From 06707d1a34438bdc1ed62c228bd06c491012e2ce Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Tue, 27 Dec 2022 12:43:18 +0100 Subject: [PATCH 01/17] feat: Compute the fingerprint of a bundle --- lib/src/omemo/bundle.dart | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lib/src/omemo/bundle.dart b/lib/src/omemo/bundle.dart index 7896a7b..c2da915 100644 --- a/lib/src/omemo/bundle.dart +++ b/lib/src/omemo/bundle.dart @@ -1,5 +1,6 @@ import 'dart:convert'; import 'package:cryptography/cryptography.dart'; +import 'package:hex/hex.dart'; import 'package:omemo_dart/src/keys.dart'; class OmemoBundle { @@ -43,4 +44,10 @@ class OmemoBundle { } List get spkSignature => base64Decode(spkSignatureEncoded); + + /// Calculates the fingerprint of the bundle (See + /// https://xmpp.org/extensions/xep-0384.html#security ยง 2). + Future getFingerprint() async { + return HEX.encode(await ik.getBytes()); + } } From b48665c3579c542752ee5b3173c26d085056c6df Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Sun, 25 Dec 2022 22:13:08 +0100 Subject: [PATCH 02/17] feat: Begin work on the OmemoManager interface --- lib/omemo_dart.dart | 1 + lib/src/double_ratchet/double_ratchet.dart | 5 +- lib/src/errors.dart | 19 +- lib/src/omemo/decryption_result.dart | 9 + lib/src/omemo/device.dart | 1 - lib/src/omemo/encryption_result.dart | 1 - lib/src/omemo/omemomanager.dart | 611 +++++++++++++++++++++ lib/src/omemo/stanza.dart | 25 + lib/src/protobuf/omemo_key_exchange.dart | 1 - test/omemomanager_test.dart | 220 ++++++++ 10 files changed, 877 insertions(+), 16 deletions(-) create mode 100644 lib/src/omemo/decryption_result.dart create mode 100644 lib/src/omemo/omemomanager.dart create mode 100644 lib/src/omemo/stanza.dart create mode 100644 test/omemomanager_test.dart diff --git a/lib/omemo_dart.dart b/lib/omemo_dart.dart index 77709ad..71d64d5 100644 --- a/lib/omemo_dart.dart +++ b/lib/omemo_dart.dart @@ -12,6 +12,7 @@ export 'src/omemo/events.dart'; export 'src/omemo/fingerprint.dart'; export 'src/omemo/ratchet_map_key.dart'; export 'src/omemo/sessionmanager.dart'; +export 'src/omemo/stanza.dart'; export 'src/trust/base.dart'; export 'src/trust/btbv.dart'; export 'src/x3dh/x3dh.dart'; diff --git a/lib/src/double_ratchet/double_ratchet.dart b/lib/src/double_ratchet/double_ratchet.dart index 0f5e0d2..f0f11a7 100644 --- a/lib/src/double_ratchet/double_ratchet.dart +++ b/lib/src/double_ratchet/double_ratchet.dart @@ -13,7 +13,6 @@ import 'package:omemo_dart/src/protobuf/omemo_message.dart'; const maxSkip = 1000; class RatchetStep { - const RatchetStep(this.header, this.ciphertext); final OmemoMessage header; final List ciphertext; @@ -21,7 +20,6 @@ class RatchetStep { @immutable class SkippedKey { - const SkippedKey(this.dh, this.n); factory SkippedKey.fromJson(Map data) { @@ -54,7 +52,6 @@ class SkippedKey { } class OmemoDoubleRatchet { - OmemoDoubleRatchet( this.dhs, // DHs this.dhr, // DHr @@ -221,7 +218,7 @@ class OmemoDoubleRatchet { ik, ad, {}, - false, + true, kexTimestamp, null, ); diff --git a/lib/src/errors.dart b/lib/src/errors.dart index 021ae98..d8c3f43 100644 --- a/lib/src/errors.dart +++ b/lib/src/errors.dart @@ -1,45 +1,46 @@ +abstract class OmemoException {} + /// Triggered during X3DH if the signature if the SPK does verify to the actual SPK. -class InvalidSignatureException implements Exception { +class InvalidSignatureException extends OmemoException implements Exception { String errMsg() => 'The signature of the SPK does not match the provided signature'; } - /// Triggered by the Double Ratchet if the computed HMAC does not match the attached HMAC. /// Triggered by the Session Manager if the computed HMAC does not match the attached HMAC. -class InvalidMessageHMACException implements Exception { +class InvalidMessageHMACException extends OmemoException implements Exception { String errMsg() => 'The computed HMAC does not match the provided HMAC'; } /// Triggered by the Double Ratchet if skipping messages would cause skipping more than /// MAXSKIP messages -class SkippingTooManyMessagesException implements Exception { +class SkippingTooManyMessagesException extends OmemoException implements Exception { String errMsg() => 'Skipping messages would cause a skip bigger than MAXSKIP'; } /// Triggered by the Session Manager if the message key is not encrypted for the device. -class NotEncryptedForDeviceException implements Exception { +class NotEncryptedForDeviceException extends OmemoException implements Exception { String errMsg() => 'Not encrypted for this device'; } /// Triggered by the Session Manager when there is no key for decrypting the message. -class NoDecryptionKeyException implements Exception { +class NoDecryptionKeyException extends OmemoException implements Exception { String errMsg() => 'No key available for decrypting the message'; } /// Triggered by the Session Manager when the identifier of the used Signed Prekey /// is neither the current SPK's identifier nor the old one's. -class UnknownSignedPrekeyException implements Exception { +class UnknownSignedPrekeyException extends OmemoException implements Exception { String errMsg() => 'Unknown Signed Prekey used.'; } /// Triggered by the Session Manager when the received Key Exchange message does not meet /// the requirement that a key exchange, given that the ratchet already exists, must be /// sent after its creation. -class InvalidKeyExchangeException implements Exception { +class InvalidKeyExchangeException extends OmemoException implements Exception { String errMsg() => 'The key exchange was sent before the last kex finished'; } /// Triggered by the Session Manager when a message's sequence number is smaller than we /// expect it to be. -class MessageAlreadyDecryptedException implements Exception { +class MessageAlreadyDecryptedException extends OmemoException implements Exception { String errMsg() => 'The message has already been decrypted'; } diff --git a/lib/src/omemo/decryption_result.dart b/lib/src/omemo/decryption_result.dart new file mode 100644 index 0000000..5b020e1 --- /dev/null +++ b/lib/src/omemo/decryption_result.dart @@ -0,0 +1,9 @@ +import 'package:meta/meta.dart'; +import 'package:omemo_dart/src/errors.dart'; + +@immutable +class DecryptionResult { + const DecryptionResult(this.payload, this.error); + final String? payload; + final OmemoException? error; +} diff --git a/lib/src/omemo/device.dart b/lib/src/omemo/device.dart index e2533de..2a92b00 100644 --- a/lib/src/omemo/device.dart +++ b/lib/src/omemo/device.dart @@ -9,7 +9,6 @@ import 'package:omemo_dart/src/x3dh/x3dh.dart'; /// This class represents an OmemoBundle but with all keypairs belonging to the keys @immutable class Device { - const Device( this.jid, this.id, diff --git a/lib/src/omemo/encryption_result.dart b/lib/src/omemo/encryption_result.dart index 035aa59..ff988c7 100644 --- a/lib/src/omemo/encryption_result.dart +++ b/lib/src/omemo/encryption_result.dart @@ -3,7 +3,6 @@ import 'package:omemo_dart/src/omemo/encrypted_key.dart'; @immutable class EncryptionResult { - const EncryptionResult(this.ciphertext, this.encryptedKeys); /// The actual message that was encrypted diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart new file mode 100644 index 0000000..43513cf --- /dev/null +++ b/lib/src/omemo/omemomanager.dart @@ -0,0 +1,611 @@ +import 'dart:async'; +import 'dart:collection'; +import 'dart:convert'; +import 'package:collection/collection.dart'; +import 'package:cryptography/cryptography.dart'; +import 'package:logging/logging.dart'; +import 'package:meta/meta.dart'; +import 'package:omemo_dart/src/crypto.dart'; +import 'package:omemo_dart/src/double_ratchet/double_ratchet.dart'; +import 'package:omemo_dart/src/errors.dart'; +import 'package:omemo_dart/src/helpers.dart'; +import 'package:omemo_dart/src/keys.dart'; +import 'package:omemo_dart/src/omemo/bundle.dart'; +import 'package:omemo_dart/src/omemo/decryption_result.dart'; +import 'package:omemo_dart/src/omemo/device.dart'; +import 'package:omemo_dart/src/omemo/encrypted_key.dart'; +import 'package:omemo_dart/src/omemo/encryption_result.dart'; +import 'package:omemo_dart/src/omemo/events.dart'; +import 'package:omemo_dart/src/omemo/ratchet_map_key.dart'; +import 'package:omemo_dart/src/omemo/stanza.dart'; +import 'package:omemo_dart/src/protobuf/omemo_authenticated_message.dart'; +import 'package:omemo_dart/src/protobuf/omemo_key_exchange.dart'; +import 'package:omemo_dart/src/protobuf/omemo_message.dart'; +import 'package:omemo_dart/src/trust/base.dart'; +import 'package:omemo_dart/src/x3dh/x3dh.dart'; +import 'package:synchronized/synchronized.dart'; + +/// The info used for when encrypting the AES key for the actual payload. +const omemoPayloadInfoString = 'OMEMO Payload'; + +class OmemoManager { + OmemoManager( + this._device, + this._trustManager, + this.sendEmptyOmemoMessage, + this.fetchDeviceList, + this.fetchDeviceBundle, + ); + + final Logger _log = Logger('OmemoManager'); + + /// Functions for connecting with the OMEMO library + final Future Function(EncryptionResult result, String recipientJid) sendEmptyOmemoMessage; + final Future> Function(String jid) fetchDeviceList; + final Future Function(String jid, int id) fetchDeviceBundle; + + /// Map bare JID to its known devices + Map> _deviceList = {}; + /// Map bare JIDs to whether we already requested the device list once + final Map _deviceListRequested = {}; + + /// Map bare a ratchet key to its ratchet. Note that this is also locked by + /// _ratchetCriticalSectionLock. + Map _ratchetMap = {}; + /// For preventing a race condition in encryption/decryption + final Map>> _ratchetCriticalSectionQueue = {}; + final Lock _ratchetCriticalSectionLock = Lock(); + + /// The OmemoManager's trust management + final TrustManager _trustManager; + TrustManager get trustManager => _trustManager; + + /// Our own keys... + final Lock _deviceLock = Lock(); + // ignore: prefer_final_fields + Device _device; + + /// The event bus of the session manager + final StreamController _eventStreamController = StreamController.broadcast(); + + /// Enter the critical section for performing cryptographic operations on the ratchets + Future _enterRatchetCriticalSection(String jid) async { + final completer = await _ratchetCriticalSectionLock.synchronized(() { + if (_ratchetCriticalSectionQueue.containsKey(jid)) { + final c = Completer(); + _ratchetCriticalSectionQueue[jid]!.addLast(c); + return c; + } + + _ratchetCriticalSectionQueue[jid] = Queue(); + return null; + }); + + if (completer != null) { + await completer.future; + } + } + + /// Leave the critical section for the ratchets. + Future _leaveRatchetCriticalSection(String jid) async { + await _ratchetCriticalSectionLock.synchronized(() { + if (_ratchetCriticalSectionQueue.containsKey(jid)) { + if (_ratchetCriticalSectionQueue[jid]!.isEmpty) { + _ratchetCriticalSectionQueue.remove(jid); + } else { + _ratchetCriticalSectionQueue[jid]!.removeFirst().complete(); + } + } + }); + } + + Future _decryptAndVerifyHmac(List? ciphertext, List keyAndHmac) async { + // Empty OMEMO messages should just have the key decrypted and/or session set up. + if (ciphertext == null) { + return null; + } + + final key = keyAndHmac.sublist(0, 32); + final hmac = keyAndHmac.sublist(32, 48); + final derivedKeys = await deriveEncryptionKeys(key, omemoPayloadInfoString); + final computedHmac = await truncatedHmac(ciphertext, derivedKeys.authenticationKey); + if (!listsEqual(hmac, computedHmac)) { + throw InvalidMessageHMACException(); + } + + return utf8.decode( + await aes256CbcDecrypt(ciphertext, derivedKeys.encryptionKey, derivedKeys.iv), + ); + } + + /// Add a session [ratchet] with the [deviceId] to the internal tracking state. + /// NOTE: Must be called from within the ratchet critical section. + void _addSession(String jid, int deviceId, OmemoDoubleRatchet ratchet) { + // Add the bundle Id + if (!_deviceList.containsKey(jid)) { + _deviceList[jid] = [deviceId]; + + // Commit the device map + _eventStreamController.add(DeviceMapModifiedEvent(_deviceList)); + } else { + // Prevent having the same device multiple times in the list + if (!_deviceList[jid]!.contains(deviceId)) { + _deviceList[jid]!.add(deviceId); + + // Commit the device map + _eventStreamController.add(DeviceMapModifiedEvent(_deviceList)); + } + } + + // Add the ratchet session + final key = RatchetMapKey(jid, deviceId); + _ratchetMap[key] = ratchet; + + // Commit the ratchet + _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, true)); + } + + /// Build a new session with the user at [jid] with the device [deviceId] using data + /// from the key exchange [kex]. In case [kex] contains an unknown Signed Prekey + /// identifier an UnknownSignedPrekeyException will be thrown. + Future _addSessionFromKeyExchange(String jid, int deviceId, OmemoKeyExchange kex) async { + // Pick the correct SPK + final device = await getDevice(); + OmemoKeyPair spk; + if (kex.spkId == _device.spkId) { + spk = _device.spk; + } else if (kex.spkId == _device.oldSpkId) { + spk = _device.oldSpk!; + } else { + throw UnknownSignedPrekeyException(); + } + + final kexResult = await x3dhFromInitialMessage( + X3DHMessage( + OmemoPublicKey.fromBytes(kex.ik!, KeyPairType.ed25519), + OmemoPublicKey.fromBytes(kex.ek!, KeyPairType.x25519), + kex.pkId!, + ), + spk, + device.opks.values.elementAt(kex.pkId!), + device.ik, + ); + final ratchet = await OmemoDoubleRatchet.acceptNewSession( + spk, + OmemoPublicKey.fromBytes(kex.ik!, KeyPairType.ed25519), + kexResult.sk, + kexResult.ad, + getTimestamp(), + ); + + return ratchet; + } + + /// Create a ratchet session initiated by Alice to the user with Jid [jid] and the device + /// [deviceId] from the bundle [bundle]. + @visibleForTesting + Future addSessionFromBundle(String jid, int deviceId, OmemoBundle bundle) async { + final device = await getDevice(); + final kexResult = await x3dhFromBundle( + bundle, + device.ik, + ); + final ratchet = await OmemoDoubleRatchet.initiateNewSession( + bundle.spk, + bundle.ik, + kexResult.sk, + kexResult.ad, + getTimestamp(), + ); + + await _trustManager.onNewSession(jid, deviceId); + _addSession(jid, deviceId, ratchet); + + return OmemoKeyExchange() + ..pkId = kexResult.opkId + ..spkId = bundle.spkId + ..ik = await device.ik.pk.getBytes() + ..ek = await kexResult.ek.pk.getBytes(); + } + + /// In case a decryption error occurs, the Double Ratchet spec says to just restore + /// the ratchet to its old state. As such, this function restores the ratchet at + /// [mapKey] with [oldRatchet]. + /// NOTE: Must be called from within the ratchet critical section + void _restoreRatchet(RatchetMapKey mapKey, OmemoDoubleRatchet oldRatchet) { + _log.finest('Restoring ratchet ${mapKey.jid}:${mapKey.deviceId} to ${oldRatchet.nr}'); + _ratchetMap[mapKey] = oldRatchet; + + // Commit