UUID-keyed lookups in SignalProtocolStore
This commit is contained in:
Fedor Indutny
GitHub
parent
6323aedd9b
commit
c7e7d55af4
46 changed files with 2094 additions and 1447 deletions
|
|
@ -1,158 +0,0 @@
|
|||
// Copyright 2015-2020 Signal Messenger, LLC
|
||||
// SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
/* global textsecure */
|
||||
|
||||
describe('Key generation', function thisNeeded() {
|
||||
const count = 10;
|
||||
this.timeout(count * 2000);
|
||||
|
||||
function validateStoredKeyPair(keyPair) {
|
||||
/* Ensure the keypair matches the format used internally by libsignal-protocol */
|
||||
assert.isObject(keyPair, 'Stored keyPair is not an object');
|
||||
assert.instanceOf(keyPair.pubKey, ArrayBuffer);
|
||||
assert.instanceOf(keyPair.privKey, ArrayBuffer);
|
||||
assert.strictEqual(keyPair.pubKey.byteLength, 33);
|
||||
assert.strictEqual(new Uint8Array(keyPair.pubKey)[0], 5);
|
||||
assert.strictEqual(keyPair.privKey.byteLength, 32);
|
||||
}
|
||||
function itStoresPreKey(keyId) {
|
||||
it(`prekey ${keyId} is valid`, () =>
|
||||
textsecure.storage.protocol.loadPreKey(keyId).then(keyPair => {
|
||||
validateStoredKeyPair(keyPair);
|
||||
}));
|
||||
}
|
||||
function itStoresSignedPreKey(keyId) {
|
||||
it(`signed prekey ${keyId} is valid`, () =>
|
||||
textsecure.storage.protocol.loadSignedPreKey(keyId).then(keyPair => {
|
||||
validateStoredKeyPair(keyPair);
|
||||
}));
|
||||
}
|
||||
function validateResultKey(resultKey) {
|
||||
return textsecure.storage.protocol
|
||||
.loadPreKey(resultKey.keyId)
|
||||
.then(keyPair => {
|
||||
assertEqualArrayBuffers(resultKey.publicKey, keyPair.pubKey);
|
||||
});
|
||||
}
|
||||
function validateResultSignedKey(resultSignedKey) {
|
||||
return textsecure.storage.protocol
|
||||
.loadSignedPreKey(resultSignedKey.keyId)
|
||||
.then(keyPair => {
|
||||
assertEqualArrayBuffers(resultSignedKey.publicKey, keyPair.pubKey);
|
||||
});
|
||||
}
|
||||
|
||||
before(async () => {
|
||||
localStorage.clear();
|
||||
const keyPair = window.Signal.Curve.generateKeyPair();
|
||||
await textsecure.storage.protocol.put('identityKey', keyPair);
|
||||
});
|
||||
|
||||
describe('the first time', () => {
|
||||
let result;
|
||||
/* result should have this format
|
||||
* {
|
||||
* preKeys: [ { keyId, publicKey }, ... ],
|
||||
* signedPreKey: { keyId, publicKey, signature },
|
||||
* identityKey: <ArrayBuffer>
|
||||
* }
|
||||
*/
|
||||
before(() => {
|
||||
const accountManager = new textsecure.AccountManager('');
|
||||
return accountManager.generateKeys(count).then(res => {
|
||||
result = res;
|
||||
});
|
||||
});
|
||||
for (let i = 1; i <= count; i += 1) {
|
||||
itStoresPreKey(i);
|
||||
}
|
||||
itStoresSignedPreKey(1);
|
||||
|
||||
it(`result contains ${count} preKeys`, () => {
|
||||
assert.isArray(result.preKeys);
|
||||
assert.lengthOf(result.preKeys, count);
|
||||
for (let i = 0; i < count; i += 1) {
|
||||
assert.isObject(result.preKeys[i]);
|
||||
}
|
||||
});
|
||||
it('result contains the correct keyIds', () => {
|
||||
for (let i = 0; i < count; i += 1) {
|
||||
assert.strictEqual(result.preKeys[i].keyId, i + 1);
|
||||
}
|
||||
});
|
||||
it('result contains the correct public keys', () =>
|
||||
Promise.all(result.preKeys.map(validateResultKey)));
|
||||
it('returns a signed prekey', () => {
|
||||
assert.strictEqual(result.signedPreKey.keyId, 1);
|
||||
assert.instanceOf(result.signedPreKey.signature, ArrayBuffer);
|
||||
return validateResultSignedKey(result.signedPreKey);
|
||||
});
|
||||
});
|
||||
describe('the second time', () => {
|
||||
