feat: save post key into db, close #63

DimensionDev · Jul 16, 2019 · bccd455 · bccd455
1 parent c194646
commit bccd455
Show file tree

Hide file tree

Showing 5 changed files with 59 additions and 34 deletions.
diff --git a/src/components/InjectedComponents/DecryptedPost.tsx b/src/components/InjectedComponents/DecryptedPost.tsx
@@ -107,16 +107,13 @@ function DecryptPost(props: DecryptPostProps) {
         },
         [requestAppendDecryptor],
     )
-    function ifError(x: any): x is { error: string } {
-        return 'error' in x
-    }
     return (
         <AsyncComponent
             promise={() => Services.Crypto.decryptFrom(encryptedText, postBy, whoAmI)}
             dependencies={[encryptedText, people, alreadySelectedPreviously]}
             awaitingComponent={DecryptPostAwaiting}
             completeComponent={props =>
-                ifError(props.data) ? (
+                'error' in props.data ? (
                     <DecryptPostFailed error={new Error(props.data.error)} />
                 ) : (
                     <DecryptPostSuccess

diff --git a/src/crypto/crypto-alpha-40.ts b/src/crypto/crypto-alpha-40.ts
@@ -187,7 +187,7 @@ export async function decryptMessage1ToNByOther(info: {
     authorsPublicKeyECDH: CryptoKey
     AESKeyEncrypted: PublishedAESKey
     iv: ArrayBuffer | string
-}): Promise<ArrayBuffer> {
+}): Promise<[ArrayBuffer, CryptoKey]> {
     const { AESKeyEncrypted, version, encryptedContent, privateKeyECDH, authorsPublicKeyECDH, iv } = info
     const aesKeyJWK = decodeText(
         await decryptMessage1To1({
@@ -205,7 +205,7 @@ export async function decryptMessage1ToNByOther(info: {
         false,
         ['decrypt'],
     )
-    return decryptWithAES({ aesKey, iv, encrypted: encryptedContent })
+    return [await decryptWithAES({ aesKey, iv, encrypted: encryptedContent }), aesKey]
 }
 export async function extractAESKeyInMessage(
     version: -40,
@@ -231,12 +231,12 @@ export async function decryptMessage1ToNByMyself(info: {
     encryptedAESKey: string | ArrayBuffer
     myLocalKey: CryptoKey
     iv: string | ArrayBuffer
-}): Promise<ArrayBuffer> {
+}): Promise<[ArrayBuffer, CryptoKey]> {
     const { encryptedContent, myLocalKey, version } = info
     const decryptedAESKey = await extractAESKeyInMessage(-40, info.encryptedAESKey, info.iv, info.myLocalKey)
     const iv = typeof info.iv === 'string' ? decodeArrayBuffer(info.iv) : info.iv
     const post = await decryptWithAES({ aesKey: decryptedAESKey, encrypted: encryptedContent, iv })
-    return post
+    return [post, decryptedAESKey]
 }
 /**
  * Decrypt the content encrypted by AES

diff --git a/src/database/post.ts b/src/database/post.ts
@@ -4,8 +4,6 @@ import { openDB, DBSchema } from 'idb/with-async-ittr'
 
 function outDb(db: PostDBRecordV40): PostOutDBRecordV40 {
     const { identifier, ...rest } = db
-    // Restore prototype
-    rest.recipients.forEach(y => Object.setPrototypeOf(y, PersonIdentifier.prototype))
     return {
         ...rest,
         identifier: Identifier.fromString(identifier) as PostIdentifier,
@@ -24,7 +22,6 @@ interface PostDBRecordV40 {
      */
     postCryptoKey: CryptoKey
     version: -40
-    recipients: PersonIdentifier[]
 }
 interface PostDB extends DBSchema {
     /** Use inline keys */

diff --git a/src/extension/background-script/CryptoService.ts b/src/extension/background-script/CryptoService.ts
@@ -8,9 +8,10 @@ import { geti18nString } from '../../utils/i18n'
 import { toCompressSecp256k1Point, unCompressSecp256k1Point } from '../../utils/type-transform/SECP256k1-Compression'
 import { Person, getMyPrivateKeyAtFacebook, queryPerson } from '../../database'
 import { queryMyIdentityAtDB, storeNewPersonDB, queryPersonDB, queryLocalKeyDB } from '../../database/people'
-import { PersonIdentifier } from '../../database/type'
+import { PersonIdentifier, PostIdentifier } from '../../database/type'
 import { addPersonPublicKey } from '../../key-management/people-gun'
 import { gun } from '../../network/gun/version.1'
+import { storePostCryptoKeyDB, queryPostCryptoKeyDB } from '../../database/post'
 
