Compare commits
5 Commits
04bb70d657
...
0ffc0b067a
Author | SHA1 | Date | |
---|---|---|---|
0ffc0b067a | |||
3376929c24 | |||
3783ec6f13 | |||
65f1daff55 | |||
f2ec7bd759 |
@ -8,28 +8,45 @@ void main() async {
|
||||
const aliceJid = 'alice@some.server';
|
||||
const bobJid = 'bob@other.serve';
|
||||
|
||||
// You are Alice and want to begin using OMEMO, so you first create a SessionManager
|
||||
final aliceSession = await OmemoSessionManager.generateNewIdentity(
|
||||
// The bare Jid of Alice as a String
|
||||
aliceJid,
|
||||
// You are Alice and want to begin using OMEMO, so you first create an OmemoManager.
|
||||
final aliceManager = OmemoManager(
|
||||
// Generate Alice's OMEMO device bundle. We can specify how many One-time Prekeys we want, but
|
||||
// per default, omemo_dart generates 100 (recommended by XEP-0384).
|
||||
await OmemoDevice.generateNewDevice(aliceJid),
|
||||
// The trust manager we want to use. In this case, we use the provided one that
|
||||
// implements "Blind Trust Before Verification". To make things simpler, we keep
|
||||
// no persistent data and can thus use the MemoryBTBVTrustManager. If we wanted to keep
|
||||
// the state, we would have to override BlindTrustBeforeVerificationTrustManager.
|
||||
MemoryBTBVTrustManager(),
|
||||
// Here we specify how many Onetime Prekeys we want to have. XEP-0384 recommends around
|
||||
// 100 OPKs, so let's generate 100. The parameter defaults to 100.
|
||||
//opkAmount: 100,
|
||||
// This function is called whenever we need to send an OMEMO heartbeat to [recipient].
|
||||
// [result] is the encryted data to include. This needs to be wired into your XMPP library's
|
||||
// OMEMO implementation.
|
||||
// For simplicity, we use an empty function and imagine it works.
|
||||
(result, recipient) async => {},
|
||||
// This function is called whenever we need to fetch the device list for [jid].
|
||||
// This needs to be wired into your XMPP library's OMEMO implementation.
|
||||
// For simplicity, we use an empty function and imagine it works.
|
||||
(jid) async => [],
|
||||
// This function is called whenever we need to fetch the device bundle with id [id] from [jid].
|
||||
// This needs to be wired into your XMPP library's OMEMO implementation.
|
||||
// For simplicity, we use an empty function and imagine it works.
|
||||
(jid, id) async => null,
|
||||
// This function is called whenever we need to subscribe to [jid]'s device list PubSub node.
|
||||
// This needs to be wired into your XMPP library's OMEMO implementation.
|
||||
// For simplicity, we use an empty function and imagine it works.
|
||||
(jid) async {},
|
||||
);
|
||||
|
||||
// Alice now wants to chat with Bob at his bare Jid "bob@other.server". To make things
|
||||
// simple, we just generate the identity bundle ourselves. In the real world, we would
|
||||
// request it using PEP and then convert the device bundle into a OmemoBundle object.
|
||||
final bobSession = await OmemoSessionManager.generateNewIdentity(
|
||||
bobJid,
|
||||
final bobManager = OmemoManager(
|
||||
await OmemoDevice.generateNewDevice(bobJid),
|
||||
MemoryBTBVTrustManager(),
|
||||
// Just for illustrative purposes
|
||||
opkAmount: 1,
|
||||
(result, recipient) async => {},
|
||||
(jid) async => [],
|
||||
(jid, id) async => null,
|
||||
(jid) async {},
|
||||
);
|
||||
|
||||
// Alice prepares to send the message to Bob, so she builds the message stanza and
|
||||
@ -56,19 +73,18 @@ void main() async {
|
||||
|
||||
// Since Alice has no open session with Bob, we need to tell the session manager to build
|
||||
// it when sending the message.
|
||||
final message = await aliceSession.encryptToJid(
|
||||
final message = await aliceSession.onOutgoingStanza(
|
||||
OmemoOutgoingStanza(
|
||||
// The bare receiver Jid
|
||||
bobJid,
|
||||
// The envelope we want to encrypt
|
||||
[bobJid],
|
||||
|
||||
// The payload we want to encrypt, i.e. the envelope.
|
||||
envelope,
|
||||
// Since this is the first time Alice contacts Bob from this device, we need to create
|
||||
// a new session. Let's also assume that Bob only has one device. We may, however,
|
||||
// add more bundles to newSessions, if we know of more.
|
||||
newSessions: [
|
||||
await bobSession.getDeviceBundle(),
|
||||
],
|
||||
),
|
||||
);
|
||||
|
||||
// In a proper implementation, we should also do some error checking here.
|
||||
|
||||
// Alice now builds the actual message stanza for Bob
|
||||
final payload = base64.encode(message.ciphertext!);
|
||||
final aliceDevice = await aliceSession.getDevice();
|
||||
@ -110,17 +126,26 @@ void main() async {
|
||||
|
||||
// Bob extracts the payload and attempts to decrypt it.
|
||||
// ignore: unused_local_variable
|
||||
final bobMessage = await bobSession.decryptMessage(
|
||||
// base64 decode the payload
|
||||
base64.decode(payload),
|
||||
// Specify the Jid of the sender
|
||||
final bobMessage = await bobManager.onIncomingStanza(
|
||||
OmemoIncomingStanza(
|
||||
// The bare sender JID of the message. In this case, it's Alice's.
|
||||
aliceJid,
|
||||
// Specify the device identifier of the sender (the "sid" attribute of <header />)
|
||||
|
||||
// The 'sid' attribute of the <header /> element. Here, we know that Alice only has one device.
|
||||
aliceDevice.id,
|
||||
// The deserialised keys
|
||||
keys,
|
||||
// Since the message was not delayed, we use the current time
|
||||
|
||||
// Time the message was sent. Since the message was not delayed, we use the
|
||||
// current time.
|
||||
DateTime.now().millisecondsSinceEpoch,
|
||||
|
||||
/// The decoded <key /> elements. from the header. Note that we only include the ones
|
||||
/// relevant for Bob, so all children of <keys jid='$bobJid' />.
|
||||
keys,
|
||||
|
||||
/// The text of the <payload /> element, if it exists. If not, then the message might be
|
||||
/// a hearbeat, where no payload is sent. In that case, use null.
|
||||
payload,
|
||||
),
|
||||
);
|
||||
|
||||
// All Bob has to do now is replace the OMEMO wrapper element
|
||||
|
@ -12,7 +12,6 @@ export 'src/omemo/events.dart';
|
||||
export 'src/omemo/fingerprint.dart';
|
||||
export 'src/omemo/omemomanager.dart';
|
||||
export 'src/omemo/ratchet_map_key.dart';
|
||||
export 'src/omemo/sessionmanager.dart';
|
||||
export 'src/omemo/stanza.dart';
|
||||
export 'src/trust/base.dart';
|
||||
export 'src/trust/btbv.dart';
|
||||
|
@ -10,12 +10,35 @@ import 'dart:core' as $core;
|
||||
import 'package:protobuf/protobuf.dart' as $pb;
|
||||
|
||||
class OMEMOMessage extends $pb.GeneratedMessage {
|
||||
static final $pb.BuilderInfo _i = $pb.BuilderInfo(const $core.bool.fromEnvironment('protobuf.omit_message_names') ? '' : 'OMEMOMessage', createEmptyInstance: create)
|
||||
..a<$core.int>(1, const $core.bool.fromEnvironment('protobuf.omit_field_names') ? '' : 'n', $pb.PbFieldType.QU3)
|
||||
..a<$core.int>(2, const $core.bool.fromEnvironment('protobuf.omit_field_names') ? '' : 'pn', $pb.PbFieldType.QU3)
|
||||
..a<$core.List<$core.int>>(3, const $core.bool.fromEnvironment('protobuf.omit_field_names') ? '' : 'dhPub', $pb.PbFieldType.QY)
|
||||
..a<$core.List<$core.int>>(4, const $core.bool.fromEnvironment('protobuf.omit_field_names') ? '' : 'ciphertext', $pb.PbFieldType.OY)
|
||||
;
|
||||
static final $pb.BuilderInfo _i = $pb.BuilderInfo(
|
||||
