diff --git a/CHANGELOG.md b/CHANGELOG.md index 0396193..571bb68 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,7 +9,6 @@ - Fix bug with the Double Ratchet causing only the initial message to be decryptable - Expose `getDeviceMap` as a developer usable function - ## 0.2.0 - Add convenience functions `getDeviceId` and `getDeviceBundle` @@ -36,3 +35,10 @@ - Fix a bug that caused the device's id to change when replacing a OPK - Every decryption failure now causes the ratchet to be restored to a pre-decryption state - Add method to get the device's fingerprint + +## 0.4.0 + +- Deprecate `OmemoSessionManager`. Use `OmemoManager` instead. +- Implement queued access to the ratchets inside the `OmemoManager`. +- Implement heartbeat messages. +- [BREAKING] Rename `Device` to `OmemoDevice`. diff --git a/README.md b/README.md index d526b8f..a2ffb21 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ Include `omemo_dart` in your `pubspec.yaml` like this: dependencies: omemo_dart: hosted: https://git.polynom.me/api/packages/PapaTutuWawa/pub - version: ^0.3.1 + version: ^0.4.0 # [...] # [...] diff --git a/analysis_options.yaml b/analysis_options.yaml index 5ded12b..beb23d6 100644 --- a/analysis_options.yaml +++ b/analysis_options.yaml @@ -10,3 +10,7 @@ linter: analyzer: exclude: - "lib/protobuf/*.dart" + # TODO: Remove once OmemoSessionManager is gone + - "test/omemo_test.dart" + - "example/omemo_dart_example.dart" + - "test/serialisation_test.dart" diff --git a/lib/omemo_dart.dart b/lib/omemo_dart.dart index 77709ad..6863f2e 100644 --- a/lib/omemo_dart.dart +++ b/lib/omemo_dart.dart @@ -10,8 +10,10 @@ export 'src/omemo/encrypted_key.dart'; export 'src/omemo/encryption_result.dart'; export 'src/omemo/events.dart'; export 'src/omemo/fingerprint.dart'; +export 'src/omemo/omemomanager.dart'; export 'src/omemo/ratchet_map_key.dart'; export 'src/omemo/sessionmanager.dart'; +export 'src/omemo/stanza.dart'; export 'src/trust/base.dart'; export 'src/trust/btbv.dart'; export 'src/x3dh/x3dh.dart'; diff --git a/lib/src/double_ratchet/double_ratchet.dart b/lib/src/double_ratchet/double_ratchet.dart index 0f5e0d2..cc6996f 100644 --- a/lib/src/double_ratchet/double_ratchet.dart +++ b/lib/src/double_ratchet/double_ratchet.dart @@ -1,5 +1,6 @@ import 'dart:convert'; import 'package:cryptography/cryptography.dart'; +import 'package:hex/hex.dart'; import 'package:meta/meta.dart'; import 'package:omemo_dart/src/crypto.dart'; import 'package:omemo_dart/src/double_ratchet/crypto.dart'; @@ -13,7 +14,6 @@ import 'package:omemo_dart/src/protobuf/omemo_message.dart'; const maxSkip = 1000; class RatchetStep { - const RatchetStep(this.header, this.ciphertext); final OmemoMessage header; final List ciphertext; @@ -21,7 +21,6 @@ class RatchetStep { @immutable class SkippedKey { - const SkippedKey(this.dh, this.n); factory SkippedKey.fromJson(Map data) { @@ -54,7 +53,6 @@ class SkippedKey { } class OmemoDoubleRatchet { - OmemoDoubleRatchet( this.dhs, // DHs this.dhr, // DHr @@ -221,7 +219,7 @@ class OmemoDoubleRatchet { ik, ad, {}, - false, + true, kexTimestamp, null, ); @@ -254,6 +252,12 @@ class OmemoDoubleRatchet { 'kex': kex, }; } + + /// Returns the OMEMO compatible fingerprint of the ratchet session. + Future getOmemoFingerprint() async { + final curveKey = await ik.toCurve25519(); + return HEX.encode(await curveKey.getBytes()); + } Future?> _trySkippedMessageKeys(OmemoMessage header, List ciphertext) async { final key = SkippedKey( diff --git a/lib/src/errors.dart b/lib/src/errors.dart index 021ae98..3efe765 100644 --- a/lib/src/errors.dart +++ b/lib/src/errors.dart @@ -1,45 +1,54 @@ +abstract class OmemoException {} + /// Triggered during X3DH if the signature if the SPK does verify to the actual SPK. -class InvalidSignatureException implements Exception { +class InvalidSignatureException extends OmemoException implements Exception { String errMsg() => 'The signature of the SPK does not match the provided signature'; } - /// Triggered by the Double Ratchet if the computed HMAC does not match the attached HMAC. /// Triggered by the Session Manager if the computed HMAC does not match the attached HMAC. -class InvalidMessageHMACException implements Exception { +class InvalidMessageHMACException extends OmemoException implements Exception { String errMsg() => 'The computed HMAC does not match the provided HMAC'; } /// Triggered by the Double Ratchet if skipping messages would cause skipping more than /// MAXSKIP messages -class SkippingTooManyMessagesException implements Exception { +class SkippingTooManyMessagesException extends OmemoException implements Exception { String errMsg() => 'Skipping messages would cause a skip bigger than MAXSKIP'; } /// Triggered by the Session Manager if the message key is not encrypted for the device. -class NotEncryptedForDeviceException implements Exception { +class NotEncryptedForDeviceException extends OmemoException implements Exception { String errMsg() => 'Not encrypted for this device'; } /// Triggered by the Session Manager when there is no key for decrypting the message. -class NoDecryptionKeyException implements Exception { +class NoDecryptionKeyException extends OmemoException implements Exception { String errMsg() => 'No key available for decrypting the message'; } /// Triggered by the Session Manager when the identifier of the used Signed Prekey /// is neither the current SPK's identifier nor the old one's. -class UnknownSignedPrekeyException implements Exception { +class UnknownSignedPrekeyException extends OmemoException implements Exception { String errMsg() => 'Unknown Signed Prekey used.'; } /// Triggered by the Session Manager when the received Key Exchange message does not meet /// the requirement that a key exchange, given that the ratchet already exists, must be /// sent after its creation. -class InvalidKeyExchangeException implements Exception { +class InvalidKeyExchangeException extends OmemoException implements Exception { String errMsg() => 'The key exchange was sent before the last kex finished'; } /// Triggered by the Session Manager when a message's sequence number is smaller than we /// expect it to be. -class MessageAlreadyDecryptedException implements Exception { +class MessageAlreadyDecryptedException extends OmemoException implements Exception { String errMsg() => 'The message has already been decrypted'; } + +/// Triggered by the OmemoManager when we could not encrypt a message as we have +/// no key material available. That happens, for example, when we want to create a +/// ratchet session with a JID we had no session with but fetching the device bundle +/// failed. +class NoKeyMaterialAvailableException extends OmemoException implements Exception { + String errMsg() => 'No key material available to create a ratchet session with'; +} diff --git a/lib/src/keys.dart b/lib/src/keys.dart index b15a0b8..1731f8e 100644 --- a/lib/src/keys.dart +++ b/lib/src/keys.dart @@ -9,7 +9,6 @@ const privateKeyLength = 32; const publicKeyLength = 32; class OmemoPublicKey { - const OmemoPublicKey(this._pubkey); factory OmemoPublicKey.fromBytes(List bytes, KeyPairType type) { @@ -55,7 +54,6 @@ class OmemoPublicKey { } class OmemoPrivateKey { - const OmemoPrivateKey(this._privkey, this.type); final List _privkey; final KeyPairType type; @@ -85,7 +83,6 @@ class OmemoPrivateKey { /// A generic wrapper class for both Ed25519 and X25519 keypairs class OmemoKeyPair { - const OmemoKeyPair(this.pk, this.sk, this.type); /// Create an OmemoKeyPair just from a [type] and the bytes of the private and public diff --git a/lib/src/omemo/bundle.dart b/lib/src/omemo/bundle.dart index 7896a7b..c2da915 100644 --- a/lib/src/omemo/bundle.dart +++ b/lib/src/omemo/bundle.dart @@ -1,5 +1,6 @@ import 'dart:convert'; import 'package:cryptography/cryptography.dart'; +import 'package:hex/hex.dart'; import 'package:omemo_dart/src/keys.dart'; class OmemoBundle { @@ -43,4 +44,10 @@ class OmemoBundle { } List get spkSignature => base64Decode(spkSignatureEncoded); + + /// Calculates the fingerprint of the bundle (See + /// https://xmpp.org/extensions/xep-0384.html#security ยง 2). + Future getFingerprint() async { + return HEX.encode(await ik.getBytes()); + } } diff --git a/lib/src/omemo/constants.dart b/lib/src/omemo/constants.dart new file mode 100644 index 0000000..31e2fe6 --- /dev/null +++ b/lib/src/omemo/constants.dart @@ -0,0 +1,2 @@ +/// The info used for when encrypting