PapaTutuWawa/omemo_dart
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Allow encrypting to multiple Jids

Browse Source
This commit is contained in:
PapaTutuWawa 2022-08-08 14:44:05 +02:00
parent 5a187bae97
commit 8c1a78e360
7 changed files with 115 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/src/omemo/bundle.dart
View File

@ -5,6 +5,7 @@ import 'package:omemo_dart/src/keys.dart';
class OmemoBundle { class OmemoBundle {
const OmemoBundle( const OmemoBundle(
this.jid,
this.id, this.id,
this.spkEncoded, this.spkEncoded,
this.spkId, this.spkId,
@ -12,6 +13,9 @@ class OmemoBundle {
this.ikEncoded, this.ikEncoded,
this.opksEncoded, this.opksEncoded,
); );
/// The bare Jid the Bundle belongs to
final String jid;
/// The device Id
final int id; final int id;
/// The SPK but base64 encoded /// The SPK but base64 encoded
final String spkEncoded; final String spkEncoded;

16
lib/src/omemo/device.dart
View File

@ -10,7 +10,7 @@ import 'package:omemo_dart/src/x3dh/x3dh.dart';
@immutable @immutable
class Device { class Device {
const Device(this.id, this.ik, this.spk, this.spkId, this.spkSignature, this.opks); const Device(this.jid, this.id, this.ik, this.spk, this.spkId, this.spkSignature, this.opks);
/// Deserialize the Device /// Deserialize the Device
factory Device.fromJson(Map<String, dynamic> data) { factory Device.fromJson(Map<String, dynamic> data) {
@ -19,6 +19,7 @@ class Device {
// key. // key.
/* /*
{ {
'jid': 'alice@...',
'id': 123, 'id': 123,
'ik': 'base/64/encoded', 'ik': 'base/64/encoded',
'ik_pub': 'base/64/encoded', 'ik_pub': 'base/64/encoded',
@ -45,6 +46,7 @@ class Device {
} }
return Device( return Device(
data['jid']! as String,
data['id']! as int, data['id']! as int,
OmemoKeyPair.fromBytes( OmemoKeyPair.fromBytes(
base64.decode(data['ik_pub']! as String), base64.decode(data['ik_pub']! as String),
@ -63,7 +65,7 @@ class Device {
} }
/// Generate a completely new device, i.e. cryptographic identity. /// Generate a completely new device, i.e. cryptographic identity.
static Future<Device> generateNewDevice({ int opkAmount = 100 }) async { static Future<Device> generateNewDevice(String jid, { int opkAmount = 100 }) async {
final id = generateRandom32BitNumber(); final id = generateRandom32BitNumber();
final ik = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519); final ik = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519);
final spk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); final spk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
@ -75,9 +77,12 @@ class Device {
opks[i] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); opks[i] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
} }
return Device(id, ik, spk, spkId, signature, opks); return Device(jid, id, ik, spk, spkId, signature, opks);
} }
/// Our bare Jid
final String jid;
/// The device Id /// The device Id
final int id; final int id;
@ -100,6 +105,7 @@ class Device {
opks[id] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); opks[id] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
return Device( return Device(
jid,
id, id,
ik, ik,
spk, spk,
@ -117,6 +123,7 @@ class Device {
final newSignature = await sig(ik, await newSpk.pk.getBytes()); final newSignature = await sig(ik, await newSpk.pk.getBytes());
return Device( return Device(
jid,
id, id,
ik, ik,
newSpk, newSpk,
@ -134,6 +141,7 @@ class Device {
} }
return OmemoBundle( return OmemoBundle(
jid,
id, id,
base64.encode(await spk.pk.getBytes()), base64.encode(await spk.pk.getBytes()),
spkId, spkId,
@ -156,6 +164,7 @@ class Device {
} }
return { return {
'jid': jid,
'id': id, 'id': id,
'ik': base64.encode(await ik.sk.getBytes()), 'ik': base64.encode(await ik.sk.getBytes()),
'ik_pub': base64.encode(await ik.pk.getBytes()), 'ik_pub': base64.encode(await ik.pk.getBytes()),
@ -189,6 +198,7 @@ class Device {
return id == other.id && return id == other.id &&
ikMatch && ikMatch &&
spkMatch && spkMatch &&
jid == other.jid &&
listsEqual(spkSignature, other.spkSignature) && listsEqual(spkSignature, other.spkSignature) &&
spkId == other.spkId && spkId == other.spkId &&
opksMatch; opksMatch;