let result;
|
||||
before(() => {
|
||||
const accountManager = new textsecure.AccountManager('');
|
||||
return accountManager.generateKeys(count).then(res => {
|
||||
result = res;
|
||||
});
|
||||
});
|
||||
for (let i = 1; i <= 2 * count; i += 1) {
|
||||
itStoresPreKey(i);
|
||||
}
|
||||
itStoresSignedPreKey(1);
|
||||
itStoresSignedPreKey(2);
|
||||
it(`result contains ${count} preKeys`, () => {
|
||||
assert.isArray(result.preKeys);
|
||||
assert.lengthOf(result.preKeys, count);
|
||||
for (let i = 0; i < count; i += 1) {
|
||||
assert.isObject(result.preKeys[i]);
|
||||
}
|
||||
});
|
||||
it('result contains the correct keyIds', () => {
|
||||
for (let i = 1; i <= count; i += 1) {
|
||||
assert.strictEqual(result.preKeys[i - 1].keyId, i + count);
|
||||
}
|
||||
});
|
||||
it('result contains the correct public keys', () =>
|
||||
Promise.all(result.preKeys.map(validateResultKey)));
|
||||
it('returns a signed prekey', () => {
|
||||
assert.strictEqual(result.signedPreKey.keyId, 2);
|
||||
assert.instanceOf(result.signedPreKey.signature, ArrayBuffer);
|
||||
return validateResultSignedKey(result.signedPreKey);
|
||||
});
|
||||
});
|
||||
describe('the third time', () => {
|
||||
let result;
|
||||
before(() => {
|
||||
const accountManager = new textsecure.AccountManager('');
|
||||
return accountManager.generateKeys(count).then(res => {
|
||||
result = res;
|
||||
});
|
||||
});
|
||||
for (let i = 1; i <= 3 * count; i += 1) {
|
||||
itStoresPreKey(i);
|
||||
}
|
||||
itStoresSignedPreKey(2);
|
||||
itStoresSignedPreKey(3);
|
||||
it(`result contains ${count} preKeys`, () => {
|
||||
assert.isArray(result.preKeys);
|
||||
assert.lengthOf(result.preKeys, count);
|
||||
for (let i = 0; i < count; i += 1) {
|
||||
assert.isObject(result.preKeys[i]);
|
||||
}
|
||||
});
|
||||
it('result contains the correct keyIds', () => {
|
||||
for (let i = 1; i <= count; i += 1) {
|
||||
assert.strictEqual(result.preKeys[i - 1].keyId, i + 2 * count);
|
||||
}
|
||||
});
|
||||
it('result contains the correct public keys', () =>
|
||||
Promise.all(result.preKeys.map(validateResultKey)));
|
||||
it('result contains a signed prekey', () => {
|
||||
assert.strictEqual(result.signedPreKey.keyId, 3);
|
||||
assert.instanceOf(result.signedPreKey.signature, ArrayBuffer);
|
||||
return validateResultSignedKey(result.signedPreKey);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
@ -1,179 +0,0 @@
|
|||
// Copyright 2016-2020 Signal Messenger, LLC
|
||||
// SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
function SignalProtocolStore() {
|
||||
this.store = {};
|
||||
}
|
||||
|
||||
SignalProtocolStore.prototype = {
|
||||
VerifiedStatus: {
|
||||
DEFAULT: 0,
|
||||
VERIFIED: 1,
|
||||
UNVERIFIED: 2,
|
||||
},
|
||||
|
||||
getIdentityKeyPair() {
|
||||
return Promise.resolve(this.get('identityKey'));
|
||||
},
|
||||
getLocalRegistrationId() {
|
||||
return Promise.resolve(this.get('registrationId'));
|
||||
},
|
||||
put(key, value) {
|
||||
if (
|
||||
key === undefined ||
|
||||
value === undefined ||
|
||||
key === null ||
|
||||
value === null
|
||||
) {
|
||||
throw new Error('Tried to store undefined/null');
|
||||
}
|
||||
this.store[key] = value;
|
||||
},
|
||||
get(key, defaultValue) {
|
||||
if (key === null || key === undefined) {
|
||||
throw new Error('Tried to get value for undefined/null key');
|
||||
}
|
||||
if (key in this.store) {
|
||||
return this.store[key];
|
||||
}
|
||||
return defaultValue;
|
||||
},
|
||||
remove(key) {
|
||||
if (key === null || key === undefined) {
|
||||
