString, PniString } from '../types/ServiceId';
|
|
|
|
import {
|
|
|
|
toServiceIdObject,
|
|
|
|
fromServiceIdObject,
|
|
|
|
fromAciObject,
|
|
|
|
fromPniObject,
|
|
|
|
} from '../types/ServiceId';
|
|
|
|
import { strictAssert } from './assert';
|
2020-04-15 23:12:28 +00:00
|
|
|
|
2022-03-24 21:47:21 +00:00
|
|
|
export * from '@signalapp/libsignal-client/zkgroup';
|
2020-04-15 23:12:28 +00:00
|
|
|
|
2020-09-09 02:25:05 +00:00
|
|
|
// Scenarios
|
|
|
|
|
|
|
|
export function decryptGroupBlob(
|
|
|
|
clientZkGroupCipher: ClientZkGroupCipher,
|
2021-06-22 14:46:42 +00:00
|
|
|
ciphertext: Uint8Array
|
|
|
|
): Uint8Array {
|
2021-11-11 15:24:28 +00:00
|
|
|
return clientZkGroupCipher.decryptBlob(Buffer.from(ciphertext));
|
2020-09-09 02:25:05 +00:00
|
|
|
}
|
|
|
|
|
2022-07-08 20:46:25 +00:00
|
|
|
export function decodeProfileKeyCredentialPresentation(
|
2021-06-22 14:46:42 +00:00
|
|
|
presentationBuffer: Uint8Array
|
2022-07-08 20:46:25 +00:00
|
|
|
): { profileKey: Uint8Array; userId: Uint8Array } {
|
2020-09-09 02:25:05 +00:00
|
|
|
const presentation = new ProfileKeyCredentialPresentation(
|
2021-11-11 15:24:28 +00:00
|
|
|
Buffer.from(presentationBuffer)
|
2020-09-09 02:25:05 +00:00
|
|
|
);
|
|
|
|
|
2022-07-08 20:46:25 +00:00
|
|
|
const userId = presentation.getUuidCiphertext().serialize();
|
|
|
|
const profileKey = presentation.getProfileKeyCiphertext().serialize();
|
|
|
|
|
|
|
|
return {
|
|
|
|
profileKey,
|
|
|
|
userId,
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
2020-09-09 02:25:05 +00:00
|
|
|
export function decryptProfileKey(
|
|
|
|
clientZkGroupCipher: ClientZkGroupCipher,
|
2021-06-22 14:46:42 +00:00
|
|
|
profileKeyCiphertextBuffer: Uint8Array,
|
2023-08-10 16:43:33 +00:00
|
|
|
serviceId: ServiceIdString
|
2021-06-22 14:46:42 +00:00
|
|
|
): Uint8Array {
|
2020-09-09 02:25:05 +00:00
|
|
|
const profileKeyCiphertext = new ProfileKeyCiphertext(
|
2021-11-11 15:24:28 +00:00
|
|
|
Buffer.from(profileKeyCiphertextBuffer)
|
2020-09-09 02:25:05 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
const profileKey = clientZkGroupCipher.decryptProfileKey(
|
|
|
|
profileKeyCiphertext,
|
2023-08-16 20:54:39 +00:00
|
|
|
toServiceIdObject(serviceId)
|
2020-09-09 02:25:05 +00:00
|
|
|
);
|
|
|
|
|
2021-11-11 15:24:28 +00:00
|
|
|
return profileKey.serialize();
|
2020-09-09 02:25:05 +00:00
|
|
|
}
|
|
|
|
|
2023-08-16 20:54:39 +00:00
|
|
|
function decryptServiceIdObj(
|
2020-09-09 02:25:05 +00:00
|
|
|
clientZkGroupCipher: ClientZkGroupCipher,
|
2021-06-22 14:46:42 +00:00
|
|
|
uuidCiphertextBuffer: Uint8Array
|
2023-08-16 20:54:39 +00:00
|
|
|
): ServiceId {
|
2021-11-11 15:24:28 +00:00
|
|
|
const uuidCiphertext = new UuidCiphertext(Buffer.from(uuidCiphertextBuffer));
