UUID-keyed lookups in SignalProtocolStore

This commit is contained in:
Fedor Indutny 2021-09-09 19:38:11 -07:00 committed by GitHub
parent 6323aedd9b
commit c7e7d55af4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
46 changed files with 2094 additions and 1447 deletions

View file

@ -1,158 +0,0 @@
// Copyright 2015-2020 Signal Messenger, LLC
// SPDX-License-Identifier: AGPL-3.0-only
/* global textsecure */
describe('Key generation', function thisNeeded() {
const count = 10;
this.timeout(count * 2000);
function validateStoredKeyPair(keyPair) {
/* Ensure the keypair matches the format used internally by libsignal-protocol */
assert.isObject(keyPair, 'Stored keyPair is not an object');
assert.instanceOf(keyPair.pubKey, ArrayBuffer);
assert.instanceOf(keyPair.privKey, ArrayBuffer);
assert.strictEqual(keyPair.pubKey.byteLength, 33);
assert.strictEqual(new Uint8Array(keyPair.pubKey)[0], 5);
assert.strictEqual(keyPair.privKey.byteLength, 32);
}
function itStoresPreKey(keyId) {
it(`prekey ${keyId} is valid`, () =>
textsecure.storage.protocol.loadPreKey(keyId).then(keyPair => {
validateStoredKeyPair(keyPair);
}));
}
function itStoresSignedPreKey(keyId) {
it(`signed prekey ${keyId} is valid`, () =>
textsecure.storage.protocol.loadSignedPreKey(keyId).then(keyPair => {
validateStoredKeyPair(keyPair);
}));
}
function validateResultKey(resultKey) {
return textsecure.storage.protocol
.loadPreKey(resultKey.keyId)
.then(keyPair => {
assertEqualArrayBuffers(resultKey.publicKey, keyPair.pubKey);
});
}
function validateResultSignedKey(resultSignedKey) {
return textsecure.storage.protocol
.loadSignedPreKey(resultSignedKey.keyId)
.then(keyPair => {
assertEqualArrayBuffers(resultSignedKey.publicKey, keyPair.pubKey);
});
}
before(async () => {
localStorage.clear();
const keyPair = window.Signal.Curve.generateKeyPair();
await textsecure.storage.protocol.put('identityKey', keyPair);
});
describe('the first time', () => {
let result;
/* result should have this format
* {
* preKeys: [ { keyId, publicKey }, ... ],
* signedPreKey: { keyId, publicKey, signature },
* identityKey: <ArrayBuffer>
* }
*/
before(() => {
const accountManager = new textsecure.AccountManager('');
return accountManager.generateKeys(count).then(res => {
result = res;
});
});
for (let i = 1; i <= count; i += 1) {
itStoresPreKey(i);
}
itStoresSignedPreKey(1);
it(`result contains ${count} preKeys`, () => {
assert.isArray(result.preKeys);
assert.lengthOf(result.preKeys, count);
for (let i = 0; i < count; i += 1) {
