Merge pull request #24 from PapaTutuWawa/feat/omemomanager
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
OmemoManager.
This commit is contained in:
commit
3825232ebe
@ -9,7 +9,6 @@
|
|||||||
|
|
||||||
- Fix bug with the Double Ratchet causing only the initial message to be decryptable
|
- Fix bug with the Double Ratchet causing only the initial message to be decryptable
|
||||||
- Expose `getDeviceMap` as a developer usable function
|
- Expose `getDeviceMap` as a developer usable function
|
||||||
|
|
||||||
## 0.2.0
|
## 0.2.0
|
||||||
|
|
||||||
- Add convenience functions `getDeviceId` and `getDeviceBundle`
|
- Add convenience functions `getDeviceId` and `getDeviceBundle`
|
||||||
@ -36,3 +35,10 @@
|
|||||||
- Fix a bug that caused the device's id to change when replacing a OPK
|
- Fix a bug that caused the device's id to change when replacing a OPK
|
||||||
- Every decryption failure now causes the ratchet to be restored to a pre-decryption state
|
- Every decryption failure now causes the ratchet to be restored to a pre-decryption state
|
||||||
- Add method to get the device's fingerprint
|
- Add method to get the device's fingerprint
|
||||||
|
|
||||||
|
## 0.4.0
|
||||||
|
|
||||||
|
- Deprecate `OmemoSessionManager`. Use `OmemoManager` instead.
|
||||||
|
- Implement queued access to the ratchets inside the `OmemoManager`.
|
||||||
|
- Implement heartbeat messages.
|
||||||
|
- [BREAKING] Rename `Device` to `OmemoDevice`.
|
||||||
|
@ -28,7 +28,7 @@ Include `omemo_dart` in your `pubspec.yaml` like this:
|
|||||||
dependencies:
|
dependencies:
|
||||||
omemo_dart:
|
omemo_dart:
|
||||||
hosted: https://git.polynom.me/api/packages/PapaTutuWawa/pub
|
hosted: https://git.polynom.me/api/packages/PapaTutuWawa/pub
|
||||||
version: ^0.3.1
|
version: ^0.4.0
|
||||||
# [...]
|
# [...]
|
||||||
|
|
||||||
# [...]
|
# [...]
|
||||||
|
@ -10,3 +10,7 @@ linter:
|
|||||||
analyzer:
|
analyzer:
|
||||||
exclude:
|
exclude:
|
||||||
- "lib/protobuf/*.dart"
|
- "lib/protobuf/*.dart"
|
||||||
|
# TODO: Remove once OmemoSessionManager is gone
|
||||||
|
- "test/omemo_test.dart"
|
||||||
|
- "example/omemo_dart_example.dart"
|
||||||
|
- "test/serialisation_test.dart"
|
||||||
|
@ -10,8 +10,10 @@ export 'src/omemo/encrypted_key.dart';
|
|||||||
export 'src/omemo/encryption_result.dart';
|
export 'src/omemo/encryption_result.dart';
|
||||||
export 'src/omemo/events.dart';
|
export 'src/omemo/events.dart';
|
||||||
export 'src/omemo/fingerprint.dart';
|
export 'src/omemo/fingerprint.dart';
|
||||||
|
export 'src/omemo/omemomanager.dart';
|
||||||
export 'src/omemo/ratchet_map_key.dart';
|
export 'src/omemo/ratchet_map_key.dart';
|
||||||
export 'src/omemo/sessionmanager.dart';
|
export 'src/omemo/sessionmanager.dart';
|
||||||
|
export 'src/omemo/stanza.dart';
|
||||||
export 'src/trust/base.dart';
|
export 'src/trust/base.dart';
|
||||||
export 'src/trust/btbv.dart';
|
export 'src/trust/btbv.dart';
|
||||||
export 'src/x3dh/x3dh.dart';
|
export 'src/x3dh/x3dh.dart';
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
import 'dart:convert';
|
import 'dart:convert';
|
||||||
import 'package:cryptography/cryptography.dart';
|
import 'package:cryptography/cryptography.dart';
|
||||||
|
import 'package:hex/hex.dart';
|
||||||
import 'package:meta/meta.dart';
|
import 'package:meta/meta.dart';
|
||||||
import 'package:omemo_dart/src/crypto.dart';
|
import 'package:omemo_dart/src/crypto.dart';
|
||||||
import 'package:omemo_dart/src/double_ratchet/crypto.dart';
|
import 'package:omemo_dart/src/double_ratchet/crypto.dart';
|
||||||
@ -13,7 +14,6 @@ import 'package:omemo_dart/src/protobuf/omemo_message.dart';
|
|||||||
const maxSkip = 1000;
|
const maxSkip = 1000;
|
||||||
|
|
||||||
class RatchetStep {
|
class RatchetStep {
|
||||||
|
|
||||||
const RatchetStep(this.header, this.ciphertext);
|
const RatchetStep(this.header, this.ciphertext);
|
||||||
final OmemoMessage header;
|
final OmemoMessage header;
|
||||||
final List<int> ciphertext;
|
final List<int> ciphertext;
|
||||||
@ -21,7 +21,6 @@ class RatchetStep {
|
|||||||
|
|
||||||
@immutable
|
@immutable
|
||||||
class SkippedKey {
|
class SkippedKey {
|
||||||
|
|
||||||
const SkippedKey(this.dh, this.n);
|
const SkippedKey(this.dh, this.n);
|
||||||
|
|
||||||
factory SkippedKey.fromJson(Map<String, dynamic> data) {
|
factory SkippedKey.fromJson(Map<String, dynamic> data) {
|
||||||
@ -54,7 +53,6 @@ class SkippedKey {
|
|||||||
}
|
}
|
||||||
|
|
||||||
class OmemoDoubleRatchet {
|
class OmemoDoubleRatchet {
|
||||||
|
|
||||||
OmemoDoubleRatchet(
|
OmemoDoubleRatchet(
|
||||||
this.dhs, // DHs
|
this.dhs, // DHs
|
||||||
this.dhr, // DHr
|
this.dhr, // DHr
|
||||||
@ -221,7 +219,7 @@ class OmemoDoubleRatchet {
|
|||||||
ik,
|
ik,
|
||||||
ad,
|
ad,
|
||||||
{},
|
{},
|
||||||
false,
|
true,
|
||||||
kexTimestamp,
|
kexTimestamp,
|
||||||
null,
|
null,
|
||||||
);
|
);
|
||||||
@ -254,6 +252,12 @@ class OmemoDoubleRatchet {
|
|||||||
'kex': kex,
|
'kex': kex,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Returns the OMEMO compatible fingerprint of the ratchet session.
|
||||||
|
Future<String> getOmemoFingerprint() async {
|
||||||
|
final curveKey = await ik.toCurve25519();
|
||||||
|
return HEX.encode(await curveKey.getBytes());
|
||||||
|
}
|
||||||
|
|
||||||
Future<List<int>?> _trySkippedMessageKeys(OmemoMessage header, List<int> ciphertext) async {
|
Future<List<int>?> _trySkippedMessageKeys(OmemoMessage header, List<int> ciphertext) async {
|
||||||
final key = SkippedKey(
|
final key = SkippedKey(
|
||||||
|
@ -1,45 +1,54 @@
|
|||||||
|
abstract class OmemoException {}
|
||||||
|
|
||||||
/// Triggered during X3DH if the signature if the SPK does verify to the actual SPK.
|
/// Triggered during X3DH if the signature if the SPK does verify to the actual SPK.
|
||||||
class InvalidSignatureException implements Exception {
|
class InvalidSignatureException extends OmemoException implements Exception {
|
||||||
String errMsg() => 'The signature of the SPK does not match the provided signature';
|
String errMsg() => 'The signature of the SPK does not match the provided signature';
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Triggered by the Double Ratchet if the computed HMAC does not match the attached HMAC.
|
/// Triggered by the Double Ratchet if the computed HMAC does not match the attached HMAC.
|
||||||
/// Triggered by the Session Manager if the computed HMAC does not match the attached HMAC.
|
/// Triggered by the Session Manager if the computed HMAC does not match the attached HMAC.
|
||||||
class InvalidMessageHMACException implements Exception {
|
class InvalidMessageHMACException extends OmemoException implements Exception {
|
||||||
String errMsg() => 'The computed HMAC does not match the provided HMAC';
|
String errMsg() => 'The computed HMAC does not match the provided HMAC';
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Triggered by the Double Ratchet if skipping messages would cause skipping more than
|
/// Triggered by the Double Ratchet if skipping messages would cause skipping more than
|
||||||
/// MAXSKIP messages
|
/// MAXSKIP messages
|
||||||
class SkippingTooManyMessagesException implements Exception {
|
class SkippingTooManyMessagesException extends OmemoException implements Exception {
|
||||||
String errMsg() => 'Skipping messages would cause a skip bigger than MAXSKIP';
|
String errMsg() => 'Skipping messages would cause a skip bigger than MAXSKIP';
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Triggered by the Session Manager if the message key is not encrypted for the device.
|
/// Triggered by the Session Manager if the message key is not encrypted for the device.
|
||||||
class NotEncryptedForDeviceException implements Exception {
|
class NotEncryptedForDeviceException extends OmemoException implements Exception {
|
||||||
String errMsg() => 'Not encrypted for this device';
|
String errMsg() => 'Not encrypted for this device';
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Triggered by the Session Manager when there is no key for decrypting the message.
|
/// Triggered by the Session Manager when there is no key for decrypting the message.
|
||||||
class NoDecryptionKeyException implements Exception {
|
class NoDecryptionKeyException extends OmemoException implements Exception {
|
||||||
String errMsg() => 'No key available for decrypting the message';
|
String errMsg() => 'No key available for decrypting the message';
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Triggered by the Session Manager when the identifier of the used Signed Prekey
|
/// Triggered by the Session Manager when the identifier of the used Signed Prekey
|
||||||
/// is neither the current SPK's identifier nor the old one's.
|
/// is neither the current SPK's identifier nor the old one's.
|
||||||
class UnknownSignedPrekeyException implements Exception {
|
class UnknownSignedPrekeyException extends OmemoException implements Exception {
|
||||||
String errMsg() => 'Unknown Signed Prekey used.';
|
String errMsg() => 'Unknown Signed Prekey used.';
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Triggered by the Session Manager when the received Key Exchange message does not meet
|
/// Triggered by the Session Manager when the received Key Exchange message does not meet
|
||||||
/// the requirement that a key exchange, given that the ratchet already exists, must be
|
/// the requirement that a key exchange, given that the ratchet already exists, must be
|
||||||
/// sent after its creation.
|
/// sent after its creation.
|
||||||
class InvalidKeyExchangeException implements Exception {
|
class InvalidKeyExchangeException extends OmemoException implements Exception {
|
||||||
String errMsg() => 'The key exchange was sent before the last kex finished';
|
String errMsg() => 'The key exchange was sent before the last kex finished';
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Triggered by the Session Manager when a message's sequence number is smaller than we
|
/// Triggered by the Session Manager when a message's sequence number is smaller than we
|
||||||
/// expect it to be.
|
/// expect it to be.
|
||||||
class MessageAlreadyDecryptedException implements Exception {
|
class MessageAlreadyDecryptedException extends OmemoException implements Exception {
|
||||||
String errMsg() => 'The message has already been decrypted';
|
String errMsg() => 'The message has already been decrypted';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Triggered by the OmemoManager when we could not encrypt a message as we have
|
||||||
|
/// no key material available. That happens, for example, when we want to create a
|
||||||
|
/// ratchet session with a JID we had no session with but fetching the device bundle
|
||||||
|
/// failed.
