cwtch/model/group.go

package model

import (
	"crypto/rand"
	"cwtch.im/cwtch/protocol"
	"errors"
	"fmt"
	"git.openprivacy.ca/openprivacy/libricochet-go/utils"
	"github.com/golang/protobuf/proto"
	"golang.org/x/crypto/nacl/secretbox"
	"io"
	"log"
	"sync"
	"time"
)

// Group defines and encapsulates Cwtch's conception of group chat. Which are sessions
// tied to a server under a given group key. Each group has a set of messages.
type Group struct {
	GroupID        string
	SignedGroupID  []byte
	GroupKey       [32]byte
	GroupServer    string
	Timeline       Timeline
	Accepted       bool
	Owner          string
	IsCompromised  bool
	InitialMessage []byte
	Attributes     map[string]string
	lock           sync.Mutex
	NewMessage     chan Message `json:"-"`
}

// NewGroup initializes a new group associated with a given CwtchServer
func NewGroup(server string) (*Group, error) {
	group := new(Group)
	group.GroupServer = server

	var groupID [16]byte
	if _, err := io.ReadFull(rand.Reader, groupID[:]); err != nil {
		log.Printf("Error: Cannot read from random: %v\n", err)
		return nil, err
	}
	group.GroupID = fmt.Sprintf("%x", groupID)

	var groupKey [32]byte
	if _, err := io.ReadFull(rand.Reader, groupKey[:]); err != nil {
		log.Printf("Error: Cannot read from random: %v\n", err)
		return nil, err
	}
	copy(group.GroupKey[:], groupKey[:])
	group.Owner = "self"
	group.Attributes = make(map[string]string)
	return group, nil
}

// SignGroup adds a signature to the group.
func (g *Group) SignGroup(signature []byte) {
	g.SignedGroupID = signature
	copy(g.Timeline.SignedGroupID[:], g.SignedGroupID)
}

// Compromised should be called if we detect a a groupkey leak.
func (g *Group) Compromised() {
	g.IsCompromised = true
}

// GetInitialMessage returns the first message of the group, if one was sent with the invite.
func (g *Group) GetInitialMessage() []byte {
	g.lock.Lock()
	defer g.lock.Unlock()
	return g.InitialMessage
}

// Invite generates a invitation that can be sent to a cwtch peer
func (g *Group) Invite(initialMessage []byte) ([]byte, error) {

	if g.SignedGroupID == nil {
		return nil, errors.New("group isn't signed")
	}

	g.InitialMessage = initialMessage[:]

	gci := &protocol.GroupChatInvite{
		GroupName:      g.GroupID,
		GroupSharedKey: g.GroupKey[:],
		ServerHost:     g.GroupServer,
		SignedGroupId:  g.SignedGroupID[:],
		InitialMessage: initialMessage[:],
	}

	cp := &protocol.CwtchPeerPacket{
		GroupChatInvite: gci,
	}
	invite, err := proto.Marshal(cp)
	return invite, err
}

// AddMessage takes a DecryptedGroupMessage and adds it to the Groups Timeline
func (g *Group) AddMessage(message *protocol.DecryptedGroupMessage, sig []byte) *Message {
	g.lock.Lock()
	timelineMessage := &Message{
		Message:            message.GetText(),
		Timestamp:          time.Unix(int64(message.GetTimestamp()), 0),
		Received:           time.Now(),
		Signature:          sig,
		PeerID:             message.GetOnion(),
		PreviousMessageSig: message.GetPreviousMessageSig(),
	}
	seen := g.Timeline.Insert(timelineMessage)
	g.lock.Unlock()

	// Send a new Message notification if we have an app that is listening.
	if g.NewMessage != nil && !seen {
		g.NewMessage <- *timelineMessage
	}
	return timelineMessage
}

// GetTimeline provides a safe copy of the timeline-=
func (g *Group) GetTimeline() (t []Message) {
	g.lock.Lock()
	t = g.Timeline.GetMessages()
	g.lock.Unlock()
	return

}

//EncryptMessage takes a message and encrypts the message under the group key.
func (g *Group) EncryptMessage(message *protocol.DecryptedGroupMessage) ([]byte, error) {
	var nonce [24]byte
	if _, err := io.ReadFull(rand.Reader, nonce[:]); err != nil {
		log.Printf("Error: Cannot read from random: %v\n", err)
		return nil, err
	}
	wire, err := proto.Marshal(message)
	utils.CheckError(err)
	encrypted := secretbox.Seal(nonce[:], []byte(wire), &nonce, &g.GroupKey)
	return encrypted, nil
}

