Support for web socket communication with no signaling key

2019-01-11 08:53:35 -08:00 · 2019-01-11 08:53:35 -08:00 · 43e5d16020
commit 43e5d16020
parent 00755072ee
7 changed files with 66 additions and 25 deletions
--- a/libtextsecure/account_manager.js
+++ b/libtextsecure/account_manager.js
@ -99,6 +99,12 @@
    async deviceNameIsEncrypted() {
      await textsecure.storage.user.setDeviceNameEncrypted();
    },
+    async maybeDeleteSignalingKey() {
+      const key = await textsecure.storage.user.getSignalingKey();
+      if (key) {
+        await this.server.removeSignalingKey();
+      }
+    },
    registerSingleDevice(number, verificationCode) {
      const registerKeys = this.server.registerKeys.bind(this.server);
      const createAccount = this.createAccount.bind(this);
@ -400,7 +406,6 @@
      options = {}
    ) {
      const { accessKey } = options;
-      const signalingKey = libsignal.crypto.getRandomBytes(32 + 20);
      let password = btoa(getString(libsignal.crypto.getRandomBytes(16)));
      password = password.substring(0, password.length - 2);
      const registrationId = libsignal.KeyHelper.generateRegistrationId();
@ -417,7 +422,6 @@
        number,
        verificationCode,
        password,
-        signalingKey,
        registrationId,
        encryptedDeviceName,
        { accessKey }
@ -441,7 +445,6 @@

      await Promise.all([
        textsecure.storage.remove('identityKey'),
-        textsecure.storage.remove('signaling_key'),
        textsecure.storage.remove('password'),
        textsecure.storage.remove('registrationId'),
        textsecure.storage.remove('number_id'),
@ -464,7 +467,6 @@
      });

      await textsecure.storage.put('identityKey', identityKeyPair);
-      await textsecure.storage.put('signaling_key', signalingKey);
      await textsecure.storage.put('password', password);
      await textsecure.storage.put('registrationId', registrationId);
      if (profileKey) {
--- a/libtextsecure/message_receiver.js
+++ b/libtextsecure/message_receiver.js
@ -274,8 +274,18 @@ MessageReceiver.prototype.extend({
      return;
    }

-    const promise = textsecure.crypto
-      .decryptWebsocketMessage(request.body, this.signalingKey)
+    let promise;
+    const headers = request.headers || [];
+    if (headers.includes('X-Signal-Key: true')) {
+      promise = textsecure.crypto.decryptWebsocketMessage(
+        request.body,
+        this.signalingKey
+      );
+    } else {
+      promise = Promise.resolve(request.body.toArrayBuffer());
+    }
+
+    promise = promise
      .then(plaintext => {
        const envelope = textsecure.protobuf.Envelope.decode(plaintext);
        // After this point, decoding errors are not the server's
--- a/libtextsecure/storage/user.js
+++ b/libtextsecure/storage/user.js
@ -39,5 +39,9 @@
    getDeviceNameEncrypted() {
      return textsecure.storage.get('deviceNameEncrypted');
    },
+
+    getSignalingKey() {
+      return textsecure.storage.get('signaling_key');
+    },
  };
 })();
--- a/libtextsecure/websocket-resources.js
+++ b/libtextsecure/websocket-resources.js
@ -27,6 +27,7 @@
  const Request = function Request(options) {
    this.verb = options.verb || options.type;
    this.path = options.path || options.url;
+    this.headers = options.headers;
    this.body = options.body || options.data;
    this.success = options.success;
    this.error = options.error;
@ -50,6 +51,7 @@
    this.verb = request.verb;
    this.path = request.path;
    this.body = request.body;
+    this.headers = request.headers;

    this.respond = (status, message) => {
      socket.send(
@ -77,6 +79,7 @@
          verb: request.verb,
          path: request.path,
          body: request.body,
+          headers: request.headers,
          id: request.id,
        },
      })
@ -105,6 +108,7 @@
              verb: message.request.verb,
              path: message.request.path,
              body: message.request.body,
+              headers: message.request.headers,
              id: message.request.id,
              socket,
            })