Always use sender certificates including UUID

js/background.js

@@ -1702,25 +1702,26 @@
       }
     }
 
-    const hasRegisteredUuidSupportKey = 'hasRegisteredUuidSupport';
-    if (
-      !storage.get(hasRegisteredUuidSupportKey) &&
-      textsecure.storage.user.getUuid()
-    ) {
-      const server = WebAPI.connect({
-        username: USERNAME || OLD_USERNAME,
-        password: PASSWORD,
-      });
-      try {
-        await server.registerCapabilities({ uuid: true });
-        storage.put(hasRegisteredUuidSupportKey, true);
-      } catch (error) {
-        window.log.error(
-          'Error: Unable to register support for UUID messages.',
-          error && error.stack ? error.stack : error
-        );
-      }
-    }
+    // TODO: uncomment this once we want to start registering UUID support
+    // const hasRegisteredUuidSupportKey = 'hasRegisteredUuidSupport';
+    // if (
+    //   !storage.get(hasRegisteredUuidSupportKey) &&
+    //   textsecure.storage.user.getUuid()
+    // ) {
+    //   const server = WebAPI.connect({
+    //     username: USERNAME || OLD_USERNAME,
+    //     password: PASSWORD,
+    //   });
+    //   try {
+    //     await server.registerCapabilities({ uuid: true });
+    //     storage.put(hasRegisteredUuidSupportKey, true);
+    //   } catch (error) {
+    //     window.log.error(
+    //       'Error: Unable to register support for UUID messages.',
+    //       error && error.stack ? error.stack : error
+    //     );
+    //   }
+    // }
 
     const deviceId = textsecure.storage.user.getDeviceId();
 

js/models/conversations.js

@@ -1391,14 +1391,10 @@
 
     getSendOptions(options = {}) {
       const senderCertificate = storage.get('senderCertificate');
-      const senderCertificateWithUuid = storage.get(
-        'senderCertificateWithUuid'
-      );
       const sendMetadata = this.getSendMetadata(options);
 
       return {
         senderCertificate,
-        senderCertificateWithUuid,
         sendMetadata,
       };
     },
@@ -1456,7 +1452,9 @@
             window.Signal.Crypto.arrayBufferToBase64(
               window.Signal.Crypto.getRandomBytes(16)
             ),
-          useUuidSenderCert: uuidCapable,
+          // Indicates that a client is capable of receiving uuid-only messages.
+          // Not used yet.
+          uuidCapable,
         };
         return {
           ...(e164 ? { [e164]: info } : {}),
@@ -1475,7 +1473,9 @@
             : window.Signal.Crypto.arrayBufferToBase64(
                 window.Signal.Crypto.getRandomBytes(16)
               ),
-        useUuidSenderCert: uuidCapable,
+        // Indicates that a client is capable of receiving uuid-only messages.
+        // Not used yet.
+        uuidCapable,
       };
 
       return {

js/modules/refresh_sender_certificate.js

@@ -81,29 +81,29 @@ function initialize({ events, storage, navigator, logger }) {
         password: PASSWORD,
       });
 
-      await Promise.all(
-        [false, true].map(async withUuid => {
-          const { certificate } = await server.getSenderCertificate(withUuid);
-          const arrayBuffer = window.Signal.Crypto.base64ToArrayBuffer(
-            certificate
-          );
-          const decodedContainer = textsecure.protobuf.SenderCertificate.decode(
-            arrayBuffer
-          );
-          const decodedCert = textsecure.protobuf.SenderCertificate.Certificate.decode(
-            decodedContainer.certificate
-          );
-
-          // We don't want to send a protobuf-generated object across IPC, so we make
-          //   our own object.
-          const toSave = {
-            expires: decodedCert.expires.toNumber(),
-            serialized: arrayBuffer,
-          };
-
-          storage.put(`senderCertificate${withUuid ? 'WithUuid' : ''}`, toSave);
-        })
+      const { certificate } = await server.getSenderCertificate();
+      const arrayBuffer = window.Signal.Crypto.base64ToArrayBuffer(certificate);
+      const decodedContainer = textsecure.protobuf.SenderCertificate.decode(
+        arrayBuffer
       );
+      const decodedCert = textsecure.protobuf.SenderCertificate.Certificate.decode(
+        decodedContainer.certificate
+      );
+
+      // We don't want to send a protobuf-generated object across IPC, so we make
+      //   our own object.
+      const toSave = {
+        expires: decodedCert.expires.toNumber(),
+        serialized: arrayBuffer,
+      };
+
+      storage.put('senderCertificate', toSave);
+
+      const oldCertKey = 'senderCertificateWithUuid';
+      const oldUuidCert = storage.get(oldCertKey);
+      if (oldUuidCert) {
+        await storage.remove(oldCertKey);
+      }
 
