keejef
/
session-desktop
mirror of https://github.com/oxen-io/session-desktop
2
0
Fork 0
Code Issues 7 Projects Releases Wiki Activity

Lots of updates post-test-cases

Browse Source
pull/749/head
Matt Corallo 10 years ago
parent 6b0a1ac260
commit 3c603c72b4
2 changed files with 308 additions and 36 deletions
Show Stats Download Patch File Download Diff File

152
js/helpers.js
Unescape Escape View File

@ -36,6 +36,43 @@ var taBytes = new Uint8Array(aBBytes);
return aBBytes;
}
/* Base64 string to array encoding */
function uint6ToB64 (nUint6) {
return nUint6 < 26 ?
nUint6 + 65
: nUint6 < 52 ?
nUint6 + 71
: nUint6 < 62 ?
nUint6 - 4
: nUint6 === 62 ?
43
: nUint6 === 63 ?
47
:
65;
}
function base64EncArr (aBytes) {
var nMod3, sB64Enc = "";
for (var nLen = aBytes.length, nUint24 = 0, nIdx = 0; nIdx < nLen; nIdx++) {
nMod3 = nIdx % 3;
//if (nIdx > 0 && (nIdx * 4 / 3) % 76 === 0) { sB64Enc += "\r\n"; }
nUint24 |= aBytes[nIdx] << (16 >>> nMod3 & 24);
if (nMod3 === 2 || aBytes.length - nIdx === 1) {
sB64Enc += String.fromCharCode(uint6ToB64(nUint24 >>> 18 & 63), uint6ToB64(nUint24 >>> 12 & 63), uint6ToB64(nUint24 >>> 6 & 63), uint6ToB64(nUint24 & 63));
nUint24 = 0;
}
}
return sB64Enc.replace(/A(?=A$|$)/g, "=");
}
/*********************************
*** Type conversion utilities ***
*********************************/
@ -43,13 +80,55 @@ var taBytes = new Uint8Array(aBBytes);
var StaticByteBufferProto = new dcodeIO.ByteBuffer().__proto__;
var StaticArrayBufferProto = new ArrayBuffer().__proto__;
function getString(thing) {
if (thing.__proto__ == StaticArrayBufferProto)
return String.fromCharCode.apply(null, thing);
if (thing != undefined && thing.__proto__ == StaticByteBufferProto)
return thing.toString("utf8");
if (thing === Object(thing) && thing.__proto__ == StaticArrayBufferProto)
return String.fromCharCode.apply(null, new Uint8Array(thing));
if (thing === Object(thing) && thing.__proto__ == StaticByteBufferProto)
return thing.toString("binary");
return thing;
}
function getStringable(thing) {
return (typeof thing == "string" || typeof thing == "number" ||
(thing === Object(thing) && thing.__proto__ == StaticArrayBufferProto) ||
(thing === Object(thing) && thing.__proto__ == StaticByteBufferProto));
}
function toArrayBuffer(thing) {
if (thing === undefined)
return undefined;
if (!getStringable(thing))
throw "Tried to convert a non-stringable thing of type " + typeof thing + " to an array buffer";
// This is usually very much overkill, but shorter code > efficient code here (crypto should dominate)
var str = getString(thing);
var res = new ArrayBuffer(str.length);
var uint = new Uint8Array(res);
for (var i = 0; i < str.length; i++)
uint[i] = str.charCodeAt(i);
return res;
}
function ensureStringed(thing) {
if (getStringable(thing))
return getString(thing);
else if (thing instanceof Array) {
var res = [];
for (var i = 0; i < thing.length; i++)
res[i] = ensureStringed(thing);
return res;
} else if (thing === Object(thing)) {
var res = {};
for (key in thing)
res[key] = ensureStringed(thing[key]);
return res;
}
throw "unsure of how to jsonify object of type " + typeof thing;
}
function jsonThing(thing) {
return JSON.stringify(ensureStringed(thing));
}
function getArrayBuffer(string) {
return base64DecToArr(btoa(string));
}
@ -134,7 +213,7 @@ storage.putEncrypted = function(key, value) {
//TODO
if (value === undefined)
throw "Tried to store undefined";
localStorage.setItem("e" + key, JSON.stringify(getString(value)));
localStorage.setItem("e" + key, jsonThing(value));
}
storage.getEncrypted = function(key, defaultValue) {
@ -152,7 +231,7 @@ storage.removeEncrypted = function(key) {
storage.putUnencrypted = function(key, value) {