the AES key for the actual payload. +const omemoPayloadInfoString = 'OMEMO Payload'; diff --git a/lib/src/omemo/decryption_result.dart b/lib/src/omemo/decryption_result.dart new file mode 100644 index 0000000..5b020e1 --- /dev/null +++ b/lib/src/omemo/decryption_result.dart @@ -0,0 +1,9 @@ +import 'package:meta/meta.dart'; +import 'package:omemo_dart/src/errors.dart'; + +@immutable +class DecryptionResult { + const DecryptionResult(this.payload, this.error); + final String? payload; + final OmemoException? error; +} diff --git a/lib/src/omemo/device.dart b/lib/src/omemo/device.dart index e2533de..4a8ab6d 100644 --- a/lib/src/omemo/device.dart +++ b/lib/src/omemo/device.dart @@ -1,5 +1,6 @@ import 'dart:convert'; import 'package:cryptography/cryptography.dart'; +import 'package:hex/hex.dart'; import 'package:meta/meta.dart'; import 'package:omemo_dart/src/helpers.dart'; import 'package:omemo_dart/src/keys.dart'; @@ -8,9 +9,8 @@ import 'package:omemo_dart/src/x3dh/x3dh.dart'; /// This class represents an OmemoBundle but with all keypairs belonging to the keys @immutable -class Device { - - const Device( +class OmemoDevice { + const OmemoDevice( this.jid, this.id, this.ik, @@ -23,7 +23,7 @@ class Device { ); /// Deserialize the Device - factory Device.fromJson(Map data) { + factory OmemoDevice.fromJson(Map data) { // NOTE: We use the way OpenSSH names their keys, meaning that ik is the Identity // Keypair's private key, while ik_pub refers to the Identity Keypair's public // key. @@ -67,7 +67,7 @@ class Device { ), ); - return Device( + return OmemoDevice( data['jid']! as String, data['id']! as int, OmemoKeyPair.fromBytes( @@ -93,7 +93,7 @@ class Device { } /// Generate a completely new device, i.e. cryptographic identity. - static Future generateNewDevice(String jid, { int opkAmount = 100 }) async { + static Future generateNewDevice(String jid, { int opkAmount = 100 }) async { final id = generateRandom32BitNumber(); final ik = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519); final spk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); @@ -105,7 +105,7 @@ class Device { opks[i] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); } - return Device(jid, id, ik, spk, spkId, signature, null, null, opks); + return OmemoDevice(jid, id, ik, spk, spkId, signature, null, null, opks); } /// Our bare Jid @@ -135,10 +135,10 @@ class Device { /// This replaces the Onetime-Prekey with id [id] with a completely new one. Returns /// a new Device object that copies over everything but replaces said key. @internal - Future replaceOnetimePrekey(int id) async { + Future replaceOnetimePrekey(int id) async { opks[id] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); - return Device( + return OmemoDevice( jid, this.id, ik, @@ -154,12 +154,12 @@ class Device { /// This replaces the Signed-Prekey with a completely new one. Returns a new Device object /// that copies over everything but replaces the Signed-Prekey and its signature. @internal - Future replaceSignedPrekey() async { + Future replaceSignedPrekey() async { final newSpk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); final newSpkId = generateRandom32BitNumber(); final newSignature = await sig(ik, await newSpk.pk.getBytes()); - return Device( + return OmemoDevice( jid, id, ik, @@ -175,8 +175,8 @@ class Device { /// Returns a new device that is equal to this one with the exception that the new /// device's id is a new number between 0 and 2**32 - 1. @internal - Device withNewId() { - return Device( + OmemoDevice withNewId() { + return OmemoDevice( jid, generateRandom32BitNumber(), ik, @@ -208,6 +208,13 @@ class Device { ); } + /// Returns the fingerprint of the current device + Future getFingerprint() async { + // Since the local key is Ed25519, we must convert it to Curve25519 first + final curveKey = await ik.pk.toCurve25519(); + return HEX.encode(await curveKey.getBytes()); + } + /// Serialise the device information. Future> toJson() async { /// Serialise the OPKs @@ -237,7 +244,7 @@ class Device { } @visibleForTesting - Future equals(Device other) async { + Future equals(OmemoDevice other) async { var opksMatch = true; if (opks.length != other.opks.length) { opksMatch = false; diff --git a/lib/src/omemo/encryption_result.dart b/lib/src/omemo/encryption_result.dart index 035aa59..3d0b35b 100644 --- a/lib/src/omemo/encryption_result.dart +++ b/lib/src/omemo/encryption_result.dart @@ -1,15 +1,26 @@ import 'package:meta/meta.dart'; +import 'package:omemo_dart/src/errors.dart'; import 'package:omemo_dart/src/omemo/encrypted_key.dart'; +import 'package:omemo_dart/src/omemo/ratchet_map_key.dart'; @immutable class EncryptionResult { - - const EncryptionResult(this.ciphertext, this.encryptedKeys); + const EncryptionResult(this.ciphertext, this.encryptedKeys, this.deviceEncryptionErrors, this.jidEncryptionErrors); - /// The actual message that was encrypted + /// The actual message that was encrypted. final List? ciphertext; - + /// Mapping of the device Id to the key for decrypting ciphertext, encrypted - /// for the ratchet with said device Id + /// for the ratchet with said device Id. final List encryptedKeys; + + /// Mapping of a ratchet map keys to a possible exception. + final Map deviceEncryptionErrors; + + /// Mapping of a JID to a possible exception. + final Map jidEncryptionErrors; + + /// True if the encryption was a success. This means that we could encrypt for + /// at least one ratchet. + bool isSuccess(int numberOfRecipients) => encryptedKeys.isNotEmpty && jidEncryptionErrors.length < numberOfRecipients; } diff --git a/lib/src/omemo/events.dart b/lib/src/omemo/events.dart index 71b7f9b..12ffa4e 100644 --- a/lib/src/omemo/events.dart +++ b/lib/src/omemo/events.dart @@ -22,14 +22,14 @@ class RatchetRemovedEvent extends OmemoEvent { } /// Triggered when the device map has been modified -class DeviceMapModifiedEvent extends OmemoEvent { - DeviceMapModifiedEvent(this.map); - final Map> map; +class DeviceListModifiedEvent extends OmemoEvent { + DeviceListModifiedEvent(this.list); + final Map> list; } /// Triggered by the OmemoSessionManager when our own device bundle was modified /// and thus should be republished. class DeviceModifiedEvent extends OmemoEvent { DeviceModifiedEvent(this.device); - final Device device; + final OmemoDevice device; } diff --git a/lib/src/omemo/fingerprint.dart b/lib/src/omemo/fingerprint.dart index 7c50326..afb72df 100644 --- a/lib/src/omemo/fingerprint.dart +++ b/lib/src/omemo/fingerprint.dart @@ -2,7 +2,6 @@ import 'package:meta/meta.dart'; @immutable class DeviceFingerprint { - const DeviceFingerprint(this.deviceId, this.fingerprint); final String fingerprint; final int deviceId; diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart new file mode 100644 index 0000000..bf99a49 --- /dev/null +++ b/lib/src/omemo/omemomanager.dart @@ -0,0 +1,783 @@ +import 'dart:async'; +import 'dart:collection'; +import 'dart:convert'; +import 'package:collection/collection.dart'; +import 'package:cryptography/cryptography.dart'; +import 'package:hex/hex.dart'; +import 'package:logging/logging.dart'; +import 'package:meta/meta.dart'; +import 'package:omemo_dart/src/crypto.dart'; +import 'package:omemo_dart/src/double_ratchet/double_ratchet.dart'; +import 'package:omemo_dart/src/errors.dart'; +import 'package:omemo_dart/src/helpers.dart'; +import 'package:omemo_dart/src/keys.dart'; +import 'package:omemo_dart/src/omemo/bundle.dart'; +import 'package:omemo_dart/src/omemo/constants.dart'; +import 'package:omemo_dart/src/omemo/decryption_result.dart'; +import 'package:omemo_dart/src/omemo/device.dart'; +import 'package:omemo_dart/src/omemo/encrypted_key.dart'; +import 'package:omemo_dart/src/omemo/encryption_result.dart'; +import 'package:omemo_dart/src/omemo/events.dart'; +import 'package:omemo_dart/src/omemo/fingerprint.dart'; +import 'package:omemo_dart/src/omemo/ratchet_map_key.dart'; +import 'package:omemo_dart/src/omemo/stanza.dart'; +import 'package:omemo_dart/src/protobuf/omemo_authenticated_message.dart'; +import 'package:omemo_dart/src/protobuf/omemo_key_exchange.dart'; +import 'package:omemo_dart/src/protobuf/omemo_message.dart'; +import 'package:omemo_dart/src/trust/base.dart'; +import 'package:omemo_dart/src/x3dh/x3dh.dart'; +import 'package:synchronized/synchronized.dart'; + +class _InternalDecryptionResult { + const _InternalDecryptionResult(this.ratchetCreated, this.payload); + final bool ratchetCreated; + final String? payload; +} + +class OmemoManager { + OmemoManager( + this._device, + this._trustManager, + this.sendEmptyOmemoMessageImpl, + this.fetchDeviceListImpl, + this.fetchDeviceBundleImpl, + this.subscribeToDeviceListNodeImpl, + ); + + final Logger _log = Logger('OmemoManager'); + + /// Functions for connecting with the OMEMO library + + /// Send an empty OMEMO:2 message using the encrypted payload @result to + /// @recipientJid. + final Future Function(EncryptionResult result, String recipientJid) sendEmptyOmemoMessageImpl; + + /// Fetch the list of device ids associated with @jid. If the device list cannot be + /// fetched, return null. + final Future?