the ratchet + _eventStreamController.add( + RatchetModifiedEvent( + mapKey.jid, + mapKey.deviceId, + oldRatchet, + false, + ), + ); + } + + /// Attempt to decrypt [ciphertext]. [keys] refers to the elements inside the + /// element with a "jid" attribute matching our own. [senderJid] refers to the + /// bare Jid of the sender. [senderDeviceId] refers to the "sid" attribute of the + /// element. + /// [timestamp] refers to the time the message was sent. This might be either what the + /// server tells you via "XEP-0203: Delayed Delivery" or the point in time at which + /// you received the stanza, if no Delayed Delivery element was found. + /// + /// If the received message is an empty OMEMO message, i.e. there is no + /// element, then [ciphertext] must be set to null. In this case, this function + /// will return null as there is no message to be decrypted. This, however, is used + /// to set up sessions or advance the ratchets. + Future decryptMessage(List? ciphertext, String senderJid, int senderDeviceId, List keys, int timestamp) async { + // Try to find a session we can decrypt with. + var device = await getDevice(); + final rawKey = keys.firstWhereOrNull((key) => key.rid == device.id); + if (rawKey == null) { + throw NotEncryptedForDeviceException(); + } + + final ratchetKey = RatchetMapKey(senderJid, senderDeviceId); + final decodedRawKey = base64.decode(rawKey.value); + List? keyAndHmac; + OmemoAuthenticatedMessage authMessage; + OmemoDoubleRatchet? oldRatchet; + OmemoMessage? message; + if (rawKey.kex) { + // If the ratchet already existed, we store it. If it didn't, oldRatchet will stay + // null. + final oldRatchet = _getRatchet(ratchetKey)?.clone(); + final kex = OmemoKeyExchange.fromBuffer(decodedRawKey); + authMessage = kex.message!; + message = OmemoMessage.fromBuffer(authMessage.message!); + + // Guard against old key exchanges + if (oldRatchet != null) { + _log.finest('KEX for existent ratchet. ${oldRatchet.pn}'); + if (oldRatchet.kexTimestamp > timestamp) { + throw InvalidKeyExchangeException(); + } + + // Try to decrypt it + try { + final decrypted = await oldRatchet.ratchetDecrypt(message, authMessage.writeToBuffer()); + + // Commit the ratchet + _eventStreamController.add( + RatchetModifiedEvent( + senderJid, + senderDeviceId, + oldRatchet, + false, + ), + ); + + final plaintext = await _decryptAndVerifyHmac( + ciphertext, + decrypted, + ); + _addSession(senderJid, senderDeviceId, oldRatchet); + return plaintext; + } catch (_) { + _log.finest('Failed to use old ratchet with KEX for existing ratchet'); + } + } + + final r = await _addSessionFromKeyExchange(senderJid, senderDeviceId, kex); + await _trustManager.onNewSession(senderJid, senderDeviceId); + _addSession(senderJid, senderDeviceId, r); + + // Replace the OPK + // TODO(PapaTutuWawa): Replace the OPK when we know that the KEX worked + await _deviceLock.synchronized(() async { + device = await device.replaceOnetimePrekey(kex.pkId!); + + // Commit the device + _eventStreamController.add(DeviceModifiedEvent(device)); + }); + } else { + authMessage = OmemoAuthenticatedMessage.fromBuffer(decodedRawKey); + message = OmemoMessage.fromBuffer(authMessage.message!); + } + + final devices = _deviceList[senderJid]; + if (devices == null) { + throw NoDecryptionKeyException(); + } + if (!devices.contains(senderDeviceId)) { + throw NoDecryptionKeyException(); + } + + // We can guarantee that the ratchet exists at this point in time + final ratchet = _getRatchet(ratchetKey)!; + oldRatchet ??= ratchet.clone(); + + try { + if (rawKey.kex) { + keyAndHmac = await ratchet.ratchetDecrypt(message, authMessage.writeToBuffer()); + } else { + keyAndHmac = await ratchet.ratchetDecrypt(message, decodedRawKey); + } + } catch (_) { + _restoreRatchet(ratchetKey, oldRatchet); + rethrow; + } + + // Commit the ratchet + _eventStreamController.add( + RatchetModifiedEvent( + senderJid, + senderDeviceId, + ratchet, + false, + ), + ); + + try { + return _decryptAndVerifyHmac(ciphertext, keyAndHmac); + } catch (_) { + _restoreRatchet(ratchetKey, oldRatchet); + rethrow; + } + } + + /// Returns, if it exists, the ratchet associated with [key]. + /// NOTE: Must be called from within the ratchet critical section. + OmemoDoubleRatchet? _getRatchet(RatchetMapKey key) => _ratchetMap[key]; + + /// Figure out what bundles we have to still build a session with. + Future> _fetchNewBundles(String jid) async { + // Check if we already requested the device list for [jid] + List bundlesToFetch; + if (!_deviceListRequested.containsKey(jid) || !_deviceList.containsKey(jid)) { + // We don't have an up-to-date version of the device list + final newDeviceList = await fetchDeviceList(jid); + _deviceList[jid] = newDeviceList; + bundlesToFetch = newDeviceList + .where((id) { + return !_ratchetMap.containsKey(RatchetMapKey(jid, id)) || + _deviceList[jid]?.contains(id) == false; + }).toList(); + } else { + // We already have an up-to-date version of the device list + bundlesToFetch = _deviceList[jid]! + .where((id) => !_ratchetMap.containsKey(RatchetMapKey(jid, id))) + .toList(); + } + + final newBundles = List.empty(growable: true); + for (final id in bundlesToFetch) { + final bundle = await fetchDeviceBundle(jid, id); + if (bundle != null) newBundles.add(bundle); + } + + return newBundles; + } + + /// Encrypt the key [plaintext] for all known bundles of the Jids in [jids]. Returns a + /// map that maps the device Id to the ciphertext of [plaintext]. + /// + /// If [plaintext] is null, then the result will be an empty OMEMO message, i.e. one that + /// does not contain a element. This means that the ciphertext attribute of + /// the result will be null as well. + /// NOTE: Must be called within the ratchet critical section + Future _encryptToJids(List jids, String? plaintext) async { + final encryptedKeys = List.empty(growable: true); + + var ciphertext = const []; + var keyPayload = const []; + if (plaintext != null) { + // Generate the key and encrypt the plaintext + final key = generateRandomBytes(32); + final keys = await deriveEncryptionKeys(key, omemoPayloadInfoString); + ciphertext = await aes256CbcEncrypt( + utf8.encode(plaintext), + keys.encryptionKey, + keys.iv, + ); + final hmac = await truncatedHmac(ciphertext, keys.authenticationKey); + keyPayload = concat([key, hmac]); + } else { + keyPayload = List.filled(32, 0x0); + } + + final kex = {}; + for (final jid in jids) { + for (final newSession in await _fetchNewBundles(jid)) { + kex[newSession.id] = await addSessionFromBundle( + newSession.jid, + newSession.id, + newSession, + ); + } + } + + // We assume that the user already checked if the session exists + for (final jid in jids) { + for (final deviceId in _deviceList[jid]!) { + // Empty OMEMO messages are allowed to bypass trust + if (plaintext != null) { + // Only encrypt to devices that are trusted + if (!(await _trustManager.isTrusted(jid, deviceId))) continue; + + // Only encrypt to devices that are enabled + if (!(await _trustManager.isEnabled(jid, deviceId))) continue; + } + + final ratchetKey = RatchetMapKey(jid, deviceId); + var ratchet = _ratchetMap[ratchetKey]!; + final ciphertext = (await ratchet.ratchetEncrypt(keyPayload)).ciphertext; + + if (kex.isNotEmpty && kex.containsKey(deviceId)) { + // The ratchet did not exist + final k = kex[deviceId]! + ..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext); + final buffer = base64.encode(k.writeToBuffer()); + encryptedKeys.add( + EncryptedKey( + jid, + deviceId, + buffer, + true, + ), + ); + + ratchet = ratchet.cloneWithKex(buffer); + _ratchetMap[ratchetKey] = ratchet; + } else if (!ratchet.acknowledged) { + // The ratchet exists but is not acked + if (ratchet.kex != null) { + final oldKex = OmemoKeyExchange.fromBuffer(base64.decode(ratchet.kex!)) + ..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext); + + encryptedKeys.add( + EncryptedKey( + jid, + deviceId, + base64.encode(oldKex.writeToBuffer()), + true, + ), + ); + } else { + // The ratchet is not acked but we don't have the old key exchange + _log.warning('Ratchet for $jid:$deviceId is not acked but the kex attribute is null'); + encryptedKeys.add( + EncryptedKey( + jid, + deviceId, + base64.encode(ciphertext), + false, + ), + ); + } + } else { + // The ratchet exists and is acked + encryptedKeys.add( + EncryptedKey( + jid, + deviceId, + base64.encode(ciphertext), + false, + ), + ); + } + + // Commit the ratchet + _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false)); + } + } + + return EncryptionResult( + plaintext != null ? ciphertext : null, + encryptedKeys, + ); + } + + Future onIncomingStanza(OmemoIncomingStanza stanza) async { + await _enterRatchetCriticalSection(stanza.bareSenderJid); + + final ratchetKey = RatchetMapKey(stanza.bareSenderJid, stanza.senderDeviceId); + final ratchetCreated = !_ratchetMap.containsKey(ratchetKey); + String? payload; + try { + payload = await decryptMessage( + base64.decode(stanza.payload), + stanza.bareSenderJid, + stanza.senderDeviceId, + stanza.keys, + stanza.timestamp, + ); + } on OmemoException catch (ex) { + await _leaveRatchetCriticalSection(stanza.bareSenderJid); + return DecryptionResult( + null, + ex, + ); + } + + // Check if the ratchet is acked + final ratchet = _getRatchet(ratchetKey); + assert(ratchet != null, 'We decrypted the message, so the ratchet must exist'); + + if (ratchet!.nr > 53) { + await sendEmptyOmemoMessage( + await _encryptToJids( + [stanza.bareSenderJid], + null, + ), + stanza.bareSenderJid, + ); + } + + // Ratchet is acked + if (!ratchetCreated && ratchet.acknowledged) { + await _leaveRatchetCriticalSection(stanza.bareSenderJid); + return DecryptionResult( + payload, + null, + ); + } + + // Ratchet is not acked. Mark as acked and send an empty OMEMO message. + await ratchetAcknowledged( + stanza.bareSenderJid, + stanza.senderDeviceId, + enterCriticalSection: false, + ); + await sendEmptyOmemoMessage( + await _encryptToJids( + [stanza.bareSenderJid], + null, + ), + stanza.bareSenderJid, + ); + + await _leaveRatchetCriticalSection(stanza.bareSenderJid); + return DecryptionResult( + payload, + null, + ); + } + + Future onOutgoingStanza(OmemoOutgoingStanza stanza) async { + return _encryptToJids( + stanza.recipientJids, + stanza.payload, + ); + } + + /// Mark the ratchet for device [deviceId] from [jid] as acked. + Future ratchetAcknowledged(String jid, int deviceId, { bool enterCriticalSection = true }) async { + if (enterCriticalSection) await _enterRatchetCriticalSection(jid); + + final ratchet = _ratchetMap[RatchetMapKey(jid, deviceId)]! + ..acknowledged = true; + + // Commit it + _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false)); + + if (enterCriticalSection) await _leaveRatchetCriticalSection(jid); + } + + Future getDevice() => _deviceLock.synchronized(() => _device); + + /// Ensures that the device list is fetched again on the next message sending. + void onNewConnection() { + _deviceListRequested.clear(); + } + + /// Sets the device list for [jid] to [devices]. + void onDeviceListUpdate(String jid, List devices) { + _deviceList[jid] = devices; + _deviceListRequested[jid] = true; + } + + List? getDeviceListForJid(String jid) => _deviceList[jid]; + + void initialize(Map ratchetMap, Map> deviceList) { + _deviceList = deviceList; + _ratchetMap = ratchetMap; + } +} diff --git a/lib/src/omemo/stanza.dart b/lib/src/omemo/stanza.dart new file mode 100644 index 0000000..92f9f80 --- /dev/null +++ b/lib/src/omemo/stanza.dart @@ -0,0 +1,25 @@ +import 'package:omemo_dart/src/omemo/encrypted_key.dart'; + +class OmemoIncomingStanza { + const OmemoIncomingStanza( + this.bareSenderJid, + this.senderDeviceId, + this.timestamp, + this.keys, + this.payload, + ); + final String bareSenderJid; + final int senderDeviceId; + final int timestamp; + final List keys; + final String payload; +} + +class OmemoOutgoingStanza { + const OmemoOutgoingStanza( + this.recipientJids, + this.payload, + ); + final List recipientJids; + final String payload; +} diff --git a/lib/src/protobuf/omemo_key_exchange.dart b/lib/src/protobuf/omemo_key_exchange.dart index 788fa0d..bafb470 100644 --- a/lib/src/protobuf/omemo_key_exchange.dart +++ b/lib/src/protobuf/omemo_key_exchange.dart @@ -3,7 +3,6 @@ import 'package:omemo_dart/src/protobuf/omemo_authenticated_message.dart'; import 'package:omemo_dart/src/protobuf/protobuf.dart'; class OmemoKeyExchange { - OmemoKeyExchange(); factory OmemoKeyExchange.fromBuffer(List data) { diff --git a/test/omemomanager_test.dart b/test/omemomanager_test.dart new file mode 100644 index 0000000..5b65a65 --- /dev/null +++ b/test/omemomanager_test.dart @@ -0,0 +1,220 @@ +import 'dart:convert'; +import 'package:logging/logging.dart'; +import 'package:omemo_dart/omemo_dart.dart'; +import 'package:omemo_dart/src/omemo/omemomanager.dart' as omemo; +import 'package:omemo_dart/src/trust/always.dart'; +import 'package:test/test.dart'; + +void main() { + Logger.root + ..level = Level.ALL + ..onRecord.listen((record) { + // ignore: avoid_print + print('${record.level.name}: ${record.message}'); + }); + + test('Test sending a message without the device list cache', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var aliceEmptyMessageSent = 0; + var bobEmptyMessageSent = 0; + + final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = omemo.OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async { + aliceEmptyMessageSent++; + }, + (jid) async { + expect(jid, bobJid); + return [ bobDevice.id ]; + }, + (jid, id) async { + expect(jid, bobJid); + return bobDevice.toBundle(); + }, + ); + final bobManager = omemo.OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async { + bobEmptyMessageSent++; + }, + (jid) async { + expect(jid, aliceJid); + return [aliceDevice.id]; + }, + (jid, id) async { + expect(jid, aliceJid); + return aliceDevice.toBundle(); + }, + ); + + // Alice sends a message + final aliceResult = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello world', + ), + ); + + // Bob must be able to decrypt the message + final bobResult = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult!.encryptedKeys, + base64.encode(aliceResult.ciphertext!), + ), + ); + + expect(aliceEmptyMessageSent, 0); + expect(bobEmptyMessageSent, 1); + expect(bobResult.payload, 'Hello world'); + + // Alice receives the ack message + await aliceManager.ratchetAcknowledged( + bobJid, + bobDevice.id, + ); + + // Bob now responds + final bobResult2 = await bobManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [aliceJid], + 'Hello world, Alice', + ), + ); + final aliceResult2 = await aliceManager.onIncomingStanza( + OmemoIncomingStanza( + bobJid, + bobDevice.id, + DateTime.now().millisecondsSinceEpoch, + bobResult2!.encryptedKeys, + base64.encode(bobResult2.ciphertext!), + ), + ); + + expect(aliceResult2.error, null); + expect(aliceEmptyMessageSent, 