70
lib/src/omemo/sessionmanager.dart
View File

@ -40,7 +40,8 @@ class EncryptionResult {
@immutable @immutable
class EncryptedKey { class EncryptedKey {
const EncryptedKey(this.rid, this.value, this.kex); const EncryptedKey(this.jid, this.rid, this.value, this.kex);
final String jid;
final int rid; final int rid;
final String value; final String value;
final bool kex; final bool kex;
@ -71,9 +72,9 @@ class OmemoSessionManager {
} }
/// Generate a new cryptographic identity. /// Generate a new cryptographic identity.
static Future<OmemoSessionManager> generateNewIdentity({ int opkAmount = 100 }) async { static Future<OmemoSessionManager> generateNewIdentity(String jid, { int opkAmount = 100 }) async {
assert(opkAmount > 0, 'opkAmount must be bigger than 0.'); assert(opkAmount > 0, 'opkAmount must be bigger than 0.');
final device = await Device.generateNewDevice(opkAmount: opkAmount); final device = await Device.generateNewDevice(jid, opkAmount: opkAmount);
return OmemoSessionManager(device, {}, {}); return OmemoSessionManager(device, {}, {});
} }
@ -184,9 +185,14 @@ class OmemoSessionManager {
await _addSession(jid, deviceId, ratchet); await _addSession(jid, deviceId, ratchet);
} }
/// Encrypt the key [plaintext] for all known bundles of [jid]. Returns a map that /// Like [encryptToJids] but only for one Jid [jid].
/// maps the Bundle Id to the ciphertext of [plaintext]. Future<EncryptionResult> encryptToJid(String jid, String plaintext, { List<OmemoBundle>? newSessions }) {
Future<EncryptionResult> encryptToJid(String jid, String plaintext, { List<OmemoBundle>? newSessions }) async { return encryptToJids([jid], plaintext, newSessions: newSessions);
}
/// Encrypt the key [plaintext] for all known bundles of the Jids in [jids]. Returns a
/// map that maps the device Id to the ciphertext of [plaintext].
Future<EncryptionResult> encryptToJids(List<String> jids, String plaintext, { List<OmemoBundle>? newSessions }) async {
final encryptedKeys = List<EncryptedKey>.empty(growable: true); final encryptedKeys = List<EncryptedKey>.empty(growable: true);
// Generate the key and encrypt the plaintext // Generate the key and encrypt the plaintext
@ -203,38 +209,42 @@ class OmemoSessionManager {
final kex = <int, OmemoKeyExchange>{}; final kex = <int, OmemoKeyExchange>{};
if (newSessions != null) { if (newSessions != null) {
for (final newSession in newSessions) { for (final newSession in newSessions) {
kex[newSession.id] = await addSessionFromBundle(jid, newSession.id, newSession); kex[newSession.id] = await addSessionFromBundle(newSession.jid, newSession.id, newSession);
} }
} }
await _lock.synchronized(() async { await _lock.synchronized(() async {
// We assume that the user already checked if the session exists // We assume that the user already checked if the session exists
for (final deviceId in _deviceMap[jid]!) { for (final jid in jids) {
final ratchetKey = RatchetMapKey(jid, deviceId); for (final deviceId in _deviceMap[jid]!) {
final ratchet = _ratchetMap[ratchetKey]!; final ratchetKey = RatchetMapKey(jid, deviceId);
final ciphertext = (await ratchet.ratchetEncrypt(concatKey)).ciphertext; final ratchet = _ratchetMap[ratchetKey]!;
final ciphertext = (await ratchet.ratchetEncrypt(concatKey)).ciphertext;
// Commit the ratchet // Commit the ratchet
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet)); _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet));
if (kex.isNotEmpty && kex.containsKey(deviceId)) { if (kex.isNotEmpty && kex.containsKey(deviceId)) {
final k = kex[deviceId]! final k = kex[deviceId]!
..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext); ..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext);
encryptedKeys.add( encryptedKeys.add(
EncryptedKey( EncryptedKey(
deviceId, jid,
base64.encode(k.writeToBuffer()), deviceId,
true, base64.encode(k.writeToBuffer()),
), true,
); ),
} else { );
encryptedKeys.add( } else {
EncryptedKey( encryptedKeys.add(
deviceId, EncryptedKey(
base64.encode(ciphertext), jid,
false, deviceId,
), base64.encode(ciphertext),
); false,
),
);
}
} }
} }
}); });

