Drop support for signaling key
This commit is contained in:
Fedor Indutny
GitHub
parent
31989a7706
commit
886e8966ff
9 changed files with 5 additions and 85 deletions
|
|
@ -2050,10 +2050,6 @@ export async function startApp(): Promise<void> {
|
||||||
const OLD_USERNAME = window.storage.get('number_id', '');
|
const OLD_USERNAME = window.storage.get('number_id', '');
|
||||||
const USERNAME = window.storage.get('uuid_id', '');
|
const USERNAME = window.storage.get('uuid_id', '');
|
||||||
const PASSWORD = window.storage.get('password', '');
|
const PASSWORD = window.storage.get('password', '');
|
||||||
const mySignalingKey = window.storage.get(
|
|
||||||
'signaling_key',
|
|
||||||
new ArrayBuffer(0)
|
|
||||||
);
|
|
||||||
|
|
||||||
window.textsecure.messaging = new window.textsecure.MessageSender(
|
window.textsecure.messaging = new window.textsecure.MessageSender(
|
||||||
USERNAME || OLD_USERNAME,
|
USERNAME || OLD_USERNAME,
|
||||||
|
|
@ -2113,7 +2109,6 @@ export async function startApp(): Promise<void> {
|
||||||
OLD_USERNAME,
|
OLD_USERNAME,
|
||||||
USERNAME,
|
USERNAME,
|
||||||
PASSWORD,
|
PASSWORD,
|
||||||
mySignalingKey,
|
|
||||||
messageReceiverOptions
|
messageReceiverOptions
|
||||||
);
|
);
|
||||||
window.textsecure.messageReceiver = messageReceiver;
|
window.textsecure.messageReceiver = messageReceiver;
|
||||||
|
|
@ -2257,7 +2252,7 @@ export async function startApp(): Promise<void> {
|
||||||
const manager = window.getAccountManager()!;
|
const manager = window.getAccountManager()!;
|
||||||
await Promise.all([
|
await Promise.all([
|
||||||
manager.maybeUpdateDeviceName(),
|
manager.maybeUpdateDeviceName(),
|
||||||
manager.maybeDeleteSignalingKey(),
|
window.textsecure.storage.user.removeSignalingKey(),
|
||||||
]);
|
]);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
window.log.error(
|
window.log.error(
|
||||||
|
|
|
||||||
|
|
@ -720,7 +720,6 @@ const ITEM_KEYS: Partial<Record<ItemKeyType, Array<string>>> = {
|
||||||
identityKey: ['value.pubKey', 'value.privKey'],
|
identityKey: ['value.pubKey', 'value.privKey'],
|
||||||
senderCertificate: ['value.serialized'],
|
senderCertificate: ['value.serialized'],
|
||||||
senderCertificateNoE164: ['value.serialized'],
|
senderCertificateNoE164: ['value.serialized'],
|
||||||
signaling_key: ['value'],
|
|
||||||
profileKey: ['value'],
|
profileKey: ['value'],
|
||||||
};
|
};
|
||||||
async function createOrUpdateItem<K extends ItemKeyType>(data: ItemType<K>) {
|
async function createOrUpdateItem<K extends ItemKeyType>(data: ItemType<K>) {
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,6 @@ describe('MessageReceiver', () => {
|
||||||
const number = '+19999999999';
|
const number = '+19999999999';
|
||||||
const uuid = 'aaaaaaaa-bbbb-4ccc-9ddd-eeeeeeeeeeee';
|
const uuid = 'aaaaaaaa-bbbb-4ccc-9ddd-eeeeeeeeeeee';
|
||||||
const deviceId = 1;
|
const deviceId = 1;
|
||||||
const signalingKey = Crypto.getRandomBytes(32 + 20);
|
|
||||||
|
|
||||||
describe('connecting', () => {
|
describe('connecting', () => {
|
||||||
it('generates decryption-error event when it cannot decrypt', done => {
|
it('generates decryption-error event when it cannot decrypt', done => {
|
||||||
|
|
@ -37,7 +36,6 @@ describe('MessageReceiver', () => {