const $core.bool.fromEnvironment('protobuf.omit_message_names')
|
||||
? ''
|
||||
: 'OMEMOMessage',
|
||||
createEmptyInstance: create)
|
||||
..a<$core.int>(
|
||||
1,
|
||||
const $core.bool.fromEnvironment('protobuf.omit_field_names')
|
||||
? ''
|
||||
: 'n',
|
||||
$pb.PbFieldType.QU3)
|
||||
..a<$core.int>(
|
||||
2,
|
||||
const $core.bool.fromEnvironment('protobuf.omit_field_names')
|
||||
? ''
|
||||
: 'pn',
|
||||
$pb.PbFieldType.QU3)
|
||||
..a<$core.List<$core.int>>(
|
||||
3,
|
||||
const $core.bool.fromEnvironment('protobuf.omit_field_names')
|
||||
? ''
|
||||
: 'dhPub',
|
||||
$pb.PbFieldType.QY)
|
||||
..a<$core.List<$core.int>>(
|
||||
4,
|
||||
const $core.bool.fromEnvironment('protobuf.omit_field_names')
|
||||
? ''
|
||||
: 'ciphertext',
|
||||
$pb.PbFieldType.OY);
|
||||
|
||||
OMEMOMessage._() : super();
|
||||
factory OMEMOMessage({
|
||||
@ -39,31 +62,40 @@ class OMEMOMessage extends $pb.GeneratedMessage {
|
||||
}
|
||||
return _result;
|
||||
}
|
||||
factory OMEMOMessage.fromBuffer($core.List<$core.int> i, [$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) => create()..mergeFromBuffer(i, r);
|
||||
factory OMEMOMessage.fromJson($core.String i, [$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) => create()..mergeFromJson(i, r);
|
||||
@$core.Deprecated(
|
||||
'Using this can add significant overhead to your binary. '
|
||||
factory OMEMOMessage.fromBuffer($core.List<$core.int> i,
|
||||
[$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) =>
|
||||
create()..mergeFromBuffer(i, r);
|
||||
factory OMEMOMessage.fromJson($core.String i,
|
||||
[$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) =>
|
||||
create()..mergeFromJson(i, r);
|
||||
@$core.Deprecated('Using this can add significant overhead to your binary. '
|
||||
'Use [GeneratedMessageGenericExtensions.deepCopy] instead. '
|
||||
'Will be removed in next major version')
|
||||
OMEMOMessage clone() => OMEMOMessage()..mergeFromMessage(this);
|
||||
@$core.Deprecated(
|
||||
'Using this can add significant overhead to your binary. '
|
||||
@$core.Deprecated('Using this can add significant overhead to your binary. '
|
||||
'Use [GeneratedMessageGenericExtensions.rebuild] instead. '
|
||||
'Will be removed in next major version')
|
||||
OMEMOMessage copyWith(void Function(OMEMOMessage) updates) => super.copyWith((message) => updates(message as OMEMOMessage)) as OMEMOMessage; // ignore: deprecated_member_use
|
||||
OMEMOMessage copyWith(void Function(OMEMOMessage) updates) =>
|
||||
super.copyWith((message) => updates(message as OMEMOMessage))
|
||||
as OMEMOMessage; // ignore: deprecated_member_use
|
||||
$pb.BuilderInfo get info_ => _i;
|
||||
@$core.pragma('dart2js:noInline')
|
||||
static OMEMOMessage create() => OMEMOMessage._();
|
||||
OMEMOMessage createEmptyInstance() => create();
|
||||
static $pb.PbList<OMEMOMessage> createRepeated() => $pb.PbList<OMEMOMessage>();
|
||||
static $pb.PbList<OMEMOMessage> createRepeated() =>
|
||||
$pb.PbList<OMEMOMessage>();
|
||||
@$core.pragma('dart2js:noInline')
|
||||
static OMEMOMessage getDefault() => _defaultInstance ??= $pb.GeneratedMessage.$_defaultFor<OMEMOMessage>(create);
|
||||
static OMEMOMessage getDefault() => _defaultInstance ??=
|
||||
$pb.GeneratedMessage.$_defaultFor<OMEMOMessage>(create);
|
||||
static OMEMOMessage? _defaultInstance;
|
||||
|
||||
@$pb.TagNumber(1)
|
||||
$core.int get n => $_getIZ(0);
|
||||
@$pb.TagNumber(1)
|
||||
set n($core.int v) { $_setUnsignedInt32(0, v); }
|
||||
set n($core.int v) {
|
||||
$_setUnsignedInt32(0, v);
|
||||
}
|
||||
|
||||
@$pb.TagNumber(1)
|
||||
$core.bool hasN() => $_has(0);
|
||||
@$pb.TagNumber(1)
|
||||
@ -72,7 +104,10 @@ class OMEMOMessage extends $pb.GeneratedMessage {
|
||||
@$pb.TagNumber(2)
|
||||
$core.int get pn => $_getIZ(1);
|
||||
@$pb.TagNumber(2)
|
||||
set pn($core.int v) { $_setUnsignedInt32(1, v); }
|
||||
set pn($core.int v) {
|
||||
$_setUnsignedInt32(1, v);
|
||||
}
|
||||
|
||||
@$pb.TagNumber(2)
|
||||
$core.bool hasPn() => $_has(1);
|
||||
@$pb.TagNumber(2)
|
||||
@ -81,7 +116,10 @@ class OMEMOMessage extends $pb.GeneratedMessage {
|
||||
@$pb.TagNumber(3)
|
||||
$core.List<$core.int> get dhPub => $_getN(2);
|
||||
@$pb.TagNumber(3)
|
||||
set dhPub($core.List<$core.int> v) { $_setBytes(2, v); }
|
||||
set dhPub($core.List<$core.int> v) {
|
||||
$_setBytes(2, v);
|
||||
}
|
||||
|
||||
@$pb.TagNumber(3)
|
||||
$core.bool hasDhPub() => $_has(2);
|
||||
@$pb.TagNumber(3)
|
||||
@ -90,7 +128,10 @@ class OMEMOMessage extends $pb.GeneratedMessage {
|
||||
@$pb.TagNumber(4)
|
||||
$core.List<$core.int> get ciphertext => $_getN(3);
|
||||
@$pb.TagNumber(4)
|
||||
set ciphertext($core.List<$core.int> v) { $_setBytes(3, v); }
|
||||
set ciphertext($core.List<$core.int> v) {
|
||||
$_setBytes(3, v);
|
||||
}
|
||||
|
||||
@$pb.TagNumber(4)
|
||||
$core.bool hasCiphertext() => $_has(3);
|
||||
@$pb.TagNumber(4)
|
||||
@ -98,10 +139,23 @@ class OMEMOMessage extends $pb.GeneratedMessage {
|
||||
}
|
||||
|
||||
class OMEMOAuthenticatedMessage extends $pb.GeneratedMessage {
|
||||
static final $pb.BuilderInfo _i = $pb.BuilderInfo(const $core.bool.fromEnvironment('protobuf.omit_message_names') ? '' : 'OMEMOAuthenticatedMessage', createEmptyInstance: create)
|
||||
..a<$core.List<$core.int>>(1, const $core.bool.fromEnvironment('protobuf.omit_field_names') ? '' : 'mac', $pb.PbFieldType.QY)
|
||||
..a<$core.List<$core.int>>(2, const $core.bool.fromEnvironment('protobuf.omit_field_names') ? '' : 'message', $pb.PbFieldType.QY)
|
||||
;
|
||||
static final $pb.BuilderInfo _i = $pb.BuilderInfo(
|
||||
const $core.bool.fromEnvironment('protobuf.omit_message_names')
|
||||
? ''
|
||||
: 'OMEMOAuthenticatedMessage',
|
||||
createEmptyInstance: create)
|
||||
..a<$core.List<$core.int>>(
|
||||
1,
|
||||
const $core.bool.fromEnvironment('protobuf.omit_field_names')
|
||||
? ''
|
||||
: 'mac',
|
||||
$pb.PbFieldType.QY)
|
||||
..a<$core.List<$core.int>>(
|
||||
2,
|
||||
const $core.bool.fromEnvironment('protobuf.omit_field_names')
|
||||
? ''
|
||||
: 'message',
|
||||
$pb.PbFieldType.QY);
|
||||
|
||||
OMEMOAuthenticatedMessage._() : super();
|
||||
factory OMEMOAuthenticatedMessage({
|
||||
@ -117,31 +171,42 @@ class OMEMOAuthenticatedMessage extends $pb.GeneratedMessage {
|
||||
}
|
||||
return _result;
|
||||
}
|
||||
factory OMEMOAuthenticatedMessage.fromBuffer($core.List<$core.int> i, [$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) => create()..mergeFromBuffer(i, r);
|
||||
factory OMEMOAuthenticatedMessage.fromJson($core.String i, [$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) => create()..mergeFromJson(i, r);
|
||||
@$core.Deprecated(
|
||||
'Using this can add significant overhead to your binary. '
|
||||
factory OMEMOAuthenticatedMessage.fromBuffer($core.List<$core.int> i,
|
||||
[$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) =>
|
||||
create()..mergeFromBuffer(i, r);
|
||||
factory OMEMOAuthenticatedMessage.fromJson($core.String i,
|
||||
[$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) =>
|
||||
create()..mergeFromJson(i, r);
|
||||
@$core.Deprecated('Using this can add significant overhead to your binary. '
|
||||
'Use [GeneratedMessageGenericExtensions.deepCopy] instead. '
|
||||
'Will be removed in next major version')
|
||||
OMEMOAuthenticatedMessage clone() => OMEMOAuthenticatedMessage()..mergeFromMessage(this);