> Function(String jid) fetchDeviceListImpl; + + /// Fetch the device bundle for the device with id @id of jid. If it cannot be fetched, return null. + final Future Function(String jid, int id) fetchDeviceBundleImpl; + + /// Subscribe to the device list PEP node of @jid. + final Future Function(String jid) subscribeToDeviceListNodeImpl; + + /// Map bare JID to its known devices + Map> _deviceList = {}; + /// Map bare JIDs to whether we already requested the device list once + final Map _deviceListRequested = {}; + /// Map bare a ratchet key to its ratchet. Note that this is also locked by + /// _ratchetCriticalSectionLock. + Map _ratchetMap = {}; + /// Map bare JID to whether we already tried to subscribe to the device list node. + final Map _subscriptionMap = {}; + /// For preventing a race condition in encryption/decryption + final Map>> _ratchetCriticalSectionQueue = {}; + final Lock _ratchetCriticalSectionLock = Lock(); + + /// The OmemoManager's trust management + final TrustManager _trustManager; + TrustManager get trustManager => _trustManager; + + /// Our own keys... + final Lock _deviceLock = Lock(); + // ignore: prefer_final_fields + OmemoDevice _device; + + /// The event bus of the session manager + final StreamController _eventStreamController = StreamController.broadcast(); + Stream get eventStream => _eventStreamController.stream; + + /// Enter the critical section for performing cryptographic operations on the ratchets + Future _enterRatchetCriticalSection(String jid) async { + final completer = await _ratchetCriticalSectionLock.synchronized(() { + if (_ratchetCriticalSectionQueue.containsKey(jid)) { + final c = Completer(); + _ratchetCriticalSectionQueue[jid]!.addLast(c); + return c; + } + + _ratchetCriticalSectionQueue[jid] = Queue(); + return null; + }); + + if (completer != null) { + await completer.future; + } + } + + /// Leave the critical section for the ratchets. + Future _leaveRatchetCriticalSection(String jid) async { + await _ratchetCriticalSectionLock.synchronized(() { + if (_ratchetCriticalSectionQueue.containsKey(jid)) { + if (_ratchetCriticalSectionQueue[jid]!.isEmpty) { + _ratchetCriticalSectionQueue.remove(jid); + } else { + _ratchetCriticalSectionQueue[jid]!.removeFirst().complete(); + } + } + }); + } + + Future _decryptAndVerifyHmac(List? ciphertext, List keyAndHmac) async { + // Empty OMEMO messages should just have the key decrypted and/or session set up. + if (ciphertext == null) { + return null; + } + + final key = keyAndHmac.sublist(0, 32); + final hmac = keyAndHmac.sublist(32, 48); + final derivedKeys = await deriveEncryptionKeys(key, omemoPayloadInfoString); + final computedHmac = await truncatedHmac(ciphertext, derivedKeys.authenticationKey); + if (!listsEqual(hmac, computedHmac)) { + throw InvalidMessageHMACException(); + } + + return utf8.decode( + await aes256CbcDecrypt(ciphertext, derivedKeys.encryptionKey, derivedKeys.iv), + ); + } + + /// Add a session [ratchet] with the [deviceId] to the internal tracking state. + /// NOTE: Must be called from within the ratchet critical section. + void _addSession(String jid, int deviceId, OmemoDoubleRatchet ratchet) { + // Add the bundle Id + if (!_deviceList.containsKey(jid)) { + _deviceList[jid] = [deviceId]; + + // Commit the device map + _eventStreamController.add(DeviceListModifiedEvent(_deviceList)); + } else { + // Prevent having the same device multiple times in the list + if (!_deviceList[jid]!.contains(deviceId)) { + _deviceList[jid]!.add(deviceId); + + // Commit the device map + _eventStreamController.add(DeviceListModifiedEvent(_deviceList)); + } + } + + // Add the ratchet session + final key = RatchetMapKey(jid, deviceId); + _ratchetMap[key] = ratchet; + + // Commit the ratchet + _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, true)); + } + + /// Build a new session with the user at [jid] with the device [deviceId] using data + /// from the key exchange [kex]. In case [kex] contains an unknown Signed Prekey + /// identifier an UnknownSignedPrekeyException will be thrown. + Future _addSessionFromKeyExchange(String jid, int deviceId, OmemoKeyExchange kex) async { + // Pick the correct SPK + final device = await getDevice(); + OmemoKeyPair spk; + if (kex.spkId == _device.spkId) { + spk = _device.spk; + } else if (kex.spkId == _device.oldSpkId) { + spk = _device.oldSpk!; + } else { + throw UnknownSignedPrekeyException(); + } + + final kexResult = await x3dhFromInitialMessage( + X3DHMessage( + OmemoPublicKey.fromBytes(kex.ik!, KeyPairType.ed25519), + OmemoPublicKey.fromBytes(kex.ek!, KeyPairType.x25519), + kex.pkId!, + ), + spk, + device.opks.values.elementAt(kex.pkId!), + device.ik, + ); + final ratchet = await OmemoDoubleRatchet.acceptNewSession( + spk, + OmemoPublicKey.fromBytes(kex.ik!, KeyPairType.ed25519), + kexResult.sk, + kexResult.ad, + getTimestamp(), + ); + + return ratchet; + } + + /// Create a ratchet session initiated by Alice to the user with Jid [jid] and the device + /// [deviceId] from the bundle [bundle]. + @visibleForTesting + Future addSessionFromBundle(String jid, int deviceId, OmemoBundle bundle) async { + final device = await getDevice(); + final kexResult = await x3dhFromBundle( + bundle, + device.ik, + ); + final ratchet = await OmemoDoubleRatchet.initiateNewSession( + bundle.spk, + bundle.ik, + kexResult.sk, + kexResult.ad, + getTimestamp(), + ); + + await _trustManager.onNewSession(jid, deviceId); + _addSession(jid, deviceId, ratchet); + + return OmemoKeyExchange() + ..pkId = kexResult.opkId + ..spkId = bundle.spkId + ..ik = await device.ik.pk.getBytes() + ..ek = await kexResult.ek.pk.getBytes(); + } + + /// In case a decryption error occurs, the Double Ratchet spec says to just restore + /// the ratchet to its old state. As such, this function restores the ratchet at + /// [mapKey] with [oldRatchet]. + /// NOTE: Must be called from within the ratchet critical section + void _restoreRatchet(RatchetMapKey mapKey, OmemoDoubleRatchet oldRatchet) { + _log.finest('Restoring ratchet ${mapKey.jid}:${mapKey.deviceId} to ${oldRatchet.nr}'); + _ratchetMap[mapKey] = oldRatchet; + + // Commit the ratchet + _eventStreamController.add( + RatchetModifiedEvent( + mapKey.jid, + mapKey.deviceId, + oldRatchet, + false, + ), + ); + } + + /// Attempt to decrypt [ciphertext]. [keys] refers to the elements inside the + /// element with a "jid" attribute matching our own. [senderJid] refers to the + /// bare Jid of the sender. [senderDeviceId] refers to the "sid" attribute of the + /// element. + /// [timestamp] refers to the time the message was sent. This might be either what the + /// server tells you via "XEP-0203: Delayed Delivery" or the point in time at which + /// you received the stanza, if no Delayed Delivery element was found. + /// + /// If the received message is an empty OMEMO message, i.e. there is no + /// element, then [ciphertext] must be set to null. In this case, this function + /// will return null as there is no message to be decrypted. This, however, is used + /// to set up sessions or advance the ratchets. + Future<_InternalDecryptionResult> _decryptMessage(List? ciphertext, String senderJid, int senderDeviceId, List keys, int timestamp) async { + // Try to find a session we can decrypt with. + var device = await getDevice(); + final rawKey = keys.firstWhereOrNull((key) => key.rid == device.id); + if (rawKey == null) { + throw NotEncryptedForDeviceException(); + } + + final ratchetKey = RatchetMapKey(senderJid, senderDeviceId); + final decodedRawKey = base64.decode(rawKey.value); + List? keyAndHmac; + OmemoAuthenticatedMessage authMessage; + OmemoDoubleRatchet? oldRatchet; + OmemoMessage? message; + var ratchetCreated = false; + if (rawKey.kex) { + // If