if (value === undefined)
throw "Tried to store undefined";
localStorage.setItem("u" + key, JSON.stringify(getString(value)));
localStorage.setItem("u" + key, jsonThing(value));
}
storage.getUnencrypted = function(key, defaultValue) {
@ -262,15 +341,32 @@ function moduleDidLoad() {
}
function handleMessage(message) {
console.log("Got message");
console.log(message);
naclMessageIdCallbackMap[message.data.call_id](message.data);
}
function postNaclMessage(message, callback) {
naclMessageIdCallbackMap[naclMessageNextId] = callback;
message.call_id = naclMessageNextId++;
common.naclModule.postMessage(message);
var pass = { command: message.command };
pass.call_id = naclMessageNextId++;
if (message["priv"] !== undefined) {
pass.priv = toArrayBuffer(message.priv);
if (pass.priv.byteLength != 32)
throw "Invalid NACL Message";
}
if (message["pub"] !== undefined) {
var pub = toArrayBuffer(message.pub);
var pubView = new Uint8Array(pub);
if (pub.byteLength == 33 && pubView[0] == 5) {
pass.pub = new ArrayBuffer(32);
var pubCopy = new Uint8Array(pass.pub);
for (var i = 0; i < 32; i++)
pubCopy[i] = pubView[i+1];
} else if (pub.byteLength == 32)
pass.pub = pub;
else
throw "Invalid NACL Message";
}
common.naclModule.postMessage(pass);
}
/*******************************************
@ -291,10 +387,15 @@ function getRandomBytes(size) {
(function(crypto, $, undefined) {
var createNewKeyPair = function(callback) {
//TODO
var privKey = getRandomBytes(32);
postNaclMessage({command: "bytesToPriv", priv: privKey}, function(message) {
postNaclMessage({command: "privToPub", priv: message.res}, function(message) {
var origPub = new Uint8Array(message.res);
var pub = new ArrayBuffer(33);
var pubWithPrefix = new Uint8Array(pub);
for (var i = 0; i < 32; i++)
pubWithPrefix[i+1] = origPub[i];
pubWithPrefix[0] = 5;
callback({ pubKey: message.res, privKey: privKey });
});
});
@ -310,11 +411,14 @@ function getRandomBytes(size) {
}
crypto_storage.getStoredPubKey = function(keyName) {
return storage.getEncrypted("25519Key" + keyName, { pubKey: undefined }).pubKey;
return toArrayBuffer(storage.getEncrypted("25519Key" + keyName, { pubKey: undefined }).pubKey);
}
crypto_storage.getStoredKeyPair = function(keyName) {
return storage.getEncrypted("25519Key" + keyName);
var res = storage.getEncrypted("25519Key" + keyName);
if (res === undefined)
return undefined;
return { pubKey: toArrayBuffer(res.pubKey), privKey: toArrayBuffer(res.privKey) };
}
crypto_storage.getAndRemoveStoredKeyPair = function(keyName) {
@ -408,7 +512,7 @@ function getRandomBytes(size) {
var initSessionFromPreKeyWhisperMessage = function(encodedNumber, message, callback) {
//TODO: Check remote identity key matches known-good key
var preKeyPair = crypto_storage.getAndRemovePreKeyPair(preKeyProto.preKeyId);
var preKeyPair = crypto_storage.getAndRemovePreKeyPair(message.preKeyId);
if (preKeyPair === undefined)
throw "Missing preKey for PreKeyWhisperMessage";
@ -417,8 +521,8 @@ function getRandomBytes(size) {
lastRemoteEphemeralKey: message.baseKey },
oldRatchetList: []
};
session[preKeyPair.pubKey] = { messageKeys: {}, chainKey: { counter: 0, key: firstRatchet.chainKey } };
storage.saveSession(encodedNumber, session);
session[getString(preKeyPair.pubKey)] = { messageKeys: {}, chainKey: { counter: 0, key: firstRatchet.chainKey } };
crypto_storage.saveSession(encodedNumber, session);
callback();
});
@ -436,15 +540,15 @@ function getRandomBytes(size) {
}
var maybeStepRatchet = function(session, remoteKey, previousCounter, callback) {
if (sesion[remoteKey] !== undefined) //TODO: null???
if (session[getString(remoteKey)] !== undefined) //TODO: null???