|
2020-09-09 02:25:05 +00:00
|
|
|
|
2023-08-16 20:54:39 +00:00
|
|
|
return clientZkGroupCipher.decryptServiceId(uuidCiphertext);
|
|
|
|
}
|
|
|
|
|
|
|
|
export function decryptServiceId(
|
|
|
|
clientZkGroupCipher: ClientZkGroupCipher,
|
|
|
|
uuidCiphertextBuffer: Uint8Array
|
|
|
|
): ServiceIdString {
|
|
|
|
return fromServiceIdObject(
|
|
|
|
decryptServiceIdObj(clientZkGroupCipher, uuidCiphertextBuffer)
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
export function decryptAci(
|
|
|
|
clientZkGroupCipher: ClientZkGroupCipher,
|
|
|
|
uuidCiphertextBuffer: Uint8Array
|
|
|
|
): AciString {
|
|
|
|
const obj = decryptServiceIdObj(clientZkGroupCipher, uuidCiphertextBuffer);
|
|
|
|
strictAssert(obj instanceof Aci, 'userId is not ACI');
|
|
|
|
return fromAciObject(obj);
|
|
|
|
}
|
|
|
|
|
|
|
|
export function decryptPni(
|
|
|
|
clientZkGroupCipher: ClientZkGroupCipher,
|
|
|
|
uuidCiphertextBuffer: Uint8Array
|
|
|
|
): PniString {
|
|
|
|
const obj = decryptServiceIdObj(clientZkGroupCipher, uuidCiphertextBuffer);
|
|
|
|
strictAssert(obj instanceof Pni, 'userId is not PNI');
|
|
|
|
return fromPniObject(obj);
|
2020-09-09 02:25:05 +00:00
|
|
|
}
|
|
|
|
|
2020-04-15 23:12:28 +00:00
|
|
|
export function deriveProfileKeyVersion(
|
|
|
|
profileKeyBase64: string,
|
2023-08-10 16:43:33 +00:00
|
|
|
serviceId: ServiceIdString
|
2020-09-14 21:56:35 +00:00
|
|
|
): string {
|
2021-11-11 15:24:28 +00:00
|
|
|
const profileKeyArray = Buffer.from(profileKeyBase64, 'base64');
|
2020-04-15 23:12:28 +00:00
|
|
|
const profileKey = new ProfileKey(profileKeyArray);
|
|
|
|
|
2023-08-16 20:54:39 +00:00
|
|
|
const profileKeyVersion = profileKey.getProfileKeyVersion(
|
|
|
|
toServiceIdObject(serviceId)
|
|
|
|
);
|
2020-04-15 23:12:28 +00:00
|
|
|
|
|
|
|
return profileKeyVersion.toString();
|
|
|
|
}
|
|
|
|
|
2020-09-14 21:56:35 +00:00
|
|
|
export function deriveGroupPublicParams(
|
2021-06-22 14:46:42 +00:00
|
|
|
groupSecretParamsBuffer: Uint8Array
|
|
|
|
): Uint8Array {
|
2020-09-09 02:25:05 +00:00
|
|
|
const groupSecretParams = new GroupSecretParams(
|
2021-11-11 15:24:28 +00:00
|
|
|
Buffer.from(groupSecretParamsBuffer)
|
2020-09-09 02:25:05 +00:00
|
|
|
);
|
2020-04-15 23:12:28 +00:00
|
|
|
|
2021-11-11 15:24:28 +00:00
|
|
|
return groupSecretParams.getPublicParams().serialize();
|
2020-09-09 02:25:05 +00:00
|
|
|
}
|
|
|
|
|
2021-06-22 14:46:42 +00:00
|
|
|
export function deriveGroupID(groupSecretParamsBuffer: Uint8Array): Uint8Array {
|
2020-09-09 02:25:05 +00:00
|
|
|
const groupSecretParams = new GroupSecretParams(
|
2021-11-11 15:24:28 +00:00
|
|
|
Buffer.from(groupSecretParamsBuffer)
|
2020-09-09 02:25:05 +00:00
|
|
|
);
|
|
|
|
|
