2026-02-09 09:55:58 -08:00
|
|
|
use blake2::{Blake2b512, Digest};
|
2026-02-06 23:41:12 +07:00
|
|
|
use chat_proto::logoschat::encryption::EncryptedPayload;
|
2026-01-22 06:39:09 +07:00
|
|
|
use prost::Message;
|
|
|
|
|
use prost::bytes::Bytes;
|
|
|
|
|
use rand_core::OsRng;
|
2026-04-08 11:07:23 +08:00
|
|
|
use std::cell::RefCell;
|
2026-01-22 06:39:09 +07:00
|
|
|
use std::rc::Rc;
|
2026-04-10 08:33:58 +08:00
|
|
|
use storage::{ConversationStore, EphemeralKeyStore, RatchetStore};
|
2026-01-22 06:39:09 +07:00
|
|
|
|
2026-02-18 09:29:33 -08:00
|
|
|
use crypto::{PrekeyBundle, SymmetricKey32};
|
2026-01-22 06:39:09 +07:00
|
|
|
|
2026-01-26 23:53:44 +07:00
|
|
|
use crate::context::Introduction;
|
2026-04-03 08:25:26 +08:00
|
|
|
use crate::conversation::{ChatError, Conversation, ConversationId, Convo, Id, PrivateV1Convo};
|
2026-02-18 09:29:33 -08:00
|
|
|
use crate::crypto::{CopyBytes, PrivateKey, PublicKey};
|
2026-01-22 06:39:09 +07:00
|
|
|
use crate::inbox::handshake::InboxHandshake;
|
2026-01-29 23:36:18 +07:00
|
|
|
use crate::proto;
|
|
|
|
|
use crate::types::{AddressedEncryptedPayload, ContentData};
|
2026-04-03 08:25:26 +08:00
|
|
|
use crypto::Identity;
|
2026-01-28 07:07:35 +07:00
|
|
|
|
|
|
|
|
/// Compute the deterministic Delivery_address for an installation
|
|
|
|
|
fn delivery_address_for_installation(_: PublicKey) -> String {
|
|
|
|
|
// TODO: Implement Delivery Address
|
|
|
|
|
"delivery_address".into()
|
|
|
|
|
}
|
2026-01-22 06:39:09 +07:00
|
|
|
|
2026-04-08 11:07:23 +08:00
|
|
|
pub struct Inbox<S: EphemeralKeyStore> {
|
2026-01-22 06:39:09 +07:00
|
|
|
ident: Rc<Identity>,
|
|
|
|
|
local_convo_id: String,
|
2026-04-08 11:07:23 +08:00
|
|
|
store: Rc<RefCell<S>>,
|
2026-01-22 06:39:09 +07:00
|
|
|
}
|
|
|
|
|
|
2026-04-08 11:07:23 +08:00
|
|
|
impl<S: EphemeralKeyStore> std::fmt::Debug for Inbox<S> {
|
2026-01-22 06:39:09 +07:00
|
|
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
|
|
|
|
|
f.debug_struct("Inbox")
|
|
|
|
|
.field("ident", &self.ident)
|
|
|
|
|
.field("convo_id", &self.local_convo_id)
|
|
|
|
|
.finish()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-08 11:07:23 +08:00
|
|
|
impl<S: EphemeralKeyStore> Inbox<S> {
|
2026-04-10 08:33:58 +08:00
|
|
|
pub fn new(store: Rc<RefCell<S>>, ident: Rc<Identity>) -> Self {
|
2026-02-09 09:55:58 -08:00
|
|
|
let local_convo_id = Self::inbox_identifier_for_key(ident.public_key());
|
2026-01-22 06:39:09 +07:00
|
|
|
Self {
|
|
|
|
|
ident,
|
|
|
|
|
local_convo_id,
|
2026-04-08 11:07:23 +08:00
|
|
|
store,
|
2026-01-22 06:39:09 +07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-03 08:25:26 +08:00
|
|
|
/// Creates an intro bundle and returns the Introduction along with the
|
|
|
|
|
/// generated ephemeral key pair (public_key_hex, private_key) for the caller to persist.
