609 lines
16 KiB
Go
609 lines
16 KiB
Go
package shhext
|
|
|
|
import (
|
|
"context"
|
|
"crypto/ecdsa"
|
|
"encoding/hex"
|
|
"errors"
|
|
"fmt"
|
|
"math/big"
|
|
"time"
|
|
|
|
"github.com/ethereum/go-ethereum/rlp"
|
|
|
|
"github.com/ethereum/go-ethereum/common"
|
|
"github.com/ethereum/go-ethereum/common/hexutil"
|
|
"github.com/ethereum/go-ethereum/crypto"
|
|
"github.com/ethereum/go-ethereum/log"
|
|
"github.com/ethereum/go-ethereum/p2p/enode"
|
|
"github.com/status-im/status-go/mailserver"
|
|
"github.com/status-im/status-go/services/shhext/chat"
|
|
"github.com/status-im/status-go/services/shhext/mailservers"
|
|
whisper "github.com/status-im/whisper/whisperv6"
|
|
)
|
|
|
|
const (
|
|
// defaultWorkTime is a work time reported in messages sent to MailServer nodes.
|
|
defaultWorkTime = 5
|
|
// defaultRequestTimeout is the default request timeout in seconds
|
|
defaultRequestTimeout = 10
|
|
)
|
|
|
|
var (
|
|
// ErrInvalidMailServerPeer is returned when it fails to parse enode from params.
|
|
ErrInvalidMailServerPeer = errors.New("invalid mailServerPeer value")
|
|
// ErrInvalidSymKeyID is returned when it fails to get a symmetric key.
|
|
ErrInvalidSymKeyID = errors.New("invalid symKeyID value")
|
|
// ErrInvalidPublicKey is returned when public key can't be extracted
|
|
// from MailServer's nodeID.
|
|
ErrInvalidPublicKey = errors.New("can't extract public key")
|
|
// ErrPFSNotEnabled is returned when an endpoint PFS only is called but
|
|
// PFS is disabled
|
|
ErrPFSNotEnabled = errors.New("pfs not enabled")
|
|
)
|
|
|
|
// -----
|
|
// PAYLOADS
|
|
// -----
|
|
|
|
// MessagesRequest is a RequestMessages() request payload.
|
|
type MessagesRequest struct {
|
|
// MailServerPeer is MailServer's enode address.
|
|
MailServerPeer string `json:"mailServerPeer"`
|
|
|
|
// From is a lower bound of time range (optional).
|
|
// Default is 24 hours back from now.
|
|
From uint32 `json:"from"`
|
|
|
|
// To is a upper bound of time range (optional).
|
|
// Default is now.
|
|
To uint32 `json:"to"`
|
|
|
|
// Limit determines the number of messages sent by the mail server
|
|
// for the current paginated request
|
|
Limit uint32 `json:"limit"`
|
|
|
|
// Cursor is used as starting point for paginated requests
|
|
Cursor string `json:"cursor"`
|
|
|
|
// Topic is a regular Whisper topic.
|
|
// DEPRECATED
|
|
Topic whisper.TopicType `json:"topic"`
|
|
|
|
// Topics is a list of Whisper topics.
|
|
Topics []whisper.TopicType `json:"topics"`
|
|
|
|
// SymKeyID is an ID of a symmetric key to authenticate to MailServer.
|
|
// It's derived from MailServer password.
|
|
SymKeyID string `json:"symKeyID"`
|
|
|
|
// Timeout is the time to live of the request specified in seconds.
|
|
// Default is 10 seconds
|
|
Timeout time.Duration `json:"timeout"`
|
|
}
|
|
|
|
func (r *MessagesRequest) setDefaults(now time.Time) {
|
|
// set From and To defaults
|
|
if r.To == 0 {
|
|
r.To = uint32(now.UTC().Unix())
|
|
}
|
|
|
|
if r.From == 0 {
|
|
oneDay := uint32(86400) // -24 hours
|
|
if r.To < oneDay {
|
|
r.From = 0
|
|
} else {
|
|
r.From = r.To - oneDay
|
|
}
|
|
}
|
|
|
|
if r.Timeout == 0 {
|
|
r.Timeout = defaultRequestTimeout
|
|
}
|
|
}
|
|
|
|
// SyncMessagesRequest is a SyncMessages() request payload.
|
|
type SyncMessagesRequest struct {
|
|
// MailServerPeer is MailServer's enode address.