// DecryptMessage takes a ciphertext and returns true and the decrypted message if the
// cipher text can be successfully decrypted,else false.
func (g *Group) DecryptMessage(ciphertext []byte) (bool, *protocol.DecryptedGroupMessage) {
	var decryptNonce [24]byte
	copy(decryptNonce[:], ciphertext[:24])
	decrypted, ok := secretbox.Open(nil, ciphertext[24:], &decryptNonce, &g.GroupKey)
	if ok {
		dm := &protocol.DecryptedGroupMessage{}
		err := proto.Unmarshal(decrypted, dm)
		if err == nil {
			return true, dm
		}
	}
	return false, nil
}

// SetAttribute allows applications to store arbitrary configuration info at the group level.
func (g *Group) SetAttribute(name string, value string) {
	g.lock.Lock()
	defer g.lock.Unlock()
	g.Attributes[name] = value
}

// GetAttribute returns the value of a value set with SetAttribute. If no such value has been set exists is set to false.
func (g *Group) GetAttribute(name string) (value string, exists bool) {
	g.lock.Lock()
	defer g.lock.Unlock()
	value, exists = g.Attributes[name]
	return
}
Squah commit 2018-03-09 20:44:13 +00:00			`package model`

			`import (`
			`"crypto/rand"`
Renaming to cwtch.im 2018-05-28 18:05:06 +00:00			`"cwtch.im/cwtch/protocol"`
fmt 2018-05-16 20:20:46 +00:00			`"errors"`
Squah commit 2018-03-09 20:44:13 +00:00			`"fmt"`
rename go-ricochet to libricochet-go 2018-06-23 16:15:36 +00:00			`"git.openprivacy.ca/openprivacy/libricochet-go/utils"`
Formatting & Adding to Quality 2018-06-29 19:20:07 +00:00			`"github.com/golang/protobuf/proto"`
Lots of peerand serverstuff 2018-03-30 21:16:51 +00:00			`"golang.org/x/crypto/nacl/secretbox"`
			`"io"`
removing panics and reorder invite-to-group args 2018-09-27 00:08:54 +00:00			`"log"`
Adding sync around timeline, adding hooks for latency checks 2018-05-06 04:18:00 +00:00			`"sync"`
Fixing some race conditions, adding more error checking 2018-05-09 19:09:00 +00:00			`"time"`
Squah commit 2018-03-09 20:44:13 +00:00			`)`

Adding V3 Onions to Cwtch! 2018-10-05 03:18:34 +00:00			`// Group defines and encapsulates Cwtch's conception of group chat. Which are sessions`
fixing go lint issues 2018-03-15 16:33:26 +00:00			`// tied to a server under a given group key. Each group has a set of messages.`
Squah commit 2018-03-09 20:44:13 +00:00			`type Group struct {`
Fixing #118 - Adding an initial message to group setup 2018-09-21 18:02:46 +00:00			`GroupID string`
			`SignedGroupID []byte`
			`GroupKey [32]byte`
			`GroupServer string`
			`Timeline Timeline`
			`Accepted bool`
			`Owner string`
			`IsCompromised bool`
			`InitialMessage []byte`
Adding Attributes to Groups 2018-11-02 23:43:40 +00:00			`Attributes map[string]string`
Fixing #118 - Adding an initial message to group setup 2018-09-21 18:02:46 +00:00			`lock sync.Mutex`
Adding V3 Onions to Cwtch! 2018-10-05 03:18:34 +00:00			NewMessage chan Message `json:"-"`
Squah commit 2018-03-09 20:44:13 +00:00			`}`

fixing go lint issues 2018-03-15 16:33:26 +00:00			`// NewGroup initializes a new group associated with a given CwtchServer`
removing panics and reorder invite-to-group args 2018-09-27 00:08:54 +00:00			`func NewGroup(server string) (*Group, error) {`
Squah commit 2018-03-09 20:44:13 +00:00			`group := new(Group)`
			`group.GroupServer = server`

			`var groupID [16]byte`
			`if _, err := io.ReadFull(rand.Reader, groupID[:]); err != nil {`
removing panics and reorder invite-to-group args 2018-09-27 00:08:54 +00:00			`log.Printf("Error: Cannot read from random: %v\n", err)`
			`return nil, err`
Squah commit 2018-03-09 20:44:13 +00:00			`}`
			`group.GroupID = fmt.Sprintf("%x", groupID)`

