feat: Check the HMAC during decryption

lib/src/double_ratchet/crypto.dart

@@ -1,6 +1,7 @@
 import 'dart:convert';
 import 'package:cryptography/cryptography.dart';
 import 'package:omemo_dart/protobuf/schema.pb.dart';
+import 'package:omemo_dart/src/errors.dart';
 import 'package:omemo_dart/src/helpers.dart';
 
 /// Info string for ENCRYPT
@@ -93,7 +94,9 @@ Future<List<int>> decrypt(List<int> mk, List<int> ciphertext, List<int> associat
     secretKey: SecretKey(authenticationKey),
   )).bytes.sublist(0, 16);
 
-  // TODO(PapaTutuWawa): Check the HMAC result
+  if (!listsEqual(hmacResult, message.mac)) {
+    throw InvalidMessageHMACException();
+  }
   
   final plaintext = await AesCbc.with256bits(
     macAlgorithm: MacAlgorithm.empty,

lib/src/errors.dart

@@ -1,3 +1,9 @@
+/// Triggered during X3DH if the signature if the SPK does verify to the actual SPK.
 class InvalidSignatureException implements Exception {
   String errMsg() => 'The signature of the SPK does not match the provided signature';
 }
+
+/// Triggered by the Double Ratchet if the computet HMAC does not match the attached HMAC.
+class InvalidMessageHMACException implements Exception {
+  String errMsg() => 'The computed HMAC does not match the provided HMAC';
+}

lib/src/helpers.dart

@@ -7,3 +7,16 @@ List<int> concat(List<List<int>> inputs) {
 
   return tmp;
 }
+
+/// Compares the two lists [a] and [b] and return true if [a] and [b] are index-by-index
+/// equal. Returns false, if they are not "equal";
+bool listsEqual(List<int> a, List<int> b) {
+  // TODO(Unknown): Do we need to use a constant time comparison?
+  if (a.length != b.length) return false;
+
+  for (var i = 0; i < a.length; i++) {
+    if (a[i] != b[i]) return false;
+  }
+
+  return true;
+}