-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathAxolotl.js
255 lines (233 loc) · 9.49 KB
/
Axolotl.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
/**
* Copyright (C) 2015 Joe Bandenburg
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published
* by the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
import SessionFactory from "./SessionFactory";
import SessionCipher from "./SessionCipher";
import {InvalidMessageException} from "./Exceptions";
import Store from "./Store";
import Crypto from "./Crypto";
import co from "co";
import axolotlCrypto from "axolotl-crypto";
/**
* A public/private key pair
* @typedef {object} KeyPair
* @property {ArrayBuffer} public - the public key bytes
* @property {ArrayBuffer} private - the private key bytes
*/
/**
* @typedef {object} PreKey
* @property {number} id - a 16-bit identifier for the signed pre key
* @property {KeyPair} keyPair - a key pair
*/
/**
* A {@link KeyPair} with a signature.
* @typedef {object} SignedPreKey
* @property {number} id - a 16-bit identifier for the signed pre key
* @property {KeyPair} keyPair - a key pair
* @property {ArrayBuffer} signature - a signature for the key pair
*/
/**
* A service providing cryptographic primitives. See the README for details on the methods.
* @typedef {object} Crypto
* @property {function} generateKeyPair
* @property {function} calculateAgreement
* @property {function} randomBytes
* @property {function} sign
* @property {function} verifySignature
* @property {function} hmac
* @property {function} encrypt
* @property {function} decrypt
*/
/**
* A service providing various storage facilities. See the README for details on the methods.
* @typedef {object} Store
* @property {function} getLocalIdentityKeyPair
* @property {function} getLocalRegistrationId
* @property {function} getLocalSignedPreKeyPair
* @property {function} getLocalPreKeyPair
* @property {function} getRemotePreKeyBundle
* @property {function} isRemoteIdentityTrusted
* @property {function} hasSession
* @property {function} getSession
* @property {function} putSession
*/
/**
* An unique identifier for a remote entity. Clients are free to use whatever they wish for this.
* @typedef {*} Identity
*/
/**
* A single Axolotl instance may be used to encrypt/decrypt messages to/from many remote entities.
* <p>
* Clients must implement and supply both the crypto and store services, which are required by Axolotl to function.
*
* @param {Crypto} crypto - cryptographic service
* @param {Store} store - storage service
* @constructor
*/
function Axolotl(crypto, store) {
var self = this;
var wrappedStore = new Store(store);
var wrappedCrypto = new Crypto(crypto);
var sessionFactory = new SessionFactory(wrappedCrypto, wrappedStore);
var sessionCipher = new SessionCipher(wrappedCrypto);
/**
* Generate an identity key pair. Clients should only do this once, at install time.
*
* @method
* @return {Promise.<KeyPair, Error>} generated key pair.
*/
this.generateIdentityKeyPair = () => wrappedCrypto.generateKeyPair();
/**
* Generate a registration ID. Clients should only do this once, at install time.
*
* @method
* @param {boolean} extendedRange - By default (false), the generated registration
* ID is sized to require the minimal possible protobuf
* encoding overhead. Specify true if the caller needs
* the full range of MAX_INT at the cost of slightly
* higher encoding overhead.
* @return {number} generated registration ID.
*/
this.generateRegistrationId = co.wrap(function*(extendedRange) {
var upperLimit = (extendedRange) ? 0x7ffffffe : 0x3ffc;
var bytes = yield wrappedCrypto.randomBytes(4);
var number = new Uint32Array(bytes)[0];
// TODO: Mod is a bad way to do this. Makes lower values more likely.
return (number % upperLimit) + 1;
});
/**
* Generate a list of PreKeys. Clients should do this at install time, and
* subsequently any time the list of PreKeys stored on the server runs low.
* <p>
* PreKey IDs are 16-bit numbers, so they will eventually be repeated. Clients should
* store PreKeys in a circular buffer, so that they are repeated as infrequently
* as possible.
*
* @method
* @param {number} start - The starting PreKey ID, inclusive.
* @param {number} count - The number of PreKeys to generate.
* @return {Promise.<Array.<PreKey>, Error>} the list of generated PreKeyRecords.
