Skip to content

Commit 13a2a0a

Browse files
author
evgeny-nadymov
committed
Clear p2p encryptor
1 parent 70b8b5c commit 13a2a0a

File tree

2 files changed

+36
-49
lines changed

2 files changed

+36
-49
lines changed

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"homepage": "https://evgeny-nadymov.github.io/telegram-react",
33
"name": "telegram_react",
4-
"version": "0.0.995",
4+
"version": "0.0.996",
55
"private": true,
66
"dependencies": {
77
"@material-ui/core": "^4.9.7",

src/Calls/P2P/P2PEncryptor.js

Lines changed: 35 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -56,19 +56,15 @@ export default class P2PEncryptor {
5656

5757
const p2pKeyWA = CryptoJS.enc.Base64.parse(keyBase64);
5858
this.p2pKey = wordArrayToUint8Array(p2pKeyWA);
59+
this.mode = CryptoJS.mode.CTR;
60+
this.padding = CryptoJS.pad.NoPadding;
5961
}
6062

6163
encryptToBase64(str) {
6264
if (P2P_ENCRYPTION) {
6365
const enc = new TextEncoder();
6466
const arr = enc.encode(str);
6567

66-
// const base64 = btoa(str);
67-
// const inputWA = CryptoJS.enc.Base64.parse(base64);
68-
// const input8Arr = wordArrayToUint8Array(inputWA);
69-
70-
// const packet = this.encryptRawPacket(input8Arr);
71-
// console.log('[arr] ', arr, input8Arr);
7268
const packet = this.encryptRawPacket(new Uint8Array(arr));
7369

7470
const { bytes } = packet;
@@ -115,21 +111,15 @@ export default class P2PEncryptor {
115111
const x = (this.isOutgoing ? 0 : 8) + (this.type === 'Signaling' ? 128 : 0);
116112
const key = this.p2pKey;
117113

118-
// console.log('[encryptor][p2p] encryptPrepared (x, key)', x, key);
119114
const msgKeyLarge = this.concatSHA256([key.subarray(x + 88, x + 88 + 32), buffer]);
120115
const msgKey = result.bytes;
121116
for (let i = 0; i < 16; i++) {
122117
msgKey[i] = msgKeyLarge[i + 8];
123118
}
124-
// console.log('[encryptor][p2p] encryptPrepared msgKeyLarge', msgKeyLarge, msgKey);
125119

126-
// console.log('[encryptor][p2p] encryptPrepared prepareAesKeyIv start', key, msgKey, x);
127120
const aesKeyIv = this.prepareAesKeyIv(key, msgKey, x);
128-
// console.log('[encryptor][p2p] encryptPrepared prepareAesKeyIv stop', aesKeyIv);
129121

130-
// console.log('[encryptor][p2p] encryptPrepared aesProcessCtr start', buffer, buffer.length, aesKeyIv);
131122
const bytes = this.aesProcessCtr(buffer, buffer.length, aesKeyIv, true);
132-
// console.log('[encryptor][p2p] encryptPrepared aesProcessCtr stop', bytes);
133123

134124
result.bytes = new Uint8Array([...result.bytes.subarray(0, 16), ...bytes]);
135125

@@ -158,10 +148,7 @@ export default class P2PEncryptor {
158148

159149
const result = new Uint8Array([...new Uint8Array(arr), ...buffer]);
160150

161-
// console.log('[encryptor][p2p] encryptRawPacker buffer', result);
162-
const encryptedPacket = this.encryptPrepared(result);
163-
164-
return encryptedPacket;
151+
return this.encryptPrepared(result);
165152
}
166153

167154
prepareAesKeyIv(key, msgKey, x) {
@@ -192,33 +179,26 @@ export default class P2PEncryptor {
192179
aesProcessCtr(encryptedData, dataSize, aesKeyIv, encrypt = true) {
193180
const key = uint8ArrayToWordArray(aesKeyIv.key);
194181
const iv = uint8ArrayToWordArray(aesKeyIv.iv);
195-
196182
const str = uint8ArrayToWordArray(encryptedData);
197-
// console.log('[encryptor][p2p] aesProcessCtr (aesKey, aesIv, encrypt)', { key, iv, encrypt, encryptedData });
183+
184+
const { mode, padding } = this;
198185