assert.isObject(result.preKeys[i]);
}
});
it('result contains the correct keyIds', () => {
for (let i = 0; i < count; i += 1) {
assert.strictEqual(result.preKeys[i].keyId, i + 1);
}
});
it('result contains the correct public keys', () =>
Promise.all(result.preKeys.map(validateResultKey)));
it('returns a signed prekey', () => {
assert.strictEqual(result.signedPreKey.keyId, 1);
assert.instanceOf(result.signedPreKey.signature, ArrayBuffer);
return validateResultSignedKey(result.signedPreKey);
});
});
describe('the second time', () => {
let result;
before(() => {
const accountManager = new textsecure.AccountManager('');
return accountManager.generateKeys(count).then(res => {
result = res;
});
});
for (let i = 1; i <= 2 * count; i += 1) {
itStoresPreKey(i);
}
itStoresSignedPreKey(1);
itStoresSignedPreKey(2);
it(`result contains ${count} preKeys`, () => {
assert.isArray(result.preKeys);
assert.lengthOf(result.preKeys, count);
for (let i = 0; i < count; i += 1) {
assert.isObject(result.preKeys[i]);
}
});
it('result contains the correct keyIds', () => {
for (let i = 1; i <= count; i += 1) {
assert.strictEqual(result.preKeys[i - 1].keyId, i + count);
}
});
it('result contains the correct public keys', () =>
Promise.all(result.preKeys.map(validateResultKey)));
it('returns a signed prekey', () => {
assert.strictEqual(result.signedPreKey.keyId, 2);
assert.instanceOf(result.signedPreKey.signature, ArrayBuffer);
return validateResultSignedKey(result.signedPreKey);
});
});
describe('the third time', () => {
let result;
before(() => {
const accountManager = new textsecure.AccountManager('');
return accountManager.generateKeys(count).then(res => {
result = res;
});
});
for (let i = 1; i <= 3 * count; i += 1) {
itStoresPreKey(i);
}
itStoresSignedPreKey(2);
itStoresSignedPreKey(3);
it(`result contains ${count} preKeys`, () => {
assert.isArray(result.preKeys);
assert.lengthOf(result.preKeys, count);
for (let i = 0; i < count; i += 1) {
assert.isObject(result.preKeys[i]);
}
});
it('result contains the correct keyIds', () => {
for (let i = 1; i <= count; i += 1) {
assert.strictEqual(result.preKeys[i - 1].keyId, i + 2 * count);
}
});
it('result contains the correct public keys', () =>
Promise.all(result.preKeys.map(validateResultKey)));
it('result contains a signed prekey', () => {
assert.strictEqual(result.signedPreKey.keyId, 3);
assert.instanceOf(result.signedPreKey.signature, ArrayBuffer);
return validateResultSignedKey(result.signedPreKey);
});
});
});