0); + expect(bobEmptyMessageSent, 1); + expect(aliceResult2.payload, 'Hello world, Alice'); + }); + + test('Test triggering the heartbeat', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var aliceEmptyMessageSent = 0; + var bobEmptyMessageSent = 0; + + final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = omemo.OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async { + aliceEmptyMessageSent++; + }, + (jid) async { + expect(jid, bobJid); + return [ bobDevice.id ]; + }, + (jid, id) async { + expect(jid, bobJid); + return bobDevice.toBundle(); + }, + ); + final bobManager = omemo.OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async { + bobEmptyMessageSent++; + }, + (jid) async { + expect(jid, aliceJid); + return [aliceDevice.id]; + }, + (jid, id) async { + expect(jid, aliceJid); + return aliceDevice.toBundle(); + }, + ); + + // Alice sends a message + final aliceResult = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello world', + ), + ); + + // Bob must be able to decrypt the message + final bobResult = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult!.encryptedKeys, + base64.encode(aliceResult.ciphertext!), + ), + ); + + expect(aliceEmptyMessageSent, 0); + expect(bobEmptyMessageSent, 1); + expect(bobResult.payload, 'Hello world'); + + // Bob acknowledges the message + await aliceManager.ratchetAcknowledged(bobJid, bobDevice.id); + + // Alice now sends 52 messages that Bob decrypts + for (var i = 0; i <= 51; i++) { + final aliceResultLoop = await aliceManager.onOutgoingStanza( + OmemoOutgoingStanza( + [bobJid], + 'Test message $i', + ), + ); + + final bobResultLoop = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResultLoop!.encryptedKeys, + base64.encode(aliceResultLoop.ciphertext!), + ), + ); + + expect(aliceEmptyMessageSent, 0); + expect(bobEmptyMessageSent, 1); + expect(bobResultLoop.payload, 'Test message $i'); + } + + // Alice sends a final message that triggers a heartbeat + final aliceResultFinal = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Test message last', + ), + ); + + final bobResultFinal = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResultFinal!.encryptedKeys, + base64.encode(aliceResultFinal.ciphertext!), + ), + ); + + expect(aliceEmptyMessageSent, 0); + expect(bobEmptyMessageSent, 2); + expect(bobResultFinal.payload, 'Test message last'); + }); +} From d37a4bd7192161b99bb0d0d03c4f93f12b79cee4 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Sun, 25 Dec 2022 22:20:53 +0100 Subject: [PATCH 03/17] chore: Bump version --- CHANGELOG.md | 6 ++++++ pubspec.yaml | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0396193..ceff682 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -36,3 +36,9 @@ - Fix a bug that caused the device's id to change when replacing a OPK - Every decryption failure now causes the ratchet to be restored to a pre-decryption state - Add method to get the device's fingerprint + +## 1.0.0 + +- [Breaking] Replace `OmemoSessionManager` with `OmemoManager` +- Implement queued access to the ratchets inside the `OmemoManager` +- Implement heartbeat messages diff --git a/pubspec.yaml b/pubspec.yaml index e43d396..b79cb79 100644 --- a/pubspec.yaml +++ b/pubspec.yaml @@ -1,6 +1,6 @@ name: omemo_dart description: An XMPP library independent OMEMO library -version: 0.3.2 +version: 1.0.0 homepage: https://github.com/PapaTutuWawa/omemo_dart publish_to: https://git.polynom.me/api/packages/PapaTutuWawa/pub From 5bc1136ec0bad279930ade2b1025034d09c34028 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Sun, 25 Dec 2022 22:59:53 +0100 Subject: [PATCH 04/17] feat: Implement getting fingerprints --- lib/src/omemo/events.dart | 6 +-- lib/src/omemo/fingerprint.dart | 1 - lib/src/omemo/omemomanager.dart | 66 +++++++++++++++++++++++++----- lib/src/omemo/ratchet_map_key.dart | 1 - lib/src/omemo/sessionmanager.dart | 8 ++-- test/omemo_test.dart | 2 +- 6 files changed, 64 insertions(+), 20 deletions(-) diff --git a/lib/src/omemo/events.dart b/lib/src/omemo/events.dart index 71b7f9b..cf075ce 100644 --- a/lib/src/omemo/events.dart +++ b/lib/src/omemo/events.dart @@ -22,9 +22,9 @@ class RatchetRemovedEvent extends OmemoEvent { } /// Triggered when the device map has been modified -class DeviceMapModifiedEvent extends OmemoEvent { - DeviceMapModifiedEvent(this.map); - final Map> map; +class DeviceListModifiedEvent extends OmemoEvent { + DeviceListModifiedEvent(this.list); + final Map> list; } /// Triggered by the OmemoSessionManager when our own device bundle was modified diff --git a/lib/src/omemo/fingerprint.dart b/lib/src/omemo/fingerprint.dart index 7c50326..afb72df 100644 --- a/lib/src/omemo/fingerprint.dart +++ b/lib/src/omemo/fingerprint.dart @@ -2,7 +2,6 @@ import 'package:meta/meta.dart'; @immutable class DeviceFingerprint { - const DeviceFingerprint(this.deviceId, this.fingerprint); final String fingerprint; final int deviceId; diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart index 43513cf..ff4f30b 100644 --- a/lib/src/omemo/omemomanager.dart +++ b/lib/src/omemo/omemomanager.dart @@ -3,6 +3,7 @@ import 'dart:collection'; import 'dart:convert'; import 'package:collection/collection.dart'; import 'package:cryptography/cryptography.dart'; +import 'package:hex/hex.dart'; import 'package:logging/logging.dart'; import 'package:meta/meta.dart'; import 'package:omemo_dart/src/crypto.dart'; @@ -16,6 +17,7 @@ import 'package:omemo_dart/src/omemo/device.dart'; import 'package:omemo_dart/src/omemo/encrypted_key.dart'; import 'package:omemo_dart/src/omemo/encryption_result.dart'; import 'package:omemo_dart/src/omemo/events.dart'; +import 'package:omemo_dart/src/omemo/fingerprint.dart'; import 'package:omemo_dart/src/omemo/ratchet_map_key.dart'; import 'package:omemo_dart/src/omemo/stanza.dart'; import 'package:omemo_dart/src/protobuf/omemo_authenticated_message.dart'; @@ -48,7 +50,6 @@ class OmemoManager { Map> _deviceList = {}; /// Map bare JIDs to whether we already requested the device list once final Map _deviceListRequested = {}; - /// Map bare a ratchet key to its ratchet. Note that this is also locked by /// _ratchetCriticalSectionLock. Map _ratchetMap = {}; @@ -126,14 +127,14 @@ class OmemoManager { _deviceList[jid] = [deviceId]; // Commit the device map - _eventStreamController.add(DeviceMapModifiedEvent(_deviceList)); + _eventStreamController.add(DeviceListModifiedEvent(_deviceList)); } else { // Prevent having the same device multiple times in the list if (!_deviceList[jid]!.contains(deviceId)) { _deviceList[jid]!.add(deviceId); // Commit the device map - _eventStreamController.add(DeviceMapModifiedEvent(_deviceList)); + _eventStreamController.add(DeviceListModifiedEvent(_deviceList)); } } @@ -239,7 +240,7 @@ class OmemoManager { /// element, then [ciphertext] must be set to null. In this case, this function /// will return null as there is no message to be decrypted. This, however, is used /// to set up sessions or advance the ratchets. - Future decryptMessage(List? ciphertext, String senderJid, int senderDeviceId, List keys, int timestamp) async { + Future _decryptMessage(List? ciphertext, String senderJid, int senderDeviceId, List keys, int timestamp) async { // Try to find a session we can decrypt with. var device = await getDevice(); final rawKey = keys.firstWhereOrNull((key) => key.rid == device.id); @@ -263,7 +264,7 @@ class OmemoManager { // Guard against old key exchanges if (oldRatchet != null) { - _log.finest('KEX for existent ratchet. ${oldRatchet.pn}'); + _log.finest('KEX for existent ratchet ${ratchetKey.toJsonKey()}. ${oldRatchet.kexTimestamp} > $timestamp: ${oldRatchet.kexTimestamp > timestamp}'); if (oldRatchet.kexTimestamp > timestamp) { throw InvalidKeyExchangeException(); } @@ -368,6 +369,9 @@ class OmemoManager { return !_ratchetMap.containsKey(RatchetMapKey(jid, id)) || _deviceList[jid]?.contains(id) == false; }).toList(); + + // Trigger an event with the new device list + _eventStreamController.add(DeviceListModifiedEvent(_deviceList)); } else { // We already have an up-to-date version of the device list bundlesToFetch = _deviceList[jid]! @@ -502,7 +506,9 @@ class OmemoManager { encryptedKeys, ); } - + + /// Call when receiving an OMEMO:2 encrypted stanza. Will handle everything and + /// decrypt it. Future onIncomingStanza(OmemoIncomingStanza stanza) async { await _enterRatchetCriticalSection(stanza.bareSenderJid); @@ -510,7 +516,7 @@ class OmemoManager { final ratchetCreated = !_ratchetMap.containsKey(ratchetKey); String? payload; try { - payload = await decryptMessage( + payload = await _decryptMessage( base64.decode(stanza.payload), stanza.bareSenderJid, stanza.senderDeviceId, @@ -569,6 +575,8 @@ class OmemoManager { ); } + /// Call when sending out an encrypted stanza. Will handle everything and + /// encrypt it. Future onOutgoingStanza(OmemoOutgoingStanza stanza) async { return _encryptToJids( stanza.recipientJids, @@ -589,20 +597,58 @@ class OmemoManager { if (enterCriticalSection) await _leaveRatchetCriticalSection(jid); } + /// Generates an entirely new device. May be useful when the user wants to reset their cryptographic + /// identity. Triggers an event to commit it to storage. + Future regenerateDevice({ int opkAmount = 100 }) async { + await _deviceLock.synchronized(() async { + _device = await Device.generateNewDevice(_device.jid, opkAmount: opkAmount); + + // Commit it + _eventStreamController.add(DeviceModifiedEvent(_device)); + }); + } + + /// Returns the device used for encryption and decryption. Future getDevice() => _deviceLock.synchronized(() => _device); + /// Returns the fingerprints for all devices of [jid] that we have a session with. + /// If there are not sessions with [jid], then returns null. + Future?> getFingerprintsForJid(String jid) async { + if (!_deviceList.containsKey(jid)) return null; + + await _enterRatchetCriticalSection(jid); + + final fingerprintKeys = _deviceList[jid]! + .map((id) => RatchetMapKey(jid, id)) + .where((key) => _ratchetMap.containsKey(key)); + + final fingerprints = List.empty(growable: true); + for (final key in fingerprintKeys) { + fingerprints.add( + DeviceFingerprint( + key.deviceId, + HEX.encode(await _ratchetMap[key]!.ik.getBytes()), + ), + ); + } + + await _leaveRatchetCriticalSection(jid); + return fingerprints; + } + /// Ensures that the device list is fetched again on the next message sending. void onNewConnection() { _deviceListRequested.clear(); } - /// Sets the device list for [jid] to [devices]. + /// Sets the device list for [jid] to [devices]. Triggers a DeviceListModifiedEvent. void onDeviceListUpdate(String jid, List devices) { _deviceList[jid] = devices; _deviceListRequested[jid] = true; - } - List? getDeviceListForJid(String jid) => _deviceList[jid]; + // Trigger an event + _eventStreamController.add(DeviceListModifiedEvent(_deviceList)); + } void initialize(Map ratchetMap, Map> deviceList) { _deviceList = deviceList; diff --git a/lib/src/omemo/ratchet_map_key.dart b/lib/src/omemo/ratchet_map_key.dart index 79ed90c..76b0681 100644 --- a/lib/src/omemo/ratchet_map_key.dart +++ b/lib/src/omemo/ratchet_map_key.dart @@ -2,7 +2,6 @@ import 'package:meta/meta.dart'; @immutable class RatchetMapKey { - const RatchetMapKey(this.jid, this.deviceId); factory RatchetMapKey.fromJsonKey(String key) { diff --git a/lib/src/omemo/sessionmanager.dart b/lib/src/omemo/sessionmanager.dart index 77a06f5..e731d7f 100644 --- a/lib/src/omemo/sessionmanager.dart +++ b/lib/src/omemo/sessionmanager.dart @@ -119,14 +119,14 @@ class OmemoSessionManager { _deviceMap[jid] = [deviceId]; // Commit the device map - _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); + _eventStreamController.add(DeviceListModifiedEvent(_deviceMap)); } else { // Prevent having the same device multiple times in the list if (!_deviceMap[jid]!.contains(deviceId)) { _deviceMap[jid]!.add(deviceId); // Commit the device map - _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); + _eventStreamController.add(DeviceListModifiedEvent(_deviceMap)); } } @@ -562,7 +562,7 @@ class OmemoSessionManager { _deviceMap.remove(jid); } // Commit it - _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); + _eventStreamController.add(DeviceListModifiedEvent(_deviceMap)); }); } @@ -580,7 +580,7 @@ class OmemoSessionManager { // Remove the device from jid _deviceMap.remove(jid); // Commit it - _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); + _eventStreamController.add(DeviceListModifiedEvent(_deviceMap)); }); } diff --git a/test/omemo_test.dart b/test/omemo_test.dart index bc2b400..c31679e 100644 --- a/test/omemo_test.dart +++ b/test/omemo_test.dart @@ -65,7 +65,7 @@ void main() { deviceModified = true; } else if (event is RatchetModifiedEvent) { ratchetModified++; - } else if (event is DeviceMapModifiedEvent) { + } else if (event is DeviceListModifiedEvent) { deviceMapModified++; } }); From caf841c53ea676c98bc4443b268a9e79d1408675 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Mon, 26 Dec 2022 13:21:47 +0100 Subject: [PATCH 05/17] feat: Add more documentation --- lib/src/omemo/omemomanager.dart | 19 +++++++++++++++---- lib/src/omemo/stanza.dart | 16 ++++++++++++++++ 2 files changed, 31 insertions(+), 4 deletions(-) diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart index ff4f30b..dbf9591 100644 --- a/lib/src/omemo/omemomanager.dart +++ b/lib/src/omemo/omemomanager.dart @@ -42,8 +42,14 @@ class OmemoManager { final Logger _log = Logger('OmemoManager'); /// Functions for connecting with the OMEMO library + + /// Send an empty OMEMO:2 message using the encrypted payload [result] to [recipientJid]. final Future Function(EncryptionResult result, String recipientJid) sendEmptyOmemoMessage; + + /// Fetch the list of device ids associated with [jid]. final Future> Function(String jid) fetchDeviceList; + + /// Fetch the device bundle for the device with id [id] of [jid]. If it cannot be fetched, return null. final Future Function(String jid, int id) fetchDeviceBundle; /// Map bare JID to its known devices @@ -588,11 +594,16 @@ class OmemoManager { Future ratchetAcknowledged(String jid, int deviceId, { bool enterCriticalSection = true }) async { if (enterCriticalSection) await _enterRatchetCriticalSection(jid); - final ratchet = _ratchetMap[RatchetMapKey(jid, deviceId)]! - ..acknowledged = true; + final key = RatchetMapKey(jid, deviceId); + if (_ratchetMap.containsKey(key)) { + final ratchet = _ratchetMap[key]! + ..acknowledged = true; - // Commit it - _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false)); + // Commit it + _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false)); + } else { + _log.severe('Attempted to acknowledge ratchet ${key.toJsonKey()}, even though it does not