|
|
MailServerPeer string `json:"mailServerPeer"`
|
|
|
|
// From is a lower bound of time range (optional).
|
|
// Default is 24 hours back from now.
|
|
From uint32 `json:"from"`
|
|
|
|
// To is a upper bound of time range (optional).
|
|
// Default is now.
|
|
To uint32 `json:"to"`
|
|
|
|
// Limit determines the number of messages sent by the mail server
|
|
// for the current paginated request
|
|
Limit uint32 `json:"limit"`
|
|
|
|
// Cursor is used as starting point for paginated requests
|
|
Cursor string `json:"cursor"`
|
|
|
|
// Topics is a list of Whisper topics.
|
|
// If empty, a full bloom filter will be used.
|
|
Topics []whisper.TopicType `json:"topics"`
|
|
}
|
|
|
|
// SyncMessagesResponse is a response from the mail server
|
|
// to which SyncMessagesRequest was sent.
|
|
type SyncMessagesResponse struct {
|
|
// Cursor from the response can be used to retrieve more messages
|
|
// for the previous request.
|
|
Cursor string `json:"cursor"`
|
|
|
|
// Error indicates that something wrong happened when sending messages
|
|
// to the requester.
|
|
Error string `json:"error"`
|
|
}
|
|
|
|
// -----
|
|
// PUBLIC API
|
|
// -----
|
|
|
|
// PublicAPI extends whisper public API.
|
|
type PublicAPI struct {
|
|
service *Service
|
|
publicAPI *whisper.PublicWhisperAPI
|
|
log log.Logger
|
|
}
|
|
|
|
// NewPublicAPI returns instance of the public API.
|
|
func NewPublicAPI(s *Service) *PublicAPI {
|
|
return &PublicAPI{
|
|
service: s,
|
|
publicAPI: whisper.NewPublicWhisperAPI(s.w),
|
|
log: log.New("package", "status-go/services/sshext.PublicAPI"),
|
|
}
|
|
}
|
|
|
|
// Post shamelessly copied from whisper codebase with slight modifications.
|
|
func (api *PublicAPI) Post(ctx context.Context, req whisper.NewMessage) (hash hexutil.Bytes, err error) {
|
|
hash, err = api.publicAPI.Post(ctx, req)
|
|
if err == nil {
|
|
var envHash common.Hash
|
|
copy(envHash[:], hash[:]) // slice can't be used as key
|
|
api.service.tracker.Add(envHash)
|
|
}
|
|
return hash, err
|
|
}
|
|
|
|
func (api *PublicAPI) getPeer(rawurl string) (*enode.Node, error) {
|
|
if len(rawurl) == 0 {
|
|
return mailservers.GetFirstConnected(api.service.server, api.service.peerStore)
|
|
}
|
|
return enode.ParseV4(rawurl)
|
|
}
|
|
|
|
// RequestMessages sends a request for historic messages to a MailServer.
|
|
func (api *PublicAPI) RequestMessages(_ context.Context, r MessagesRequest) (hexutil.Bytes, error) {
|
|
api.log.Info("RequestMessages", "request", r)
|
|
shh := api.service.w
|
|
now := api.service.w.GetCurrentTime()
|
|
r.setDefaults(now)
|
|
|
|
if r.From > r.To {
|
|
return nil, fmt.Errorf("Query range is invalid: from > to (%d > %d)", r.From, r.To)
|
|
}
|
|
|
|
mailServerNode, err := api.getPeer(r.MailServerPeer)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("%v: %v", ErrInvalidMailServerPeer, err)
|
|
}
|
|
|
|
var (
|
|
symKey []byte
|
|
publicKey *ecdsa.PublicKey
|
|
)
|
|
|
|
if r.SymKeyID != "" {
|
|
symKey, err = shh.GetSymKey(r.SymKeyID)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("%v: %v", ErrInvalidSymKeyID, err)
|
|
}
|
|
} else {
|
|
publicKey = mailServerNode.Pubkey()
|
|
}
|
|
|
|
payload, err := makeMessagesRequestPayload(r)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
envelope, err := makeEnvelop(
|
|
payload,
|
|
symKey,
|
|
publicKey,
|
|
api.service.nodeID,
|
|
shh.MinPow(),
|
|
now,
|
|
)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := shh.RequestHistoricMessagesWithTimeout(mailServerNode.ID().Bytes(), envelope, r.Timeout*time.Second); err != nil {
|
|
return nil, err
|
|
}
|
|
hash := envelope.Hash()
|
|
return hash[:], nil
|
|
}
|
|
|
|
// createSyncMailRequest creates SyncMailRequest. It uses a full bloom filter
|
|
// if no topics are given.