throw new Error('Tried to remove value for undefined/null key');
|
||||
}
|
||||
delete this.store[key];
|
||||
},
|
||||
|
||||
isTrustedIdentity(identifier, identityKey) {
|
||||
if (identifier === null || identifier === undefined) {
|
||||
throw new Error('tried to check identity key for undefined/null key');
|
||||
}
|
||||
if (!(identityKey instanceof ArrayBuffer)) {
|
||||
throw new Error('Expected identityKey to be an ArrayBuffer');
|
||||
}
|
||||
const trusted = this.get(`identityKey${identifier}`);
|
||||
if (trusted === undefined) {
|
||||
return Promise.resolve(true);
|
||||
}
|
||||
return Promise.resolve(identityKey === trusted);
|
||||
},
|
||||
loadIdentityKey(identifier) {
|
||||
if (identifier === null || identifier === undefined) {
|
||||
throw new Error('Tried to get identity key for undefined/null key');
|
||||
}
|
||||
return new Promise(resolve => {
|
||||
resolve(this.get(`identityKey${identifier}`));
|
||||
});
|
||||
},
|
||||
saveIdentity(identifier, identityKey) {
|
||||
if (identifier === null || identifier === undefined) {
|
||||
throw new Error('Tried to put identity key for undefined/null key');
|
||||
}
|
||||
return new Promise(resolve => {
|
||||
const existing = this.get(`identityKey${identifier}`);
|
||||
this.put(`identityKey${identifier}`, identityKey);
|
||||
if (existing && existing !== identityKey) {
|
||||
resolve(true);
|
||||
} else {
|
||||
resolve(false);
|
||||
}
|
||||
});
|
||||
},
|
||||
|
||||
/* Returns a prekeypair object or undefined */
|
||||
loadPreKey(keyId) {
|
||||
return new Promise(resolve => {
|
||||
const res = this.get(`25519KeypreKey${keyId}`);
|
||||
resolve(res);
|
||||
});
|
||||
},
|
||||
storePreKey(keyId, keyPair) {
|
||||
return new Promise(resolve => {
|
||||
resolve(this.put(`25519KeypreKey${keyId}`, keyPair));
|
||||
});
|
||||
},
|
||||
removePreKey(keyId) {
|
||||
return new Promise(resolve => {
|
||||
resolve(this.remove(`25519KeypreKey${keyId}`));
|
||||
});
|
||||
},
|
||||
|
||||
/* Returns a signed keypair object or undefined */
|
||||
loadSignedPreKey(keyId) {
|
||||
return new Promise(resolve => {
|
||||
const res = this.get(`25519KeysignedKey${keyId}`);
|
||||
resolve(res);
|
||||
});
|
||||
},
|
||||
loadSignedPreKeys() {
|
||||
return new Promise(resolve => {
|
||||
const res = [];
|
||||
const keys = Object.keys(this.store);
|
||||
for (let i = 0, max = keys.length; i < max; i += 1) {
|
||||
const key = keys[i];
|
||||
if (key.startsWith('25519KeysignedKey')) {
|
||||
res.push(this.store[key]);
|
||||
}
|
||||
}
|
||||
resolve(res);
|
||||
});
|
||||
},
|
||||
storeSignedPreKey(keyId, keyPair) {
|
||||
return new Promise(resolve => {
|
||||
resolve(this.put(`25519KeysignedKey${keyId}`, keyPair));
|
||||
});
|
||||
},
|
||||
removeSignedPreKey(keyId) {
|
||||
return new Promise(resolve => {
|
||||
resolve(this.remove(`25519KeysignedKey${keyId}`));
|
||||
});
|
||||
},
|
||||
|
||||
loadSession(identifier) {
|
||||
return new Promise(resolve => {
|
||||
resolve(this.get(`session${identifier}`));
|
||||
});
|
||||
},
|
||||
storeSession(identifier, record) {
|
||||
return new Promise(resolve => {
|
||||
resolve(this.put(`session${identifier}`, record));
|
||||
});
|
||||
},
|
||||
removeAllSessions(identifier) {
|
||||
return new Promise(resolve => {
|
||||
const keys = Object.keys(this.store);
|
||||
for (let i = 0, max = keys.length; i < max; i += 1) {
|
||||
const key = keys[i];
|
||||
if (key.match(RegExp(`^session${identifier.replace('+', '\\+')}.+`))) {
|
||||
delete this.store[key];
|
||||
}
|
||||
}
|
||||
resolve();
|
||||
});
|
||||
},
|
||||
getDeviceIds(identifier) {
