signal-desktop/ts/textsecure/CDSSocketManager.ts

// Copyright 2021 Signal Messenger, LLC
// SPDX-License-Identifier: AGPL-3.0-only

import ProxyAgent from 'proxy-agent';
import { HsmEnclaveClient } from '@signalapp/libsignal-client';
import type { connection as WebSocket } from 'websocket';

import * as Bytes from '../Bytes';
import type { AbortableProcess } from '../util/AbortableProcess';
import * as durations from '../util/durations';
import { getBasicAuth } from '../util/getBasicAuth';
import { sleep } from '../util/sleep';
import * as log from '../logging/log';
import { CDSSocket } from './CDSSocket';
import type {
  CDSAuthType,
  CDSRequestOptionsType,
  CDSSocketDictionaryType,
} from './CDSSocket';
import { connect as connectWebSocket } from './WebSocket';

export type CDSSocketManagerOptionsType = Readonly<{
  url: string;
  publicKey: string;
  codeHashes: ReadonlyArray<string>;
  certificateAuthority: string;
  proxyUrl?: string;
  version: string;
}>;

export type CDSResponseType = CDSSocketDictionaryType;

export class CDSSocketManager {
  private readonly publicKey: Buffer;

  private readonly codeHashes: Array<Buffer>;

  private readonly proxyAgent?: ReturnType<typeof ProxyAgent>;

  private retryAfter?: number;

  constructor(private readonly options: CDSSocketManagerOptionsType) {
    this.publicKey = Buffer.from(Bytes.fromHex(options.publicKey));
    this.codeHashes = options.codeHashes.map(hash =>
      Buffer.from(Bytes.fromHex(hash))
    );
    if (options.proxyUrl) {
      this.proxyAgent = new ProxyAgent(options.proxyUrl);
    }
  }

  public async request(
    options: CDSRequestOptionsType
  ): Promise<CDSResponseType> {
    if (this.retryAfter !== undefined) {
      const delay = Math.max(0, this.retryAfter - Date.now());

      log.info(`CDSSocketManager: waiting ${delay}ms before retrying`);
      await sleep(delay);
    }

    const { auth } = options;

    log.info('CDSSocketManager: connecting socket');
    const socket = await this.connect(auth).getResult();
    log.info('CDSSocketManager: connected socket');

    try {
      const { dictionary, retryAfterSecs = 0 } = await socket.request(options);

      if (retryAfterSecs > 0) {
        this.retryAfter = Math.max(
          this.retryAfter ?? Date.now(),
          Date.now() + retryAfterSecs * durations.SECOND
        );
      }

      return dictionary;
    } finally {
      log.info('CDSSocketManager: closing socket');
      socket.close(3000, 'Normal');
    }
  }

  private connect(auth: CDSAuthType): AbortableProcess<CDSSocket> {
    const enclaveClient = HsmEnclaveClient.new(this.publicKey, this.codeHashes);

    const { publicKey: publicKeyHex, codeHashes, version } = this.options;

    const url = `${
      this.options.url
    }/discovery/${publicKeyHex}/${codeHashes.join(',')}`;

    return connectWebSocket<CDSSocket>({
      name: 'CDSSocket',
      url,
      version,
      proxyAgent: this.proxyAgent,
      certificateAuthority: this.options.certificateAuthority,
      extraHeaders: {
        authorization: getBasicAuth(auth),
      },

      createResource: (socket: WebSocket): CDSSocket => {
        return new CDSSocket(socket, enclaveClient);
      },
    });
  }
}
WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`// Copyright 2021 Signal Messenger, LLC`
			`// SPDX-License-Identifier: AGPL-3.0-only`

			`import ProxyAgent from 'proxy-agent';`
Update for @signalapp/libsignal-client rename 2022-03-24 21:47:21 +00:00			`import { HsmEnclaveClient } from '@signalapp/libsignal-client';`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`import type { connection as WebSocket } from 'websocket';`

			`import * as Bytes from '../Bytes';`
			`import type { AbortableProcess } from '../util/AbortableProcess';`
Add v2 implementation of CDS HSM 2021-12-06 22:54:20 +00:00			`import * as durations from '../util/durations';`
Use new CDS implementation in staging 2022-03-09 19:28:40 +00:00			`import { getBasicAuth } from '../util/getBasicAuth';`
Add v2 implementation of CDS HSM 2021-12-06 22:54:20 +00:00			`import { sleep } from '../util/sleep';`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`import * as log from '../logging/log';`
			`import { CDSSocket } from './CDSSocket';`
Add v2 implementation of CDS HSM 2021-12-06 22:54:20 +00:00			`import type {`
Use new CDS implementation in staging 2022-03-09 19:28:40 +00:00			`CDSAuthType,`
Add v2 implementation of CDS HSM 2021-12-06 22:54:20 +00:00			`CDSRequestOptionsType,`
			`CDSSocketDictionaryType,`
			`} from './CDSSocket';`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`import { connect as connectWebSocket } from './WebSocket';`

