#include "ssb.js.h" #include "database.js.h" #include "log.h" #include "mem.h" #include "ssb.db.h" #include "ssb.h" #include "util.js.h" #include "sodium/crypto_hash_sha256.h" #include "sodium/crypto_box.h" #include "sodium/crypto_scalarmult.h" #include "sodium/crypto_scalarmult_curve25519.h" #include "sodium/crypto_secretbox.h" #include "sodium/crypto_sign.h" #include "sodium/randombytes.h" #include "string.h" #include "sqlite3.h" #include "uv.h" #include #include static JSClassID _tf_ssb_classId; void _tf_ssb_on_rpc(tf_ssb_connection_t* connection, uint8_t flags, int32_t request_number, JSValue args, const uint8_t* message, size_t size, void* user_data); static JSValue _tf_ssb_createIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); JSValue result = JS_UNDEFINED; if (ssb) { const char* user = JS_ToCString(context, argv[0]); int count = tf_ssb_db_identity_get_count_for_user(ssb, user); if (count < 16) { char public[512]; char private[512]; tf_ssb_generate_keys_buffer(public, sizeof(public), private, sizeof(private)); if (tf_ssb_db_identity_add(ssb, user, public, private)) { char id[513]; snprintf(id, sizeof(id), "@%s", public); result = JS_NewString(context, id); } else { result = JS_ThrowInternalError(context, "Unable to add identity."); } } else { result = JS_ThrowInternalError(context, "Too many identities for user."); } JS_FreeCString(context, user); } return result; } typedef struct _identities_visit_t { JSContext* context; JSValue array; int count; } identities_visit_t; static void _tf_ssb_getIdentities_visit(const char* identity, void* data) { identities_visit_t* state = data; char id[k_id_base64_len]; snprintf(id, sizeof(id), "@%s", identity); JS_SetPropertyUint32(state->context, state->array, state->count++, JS_NewString(state->context, id)); } static JSValue _tf_ssb_getIdentities(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NewArray(context); tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { const char* user = JS_ToCString(context, argv[0]); identities_visit_t state = { .context = context, .array = result, }; tf_ssb_db_identity_visit(ssb, user, _tf_ssb_getIdentities_visit, &state); JS_FreeCString(context, user); } return result; } static JSValue _tf_ssb_getAllIdentities(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NewArray(context); tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { identities_visit_t state = { .context = context, .array = result, }; tf_ssb_db_identity_visit_all(ssb, _tf_ssb_getIdentities_visit, &state); } return result; } static JSValue _tf_ssb_appendMessageWithIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { const char* user = JS_ToCString(context, argv[0]); const char* id = JS_ToCString(context, argv[1]); uint8_t private_key[crypto_sign_SECRETKEYBYTES]; if (tf_ssb_db_identity_get_private_key(ssb, user, id, private_key, sizeof(private_key))) { tf_ssb_append_message_with_keys(ssb, id, private_key, argv[2]); } else { result = JS_ThrowInternalError(context, "Unable to get private key for user %s with identity %s.", user, id); } JS_FreeCString(context, id); JS_FreeCString(context, user); } return result; } static JSValue _tf_ssb_getMessage(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NULL; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { const char* id = JS_ToCString(context, argv[0]); int64_t sequence = 0; JS_ToInt64(context, &sequence, argv[1]); double timestamp = -1.0; char* contents = NULL; if (tf_ssb_db_get_message_by_author_and_sequence(ssb, id, sequence, NULL, 0, ×tamp, &contents)) { result = JS_NewObject(context); JS_SetPropertyStr(context, result, "timestamp", JS_NewFloat64(context, timestamp)); JS_SetPropertyStr(context, result, "content", JS_NewString(context, contents)); tf_free(contents); } JS_FreeCString(context, id); } return result; } static JSValue _tf_ssb_blobGet(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NULL; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { const char* id = JS_ToCString(context, argv[0]); uint8_t* blob = NULL; size_t size = 0; if (tf_ssb_db_blob_get(ssb, id, &blob, &size)) { result = JS_NewArrayBufferCopy(context, blob, size); tf_free(blob); } JS_FreeCString(context, id); } return result; } static JSValue _tf_ssb_blobStore(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NULL; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { uint8_t* blob = NULL; size_t size = 0; char id[512]; if (JS_IsString(argv[0])) { const char* text = JS_ToCStringLen(context, &size, argv[0]); if (tf_ssb_db_blob_store(ssb, (const uint8_t*)text, size, id, sizeof(id), NULL)) { result = JS_NewString(context, id); } JS_FreeCString(context, text); } else if ((blob = tf_util_try_get_array_buffer(context, &size, argv[0])) != 0) { if (tf_ssb_db_blob_store(ssb, blob, size, id, sizeof(id), NULL)) { result = JS_NewString(context, id); } } else { size_t offset; size_t