|
||||||
|
class NoKeyMaterialAvailableException extends OmemoException implements Exception {
|
||||||
|
String errMsg() => 'No key material available to create a ratchet session with';
|
||||||
|
}
|
||||||
|
@ -9,7 +9,6 @@ const privateKeyLength = 32;
|
|||||||
const publicKeyLength = 32;
|
const publicKeyLength = 32;
|
||||||
|
|
||||||
class OmemoPublicKey {
|
class OmemoPublicKey {
|
||||||
|
|
||||||
const OmemoPublicKey(this._pubkey);
|
const OmemoPublicKey(this._pubkey);
|
||||||
|
|
||||||
factory OmemoPublicKey.fromBytes(List<int> bytes, KeyPairType type) {
|
factory OmemoPublicKey.fromBytes(List<int> bytes, KeyPairType type) {
|
||||||
@ -55,7 +54,6 @@ class OmemoPublicKey {
|
|||||||
}
|
}
|
||||||
|
|
||||||
class OmemoPrivateKey {
|
class OmemoPrivateKey {
|
||||||
|
|
||||||
const OmemoPrivateKey(this._privkey, this.type);
|
const OmemoPrivateKey(this._privkey, this.type);
|
||||||
final List<int> _privkey;
|
final List<int> _privkey;
|
||||||
final KeyPairType type;
|
final KeyPairType type;
|
||||||
@ -85,7 +83,6 @@ class OmemoPrivateKey {
|
|||||||
|
|
||||||
/// A generic wrapper class for both Ed25519 and X25519 keypairs
|
/// A generic wrapper class for both Ed25519 and X25519 keypairs
|
||||||
class OmemoKeyPair {
|
class OmemoKeyPair {
|
||||||
|
|
||||||
const OmemoKeyPair(this.pk, this.sk, this.type);
|
const OmemoKeyPair(this.pk, this.sk, this.type);
|
||||||
|
|
||||||
/// Create an OmemoKeyPair just from a [type] and the bytes of the private and public
|
/// Create an OmemoKeyPair just from a [type] and the bytes of the private and public
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
import 'dart:convert';
|
import 'dart:convert';
|
||||||
import 'package:cryptography/cryptography.dart';
|
import 'package:cryptography/cryptography.dart';
|
||||||
|
import 'package:hex/hex.dart';
|
||||||
import 'package:omemo_dart/src/keys.dart';
|
import 'package:omemo_dart/src/keys.dart';
|
||||||
|
|
||||||
class OmemoBundle {
|
class OmemoBundle {
|
||||||
@ -43,4 +44,10 @@ class OmemoBundle {
|
|||||||
}
|
}
|
||||||
|
|
||||||
List<int> get spkSignature => base64Decode(spkSignatureEncoded);
|
List<int> get spkSignature => base64Decode(spkSignatureEncoded);
|
||||||
|
|
||||||
|
/// Calculates the fingerprint of the bundle (See
|
||||||
|
/// https://xmpp.org/extensions/xep-0384.html#security § 2).
|
||||||
|
Future<String> getFingerprint() async {
|
||||||
|
return HEX.encode(await ik.getBytes());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
2
lib/src/omemo/constants.dart
Normal file
2
lib/src/omemo/constants.dart
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
/// The info used for when encrypting the AES key for the actual payload.
|
||||||
|
const omemoPayloadInfoString = 'OMEMO Payload';
|
9
lib/src/omemo/decryption_result.dart
Normal file
9
lib/src/omemo/decryption_result.dart
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
import 'package:meta/meta.dart';
|
||||||
|
import 'package:omemo_dart/src/errors.dart';
|
||||||
|
|
||||||
|
@immutable
|
||||||
|
class DecryptionResult {
|
||||||
|
const DecryptionResult(this.payload, this.error);
|
||||||
|
final String? payload;
|
||||||
|
final OmemoException? error;
|
||||||
|
}
|
@ -1,5 +1,6 @@
|
|||||||
import 'dart:convert';
|
import 'dart:convert';
|
||||||
import 'package:cryptography/cryptography.dart';
|
import 'package:cryptography/cryptography.dart';
|
||||||
|
import 'package:hex/hex.dart';
|
||||||
import 'package:meta/meta.dart';
|
import 'package:meta/meta.dart';
|
||||||
import 'package:omemo_dart/src/helpers.dart';
|
import 'package:omemo_dart/src/helpers.dart';
|
||||||
import 'package:omemo_dart/src/keys.dart';
|
import 'package:omemo_dart/src/keys.dart';
|
||||||
@ -8,9 +9,8 @@ import 'package:omemo_dart/src/x3dh/x3dh.dart';
|
|||||||
|
|
||||||
/// This class represents an OmemoBundle but with all keypairs belonging to the keys
|
/// This class represents an OmemoBundle but with all keypairs belonging to the keys
|
||||||
@immutable
|
@immutable
|
||||||
class Device {
|
class OmemoDevice {
|
||||||
|
const OmemoDevice(
|
||||||
const Device(
|
|
||||||
this.jid,
|
this.jid,
|
||||||
this.id,
|
this.id,
|
||||||
this.ik,
|
this.ik,
|
||||||
@ -23,7 +23,7 @@ class Device {
|
|||||||
);
|
);
|
||||||
|
|
||||||
/// Deserialize the Device
|
/// Deserialize the Device
|
||||||
factory Device.fromJson(Map<String, dynamic> data) {
|
factory OmemoDevice.fromJson(Map<String, dynamic> data) {
|
||||||
// NOTE: We use the way OpenSSH names their keys, meaning that ik is the Identity
|
// NOTE: We use the way OpenSSH names their keys, meaning that ik is the Identity
|
||||||
// Keypair's private key, while ik_pub refers to the Identity Keypair's public
|
// Keypair's private key, while ik_pub refers to the Identity Keypair's public
|
||||||
// key.
|
// key.
|
||||||
@ -67,7 +67,7 @@ class Device {
|
|||||||
),
|
),
|
||||||
);
|
);
|
||||||
|
|
||||||
return Device(
|
return OmemoDevice(
|
||||||
data['jid']! as String,
|
data['jid']! as String,
|
||||||
data['id']! as int,
|
data['id']! as int,
|
||||||
OmemoKeyPair.fromBytes(
|
OmemoKeyPair.fromBytes(
|
||||||
@ -93,7 +93,7 @@ class Device {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// Generate a completely new device, i.e. cryptographic identity.
|
/// Generate a completely new device, i.e. cryptographic identity.
|
||||||
static Future<Device> generateNewDevice(String jid, { int opkAmount = 100 }) async {
|
static Future<OmemoDevice> generateNewDevice(String jid, { int opkAmount = 100 }) async {
|
||||||
final id = generateRandom32BitNumber();
|
final id = generateRandom32BitNumber();
|
||||||
final ik = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519);
|
final ik = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519);
|
||||||
final spk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
final spk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
||||||
@ -105,7 +105,7 @@ class Device {
|
|||||||
opks[i] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
opks[i] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
||||||
}
|
}
|
||||||
|
|
||||||
return Device(jid, id, ik, spk, spkId, signature, null, null, opks);
|
return OmemoDevice(jid, id, ik, spk, spkId, signature, null, null, opks);
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Our bare Jid
|
/// Our bare Jid
|
||||||
@ -135,10 +135,10 @@ class Device {
|
|||||||
/// This replaces the Onetime-Prekey with id [id] with a completely new one. Returns
|
/// This replaces the Onetime-Prekey with id [id] with a completely new one. Returns
|
||||||
/// a new Device object that copies over everything but replaces said key.
|
/// a new Device object that copies over everything but replaces said key.
|
||||||
@internal
|
@internal
|
||||||
Future<Device> replaceOnetimePrekey(int id) async {
|
Future<OmemoDevice> replaceOnetimePrekey(int id) async {
|
||||||
opks[id] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
opks[id] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
||||||
|
|
||||||
return Device(
|
return OmemoDevice(
|
||||||
jid,
|
jid,
|
||||||
this.id,
|
this.id,
|
||||||
ik,
|
ik,
|
||||||
@ -154,12 +154,12 @@ class Device {
|
|||||||
/// This replaces the Signed-Prekey with a completely new one. Returns a new Device object
|
/// This replaces the Signed-Prekey with a completely new one. Returns a new Device object
|
||||||
/// that copies over everything but replaces the Signed-Prekey and its signature.
|
/// that copies over everything but replaces the Signed-Prekey and its signature.
|
||||||
@internal
|
@internal
|
||||||
Future<Device> replaceSignedPrekey() async {
|
Future<OmemoDevice> replaceSignedPrekey() async {
|
||||||
final newSpk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
final newSpk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
||||||
final newSpkId = generateRandom32BitNumber();
|
final newSpkId = generateRandom32BitNumber();
|
||||||
final newSignature = await sig(ik, await newSpk.pk.getBytes());
|
final newSignature = await sig(ik, await newSpk.pk.getBytes());
|
||||||
|
|
||||||
return Device(
|
return OmemoDevice(
|
||||||
jid,
|
jid,
|
||||||
id,
|
id,
|
||||||
ik,
|
ik,
|
||||||
@ -175,8 +175,8 @@ class Device {
|
|||||||
/// Returns a new device that is equal to this one with the exception that the new
|
/// Returns a new device that is equal to this one with the exception that the new
|
||||||
/// device's id is a new number between 0 and 2**32 - 1.
|
/// device's id is a new number between 0 and 2**32 - 1.
|
||||||
@internal
|
@internal
|
||||||
Device withNewId() {
|
OmemoDevice withNewId() {
|
||||||
return Device(
|
return OmemoDevice(
|
||||||
jid,
|
jid,
|
||||||
generateRandom32BitNumber(),
|
generateRandom32BitNumber(),
|
||||||
ik,
|
ik,
|
||||||
@ -208,6 +208,13 @@ class Device {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Returns the fingerprint of the current device
|
||||||
|
Future<String> getFingerprint() async {
|
||||||
|
// Since the local key is Ed25519, we must convert it to Curve25519 first
|
||||||
|
final curveKey = await ik.pk.toCurve25519();
|
||||||
|
return HEX.encode(await curveKey.getBytes());
|
||||||
|
}
|
||||||
|
|
||||||
/// Serialise the device information.
|
/// Serialise the device information.
|
||||||
Future<Map<String, dynamic>> toJson() async {
|
Future<Map<String, dynamic>> toJson() async {
|
||||||
/// Serialise the OPKs
|
/// Serialise the OPKs
|
||||||
@ -237,7 +244,7 @@ class Device {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@visibleForTesting
|
@visibleForTesting
|
||||||
Future<bool> equals(Device other) async {
|
Future<bool> equals(OmemoDevice other) async {
|
||||||
var opksMatch = true;
|
var opksMatch = true;
|
||||||
if (opks.length != other.opks.length) {
|
if (opks.length != other.opks.length) {
|
||||||
opksMatch = false;
|
opksMatch = false;
|
||||||
|
@ -1,15 +1,26 @@
|
|||||||
import 'package:meta/meta.dart';
|
import 'package:meta/meta.dart';
|
||||||
|
import 'package:omemo_dart/src/errors.dart';
|
||||||
import 'package:omemo_dart/src/omemo/encrypted_key.dart';
|
import 'package:omemo_dart/src/omemo/encrypted_key.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/ratchet_map_key.dart';
|
||||||
|
|
||||||
@immutable
|
@immutable
|
||||||
class EncryptionResult {
|
class EncryptionResult {
|
||||||
|
const EncryptionResult(this.ciphertext, this.encryptedKeys, this.deviceEncryptionErrors, this.jidEncryptionErrors);
|
||||||
const EncryptionResult(this.ciphertext, this.encryptedKeys);
|
|
||||||
|
|
||||||
/// The actual message that was encrypted
|
/// The actual message that was encrypted.
|
||||||
final List<int>? ciphertext;
|
final List<int>? ciphertext;
|
||||||
|
|
||||||
/// Mapping of the device Id to the key for decrypting ciphertext, encrypted
|
/// Mapping of the device Id to the key for decrypting ciphertext, encrypted
|
||||||
/// for the ratchet with said device Id
|
/// for the ratchet with said device Id.
|
||||||
final List<EncryptedKey> encryptedKeys;
|
final List<EncryptedKey> encryptedKeys;
|
||||||
|
|
||||||
|
/// Mapping of a ratchet map keys to a possible exception.
|
||||||
|
final Map<RatchetMapKey, OmemoException> deviceEncryptionErrors;
|
||||||
|
|
||||||
|
/// Mapping of a JID to a possible exception.
|
||||||
|
final Map<String, OmemoException> jidEncryptionErrors;
|
||||||
|
|
||||||
|
/// True if the encryption was a success. This means that we could encrypt for
|
||||||
|
/// at least one ratchet.
|
||||||
|
bool isSuccess(int numberOfRecipients) => encryptedKeys.isNotEmpty && jidEncryptionErrors.length < numberOfRecipients;
|
||||||
}
|
}
|
||||||
|
@ -22,14 +22,14 @@ class RatchetRemovedEvent extends OmemoEvent {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// Triggered when the device map has been modified
|
/// Triggered when the device map has been modified
|
||||||
class DeviceMapModifiedEvent extends OmemoEvent {
|
class DeviceListModifiedEvent extends OmemoEvent {
|
||||||
DeviceMapModifiedEvent(this.map);
|
DeviceListModifiedEvent(this.list);
|
||||||
final Map<String, List<int>> map;
|
final Map<String, List<int>> list;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Triggered by the OmemoSessionManager when our own device bundle was modified
|
/// Triggered by the OmemoSessionManager when our own device bundle was modified
|
||||||
/// and thus should be republished.
|
/// and thus should be republished.