199186
if (encrypt) {
200187
const encrypted = CryptoJS.AES.encrypt(str, key, {
201-
mode: CryptoJS.mode.CTR,
188+
mode,
202189
iv,
203-
padding: CryptoJS.pad.NoPadding
190+
padding
204191
});
205192

206-
const result = wordArrayToUint8Array(encrypted.ciphertext);
207-
208-
// console.log('[encryptor][p2p] aesProcessCtr (result)', { result, ciphertext: encrypted.ciphertext });
209-
210-
return result;
193+
return wordArrayToUint8Array(encrypted.ciphertext);
211194
} else {
212195
const decrypted = CryptoJS.AES.decrypt({ ciphertext: str }, key, {
213-
mode: CryptoJS.mode.CTR,
196+
mode,
214197
iv,
215-
padding: CryptoJS.pad.NoPadding
198+
padding
216199
});
217200

218-
const result = wordArrayToUint8Array(decrypted);
219-
220-
// console.log('[encryptor][p2p] aesProcessCtr (result)', { result, text: decrypted });
221-
return result;
201+
return wordArrayToUint8Array(decrypted);
222202
}
223203
}
224204

@@ -232,6 +212,17 @@ export default class P2PEncryptor {
232212
return JSON.parse(dec.decode(decrypted))
233213
}
234214

215+
constTimeIsDifferent(a, b, count) {
216+
let msgKeyEquals = true;
217+
for (let i = 0; i < count; i++) {
218+
if (a[i] !== b[i]) {
219+
msgKeyEquals = false;
220+
}
221+
}
222+
223+
return !msgKeyEquals;
224+
}
225+
235226
decryptRawPacket(buffer) {
236227
if (buffer.length < 21 || buffer.length > kMaxIncomingPacketSize) {
237228
return null;
@@ -241,39 +232,35 @@ export default class P2PEncryptor {
241232

242233
const x = (isOutgoing ? 8 : 0) + (type === 'Signaling' ? 128 : 0);
243234
const key = this.p2pKey;
244-
// console.log('[encryptor][p2p] decryptRawPacket (x, key)', x, key);
245235

246236
const msgKey = buffer.subarray(0, 16);
247237
const encryptedData = buffer.subarray(16);
248238
const encryptedDataSize = buffer.length - 16;
249239

250-
// console.log('[encryptor][p2p] decryptRawPacket prepareAesKeyIv start', { key, msgKey, x });
251240
const aesKeyIv = this.prepareAesKeyIv(key, msgKey, x);
252-
// console.log('[encryptor][p2p] decryptRawPacket prepareAesKeyIv stop', aesKeyIv);
253241

254-
// console.log('[encryptor][p2p] decryptRawPacket aesProcessCtr start', encryptedData, dataSize, aesKeyIv);
255242
const decryptionBuffer = this.aesProcessCtr(encryptedData, encryptedDataSize, aesKeyIv, false);
256-
// console.log('[encryptor][p2p] decryptRawPacket aesProcessCtr stop', decryptionBuffer);
257243

258244
const msgKeyLarge = this.concatSHA256([
259245
key.subarray(88 + x, 88 + x + 32),
260246
decryptionBuffer
261247
]);
262248

263-
let msgKeyEquals = true;
264-
for (let i = 0; i < 16; i++) {
265-
if (msgKey[i] !== msgKeyLarge[i + 8]) {
266-
msgKeyEquals = false;
267-
}
268-
}
269-
console.log('[msgKey]', msgKey, msgKeyLarge, msgKeyEquals);
270-
if (!msgKeyEquals) {
249+
if (this.constTimeIsDifferent(msgKeyLarge.subarray(8), msgKey, 16)) {
271250
return null;
272251
}
273252

274-
console.log('[base64] decryptionBuffer', decryptionBuffer);
275-
const resultBuffer = decryptionBuffer.slice(4);
276-
277-
return resultBuffer;
253+
// let msgKeyEquals = true;
254+
// for (let i = 0; i < 16; i++) {
255+
// if (msgKey[i] !== msgKeyLarge[i + 8]) {
256+
// msgKeyEquals = false;
257+
// }
258+
// }
259+
//
260+
// if (!msgKeyEquals) {
261+
// return null;
262+
// }
263+
264+
return decryptionBuffer.slice(4);
278265
}
279266
};

0 commit comments

Comments
 (0)