View file

@ -1,179 +0,0 @@
// Copyright 2016-2020 Signal Messenger, LLC
// SPDX-License-Identifier: AGPL-3.0-only
function SignalProtocolStore() {
this.store = {};
}
SignalProtocolStore.prototype = {
VerifiedStatus: {
DEFAULT: 0,
VERIFIED: 1,
UNVERIFIED: 2,
},
getIdentityKeyPair() {
return Promise.resolve(this.get('identityKey'));
},
getLocalRegistrationId() {
return Promise.resolve(this.get('registrationId'));
},
put(key, value) {
if (
key === undefined ||
value === undefined ||
key === null ||
value === null
) {
throw new Error('Tried to store undefined/null');
}
this.store[key] = value;
},
get(key, defaultValue) {
if (key === null || key === undefined) {
throw new Error('Tried to get value for undefined/null key');
}
if (key in this.store) {
return this.store[key];
}
return defaultValue;
},
remove(key) {
if (key === null || key === undefined) {
throw new Error('Tried to remove value for undefined/null key');
}
delete this.store[key];
},
isTrustedIdentity(identifier, identityKey) {
if (identifier === null || identifier === undefined) {
throw new Error('tried to check identity key for undefined/null key');
}
if (!(identityKey instanceof ArrayBuffer)) {
throw new Error('Expected identityKey to be an ArrayBuffer');
}
const trusted = this.get(`identityKey${identifier}`);
if (trusted === undefined) {
return Promise.resolve(true);
}
return Promise.resolve(identityKey === trusted);
},
loadIdentityKey(identifier) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to get identity key for undefined/null key');
}
return new Promise(resolve => {
resolve(this.get(`identityKey${identifier}`));
});
},
saveIdentity(identifier, identityKey) {
if (identifier === null || identifier === undefined) {
throw new Error('Tried to put identity key for undefined/null key');
}
return new Promise(resolve => {
const existing = this.get(`identityKey${identifier}`);
this.put(`identityKey${identifier}`, identityKey);
if (existing && existing !== identityKey) {
resolve(true);
} else {
resolve(false);
}
});
},
/* Returns a prekeypair object or undefined */
loadPreKey(keyId) {
return new Promise(resolve => {
const res = this.get(`25519KeypreKey${keyId}`);
resolve(res);
});
},
storePreKey(keyId, keyPair) {
return new Promise(resolve => {
resolve(this.put(`25519KeypreKey${keyId}`, keyPair));
});
},
removePreKey(keyId) {
return new Promise(resolve => {
resolve(this.remove(`25519KeypreKey${keyId}`));
});
},
/* Returns a signed keypair object or undefined */
loadSignedPreKey(keyId) {
return new Promise(resolve => {
const res = this.get(`25519KeysignedKey${keyId}`);
resolve(res);
});
},
loadSignedPreKeys() {
return new Promise(resolve => {
const res = [];
const keys = Object.keys(this.store);
for (let i = 0, max = keys.length; i < max; i += 1) {
const key = keys[i];
if (key.startsWith('25519KeysignedKey')) {
res.push(this.store[key]);
}
}
resolve(res);
});
},
storeSignedPreKey(keyId, keyPair) {
return new Promise(resolve => {
resolve(this.put(`25519KeysignedKey${keyId}`, keyPair));
});
},
removeSignedPreKey(keyId) {
return new Promise(resolve => {
resolve(this.remove(`25519KeysignedKey${keyId}`));
});
},
loadSession(identifier) {
return new Promise(resolve => {
resolve(this.get(`session${identifier}`));
});
},
storeSession(identifier, record) {
return new Promise(resolve => {
resolve(this.put(`session${identifier}`, record));
});
},
removeAllSessions(identifier) {
return new Promise(resolve => {
const keys = Object.keys(this.store);
for (let i = 0, max = keys.length; i < max; i += 1) {
const key = keys[i];
if (key.match(RegExp(`^session${identifier.replace('+', '\\+')}.+`))) {
delete this.store[key];
}
}
resolve();
});
},
getDeviceIds(identifier) {
return new Promise(resolve => {
const deviceIds = [];
const keys = Object.keys(this.store);
for (let i = 0, max = keys.length; i < max; i += 1) {
const key = keys[i];
if (key.match(RegExp(`^session${identifier.replace('+', '\\+')}.+`))) {
deviceIds.push(parseInt(key.split('.')[1], 10));
}
}
resolve(deviceIds);
});
},
getUnprocessedCount: () => Promise.resolve(0),
getAllUnprocessed: () => Promise.resolve([]),
getUnprocessedById: () => Promise.resolve(null),
addUnprocessed: () => Promise.resolve(),
addMultipleUnprocessed: () => Promise.resolve(),
updateUnprocessedAttempts: () => Promise.resolve(),
updateUnprocessedWithData: () => Promise.resolve(),
updateUnprocessedsWithData: () => Promise.resolve(),
removeUnprocessed: () => Promise.resolve(),
removeAllUnprocessed: () => Promise.resolve(),
};

View file

@ -14,10 +14,6 @@
<script type="text/javascript" src="fake_web_api.js"></script>
<script type="text/javascript" src="test.js"></script>
<script
type="text/javascript"
src="in_memory_signal_protocol_store.js"
></script>
<script
type="text/javascript"
@ -36,7 +32,6 @@
></script>
<script type="text/javascript" src="helpers_test.js"></script>
<script type="text/javascript" src="generate_keys_test.js"></script>
<script type="text/javascript" src="task_with_timeout_test.js"></script>
<script type="text/javascript" src="account_manager_test.js"></script>
<script type="text/javascript" src="sendmessage_test.js"></script>