       scheduledTime = null;
       scheduleNextRotation();

ts/sql/Client.ts

@@ -618,7 +618,6 @@ async function removeAllSignedPreKeys() {
 const ITEM_KEYS: { [key: string]: Array<string> | undefined } = {
   identityKey: ['value.pubKey', 'value.privKey'],
   senderCertificate: ['value.serialized'],
-  senderCertificateWithUuid: ['value.serialized'],
   signaling_key: ['value'],
   profileKey: ['value'],
 };

ts/textsecure/OutgoingMessage.ts

@@ -37,7 +37,6 @@ export default class OutgoingMessage {
 
   sendMetadata?: SendMetadataType;
   senderCertificate?: ArrayBuffer;
-  senderCertificateWithUuid?: ArrayBuffer;
   online?: boolean;
 
   constructor(
@@ -70,15 +69,9 @@ export default class OutgoingMessage {
     this.failoverIdentifiers = [];
     this.unidentifiedDeliveries = [];
 
-    const {
-      sendMetadata,
-      senderCertificate,
-      senderCertificateWithUuid,
-      online,
-    } = options || ({} as any);
+    const { sendMetadata, senderCertificate, online } = options || ({} as any);
     this.sendMetadata = sendMetadata;
     this.senderCertificate = senderCertificate;
-    this.senderCertificateWithUuid = senderCertificateWithUuid;
     this.online = online;
   }
   numberCompleted() {
@@ -314,15 +307,12 @@ export default class OutgoingMessage {
     } = {};
     const plaintext = this.getPlaintext();
 
-    const { sendMetadata } = this;
+    const { sendMetadata, senderCertificate } = this;
     const info =
       sendMetadata && sendMetadata[identifier]
         ? sendMetadata[identifier]
-        : { accessKey: undefined, useUuidSenderCert: undefined };
-    const { accessKey, useUuidSenderCert } = info;
-    const senderCertificate = useUuidSenderCert
-      ? this.senderCertificateWithUuid
-      : this.senderCertificate;
+        : { accessKey: undefined };
+    const { accessKey } = info;
 
     if (accessKey && !senderCertificate) {
       window.log.warn(

ts/textsecure/SendMessage.ts

@@ -35,7 +35,6 @@ function base64ToArrayBuffer(string: string): ArrayBuffer {
 export type SendMetadataType = {
   [identifier: string]: {
     accessKey: string;
-    useUuidSenderCert: boolean;
   };
 };
 
@@ -46,7 +45,6 @@ type GroupMemberType = {
 
 export type SendOptionsType = {
   senderCertificate?: ArrayBuffer;
-  senderCertificateWithUuid?: ArrayBuffer;
   sendMetadata?: SendMetadataType;
   online?: boolean;
 };

ts/textsecure/WebAPI.ts

@@ -790,13 +790,13 @@ export function initialize({
       });
     }
 
-    async function getSenderCertificate(withUuid = false) {
+    async function getSenderCertificate() {
       return _ajax({
         call: 'deliveryCert',
         httpType: 'GET',
         responseType: 'json',
         validateResponse: { certificate: 'string' },
-        urlParameters: withUuid ? '?includeUuid=true' : undefined,
+        urlParameters: '?includeUuid=true',
       });
     }
 
@@ -917,9 +917,11 @@ export function initialize({
     ) {
       const { accessKey } = options;
       const jsonData: any = {
-        capabilities: {
-          uuid: true,
-        },
+        // tslint:disable-next-line: no-suspicious-comment
+        // TODO: uncomment this once we want to start registering UUID support
+        // capabilities: {
+        //   uuid: true,
+        // },
         fetchesMessages: true,
         name: deviceName ? deviceName : undefined,
         registrationId,