#include "ssb.js.h" #include "log.h" #include "mem.h" #include "ssb.db.h" #include "ssb.h" #include "trace.h" #include "util.js.h" #include "sodium/crypto_box.h" #include "sodium/crypto_scalarmult.h" #include "sodium/crypto_scalarmult_curve25519.h" #include "sodium/crypto_secretbox.h" #include "sodium/crypto_sign.h" #include "sodium/randombytes.h" #include "string.h" #include "sqlite3.h" #include "uv.h" #include #include #if !defined(_countof) #define _countof(a) ((int)(sizeof((a)) / sizeof(*(a)))) #endif static const int k_sql_async_timeout_ms = 60 * 1000; static JSClassID _tf_ssb_classId; void _tf_ssb_on_rpc(tf_ssb_connection_t* connection, uint8_t flags, int32_t request_number, JSValue args, const uint8_t* message, size_t size, void* user_data); static JSValue _tf_ssb_appendMessageWithIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv); static JSValue _tf_ssb_createIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); JSValue result = JS_UNDEFINED; if (ssb) { const char* user = JS_ToCString(context, argv[0]); int count = tf_ssb_db_identity_get_count_for_user(ssb, user); if (count < 16) { char public[512]; char private[512]; tf_ssb_generate_keys_buffer(public, sizeof(public), private, sizeof(private)); if (tf_ssb_db_identity_add(ssb, user, public, private)) { char id[513]; snprintf(id, sizeof(id), "@%s", public); result = JS_NewString(context, id); } else { result = JS_ThrowInternalError(context, "Unable to add identity."); } } else { result = JS_ThrowInternalError(context, "Too many identities for user."); } JS_FreeCString(context, user); } return result; } static JSValue _set_server_following_internal(tf_ssb_t* ssb, JSValueConst this_val, JSValue id, JSValue following) { JSContext* context = tf_ssb_get_context(ssb); JSValue message = JS_NewObject(context); JSValue server_user = JS_NewString(context, ":admin"); char server_id_buffer[k_id_base64_len] = { 0 }; tf_ssb_whoami(ssb, server_id_buffer, sizeof(server_id_buffer)); JSValue server_id = JS_NewString(context, server_id_buffer); JS_SetPropertyStr(context, message, "type", JS_NewString(context, "contact")); JS_SetPropertyStr(context, message, "contact", JS_DupValue(context, id)); JS_SetPropertyStr(context, message, "following", JS_DupValue(context, following)); JSValue args[] = { server_user, server_id, message, }; JSValue result = _tf_ssb_appendMessageWithIdentity(context, this_val, _countof(args), args); JS_FreeValue(context, server_id); JS_FreeValue(context, server_user); JS_FreeValue(context, message); return result; } static JSValue _tf_ssb_set_server_following_me(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); JSValue result = JS_UNDEFINED; if (ssb) { char server_id[k_id_base64_len]; tf_ssb_whoami(ssb, server_id, sizeof(server_id)); const char* user = JS_ToCString(context, argv[0]); const char* key = JS_ToCString(context, argv[1]); if (!tf_ssb_db_identity_get_private_key(ssb, user, key, NULL, 0)) { result = JS_ThrowInternalError(context, "User %s does not own key %s.", user, key); } else { const char* server_id_ptr = server_id; const char** current_following = tf_ssb_db_following_deep(ssb, &server_id_ptr, 1, 1); bool is_following = false; for (const char** it = current_following; *it; it++) { if (strcmp(key, *it) == 0) { is_following = true; break; } } tf_free(current_following); bool want_following = JS_ToBool(context, argv[2]); if ((want_following && !is_following) || (!want_following && is_following)) { result = _set_server_following_internal(ssb, this_val, argv[1], argv[2]); } } JS_FreeCString(context, key); JS_FreeCString(context, user); } return result; } typedef struct _identities_visit_t { JSContext* context; JSValue array; int count; } identities_visit_t; static void _tf_ssb_getIdentities_visit(const char* identity, void* data) { identities_visit_t* state = data; char id[k_id_base64_len]; snprintf(id, sizeof(id), "@%s", identity); JS_SetPropertyUint32(state->context, state->array, state->count++, JS_NewString(state->context, id)); } static JSValue _tf_ssb_getIdentities(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NewArray(context); tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { const char* user = JS_ToCString(context, argv[0]); identities_visit_t state = { .context = context, .array = result, }; tf_ssb_db_identity_visit(ssb, user, _tf_ssb_getIdentities_visit, &state); JS_FreeCString(context, user); } return result; } static JSValue _tf_ssb_getServerIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NewArray(context); tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { char id[k_id_base64_len] = { 0 }; if (tf_ssb_whoami(ssb, id, sizeof(id))) { result = JS_NewString(context, id); } } return result; } static JSValue _tf_ssb_getAllIdentities(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NewArray(context); tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { identities_visit_t state = { .context = context, .array = result, }; tf_ssb_db_identity_visit_all(ssb, _tf_ssb_getIdentities_visit, &state); } return result; } typedef struct _append_message_t { JSContext* context; JSValue promise[2]; } append_message_t; static void _tf_ssb_appendMessage_finish(append_message_t* async, bool success, JSValue result) { JSValue error = JS_Call(async->context, success ? async->promise[0] : async->promise[1], JS_UNDEFINED, 1, &result); tf_util_report_error(async->context, error); JS_FreeValue(async->context, error); JS_FreeValue(async->context, async->promise[0]); JS_FreeValue(async->context, async->promise[1]); tf_free(async); } static void _tf_ssb_appendMessageWithIdentity_callback(const char* id, bool verified, bool is_new, void* user_data) { append_message_t* async = user_data; JSValue result = JS_UNDEFINED; if (verified) { result = is_new ? JS_TRUE : JS_FALSE; } _tf_ssb_appendMessage_finish(async, verified, result); } static JSValue _tf_ssb_appendMessageWithIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { append_message_t* async = tf_malloc(sizeof(append_message_t)); *async = (append_message_t) { .context = context }; JSValue result = JS_NewPromiseCapability(context, async->promise); tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { const char* user = JS_ToCString(context, argv[0]); const char* id = JS_ToCString(context, argv[1]); uint8_t private_key[crypto_sign_SECRETKEYBYTES]; if (tf_ssb_db_identity_get_private_key(ssb, user, id, private_key, sizeof(private_key))) { tf_ssb_verify_strip_and_store_message(ssb, tf_ssb_sign_message(ssb, id, private_key, argv[2]), _tf_ssb_appendMessageWithIdentity_callback, async); } else { _tf_ssb_appendMessage_finish(async, false, JS_ThrowInternalError(context, "Unable to get private key for user %s with identity %s.", user, id)); } JS_FreeCString(context, id); JS_FreeCString(context, user); } else { _tf_ssb_appendMessage_finish(async, false, JS_ThrowInternalError(context, "No SSB instance.")); } return result; } static JSValue _tf_ssb_getMessage(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NULL; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { const char* id = JS_ToCString(context, argv[0]); int64_t sequence = 0; JS_ToInt64(context, &sequence, argv[1]); double timestamp = -1.0; char* contents = NULL; if (tf_ssb_db_get_message_by_author_and_sequence(ssb, id, sequence, NULL, 0, ×tamp, &contents)) { result = JS_NewObject(context); JS_SetPropertyStr(context, result, "timestamp", JS_NewFloat64(context, timestamp)); JS_SetPropertyStr(context, result, "content", JS_NewString(context, contents)); tf_free(contents); } JS_FreeCString(context, id); } return result; } static JSValue _tf_ssb_blobGet(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NULL; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { const char* id = JS_ToCString(context, argv[0]); uint8_t* blob = NULL; size_t size = 0; if (tf_ssb_db_blob_get(ssb, id, &blob, &size)) { result = JS_NewArrayBufferCopy(context, blob, size); tf_free(blob); } JS_FreeCString(context, id); } return result; } typedef struct _blob_store_t { JSContext* context; JSValue promise[2]; uint8_t* buffer; } blob_store_t; void _tf_ssb_blob_store_complete(blob_store_t* store, const char* id) { JSValue result = JS_UNDEFINED; if (id) { JSValue id_value = JS_NewString(store->context, id); JS_Call(store->context, store->promise[0], JS_UNDEFINED, 1, &id_value); } else { JS_Call(store->context, store->promise[1], JS_UNDEFINED, 0, NULL); } tf_util_report_error(store->context, result); JS_FreeValue(store->context, result); JS_FreeValue(store->context, store->promise[0]); JS_FreeValue(store->context, store->promise[1]); tf_free(store->buffer); tf_free(store); } void _tf_ssb_blob_store_callback(const char* id, bool is_new, void* user_data) { blob_store_t* store = user_data; _tf_ssb_blob_store_complete(store, id); } static JSValue _tf_ssb_blobStore(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { blob_store_t* store = tf_malloc(sizeof(blob_store_t)); *store = (blob_store_t) { .context = context }; JSValue result = JS_NewPromiseCapability(context, store->promise); tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { uint8_t* blob = NULL; size_t size = 0; if (JS_IsString(argv[0])) { const char* text = JS_ToCStringLen(context, &size, argv[0]); store->buffer = tf_malloc(size); memcpy(store->buffer, text, size); tf_ssb_db_blob_store_async(ssb, store->buffer, size, _tf_ssb_blob_store_callback, store); JS_FreeCString(context, text); } else if ((blob = tf_util_try_get_array_buffer(context, &size, argv[0])) != 0) { store->buffer = tf_malloc(size); memcpy(store->buffer, blob, size); tf_ssb_db_blob_store_async(ssb, store->buffer, size, _tf_ssb_blob_store_callback, store); } else { size_t offset; size_t element_size; JSValue buffer = tf_util_try_get_typed_array_buffer(context, argv[0], &offset, &size, &element_size); if (!JS_IsException(buffer)) { blob = tf_util_try_get_array_buffer(context, &size, buffer); if (blob) { store->buffer = tf_malloc(size); memcpy(store->buffer, blob, size); tf_ssb_db_blob_store_async(ssb, store->buffer, size, _tf_ssb_blob_store_callback, store); } else { _tf_ssb_blob_store_complete(store, NULL); } } else { _tf_ssb_blob_store_complete(store, NULL); } JS_FreeValue(context, buffer); } } return result; } static JSValue _tf_ssb_messageContentGet(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NULL; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { const char* id = JS_ToCString(context, argv[0]); uint8_t* blob = NULL; size_t size = 0; if (tf_ssb_db_message_content_get(ssb, id, &blob, &size)) { result = JS_NewArrayBufferCopy(context, blob, size); tf_free(blob); } JS_FreeCString(context, id); } return result; } static JSValue _tf_ssb_connections(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NULL; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { tf_ssb_connection_t* connections[32]; int count = tf_ssb_get_connections(ssb, connections, _countof(connections)); result = JS_NewArray(context); for (int i = 0; i < count; i++) { char id[k_id_base64_len] = { 0 }; tf_ssb_connection_t* connection = connections[i]; JSValue object = JS_NewObject(context); tf_ssb_connection_get_id(connection, id, sizeof(id)); JS_SetPropertyStr(context, object, "id", JS_NewString(context, id)); JS_SetPropertyStr(context, object, "host", JS_NewString(context, tf_ssb_connection_get_host(connection))); JS_SetPropertyStr(context, object, "port", JS_NewInt32(context, tf_ssb_connection_get_port(connection))); tf_ssb_connection_t* tunnel = tf_ssb_connection_get_tunnel(connection); if (tunnel) { int tunnel_index = -1; for (int j = 0; j < count; j++) { if (connections[j] == tunnel) { tunnel_index = j; break; } } JS_SetPropertyStr(context, object, "tunnel", JS_NewInt32(context, tunnel_index)); } JS_SetPropertyUint32(context, result, i, object); } } return result; } static JSValue _tf_ssb_storedConnections(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_NULL; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { int count = 0; tf_ssb_db_stored_connection_t* connections = tf_ssb_db_get_stored_connections(ssb, &count); result = JS_NewArray(context); for (int i = 0; i < count; i++) { JSValue connection = JS_NewObject(context); JS_SetPropertyStr(context, connection, "address", JS_NewString(context, connections[i].address)); JS_SetPropertyStr(context, connection, "port", JS_NewInt32(context, connections[i].port)); JS_SetPropertyStr(context, connection, "pubkey", JS_NewString(context, connections[i].pubkey)); JS_SetPropertyUint32(context, result, i, connection); } tf_free(connections); } return result; } static JSValue _tf_ssb_getConnection(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* id = JS_ToCString(context, argv[0]); tf_ssb_connection_t* connection = tf_ssb_connection_get(ssb, id); JS_FreeCString(context, id); return JS_DupValue(context, tf_ssb_connection_get_object(connection)); } static JSValue _tf_ssb_closeConnection(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* id = JS_ToCString(context, argv[0]); tf_ssb_connection_t* connection = tf_ssb_connection_get(ssb, id); if (connection) { tf_ssb_connection_close(connection); } JS_FreeCString(context, id); return connection ? JS_TRUE : JS_FALSE; } typedef struct _sql_work_t { uv_work_t request; uv_async_t async; uv_timer_t timeout; tf_ssb_t* ssb; sqlite3* db; uv_mutex_t lock; const char* query; uint8_t* binds; size_t binds_count; uint8_t* rows; size_t rows_count; JSValue callback; JSValue promise[2]; int result; char* error; } sql_work_t; static void _tf_ssb_sql_append(uint8_t** rows, size_t* rows_count, const void* data, size_t size) { *rows = tf_resize_vec(*rows, *rows_count + size); memcpy(*rows + *rows_count, data, size); *rows_count += size; } static void _tf_ssb_sqlAsync_work(uv_work_t* work) { sql_work_t* sql_work = work->data; tf_ssb_record_thread_busy(sql_work->ssb, true); tf_trace_t* trace = tf_ssb_get_trace(sql_work->ssb); tf_trace_begin(trace, "sql_async_work"); sqlite3* db = tf_ssb_acquire_db_reader_restricted(sql_work->ssb); uv_mutex_lock(&sql_work->lock); sql_work->db = db; uv_mutex_unlock(&sql_work->lock); uv_async_send(&sql_work->async); sqlite3_stmt* statement = NULL; sql_work->result = sqlite3_prepare(db, sql_work->query, -1, &statement, NULL); if (sql_work->result == SQLITE_OK) { const uint8_t* p = sql_work->binds; int column = 0; while (p < sql_work->binds + sql_work->binds_count) { switch (*p++) { case SQLITE_INTEGER: { int64_t value = 0; memcpy(&value, p, sizeof(value)); sqlite3_bind_int64(statement, column + 1, value); p += sizeof(value); } break; case SQLITE_TEXT: { size_t length = 0; memcpy(&length, p, sizeof(length)); p += sizeof(length); sqlite3_bind_text(statement, column + 1, (const char*)p, length, NULL); p += length; } break; case SQLITE_NULL: sqlite3_bind_null(statement, column + 1); break; default: abort(); } column++; } int r = SQLITE_OK; while ((r = sqlite3_step(statement)) == SQLITE_ROW) { _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &(uint8_t[]) { 'r' }, 1); for (int i = 0; i < sqlite3_column_count(statement); i++) { _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &(uint8_t[]) { 'c' }, 1); const char* name = sqlite3_column_name(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, name, strlen(name) + 1); uint8_t type = sqlite3_column_type(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &type, sizeof(type)); switch (type) { case SQLITE_INTEGER: { int64_t value = sqlite3_column_int64(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &value, sizeof(value)); } break; case SQLITE_FLOAT: { double value = sqlite3_column_double(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &value, sizeof(value)); } break; case SQLITE_TEXT: { size_t bytes = sqlite3_column_bytes(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &bytes, sizeof(bytes)); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, sqlite3_column_text(statement, i), bytes); } break; case SQLITE_BLOB: { size_t bytes = sqlite3_column_bytes(statement, i); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &bytes, sizeof(bytes)); _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, sqlite3_column_blob(statement, i), bytes); } break; case SQLITE_NULL: break; default: abort(); } } } sql_work->result = r; if (r != SQLITE_OK && r != SQLITE_DONE) { if (sqlite3_is_interrupted(db)) { sql_work->error = tf_strdup("Timed out"); } else { sql_work->error = tf_strdup(sqlite3_errmsg(db)); } } _tf_ssb_sql_append(&sql_work->rows, &sql_work->rows_count, &(uint8_t[]) { 0 }, 1); sqlite3_finalize(statement); } else { sql_work->error = tf_strdup(sqlite3_errmsg(db)); } uv_mutex_lock(&sql_work->lock); sql_work->db = NULL; uv_mutex_unlock(&sql_work->lock); tf_ssb_release_db_reader(sql_work->ssb, db); tf_ssb_record_thread_busy(sql_work->ssb, false); tf_trace_end(trace); } static void _tf_ssb_sqlAsync_handle_close(uv_handle_t* handle) { sql_work_t* work = handle->data; handle->data = NULL; if (!work->async.data && !work->timeout.data) { tf_free(work); } } static void _tf_ssb_sqlAsync_destroy(sql_work_t* work) { tf_free(work->binds); tf_free(work->error); if (work->rows) { tf_free(work->rows); } uv_mutex_destroy(&work->lock); uv_close((uv_handle_t*)&work->timeout, _tf_ssb_sqlAsync_handle_close); uv_close((uv_handle_t*)&work->async, _tf_ssb_sqlAsync_handle_close); } static void _tf_ssb_sqlAsync_after_work(uv_work_t* work, int status) { sql_work_t* sql_work = work->data; tf_trace_t* trace = tf_ssb_get_trace(sql_work->ssb); tf_trace_begin(trace, "sql_async_after_work"); JSContext* context = tf_ssb_get_context(sql_work->ssb); uint8_t* p = sql_work->rows; while (p < sql_work->rows + sql_work->rows_count) { if (*p++ == 'r') { JSValue row = JS_NewObject(context); while (*p == 'c') { p++; const char* column_name = (const char*)p; size_t length = strlen((char*)p); p += length + 