PapaTutuWawa/omemo_dart
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Add a base trust manager class

Browse Source
This commit is contained in:
PapaTutuWawa 2022-08-08 18:03:05 +02:00
parent e9f190036c
commit dafd0af1e5
6 changed files with 133 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/omemo_dart.dart
View File

@ -11,4 +11,6 @@ export 'src/omemo/encrypted_key.dart';
export 'src/omemo/encryption_result.dart';
export 'src/omemo/fingerprint.dart';
export 'src/omemo/sessionmanager.dart';
export 'src/trust/base.dart';
//export 'src/trust/btbv.dart';
export 'src/x3dh/x3dh.dart';

17
lib/src/omemo/sessionmanager.dart
View File

@ -19,6 +19,7 @@ import 'package:omemo_dart/src/omemo/ratchet_map_key.dart';
import 'package:omemo_dart/src/protobuf/omemo_authenticated_message.dart';
import 'package:omemo_dart/src/protobuf/omemo_key_exchange.dart';
import 'package:omemo_dart/src/protobuf/omemo_message.dart';
import 'package:omemo_dart/src/trust/base.dart';
import 'package:omemo_dart/src/x3dh/x3dh.dart';
import 'package:synchronized/synchronized.dart';
@ -27,13 +28,13 @@ const omemoPayloadInfoString = 'OMEMO Payload';
class OmemoSessionManager {
OmemoSessionManager(this._device, this._deviceMap, this._ratchetMap)
OmemoSessionManager(this._device, this._deviceMap, this._ratchetMap, this._trustManager)
: _lock = Lock(),
_deviceLock = Lock(),
_eventStreamController = StreamController<OmemoEvent>.broadcast();
/// Deserialise the OmemoSessionManager from JSON data [data].
factory OmemoSessionManager.fromJson(Map<String, dynamic> data) {
factory OmemoSessionManager.fromJson(Map<String, dynamic> data, TrustManager trustManager) {
final ratchetMap = <RatchetMapKey, OmemoDoubleRatchet>{};
for (final rawRatchet in data['sessions']! as List<Map<String, dynamic>>) {
final key = RatchetMapKey(rawRatchet['jid']! as String, rawRatchet['deviceId']! as int);
@ -41,20 +42,20 @@ class OmemoSessionManager {
ratchetMap[key] = ratchet;
}
// TODO(PapaTutuWawa): Handle Trust behaviour
return OmemoSessionManager(
Device.fromJson(data['device']! as Map<String, dynamic>),
data['devices']! as Map<String, List<int>>,
ratchetMap,
trustManager,
);
}
/// Generate a new cryptographic identity.
static Future<OmemoSessionManager> generateNewIdentity(String jid, { int opkAmount = 100 }) async {
static Future<OmemoSessionManager> generateNewIdentity(String jid, TrustManager trustManager, { int opkAmount = 100 }) async {
assert(opkAmount > 0, 'opkAmount must be bigger than 0.');
final device = await Device.generateNewDevice(jid, opkAmount: opkAmount);
return OmemoSessionManager(device, {}, {});
return OmemoSessionManager(device, {}, {}, trustManager);
}
/// Lock for _ratchetMap and _bundleMap
@ -75,6 +76,9 @@ class OmemoSessionManager {
/// and its lock
final Lock _deviceLock;
/// The trust manager
final TrustManager _trustManager;
/// A stream that receives events regarding the session
Stream<OmemoEvent> get eventStream => _eventStreamController.stream;
@ -218,6 +222,9 @@ class OmemoSessionManager {
// We assume that the user already checked if the session exists
for (final jid in jids) {
for (final deviceId in _deviceMap[jid]!) {
// Only encrypt to devices that are trusted
if (!(await _trustManager.isTrusted(jid, deviceId))) continue;
final ratchetKey = RatchetMapKey(jid, deviceId);
final ratchet = _ratchetMap[ratchetKey]!;
final ciphertext = (await ratchet.ratchetEncrypt(keyPayload)).ciphertext;

11
lib/src/trust/always.dart Normal file
View File

@ -0,0 +1,11 @@
import 'package:meta/meta.dart';
import 'package:omemo_dart/src/trust/base.dart';
/// Only use for testing!
/// An implementation of TrustManager that always trusts every device and thus
/// has no internal state.
@visibleForTesting
class AlwaysTrustingTrustManager extends TrustManager {
@override
Future<bool> isTrusted(String jid, int deviceId) async => true;
}

7
lib/src/trust/base.dart Normal file
View File

@ -0,0 +1,7 @@
/// The base class for managing trust in OMEMO sessions.
// ignore: one_member_abstracts
abstract class TrustManager {
/// Return true when the device with id [deviceId] of Jid [jid] is trusted, i.e. if an
/// encrypted message should be sent to this device. If not, return false.
Future<bool> isTrusted(String jid, int deviceId);
}