			`export type CDSSocketManagerOptionsType = Readonly<{`
			`url: string;`
			`publicKey: string;`
Use new CDS implementation in staging 2022-03-09 19:28:40 +00:00			`codeHashes: ReadonlyArray<string>;`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`certificateAuthority: string;`
			`proxyUrl?: string;`
			`version: string;`
			`}>;`

Add v2 implementation of CDS HSM 2021-12-06 22:54:20 +00:00			`export type CDSResponseType = CDSSocketDictionaryType;`

WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`export class CDSSocketManager {`
Update for @signalapp/libsignal-client rename 2022-03-24 21:47:21 +00:00			`private readonly publicKey: Buffer;`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00
Use new CDS implementation in staging 2022-03-09 19:28:40 +00:00			`private readonly codeHashes: Array<Buffer>;`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00
			`private readonly proxyAgent?: ReturnType<typeof ProxyAgent>;`

Add v2 implementation of CDS HSM 2021-12-06 22:54:20 +00:00			`private retryAfter?: number;`

WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`constructor(private readonly options: CDSSocketManagerOptionsType) {`
Update for @signalapp/libsignal-client rename 2022-03-24 21:47:21 +00:00			`this.publicKey = Buffer.from(Bytes.fromHex(options.publicKey));`
Use new CDS implementation in staging 2022-03-09 19:28:40 +00:00			`this.codeHashes = options.codeHashes.map(hash =>`
			`Buffer.from(Bytes.fromHex(hash))`
			`);`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`if (options.proxyUrl) {`
			`this.proxyAgent = new ProxyAgent(options.proxyUrl);`
			`}`
			`}`

Additional protocol changes for CDS v2 2021-11-12 20:45:30 +00:00			`public async request(`
			`options: CDSRequestOptionsType`
Add v2 implementation of CDS HSM 2021-12-06 22:54:20 +00:00			`): Promise<CDSResponseType> {`
			`if (this.retryAfter !== undefined) {`
			`const delay = Math.max(0, this.retryAfter - Date.now());`

			log.info(`CDSSocketManager: waiting ${delay}ms before retrying`);
			`await sleep(delay);`
			`}`

Use new CDS implementation in staging 2022-03-09 19:28:40 +00:00			`const { auth } = options;`

WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`log.info('CDSSocketManager: connecting socket');`
Use new CDS implementation in staging 2022-03-09 19:28:40 +00:00			`const socket = await this.connect(auth).getResult();`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`log.info('CDSSocketManager: connected socket');`

			`try {`
Add v2 implementation of CDS HSM 2021-12-06 22:54:20 +00:00			`const { dictionary, retryAfterSecs = 0 } = await socket.request(options);`

			`if (retryAfterSecs > 0) {`
			`this.retryAfter = Math.max(`
			`this.retryAfter ?? Date.now(),`
			`Date.now() + retryAfterSecs * durations.SECOND`
			`);`
			`}`

			`return dictionary;`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`} finally {`
			`log.info('CDSSocketManager: closing socket');`
			`socket.close(3000, 'Normal');`
			`}`
			`}`

Use new CDS implementation in staging 2022-03-09 19:28:40 +00:00			`private connect(auth: CDSAuthType): AbortableProcess<CDSSocket> {`
			`const enclaveClient = HsmEnclaveClient.new(this.publicKey, this.codeHashes);`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00
Use new CDS implementation in staging 2022-03-09 19:28:40 +00:00			`const { publicKey: publicKeyHex, codeHashes, version } = this.options;`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00
Use new CDS implementation in staging 2022-03-09 19:28:40 +00:00			const url = `${
			`this.options.url`
			}/discovery/${publicKeyHex}/${codeHashes.join(',')}`;
WebSocket API for CDS 2021-11-08 23:32:31 +00:00
			`return connectWebSocket<CDSSocket>({`
Use human-readable names for websockets 2021-12-01 18:55:17 +00:00			`name: 'CDSSocket',`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00			`url,`
			`version,`
			`proxyAgent: this.proxyAgent,`
			`certificateAuthority: this.options.certificateAuthority,`
Use new CDS implementation in staging 2022-03-09 19:28:40 +00:00			`extraHeaders: {`
			`authorization: getBasicAuth(auth),`
			`},`
WebSocket API for CDS 2021-11-08 23:32:31 +00:00
			`createResource: (socket: WebSocket): CDSSocket => {`
			`return new CDSSocket(socket, enclaveClient);`
			`},`
			`});`
			`}`
			`}`