|
||||||
'oldUsername.2',
|
'oldUsername.2',
|
||||||
'username.2',
|
'username.2',
|
||||||
'password',
|
'password',
|
||||||
signalingKey,
|
|
||||||
{
|
{
|
||||||
serverTrustRoot: 'AAAAAAAA',
|
serverTrustRoot: 'AAAAAAAA',
|
||||||
socket: socket as WebSocket,
|
socket: socket as WebSocket,
|
||||||
|
|
|
||||||
|
|
@ -158,13 +158,6 @@ export default class AccountManager extends EventTarget {
|
||||||
await window.textsecure.storage.user.setDeviceNameEncrypted();
|
await window.textsecure.storage.user.setDeviceNameEncrypted();
|
||||||
}
|
}
|
||||||
|
|
||||||
async maybeDeleteSignalingKey() {
|
|
||||||
const key = window.textsecure.storage.user.getSignalingKey();
|
|
||||||
if (key) {
|
|
||||||
await this.server.removeSignalingKey();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
async registerSingleDevice(number: string, verificationCode: string) {
|
async registerSingleDevice(number: string, verificationCode: string) {
|
||||||
return this.queueTask(async () => {
|
return this.queueTask(async () => {
|
||||||
const identityKeyPair = generateKeyPair();
|
const identityKeyPair = generateKeyPair();
|
||||||
|
|
|
||||||
|
|
@ -151,45 +151,6 @@ async function verifyDigest(
|
||||||
}
|
}
|
||||||
|
|
||||||
const Crypto = {
|
const Crypto = {
|
||||||
// Decrypts message into a raw string
|
|
||||||
async decryptWebsocketMessage(
|
|
||||||
decodedMessage: ArrayBuffer,
|
|
||||||
signalingKey: ArrayBuffer
|
|
||||||
): Promise<ArrayBuffer> {
|
|
||||||
if (signalingKey.byteLength !== 52) {
|
|
||||||
throw new Error('Got invalid length signalingKey');
|
|
||||||
}
|
|
||||||
if (decodedMessage.byteLength < 1 + 16 + 10) {
|
|
||||||
throw new Error('Got invalid length message');
|
|
||||||
}
|
|
||||||
if (new Uint8Array(decodedMessage)[0] !== 1) {
|
|
||||||
throw new Error(
|
|
||||||
`Got bad version number: ${new Uint8Array(decodedMessage)[0]}`
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
const aesKey = signalingKey.slice(0, 32);
|
|
||||||
const macKey = signalingKey.slice(32, 32 + 20);
|
|
||||||
|
|
||||||
const iv = decodedMessage.slice(1, 1 + 16);
|
|
||||||
const ciphertext = decodedMessage.slice(
|
|
||||||
1 + 16,
|
|
||||||
decodedMessage.byteLength - 10
|
|
||||||
);
|
|
||||||
const ivAndCiphertext = decodedMessage.slice(
|
|
||||||
0,
|
|
||||||
decodedMessage.byteLength - 10
|
|
||||||
);
|
|
||||||
const mac = decodedMessage.slice(
|
|
||||||
decodedMessage.byteLength - 10,
|
|
||||||
decodedMessage.byteLength
|
|
||||||
);
|
|
||||||
|
|
||||||
await verifyHmacSha256(ivAndCiphertext, macKey, mac, 10);
|
|
||||||
|
|
||||||
return decryptAes256CbcPkcsPadding(aesKey, ciphertext, iv);
|
|
||||||
},
|
|
||||||
|
|
||||||
async decryptAttachment(
|
async decryptAttachment(
|
||||||
encryptedBin: ArrayBuffer,
|
encryptedBin: ArrayBuffer,
|
||||||
keys: ArrayBuffer,
|
keys: ArrayBuffer,
|
||||||
|
|
|
||||||
|
|
@ -198,8 +198,6 @@ class MessageReceiverInner extends EventTarget {
|
||||||
|
|
||||||
serverTrustRoot: Uint8Array;
|
serverTrustRoot: Uint8Array;
|
||||||
|
|
||||||
signalingKey: ArrayBuffer;
|
|
||||||
|
|
||||||
socket?: WebSocket;
|
socket?: WebSocket;
|
||||||
|
|
||||||
socketStatus = SocketStatus.CLOSED;
|