79
test/omemo_test.dart
View File

@ -1,4 +1,5 @@
import 'package:omemo_dart/omemo_dart.dart';
import 'package:omemo_dart/src/trust/always.dart';
import 'package:test/test.dart';
void main() {
@ -10,8 +11,16 @@ void main() {
var deviceModified = false;
var ratchetModified = 0;
var deviceMapModified = 0;
final aliceSession = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final bobSession = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
final aliceSession = await OmemoSessionManager.generateNewIdentity(
aliceJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
final bobSession = await OmemoSessionManager.generateNewIdentity(
bobJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
final bobOpks = (await bobSession.getDevice()).opks.values.toList();
bobSession.eventStream.listen((event) {
if (event is DeviceModifiedEvent) {
@ -83,10 +92,22 @@ void main() {
const bobJid = 'bob@other.server.example';
// Alice and Bob generate their sessions
final aliceSession = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final bobSession = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
final aliceSession = await OmemoSessionManager.generateNewIdentity(
aliceJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
final bobSession = await OmemoSessionManager.generateNewIdentity(
bobJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
// Bob's other device
final bobSession2 = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
final bobSession2 = await OmemoSessionManager.generateNewIdentity(
bobJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
// Alice encrypts a message for Bob
const messagePlaintext = 'Hello Bob!';
@ -149,9 +170,21 @@ void main() {
const bobJid = 'bob@other.server.example';
// Alice and Bob generate their sessions
final aliceSession1 = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final aliceSession2 = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final bobSession = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
final aliceSession1 = await OmemoSessionManager.generateNewIdentity(
aliceJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
final aliceSession2 = await OmemoSessionManager.generateNewIdentity(
aliceJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
final bobSession = await OmemoSessionManager.generateNewIdentity(
bobJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
// Alice encrypts a message for Bob
const messagePlaintext = 'Hello Bob!';
@ -192,8 +225,16 @@ void main() {
const bobJid = 'bob@other.server.example';
// Alice and Bob generate their sessions
final aliceSession = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final bobSession = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
final aliceSession = await OmemoSessionManager.generateNewIdentity(
aliceJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
final bobSession = await OmemoSessionManager.generateNewIdentity(
bobJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
// Alice encrypts a message for Bob
final aliceMessage = await aliceSession.encryptToJid(
@ -225,7 +266,11 @@ void main() {
test('Test rotating the Signed Prekey', () async {
// Generate the session
const aliceJid = 'alice@some.server';
final aliceSession = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final aliceSession = await OmemoSessionManager.generateNewIdentity(
aliceJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
// Setup an event listener
final oldDevice = await aliceSession.getDevice();
@ -254,8 +299,16 @@ void main() {
const bobJid = 'bob@other.server.example';
// Alice and Bob generate their sessions
final aliceSession = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final bobSession = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
final aliceSession = await OmemoSessionManager.generateNewIdentity(
aliceJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
final bobSession = await OmemoSessionManager.generateNewIdentity(
bobJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
// Alice encrypts a message for Bob
const messagePlaintext = 'Hello Bob!';

42
test/serialisation_test.dart
View File

@ -1,10 +1,15 @@
import 'package:omemo_dart/omemo_dart.dart';
import 'package:omemo_dart/src/trust/always.dart';
import 'package:test/test.dart';
void main() {
test('Test serialising and deserialising the Device', () async {
// Generate a random session
final oldSession = await OmemoSessionManager.generateNewIdentity('user@test.server', opkAmount: 1);
final oldSession = await OmemoSessionManager.generateNewIdentity(
'user@test.server',
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
final oldDevice = await oldSession.getDevice();
final serialised = await oldDevice.toJson();
@ -14,7 +19,11 @@ void main() {
test('Test serialising and deserialising the Device after rotating the SPK', () async {
// Generate a random session
final oldSession = await OmemoSessionManager.generateNewIdentity('user@test.server', opkAmount: 1);
final oldSession = await OmemoSessionManager.generateNewIdentity(
'user@test.server',
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
final oldDevice = await (await oldSession.getDevice()).replaceSignedPrekey();
final serialised = await oldDevice.toJson();
@ -26,8 +35,16 @@ void main() {
// Generate a random ratchet
const aliceJid = 'alice@server.example';
const bobJid = 'bob@other.server.example';
final aliceSession = await OmemoSessionManager.generateNewIdentity(aliceJid, opkAmount: 1);
final bobSession = await OmemoSessionManager.generateNewIdentity(bobJid, opkAmount: 1);
final aliceSession = await OmemoSessionManager.generateNewIdentity(
aliceJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
final bobSession = await OmemoSessionManager.generateNewIdentity(
bobJid,
AlwaysTrustingTrustManager(),
opkAmount: 1,
);
final aliceMessage = await aliceSession.encryptToJid(
bobJid,
'Hello Bob!',
@ -50,8 +67,16 @@ void main() {
test('Test serialising and deserialising the OmemoSessionManager', () async {
// Generate a random session
final oldSession = await OmemoSessionManager.generateNewIdentity('a@server', opkAmount: 4);
final bobSession = await OmemoSessionManager.generateNewIdentity('b@other.server', opkAmount: 4);
final oldSession = await OmemoSessionManager.generateNewIdentity(
'a@server',
AlwaysTrustingTrustManager(),
opkAmount: 4,
);
final bobSession = await OmemoSessionManager.generateNewIdentity(
'b@other.server',
AlwaysTrustingTrustManager(),
opkAmount: 4,
);
await oldSession.addSessionFromBundle(
'bob@localhost',
(await bobSession.getDevice()).id,
@ -60,7 +85,10 @@ void main() {
// Serialise and deserialise
final serialised = await oldSession.toJson();
final newSession = OmemoSessionManager.fromJson(serialised);
final newSession = OmemoSessionManager.fromJson(
serialised,
AlwaysTrustingTrustManager(),
);
final oldDevice = await oldSession.getDevice();
final newDevice = await newSession.getDevice();