1; switch (*p++) { case SQLITE_INTEGER: { int64_t value = 0; memcpy(&value, p, sizeof(value)); JS_SetPropertyStr(context, row, column_name, JS_NewInt64(context, value)); p += sizeof(value); } break; case SQLITE_FLOAT: { double value = 0.0; memcpy(&value, p, sizeof(value)); JS_SetPropertyStr(context, row, column_name, JS_NewFloat64(context, value)); p += sizeof(value); } break; case SQLITE_TEXT: case SQLITE_BLOB: { size_t length = 0; memcpy(&length, p, sizeof(length)); p += sizeof(length); JS_SetPropertyStr(context, row, column_name, JS_NewStringLen(context, (const char*)p, length)); p += length; } break; case SQLITE_NULL: JS_SetPropertyStr(context, row, column_name, JS_NULL); break; } } JSValue response = JS_Call(context, sql_work->callback, JS_UNDEFINED, 1, &row); bool is_error = tf_util_report_error(context, response); JS_FreeValue(context, response); JS_FreeValue(context, row); if (is_error) { break; } } else { break; } } JSValue result = JS_UNDEFINED; if (sql_work->result == SQLITE_OK || sql_work->result == SQLITE_DONE) { result = JS_Call(context, sql_work->promise[0], JS_UNDEFINED, 0, NULL); tf_util_report_error(context, result); } else { JSValue error = JS_ThrowInternalError(context, "SQL Error %s: %s", sql_work->error, sql_work->query); JSValue exception = JS_GetException(context); result = JS_Call(context, sql_work->promise[1], JS_UNDEFINED, 1, &exception); tf_util_report_error(context, result); JS_FreeValue(context, exception); JS_FreeValue(context, error); } JS_FreeValue(context, result); JS_FreeValue(context, sql_work->promise[0]); JS_FreeValue(context, sql_work->promise[1]); JS_FreeValue(context, sql_work->callback); _tf_ssb_sqlAsync_destroy(sql_work); tf_trace_end(trace); } static void _tf_ssb_sqlAsync_timeout(uv_timer_t* timer) { sql_work_t* work = timer->data; uv_mutex_lock(&work->lock); if (work->db) { sqlite3_interrupt(work->db); } uv_mutex_unlock(&work->lock); } static void _tf_ssb_sqlAsync_start_timer(uv_async_t* async) { sql_work_t* work = async->data; uv_timer_start(&work->timeout, _tf_ssb_sqlAsync_timeout, k_sql_async_timeout_ms, 0); } static JSValue _tf_ssb_sqlAsync(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* query = JS_ToCString(context, argv[0]); sql_work_t* work = tf_malloc(sizeof(sql_work_t)); *work = (sql_work_t) { .request = { .data = work, }, .async = { .data = work, }, .timeout = { .data = work, }, .ssb = ssb, .callback = JS_DupValue(context, argv[2]), .query = query, }; uv_mutex_init(&work->lock); uv_async_init(tf_ssb_get_loop(ssb), &work->async, _tf_ssb_sqlAsync_start_timer); uv_timer_init(tf_ssb_get_loop(ssb), &work->timeout); JSValue result = JS_NewPromiseCapability(context, work->promise); JSValue error_value = JS_UNDEFINED; if (ssb) { int32_t length = tf_util_get_length(context, argv[1]); for (int i = 0; i < length; i++) { JSValue value = JS_GetPropertyUint32(context, argv[1], i); if (JS_IsNumber(value)) { uint8_t type = SQLITE_INTEGER; int64_t number = 0; JS_ToInt64(context, &number, value); _tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type)); _tf_ssb_sql_append(&work->binds, &work->binds_count, &number, sizeof(number)); } else if (JS_IsBool(value)) { uint8_t type = SQLITE_INTEGER; int64_t number = JS_ToBool(context, value) ? 1 : 0; _tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type)); _tf_ssb_sql_append(&work->binds, &work->binds_count, &number, sizeof(number)); } else if (JS_IsNull(value)) { uint8_t type = SQLITE_NULL; _tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type)); } else { uint8_t type = SQLITE_TEXT; size_t length = 0; const char* string = JS_ToCStringLen(context, &length, value); if (!string) { string = ""; } _tf_ssb_sql_append(&work->binds, &work->binds_count, &type, sizeof(type)); _tf_ssb_sql_append(&work->binds, &work->binds_count, &length, sizeof(length)); _tf_ssb_sql_append(&work->binds, &work->binds_count, string, length); JS_FreeCString(context, string); } JS_FreeValue(context, value); } int r = uv_queue_work(tf_ssb_get_loop(ssb), &work->request, _tf_ssb_sqlAsync_work, _tf_ssb_sqlAsync_after_work); if (r) { error_value = JS_ThrowInternalError(context, "uv_queue_work failed: %s", uv_strerror(r)); } } if (!JS_IsUndefined(error_value)) { JSValue call_result = JS_Call(context, work->promise[1], JS_UNDEFINED, 1, &error_value); tf_util_report_error(context, call_result); JS_FreeValue(context, call_result); JS_FreeValue(context, error_value); JS_FreeCString(context, query); JS_FreeValue(context, work->promise[0]); JS_FreeValue(context, work->promise[1]); JS_FreeValue(context, work->callback); _tf_ssb_sqlAsync_destroy(work); } return result; } typedef struct _message_store_t { JSContext* context; JSValue promise[2]; } message_store_t; void _tf_ssb_message_store_callback(const char* id, bool verified, bool is_new, void* user_data) { message_store_t* store = user_data; JSValue result = JS_Call(store->context, id ? store->promise[0] : store->promise[1], JS_UNDEFINED, 0, NULL); tf_util_report_error(store->context, result); JS_FreeValue(store->context, result); JS_FreeValue(store->context, store->promise[0]); JS_FreeValue(store->context, store->promise[1]); tf_free(store); } static JSValue _tf_ssb_storeMessage(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); message_store_t* store = tf_malloc(sizeof(message_store_t)); *store = (message_store_t) { .context = context }; JSValue result = JS_NewPromiseCapability(context, store->promise); tf_ssb_verify_strip_and_store_message(ssb, argv[0], _tf_ssb_message_store_callback, store); return result; } typedef struct _broadcasts_t { JSContext* context; JSValue array; int length; } broadcasts_t; static void _tf_ssb_broadcasts_visit(const char* host, const struct sockaddr_in* addr, tf_ssb_connection_t* tunnel, const uint8_t* pub, void* user_data) { broadcasts_t* broadcasts = user_data; JSValue entry = JS_NewObject(broadcasts->context); char pubkey[k_id_base64_len]; tf_ssb_id_bin_to_str(pubkey, sizeof(pubkey), pub); if (tunnel) { JS_SetPropertyStr(broadcasts->context, entry, "tunnel", JS_DupValue(broadcasts->context, tf_ssb_connection_get_object(tunnel))); } else { JS_SetPropertyStr(broadcasts->context, entry, "address", JS_NewString(broadcasts->context, host)); JS_SetPropertyStr(broadcasts->context, entry, "port", JS_NewInt32(broadcasts->context, ntohs(addr->sin_port))); } JS_SetPropertyStr(broadcasts->context, entry, "pubkey", JS_NewString(broadcasts->context, pubkey)); JS_SetPropertyUint32(broadcasts->context, broadcasts->array, broadcasts->length++, entry); } static JSValue _tf_ssb_getBroadcasts(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { result = JS_NewArray(context); broadcasts_t broadcasts = { .context = context, .array = result, .length = 0, }; tf_ssb_visit_broadcasts(ssb, _tf_ssb_broadcasts_visit, &broadcasts); } return result; } static JSValue _tf_ssb_connect(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue args = argv[0]; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { if (JS_IsString(args)) { const char* address_str = JS_ToCString(context, args); tf_printf("Connecting to %s\n", address_str); tf_ssb_connect_str(ssb, address_str); JS_FreeCString(context, address_str); } else { JSValue address = JS_GetPropertyStr(context, args, "address"); JSValue port = JS_GetPropertyStr(context, args, "port"); JSValue pubkey = JS_GetPropertyStr(context, args, "pubkey"); const char* address_str = JS_ToCString(context, address); int32_t port_int = 0; JS_ToInt32(context, &port_int, port); const char* pubkey_str = JS_ToCString(context, pubkey); if (pubkey_str) { tf_printf("Connecting to %s:%d\n", address_str, port_int); uint8_t pubkey_bin[k_id_bin_len]; tf_ssb_id_str_to_bin(pubkey_bin, pubkey_str); tf_ssb_connect(ssb, address_str, port_int, pubkey_bin); } else { tf_printf("Not connecting to null.\n"); } JS_FreeCString(context, pubkey_str); JS_FreeCString(context, address_str); JS_FreeValue(context, address); JS_FreeValue(context, port); JS_FreeValue(context, pubkey); } } return JS_UNDEFINED; } static JSValue _tf_ssb_forgetStoredConnection(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue args = argv[0]; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); if (ssb) { JSValue address = JS_GetPropertyStr(context, args, "address"); JSValue port = JS_GetPropertyStr(context, args, "port"); JSValue pubkey = JS_GetPropertyStr(context, args, "pubkey"); const char* address_str = JS_ToCString(context, address); int32_t port_int = 0; JS_ToInt32(context, &port_int, port); const char* pubkey_str = JS_ToCString(context, pubkey); if (pubkey_str) { tf_ssb_db_forget_stored_connection(ssb, address_str, port_int, pubkey_str); } JS_FreeCString(context, pubkey_str); JS_FreeCString(context, address_str); JS_FreeValue(context, address); JS_FreeValue(context, port); JS_FreeValue(context, pubkey); } return JS_UNDEFINED; } static void _tf_ssb_cleanup_value(tf_ssb_t* ssb, void* user_data) { JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data); JS_FreeValue(tf_ssb_get_context(ssb), callback); } static void _tf_ssb_on_message_added_callback(tf_ssb_t* ssb, const char* id, void* user_data) { JSContext* context = tf_ssb_get_context(ssb); JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data); JSValue string = JS_NewString(context, id); JSValue response = JS_Call(context, callback, JS_UNDEFINED, 1, &string); if (tf_util_report_error(context, response)) { tf_ssb_remove_message_added_callback(ssb, _tf_ssb_on_message_added_callback, user_data); } JS_FreeValue(context, response); JS_FreeValue(context, string); } static void _tf_ssb_on_blob_want_added_callback(tf_ssb_t* ssb, const char* id, void* user_data) { JSContext* context = tf_ssb_get_context(ssb); JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data); JSValue string = JS_NewString(context, id); JSValue response = JS_Call(context, callback, JS_UNDEFINED, 1, &string); if (tf_util_report_error(context, response)) { tf_ssb_remove_blob_want_added_callback(ssb, _tf_ssb_on_blob_want_added_callback, user_data); } JS_FreeValue(context, response); JS_FreeValue(context, string); } static void _tf_ssb_on_connections_changed_callback(tf_ssb_t* ssb, tf_ssb_change_t change, tf_ssb_connection_t* connection, void* user_data) { JSContext* context = tf_ssb_get_context(ssb); JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data); JSValue response = JS_UNDEFINED; switch (change) { case k_tf_ssb_change_create: break; case k_tf_ssb_change_connect: { JSValue object = JS_DupValue(context, tf_ssb_connection_get_object(connection)); JSValue args[] = { JS_NewString(context, "add"), object, }; response = JS_Call(context, callback, JS_UNDEFINED, 2, args); if (tf_util_report_error(context, response)) { tf_ssb_remove_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, user_data); } JS_FreeValue(context, args[0]); JS_FreeValue(context, object); } break; case k_tf_ssb_change_remove: { JSValue object = JS_DupValue(context, tf_ssb_connection_get_object(connection)); JSValue args[] = { JS_NewString(context, "remove"), object, }; response = JS_Call(context, callback, JS_UNDEFINED, 2, args); if (tf_util_report_error(context, response)) { tf_ssb_remove_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, user_data); } JS_FreeValue(context, args[0]); JS_FreeValue(context, object); } break; } JS_FreeValue(context, response); } static void _tf_ssb_on_broadcasts_changed_callback(tf_ssb_t* ssb, void* user_data) { JSContext* context = tf_ssb_get_context(ssb); JSValue callback = JS_MKPTR(JS_TAG_OBJECT, user_data); JSValue argv = JS_UNDEFINED; JSValue response = JS_Call(context, callback, JS_UNDEFINED, 1, &argv); if (tf_util_report_error(context, response)) { tf_ssb_remove_broadcasts_changed_callback(ssb, _tf_ssb_on_broadcasts_changed_callback, user_data); } JS_FreeValue(context, response); } static JSValue _tf_ssb_add_event_listener(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* event_name = JS_ToCString(context, argv[0]); JSValue callback = argv[1]; JSValue result = JS_UNDEFINED; if (!event_name) { result = JS_ThrowTypeError(context, "Expected argument 1 to be a string event name."); } else if (!JS_IsFunction(context, callback)) { result = JS_ThrowTypeError(context, "Expected argument 2 to be a function."); } else { if (strcmp(event_name, "connections") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_add_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, _tf_ssb_cleanup_value, ptr); } else if (strcmp(event_name, "broadcasts") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_add_broadcasts_changed_callback(ssb, _tf_ssb_on_broadcasts_changed_callback, _tf_ssb_cleanup_value, ptr); } else if (strcmp(event_name, "message") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_add_message_added_callback(ssb, _tf_ssb_on_message_added_callback, _tf_ssb_cleanup_value, ptr); } else if (strcmp(event_name, "blob_want_added") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_add_blob_want_added_callback(ssb, _tf_ssb_on_blob_want_added_callback, _tf_ssb_cleanup_value, ptr); } } JS_FreeCString(context, event_name); return result; } static JSValue _tf_ssb_remove_event_listener(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* event_name = JS_ToCString(context, argv[0]); JSValue callback = argv[1]; JSValue result = JS_UNDEFINED; if (!event_name) { result = JS_ThrowTypeError(context, "Expected argument 1 to be a string event name."); } else if (!JS_IsFunction(context, callback)) { result = JS_ThrowTypeError(context, "Expected argument 2 to be a function."); } else { if (strcmp(event_name, "connections") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_remove_connections_changed_callback(ssb, _tf_ssb_on_connections_changed_callback, ptr); } else if (strcmp(event_name, "broadcasts") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_remove_broadcasts_changed_callback(ssb, _tf_ssb_on_broadcasts_changed_callback, ptr); } else if (strcmp(event_name, "message") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_remove_message_added_callback(ssb, _tf_ssb_on_message_added_callback, ptr); } else if (strcmp(event_name, "blob_want_added") == 0) { void* ptr = JS_VALUE_GET_PTR(JS_DupValue(context, callback)); tf_ssb_remove_blob_want_added_callback(ssb, _tf_ssb_on_blob_want_added_callback, ptr); } } JS_FreeCString(context, event_name); return result; } static JSValue _tf_ssb_hmacsha256_sign(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); size_t payload_length = 0; const char* payload = JS_ToCStringLen(context, &payload_length, argv[0]); const char* user = JS_ToCString(context, argv[1]); const char* public_key = JS_ToCString(context, argv[2]); uint8_t private_key[crypto_sign_SECRETKEYBYTES]; if (tf_ssb_db_identity_get_private_key(ssb, user, public_key, private_key, sizeof(private_key))) { uint8_t signature[crypto_sign_BYTES]; unsigned long long siglen; if (crypto_sign_detached(signature, &siglen, (const uint8_t*)payload, payload_length, private_key) == 0) { char signature_base64[crypto_sign_BYTES * 2]; tf_base64_encode(signature, sizeof(signature), signature_base64, sizeof(signature_base64)); result = JS_NewString(context, signature_base64); } } else { result = JS_ThrowInternalError(context, "Private key not found."); } JS_FreeCString(context, public_key); JS_FreeCString(context, user); JS_FreeCString(context, payload); return result; } static JSValue _tf_ssb_hmacsha256_verify(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; size_t public_key_length = 0; const char* public_key = JS_ToCStringLen(context, &public_key_length, argv[0]); size_t payload_length = 0; const char* payload = JS_ToCStringLen(context, &payload_length, argv[1]); size_t signature_length = 0; const char* signature = JS_ToCStringLen(context, &signature_length, argv[2]); const char* public_key_start = public_key && *public_key == '@' ? public_key + 1 : public_key; const char* public_key_end = public_key_start ? strstr(public_key_start, ".ed25519") : NULL; if (public_key_start && !public_key_end) { public_key_end = public_key_start + strlen(public_key_start); } uint8_t bin_public_key[crypto_sign_PUBLICKEYBYTES] = { 0 }; if (tf_base64_decode(public_key_start, public_key_end - public_key_start, bin_public_key, sizeof(bin_public_key)) > 0) { uint8_t bin_signature[crypto_sign_BYTES] = { 0 }; if (tf_base64_decode(signature, signature_length, bin_signature, sizeof(bin_signature)) > 0) { if (crypto_sign_verify_detached(bin_signature, (const uint8_t*)payload, payload_length, bin_public_key) == 0) { result = JS_TRUE; } } } JS_FreeCString(context, signature); JS_FreeCString(context, payload); JS_FreeCString(context, public_key); return result; } static JSValue _tf_ssb_createTunnel(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); const char* portal_id = JS_ToCString(context, argv[0]); const char* target_id = JS_ToCString(context, argv[1]); tf_ssb_connection_t* connection = tf_ssb_connection_get(ssb, portal_id); if (connection) { int32_t request_number = tf_ssb_connection_next_request_number(connection); JSValue message = JS_NewObject(context); JSValue name = JS_NewArray(context); JS_SetPropertyUint32(context, name, 0, JS_NewString(context, "tunnel")); JS_SetPropertyUint32(context, name, 1, JS_NewString(context, "connect")); JS_SetPropertyStr(context, message, "name", name); JSValue arg = JS_NewObject(context); JS_SetPropertyStr(context, arg, "portal", JS_NewString(context, portal_id)); JS_SetPropertyStr(context, arg, "target", JS_NewString(context, target_id)); JSValue args = JS_NewArray(context); JS_SetPropertyUint32(context, args, 0, arg); JS_SetPropertyStr(context, message, "args", args); JS_SetPropertyStr(context, message, "type", JS_NewString(context, "duplex")); tf_ssb_connection_rpc_send_json(connection, k_ssb_rpc_flag_stream | k_ssb_rpc_flag_new_request, request_number, message, NULL, NULL, NULL); JS_FreeValue(context, message); tf_ssb_connection_tunnel_create(ssb, portal_id, request_number, target_id); result = JS_TRUE; } JS_FreeCString(context, target_id); JS_FreeCString(context, portal_id); return result; } enum { k_max_private_message_recipients = 8 }; static bool _tf_ssb_get_private_key_curve25519(sqlite3* db, const char* user, const char* identity, uint8_t out_private_key[static crypto_sign_SECRETKEYBYTES]) { if (!user || !identity || !out_private_key) { tf_printf("user=%p identity=%p out_private_key=%p\n", user, identity, out_private_key); return false; } bool success = false; sqlite3_stmt* statement = NULL; if (sqlite3_prepare(db, "SELECT private_key FROM identities WHERE user = ? AND public_key = ?", -1, &statement, NULL) == SQLITE_OK) { if (sqlite3_bind_text(statement, 1, user, -1, NULL) == SQLITE_OK && sqlite3_bind_text(statement, 2, *identity == '@' ? identity + 1 : identity, -1, NULL) == SQLITE_OK) { while (sqlite3_step(statement) == SQLITE_ROW) { uint8_t key[crypto_sign_SECRETKEYBYTES] = { 0 }; int length = tf_base64_decode( (const char*)sqlite3_column_text(statement, 0), sqlite3_column_bytes(statement, 0) - strlen(".ed25519"), key, sizeof(key)); if (length == crypto_sign_SECRETKEYBYTES) { success = crypto_sign_ed25519_sk_to_curve25519(out_private_key, key) == 0; } } } sqlite3_finalize(statement); } return success; } static JSValue _tf_ssb_private_message_encrypt(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; int recipient_count = tf_util_get_length(context, argv[2]); if (recipient_count < 1 || recipient_count > k_max_private_message_recipients) { return JS_ThrowRangeError(context, "Number of recipients must be between 1 and %d.", k_max_private_message_recipients); } const char* signer_user = JS_ToCString(context, argv[0]); const char* signer_identity = JS_ToCString(context, argv[1]); uint8_t recipients[k_max_private_message_recipients][crypto_scalarmult_curve25519_SCALARBYTES]; size_t message_size = 0; const char* message = JS_ToCStringLen(context, &message_size, argv[3]); for (int i = 0; i < recipient_count && JS_IsUndefined(result); i++) { JSValue recipient = JS_GetPropertyUint32(context, argv[2], i); const char* id = JS_ToCString(context, recipient); if (id) { const char* type = strstr(id, ".ed25519"); const char* id_start = *id == '@' ? id + 1 : id; uint8_t key[crypto_box_PUBLICKEYBYTES] = { 0 }; if (tf_base64_decode(id_start, type ? (size_t)(type - id_start) : strlen(id_start), key, sizeof(key)) != sizeof(key)) { result = JS_ThrowInternalError(context, "Invalid recipient: %s.\n", id); } else if (crypto_sign_ed25519_pk_to_curve25519(recipients[i], key) != 0) { result = JS_ThrowInternalError(context, "Failed to convert recipient ID.\n"); } JS_FreeCString(context, id); } JS_FreeValue(context, recipient); } if (JS_IsUndefined(result)) { tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 }; sqlite3* db = tf_ssb_acquire_db_reader(ssb); bool found = _tf_ssb_get_private_key_curve25519(db, signer_user, signer_identity, private_key); tf_ssb_release_db_reader(ssb, db); if (found) { uint8_t public_key[crypto_box_PUBLICKEYBYTES] = { 0 }; uint8_t secret_key[crypto_box_SECRETKEYBYTES] = { 0 }; uint8_t nonce[crypto_box_NONCEBYTES] = { 0 }; uint8_t body_key[crypto_box_SECRETKEYBYTES] = { 0 }; crypto_box_keypair(public_key, secret_key); randombytes_buf(nonce, sizeof(nonce)); randombytes_buf(body_key, sizeof(body_key)); uint8_t length_and_key[1 + sizeof(body_key)]; length_and_key[0] = (uint8_t)recipient_count; memcpy(length_and_key + 1, body_key, sizeof(body_key)); size_t payload_size = sizeof(nonce) + sizeof(public_key) + (crypto_secretbox_MACBYTES + sizeof(length_and_key)) * recipient_count + crypto_secretbox_MACBYTES + message_size; uint8_t* payload = tf_malloc(payload_size); uint8_t* p = payload; memcpy(p, nonce, sizeof(nonce)); p += sizeof(nonce); memcpy(p, public_key, sizeof(public_key)); p += sizeof(public_key); for (int i = 0; i < recipient_count && JS_IsUndefined(result); i++) { uint8_t shared_secret[crypto_secretbox_KEYBYTES] = { 0 }; if (crypto_scalarmult(shared_secret, secret_key, recipients[i]) == 0) { if (crypto_secretbox_easy(p, length_and_key, sizeof(length_and_key), nonce, shared_secret) != 0) { result = JS_ThrowInternalError(context, "crypto_secretbox_easy failed"); } else { p += crypto_secretbox_MACBYTES + sizeof(length_and_key); } } else { result = JS_ThrowInternalError(context, "crypto_scalarmult failed"); } } if (JS_IsUndefined(result)) { if (crypto_secretbox_easy(p, (const uint8_t*)message, message_size, nonce, body_key) != 0) { result = JS_ThrowInternalError(context, "crypto_secretbox_easy failed for the message.\n"); } else { p += crypto_secretbox_MACBYTES + message_size; assert((size_t)(p - payload) == payload_size); char* encoded = tf_malloc(payload_size * 2 + 5); size_t encoded_length = tf_base64_encode(payload, payload_size, encoded, payload_size * 2 + 5); memcpy(encoded + encoded_length, ".box", 5); encoded_length += 4; result = JS_NewStringLen(context, encoded, encoded_length); tf_free(encoded); } } tf_free(payload); } else { result = JS_ThrowInternalError(context, "Unable to get key for ID %s of user %s.", signer_identity, signer_user); } } JS_FreeCString(context, signer_user); JS_FreeCString(context, signer_identity); JS_FreeCString(context, message); return result; } static JSValue _tf_ssb_private_message_decrypt(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv) { JSValue result = JS_UNDEFINED; const char* user = JS_ToCString(context, argv[0]); const char* identity = JS_ToCString(context, argv[1]); size_t message_size = 0; const char* message = JS_ToCStringLen(context, &message_size, argv[2]); uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 }; tf_ssb_t* ssb = JS_GetOpaque(this_val, _tf_ssb_classId); sqlite3* db = tf_ssb_acquire_db_reader(ssb); bool found = _tf_ssb_get_private_key_curve25519(db, user, identity, private_key); tf_ssb_release_db_reader(ssb, db); if (found) { uint8_t* decoded = tf_malloc(message_size); int decoded_length = tf_base64_decode(message, message_size - strlen(".box"), decoded, message_size); uint8_t* nonce = decoded; uint8_t* public_key = decoded + crypto_box_NONCEBYTES; if (public_key + crypto_secretbox_KEYBYTES < decoded + decoded_length) { uint8_t shared_secret[crypto_secretbox_KEYBYTES] = { 0 }; if (crypto_scalarmult(shared_secret, private_key, public_key) == 0) { enum { k_recipient_header_bytes = crypto_secretbox_MACBYTES + sizeof(uint8_t) + crypto_secretbox_KEYBYTES }; for (uint8_t* p = decoded + crypto_box_NONCEBYTES + crypto_secretbox_KEYBYTES; p <= decoded + decoded_length - k_recipient_header_bytes; p += k_recipient_header_bytes) { uint8_t out[k_recipient_header_bytes] = { 0 }; int opened = crypto_secretbox_open_easy(out, p, k_recipient_header_bytes, nonce, shared_secret); if (opened != -1) { int recipients = (int)out[0]; uint8_t* body = decoded + crypto_box_NONCEBYTES + crypto_secretbox_KEYBYTES + k_recipient_header_bytes * recipients; size_t body_size = decoded + decoded_length - body; uint8_t* decrypted = tf_malloc(body_size); uint8_t* key = out + 1; if (crypto_secretbox_open_easy(decrypted, body, body_size, nonce, key) != -1) { result = JS_NewStringLen(context, (const char*)decrypted, body_size - crypto_secretbox_MACBYTES); } else { result = JS_ThrowInternalError(context, "Received key to open secret box containing message body, but it did not work."); } tf_free(decrypted); } } } else { result = JS_ThrowInternalError(context, "crypto_scalarmult failed."); } } else { result = JS_ThrowInternalError(context, "Encrypted message was not long enough to contains its one-time public key."); } tf_free(decoded); } else { result = JS_ThrowInternalError(context, "Private key not found for user %s with id %s.", user, identity); } JS_FreeCString(context, user); JS_FreeCString(context, identity); JS_FreeCString(context, message); return result; } void tf_ssb_register(JSContext* context, tf_ssb_t* ssb) { JS_NewClassID(&_tf_ssb_classId); JSClassDef def = { .class_name = "ssb", }; if (JS_NewClass(JS_GetRuntime(context), _tf_ssb_classId, &def) != 0) { fprintf(stderr, "Failed to register ssb.\n"); } JSValue global = JS_GetGlobalObject(context); JSValue object = JS_NewObjectClass(context, _tf_ssb_classId); JS_SetPropertyStr(context, global, "ssb", object); JS_SetOpaque(object, ssb); /* Requires an identity. */ JS_SetPropertyStr(context, object, "createIdentity", JS_NewCFunction(context, _tf_ssb_createIdentity, "createIdentity", 1)); JS_SetPropertyStr(context, object, "setServerFollowingMe", JS_NewCFunction(context, _tf_ssb_set_server_following_me, "setServerFollowingMe", 3)); JS_SetPropertyStr(context, object, "getIdentities", JS_NewCFunction(context, _tf_ssb_getIdentities, "getIdentities", 1)); JS_SetPropertyStr(context, object, "hmacsha256sign", JS_NewCFunction(context, _tf_ssb_hmacsha256_sign, "hmacsha256sign", 3)); JS_SetPropertyStr(context, object, "hmacsha256verify", JS_NewCFunction(context, _tf_ssb_hmacsha256_verify, "hmacsha256verify", 3)); JS_SetPropertyStr(context, object, "privateMessageEncrypt", JS_NewCFunction(context, _tf_ssb_private_message_encrypt, "privateMessageEncrypt", 4)); JS_SetPropertyStr(context, object, "privateMessageDecrypt", JS_NewCFunction(context, _tf_ssb_private_message_decrypt, "privateMessageDecrypt", 3)); /* Write. */ JS_SetPropertyStr(context, object, "appendMessageWithIdentity", JS_NewCFunction(context, _tf_ssb_appendMessageWithIdentity, "appendMessageWithIdentity", 3)); /* Does not require an identity. */ JS_SetPropertyStr(context, object, "getServerIdentity", JS_NewCFunction(context, _tf_ssb_getServerIdentity, "getServerIdentity", 0)); JS_SetPropertyStr(context, object, "getAllIdentities", JS_NewCFunction(context, _tf_ssb_getAllIdentities, "getAllIdentities", 0)); JS_SetPropertyStr(context, object, "getMessage", JS_NewCFunction(context, _tf_ssb_getMessage, "getMessage", 2)); JS_SetPropertyStr(context, object, "blobGet", JS_NewCFunction(context, _tf_ssb_blobGet, "blobGet", 1)); JS_SetPropertyStr(context, object, "messageContentGet", JS_NewCFunction(context, _tf_ssb_messageContentGet, "messageContentGet", 1)); JS_SetPropertyStr(context, object, "connections", JS_NewCFunction(context, _tf_ssb_connections, "connections", 0)); JS_SetPropertyStr(context, object, "storedConnections", JS_NewCFunction(context, _tf_ssb_storedConnections, "storedConnections", 0)); JS_SetPropertyStr(context, object, "getConnection", JS_NewCFunction(context, _tf_ssb_getConnection, "getConnection", 1)); JS_SetPropertyStr(context, object, "closeConnection", JS_NewCFunction(context, _tf_ssb_closeConnection, "closeConnection", 1)); JS_SetPropertyStr(context, object, "forgetStoredConnection", JS_NewCFunction(context, _tf_ssb_forgetStoredConnection, "forgetStoredConnection", 1)); JS_SetPropertyStr(context, object, "sqlAsync", JS_NewCFunction(context, _tf_ssb_sqlAsync, "sqlAsync", 3)); JS_SetPropertyStr(context, object, "getBroadcasts", JS_NewCFunction(context, _tf_ssb_getBroadcasts, "getBroadcasts", 0)); JS_SetPropertyStr(context, object, "connect", JS_NewCFunction(context, _tf_ssb_connect, "connect", 1)); JS_SetPropertyStr(context, object, "createTunnel", JS_NewCFunction(context, _tf_ssb_createTunnel, "createTunnel", 3)); /* Write. */ JS_SetPropertyStr(context, object, "storeMessage", JS_NewCFunction(context, _tf_ssb_storeMessage, "storeMessage", 1)); JS_SetPropertyStr(context, object, "blobStore", JS_NewCFunction(context, _tf_ssb_blobStore, "blobStore", 1)); /* Should be trusted only. */ JS_SetPropertyStr(context, object, "addEventListener", JS_NewCFunction(context, _tf_ssb_add_event_listener, "addEventListener", 2)); JS_SetPropertyStr(context, object, "removeEventListener", JS_NewCFunction(context, _tf_ssb_remove_event_listener, "removeEventListener", 2)); JS_FreeValue(context, global); }