Encryption init

.env.example

@@ -37,8 +37,8 @@ CONVERSATION_MAX_PARTICIPANTS=50
 CONVERSATION_PRELOAD_COUNT=1000
 JWT_ACCESS_SECRET=token
 JWT_ACCESS_TOKEN_EXPIRES_IN=10800
-JWT_REFRESH_SECRET=refresh
-JWT_REFRESH_TOKEN_EXPIRES_IN=1209600
+ENCRYPTION_MESSAGE_EXPIRED_IN=2592000 # 30 days
+ENCRYPTION_DEVICE_TOKEN_EXPIRES_IN=2592000 # 30 days
 OPERATIONS_LOG_EXPIRES_IN=1209600
 NODE_CLUSTER_DATA_EXPIRES_IN=30000
 REDIS_SUB_DATA_EXPIRES_IN=30000

APIs/JSON/controllers/encryption.js

@@ -0,0 +1,45 @@
+import BaseJSONController from "./base.js"
+
+import ServiceLocatorContainer from "@sama/common/ServiceLocatorContainer.js"
+
+import Response from "@sama/networking/models/Response.js"
+
+class EncryptionController extends BaseJSONController {
+  async register(ws, data) {
+    const { id: requestId } = data
+
+    const encryptionRegisterOperation = ServiceLocatorContainer.use("EncryptionRegisterOperation")
+    await encryptionRegisterOperation.perform(ws, data.device_register)
+
+    return new Response().addBackMessage({ response: { id: requestId, success: true } })
+  }
+
+  async list(ws, data) {
+    const { id: requestId } = data
+
+    const encryptionListOperation = ServiceLocatorContainer.use("EncryptionListOperation")
+    const deviceList = await encryptionListOperation.perform(ws)
+
+    return new Response().addBackMessage({ response: { id: requestId, devices: deviceList } })
+  }
+
+  async request_keys(ws, data) {
+    const { id: requestId } = data
+
+    const encryptionRequestKeysOperation = ServiceLocatorContainer.use("EncryptionRequestKeysOperation")
+    const deviceList = await encryptionRequestKeysOperation.perform(ws, data.request_keys)
+
+    return new Response().addBackMessage({ response: { id: requestId, devices: deviceList } })
+  }
+
+  async delete(ws, data) {
+    const { id: requestId } = data
+
+    const encryptionDeleteOperation = ServiceLocatorContainer.use("EncryptionDeleteOperation")
+    await encryptionDeleteOperation.perform(ws, data.device_delete)
+
+    return new Response().addBackMessage({ response: { id: requestId, success: true } })
+  }
+}
+
+export default new EncryptionController()

APIs/JSON/controllers/messages.js

@@ -6,6 +6,7 @@ import MessageResponse from "@sama/DTO/Response/message/create/response.js"
 import SystemMessageResponse from "@sama/DTO/Response/message/system/response.js"
 import EditMessageResponse from "@sama/DTO/Response/message/edit/response.js"
 import ReadMessagesResponse from "@sama/DTO/Response/message/read/response.js"
+import DecryptionFailedMessagesResponse from "@sama/DTO/Response/message/decryption_failed/response.js"
 import DeleteMessagesResponse from "@sama/DTO/Response/message/delete/response.js"
 
 import DeliverMessage from "@sama/networking/models/DeliverMessage.js"
@@ -93,6 +94,27 @@ class MessagesController extends BaseJSONController {
     })
   }
 
+  async decryption_failed(ws, data) {
+    const { id: requestId, message_decryption_failed: messagesDecryptionFailedOptions } = data
+
+    const messageDecryptionFailedOperation = ServiceLocatorContainer.use("MessageDecryptionFailedOperation")
+    const { receiverUserId, statuses } = await messageDecryptionFailedOperation.perform(
+      ws,
+      messagesDecryptionFailedOptions
+    )
+
+    const response = new Response()
+
+    response.addDeliverMessage(new DeliverMessage([receiverUserId], new DecryptionFailedMessagesResponse(statuses)))
+
+    return response.addBackMessage({
+      response: {
+        id: requestId,
+        success: true,
+      },
+    })
+  }
+
   async delete(ws, data) {
     const { id: requestId, message_delete: messageDeleteParams } = data
 

APIs/JSON/controllers/operations_log.js

@@ -1,7 +1,5 @@
 import BaseJSONController from "./base.js"
 
-import OpLog from "@sama/models/operations_log.js"
-
 import ServiceLocatorContainer from "@sama/common/ServiceLocatorContainer.js"
 
 import MappableMessage from "@sama/networking/models/MappableMessage.js"