element_size; JSValue buffer = tf_util_try_get_typed_array_buffer(context, argv[0], &offset, &size, &element_size); if (!JS_IsException(buffer)) { blob = tf_util_try_get_array_buffer(context, &size, buffer); if (blob) { if (tf_ssb_db_blob_store(ssb, blob, size, id, sizeof(id), NULL)) { result = JS_NewString(context, id); } } } JS_FreeValue(context, buffer); } } return result; } static JSValue _tf_ssb_messageContentGet(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NULL; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { const char* id = JS_ToCString(context, argv[0]); uint8_t* blob = NULL; size_t size = 0; if (tf_ssb_db_message_content_get(ssb, id, &blob, &size)) { result = JS_NewArrayBufferCopy(context, blob, size); tf_free(blob); } JS_FreeCString(context, id); } return result; } static JSValue _tf_ssb_connections(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NULL; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { const char** connections = tf_ssb_get_connection_ids(ssb); if (connections) { result = JS_NewArray(context); uint32_t i = 0; for (const char** p = connections; *p; p++, i++) { JS_SetPropertyUint32(context, result, i, JS_NewString(context, *p)); } tf_free(connections); } } return result; } static JSValue _tf_ssb_storedConnections(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NULL; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { int count = 0; tf_ssb_db_stored_connection_t* connections = tf_ssb_db_get_stored_connections(ssb, &count); result = JS_NewArray(context); for (int i = 0; i < count; i++) { JSValue connection = JS_NewObject(context); JS_SetPropertyStr(context, connection, "address", JS_NewString(context, connections[i].address)); JS_SetPropertyStr(context, connection, "port", JS_NewInt32(context, connections[i].port)); JS_SetPropertyStr(context, connection, "pubkey", JS_NewString(context, connections[i].pubkey)); JS_SetPropertyUint32(context, result, i, connection); } tf_free(connections); } return result; } static JSValue _tf_ssb_getConnection(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* id = JS_ToCString(context, argv[0]); tf_ssb_connection_t* connection = tf_ssb_connection_get(ssb, id); JS_FreeCString(context, id); return JS_DupValue(context, tf_ssb_connection_get_object(connection)); } static JSValue _tf_ssb_closeConnection(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* id = JS_ToCString(context, argv[0]); tf_ssb_connection_t* connection = tf_ssb_connection_get(ssb, id); if (connection) { tf_ssb_connection_close(connection); } JS_FreeCString(context, id); return connection ? JS_TRUE : JS_FALSE; } typedef struct _sql_work_t { uv_work_t request; tf_ssb_t* ssb; uv_thread_t thread_id; uint64_t start_time; uint64_t end_time; const char* query; uint8_t* binds; size_t binds_count; uint8_t* rows; size_t rows_count; JSValue callback; JSValue promise[2]; int result; char* error; } sql_work_t; static void _tf_ssb_sql_append(uint8_t** rows, size_t* rows_count, const void* data, size_t size) { *rows = tf_resize_vec(*rows, *rows_count + size); memcpy(*rows + *rows_count, data, size); *rows_count += size; } static void _tf_ssb_sqlAsync_work(uv_work_t* work) { sql_work_t* sql_work = work->data; sql_work->start_time = uv_hrtime(); sql_work->thread_id = uv_thread_self(); sqlite3* db = tf_ssb_acquire_db_reader(sql_work->ssb); sqlite3_stmt* statement = NULL; sql_work->result = sqlite3_prepare(db, sql_work->query, -1, &statement, NULL); if (sql_work->result == SQLITE_OK) { const uint8_t* p = sql_work->binds; int column = 0; while (p < sql_work->binds + sql_work->binds_count) { switch (*p++) { case SQLITE_INTEGER: { int64_t value = 0; memcpy(&value, p, sizeof(value)); sqlite3_bind_int64(statement, column + 1, value); p += sizeof(value); } break; case SQLITE_TEXT: { size_t length = 0; memcpy(&length, p, sizeof(length)); p += sizeof(length); sqlite3_bind_text(statement, column + 1, (const char*)p, length, NULL); p += length; } break; case SQLITE_NULL: sqlite3_bind_null(statement, column + 1); break; default: abort(); } column++; } int r = SQLITE_OK; while ((r = sqlite3_step(statement)) == SQLITE_ROW) { _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &(uint8_t[]) { 'r' }, 1); for (int i = 0; i < sqlite3_column_count(statement); i++) { _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &(uint8_t[]) { 'c' }, 1); const char* name = sqlite3_column_name(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, name, strlen(name) + 1); uint8_t type = sqlite3_column_type(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &type, sizeof(type)); switch (type) { case SQLITE_INTEGER: { int64_t value = sqlite3_column_int64(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &value, sizeof(value)); } break; case SQLITE_FLOAT: { double value = sqlite3_column_double(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &value, sizeof(value)); } break; case