			`var groupKey [32]byte`
			`if _, err := io.ReadFull(rand.Reader, groupKey[:]); err != nil {`
removing panics and reorder invite-to-group args 2018-09-27 00:08:54 +00:00			`log.Printf("Error: Cannot read from random: %v\n", err)`
			`return nil, err`
Squah commit 2018-03-09 20:44:13 +00:00			`}`
			`copy(group.GroupKey[:], groupKey[:])`
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`group.Owner = "self"`
Adding Attributes to Groups 2018-11-02 23:43:40 +00:00			`group.Attributes = make(map[string]string)`
removing panics and reorder invite-to-group args 2018-09-27 00:08:54 +00:00			`return group, nil`
Squah commit 2018-03-09 20:44:13 +00:00			`}`

Surfacing some error codes 2018-05-16 20:18:47 +00:00			`// SignGroup adds a signature to the group.`
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`func (g *Group) SignGroup(signature []byte) {`
			`g.SignedGroupID = signature`
comments and variable renames to fully pass golint 2018-06-15 16:21:07 +00:00			`copy(g.Timeline.SignedGroupID[:], g.SignedGroupID)`
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`}`

Implementing groupkey leak detection 2018-05-20 18:38:56 +00:00			`// Compromised should be called if we detect a a groupkey leak.`
			`func (g *Group) Compromised() {`
			`g.IsCompromised = true`
			`}`

Fixing #118 - Adding an initial message to group setup 2018-09-21 18:02:46 +00:00			`// GetInitialMessage returns the first message of the group, if one was sent with the invite.`
			`func (g *Group) GetInitialMessage() []byte {`
			`g.lock.Lock()`
			`defer g.lock.Unlock()`
			`return g.InitialMessage`
			`}`

Surfacing some error codes 2018-05-16 20:18:47 +00:00			`// Invite generates a invitation that can be sent to a cwtch peer`
Fixing #118 - Adding an initial message to group setup 2018-09-21 18:02:46 +00:00			`func (g *Group) Invite(initialMessage []byte) ([]byte, error) {`
Surfacing some error codes 2018-05-16 20:18:47 +00:00
			`if g.SignedGroupID == nil {`
			`return nil, errors.New("group isn't signed")`
			`}`

Fixing #118 - Adding an initial message to group setup 2018-09-21 18:02:46 +00:00			`g.InitialMessage = initialMessage[:]`

Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`gci := &protocol.GroupChatInvite{`
			`GroupName: g.GroupID,`
			`GroupSharedKey: g.GroupKey[:],`
			`ServerHost: g.GroupServer,`
Lots of peerand serverstuff 2018-03-30 21:16:51 +00:00			`SignedGroupId: g.SignedGroupID[:],`
Fixing #118 - Adding an initial message to group setup 2018-09-21 18:02:46 +00:00			`InitialMessage: initialMessage[:],`
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`}`
Replacing code with proper Sort, fixing test 2018-04-28 17:52:59 +00:00
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`cp := &protocol.CwtchPeerPacket{`
			`GroupChatInvite: gci,`
			`}`
			`invite, err := proto.Marshal(cp)`
Surfacing some error codes 2018-05-16 20:18:47 +00:00			`return invite, err`
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`}`

Surfacing some error codes 2018-05-16 20:18:47 +00:00			`// AddMessage takes a DecryptedGroupMessage and adds it to the Groups Timeline`
Adding V3 Onions to Cwtch! 2018-10-05 03:18:34 +00:00			`func (g Group) AddMessage(message protocol.DecryptedGroupMessage, sig []byte) *Message {`
Adding sync around timeline, adding hooks for latency checks 2018-05-06 04:18:00 +00:00			`g.lock.Lock()`
Massive clean up 2018-03-31 19:33:32 +00:00			`timelineMessage := &Message{`
Fixing up messaging to use a proper ordering of messages based on timeline and previous hash. This isn't perfect, but under normal conditions should prevent malicous server reordering. Still need a second order function 2018-04-02 21:10:29 +00:00			`Message: message.GetText(),`
			`Timestamp: time.Unix(int64(message.GetTimestamp()), 0),`
Fixing some race conditions, adding more error checking 2018-05-09 19:09:00 +00:00			`Received: time.Now(),`
Actually implementing correct signature construction 2018-06-22 18:11:23 +00:00			`Signature: sig,`
Fixing up messaging to use a proper ordering of messages based on timeline and previous hash. This isn't perfect, but under normal conditions should prevent malicous server reordering. Still need a second order function 2018-04-02 21:10:29 +00:00			`PeerID: message.GetOnion(),`
			`PreviousMessageSig: message.GetPreviousMessageSig(),`
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`}`
Adding V3 Onions to Cwtch! 2018-10-05 03:18:34 +00:00			`seen := g.Timeline.Insert(timelineMessage)`
Adding sync around timeline, adding hooks for latency checks 2018-05-06 04:18:00 +00:00			`g.lock.Unlock()`
Adding V3 Onions to Cwtch! 2018-10-05 03:18:34 +00:00
			`// Send a new Message notification if we have an app that is listening.`
			`if g.NewMessage != nil && !seen {`
			`g.NewMessage <- *timelineMessage`
			`}`
Massive clean up 2018-03-31 19:33:32 +00:00			`return timelineMessage`
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`}`

