package peer import ( "crypto/rand" "cwtch.im/cwtch/model/constants" "cwtch.im/cwtch/protocol/groups" "encoding/base64" "encoding/hex" "encoding/json" "errors" "fmt" "git.openprivacy.ca/cwtch.im/tapir/primitives" "git.openprivacy.ca/openprivacy/connectivity" "git.openprivacy.ca/openprivacy/connectivity/tor" "golang.org/x/crypto/ed25519" "io/ioutil" "math/bits" path "path/filepath" "runtime" "strconv" "strings" "sync" "time" "cwtch.im/cwtch/event" "cwtch.im/cwtch/model" "cwtch.im/cwtch/model/attr" "cwtch.im/cwtch/protocol/connections" "cwtch.im/cwtch/protocol/files" "git.openprivacy.ca/openprivacy/log" ) const lastKnownSignature = "LastKnowSignature" const lastReceivedSignature = "LastReceivedSignature" var autoHandleableEvents = map[event.Type]bool{event.EncryptedGroupMessage: true, event.PeerStateChange: true, event.ServerStateChange: true, event.NewGroupInvite: true, event.NewMessageFromPeerEngine: true, event.PeerAcknowledgement: true, event.PeerError: true, event.SendMessageToPeerError: true, event.SendMessageToGroupError: true, event.NewGetValMessageFromPeer: true, event.NewRetValMessageFromPeer: true, event.ProtocolEngineStopped: true, event.RetryServerRequest: true, event.ManifestSizeReceived: true, event.ManifestReceived: true, event.FileDownloaded: true} // DefaultEventsToHandle specifies which events will be subscribed to // when a peer has its Init() function called var DefaultEventsToHandle = []event.Type{ event.EncryptedGroupMessage, event.NewMessageFromPeerEngine, event.PeerAcknowledgement, event.NewGroupInvite, event.PeerError, event.SendMessageToGroupError, event.NewGetValMessageFromPeer, event.ProtocolEngineStopped, event.RetryServerRequest, event.PeerStateChange, event.ServerStateChange, event.SendMessageToPeerError, event.NewRetValMessageFromPeer, event.ManifestReceived, event.FileDownloaded, } // cwtchPeer manages incoming and outgoing connections and all processing for a Cwtch cwtchPeer type cwtchPeer struct { mutex sync.Mutex shutdown bool listenStatus bool storage *CwtchProfileStorage state map[string]connections.ConnectionState queue event.Queue eventBus event.Manager } func (cp *cwtchPeer) Export(file string) error { cp.mutex.Lock() defer cp.mutex.Unlock() return cp.storage.Export(file) } func (cp *cwtchPeer) Delete() { cp.mutex.Lock() defer cp.mutex.Unlock() cp.storage.Delete() } func (cp *cwtchPeer) CheckPassword(password string) bool { cp.mutex.Lock() defer cp.mutex.Unlock() db, err := openEncryptedDatabase(cp.storage.ProfileDirectory, password, false) if db == nil || err != nil { return false } db.Close() return true } func (cp *cwtchPeer) ChangePassword(password string, newpassword string, newpasswordAgain string) error { cp.mutex.Lock() defer cp.mutex.Unlock() db, err := openEncryptedDatabase(cp.storage.ProfileDirectory, password, false) if db == nil || err != nil { return errors.New(constants.InvalidPasswordError) } cps, err := NewCwtchProfileStorage(db, cp.storage.ProfileDirectory) if err != nil { return errors.New(constants.InvalidPasswordError) } cps.Close() salt, err := ioutil.ReadFile(path.Join(cp.storage.ProfileDirectory, saltFile)) if err != nil { return err } // probably redundant but we like api safety if newpassword == newpasswordAgain { rekey := createKey(newpassword, salt) log.Infof("rekeying database...") return cp.storage.Rekey(rekey) } return errors.New(constants.PasswordsDoNotMatchError) } // GenerateProtocolEngine // Status: New in 1.5 func (cp *cwtchPeer) GenerateProtocolEngine(acn connectivity.ACN, bus event.Manager) (connections.Engine, error) { cp.mutex.Lock() defer cp.mutex.Unlock() conversations, _ := cp.storage.FetchConversations() authorizations := make(map[string]model.Authorization) for _, conversation := range conversations { if tor.IsValidHostname(conversation.Handle) { if conversation.ACL[conversation.Handle].Blocked { authorizations[conversation.Handle] = model.AuthBlocked } else { authorizations[conversation.Handle] = model.AuthApproved } } } privateKey, err := cp.storage.LoadProfileKeyValue(TypePrivateKey, "Ed25519PrivateKey") if err != nil { log.Errorf("error loading private key from storage") return nil, err } publicKey, err := cp.storage.LoadProfileKeyValue(TypePublicKey, "Ed25519PublicKey") if err != nil { log.Errorf("error loading public key from storage") return nil, err } identity := primitives.InitializeIdentity("", (*ed25519.PrivateKey)(&privateKey), (*ed25519.PublicKey)(&publicKey)) return connections.NewProtocolEngine(identity, privateKey, acn, bus, authorizations), nil } // SendScopedZonedGetValToContact // Status: No change in 1.5 func (cp *cwtchPeer) SendScopedZonedGetValToContact(conversationID int, scope attr.Scope, zone attr.Zone, path string) { ci, err := cp.GetConversationInfo(conversationID) if err == nil { ev := event.NewEventList(event.SendGetValMessageToPeer, event.RemotePeer, ci.Handle, event.Scope, string(scope), event.Path, string(zone.ConstructZonedPath(path))) cp.eventBus.Publish(ev) } else { log.Errorf("Error sending scoped zone to contact %v %v", conversationID, err) } } // GetScopedZonedAttribute // Status: Ready for 1.5 func (cp *cwtchPeer) GetScopedZonedAttribute(scope attr.Scope, zone attr.Zone, key string) (string, bool) { cp.mutex.Lock() defer cp.mutex.Unlock() scopedZonedKey := scope.ConstructScopedZonedPath(zone.ConstructZonedPath(key)) value, err := cp.storage.LoadProfileKeyValue(TypeAttribute, scopedZonedKey.ToString()) if err != nil { return "", false } return string(value), true } // GetScopedZonedAttributes finds all keys associated with the given scope and zone func (cp *cwtchPeer) GetScopedZonedAttributeKeys(scope attr.Scope, zone attr.Zone) ([]string, error) { cp.mutex.Lock() defer cp.mutex.Unlock() scopedZonedKey := scope.ConstructScopedZonedPath(zone.ConstructZonedPath("")) keys, err := cp.storage.FindProfileKeysByPrefix(TypeAttribute, scopedZonedKey.ToString()) if err != nil { return nil, err } return keys, nil } // SetScopedZonedAttribute func (cp *cwtchPeer) SetScopedZonedAttribute(scope attr.Scope, zone attr.Zone, key string, value string) { cp.mutex.Lock() defer cp.mutex.Unlock() scopedZonedKey := scope.ConstructScopedZonedPath(zone.ConstructZonedPath(key)) err := cp.storage.StoreProfileKeyValue(TypeAttribute, scopedZonedKey.ToString(), []byte(value)) if err != nil { log.Errorf("error setting attribute %v") return } // We always want to publish profile level attributes to the ui // This should be low traffic. if cp.eventBus != nil { cp.eventBus.Publish(event.NewEvent(event.UpdatedProfileAttribute, map[event.Field]string{event.Key: scopedZonedKey.ToString(), event.Data: value})) } } // SendMessage is a higher level that merges sending messages to contacts and group handles // If you try to send a message to a handle that doesn't exist, malformed or an incorrect type then // this function will error func (cp *cwtchPeer) SendMessage(conversation int, message string) (int, error) { cp.mutex.Lock() defer cp.mutex.Unlock() // We assume we are sending to a Contact. conversationInfo, err := cp.storage.GetConversation(conversation) // If the contact exists replace the event id with the index of this message in the contacts timeline... // Otherwise assume we don't log the message in the timeline... if conversationInfo != nil && err == nil { if