the ratchet already existed, we store it. If it didn't, oldRatchet will stay + // null. + final oldRatchet = _getRatchet(ratchetKey)?.clone(); + final kex = OmemoKeyExchange.fromBuffer(decodedRawKey); + authMessage = kex.message!; + message = OmemoMessage.fromBuffer(authMessage.message!); + + // Guard against old key exchanges + if (oldRatchet != null) { + _log.finest('KEX for existent ratchet ${ratchetKey.toJsonKey()}. ${oldRatchet.kexTimestamp} > $timestamp: ${oldRatchet.kexTimestamp > timestamp}'); + if (oldRatchet.kexTimestamp > timestamp) { + throw InvalidKeyExchangeException(); + } + + // Try to decrypt it + try { + final decrypted = await oldRatchet.ratchetDecrypt(message, authMessage.writeToBuffer()); + + // Commit the ratchet + _eventStreamController.add( + RatchetModifiedEvent( + senderJid, + senderDeviceId, + oldRatchet, + false, + ), + ); + + final plaintext = await _decryptAndVerifyHmac( + ciphertext, + decrypted, + ); + _addSession(senderJid, senderDeviceId, oldRatchet); + return _InternalDecryptionResult( + true, + plaintext, + ); + } catch (_) { + _log.finest('Failed to use old ratchet with KEX for existing ratchet'); + } + } + + final r = await _addSessionFromKeyExchange(senderJid, senderDeviceId, kex); + await _trustManager.onNewSession(senderJid, senderDeviceId); + _addSession(senderJid, senderDeviceId, r); + ratchetCreated = true; + + // Replace the OPK + // TODO(PapaTutuWawa): Replace the OPK when we know that the KEX worked + await _deviceLock.synchronized(() async { + device = await device.replaceOnetimePrekey(kex.pkId!); + + // Commit the device + _eventStreamController.add(DeviceModifiedEvent(device)); + }); + } else { + authMessage = OmemoAuthenticatedMessage.fromBuffer(decodedRawKey); + message = OmemoMessage.fromBuffer(authMessage.message!); + } + + final devices = _deviceList[senderJid]; + if (devices?.contains(senderDeviceId) != true) { + throw NoDecryptionKeyException(); + } + + // We can guarantee that the ratchet exists at this point in time + final ratchet = _getRatchet(ratchetKey)!; + oldRatchet ??= ratchet.clone(); + + try { + if (rawKey.kex) { + keyAndHmac = await ratchet.ratchetDecrypt(message, authMessage.writeToBuffer()); + } else { + keyAndHmac = await ratchet.ratchetDecrypt(message, decodedRawKey); + } + } catch (_) { + _restoreRatchet(ratchetKey, oldRatchet); + rethrow; + } + + // Commit the ratchet + _eventStreamController.add( + RatchetModifiedEvent( + senderJid, + senderDeviceId, + ratchet, + false, + ), + ); + + try { + return _InternalDecryptionResult( + ratchetCreated, + await _decryptAndVerifyHmac(ciphertext, keyAndHmac), + ); + } catch (_) { + _restoreRatchet(ratchetKey, oldRatchet); + rethrow; + } + } + + /// Returns, if it exists, the ratchet associated with [key]. + /// NOTE: Must be called from within the ratchet critical section. + OmemoDoubleRatchet? _getRatchet(RatchetMapKey key) => _ratchetMap[key]; + + /// Figure out what bundles we have to still build a session with. + Future> _fetchNewBundles(String jid) async { + // Check if we already requested the device list for [jid] + List bundlesToFetch; + if (!_deviceListRequested.containsKey(jid) || !_deviceList.containsKey(jid)) { + // We don't have an up-to-date version of the device list + final newDeviceList = await fetchDeviceListImpl(jid); + if (newDeviceList == null) return []; + + _deviceList[jid] = newDeviceList; + bundlesToFetch = newDeviceList + .where((id) { + return !_ratchetMap.containsKey(RatchetMapKey(jid, id)) || + _deviceList[jid]?.contains(id) == false; + }).toList(); + + // Trigger an event with the new device list + _eventStreamController.add(DeviceListModifiedEvent(_deviceList)); + } else { + // We already have an up-to-date version of the device list + bundlesToFetch = _deviceList[jid]! + .where((id) => !_ratchetMap.containsKey(RatchetMapKey(jid, id))) + .toList(); + } + + if (bundlesToFetch.isNotEmpty) { + _log.finest('Fetching bundles $bundlesToFetch for $jid'); + } + + final newBundles = List.empty(growable: true); + for (final id in bundlesToFetch) { + final bundle = await fetchDeviceBundleImpl(jid, id); + if (bundle != null) newBundles.add(bundle); + } + + return newBundles; + } + + /// Encrypt the key [plaintext] for all known bundles of the Jids in [jids]. Returns a + /// map that maps the device Id to the ciphertext of [plaintext]. + /// + /// If [plaintext] is null, then the result will be an empty OMEMO message, i.e. one that + /// does not contain a element. This means that the ciphertext attribute of + /// the result will be null as well. + /// NOTE: Must be called within the ratchet critical section + Future _encryptToJids(List jids, String? plaintext) async { + final encryptedKeys = List.empty(growable: true); + + var ciphertext = const []; + var keyPayload = const []; + if (plaintext != null) { + // Generate the key and encrypt the plaintext + final key = generateRandomBytes(32); + final keys = await deriveEncryptionKeys(key, omemoPayloadInfoString); + ciphertext = await aes256CbcEncrypt( + utf8.encode(plaintext), + keys.encryptionKey, + keys.iv, + ); + final hmac = await truncatedHmac(ciphertext, keys.authenticationKey); + keyPayload = concat([key, hmac]); + } else { + keyPayload = List.filled(32, 0x0); + } + + final kex = {}; + for (final jid in jids) { + for (final newSession in await _fetchNewBundles(jid)) { + kex[RatchetMapKey(jid, newSession.id)] = await addSessionFromBundle( + newSession.jid, + newSession.id, + newSession, + ); + } + } + + // We assume that the user already checked if the session exists + final deviceEncryptionErrors = {}; + final jidEncryptionErrors = {}; + for (final jid in jids) { + final devices = _deviceList[jid]; + if (devices == null) { + _log.severe('Device list does not exist for $jid.'); + jidEncryptionErrors[jid] = NoKeyMaterialAvailableException(); + continue; + } + + if (!_subscriptionMap.containsKey(jid)) { + unawaited(subscribeToDeviceListNodeImpl(jid)); + _subscriptionMap[jid] = true; + } + + for (final deviceId in devices) { + // Empty OMEMO messages are allowed to bypass trust + if (plaintext != null) { + // Only encrypt to devices that are trusted + if (!(await _trustManager.isTrusted(jid, deviceId))) continue; + + // Only encrypt to devices that are enabled + if (!(await _trustManager.isEnabled(jid, deviceId))) continue; + } + + final ratchetKey = RatchetMapKey(jid, deviceId); + var ratchet = _ratchetMap[ratchetKey]; + if (ratchet == null) { + _log.severe('Ratchet ${ratchetKey.toJsonKey()} does not exist.'); + deviceEncryptionErrors[ratchetKey] = NoKeyMaterialAvailableException(); + continue; + } + + final ciphertext = (await ratchet.ratchetEncrypt(keyPayload)).ciphertext; + + if (kex.containsKey(ratchetKey)) { + // The ratchet did not exist + final k = kex[ratchetKey]! + ..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext); + final buffer = base64.encode(k.writeToBuffer()); + encryptedKeys.add( + EncryptedKey( + jid, + deviceId, + buffer, + true, + ), + ); + + ratchet = ratchet.cloneWithKex(buffer); + _ratchetMap[ratchetKey] = ratchet; + } else if (!ratchet.acknowledged) { + // The ratchet exists but is not acked + if (ratchet.kex != null) { + final oldKex = OmemoKeyExchange.fromBuffer(base64.decode(ratchet.kex!)) + ..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext); + + encryptedKeys.add( + EncryptedKey( + jid, + deviceId, + base64.encode(oldKex.writeToBuffer()), + true, + ), + ); + } else { + // The ratchet is not acked but we don't have the old key exchange + _log.warning('Ratchet for $jid:$deviceId is not acked but the kex attribute is null'); + encryptedKeys.add( + EncryptedKey( + jid, + deviceId, + base64.encode(ciphertext), + false, + ), + ); + } + } else { + // The ratchet exists and is acked + encryptedKeys.add( + EncryptedKey( + jid, + deviceId, + base64.encode(ciphertext), + false, + ), + ); + } + + // Commit the ratchet + _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false)); + } + } + + return EncryptionResult( + plaintext != null ? + ciphertext : null, + encryptedKeys, + deviceEncryptionErrors, + jidEncryptionErrors, + ); + } + + /// Call when receiving an OMEMO:2 encrypted stanza. Will handle everything and + /// decrypt it. + Future onIncomingStanza(OmemoIncomingStanza stanza) async { + await _enterRatchetCriticalSection(stanza.bareSenderJid); + + if (!