socketStatus = SocketStatus.CLOSED;
|
||||||
|
|
@ -220,7 +218,6 @@ class MessageReceiverInner extends EventTarget {
|
||||||
oldUsername: string,
|
oldUsername: string,
|
||||||
username: string,
|
username: string,
|
||||||
password: string,
|
password: string,
|
||||||
signalingKey: ArrayBuffer,
|
|
||||||
options: {
|
options: {
|
||||||
serverTrustRoot: string;
|
serverTrustRoot: string;
|
||||||
}
|
}
|
||||||
|
|
@ -230,7 +227,6 @@ class MessageReceiverInner extends EventTarget {
|
||||||
this.count = 0;
|
this.count = 0;
|
||||||
this.processedCount = 0;
|
this.processedCount = 0;
|
||||||
|
|
||||||
this.signalingKey = signalingKey;
|
|
||||||
this.username = oldUsername;
|
this.username = oldUsername;
|
||||||
this.uuid = username;
|
this.uuid = username;
|
||||||
this.password = password;
|
this.password = password;
|
||||||
|
|
@ -479,7 +475,6 @@ class MessageReceiverInner extends EventTarget {
|
||||||
}
|
}
|
||||||
|
|
||||||
const job = async () => {
|
const job = async () => {
|
||||||
let plaintext: Uint8Array;
|
|
||||||
const headers = request.headers || [];
|
const headers = request.headers || [];
|
||||||
|
|
||||||
if (!request.body) {
|
if (!request.body) {
|
||||||
|
|
@ -488,16 +483,7 @@ class MessageReceiverInner extends EventTarget {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (headers.includes('X-Signal-Key: true')) {
|
const plaintext = request.body;
|
||||||
plaintext = new FIXMEU8(
|
|
||||||
await Crypto.decryptWebsocketMessage(
|
|
||||||
typedArrayToArrayBuffer(request.body),
|
|
||||||
this.signalingKey
|
|
||||||
)
|
|
||||||
);
|
|
||||||
} else {
|
|
||||||
plaintext = request.body;
|
|
||||||
}
|
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const decoded = Proto.Envelope.decode(plaintext);
|
const decoded = Proto.Envelope.decode(plaintext);
|
||||||
|
|
@ -2683,7 +2669,6 @@ export default class MessageReceiver {
|
||||||
oldUsername: string,
|
oldUsername: string,
|
||||||
username: string,
|
username: string,
|
||||||
password: string,
|
password: string,
|
||||||
signalingKey: ArrayBuffer,
|
|
||||||
options: {
|
options: {
|
||||||
serverTrustRoot: string;
|
serverTrustRoot: string;
|
||||||
retryCached?: string;
|
retryCached?: string;
|
||||||
|
|
@ -2694,7 +2679,6 @@ export default class MessageReceiver {
|
||||||
oldUsername,
|
oldUsername,
|
||||||
username,
|
username,
|
||||||
password,
|
password,
|
||||||
signalingKey,
|
|
||||||
options
|
options
|
||||||
);
|
);
|
||||||
this.inner = inner;
|
this.inner = inner;
|
||||||
|
|
|
||||||
|
|
@ -831,7 +831,6 @@ const URL_CALLS = {
|
||||||
multiRecipient: 'v1/messages/multi_recipient',
|
multiRecipient: 'v1/messages/multi_recipient',
|
||||||
profile: 'v1/profile',
|
profile: 'v1/profile',
|
||||||
registerCapabilities: 'v1/devices/capabilities',
|
registerCapabilities: 'v1/devices/capabilities',
|
||||||
removeSignalingKey: 'v1/accounts/signaling_key',
|
|
||||||
reportMessage: 'v1/messages/report',
|
reportMessage: 'v1/messages/report',
|
||||||
signed: 'v2/keys/signed',
|
signed: 'v2/keys/signed',
|
||||||
storageManifest: 'v1/storage/manifest',
|
storageManifest: 'v1/storage/manifest',
|
||||||
|
|
@ -1051,7 +1050,6 @@ export type WebAPIType = {
|
||||||
) => Promise<string>;