2
test/double_ratchet_test.dart
View File

@ -36,11 +36,13 @@ void main() {
test('Test the Double Ratchet', () async { test('Test the Double Ratchet', () async {
// Generate keys // Generate keys
const bobJid = 'bob@other.example.server';
final ikAlice = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519); final ikAlice = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519);
final ikBob = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519); final ikBob = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519);
final spkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); final spkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
final opkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); final opkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
final bundleBob = OmemoBundle( final bundleBob = OmemoBundle(
bobJid,
1, 1,
await spkBob.pk.asBase64(), await spkBob.pk.asBase64(),
3, 3,

53
test/omemo_test.dart
View File

@ -10,8 +10,8 @@ void main() {
var deviceModified = false; var deviceModified = false;
var ratchetModified = 0; var ratchetModified = 0;
var deviceMapModified = 0; var deviceMapModified = 0;
final aliceSession = await OmemoSessionManager.generateNewIdentity(opkAmount: 1); final aliceSession = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final bobSession = await OmemoSessionManager.generateNewIdentity(opkAmount: 1); final bobSession = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
final bobOpks = (await bobSession.getDevice()).opks.values.toList(); final bobOpks = (await bobSession.getDevice()).opks.values.toList();
bobSession.eventStream.listen((event) { bobSession.eventStream.listen((event) {
if (event is DeviceModifiedEvent) { if (event is DeviceModifiedEvent) {
@ -83,10 +83,10 @@ void main() {
const bobJid = 'bob@other.server.example'; const bobJid = 'bob@other.server.example';
// Alice and Bob generate their sessions // Alice and Bob generate their sessions
final aliceSession = await OmemoSessionManager.generateNewIdentity(opkAmount: 1); final aliceSession = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final bobSession = await OmemoSessionManager.generateNewIdentity(opkAmount: 1); final bobSession = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
// Bob's other device // Bob's other device
final bobSession2 = await OmemoSessionManager.generateNewIdentity(opkAmount: 1); final bobSession2 = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
// Alice encrypts a message for Bob // Alice encrypts a message for Bob
const messagePlaintext = 'Hello Bob!'; const messagePlaintext = 'Hello Bob!';
@ -143,4 +143,47 @@ void main() {
..getRatchet(bobJid, fingerprints[0].deviceId) ..getRatchet(bobJid, fingerprints[0].deviceId)
..getRatchet(bobJid, fingerprints[1].deviceId); ..getRatchet(bobJid, fingerprints[1].deviceId);
}); });
test('Test using OMEMO sessions with encrypt to self', () async {
const aliceJid = 'alice@server.example';
const bobJid = 'bob@other.server.example';
// Alice and Bob generate their sessions
final aliceSession1 = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final aliceSession2 = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final bobSession = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
// Alice encrypts a message for Bob
const messagePlaintext = 'Hello Bob!';
final aliceMessage = await aliceSession1.encryptToJids(
[bobJid, aliceJid],
messagePlaintext,
newSessions: [
await (await bobSession.getDevice()).toBundle(),
await (await aliceSession2.getDevice()).toBundle(),
],
);
expect(aliceMessage.encryptedKeys.length, 2);
// Alice sends the message to Bob
// ...
// Bob decrypts it
final bobMessage = await bobSession.decryptMessage(
aliceMessage.ciphertext,
aliceJid,
(await aliceSession1.getDevice()).id,
aliceMessage.encryptedKeys,
);
expect(messagePlaintext, bobMessage);
// Alice's other device decrypts it
final aliceMessage2 = await aliceSession2.decryptMessage(
aliceMessage.ciphertext,
aliceJid,
(await aliceSession1.getDevice()).id,
aliceMessage.encryptedKeys,
);
expect(messagePlaintext, aliceMessage2);
});
} }