_subscriptionMap.containsKey(stanza.bareSenderJid)) { + unawaited(subscribeToDeviceListNodeImpl(stanza.bareSenderJid)); + _subscriptionMap[stanza.bareSenderJid] = true; + } + + final ratchetKey = RatchetMapKey(stanza.bareSenderJid, stanza.senderDeviceId); + final _InternalDecryptionResult result; + try { + result = await _decryptMessage( + stanza.payload != null ? + base64.decode(stanza.payload!) : + null, + stanza.bareSenderJid, + stanza.senderDeviceId, + stanza.keys, + stanza.timestamp, + ); + } on OmemoException catch (ex) { + await _leaveRatchetCriticalSection(stanza.bareSenderJid); + return DecryptionResult( + null, + ex, + ); + } + + // Check if the ratchet is acked + final ratchet = _getRatchet(ratchetKey); + assert(ratchet != null, 'We decrypted the message, so the ratchet must exist'); + + if (ratchet!.acknowledged) { + // Ratchet is acknowledged + if (ratchet.nr > 53 || result.ratchetCreated) { + await sendEmptyOmemoMessageImpl( + await _encryptToJids( + [stanza.bareSenderJid], + null, + ), + stanza.bareSenderJid, + ); + } + + // Ratchet is acked + await _leaveRatchetCriticalSection(stanza.bareSenderJid); + return DecryptionResult( + result.payload, + null, + ); + } else { + // Ratchet is not acked. + // Mark as acked and send an empty OMEMO message. + await ratchetAcknowledged( + stanza.bareSenderJid, + stanza.senderDeviceId, + enterCriticalSection: false, + ); + await sendEmptyOmemoMessageImpl( + await _encryptToJids( + [stanza.bareSenderJid], + null, + ), + stanza.bareSenderJid, + ); + + await _leaveRatchetCriticalSection(stanza.bareSenderJid); + return DecryptionResult( + result.payload, + null, + ); + } + } + + /// Call when sending out an encrypted stanza. Will handle everything and + /// encrypt it. + Future onOutgoingStanza(OmemoOutgoingStanza stanza) async { + _log.finest('Waiting to enter critical section'); + await _enterRatchetCriticalSection(stanza.recipientJids.first); + _log.finest('Entered critical section'); + + final result = _encryptToJids( + stanza.recipientJids, + stanza.payload, + ); + + await _leaveRatchetCriticalSection(stanza.recipientJids.first); + + return result; + } + + // Sends a hearbeat message as specified by XEP-0384 to [jid]. + Future sendOmemoHeartbeat(String jid) async { + // TODO(Unknown): Include some error handling + final result = await _encryptToJids( + [jid], + null, + ); + await sendEmptyOmemoMessageImpl(result, jid); + } + + /// Mark the ratchet for device [deviceId] from [jid] as acked. + Future ratchetAcknowledged(String jid, int deviceId, { bool enterCriticalSection = true }) async { + if (enterCriticalSection) await _enterRatchetCriticalSection(jid); + + final key = RatchetMapKey(jid, deviceId); + if (_ratchetMap.containsKey(key)) { + final ratchet = _ratchetMap[key]! + ..acknowledged = true; + + // Commit it + _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false)); + } else { + _log.severe('Attempted to acknowledge ratchet ${key.toJsonKey()}, even though it does not exist'); + } + + if (enterCriticalSection) await _leaveRatchetCriticalSection(jid); + } + + /// Generates an entirely new device. May be useful when the user wants to reset their cryptographic + /// identity. Triggers an event to commit it to storage. + Future regenerateDevice() async { + await _deviceLock.synchronized(() async { + _device = await OmemoDevice.generateNewDevice(_device.jid); + + // Commit it + _eventStreamController.add(DeviceModifiedEvent(_device)); + }); + } + + /// Returns the device used for encryption and decryption. + Future getDevice() => _deviceLock.synchronized(() => _device); + + /// Returns the id of the device used for encryption and decryption. + Future getDeviceId() async => (await getDevice()).id; + + /// Directly aquire the current device as a OMEMO device bundle. + Future getDeviceBundle() async => (await getDevice()).toBundle(); + + /// Directly aquire the current device's fingerprint. + Future getDeviceFingerprint() async => (await getDevice()).getFingerprint(); + + /// Returns the fingerprints for all devices of [jid] that we have a session with. + /// If there are not sessions with [jid], then returns null. + Future?> getFingerprintsForJid(String jid) async { + if (!_deviceList.containsKey(jid)) return null; + + await _enterRatchetCriticalSection(jid); + + final fingerprintKeys = _deviceList[jid]! + .map((id) => RatchetMapKey(jid, id)) + .where((key) => _ratchetMap.containsKey(key)); + + final fingerprints = List.empty(growable: true); + for (final key in fingerprintKeys) { + final curveKey = await _ratchetMap[key]!.ik.toCurve25519(); + fingerprints.add( + DeviceFingerprint( + key.deviceId, + HEX.encode(await curveKey.getBytes()), + ), + ); + } + + await _leaveRatchetCriticalSection(jid); + return fingerprints; + } + + /// Ensures that the device list is fetched again on the next message sending. + void onNewConnection() { + _deviceListRequested.clear(); + _subscriptionMap.clear(); + } + + /// Sets the device list for [jid] to [devices]. Triggers a DeviceListModifiedEvent. + void onDeviceListUpdate(String jid, List devices) { + _deviceList[jid] = devices; + _deviceListRequested[jid] = true; + + // Trigger an event + _eventStreamController.add(DeviceListModifiedEvent(_deviceList)); + } + + void initialize(Map ratchetMap, Map> deviceList) { + _deviceList = deviceList; + _ratchetMap = ratchetMap; + } + + /// Removes all ratchets for JID [jid]. This also removes all trust decisions for + /// [jid] from the trust manager. This function triggers a RatchetRemovedEvent for + /// every removed ratchet and a DeviceListModifiedEvent afterwards. Behaviour for + /// the trust manager is dependent on its implementation. + Future removeAllRatchets(String jid) async { + await _enterRatchetCriticalSection(jid); + + for (final deviceId in _deviceList[jid]!) { + // Remove the ratchet and commit it + _ratchetMap.remove(jid); + _eventStreamController.add(RatchetRemovedEvent(jid, deviceId)); + } + + // Remove the devices from the device list cache and commit it + _deviceList.remove(jid); + _deviceListRequested.remove(jid); + _eventStreamController.add(DeviceListModifiedEvent(_deviceList)); + + // Remove trust decisions + await _trustManager.removeTrustDecisionsForJid(jid); + + await _leaveRatchetCriticalSection(jid); + } + + /// Replaces the internal device with [newDevice]. Does not trigger an event. + Future replaceDevice(OmemoDevice newDevice) async { + await _deviceLock.synchronized(() { + _device = newDevice; + }); + } +} diff --git a/lib/src/omemo/ratchet_map_key.dart b/lib/src/omemo/ratchet_map_key.dart index 79ed90c..76b0681 100644 --- a/lib/src/omemo/ratchet_map_key.dart +++ b/lib/src/omemo/ratchet_map_key.dart @@ -2,7 +2,6 @@ import 'package:meta/meta.dart'; @immutable class RatchetMapKey { - const RatchetMapKey(this.jid, this.deviceId); factory RatchetMapKey.fromJsonKey(String key) { diff --git a/lib/src/omemo/sessionmanager.dart b/lib/src/omemo/sessionmanager.dart index 77a06f5..271ee20 100644 --- a/lib/src/omemo/sessionmanager.dart +++ b/lib/src/omemo/sessionmanager.dart @@ -11,6 +11,7 @@ import 'package:omemo_dart/src/errors.dart'; import 'package:omemo_dart/src/helpers.dart'; import 'package:omemo_dart/src/keys.dart'; import 'package:omemo_dart/src/omemo/bundle.dart'; +import 'package:omemo_dart/src/omemo/constants.dart'; import 'package:omemo_dart/src/omemo/device.dart'; import 'package:omemo_dart/src/omemo/encrypted_key.dart'; import 'package:omemo_dart/src/omemo/encryption_result.dart'; @@ -24,10 +25,9 @@ import 'package:omemo_dart/src/trust/base.dart'; import 'package:omemo_dart/src/x3dh/x3dh.dart'; import 'package:synchronized/synchronized.dart'; -/// The info used for when encrypting the AES key for the actual payload. -const omemoPayloadInfoString = 'OMEMO Payload'; - +@Deprecated('Use OmemoManager instead') class OmemoSessionManager { + @Deprecated('Use OmemoManager instead') OmemoSessionManager(this._device, this._deviceMap, this._ratchetMap, this._trustManager) : _lock = Lock(), _deviceLock = Lock(), @@ -36,6 +36,7 @@ class OmemoSessionManager { /// Deserialise the OmemoSessionManager from JSON data [data] that does not contain /// the ratchet sessions. + @Deprecated('Use OmemoManager instead') factory OmemoSessionManager.fromJsonWithoutSessions( Map data, Map ratchetMap, @@ -44,7 +45,7 @@ class OmemoSessionManager { // NOTE: Dart has some issues with just casting a List to List>, as // such we need to convert the items by hand. return OmemoSessionManager( - Device.fromJson(data['device']! as