|
||||
@$core.Deprecated(
|
||||
'Using this can add significant overhead to your binary. '
|
||||
OMEMOAuthenticatedMessage clone() =>
|
||||
OMEMOAuthenticatedMessage()..mergeFromMessage(this);
|
||||
@$core.Deprecated('Using this can add significant overhead to your binary. '
|
||||
'Use [GeneratedMessageGenericExtensions.rebuild] instead. '
|
||||
'Will be removed in next major version')
|
||||
OMEMOAuthenticatedMessage copyWith(void Function(OMEMOAuthenticatedMessage) updates) => super.copyWith((message) => updates(message as OMEMOAuthenticatedMessage)) as OMEMOAuthenticatedMessage; // ignore: deprecated_member_use
|
||||
OMEMOAuthenticatedMessage copyWith(
|
||||
void Function(OMEMOAuthenticatedMessage) updates) =>
|
||||
super.copyWith((message) => updates(message as OMEMOAuthenticatedMessage))
|
||||
as OMEMOAuthenticatedMessage; // ignore: deprecated_member_use
|
||||
$pb.BuilderInfo get info_ => _i;
|
||||
@$core.pragma('dart2js:noInline')
|
||||
static OMEMOAuthenticatedMessage create() => OMEMOAuthenticatedMessage._();
|
||||
OMEMOAuthenticatedMessage createEmptyInstance() => create();
|
||||
static $pb.PbList<OMEMOAuthenticatedMessage> createRepeated() => $pb.PbList<OMEMOAuthenticatedMessage>();
|
||||
static $pb.PbList<OMEMOAuthenticatedMessage> createRepeated() =>
|
||||
$pb.PbList<OMEMOAuthenticatedMessage>();
|
||||
@$core.pragma('dart2js:noInline')
|
||||
static OMEMOAuthenticatedMessage getDefault() => _defaultInstance ??= $pb.GeneratedMessage.$_defaultFor<OMEMOAuthenticatedMessage>(create);
|
||||
static OMEMOAuthenticatedMessage getDefault() => _defaultInstance ??=
|
||||
$pb.GeneratedMessage.$_defaultFor<OMEMOAuthenticatedMessage>(create);
|
||||
static OMEMOAuthenticatedMessage? _defaultInstance;
|
||||
|
||||
@$pb.TagNumber(1)
|
||||
$core.List<$core.int> get mac => $_getN(0);
|
||||
@$pb.TagNumber(1)
|
||||
set mac($core.List<$core.int> v) { $_setBytes(0, v); }
|
||||
set mac($core.List<$core.int> v) {
|
||||
$_setBytes(0, v);
|
||||
}
|
||||
|
||||
@$pb.TagNumber(1)
|
||||
$core.bool hasMac() => $_has(0);
|
||||
@$pb.TagNumber(1)
|
||||
@ -150,7 +215,10 @@ class OMEMOAuthenticatedMessage extends $pb.GeneratedMessage {
|
||||
@$pb.TagNumber(2)
|
||||
$core.List<$core.int> get message => $_getN(1);
|
||||
@$pb.TagNumber(2)
|
||||
set message($core.List<$core.int> v) { $_setBytes(1, v); }
|
||||
set message($core.List<$core.int> v) {
|
||||
$_setBytes(1, v);
|
||||
}
|
||||
|
||||
@$pb.TagNumber(2)
|
||||
$core.bool hasMessage() => $_has(1);
|
||||
@$pb.TagNumber(2)
|
||||
@ -158,13 +226,41 @@ class OMEMOAuthenticatedMessage extends $pb.GeneratedMessage {
|
||||
}
|
||||
|
||||
class OMEMOKeyExchange extends $pb.GeneratedMessage {
|
||||
static final $pb.BuilderInfo _i = $pb.BuilderInfo(const $core.bool.fromEnvironment('protobuf.omit_message_names') ? '' : 'OMEMOKeyExchange', createEmptyInstance: create)
|
||||
..a<$core.int>(1, const $core.bool.fromEnvironment('protobuf.omit_field_names') ? '' : 'pkId', $pb.PbFieldType.QU3)
|
||||
..a<$core.int>(2, const $core.bool.fromEnvironment('protobuf.omit_field_names') ? '' : 'spkId', $pb.PbFieldType.QU3)
|
||||
..a<$core.List<$core.int>>(3, const $core.bool.fromEnvironment('protobuf.omit_field_names') ? '' : 'ik', $pb.PbFieldType.QY)
|
||||
..a<$core.List<$core.int>>(4, const $core.bool.fromEnvironment('protobuf.omit_field_names') ? '' : 'ek', $pb.PbFieldType.QY)
|
||||
..aQM<OMEMOAuthenticatedMessage>(5, const $core.bool.fromEnvironment('protobuf.omit_field_names') ? '' : 'message', subBuilder: OMEMOAuthenticatedMessage.create)
|
||||
;
|
||||
static final $pb.BuilderInfo _i = $pb.BuilderInfo(
|
||||
const $core.bool.fromEnvironment('protobuf.omit_message_names')
|
||||
? ''
|
||||
: 'OMEMOKeyExchange',
|
||||
createEmptyInstance: create)
|
||||
..a<$core.int>(
|
||||
1,
|
||||
const $core.bool.fromEnvironment('protobuf.omit_field_names')
|
||||
? ''
|
||||
: 'pkId',
|
||||
$pb.PbFieldType.QU3)
|
||||
..a<$core.int>(
|
||||
2,
|
||||
const $core.bool.fromEnvironment('protobuf.omit_field_names')
|
||||
? ''
|
||||
: 'spkId',
|
||||
$pb.PbFieldType.QU3)
|
||||
..a<$core.List<$core.int>>(
|
||||
3,
|
||||
const $core.bool.fromEnvironment('protobuf.omit_field_names')
|
||||
? ''
|
||||
: 'ik',
|
||||
$pb.PbFieldType.QY)
|
||||
..a<$core.List<$core.int>>(
|
||||
4,
|
||||
const $core.bool.fromEnvironment('protobuf.omit_field_names')
|
||||
? ''
|
||||
: 'ek',
|
||||
$pb.PbFieldType.QY)
|
||||
..aQM<OMEMOAuthenticatedMessage>(
|
||||
5,
|
||||
const $core.bool.fromEnvironment('protobuf.omit_field_names')
|
||||
? ''
|
||||
: 'message',
|
||||
subBuilder: OMEMOAuthenticatedMessage.create);
|
||||
|
||||
OMEMOKeyExchange._() : super();
|
||||
factory OMEMOKeyExchange({
|
||||
@ -192,31 +288,40 @@ class OMEMOKeyExchange extends $pb.GeneratedMessage {
|
||||
}
|
||||
return _result;
|
||||
}
|
||||
factory OMEMOKeyExchange.fromBuffer($core.List<$core.int> i, [$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) => create()..mergeFromBuffer(i, r);
|
||||
factory OMEMOKeyExchange.fromJson($core.String i, [$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) => create()..mergeFromJson(i, r);
|
||||
@$core.Deprecated(
|
||||
'Using this can add significant overhead to your binary. '
|
||||
factory OMEMOKeyExchange.fromBuffer($core.List<$core.int> i,
|
||||
[$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) =>
|
||||
create()..mergeFromBuffer(i, r);
|
||||
factory OMEMOKeyExchange.fromJson($core.String i,
|
||||
[$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) =>
|
||||
create()..mergeFromJson(i, r);
|
||||
@$core.Deprecated('Using this can add significant overhead to your binary. '
|
||||
'Use [GeneratedMessageGenericExtensions.deepCopy] instead. '
|
||||
'Will be removed in next major version')
|
||||
OMEMOKeyExchange clone() => OMEMOKeyExchange()..mergeFromMessage(this);
|
||||
@$core.Deprecated(
|
||||
'Using this can add significant overhead to your binary. '
|
||||
@$core.Deprecated('Using this can add significant overhead to your binary. '
|
||||
'Use [GeneratedMessageGenericExtensions.rebuild] instead. '
|
||||
'Will be removed in next major version')
|
||||
OMEMOKeyExchange copyWith(void Function(OMEMOKeyExchange) updates) => super.copyWith((message) => updates(message as OMEMOKeyExchange)) as OMEMOKeyExchange; // ignore: deprecated_member_use
|
||||
OMEMOKeyExchange copyWith(void Function(OMEMOKeyExchange) updates) =>
|
||||
super.copyWith((message) => updates(message as OMEMOKeyExchange))
|
||||
as OMEMOKeyExchange; // ignore: deprecated_member_use
|
||||
$pb.BuilderInfo get info_ => _i;
|
||||
@$core.pragma('dart2js:noInline')
|
||||
static OMEMOKeyExchange create() => OMEMOKeyExchange._();
|
||||
OMEMOKeyExchange createEmptyInstance() => create();
|
||||
static $pb.PbList<OMEMOKeyExchange> createRepeated() => $pb.PbList<OMEMOKeyExchange>();
|
||||
static $pb.PbList<OMEMOKeyExchange> createRepeated() =>
|
||||
$pb.PbList<OMEMOKeyExchange>();
|
||||
@$core.pragma('dart2js:noInline')
|
||||
static OMEMOKeyExchange getDefault() => _defaultInstance ??= $pb.GeneratedMessage.$_defaultFor<OMEMOKeyExchange>(create);
|
||||
static OMEMOKeyExchange getDefault() => _defaultInstance ??=
|
||||
$pb.GeneratedMessage.$_defaultFor<OMEMOKeyExchange>(create);
|
||||
static OMEMOKeyExchange? _defaultInstance;
|
||||
|
||||
@$pb.TagNumber(1)
|
||||