|
2026-04-08 11:07:23 +08:00
|
|
|
pub fn create_intro_bundle(&self) -> Result<Introduction, ChatError> {
|
2026-02-18 09:29:33 -08:00
|
|
|
let ephemeral = PrivateKey::random();
|
2026-01-22 06:39:09 +07:00
|
|
|
|
2026-02-11 19:51:22 +01:00
|
|
|
let ephemeral_key: PublicKey = (&ephemeral).into();
|
2026-04-03 08:25:26 +08:00
|
|
|
let public_key_hex = hex::encode(ephemeral_key.as_bytes());
|
2026-01-22 06:39:09 +07:00
|
|
|
|
2026-04-08 11:07:23 +08:00
|
|
|
self.store
|
|
|
|
|
.borrow_mut()
|
|
|
|
|
.save_ephemeral_key(&public_key_hex, &ephemeral)?;
|
|
|
|
|
|
2026-04-03 08:25:26 +08:00
|
|
|
let intro = Introduction::new(self.ident.secret(), ephemeral_key, OsRng);
|
2026-04-08 11:07:23 +08:00
|
|
|
Ok(intro)
|
2026-01-22 06:39:09 +07:00
|
|
|
}
|
|
|
|
|
|
2026-04-10 08:33:58 +08:00
|
|
|
pub fn invite_to_private_convo<PS: ConversationStore + RatchetStore>(
|
2026-01-22 06:39:09 +07:00
|
|
|
&self,
|
2026-01-26 23:53:44 +07:00
|
|
|
remote_bundle: &Introduction,
|
2026-02-06 23:08:06 +07:00
|
|
|
initial_message: &[u8],
|
2026-04-10 08:33:58 +08:00
|
|
|
private_store: Rc<RefCell<PS>>,
|
|
|
|
|
) -> Result<(PrivateV1Convo<PS>, Vec<AddressedEncryptedPayload>), ChatError> {
|
2026-01-22 06:39:09 +07:00
|
|
|
let mut rng = OsRng;
|
|
|
|
|
|
2026-01-26 23:53:44 +07:00
|
|
|
let pkb = PrekeyBundle {
|
2026-02-11 19:51:22 +01:00
|
|
|
identity_key: *remote_bundle.installation_key(),
|
|
|
|
|
signed_prekey: *remote_bundle.ephemeral_key(),
|
|
|
|
|
signature: *remote_bundle.signature(),
|
2026-01-26 23:53:44 +07:00
|
|
|
onetime_prekey: None,
|
|
|
|
|
};
|
|
|
|
|
|
2026-01-22 06:39:09 +07:00
|
|
|
let (seed_key, ephemeral_pub) =
|
2026-02-10 18:34:33 +01:00
|
|
|
InboxHandshake::perform_as_initiator(self.ident.secret(), &pkb, &mut rng);
|
2026-01-22 06:39:09 +07:00
|
|
|
|
2026-04-10 08:33:58 +08:00
|
|
|
let mut convo =
|
|
|
|
|
PrivateV1Convo::new_initiator(private_store, seed_key, *remote_bundle.ephemeral_key());
|
2026-01-22 06:39:09 +07:00
|
|
|
|
2026-02-06 23:08:06 +07:00
|
|
|
let mut payloads = convo.send_message(initial_message)?;
|
2026-01-22 06:39:09 +07:00
|
|
|
|
|
|
|
|
// Wrap First payload in Invite
|
2026-01-29 23:36:18 +07:00
|
|
|
if let Some(first_message) = payloads.get_mut(0) {
|
|
|
|
|
// Take the the value of .data - it's being replaced at the end of this block
|
|
|
|
|
let frame = Self::wrap_in_invite(std::mem::take(&mut first_message.data));
|
2026-01-22 06:39:09 +07:00
|
|
|
|
|
|
|
|
// TODO: Encrypt frame
|
|
|
|
|
let ciphertext = frame.encode_to_vec();
|
|
|
|
|
|
|
|
|
|
let header = proto::InboxHeaderV1 {
|
|
|
|
|
initiator_static: self.ident.public_key().copy_to_bytes(),
|
|
|
|
|
initiator_ephemeral: ephemeral_pub.copy_to_bytes(),
|
2026-02-11 19:51:22 +01:00
|
|
|
responder_static: remote_bundle.installation_key().copy_to_bytes(),
|
|
|
|
|
responder_ephemeral: remote_bundle.ephemeral_key().copy_to_bytes(),
|
2026-01-22 06:39:09 +07:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let handshake = proto::InboxHandshakeV1 {
|
|
|
|
|
header: Some(header),
|
|
|
|
|
payload: Bytes::from_owner(ciphertext),
|
|
|
|
|
};
|
|
|
|
|
|
2026-01-29 23:36:18 +07:00
