Add identity checks to encrypt/decrypt
WhisperSystems/libsignal-protocol-java@6935c70081
This commit is contained in:
Scott Nonnenberg
lilia
parent
b45ace4d58
commit
2657f00c98
46
dist/libsignal-protocol.js
vendored
46
dist/libsignal-protocol.js
vendored
@ -36129,10 +36129,24 @@ SessionCipher.prototype = {
|
||||
result.set(new Uint8Array(encodedMsg), 1);
|
||||
result.set(new Uint8Array(mac, 0, 8), encodedMsg.byteLength + 1);
|
||||
|
||||
record.updateSessionState(session);
|
||||
return this.storage.storeSession(address, record.serialize()).then(function() {
|
||||
return result;
|
||||
});
|
||||
return this.storage.isTrustedIdentity(
|
||||
this.remoteAddress.getName(), util.toArrayBuffer(session.indexInfo.remoteIdentityKey), this.storage.Direction.SENDING
|
||||
).then(function(trusted) {
|
||||
if (!trusted) {
|
||||
throw new Error('Identity key changed');
|
||||
}
|
||||
}).then(function() {
|
||||
return this.storage.saveIdentity(this.remoteAddress.getName(), session.indexInfo.remoteIdentityKey).then(function(changed) {
|
||||
if (changed) {
|
||||
return record.removePreviousSessions();
|
||||
}
|
||||
});
|
||||
}.bind(this)).then(function() {
|
||||
record.updateSessionState(session);
|
||||
return this.storage.storeSession(address, record.serialize()).then(function() {
|
||||
return result;
|
||||
});
|
||||
}.bind(this));
|
||||
}.bind(this));
|
||||
}.bind(this));
|
||||
}.bind(this)).then(function(message) {
|
||||
@ -36200,10 +36214,25 @@ SessionCipher.prototype = {
|
||||
record.archiveCurrentState();
|
||||
record.promoteState(result.session);
|
||||
}
|
||||
record.updateSessionState(result.session);
|
||||
return this.storage.storeSession(address, record.serialize()).then(function() {
|
||||
return result.plaintext;
|
||||
});
|
||||
|
||||
return this.storage.isTrustedIdentity(
|
||||
this.remoteAddress.getName(), util.toArrayBuffer(result.session.indexInfo.remoteIdentityKey), this.storage.Direction.SENDING
|
||||
).then(function(trusted) {
|
||||
if (!trusted) {
|
||||
throw new Error('Identity key changed');
|
||||
}
|
||||
}).then(function() {
|
||||
return this.storage.saveIdentity(this.remoteAddress.getName(), result.session.indexInfo.remoteIdentityKey).then(function(changed) {
|
||||
if (changed) {
|
||||
return record.removePreviousSessions();
|
||||
}
|
||||
});
|
||||
}.bind(this)).then(function() {
|
||||
record.updateSessionState(result.session);
|
||||
return this.storage.storeSession(address, record.serialize()).then(function() {
|
||||
return result.plaintext;
|
||||
});
|
||||
}.bind(this));
|
||||
}.bind(this));
|
||||
}.bind(this));
|
||||
}.bind(this));
|
||||
@ -36228,6 +36257,7 @@ SessionCipher.prototype = {
|
||||
);
|
||||
}
|
||||
var builder = new SessionBuilder(this.storage, this.remoteAddress);
|
||||
// isTrustedIdentity is called within processV3, no need to call it here
|
||||
return builder.processV3(record, preKeyProto).then(function(preKeyId) {
|
||||
var session = record.getSessionByBaseKey(preKeyProto.baseKey);
|
||||
return this.doDecryptWhisperMessage(
|
||||
|
||||
@ -76,10 +76,24 @@ SessionCipher.prototype = {
|
||||
result.set(new Uint8Array(encodedMsg), 1);
|
||||
result.set(new Uint8Array(mac, 0, 8), encodedMsg.byteLength + 1);
|
||||
|
||||
record.updateSessionState(session);
|
||||
return this.storage.storeSession(address, record.serialize()).then(function() {
|
||||
return result;
|
||||
});
|
||||
return this.storage.isTrustedIdentity(
|
||||
this.remoteAddress.getName(), util.toArrayBuffer(session.indexInfo.remoteIdentityKey), this.storage.Direction.SENDING
|
||||
).then(function(trusted) {
|
||||
if (!trusted) {
|
||||
throw new Error('Identity key changed');
|
||||
}
|
||||
}).then(function() {
|
||||
return this.storage.saveIdentity(this.remoteAddress.getName(), session.indexInfo.remoteIdentityKey).then(function(changed) {
|
||||
if (changed) {
|
||||
return record.removePreviousSessions();
|
||||
}
|
||||
});
|
||||
}.bind(this)).then(function() {
|
||||
record.updateSessionState(session);
|
||||
return this.storage.storeSession(address, record.serialize()).then(function() {
|
||||
return result;
|
||||
});
|
||||
}.bind(this));
|
||||
}.bind(this));
|
||||
}.bind(this));
|
||||
}.bind(this)).then(function(message) {
|
||||
@ -147,10 +161,25 @@ SessionCipher.prototype = {
|
||||
record.archiveCurrentState();
|
||||
record.promoteState(result.session);
|
||||
}
|
||||
record.updateSessionState(result.session);
|
||||
return this.storage.storeSession(address, record.serialize()).then(function() {
|
||||
return result.plaintext;
|
||||
});
|
||||
|
||||
return this.storage.isTrustedIdentity(
|
||||
this.remoteAddress.getName(), util.toArrayBuffer(result.session.indexInfo.remoteIdentityKey), this.storage.Direction.SENDING
|
||||
).then(function(trusted) {
|
||||
if (!trusted) {
|
||||
throw new Error('Identity key changed');
|
||||
}
|
||||
}).then(function() {
|
||||
return this.storage.saveIdentity(this.remoteAddress.getName(), result.session.indexInfo.remoteIdentityKey).then(function(changed) {
|
||||
if (changed) {
|
||||
return record.removePreviousSessions();
|
||||
}
|
||||
});
|
||||
}.bind(this)).then(function() {
|
||||
record.updateSessionState(result.session);
|
||||
return this.storage.storeSession(address, record.serialize()).then(function() {
|
||||
return result.plaintext;
|
||||
});
|
||||
}.bind(this));
|
||||
}.bind(this));
|
||||
}.bind(this));
|
||||
}.bind(this));
|
||||
@ -175,6 +204,7 @@ SessionCipher.prototype = {
|
||||
);
|
||||
}
|
||||
var builder = new SessionBuilder(this.storage, this.remoteAddress);
|
||||
// isTrustedIdentity is called within processV3, no need to call it here
|
||||
return builder.processV3(record, preKeyProto).then(function(preKeyId) {
|
||||
var session = record.getSessionByBaseKey(preKeyProto.baseKey);
|
||||
return this.doDecryptWhisperMessage(
|
||||
|
||||
Loading…
Reference in New Issue
Block a user