|
||||
return new Promise(resolve => {
|
||||
const deviceIds = [];
|
||||
const keys = Object.keys(this.store);
|
||||
for (let i = 0, max = keys.length; i < max; i += 1) {
|
||||
const key = keys[i];
|
||||
if (key.match(RegExp(`^session${identifier.replace('+', '\\+')}.+`))) {
|
||||
deviceIds.push(parseInt(key.split('.')[1], 10));
|
||||
}
|
||||
}
|
||||
resolve(deviceIds);
|
||||
});
|
||||
},
|
||||
|
||||
getUnprocessedCount: () => Promise.resolve(0),
|
||||
getAllUnprocessed: () => Promise.resolve([]),
|
||||
getUnprocessedById: () => Promise.resolve(null),
|
||||
addUnprocessed: () => Promise.resolve(),
|
||||
addMultipleUnprocessed: () => Promise.resolve(),
|
||||
updateUnprocessedAttempts: () => Promise.resolve(),
|
||||
updateUnprocessedWithData: () => Promise.resolve(),
|
||||
updateUnprocessedsWithData: () => Promise.resolve(),
|
||||
removeUnprocessed: () => Promise.resolve(),
|
||||
removeAllUnprocessed: () => Promise.resolve(),
|
||||
};
|
||||
|
|
@ -14,10 +14,6 @@
|
|||
<script type="text/javascript" src="fake_web_api.js"></script>
|
||||
|
||||
<script type="text/javascript" src="test.js"></script>
|
||||
<script
|
||||
type="text/javascript"
|
||||
src="in_memory_signal_protocol_store.js"
|
||||
></script>
|
||||
|
||||
<script
|
||||
type="text/javascript"
|
||||
|
|
@ -36,7 +32,6 @@
|
|||
></script>
|
||||
|
||||
<script type="text/javascript" src="helpers_test.js"></script>
|
||||
<script type="text/javascript" src="generate_keys_test.js"></script>
|
||||
<script type="text/javascript" src="task_with_timeout_test.js"></script>
|
||||
<script type="text/javascript" src="account_manager_test.js"></script>
|
||||
<script type="text/javascript" src="sendmessage_test.js"></script>
|
||||
|
|
|
|||
|
|
@ -1,142 +0,0 @@
|
|||
// Copyright 2015-2020 Signal Messenger, LLC
|
||||
// SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
/* global textsecure, storage, ConversationController */
|
||||
|
||||
describe('SignalProtocolStore', () => {
|
||||
const store = textsecure.storage.protocol;
|
||||
const identifier = '+5558675309';
|
||||
const identityKey = {
|
||||
pubKey: window.Signal.Crypto.getRandomBytes(33),
|
||||
privKey: window.Signal.Crypto.getRandomBytes(32),
|
||||
};
|
||||
const testKey = {
|
||||
pubKey: window.Signal.Crypto.getRandomBytes(33),
|
||||
privKey: window.Signal.Crypto.getRandomBytes(32),
|
||||
};
|
||||
before(async () => {
|
||||
localStorage.clear();
|
||||
ConversationController.reset();
|
||||
// store.hydrateCaches();
|
||||
await storage.fetch();
|
||||
await ConversationController.load();
|
||||
await ConversationController.getOrCreateAndWait(identifier, 'private');
|
||||
});
|
||||
it('retrieves my registration id', async () => {
|
||||
store.put('registrationId', 1337);
|
||||
|
||||
const reg = await store.getLocalRegistrationId();
|
||||
assert.strictEqual(reg, 1337);
|
||||
});
|
||||
it('retrieves my identity key', async () => {
|
||||
store.put('identityKey', identityKey);
|
||||
const key = await store.getIdentityKeyPair();
|
||||
assertEqualArrayBuffers(key.pubKey, identityKey.pubKey);
|
||||
assertEqualArrayBuffers(key.privKey, identityKey.privKey);
|
||||
});
|
||||
it('stores identity keys', async () => {
|
||||
await store.saveIdentity(identifier, testKey.pubKey);
|
||||
const key = await store.loadIdentityKey(identifier);
|
||||
assertEqualArrayBuffers(key, testKey.pubKey);
|
||||
});
|
||||
it('returns whether a key is trusted', async () => {
|
||||
const newIdentity = window.Signal.Crypto.getRandomBytes(33);
|
||||
await store.saveIdentity(identifier, testKey.pubKey);