 OnlyRunInContext('background', 'EncryptService')
 //#region Encrypt & Decrypt
@@ -120,6 +121,25 @@ export async function decryptFrom(
     }
     if (data.version === -40) {
         const { encryptedText, iv: salt, ownersAESKeyEncrypted, signature, version } = data
+        const postIdentifier = new PostIdentifier(by, salt.replace(/\//g, '|'))
+        const unverified = ['2/4', ownersAESKeyEncrypted, salt, encryptedText].join('|')
+        {
+            const cachedKey = await queryPostCryptoKeyDB(postIdentifier)
+            if (cachedKey) {
+                return {
+                    content: decodeText(
+                        await Alpha40.decryptWithAES({
+                            aesKey: cachedKey.postCryptoKey,
+                            encrypted: encryptedText,
+                            iv: salt,
+                        }),
+                    ),
+                    // ! TODO: verify the message again
+                    signatureVerifyResult: true,
+                }
+            }
+        }
+
         async function getKey(user: PersonIdentifier) {
             let person = await queryPersonDB(by)
             try {
@@ -136,20 +156,25 @@ export async function decryptFrom(
         const mine = await getMyPrivateKeyAtFacebook(whoAmI)
         if (!mine) return { error: geti18nString('service_not_setup_yet') }
         try {
-            const unverified = ['2/4', ownersAESKeyEncrypted, salt, encryptedText].join('|')
             if (by.equals(whoAmI)) {
-                const content = decodeText(
-                    await Alpha40.decryptMessage1ToNByMyself({
-                        version: -40,
-                        encryptedAESKey: ownersAESKeyEncrypted,
-                        encryptedContent: encryptedText,
-                        myLocalKey: (await queryLocalKeyDB(whoAmI))!,
-                        iv: salt,
-                    }),
-                )
+                const [contentArrayBuffer, postAESKey] = await Alpha40.decryptMessage1ToNByMyself({
+                    version: -40,
+                    encryptedAESKey: ownersAESKeyEncrypted,
+                    encryptedContent: encryptedText,
+                    myLocalKey: (await queryLocalKeyDB(whoAmI))!,
+                    iv: salt,
+                })
+                const content = decodeText(contentArrayBuffer)
                 try {
                     if (!signature) throw new TypeError('No signature')
                     const signatureVerifyResult = await Alpha40.verify(unverified, signature, mine.publicKey)
+                    // Store the key to speed up next time decrypt
+                    signatureVerifyResult &&
+                        storePostCryptoKeyDB({
+                            identifier: postIdentifier,
+                            postCryptoKey: postAESKey,
+                            version: -40,
+                        })
                     return { signatureVerifyResult, content }
                 } catch {
                     return { signatureVerifyResult: false, content }
@@ -165,19 +190,25 @@ export async function decryptFrom(
                         error: geti18nString('service_not_share_target'),
                     }
                 }
-                const content = decodeText(
-                    await Alpha40.decryptMessage1ToNByOther({
-                        version: -40,
-                        AESKeyEncrypted: aesKeyEncrypted,
-                        authorsPublicKeyECDH: byKey,
-                        encryptedContent: encryptedText,
-                        privateKeyECDH: mine.privateKey,
-                        iv: salt,
-                    }),
-                )
+                const [contentArrayBuffer, postAESKey] = await Alpha40.decryptMessage1ToNByOther({
+                    version: -40,
+                    AESKeyEncrypted: aesKeyEncrypted,
+                    authorsPublicKeyECDH: byKey,
+                    encryptedContent: encryptedText,
+                    privateKeyECDH: mine.privateKey,
+                    iv: salt,
+                })
+                const content = decodeText(contentArrayBuffer)
                 try {
                     if (!signature) throw new TypeError('No signature')
                     const signatureVerifyResult = await Alpha40.verify(unverified, signature, byKey)
+                    // Store the key to speed up next time decrypt
+                    signatureVerifyResult &&
+                        storePostCryptoKeyDB({
+                            identifier: postIdentifier,
+                            postCryptoKey: postAESKey,
+                            version: -40,
+                        })
                     return { signatureVerifyResult, content }
                 } catch {
                     return { signatureVerifyResult: false, content }

diff --git a/src/tests/1toN.ts b/src/tests/1toN.ts
@@ -17,7 +17,7 @@ async function test1toN(msg: string = 'test string') {
         ownersLocalKey: aliceLocal,
     })
 
-    const aliceDecrypt = await decryptMessage1ToNByMyself({
+    const [aliceDecrypt] = await decryptMessage1ToNByMyself({
         version: -40,
         encryptedAESKey: encrypted.ownersAESKeyEncrypted,
         encryptedContent: encrypted.encryptedContent,
@@ -26,7 +26,7 @@ async function test1toN(msg: string = 'test string') {
     })
     if (decodeText(aliceDecrypt) !== msg) throw new Error('Alice decrypted not equal')
 
-    const bobDecrypt = await decryptMessage1ToNByOther({
+    const [bobDecrypt] = await decryptMessage1ToNByOther({
         version: -40,
         AESKeyEncrypted: encrypted.othersAESKeyEncrypted.find(x => x.name === 'bob')!.key,
         authorsPublicKeyECDH: alice.publicKey,