tor.IsValidHostname(conversationInfo.Handle) { ev := event.NewEvent(event.SendMessageToPeer, map[event.Field]string{event.ConversationID: strconv.Itoa(conversationInfo.ID), event.RemotePeer: conversationInfo.Handle, event.Data: message}) onion, _ := cp.storage.LoadProfileKeyValue(TypeAttribute, attr.PublicScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(constants.Onion)).ToString()) // For p2p messages we store the event id of the message as the "signature" we can then look this up in the database later for acks id, err := cp.storage.InsertMessage(conversationInfo.ID, 0, message, model.Attributes{constants.AttrAuthor: string(onion), constants.AttrAck: event.False, constants.AttrSentTimestamp: time.Now().Format(time.RFC3339Nano)}, ev.EventID, model.CalculateContentHash(string(onion), message)) if err != nil { return -1, err } cp.eventBus.Publish(ev) return id, nil } else { group, err := cp.constructGroupFromConversation(conversationInfo) if err != nil { log.Errorf("error constructing group") return -1, err } privateKey, err := cp.storage.LoadProfileKeyValue(TypePrivateKey, "Ed25519PrivateKey") if err != nil { log.Errorf("error loading private key from storage") return -1, err } publicKey, err := cp.storage.LoadProfileKeyValue(TypePublicKey, "Ed25519PublicKey") if err != nil { log.Errorf("error loading public key from storage") return -1, err } identity := primitives.InitializeIdentity("", (*ed25519.PrivateKey)(&privateKey), (*ed25519.PublicKey)(&publicKey)) latestMessage, err := cp.storage.GetMostRecentMessages(conversation, 0, 0, 1) signatureBytes, _ := hex.DecodeString(group.GroupID) signature := base64.StdEncoding.EncodeToString(signatureBytes) if len(latestMessage) > 0 && err == nil { signature = latestMessage[0].Signature } ct, sig, dm, err := model.EncryptMessageToGroup(message, identity, group, signature) if err != nil { return -1, err } // Insert the Group Message log.Debugf("sending message to group: %v", conversationInfo.ID) id, err := cp.storage.InsertMessage(conversationInfo.ID, 0, dm.Text, model.Attributes{constants.AttrAck: constants.False, "PreviousSignature": base64.StdEncoding.EncodeToString(dm.PreviousMessageSig), constants.AttrAuthor: dm.Onion, constants.AttrSentTimestamp: time.Now().Format(time.RFC3339Nano)}, base64.StdEncoding.EncodeToString(sig), model.CalculateContentHash(dm.Onion, dm.Text)) if err == nil { ev := event.NewEvent(event.SendMessageToGroup, map[event.Field]string{event.ConversationID: strconv.Itoa(conversationInfo.ID), event.GroupID: conversationInfo.Handle, event.GroupServer: group.GroupServer, event.Ciphertext: base64.StdEncoding.EncodeToString(ct), event.Signature: base64.StdEncoding.EncodeToString(sig)}) cp.eventBus.Publish(ev) return id, nil } return -1, err } } return -1, fmt.Errorf("error sending message to conversation %v", err) } // BlockUnknownConnections will auto disconnect from connections if authentication doesn't resolve a hostname // known to peer. // Status: Ready for 1.5 func (cp *cwtchPeer) BlockUnknownConnections() { cp.eventBus.Publish(event.NewEvent(event.BlockUnknownPeers, map[event.Field]string{})) } // AllowUnknownConnections will permit connections from unknown contacts. // Status: Ready for 1.5 func (cp *cwtchPeer) AllowUnknownConnections() { cp.eventBus.Publish(event.NewEvent(event.AllowUnknownPeers, map[event.Field]string{})) } // NewProfileWithEncryptedStorage instantiates a new Cwtch Profile from encrypted storage func NewProfileWithEncryptedStorage(name string, cps *CwtchProfileStorage) CwtchPeer { cp := new(cwtchPeer) cp.shutdown = false cp.storage = cps cp.queue = event.NewQueue() cp.state = make(map[string]connections.ConnectionState) pub, priv, _ := ed25519.GenerateKey(rand.Reader) // Store all the Necessary Base Attributes In The Database cp.SetScopedZonedAttribute(attr.PublicScope, attr.ProfileZone, constants.Name, name) cp.storage.StoreProfileKeyValue(TypeAttribute, attr.PublicScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(constants.Onion)).ToString(), []byte(tor.GetTorV3Hostname(pub))) cp.storage.StoreProfileKeyValue(TypePrivateKey, "Ed25519PrivateKey", priv) cp.storage.StoreProfileKeyValue(TypePublicKey, "Ed25519PublicKey", pub) return cp } // FromEncryptedStorage loads an existing Profile from Encrypted Storage func FromEncryptedStorage(cps *CwtchProfileStorage) CwtchPeer { cp := new(cwtchPeer) cp.shutdown = false cp.storage = cps cp.queue = event.NewQueue() cp.state = make(map[string]connections.ConnectionState) // At some point we may want to populate caches here, for now we will assume hitting the // database directly is tolerable // Clean up anything that wasn't cleaned up on shutdown // TODO ideally this shouldn't need to be done but the UI sometimes doesn't shut down cleanly cp.storage.PurgeNonSavedMessages() return cp } // ImportLegacyProfile generates a new peer from a profile. // Deprecated - Only to be used for importing new profiles func ImportLegacyProfile(profile *model.Profile, cps *CwtchProfileStorage) CwtchPeer { cp := new(cwtchPeer) cp.shutdown = false cp.storage = cps cp.eventBus = event.NewEventManager() cp.queue = event.NewQueue() cp.state = make(map[string]connections.ConnectionState) // Store all the Necessary Base Attributes In The Database cp.SetScopedZonedAttribute(attr.PublicScope, attr.ProfileZone, constants.Name, profile.Name) cp.storage.StoreProfileKeyValue(TypeAttribute, attr.PublicScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(constants.Onion)).ToString(), []byte(tor.GetTorV3Hostname(profile.Ed25519PublicKey))) cp.storage.StoreProfileKeyValue(TypePrivateKey, "Ed25519PrivateKey", profile.Ed25519PrivateKey) cp.storage.StoreProfileKeyValue(TypePublicKey, "Ed25519PublicKey", profile.Ed25519PublicKey) for k, v := range profile.Attributes { parts := strings.SplitN(k, ".", 2) if len(parts) == 2 { scope := attr.IntoScope(parts[0]) zone, path := attr.ParseZone(parts[1]) cp.SetScopedZonedAttribute(scope, zone, path, v) } else { log.Debugf("could not import legacy style attribute %v", k) } } for _, contact := range profile.Contacts { var conversationID int var err error if contact.Authorization == model.AuthApproved { conversationID, err = cp.NewContactConversation(contact.Onion, model.DefaultP2PAccessControl(), true) } else if contact.Authorization == model.AuthBlocked { conversationID, err = cp.NewContactConversation(contact.Onion, model.AccessControl{Blocked: true, Read: false, Append: false}, true) } else { conversationID, err = cp.NewContactConversation(contact.Onion, model.DefaultP2PAccessControl(), false) } if err == nil { for key, value := range contact.Attributes { switch key { case event.SaveHistoryKey: cp.SetConversationAttribute(conversationID, attr.LocalScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(event.SaveHistoryKey)), value) case string(model.BundleType): cp.AddServer(value) case string(model.KeyTypeTokenOnion): //ignore case string(model.KeyTypeServerOnion): // ignore case string(model.KeyTypePrivacyPass): // ignore case lastKnownSignature: cp.SetConversationAttribute(conversationID, attr.LocalScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(lastReceivedSignature)), value) default: log.Debugf("could not import conversation attribute %v", key) } } if name, exists := contact.Attributes["local.name"]; exists { cp.SetConversationAttribute(conversationID, attr.LocalScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(constants.Name)), name) } if name, exists := contact.Attributes["peer.name"]; exists { cp.SetConversationAttribute(conversationID, attr.PublicScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(constants.Name)), name) } for _, message := range contact.Timeline.GetMessages() { // By definition anything stored in legacy timelines in acknowledged attr := model.Attributes{constants.AttrAuthor: message.PeerID, constants.AttrAck: event.True, constants.AttrSentTimestamp: message.Timestamp.Format(time.RFC3339Nano)} if message.Flags&0x01 == 0x01 { attr[constants.AttrRejected] = event.True } if message.Flags&0x02 == 0x02 { attr[constants.AttrDownloaded] = event.True } cp.storage.InsertMessage(conversationID, 0, message.Message, attr, model.GenerateRandomID(), model.CalculateContentHash(message.PeerID, message.Message)) } } } for _, group := range profile.Groups { group.GroupName = group.Attributes["local.name"] invite, err := group.Invite() if err == nil { // Automatically grab all the important fields... conversationID, err := cp.ImportGroup(invite) if err == nil { for _, message := range group.Timeline.GetMessages() { // By definition anything stored in legacy timelines in acknowledged attr := model.Attributes{constants.AttrAuthor: message.PeerID, constants.AttrAck: event.True, constants.AttrSentTimestamp: message.Timestamp.Format(time.RFC3339Nano)} if message.Flags&0x01 == 0x01 { attr[constants.AttrRejected] = event.True } if message.Flags&0x02 == 0x02 { attr[constants.AttrDownloaded] = event.True } cp.storage.InsertMessage(conversationID, 0, message.Message, attr, base64.StdEncoding.EncodeToString(message.Signature), model.CalculateContentHash(message.PeerID, message.Message)) } } } } cp.eventBus.Shutdown() // We disregard all events from profile... return cp } // Init instantiates a cwtchPeer // Status: Ready for 1.5 func (cp *cwtchPeer) Init(eventBus event.Manager) { cp.InitForEvents(eventBus, DefaultEventsToHandle) // At this point we can safely assume that public.profile.name exists localName, _ := cp.GetScopedZonedAttribute(attr.LocalScope, attr.ProfileZone, constants.Name) publicName, _ := cp.GetScopedZonedAttribute(attr.PublicScope, attr.ProfileZone, constants.Name) if localName != publicName { cp.SetScopedZonedAttribute(attr.LocalScope, attr.ProfileZone, constants.Name, publicName) } } // InitForEvents // Status: Ready for 1.5 func (cp *cwtchPeer) InitForEvents(eventBus event.Manager, toBeHandled []event.Type) { go cp.eventHandler() cp.eventBus = eventBus cp.AutoHandleEvents(toBeHandled) } // AutoHandleEvents sets an event (if able) to be handled by this peer // Status: Ready for 1.5 func (cp *cwtchPeer) AutoHandleEvents(events []event.Type) { for _, ev := range events { if _, exists := autoHandleableEvents[ev]; exists { cp.eventBus.Subscribe(ev, cp.queue) } else { log.Errorf("Peer asked to autohandle event it cannot: %v\n", ev) } } } // ImportGroup initializes a group from an imported source rather than a peer invite func (cp *cwtchPeer) ImportGroup(exportedInvite string) (int, error) { gci, err := model.ValidateInvite(exportedInvite) if err != nil { return -1, err } cp.mutex.Lock() groupConversationID, err := cp.storage.NewConversation(gci.GroupID, map[string]string{}, model.AccessControlList{}, true) cp.mutex.Unlock() if err == nil { cp.SetConversationAttribute(groupConversationID, attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.GroupID)), gci.GroupID) cp.SetConversationAttribute(groupConversationID, attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.GroupServer)), gci.ServerHost) cp.SetConversationAttribute(groupConversationID, attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.GroupKey)), base64.StdEncoding.EncodeToString(gci.SharedKey)) cp.SetConversationAttribute(groupConversationID, attr.LocalScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(constants.Name)), gci.GroupName) cp.eventBus.Publish(event.NewEvent(event.NewGroup, map[event.Field]string{event.ConversationID: strconv.Itoa(groupConversationID), event.GroupServer: gci.ServerHost, event.GroupInvite: exportedInvite, event.GroupName: gci.GroupName})) cp.JoinServer(gci.ServerHost) } return groupConversationID, err } // NewContactConversation create a new p2p conversation with the given acl applied to the handle. func (cp *cwtchPeer) NewContactConversation(handle string, acl model.AccessControl, accepted bool) (int, error) { cp.mutex.Lock() defer cp.mutex.Unlock() conversationID, err := cp.storage.NewConversation(handle, model.Attributes{event.SaveHistoryKey: event.DeleteHistoryDefault}, model.AccessControlList{handle: acl}, accepted) cp.eventBus.Publish(event.NewEvent(event.ContactCreated, map[event.Field]string{event.ConversationID: strconv.Itoa(conversationID), event.RemotePeer: handle})) return conversationID, err } // AcceptConversation looks up a conversation by `handle` and sets the Accepted status to `true` // This will cause Cwtch to auto connect to this conversation on start up func (cp *cwtchPeer) AcceptConversation(id int) error { cp.mutex.Lock() defer cp.mutex.Unlock() err := cp.storage.AcceptConversation(id) if err == nil { // If a p2p conversation then attempt to peer with the onion... // Groups and Server have their own acceptance flow., ci, err := cp.storage.GetConversation(id) if err != nil { log.Errorf("Could not get conversation for %v: %v", id, err) return err } if !ci.IsGroup() && !ci.IsServer() { cp.sendUpdateAuth(id, ci.Handle, ci.Accepted, ci.ACL[ci.Handle].Blocked) cp.PeerWithOnion(ci.Handle) } } return err } // BlockConversation looks up a conversation by `handle` and sets the Blocked ACL field to `true` // This will cause Cwtch to never try to connect to and refuse connections from the peer func (cp *cwtchPeer) BlockConversation(id int) error { cp.mutex.Lock() defer cp.mutex.Unlock() ci, err := cp.storage.GetConversation(id) if err != nil { return err } // p2p conversations have a single ACL referencing the remote peer. Set this to blocked... if ac, exists := ci.ACL[ci.Handle]; exists { ac.Blocked = true ci.ACL[ci.Handle] = ac } // Send an event in any case to block the protocol engine... // TODO at some point in the future engine needs to understand ACLs not just legacy auth status cp.sendUpdateAuth(id, ci.Handle, ci.Accepted, ci.ACL[ci.Handle].Blocked) return cp.storage.SetConversationACL(id, ci.ACL) } // UnblockConversation looks up a conversation by `handle` and sets the Blocked ACL field to `true` // Further actions depend on the Accepted field func (cp *cwtchPeer) UnblockConversation(id int) error { cp.mutex.Lock() defer cp.mutex.Unlock() ci, err := cp.storage.GetConversation(id) if err != nil { return err } // p2p conversations have a single ACL referencing the remote peer. Set ACL's blocked to false... if ac, exists := ci.ACL[ci.Handle]; exists { ac.Blocked = false ci.ACL[ci.Handle] = ac } // Send an event in any case to block the protocol engine... // TODO at some point in the future engine needs to understand ACLs not just legacy auth status cp.sendUpdateAuth(id, ci.Handle, ci.Accepted, ci.ACL[ci.Handle].Blocked) if !ci.IsGroup() && !ci.IsServer() && ci.Accepted { cp.PeerWithOnion(ci.Handle) } return cp.storage.SetConversationACL(id, ci.ACL) } func (cp *cwtchPeer) sendUpdateAuth(id int, handle string, accepted bool, blocked bool) { cp.eventBus.Publish(event.NewEvent(event.UpdateConversationAuthorization, map[event.Field]string{event.ConversationID: strconv.Itoa(id), event.RemotePeer: handle, event.Accepted: strconv.FormatBool(accepted), event.Blocked: strconv.FormatBool(blocked)})) } func (cp *cwtchPeer) FetchConversations() ([]*model.Conversation, error) { cp.mutex.Lock() defer cp.mutex.Unlock() return cp.storage.FetchConversations() } func (cp *cwtchPeer) GetConversationInfo(conversation int) (*model.Conversation, error) { cp.mutex.Lock() defer cp.mutex.Unlock() return cp.storage.GetConversation(conversation) } // FetchConversationInfo returns information about the given conversation referenced by the handle func (cp *cwtchPeer) FetchConversationInfo(handle string) (*model.Conversation, error) { cp.mutex.Lock() defer cp.mutex.Unlock() return cp.storage.GetConversationByHandle(handle) } // DeleteConversation purges all data about the conversation, including message timelines, referenced by the handle func (cp *cwtchPeer) DeleteConversation(id int) error { cp.mutex.Lock() defer cp.mutex.Unlock() return cp.storage.DeleteConversation(id) } // SetConversationAttribute sets the conversation attribute at path to value func (cp *cwtchPeer) SetConversationAttribute(id int, path attr.ScopedZonedPath, value string) error { cp.mutex.Lock() defer cp.mutex.Unlock() return cp.storage.SetConversationAttribute(id, path, value) } // GetConversationAttribute is a shortcut method for retrieving the value of a given path func (cp *cwtchPeer) GetConversationAttribute(id int, path attr.ScopedZonedPath) (string, error) { cp.mutex.Lock() defer cp.mutex.Unlock() ci, err := cp.storage.GetConversation(id) if err != nil { return "", err } val, exists := ci.Attributes[path.ToString()] if !exists { return "", fmt.Errorf("%v does not exist for conversation %v", path.ToString(), id) } return val, nil } // GetChannelMessage returns a message from a conversation channel referenced by the absolute ID. // Note: This should note be used to index a list as the ID is not expected to be tied to absolute position // in the table (e.g. deleted messages, expired messages, etc.) func (cp *cwtchPeer) GetChannelMessage(conversation int, channel int, id int) (string, model.Attributes, error) { cp.mutex.Lock() defer cp.mutex.Unlock() return cp.storage.GetChannelMessage(conversation, channel, id) } // GetChannelMessageCount returns the absolute number of messages in a given conversation channel func (cp *cwtchPeer) GetChannelMessageCount(conversation int, channel int) (int, error) { cp.mutex.Lock() defer cp.mutex.Unlock() return cp.storage.GetChannelMessageCount(conversation, channel) } // GetMostRecentMessages returns a selection of messages, ordered by most recently inserted func (cp *cwtchPeer) GetMostRecentMessages(conversation int, channel int, offset int, limit int) ([]model.ConversationMessage, error) { cp.mutex.Lock() defer cp.mutex.Unlock() return cp.storage.GetMostRecentMessages(conversation, channel, offset, limit) } // UpdateMessageAttribute sets a given key/value attribute on the message in the given conversation/channel // errors if the message doesn't exist, or for underlying daabase issues. func (cp *cwtchPeer) UpdateMessageAttribute(conversation int, channel int, id int, key string, value string) error { _, attr, err := cp.GetChannelMessage(conversation, channel, id) if err == nil { cp.mutex.Lock() defer cp.mutex.Unlock() attr[key] = value return cp.storage.UpdateMessageAttributes(conversation, channel, id, attr) } return err } // StartGroup create a new group linked to the given server and returns the group ID, an invite or an error. // Status: TODO change server handle to conversation id...? func (cp *cwtchPeer) StartGroup(name string, server string) (int, error) { group, err := model.NewGroup(server) if err == nil { cp.mutex.Lock() conversationID, err := cp.storage.NewConversation(group.GroupID, map[string]string{}, model.AccessControlList{}, true) cp.mutex.Unlock() if err != nil { return -1, err } cp.SetConversationAttribute(conversationID, attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.GroupID)), group.GroupID) cp.SetConversationAttribute(conversationID, attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.GroupServer)), group.GroupServer) cp.SetConversationAttribute(conversationID, attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.GroupKey)), base64.StdEncoding.EncodeToString(group.GroupKey[:])) cp.SetConversationAttribute(conversationID, attr.LocalScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(constants.Name)), name) cp.eventBus.Publish(event.NewEvent(event.GroupCreated, map[event.Field]string{ event.ConversationID: strconv.Itoa(conversationID), event.GroupID: group.GroupID, event.GroupServer: group.GroupServer, event.GroupName: name, })) return conversationID, nil } log.Errorf("error creating group: %v", err) return -1, err } // AddServer takes in a serialized server specification (a bundle of related keys) and adds a contact for the // server assuming there are no errors and the contact doesn't already exist. // Returns the onion of the new server if added // TODO in the future this function should also integrate with a trust provider to validate the key bundle. // Status: Ready for 1.5 func (cp *cwtchPeer) AddServer(serverSpecification string) (string, error) { // This confirms that the server did at least sign the bundle keyBundle, err := model.DeserializeAndVerify([]byte(serverSpecification)) if err != nil { return "", err } log.Debugf("Got new key bundle %v", keyBundle.Serialize()) // if the key bundle is incomplete then error out. // TODO In the future we may allow servers to attest to new // keys or subsets of keys, but for now they must commit only to a complete set of keys required for Cwtch Groups // (that way we can be assured that the keybundle we store is a valid one) if !keyBundle.HasKeyType(model.KeyTypeTokenOnion) || !keyBundle.HasKeyType(model.KeyTypeServerOnion) || !keyBundle.HasKeyType(model.KeyTypePrivacyPass) { return "", errors.New("keybundle is incomplete") } if keyBundle.HasKeyType(model.KeyTypeServerOnion) { onionKey, _ := keyBundle.GetKey(model.KeyTypeServerOnion) onion := string(onionKey) // Add the contact if we don't already have it conversationInfo, _ := cp.FetchConversationInfo(onion) if conversationInfo == nil { cp.mutex.Lock() // Create a new conversation but do **not** push an event out. _, err := cp.storage.NewConversation(onion, map[string]string{}, model.AccessControlList{onion: model.DefaultP2PAccessControl()}, true) cp.mutex.Unlock() if err != nil { return "", err } } conversationInfo, err = cp.FetchConversationInfo(onion) if conversationInfo != nil && err == nil { ab := keyBundle.AttributeBundle() for k, v := range ab { val, exists := conversationInfo.Attributes[k] if exists { if val != v { // the keybundle is inconsistent! return "", model.InconsistentKeyBundleError } } // we haven't seen this key associated with the server before } // // If we have gotten to this point we can assume this is a safe key bundle signed by the // // server with no conflicting keys. So we are going to save all the keys for k, v := range ab { cp.SetConversationAttribute(conversationInfo.ID, attr.PublicScope.ConstructScopedZonedPath(attr.ServerKeyZone.ConstructZonedPath(k)), v) } cp.SetConversationAttribute(conversationInfo.ID, attr.PublicScope.ConstructScopedZonedPath(attr.ServerKeyZone.ConstructZonedPath(string(model.BundleType))), serverSpecification) cp.JoinServer(onion) return onion, err } return "", err } return "", model.InconsistentKeyBundleError } // GetServers returns an unordered list of server handles func (cp *cwtchPeer) GetServers() []string { var servers []string conversations, err := cp.FetchConversations() if err == nil { for _, conversationInfo := range conversations { if conversationInfo.IsServer() { servers = append(servers, conversationInfo.Handle) } } } return servers } // GetOnion // Status: Deprecated in 1.5 func (cp *cwtchPeer) GetOnion() string { cp.mutex.Lock() defer cp.mutex.Unlock() onion, _ := cp.storage.LoadProfileKeyValue(TypeAttribute, attr.PublicScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(constants.Onion)).ToString()) return string(onion) } // GetPeerState // Status: Ready for 1.5 func (cp *cwtchPeer) GetPeerState(handle string) connections.ConnectionState { cp.mutex.Lock() defer cp.mutex.Unlock() if state, ok := cp.state[handle]; ok { return state } return connections.DISCONNECTED } // PeerWithOnion initiates a request to the Protocol Engine to set up Cwtch Session with a given tor v3 onion // address. func (cp *cwtchPeer) PeerWithOnion(onion string) { cp.eventBus.Publish(event.NewEvent(event.PeerRequest, map[event.Field]string{event.RemotePeer: onion})) } // SendInviteToConversation kicks off the invite process func (cp *cwtchPeer) SendInviteToConversation(conversationID int, inviteConversationID int) (int, error) { var invite model.MessageWrapper inviteConversationInfo, err := cp.GetConversationInfo(inviteConversationID) if inviteConversationInfo == nil || err != nil { return -1, err } if tor.IsValidHostname(inviteConversationInfo.Handle) { invite = model.MessageWrapper{Overlay: model.OverlayInviteContact, Data: inviteConversationInfo.Handle} } else { // Reconstruct Group groupID, ok := inviteConversationInfo.Attributes[attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.GroupID)).ToString()] if !ok { return -1, errors.New("group structure is malformed - no id") } groupServer, ok := inviteConversationInfo.Attributes[attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.GroupServer)).ToString()] if !ok { return -1, errors.New("group structure is malformed - no server") } groupKeyBase64, ok := inviteConversationInfo.Attributes[attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.GroupKey)).ToString()] if !ok { return -1, errors.New("group structure is malformed - no key") } groupName, ok := inviteConversationInfo.Attributes[attr.LocalScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(constants.Name)).ToString()] if !ok { return -1, errors.New("group structure is malformed - no name") } groupKey, err := base64.StdEncoding.DecodeString(groupKeyBase64) if err != nil { return -1, errors.New("malformed group key") } var groupKeyFixed = [32]byte{} copy(groupKeyFixed[:], groupKey[:]) group := model.Group{ GroupID: groupID, GroupName: groupName, GroupKey: groupKeyFixed, GroupServer: groupServer, } groupInvite, err := group.Invite() if err != nil { return -1, errors.New("group invite is malformed") } serverInfo, err := cp.FetchConversationInfo(groupServer) if err != nil { return -1, errors.New("unknown server associated with group") } bundle, exists := serverInfo.Attributes[attr.PublicScope.ConstructScopedZonedPath(attr.ServerKeyZone.ConstructZonedPath(string(model.BundleType))).ToString()] if !exists { return -1, errors.New("server bundle not found") } invite = model.MessageWrapper{Overlay: model.OverlayInviteGroup, Data: fmt.Sprintf("tofubundle:server:%s||%s", base64.StdEncoding.EncodeToString([]byte(bundle)), groupInvite)} } inviteBytes, err := json.Marshal(invite) if err != nil { log.Errorf("malformed invite: %v", err) return -1, err } return cp.SendMessage(conversationID, string(inviteBytes)) } func (cp *cwtchPeer) ImportBundle(importString string) error { if strings.HasPrefix(importString, constants.TofuBundlePrefix) { bundle := strings.Split(importString, "||") if len(bundle) == 2 { err := cp.ImportBundle(bundle[0][len(constants.TofuBundlePrefix):]) // if the server import failed then abort the whole process.. if err != nil && !strings.HasSuffix(err.Error(), "success") { return ConstructResponse(constants.ImportBundlePrefix, err.Error()) } return cp.ImportBundle(bundle[1]) } } else if strings.HasPrefix(importString, constants.ServerPrefix) { // Server Key Bundles are prefixed with bundle, err := base64.StdEncoding.DecodeString(importString[len(constants.ServerPrefix):]) if err == nil { if _, err = cp.AddServer(string(bundle)); err != nil { return ConstructResponse(constants.ImportBundlePrefix, err.Error()) } return ConstructResponse(constants.ImportBundlePrefix, "success") } return ConstructResponse(constants.ImportBundlePrefix, err.Error()) } else if strings.HasPrefix(importString, constants.GroupPrefix) { //eg: torv3JFDWkXExBsZLkjvfkkuAxHsiLGZBk0bvoeJID9ItYnU=EsEBCiBhOWJhZDU1OTQ0NWI3YmM2N2YxYTM5YjkzMTNmNTczNRIgpHeNaG+6jy750eDhwLO39UX4f2xs0irK/M3P6mDSYQIaOTJjM2ttb29ibnlnaGoyenc2cHd2N2Q1N3l6bGQ3NTNhdW8zdWdhdWV6enB2ZmFrM2FoYzRiZHlkCiJAdVSSVgsksceIfHe41OJu9ZFHO8Kwv3G6F5OK3Hw4qZ6hn6SiZjtmJlJezoBH0voZlCahOU7jCOg+dsENndZxAA== if _, err := cp.ImportGroup(importString); err != nil { return ConstructResponse(constants.ImportBundlePrefix, err.Error()) } return ConstructResponse(constants.ImportBundlePrefix, "success") } else if tor.IsValidHostname(importString) { _, err := cp.NewContactConversation(importString, model.DefaultP2PAccessControl(), true) if err == nil { // Assuming all is good, we should peer with this contact. cp.PeerWithOnion(importString) return ConstructResponse(constants.ImportBundlePrefix, "success") } return ConstructResponse(constants.ImportBundlePrefix, err.Error()) } return ConstructResponse(constants.ImportBundlePrefix, "invalid_group_invite_prefix") } // JoinServer manages a new server connection with the given onion address func (cp *cwtchPeer) JoinServer(onion string) error { ci, err := cp.FetchConversationInfo(onion) if ci == nil || err != nil { return errors.New("no keys found for server connection") } //if cp.GetContact(onion) != nil { tokenY, yExists := ci.Attributes[attr.PublicScope.ConstructScopedZonedPath(attr.ServerKeyZone.ConstructZonedPath(string(model.KeyTypePrivacyPass))).ToString()] tokenOnion, onionExists := ci.Attributes[attr.PublicScope.ConstructScopedZonedPath(attr.ServerKeyZone.ConstructZonedPath(string(model.KeyTypeTokenOnion))).ToString()] if yExists && onionExists { signature, exists := ci.Attributes[attr.LocalScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(lastReceivedSignature)).ToString()] if !exists { signature = base64.StdEncoding.EncodeToString([]byte{}) } cp.eventBus.Publish(event.NewEvent(event.JoinServer, map[event.Field]string{event.GroupServer: onion, event.ServerTokenY: tokenY, event.ServerTokenOnion: tokenOnion, event.Signature: signature})) return nil } return errors.New("no keys found for server connection") } // ResyncServer completely tears down and resyncs a new server connection with the given handle func (cp *cwtchPeer) ResyncServer(handle string) error { ci, err := cp.FetchConversationInfo(handle) if ci == nil || err != nil { return errors.New("no keys found for server connection") } // delete lastReceivedSignature - this will cause JoinServer to issue a resync cp.SetConversationAttribute(ci.ID, attr.LocalScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(lastReceivedSignature)), base64.StdEncoding.EncodeToString([]byte{})) // send an explicit leave server event... leaveServerEvent := event.NewEventList(event.LeaveServer, event.GroupServer, handle) cp.eventBus.Publish(leaveServerEvent) // rejoin the server return cp.JoinServer(handle) } // SendGetValToPeer // Status: Ready for 1.5 func (cp *cwtchPeer) SendGetValToPeer(onion string, scope string, path string) { ev := event.NewEventList(event.SendGetValMessageToPeer, event.RemotePeer, onion, event.Scope, scope, event.Path, path) cp.eventBus.Publish(ev) } // Listen makes the peer open a listening port to accept incoming connections (and be detectably online) // Status: Ready for 1.5 func (cp *cwtchPeer) Listen() { cp.mutex.Lock() defer cp.mutex.Unlock() if !cp.listenStatus { log.Infof("cwtchPeer Listen sending ProtocolEngineStartListen\n") cp.listenStatus = true onion, _ := cp.storage.LoadProfileKeyValue(TypeAttribute, attr.PublicScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(constants.Onion)).ToString()) cp.eventBus.Publish(event.NewEvent(event.ProtocolEngineStartListen, map[event.Field]string{event.Onion: string(onion)})) } // else protocol engine is already listening } // StartPeersConnections attempts to connect to peer connections // Status: Ready for 1.5 func (cp *cwtchPeer) StartPeersConnections() { conversations, _ := cp.FetchConversations() for _, conversation := range conversations { if conversation.Accepted && !conversation.IsGroup() && !conversation.IsServer() { cp.PeerWithOnion(conversation.Handle) } } } // StartServerConnections attempts to connect to all server connections // Status: Ready for 1.5 func (cp *cwtchPeer) StartServerConnections() { conversations, _ := cp.FetchConversations() for _, conversation := range conversations { if conversation.IsServer() { err := cp.JoinServer(conversation.Handle) if err != nil { // Almost certainly a programming error so print it.. log.Errorf("error joining server %v", err) } } } } // Shutdown kills all connections and cleans up all goroutines for the peer // Status: Ready for 1.5 func (cp *cwtchPeer) Shutdown() { cp.mutex.Lock() defer cp.mutex.Unlock() cp.shutdown = true cp.queue.Shutdown() if cp.storage != nil { cp.storage.Close() } } func (cp *cwtchPeer) storeMessage(handle string, message string, sent time.Time) (int, error) { // TODO maybe atomize this? ci, err := cp.FetchConversationInfo(handle) if err != nil { id, err := cp.NewContactConversation(handle, model.DefaultP2PAccessControl(), false) if err != nil { return -1, err } ci, err = cp.GetConversationInfo(id) if err != nil { return -1, err } } cp.mutex.Lock() defer cp.mutex.Unlock() // Generate a random number and use it as the signature signature := event.GetRandNumber().String() return cp.storage.InsertMessage(ci.ID, 0, message, model.Attributes{constants.AttrAuthor: handle, constants.AttrAck: event.True, constants.AttrSentTimestamp: sent.Format(time.RFC3339Nano)}, signature, model.CalculateContentHash(handle, message)) } // ShareFile begins hosting the given serialized manifest func (cp *cwtchPeer) ShareFile(fileKey string, serializedManifest string) { tsStr, exists := cp.GetScopedZonedAttribute(attr.LocalScope, attr.FilesharingZone, fmt.Sprintf("%s.ts", fileKey)) if exists { ts, err := strconv.ParseInt(tsStr, 10, 64) if err != nil || ts < time.Now().Unix()-2592000 { log.Errorf("ignoring request to download a file offered more than 30 days ago") return } } // set the filekey status to active cp.SetScopedZonedAttribute(attr.LocalScope, attr.FilesharingZone, fmt.Sprintf("%s.active", fileKey), constants.True) cp.eventBus.Publish(event.NewEvent(event.ShareManifest, map[event.Field]string{event.FileKey: fileKey, event.SerializedManifest: serializedManifest})) } // StopFileShare sends a message to the ProtocolEngine to cease sharing a particular file func (cp *cwtchPeer) StopFileShare(fileKey string) { // set the filekey status to inactive cp.SetScopedZonedAttribute(attr.LocalScope, attr.FilesharingZone, fmt.Sprintf("%s.active", fileKey), constants.False) cp.eventBus.Publish(event.NewEvent(event.StopFileShare, map[event.Field]string{event.FileKey: fileKey})) } // StopAllFileShares sends a message to the ProtocolEngine to cease sharing all files func (cp *cwtchPeer) StopAllFileShares() { cp.eventBus.Publish(event.NewEvent(event.StopAllFileShares, map[event.Field]string{})) } // eventHandler process events from other subsystems func (cp *cwtchPeer) eventHandler() { for { ev := cp.queue.Next() switch ev.EventType { /***** Default auto handled events *****/ case event.ProtocolEngineStopped: cp.mutex.Lock() cp.listenStatus = false onion, _ := cp.storage.LoadProfileKeyValue(TypeAttribute, attr.PublicScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(constants.Onion)).ToString()) log.Infof("Protocol engine for %s has stopped listening: %v", onion, ev.Data[event.Error]) cp.mutex.Unlock() case event.EncryptedGroupMessage: // If successful, a side effect is the message is added to the group's timeline ciphertext, _ := base64.StdEncoding.DecodeString(ev.Data[event.Ciphertext]) signature, _ := base64.StdEncoding.DecodeString(ev.Data[event.Signature]) log.Debugf("received encrypted group message: %x", ev.Data[event.Signature]) // SECURITY NOTE: A malicious server could insert posts such that everyone always has a different lastKnownSignature // However the server can always replace **all** messages in an attempt to track users // This is mitigated somewhat by resync events which do wipe things entire. // The security of cwtch groups are also not dependent on the servers inability to uniquely tag connections (as long as // it learns nothing else about each connection). // store the base64 encoded signature for later use // TODO Server Connections should send Connection ID ci, err := cp.FetchConversationInfo(ev.Data[event.GroupServer]) if ci == nil || err != nil { log.Errorf("no server connection count") return } cp.SetConversationAttribute(ci.ID, attr.LocalScope.ConstructScopedZonedPath(attr.ProfileZone.ConstructZonedPath(lastReceivedSignature)), ev.Data[event.Signature]) conversations, err := cp.FetchConversations() if err == nil { for _, conversationInfo := range conversations { if !tor.IsValidHostname(conversationInfo.Handle) { group, err := cp.constructGroupFromConversation(conversationInfo) if err == nil { success, dgm := group.AttemptDecryption(ciphertext, signature) if success { // Time to either acknowledge the message or insert a new message // Re-encode signature to base64 cp.attemptInsertOrAcknowledgeLegacyGroupConversation(conversationInfo.ID, base64.StdEncoding.EncodeToString(signature), dgm) if serverState, exists := cp.state[ev.Data[event.GroupServer]]; exists && serverState == connections.AUTHENTICATED { // server is syncing, update it's most recent sync message time cp.SetConversationAttribute(ci.ID, attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.SyncMostRecentMessageTime)), time.Unix(int64(dgm.Timestamp), 0).Format(time.RFC3339Nano)) } break } } } } } case event.NewMessageFromPeerEngine: //event.TimestampReceived, event.RemotePeer, event.Data ts, _ := time.Parse(time.RFC3339Nano, ev.Data[event.TimestampReceived]) id, err := cp.storeMessage(ev.Data[event.RemotePeer], ev.Data[event.Data], ts) if err == nil { // Republish as NewMessageFromPeer ev.EventType = event.NewMessageFromPeer ev.Data[event.Index] = strconv.Itoa(id) ev.Data[event.ContentHash] = model.CalculateContentHash(ev.Data[event.RemotePeer], ev.Data[event.Data]) cp.eventBus.Publish(ev) } case event.PeerAcknowledgement: err := cp.attemptAcknowledgeP2PConversation(ev.Data[event.RemotePeer], ev.Data[event.EventID]) if err != nil { // Note: This is not an Error because malicious peers can just send acks for random things // There is no point in polluting error logs with that mess. log.Debugf("failed to acknowledge acknowledgement: %v", err) } case event.SendMessageToGroupError: err := cp.attemptErrorConversationMessage(ev.Data[event.GroupID], ev.Data[event.Signature], ev.Data[event.Error]) if err != nil { log.Errorf("failed to error group message: %s %v", ev.Data[event.GroupID], err) } case event.SendMessageToPeerError: context := ev.Data[event.EventContext] if context == string(event.SendMessageToPeer) { err := cp.attemptErrorConversationMessage(ev.Data[event.RemotePeer], ev.Data[event.EventID], ev.Data[event.Error]) if err != nil { log.Errorf("failed to error p2p message: %s %v", ev.Data[event.RemotePeer], err) } } case event.RetryServerRequest: // Automated Join Server Request triggered by a plugin. log.Debugf("profile received an automated retry event for %v", ev.Data[event.GroupServer]) err := cp.JoinServer(ev.Data[event.GroupServer]) if err != nil { log.Errorf("error joining server... %v", err) } case event.NewGetValMessageFromPeer: onion := ev.Data[event.RemotePeer] scope := ev.Data[event.Scope] path := ev.Data[event.Path] log.Debugf("NewGetValMessageFromPeer for %v.%v from %v\n", scope, path, onion) conversationInfo, err := cp.FetchConversationInfo(onion) log.Debugf("confo info lookup newgetval %v %v %v", onion, conversationInfo, err) if conversationInfo != nil && conversationInfo.Accepted { scope := attr.IntoScope(scope) if scope.IsPublic() || scope.IsConversation() { zone, zpath := attr.ParseZone(path) val, exists := cp.GetScopedZonedAttribute(scope, zone, zpath) // NOTE: Temporary Override because UI currently wipes names if it can't find them... if !exists && zone == attr.UnknownZone && path == constants.Name { val, exists = cp.GetScopedZonedAttribute(attr.PublicScope, attr.ProfileZone, constants.Name) } resp := event.NewEvent(event.SendRetValMessageToPeer, map[event.Field]string{event.ConversationID: strconv.Itoa(conversationInfo.ID), event.RemotePeer: onion, event.Exists: strconv.FormatBool(exists)}) resp.EventID = ev.EventID if exists { resp.Data[event.Data] = val } else { resp.Data[event.Data] = "" } log.Debugf("Responding with SendRetValMessageToPeer exists:%v data: %v\n", exists, val) cp.eventBus.Publish(resp) } } case event.ManifestReceived: log.Debugf("Manifest Received Event!: %v", ev) handle := ev.Data[event.Handle] fileKey := ev.Data[event.FileKey] serializedManifest := ev.Data[event.SerializedManifest] manifestFilePath, exists := cp.GetScopedZonedAttribute(attr.LocalScope, attr.FilesharingZone, fmt.Sprintf("%v.manifest", fileKey)) if exists { downloadFilePath, exists := cp.GetScopedZonedAttribute(attr.LocalScope, attr.FilesharingZone, fmt.Sprintf("%v.path", fileKey)) if exists { log.Debugf("downloading manifest to %v, file to %v", manifestFilePath, downloadFilePath) var manifest files.Manifest err := json.Unmarshal([]byte(serializedManifest), &manifest) if err == nil { // We only need to check the file size here, as manifest is sent to engine and the file created // will be bound to the size advertised in manifest. fileSizeLimitValue, fileSizeLimitExists := cp.GetScopedZonedAttribute(attr.LocalScope, attr.FilesharingZone, fmt.Sprintf("%v.limit", fileKey)) if fileSizeLimitExists { fileSizeLimit, err := strconv.ParseUint(fileSizeLimitValue, 10, bits.UintSize) if err == nil { if manifest.FileSizeInBytes >= fileSizeLimit { log.Errorf("could not download file, size %v greater than limit %v", manifest.FileSizeInBytes, fileSizeLimitValue) } else { manifest.Title = manifest.FileName manifest.FileName = downloadFilePath log.Debugf("saving manifest") err = manifest.Save(manifestFilePath) if err != nil { log.Errorf("could not save manifest: %v", err) } else { tempFile := "" if runtime.GOOS == "android" { tempFile = manifestFilePath[0 : len(manifestFilePath)-len(".manifest")] log.Debugf("derived android temp path: %v", tempFile) } cp.eventBus.Publish(event.NewEvent(event.ManifestSaved, map[event.Field]string{ event.FileKey: fileKey, event.Handle: handle, event.SerializedManifest: string(manifest.Serialize()), event.TempFile: tempFile, event.NameSuggestion: manifest.Title, })) } } } } } else { log.Errorf("error saving manifest: %v", err) } } else { log.Errorf("found manifest path but not download path for %v", fileKey) } } else { log.Errorf("no download path found for manifest: %v", fileKey) } case event.FileDownloaded: fileKey := ev.Data[event.FileKey] cp.SetScopedZonedAttribute(attr.LocalScope, attr.FilesharingZone, fmt.Sprintf("%s.complete", fileKey), "true") case event.NewRetValMessageFromPeer: onion := ev.Data[event.RemotePeer] scope := ev.Data[event.Scope] path := ev.Data[event.Path] val := ev.Data[event.Data] exists, _ := strconv.ParseBool(ev.Data[event.Exists]) log.Debugf("NewRetValMessageFromPeer %v %v %v %v %v\n", onion, scope, path, exists, val) if exists { // Handle File Sharing Metadata // TODO This probably should be broken out to it's own code.. zone, path := attr.ParseZone(path) if attr.Scope(scope).IsConversation() && zone == attr.FilesharingZone && strings.HasSuffix(path, ".manifest.size") { fileKey := strings.Replace(path, ".manifest.size", "", 1) size, err := strconv.Atoi(val) // if size is valid and below the maximum size for a manifest // this is to prevent malicious sharers from using large amounts of memory when distributing // a manifest as we reconstruct this in-memory if err == nil && size < files.MaxManifestSize { cp.eventBus.Publish(event.NewEvent(event.ManifestSizeReceived, map[event.Field]string{event.FileKey: fileKey, event.ManifestSize: val, event.Handle: onion})) } else { cp.eventBus.Publish(event.NewEvent(event.ManifestError, map[event.Field]string{event.FileKey: fileKey, event.Handle: onion})) } } // Allow public profile parameters to be added as peer specific attributes... if attr.Scope(scope).IsPublic() && zone == attr.ProfileZone { ci, err := cp.FetchConversationInfo(onion) log.Debugf("fetch conversation info %v %v", ci, err) if ci != nil && err == nil { err := cp.SetConversationAttribute(ci.ID, attr.Scope(scope).ConstructScopedZonedPath(zone.ConstructZonedPath(path)), val) if err != nil { log.Errorf("error setting conversation attribute %v", err) } } } } case event.PeerStateChange: handle := ev.Data[event.RemotePeer] if connections.ConnectionStateToType()[ev.Data[event.ConnectionState]] == connections.AUTHENTICATED { _, err := cp.FetchConversationInfo(handle) if err != nil { cp.NewContactConversation(handle, model.DefaultP2PAccessControl(), false) } } cp.mutex.Lock() cp.state[ev.Data[event.RemotePeer]] = connections.ConnectionStateToType()[ev.Data[event.ConnectionState]] cp.mutex.Unlock() case