View file

@ -1,142 +0,0 @@
// Copyright 2015-2020 Signal Messenger, LLC
// SPDX-License-Identifier: AGPL-3.0-only
/* global textsecure, storage, ConversationController */
describe('SignalProtocolStore', () => {
const store = textsecure.storage.protocol;
const identifier = '+5558675309';
const identityKey = {
pubKey: window.Signal.Crypto.getRandomBytes(33),
privKey: window.Signal.Crypto.getRandomBytes(32),
};
const testKey = {
pubKey: window.Signal.Crypto.getRandomBytes(33),
privKey: window.Signal.Crypto.getRandomBytes(32),
};
before(async () => {
localStorage.clear();
ConversationController.reset();
// store.hydrateCaches();
await storage.fetch();
await ConversationController.load();
await ConversationController.getOrCreateAndWait(identifier, 'private');
});
it('retrieves my registration id', async () => {
store.put('registrationId', 1337);
const reg = await store.getLocalRegistrationId();
assert.strictEqual(reg, 1337);
});
it('retrieves my identity key', async () => {
store.put('identityKey', identityKey);
const key = await store.getIdentityKeyPair();
assertEqualArrayBuffers(key.pubKey, identityKey.pubKey);
assertEqualArrayBuffers(key.privKey, identityKey.privKey);
});
it('stores identity keys', async () => {
await store.saveIdentity(identifier, testKey.pubKey);
const key = await store.loadIdentityKey(identifier);
assertEqualArrayBuffers(key, testKey.pubKey);
});
it('returns whether a key is trusted', async () => {
const newIdentity = window.Signal.Crypto.getRandomBytes(33);
await store.saveIdentity(identifier, testKey.pubKey);
const trusted = await store.isTrustedIdentity(identifier, newIdentity);
if (trusted) {
throw new Error('Allowed to overwrite identity key');
}
});
it('returns whether a key is untrusted', async () => {
await store.saveIdentity(identifier, testKey.pubKey);
const trusted = await store.isTrustedIdentity(identifier, testKey.pubKey);
if (!trusted) {
throw new Error('Allowed to overwrite identity key');
}
});
it('stores prekeys', async () => {
await store.storePreKey(1, testKey);
const key = await store.loadPreKey(1);
assertEqualArrayBuffers(key.pubKey, testKey.pubKey);
assertEqualArrayBuffers(key.privKey, testKey.privKey);
});
it('deletes prekeys', async () => {
await store.storePreKey(2, testKey);
await store.removePreKey(2, testKey);
const key = await store.loadPreKey(2);
assert.isUndefined(key);
});
it('stores signed prekeys', async () => {
await store.storeSignedPreKey(3, testKey);
const key = await store.loadSignedPreKey(3);
assertEqualArrayBuffers(key.pubKey, testKey.pubKey);
assertEqualArrayBuffers(key.privKey, testKey.privKey);
});
it('deletes signed prekeys', async () => {
await store.storeSignedPreKey(4, testKey);
await store.removeSignedPreKey(4, testKey);
const key = await store.loadSignedPreKey(4);
assert.isUndefined(key);
});
it('stores sessions', async () => {
const testRecord = 'an opaque string';
const devices = [1, 2, 3].map(deviceId => [identifier, deviceId].join('.'));
await Promise.all(
devices.map(async encodedNumber => {
await store.storeSession(encodedNumber, testRecord + encodedNumber);
})
);
const records = await Promise.all(
devices.map(store.loadSession.bind(store))
);
for (let i = 0, max = records.length; i < max; i += 1) {
assert.strictEqual(records[i], testRecord + devices[i]);
}
});
it('removes all sessions for a number', async () => {
const testRecord = 'an opaque string';
const devices = [1, 2, 3].map(deviceId => [identifier, deviceId].join('.'));
await Promise.all(
devices.map(async encodedNumber => {
await store.storeSession(encodedNumber, testRecord + encodedNumber);
})
);
await store.removeAllSessions(identifier);
const records = await Promise.all(
devices.map(store.loadSession.bind(store))
);
for (let i = 0, max = records.length; i < max; i += 1) {
assert.isUndefined(records[i]);
}
});
it('returns deviceIds for a number', async () => {
const testRecord = 'an opaque string';
const devices = [1, 2, 3].map(deviceId => [identifier, deviceId].join('.'));
await Promise.all(
devices.map(async encodedNumber => {
await store.storeSession(encodedNumber, testRecord + encodedNumber);
})
);
const deviceIds = await store.getDeviceIds(identifier);
assert.sameMembers(deviceIds, [1, 2, 3]);
});
it('returns empty array for a number with no device ids', async () => {
const deviceIds = await store.getDeviceIds('foo');
assert.sameMembers(deviceIds, []);
});
});