exist'); + } if (enterCriticalSection) await _leaveRatchetCriticalSection(jid); } diff --git a/lib/src/omemo/stanza.dart b/lib/src/omemo/stanza.dart index 92f9f80..9ed4149 100644 --- a/lib/src/omemo/stanza.dart +++ b/lib/src/omemo/stanza.dart @@ -1,5 +1,6 @@ import 'package:omemo_dart/src/omemo/encrypted_key.dart'; +/// Describes a stanza that was received by the underlying XMPP library. class OmemoIncomingStanza { const OmemoIncomingStanza( this.bareSenderJid, @@ -8,18 +9,33 @@ class OmemoIncomingStanza { this.keys, this.payload, ); + + /// The bare JID of the sender of the stanza. final String bareSenderJid; + + /// The device ID of the sender. final int senderDeviceId; + + /// The timestamp when the stanza was received. final int timestamp; + + /// The included encrypted keys final List keys; + + /// The string payload included in the element. final String payload; } +/// Describes a stanza that is to be sent out class OmemoOutgoingStanza { const OmemoOutgoingStanza( this.recipientJids, this.payload, ); + + /// The JIDs the stanza will be sent to. final List recipientJids; + + /// The serialised XML data that should be encrypted. final String payload; } From bca4840ca6c91b884478a1d4a00d980098a9f526 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Mon, 26 Dec 2022 13:22:07 +0100 Subject: [PATCH 06/17] test: Add a test to ensure the library cannot get stuck --- test/omemomanager_test.dart | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/test/omemomanager_test.dart b/test/omemomanager_test.dart index 5b65a65..b6c5c08 100644 --- a/test/omemomanager_test.dart +++ b/test/omemomanager_test.dart @@ -217,4 +217,30 @@ void main() { expect(bobEmptyMessageSent, 2); expect(bobResultFinal.payload, 'Test message last'); }); + + test('Test accessing data without it existing', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + + final aliceManager = omemo.OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => [], + (jid, id) async => null, + ); + + // Get non-existant fingerprints + expect( + await aliceManager.getFingerprintsForJid(bobJid), + null, + ); + + // Ack a non-existant ratchet + await aliceManager.ratchetAcknowledged( + bobJid, + 42, + ); + }); } From 4dc3cfb2b1dad1184aefcf7799129a3e6eb17384 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Mon, 26 Dec 2022 13:27:54 +0100 Subject: [PATCH 07/17] feat: Deprecate OmemoSessionManager --- CHANGELOG.md | 8 ++++---- lib/src/omemo/constants.dart | 2 ++ lib/src/omemo/omemomanager.dart | 4 +--- lib/src/omemo/sessionmanager.dart | 5 ++--- pubspec.yaml | 2 +- 5 files changed, 10 insertions(+), 11 deletions(-) create mode 100644 lib/src/omemo/constants.dart diff --git a/CHANGELOG.md b/CHANGELOG.md index ceff682..9cdd49a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -37,8 +37,8 @@ - Every decryption failure now causes the ratchet to be restored to a pre-decryption state - Add method to get the device's fingerprint -## 1.0.0 +## 0.4.0 -- [Breaking] Replace `OmemoSessionManager` with `OmemoManager` -- Implement queued access to the ratchets inside the `OmemoManager` -- Implement heartbeat messages +- Deprecate `OmemoSessionManager`. Use `OmemoManager` instead. +- Implement queued access to the ratchets inside the `OmemoManager`. +- Implement heartbeat messages. diff --git a/lib/src/omemo/constants.dart b/lib/src/omemo/constants.dart new file mode 100644 index 0000000..31e2fe6 --- /dev/null +++ b/lib/src/omemo/constants.dart @@ -0,0 +1,2 @@ +/// The info used for when encrypting the AES key for the actual payload. +const omemoPayloadInfoString = 'OMEMO Payload'; diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart index dbf9591..75d06cc 100644 --- a/lib/src/omemo/omemomanager.dart +++ b/lib/src/omemo/omemomanager.dart @@ -12,6 +12,7 @@ import 'package:omemo_dart/src/errors.dart'; import 'package:omemo_dart/src/helpers.dart'; import 'package:omemo_dart/src/keys.dart'; import 'package:omemo_dart/src/omemo/bundle.dart'; +import 'package:omemo_dart/src/omemo/constants.dart'; import 'package:omemo_dart/src/omemo/decryption_result.dart'; import 'package:omemo_dart/src/omemo/device.dart'; import 'package:omemo_dart/src/omemo/encrypted_key.dart'; @@ -27,9 +28,6 @@ import 'package:omemo_dart/src/trust/base.dart'; import 'package:omemo_dart/src/x3dh/x3dh.dart'; import 'package:synchronized/synchronized.dart'; -/// The info used for when encrypting the AES key for the actual payload. -const omemoPayloadInfoString = 'OMEMO Payload'; - class OmemoManager { OmemoManager( this._device, diff --git a/lib/src/omemo/sessionmanager.dart b/lib/src/omemo/sessionmanager.dart index e731d7f..33be86e 100644 --- a/lib/src/omemo/sessionmanager.dart +++ b/lib/src/omemo/sessionmanager.dart @@ -11,6 +11,7 @@ import 'package:omemo_dart/src/errors.dart'; import 'package:omemo_dart/src/helpers.dart'; import 'package:omemo_dart/src/keys.dart'; import 'package:omemo_dart/src/omemo/bundle.dart'; +import 'package:omemo_dart/src/omemo/constants.dart'; import 'package:omemo_dart/src/omemo/device.dart'; import 'package:omemo_dart/src/omemo/encrypted_key.dart'; import 'package:omemo_dart/src/omemo/encryption_result.dart'; @@ -24,9 +25,7 @@ import 'package:omemo_dart/src/trust/base.dart'; import 'package:omemo_dart/src/x3dh/x3dh.dart'; import 'package:synchronized/synchronized.dart'; -/// The info used for when encrypting the AES key for the actual payload. -const omemoPayloadInfoString = 'OMEMO Payload'; - +@Deprecated('Use OmemoManager instead') class OmemoSessionManager { OmemoSessionManager(this._device, this._deviceMap, this._ratchetMap, this._trustManager) : _lock = Lock(), diff --git a/pubspec.yaml b/pubspec.yaml index b79cb79..544403c 100644 --- a/pubspec.yaml +++ b/pubspec.yaml @@ -1,6 +1,6 @@ name: omemo_dart description: An XMPP library independent OMEMO library -version: 1.0.0 +version: 0.4.0 homepage: https://github.com/PapaTutuWawa/omemo_dart publish_to: https://git.polynom.me/api/packages/PapaTutuWawa/pub From e35f65aff9504df25e97b7170ad9db0d718e79e5 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Mon, 26 Dec 2022 18:18:43 +0100 Subject: [PATCH 08/17] style: Fix style issues --- analysis_options.yaml | 4 + lib/src/omemo/omemomanager.dart | 18 +- lib/src/omemo/sessionmanager.dart | 2 + test/omemomanager_test.dart | 331 ++++++++++++++++++++++++++++++ 4 files changed, 347 insertions(+), 8 deletions(-) diff --git a/analysis_options.yaml b/analysis_options.yaml index 5ded12b..beb23d6 100644 --- a/analysis_options.yaml +++ b/analysis_options.yaml @@ -10,3 +10,7 @@ linter: analyzer: exclude: - "lib/protobuf/*.dart" + # TODO: Remove once OmemoSessionManager is gone + - "test/omemo_test.dart" + - "example/omemo_dart_example.dart" + - "test/serialisation_test.dart" diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart index 75d06cc..5743abe 100644 --- a/lib/src/omemo/omemomanager.dart +++ b/lib/src/omemo/omemomanager.dart @@ -41,13 +41,15 @@ class OmemoManager { /// Functions for connecting with the OMEMO library - /// Send an empty OMEMO:2 message using the encrypted payload [result] to [recipientJid]. + /// Send an empty OMEMO:2 message using the encrypted payload @result to + /// @recipientJid. final Future Function(EncryptionResult result, String recipientJid) sendEmptyOmemoMessage; - /// Fetch the list of device ids associated with [jid]. - final Future> Function(String jid) fetchDeviceList; + /// Fetch the list of device ids associated with @jid. If the device list cannot be + /// fetched, return null. + final Future?> Function(String jid) fetchDeviceList; - /// Fetch the device bundle for the device with id [id] of [jid]. If it cannot be fetched, return null. + /// Fetch the device bundle for the device with id @id of jid. If it cannot be fetched, return null. final Future Function(String jid, int id) fetchDeviceBundle; /// Map bare JID to its known devices @@ -316,10 +318,7 @@ class OmemoManager { } final devices = _deviceList[senderJid]; - if (devices == null) { - throw NoDecryptionKeyException(); - } - if (!devices.contains(senderDeviceId)) { + if (devices?.contains(senderDeviceId) != true) { throw NoDecryptionKeyException(); } @@ -367,6 +366,8 @@ class OmemoManager { if (!_deviceListRequested.containsKey(jid) || !_deviceList.containsKey(jid)) { // We don't have an up-to-date version of the device list final newDeviceList = await fetchDeviceList(jid); + if (newDeviceList == null) return []; + _deviceList[jid] = newDeviceList; bundlesToFetch = newDeviceList .where((id) { @@ -383,6 +384,7 @@ class OmemoManager { .toList(); } + _log.finest('Fetching bundles $bundlesToFetch for $jid'); final newBundles = List.empty(growable: true); for (final id in bundlesToFetch) { final bundle = await fetchDeviceBundle(jid, id); diff --git a/lib/src/omemo/sessionmanager.dart b/lib/src/omemo/sessionmanager.dart index 33be86e..eb8409d 100644 --- a/lib/src/omemo/sessionmanager.dart +++ b/lib/src/omemo/sessionmanager.dart @@ -27,6 +27,7 @@ import 'package:synchronized/synchronized.dart'; @Deprecated('Use OmemoManager instead') class OmemoSessionManager { + @Deprecated('Use OmemoManager instead') OmemoSessionManager(this._device, this._deviceMap, this._ratchetMap, this._trustManager) : _lock = Lock(), _deviceLock = Lock(), @@ -35,6 +36,7 @@ class OmemoSessionManager { /// Deserialise the OmemoSessionManager from JSON data [data] that does not contain /// the ratchet sessions. + @Deprecated('Use OmemoManager instead') factory OmemoSessionManager.fromJsonWithoutSessions( Map data, Map ratchetMap, diff --git a/test/omemomanager_test.dart b/test/omemomanager_test.dart index b6c5c08..a0b89b8 100644 --- a/test/omemomanager_test.dart +++ b/test/omemomanager_test.dart @@ -243,4 +243,335 @@ void main() { 42, ); }); + + test('Test receiving a message encrypted for another device', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var oldDevice = true; + + final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final bobOldDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + final bobCurrentDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = omemo.OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return oldDevice ? + [ bobOldDevice.id ] : + [ bobCurrentDevice.id ]; + }, + (jid, id) async { + expect(jid, bobJid); + return oldDevice ? + bobOldDevice.toBundle() : + bobCurrentDevice.toBundle(); + }, + ); + final bobManager = omemo.OmemoManager( + bobCurrentDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => [], + (jid, id) async => null, + ); + + // Alice encrypts a message to Bob + final aliceResult1 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob', + ), + ); + + // Bob's current device receives it + final bobResult1 = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult1!.encryptedKeys, + base64.encode(aliceResult1.ciphertext!), + ), + ); + + expect(bobResult1.payload, null); + expect(bobResult1.error is NotEncryptedForDeviceException, true); + + // Now Alice's client loses and regains the connection + aliceManager.onNewConnection(); + oldDevice = false; + + // And Alice sends a new message + final aliceResult2 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob x2', + ), + ); + final bobResult2 = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult2!.encryptedKeys, + base64.encode(aliceResult2.ciphertext!), + ), + ); + + expect(aliceResult2.encryptedKeys.length, 1); + expect(bobResult2.payload, 'Hello Bob x2'); + }); + + test('Test receiving a response from a new device', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var bothDevices = false; + + final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice1 = await Device.generateNewDevice(bobJid, opkAmount: 1); + final bobDevice2 = await Device.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = omemo.OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return [ + bobDevice1.id, + + if (bothDevices) + bobDevice2.id, + ]; + }, + (jid, id) async { + expect(jid, bobJid); + + if (bothDevices) { + if (id == bobDevice1.id) { + return bobDevice1.toBundle(); + } else if (id == bobDevice2.id) { + return bobDevice2.toBundle(); + } + } else { + if (id == bobDevice1.id) return bobDevice1.toBundle(); + } + + return null; + }, + ); + final bobManager1 = omemo.OmemoManager( + bobDevice1, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => [], + (jid, id) async => null, + ); + final bobManager2 = omemo.OmemoManager( + bobDevice2, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, aliceJid); + return [aliceDevice.id]; + }, + (jid, id) async { + expect(jid, aliceJid); + return aliceDevice.toBundle(); + }, + ); + + // Alice sends a message to Bob + final aliceResult1 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob!', + ), + ); + + // Bob decrypts it + final bobResult1 = await bobManager1.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult1!.encryptedKeys, + base64.encode(aliceResult1.ciphertext!), + ), + ); + + expect(aliceResult1.encryptedKeys.length, 1); + expect(bobResult1.payload, 'Hello Bob!'); + + // Now Bob encrypts from his new device + bothDevices = true; + final bobResult2 = await bobManager2.onOutgoingStanza( + const OmemoOutgoingStanza( + [aliceJid], + 'Hello from my new device', + ), + ); + + // And Alice decrypts it + final aliceResult2 = await aliceManager.onIncomingStanza( + OmemoIncomingStanza( + bobJid, + bobDevice2.id, + DateTime.now().millisecondsSinceEpoch, + bobResult2!.encryptedKeys, + base64.encode(bobResult2.ciphertext!), + ), + ); + + expect(aliceResult2.payload, 'Hello from my new device'); + }); + + test('Test receiving a device list update', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var bothDevices = false; + + final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice1 = await Device.generateNewDevice(bobJid, opkAmount: 1); + final bobDevice2 = await Device.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = omemo.OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return [ + bobDevice1.id, + + if (bothDevices) + bobDevice2.id, + ]; + }, + (jid, id) async { + expect(jid, bobJid); + + if (bothDevices) { + if (id == bobDevice1.id) { + return bobDevice1.toBundle(); + } else if (id == bobDevice2.id) { + return bobDevice2.toBundle(); + } + } else { + if (id == bobDevice1.id) return bobDevice1.toBundle(); + } + + return null; + }, + ); + final bobManager1 = omemo.OmemoManager( + bobDevice1, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + ); + final bobManager2 = omemo.OmemoManager( + bobDevice2, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + ); + + // Alice sends a message to Bob + final aliceResult1 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob!', + ), + ); + + // Bob decrypts it + final bobResult1 = await bobManager1.