|
||||
|
||||
const trusted = await store.isTrustedIdentity(identifier, newIdentity);
|
||||
if (trusted) {
|
||||
throw new Error('Allowed to overwrite identity key');
|
||||
}
|
||||
});
|
||||
it('returns whether a key is untrusted', async () => {
|
||||
await store.saveIdentity(identifier, testKey.pubKey);
|
||||
const trusted = await store.isTrustedIdentity(identifier, testKey.pubKey);
|
||||
|
||||
if (!trusted) {
|
||||
throw new Error('Allowed to overwrite identity key');
|
||||
}
|
||||
});
|
||||
it('stores prekeys', async () => {
|
||||
await store.storePreKey(1, testKey);
|
||||
|
||||
const key = await store.loadPreKey(1);
|
||||
assertEqualArrayBuffers(key.pubKey, testKey.pubKey);
|
||||
assertEqualArrayBuffers(key.privKey, testKey.privKey);
|
||||
});
|
||||
it('deletes prekeys', async () => {
|
||||
await store.storePreKey(2, testKey);
|
||||
await store.removePreKey(2, testKey);
|
||||
|
||||
const key = await store.loadPreKey(2);
|
||||
assert.isUndefined(key);
|
||||
});
|
||||
it('stores signed prekeys', async () => {
|
||||
await store.storeSignedPreKey(3, testKey);
|
||||
|
||||
const key = await store.loadSignedPreKey(3);
|
||||
assertEqualArrayBuffers(key.pubKey, testKey.pubKey);
|
||||
assertEqualArrayBuffers(key.privKey, testKey.privKey);
|
||||
});
|
||||
it('deletes signed prekeys', async () => {
|
||||
await store.storeSignedPreKey(4, testKey);
|
||||
await store.removeSignedPreKey(4, testKey);
|
||||
|
||||
const key = await store.loadSignedPreKey(4);
|
||||
assert.isUndefined(key);
|
||||
});
|
||||
it('stores sessions', async () => {
|
||||
const testRecord = 'an opaque string';
|
||||
const devices = [1, 2, 3].map(deviceId => [identifier, deviceId].join('.'));
|
||||
|
||||
await Promise.all(
|
||||
devices.map(async encodedNumber => {
|
||||
await store.storeSession(encodedNumber, testRecord + encodedNumber);
|
||||
})
|
||||
);
|
||||
|
||||
const records = await Promise.all(
|
||||
devices.map(store.loadSession.bind(store))
|
||||
);
|
||||
|
||||
for (let i = 0, max = records.length; i < max; i += 1) {
|
||||
assert.strictEqual(records[i], testRecord + devices[i]);
|
||||
}
|
||||
});
|
||||
it('removes all sessions for a number', async () => {
|
||||
const testRecord = 'an opaque string';
|
||||
const devices = [1, 2, 3].map(deviceId => [identifier, deviceId].join('.'));
|
||||
|
||||
await Promise.all(
|
||||
devices.map(async encodedNumber => {
|
||||
await store.storeSession(encodedNumber, testRecord + encodedNumber);
|
||||
})
|
||||
);
|
||||
|
||||
await store.removeAllSessions(identifier);
|
||||
|
||||
const records = await Promise.all(
|
||||
devices.map(store.loadSession.bind(store))
|
||||
);
|
||||
|
||||
for (let i = 0, max = records.length; i < max; i += 1) {
|
||||
assert.isUndefined(records[i]);
|
||||
}
|
||||
});
|
||||
it('returns deviceIds for a number', async () => {
|
||||
const testRecord = 'an opaque string';
|
||||
const devices = [1, 2, 3].map(deviceId => [identifier, deviceId].join('.'));
|
||||
|
||||
await Promise.all(
|
||||
devices.map(async encodedNumber => {
|
||||
await store.storeSession(encodedNumber, testRecord + encodedNumber);
|
||||
})
|
||||
);
|
||||
|
||||
const deviceIds = await store.getDeviceIds(identifier);
|
||||
assert.sameMembers(deviceIds, [1, 2, 3]);
|
||||
});
|
||||
it('returns empty array for a number with no device ids', async () => {
|
||||
const deviceIds = await store.getDeviceIds('foo');
|
||||
assert.sameMembers(deviceIds, []);
|
||||
});
|
||||
});
|
||||
Loading…
Add table
Add a link
Reference in a new issue