return;
var ratchet = session.currentRatchet;
var previousRatchet = session[ratchet.lastRemoteEphemeralKey];
var previousRatchet = session[getString(ratchet.lastRemoteEphemeralKey)];
fillMessageKeys(previousRatchet, previousCounter);
if (!objectContainsKeys(previousRatchet.messageKeys))
delete session[ratchet.lastRemoteEphemeralKey];
delete session[getString(ratchet.lastRemoteEphemeralKey)];
else
session.oldRatchetList[session.oldRatchetList.length] = { added: new Date().getTime(), ephemeralKey: ratchet.lastRemoteEphemeralKey };
@ -452,14 +556,14 @@ function getRandomBytes(size) {
ECDHE(remoteKey, ratchet.ephemeralKeyPair.privKey, function(sharedSecret) {
var masterKey = HKDF(sharedSecret, ratchet.rootKey, "WhisperRatchet");
session[remoteKey] = { messageKeys: {}, chainKey: { counter: 0, key: masterKey.substring(32, 64) } };
session[getString(remoteKey)] = { messageKeys: {}, chainKey: { counter: 0, key: masterKey.substring(32, 64) } };
createNewKeyPair(function(keyPair) {
ratchet.ephemeralKeyPair = keyPair;
masterKey = HKDF(ECDHE(remoteKey, ratchet.ephemeralKeyPair.privKey), masterKey.substring(0, 32), "WhisperRatchet");
ratchet.rootKey = masterKey.substring(0, 32);
session[nextRatchet.ephemeralKeyPair.pubKey] = { messageKeys: {}, chainKey: { counter: 0, key: masterKey.substring(32, 64) } };
session[getString(nextRatchet.ephemeralKeyPair.pubKey)] = { messageKeys: {}, chainKey: { counter: 0, key: masterKey.substring(32, 64) } };
ratchet.lastRemoteEphemeralKey = remoteKey;
callback();
@ -481,7 +585,7 @@ function getRandomBytes(size) {
if (session === undefined)
throw "No session currently open with " + encodedNumber;
if (messageBytes[0] != String.fromCharCode(1))
if (messageBytes[0] != String.fromCharCode((2 << 4) | 2))
throw "Bad version number on WhisperMessage";
var messageProto = messageBytes.substring(1, messageBytes.length - 8);
@ -549,6 +653,8 @@ function getRandomBytes(size) {
decryptWhisperMessage(proto.source, getString(proto.message), function(result) { callback(result); });
break;
case 3: //TYPE_MESSAGE_PREKEY_BUNDLE
if (proto.message.readUint8() != (2 << 4 | 2))
throw "Bad version byte";
var preKeyProto = decodePreKeyWhisperMessageProtobuf(getString(proto.message));
initSessionFromPreKeyWhisperMessage(proto.source, preKeyProto, function() {
decryptWhisperMessage(proto.source, getString(preKeyProto.message), function(result) { callback(result); });
@ -636,7 +742,7 @@ function doAjax(param) {
}
$.ajax(URL_BASE + URL_CALLS[param.call] + param.urlParameters, {
type: param.httpType,
data: JSON.stringify(param.jsonData),
data: jsonThing(param.jsonData),
contentType: 'application/json; charset=utf-8',
dataType: 'json',
beforeSend: function(xhr) {

192
js/test.js
Unescape Escape View File

@ -1,22 +1,79 @@
// Setup dumb test wrapper
var testsdiv = $('#tests');
var testsOutstanding = [];
function TEST(func, name) {
var exclusiveRunning = -1;
var exclusiveTestsWaiting = [];
var maxTestId = 0;
function startNextExclusiveTest() {
for (var i = 0; i < maxTestId; i++) {
if (exclusiveTestsWaiting[i] !== undefined) {
exclusiveTestsWaiting[i]();
break;
}
}
}
function TEST(func, name, exclusive) {
if (exclusive == undefined)
exculsive = false;
var funcName = name === undefined ? func + "" : name;
var testIndex = testsOutstanding.length;
var testIndex = maxTestId;
var exclusiveIndex = -1;
if (exclusive && exclusiveRunning != -1)
exclusiveIndex = maxTestId;
maxTestId = maxTestId + 1;
function callback(result) {
if (result)
if (testsOutstanding[testIndex] == undefined)
testsdiv.append('<p style="color: red;">' + funcName + ' called back multiple times</p>');
else if (result)
testsdiv.append('<p style="color: green;">' + funcName + ' passed</p>');
else
testsdiv.append('<p style="color: red;">' + funcName + ' returned false</p>');
delete testsOutstanding[testIndex];
if (exclusive) {
exclusiveRunning = -1;
localStorage.clear();
if (exclusiveIndex != -1)
delete exclusiveTestsWaiting[exclusiveIndex];
startNextExclusiveTest();
}
}
try {
testsOutstanding[testIndex] = funcName;
func(callback);
} catch (e) {
var runFunc = function() {
if (exclusive) {
exclusiveRunning = testIndex;
localStorage.clear();
}
try {
testsOutstanding[testIndex] = funcName;
func(callback);
} catch (e) {
testsdiv.append('<p style="color: red;">' + funcName + ' threw ' + e + '</p>');
}
}
if (!exclusive || exclusiveRunning == -1)
runFunc();
else
exclusiveTestsWaiting[exclusiveIndex] = runFunc;
}
function hexToArrayBuffer(str) {
var ret = new ArrayBuffer(str.length / 2);
var array = new Uint8Array(ret);
for (var i = 0; i < str.length/2; i++)
array[i] = parseInt(str.substr(i*2, 2), 16);
return ret;
}
registerOnLoadFunction(function() {
@ -27,6 +84,15 @@ registerOnLoadFunction(function() {
TEST(function(callback) { callback(objectContainsKeys({ a: undefined })); });
TEST(function(callback) { callback(objectContainsKeys({ a: null })); });
TEST(function(callback) {
var b = new ArrayBuffer(3);
var a = new Uint8Array(b);
a[0] = 0;
a[1] = 255;
a[2] = 128;
callback(getString(b) == "\x00\xff\x80");
}, "ArrayBuffer->String conversion");
// Basic sanity-checks on the crypto library
TEST(function(callback) {
var PushMessageProto = dcodeIO.ProtoBuf.loadProtoFile("protos/IncomingPushMessageSignal.proto").build("textsecure.PushMessageContent");
@ -42,7 +108,7 @@ registerOnLoadFunction(function() {
message.attachments.length == text_message.attachments.length &&
text_message.attachments.length == 0);
});
}, 'Unencrypted PushMessageProto "decrypt"');
}, 'Unencrypted PushMessageProto "decrypt"', true);
TEST(function(callback) {
crypto.generateKeys(function() {
@ -50,13 +116,113 @@ registerOnLoadFunction(function() {
});
}, "Test simple create key");
// TODO: Run through the test vectors for the axolotl ratchet
TEST(function(callback) {
// These are just some random curve25519 test vectors I found online
var alice_priv = hexToArrayBuffer("77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a");
var alice_pub = hexToArrayBuffer("8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a");
var bob_priv = hexToArrayBuffer("5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb");
var bob_pub = hexToArrayBuffer("de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f");
var shared_sec = hexToArrayBuffer("4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742");
postNaclMessage({command: "bytesToPriv", priv: alice_priv}, function(message) {
var target = new Uint8Array(alice_priv.slice(0));
target[0] &= 248;
target[31] &= 127;
target[31] |= 64;
if (String.fromCharCode.apply(null, new Uint8Array(message.res)) != String.fromCharCode.apply(null, target))
callback(false);
var alice_calc_priv = message.res;
postNaclMessage({command: "bytesToPriv", priv: bob_priv}, function(message) {
var target = new Uint8Array(bob_priv.slice(0));
target[0] &= 248;
target[31] &= 127;
target[31] |= 64;
if (String.fromCharCode.apply(null, new Uint8Array(message.res)) != String.fromCharCode.apply(null, target))
callback(false);
var bob_calc_priv = message.res;
postNaclMessage({command: "privToPub", priv: alice_calc_priv}, function(message) {
if (String.fromCharCode.apply(null, new Uint16Array(message.res)) != String.fromCharCode.apply(null, new Uint16Array(alice_pub)))
callback(false);
postNaclMessage({command: "privToPub", priv: bob_calc_priv}, function(message) {
if (String.fromCharCode.apply(null, new Uint16Array(message.res)) != String.fromCharCode.apply(null, new Uint16Array(bob_pub)))
callback(false);
postNaclMessage({command: "ECDHE", priv: alice_calc_priv, pub: bob_pub}, function(message) {
if (String.fromCharCode.apply(null, new Uint16Array(message.res)) != String.fromCharCode.apply(null, new Uint16Array(shared_sec)))
callback(false);
postNaclMessage({command: "ECDHE", priv: bob_calc_priv, pub: alice_pub}, function(message) {
if (String.fromCharCode.apply(null, new Uint16Array(message.res)) != String.fromCharCode.apply(null, new Uint16Array(shared_sec)))
callback(false);
else
callback(true);
});
});
});
});
});
});
}, "Simple Curve25519 test vector");
window.setTimeout(function() {
for (var i = 0; i < testsOutstanding.length; i++)
if (testsOutstanding[i] !== undefined)
var axolotlTestVectors = {
aliceIdentityPriv: hexToArrayBuffer("5087904a02ae0179650f03fc2936d8e34a2620f3b9949858d520617918f9e243"),
aliceIdentityPub: hexToArrayBuffer("05a7aff211e3c2c0eb98f49be243a998c56bf68faa2e41ba28ac3d755f30418f0b"),
bobIdentityPriv: hexToArrayBuffer("c840406d2f749b5e0529193f9b782acbc3b256d1bd425613e299ccc4c31cef4c"),
bobIdentityPub: hexToArrayBuffer("05f48c076e6a9730fa430edcb1c36818197589ef5e41a5874fa90ce1d48c7e4b3e"),
aliceLastResort: hexToArrayBuffer("f04babb890c02b64afddfbdc749c4412d48aebc9154de9542bd5430ad412b54f"),
bobLastResort: hexToArrayBuffer("3857c27f00fb284e1841f42611c4919bb3a99ac45cb7696fbd37fbb5e63d8748"),
alicePre0: hexToArrayBuffer("88e31d1796eaa4a2dd5da6515157904e921d0b578b4b5089c056e922ae6d2554"),
alicePre1: hexToArrayBuffer("a8ad7da1d1bbdf2f5a4dd2ad801cb081a158c66e5c7346a1a8ba1d5c91ef3145"),
bobPre0: hexToArrayBuffer("e0b3c8a483b0499404df078d82d4f13e47c0f201c1001602be422728043a0f43"),
bobPre1: hexToArrayBuffer("f0b65e60a10652b4eb30705b048040d5a69b26640b9b5736ba187f909336df56"),
aliceToBob: hexToArrayBuffer("08031205414c4943452203424f4228fd90aebfc62832860122080012210554a41389487db5b021f9bb7bfb3741cb4dd270e1a0b5a6c02e960c492eb5343c1a2105a7aff211e3c2c0eb98f49be243a998c56bf68faa2e41ba28ac3d755f30418f0b223b220a21056c2b1e63ad99214e72518331f30c69d7eb6b5c0cd8ba074ac2cf16252ca48f06100018012209b5ffc5e00bfd41f3a0e6619ee91abd5184"),
plain: hexToArrayBuffer("0a07486920426f6221")
};
// Axolotl test vectors
TEST(function(callback) {
var v = axolotlTestVectors;
storage.putEncrypted("25519KeyidentityKey", { pubKey: v.aliceIdentityPub, privKey: v.aliceIdentityPriv });
callback(true);
}, "Axolotl test vectors as alice", true);
// Axolotl test vectors
TEST(function(callback) {
var v = axolotlTestVectors;
storage.putEncrypted("25519KeyidentityKey", { pubKey: v.bobIdentityPub, privKey: v.bobIdentityPriv });
postNaclMessage({command: "privToPub", priv: v.bobPre0}, function(message) {
storage.putEncrypted("25519KeypreKey0", { pubKey: message.res, privKey: v.bobPre0 });
postNaclMessage({command: "privToPub", priv: v.bobPre1}, function(message) {
storage.putEncrypted("25519KeypreKey1", { pubKey: message.res, privKey: v.bobPre1 });
postNaclMessage({command: "privToPub", priv: v.bobLastResort}, function(message) {
storage.putEncrypted("25519KeypreKey16777215", { pubKey: message.res, privKey: v.bobLastResort });
var b64 = base64EncArr(new Uint8Array(v.aliceToBob));
crypto.handleIncomingPushMessageProto(IncomingPushMessageProtobuf.decode(b64), function(decrypted_message) {
callback(decrypted_message == "Hi, Bob!");
});
});
});
});
}, "Axolotl test vectors as bob", true);
window.setInterval(function() {
for (var i = 0; i < maxTestId; i++) {
if (testsOutstanding[i] !== undefined) {
testsdiv.append('<p style="color: red;">' + testsOutstanding[i] + ' timed out</p>');
if (exclusiveRunning == i) {
testsdiv.append('<p style="color: red;">WARNING: exclusive test left running, further results may be unreliable.</p>');
delete exclusiveTestsWaiting[i];
}
}
delete testsOutstanding[i];
}
startNextExclusiveTest();
localStorage.clear();
}, 1000);
}, 250);
});

Write Preview
Loading…
Cancel
Save