|
||||||
class DeviceModifiedEvent extends OmemoEvent {
|
class DeviceModifiedEvent extends OmemoEvent {
|
||||||
DeviceModifiedEvent(this.device);
|
DeviceModifiedEvent(this.device);
|
||||||
final Device device;
|
final OmemoDevice device;
|
||||||
}
|
}
|
||||||
|
@ -2,7 +2,6 @@ import 'package:meta/meta.dart';
|
|||||||
|
|
||||||
@immutable
|
@immutable
|
||||||
class DeviceFingerprint {
|
class DeviceFingerprint {
|
||||||
|
|
||||||
const DeviceFingerprint(this.deviceId, this.fingerprint);
|
const DeviceFingerprint(this.deviceId, this.fingerprint);
|
||||||
final String fingerprint;
|
final String fingerprint;
|
||||||
final int deviceId;
|
final int deviceId;
|
||||||
|
783
lib/src/omemo/omemomanager.dart
Normal file
783
lib/src/omemo/omemomanager.dart
Normal file
@ -0,0 +1,783 @@
|
|||||||
|
import 'dart:async';
|
||||||
|
import 'dart:collection';
|
||||||
|
import 'dart:convert';
|
||||||
|
import 'package:collection/collection.dart';
|
||||||
|
import 'package:cryptography/cryptography.dart';
|
||||||
|
import 'package:hex/hex.dart';
|
||||||
|
import 'package:logging/logging.dart';
|
||||||
|
import 'package:meta/meta.dart';
|
||||||
|
import 'package:omemo_dart/src/crypto.dart';
|
||||||
|
import 'package:omemo_dart/src/double_ratchet/double_ratchet.dart';
|
||||||
|
import 'package:omemo_dart/src/errors.dart';
|
||||||
|
import 'package:omemo_dart/src/helpers.dart';
|
||||||
|
import 'package:omemo_dart/src/keys.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/bundle.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/constants.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/decryption_result.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/device.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/encrypted_key.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/encryption_result.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/events.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/fingerprint.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/ratchet_map_key.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/stanza.dart';
|
||||||
|
import 'package:omemo_dart/src/protobuf/omemo_authenticated_message.dart';
|
||||||
|
import 'package:omemo_dart/src/protobuf/omemo_key_exchange.dart';
|
||||||
|
import 'package:omemo_dart/src/protobuf/omemo_message.dart';
|
||||||
|
import 'package:omemo_dart/src/trust/base.dart';
|
||||||
|
import 'package:omemo_dart/src/x3dh/x3dh.dart';
|
||||||
|
import 'package:synchronized/synchronized.dart';
|
||||||
|
|
||||||
|
class _InternalDecryptionResult {
|
||||||
|
const _InternalDecryptionResult(this.ratchetCreated, this.payload);
|
||||||
|
final bool ratchetCreated;
|
||||||
|
final String? payload;
|
||||||
|
}
|
||||||
|
|
||||||
|
class OmemoManager {
|
||||||
|
OmemoManager(
|
||||||
|
this._device,
|
||||||
|
this._trustManager,
|
||||||
|
this.sendEmptyOmemoMessageImpl,
|
||||||
|
this.fetchDeviceListImpl,
|
||||||
|
this.fetchDeviceBundleImpl,
|
||||||
|
this.subscribeToDeviceListNodeImpl,
|
||||||
|
);
|
||||||
|
|
||||||
|
final Logger _log = Logger('OmemoManager');
|
||||||
|
|
||||||
|
/// Functions for connecting with the OMEMO library
|
||||||
|
|
||||||
|
/// Send an empty OMEMO:2 message using the encrypted payload @result to
|
||||||
|
/// @recipientJid.
|
||||||
|
final Future<void> Function(EncryptionResult result, String recipientJid) sendEmptyOmemoMessageImpl;
|
||||||
|
|
||||||
|
/// Fetch the list of device ids associated with @jid. If the device list cannot be
|
||||||
|
/// fetched, return null.
|
||||||
|
final Future<List<int>?> Function(String jid) fetchDeviceListImpl;
|
||||||
|
|
||||||
|
/// Fetch the device bundle for the device with id @id of jid. If it cannot be fetched, return null.
|
||||||
|
final Future<OmemoBundle?> Function(String jid, int id) fetchDeviceBundleImpl;
|
||||||
|
|
||||||
|
/// Subscribe to the device list PEP node of @jid.
|
||||||
|
final Future<void> Function(String jid) subscribeToDeviceListNodeImpl;
|
||||||
|
|
||||||
|
/// Map bare JID to its known devices
|
||||||
|
Map<String, List<int>> _deviceList = {};
|
||||||
|
/// Map bare JIDs to whether we already requested the device list once
|
||||||
|
final Map<String, bool> _deviceListRequested = {};
|
||||||
|
/// Map bare a ratchet key to its ratchet. Note that this is also locked by
|
||||||
|
/// _ratchetCriticalSectionLock.
|
||||||
|
Map<RatchetMapKey, OmemoDoubleRatchet> _ratchetMap = {};
|
||||||
|
/// Map bare JID to whether we already tried to subscribe to the device list node.
|
||||||
|
final Map<String, bool> _subscriptionMap = {};
|
||||||
|
/// For preventing a race condition in encryption/decryption
|
||||||
|
final Map<String, Queue<Completer<void>>> _ratchetCriticalSectionQueue = {};
|
||||||
|
final Lock _ratchetCriticalSectionLock = Lock();
|
||||||
|
|
||||||
|
/// The OmemoManager's trust management
|
||||||
|
final TrustManager _trustManager;
|
||||||
|
TrustManager get trustManager => _trustManager;
|
||||||
|
|
||||||
|
/// Our own keys...
|
||||||
|
final Lock _deviceLock = Lock();
|
||||||
|
// ignore: prefer_final_fields
|
||||||
|
OmemoDevice _device;
|
||||||
|
|
||||||
|
/// The event bus of the session manager
|
||||||
|
final StreamController<OmemoEvent> _eventStreamController = StreamController<OmemoEvent>.broadcast();
|
||||||
|
Stream<OmemoEvent> get eventStream => _eventStreamController.stream;
|
||||||
|
|
||||||
|
/// Enter the critical section for performing cryptographic operations on the ratchets
|
||||||
|
Future<void> _enterRatchetCriticalSection(String jid) async {
|
||||||
|
final completer = await _ratchetCriticalSectionLock.synchronized(() {
|
||||||
|
if (_ratchetCriticalSectionQueue.containsKey(jid)) {
|
||||||
|
final c = Completer<void>();
|
||||||
|
_ratchetCriticalSectionQueue[jid]!.addLast(c);
|
||||||
|
return c;
|
||||||
|
}
|
||||||
|
|
||||||
|
_ratchetCriticalSectionQueue[jid] = Queue();
|
||||||
|
return null;
|
||||||
|
});
|
||||||
|
|
||||||
|
if (completer != null) {
|
||||||
|
await completer.future;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Leave the critical section for the ratchets.
|
||||||
|
Future<void> _leaveRatchetCriticalSection(String jid) async {
|
||||||
|
await _ratchetCriticalSectionLock.synchronized(() {
|
||||||
|
if (_ratchetCriticalSectionQueue.containsKey(jid)) {
|
||||||
|
if (_ratchetCriticalSectionQueue[jid]!.isEmpty) {
|
||||||
|
_ratchetCriticalSectionQueue.remove(jid);
|
||||||
|
} else {
|
||||||
|
_ratchetCriticalSectionQueue[jid]!.removeFirst().complete();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
Future<String?> _decryptAndVerifyHmac(List<int>? ciphertext, List<int> keyAndHmac) async {
|
||||||
|
// Empty OMEMO messages should just have the key decrypted and/or session set up.
|
||||||
|
if (ciphertext == null) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
final key = keyAndHmac.sublist(0, 32);
|
||||||
|
final hmac = keyAndHmac.sublist(32, 48);
|
||||||
|
final derivedKeys = await deriveEncryptionKeys(key, omemoPayloadInfoString);
|
||||||
|
final computedHmac = await truncatedHmac(ciphertext, derivedKeys.authenticationKey);
|
||||||
|
if (!listsEqual(hmac, computedHmac)) {
|
||||||
|
throw InvalidMessageHMACException();
|
||||||
|
}
|
||||||
|
|
||||||
|
return utf8.decode(
|
||||||
|
await aes256CbcDecrypt(ciphertext, derivedKeys.encryptionKey, derivedKeys.iv),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Add a session [ratchet] with the [deviceId] to the internal tracking state.
|
||||||
|
/// NOTE: Must be called from within the ratchet critical section.
|
||||||
|
void _addSession(String jid, int deviceId, OmemoDoubleRatchet ratchet) {
|
||||||
|
// Add the bundle Id
|
||||||
|
if (!_deviceList.containsKey(jid)) {
|
||||||
|
_deviceList[jid] = [deviceId];
|
||||||
|
|
||||||
|
// Commit the device map
|
||||||
|
_eventStreamController.add(DeviceListModifiedEvent(_deviceList));
|
||||||
|
} else {
|
||||||
|
// Prevent having the same device multiple times in the list
|
||||||
|
if (!_deviceList[jid]!.contains(deviceId)) {
|
||||||
|
_deviceList[jid]!.add(deviceId);
|
||||||
|
|
||||||
|
// Commit the device map
|
||||||
|
_eventStreamController.add(DeviceListModifiedEvent(_deviceList));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Add the ratchet session
|
||||||
|
final key = RatchetMapKey(jid, deviceId);
|
||||||
|
_ratchetMap[key] = ratchet;
|
||||||
|
|
||||||
|
// Commit the ratchet
|
||||||
|
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, true));
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Build a new session with the user at [jid] with the device [deviceId] using data
|
||||||
|
/// from the key exchange [kex]. In case [kex] contains an unknown Signed Prekey
|
||||||
|
/// identifier an UnknownSignedPrekeyException will be thrown.
|
||||||
|
Future<OmemoDoubleRatchet> _addSessionFromKeyExchange(String jid, int deviceId, OmemoKeyExchange kex) async {
|
||||||
|
// Pick the correct SPK
|
||||||
|
final device = await getDevice();
|
||||||
|
OmemoKeyPair spk;
|
||||||
|
if (kex.spkId == _device.spkId) {
|
||||||
|
spk = _device.spk;
|
||||||
|
} else if (kex.spkId == _device.oldSpkId) {
|
||||||
|
spk = _device.oldSpk!;
|
||||||
|
} else {
|
||||||
|
throw UnknownSignedPrekeyException();
|
||||||
|
}
|
||||||
|
|
||||||
|
final kexResult = await x3dhFromInitialMessage(
|
||||||
|
X3DHMessage(
|
||||||
|
OmemoPublicKey.fromBytes(kex.ik!, KeyPairType.ed25519),
|
||||||
|
OmemoPublicKey.fromBytes(kex.ek!, KeyPairType.x25519),
|
||||||
|
kex.pkId!,
|
||||||
|
),
|
||||||
|
spk,
|
||||||
|
device.opks.values.elementAt(kex.pkId!),
|
||||||
|
device.ik,
|
||||||
|
);
|
||||||
|
final ratchet = await OmemoDoubleRatchet.acceptNewSession(
|
||||||
|
spk,
|
||||||
|
OmemoPublicKey.fromBytes(kex.ik!, KeyPairType.ed25519),
|
||||||
|
kexResult.sk,
|
||||||
|
kexResult.ad,
|
||||||
|
getTimestamp(),
|
||||||
|
);
|
||||||
|
|
||||||
|
return ratchet;
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Create a ratchet session initiated by Alice to the user with Jid [jid] and the device
|
||||||
|
/// [deviceId] from the bundle [bundle].
|
||||||
|
@visibleForTesting
|
||||||
|
Future<OmemoKeyExchange> addSessionFromBundle(String jid, int deviceId, OmemoBundle bundle) async {
|
||||||
|
final device = await getDevice();
|
||||||
|
final kexResult = await x3dhFromBundle(
|
||||||
|
bundle,
|
||||||
|
device.ik,
|
||||||
|
);
|
||||||
|
final ratchet = await OmemoDoubleRatchet.initiateNewSession(
|
||||||
|
bundle.spk,
|
||||||
|
bundle.ik,
|
||||||
|
kexResult.sk,
|
||||||
|
kexResult.ad,
|
||||||
|
getTimestamp(),
|
||||||
|
);
|
||||||
|
|
||||||
|
await _trustManager.onNewSession(jid, deviceId);
|
||||||
|
_addSession(jid, deviceId, ratchet);
|
||||||
|
|
||||||
|
return OmemoKeyExchange()
|
||||||
|
..pkId = kexResult.opkId
|
||||||
|
..spkId = bundle.spkId
|
||||||
|
..ik = await device.ik.pk.getBytes()
|
||||||
|
..ek = await kexResult.ek.pk.getBytes();
|
||||||
|
}
|
||||||
|
|
||||||
|
/// In case a decryption error occurs, the Double Ratchet spec says to just restore
|
||||||
|
/// the ratchet to its old state. As such, this function restores the ratchet at
|
||||||
|
/// [mapKey] with [oldRatchet].
|
||||||
|
/// NOTE: Must be called from within the ratchet critical section
|
||||||
|
void _restoreRatchet(RatchetMapKey mapKey, OmemoDoubleRatchet oldRatchet) {
|
||||||
|
_log.finest('Restoring ratchet ${mapKey.jid}:${mapKey.deviceId} to ${oldRatchet.nr}');
|
||||||
|
_ratchetMap[mapKey] = oldRatchet;
|
||||||
|
|
||||||
|
// Commit the ratchet
|
||||||
|
_eventStreamController.add(
|
||||||
|
RatchetModifiedEvent(
|
||||||
|
mapKey.jid,
|
||||||
|
mapKey.deviceId,
|
||||||
|
oldRatchet,
|
||||||
|
false,
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Attempt to decrypt [ciphertext]. [keys] refers to the <key /> elements inside the
|
||||||
|
/// <keys /> element with a "jid" attribute matching our own. [senderJid] refers to the
|
||||||
|
/// bare Jid of the sender. [senderDeviceId] refers to the "sid" attribute of the
|
||||||
|
/// <encrypted /> element.