10
test/serialisation_test.dart
View File

@ -4,7 +4,7 @@ import 'package:test/test.dart';
void main() { void main() {
test('Test serialising and deserialising the Device', () async { test('Test serialising and deserialising the Device', () async {
// Generate a random session // Generate a random session
final oldSession = await OmemoSessionManager.generateNewIdentity(opkAmount: 1); final oldSession = await OmemoSessionManager.generateNewIdentity('user@test.server', opkAmount: 1);
final oldDevice = await oldSession.getDevice(); final oldDevice = await oldSession.getDevice();
final serialised = await oldDevice.toJson(); final serialised = await oldDevice.toJson();
@ -16,8 +16,8 @@ void main() {
// Generate a random ratchet // Generate a random ratchet
const aliceJid = 'alice@server.example'; const aliceJid = 'alice@server.example';
const bobJid = 'bob@other.server.example'; const bobJid = 'bob@other.server.example';
final aliceSession = await OmemoSessionManager.generateNewIdentity(opkAmount: 1); final aliceSession = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final bobSession = await OmemoSessionManager.generateNewIdentity(opkAmount: 1); final bobSession = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
final aliceMessage = await aliceSession.encryptToJid( final aliceMessage = await aliceSession.encryptToJid(
bobJid, bobJid,
'Hello Bob!', 'Hello Bob!',
@ -40,8 +40,8 @@ void main() {
test('Test serialising and deserialising the OmemoSessionManager', () async { test('Test serialising and deserialising the OmemoSessionManager', () async {
// Generate a random session // Generate a random session
final oldSession = await OmemoSessionManager.generateNewIdentity(opkAmount: 4); final oldSession = await OmemoSessionManager.generateNewIdentity('a@server', opkAmount: 4);
final bobSession = await OmemoSessionManager.generateNewIdentity(opkAmount: 4); final bobSession = await OmemoSessionManager.generateNewIdentity('b@other.server', opkAmount: 4);
await oldSession.addSessionFromBundle( await oldSession.addSessionFromBundle(
'bob@localhost', 'bob@localhost',
(await bobSession.getDevice()).id, (await bobSession.getDevice()).id,

2
test/x3dh_test.dart
View File

@ -11,6 +11,7 @@ void main() {
final spkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); final spkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
final opkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); final opkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
final bundleBob = OmemoBundle( final bundleBob = OmemoBundle(
'alice@some.server',
1, 1,
await spkBob.pk.asBase64(), await spkBob.pk.asBase64(),
3, 3,
@ -53,6 +54,7 @@ void main() {
final spkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); final spkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
final opkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); final opkBob = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
final bundleBob = OmemoBundle( final bundleBob = OmemoBundle(
'bob@some.server',
1, 1,
await spkBob.pk.asBase64(), await spkBob.pk.asBase64(),
3, 3,