|
|
|
// Update the address field with the Inbox delivery_Address
|
|
|
|
|
first_message.delivery_address =
|
2026-02-11 19:51:22 +01:00
|
|
|
delivery_address_for_installation(*remote_bundle.installation_key());
|
2026-01-29 23:36:18 +07:00
|
|
|
// Update the data field with new Payload
|
|
|
|
|
first_message.data = proto::EncryptedPayload {
|
2026-01-22 06:39:09 +07:00
|
|
|
encryption: Some(proto::Encryption::InboxHandshake(handshake)),
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-29 23:36:18 +07:00
|
|
|
Ok((convo, payloads))
|
2026-01-22 06:39:09 +07:00
|
|
|
}
|
|
|
|
|
|
2026-04-03 08:25:26 +08:00
|
|
|
/// Handles an incoming inbox frame. The caller must provide the ephemeral private key
|
|
|
|
|
/// looked up from storage. Returns the created conversation and optional content data.
|
2026-04-10 08:33:58 +08:00
|
|
|
pub fn handle_frame<PS: ConversationStore + RatchetStore>(
|
2026-04-03 08:25:26 +08:00
|
|
|
&self,
|
2026-02-06 23:41:12 +07:00
|
|
|
enc_payload: EncryptedPayload,
|
2026-04-08 11:07:23 +08:00
|
|
|
public_key_hex: &str,
|
2026-04-10 08:33:58 +08:00
|
|
|
private_store: Rc<RefCell<PS>>,
|
|
|
|
|
) -> Result<(Conversation<PS>, Option<ContentData>), ChatError> {
|
2026-04-08 11:07:23 +08:00
|
|
|
let ephemeral_key = self
|
|
|
|
|
.store
|
|
|
|
|
.borrow()
|
|
|
|
|
.load_ephemeral_key(public_key_hex)?
|
|
|
|
|
.ok_or(ChatError::UnknownEphemeralKey())?;
|
|
|
|
|
|
2026-02-06 23:41:12 +07:00
|
|
|
let handshake = Self::extract_payload(enc_payload)?;
|
2026-02-06 22:24:13 +07:00
|
|
|
|
|
|
|
|
let header = handshake
|
|
|
|
|
.header
|
|
|
|
|
.ok_or(ChatError::UnexpectedPayload("InboxV1Header".into()))?;
|
|
|
|
|
|
|
|
|
|
// Perform handshake and decrypt frame
|
2026-04-08 11:07:23 +08:00
|
|
|
let (seed_key, frame) =
|
|
|
|
|
self.perform_handshake(&ephemeral_key, header, handshake.payload)?;
|
2026-02-06 22:24:13 +07:00
|
|
|
|
|
|
|
|
match frame.frame_type.unwrap() {
|
|
|
|
|
proto::inbox_v1_frame::FrameType::InvitePrivateV1(_invite_private_v1) => {
|
2026-04-10 08:33:58 +08:00
|
|
|
let mut convo =
|
|
|
|
|
PrivateV1Convo::new_responder(private_store, seed_key, &ephemeral_key);
|
2026-02-06 22:24:13 +07:00
|
|
|
|
2026-02-09 09:55:58 -08:00
|
|
|
let Some(enc_payload) = _invite_private_v1.initial_message else {
|
2026-02-11 14:10:21 -08:00
|
|
|
return Err(ChatError::Protocol("missing initial encpayload".into()));
|
2026-02-09 09:55:58 -08:00
|
|
|
};
|
|
|
|
|
|
2026-02-11 14:10:21 -08:00
|
|
|
// Set is_new_convo for content data
|
|
|
|
|
let content = match convo.handle_frame(enc_payload)? {
|
|
|
|
|
Some(v) => ContentData {
|
|
|
|
|
is_new_convo: true,
|
|
|
|
|
..v
|
|
|
|
|
},
|
|
|
|
|
None => return Err(ChatError::Protocol("expected contentData".into())),
|
|
|
|
|
};
|
2026-02-09 09:55:58 -08:00
|
|
|
|
2026-04-03 08:25:26 +08:00
|
|
|
Ok((Conversation::Private(convo), Some(content)))
|
2026-02-06 22:24:13 +07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-03 08:25:26 +08:00
|
|
|
/// Extracts the ephemeral key hex from an incoming encrypted payload
|
|
|
|
|
/// so the caller can look it up from storage before calling handle_frame.