|
||||||
|
/// [timestamp] refers to the time the message was sent. This might be either what the
|
||||||
|
/// server tells you via "XEP-0203: Delayed Delivery" or the point in time at which
|
||||||
|
/// you received the stanza, if no Delayed Delivery element was found.
|
||||||
|
///
|
||||||
|
/// If the received message is an empty OMEMO message, i.e. there is no <payload />
|
||||||
|
/// element, then [ciphertext] must be set to null. In this case, this function
|
||||||
|
/// will return null as there is no message to be decrypted. This, however, is used
|
||||||
|
/// to set up sessions or advance the ratchets.
|
||||||
|
Future<_InternalDecryptionResult> _decryptMessage(List<int>? ciphertext, String senderJid, int senderDeviceId, List<EncryptedKey> keys, int timestamp) async {
|
||||||
|
// Try to find a session we can decrypt with.
|
||||||
|
var device = await getDevice();
|
||||||
|
final rawKey = keys.firstWhereOrNull((key) => key.rid == device.id);
|
||||||
|
if (rawKey == null) {
|
||||||
|
throw NotEncryptedForDeviceException();
|
||||||
|
}
|
||||||
|
|
||||||
|
final ratchetKey = RatchetMapKey(senderJid, senderDeviceId);
|
||||||
|
final decodedRawKey = base64.decode(rawKey.value);
|
||||||
|
List<int>? keyAndHmac;
|
||||||
|
OmemoAuthenticatedMessage authMessage;
|
||||||
|
OmemoDoubleRatchet? oldRatchet;
|
||||||
|
OmemoMessage? message;
|
||||||
|
var ratchetCreated = false;
|
||||||
|
if (rawKey.kex) {
|
||||||
|
// If the ratchet already existed, we store it. If it didn't, oldRatchet will stay
|
||||||
|
// null.
|
||||||
|
final oldRatchet = _getRatchet(ratchetKey)?.clone();
|
||||||
|
final kex = OmemoKeyExchange.fromBuffer(decodedRawKey);
|
||||||
|
authMessage = kex.message!;
|
||||||
|
message = OmemoMessage.fromBuffer(authMessage.message!);
|
||||||
|
|
||||||
|
// Guard against old key exchanges
|
||||||
|
if (oldRatchet != null) {
|
||||||
|
_log.finest('KEX for existent ratchet ${ratchetKey.toJsonKey()}. ${oldRatchet.kexTimestamp} > $timestamp: ${oldRatchet.kexTimestamp > timestamp}');
|
||||||
|
if (oldRatchet.kexTimestamp > timestamp) {
|
||||||
|
throw InvalidKeyExchangeException();
|
||||||
|
}
|
||||||
|
|
||||||
|
// Try to decrypt it
|
||||||
|
try {
|
||||||
|
final decrypted = await oldRatchet.ratchetDecrypt(message, authMessage.writeToBuffer());
|
||||||
|
|
||||||
|
// Commit the ratchet
|
||||||
|
_eventStreamController.add(
|
||||||
|
RatchetModifiedEvent(
|
||||||
|
senderJid,
|
||||||
|
senderDeviceId,
|
||||||
|
oldRatchet,
|
||||||
|
false,
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
final plaintext = await _decryptAndVerifyHmac(
|
||||||
|
ciphertext,
|
||||||
|
decrypted,
|
||||||
|
);
|
||||||
|
_addSession(senderJid, senderDeviceId, oldRatchet);
|
||||||
|
return _InternalDecryptionResult(
|
||||||
|
true,
|
||||||
|
plaintext,
|
||||||
|
);
|
||||||
|
} catch (_) {
|
||||||
|
_log.finest('Failed to use old ratchet with KEX for existing ratchet');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
final r = await _addSessionFromKeyExchange(senderJid, senderDeviceId, kex);
|
||||||
|
await _trustManager.onNewSession(senderJid, senderDeviceId);
|
||||||
|
_addSession(senderJid, senderDeviceId, r);
|
||||||
|
ratchetCreated = true;
|
||||||
|
|
||||||
|
// Replace the OPK
|
||||||
|
// TODO(PapaTutuWawa): Replace the OPK when we know that the KEX worked
|
||||||
|
await _deviceLock.synchronized(() async {
|
||||||
|
device = await device.replaceOnetimePrekey(kex.pkId!);
|
||||||
|
|
||||||
|
// Commit the device
|
||||||
|
_eventStreamController.add(DeviceModifiedEvent(device));
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
authMessage = OmemoAuthenticatedMessage.fromBuffer(decodedRawKey);
|
||||||
|
message = OmemoMessage.fromBuffer(authMessage.message!);
|
||||||
|
}
|
||||||
|
|
||||||
|
final devices = _deviceList[senderJid];
|
||||||
|
if (devices?.contains(senderDeviceId) != true) {
|
||||||
|
throw NoDecryptionKeyException();
|
||||||
|
}
|
||||||
|
|
||||||
|
// We can guarantee that the ratchet exists at this point in time
|
||||||
|
final ratchet = _getRatchet(ratchetKey)!;
|
||||||
|
oldRatchet ??= ratchet.clone();
|
||||||
|
|
||||||
|
try {
|
||||||
|
if (rawKey.kex) {
|
||||||
|
keyAndHmac = await ratchet.ratchetDecrypt(message, authMessage.writeToBuffer());
|
||||||
|
} else {
|
||||||
|
keyAndHmac = await ratchet.ratchetDecrypt(message, decodedRawKey);
|
||||||
|
}
|
||||||
|
} catch (_) {
|
||||||
|
_restoreRatchet(ratchetKey, oldRatchet);
|
||||||
|
rethrow;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Commit the ratchet
|
||||||
|
_eventStreamController.add(
|
||||||
|
RatchetModifiedEvent(
|
||||||
|
senderJid,
|
||||||
|
senderDeviceId,
|
||||||
|
ratchet,
|
||||||
|
false,
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
try {
|
||||||
|
return _InternalDecryptionResult(
|
||||||
|
ratchetCreated,
|
||||||
|
await _decryptAndVerifyHmac(ciphertext, keyAndHmac),
|
||||||
|
);
|
||||||
|
} catch (_) {
|
||||||
|
_restoreRatchet(ratchetKey, oldRatchet);
|
||||||
|
rethrow;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Returns, if it exists, the ratchet associated with [key].
|
||||||
|
/// NOTE: Must be called from within the ratchet critical section.
|
||||||
|
OmemoDoubleRatchet? _getRatchet(RatchetMapKey key) => _ratchetMap[key];
|
||||||
|
|
||||||
|
/// Figure out what bundles we have to still build a session with.
|
||||||
|
Future<List<OmemoBundle>> _fetchNewBundles(String jid) async {
|
||||||
|
// Check if we already requested the device list for [jid]
|
||||||
|
List<int> bundlesToFetch;
|
||||||
|
if (!_deviceListRequested.containsKey(jid) || !_deviceList.containsKey(jid)) {
|
||||||
|
// We don't have an up-to-date version of the device list
|
||||||
|
final newDeviceList = await fetchDeviceListImpl(jid);
|
||||||
|
if (newDeviceList == null) return [];
|
||||||
|
|
||||||
|
_deviceList[jid] = newDeviceList;
|
||||||
|
bundlesToFetch = newDeviceList
|
||||||
|
.where((id) {
|
||||||
|
return !_ratchetMap.containsKey(RatchetMapKey(jid, id)) ||
|
||||||
|
_deviceList[jid]?.contains(id) == false;
|
||||||
|
}).toList();
|
||||||
|
|
||||||
|
// Trigger an event with the new device list
|
||||||
|
_eventStreamController.add(DeviceListModifiedEvent(_deviceList));
|
||||||
|
} else {
|
||||||
|
// We already have an up-to-date version of the device list
|
||||||
|
bundlesToFetch = _deviceList[jid]!
|
||||||
|
.where((id) => !_ratchetMap.containsKey(RatchetMapKey(jid, id)))
|
||||||
|
.toList();
|
||||||
|
}
|
||||||
|
|
||||||
|
if (bundlesToFetch.isNotEmpty) {
|
||||||
|
_log.finest('Fetching bundles $bundlesToFetch for $jid');
|
||||||
|
}
|
||||||
|
|
||||||
|
final newBundles = List<OmemoBundle>.empty(growable: true);
|
||||||
|
for (final id in bundlesToFetch) {
|
||||||
|
final bundle = await fetchDeviceBundleImpl(jid, id);
|
||||||
|
if (bundle != null) newBundles.add(bundle);
|
||||||
|
}
|
||||||
|
|
||||||
|
return newBundles;
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Encrypt the key [plaintext] for all known bundles of the Jids in [jids]. Returns a
|
||||||
|
/// map that maps the device Id to the ciphertext of [plaintext].
|
||||||
|
///
|
||||||
|
/// If [plaintext] is null, then the result will be an empty OMEMO message, i.e. one that
|
||||||
|
/// does not contain a <payload /> element. This means that the ciphertext attribute of
|
||||||
|
/// the result will be null as well.
|
||||||
|
/// NOTE: Must be called within the ratchet critical section
|
||||||
|
Future<EncryptionResult> _encryptToJids(List<String> jids, String? plaintext) async {
|
||||||
|
final encryptedKeys = List<EncryptedKey>.empty(growable: true);
|
||||||
|
|
||||||
|
var ciphertext = const <int>[];
|
||||||
|
var keyPayload = const <int>[];
|
||||||
|
if (plaintext != null) {
|
||||||
|
// Generate the key and encrypt the plaintext
|
||||||
|
final key = generateRandomBytes(32);
|
||||||
|
final keys = await deriveEncryptionKeys(key, omemoPayloadInfoString);
|
||||||
|
ciphertext = await aes256CbcEncrypt(
|
||||||
|
utf8.encode(plaintext),
|
||||||
|
keys.encryptionKey,
|
||||||
|
keys.iv,
|
||||||
|
);
|
||||||
|
final hmac = await truncatedHmac(ciphertext, keys.authenticationKey);
|
||||||
|
keyPayload = concat([key, hmac]);
|
||||||
|
} else {
|
||||||
|
keyPayload = List<int>.filled(32, 0x0);
|
||||||
|
}
|
||||||
|
|
||||||
|
final kex = <RatchetMapKey, OmemoKeyExchange>{};
|
||||||
|
for (final jid in jids) {
|
||||||
|
for (final newSession in await _fetchNewBundles(jid)) {
|
||||||
|
kex[RatchetMapKey(jid, newSession.id)] = await addSessionFromBundle(
|
||||||
|
newSession.jid,
|
||||||
|
newSession.id,
|
||||||
|
newSession,
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// We assume that the user already checked if the session exists
|
||||||
|
final deviceEncryptionErrors = <RatchetMapKey, OmemoException>{};
|
||||||
|
final jidEncryptionErrors = <String, OmemoException>{};
|
||||||
|
for (final jid in jids) {
|
||||||
|
final devices = _deviceList[jid];
|
||||||
|
if (devices == null) {
|
||||||
|
_log.severe('Device list does not exist for $jid.');
|
||||||
|
jidEncryptionErrors[jid] = NoKeyMaterialAvailableException();
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!_subscriptionMap.containsKey(jid)) {
|
||||||
|
unawaited(subscribeToDeviceListNodeImpl(jid));
|
||||||
|
_subscriptionMap[jid] = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
for (final deviceId in devices) {
|
||||||
|
// Empty OMEMO messages are allowed to bypass trust
|
||||||
|
if (plaintext != null) {
|
||||||
|
// Only encrypt to devices that are trusted
|
||||||
|
if (!(await _trustManager.isTrusted(jid, deviceId))) continue;
|
||||||
|
|
||||||
|
// Only encrypt to devices that are enabled
|
||||||
|
if (!(await _trustManager.isEnabled(jid, deviceId))) continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
final ratchetKey = RatchetMapKey(jid, deviceId);
|
||||||
|
var ratchet = _ratchetMap[ratchetKey];
|
||||||
|
if (ratchet == null) {
|
||||||
|
_log.severe('Ratchet ${ratchetKey.toJsonKey()} does not exist.');
|
||||||
|
deviceEncryptionErrors[ratchetKey] = NoKeyMaterialAvailableException();
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
final ciphertext = (await ratchet.ratchetEncrypt(keyPayload)).ciphertext;
|
||||||
|
|
||||||
|
if (kex.containsKey(ratchetKey)) {
|
||||||
|
// The ratchet did not exist
|
||||||
|
final k = kex[ratchetKey]!