Map), + OmemoDevice.fromJson(data['device']! as Map), (data['devices']! as Map).map>( (key, value) { return MapEntry( @@ -61,7 +62,7 @@ class OmemoSessionManager { /// Generate a new cryptographic identity. static Future generateNewIdentity(String jid, TrustManager trustManager, { int opkAmount = 100 }) async { assert(opkAmount > 0, 'opkAmount must be bigger than 0.'); - final device = await Device.generateNewDevice(jid, opkAmount: opkAmount); + final device = await OmemoDevice.generateNewDevice(jid, opkAmount: opkAmount); return OmemoSessionManager(device, {}, {}, trustManager); } @@ -83,7 +84,7 @@ class OmemoSessionManager { /// Our own keys... // ignore: prefer_final_fields - Device _device; + OmemoDevice _device; /// and its lock final Lock _deviceLock; @@ -95,7 +96,7 @@ class OmemoSessionManager { Stream get eventStream => _eventStreamController.stream; /// Returns our own device. - Future getDevice() async { + Future getDevice() async { return _deviceLock.synchronized(() => _device); } @@ -119,14 +120,14 @@ class OmemoSessionManager { _deviceMap[jid] = [deviceId]; // Commit the device map - _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); + _eventStreamController.add(DeviceListModifiedEvent(_deviceMap)); } else { // Prevent having the same device multiple times in the list if (!_deviceMap[jid]!.contains(deviceId)) { _deviceMap[jid]!.add(deviceId); // Commit the device map - _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); + _eventStreamController.add(DeviceListModifiedEvent(_deviceMap)); } } @@ -328,6 +329,8 @@ class OmemoSessionManager { return EncryptionResult( plaintext != null ? ciphertext : null, encryptedKeys, + const {}, + const {}, ); } @@ -562,7 +565,7 @@ class OmemoSessionManager { _deviceMap.remove(jid); } // Commit it - _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); + _eventStreamController.add(DeviceListModifiedEvent(_deviceMap)); }); } @@ -580,7 +583,7 @@ class OmemoSessionManager { // Remove the device from jid _deviceMap.remove(jid); // Commit it - _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); + _eventStreamController.add(DeviceListModifiedEvent(_deviceMap)); }); } @@ -622,7 +625,7 @@ class OmemoSessionManager { /// identity. Triggers an event to commit it to storage. Future regenerateDevice({ int opkAmount = 100 }) async { await _deviceLock.synchronized(() async { - _device = await Device.generateNewDevice(_device.jid, opkAmount: opkAmount); + _device = await OmemoDevice.generateNewDevice(_device.jid, opkAmount: opkAmount); // Commit it _eventStreamController.add(DeviceModifiedEvent(_device)); diff --git a/lib/src/omemo/stanza.dart b/lib/src/omemo/stanza.dart new file mode 100644 index 0000000..c883887 --- /dev/null +++ b/lib/src/omemo/stanza.dart @@ -0,0 +1,41 @@ +import 'package:omemo_dart/src/omemo/encrypted_key.dart'; + +/// Describes a stanza that was received by the underlying XMPP library. +class OmemoIncomingStanza { + const OmemoIncomingStanza( + this.bareSenderJid, + this.senderDeviceId, + this.timestamp, + this.keys, + this.payload, + ); + + /// The bare JID of the sender of the stanza. + final String bareSenderJid; + + /// The device ID of the sender. + final int senderDeviceId; + + /// The timestamp when the stanza was received. + final int timestamp; + + /// The included encrypted keys + final List keys; + + /// The string payload included in the element. + final String? payload; +} + +/// Describes a stanza that is to be sent out +class OmemoOutgoingStanza { + const OmemoOutgoingStanza( + this.recipientJids, + this.payload, + ); + + /// The JIDs the stanza will be sent to. + final List recipientJids; + + /// The serialised XML data that should be encrypted. + final String payload; +} diff --git a/lib/src/protobuf/omemo_key_exchange.dart b/lib/src/protobuf/omemo_key_exchange.dart index 788fa0d..bafb470 100644 --- a/lib/src/protobuf/omemo_key_exchange.dart +++ b/lib/src/protobuf/omemo_key_exchange.dart @@ -3,7 +3,6 @@ import 'package:omemo_dart/src/protobuf/omemo_authenticated_message.dart'; import 'package:omemo_dart/src/protobuf/protobuf.dart'; class OmemoKeyExchange { - OmemoKeyExchange(); factory OmemoKeyExchange.fromBuffer(List data) { diff --git a/lib/src/trust/always.dart b/lib/src/trust/always.dart index c91687a..b55aa35 100644 --- a/lib/src/trust/always.dart +++ b/lib/src/trust/always.dart @@ -18,6 +18,9 @@ class AlwaysTrustingTrustManager extends TrustManager { @override Future setEnabled(String jid, int deviceId, bool enabled) async {} + @override + Future removeTrustDecisionsForJid(String jid) async {} + @override Future> toJson() async => {}; } diff --git a/lib/src/trust/base.dart b/lib/src/trust/base.dart index 77d716b..86f46bb 100644 --- a/lib/src/trust/base.dart +++ b/lib/src/trust/base.dart @@ -19,4 +19,7 @@ abstract class TrustManager { /// Serialize the trust manager to JSON. Future> toJson(); + + /// Removes all trust decisions for [jid]. + Future removeTrustDecisionsForJid(String jid); } diff --git a/lib/src/trust/btbv.dart b/lib/src/trust/btbv.dart index 9bfc7a2..6fd9381 100644 --- a/lib/src/trust/btbv.dart +++ b/lib/src/trust/btbv.dart @@ -211,6 +211,14 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager { ), ); } + + @override + Future removeTrustDecisionsForJid(String jid) async { + await _lock.synchronized(() async { + devices.remove(jid); + await commitState(); + }); + } /// Called when the state of the trust manager has been changed. Allows the user to /// commit the trust state to persistent storage. diff --git a/lib/src/trust/never.dart b/lib/src/trust/never.dart index fdc829c..687aba7 100644 --- a/lib/src/trust/never.dart +++ b/lib/src/trust/never.dart @@ -18,6 +18,9 @@ class NeverTrustingTrustManager extends TrustManager { @override Future setEnabled(String jid, int deviceId, bool enabled) async {} + @override + Future removeTrustDecisionsForJid(String jid) async {} + @override Future> toJson() async => {}; } diff --git a/pubspec.yaml b/pubspec.yaml index e43d396..544403c 100644 --- a/pubspec.yaml +++ b/pubspec.yaml @@ -1,6 +1,6 @@ name: omemo_dart description: An XMPP library independent OMEMO library -version: 0.3.2 +version: 0.4.0 homepage: https://github.com/PapaTutuWawa/omemo_dart publish_to: https://git.polynom.me/api/packages/PapaTutuWawa/pub diff --git a/test/omemo_test.dart b/test/omemo_test.dart index bc2b400..3ae18e4 100644 --- a/test/omemo_test.dart +++ b/test/omemo_test.dart @@ -14,7 +14,7 @@ void main() { test('Test replacing a onetime prekey', () async { const aliceJid = 'alice@server.example'; - final device = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final device = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); final newDevice = await device.replaceOnetimePrekey(0); @@ -65,7 +65,7 @@ void main() { deviceModified = true; } else if (event is RatchetModifiedEvent) { ratchetModified++; - } else if (event is DeviceMapModifiedEvent) { + } else if (event is DeviceListModifiedEvent) { deviceMapModified++; } }); @@ -327,7 +327,7 @@ void main() { // Setup an event listener final oldDevice = await aliceSession.getDevice(); - Device? newDevice; + OmemoDevice? newDevice; aliceSession.eventStream.listen((event) { if (event is DeviceModifiedEvent) { newDevice = event.device; diff --git a/test/omemomanager_test.dart b/test/omemomanager_test.dart new file mode 100644 index 0000000..448d6fa --- /dev/null +++ b/test/omemomanager_test.dart @@ -0,0 +1,945 @@ +import 'dart:convert'; +import 'package:logging/logging.dart'; +import 'package:omemo_dart/omemo_dart.dart'; +import 'package:omemo_dart/src/trust/always.dart'; +import 'package:test/test.dart'; + +void main() { + Logger.root + ..level = Level.ALL + ..onRecord.listen((record) { + // ignore: avoid_print + print('${record.level.name}: ${record.message}'); + }); + + test('Test sending a message without the device list cache', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var aliceEmptyMessageSent = 0; + var bobEmptyMessageSent = 0; + + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async { + aliceEmptyMessageSent++; + }, + (jid) async { + expect(jid, bobJid); + return [ bobDevice.id ]; + }, + (jid, id) async { + expect(jid, bobJid); + return bobDevice.toBundle(); + }, + (jid) async {}, + ); + final bobManager = OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async { + bobEmptyMessageSent++; + }, + (jid) async { + expect(jid, aliceJid); + return [aliceDevice.id]; + }, + (jid, id) async { + expect(jid, aliceJid); + return aliceDevice.toBundle(); + }, + (jid) async {}, + ); + + // Alice sends a message + final aliceResult = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello world', + ), + ); + + // Bob must be able to decrypt the message + final bobResult = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult.encryptedKeys, + base64.encode(aliceResult.ciphertext!), + ), + ); + + expect(bobResult.payload, 'Hello world'); + expect(bobResult.error, null); + expect(aliceEmptyMessageSent, 0); + expect(bobEmptyMessageSent, 1); + + // Alice receives the ack message + await aliceManager.ratchetAcknowledged( + bobJid, + bobDevice.id, + ); + + // Bob now responds + final bobResult2 = await bobManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [aliceJid], + 'Hello world, Alice', + ), + ); + final aliceResult2 = await aliceManager.onIncomingStanza( + OmemoIncomingStanza( + bobJid, + bobDevice.id, + DateTime.now().millisecondsSinceEpoch, + bobResult2.encryptedKeys, + base64.encode(bobResult2.ciphertext!), + ), + ); + + expect(aliceResult2.error, null); + expect(aliceEmptyMessageSent, 0); + expect(bobEmptyMessageSent, 1); + expect(aliceResult2.payload, 'Hello world, Alice'); + }); + + test('Test triggering the heartbeat', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var aliceEmptyMessageSent = 0; + var bobEmptyMessageSent = 0; + + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async { + aliceEmptyMessageSent++; + }, + (jid) async { + expect(jid, bobJid); + return [ bobDevice.id ]; + }, + (jid, id) async { + expect(jid, bobJid); + return bobDevice.toBundle(); + }, + (jid) async {}, + ); + final bobManager = OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async { + bobEmptyMessageSent++; + }, + (jid) async { + expect(jid, aliceJid); + return [aliceDevice.id]; + }, + (jid, id) async { + expect(jid, aliceJid); + return aliceDevice.toBundle(); + }, + (jid) async {}, + ); + + // Alice sends a message + final aliceResult = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello world', + ), + ); + + // Bob must be able to decrypt the message + final bobResult = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult.encryptedKeys, + base64.encode(aliceResult.ciphertext!), + ), + ); + + expect(aliceEmptyMessageSent, 0); + expect(bobEmptyMessageSent, 1); + expect(bobResult.payload, 'Hello world'); + + // Bob acknowledges the message + await aliceManager.ratchetAcknowledged(bobJid, bobDevice.id); + + // Alice now sends 52 messages that Bob decrypts + for (var i = 0; i <= 51; i++) { + final aliceResultLoop = await aliceManager.onOutgoingStanza( + OmemoOutgoingStanza( + [bobJid], + 'Test message $i', + ), + ); + + final bobResultLoop = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResultLoop.encryptedKeys, + base64.encode(aliceResultLoop.ciphertext!), + ), + ); + + expect(aliceEmptyMessageSent, 0); + expect(bobEmptyMessageSent, 1); + expect(bobResultLoop.payload, 'Test message $i'); + } + + // Alice sends a final message that triggers a heartbeat + final aliceResultFinal = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Test message last', + ), + ); + + final bobResultFinal = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResultFinal.encryptedKeys, + base64.encode(aliceResultFinal.ciphertext!), + ), + ); + + expect(aliceEmptyMessageSent, 0); + expect(bobEmptyMessageSent, 2); + expect(bobResultFinal.payload, 'Test message last'); + }); + + test('Test accessing data without it existing', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => [], + (jid, id) async => null, + (jid) async {}, + ); + + // Get non-existant fingerprints + expect( + await aliceManager.getFingerprintsForJid(bobJid), + null, + ); + + // Ack a non-existant ratchet + await aliceManager.ratchetAcknowledged( + bobJid, + 42, + ); + }); + + test('Test receiving a message encrypted for another device', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var oldDevice = true; + + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobOldDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + final bobCurrentDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return oldDevice ? + [ bobOldDevice.id ] : + [ bobCurrentDevice.id ]; + }, + (jid, id) async { + expect(jid, bobJid); + return oldDevice ? + bobOldDevice.toBundle() : + bobCurrentDevice.toBundle(); + }, + (jid) async {}, + ); + final bobManager = OmemoManager( + bobCurrentDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => [], + (jid, id) async => null, + (jid) async {}, + ); + + // Alice encrypts a message to Bob + final aliceResult1 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob', + ), + ); + + // Bob's current device receives it + final bobResult1 = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult1.encryptedKeys, + base64.encode(aliceResult1.ciphertext!), + ), + ); + + expect(bobResult1.payload, null); + expect(bobResult1.error is NotEncryptedForDeviceException, true); + + // Now Alice's client loses and regains the connection + aliceManager.onNewConnection(); + oldDevice = false; + + // And Alice sends a new message + final aliceResult2 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob x2', + ), + ); + final bobResult2 = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult2.encryptedKeys, + base64.encode(aliceResult2.ciphertext!), + ), + ); + + expect(aliceResult2.encryptedKeys.length, 1); + expect(bobResult2.payload, 'Hello Bob x2'); + }); + + test('Test receiving a response from a new device', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var bothDevices = false; + + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice1 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + final bobDevice2 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return [ + bobDevice1.id, + + if (bothDevices) + bobDevice2.id, + ]; + }, + (jid, id) async { + expect(jid, bobJid); + + if (bothDevices) { + if (id == bobDevice1.id) { + return bobDevice1.toBundle(); + } else if (id == bobDevice2.id) { + return bobDevice2.toBundle(); + } + } else { + if (id == bobDevice1.id) return bobDevice1.toBundle(); + } + + return null; + }, + (jid) async {}, + ); + final bobManager1 = OmemoManager( + bobDevice1, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => [], + (jid, id) async => null, + (jid) async {}, + ); + final bobManager2 = OmemoManager( + bobDevice2, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, aliceJid); + return [aliceDevice.id]; + }, + (jid, id) async { + expect(jid, aliceJid); + return aliceDevice.toBundle(); + }, + (jid) async {}, + ); + + // Alice sends a message to Bob + final aliceResult1 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob!', + ), + ); + + // Bob decrypts it + final bobResult1 = await bobManager1.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult1.encryptedKeys, + base64.encode(aliceResult1.ciphertext!), + ), + ); + + expect(aliceResult1.encryptedKeys.length, 1); + expect(bobResult1.payload, 'Hello Bob!'); + + // Now Bob encrypts from his new device + bothDevices = true; + final bobResult2 = await bobManager2.onOutgoingStanza( + const OmemoOutgoingStanza( + [aliceJid], + 'Hello from my new device', + ), + ); + + // And Alice decrypts it + final aliceResult2 = await aliceManager.onIncomingStanza( + OmemoIncomingStanza( + bobJid, + bobDevice2.id, + DateTime.now().millisecondsSinceEpoch, + bobResult2.encryptedKeys, + base64.encode(bobResult2.ciphertext!), + ), + ); + + expect(aliceResult2.payload, 'Hello from my new device'); + }); + + test('Test receiving a device list update', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var bothDevices = false; + + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice1 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + final bobDevice2 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return [ + bobDevice1.id, + + if (bothDevices) + bobDevice2.id, + ]; + }, + (jid, id) async { + expect(jid, bobJid); + + if (bothDevices) { + if (id == bobDevice1.id) { + return bobDevice1.toBundle(); + } else if (id == bobDevice2.id) { + return bobDevice2.toBundle(); + } + } else { + if (id == bobDevice1.id) return bobDevice1.toBundle(); + } + + return null; + }, + (jid) async {}, + ); + final bobManager1 = OmemoManager( + bobDevice1, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + (jid) async {}, + ); + final bobManager2 = OmemoManager( + bobDevice2, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + (jid) async {}, + ); + + // Alice sends a message to Bob + final aliceResult1 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob!', + ), + ); + + // Bob decrypts it + final bobResult1 = await bobManager1.