SQLITE_TEXT: { size_t bytes = sqlite3_column_bytes(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &bytes, sizeof(bytes)); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, sqlite3_column_text(statement, i), bytes); } break; case SQLITE_BLOB: { size_t bytes = sqlite3_column_bytes(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &bytes, sizeof(bytes)); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, sqlite3_column_blob(statement, i), bytes); } break; case SQLITE_NULL: break; default: abort(); } } } sql_work->result = r; if (r != SQLITE_OK && r != SQLITE_DONE) { sql_work->error = tf_strdup(sqlite3_errmsg(db)); } _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &(uint8_t[]) { 0 }, 1); sqlite3_finalize(statement); } else { sql_work->error = tf_strdup(sqlite3_errmsg(db)); } tf_ssb_release_db_reader(sql_work->ssb, db); sql_work->end_time = uv_hrtime(); } static void _tf_ssb_sqlAsync_after_work(uv_work_t* work, int status) { sql_work_t* sql_work = work->data; tf_ssb_record_thread_time(sql_work->ssb, (int64_t)sql_work->thread_id, sql_work->end_time - sql_work->start_time); JSContext* context = tf_ssb_get_context(sql_work->ssb); uint8_t* p = sql_work->rows; while (p < sql_work->rows + sql_work->rows_count) { if (*p++ == 'r') { JSValue row = JS_NewObject(context); while (*p == 'c') { p++; const char* column_name = (const char*)p; size_t length = strlen((char*)p); p += length + 1; switch (*p++) { case SQLITE_INTEGER: { int64_t value = 0; memcpy(&value, p, sizeof(value)); JS_SetPropertyStr(context, row, column_name, JS_NewInt64(context, value)); p += sizeof(value); } break; case SQLITE_FLOAT: { double value = 0.0; memcpy(&value, p, sizeof(value)); JS_SetPropertyStr(context, row, column_name, JS_NewFloat64(context, value)); p += sizeof(value); } break; case SQLITE_TEXT: case SQLITE_BLOB: { size_t length = 0; memcpy(&length, p, sizeof(length)); p += sizeof(length); JS_SetPropertyStr(context, row, column_name, JS_NewStringLen(context, (const char*)p, length)); p += length; } break; case SQLITE_NULL: JS_SetPropertyStr(context, row, column_name, JS_NULL); break; } } JSValue response = JS_Call(context, sql_work->callback, JS_UNDEFINED, 1, &row); tf_util_report_error(context, response); JS_FreeValue(context, response); JS_FreeValue(context, row); } else { break; } } tf_free(sql_work->binds); tf_free(sql_work->rows); JSValue result = JS_UNDEFINED; if (sql_work->result == SQLITE_OK || sql_work->result == SQLITE_DONE) { result = JS_Call(context, sql_work->promise[0], JS_UNDEFINED, 0, NULL); tf_util_report_error(context, result); } else { JSValue error = JS_ThrowInternalError(context, "SQL Error %s: %s", sql_work->error, sql_work->query); JSValue exception = JS_GetException(context); result = JS_Call(context, sql_work->promise[1], JS_UNDEFINED, 1, &exception); tf_util_report_error(context, result); JS_FreeValue(context, exception); JS_FreeValue(context, error); } JS_FreeValue(context, result); JS_FreeValue(context, sql_work->promise[0]); JS_FreeValue(context, sql_work->promise[1]); JS_FreeValue(context, sql_work->callback); JS_FreeCString(context, sql_work->query); tf_free(sql_work->error); tf_free(sql_work); } static JSValue _tf_ssb_sqlAsync(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* query = JS_ToCString(context, argv[0]); sql_work_t* work = tf_malloc(sizeof(sql_work_t)); *work = (sql_work_t) { .request = { .data = work, }, .ssb = ssb, .callback = JS_DupValue(context, argv[2]), .query = query, }; JSValue result = JS_NewPromiseCapability(context, work->promise); JSValue error_value = JS_UNDEFINED; if (ssb) { int32_t length = tf_util_get_length(context, argv[1]); for (int i = 0; i < length; i++) { JSValue value = JS_GetPropertyUint32(context, argv[1], i); if (JS_IsNumber(value)) { uint8_t type = SQLITE_INTEGER; int64_t number = 0; JS_ToInt64(context, &number, value); _tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type)); _tf_ssb_sql_append(&work->binds, &work->binds_count, &number, sizeof(number)); } else if (JS_IsBool(value)) { uint8_t type = SQLITE_INTEGER; int64_t number = JS_ToBool(context, value) ? 1 : 0; _tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type)); _tf_ssb_sql_append(&work->binds, &work->binds_count, &number, sizeof(number)); } else if (JS_IsNull(value)) { uint8_t type = SQLITE_NULL; _tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type)); } else { uint8_t type = SQLITE_TEXT; size_t length = 0; const char* string = JS_ToCStringLen(context, &length, value); if (!string) { string = ""; } _tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type)); _tf_ssb_sql_append(&work->binds, &work->binds_count, &length, sizeof(length)); _tf_ssb_sql_append(&work->binds, &work->binds_count, string, length); JS_FreeCString(context, string); } JS_FreeValue(context, value); } int r = uv_queue_work(tf_ssb_get_loop(ssb), &work->request, _tf_ssb_sqlAsync_work, _tf_ssb_sqlAsync_after_work); if (r) { error_value = JS_ThrowInternalError(context, "uv_queue_work failed: %s", uv_strerror(r)); } } if (!JS_IsUndefined(error_value)) { JSValue call_result = JS_Call(context, work->promise[1], JS_UNDEFINED, 1, &error_value); tf_util_report_error(context, call_result); JS_FreeValue(context, call_result); JS_FreeValue(context, work->promise[0]); JS_FreeValue(context, work->promise[1]); JS_FreeValue(context, work->callback); JS_FreeValue(context, error_value); JS_FreeCString(context, query); tf_free(work->binds); tf_free(work->error); tf_free(work); } return result; } static JSValue _tf_ssb_storeMessage(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); bool is_new = false; if (tf_ssb_verify_strip_and_store_message(ssb, argv[0], &is_new)) { return is_new ? JS_TRUE : JS_FALSE; } else { return JS_UNDEFINED; } } typedef struct _broadcasts_t { JSContext* context; JSValue array; int length; } broadcasts_t; static void _tf_ssb_broadcasts_visit(const char* host, const struct sockaddr_in* addr, tf_ssb_connection_t* tunnel, const uint8_t* pub, void* user_data) { broadcasts_t* broadcasts = user_data; JSValue entry = JS_NewObject(broadcasts->context); char pubkey[k_id_base64_len]; tf_ssb_id_bin_to_str(pubkey, sizeof(pubkey), pub); if (tunnel) { JS_SetPropertyStr(broadcasts->context, entry, "tunnel", JS_DupValue(broadcasts->context, tf_ssb_connection_get_object(tunnel))); } else { JS_SetPropertyStr(broadcasts->context, entry, "address", JS_NewString(broadcasts->context, host)); JS_SetPropertyStr(broadcasts->context, entry, "port", JS_NewInt32(broadcasts->context, ntohs(addr->sin_port))); } JS_SetPropertyStr(broadcasts->context, entry, "pubkey", JS_NewString(broadcasts->context, pubkey)); JS_SetPropertyUint32(broadcasts->context, broadcasts->array, broadcasts->length++, entry); } static JSValue _tf_ssb_getBroadcasts(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { result = JS_NewArray(context); broadcasts_t broadcasts = { .context = context, .array = result, .length = 0, }; tf_ssb_visit_broadcasts(ssb, _tf_ssb_broadcasts_visit, &broadcasts); } return result; } static JSValue _tf_ssb_connect(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue args = argv[0]; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { if (JS_IsString(args)) { const char* address_str = JS_ToCString(context, args); tf_printf("Connecting to %s\n", address_str); tf_ssb_connect_str(ssb, address_str); JS_FreeCString(context, address_str); } else { JSValue address = JS_GetPropertyStr(context, args, "address"); JSValue port = JS_GetPropertyStr(context, args, "port"); JSValue pubkey = JS_GetPropertyStr(context, args, "pubkey"); const char* address_str = JS_ToCString(context, address); int32_t port_int = 0; JS_ToInt32(context, &port_int, port); const char* pubkey_str = JS_ToCString(context, pubkey); if (pubkey_str) { tf_printf("Connecting to %s:%d\n", address_str, port_int); uint8_t pubkey_bin[k_id_bin_len]; tf_ssb_id_str_to_bin(pubkey_bin, pubkey_str); tf_ssb_connect(ssb, address_str, port_int, pubkey_bin); } else { tf_printf("Not connecting to null.\n"); } JS_FreeCString(context, pubkey_str); JS_FreeCString(context, address_str); JS_FreeValue(context, address); JS_FreeValue(context, port); JS_FreeValue(context, pubkey); } } return JS_UNDEFINED; } static JSValue _tf_ssb_forgetStoredConnection(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue args = argv[0]; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { JSValue address = JS_GetPropertyStr(context, args, "address"); JSValue port = JS_GetPropertyStr(context, args, "port"); JSValue pubkey = JS_GetPropertyStr(context, args, "pubkey"); const char* address_str = JS_ToCString(context, address); int32_t port_int = 0; JS_ToInt32(context, &port_int, port); const char* pubkey_str = JS_ToCString(context, pubkey); if (pubkey_str) { tf_ssb_db_forget_stored_connection(ssb, address_str, port_int, pubkey_str); } JS_FreeCString(context, pubkey_str); JS_FreeCString(context, address_str); JS_FreeValue(context, address); JS_FreeValue(context, port); JS_FreeValue(context, pubkey); } return JS_UNDEFINED; } static void _tf_ssb_cleanup_value(tf_ssb_t* ssb, void* user_data) { JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data); JS_FreeValue(tf_ssb_get_context(ssb), callback); } static void _tf_ssb_on_message_added_callback(tf_ssb_t* ssb, const char* id, void* user_data) { JSContext* context = tf_ssb_get_context(ssb); JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data); JSValue string = JS_NewString(context, id); JSValue response = JS_Call(context, callback, JS_UNDEFINED, 1, &string); if (tf_util_report_error(context, response)) { tf_ssb_remove_message_added_callback(ssb, _tf_ssb_on_message_added_callback, user_data); } JS_FreeValue(context, response); JS_FreeValue(context, string); } static