|
|
|
|
|
pub fn extract_ephemeral_key_hex(enc_payload: &EncryptedPayload) -> Result<String, ChatError> {
|
|
|
|
|
let Some(proto::Encryption::InboxHandshake(ref handshake)) = enc_payload.encryption else {
|
|
|
|
|
let got = format!("{:?}", enc_payload.encryption);
|
|
|
|
|
return Err(ChatError::ProtocolExpectation("inboxhandshake", got));
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let header = handshake
|
|
|
|
|
.header
|
|
|
|
|
.as_ref()
|
|
|
|
|
.ok_or(ChatError::UnexpectedPayload("InboxV1Header".into()))?;
|
|
|
|
|
|
|
|
|
|
Ok(hex::encode(header.responder_ephemeral.as_ref()))
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-22 06:39:09 +07:00
|
|
|
fn wrap_in_invite(payload: proto::EncryptedPayload) -> proto::InboxV1Frame {
|
|
|
|
|
let invite = proto::InvitePrivateV1 {
|
|
|
|
|
discriminator: "default".into(),
|
|
|
|
|
initial_message: Some(payload),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
proto::InboxV1Frame {
|
|
|
|
|
frame_type: Some(
|
|
|
|
|
chat_proto::logoschat::inbox::inbox_v1_frame::FrameType::InvitePrivateV1(invite),
|
|
|
|
|
),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn perform_handshake(
|
|
|
|
|
&self,
|
2026-02-18 09:29:33 -08:00
|
|
|
ephemeral_key: &PrivateKey,
|
2026-02-04 06:17:45 +07:00
|
|
|
header: proto::InboxHeaderV1,
|
|
|
|
|
bytes: Bytes,
|
2026-02-18 09:29:33 -08:00
|
|
|
) -> Result<(SymmetricKey32, proto::InboxV1Frame), ChatError> {
|
2026-02-04 06:17:45 +07:00
|
|
|
// Get PublicKeys from protobuf
|
2026-01-22 06:39:09 +07:00
|
|
|
let initator_static = PublicKey::from(
|
|
|
|
|
<[u8; 32]>::try_from(header.initiator_static.as_ref())
|
|
|
|
|
.map_err(|_| ChatError::BadBundleValue("wrong size - initator static".into()))?,
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let initator_ephemeral = PublicKey::from(
|
|
|
|
|
<[u8; 32]>::try_from(header.initiator_ephemeral.as_ref())
|
|
|
|
|
.map_err(|_| ChatError::BadBundleValue("wrong size - initator ephemeral".into()))?,
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
let seed_key = InboxHandshake::perform_as_responder(
|
|
|
|
|
self.ident.secret(),
|
|
|
|
|
ephemeral_key,
|
|
|
|
|
None,
|
|
|
|
|
&initator_static,
|
|
|
|
|
&initator_ephemeral,
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
// TODO: Decrypt Content
|
2026-02-09 09:55:58 -08:00
|
|
|
let frame = self.decrypt_frame(bytes)?;
|
2026-01-22 06:39:09 +07:00
|
|
|
Ok((seed_key, frame))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn extract_payload(
|
|
|
|
|
payload: proto::EncryptedPayload,
|
|
|
|
|
) -> Result<proto::InboxHandshakeV1, ChatError> {
|
|
|
|
|
let Some(proto::Encryption::InboxHandshake(handshake)) = payload.encryption else {
|
2026-01-29 00:59:07 +07:00
|
|
|
let got = format!("{:?}", payload.encryption);
|
|
|
|
|
|
|
|
|
|
return Err(ChatError::ProtocolExpectation("inboxhandshake", got));
|
2026-01-22 06:39:09 +07:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