APIs/JSON/routes/routes.js

@@ -1,5 +1,6 @@
 import { default as ContactsController } from "../controllers/contacts.js"
 import { default as ConversationsController } from "../controllers/conversations.js"
+import { default as EncryptionController } from "../controllers/encryption.js"
 import { default as FilesController } from "../controllers/files.js"
 import { default as LastActivityiesController } from "../controllers/activities.js"
 import { default as MessagesController } from "../controllers/messages.js"
@@ -14,6 +15,7 @@ import authGuardMiddleware from "../middleware/auth_guard.js"
 import { activitiesSchemaValidation } from "../validations/activities_schema_validation.js"
 import { contactsSchemaValidation } from "../validations/contacts_schema_validation.js"
 import { conversationsSchemaValidation } from "../validations/conversations_schema_validation.js"
+import { encryptionSchemaValidation } from "../validations/encryption_schema_validation.js"
 import { filesSchemaValidation } from "../validations/files_schema_validation.js"
 import { messagesSchemaValidation } from "../validations/messages_schema_validation.js"
 import { operationsLogSchemaValidation } from "../validations/operations_log_schema_validation.js"
@@ -44,6 +46,10 @@ export const routes = {
     MessagesController.middleware(authGuardMiddleware, ws, json)
       .validate(json.message_read, messagesSchemaValidation.read)
       .read(ws, json),
+  message_decryption_failed: (ws, json) =>
+    MessagesController.middleware(authGuardMiddleware, ws, json)
+      .validate(json.message_decryption_failed, messagesSchemaValidation.decryption_failed)
+      .decryption_failed(ws, json),
   message_delete: (ws, json) =>
     MessagesController.middleware(authGuardMiddleware, ws, json)
       .validate(json.message_delete, messagesSchemaValidation.delete)
@@ -193,4 +199,20 @@ export const routes = {
     PushNotificationsController.middleware(authGuardMiddleware, ws, json)
       .validate(json.push_event_create, pushNotificationsSchemaValidation.push_event_create)
       .push_event_create(ws, json),
+  device_register: (ws, json) =>
+    EncryptionController.middleware(authGuardMiddleware, ws, json)
+      .validate(json.device_register, encryptionSchemaValidation.device_register)
+      .register(ws, json),
+  device_list: (ws, json) =>
+    EncryptionController.middleware(authGuardMiddleware, ws, json)
+      .validate(json.device_list, encryptionSchemaValidation.device_list)
+      .list(ws, json),
+  request_keys: (ws, json) =>
+    EncryptionController.middleware(authGuardMiddleware, ws, json)
+      .validate(json.request_keys, encryptionSchemaValidation.request_keys)
+      .request_keys(ws, json),
+  device_delete: (ws, json) =>
+    EncryptionController.middleware(authGuardMiddleware, ws, json)
+      .validate(json.device_delete, encryptionSchemaValidation.device_delete)
+      .delete(ws, json),
 }

APIs/JSON/validations/conversations_schema_validation.js

@@ -63,6 +63,7 @@ export const conversationsSchemaValidation = {
       file_name: Joi.string().max(255),
       file_blur_hash: Joi.string().max(255),
     }),
+    is_encrypted: Joi.boolean().allow(true),
   }).required(),
   update: Joi.object({
     id: Joi.string().required(),

APIs/JSON/validations/encryption_schema_validation.js

@@ -0,0 +1,51 @@
+import Joi from "joi"
+import { ERROR_STATUES } from "@sama/constants/errors.js"
+
+export const encryptionSchemaValidation = {
+  device_register: Joi.object({
+    identity_key: Joi.string()
+      .max(255)
+      .required()
+      .error(
+        new Error(ERROR_STATUES.INCORRECT_IDENTITY_KEY.message, {
+          cause: ERROR_STATUES.INCORRECT_IDENTITY_KEY,
+        })
+      ),
+    signed_key: Joi.string()
+      .max(255)
+      .required()
+      .error(
+        new Error(ERROR_STATUES.INCORRECT_SIGNED_KEY.message, {
+          cause: ERROR_STATUES.INCORRECT_SIGNED_KEY,
+        })
+      ),
+    one_time_pre_keys: Joi.alternatives(Joi.object().max(100), Joi.array().items(Joi.string().max(255)).max(100))
+      .required()
+      .error(
+        new Error(ERROR_STATUES.INCORRECT_ONE_TIME_PRE_KEYS.message, {
+          cause: ERROR_STATUES.INCORRECT_ONE_TIME_PRE_KEYS,
+        })
+      ),
+  }),
+  device_list: Joi.object({}),
+  request_keys: Joi.object({
+    user_ids: Joi.array()
+      .items(
+        Joi.string().error(
+          new Error(ERROR_STATUES.INCORRECT_USER_ID.message, {
+            cause: ERROR_STATUES.INCORRECT_USER_ID,
+          })
+        )
+      )
+      .max(50)
+      .required()
+      .error(
+        new Error(ERROR_STATUES.INCORRECT_USERS_ARRAY.message, {
+          cause: ERROR_STATUES.INCORRECT_USERS_ARRAY,
+        })
+      ),
+  }),
+  device_delete: Joi.object({
+    device_id: Joi.alternatives().try(Joi.number().max(255).required(), Joi.string().max(255).required()).required(),
+  }),
+}

APIs/JSON/validations/messages_schema_validation.js

@@ -42,6 +42,7 @@ export const messagesSchemaValidation = {
           })
         ),
       deleted_for: Joi.array().items(Joi.alternatives().try(Joi.object(), Joi.string(), Joi.number()).required()),
+      encrypted_message_type: Joi.number().allow(1, 0),
     })
     .or("body", "attachments"),
   edit: Joi.object({
@@ -82,6 +83,16 @@ export const messagesSchemaValidation = {
       ),
     ids: Joi.array().items(Joi.alternatives().try(Joi.object(), Joi.string())),
   }).required(),
+  decryption_failed: Joi.object({
+    cid: Joi.string()
+      .required()
+      .error(
+        new Error(ERROR_STATUES.CID_REQUIRED.message, {
+          cause: ERROR_STATUES.CID_REQUIRED,
+        })
+      ),
+    ids: Joi.array().items(Joi.alternatives().try(Joi.object(), Joi.string())).min(1).required(),
+  }).required(),
   delete: Joi.object({
     cid: Joi.string()
       .required()

app/DTO/Response/message/create/public_fields.js

@@ -12,6 +12,7 @@ class MessagePublicFields {
     this.body = messageModel.body
     this.attachments = messageModel.attachments
     this.x = messageModel.x
+    this.encrypted_message_type = messageModel.encrypted_message_type
 
     this.created_at = messageModel.created_at
 

app/DTO/Response/message/decryption_failed/public_fields.js

@@ -0,0 +1,9 @@
+class DecryptionFailedMessagesPublicFields {
+  constructor(params) {
+    this.ids = params.messageIds
+    this.cid = params.cid
+    this.from = params.from
+  }
+}
+
+export default DecryptionFailedMessagesPublicFields

app/DTO/Response/message/decryption_failed/response.js

@@ -0,0 +1,7 @@
+class DecryptionFailedMessagesResponse {
+  constructor(decryptionFailedMessagesPublicFields) {
+    this.message_decryption_failed = decryptionFailedMessagesPublicFields
+  }
+}
+
+export default DecryptionFailedMessagesResponse

app/constants/errors.js

@@ -136,6 +136,12 @@ export const ERROR_STATUES = {
     message: "Push notification record not found.",
   },
   INCORRECT_KEYS: { status: 422, message: "Incorrect keys." },
+  //Encryption -->
+  INCORRECT_IDENTITY_KEY: { status: 422, message: "Incorrect identity device key." },
+  INCORRECT_SIGNED_KEY: { status: 422, message: "Incorrect signed key." },
+  INCORRECT_ONE_TIME_PRE_KEYS: { status: 422, message: "Incorrect one time pre keys." },
+  INCORRECT_USER_ID: { status: 422, message: "Incorrect user id." },
+  INCORRECT_USERS_ARRAY: { status: 422, message: "Incorrect users array." },
   // Other -->
   LOG_TIMETAMP_MISSED: { status: 422, message: "Gt or lt query missed." },
   CID_REQUIRED: {

app/models/conversation.js

@@ -14,6 +14,7 @@ export default class Conversation extends BaseModel {
       "description",
       "image_object",
       "image_url",
+      "is_encrypted",
 
       "owner_id",
       "opponent_id",

app/models/encrypted_device.js

@@ -0,0 +1,13 @@
+import BaseModel from "./base.js"
+
+class EncryptedDevice extends BaseModel {
+  static get collection() {
+    return "encrypted_devices"
+  }
+
+  static get visibleFields() {
+    return ["_id", "identity_key", "signed_key", "one_time_pre_keys"]
+  }
+}
+
+export default EncryptedDevice

app/models/encrypted_message_status.js

@@ -0,0 +1,15 @@
+import BaseModel from "./base.js"
+
+export default class EncryptedMessageStatus extends BaseModel {
+  static get collection() {
+    return "encrypted_message_statuses"
+  }
+
+  static get visibleFields() {
+    return ["_id", "mid", "cid"]
+  }
+
+  static get hiddenFields() {
+    return ["updated_at", "created_at"]
+  }
+}

app/models/message.js

@@ -15,6 +15,7 @@ export default class Message extends BaseModel {
       "body",
       "x",
       "attachments",
+      "encrypted_message_type",
 
       "created_at",