void _tf_ssb_on_blob_want_added_callback(tf_ssb_t* ssb, const char* id, void* user_data) { JSContext* context = tf_ssb_get_context(ssb); JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data); JSValue string = JS_NewString(context, id); JSValue response = JS_Call(context, callback, JS_UNDEFINED, 1, &string); if (tf_util_report_error(context, response)) { tf_ssb_remove_blob_want_added_callback(ssb, _tf_ssb_on_blob_want_added_callback, user_data); } JS_FreeValue(context, response); JS_FreeValue(context, string); } static void _tf_ssb_on_connections_changed_callback(tf_ssb_t* ssb, tf_ssb_change_t change, tf_ssb_connection_t* connection, void* user_data) { JSContext* context = tf_ssb_get_context(ssb); JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data); JSValue response = JS_UNDEFINED; switch (change) { case k_tf_ssb_change_create: break; case k_tf_ssb_change_connect: { JSValue object = JS_DupValue(context, tf_ssb_connection_get_object(connection)); JSValue args[] = { JS_NewString(context, "add"), object, }; response = JS_Call(context, callback, JS_UNDEFINED, 2, args); if (tf_util_report_error(context, response)) { tf_ssb_remove_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, user_data); } JS_FreeValue(context, args[0]); JS_FreeValue(context, object); } break; case k_tf_ssb_change_remove: { JSValue object = JS_DupValue(context, tf_ssb_connection_get_object(connection)); JSValue args[] = { JS_NewString(context, "remove"), object, }; response = JS_Call(context, callback, JS_UNDEFINED, 2, args); if (tf_util_report_error(context, response)) { tf_ssb_remove_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, user_data); } JS_FreeValue(context, args[0]); JS_FreeValue(context, object); } break; } JS_FreeValue(context, response); } static void _tf_ssb_on_broadcasts_changed_callback(tf_ssb_t* ssb, void* user_data) { JSContext* context = tf_ssb_get_context(ssb); JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data); JSValue argv = JS_UNDEFINED; JSValue response = JS_Call(context, callback, JS_UNDEFINED, 1, &argv); if (tf_util_report_error(context, response)) { tf_ssb_remove_broadcasts_changed_callback(ssb, _tf_ssb_on_broadcasts_changed_callback, user_data); } JS_FreeValue(context, response); } static JSValue _tf_ssb_add_event_listener(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* event_name = JS_ToCString(context, argv[0]); JSValue callback = argv[1]; JSValue result = JS_UNDEFINED; if (!event_name) { result = JS_ThrowTypeError(context, "Expected argument 1 to be a string event name."); } else if (!JS_IsFunction(context, callback)) { result = JS_ThrowTypeError(context, "Expected argument 2 to be a function."); } else { if (strcmp(event_name, "connections") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_add_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, _tf_ssb_cleanup_value, ptr); } else if (strcmp(event_name, "broadcasts") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_add_broadcasts_changed_callback(ssb, _tf_ssb_on_broadcasts_changed_callback, _tf_ssb_cleanup_value, ptr); } else if (strcmp(event_name, "message") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_add_message_added_callback(ssb, _tf_ssb_on_message_added_callback, _tf_ssb_cleanup_value, ptr); } else if (strcmp(event_name, "blob_want_added") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_add_blob_want_added_callback(ssb, _tf_ssb_on_blob_want_added_callback, _tf_ssb_cleanup_value, ptr); } } JS_FreeCString(context, event_name); return result; } static JSValue _tf_ssb_remove_event_listener(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* event_name = JS_ToCString(context, argv[0]); JSValue callback = argv[1]; JSValue result = JS_UNDEFINED; if (!event_name) { result = JS_ThrowTypeError(context, "Expected argument 1 to be a string event name."); } else if (!JS_IsFunction(context, callback)) { result = JS_ThrowTypeError(context, "Expected argument 2 to be a function."); } else { if (strcmp(event_name, "connections") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_remove_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, ptr); } else if (strcmp(event_name, "broadcasts") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_remove_broadcasts_changed_callback(ssb, _tf_ssb_on_broadcasts_changed_callback, ptr); } else if (strcmp(event_name, "message") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_remove_message_added_callback(ssb, _tf_ssb_on_message_added_callback, ptr); } else if (strcmp(event_name, "blob_want_added") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_remove_blob_want_added_callback(ssb, _tf_ssb_on_blob_want_added_callback, ptr); } } JS_FreeCString(context, event_name); return result; } static JSValue _tf_ssb_hmacsha256_sign(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); size_t payload_length = 