Ok(handshake)
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-09 09:55:58 -08:00
|
|
|
fn decrypt_frame(&self, enc_frame_bytes: Bytes) -> Result<proto::InboxV1Frame, ChatError> {
|
2026-01-22 06:39:09 +07:00
|
|
|
// TODO: decrypt payload
|
2026-02-09 09:55:58 -08:00
|
|
|
let frame = proto::InboxV1Frame::decode(enc_frame_bytes)?;
|
2026-01-22 06:39:09 +07:00
|
|
|
Ok(frame)
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-09 09:55:58 -08:00
|
|
|
pub fn inbox_identifier_for_key(pubkey: PublicKey) -> String {
|
|
|
|
|
// TODO: Implement ID according to spec
|
|
|
|
|
hex::encode(Blake2b512::digest(pubkey))
|
|
|
|
|
}
|
2026-01-22 06:39:09 +07:00
|
|
|
}
|
|
|
|
|
|
2026-04-08 11:07:23 +08:00
|
|
|
impl<S: EphemeralKeyStore> Id for Inbox<S> {
|
2026-02-10 18:34:33 +01:00
|
|
|
fn id(&self) -> ConversationId<'_> {
|
2026-01-22 06:39:09 +07:00
|
|
|
&self.local_convo_id
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[cfg(test)]
|
|
|
|
|
mod tests {
|
2026-04-08 11:07:23 +08:00
|
|
|
use std::cell::RefCell;
|
|
|
|
|
|
2026-01-22 06:39:09 +07:00
|
|
|
use super::*;
|
2026-05-20 13:18:25 -07:00
|
|
|
use chat_sqlite::{ChatStorage, StorageConfig};
|
2026-01-22 06:39:09 +07:00
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
|
fn test_invite_privatev1_roundtrip() {
|
2026-04-10 08:33:58 +08:00
|
|
|
let saro_storage = Rc::new(RefCell::new(
|
|
|
|
|
ChatStorage::new(StorageConfig::InMemory).unwrap(),
|
|
|
|
|
));
|
|
|
|
|
let raya_storage = Rc::new(RefCell::new(
|
2026-04-08 11:07:23 +08:00
|
|
|
ChatStorage::new(StorageConfig::InMemory).unwrap(),
|
|
|
|
|
));
|
2026-04-03 08:25:26 +08:00
|
|
|
|
2026-02-19 17:25:42 -08:00
|
|
|
let saro_ident = Identity::new("saro");
|
2026-04-10 08:33:58 +08:00
|
|
|
let saro_inbox = Inbox::new(Rc::clone(&saro_storage), saro_ident.into());
|
2026-01-22 06:39:09 +07:00
|
|
|
|
2026-02-19 17:25:42 -08:00
|
|
|
let raya_ident = Identity::new("raya");
|
2026-04-10 08:33:58 +08:00
|
|
|
let raya_inbox = Inbox::new(Rc::clone(&raya_storage), raya_ident.into());
|
2026-04-03 08:25:26 +08:00
|
|
|
|
2026-04-08 11:07:23 +08:00
|
|
|
let bundle = raya_inbox.create_intro_bundle().unwrap();
|
2026-01-22 06:39:09 +07:00
|
|
|
|
2026-02-06 23:41:12 +07:00
|
|
|
let (_, mut payloads) = saro_inbox
|
2026-04-10 08:33:58 +08:00
|
|
|
.invite_to_private_convo(&bundle, "hello".as_bytes(), saro_storage)
|
2026-01-22 06:39:09 +07:00
|
|
|
.unwrap();
|
|
|
|
|
|
2026-02-06 23:41:12 +07:00
|
|
|
let payload = payloads.remove(0);
|
2026-04-08 11:07:23 +08:00
|
|
|
let key_hex = Inbox::<ChatStorage>::extract_ephemeral_key_hex(&payload.data).unwrap();
|
2026-01-22 06:39:09 +07:00
|
|
|
|
2026-04-10 08:33:58 +08:00
|
|
|
let result = raya_inbox.handle_frame(payload.data, &key_hex, raya_storage);
|
2026-01-22 06:39:09 +07:00
|
|
|
|
|
|
|
|
assert!(
|
|
|
|
|
result.is_ok(),
|
|
|
|
|
"handle_frame should accept valid encrypted payloads"
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