2021-11-11 15:24:28 +00:00
|
|
|
return groupSecretParams.getPublicParams().getGroupIdentifier().serialize();
|
2020-09-09 02:25:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
export function deriveGroupSecretParams(
|
2021-06-22 14:46:42 +00:00
|
|
|
masterKeyBuffer: Uint8Array
|
|
|
|
): Uint8Array {
|
2021-11-11 15:24:28 +00:00
|
|
|
const masterKey = new GroupMasterKey(Buffer.from(masterKeyBuffer));
|
2020-09-09 02:25:05 +00:00
|
|
|
const groupSecretParams = GroupSecretParams.deriveFromMasterKey(masterKey);
|
|
|
|
|
2021-11-11 15:24:28 +00:00
|
|
|
return groupSecretParams.serialize();
|
2020-09-09 02:25:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
export function encryptGroupBlob(
|
|
|
|
clientZkGroupCipher: ClientZkGroupCipher,
|
2021-06-22 14:46:42 +00:00
|
|
|
plaintext: Uint8Array
|
|
|
|
): Uint8Array {
|
2021-11-11 15:24:28 +00:00
|
|
|
return clientZkGroupCipher.encryptBlob(Buffer.from(plaintext));
|
2020-09-09 02:25:05 +00:00
|
|
|
}
|
|
|
|
|
2023-08-10 16:43:33 +00:00
|
|
|
export function encryptServiceId(
|
2020-09-09 02:25:05 +00:00
|
|
|
clientZkGroupCipher: ClientZkGroupCipher,
|
2023-08-10 16:43:33 +00:00
|
|
|
serviceIdPlaintext: ServiceIdString
|
2021-06-22 14:46:42 +00:00
|
|
|
): Uint8Array {
|
2023-08-16 20:54:39 +00:00
|
|
|
const uuidCiphertext = clientZkGroupCipher.encryptServiceId(
|
|
|
|
toServiceIdObject(serviceIdPlaintext)
|
|
|
|
);
|
2020-09-09 02:25:05 +00:00
|
|
|
|
2021-11-11 15:24:28 +00:00
|
|
|
return uuidCiphertext.serialize();
|
2020-04-15 23:12:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
export function generateProfileKeyCredentialRequest(
|
|
|
|
clientZkProfileCipher: ClientZkProfileOperations,
|
2023-08-10 16:43:33 +00:00
|
|
|
serviceId: ServiceIdString,
|
2020-04-15 23:12:28 +00:00
|
|
|
profileKeyBase64: string
|
|
|
|
): { context: ProfileKeyCredentialRequestContext; requestHex: string } {
|
2021-11-11 15:24:28 +00:00
|
|
|
const profileKeyArray = Buffer.from(profileKeyBase64, 'base64');
|
2020-04-15 23:12:28 +00:00
|
|
|
const profileKey = new ProfileKey(profileKeyArray);
|
|
|
|
|
2021-11-11 22:43:05 +00:00
|
|
|
const context =
|
|
|
|
clientZkProfileCipher.createProfileKeyCredentialRequestContext(
|
2023-08-16 20:54:39 +00:00
|
|
|
toServiceIdObject(serviceId),
|
2021-11-11 22:43:05 +00:00
|
|
|
profileKey
|
|
|
|
);
|
2020-04-15 23:12:28 +00:00
|
|
|
const request = context.getRequest();
|
|
|
|
const requestArray = request.serialize();
|
|
|
|
|
|
|
|
return {
|
|
|
|
context,
|
2021-11-11 15:24:28 +00:00
|
|
|
requestHex: requestArray.toString('hex'),
|
2020-04-15 23:12:28 +00:00
|
|
|
};
|
|
|
|
}
|
|
|
|
|
2020-09-09 02:25:05 +00:00
|
|
|
export function getAuthCredentialPresentation(
|
|
|
|