Adding padding and length stuff 2018-05-28 17:44:47 +00:00			`// GetTimeline provides a safe copy of the timeline-=`
Fixing go vet issues 2018-05-20 18:29:46 +00:00			`func (g *Group) GetTimeline() (t []Message) {`
Adding sync around timeline, adding hooks for latency checks 2018-05-06 04:18:00 +00:00			`g.lock.Lock()`
Fixing go vet issues 2018-05-20 18:29:46 +00:00			`t = g.Timeline.GetMessages()`
Adding sync around timeline, adding hooks for latency checks 2018-05-06 04:18:00 +00:00			`g.lock.Unlock()`
			`return`
Squah commit 2018-03-09 20:44:13 +00:00
			`}`

fixing go lint issues 2018-03-15 16:33:26 +00:00			`//EncryptMessage takes a message and encrypts the message under the group key.`
removing panics and reorder invite-to-group args 2018-09-27 00:08:54 +00:00			`func (g Group) EncryptMessage(message protocol.DecryptedGroupMessage) ([]byte, error) {`
Squah commit 2018-03-09 20:44:13 +00:00			`var nonce [24]byte`
			`if _, err := io.ReadFull(rand.Reader, nonce[:]); err != nil {`
removing panics and reorder invite-to-group args 2018-09-27 00:08:54 +00:00			`log.Printf("Error: Cannot read from random: %v\n", err)`
			`return nil, err`
Squah commit 2018-03-09 20:44:13 +00:00			`}`
Lots of peerand serverstuff 2018-03-30 21:16:51 +00:00			`wire, err := proto.Marshal(message)`
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`utils.CheckError(err)`
			`encrypted := secretbox.Seal(nonce[:], []byte(wire), &nonce, &g.GroupKey)`
removing panics and reorder invite-to-group args 2018-09-27 00:08:54 +00:00			`return encrypted, nil`
Squah commit 2018-03-09 20:44:13 +00:00			`}`

fixing go lint issues 2018-03-15 16:33:26 +00:00			`// DecryptMessage takes a ciphertext and returns true and the decrypted message if the`
			`// cipher text can be successfully decrypted,else false.`
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`func (g Group) DecryptMessage(ciphertext []byte) (bool, protocol.DecryptedGroupMessage) {`
Squah commit 2018-03-09 20:44:13 +00:00			`var decryptNonce [24]byte`
			`copy(decryptNonce[:], ciphertext[:24])`
			`decrypted, ok := secretbox.Open(nil, ciphertext[24:], &decryptNonce, &g.GroupKey)`
			`if ok {`
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`dm := &protocol.DecryptedGroupMessage{}`
			`err := proto.Unmarshal(decrypted, dm)`
			`if err == nil {`
			`return true, dm`
			`}`
Squah commit 2018-03-09 20:44:13 +00:00			`}`
Introducing fix for group owner impersonation bug 2018-03-15 20:53:22 +00:00			`return false, nil`
Squah commit 2018-03-09 20:44:13 +00:00			`}`
Adding Attributes to Groups 2018-11-02 23:43:40 +00:00
			`// SetAttribute allows applications to store arbitrary configuration info at the group level.`
			`func (g *Group) SetAttribute(name string, value string) {`
			`g.lock.Lock()`
			`defer g.lock.Unlock()`
			`g.Attributes[name] = value`
			`}`

			`// GetAttribute returns the value of a value set with SetAttribute. If no such value has been set exists is set to false.`
			`func (g *Group) GetAttribute(name string) (value string, exists bool) {`
			`g.lock.Lock()`
			`defer g.lock.Unlock()`
			`value, exists = g.Attributes[name]`
			`return`
			`}`