$core.int get pkId => $_getIZ(0);
|
||||
@$pb.TagNumber(1)
|
||||
set pkId($core.int v) { $_setUnsignedInt32(0, v); }
|
||||
set pkId($core.int v) {
|
||||
$_setUnsignedInt32(0, v);
|
||||
}
|
||||
|
||||
@$pb.TagNumber(1)
|
||||
$core.bool hasPkId() => $_has(0);
|
||||
@$pb.TagNumber(1)
|
||||
@ -225,7 +330,10 @@ class OMEMOKeyExchange extends $pb.GeneratedMessage {
|
||||
@$pb.TagNumber(2)
|
||||
$core.int get spkId => $_getIZ(1);
|
||||
@$pb.TagNumber(2)
|
||||
set spkId($core.int v) { $_setUnsignedInt32(1, v); }
|
||||
set spkId($core.int v) {
|
||||
$_setUnsignedInt32(1, v);
|
||||
}
|
||||
|
||||
@$pb.TagNumber(2)
|
||||
$core.bool hasSpkId() => $_has(1);
|
||||
@$pb.TagNumber(2)
|
||||
@ -234,7 +342,10 @@ class OMEMOKeyExchange extends $pb.GeneratedMessage {
|
||||
@$pb.TagNumber(3)
|
||||
$core.List<$core.int> get ik => $_getN(2);
|
||||
@$pb.TagNumber(3)
|
||||
set ik($core.List<$core.int> v) { $_setBytes(2, v); }
|
||||
set ik($core.List<$core.int> v) {
|
||||
$_setBytes(2, v);
|
||||
}
|
||||
|
||||
@$pb.TagNumber(3)
|
||||
$core.bool hasIk() => $_has(2);
|
||||
@$pb.TagNumber(3)
|
||||
@ -243,7 +354,10 @@ class OMEMOKeyExchange extends $pb.GeneratedMessage {
|
||||
@$pb.TagNumber(4)
|
||||
$core.List<$core.int> get ek => $_getN(3);
|
||||
@$pb.TagNumber(4)
|
||||
set ek($core.List<$core.int> v) { $_setBytes(3, v); }
|
||||
set ek($core.List<$core.int> v) {
|
||||
$_setBytes(3, v);
|
||||
}
|
||||
|
||||
@$pb.TagNumber(4)
|
||||
$core.bool hasEk() => $_has(3);
|
||||
@$pb.TagNumber(4)
|
||||
@ -252,7 +366,10 @@ class OMEMOKeyExchange extends $pb.GeneratedMessage {
|
||||
@$pb.TagNumber(5)
|
||||
OMEMOAuthenticatedMessage get message => $_getN(4);
|
||||
@$pb.TagNumber(5)
|
||||
set message(OMEMOAuthenticatedMessage v) { setField(5, v); }
|
||||
set message(OMEMOAuthenticatedMessage v) {
|
||||
setField(5, v);
|
||||
}
|
||||
|
||||
@$pb.TagNumber(5)
|
||||
$core.bool hasMessage() => $_has(4);
|
||||
@$pb.TagNumber(5)
|
||||
@ -260,4 +377,3 @@ class OMEMOKeyExchange extends $pb.GeneratedMessage {
|
||||
@$pb.TagNumber(5)
|
||||
OMEMOAuthenticatedMessage ensureMessage() => $_ensure(4);
|
||||
}
|
||||
|
||||
|
@ -4,4 +4,3 @@
|
||||
//
|
||||
// @dart = 2.12
|
||||
// ignore_for_file: annotate_overrides,camel_case_types,constant_identifier_names,directives_ordering,library_prefixes,non_constant_identifier_names,prefer_final_fields,return_of_invalid_type,unnecessary_const,unnecessary_import,unnecessary_this,unused_import,unused_shown_name
|
||||
|
||||
|
@ -8,41 +8,53 @@
|
||||
import 'dart:core' as $core;
|
||||
import 'dart:convert' as $convert;
|
||||
import 'dart:typed_data' as $typed_data;
|
||||
|
||||
@$core.Deprecated('Use oMEMOMessageDescriptor instead')
|
||||
const OMEMOMessage$json = const {
|
||||
const OMEMOMessage$json = {
|
||||
'1': 'OMEMOMessage',
|
||||
'2': const [
|
||||
const {'1': 'n', '3': 1, '4': 2, '5': 13, '10': 'n'},
|
||||
const {'1': 'pn', '3': 2, '4': 2, '5': 13, '10': 'pn'},
|
||||
const {'1': 'dh_pub', '3': 3, '4': 2, '5': 12, '10': 'dhPub'},
|
||||
const {'1': 'ciphertext', '3': 4, '4': 1, '5': 12, '10': 'ciphertext'},
|
||||
'2': [
|
||||
{'1': 'n', '3': 1, '4': 2, '5': 13, '10': 'n'},
|
||||
{'1': 'pn', '3': 2, '4': 2, '5': 13, '10': 'pn'},
|
||||
{'1': 'dh_pub', '3': 3, '4': 2, '5': 12, '10': 'dhPub'},
|
||||
{'1': 'ciphertext', '3': 4, '4': 1, '5': 12, '10': 'ciphertext'},
|
||||
],
|
||||
};
|
||||
|
||||
/// Descriptor for `OMEMOMessage`. Decode as a `google.protobuf.DescriptorProto`.
|
||||
final $typed_data.Uint8List oMEMOMessageDescriptor = $convert.base64Decode('CgxPTUVNT01lc3NhZ2USDAoBbhgBIAIoDVIBbhIOCgJwbhgCIAIoDVICcG4SFQoGZGhfcHViGAMgAigMUgVkaFB1YhIeCgpjaXBoZXJ0ZXh0GAQgASgMUgpjaXBoZXJ0ZXh0');
|
||||
final $typed_data.Uint8List oMEMOMessageDescriptor = $convert.base64Decode(
|
||||
'CgxPTUVNT01lc3NhZ2USDAoBbhgBIAIoDVIBbhIOCgJwbhgCIAIoDVICcG4SFQoGZGhfcHViGAMgAigMUgVkaFB1YhIeCgpjaXBoZXJ0ZXh0GAQgASgMUgpjaXBoZXJ0ZXh0');
|
||||
@$core.Deprecated('Use oMEMOAuthenticatedMessageDescriptor instead')
|
||||
const OMEMOAuthenticatedMessage$json = const {
|
||||
const OMEMOAuthenticatedMessage$json = {
|
||||
'1': 'OMEMOAuthenticatedMessage',
|
||||
'2': const [
|
||||
const {'1': 'mac', '3': 1, '4': 2, '5': 12, '10': 'mac'},
|
||||
const {'1': 'message', '3': 2, '4': 2, '5': 12, '10': 'message'},
|
||||
'2': [
|
||||
{'1': 'mac', '3': 1, '4': 2, '5': 12, '10': 'mac'},
|
||||
{'1': 'message', '3': 2, '4': 2, '5': 12, '10': 'message'},
|
||||
],
|
||||
};
|
||||
|
||||
/// Descriptor for `OMEMOAuthenticatedMessage`. Decode as a `google.protobuf.DescriptorProto`.
|
||||
final $typed_data.Uint8List oMEMOAuthenticatedMessageDescriptor = $convert.base64Decode('ChlPTUVNT0F1dGhlbnRpY2F0ZWRNZXNzYWdlEhAKA21hYxgBIAIoDFIDbWFjEhgKB21lc3NhZ2UYAiACKAxSB21lc3NhZ2U=');
|
||||
final $typed_data.Uint8List oMEMOAuthenticatedMessageDescriptor =
|
||||
$convert.base64Decode(
|
||||
'ChlPTUVNT0F1dGhlbnRpY2F0ZWRNZXNzYWdlEhAKA21hYxgBIAIoDFIDbWFjEhgKB21lc3NhZ2UYAiACKAxSB21lc3NhZ2U=');
|
||||
@$core.Deprecated('Use oMEMOKeyExchangeDescriptor instead')
|
||||
const OMEMOKeyExchange$json = const {
|
||||
const OMEMOKeyExchange$json = {
|
||||
'1': 'OMEMOKeyExchange',
|
||||
'2': const [
|
||||
const {'1': 'pk_id', '3': 1, '4': 2, '5': 13, '10': 'pkId'},
|
||||
const {'1': 'spk_id', '3': 2, '4': 2, '5': 13, '10': 'spkId'},
|
||||
const {'1': 'ik', '3': 3, '4': 2, '5': 12, '10': 'ik'},
|
||||
const {'1': 'ek', '3': 4, '4': 2, '5': 12, '10': 'ek'},
|
||||
const {'1': 'message', '3': 5, '4': 2, '5': 11, '6': '.OMEMOAuthenticatedMessage', '10': 'message'},
|
||||
'2': [
|
||||
{'1': 'pk_id', '3': 1, '4': 2, '5': 13, '10': 'pkId'},
|
||||
{'1': 'spk_id', '3': 2, '4': 2, '5': 13, '10': 'spkId'},
|
||||
{'1': 'ik', '3': 3, '4': 2, '5': 12, '10': 'ik'},
|
||||
{'1': 'ek', '3': 4, '4': 2, '5': 12, '10': 'ek'},
|
||||
{
|
||||
'1': 'message',
|
||||
'3': 5,
|
||||
'4': 2,
|
||||
'5': 11,
|
||||
'6': '.OMEMOAuthenticatedMessage',
|
||||
'10': 'message'
|
||||
},
|
||||
],
|
||||
};
|
||||
|
||||
/// Descriptor for `OMEMOKeyExchange`. Decode as a `google.protobuf.DescriptorProto`.
|
||||
final $typed_data.Uint8List oMEMOKeyExchangeDescriptor = $convert.base64Decode('ChBPTUVNT0tleUV4Y2hhbmdlEhMKBXBrX2lkGAEgAigNUgRwa0lkEhUKBnNwa19pZBgCIAIoDVIFc3BrSWQSDgoCaWsYAyACKAxSAmlrEg4KAmVrGAQgAigMUgJlaxI0CgdtZXNzYWdlGAUgAigLMhouT01FTU9BdXRoZW50aWNhdGVkTWVzc2FnZVIHbWVzc2FnZQ==');
|
||||
final $typed_data.Uint8List oMEMOKeyExchangeDescriptor = $convert.base64Decode(
|
||||
'ChBPTUVNT0tleUV4Y2hhbmdlEhMKBXBrX2lkGAEgAigNUgRwa0lkEhUKBnNwa19pZBgCIAIoDVIFc3BrSWQSDgoCaWsYAyACKAxSAmlrEg4KAmVrGAQgAigMUgJlaxI0CgdtZXNzYWdlGAUgAigLMhouT01FTU9BdXRoZW50aWNhdGVkTWVzc2FnZVIHbWVzc2FnZQ==');
|
||||
|
@ -6,4 +6,3 @@
|
||||
// ignore_for_file: annotate_overrides,camel_case_types,constant_identifier_names,deprecated_member_use_from_same_package,directives_ordering,library_prefixes,non_constant_identifier_names,prefer_final_fields,return_of_invalid_type,unnecessary_const,unnecessary_import,unnecessary_this,unused_import,unused_shown_name
|
||||
|
||||
export 'schema.pb.dart';
|
||||
|
||||
|
@ -6,7 +6,11 @@ import 'package:omemo_dart/src/keys.dart';
|
||||
/// it indicates which of [kp] ([identityKey] == 1) or [pk] ([identityKey] == 2)
|
||||
/// is the identity key. This is needed since the identity key pair/public key is
|
||||
/// an Ed25519 key, but we need them as X25519 keys for DH.