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult1.encryptedKeys, + base64.encode(aliceResult1.ciphertext!), + ), + ); + + expect(aliceResult1.encryptedKeys.length, 1); + expect(bobResult1.payload, 'Hello Bob!'); + + // Bob acks the ratchet session + await aliceManager.ratchetAcknowledged(bobJid, bobDevice1.id); + + // Bob now publishes a new device + bothDevices = true; + aliceManager.onDeviceListUpdate( + bobJid, + [ + bobDevice1.id, + bobDevice2.id, + ], + ); + + // Now Alice encrypts another message + final aliceResult2 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob! x2', + ), + ); + + expect(aliceResult2.encryptedKeys.length, 2); + + // And Bob decrypts it + final bobResult21 = await bobManager1.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult2.encryptedKeys, + base64.encode(aliceResult2.ciphertext!), + ), + ); + final bobResult22 = await bobManager2.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult2.encryptedKeys, + base64.encode(aliceResult2.ciphertext!), + ), + ); + + expect(bobResult21.payload, 'Hello Bob! x2'); + expect(bobResult22.payload, 'Hello Bob! x2'); + + // Bob2 now responds + final bobResult32 = await bobManager2.onOutgoingStanza( + const OmemoOutgoingStanza( + [aliceJid], + 'Hello Alice!', + ), + ); + + // And Alice responds + final aliceResult3 = await aliceManager.onIncomingStanza( + OmemoIncomingStanza( + bobJid, + bobDevice2.id, + DateTime.now().millisecondsSinceEpoch, + bobResult32.encryptedKeys, + base64.encode(bobResult32.ciphertext!), + ), + ); + + expect(aliceResult3.payload, 'Hello Alice!'); + }); + + test('Test sending a message to two different JIDs', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + const cocoJid = 'coco@server3'; + + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + final cocoDevice = await OmemoDevice.generateNewDevice(cocoJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + if (jid == bobJid) { + return [bobDevice.id]; + } else if (jid == cocoJid) { + return [cocoDevice.id]; + } + + return null; + }, + (jid, id) async { + if (jid == bobJid) { + return bobDevice.toBundle(); + } else if (jid == cocoJid) { + return cocoDevice.toBundle(); + } + + return null; + }, + (jid) async {}, + ); + final bobManager = OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + (jid) async {}, + ); + final cocoManager = OmemoManager( + cocoDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + (jid) async {}, + ); + + // Alice sends a message to Bob and Coco + final aliceResult = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid, cocoJid], + 'Hello Bob and Coco!', + ), + ); + + // Bob and Coco decrypt them + final bobResult = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult.encryptedKeys, + base64.encode(aliceResult.ciphertext!), + ), + ); + final cocoResult = await cocoManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult.encryptedKeys, + base64.encode(aliceResult.ciphertext!), + ), + ); + + expect(bobResult.error, null); + expect(cocoResult.error, null); + expect(bobResult.payload, 'Hello Bob and Coco!'); + expect(cocoResult.payload, 'Hello Bob and Coco!'); + }); + + test('Test a fetch failure', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var failure = false; + + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return failure ? + null : + [bobDevice.id]; + }, + (jid, id) async { + expect(jid, bobJid); + + return failure ? + null : + bobDevice.toBundle(); + }, + (jid) async {}, + ); + final bobManager = OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + (jid) async {}, + ); + + // Alice sends a message to Bob and Coco + final aliceResult1 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob!', + ), + ); + + // Bob decrypts it + final bobResult1 = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult1.encryptedKeys, + base64.encode(aliceResult1.ciphertext!), + ), + ); + + expect(bobResult1.error, null); + expect(bobResult1.payload, 'Hello Bob!'); + + // Bob acks the message + await aliceManager.ratchetAcknowledged( + bobJid, + bobDevice.id, + ); + + // Alice has to reconnect but has no connection yet + failure = true; + aliceManager.onNewConnection(); + + // Alice sends another message to Bob + final aliceResult2 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob! x2', + ), + ); + + // And Bob decrypts it + final bobResult2 = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult2.encryptedKeys, + base64.encode(aliceResult2.ciphertext!), + ), + ); + + expect(bobResult2.error, null); + expect(bobResult2.payload, 'Hello Bob! x2'); + }); + + test('Test sending a message with failed lookups', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return null; + }, + (jid, id) async { + expect(jid, bobJid); + + return null; + }, + (jid) async {}, + ); + + // Alice sends a message to Bob + final aliceResult = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob!', + ), + ); + + expect(aliceResult.isSuccess(1), false); + expect(aliceResult.jidEncryptionErrors[bobJid] is NoKeyMaterialAvailableException, true); + }); + + test('Test sending a message two two JIDs with failed lookups', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + const cocoJid = 'coco@server3'; + + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + if (jid == bobJid) { + return [bobDevice.id]; + } + + return null; + }, + (jid, id) async { + if (jid == bobJid) { + return bobDevice.toBundle(); + } + + return null; + }, + (jid) async {}, + ); + final bobManager = OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + (jid) async {}, + ); + + // Alice sends a message to Bob and Coco + final aliceResult = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid, cocoJid], + 'Hello Bob and Coco!', + ), + ); + + expect(aliceResult.isSuccess(2), true); + expect(aliceResult.jidEncryptionErrors[cocoJid] is NoKeyMaterialAvailableException, true); + + // Bob decrypts it + final bobResult = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult.encryptedKeys, + base64.encode(aliceResult.ciphertext!), + ), + ); + + expect(bobResult.payload, 'Hello Bob and Coco!'); + }); + + test('Test sending multiple messages back and forth', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return [bobDevice.id]; + }, + (jid, id) async { + expect(jid, bobJid); + + return bobDevice.toBundle(); + }, + (jid) async {}, + ); + final bobManager = OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + (jid) async {}, + ); + + // Alice encrypts a message for Bob + final aliceMessage = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob!', + ), + ); + + // And Bob decrypts it + await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceMessage.encryptedKeys, + base64.encode(aliceMessage.ciphertext!), + ), + + ); + + // Ratchets are acked + await aliceManager.ratchetAcknowledged( + bobJid, + bobDevice.id, + ); + + for (var i = 0; i < 100; i++) { + final messageText = 'Test Message #$i'; + // Bob responds to Alice + final bobResponseMessage = await bobManager.onOutgoingStanza( + OmemoOutgoingStanza( + [aliceJid], + messageText, + ), + ); + expect(bobResponseMessage.isSuccess(1), true); + + final aliceReceivedMessage = await aliceManager.onIncomingStanza( + OmemoIncomingStanza( + bobJid, + bobDevice.id, + DateTime.now().millisecondsSinceEpoch, + bobResponseMessage.encryptedKeys, + base64.encode(bobResponseMessage.ciphertext!), + ), + ); + expect(aliceReceivedMessage.payload, messageText); + } + }); +} diff --git a/test/serialisation_test.dart b/test/serialisation_test.dart index b163288..071735d 100644 --- a/test/serialisation_test.dart +++ b/test/serialisation_test.dart @@ -18,7 +18,7 @@ void main() { final oldDevice = await oldSession.getDevice(); final serialised = jsonify(await oldDevice.toJson()); - final newDevice = Device.fromJson(serialised); + final newDevice = OmemoDevice.fromJson(serialised); expect(await oldDevice.equals(newDevice), true); }); @@ -32,7 +32,7 @@ void main() { final oldDevice = await (await oldSession.getDevice()).replaceSignedPrekey(); final serialised = jsonify(await oldDevice.toJson()); - final newDevice = Device.fromJson(serialised); + final newDevice = OmemoDevice.fromJson(serialised); expect(await oldDevice.equals(newDevice), true); });