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult1!.encryptedKeys, + base64.encode(aliceResult1.ciphertext!), + ), + ); + + expect(aliceResult1.encryptedKeys.length, 1); + expect(bobResult1.payload, 'Hello Bob!'); + + // Bob acks the ratchet session + await aliceManager.ratchetAcknowledged(bobJid, bobDevice1.id); + + // Bob now publishes a new device + bothDevices = true; + aliceManager.onDeviceListUpdate( + bobJid, + [ + bobDevice1.id, + bobDevice2.id, + ], + ); + + // Now Alice encrypts another message + final aliceResult2 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob! x2', + ), + ); + + expect(aliceResult2!.encryptedKeys.length, 2); + + // And Bob decrypts it + final bobResult21 = await bobManager1.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult2.encryptedKeys, + base64.encode(aliceResult2.ciphertext!), + ), + ); + final bobResult22 = await bobManager2.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult2.encryptedKeys, + base64.encode(aliceResult2.ciphertext!), + ), + ); + + expect(bobResult21.payload, 'Hello Bob! x2'); + expect(bobResult22.payload, 'Hello Bob! x2'); + + // Bob2 now responds + final bobResult32 = await bobManager2.onOutgoingStanza( + const OmemoOutgoingStanza( + [aliceJid], + 'Hello Alice!', + ), + ); + + // And Alice responds + final aliceResult3 = await aliceManager.onIncomingStanza( + OmemoIncomingStanza( + bobJid, + bobDevice2.id, + DateTime.now().millisecondsSinceEpoch, + bobResult32!.encryptedKeys, + base64.encode(bobResult32.ciphertext!), + ), + ); + + expect(aliceResult3.payload, 'Hello Alice!'); + }); } From 54eeb816ebc41310213780353f9ba60817d10975 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Mon, 26 Dec 2022 18:24:12 +0100 Subject: [PATCH 09/17] feat: Export OmemoManager --- lib/omemo_dart.dart | 1 + test/omemomanager_test.dart | 27 +++++++++++++-------------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/lib/omemo_dart.dart b/lib/omemo_dart.dart index 71d64d5..6863f2e 100644 --- a/lib/omemo_dart.dart +++ b/lib/omemo_dart.dart @@ -10,6 +10,7 @@ export 'src/omemo/encrypted_key.dart'; export 'src/omemo/encryption_result.dart'; export 'src/omemo/events.dart'; export 'src/omemo/fingerprint.dart'; +export 'src/omemo/omemomanager.dart'; export 'src/omemo/ratchet_map_key.dart'; export 'src/omemo/sessionmanager.dart'; export 'src/omemo/stanza.dart'; diff --git a/test/omemomanager_test.dart b/test/omemomanager_test.dart index a0b89b8..d12236d 100644 --- a/test/omemomanager_test.dart +++ b/test/omemomanager_test.dart @@ -1,7 +1,6 @@ import 'dart:convert'; import 'package:logging/logging.dart'; import 'package:omemo_dart/omemo_dart.dart'; -import 'package:omemo_dart/src/omemo/omemomanager.dart' as omemo; import 'package:omemo_dart/src/trust/always.dart'; import 'package:test/test.dart'; @@ -22,7 +21,7 @@ void main() { final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); - final aliceManager = omemo.OmemoManager( + final aliceManager = OmemoManager( aliceDevice, AlwaysTrustingTrustManager(), (result, recipientJid) async { @@ -37,7 +36,7 @@ void main() { return bobDevice.toBundle(); }, ); - final bobManager = omemo.OmemoManager( + final bobManager = OmemoManager( bobDevice, AlwaysTrustingTrustManager(), (result, recipientJid) async { @@ -114,7 +113,7 @@ void main() { final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); - final aliceManager = omemo.OmemoManager( + final aliceManager = OmemoManager( aliceDevice, AlwaysTrustingTrustManager(), (result, recipientJid) async { @@ -129,7 +128,7 @@ void main() { return bobDevice.toBundle(); }, ); - final bobManager = omemo.OmemoManager( + final bobManager = OmemoManager( bobDevice, AlwaysTrustingTrustManager(), (result, recipientJid) async { @@ -223,7 +222,7 @@ void main() { const bobJid = 'bob@server2'; final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); - final aliceManager = omemo.OmemoManager( + final aliceManager = OmemoManager( aliceDevice, AlwaysTrustingTrustManager(), (result, recipientJid) async {}, @@ -253,7 +252,7 @@ void main() { final bobOldDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); final bobCurrentDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); - final aliceManager = omemo.OmemoManager( + final aliceManager = OmemoManager( aliceDevice, AlwaysTrustingTrustManager(), (result, recipientJid) async {}, @@ -271,7 +270,7 @@ void main() { bobCurrentDevice.toBundle(); }, ); - final bobManager = omemo.OmemoManager( + final bobManager = OmemoManager( bobCurrentDevice, AlwaysTrustingTrustManager(), (result, recipientJid) async {}, @@ -335,7 +334,7 @@ void main() { final bobDevice1 = await Device.generateNewDevice(bobJid, opkAmount: 1); final bobDevice2 = await Device.generateNewDevice(bobJid, opkAmount: 1); - final aliceManager = omemo.OmemoManager( + final aliceManager = OmemoManager( aliceDevice, AlwaysTrustingTrustManager(), (result, recipientJid) async {}, @@ -365,14 +364,14 @@ void main() { return null; }, ); - final bobManager1 = omemo.OmemoManager( + final bobManager1 = OmemoManager( bobDevice1, AlwaysTrustingTrustManager(), (result, recipientJid) async {}, (jid) async => [], (jid, id) async => null, ); - final bobManager2 = omemo.OmemoManager( + final bobManager2 = OmemoManager( bobDevice2, AlwaysTrustingTrustManager(), (result, recipientJid) async {}, @@ -440,7 +439,7 @@ void main() { final bobDevice1 = await Device.generateNewDevice(bobJid, opkAmount: 1); final bobDevice2 = await Device.generateNewDevice(bobJid, opkAmount: 1); - final aliceManager = omemo.OmemoManager( + final aliceManager = OmemoManager( aliceDevice, AlwaysTrustingTrustManager(), (result, recipientJid) async {}, @@ -470,14 +469,14 @@ void main() { return null; }, ); - final bobManager1 = omemo.OmemoManager( + final bobManager1 = OmemoManager( bobDevice1, AlwaysTrustingTrustManager(), (result, recipientJid) async {}, (jid) async => null, (jid, id) async => null, ); - final bobManager2 = omemo.OmemoManager( + final bobManager2 = OmemoManager( bobDevice2, AlwaysTrustingTrustManager(), (result, recipientJid) async {}, From 6c4dd62c5a363a64814ce22887e54161e2b02442 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Tue, 27 Dec 2022 00:49:16 +0100 Subject: [PATCH 10/17] feat: _decryptMessage explicitly tells us that a ratchet was created --- lib/src/omemo/omemomanager.dart | 79 ++++++++++++++++++++------------- test/omemomanager_test.dart | 3 +- 2 files changed, 49 insertions(+), 33 deletions(-) diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart index 5743abe..2810322 100644 --- a/lib/src/omemo/omemomanager.dart +++ b/lib/src/omemo/omemomanager.dart @@ -28,6 +28,12 @@ import 'package:omemo_dart/src/trust/base.dart'; import 'package:omemo_dart/src/x3dh/x3dh.dart'; import 'package:synchronized/synchronized.dart'; +class _InternalDecryptionResult { + const _InternalDecryptionResult(this.ratchetCreated, this.payload); + final bool ratchetCreated; + final String? payload; +} + class OmemoManager { OmemoManager( this._device, @@ -246,7 +252,7 @@ class OmemoManager { /// element, then [ciphertext] must be set to null. In this case, this function /// will return null as there is no message to be decrypted. This, however, is used /// to set up sessions or advance the ratchets. - Future _decryptMessage(List? ciphertext, String senderJid, int senderDeviceId, List keys, int timestamp) async { + Future<_InternalDecryptionResult> _decryptMessage(List? ciphertext, String senderJid, int senderDeviceId, List keys, int timestamp) async { // Try to find a session we can decrypt with. var device = await getDevice(); final rawKey = keys.firstWhereOrNull((key) => key.rid == device.id); @@ -260,6 +266,7 @@ class OmemoManager { OmemoAuthenticatedMessage authMessage; OmemoDoubleRatchet? oldRatchet; OmemoMessage? message; + var ratchetCreated = false; if (rawKey.kex) { // If the ratchet already existed, we store it. If it didn't, oldRatchet will stay // null. @@ -294,7 +301,10 @@ class OmemoManager { decrypted, ); _addSession(senderJid, senderDeviceId, oldRatchet); - return plaintext; + return _InternalDecryptionResult( + true, + plaintext, + ); } catch (_) { _log.finest('Failed to use old ratchet with KEX for existing ratchet'); } @@ -303,6 +313,7 @@ class OmemoManager { final r = await _addSessionFromKeyExchange(senderJid, senderDeviceId, kex); await _trustManager.onNewSession(senderJid, senderDeviceId); _addSession(senderJid, senderDeviceId, r); + ratchetCreated = true; // Replace the OPK // TODO(PapaTutuWawa): Replace the OPK when we know that the KEX worked @@ -348,7 +359,10 @@ class OmemoManager { ); try { - return _decryptAndVerifyHmac(ciphertext, keyAndHmac); + return _InternalDecryptionResult( + ratchetCreated, + await _decryptAndVerifyHmac(ciphertext, keyAndHmac), + ); } catch (_) { _restoreRatchet(ratchetKey, oldRatchet); rethrow; @@ -519,10 +533,9 @@ class OmemoManager { await _enterRatchetCriticalSection(stanza.bareSenderJid); final ratchetKey = RatchetMapKey(stanza.bareSenderJid, stanza.senderDeviceId); - final ratchetCreated = !_ratchetMap.containsKey(ratchetKey); - String? payload; + final _InternalDecryptionResult result; try { - payload = await _decryptMessage( + result = await _decryptMessage( base64.decode(stanza.payload), stanza.bareSenderJid, stanza.senderDeviceId, @@ -541,7 +554,32 @@ class OmemoManager { final ratchet = _getRatchet(ratchetKey); assert(ratchet != null, 'We decrypted the message, so the ratchet must exist'); - if (ratchet!.nr > 53) { + if (ratchet!.acknowledged) { + // Ratchet is acknowledged + if (ratchet.nr > 53 || result.ratchetCreated) { + await sendEmptyOmemoMessage( + await _encryptToJids( + [stanza.bareSenderJid], + null, + ), + stanza.bareSenderJid, + ); + } + + // Ratchet is acked + await _leaveRatchetCriticalSection(stanza.bareSenderJid); + return DecryptionResult( + result.payload, + null, + ); + } else { + // Ratchet is not acked. + // Mark as acked and send an empty OMEMO message. + await ratchetAcknowledged( + stanza.bareSenderJid, + stanza.senderDeviceId, + enterCriticalSection: false, + ); await sendEmptyOmemoMessage( await _encryptToJids( [stanza.bareSenderJid], @@ -549,36 +587,13 @@ class OmemoManager { ), stanza.bareSenderJid, ); - } - - // Ratchet is acked - if (!ratchetCreated && ratchet.acknowledged) { + await _leaveRatchetCriticalSection(stanza.bareSenderJid); return DecryptionResult( - payload, + result.payload, null, ); } - - // Ratchet is not acked. Mark as acked and send an empty OMEMO message. - await ratchetAcknowledged( - stanza.bareSenderJid, - stanza.senderDeviceId, - enterCriticalSection: false, - ); - await sendEmptyOmemoMessage( - await _encryptToJids( - [stanza.bareSenderJid], - null, - ), - stanza.bareSenderJid, - ); - - await _leaveRatchetCriticalSection(stanza.bareSenderJid); - return DecryptionResult( - payload, - null, - ); } /// Call when sending out an encrypted stanza. Will handle everything and diff --git a/test/omemomanager_test.dart b/test/omemomanager_test.dart index d12236d..131b2bf 100644 --- a/test/omemomanager_test.dart +++ b/test/omemomanager_test.dart @@ -71,9 +71,10 @@ void main() { ), ); + expect(bobResult.payload, 'Hello world'); + expect(bobResult.error, null); expect(aliceEmptyMessageSent, 0); expect(bobEmptyMessageSent, 1); - expect(bobResult.payload, 'Hello world'); // Alice receives the ack message await aliceManager.ratchetAcknowledged( From 5e6b54aab5f3a8329261f72264f1d851f4d425b5 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Tue, 27 Dec 2022 01:32:23 +0100 Subject: [PATCH 11/17] feat: Better guard against failed lookups --- lib/src/errors.dart | 8 + lib/src/omemo/encryption_result.dart | 20 +- lib/src/omemo/omemomanager.dart | 24 ++- lib/src/omemo/sessionmanager.dart | 2 + test/omemomanager_test.dart | 265 +++++++++++++++++++++++++++ 5 files changed, 312 insertions(+), 7 deletions(-) diff --git a/lib/src/errors.dart b/lib/src/errors.dart index d8c3f43..3efe765 100644 --- a/lib/src/errors.dart +++ b/lib/src/errors.dart @@ -44,3 +44,11 @@ class InvalidKeyExchangeException extends OmemoException implements Exception { class MessageAlreadyDecryptedException extends OmemoException implements Exception { String errMsg() => 'The message has already been decrypted'; } + +/// Triggered by the OmemoManager when we could not encrypt a message as we have +/// no key material available. That happens, for example, when we want to create a +/// ratchet session with a JID we had no session with but fetching the device bundle +/// failed. +class NoKeyMaterialAvailableException extends OmemoException implements Exception { + String errMsg() => 'No key material available to create a ratchet session with'; +} diff --git a/lib/src/omemo/encryption_result.dart b/lib/src/omemo/encryption_result.dart index ff988c7..3d0b35b 100644 --- a/lib/src/omemo/encryption_result.dart +++ b/lib/src/omemo/encryption_result.dart @@ -1,14 +1,26 @@ import 'package:meta/meta.dart'; +import 'package:omemo_dart/src/errors.dart'; import 'package:omemo_dart/src/omemo/encrypted_key.dart'; +import 'package:omemo_dart/src/omemo/ratchet_map_key.dart'; @immutable class EncryptionResult { - const EncryptionResult(this.ciphertext, this.encryptedKeys); + const EncryptionResult(this.ciphertext, this.encryptedKeys, this.deviceEncryptionErrors, this.jidEncryptionErrors); - /// The actual message that was encrypted + /// The actual message that was encrypted. final List? ciphertext; - + /// Mapping of the device Id to the key for decrypting ciphertext, encrypted - /// for the ratchet with said device Id + /// for the ratchet with said device Id. final List encryptedKeys; + + /// Mapping of a ratchet map keys to a possible exception. + final Map deviceEncryptionErrors; + + /// Mapping of a JID to a possible exception. + final Map jidEncryptionErrors; + + /// True if the encryption was a success. This means that we could encrypt for + /// at least one ratchet. + bool isSuccess(int numberOfRecipients) => encryptedKeys.isNotEmpty && jidEncryptionErrors.length < numberOfRecipients; } diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart index 2810322..c55eb01 100644 --- a/lib/src/omemo/omemomanager.dart +++ b/lib/src/omemo/omemomanager.dart @@ -447,8 +447,17 @@ class OmemoManager { } // We assume that the user already checked if the session exists + final deviceEncryptionErrors = {}; + final jidEncryptionErrors = {}; for (final jid in jids) { - for (final deviceId in _deviceList[jid]!) { + final devices = _deviceList[jid]; + if (devices == null) { + _log.severe('Device list does not exist for $jid.'); + jidEncryptionErrors[jid] = NoKeyMaterialAvailableException(); + continue; + } + + for (final deviceId in devices) { // Empty OMEMO messages are allowed to bypass trust if (plaintext != null) { // Only encrypt to devices that are trusted @@ -459,7 +468,13 @@ class OmemoManager { } final ratchetKey = RatchetMapKey(jid, deviceId); - var ratchet = _ratchetMap[ratchetKey]!; + var