event.ServerStateChange: cp.mutex.Lock() state := connections.ConnectionStateToType()[ev.Data[event.ConnectionState]] cp.state[ev.Data[event.GroupServer]] = state cp.mutex.Unlock() // If starting to sync, determine last message from known groups on server so we can calculate sync progress if state == connections.AUTHENTICATED { conversations, err := cp.FetchConversations() mostRecentTime := time.Date(2020, 6, 1, 0, 0, 0, 0, time.UTC) if err == nil { for _, conversationInfo := range conversations { if server, exists := conversationInfo.GetAttribute(attr.LocalScope, attr.LegacyGroupZone, constants.GroupServer); exists && server == ev.Data[event.GroupServer] { lastMessage, _ := cp.GetMostRecentMessages(conversationInfo.ID, 0, 0, 1) if len(lastMessage) == 0 { continue } lastGroupMsgTime, err := time.Parse(time.RFC3339Nano, lastMessage[0].Attr[constants.AttrSentTimestamp]) if err != nil { continue } if lastGroupMsgTime.After(mostRecentTime) { mostRecentTime = lastGroupMsgTime } } } } serverInfo, err := cp.FetchConversationInfo(ev.Data[event.GroupServer]) if err == nil { cp.SetConversationAttribute(serverInfo.ID, attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.SyncPreLastMessageTime)), mostRecentTime.Format(time.RFC3339Nano)) cp.SetConversationAttribute(serverInfo.ID, attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.SyncMostRecentMessageTime)), mostRecentTime.Format(time.RFC3339Nano)) } } default: if ev.EventType != "" { log.Errorf("peer event handler received an event it was not subscribed for: %v", ev.EventType) } return } } } // attemptInsertOrAcknowledgeLegacyGroupConversation is a convenience method that looks up the conversation // by the given handle and attempts to mark the message as acknowledged. returns error on failure // to either find the contact or the associated message func (cp *cwtchPeer) attemptInsertOrAcknowledgeLegacyGroupConversation(conversationID int, signature string, dm *groups.DecryptedGroupMessage) error { log.Debugf("attempting to insert or ack group message %v %v", conversationID, signature) messageID, err := cp.GetChannelMessageBySignature(conversationID, 0, signature) // We have received our own message (probably), acknowledge and move on... if err == nil { _, attr, err := cp.GetChannelMessage(conversationID, 0, messageID) if err == nil && attr[constants.AttrAck] != constants.True { cp.mutex.Lock() attr[constants.AttrAck] = constants.True cp.storage.UpdateMessageAttributes(conversationID, 0, messageID, attr) cp.mutex.Unlock() cp.eventBus.Publish(event.NewEvent(event.IndexedAcknowledgement, map[event.Field]string{event.ConversationID: strconv.Itoa(conversationID), event.Index: strconv.Itoa(messageID)})) return nil } } else { cp.mutex.Lock() contenthash := model.CalculateContentHash(dm.Onion, dm.Text) id, err := cp.storage.InsertMessage(conversationID, 0, dm.Text, model.Attributes{constants.AttrAck: constants.True, "PreviousSignature": base64.StdEncoding.EncodeToString(dm.PreviousMessageSig), constants.AttrAuthor: dm.Onion, constants.AttrSentTimestamp: time.Unix(int64(dm.Timestamp), 0).Format(time.RFC3339Nano)}, signature, contenthash) if err == nil { cp.eventBus.Publish(event.NewEvent(event.NewMessageFromGroup, map[event.Field]string{event.ConversationID: strconv.Itoa(conversationID), event.TimestampSent: time.Unix(int64(dm.Timestamp), 0).Format(time.RFC3339Nano), event.RemotePeer: dm.Onion, event.Index: strconv.Itoa(id), event.Data: dm.Text, event.ContentHash: contenthash})) } cp.mutex.Unlock() return err } return err } // attemptAcknowledgeP2PConversation is a convenience method that looks up the conversation // by the given handle and attempts to mark the message as acknowledged. returns error on failure // to either find the contact or the associated message func (cp *cwtchPeer) attemptAcknowledgeP2PConversation(handle string, signature string) error { ci, err := cp.FetchConversationInfo(handle) // We should *never* received a peer acknowledgement for a conversation that doesn't exist... if ci != nil && err == nil { // for p2p messages the randomly generated event ID is the "signature" id, err := cp.GetChannelMessageBySignature(ci.ID, 0, signature) if err == nil { _, attr, err := cp.GetChannelMessage(ci.ID, 0, id) if err == nil { cp.mutex.Lock() attr[constants.AttrAck] = constants.True cp.storage.UpdateMessageAttributes(ci.ID, 0, id, attr) cp.mutex.Unlock() cp.eventBus.Publish(event.NewEvent(event.IndexedAcknowledgement, map[event.Field]string{event.ConversationID: strconv.Itoa(ci.ID), event.RemotePeer: handle, event.Index: strconv.Itoa(id)})) return nil } return err } return err } return err } // attemptErrorConversationMessage is a convenience method that looks up the conversation // by the given handle and attempts to mark the message as errored. returns error on failure // to either find the contact or the associated message func (cp *cwtchPeer) attemptErrorConversationMessage(handle string, signature string, error string) error { ci, err := cp.FetchConversationInfo(handle) // We should *never* received an error for a conversation that doesn't exist... if ci != nil && err == nil { // "signature" here is event ID for peer messages... id, err := cp.GetChannelMessageBySignature(ci.ID, 0, signature) if err == nil { _, attr, err := cp.GetChannelMessage(ci.ID, 0, id) if err == nil { cp.mutex.Lock() attr[constants.AttrErr] = constants.True cp.storage.UpdateMessageAttributes(ci.ID, 0, id, attr) cp.mutex.Unlock() // Send a generic indexed failure... cp.eventBus.Publish(event.NewEvent(event.IndexedFailure, map[event.Field]string{event.ConversationID: strconv.Itoa(ci.ID), event.Handle: handle, event.Error: error, event.Index: strconv.Itoa(id)})) return nil } return err } return err } return err } func (cp *cwtchPeer) GetChannelMessageBySignature(conversationID int, channelID int, signature string) (int, error) { cp.mutex.Lock() defer cp.mutex.Unlock() return cp.storage.GetChannelMessageBySignature(conversationID, channelID, signature) } func (cp *cwtchPeer) GetChannelMessageByContentHash(conversationID int, channelID int, contenthash string) (int, error) { cp.mutex.Lock() defer cp.mutex.Unlock() messageID, err := cp.storage.GetChannelMessageByContentHash(conversationID, channelID, contenthash) if err == nil { return cp.storage.GetRowNumberByMessageID(conversationID, channelID, messageID) } return -1, err } // constructGroupFromConversation returns a model.Group wrapper around a database back groups. Useful for // encrypting / decrypting messages to/from the group. func (cp *cwtchPeer) constructGroupFromConversation(conversationInfo *model.Conversation) (*model.Group, error) { key := conversationInfo.Attributes[attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.GroupKey)).ToString()] groupKey, err := base64.StdEncoding.DecodeString(key) if err != nil { return nil, errors.New("group key is malformed") } var groupKeyFixed [32]byte copy(groupKeyFixed[:], groupKey[:]) group := model.Group{ GroupID: conversationInfo.Handle, GroupServer: conversationInfo.Attributes[attr.LocalScope.ConstructScopedZonedPath(attr.LegacyGroupZone.ConstructZonedPath(constants.GroupServer)).ToString()], GroupKey: groupKeyFixed, } return &group, nil }