|
||||||
|
..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext);
|
||||||
|
final buffer = base64.encode(k.writeToBuffer());
|
||||||
|
encryptedKeys.add(
|
||||||
|
EncryptedKey(
|
||||||
|
jid,
|
||||||
|
deviceId,
|
||||||
|
buffer,
|
||||||
|
true,
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
ratchet = ratchet.cloneWithKex(buffer);
|
||||||
|
_ratchetMap[ratchetKey] = ratchet;
|
||||||
|
} else if (!ratchet.acknowledged) {
|
||||||
|
// The ratchet exists but is not acked
|
||||||
|
if (ratchet.kex != null) {
|
||||||
|
final oldKex = OmemoKeyExchange.fromBuffer(base64.decode(ratchet.kex!))
|
||||||
|
..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext);
|
||||||
|
|
||||||
|
encryptedKeys.add(
|
||||||
|
EncryptedKey(
|
||||||
|
jid,
|
||||||
|
deviceId,
|
||||||
|
base64.encode(oldKex.writeToBuffer()),
|
||||||
|
true,
|
||||||
|
),
|
||||||
|
);
|
||||||
|
} else {
|
||||||
|
// The ratchet is not acked but we don't have the old key exchange
|
||||||
|
_log.warning('Ratchet for $jid:$deviceId is not acked but the kex attribute is null');
|
||||||
|
encryptedKeys.add(
|
||||||
|
EncryptedKey(
|
||||||
|
jid,
|
||||||
|
deviceId,
|
||||||
|
base64.encode(ciphertext),
|
||||||
|
false,
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// The ratchet exists and is acked
|
||||||
|
encryptedKeys.add(
|
||||||
|
EncryptedKey(
|
||||||
|
jid,
|
||||||
|
deviceId,
|
||||||
|
base64.encode(ciphertext),
|
||||||
|
false,
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Commit the ratchet
|
||||||
|
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return EncryptionResult(
|
||||||
|
plaintext != null ?
|
||||||
|
ciphertext : null,
|
||||||
|
encryptedKeys,
|
||||||
|
deviceEncryptionErrors,
|
||||||
|
jidEncryptionErrors,
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Call when receiving an OMEMO:2 encrypted stanza. Will handle everything and
|
||||||
|
/// decrypt it.
|
||||||
|
Future<DecryptionResult> onIncomingStanza(OmemoIncomingStanza stanza) async {
|
||||||
|
await _enterRatchetCriticalSection(stanza.bareSenderJid);
|
||||||
|
|
||||||
|
if (!_subscriptionMap.containsKey(stanza.bareSenderJid)) {
|
||||||
|
unawaited(subscribeToDeviceListNodeImpl(stanza.bareSenderJid));
|
||||||
|
_subscriptionMap[stanza.bareSenderJid] = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
final ratchetKey = RatchetMapKey(stanza.bareSenderJid, stanza.senderDeviceId);
|
||||||
|
final _InternalDecryptionResult result;
|
||||||
|
try {
|
||||||
|
result = await _decryptMessage(
|
||||||
|
stanza.payload != null ?
|
||||||
|
base64.decode(stanza.payload!) :
|
||||||
|
null,
|
||||||
|
stanza.bareSenderJid,
|
||||||
|
stanza.senderDeviceId,
|
||||||
|
stanza.keys,
|
||||||
|
stanza.timestamp,
|
||||||
|
);
|
||||||
|
} on OmemoException catch (ex) {
|
||||||
|
await _leaveRatchetCriticalSection(stanza.bareSenderJid);
|
||||||
|
return DecryptionResult(
|
||||||
|
null,
|
||||||
|
ex,
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if the ratchet is acked
|
||||||
|
final ratchet = _getRatchet(ratchetKey);
|
||||||
|
assert(ratchet != null, 'We decrypted the message, so the ratchet must exist');
|
||||||
|
|
||||||
|
if (ratchet!.acknowledged) {
|
||||||
|
// Ratchet is acknowledged
|
||||||
|
if (ratchet.nr > 53 || result.ratchetCreated) {
|
||||||
|
await sendEmptyOmemoMessageImpl(
|
||||||
|
await _encryptToJids(
|
||||||
|
[stanza.bareSenderJid],
|
||||||
|
null,
|
||||||
|
),
|
||||||
|
stanza.bareSenderJid,
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Ratchet is acked
|
||||||
|
await _leaveRatchetCriticalSection(stanza.bareSenderJid);
|
||||||
|
return DecryptionResult(
|
||||||
|
result.payload,
|
||||||
|
null,
|
||||||
|
);
|
||||||
|
} else {
|
||||||
|
// Ratchet is not acked.
|
||||||
|
// Mark as acked and send an empty OMEMO message.
|
||||||
|
await ratchetAcknowledged(
|
||||||
|
stanza.bareSenderJid,
|
||||||
|
stanza.senderDeviceId,
|
||||||
|
enterCriticalSection: false,
|
||||||
|
);
|
||||||
|
await sendEmptyOmemoMessageImpl(
|
||||||
|
await _encryptToJids(
|
||||||
|
[stanza.bareSenderJid],
|
||||||
|
null,
|
||||||
|
),
|
||||||
|
stanza.bareSenderJid,
|
||||||
|
);
|
||||||
|
|
||||||
|
await _leaveRatchetCriticalSection(stanza.bareSenderJid);
|
||||||
|
return DecryptionResult(
|
||||||
|
result.payload,
|
||||||
|
null,
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Call when sending out an encrypted stanza. Will handle everything and
|
||||||
|
/// encrypt it.
|
||||||
|
Future<EncryptionResult> onOutgoingStanza(OmemoOutgoingStanza stanza) async {
|
||||||
|
_log.finest('Waiting to enter critical section');
|
||||||
|
await _enterRatchetCriticalSection(stanza.recipientJids.first);
|
||||||
|
_log.finest('Entered critical section');
|
||||||
|
|
||||||
|
final result = _encryptToJids(
|
||||||
|
stanza.recipientJids,
|
||||||
|
stanza.payload,
|
||||||
|
);
|
||||||
|
|
||||||
|
await _leaveRatchetCriticalSection(stanza.recipientJids.first);
|
||||||
|
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Sends a hearbeat message as specified by XEP-0384 to [jid].
|
||||||
|
Future<void> sendOmemoHeartbeat(String jid) async {
|
||||||
|
// TODO(Unknown): Include some error handling
|
||||||
|
final result = await _encryptToJids(
|
||||||
|
[jid],
|
||||||
|
null,
|
||||||
|
);
|
||||||
|
await sendEmptyOmemoMessageImpl(result, jid);
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Mark the ratchet for device [deviceId] from [jid] as acked.
|
||||||
|
Future<void> ratchetAcknowledged(String jid, int deviceId, { bool enterCriticalSection = true }) async {
|
||||||
|
if (enterCriticalSection) await _enterRatchetCriticalSection(jid);
|
||||||
|
|
||||||
|
final key = RatchetMapKey(jid, deviceId);
|
||||||
|
if (_ratchetMap.containsKey(key)) {
|
||||||
|
final ratchet = _ratchetMap[key]!
|
||||||
|
..acknowledged = true;
|
||||||
|
|
||||||
|
// Commit it
|
||||||
|
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false));
|
||||||
|
} else {
|
||||||
|
_log.severe('Attempted to acknowledge ratchet ${key.toJsonKey()}, even though it does not exist');
|
||||||
|
}
|
||||||
|
|
||||||
|
if (enterCriticalSection) await _leaveRatchetCriticalSection(jid);
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Generates an entirely new device. May be useful when the user wants to reset their cryptographic
|
||||||
|
/// identity. Triggers an event to commit it to storage.
|
||||||
|
Future<void> regenerateDevice() async {
|
||||||
|
await _deviceLock.synchronized(() async {
|
||||||
|
_device = await OmemoDevice.generateNewDevice(_device.jid);
|
||||||
|
|
||||||
|
// Commit it
|
||||||
|
_eventStreamController.add(DeviceModifiedEvent(_device));
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Returns the device used for encryption and decryption.
|
||||||
|
Future<OmemoDevice> getDevice() => _deviceLock.synchronized(() => _device);
|
||||||
|
|
||||||
|
/// Returns the id of the device used for encryption and decryption.
|
||||||
|
Future<int> getDeviceId() async => (await getDevice()).id;
|
||||||
|
|
||||||
|
/// Directly aquire the current device as a OMEMO device bundle.
|
||||||
|
Future<OmemoBundle> getDeviceBundle() async => (await getDevice()).toBundle();
|
||||||
|
|
||||||
|
/// Directly aquire the current device's fingerprint.
|
||||||
|
Future<String> getDeviceFingerprint() async => (await getDevice()).getFingerprint();
|
||||||
|
|
||||||
|
/// Returns the fingerprints for all devices of [jid] that we have a session with.
|
||||||
|
/// If there are not sessions with [jid], then returns null.
|
||||||
|
Future<List<DeviceFingerprint>?> getFingerprintsForJid(String jid) async {
|
||||||
|
if (!_deviceList.containsKey(jid)) return null;
|
||||||
|
|
||||||
|
await _enterRatchetCriticalSection(jid);
|
||||||
|
|
||||||
|
final fingerprintKeys = _deviceList[jid]!
|
||||||
|
.map((id) => RatchetMapKey(jid, id))
|
||||||
|
.where((key) => _ratchetMap.containsKey(key));
|
||||||
|
|
||||||
|
final fingerprints = List<DeviceFingerprint>.empty(growable: true);
|
||||||
|
for (final key in fingerprintKeys) {
|
||||||
|
final curveKey = await _ratchetMap[key]!.ik.toCurve25519();
|
||||||
|
fingerprints.add(
|
||||||
|
DeviceFingerprint(
|
||||||
|
key.deviceId,
|
||||||
|
HEX.encode(await curveKey.getBytes()),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
await _leaveRatchetCriticalSection(jid);
|
||||||
|
return fingerprints;
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Ensures that the device list is fetched again on the next message sending.
|
||||||
|
void onNewConnection() {
|
||||||
|
_deviceListRequested.clear();
|
||||||
|
_subscriptionMap.clear();
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Sets the device list for [jid] to [devices]. Triggers a DeviceListModifiedEvent.
|
||||||
|
void onDeviceListUpdate(String jid, List<int> devices) {
|
||||||
|
_deviceList[jid] = devices;
|
||||||
|
_deviceListRequested[jid] = true;
|
||||||
|
|
||||||
|
// Trigger an event
|
||||||
|
_eventStreamController.add(DeviceListModifiedEvent(_deviceList));
|
||||||
|
}
|
||||||
|
|
||||||
|
void initialize(Map<RatchetMapKey, OmemoDoubleRatchet> ratchetMap, Map<String, List<int>> deviceList) {
|
||||||
|
_deviceList = deviceList;
|
||||||
|
_ratchetMap = ratchetMap;
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Removes all ratchets for JID [jid]. This also removes all trust decisions for
|
||||||
|
/// [jid] from the trust manager. This function triggers a RatchetRemovedEvent for
|
||||||
|
/// every removed ratchet and a DeviceListModifiedEvent afterwards. Behaviour for
|
||||||
|
/// the trust manager is dependent on its implementation.
|
||||||
|
Future<void> removeAllRatchets(String jid) async {
|
||||||
|
await _enterRatchetCriticalSection(jid);
|
||||||
|
|
||||||
|
for (final deviceId in _deviceList[jid]!) {
|
||||||
|
// Remove the ratchet and commit it
|
||||||
|
_ratchetMap.remove(jid);
|
||||||
|
_eventStreamController.add(RatchetRemovedEvent(jid, deviceId));
|
||||||
|
}
|
||||||
|
|
||||||
|
// Remove the devices from the device list cache and commit it
|
||||||
|
_deviceList.remove(jid);
|
||||||
|
_deviceListRequested.remove(jid);
|
||||||
|
_eventStreamController.add(DeviceListModifiedEvent(_deviceList));
|
||||||
|
|
||||||
|
// Remove trust decisions
|
||||||
|
await _trustManager.removeTrustDecisionsForJid(jid);
|
||||||
|
|
||||||
|
await _leaveRatchetCriticalSection(jid);
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Replaces the internal device with [newDevice]. Does not trigger an event.