ratchet = _ratchetMap[ratchetKey]; + if (ratchet == null) { + _log.severe('Ratchet ${ratchetKey.toJsonKey()} does not exist.'); + deviceEncryptionErrors[ratchetKey] = NoKeyMaterialAvailableException(); + continue; + } + final ciphertext = (await ratchet.ratchetEncrypt(keyPayload)).ciphertext; if (kex.isNotEmpty && kex.containsKey(deviceId)) { @@ -522,8 +537,11 @@ class OmemoManager { } return EncryptionResult( - plaintext != null ? ciphertext : null, + plaintext != null ? + ciphertext : null, encryptedKeys, + deviceEncryptionErrors, + jidEncryptionErrors, ); } diff --git a/lib/src/omemo/sessionmanager.dart b/lib/src/omemo/sessionmanager.dart index eb8409d..fa79d10 100644 --- a/lib/src/omemo/sessionmanager.dart +++ b/lib/src/omemo/sessionmanager.dart @@ -329,6 +329,8 @@ class OmemoSessionManager { return EncryptionResult( plaintext != null ? ciphertext : null, encryptedKeys, + const {}, + const {}, ); } diff --git a/test/omemomanager_test.dart b/test/omemomanager_test.dart index 131b2bf..b8baf82 100644 --- a/test/omemomanager_test.dart +++ b/test/omemomanager_test.dart @@ -574,4 +574,269 @@ void main() { expect(aliceResult3.payload, 'Hello Alice!'); }); + + test('Test sending a message to two different JIDs', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + const cocoJid = 'coco@server3'; + + final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + final cocoDevice = await Device.generateNewDevice(cocoJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + if (jid == bobJid) { + return [bobDevice.id]; + } else if (jid == cocoJid) { + return [cocoDevice.id]; + } + + return null; + }, + (jid, id) async { + if (jid == bobJid) { + return bobDevice.toBundle(); + } else if (jid == cocoJid) { + return cocoDevice.toBundle(); + } + + return null; + }, + ); + final bobManager = OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + ); + final cocoManager = OmemoManager( + cocoDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + ); + + // Alice sends a message to Bob and Coco + final aliceResult = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid, cocoJid], + 'Hello Bob and Coco!', + ), + ); + + // Bob and Coco decrypt them + final bobResult = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult!.encryptedKeys, + base64.encode(aliceResult.ciphertext!), + ), + ); + final cocoResult = await cocoManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult.encryptedKeys, + base64.encode(aliceResult.ciphertext!), + ), + ); + + expect(bobResult.error, null); + expect(cocoResult.error, null); + expect(bobResult.payload, 'Hello Bob and Coco!'); + expect(cocoResult.payload, 'Hello Bob and Coco!'); + }); + + test('Test a fetch failure', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + var failure = false; + + final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return failure ? + null : + [bobDevice.id]; + }, + (jid, id) async { + expect(jid, bobJid); + + return failure ? + null : + bobDevice.toBundle(); + }, + ); + final bobManager = OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + ); + + // Alice sends a message to Bob and Coco + final aliceResult1 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob!', + ), + ); + + // Bob decrypts it + final bobResult1 = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult1!.encryptedKeys, + base64.encode(aliceResult1.ciphertext!), + ), + ); + + expect(bobResult1.error, null); + expect(bobResult1.payload, 'Hello Bob!'); + + // Bob acks the message + await aliceManager.ratchetAcknowledged( + bobJid, + bobDevice.id, + ); + + // Alice has to reconnect but has no connection yet + failure = true; + aliceManager.onNewConnection(); + + // Alice sends another message to Bob + final aliceResult2 = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob! x2', + ), + ); + + // And Bob decrypts it + final bobResult2 = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult2!.encryptedKeys, + base64.encode(aliceResult2.ciphertext!), + ), + ); + + expect(bobResult2.error, null); + expect(bobResult2.payload, 'Hello Bob! x2'); + }); + + test('Test sending a message with failed lookups', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + + final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return null; + }, + (jid, id) async { + expect(jid, bobJid); + + return null; + }, + ); + + // Alice sends a message to Bob + final aliceResult = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob!', + ), + ); + + expect(aliceResult!.isSuccess(1), false); + expect(aliceResult.jidEncryptionErrors[bobJid] is NoKeyMaterialAvailableException, true); + }); + + test('Test sending a message two two JIDs with failed lookups', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + const cocoJid = 'coco@server3'; + + final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + if (jid == bobJid) { + return [bobDevice.id]; + } + + return null; + }, + (jid, id) async { + if (jid == bobJid) { + return bobDevice.toBundle(); + } + + return null; + }, + ); + final bobManager = OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + ); + + // Alice sends a message to Bob and Coco + final aliceResult = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid, cocoJid], + 'Hello Bob and Coco!', + ), + ); + + expect(aliceResult!.isSuccess(2), true); + expect(aliceResult.jidEncryptionErrors[cocoJid] is NoKeyMaterialAvailableException, true); + + // Bob decrypts it + final bobResult = await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceResult.encryptedKeys, + base64.encode(aliceResult.ciphertext!), + ), + ); + + expect(bobResult.payload, 'Hello Bob and Coco!'); + }); } From 480de1ce8f1d1da49bb8401eda96cd0f7a2a583c Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Tue, 27 Dec 2022 01:44:42 +0100 Subject: [PATCH 12/17] test: Port the sending/receiving for the OmemoManager --- test/omemomanager_test.dart | 80 +++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) diff --git a/test/omemomanager_test.dart b/test/omemomanager_test.dart index b8baf82..6308a2a 100644 --- a/test/omemomanager_test.dart +++ b/test/omemomanager_test.dart @@ -839,4 +839,84 @@ void main() { expect(bobResult.payload, 'Hello Bob and Coco!'); }); + + test('Test sending multiple messages back and forth', () async { + const aliceJid = 'alice@server1'; + const bobJid = 'bob@server2'; + + final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + + final aliceManager = OmemoManager( + aliceDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async { + expect(jid, bobJid); + + return [bobDevice.id]; + }, + (jid, id) async { + expect(jid, bobJid); + + return bobDevice.toBundle(); + }, + ); + final bobManager = OmemoManager( + bobDevice, + AlwaysTrustingTrustManager(), + (result, recipientJid) async {}, + (jid) async => null, + (jid, id) async => null, + ); + + // Alice encrypts a message for Bob + final aliceMessage = await aliceManager.onOutgoingStanza( + const OmemoOutgoingStanza( + [bobJid], + 'Hello Bob!', + ), + ); + + // And Bob decrypts it + await bobManager.onIncomingStanza( + OmemoIncomingStanza( + aliceJid, + aliceDevice.id, + DateTime.now().millisecondsSinceEpoch, + aliceMessage!.encryptedKeys, + base64.encode(aliceMessage.ciphertext!), + ), + + ); + + // Ratchets are acked + await aliceManager.ratchetAcknowledged( + bobJid, + bobDevice.id, + ); + + for (var i = 0; i < 100; i++) { + final messageText = 'Test Message #$i'; + // Bob responds to Alice + final bobResponseMessage = await bobManager.onOutgoingStanza( + OmemoOutgoingStanza( + [aliceJid], + messageText, + ), + ); + expect(bobResponseMessage!.isSuccess(1), true); + + final aliceReceivedMessage = await aliceManager.onIncomingStanza( + OmemoIncomingStanza( + bobJid, + bobDevice.id, + DateTime.now().millisecondsSinceEpoch, + bobResponseMessage.encryptedKeys, + base64.encode(bobResponseMessage.ciphertext!), + ), + ); + expect(aliceReceivedMessage.payload, messageText); + } + }); } From 5f844dafda63a6abbb2f872308ec506e28c51324 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Tue, 27 Dec 2022 01:45:24 +0100 Subject: [PATCH 13/17] feat: Add getDeviceId --- lib/src/omemo/omemomanager.dart | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart index c55eb01..788977a 100644 --- a/lib/src/omemo/omemomanager.dart +++ b/lib/src/omemo/omemomanager.dart @@ -655,6 +655,9 @@ class OmemoManager { /// Returns the device used for encryption and decryption. Future getDevice() => _deviceLock.synchronized(() => _device); + /// Returns the id of the device used for encryption and decryption. + Future getDeviceId() => (await getDevice()).id; + /// Returns the fingerprints for all devices of [jid] that we have a session with. /// If there are not sessions with [jid], then returns null. Future?> getFingerprintsForJid(String jid) async { From 6a9e98665dd647cb045d4c1749f5adee16274d9a Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Tue, 27 Dec 2022 12:47:45 +0100 Subject: [PATCH 14/17] fix: Track new KEX entries using a ratchet key --- lib/src/omemo/omemomanager.dart | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart index 788977a..204b019 100644 --- a/lib/src/omemo/omemomanager.dart +++ b/lib/src/omemo/omemomanager.dart @@ -435,10 +435,10 @@ class OmemoManager { keyPayload = List.filled(32, 0x0); } - final kex = {}; + final kex = {}; for (final jid in jids) { for (final newSession in await _fetchNewBundles(jid)) { - kex[newSession.id] = await addSessionFromBundle( + kex[RatchetMapKey(jid, newSession.id)] = await addSessionFromBundle( newSession.jid, newSession.id, newSession, @@ -477,9 +477,9 @@ class OmemoManager { final ciphertext = (await ratchet.ratchetEncrypt(keyPayload)).ciphertext; - if (kex.isNotEmpty && kex.containsKey(deviceId)) { + if (kex.containsKey(ratchetKey)) { // The ratchet did not exist - final k = kex[deviceId]! + final k = kex[ratchetKey]! ..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext); final buffer = base64.encode(k.writeToBuffer()); encryptedKeys.add( @@ -497,7 +497,7 @@ class OmemoManager { // The ratchet exists but is not acked if (ratchet.kex != null) { final oldKex = OmemoKeyExchange.fromBuffer(base64.decode(ratchet.kex!)) - ..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext); + ..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext); encryptedKeys.add( EncryptedKey( @@ -656,7 +656,7 @@ class OmemoManager { Future getDevice() => _deviceLock.synchronized(() => _device); /// Returns the id of the device used for encryption and decryption. - Future getDeviceId() => (await getDevice()).id; + Future getDeviceId() async => (await getDevice()).id; /// Returns the fingerprints for all devices of [jid] that we have a session with. /// If there are not sessions with [jid], then returns null. From 408563180489e8bfeb85dd5381041755ae9fa2fa Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Tue, 27 Dec 2022 12:49:11 +0100 Subject: [PATCH 15/17] fix: Make logging less verbose --- lib/src/omemo/omemomanager.dart | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart index 204b019..b4bb606 100644 --- a/lib/src/omemo/omemomanager.dart +++ b/lib/src/omemo/omemomanager.dart @@ -398,7 +398,10 @@ class OmemoManager { .toList(); } - _log.finest('Fetching bundles $bundlesToFetch for $jid'); + if (bundlesToFetch.isNotEmpty) { + _log.finest('Fetching bundles $bundlesToFetch for $jid'); + } + final newBundles = List.empty(growable: true); for (final id in bundlesToFetch) { final bundle = await fetchDeviceBundle(jid, id); From 092ce36410f5d3cb7c581ac1d9e0404c5655bbea Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Sun, 1 Jan 2023 16:49:19 +0100 Subject: [PATCH 16/17] feat: Add last features for use in moxxmpp --- lib/src/double_ratchet/double_ratchet.dart | 7 ++ lib/src/keys.dart | 3 - lib/src/omemo/device.dart | 34 ++++--- lib/src/omemo/events.dart | 2 +- lib/src/omemo/omemomanager.dart | 112 +++++++++++++++++---- lib/src/omemo/sessionmanager.dart | 10 +- lib/src/omemo/stanza.dart | 2 +- lib/src/trust/always.dart | 3 + lib/src/trust/base.dart | 3 + lib/src/trust/btbv.dart | 8 ++ lib/src/trust/never.dart | 3 + test/omemo_test.dart | 4 +- test/omemomanager_test.dart | 109 ++++++++++++-------- test/serialisation_test.dart | 4 +- 14 files changed, 216 insertions(+), 88 deletions(-) diff --git a/lib/src/double_ratchet/double_ratchet.dart b/lib/src/double_ratchet/double_ratchet.dart index f0f11a7..cc6996f 100644 --- a/lib/src/double_ratchet/double_ratchet.dart +++ b/lib/src/double_ratchet/double_ratchet.dart @@ -1,5 +1,6 @@ import 'dart:convert'; import 'package:cryptography/cryptography.dart'; +import 'package:hex/hex.dart'; import 'package:meta/meta.dart'; import 'package:omemo_dart/src/crypto.dart'; import 'package:omemo_dart/src/double_ratchet/crypto.dart'; @@ -251,6 +252,12 @@ class OmemoDoubleRatchet { 'kex': kex, }; } + + /// Returns the OMEMO compatible fingerprint of the ratchet session. + Future getOmemoFingerprint() async { + final curveKey = await ik.toCurve25519(); + return HEX.encode(await curveKey.getBytes()); + } Future?