feat: Add signature validation
This commit is contained in:
parent
fc43655956
commit
4211775c90
@ -1,5 +1,6 @@
|
||||
library omemo_dart;
|
||||
|
||||
export 'src/bundle.dart';
|
||||
export 'src/errors.dart';
|
||||
export 'src/key.dart';
|
||||
export 'src/x3dh.dart';
|
||||
|
4
lib/src/errors.dart
Normal file
4
lib/src/errors.dart
Normal file
@ -0,0 +1,4 @@
|
||||
class InvalidSignatureException implements Exception {
|
||||
@override
|
||||
String errMsg() => 'The signature of the SPK does not match the provided signature';
|
||||
}
|
@ -2,6 +2,7 @@ import 'dart:convert';
|
||||
import 'dart:math';
|
||||
import 'package:cryptography/cryptography.dart';
|
||||
import 'package:omemo_dart/src/bundle.dart';
|
||||
import 'package:omemo_dart/src/errors.dart';
|
||||
import 'package:omemo_dart/src/key.dart';
|
||||
|
||||
/// The overarching assumption is that we use Ed25519 keys for the identity keys
|
||||
@ -99,6 +100,19 @@ List<int> concat(List<List<int>> inputs) {
|
||||
/// Alice builds a session with Bob using his bundle [bundle] and Alice's identity key
|
||||
/// pair [ik].
|
||||
Future<X3DHAliceResult> x3dhFromBundle(OmemoBundle bundle, OmemoKeyPair ik) async {
|
||||
// Check the signature first
|
||||
final signatureValue = await Ed25519().verify(
|
||||
await bundle.spk.getBytes(),
|
||||
signature: Signature(
|
||||
bundle.spkSignature,
|
||||
publicKey: bundle.ik.asPublicKey(),
|
||||
),
|
||||
);
|
||||
|
||||
if (!signatureValue) {
|
||||
throw InvalidSignatureException();
|
||||
}
|
||||
|
||||
// Generate EK
|
||||
final ek = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
||||
|
||||
|
@ -1,9 +1,10 @@
|
||||
import 'dart:convert';
|
||||
import 'package:cryptography/cryptography.dart';
|
||||
import 'package:omemo_dart/omemo_dart.dart';
|
||||
import 'package:test/test.dart';
|
||||
|
||||
void main() {
|
||||
test('X3DH', () async {
|
||||
test('X3DH with correct signature', () async {
|
||||
// Generate keys
|
||||
final ikAlice = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519);
|
||||
final ikBob = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519);
|
||||
@ -13,14 +14,16 @@ void main() {
|
||||
'1',
|
||||
await spkBob.pk.asBase64(),
|
||||
'3',
|
||||
// TODO(PapaTutuWawa): Do
|
||||
'n/a',
|
||||
base64Encode(
|
||||
await sig(ikBob, await spkBob.pk.getBytes()),
|
||||
),
|
||||
//'Q5in+/L4kJixEX692h6mJkPMyp4I3SlQ84L0E7ipPzqfPHOMiraUlqG2vG/O8wvFjLsKYZpPBraga9IvwhqVDA==',
|
||||
await ikBob.pk.asBase64(),
|
||||
{
|
||||
'2': await opkBob.pk.asBase64(),
|
||||
},
|
||||
);
|
||||
|
||||
|
||||
// Alice does X3DH
|
||||
final resultAlice = await x3dhFromBundle(bundleBob, ikAlice);
|
||||
|
||||
@ -42,4 +45,35 @@ void main() {
|
||||
expect(resultAlice.sk, resultBob.sk);
|
||||
expect(resultAlice.ad, resultBob.ad);
|
||||
});
|
||||
|
||||
test('X3DH with incorrect signature', () async {
|
||||
// Generate keys
|
||||
final ikAlice = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519);
|
||||
final ikBob = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519);
|
||||
final spkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
||||
final opkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
||||
final bundleBob = OmemoBundle(
|
||||
'1',
|
||||
await spkBob.pk.asBase64(),
|
||||
'3',
|
||||
// NOTE: A bit flakey, but it is highly unlikely that the same keypair as this one
|
||||
// gets generated.
|
||||
'Q5in+/L4kJixEX692h6mJkPMyp4I3SlQ84L0E7ipPzqfPHOMiraUlqG2vG/O8wvFjLsKYZpPBraga9IvwhqVDA==',
|
||||
await ikBob.pk.asBase64(),
|
||||
{
|
||||
'2': await opkBob.pk.asBase64(),
|
||||
},
|
||||
);
|
||||
|
||||
// Alice does X3DH
|
||||
var exception = false;
|
||||
try {
|
||||
await x3dhFromBundle(bundleBob, ikAlice);
|
||||
} catch(e) {
|
||||
exception = true;
|
||||
expect(e is InvalidSignatureException, true, reason: 'Expected InvalidSignatureException, but got $e');
|
||||
}
|
||||
|
||||
expect(exception, true, reason: 'Expected test failure');
|
||||
});
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user