clientZkAuthOperations: ClientZkAuthOperations,
|
|
|
|
authCredentialBase64: string,
|
|
|
|
groupSecretParamsBase64: string
|
2021-06-22 14:46:42 +00:00
|
|
|
): Uint8Array {
|
2022-07-08 20:46:25 +00:00
|
|
|
const authCredential = new AuthCredentialWithPni(
|
2021-11-11 15:24:28 +00:00
|
|
|
Buffer.from(authCredentialBase64, 'base64')
|
2020-09-09 02:25:05 +00:00
|
|
|
);
|
|
|
|
const secretParams = new GroupSecretParams(
|
2021-11-11 15:24:28 +00:00
|
|
|
Buffer.from(groupSecretParamsBase64, 'base64')
|
2020-09-09 02:25:05 +00:00
|
|
|
);
|
|
|
|
|
2022-07-08 20:46:25 +00:00
|
|
|
const presentation =
|
|
|
|
clientZkAuthOperations.createAuthCredentialWithPniPresentation(
|
|
|
|
secretParams,
|
|
|
|
authCredential
|
|
|
|
);
|
2021-11-11 15:24:28 +00:00
|
|
|
return presentation.serialize();
|
2020-09-09 02:25:05 +00:00
|
|
|
}
|
|
|
|
|
2020-10-06 17:06:34 +00:00
|
|
|
export function createProfileKeyCredentialPresentation(
|
|
|
|
clientZkProfileCipher: ClientZkProfileOperations,
|
|
|
|
profileKeyCredentialBase64: string,
|
|
|
|
groupSecretParamsBase64: string
|
2021-06-22 14:46:42 +00:00
|
|
|
): Uint8Array {
|
2021-11-11 15:24:28 +00:00
|
|
|
const profileKeyCredentialArray = Buffer.from(
|
|
|
|
profileKeyCredentialBase64,
|
|
|
|
'base64'
|
2020-10-06 17:06:34 +00:00
|
|
|
);
|
2022-07-08 20:46:25 +00:00
|
|
|
const profileKeyCredential = new ExpiringProfileKeyCredential(
|
2020-10-06 17:06:34 +00:00
|
|
|
profileKeyCredentialArray
|
|
|
|
);
|
|
|
|
const secretParams = new GroupSecretParams(
|
2021-11-11 15:24:28 +00:00
|
|
|
Buffer.from(groupSecretParamsBase64, 'base64')
|
2020-10-06 17:06:34 +00:00
|
|
|
);
|
|
|
|
|
2021-11-11 22:43:05 +00:00
|
|
|
const presentation =
|
2022-07-08 20:46:25 +00:00
|
|
|
clientZkProfileCipher.createExpiringProfileKeyCredentialPresentation(
|
2021-11-11 22:43:05 +00:00
|
|
|
secretParams,
|
|
|
|
profileKeyCredential
|
|
|
|
);
|
2020-10-06 17:06:34 +00:00
|
|
|
|
2021-11-11 15:24:28 +00:00
|
|
|
return presentation.serialize();
|
2020-10-06 17:06:34 +00:00
|
|
|
}
|
|
|
|
|
2020-09-09 02:25:05 +00:00
|
|
|
export function getClientZkAuthOperations(
|
|
|
|
serverPublicParamsBase64: string
|
|
|
|
): ClientZkAuthOperations {
|
|
|
|
const serverPublicParams = new ServerPublicParams(
|
2021-11-11 15:24:28 +00:00
|
|
|
Buffer.from(serverPublicParamsBase64, 'base64')
|
2020-09-09 02:25:05 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
return new ClientZkAuthOperations(serverPublicParams);
|
|
|
|
}
|
|
|
|
|
|
|
|
export function getClientZkGroupCipher(
|
|
|
|
groupSecretParamsBase64: string
|
|
|
|
): ClientZkGroupCipher {
|
|
|
|
const serverPublicParams = new GroupSecretParams(
|
2021-11-11 15:24:28 +00:00
|
|
|