> _trySkippedMessageKeys(OmemoMessage header, List ciphertext) async { final key = SkippedKey( diff --git a/lib/src/keys.dart b/lib/src/keys.dart index b15a0b8..1731f8e 100644 --- a/lib/src/keys.dart +++ b/lib/src/keys.dart @@ -9,7 +9,6 @@ const privateKeyLength = 32; const publicKeyLength = 32; class OmemoPublicKey { - const OmemoPublicKey(this._pubkey); factory OmemoPublicKey.fromBytes(List bytes, KeyPairType type) { @@ -55,7 +54,6 @@ class OmemoPublicKey { } class OmemoPrivateKey { - const OmemoPrivateKey(this._privkey, this.type); final List _privkey; final KeyPairType type; @@ -85,7 +83,6 @@ class OmemoPrivateKey { /// A generic wrapper class for both Ed25519 and X25519 keypairs class OmemoKeyPair { - const OmemoKeyPair(this.pk, this.sk, this.type); /// Create an OmemoKeyPair just from a [type] and the bytes of the private and public diff --git a/lib/src/omemo/device.dart b/lib/src/omemo/device.dart index 2a92b00..4a8ab6d 100644 --- a/lib/src/omemo/device.dart +++ b/lib/src/omemo/device.dart @@ -1,5 +1,6 @@ import 'dart:convert'; import 'package:cryptography/cryptography.dart'; +import 'package:hex/hex.dart'; import 'package:meta/meta.dart'; import 'package:omemo_dart/src/helpers.dart'; import 'package:omemo_dart/src/keys.dart'; @@ -8,8 +9,8 @@ import 'package:omemo_dart/src/x3dh/x3dh.dart'; /// This class represents an OmemoBundle but with all keypairs belonging to the keys @immutable -class Device { - const Device( +class OmemoDevice { + const OmemoDevice( this.jid, this.id, this.ik, @@ -22,7 +23,7 @@ class Device { ); /// Deserialize the Device - factory Device.fromJson(Map data) { + factory OmemoDevice.fromJson(Map data) { // NOTE: We use the way OpenSSH names their keys, meaning that ik is the Identity // Keypair's private key, while ik_pub refers to the Identity Keypair's public // key. @@ -66,7 +67,7 @@ class Device { ), ); - return Device( + return OmemoDevice( data['jid']! as String, data['id']! as int, OmemoKeyPair.fromBytes( @@ -92,7 +93,7 @@ class Device { } /// Generate a completely new device, i.e. cryptographic identity. - static Future generateNewDevice(String jid, { int opkAmount = 100 }) async { + static Future generateNewDevice(String jid, { int opkAmount = 100 }) async { final id = generateRandom32BitNumber(); final ik = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519); final spk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); @@ -104,7 +105,7 @@ class Device { opks[i] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); } - return Device(jid, id, ik, spk, spkId, signature, null, null, opks); + return OmemoDevice(jid, id, ik, spk, spkId, signature, null, null, opks); } /// Our bare Jid @@ -134,10 +135,10 @@ class Device { /// This replaces the Onetime-Prekey with id [id] with a completely new one. Returns /// a new Device object that copies over everything but replaces said key. @internal - Future replaceOnetimePrekey(int id) async { + Future replaceOnetimePrekey(int id) async { opks[id] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); - return Device( + return OmemoDevice( jid, this.id, ik, @@ -153,12 +154,12 @@ class Device { /// This replaces the Signed-Prekey with a completely new one. Returns a new Device object /// that copies over everything but replaces the Signed-Prekey and its signature. @internal - Future replaceSignedPrekey() async { + Future replaceSignedPrekey() async { final newSpk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); final newSpkId = generateRandom32BitNumber(); final newSignature = await sig(ik, await newSpk.pk.getBytes()); - return Device( + return OmemoDevice( jid, id, ik, @@ -174,8 +175,8 @@ class Device { /// Returns a new device that is equal to this one with the exception that the new /// device's id is a new number between 0 and 2**32 - 1. @internal - Device withNewId() { - return Device( + OmemoDevice withNewId() { + return OmemoDevice( jid, generateRandom32BitNumber(), ik, @@ -207,6 +208,13 @@ class Device { ); } + /// Returns the fingerprint of the current device + Future getFingerprint() async { + // Since the local key is Ed25519, we must convert it to Curve25519 first + final curveKey = await ik.pk.toCurve25519(); + return HEX.encode(await curveKey.getBytes()); + } + /// Serialise the device information. Future> toJson() async { /// Serialise the OPKs @@ -236,7 +244,7 @@ class Device { } @visibleForTesting - Future equals(Device other) async { + Future equals(OmemoDevice other) async { var opksMatch = true; if (opks.length != other.opks.length) { opksMatch = false; diff --git a/lib/src/omemo/events.dart b/lib/src/omemo/events.dart index cf075ce..12ffa4e 100644 --- a/lib/src/omemo/events.dart +++ b/lib/src/omemo/events.dart @@ -31,5 +31,5 @@ class DeviceListModifiedEvent extends OmemoEvent { /// and thus should be republished. class DeviceModifiedEvent extends OmemoEvent { DeviceModifiedEvent(this.device); - final Device device; + final OmemoDevice device; } diff --git a/lib/src/omemo/omemomanager.dart b/lib/src/omemo/omemomanager.dart index b4bb606..bf99a49 100644 --- a/lib/src/omemo/omemomanager.dart +++ b/lib/src/omemo/omemomanager.dart @@ -38,9 +38,10 @@ class OmemoManager { OmemoManager( this._device, this._trustManager, - this.sendEmptyOmemoMessage, - this.fetchDeviceList, - this.fetchDeviceBundle, + this.sendEmptyOmemoMessageImpl, + this.fetchDeviceListImpl, + this.fetchDeviceBundleImpl, + this.subscribeToDeviceListNodeImpl, ); final Logger _log = Logger('OmemoManager'); @@ -49,14 +50,17 @@ class OmemoManager { /// Send an empty OMEMO:2 message using the encrypted payload @result to /// @recipientJid. - final Future Function(EncryptionResult result, String recipientJid) sendEmptyOmemoMessage; + final Future Function(EncryptionResult result, String recipientJid) sendEmptyOmemoMessageImpl; /// Fetch the list of device ids associated with @jid. If the device list cannot be /// fetched, return null. - final Future?> Function(String jid) fetchDeviceList; + final Future?> Function(String jid) fetchDeviceListImpl; /// Fetch the device bundle for the device with id @id of jid. If it cannot be fetched, return null. - final Future Function(String jid, int id) fetchDeviceBundle; + final Future Function(String jid, int id) fetchDeviceBundleImpl; + + /// Subscribe to the device list PEP node of @jid. + final Future Function(String jid) subscribeToDeviceListNodeImpl; /// Map bare JID to its known devices Map> _deviceList = {}; @@ -65,6 +69,8 @@ class OmemoManager { /// Map bare a ratchet key to its ratchet. Note that this is also locked by /// _ratchetCriticalSectionLock. Map _ratchetMap = {}; + /// Map bare JID to whether we already tried to subscribe to the device list node. + final Map _subscriptionMap = {}; /// For preventing a race condition in encryption/decryption final Map>> _ratchetCriticalSectionQueue = {}; final Lock _ratchetCriticalSectionLock = Lock(); @@ -76,10 +82,11 @@ class OmemoManager { /// Our own keys... final Lock _deviceLock = Lock(); // ignore: prefer_final_fields - Device _device; + OmemoDevice _device; /// The event bus of the session manager final StreamController _eventStreamController = StreamController.broadcast(); + Stream get eventStream => _eventStreamController.stream; /// Enter the critical section for performing cryptographic operations on the ratchets Future _enterRatchetCriticalSection(String jid) async { @@ -379,7 +386,7 @@ class OmemoManager { List bundlesToFetch; if (!_deviceListRequested.containsKey(jid) || !_deviceList.containsKey(jid)) { // We don't have an up-to-date version of the device list - final newDeviceList = await fetchDeviceList(jid); + final newDeviceList = await fetchDeviceListImpl(jid); if (newDeviceList == null) return []; _deviceList[jid] = newDeviceList; @@ -404,7 +411,7 @@ class OmemoManager { final newBundles = List.empty(growable: true); for (final id in bundlesToFetch) { - final bundle = await fetchDeviceBundle(jid, id); + final bundle = await fetchDeviceBundleImpl(jid, id); if (bundle != null) newBundles.add(bundle); } @@ -460,6 +467,11 @@ class OmemoManager { continue; } + if (!_subscriptionMap.containsKey(jid)) { + unawaited(subscribeToDeviceListNodeImpl(jid)); + _subscriptionMap[jid] = true; + } + for (final deviceId in devices) { // Empty OMEMO messages are allowed to bypass trust if (plaintext != null) { @@ -553,11 +565,18 @@ class OmemoManager { Future onIncomingStanza(OmemoIncomingStanza stanza) async { await _enterRatchetCriticalSection(stanza.bareSenderJid); + if (!_subscriptionMap.containsKey(stanza.bareSenderJid)) { + unawaited(subscribeToDeviceListNodeImpl(stanza.bareSenderJid)); + _subscriptionMap[stanza.bareSenderJid] = true; + } + final ratchetKey = RatchetMapKey(stanza.bareSenderJid, stanza.senderDeviceId); final _InternalDecryptionResult result; try { result = await _decryptMessage( - base64.decode(stanza.payload), + stanza.payload != null ? + base64.decode(stanza.payload!) : + null, stanza.bareSenderJid, stanza.senderDeviceId, stanza.keys, @@ -578,7 +597,7 @@ class OmemoManager { if (ratchet!.acknowledged) { // Ratchet is acknowledged if (ratchet.nr > 53 || result.ratchetCreated) { - await sendEmptyOmemoMessage( + await sendEmptyOmemoMessageImpl( await _encryptToJids( [stanza.bareSenderJid], null, @@ -601,7 +620,7 @@ class OmemoManager { stanza.senderDeviceId, enterCriticalSection: false, ); - await sendEmptyOmemoMessage( + await sendEmptyOmemoMessageImpl( await _encryptToJids( [stanza.bareSenderJid], null, @@ -619,11 +638,29 @@ class OmemoManager { /// Call when sending out an encrypted stanza. Will handle everything and /// encrypt it. - Future onOutgoingStanza(OmemoOutgoingStanza stanza) async { - return _encryptToJids( + Future onOutgoingStanza(OmemoOutgoingStanza stanza) async { + _log.finest('Waiting to enter critical section'); + await _enterRatchetCriticalSection(stanza.recipientJids.first); + _log.finest('Entered critical section'); + + final result = _encryptToJids( stanza.recipientJids, stanza.payload, ); + + await _leaveRatchetCriticalSection(stanza.recipientJids.first); + + return result; + } + + // Sends a hearbeat message as specified by XEP-0384 to [jid]. + Future sendOmemoHeartbeat(String jid) async { + // TODO(Unknown): Include some error handling + final result = await _encryptToJids( + [jid], + null, + ); + await sendEmptyOmemoMessageImpl(result, jid); } /// Mark the ratchet for device [deviceId] from [jid] as acked. @@ -646,9 +683,9 @@ class OmemoManager { /// Generates an entirely new device. May be useful when the user wants to reset their cryptographic /// identity. Triggers an event to commit it to storage. - Future regenerateDevice({ int opkAmount = 100 }) async { + Future regenerateDevice() async { await _deviceLock.synchronized(() async { - _device = await Device.generateNewDevice(_device.jid, opkAmount: opkAmount); + _device = await OmemoDevice.generateNewDevice(_device.jid); // Commit it _eventStreamController.add(DeviceModifiedEvent(_device)); @@ -656,11 +693,17 @@ class OmemoManager { } /// Returns the device used for encryption and decryption. - Future getDevice() => _deviceLock.synchronized(() => _device); + Future getDevice() => _deviceLock.synchronized(() => _device); /// Returns the id of the device used for encryption and decryption. Future getDeviceId() async => (await getDevice()).id; + /// Directly aquire the current device as a OMEMO device bundle. + Future getDeviceBundle() async => (await getDevice()).toBundle(); + + /// Directly aquire the current device's fingerprint. + Future getDeviceFingerprint() async => (await getDevice()).getFingerprint(); + /// Returns the fingerprints for all devices of [jid] that we have a session with. /// If there are not sessions with [jid], then returns null. Future?> getFingerprintsForJid(String jid) async { @@ -674,10 +717,11 @@ class OmemoManager { final fingerprints = List.empty(growable: true); for (final key in fingerprintKeys) { + final curveKey = await _ratchetMap[key]!.ik.toCurve25519(); fingerprints.add( DeviceFingerprint( key.deviceId, - HEX.encode(await _ratchetMap[key]!.ik.getBytes()), + HEX.encode(await curveKey.getBytes()), ), ); } @@ -689,6 +733,7 @@ class OmemoManager { /// Ensures that the device list is fetched again on the next message sending. void onNewConnection() { _deviceListRequested.clear(); + _subscriptionMap.clear(); } /// Sets the device list for [jid] to [devices]. Triggers a DeviceListModifiedEvent. @@ -704,4 +749,35 @@ class OmemoManager { _deviceList = deviceList; _ratchetMap = ratchetMap; } + + /// Removes all ratchets for JID [jid]. This also removes all trust decisions for + /// [jid] from the trust manager. This function triggers a RatchetRemovedEvent for + /// every removed ratchet and a DeviceListModifiedEvent afterwards. Behaviour for + /// the trust manager is dependent on its implementation. + Future removeAllRatchets(String jid) async { + await _enterRatchetCriticalSection(jid); + + for (final deviceId in _deviceList[jid]!) { + // Remove the ratchet and commit it + _ratchetMap.remove(jid); + _eventStreamController.add(RatchetRemovedEvent(jid, deviceId)); + } + + // Remove the devices from the device list cache and commit it + _deviceList.remove(jid); + _deviceListRequested.remove(jid); + _eventStreamController.add(DeviceListModifiedEvent(_deviceList)); + + // Remove trust decisions + await _trustManager.removeTrustDecisionsForJid(jid); + + await _leaveRatchetCriticalSection(jid); + } + + /// Replaces the internal device with [newDevice]. Does not trigger an event. + Future replaceDevice(OmemoDevice newDevice) async { + await _deviceLock.synchronized(() { + _device = newDevice; + }); + } } diff --git a/lib/src/omemo/sessionmanager.dart b/lib/src/omemo/sessionmanager.dart index fa79d10..271ee20 100644 --- a/lib/src/omemo/sessionmanager.dart +++ b/lib/src/omemo/sessionmanager.dart @@ -45,7 +45,7 @@ class OmemoSessionManager { // NOTE: Dart has some issues with just casting a List to List>, as // such we need to convert the items by hand. return OmemoSessionManager( - Device.fromJson(data['device']! as Map), + OmemoDevice.fromJson(data['device']! as Map), (data['devices']! as Map).map>( (key, value) { return MapEntry( @@ -62,7 +62,7 @@ class OmemoSessionManager { /// Generate a new cryptographic identity. static Future generateNewIdentity(String jid, TrustManager trustManager, { int opkAmount = 100 }) async { assert(opkAmount > 0, 'opkAmount must be bigger than 0.'); - final device = await Device.generateNewDevice(jid, opkAmount: opkAmount); + final device = await OmemoDevice.generateNewDevice(jid, opkAmount: opkAmount); return OmemoSessionManager(device, {}, {}, trustManager); } @@ -84,7 +84,7 @@ class OmemoSessionManager { /// Our own keys... // ignore: prefer_final_fields - Device _device; + OmemoDevice _device; /// and its lock final Lock _deviceLock; @@ -96,7 +96,7 @@ class OmemoSessionManager { Stream get eventStream => _eventStreamController.stream; /// Returns our own device. - Future getDevice() async { + Future getDevice() async { return _deviceLock.synchronized(() => _device); } @@ -625,7 +625,7 @@ class OmemoSessionManager { /// identity. Triggers an event to commit it to storage. Future regenerateDevice({ int opkAmount = 100 }) async { await _deviceLock.synchronized(() async { - _device = await Device.generateNewDevice(_device.jid, opkAmount: opkAmount); + _device = await OmemoDevice.generateNewDevice(_device.jid, opkAmount: opkAmount); // Commit it _eventStreamController.add(DeviceModifiedEvent(_device)); diff --git a/lib/src/omemo/stanza.dart b/lib/src/omemo/stanza.dart index 9ed4149..c883887 100644 --- a/lib/src/omemo/stanza.dart +++ b/lib/src/omemo/stanza.dart @@ -23,7 +23,7 @@ class OmemoIncomingStanza { final List keys; /// The string payload included in the element. - final String payload; + final String? payload; } /// Describes a stanza that is to be sent out diff --git a/lib/src/trust/always.dart b/lib/src/trust/always.dart index c91687a..b55aa35 100644 --- a/lib/src/trust/always.dart +++ b/lib/src/trust/always.dart @@ -18,6 +18,9 @@ class AlwaysTrustingTrustManager extends TrustManager { @override Future setEnabled(String jid, int deviceId, bool enabled) async {} + @override + Future removeTrustDecisionsForJid(String jid) async {} + @override Future> toJson() async => {}; } diff --git a/lib/src/trust/base.dart b/lib/src/trust/base.dart index 77d716b..86f46bb 100644 --- a/lib/src/trust/base.dart +++ b/lib/src/trust/base.dart @@ -19,4 +19,7 @@ abstract class TrustManager { /// Serialize the trust manager to JSON. Future> toJson(); + + /// Removes all trust decisions for [jid]. + Future