|
||||
Future<List<int>> omemoDH(OmemoKeyPair kp, OmemoPublicKey pk, int identityKey) async {
|
||||
Future<List<int>> omemoDH(
|
||||
OmemoKeyPair kp,
|
||||
OmemoPublicKey pk,
|
||||
int identityKey,
|
||||
) async {
|
||||
var ckp = kp;
|
||||
var cpk = pk;
|
||||
|
||||
@ -25,7 +29,6 @@ Future<List<int>> omemoDH(OmemoKeyPair kp, OmemoPublicKey pk, int identityKey) a
|
||||
}
|
||||
|
||||
class HkdfKeyResult {
|
||||
|
||||
const HkdfKeyResult(this.encryptionKey, this.authenticationKey, this.iv);
|
||||
final List<int> encryptionKey;
|
||||
final List<int> authenticationKey;
|
||||
@ -35,7 +38,8 @@ class HkdfKeyResult {
|
||||
/// cryptography _really_ wants to check the MAC output from AES-256-CBC. Since
|
||||
/// we don't have it, we need the MAC check to always "pass".
|
||||
class NoMacSecretBox extends SecretBox {
|
||||
NoMacSecretBox(super.cipherText, { required super.nonce }) : super(mac: Mac.empty);
|
||||
NoMacSecretBox(super.cipherText, {required super.nonce})
|
||||
: super(mac: Mac.empty);
|
||||
|
||||
@override
|
||||
Future<void> checkMac({
|
||||
@ -60,12 +64,20 @@ Future<HkdfKeyResult> deriveEncryptionKeys(List<int> input, String info) async {
|
||||
);
|
||||
final bytes = await result.extractBytes();
|
||||
|
||||
return HkdfKeyResult(bytes.sublist(0, 32), bytes.sublist(32, 64), bytes.sublist(64, 80));
|
||||
return HkdfKeyResult(
|
||||
bytes.sublist(0, 32),
|
||||
bytes.sublist(32, 64),
|
||||
bytes.sublist(64, 80),
|
||||
);
|
||||
}
|
||||
|
||||
/// A small helper function to make AES-256-CBC easier. Encrypt [plaintext] using [key] as
|
||||
/// the encryption key and [iv] as the IV. Returns the ciphertext.
|
||||
Future<List<int>> aes256CbcEncrypt(List<int> plaintext, List<int> key, List<int> iv) async {
|
||||
Future<List<int>> aes256CbcEncrypt(
|
||||
List<int> plaintext,
|
||||
List<int> key,
|
||||
List<int> iv,
|
||||
) async {
|
||||
final algorithm = AesCbc.with256bits(
|
||||
macAlgorithm: MacAlgorithm.empty,
|
||||
);
|
||||
@ -80,7 +92,11 @@ Future<List<int>> aes256CbcEncrypt(List<int> plaintext, List<int> key, List<int>
|
||||
|
||||
/// A small helper function to make AES-256-CBC easier. Decrypt [ciphertext] using [key] as
|
||||
/// the encryption key and [iv] as the IV. Returns the ciphertext.
|
||||
Future<List<int>> aes256CbcDecrypt(List<int> ciphertext, List<int> key, List<int> iv) async {
|
||||
Future<List<int>> aes256CbcDecrypt(
|
||||
List<int> ciphertext,
|
||||
List<int> key,
|
||||
List<int> iv,
|
||||
) async {
|
||||
final algorithm = AesCbc.with256bits(
|
||||
macAlgorithm: MacAlgorithm.empty,
|
||||
);
|
||||
|
@ -10,12 +10,19 @@ const encryptHkdfInfoString = 'OMEMO Message Key Material';
|
||||
/// Signals ENCRYPT function as specified by OMEMO 0.8.3.
|
||||
/// Encrypt [plaintext] using the message key [mk], given associated_data [associatedData]
|
||||
/// and the AD output from the X3DH [sessionAd].
|
||||
Future<List<int>> encrypt(List<int> mk, List<int> plaintext, List<int> associatedData, List<int> sessionAd) async {
|
||||
Future<List<int>> encrypt(
|
||||
List<int> mk,
|
||||
List<int> plaintext,
|
||||
List<int> associatedData,
|
||||
List<int> sessionAd,
|
||||
) async {
|
||||
// Generate encryption, authentication key and IV
|
||||
final keys = await deriveEncryptionKeys(mk, encryptHkdfInfoString);
|
||||
final ciphertext = await aes256CbcEncrypt(plaintext, keys.encryptionKey, keys.iv);
|
||||
final ciphertext =
|
||||
await aes256CbcEncrypt(plaintext, keys.encryptionKey, keys.iv);
|
||||
|
||||
final header = OmemoMessage.fromBuffer(associatedData.sublist(sessionAd.length))
|
||||
final header =
|
||||
OmemoMessage.fromBuffer(associatedData.sublist(sessionAd.length))
|
||||
..ciphertext = ciphertext;
|
||||
final headerBytes = header.writeToBuffer();
|
||||
final hmacInput = concat([sessionAd, headerBytes]);
|
||||
@ -29,7 +36,12 @@ Future<List<int>> encrypt(List<int> mk, List<int> plaintext, List<int> associate
|
||||
/// Signals DECRYPT function as specified by OMEMO 0.8.3.
|
||||
/// Decrypt [ciphertext] with the message key [mk], given the associated_data [associatedData]
|
||||
/// and the AD output from the X3DH.
|
||||
Future<List<int>> decrypt(List<int> mk, List<int> ciphertext, List<int> associatedData, List<int> sessionAd) async {
|
||||
Future<List<int>> decrypt(
|
||||
List<int> mk,
|
||||
List<int> ciphertext,
|
||||
List<int> associatedData,
|
||||
List<int> sessionAd,
|
||||
) async {
|
||||
// Generate encryption, authentication key and IV
|
||||
final keys = await deriveEncryptionKeys(mk, encryptHkdfInfoString);
|
||||
|
||||
|
@ -99,7 +99,8 @@ class OmemoDoubleRatchet {
|
||||
// NOTE: Dart has some issues with just casting a List<dynamic> to List<Map<...>>, as
|
||||
// such we need to convert the items by hand.
|
||||
final mkSkipped = Map<SkippedKey, List<int>>.fromEntries(
|
||||
(data['mkskipped']! as List<dynamic>).map<MapEntry<SkippedKey, List<int>>>(
|
||||
(data['mkskipped']! as List<dynamic>)
|
||||
.map<MapEntry<SkippedKey, List<int>>>(
|
||||
(entry) {
|
||||
final map = entry as Map<String, dynamic>;
|
||||
final key = SkippedKey.fromJson(map);
|
||||
@ -178,7 +179,13 @@ class OmemoDoubleRatchet {
|
||||
/// Create an OMEMO session using the Signed Pre Key [spk], the shared secret [sk] that
|
||||
/// was obtained using a X3DH and the associated data [ad] that was also obtained through
|
||||
/// a X3DH. [ik] refers to Bob's (the receiver's) IK public key.
|
||||
static Future<OmemoDoubleRatchet> initiateNewSession(OmemoPublicKey spk, OmemoPublicKey ik, List<int> sk, List<int> ad, int timestamp) async {
|
||||
static Future<OmemoDoubleRatchet> initiateNewSession(
|
||||
OmemoPublicKey spk,
|
||||
OmemoPublicKey ik,
|
||||
List<int> sk,
|
||||
List<int> ad,
|
||||
int timestamp,
|
||||
) async {
|
||||
final dhs = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
||||
final dhr = spk;
|
||||
final rk = await kdfRk(sk, await omemoDH(dhs, dhr, 0));
|
||||
@ -206,7 +213,13 @@ class OmemoDoubleRatchet {
|
||||
/// Pre Key keypair [spk], the shared secret [sk] that was obtained through a X3DH and
|
||||
/// the associated data [ad] that was also obtained through a X3DH. [ik] refers to
|
||||
/// Alice's (the initiator's) IK public key.