0; const char* payload = JS_ToCStringLen(context, &payload_length, argv[0]); const char* user = JS_ToCString(context, argv[1]); const char* public_key = JS_ToCString(context, argv[2]); uint8_t private_key[crypto_sign_SECRETKEYBYTES]; if (tf_ssb_db_identity_get_private_key(ssb, user, public_key, private_key, sizeof(private_key))) { uint8_t signature[crypto_sign_BYTES]; unsigned long long siglen; if (crypto_sign_detached(signature, &siglen, (const uint8_t*)payload, payload_length, private_key) == 0) { char signature_base64[crypto_sign_BYTES * 2]; tf_base64_encode(signature, sizeof(signature), signature_base64, sizeof(signature_base64)); result = JS_NewString(context, signature_base64); } } else { result = JS_ThrowInternalError(context, "Private key not found."); } JS_FreeCString(context, public_key); JS_FreeCString(context, user); JS_FreeCString(context, payload); return result; } static JSValue _tf_ssb_hmacsha256_verify(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; size_t public_key_length = 0; const char* public_key = JS_ToCStringLen(context, &public_key_length, argv[0]); size_t payload_length = 0; const char* payload = JS_ToCStringLen(context, &payload_length, argv[1]); size_t signature_length = 0; const char* signature = JS_ToCStringLen(context, &signature_length, argv[2]); const char* public_key_start = public_key && *public_key == '@' ? public_key + 1 : public_key; const char* public_key_end = strstr(public_key_start, ".ed25519"); if (!public_key_end) { public_key_end = public_key_start + strlen(public_key_start); } uint8_t bin_public_key[crypto_sign_PUBLICKEYBYTES] = { 0 }; if (tf_base64_decode(public_key_start, public_key_end - public_key_start, bin_public_key, sizeof(bin_public_key)) > 0) { uint8_t bin_signature[crypto_sign_BYTES] = { 0 }; if (tf_base64_decode(signature, signature_length, bin_signature, sizeof(bin_signature)) > 0) { if (crypto_sign_verify_detached(bin_signature, (const uint8_t*)payload, payload_length, bin_public_key) == 0) { result = JS_TRUE; } } } JS_FreeCString(context, signature); JS_FreeCString(context, payload); JS_FreeCString(context, public_key); return result; } static JSValue _tf_ssb_createTunnel(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* portal_id = JS_ToCString(context, argv[0]); const char* target_id = JS_ToCString(context, argv[1]); tf_ssb_connection_t* connection = tf_ssb_connection_get(ssb, portal_id); if (connection) { int32_t request_number = tf_ssb_connection_next_request_number(connection); JSValue message = JS_NewObject(context); JSValue name = JS_NewArray(context); JS_SetPropertyUint32(context, name, 0, JS_NewString(context, "tunnel")); JS_SetPropertyUint32(context, name, 1, JS_NewString(context, "connect")); JS_SetPropertyStr(context, message, "name", name); JSValue arg = JS_NewObject(context); JS_SetPropertyStr(context, arg, "portal", JS_NewString(context, portal_id)); JS_SetPropertyStr(context, arg, "target", JS_NewString(context, target_id)); JSValue args = JS_NewArray(context); JS_SetPropertyUint32(context, args, 0, arg); JS_SetPropertyStr(context, message, "args", args); JS_SetPropertyStr(context, message, "type", JS_NewString(context, "duplex")); tf_ssb_connection_rpc_send_json(connection, k_ssb_rpc_flag_stream, request_number, message, NULL, NULL, NULL); JS_FreeValue(context, message); tf_ssb_connection_tunnel_create(ssb, portal_id, request_number, target_id); result = JS_TRUE; } JS_FreeCString(context, target_id); JS_FreeCString(context, portal_id); return result; } enum { k_max_private_message_recipients = 8 }; static bool _tf_ssb_get_private_key_curve25519(sqlite3* db, const char* user, const char* identity, uint8_t out_private_key[static crypto_sign_SECRETKEYBYTES]) { if (!user || !identity || !out_private_key) { return false; } bool success = false; sqlite3_stmt* statement = NULL; if (sqlite3_prepare(db, "SELECT private_key FROM identities WHERE user = ? AND public_key = ?", -1, &statement, NULL) == SQLITE_OK) { if (sqlite3_bind_text(statement, 1, user, -1, NULL) == SQLITE_OK && sqlite3_bind_text(statement, 2, *identity == '@' ? identity + 1 : identity, -1, NULL) == SQLITE_OK) { while (sqlite3_step(statement) == SQLITE_ROW) { uint8_t key[crypto_sign_SECRETKEYBYTES] = { 0 }; int length = tf_base64_decode( (const char*)sqlite3_column_text(statement, 0), sqlite3_column_bytes(statement, 0) - strlen(".ed25519"), key, sizeof(key)); if (length == crypto_sign_SECRETKEYBYTES) { success = crypto_sign_ed25519_sk_to_curve25519(out_private_key, key) == 0; } } } sqlite3_finalize(statement); } return success; } static JSValue _tf_ssb_private_message_encrypt(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; int recipient_count = tf_util_get_length(context, argv[2]); if (recipient_count < 1 || recipient_count > k_max_private_message_recipients) { return JS_ThrowRangeError(context, "Number of recipients