|
|
func createSyncMailRequest(r SyncMessagesRequest) (whisper.SyncMailRequest, error) {
|
|
var bloom []byte
|
|
if len(r.Topics) > 0 {
|
|
bloom = topicsToBloom(r.Topics...)
|
|
} else {
|
|
bloom = whisper.MakeFullNodeBloom()
|
|
}
|
|
|
|
cursor, err := hex.DecodeString(r.Cursor)
|
|
if err != nil {
|
|
return whisper.SyncMailRequest{}, err
|
|
}
|
|
|
|
return whisper.SyncMailRequest{
|
|
Lower: r.From,
|
|
Upper: r.To,
|
|
Bloom: bloom,
|
|
Limit: r.Limit,
|
|
Cursor: cursor,
|
|
}, nil
|
|
}
|
|
|
|
func createSyncMessagesResponse(r whisper.SyncEventResponse) SyncMessagesResponse {
|
|
return SyncMessagesResponse{
|
|
Cursor: hex.EncodeToString(r.Cursor),
|
|
Error: r.Error,
|
|
}
|
|
}
|
|
|
|
// SyncMessages sends a request to a given MailServerPeer to sync historic messages.
|
|
// MailServerPeers needs to be added as a trusted peer first.
|
|
func (api *PublicAPI) SyncMessages(ctx context.Context, r SyncMessagesRequest) (SyncMessagesResponse, error) {
|
|
var response SyncMessagesResponse
|
|
|
|
mailServerEnode, err := enode.ParseV4(r.MailServerPeer)
|
|
if err != nil {
|
|
return response, fmt.Errorf("invalid MailServerPeer: %v", err)
|
|
}
|
|
|
|
request, err := createSyncMailRequest(r)
|
|
if err != nil {
|
|
return response, fmt.Errorf("failed to create a sync mail request: %v", err)
|
|
}
|
|
|
|
if err := api.service.w.SyncMessages(mailServerEnode.ID().Bytes(), request); err != nil {
|
|
return response, fmt.Errorf("failed to send a sync request: %v", err)
|
|
}
|
|
|
|
// Wait for the response which is received asynchronously as a p2p packet.
|
|
// This packet handler will send an event which contains the response payload.
|
|
events := make(chan whisper.EnvelopeEvent)
|
|
sub := api.service.w.SubscribeEnvelopeEvents(events)
|
|
defer sub.Unsubscribe()
|
|
|
|
for {
|
|
select {
|
|
case event := <-events:
|
|
if event.Event != whisper.EventMailServerSyncFinished {
|
|
continue
|
|
}
|
|
|
|
log.Info("received EventMailServerSyncFinished event", "data", event.Data)
|
|
|
|
if resp, ok := event.Data.(whisper.SyncEventResponse); ok {
|
|
return createSyncMessagesResponse(resp), nil
|
|
}
|
|
return response, fmt.Errorf("did not understand the response event data")
|
|
case <-ctx.Done():
|
|
return response, ctx.Err()
|
|
}
|
|
}
|
|
}
|
|
|
|
// GetNewFilterMessages is a prototype method with deduplication
|
|
func (api *PublicAPI) GetNewFilterMessages(filterID string) ([]*whisper.Message, error) {
|
|
msgs, err := api.publicAPI.GetFilterMessages(filterID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
dedupMessages := api.service.deduplicator.Deduplicate(msgs)
|
|
|
|
if api.service.pfsEnabled {
|
|
// Attempt to decrypt message, otherwise leave unchanged
|
|
for _, msg := range dedupMessages {
|
|
|
|
if err := api.processPFSMessage(msg); err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
}
|
|
|
|
return dedupMessages, nil
|
|
}
|
|
|
|
// ConfirmMessagesProcessed is a method to confirm that messages was consumed by
|
|
// the client side.