|
||||
static Future<OmemoDoubleRatchet> acceptNewSession(OmemoKeyPair spk, OmemoPublicKey ik, List<int> sk, List<int> ad, int kexTimestamp) async {
|
||||
static Future<OmemoDoubleRatchet> acceptNewSession(
|
||||
OmemoKeyPair spk,
|
||||
OmemoPublicKey ik,
|
||||
List<int> sk,
|
||||
List<int> ad,
|
||||
int kexTimestamp,
|
||||
) async {
|
||||
return OmemoDoubleRatchet(
|
||||
spk,
|
||||
null,
|
||||
@ -226,7 +239,8 @@ class OmemoDoubleRatchet {
|
||||
}
|
||||
|
||||
Future<Map<String, dynamic>> toJson() async {
|
||||
final mkSkippedSerialised = List<Map<String, dynamic>>.empty(growable: true);
|
||||
final mkSkippedSerialised =
|
||||
List<Map<String, dynamic>>.empty(growable: true);
|
||||
for (final entry in mkSkipped.entries) {
|
||||
final result = await entry.key.toJson();
|
||||
result['key'] = base64.encode(entry.value);
|
||||
@ -259,7 +273,10 @@ class OmemoDoubleRatchet {
|
||||
return HEX.encode(await curveKey.getBytes());
|
||||
}
|
||||
|
||||
Future<List<int>?> _trySkippedMessageKeys(OmemoMessage header, List<int> ciphertext) async {
|
||||
Future<List<int>?> _trySkippedMessageKeys(
|
||||
OmemoMessage header,
|
||||
List<int> ciphertext,
|
||||
) async {
|
||||
final key = SkippedKey(
|
||||
OmemoPublicKey.fromBytes(header.dhPub!, KeyPairType.x25519),
|
||||
header.n!,
|
||||
@ -268,7 +285,12 @@ class OmemoDoubleRatchet {
|
||||
final mk = mkSkipped[key]!;
|
||||
mkSkipped.remove(key);
|
||||
|
||||
return decrypt(mk, ciphertext, concat([sessionAd, header.writeToBuffer()]), sessionAd);
|
||||
return decrypt(
|
||||
mk,
|
||||
ciphertext,
|
||||
concat([sessionAd, header.writeToBuffer()]),
|
||||
sessionAd,
|
||||
);
|
||||
}
|
||||
|
||||
return null;
|
||||
@ -320,7 +342,12 @@ class OmemoDoubleRatchet {
|
||||
|
||||
return RatchetStep(
|
||||
header,
|
||||
await encrypt(mk, plaintext, concat([sessionAd, header.writeToBuffer()]), sessionAd),
|
||||
await encrypt(
|
||||
mk,
|
||||
plaintext,
|
||||
concat([sessionAd, header.writeToBuffer()]),
|
||||
sessionAd,
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
@ -328,7 +355,10 @@ class OmemoDoubleRatchet {
|
||||
/// Ratchet. Returns the decrypted (raw) plaintext.
|
||||
///
|
||||
/// Throws an SkippingTooManyMessagesException if too many messages were to be skipped.
|
||||
Future<List<int>> ratchetDecrypt(OmemoMessage header, List<int> ciphertext) async {
|
||||
Future<List<int>> ratchetDecrypt(
|
||||
OmemoMessage header,
|
||||
List<int> ciphertext,
|
||||
) async {
|
||||
// Check if we skipped too many messages
|
||||
final plaintext = await _trySkippedMessageKeys(header, ciphertext);
|
||||
if (plaintext != null) {
|
||||
@ -350,7 +380,12 @@ class OmemoDoubleRatchet {
|
||||
ckr = newCkr;
|
||||
nr++;
|
||||
|
||||
return decrypt(mk, ciphertext, concat([sessionAd, header.writeToBuffer()]), sessionAd);
|
||||
return decrypt(
|
||||
mk,
|
||||
ciphertext,
|
||||
concat([sessionAd, header.writeToBuffer()]),
|
||||
sessionAd,
|
||||
);
|
||||
}
|
||||
|
||||
OmemoDoubleRatchet clone() {
|
||||
@ -358,12 +393,8 @@ class OmemoDoubleRatchet {
|
||||
dhs,
|
||||
dhr,
|
||||
rk,
|
||||
cks != null ?
|
||||
List<int>.from(cks!) :
|
||||
null,
|
||||
ckr != null ?
|
||||
List<int>.from(ckr!) :
|
||||
null,
|
||||
cks != null ? List<int>.from(cks!) : null,
|
||||
ckr != null ? List<int>.from(ckr!) : null,
|
||||
ns,
|
||||
nr,
|
||||
pn,
|
||||
@ -381,12 +412,8 @@ class OmemoDoubleRatchet {
|
||||
dhs,
|
||||
dhr,
|
||||
rk,
|
||||
cks != null ?
|
||||
List<int>.from(cks!) :
|
||||
null,
|
||||
ckr != null ?
|
||||
List<int>.from(ckr!) :
|
||||
null,
|
||||
cks != null ? List<int>.from(cks!) : null,
|
||||
ckr != null ? List<int>.from(ckr!) : null,
|
||||
ns,
|
||||
nr,
|
||||
pn,
|
||||
@ -401,16 +428,17 @@ class OmemoDoubleRatchet {
|
||||
|
||||
@visibleForTesting
|
||||
Future<bool> equals(OmemoDoubleRatchet other) async {
|
||||
final dhrMatch = dhr == null ?
|
||||
other.dhr == null :
|
||||
final dhrMatch = dhr == null
|
||||
? other.dhr == null
|
||||
:
|
||||
// ignore: invalid_use_of_visible_for_testing_member
|
||||
other.dhr != null && await dhr!.equals(other.dhr!);
|
||||
final ckrMatch = ckr == null ?
|
||||
other.ckr == null :
|
||||
other.ckr != null && listsEqual(ckr!, other.ckr!);
|
||||
final cksMatch = cks == null ?
|
||||
other.cks == null :
|
||||
other.cks != null && listsEqual(cks!, other.cks!);
|
||||
final ckrMatch = ckr == null
|
||||
? other.ckr == null
|
||||
: other.ckr != null && listsEqual(ckr!, other.ckr!);
|
||||
final cksMatch = cks == null
|
||||
? other.cks == null
|
||||
: other.cks != null && listsEqual(cks!, other.cks!);
|
||||
|
||||
// ignore: invalid_use_of_visible_for_testing_member
|
||||
final dhsMatch = await dhs.equals(other.dhs);
|
||||
|
@ -2,8 +2,10 @@ abstract class OmemoException {}
|
||||
|
||||
/// Triggered during X3DH if the signature if the SPK does verify to the actual SPK.
|
||||
class InvalidSignatureException extends OmemoException implements Exception {
|
||||
String errMsg() => 'The signature of the SPK does not match the provided signature';
|
||||
String errMsg() =>
|
||||
'The signature of the SPK does not match the provided signature';
|
||||
}
|
||||
|
||||
/// Triggered by the Double Ratchet if the computed HMAC does not match the attached HMAC.
|
||||
/// Triggered by the Session Manager if the computed HMAC does not match the attached HMAC.
|
||||
class InvalidMessageHMACException extends OmemoException implements Exception {
|
||||
@ -12,12 +14,14 @@ class InvalidMessageHMACException extends OmemoException implements Exception {
|
||||
|
||||
/// Triggered by the Double Ratchet if skipping messages would cause skipping more than
|
||||
/// MAXSKIP messages
|
||||
class SkippingTooManyMessagesException extends OmemoException implements Exception {
|
||||
class SkippingTooManyMessagesException extends OmemoException
|
||||
implements Exception {
|
||||
String errMsg() => 'Skipping messages would cause a skip bigger than MAXSKIP';
|
||||
}
|
||||
|
||||
/// Triggered by the Session Manager if the message key is not encrypted for the device.
|
||||
class NotEncryptedForDeviceException extends OmemoException implements Exception {
|
||||
class NotEncryptedForDeviceException extends OmemoException
|
||||
implements Exception {
|
||||
String errMsg() => 'Not encrypted for this device';
|
||||
}
|
||||
|
||||
@ -41,7 +45,8 @@ class InvalidKeyExchangeException extends OmemoException implements Exception {
|
||||
|
||||
/// Triggered by the Session Manager when a message's sequence number is smaller than we
|
||||
/// expect it to be.
|
||||
class MessageAlreadyDecryptedException extends OmemoException implements Exception {
|
||||
class MessageAlreadyDecryptedException extends OmemoException
|
||||
implements Exception {
|
||||
String errMsg() => 'The message has already been decrypted';
|
||||
}
|
||||
|
||||
@ -49,6 +54,8 @@ class MessageAlreadyDecryptedException extends OmemoException implements Excepti
|
||||
/// no key material available. That happens, for example, when we want to create a
|
||||
/// ratchet session with a JID we had no session with but fetching the device bundle
|
||||
/// failed.