|
||||||
|
Future<void> replaceDevice(OmemoDevice newDevice) async {
|
||||||
|
await _deviceLock.synchronized(() {
|
||||||
|
_device = newDevice;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
@ -2,7 +2,6 @@ import 'package:meta/meta.dart';
|
|||||||
|
|
||||||
@immutable
|
@immutable
|
||||||
class RatchetMapKey {
|
class RatchetMapKey {
|
||||||
|
|
||||||
const RatchetMapKey(this.jid, this.deviceId);
|
const RatchetMapKey(this.jid, this.deviceId);
|
||||||
|
|
||||||
factory RatchetMapKey.fromJsonKey(String key) {
|
factory RatchetMapKey.fromJsonKey(String key) {
|
||||||
|
@ -11,6 +11,7 @@ import 'package:omemo_dart/src/errors.dart';
|
|||||||
import 'package:omemo_dart/src/helpers.dart';
|
import 'package:omemo_dart/src/helpers.dart';
|
||||||
import 'package:omemo_dart/src/keys.dart';
|
import 'package:omemo_dart/src/keys.dart';
|
||||||
import 'package:omemo_dart/src/omemo/bundle.dart';
|
import 'package:omemo_dart/src/omemo/bundle.dart';
|
||||||
|
import 'package:omemo_dart/src/omemo/constants.dart';
|
||||||
import 'package:omemo_dart/src/omemo/device.dart';
|
import 'package:omemo_dart/src/omemo/device.dart';
|
||||||
import 'package:omemo_dart/src/omemo/encrypted_key.dart';
|
import 'package:omemo_dart/src/omemo/encrypted_key.dart';
|
||||||
import 'package:omemo_dart/src/omemo/encryption_result.dart';
|
import 'package:omemo_dart/src/omemo/encryption_result.dart';
|
||||||
@ -24,10 +25,9 @@ import 'package:omemo_dart/src/trust/base.dart';
|
|||||||
import 'package:omemo_dart/src/x3dh/x3dh.dart';
|
import 'package:omemo_dart/src/x3dh/x3dh.dart';
|
||||||
import 'package:synchronized/synchronized.dart';
|
import 'package:synchronized/synchronized.dart';
|
||||||
|
|
||||||
/// The info used for when encrypting the AES key for the actual payload.
|
@Deprecated('Use OmemoManager instead')
|
||||||
const omemoPayloadInfoString = 'OMEMO Payload';
|
|
||||||
|
|
||||||
class OmemoSessionManager {
|
class OmemoSessionManager {
|
||||||
|
@Deprecated('Use OmemoManager instead')
|
||||||
OmemoSessionManager(this._device, this._deviceMap, this._ratchetMap, this._trustManager)
|
OmemoSessionManager(this._device, this._deviceMap, this._ratchetMap, this._trustManager)
|
||||||
: _lock = Lock(),
|
: _lock = Lock(),
|
||||||
_deviceLock = Lock(),
|
_deviceLock = Lock(),
|
||||||
@ -36,6 +36,7 @@ class OmemoSessionManager {
|
|||||||
|
|
||||||
/// Deserialise the OmemoSessionManager from JSON data [data] that does not contain
|
/// Deserialise the OmemoSessionManager from JSON data [data] that does not contain
|
||||||
/// the ratchet sessions.
|
/// the ratchet sessions.
|
||||||
|
@Deprecated('Use OmemoManager instead')
|
||||||
factory OmemoSessionManager.fromJsonWithoutSessions(
|
factory OmemoSessionManager.fromJsonWithoutSessions(
|
||||||
Map<String, dynamic> data,
|
Map<String, dynamic> data,
|
||||||
Map<RatchetMapKey, OmemoDoubleRatchet> ratchetMap,
|
Map<RatchetMapKey, OmemoDoubleRatchet> ratchetMap,
|
||||||
@ -44,7 +45,7 @@ class OmemoSessionManager {
|
|||||||
// NOTE: Dart has some issues with just casting a List<dynamic> to List<Map<...>>, as
|
// NOTE: Dart has some issues with just casting a List<dynamic> to List<Map<...>>, as
|
||||||
// such we need to convert the items by hand.
|
// such we need to convert the items by hand.
|
||||||
return OmemoSessionManager(
|
return OmemoSessionManager(
|
||||||
Device.fromJson(data['device']! as Map<String, dynamic>),
|
OmemoDevice.fromJson(data['device']! as Map<String, dynamic>),
|
||||||
(data['devices']! as Map<String, dynamic>).map<String, List<int>>(
|
(data['devices']! as Map<String, dynamic>).map<String, List<int>>(
|
||||||
(key, value) {
|
(key, value) {
|
||||||
return MapEntry(
|
return MapEntry(
|
||||||
@ -61,7 +62,7 @@ class OmemoSessionManager {
|
|||||||
/// Generate a new cryptographic identity.
|
/// Generate a new cryptographic identity.
|
||||||
static Future<OmemoSessionManager> generateNewIdentity(String jid, TrustManager trustManager, { int opkAmount = 100 }) async {
|
static Future<OmemoSessionManager> generateNewIdentity(String jid, TrustManager trustManager, { int opkAmount = 100 }) async {
|
||||||
assert(opkAmount > 0, 'opkAmount must be bigger than 0.');
|
assert(opkAmount > 0, 'opkAmount must be bigger than 0.');
|
||||||
final device = await Device.generateNewDevice(jid, opkAmount: opkAmount);
|
final device = await OmemoDevice.generateNewDevice(jid, opkAmount: opkAmount);
|
||||||
|
|
||||||
return OmemoSessionManager(device, {}, {}, trustManager);
|
return OmemoSessionManager(device, {}, {}, trustManager);
|
||||||
}
|
}
|
||||||
@ -83,7 +84,7 @@ class OmemoSessionManager {
|
|||||||
|
|
||||||
/// Our own keys...
|
/// Our own keys...
|
||||||
// ignore: prefer_final_fields
|
// ignore: prefer_final_fields
|
||||||
Device _device;
|
OmemoDevice _device;
|
||||||
/// and its lock
|
/// and its lock
|
||||||
final Lock _deviceLock;
|
final Lock _deviceLock;
|
||||||
|
|
||||||
@ -95,7 +96,7 @@ class OmemoSessionManager {
|
|||||||
Stream<OmemoEvent> get eventStream => _eventStreamController.stream;
|
Stream<OmemoEvent> get eventStream => _eventStreamController.stream;
|
||||||
|
|
||||||
/// Returns our own device.
|
/// Returns our own device.
|
||||||
Future<Device> getDevice() async {
|
Future<OmemoDevice> getDevice() async {
|
||||||
return _deviceLock.synchronized(() => _device);
|
return _deviceLock.synchronized(() => _device);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -119,14 +120,14 @@ class OmemoSessionManager {
|
|||||||
_deviceMap[jid] = [deviceId];
|
_deviceMap[jid] = [deviceId];
|
||||||
|
|
||||||
// Commit the device map
|
// Commit the device map
|
||||||
_eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
|
_eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
|
||||||
} else {
|
} else {
|
||||||
// Prevent having the same device multiple times in the list
|
// Prevent having the same device multiple times in the list
|
||||||
if (!_deviceMap[jid]!.contains(deviceId)) {
|
if (!_deviceMap[jid]!.contains(deviceId)) {
|
||||||
_deviceMap[jid]!.add(deviceId);
|
_deviceMap[jid]!.add(deviceId);
|
||||||
|
|
||||||
// Commit the device map
|
// Commit the device map
|
||||||
_eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
|
_eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -328,6 +329,8 @@ class OmemoSessionManager {
|
|||||||
return EncryptionResult(
|
return EncryptionResult(
|
||||||
plaintext != null ? ciphertext : null,
|
plaintext != null ? ciphertext : null,
|
||||||
encryptedKeys,
|
encryptedKeys,
|
||||||
|
const <RatchetMapKey, OmemoException>{},
|
||||||
|
const <String, OmemoException>{},
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -562,7 +565,7 @@ class OmemoSessionManager {
|
|||||||
_deviceMap.remove(jid);
|
_deviceMap.remove(jid);
|
||||||
}
|
}
|
||||||
// Commit it
|
// Commit it
|
||||||
_eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
|
_eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -580,7 +583,7 @@ class OmemoSessionManager {
|
|||||||
// Remove the device from jid
|
// Remove the device from jid
|
||||||
_deviceMap.remove(jid);
|
_deviceMap.remove(jid);
|
||||||
// Commit it
|
// Commit it
|
||||||
_eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
|
_eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -622,7 +625,7 @@ class OmemoSessionManager {
|
|||||||
/// identity. Triggers an event to commit it to storage.
|
/// identity. Triggers an event to commit it to storage.
|
||||||
Future<void> regenerateDevice({ int opkAmount = 100 }) async {
|
Future<void> regenerateDevice({ int opkAmount = 100 }) async {
|
||||||
await _deviceLock.synchronized(() async {
|
await _deviceLock.synchronized(() async {
|
||||||
_device = await Device.generateNewDevice(_device.jid, opkAmount: opkAmount);
|
_device = await OmemoDevice.generateNewDevice(_device.jid, opkAmount: opkAmount);
|
||||||
|
|
||||||
// Commit it
|
// Commit it
|
||||||
_eventStreamController.add(DeviceModifiedEvent(_device));
|
_eventStreamController.add(DeviceModifiedEvent(_device));
|
||||||
|
41
lib/src/omemo/stanza.dart
Normal file
41
lib/src/omemo/stanza.dart
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
import 'package:omemo_dart/src/omemo/encrypted_key.dart';
|
||||||
|
|
||||||
|
/// Describes a stanza that was received by the underlying XMPP library.
|
||||||
|
class OmemoIncomingStanza {
|
||||||
|
const OmemoIncomingStanza(
|
||||||
|
this.bareSenderJid,
|
||||||
|
this.senderDeviceId,
|
||||||
|
this.timestamp,
|
||||||
|
this.keys,
|
||||||
|
this.payload,
|
||||||
|
);
|
||||||
|
|
||||||
|
/// The bare JID of the sender of the stanza.
|
||||||
|
final String bareSenderJid;
|
||||||
|
|
||||||
|
/// The device ID of the sender.
|
||||||
|
final int senderDeviceId;
|
||||||
|
|
||||||
|
/// The timestamp when the stanza was received.
|
||||||
|
final int timestamp;
|
||||||
|
|
||||||
|
/// The included encrypted keys
|
||||||
|
final List<EncryptedKey> keys;
|
||||||
|
|
||||||
|
/// The string payload included in the <encrypted /> element.
|
||||||
|
final String? payload;
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Describes a stanza that is to be sent out
|
||||||
|
class OmemoOutgoingStanza {
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
this.recipientJids,
|
||||||
|
this.payload,
|
||||||
|
);
|
||||||
|
|
||||||
|
/// The JIDs the stanza will be sent to.
|
||||||
|
final List<String> recipientJids;
|
||||||
|
|
||||||
|
/// The serialised XML data that should be encrypted.
|
||||||
|
final String payload;
|
||||||
|
}
|
@ -3,7 +3,6 @@ import 'package:omemo_dart/src/protobuf/omemo_authenticated_message.dart';
|
|||||||
import 'package:omemo_dart/src/protobuf/protobuf.dart';
|
import 'package:omemo_dart/src/protobuf/protobuf.dart';
|
||||||
|
|
||||||
class OmemoKeyExchange {
|
class OmemoKeyExchange {
|
||||||
|
|
||||||
OmemoKeyExchange();
|
OmemoKeyExchange();
|
||||||
|
|
||||||
factory OmemoKeyExchange.fromBuffer(List<int> data) {
|
factory OmemoKeyExchange.fromBuffer(List<int> data) {
|
||||||
|
@ -18,6 +18,9 @@ class AlwaysTrustingTrustManager extends TrustManager {
|
|||||||
@override
|
@override
|
||||||
Future<void> setEnabled(String jid, int deviceId, bool enabled) async {}
|
Future<void> setEnabled(String jid, int deviceId, bool enabled) async {}
|
||||||
|
|
||||||
|
@override
|
||||||
|
Future<void> removeTrustDecisionsForJid(String jid) async {}
|
||||||
|
|
||||||
@override
|
@override
|
||||||
Future<Map<String, dynamic>> toJson() async => <String, dynamic>{};
|
Future<Map<String, dynamic>> toJson() async => <String, dynamic>{};
|
||||||
}
|
}
|
||||||
|
@ -19,4 +19,7 @@ abstract class TrustManager {
|
|||||||
|
|
||||||
/// Serialize the trust manager to JSON.
|
/// Serialize the trust manager to JSON.
|
||||||
Future<Map<String, dynamic>> toJson();
|
Future<Map<String, dynamic>> toJson();
|
||||||
|
|
||||||
|
/// Removes all trust decisions for [jid].
|
||||||
|
Future<void> removeTrustDecisionsForJid(String jid);
|
||||||
}
|
}
|
||||||
|
@ -211,6 +211,14 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager {
|
|||||||
),
|
),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@override
|
||||||
|
Future<void> removeTrustDecisionsForJid(String jid) async {
|
||||||
|
await _lock.synchronized(() async {
|
||||||
|
devices.remove(jid);
|
||||||
|
await commitState();
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
/// Called when the state of the trust manager has been changed. Allows the user to
|
/// Called when the state of the trust manager has been changed. Allows the user to
|
||||||
/// commit the trust state to persistent storage.
|
/// commit the trust state to persistent storage.