|
|
func (api *PublicAPI) ConfirmMessagesProcessed(messages []*whisper.Message) error {
|
|
return api.service.deduplicator.AddMessages(messages)
|
|
}
|
|
|
|
// SendPublicMessage sends a public chat message to the underlying transport
|
|
func (api *PublicAPI) SendPublicMessage(ctx context.Context, msg chat.SendPublicMessageRPC) (hexutil.Bytes, error) {
|
|
privateKey, err := api.service.w.GetPrivateKey(msg.Sig)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// This is transport layer agnostic
|
|
protocolMessage, err := api.service.protocol.BuildPublicMessage(privateKey, msg.Payload)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
symKeyID, err := api.service.w.AddSymKeyFromPassword(msg.Chat)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Enrich with transport layer info
|
|
whisperMessage := chat.PublicMessageToWhisper(msg, protocolMessage)
|
|
whisperMessage.SymKeyID = symKeyID
|
|
|
|
// And dispatch
|
|
return api.Post(ctx, whisperMessage)
|
|
}
|
|
|
|
// SendDirectMessage sends a 1:1 chat message to the underlying transport
|
|
func (api *PublicAPI) SendDirectMessage(ctx context.Context, msg chat.SendDirectMessageRPC) ([]hexutil.Bytes, error) {
|
|
if !api.service.pfsEnabled {
|
|
return nil, ErrPFSNotEnabled
|
|
}
|
|
// To be completely agnostic from whisper we should not be using whisper to store the key
|
|
privateKey, err := api.service.w.GetPrivateKey(msg.Sig)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
publicKey, err := crypto.UnmarshalPubkey(msg.PubKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// This is transport layer-agnostic
|
|
protocolMessages, err := api.service.protocol.BuildDirectMessage(privateKey, msg.Payload, publicKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
var response []hexutil.Bytes
|
|
|
|
for key, message := range protocolMessages {
|
|
msg.PubKey = crypto.FromECDSAPub(key)
|
|
// Enrich with transport layer info
|
|
whisperMessage := chat.DirectMessageToWhisper(msg, message)
|
|
|
|
// And dispatch
|
|
hash, err := api.Post(ctx, whisperMessage)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
response = append(response, hash)
|
|
|
|
}
|
|
return response, nil
|
|
}
|
|
|
|
// SendPairingMessage sends a 1:1 chat message to our own devices to initiate a pairing session
|
|
func (api *PublicAPI) SendPairingMessage(ctx context.Context, msg chat.SendDirectMessageRPC) ([]hexutil.Bytes, error) {
|
|
if !api.service.pfsEnabled {
|
|
return nil, ErrPFSNotEnabled
|
|
}
|
|
// To be completely agnostic from whisper we should not be using whisper to store the key
|
|
privateKey, err := api.service.w.GetPrivateKey(msg.Sig)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
msg.PubKey = crypto.FromECDSAPub(&privateKey.PublicKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
protocolMessage, err := api.service.protocol.BuildPairingMessage(privateKey, msg.Payload)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
var response []hexutil.Bytes
|
|
|
|
// Enrich with transport layer info
|
|
whisperMessage := chat.DirectMessageToWhisper(msg, protocolMessage)
|
|
|
|
// And dispatch
|
|
hash, err := api.Post(ctx, whisperMessage)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
response = append(response, hash)
|
|
|
|
return response, nil
|
|
}
|
|
|
|
// SendGroupMessage sends a group messag chat message to the underlying transport
|
|
func (api *PublicAPI) SendGroupMessage(ctx context.Context, msg chat.SendGroupMessageRPC) ([]hexutil.Bytes, error) {
|
|
if !api.service.pfsEnabled {
|
|
return nil, ErrPFSNotEnabled
|
|
}
|
|
|
|
// To be completely agnostic from whisper we should not be using whisper to store the key
|
|
privateKey, err := api.service.w.GetPrivateKey(msg.Sig)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
var keys []*ecdsa.PublicKey
|
|
|
|
for _, k := range msg.PubKeys {
|
|
publicKey, err := crypto.UnmarshalPubkey(k)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
keys = append(keys, publicKey)
|
|
}
|
|
|
|
// This is transport layer-agnostic
|
|