|
||||
class NoKeyMaterialAvailableException extends OmemoException implements Exception {
|
||||
String errMsg() => 'No key material available to create a ratchet session with';
|
||||
class NoKeyMaterialAvailableException extends OmemoException
|
||||
implements Exception {
|
||||
String errMsg() =>
|
||||
'No key material available to create a ratchet session with';
|
||||
}
|
||||
|
@ -43,7 +43,11 @@ int generateRandom32BitNumber() {
|
||||
return Random.secure().nextInt(4294967295 /*pow(2, 32) - 1*/);
|
||||
}
|
||||
|
||||
OmemoPublicKey? decodeKeyIfNotNull(Map<String, dynamic> map, String key, KeyPairType type) {
|
||||
OmemoPublicKey? decodeKeyIfNotNull(
|
||||
Map<String, dynamic> map,
|
||||
String key,
|
||||
KeyPairType type,
|
||||
) {
|
||||
if (map[key] == null) return null;
|
||||
|
||||
return OmemoPublicKey.fromBytes(
|
||||
|
@ -31,7 +31,10 @@ class OmemoPublicKey {
|
||||
Future<String> asBase64() async => base64Encode(_pubkey.bytes);
|
||||
|
||||
Future<OmemoPublicKey> toCurve25519() async {
|
||||
assert(type == KeyPairType.ed25519, 'Cannot convert non-Ed25519 public key to X25519');
|
||||
assert(
|
||||
type == KeyPairType.ed25519,
|
||||
'Cannot convert non-Ed25519 public key to X25519',
|
||||
);
|
||||
|
||||
final pkc = Uint8List(publicKeyLength);
|
||||
TweetNaClExt.crypto_sign_ed25519_pk_to_x25519_pk(
|
||||
@ -39,14 +42,17 @@ class OmemoPublicKey {
|
||||
Uint8List.fromList(await getBytes()),
|
||||
);
|
||||
|
||||
return OmemoPublicKey(SimplePublicKey(List<int>.from(pkc), type: KeyPairType.x25519));
|
||||
return OmemoPublicKey(
|
||||
SimplePublicKey(List<int>.from(pkc), type: KeyPairType.x25519),
|
||||
);
|
||||
}
|
||||
|
||||
SimplePublicKey asPublicKey() => _pubkey;
|
||||
|
||||
@visibleForTesting
|
||||
Future<bool> equals(OmemoPublicKey key) async {
|
||||
return type == key.type && listsEqual(
|
||||
return type == key.type &&
|
||||
listsEqual(
|
||||
await getBytes(),
|
||||
await key.getBytes(),
|
||||
);
|
||||
@ -61,7 +67,10 @@ class OmemoPrivateKey {
|
||||
Future<List<int>> getBytes() async => _privkey;
|
||||
|
||||
Future<OmemoPrivateKey> toCurve25519() async {
|
||||
assert(type == KeyPairType.ed25519, 'Cannot convert non-Ed25519 private key to X25519');
|
||||
assert(
|
||||
type == KeyPairType.ed25519,
|
||||
'Cannot convert non-Ed25519 private key to X25519',
|
||||
);
|
||||
|
||||
final skc = Uint8List(privateKeyLength);
|
||||
TweetNaClExt.crypto_sign_ed25519_sk_to_x25519_sk(
|
||||
@ -74,7 +83,8 @@ class OmemoPrivateKey {
|
||||
|
||||
@visibleForTesting
|
||||
Future<bool> equals(OmemoPrivateKey key) async {
|
||||
return type == key.type && listsEqual(
|
||||
return type == key.type &&
|
||||
listsEqual(
|
||||
await getBytes(),
|
||||
await key.getBytes(),
|
||||
);
|
||||
@ -87,7 +97,11 @@ class OmemoKeyPair {
|
||||
|
||||
/// Create an OmemoKeyPair just from a [type] and the bytes of the private and public
|
||||
/// key.
|
||||
factory OmemoKeyPair.fromBytes(List<int> publicKey, List<int> privateKey, KeyPairType type) {
|
||||
factory OmemoKeyPair.fromBytes(
|
||||
List<int> publicKey,
|
||||
List<int> privateKey,
|
||||
KeyPairType type,
|
||||
) {
|
||||
return OmemoKeyPair(
|
||||
OmemoPublicKey.fromBytes(
|
||||
publicKey,
|
||||
@ -104,7 +118,10 @@ class OmemoKeyPair {
|
||||
/// Generate a completely new random OmemoKeyPair of type [type]. [type] must be either
|
||||
/// KeyPairType.ed25519 or KeyPairType.x25519.
|
||||
static Future<OmemoKeyPair> generateNewPair(KeyPairType type) async {
|
||||
assert(type == KeyPairType.ed25519 || type == KeyPairType.x25519, 'Keypair must be either Ed25519 or X25519');
|
||||
assert(
|
||||
type == KeyPairType.ed25519 || type == KeyPairType.x25519,
|
||||
'Keypair must be either Ed25519 or X25519',
|
||||
);
|
||||
|
||||
SimpleKeyPair kp;
|
||||
if (type == KeyPairType.ed25519) {
|
||||
@ -133,7 +150,10 @@ class OmemoKeyPair {
|
||||
|
||||
/// Return the bytes that comprise the public key.
|
||||
Future<OmemoKeyPair> toCurve25519() async {
|
||||
assert(type == KeyPairType.ed25519, 'Cannot convert non-Ed25519 keypair to X25519');
|
||||
assert(
|
||||
type == KeyPairType.ed25519,
|
||||
'Cannot convert non-Ed25519 keypair to X25519',
|
||||
);
|
||||
|
||||
return OmemoKeyPair(
|
||||
await pk.toCurve25519(),
|
||||
|
@ -4,7 +4,6 @@ import 'package:hex/hex.dart';
|
||||
import 'package:omemo_dart/src/keys.dart';
|
||||
|
||||
class OmemoBundle {
|
||||
|
||||
const OmemoBundle(
|
||||
this.jid,
|
||||
this.id,
|
||||
@ -14,17 +13,23 @@ class OmemoBundle {
|
||||
this.ikEncoded,
|
||||
this.opksEncoded,
|
||||
);
|
||||
|
||||
/// The bare Jid the Bundle belongs to
|
||||
final String jid;
|
||||
|
||||
/// The device Id
|
||||
final int id;
|
||||
|
||||
/// The SPK but base64 encoded
|
||||
final String spkEncoded;
|
||||
final int spkId;
|
||||
|
||||
/// The SPK signature but base64 encoded
|
||||
final String spkSignatureEncoded;
|
||||
|
||||
/// The IK but base64 encoded
|
||||
final String ikEncoded;
|
||||
|
||||
/// The mapping of a OPK's id to the base64 encoded data
|
||||
final Map<int, String> opksEncoded;
|
||||
|
||||
|
@ -93,7 +93,10 @@ class OmemoDevice {
|
||||
}
|
||||
|
||||
/// Generate a completely new device, i.e. cryptographic identity.
|
||||
static Future<OmemoDevice> generateNewDevice(String jid, { int opkAmount = 100 }) async {
|
||||
static Future<OmemoDevice> generateNewDevice(
|
||||
String jid, {
|
||||
int opkAmount = 100,
|
||||
}) async {
|
||||
final id = generateRandom32BitNumber();
|
||||
final ik = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519);
|
||||
final spk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
|
||||
@ -119,13 +122,16 @@ class OmemoDevice {
|
||||
|
||||
/// The signed prekey...
|
||||
final OmemoKeyPair spk;
|
||||
|
||||
/// ...its Id, ...
|
||||
final int spkId;
|
||||
|
||||
/// ...and its signature
|
||||
final List<int> spkSignature;
|
||||
|
||||
/// The old Signed Prekey...
|
||||
final OmemoKeyPair? oldSpk;
|
||||
|
||||
/// ...and its Id
|
||||
final int? oldSpkId;
|
||||
|
||||
@ -251,7 +257,9 @@ class OmemoDevice {
|
||||
} else {
|
||||
for (final entry in opks.entries) {
|
||||
// ignore: invalid_use_of_visible_for_testing_member
|
||||
final matches = await other.opks[entry.key]?.equals(entry.value) ?? false;
|
||||
final matches =
|
||||
// ignore: invalid_use_of_visible_for_testing_member
|
||||
await other.opks[entry.key]?.equals(entry.value) ?? false;
|
||||
if (!matches) {
|
||||
opksMatch = false;
|
||||
}
|
||||
@ -263,7 +271,10 @@ class OmemoDevice {
|
||||
// ignore: invalid_use_of_visible_for_testing_member
|
||||
final spkMatch = await spk.equals(other.spk);
|
||||
// ignore: invalid_use_of_visible_for_testing_member
|
||||
final oldSpkMatch = oldSpk != null ? await oldSpk!.equals(other.oldSpk!) : other.oldSpk == null;
|
||||
final oldSpkMatch = oldSpk != null
|
||||
// ignore: invalid_use_of_visible_for_testing_member
|
||||
? await oldSpk!.equals(other.oldSpk!)
|
||||
: other.oldSpk == null;
|
||||
return id == other.id &&
|
||||
ikMatch &&
|
||||
spkMatch &&
|
||||
|
@ -4,7 +4,6 @@ import 'package:meta/meta.dart';
|
||||
/// <keys /> header.
|
||||
@immutable
|
||||
class EncryptedKey {
|
||||
|
||||
const EncryptedKey(this.jid, this.rid, this.value, this.kex);
|
||||
final String jid;
|
||||
final int rid;
|
||||
|
@ -5,7 +5,12 @@ import 'package:omemo_dart/src/omemo/ratchet_map_key.dart';
|
||||
|
||||
@immutable
|
||||
class EncryptionResult {
|
||||
const EncryptionResult(this.ciphertext, this.encryptedKeys, this.deviceEncryptionErrors, this.jidEncryptionErrors);
|
||||
const EncryptionResult(
|
||||
this.ciphertext,
|
||||
this.encryptedKeys,
|
||||
this.deviceEncryptionErrors,
|
||||
this.jidEncryptionErrors,
|
||||
);
|
||||
|
||||
/// The actual message that was encrypted.
|
||||
final List<int>? ciphertext;
|
||||
@ -22,5 +27,7 @@ class EncryptionResult {
|
||||
|
||||
/// True if the encryption was a success. This means that we could encrypt for
|
||||
/// at least one ratchet.