|
||||||
|
@ -18,6 +18,9 @@ class NeverTrustingTrustManager extends TrustManager {
|
|||||||
@override
|
@override
|
||||||
Future<void> setEnabled(String jid, int deviceId, bool enabled) async {}
|
Future<void> setEnabled(String jid, int deviceId, bool enabled) async {}
|
||||||
|
|
||||||
|
@override
|
||||||
|
Future<void> removeTrustDecisionsForJid(String jid) async {}
|
||||||
|
|
||||||
@override
|
@override
|
||||||
Future<Map<String, dynamic>> toJson() async => <String, dynamic>{};
|
Future<Map<String, dynamic>> toJson() async => <String, dynamic>{};
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
name: omemo_dart
|
name: omemo_dart
|
||||||
description: An XMPP library independent OMEMO library
|
description: An XMPP library independent OMEMO library
|
||||||
version: 0.3.2
|
version: 0.4.0
|
||||||
homepage: https://github.com/PapaTutuWawa/omemo_dart
|
homepage: https://github.com/PapaTutuWawa/omemo_dart
|
||||||
publish_to: https://git.polynom.me/api/packages/PapaTutuWawa/pub
|
publish_to: https://git.polynom.me/api/packages/PapaTutuWawa/pub
|
||||||
|
|
||||||
|
@ -14,7 +14,7 @@ void main() {
|
|||||||
|
|
||||||
test('Test replacing a onetime prekey', () async {
|
test('Test replacing a onetime prekey', () async {
|
||||||
const aliceJid = 'alice@server.example';
|
const aliceJid = 'alice@server.example';
|
||||||
final device = await Device.generateNewDevice(aliceJid, opkAmount: 1);
|
final device = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
|
||||||
final newDevice = await device.replaceOnetimePrekey(0);
|
final newDevice = await device.replaceOnetimePrekey(0);
|
||||||
|
|
||||||
@ -65,7 +65,7 @@ void main() {
|
|||||||
deviceModified = true;
|
deviceModified = true;
|
||||||
} else if (event is RatchetModifiedEvent) {
|
} else if (event is RatchetModifiedEvent) {
|
||||||
ratchetModified++;
|
ratchetModified++;
|
||||||
} else if (event is DeviceMapModifiedEvent) {
|
} else if (event is DeviceListModifiedEvent) {
|
||||||
deviceMapModified++;
|
deviceMapModified++;
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
@ -327,7 +327,7 @@ void main() {
|
|||||||
|
|
||||||
// Setup an event listener
|
// Setup an event listener
|
||||||
final oldDevice = await aliceSession.getDevice();
|
final oldDevice = await aliceSession.getDevice();
|
||||||
Device? newDevice;
|
OmemoDevice? newDevice;
|
||||||
aliceSession.eventStream.listen((event) {
|
aliceSession.eventStream.listen((event) {
|
||||||
if (event is DeviceModifiedEvent) {
|
if (event is DeviceModifiedEvent) {
|
||||||
newDevice = event.device;
|
newDevice = event.device;
|
||||||
|
945
test/omemomanager_test.dart
Normal file
945
test/omemomanager_test.dart
Normal file
@ -0,0 +1,945 @@
|
|||||||
|
import 'dart:convert';
|
||||||
|
import 'package:logging/logging.dart';
|
||||||
|
import 'package:omemo_dart/omemo_dart.dart';
|
||||||
|
import 'package:omemo_dart/src/trust/always.dart';
|
||||||
|
import 'package:test/test.dart';
|
||||||
|
|
||||||
|
void main() {
|
||||||
|
Logger.root
|
||||||
|
..level = Level.ALL
|
||||||
|
..onRecord.listen((record) {
|
||||||
|
// ignore: avoid_print
|
||||||
|
print('${record.level.name}: ${record.message}');
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Test sending a message without the device list cache', () async {
|
||||||
|
const aliceJid = 'alice@server1';
|
||||||
|
const bobJid = 'bob@server2';
|
||||||
|
var aliceEmptyMessageSent = 0;
|
||||||
|
var bobEmptyMessageSent = 0;
|
||||||
|
|
||||||
|
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
|
||||||
|
final aliceManager = OmemoManager(
|
||||||
|
aliceDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {
|
||||||
|
aliceEmptyMessageSent++;
|
||||||
|
},
|
||||||
|
(jid) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
return [ bobDevice.id ];
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
return bobDevice.toBundle();
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final bobManager = OmemoManager(
|
||||||
|
bobDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {
|
||||||
|
bobEmptyMessageSent++;
|
||||||
|
},
|
||||||
|
(jid) async {
|
||||||
|
expect(jid, aliceJid);
|
||||||
|
return [aliceDevice.id];
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
expect(jid, aliceJid);
|
||||||
|
return aliceDevice.toBundle();
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
|
||||||
|
// Alice sends a message
|
||||||
|
final aliceResult = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Hello world',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// Bob must be able to decrypt the message
|
||||||
|
final bobResult = await bobManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult.encryptedKeys,
|
||||||
|
base64.encode(aliceResult.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(bobResult.payload, 'Hello world');
|
||||||
|
expect(bobResult.error, null);
|
||||||
|
expect(aliceEmptyMessageSent, 0);
|
||||||
|
expect(bobEmptyMessageSent, 1);
|
||||||
|
|
||||||
|
// Alice receives the ack message
|
||||||
|
await aliceManager.ratchetAcknowledged(
|
||||||
|
bobJid,
|
||||||
|
bobDevice.id,
|
||||||
|
);
|
||||||
|
|
||||||
|
// Bob now responds
|
||||||
|
final bobResult2 = await bobManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[aliceJid],
|
||||||
|
'Hello world, Alice',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
final aliceResult2 = await aliceManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
bobJid,
|
||||||
|
bobDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
bobResult2.encryptedKeys,
|
||||||
|
base64.encode(bobResult2.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceResult2.error, null);
|
||||||
|
expect(aliceEmptyMessageSent, 0);
|
||||||
|
expect(bobEmptyMessageSent, 1);
|
||||||
|
expect(aliceResult2.payload, 'Hello world, Alice');
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Test triggering the heartbeat', () async {
|
||||||
|
const aliceJid = 'alice@server1';
|
||||||
|
const bobJid = 'bob@server2';
|
||||||
|
var aliceEmptyMessageSent = 0;
|
||||||
|
var bobEmptyMessageSent = 0;
|
||||||
|
|
||||||
|
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
|
||||||
|
final aliceManager = OmemoManager(
|
||||||
|
aliceDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {
|
||||||
|
aliceEmptyMessageSent++;
|
||||||
|
},
|
||||||
|
(jid) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
return [ bobDevice.id ];
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
return bobDevice.toBundle();
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final bobManager = OmemoManager(
|
||||||
|
bobDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {
|
||||||
|
bobEmptyMessageSent++;
|
||||||
|
},
|
||||||
|
(jid) async {
|
||||||
|
expect(jid, aliceJid);
|
||||||
|
return [aliceDevice.id];
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
expect(jid, aliceJid);
|
||||||
|
return aliceDevice.toBundle();
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
|
||||||
|
// Alice sends a message
|
||||||
|
final aliceResult = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Hello world',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// Bob must be able to decrypt the message
|
||||||
|
final bobResult = await bobManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult.encryptedKeys,
|
||||||
|
base64.encode(aliceResult.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceEmptyMessageSent, 0);
|
||||||
|
expect(bobEmptyMessageSent, 1);
|
||||||
|
expect(bobResult.payload, 'Hello world');
|
||||||
|
|
||||||
|
// Bob acknowledges the message
|
||||||
|
await aliceManager.ratchetAcknowledged(bobJid, bobDevice.id);
|
||||||
|
|
||||||
|
// Alice now sends 52 messages that Bob decrypts
|
||||||
|
for (var i = 0; i <= 51; i++) {
|
||||||
|
final aliceResultLoop = await aliceManager.onOutgoingStanza(
|
||||||
|
OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Test message $i',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
final bobResultLoop = await bobManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResultLoop.encryptedKeys,
|
||||||
|
base64.encode(aliceResultLoop.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceEmptyMessageSent, 0);
|
||||||
|
expect(bobEmptyMessageSent, 1);
|
||||||
|
expect(bobResultLoop.payload, 'Test message $i');
|
||||||
|
}
|
||||||
|
|
||||||
|
// Alice sends a final message that triggers a heartbeat
|
||||||
|
final aliceResultFinal = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Test message last',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
final bobResultFinal = await bobManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResultFinal.encryptedKeys,
|
||||||
|
base64.encode(aliceResultFinal.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceEmptyMessageSent, 0);
|
||||||
|
expect(bobEmptyMessageSent, 2);
|
||||||
|
expect(bobResultFinal.payload, 'Test message last');
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Test accessing data without it existing', () async {
|
||||||
|
const aliceJid = 'alice@server1';
|
||||||
|
const bobJid = 'bob@server2';
|
||||||
|
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
|
||||||
|
final aliceManager = OmemoManager(
|
||||||
|
aliceDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async => [],
|
||||||
|
(jid, id) async => null,
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
|
||||||
|
// Get non-existant fingerprints
|
||||||
|
expect(
|
||||||
|
await aliceManager.getFingerprintsForJid(bobJid),
|
||||||
|
null,
|
||||||
|
);
|
||||||
|
|
||||||
|
// Ack a non-existant ratchet
|
||||||
|
await aliceManager.ratchetAcknowledged(
|
||||||
|
bobJid,
|
||||||
|
42,
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Test receiving a message encrypted for another device', () async {
|
||||||
|
const aliceJid = 'alice@server1';
|
||||||
|
const bobJid = 'bob@server2';
|
||||||
|
var oldDevice = true;
|
||||||
|
|
||||||
|
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
final bobOldDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
final bobCurrentDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
|
||||||
|
final aliceManager = OmemoManager(
|
||||||
|
aliceDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
|
||||||
|
return oldDevice ?
|
||||||
|
[ bobOldDevice.id ] :
|
||||||
|
[ bobCurrentDevice.id ];
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
return oldDevice ?
