Merge pull request #7 from commt/feature/e2e

Feature E2E

Author: sedanurakcil

src/components/RoomCard/index.tsx

@@ -147,7 +147,9 @@ const RoomCard = ({ room, onClickAction }: RoomCardProps) => {
               {!isLastMessageBySelfUser && room.groupName
                 ? `${room.lastMessage?.user.name}: `
                 : ""}
-              {room.lastMessage?.text}
+              {room.lastMessage?.text &&
+                room.lastMessage.text.slice(0, 25) +
+                  (room.lastMessage.text.length > 25 ? "..." : "")}
             </MessageText>
           )}
         </View>

src/hooks/useSendMessage.ts

@@ -4,8 +4,7 @@ import { sendMessage } from "../utils/socket";
 import { CommtContext } from "../context/Context";
 import { addMessage } from "../context/actions/messagesAction";
 import { updateLastMessage } from "../context/actions/roomsActions";
-import forge from "node-forge";
-import { aesEncrypt } from "../utils/encryption";
+import { aesEncrypt, rsaEncrypt } from "../utils/encryption";
 
 interface onSendMessageProps {
   message: IMessage;
@@ -16,9 +15,10 @@ interface onSendMessageProps {
 const useSendMessage = () => {
   const {
     state: {
-      users: { selfUser },
+      users: { selfUser, users },
+      rooms,
       app: {
-        configs: { secretKey, apiKey, subscriptionKey, projectName },
+        configs: { secretKey, apiKey, subscriptionKey, projectName, e2e },
       },
     },
     dispatch,
@@ -32,22 +32,47 @@ const useSendMessage = () => {
       senderId: message.user._id,
     };
 
-    // create iv and encrypt data for each message
-    const iv = forge.random.getBytesSync(16);
-    const encryptedMessage = aesEncrypt({
+    let encryptedMessage = messageContent.text;
+
+    // Encrypt message with RSA; If the tenant enabled E2E encryption and it's not a system message
+    if (e2e && !message.system) {
+      // TODO: Investigation for group/community chat RSA encryption
+      const room = rooms.find((room) => room.roomId === roomId);
+
+      if (room && !room.groupName) {
+        // Find the opposite user ID among one-to-one room participants
+        const oppositeUserId = room.participants.find(
+          (id) => id !== selfUser?._id && !id.startsWith("system"),
+        );
+
+        const oppositeUserPck = users.find(
+          (user) => user._id === oppositeUserId,
+        )?.publicKey;
+
+        // If the opposite user has a public key, the message text is encrypted using RSA.
+        if (oppositeUserPck) {
+          encryptedMessage = rsaEncrypt({
+            message: encryptedMessage,
+            publicKey: oppositeUserPck,
+          });
+        }
+      }
+    }
+
+    // AES encryption is the standard encryption method and encrypts every messages. It encrypts data by generating IV.
+    const { encryptedMessage: encryptedMsg, iv } = aesEncrypt({
       key: secretKey,
-      iv,
       messageData: JSON.stringify({
-        message: messageContent,
+        message: { ...messageContent, text: encryptedMessage },
         roomId,
         chatRoomAuthId,
       }),
     });
 
     sendMessage(
       {
-        message: encryptedMessage,
-        iv: forge.util.bytesToHex(iv),
+        message: encryptedMsg,
+        iv,
       },
       (status) => {
         // If the message sending succesfully

src/service/index.ts

@@ -5,17 +5,13 @@ import { RoomProps } from "../context/reducers/roomsReducer";
 import PackageJson from "../../package.json";
 import * as events from "../utils/events";
 
-interface AuthKeyProps {
+export interface InitiateProps {
   apiKey: string;
   subscriptionKey: string;
   projectName: string;
 }
 
-export interface InitiateProps extends AuthKeyProps {
-  projectName: string;
-}
-
-interface OnlineInfoProps extends AuthKeyProps {
+interface OnlineInfoProps extends InitiateProps {
   userIds: string;
   chatAuthId: string; // for selfUser's chatAuthId
 }
@@ -25,7 +21,7 @@ type OnlineInfoReturnProps = Pick<
   "chatAuthId" | "socketId" | "online"
 >;
 
-interface ReadTokenProps extends AuthKeyProps {
+interface ReadTokenProps extends InitiateProps {
   roomIds: string;
   chatAuthId: string; //selfUser's chatAuthId
 }
@@ -162,7 +158,7 @@ export const handleLogger = async (props: HandleLoggerProps) => {
 
   const logObject = {
     projectName,
-    SDK: project.name,
+    SDK: project.SDK,
     version: project.version,
     error,
     ...(chatAuthId && { chatAuthId }),

src/utils/SocketController.tsx

@@ -11,7 +11,7 @@ import {
 } from "../context/actions/roomsActions";
 import { updateTypingUsers } from "../context/actions/typingUsersAction";
 import { IndicatorProps } from "../context/reducers/appReducer";
-import { aesDecrypt } from "./encryption";
+import { aesDecrypt, rsaDecrypt } from "./encryption";
 import { handleLogger } from "../service";
 import * as events from "./events";
 
@@ -28,6 +28,7 @@ const SocketController = () => {
           subscriptionKey,
           secretKey,
           projectName,
+          e2e,
         },
       },
     },
@@ -213,7 +214,7 @@ const SocketController = () => {
   const handleMessage = (data: DataProps) => {
     try {
       const { message: messageData, iv } = data;
-      // decrypt the encrypted message
+      // Decrypt, encrypted message with AES
       const decryptedMessage: MessageInfoProps = JSON.parse(
         aesDecrypt({
           key: secretKey,
@@ -224,9 +225,30 @@ const SocketController = () => {
 
       let { message } = decryptedMessage;
       const { roomId } = decryptedMessage;
+      const room = rooms.find(({ roomId: Id }) => Id === roomId);
+
+      /**
+       * If the tenant enabled E2E encryption and
+       * It's not a system message and
+       * The active user has a private key and
+       * The room is not a community room (one-to-one room)
+       * Decrypt RSA message
+       */
+      if (
+        e2e &&
+        selfUser?.privateKey &&
+        !room?.groupAvatar &&
+        !message.system
+      ) {
+        // decrypt message text using RSA
+        const decryptedMsg = rsaDecrypt({
+          encryptedMsg: message.text,
+          privateKey: selfUser.privateKey,
+        });
+        message = { ...message, text: decryptedMsg };
+      }
 
       message = { ...message, user: { _id: message.senderId } };
-      const room = rooms.find(({ roomId: Id }) => Id === roomId);
 
       // if message belongs community room, add avatar and name to user object
       if (room && room.groupAvatar) {

src/utils/encryption.ts

@@ -1,8 +1,7 @@
-import forge from "node-forge";
+import forge, { pki } from "node-forge";
 
 interface KeyProps {
   key: string;
-  iv: string;
 }
 
 interface AesEncryptProps extends KeyProps {
@@ -11,20 +10,32 @@ interface AesEncryptProps extends KeyProps {
 
 interface AesDecryptProps extends KeyProps {
   encryptedMessageData: string;
+  iv: string;
 }
 
-export const aesEncrypt = ({
-  messageData,
-  key,
-  iv,
-}: AesEncryptProps): string => {
+interface RsaEncryptProps {
+  publicKey: string;
+  message: string;
+}
+
+interface RsaDecryptProps {
+  encryptedMsg: string;
+  privateKey: string;
+}
+
+export const aesEncrypt = ({ messageData, key }: AesEncryptProps) => {
+  let iv = forge.random.getBytesSync(16);
   const cipher = forge.cipher.createCipher("AES-CBC", key);
 
   cipher.start({ iv });
   cipher.update(forge.util.createBuffer(messageData, "utf8"));
   cipher.finish();
-  // return encrypted data
-  return cipher.output.toHex();
+
+  const encryptedMessage = cipher.output.toHex();
+  iv = forge.util.bytesToHex(iv);
+
+  // return encrypted message and iv
+  return { encryptedMessage, iv };
 };
 
 export const aesDecrypt = ({
@@ -42,3 +53,45 @@ export const aesDecrypt = ({
   // return decrypted data
   return decipher.output.toString();
 };
+
+export const rsaEncrypt = ({ publicKey, message }: RsaEncryptProps) => {
+  // convert a PEM-formatted public key to a Forge public key
+  const pck = pki.publicKeyFromPem(publicKey);
+  // find the max chunk length according to public key
+  const maxLength = pck.n.bitLength() / 8 - 11;
+  const messageLength = message.length;
+  const encryptedChunks = [];
+
+  // If the message is longer than the maximum length, divide it into chunks and encrypt
+  if (messageLength > maxLength) {
+    for (let i = 0; i < messageLength; i += maxLength) {
+      const chunk = message.slice(i, i + maxLength);
+      encryptedChunks.push(pck.encrypt(chunk));
+    }
+  } else {
+    encryptedChunks.push(pck.encrypt(message));
+  }
+
+  const encryptedMessage = forge.util.encode64(
+    JSON.stringify({ encryptedChunks }),
+  );
+
+  return encryptedMessage;
+};
+
+export const rsaDecrypt = ({ privateKey, encryptedMsg }: RsaDecryptProps) => {
+  // convert a PEM-formatted private key to a Forge private key
+  const ptk = pki.privateKeyFromPem(privateKey);
+
+  // get the encryped chuncks
+  const encryptedChunks = JSON.parse(
+    forge.util.decode64(encryptedMsg),
+  ).encryptedChunks;
+
+  // decrypt and merge the chunks
+  const decryptedMessage = encryptedChunks
+    .map((encryptedChunk: string) => ptk.decrypt(encryptedChunk))
+    .join("");
+
+  return decryptedMessage;
+};