protocolMessages, err := api.service.protocol.BuildDirectMessage(privateKey, msg.Payload, keys...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
var response []hexutil.Bytes
|
|
|
|
for key, message := range protocolMessages {
|
|
directMessage := chat.SendDirectMessageRPC{
|
|
PubKey: crypto.FromECDSAPub(key),
|
|
Payload: msg.Payload,
|
|
Sig: msg.Sig,
|
|
}
|
|
|
|
// Enrich with transport layer info
|
|
whisperMessage := chat.DirectMessageToWhisper(directMessage, message)
|
|
|
|
// And dispatch
|
|
hash, err := api.Post(ctx, whisperMessage)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
response = append(response, hash)
|
|
|
|
}
|
|
return response, nil
|
|
}
|
|
|
|
func (api *PublicAPI) processPFSMessage(msg *whisper.Message) error {
|
|
|
|
privateKeyID := api.service.w.SelectedKeyPairID()
|
|
if privateKeyID == "" {
|
|
return errors.New("no key selected")
|
|
}
|
|
|
|
privateKey, err := api.service.w.GetPrivateKey(privateKeyID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
publicKey, err := crypto.UnmarshalPubkey(msg.Sig)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
response, err := api.service.protocol.HandleMessage(privateKey, publicKey, msg.Payload)
|
|
|
|
// Notify that someone tried to contact us using an invalid bundle
|
|
if err == chat.ErrDeviceNotFound && privateKey.PublicKey != *publicKey {
|
|
api.log.Warn("Device not found, sending signal", "err", err)
|
|
keyString := fmt.Sprintf("0x%x", crypto.FromECDSAPub(publicKey))
|
|
handler := EnvelopeSignalHandler{}
|
|
handler.DecryptMessageFailed(keyString)
|
|
return nil
|
|
} else if err != nil {
|
|
// Ignore errors for now as those might be non-pfs messages
|
|
api.log.Error("Failed handling message with error", "err", err)
|
|
return nil
|
|
}
|
|
|
|
// Add unencrypted payload
|
|
msg.Payload = response
|
|
|
|
return nil
|
|
}
|
|
|
|
// -----
|
|
// HELPER
|
|
// -----
|
|
|
|
// makeEnvelop makes an envelop for a historic messages request.
|
|
// Symmetric key is used to authenticate to MailServer.
|
|
// PK is the current node ID.
|
|
func makeEnvelop(
|
|
payload []byte,
|
|
symKey []byte,
|
|
publicKey *ecdsa.PublicKey,
|
|
nodeID *ecdsa.PrivateKey,
|
|
pow float64,
|
|
now time.Time,
|
|
) (*whisper.Envelope, error) {
|
|
params := whisper.MessageParams{
|
|
PoW: pow,
|
|
Payload: payload,
|
|
WorkTime: defaultWorkTime,
|
|
Src: nodeID,
|
|
}
|
|
// Either symKey or public key is required.
|
|
// This condition is verified in `message.Wrap()` method.
|
|
if len(symKey) > 0 {
|
|
params.KeySym = symKey
|
|
} else if publicKey != nil {
|
|
params.Dst = publicKey
|
|
}
|
|
message, err := whisper.NewSentMessage(¶ms)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return message.Wrap(¶ms, now)
|
|
}
|
|
|
|
// makeMessagesRequestPayload makes a specific payload for MailServer
|
|
// to request historic messages.
|
|
func makeMessagesRequestPayload(r MessagesRequest) ([]byte, error) {
|
|
cursor, err := hex.DecodeString(r.Cursor)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("invalid cursor: %v", err)
|
|
}
|
|
if len(cursor) > 0 && len(cursor) != mailserver.DBKeyLength {
|
|
return nil, fmt.Errorf("invalid cursor size: expected %d but got %d", mailserver.DBKeyLength, len(cursor))
|
|
}
|
|
|
|
payload := mailserver.MessagesRequestPayload{
|
|
Lower: r.From,
|
|
Upper: r.To,
|
|
Bloom: createBloomFilter(r),
|
|
Limit: r.Limit,
|
|
Cursor: cursor,
|
|
// Client must tell the MailServer if it supports batch responses.
|
|
// This can be removed in the future.
|
|
Batch: true,
|
|
}
|
|
|
|
return rlp.EncodeToBytes(payload)
|
|
}
|
|
|
|
func createBloomFilter(r MessagesRequest) []byte {
|
|
if len(r.Topics) > 0 {
|
|
return topicsToBloom(r.Topics...)
|
|
}
|
|
|
|
return whisper.TopicToBloom(r.Topic)
|
|
}
|
|
|
|
func topicsToBloom(topics ...whisper.TopicType) []byte {
|
|
i := new(big.Int)
|
|
for _, topic := range topics {
|
|
bloom := whisper.TopicToBloom(topic)
|
|
i.Or(i, new(big.Int).SetBytes(bloom[:]))
|
|
}
|
|
|
|
combined := make([]byte, whisper.BloomFilterSize)
|
|
data := i.Bytes()
|
|
copy(combined[whisper.BloomFilterSize-len(data):], data[:])
|
|
|
|
return combined
|
|
}
|