|
||||||
|
bobOldDevice.toBundle() :
|
||||||
|
bobCurrentDevice.toBundle();
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final bobManager = OmemoManager(
|
||||||
|
bobCurrentDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async => [],
|
||||||
|
(jid, id) async => null,
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
|
||||||
|
// Alice encrypts a message to Bob
|
||||||
|
final aliceResult1 = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Hello Bob',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// Bob's current device receives it
|
||||||
|
final bobResult1 = await bobManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult1.encryptedKeys,
|
||||||
|
base64.encode(aliceResult1.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(bobResult1.payload, null);
|
||||||
|
expect(bobResult1.error is NotEncryptedForDeviceException, true);
|
||||||
|
|
||||||
|
// Now Alice's client loses and regains the connection
|
||||||
|
aliceManager.onNewConnection();
|
||||||
|
oldDevice = false;
|
||||||
|
|
||||||
|
// And Alice sends a new message
|
||||||
|
final aliceResult2 = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Hello Bob x2',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
final bobResult2 = await bobManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult2.encryptedKeys,
|
||||||
|
base64.encode(aliceResult2.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceResult2.encryptedKeys.length, 1);
|
||||||
|
expect(bobResult2.payload, 'Hello Bob x2');
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Test receiving a response from a new device', () async {
|
||||||
|
const aliceJid = 'alice@server1';
|
||||||
|
const bobJid = 'bob@server2';
|
||||||
|
var bothDevices = false;
|
||||||
|
|
||||||
|
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
final bobDevice1 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
final bobDevice2 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
|
||||||
|
final aliceManager = OmemoManager(
|
||||||
|
aliceDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
|
||||||
|
return [
|
||||||
|
bobDevice1.id,
|
||||||
|
|
||||||
|
if (bothDevices)
|
||||||
|
bobDevice2.id,
|
||||||
|
];
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
|
||||||
|
if (bothDevices) {
|
||||||
|
if (id == bobDevice1.id) {
|
||||||
|
return bobDevice1.toBundle();
|
||||||
|
} else if (id == bobDevice2.id) {
|
||||||
|
return bobDevice2.toBundle();
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (id == bobDevice1.id) return bobDevice1.toBundle();
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final bobManager1 = OmemoManager(
|
||||||
|
bobDevice1,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async => [],
|
||||||
|
(jid, id) async => null,
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final bobManager2 = OmemoManager(
|
||||||
|
bobDevice2,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async {
|
||||||
|
expect(jid, aliceJid);
|
||||||
|
return [aliceDevice.id];
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
expect(jid, aliceJid);
|
||||||
|
return aliceDevice.toBundle();
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
|
||||||
|
// Alice sends a message to Bob
|
||||||
|
final aliceResult1 = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Hello Bob!',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// Bob decrypts it
|
||||||
|
final bobResult1 = await bobManager1.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult1.encryptedKeys,
|
||||||
|
base64.encode(aliceResult1.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceResult1.encryptedKeys.length, 1);
|
||||||
|
expect(bobResult1.payload, 'Hello Bob!');
|
||||||
|
|
||||||
|
// Now Bob encrypts from his new device
|
||||||
|
bothDevices = true;
|
||||||
|
final bobResult2 = await bobManager2.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[aliceJid],
|
||||||
|
'Hello from my new device',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// And Alice decrypts it
|
||||||
|
final aliceResult2 = await aliceManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
bobJid,
|
||||||
|
bobDevice2.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
bobResult2.encryptedKeys,
|
||||||
|
base64.encode(bobResult2.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceResult2.payload, 'Hello from my new device');
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Test receiving a device list update', () async {
|
||||||
|
const aliceJid = 'alice@server1';
|
||||||
|
const bobJid = 'bob@server2';
|
||||||
|
var bothDevices = false;
|
||||||
|
|
||||||
|
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
final bobDevice1 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
final bobDevice2 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
|
||||||
|
final aliceManager = OmemoManager(
|
||||||
|
aliceDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
|
||||||
|
return [
|
||||||
|
bobDevice1.id,
|
||||||
|
|
||||||
|
if (bothDevices)
|
||||||
|
bobDevice2.id,
|
||||||
|
];
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
|
||||||
|
if (bothDevices) {
|
||||||
|
if (id == bobDevice1.id) {
|
||||||
|
return bobDevice1.toBundle();
|
||||||
|
} else if (id == bobDevice2.id) {
|
||||||
|
return bobDevice2.toBundle();
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (id == bobDevice1.id) return bobDevice1.toBundle();
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final bobManager1 = OmemoManager(
|
||||||
|
bobDevice1,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async => null,
|
||||||
|
(jid, id) async => null,
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final bobManager2 = OmemoManager(
|
||||||
|
bobDevice2,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async => null,
|
||||||
|
(jid, id) async => null,
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
|
||||||
|
// Alice sends a message to Bob
|
||||||
|
final aliceResult1 = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Hello Bob!',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// Bob decrypts it
|
||||||
|
final bobResult1 = await bobManager1.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult1.encryptedKeys,
|
||||||
|
base64.encode(aliceResult1.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceResult1.encryptedKeys.length, 1);
|
||||||
|
expect(bobResult1.payload, 'Hello Bob!');
|
||||||
|
|
||||||
|
// Bob acks the ratchet session
|
||||||
|
await aliceManager.ratchetAcknowledged(bobJid, bobDevice1.id);
|
||||||
|
|
||||||
|
// Bob now publishes a new device
|
||||||
|
bothDevices = true;
|
||||||
|
aliceManager.onDeviceListUpdate(
|
||||||
|
bobJid,
|
||||||
|
[
|
||||||
|
bobDevice1.id,
|
||||||
|
bobDevice2.id,
|
||||||
|
],
|
||||||
|
);
|
||||||
|
|
||||||
|
// Now Alice encrypts another message
|
||||||
|
final aliceResult2 = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Hello Bob! x2',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceResult2.encryptedKeys.length, 2);
|
||||||
|
|
||||||
|
// And Bob decrypts it
|
||||||
|
final bobResult21 = await bobManager1.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult2.encryptedKeys,
|
||||||
|
base64.encode(aliceResult2.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
final bobResult22 = await bobManager2.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult2.encryptedKeys,
|
||||||
|
base64.encode(aliceResult2.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(bobResult21.payload, 'Hello Bob! x2');
|
||||||
|
expect(bobResult22.payload, 'Hello Bob! x2');
|
||||||
|
|
||||||
|
// Bob2 now responds
|
||||||
|
final bobResult32 = await bobManager2.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[aliceJid],
|
||||||
|
'Hello Alice!',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// And Alice responds
|
||||||
|
final aliceResult3 = await aliceManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
bobJid,
|
||||||
|
bobDevice2.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
bobResult32.encryptedKeys,
|
||||||
|
base64.encode(bobResult32.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceResult3.payload, 'Hello Alice!');
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Test sending a message to two different JIDs', () async {
|
||||||
|
const aliceJid = 'alice@server1';
|
||||||
|
const bobJid = 'bob@server2';
|
||||||
|
const cocoJid = 'coco@server3';
|
||||||
|
|
||||||
|
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
final cocoDevice = await OmemoDevice.generateNewDevice(cocoJid, opkAmount: 1);
|
||||||
|
|
||||||
|
final aliceManager = OmemoManager(
|
||||||
|
aliceDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async {
|
||||||
|
if (jid == bobJid) {
|
||||||
|
return [bobDevice.id];
|
||||||
|
} else if (jid == cocoJid) {
|
||||||
|
return [cocoDevice.id];
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
if (jid == bobJid) {
|
||||||
|
return bobDevice.toBundle();
|
||||||
|
} else if (jid == cocoJid) {
|
||||||
|
return cocoDevice.toBundle();
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final bobManager = OmemoManager(
|
||||||
|
bobDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async => null,
|
||||||
|
(jid, id) async => null,
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final cocoManager = OmemoManager(
|
||||||
|
cocoDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async => null,
|
||||||
|
(jid, id) async => null,
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
|
||||||
|
// Alice sends a message to Bob and Coco
|
||||||
|
final aliceResult = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid, cocoJid],
|
||||||
|
'Hello Bob and Coco!',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// Bob and Coco decrypt them
|
||||||
|
final bobResult = await bobManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult.encryptedKeys,
|
||||||
|
base64.encode(aliceResult.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
final cocoResult = await cocoManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult.encryptedKeys,
|
||||||
|
base64.encode(aliceResult.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(bobResult.error, null);
|
||||||
|
expect(cocoResult.error, null);
|
||||||
|
expect(bobResult.payload, 'Hello Bob and Coco!');
|
||||||
|
expect(cocoResult.payload, 'Hello Bob and Coco!');
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Test a fetch failure', () async {
|
||||||
|
const aliceJid = 'alice@server1';
|
||||||
|
const bobJid = 'bob@server2';
|
||||||
|
var failure = false;
|
||||||
|
|
||||||
|
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
|
||||||
|
final aliceManager = OmemoManager(
|
||||||
|
aliceDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
|
||||||
|
return failure ?
|
||||||
|
null :
|
||||||
|
[bobDevice.id];
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
|
||||||
|
return failure ?
|
||||||
|
null :
|
||||||
|
bobDevice.toBundle();
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final bobManager = OmemoManager(
|
||||||
|
bobDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async => null,
|
||||||
|
(jid, id) async => null,
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
|
||||||
|
// Alice sends a message to Bob and Coco
|
||||||
|
final aliceResult1 = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Hello Bob!',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// Bob decrypts it
|
||||||
|
final bobResult1 = await bobManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult1.encryptedKeys,
|
||||||
|
base64.encode(aliceResult1.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(bobResult1.error, null);
|
||||||
|
expect(bobResult1.payload, 'Hello Bob!');
|
||||||
|
|
||||||
|
// Bob acks the message
|
||||||
|
await aliceManager.ratchetAcknowledged(
|
||||||
|
bobJid,
|
||||||
|
bobDevice.id,
|
||||||
|
);
|
||||||
|
|
||||||
|
// Alice has to reconnect but has no connection yet
|
||||||
|
failure = true;
|
||||||
|
aliceManager.onNewConnection();
|
||||||
|
|
||||||
|
// Alice sends another message to Bob
|
||||||
|
final aliceResult2 = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Hello Bob! x2',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// And Bob decrypts it
|
||||||
|
final bobResult2 = await bobManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult2.encryptedKeys,
|
||||||
|
base64.encode(aliceResult2.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(bobResult2.error, null);
|
||||||
|
expect(bobResult2.payload, 'Hello Bob! x2');
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Test sending a message with failed lookups', () async {
|
||||||
|
const aliceJid = 'alice@server1';
|
||||||
|
const bobJid = 'bob@server2';
|
||||||
|
|
||||||
|
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
|
||||||
|
final aliceManager = OmemoManager(
|
||||||
|
aliceDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
|
||||||
|
return null;
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
|
||||||
|
return null;
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
|
||||||
|
// Alice sends a message to Bob
|
||||||
|
final aliceResult = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Hello Bob!',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceResult.isSuccess(1), false);
|
||||||
|
expect(aliceResult.jidEncryptionErrors[bobJid] is NoKeyMaterialAvailableException, true);
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Test sending a message two two JIDs with failed lookups', () async {
|
||||||
|
const aliceJid = 'alice@server1';
|
||||||
|
const bobJid = 'bob@server2';
|
||||||
|
const cocoJid = 'coco@server3';
|
||||||
|
|
||||||
|
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
|
||||||
|
final aliceManager = OmemoManager(
|
||||||
|
aliceDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async {
|
||||||
|
if (jid == bobJid) {
|
||||||
|
return [bobDevice.id];
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
if (jid == bobJid) {
|
||||||
|
return bobDevice.toBundle();
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final bobManager = OmemoManager(
|
||||||
|
bobDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async => null,
|
||||||
|
(jid, id) async => null,
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
|
||||||
|
// Alice sends a message to Bob and Coco
|
||||||
|
final aliceResult = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid, cocoJid],
|
||||||
|
'Hello Bob and Coco!',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(aliceResult.isSuccess(2), true);
|
||||||
|
expect(aliceResult.jidEncryptionErrors[cocoJid] is NoKeyMaterialAvailableException, true);
|
||||||
|
|
||||||
|
// Bob decrypts it
|
||||||
|
final bobResult = await bobManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceResult.encryptedKeys,
|
||||||
|
base64.encode(aliceResult.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
expect(bobResult.payload, 'Hello Bob and Coco!');
|
||||||
|
});
|
||||||
|
|
||||||
|
test('Test sending multiple messages back and forth', () async {
|
||||||
|
const aliceJid = 'alice@server1';
|
||||||
|
const bobJid = 'bob@server2';
|
||||||
|
|
||||||
|
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||||
|
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||||
|
|
||||||
|
final aliceManager = OmemoManager(
|
||||||
|
aliceDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
|
||||||
|
return [bobDevice.id];
|
||||||
|
},
|
||||||
|
(jid, id) async {
|
||||||
|
expect(jid, bobJid);
|
||||||
|
|
||||||
|
return bobDevice.toBundle();
|
||||||
|
},
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
final bobManager = OmemoManager(
|
||||||
|
bobDevice,
|
||||||
|
AlwaysTrustingTrustManager(),
|
||||||
|
(result, recipientJid) async {},
|
||||||
|
(jid) async => null,
|
||||||
|
(jid, id) async => null,
|
||||||
|
(jid) async {},
|
||||||
|
);
|
||||||
|
|
||||||
|
// Alice encrypts a message for Bob
|
||||||
|
final aliceMessage = await aliceManager.onOutgoingStanza(
|
||||||
|
const OmemoOutgoingStanza(
|
||||||
|
[bobJid],
|
||||||
|
'Hello Bob!',
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
// And Bob decrypts it
|
||||||
|
await bobManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
aliceJid,
|
||||||
|
aliceDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
aliceMessage.encryptedKeys,
|
||||||
|
base64.encode(aliceMessage.ciphertext!),
|
||||||
|
),
|
||||||
|
|
||||||
|
);
|
||||||
|
|
||||||
|
// Ratchets are acked
|
||||||
|
await aliceManager.ratchetAcknowledged(
|
||||||
|
bobJid,
|
||||||
|
bobDevice.id,
|
||||||
|
);
|
||||||
|
|
||||||
|
for (var i = 0; i < 100; i++) {
|
||||||
|
final messageText = 'Test Message #$i';
|
||||||
|
// Bob responds to Alice
|
||||||
|
final bobResponseMessage = await bobManager.onOutgoingStanza(
|
||||||
|
OmemoOutgoingStanza(
|
||||||
|
[aliceJid],
|
||||||
|
messageText,
|
||||||
|
),
|
||||||
|
);
|
||||||
|
expect(bobResponseMessage.isSuccess(1), true);
|
||||||
|
|
||||||
|
final aliceReceivedMessage = await aliceManager.onIncomingStanza(
|
||||||
|
OmemoIncomingStanza(
|
||||||
|
bobJid,
|
||||||
|
bobDevice.id,
|
||||||
|
DateTime.now().millisecondsSinceEpoch,
|
||||||
|
bobResponseMessage.encryptedKeys,
|
||||||
|
base64.encode(bobResponseMessage.ciphertext!),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
expect(aliceReceivedMessage.payload, messageText);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
@ -18,7 +18,7 @@ void main() {
|
|||||||
final oldDevice = await oldSession.getDevice();
|
final oldDevice = await oldSession.getDevice();
|
||||||
final serialised = jsonify(await oldDevice.toJson());
|
final serialised = jsonify(await oldDevice.toJson());
|
||||||
|
|
||||||
final newDevice = Device.fromJson(serialised);
|
final newDevice = OmemoDevice.fromJson(serialised);
|
||||||
expect(await oldDevice.equals(newDevice), true);
|
expect(await oldDevice.equals(newDevice), true);
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -32,7 +32,7 @@ void main() {
|
|||||||
final oldDevice = await (await oldSession.getDevice()).replaceSignedPrekey();
|
final oldDevice = await (await oldSession.getDevice()).replaceSignedPrekey();
|
||||||
final serialised = jsonify(await oldDevice.toJson());
|
final serialised = jsonify(await oldDevice.toJson());
|
||||||
|
|
||||||
final newDevice = Device.fromJson(serialised);
|
final newDevice = OmemoDevice.fromJson(serialised);
|
||||||
expect(await oldDevice.equals(newDevice), true);
|
expect(await oldDevice.equals(newDevice), true);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user