libsignal-protocol-javascript icon indicating copy to clipboard operation
libsignal-protocol-javascript copied to clipboard

Published 20 hours ago verified publisher icon signalapp

SessionCipher::encrypt setting wrong registrationId?

Open vitoreiji opened this issue 4 years ago • 2 comments

I believe there is an error when building the message to be sent in SessionCipher::encrypt. https://github.com/signalapp/libsignal-protocol-javascript/blob/f5a838f1ccc9bddb5e93b899a63de2dea9670e10/src/SessionCipher.js#L112 and https://github.com/signalapp/libsignal-protocol-javascript/blob/f5a838f1ccc9bddb5e93b899a63de2dea9670e10/src/SessionCipher.js#L119 set the registrationId of the message to be posted. This should be the sender's ID, and the ID in the session is, AFAIK, always the remote ID, which in this case is the recipient. So I think these lines should be using the value myRegistrationId like in https://github.com/signalapp/libsignal-protocol-javascript/blob/f5a838f1ccc9bddb5e93b899a63de2dea9670e10/src/SessionCipher.js#L99

Or am I just missing something?

vitoreiji avatar Aug 19 '20 15:08 vitoreiji

This should be the sender's ID,

Why do you think it should be the sender's registration id?

michaelkirk avatar Aug 19 '20 15:08 michaelkirk

As I understand, this is the message that the recipient is going to receive, and this information is given to allow them to instantiate a SessionCipher. Is this not the case?

vitoreiji avatar Aug 19 '20 15:08 vitoreiji