|
) => Promise<string>;
|
||||||
registerKeys: (genKeys: KeysType) => Promise<void>;
|
registerKeys: (genKeys: KeysType) => Promise<void>;
|
||||||
registerSupportForUnauthenticatedDelivery: () => Promise<any>;
|
registerSupportForUnauthenticatedDelivery: () => Promise<any>;
|
||||||
removeSignalingKey: () => Promise<void>;
|
|
||||||
reportMessage: (senderE164: string, serverGuid: string) => Promise<void>;
|
reportMessage: (senderE164: string, serverGuid: string) => Promise<void>;
|
||||||
requestVerificationSMS: (number: string) => Promise<any>;
|
requestVerificationSMS: (number: string) => Promise<any>;
|
||||||
requestVerificationVoice: (number: string) => Promise<any>;
|
requestVerificationVoice: (number: string) => Promise<any>;
|
||||||
|
|
@ -1244,7 +1242,6 @@ export function initialize({
|
||||||
registerCapabilities,
|
registerCapabilities,
|
||||||
registerKeys,
|
registerKeys,
|
||||||
registerSupportForUnauthenticatedDelivery,
|
registerSupportForUnauthenticatedDelivery,
|
||||||
removeSignalingKey,
|
|
||||||
reportMessage,
|
reportMessage,
|
||||||
requestVerificationSMS,
|
requestVerificationSMS,
|
||||||
requestVerificationVoice,
|
requestVerificationVoice,
|
||||||
|
|
@ -1617,13 +1614,6 @@ export function initialize({
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
async function removeSignalingKey() {
|
|
||||||
return _ajax({
|
|
||||||
call: 'removeSignalingKey',
|
|
||||||
httpType: 'DELETE',
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
async function getDevices() {
|
async function getDevices() {
|
||||||
return _ajax({
|
return _ajax({
|
||||||
call: 'devices',
|
call: 'devices',
|
||||||
|
|
|
||||||
|
|
@ -58,8 +58,8 @@ export class User {
|
||||||
return this.storage.get('deviceNameEncrypted');
|
return this.storage.get('deviceNameEncrypted');
|
||||||
}
|
}
|
||||||
|
|
||||||
public getSignalingKey(): ArrayBuffer | undefined {
|
public async removeSignalingKey(): Promise<void> {
|
||||||
return this.storage.get('signaling_key');
|
return this.storage.remove('signaling_key');
|
||||||
}
|
}
|
||||||
|
|
||||||
private _getDeviceIdFromUuid(): string | undefined {
|
private _getDeviceIdFromUuid(): string | undefined {
|
||||||
|
|
|
||||||
2
ts/types/Storage.d.ts
vendored
2
ts/types/Storage.d.ts
vendored
|
|
@ -98,7 +98,6 @@ export type StorageAccessType = {
|
||||||
unidentifiedDeliveryIndicators: boolean;
|
unidentifiedDeliveryIndicators: boolean;
|
||||||
groupCredentials: Array<GroupCredentialType>;
|
groupCredentials: Array<GroupCredentialType>;
|
||||||
lastReceivedAtCounter: number;
|
lastReceivedAtCounter: number;
|
||||||
signaling_key: ArrayBuffer;
|
|
||||||
skinTone: number;
|
skinTone: number;
|
||||||
unreadCount: number;
|
unreadCount: number;
|
||||||
'challenge:retry-message-ids': ReadonlyArray<{
|
'challenge:retry-message-ids': ReadonlyArray<{
|
||||||
|
|
@ -113,6 +112,7 @@ export type StorageAccessType = {
|
||||||
|
|
||||||
// Deprecated
|
// Deprecated
|
||||||
senderCertificateWithUuid: never;
|
senderCertificateWithUuid: never;
|
||||||
|
signaling_key: never;
|
||||||
};
|
};
|
||||||
|
|
||||||
export interface StorageInterface {
|
export interface StorageInterface {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue