wait for encryption formats to load before encrypting

Author: staltz

core.js

@@ -26,7 +26,7 @@ const {
   resetLevelPath,
   resetPrivatePath,
 } = require('./defaults')
-const { onceWhen, ReadyGate } = require('./utils')
+const { onceWhen, ReadyGate, onceWhenPromise } = require('./utils')
 const DebouncingBatchAdd = require('./debounce-batch')
 const Log = require('./log')
 const Status = require('./status')
@@ -620,7 +620,7 @@ exports.init = function (sbot, config) {
     )
   }
 
-  function create(opts, cb) {
+  async function create(opts, cb) {
     const guard = guardAgainstDuplicateLogs('create()')
     if (guard) return cb(guard)
 
@@ -637,83 +637,78 @@ exports.init = function (sbot, config) {
 
     if (!opts.content) return cb(new Error('create() requires a `content`'))
 
-    onceWhen(
-      stateFeedsReady,
-      (ready) => ready === true,
-      () => {
-        const provisionalNativeMsg = feedFormat.newNativeMsg({
-          timestamp: Date.now(),
-          ...opts,
-          previous: null,
+    await privateIndex.stateLoaded
+    await onceWhenPromise(stateFeedsReady, (ready) => ready === true)
+
+    // Create full opts:
+    const provisionalNativeMsg = feedFormat.newNativeMsg({
+      timestamp: Date.now(),
+      ...opts,
+      previous: null,
+      keys,
+    })
+    const feedId = feedFormat.getFeedId(provisionalNativeMsg)
+    const previous = state.getAsKV(feedId, feedFormat)
+    const fullOpts = { timestamp: Date.now(), ...opts, previous, keys, hmacKey }
+
+    // If opts ask for encryption, try encryption formats and pick the best:
+    const recps = fullOpts.recps || fullOpts.content.recps
+    if (Array.isArray(recps) && recps.length > 0) {
+      const plaintext = feedFormat.toPlaintextBuffer(fullOpts)
+      function encryptWith(encryptionFormat) {
+        const encryptOpts = {
+          ...fullOpts,
           keys,
-        })
-        const feedId = feedFormat.getFeedId(provisionalNativeMsg)
-        const previous = state.getAsKV(feedId, feedFormat)
-        const fullOpts = { timestamp: Date.now(), ...opts, previous, keys }
-
-        // If the inputs require encryption, try some encryption formats,
-        // and pick the best output.
-        const recps = fullOpts.recps || fullOpts.content.recps
-        if (Array.isArray(recps) && recps.length > 0) {
-          const plaintext = feedFormat.toPlaintextBuffer(fullOpts)
-          function encryptWith(encryptionFormat) {
-            const eOpts = {
-              ...fullOpts,
-              keys,
-              recps,
-              previous: previous ? previous.key : null,
-            }
-            const ciphertextBuf = encryptionFormat.encrypt(plaintext, eOpts)
-            return (
-              ciphertextBuf.toString('base64') + '.' + encryptionFormat.name
-            )
-          }
-          if (fullOpts.encryptionFormat) {
-            const format = findEncryptionFormatByName(fullOpts.encryptionFormat)
+          recps,
+          previous: previous ? previous.key : null,
+        }
+        const ciphertextBuf = encryptionFormat.encrypt(plaintext, encryptOpts)
+        return ciphertextBuf.toString('base64') + '.' + encryptionFormat.name
+      }
+      if (fullOpts.encryptionFormat) {
+        const format = findEncryptionFormatByName(fullOpts.encryptionFormat)
+        const ciphertext = encryptWith(format)
+        fullOpts.content = ciphertext
+      } else {
+        const outputs = encryptionFormats.map((format) => {
+          try {
             const ciphertext = encryptWith(format)
-            fullOpts.content = ciphertext
-          } else {
-            const outputs = encryptionFormats.map((format) => {
-              try {
-                const ciphertext = encryptWith(format)
-                if (!ciphertext) return [new Error('encryption failed')]
-                return [null, { ciphertext, name: format.name }]
-              } catch (err) {
-                return [err]
-              }
-            })
-            const successes = outputs
-              .filter(([err]) => !err)
-              .map(([, success]) => success)
-            const errors = outputs
-              .filter(([err]) => err)
-              .map(([error]) => error.message)
-            if (successes.length === 0) {
-              // prettier-ignore
-              return cb(new Error('create() failed to encrypt content: ' + errors.join('; ')))
-            }
-            fullOpts.content = successes[0].ciphertext
+            if (!ciphertext) return [new Error('encryption failed')]
+            return [null, { ciphertext, name: format.name }]
+          } catch (err) {
+            return [err]
           }
-        }
-
-        fullOpts.hmacKey = hmacKey
-        const nativeMsg = feedFormat.newNativeMsg(fullOpts)
-        const msgId = feedFormat.getMsgId(nativeMsg)
-        const encodedMsg = feedFormat.fromNativeMsg(nativeMsg, encoding)
-        state.update(feedId, nativeMsg)
-
-        log.add(msgId, encodedMsg, feedId, encoding, (err, kvt) => {
-          if (err) return cb(clarify(err, 'create() failed in the log'))
-
-          onMsgAdded.set({
-            kvt,
-            nativeMsg: nativeMsg,
-            feedFormat: feedFormat.name,
-          })
-          cb(null, kvt)
         })
+        const successes = outputs
+          .filter(([err]) => !err)
+          .map(([, success]) => success)
+        const errors = outputs
+          .filter(([err]) => err)
+          .map(([error]) => error.message)
+        if (successes.length === 0) {
+          // prettier-ignore
+          return cb(new Error('create() failed to encrypt content: ' + errors.join('; ')))
+        }
+        fullOpts.content = successes[0].ciphertext
       }
-    )
+    }
+
+    // Create the native message:
+    const nativeMsg = feedFormat.newNativeMsg(fullOpts)
+    const msgId = feedFormat.getMsgId(nativeMsg)
+    const encodedMsg = feedFormat.fromNativeMsg(nativeMsg, encoding)
+    state.update(feedId, nativeMsg)
+
+    // Encode the native message and append it to the log:
+    log.add(msgId, encodedMsg, feedId, encoding, (err, kvt) => {
+      if (err) return cb(clarify(err, 'create() failed in the log'))
+      onMsgAdded.set({
+        kvt,
+        nativeMsg: nativeMsg,
+        feedFormat: feedFormat.name,
+      })
+      cb(null, kvt)
+    })
   }
 
   function del(msgId, cb) {

encryption-formats/box2.js

@@ -8,6 +8,7 @@ const { isFeedSSBURI, isBendyButtV1FeedSSBURI } = require('ssb-uri2')
 const { keySchemes } = require('private-group-spec')
 const { box, unbox } = require('envelope-js')
 const { directMessageKey, SecretKey } = require('ssb-private-group-keys')
+const { ReadyGate } = require('../utils')
 
 function makeKeysManager(config) {
   const ownDMKeysCache = []
@@ -71,16 +72,19 @@ function makeKeysManager(config) {
 module.exports = {
   name: 'box2',
   init: function init(ssb) {
+    const keyringSetup = new ReadyGate()
+
     const encryptionFormat = {
       name: 'box2',
 
       setup(config, cb) {
         encryptionFormat._selfId = config.keys.id
-        if (!encryptionFormat._keysManager) {
+        // Simulate a slow ssb-keyring loading process
+        setTimeout(() => {
           encryptionFormat._keysManager = makeKeysManager(config)
-        }
-        // FIXME: load ssb-keyring here
-        cb()
+          keyringSetup.setReady()
+          cb()
+        }, 1000)
       },
 
       _isGroup(recp) {
@@ -96,15 +100,21 @@ module.exports = {
       },
 
       _addOwnDMKey(key) {
-        encryptionFormat._keysManager.addOwnDMKey(key)
+        keyringSetup.onReady(() => {
+          encryptionFormat._keysManager.addOwnDMKey(key)
+        })
       },
 
       _addGroupKey(id, key) {
-        encryptionFormat._keysManager.addGroupKey(id, key)
+        keyringSetup.onReady(() => {
+          encryptionFormat._keysManager.addGroupKey(id, key)
+        })
       },
 
       _removeGroupKey(id, key) {
-        encryptionFormat._keysManager.removeGroupKey(id, key)
+        keyringSetup.onReady(() => {
+          encryptionFormat._keysManager.removeGroupKey(id, key)
+        })
       },
 
       encrypt(plaintextBuf, opts) {
@@ -178,21 +188,16 @@ module.exports = {
           trialGroupKeys,
           { maxAttempts: 1 }
         )
-        if (decryptedGroup)
-          return decryptedGroup
+        if (decryptedGroup) return decryptedGroup
 
         const trialDMKeys =
           opts.author !== encryptionFormat._selfId
             ? [keysManager.sharedDMKey(opts.author), ...keysManager.ownDMKeys()]
             : keysManager.ownDMKeys()
 
-        return unbox(
-          ciphertextBuf,
-          authorBFE,
-          previousBFE,
-          trialDMKeys,
-          { maxAttempts: 16 }
-        )
+        return unbox(ciphertextBuf, authorBFE, previousBFE, trialDMKeys, {
+          maxAttempts: 16,
+        })
       },
     }
 

indexes/private.js

@@ -45,20 +45,28 @@ module.exports = function (dir, sbot, config) {
       }
     }
 
-    decryptedIdx.loadFile(done())
+    decryptedIdx.loadFile(err => done()(null, err))
     for (const idx of encryptedIdxMap.values()) {
-      idx.loadFile(done())
+      idx.loadFile(err => done()(null, err))
     }
 
-    done((err) => {
-      if (err) {
-        debug('failed to load encrypted or decrypted indexes')
+    done((criticalError, results) => {
+      const loadFileErrors = results.filter(Boolean)
+
+      if (criticalError) {
+        return cb(clarify(criticalError, 'private plugin failed to load'))
+      }
+
+      if (loadFileErrors.length > 0) {
+        for (const err of loadFileErrors) {
+          if (err.code === 'ENOENT') continue
+          else if (err.message === 'Empty NumsFile') continue
+          else return cb(clarify(err, 'private plugin failed to load'))
+        }
+        debug('encrypted or decrypted indexes seem to be empty')
         latestOffset.set(-1)
         stateLoaded.resolve()
-        if (err.code === 'ENOENT') cb()
-        else if (err.message === 'Empty NumsFile') cb()
-        // prettier-ignore
-        else cb(clarify(err, 'private plugin failed to load'))
+        cb()
         return
       }
 

utils.js

@@ -26,6 +26,12 @@ function onceWhen(obv, filter, cb) {
   })
 }
 
+function onceWhenPromise(obv, filter) {
+  return new Promise((resolve) => {
+    onceWhen(obv, filter, resolve)
+  })
+}
+
 class ReadyGate {
   constructor() {
     this.waiting = new Set()
@@ -44,4 +50,4 @@ class ReadyGate {
   }
 }
 
-module.exports = { onceWhen, ReadyGate }
+module.exports = { onceWhen, onceWhenPromise, ReadyGate }