*/
this.generatePreKeys = co.wrap(function*(start, count) {
var results = [];
start--;
for (var i = 0; i < count; i++) {
results.push({
id: ((start + i) % 0xfffffe) + 1,
keyPair: yield wrappedCrypto.generateKeyPair()
});
}
return results;
});
/**
* Generate the last resort PreKey. Clients should do this only once, at install
* time, and durably store it for the length of the install.
*
* @method
* @return {Promise.<PreKey, Error>} the generated last resort PreKeyRecord.
*/
this.generateLastResortPreKey = co.wrap(function*() {
return {
id: 0xffffff,
keyPair: yield wrappedCrypto.generateKeyPair()
};
});
/**
* Generate a signed PreKey
*
* @method
* @param {KeyPair} identityKeyPair - The local client's identity key pair.
* @param {number} signedPreKeyId - The PreKey id to assign the generated signed PreKey
* @return {SignedPreKey} the generated signed PreKey
*/
this.generateSignedPreKey = co.wrap(function*(identityKeyPair, signedPreKeyId) {
var keyPair = yield wrappedCrypto.generateKeyPair();
var signature = yield wrappedCrypto.sign(identityKeyPair.private, keyPair.public);
return {
id: signedPreKeyId,
keyPair: keyPair,
signature: signature
};
});
/**
* @typedef {Object} PreKeyBundle
* @property {ArrayBuffer} identityKey - The remote identity's public key.
* @property {Number} preKeyId - The identifier of the pre-key included in this bundle.
* @property {ArrayBuffer} preKey - The public half of the pre-key.
* @property {Number} signedPreKeyId - The identifier of the signed pre-key included in this bundle.
* @property {ArrayBuffer} signedPreKey - The public half of the signed pre-key.
* @property {ArrayBuffer} signedPreKeySignature - The signature associated with the `signedPreKey`
*/
/**
* Create a session from a pre-key bundle, probably retrieved from a server.
* @method
* @type {PreKeyBundle} a pre-key bundle
* @returns {Promise.<Session, Error>}
*/
this.createSessionFromPreKeyBundle = sessionFactory.createSessionFromPreKeyBundle;
/**
* Encrypt a message using the session.
* <p>
* If this method succeeds, the passed in session should be destroyed. This method must never be called with
* that session again.
*
* @method
* @param {Session} session
* @param {ArrayBuffer} message - the message bytes to be encrypted (optionally padded)
* @return {Promise.<Object, Error>} an object containing the encrypted message bytes as well as a new session
*/
this.encryptMessage = sessionCipher.encryptMessage;
/**
* Decrypt a WhisperMessage using session.
* <p>
* If this method succeeds, the passed in session should be destroyed. This method must never be called with
* that session again.
*
* @method
* @param {Session} session
* @param {ArrayBuffer} whisperMessageBytes - the encrypted message bytes
* @returns {Promise.<Object, InvalidMessageException>} an object containing the decrypted message and a new session
*/
this.decryptWhisperMessage = sessionCipher.decryptWhisperMessage;
/**
* Unwrap the WhisperMessage from a PreKeyWhisperMessage and attempt to decrypt it using session. If a session does
* not already exist, it will be created.
*
* @method
* @param {Session} session - a session, if one exists, or null otherwise.
* @param {ArrayBuffer} preKeyWhisperMessageBytes - the encrypted message bytes
* @returns {Promise.<Object, InvalidMessageException>} an object containing the decrypted message and a new session
*/
this.decryptPreKeyWhisperMessage = co.wrap(function*(session, preKeyWhisperMessageBytes) {
var {
session: newSession,
identityKey,
registrationId
} = yield sessionFactory.createSessionFromPreKeyWhisperMessage(session, preKeyWhisperMessageBytes);
var {
session: finalSession,
message
} = yield sessionCipher.decryptPreKeyWhisperMessage(newSession, preKeyWhisperMessageBytes);
return {
message: message,
session: finalSession,
identityKey: identityKey,
registrationId: registrationId
};
});
Object.freeze(self);
}
export default Axolotl;