signal-desktop/libtextsecure/ProvisioningCipher.js

(function() {
'use strict';

function ProvisioningCipher() {}

ProvisioningCipher.prototype = {
    decrypt: function(provisionEnvelope) {
        var masterEphemeral = provisionEnvelope.publicKey.toArrayBuffer();
        var message = provisionEnvelope.body.toArrayBuffer();
        if (new Uint8Array(message)[0] != 1) {
            throw new Error("Bad version number on ProvisioningMessage");
        }

        var iv = message.slice(1, 16 + 1);
        var mac = message.slice(message.byteLength - 32, message.byteLength);
        var ivAndCiphertext = message.slice(0, message.byteLength - 32);
        var ciphertext = message.slice(16 + 1, message.byteLength - 32);

        return libsignal.Curve.async.calculateAgreement(
            masterEphemeral, this.keyPair.privKey
        ).then(function(ecRes) {
            return libsignal.HKDF.deriveSecrets(
                ecRes, new ArrayBuffer(32), "TextSecure Provisioning Message"
            );
        }).then(function(keys) {
            return libsignal.crypto.verifyMAC(ivAndCiphertext, keys[1], mac, 32).then(function() {
                return libsignal.crypto.decrypt(keys[0], ciphertext, iv);
            });
        }).then(function(plaintext) {
            var provisionMessage = textsecure.protobuf.ProvisionMessage.decode(plaintext);
            var privKey = provisionMessage.identityKeyPrivate.toArrayBuffer();

            return libsignal.Curve.async.createKeyPair(privKey).then(function(keyPair) {
                return {
                    identityKeyPair  : keyPair,
                    number           : provisionMessage.number,
                    provisioningCode : provisionMessage.provisioningCode,
                    userAgent        : provisionMessage.userAgent
                };
            });
        });
    },
    getPublicKey: function() {
      return Promise.resolve().then(function() {
          if (!this.keyPair) {
              return libsignal.Curve.async.generateKeyPair().then(function(keyPair) {
                  this.keyPair = keyPair;
              }.bind(this));
          }
      }.bind(this)).then(function() {
          return this.keyPair.pubKey;
      }.bind(this));
    }
};

libsignal.ProvisioningCipher = function() {
    var cipher = new ProvisioningCipher();

    this.decrypt      = cipher.decrypt.bind(cipher);
    this.getPublicKey = cipher.getPublicKey.bind(cipher);
};

})();
Update libsignal-protocol v0.9.0 * Exposes crypto APIs. * Move worker methods to libsigna.worker. * Move ProvisioningCipher to libtextsecure. 2016-05-01 22:31:44 -07:00			`(function() {`
			`'use strict';`

			`function ProvisioningCipher() {}`

			`ProvisioningCipher.prototype = {`
			`decrypt: function(provisionEnvelope) {`
			`var masterEphemeral = provisionEnvelope.publicKey.toArrayBuffer();`
			`var message = provisionEnvelope.body.toArrayBuffer();`
			`if (new Uint8Array(message)[0] != 1) {`
			`throw new Error("Bad version number on ProvisioningMessage");`
			`}`

			`var iv = message.slice(1, 16 + 1);`
			`var mac = message.slice(message.byteLength - 32, message.byteLength);`
			`var ivAndCiphertext = message.slice(0, message.byteLength - 32);`
			`var ciphertext = message.slice(16 + 1, message.byteLength - 32);`

Update libsignal-protocol v0.13.0 * libsignal.Curve is now a synchronous interface. * libsignal.Curve.async is now the asynchronous interface. * Fixes bugs in session management. // FREEBIE 2016-05-18 12:45:33 -07:00			`return libsignal.Curve.async.calculateAgreement(`
Update libsignal-protocol v0.9.0 * Exposes crypto APIs. * Move worker methods to libsigna.worker. * Move ProvisioningCipher to libtextsecure. 2016-05-01 22:31:44 -07:00			`masterEphemeral, this.keyPair.privKey`
			`).then(function(ecRes) {`
			`return libsignal.HKDF.deriveSecrets(`
			`ecRes, new ArrayBuffer(32), "TextSecure Provisioning Message"`
			`);`
			`}).then(function(keys) {`
			`return libsignal.crypto.verifyMAC(ivAndCiphertext, keys[1], mac, 32).then(function() {`
			`return libsignal.crypto.decrypt(keys[0], ciphertext, iv);`
			`});`
			`}).then(function(plaintext) {`
			`var provisionMessage = textsecure.protobuf.ProvisionMessage.decode(plaintext);`
			`var privKey = provisionMessage.identityKeyPrivate.toArrayBuffer();`

Update libsignal-protocol v0.13.0 * libsignal.Curve is now a synchronous interface. * libsignal.Curve.async is now the asynchronous interface. * Fixes bugs in session management. // FREEBIE 2016-05-18 12:45:33 -07:00			`return libsignal.Curve.async.createKeyPair(privKey).then(function(keyPair) {`
Update libsignal-protocol v0.9.0 * Exposes crypto APIs. * Move worker methods to libsigna.worker. * Move ProvisioningCipher to libtextsecure. 2016-05-01 22:31:44 -07:00			`return {`
			`identityKeyPair : keyPair,`
			`number : provisionMessage.number,`
Set theme based on master device userAgent // FREEBIE 2016-09-12 12:09:56 -07:00			`provisioningCode : provisionMessage.provisioningCode,`
			`userAgent : provisionMessage.userAgent`
Update libsignal-protocol v0.9.0 * Exposes crypto APIs. * Move worker methods to libsigna.worker. * Move ProvisioningCipher to libtextsecure. 2016-05-01 22:31:44 -07:00			`};`
			`});`
			`});`
			`},`
			`getPublicKey: function() {`
			`return Promise.resolve().then(function() {`
			`if (!this.keyPair) {`
Update libsignal-protocol v0.13.0 * libsignal.Curve is now a synchronous interface. * libsignal.Curve.async is now the asynchronous interface. * Fixes bugs in session management. // FREEBIE 2016-05-18 12:45:33 -07:00			`return libsignal.Curve.async.generateKeyPair().then(function(keyPair) {`
Update libsignal-protocol v0.9.0 * Exposes crypto APIs. * Move worker methods to libsigna.worker. * Move ProvisioningCipher to libtextsecure. 2016-05-01 22:31:44 -07:00			`this.keyPair = keyPair;`
			`}.bind(this));`
			`}`
			`}.bind(this)).then(function() {`
			`return this.keyPair.pubKey;`
			`}.bind(this));`
			`}`
			`};`

			`libsignal.ProvisioningCipher = function() {`
			`var cipher = new ProvisioningCipher();`

			`this.decrypt = cipher.decrypt.bind(cipher);`
			`this.getPublicKey = cipher.getPublicKey.bind(cipher);`
			`};`

			`})();`