Unlink on PNI identity key mismatch

2023-08-17 02:29:39 +02:00 · 2023-08-17 02:29:39 +02:00 · 58aec8b1a3
commit 58aec8b1a3
parent ef0a3de636
3 changed files with 191 additions and 0 deletions
--- a/ts/util/checkOurPniIdentityKey.ts
+++ b/ts/util/checkOurPniIdentityKey.ts
@ -0,0 +1,30 @@
+// Copyright 2023 Signal Messenger, LLC
+// SPDX-License-Identifier: AGPL-3.0-only
+
+import * as log from '../logging/log';
+import { constantTimeEqual } from '../Crypto';
+import { strictAssert } from './assert';
+
+export async function checkOurPniIdentityKey(): Promise<void> {
+  const { server } = window.textsecure;
+  strictAssert(server, 'WebAPI not ready');
+
+  const ourPni = window.storage.user.getCheckedPni();
+  const localKeyPair = await window.storage.protocol.getIdentityKeyPair(ourPni);
+  if (!localKeyPair) {
+    log.warn(
+      `checkOurPniIdentityKey: no local key pair for ${ourPni}, unlinking`
+    );
+    window.Whisper.events.trigger('unlinkAndDisconnect');
+    return;
+  }
+
+  const { identityKey: remoteKey } = await server.getKeysForServiceId(ourPni);
+
+  if (!constantTimeEqual(localKeyPair.pubKey, remoteKey)) {
+    log.warn(
+      `checkOurPniIdentityKey: local/remote key mismatch for ${ourPni}, unlinking`
+    );
+    window.Whisper.events.trigger('unlinkAndDisconnect');
+  }
+}