must be between 1 and %d.", k_max_private_message_recipients); } const char* signer_user = JS_ToCString(context, argv[0]); const char* signer_identity = JS_ToCString(context, argv[1]); uint8_t recipients[k_max_private_message_recipients][crypto_scalarmult_curve25519_SCALARBYTES]; size_t message_size = 0; const char* message = JS_ToCStringLen(context, &message_size, argv[3]); for (int i = 0; i < recipient_count && JS_IsUndefined(result); i++) { JSValue recipient = JS_GetPropertyUint32(context, argv[2], i); const char* id = JS_ToCString(context, recipient); if (id) { const char* type = strstr(id, ".ed25519"); const char* id_start = *id == '@' ? id + 1 : id; uint8_t key[crypto_box_PUBLICKEYBYTES] = { 0 }; if (tf_base64_decode(id_start, type ? (size_t)(type - id_start) : strlen(id_start), key, sizeof(key)) != sizeof(key)) { result = JS_ThrowInternalError(context, "Invalid recipient: %s.\n", id); } else if (crypto_sign_ed25519_pk_to_curve25519(recipients[i], key) != 0) { result = JS_ThrowInternalError(context, "Failed to convert recipient ID.\n"); } JS_FreeCString(context, id); } JS_FreeValue(context, recipient); } if (JS_IsUndefined(result)) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); sqlite3* db = tf_ssb_get_db(ssb); uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 }; if (_tf_ssb_get_private_key_curve25519(db, signer_user, signer_identity, private_key)) { uint8_t public_key[crypto_box_PUBLICKEYBYTES] = { 0 }; uint8_t secret_key[crypto_box_SECRETKEYBYTES] = { 0 }; uint8_t nonce[crypto_box_NONCEBYTES] = { 0 }; uint8_t body_key[crypto_box_SECRETKEYBYTES] = { 0 }; crypto_box_keypair(public_key, secret_key); randombytes_buf(nonce, sizeof(nonce)); randombytes_buf(body_key, sizeof(body_key)); uint8_t length_and_key[1 + sizeof(body_key)]; length_and_key[0] = (uint8_t)recipient_count; memcpy(length_and_key + 1, body_key, sizeof(body_key)); size_t payload_size = sizeof(nonce) + sizeof(public_key) + (crypto_secretbox_MACBYTES + sizeof(length_and_key)) * recipient_count + crypto_secretbox_MACBYTES + message_size; uint8_t* payload = tf_malloc(payload_size); uint8_t* p = payload; memcpy(p, nonce, sizeof(nonce)); p += sizeof(nonce); memcpy(p, public_key, sizeof(public_key)); p += sizeof(public_key); for (int i = 0; i < recipient_count && JS_IsUndefined(result); i++) { uint8_t shared_secret[crypto_secretbox_KEYBYTES] = { 0 }; if (crypto_scalarmult(shared_secret, secret_key, recipients[i]) == 0) { if (crypto_secretbox_easy(p, length_and_key, sizeof(length_and_key), nonce, shared_secret) != 0) { result = JS_ThrowInternalError(context, "crypto_secretbox_easy failed"); } else { p += crypto_secretbox_MACBYTES + sizeof(length_and_key); } } else { result = JS_ThrowInternalError(context, "crypto_scalarmult failed"); } } if (JS_IsUndefined(result)) { if (crypto_secretbox_easy(p, (const uint8_t*)message, message_size, nonce, body_key) != 0) { result = JS_ThrowInternalError(context, "crypto_secretbox_easy failed for the message.\n"); } else { p += crypto_secretbox_MACBYTES + message_size; assert((size_t)(p - payload) == payload_size); char* encoded = tf_malloc(payload_size * 2 + 5); size_t encoded_length = tf_base64_encode(payload, payload_size, encoded, payload_size * 2 + 5); memcpy(encoded + encoded_length, ".box", 5); encoded_length += 4; result = JS_NewStringLen(context, encoded, encoded_length); tf_free(encoded); } } tf_free(payload); } else { result = JS_ThrowInternalError(context, "Unable to get key for ID %s of user %s.", signer_identity, signer_user); } } JS_FreeCString(context, signer_user); JS_FreeCString(context, signer_identity); JS_FreeCString(context, message); return result; } static JSValue _tf_ssb_private_message_decrypt(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; const char* user = JS_ToCString(context, argv[0]); const char* identity = JS_ToCString(context, argv[1]); size_t message_size = 0; const char* message = JS_ToCStringLen(context, &message_size, argv[2]); uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 }; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); sqlite3* db = tf_ssb_get_db(ssb); if (_tf_ssb_get_private_key_curve25519(db, user, identity, private_key)) { uint8_t* decoded = tf_malloc(message_size); int decoded_length = tf_base64_decode(message, message_size - strlen(".box"), decoded, message_size); uint8_t* nonce = decoded; uint8_t* public_key = decoded + crypto_box_NONCEBYTES; if (public_key + crypto_secretbox_KEYBYTES < decoded + decoded_length) { uint8_t shared_secret[crypto_secretbox_KEYBYTES] = { 0 }; if (crypto_scalarmult(shared_secret, private_key, public_key) == 0) { enum { k_recipient_header_bytes = crypto_secretbox_MACBYTES + sizeof(uint8_t) + crypto_secretbox_KEYBYTES }; for (uint8_t* p = decoded + crypto_box_NONCEBYTES + crypto_secretbox_KEYBYTES; p <= decoded + decoded_length - k_recipient_header_bytes; p += k_recipient_header_bytes) { uint8_t out[k_recipient_header_bytes] = { 0 }; int opened = crypto_secretbox_open_easy(out, p, k_recipient_header_bytes, nonce, shared_secret); if (opened != -1) { int recipients = (int)out[0]; uint8_t* body = decoded + crypto_box_NONCEBYTES + crypto_secretbox_KEYBYTES + k_recipient_header_bytes * recipients; size_t body_size = decoded + decoded_length - body; uint8_t* decrypted = tf_malloc(body_size); uint8_t* key = out + 1; if (crypto_secretbox_open_easy(decrypted, body, body_size, nonce, key) != -1) { result = JS_NewStringLen(context, (const char*)decrypted, body_size - crypto_secretbox_MACBYTES); } else { result = JS_ThrowInternalError(context, "Received key to open secret box containing message body, but it did not work."); } tf_free(decrypted); } } } else { result = JS_ThrowInternalError(context, "crypto_scalarmult failed."); } } else { result = JS_ThrowInternalError(context, "Encrypted message was not long enough to contains its one-time public key."); } tf_free(decoded); } else { result = JS_ThrowInternalError(context, "Private key not found for user %s with id %s.", user, identity); } JS_FreeCString(context, user); JS_FreeCString(context, identity); JS_FreeCString(context, message); return result; } void tf_ssb_register(JSContext* context, tf_ssb_t* ssb) { JS_NewClassID(&_tf_ssb_classId); JSClassDef def = { .class_name = "ssb", }; if (JS_NewClass(JS_GetRuntime(context), _tf_ssb_classId, &def) != 0) { fprintf(stderr, "Failed to register ssb.\n"); } JSValue global = JS_GetGlobalObject(context); JSValue object = JS_NewObjectClass(context, _tf_ssb_classId); JS_SetPropertyStr(context, global, "ssb", object); JS_SetOpaque(object, ssb); /* Requires an identity. */ JS_SetPropertyStr(context, object, "createIdentity", JS_NewCFunction(context, _tf_ssb_createIdentity, "createIdentity", 1)); JS_SetPropertyStr(context, object, "getIdentities", JS_NewCFunction(context, _tf_ssb_getIdentities, "getIdentities", 1)); JS_SetPropertyStr(context, object, "appendMessageWithIdentity", JS_NewCFunction(context, _tf_ssb_appendMessageWithIdentity, "appendMessageWithIdentity", 3)); JS_SetPropertyStr(context, object, "hmacsha256sign", JS_NewCFunction(context, _tf_ssb_hmacsha256_sign, "hmacsha256sign", 3)); JS_SetPropertyStr(context, object, "hmacsha256verify", JS_NewCFunction(context, _tf_ssb_hmacsha256_verify, "hmacsha256verify", 3)); JS_SetPropertyStr(context, object, "privateMessageEncrypt", JS_NewCFunction(context, _tf_ssb_private_message_encrypt, "privateMessageEncrypt", 4)); JS_SetPropertyStr(context, object, "privateMessageDecrypt", JS_NewCFunction(context, _tf_ssb_private_message_decrypt, "privateMessageDecrypt", 3)); /* Does not require an identity. */ JS_SetPropertyStr(context, object, "getAllIdentities", JS_NewCFunction(context, _tf_ssb_getAllIdentities, "getAllIdentities", 0)); JS_SetPropertyStr(context, object, "getMessage", JS_NewCFunction(context, _tf_ssb_getMessage, "getMessage", 2)); JS_SetPropertyStr(context, object, "blobGet", JS_NewCFunction(context, _tf_ssb_blobGet, "blobGet", 1)); JS_SetPropertyStr(context, object, "blobStore", JS_NewCFunction(context, _tf_ssb_blobStore, "blobStore", 2)); JS_SetPropertyStr(context, object, "messageContentGet", JS_NewCFunction(context, _tf_ssb_messageContentGet, "messageContentGet", 1)); JS_SetPropertyStr(context, object, "connections", JS_NewCFunction(context, _tf_ssb_connections, "connections", 0)); JS_SetPropertyStr(context, object, "storedConnections", JS_NewCFunction(context, _tf_ssb_storedConnections, "storedConnections", 0)); JS_SetPropertyStr(context, object, "getConnection", JS_NewCFunction(context, _tf_ssb_getConnection, "getConnection", 1)); JS_SetPropertyStr(context, object, "closeConnection", JS_NewCFunction(context, _tf_ssb_closeConnection, "closeConnection", 1)); JS_SetPropertyStr(context, object, "forgetStoredConnection", JS_NewCFunction(context, _tf_ssb_forgetStoredConnection, "forgetStoredConnection", 1)); JS_SetPropertyStr(context, object, "sqlAsync", JS_NewCFunction(context, _tf_ssb_sqlAsync, "sqlAsync", 3)); JS_SetPropertyStr(context, object, "storeMessage", JS_NewCFunction(context, _tf_ssb_storeMessage, "storeMessage", 1)); JS_SetPropertyStr(context, object, "getBroadcasts", JS_NewCFunction(context, _tf_ssb_getBroadcasts, "getBroadcasts", 0)); JS_SetPropertyStr(context, object, "connect", JS_NewCFunction(context, _tf_ssb_connect, "connect", 1)); JS_SetPropertyStr(context, object, "createTunnel", JS_NewCFunction(context, _tf_ssb_createTunnel, "createTunnel", 3)); /* Should be trusted only. */ JS_SetPropertyStr(context, object, "addEventListener", JS_NewCFunction(context, _tf_ssb_add_event_listener, "addEventListener", 2)); JS_SetPropertyStr(context, object, "removeEventListener", JS_NewCFunction(context, _tf_ssb_remove_event_listener, "removeEventListener", 2)); JS_FreeValue(context, global); }