removeTrustDecisionsForJid(String jid); } diff --git a/lib/src/trust/btbv.dart b/lib/src/trust/btbv.dart index 9bfc7a2..6fd9381 100644 --- a/lib/src/trust/btbv.dart +++ b/lib/src/trust/btbv.dart @@ -211,6 +211,14 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager { ), ); } + + @override + Future removeTrustDecisionsForJid(String jid) async { + await _lock.synchronized(() async { + devices.remove(jid); + await commitState(); + }); + } /// Called when the state of the trust manager has been changed. Allows the user to /// commit the trust state to persistent storage. diff --git a/lib/src/trust/never.dart b/lib/src/trust/never.dart index fdc829c..687aba7 100644 --- a/lib/src/trust/never.dart +++ b/lib/src/trust/never.dart @@ -18,6 +18,9 @@ class NeverTrustingTrustManager extends TrustManager { @override Future setEnabled(String jid, int deviceId, bool enabled) async {} + @override + Future removeTrustDecisionsForJid(String jid) async {} + @override Future> toJson() async => {}; } diff --git a/test/omemo_test.dart b/test/omemo_test.dart index c31679e..3ae18e4 100644 --- a/test/omemo_test.dart +++ b/test/omemo_test.dart @@ -14,7 +14,7 @@ void main() { test('Test replacing a onetime prekey', () async { const aliceJid = 'alice@server.example'; - final device = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final device = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); final newDevice = await device.replaceOnetimePrekey(0); @@ -327,7 +327,7 @@ void main() { // Setup an event listener final oldDevice = await aliceSession.getDevice(); - Device? newDevice; + OmemoDevice? newDevice; aliceSession.eventStream.listen((event) { if (event is DeviceModifiedEvent) { newDevice = event.device; diff --git a/test/omemomanager_test.dart b/test/omemomanager_test.dart index 6308a2a..448d6fa 100644 --- a/test/omemomanager_test.dart +++ b/test/omemomanager_test.dart @@ -18,8 +18,8 @@ void main() { var aliceEmptyMessageSent = 0; var bobEmptyMessageSent = 0; - final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); - final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); final aliceManager = OmemoManager( aliceDevice, @@ -35,6 +35,7 @@ void main() { expect(jid, bobJid); return bobDevice.toBundle(); }, + (jid) async {}, ); final bobManager = OmemoManager( bobDevice, @@ -50,6 +51,7 @@ void main() { expect(jid, aliceJid); return aliceDevice.toBundle(); }, + (jid) async {}, ); // Alice sends a message @@ -66,7 +68,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceResult!.encryptedKeys, + aliceResult.encryptedKeys, base64.encode(aliceResult.ciphertext!), ), ); @@ -94,7 +96,7 @@ void main() { bobJid, bobDevice.id, DateTime.now().millisecondsSinceEpoch, - bobResult2!.encryptedKeys, + bobResult2.encryptedKeys, base64.encode(bobResult2.ciphertext!), ), ); @@ -111,8 +113,8 @@ void main() { var aliceEmptyMessageSent = 0; var bobEmptyMessageSent = 0; - final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); - final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); final aliceManager = OmemoManager( aliceDevice, @@ -128,6 +130,7 @@ void main() { expect(jid, bobJid); return bobDevice.toBundle(); }, + (jid) async {}, ); final bobManager = OmemoManager( bobDevice, @@ -143,6 +146,7 @@ void main() { expect(jid, aliceJid); return aliceDevice.toBundle(); }, + (jid) async {}, ); // Alice sends a message @@ -159,7 +163,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceResult!.encryptedKeys, + aliceResult.encryptedKeys, base64.encode(aliceResult.ciphertext!), ), ); @@ -185,7 +189,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceResultLoop!.encryptedKeys, + aliceResultLoop.encryptedKeys, base64.encode(aliceResultLoop.ciphertext!), ), ); @@ -208,7 +212,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceResultFinal!.encryptedKeys, + aliceResultFinal.encryptedKeys, base64.encode(aliceResultFinal.ciphertext!), ), ); @@ -221,7 +225,7 @@ void main() { test('Test accessing data without it existing', () async { const aliceJid = 'alice@server1'; const bobJid = 'bob@server2'; - final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); final aliceManager = OmemoManager( aliceDevice, @@ -229,6 +233,7 @@ void main() { (result, recipientJid) async {}, (jid) async => [], (jid, id) async => null, + (jid) async {}, ); // Get non-existant fingerprints @@ -249,9 +254,9 @@ void main() { const bobJid = 'bob@server2'; var oldDevice = true; - final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); - final bobOldDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); - final bobCurrentDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobOldDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + final bobCurrentDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); final aliceManager = OmemoManager( aliceDevice, @@ -270,6 +275,7 @@ void main() { bobOldDevice.toBundle() : bobCurrentDevice.toBundle(); }, + (jid) async {}, ); final bobManager = OmemoManager( bobCurrentDevice, @@ -277,6 +283,7 @@ void main() { (result, recipientJid) async {}, (jid) async => [], (jid, id) async => null, + (jid) async {}, ); // Alice encrypts a message to Bob @@ -293,7 +300,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceResult1!.encryptedKeys, + aliceResult1.encryptedKeys, base64.encode(aliceResult1.ciphertext!), ), ); @@ -317,7 +324,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceResult2!.encryptedKeys, + aliceResult2.encryptedKeys, base64.encode(aliceResult2.ciphertext!), ), ); @@ -331,9 +338,9 @@ void main() { const bobJid = 'bob@server2'; var bothDevices = false; - final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); - final bobDevice1 = await Device.generateNewDevice(bobJid, opkAmount: 1); - final bobDevice2 = await Device.generateNewDevice(bobJid, opkAmount: 1); + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice1 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + final bobDevice2 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); final aliceManager = OmemoManager( aliceDevice, @@ -364,6 +371,7 @@ void main() { return null; }, + (jid) async {}, ); final bobManager1 = OmemoManager( bobDevice1, @@ -371,6 +379,7 @@ void main() { (result, recipientJid) async {}, (jid) async => [], (jid, id) async => null, + (jid) async {}, ); final bobManager2 = OmemoManager( bobDevice2, @@ -384,6 +393,7 @@ void main() { expect(jid, aliceJid); return aliceDevice.toBundle(); }, + (jid) async {}, ); // Alice sends a message to Bob @@ -400,7 +410,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceResult1!.encryptedKeys, + aliceResult1.encryptedKeys, base64.encode(aliceResult1.ciphertext!), ), ); @@ -423,7 +433,7 @@ void main() { bobJid, bobDevice2.id, DateTime.now().millisecondsSinceEpoch, - bobResult2!.encryptedKeys, + bobResult2.encryptedKeys, base64.encode(bobResult2.ciphertext!), ), ); @@ -436,9 +446,9 @@ void main() { const bobJid = 'bob@server2'; var bothDevices = false; - final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); - final bobDevice1 = await Device.generateNewDevice(bobJid, opkAmount: 1); - final bobDevice2 = await Device.generateNewDevice(bobJid, opkAmount: 1); + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice1 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + final bobDevice2 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); final aliceManager = OmemoManager( aliceDevice, @@ -469,6 +479,7 @@ void main() { return null; }, + (jid) async {}, ); final bobManager1 = OmemoManager( bobDevice1, @@ -476,6 +487,7 @@ void main() { (result, recipientJid) async {}, (jid) async => null, (jid, id) async => null, + (jid) async {}, ); final bobManager2 = OmemoManager( bobDevice2, @@ -483,6 +495,7 @@ void main() { (result, recipientJid) async {}, (jid) async => null, (jid, id) async => null, + (jid) async {}, ); // Alice sends a message to Bob @@ -499,7 +512,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceResult1!.encryptedKeys, + aliceResult1.encryptedKeys, base64.encode(aliceResult1.ciphertext!), ), ); @@ -528,7 +541,7 @@ void main() { ), ); - expect(aliceResult2!.encryptedKeys.length, 2); + expect(aliceResult2.encryptedKeys.length, 2); // And Bob decrypts it final bobResult21 = await bobManager1.onIncomingStanza( @@ -567,7 +580,7 @@ void main() { bobJid, bobDevice2.id, DateTime.now().millisecondsSinceEpoch, - bobResult32!.encryptedKeys, + bobResult32.encryptedKeys, base64.encode(bobResult32.ciphertext!), ), ); @@ -580,9 +593,9 @@ void main() { const bobJid = 'bob@server2'; const cocoJid = 'coco@server3'; - final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); - final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); - final cocoDevice = await Device.generateNewDevice(cocoJid, opkAmount: 1); + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); + final cocoDevice = await OmemoDevice.generateNewDevice(cocoJid, opkAmount: 1); final aliceManager = OmemoManager( aliceDevice, @@ -606,6 +619,7 @@ void main() { return null; }, + (jid) async {}, ); final bobManager = OmemoManager( bobDevice, @@ -613,6 +627,7 @@ void main() { (result, recipientJid) async {}, (jid) async => null, (jid, id) async => null, + (jid) async {}, ); final cocoManager = OmemoManager( cocoDevice, @@ -620,6 +635,7 @@ void main() { (result, recipientJid) async {}, (jid) async => null, (jid, id) async => null, + (jid) async {}, ); // Alice sends a message to Bob and Coco @@ -636,7 +652,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceResult!.encryptedKeys, + aliceResult.encryptedKeys, base64.encode(aliceResult.ciphertext!), ), ); @@ -661,8 +677,8 @@ void main() { const bobJid = 'bob@server2'; var failure = false; - final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); - final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); final aliceManager = OmemoManager( aliceDevice, @@ -682,6 +698,7 @@ void main() { null : bobDevice.toBundle(); }, + (jid) async {}, ); final bobManager = OmemoManager( bobDevice, @@ -689,6 +706,7 @@ void main() { (result, recipientJid) async {}, (jid) async => null, (jid, id) async => null, + (jid) async {}, ); // Alice sends a message to Bob and Coco @@ -705,7 +723,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceResult1!.encryptedKeys, + aliceResult1.encryptedKeys, base64.encode(aliceResult1.ciphertext!), ), ); @@ -737,7 +755,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceResult2!.encryptedKeys, + aliceResult2.encryptedKeys, base64.encode(aliceResult2.ciphertext!), ), ); @@ -750,7 +768,7 @@ void main() { const aliceJid = 'alice@server1'; const bobJid = 'bob@server2'; - final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); final aliceManager = OmemoManager( aliceDevice, @@ -766,6 +784,7 @@ void main() { return null; }, + (jid) async {}, ); // Alice sends a message to Bob @@ -776,7 +795,7 @@ void main() { ), ); - expect(aliceResult!.isSuccess(1), false); + expect(aliceResult.isSuccess(1), false); expect(aliceResult.jidEncryptionErrors[bobJid] is NoKeyMaterialAvailableException, true); }); @@ -785,8 +804,8 @@ void main() { const bobJid = 'bob@server2'; const cocoJid = 'coco@server3'; - final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); - final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); final aliceManager = OmemoManager( aliceDevice, @@ -806,6 +825,7 @@ void main() { return null; }, + (jid) async {}, ); final bobManager = OmemoManager( bobDevice, @@ -813,6 +833,7 @@ void main() { (result, recipientJid) async {}, (jid) async => null, (jid, id) async => null, + (jid) async {}, ); // Alice sends a message to Bob and Coco @@ -823,7 +844,7 @@ void main() { ), ); - expect(aliceResult!.isSuccess(2), true); + expect(aliceResult.isSuccess(2), true); expect(aliceResult.jidEncryptionErrors[cocoJid] is NoKeyMaterialAvailableException, true); // Bob decrypts it @@ -844,8 +865,8 @@ void main() { const aliceJid = 'alice@server1'; const bobJid = 'bob@server2'; - final aliceDevice = await Device.generateNewDevice(aliceJid, opkAmount: 1); - final bobDevice = await Device.generateNewDevice(bobJid, opkAmount: 1); + final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1); + final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1); final aliceManager = OmemoManager( aliceDevice, @@ -861,6 +882,7 @@ void main() { return bobDevice.toBundle(); }, + (jid) async {}, ); final bobManager = OmemoManager( bobDevice, @@ -868,6 +890,7 @@ void main() { (result, recipientJid) async {}, (jid) async => null, (jid, id) async => null, + (jid) async {}, ); // Alice encrypts a message for Bob @@ -884,7 +907,7 @@ void main() { aliceJid, aliceDevice.id, DateTime.now().millisecondsSinceEpoch, - aliceMessage!.encryptedKeys, + aliceMessage.encryptedKeys, base64.encode(aliceMessage.ciphertext!), ), @@ -905,7 +928,7 @@ void main() { messageText, ), ); - expect(bobResponseMessage!.isSuccess(1), true); + expect(bobResponseMessage.isSuccess(1), true); final aliceReceivedMessage = await aliceManager.onIncomingStanza( OmemoIncomingStanza( diff --git a/test/serialisation_test.dart b/test/serialisation_test.dart index b163288..071735d 100644 --- a/test/serialisation_test.dart +++ b/test/serialisation_test.dart @@ -18,7 +18,7 @@ void main() { final oldDevice = await oldSession.getDevice(); final serialised = jsonify(await oldDevice.toJson()); - final newDevice = Device.fromJson(serialised); + final newDevice = OmemoDevice.fromJson(serialised); expect(await oldDevice.equals(newDevice), true); }); @@ -32,7 +32,7 @@ void main() { final oldDevice = await (await oldSession.getDevice()).replaceSignedPrekey(); final serialised = jsonify(await oldDevice.toJson()); - final newDevice = Device.fromJson(serialised); + final newDevice = OmemoDevice.fromJson(serialised); expect(await oldDevice.equals(newDevice), true); }); From 32c0c5a4f027def96bd602b2db0e83e7bf1fcb89 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Sun, 1 Jan 2023 16:55:15 +0100 Subject: [PATCH 17/17] feat: Update CHANGELOG and README --- CHANGELOG.md | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9cdd49a..571bb68 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,7 +9,6 @@ - Fix bug with the Double Ratchet causing only the initial message to be decryptable - Expose `getDeviceMap` as a developer usable function - ## 0.2.0 - Add convenience functions `getDeviceId` and `getDeviceBundle` @@ -42,3 +41,4 @@ - Deprecate `OmemoSessionManager`. Use `OmemoManager` instead. - Implement queued access to the ratchets inside the `OmemoManager`. - Implement heartbeat messages. +- [BREAKING] Rename `Device` to `OmemoDevice`. diff --git a/README.md b/README.md index d526b8f..a2ffb21 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ Include `omemo_dart` in your `pubspec.yaml` like this: dependencies: omemo_dart: hosted: https://git.polynom.me/api/packages/PapaTutuWawa/pub - version: ^0.3.1 + version: ^0.4.0 # [...] # [...]