Buffer.from(groupSecretParamsBase64, 'base64')
|
2020-09-09 02:25:05 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
return new ClientZkGroupCipher(serverPublicParams);
|
|
|
|
}
|
|
|
|
|
|
|
|
export function getClientZkProfileOperations(
|
|
|
|
serverPublicParamsBase64: string
|
|
|
|
): ClientZkProfileOperations {
|
|
|
|
const serverPublicParams = new ServerPublicParams(
|
2021-11-11 15:24:28 +00:00
|
|
|
Buffer.from(serverPublicParamsBase64, 'base64')
|
2020-09-09 02:25:05 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
return new ClientZkProfileOperations(serverPublicParams);
|
|
|
|
}
|
|
|
|
|
2020-04-15 23:12:28 +00:00
|
|
|
export function handleProfileKeyCredential(
|
|
|
|
clientZkProfileCipher: ClientZkProfileOperations,
|
|
|
|
context: ProfileKeyCredentialRequestContext,
|
|
|
|
responseBase64: string
|
2022-07-08 20:46:25 +00:00
|
|
|
): { credential: string; expiration: number } {
|
|
|
|
const response = new ExpiringProfileKeyCredentialResponse(
|
2021-11-11 15:24:28 +00:00
|
|
|
Buffer.from(responseBase64, 'base64')
|
2020-09-09 02:25:05 +00:00
|
|
|
);
|
2021-11-11 22:43:05 +00:00
|
|
|
const profileKeyCredential =
|
2022-07-08 20:46:25 +00:00
|
|
|
clientZkProfileCipher.receiveExpiringProfileKeyCredential(
|
|
|
|
context,
|
|
|
|
response
|
|
|
|
);
|
2020-04-15 23:12:28 +00:00
|
|
|
|
|
|
|
const credentialArray = profileKeyCredential.serialize();
|
|
|
|
|
2022-07-08 20:46:25 +00:00
|
|
|
return {
|
|
|
|
credential: credentialArray.toString('base64'),
|
|
|
|
expiration: profileKeyCredential.getExpirationTime().getTime(),
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
2021-07-19 19:26:06 +00:00
|
|
|
export function deriveProfileKeyCommitment(
|
|
|
|
profileKeyBase64: string,
|
2023-08-10 16:43:33 +00:00
|
|
|
serviceId: ServiceIdString
|
2021-07-19 19:26:06 +00:00
|
|
|
): string {
|
2021-11-11 15:24:28 +00:00
|
|
|
const profileKeyArray = Buffer.from(profileKeyBase64, 'base64');
|
2021-07-19 19:26:06 +00:00
|
|
|
const profileKey = new ProfileKey(profileKeyArray);
|
|
|
|
|
2023-08-16 20:54:39 +00:00
|
|
|
return profileKey
|
|
|
|
.getCommitment(toServiceIdObject(serviceId))
|
|
|
|
.contents.toString('base64');
|
2021-07-19 19:26:06 +00:00
|
|
|
}
|
2022-03-08 21:07:52 +00:00
|
|
|
|
|
|
|
export function verifyNotarySignature(
|
|
|
|
serverPublicParamsBase64: string,
|
|
|
|
message: Uint8Array,
|
|
|
|
signature: Uint8Array
|
|
|
|
): void {
|
|
|
|
const serverPublicParams = new ServerPublicParams(
|
|
|
|
Buffer.from(serverPublicParamsBase64, 'base64')
|
|
|
|
);
|
|
|
|
|
|
|
|
const notarySignature = new NotarySignature(Buffer.from(signature));
|
|
|
|
|
|
|
|
serverPublicParams.verifySignature(Buffer.from(message), notarySignature);
|
|
|
|
}
|