|
||||
bool isSuccess(int numberOfRecipients) => encryptedKeys.isNotEmpty && jidEncryptionErrors.length < numberOfRecipients;
|
||||
bool isSuccess(int numberOfRecipients) =>
|
||||
encryptedKeys.isNotEmpty &&
|
||||
jidEncryptionErrors.length < numberOfRecipients;
|
||||
}
|
||||
|
@ -5,7 +5,13 @@ abstract class OmemoEvent {}
|
||||
|
||||
/// Triggered when a ratchet has been modified
|
||||
class RatchetModifiedEvent extends OmemoEvent {
|
||||
RatchetModifiedEvent(this.jid, this.deviceId, this.ratchet, this.added, this.replaced);
|
||||
RatchetModifiedEvent(
|
||||
this.jid,
|
||||
this.deviceId,
|
||||
this.ratchet,
|
||||
this.added,
|
||||
this.replaced,
|
||||
);
|
||||
final String jid;
|
||||
final int deviceId;
|
||||
final OmemoDoubleRatchet ratchet;
|
||||
|
@ -33,7 +33,10 @@ class _InternalDecryptionResult {
|
||||
this.ratchetCreated,
|
||||
this.ratchetReplaced,
|
||||
this.payload,
|
||||
) : assert(!ratchetCreated || !ratchetReplaced, 'Ratchet must be either replaced or created');
|
||||
) : assert(
|
||||
!ratchetCreated || !ratchetReplaced,
|
||||
'Ratchet must be either replaced or created',
|
||||
);
|
||||
final bool ratchetCreated;
|
||||
final bool ratchetReplaced;
|
||||
final String? payload;
|
||||
@ -55,7 +58,8 @@ class OmemoManager {
|
||||
|
||||
/// Send an empty OMEMO:2 message using the encrypted payload @result to
|
||||
/// @recipientJid.
|
||||
final Future<void> Function(EncryptionResult result, String recipientJid) sendEmptyOmemoMessageImpl;
|
||||
final Future<void> Function(EncryptionResult result, String recipientJid)
|
||||
sendEmptyOmemoMessageImpl;
|
||||
|
||||
/// Fetch the list of device ids associated with @jid. If the device list cannot be
|
||||
/// fetched, return null.
|
||||
@ -69,13 +73,17 @@ class OmemoManager {
|
||||
|
||||
/// Map bare JID to its known devices
|
||||
Map<String, List<int>> _deviceList = {};
|
||||
|
||||
/// Map bare JIDs to whether we already requested the device list once
|
||||
final Map<String, bool> _deviceListRequested = {};
|
||||
|
||||
/// Map bare a ratchet key to its ratchet. Note that this is also locked by
|
||||
/// _ratchetCriticalSectionLock.
|
||||
Map<RatchetMapKey, OmemoDoubleRatchet> _ratchetMap = {};
|
||||
|
||||
/// Map bare JID to whether we already tried to subscribe to the device list node.
|
||||
final Map<String, bool> _subscriptionMap = {};
|
||||
|
||||
/// For preventing a race condition in encryption/decryption
|
||||
final Map<String, Queue<Completer<void>>> _ratchetCriticalSectionQueue = {};
|
||||
final Lock _ratchetCriticalSectionLock = Lock();
|
||||
@ -90,7 +98,8 @@ class OmemoManager {
|
||||
OmemoDevice _device;
|
||||
|
||||
/// The event bus of the session manager
|
||||
final StreamController<OmemoEvent> _eventStreamController = StreamController<OmemoEvent>.broadcast();
|
||||
final StreamController<OmemoEvent> _eventStreamController =
|
||||
StreamController<OmemoEvent>.broadcast();
|
||||
Stream<OmemoEvent> get eventStream => _eventStreamController.stream;
|
||||
|
||||
/// Enter the critical section for performing cryptographic operations on the ratchets
|
||||
@ -124,7 +133,10 @@ class OmemoManager {
|
||||
});
|
||||
}
|
||||
|
||||
Future<String?> _decryptAndVerifyHmac(List<int>? ciphertext, List<int> keyAndHmac) async {
|
||||
Future<String?> _decryptAndVerifyHmac(
|
||||
List<int>? ciphertext,
|
||||
List<int> keyAndHmac,
|
||||
) async {
|
||||
// Empty OMEMO messages should just have the key decrypted and/or session set up.
|
||||
if (ciphertext == null) {
|
||||
return null;
|
||||
@ -133,13 +145,18 @@ class OmemoManager {
|
||||
final key = keyAndHmac.sublist(0, 32);
|
||||
final hmac = keyAndHmac.sublist(32, 48);
|
||||
final derivedKeys = await deriveEncryptionKeys(key, omemoPayloadInfoString);
|
||||
final computedHmac = await truncatedHmac(ciphertext, derivedKeys.authenticationKey);
|
||||
final computedHmac =
|
||||
await truncatedHmac(ciphertext, derivedKeys.authenticationKey);
|
||||
if (!listsEqual(hmac, computedHmac)) {
|
||||
throw InvalidMessageHMACException();
|
||||
}
|
||||
|
||||
return utf8.decode(
|
||||
await aes256CbcDecrypt(ciphertext, derivedKeys.encryptionKey, derivedKeys.iv),
|
||||
await aes256CbcDecrypt(
|
||||
ciphertext,
|
||||
derivedKeys.encryptionKey,
|
||||
derivedKeys.iv,
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
@ -167,13 +184,18 @@ class OmemoManager {
|
||||
_ratchetMap[key] = ratchet;
|
||||
|
||||
// Commit the ratchet
|
||||
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, true, false));
|
||||
_eventStreamController
|
||||
.add(RatchetModifiedEvent(jid, deviceId, ratchet, true, false));
|
||||
}
|
||||
|
||||
/// Build a new session with the user at [jid] with the device [deviceId] using data
|
||||
/// from the key exchange [kex]. In case [kex] contains an unknown Signed Prekey
|
||||
/// identifier an UnknownSignedPrekeyException will be thrown.
|
||||
Future<OmemoDoubleRatchet> _addSessionFromKeyExchange(String jid, int deviceId, OmemoKeyExchange kex) async {
|
||||
Future<OmemoDoubleRatchet> _addSessionFromKeyExchange(
|
||||
String jid,
|
||||
int deviceId,
|
||||
OmemoKeyExchange kex,
|
||||
) async {
|
||||
// Pick the correct SPK
|
||||
final device = await getDevice();
|
||||
OmemoKeyPair spk;
|
||||
@ -203,13 +225,20 @@ class OmemoManager {
|
||||
getTimestamp(),
|
||||
);
|
||||
|
||||
// Notify the trust manager
|
||||
await trustManager.onNewSession(jid, deviceId);
|
||||
|
||||
return ratchet;
|
||||
}
|
||||
|
||||
/// Create a ratchet session initiated by Alice to the user with Jid [jid] and the device
|
||||
/// [deviceId] from the bundle [bundle].
|
||||
@visibleForTesting
|
||||
Future<OmemoKeyExchange> addSessionFromBundle(String jid, int deviceId, OmemoBundle bundle) async {
|
||||
Future<OmemoKeyExchange> addSessionFromBundle(
|
||||
String jid,
|
||||
int deviceId,
|
||||
OmemoBundle bundle,
|
||||
) async {
|
||||
final device = await getDevice();
|
||||
final kexResult = await x3dhFromBundle(
|
||||
bundle,
|
||||
@ -238,7 +267,9 @@ class OmemoManager {
|
||||
/// [mapKey] with [oldRatchet].
|
||||
/// NOTE: Must be called from within the ratchet critical section
|
||||
void _restoreRatchet(RatchetMapKey mapKey, OmemoDoubleRatchet oldRatchet) {
|
||||
_log.finest('Restoring ratchet ${mapKey.jid}:${mapKey.deviceId} to ${oldRatchet.nr}');
|
||||
_log.finest(
|
||||
'Restoring ratchet ${mapKey.jid}:${mapKey.deviceId} to ${oldRatchet.nr}',
|
||||
);
|
||||
_ratchetMap[mapKey] = oldRatchet;
|
||||
|
||||
// Commit the ratchet
|
||||
@ -265,7 +296,13 @@ class OmemoManager {
|
||||
/// element, then [ciphertext] must be set to null. In this case, this function
|
||||
/// will return null as there is no message to be decrypted. This, however, is used
|
||||
/// to set up sessions or advance the ratchets.
|
||||
Future<_InternalDecryptionResult> _decryptMessage(List<int>? ciphertext, String senderJid, int senderDeviceId, List<EncryptedKey> keys, int timestamp) async {
|
||||
Future<_InternalDecryptionResult> _decryptMessage(
|
||||
List<int>? ciphertext,
|
||||
String senderJid,
|
||||
int senderDeviceId,
|
||||
List<EncryptedKey> keys,
|
||||
int timestamp,
|
||||
) async {
|
||||
// Try to find a session we can decrypt with.
|
||||
var device = await getDevice();
|
||||
final rawKey = keys.firstWhereOrNull((key) => key.rid == device.id);
|
||||
@ -289,17 +326,21 @@ class OmemoManager {
|
||||
|
||||
// Guard against old key exchanges
|
||||
if (oldRatchet != null) {
|
||||
_log.finest('KEX for existent ratchet ${ratchetKey.toJsonKey()}. ${oldRatchet.kexTimestamp} > $timestamp: ${oldRatchet.kexTimestamp > timestamp}');
|
||||
_log.finest(
|
||||
'KEX for existent ratchet ${ratchetKey.toJsonKey()}. ${oldRatchet.kexTimestamp} > $timestamp: ${oldRatchet.kexTimestamp > timestamp}',
|
||||
);
|
||||
if (oldRatchet.kexTimestamp > timestamp) {
|
||||
throw InvalidKeyExchangeException();
|
||||
}
|
||||
}
|
||||
|
||||
final r = await _addSessionFromKeyExchange(senderJid, senderDeviceId, kex);
|
||||
final r =
|
||||
await _addSessionFromKeyExchange(senderJid, senderDeviceId, kex);
|
||||
|
||||
// Try to decrypt with the new ratchet r
|
||||
try {
|
||||
keyAndHmac = await r.ratchetDecrypt(message, authMessage.writeToBuffer());
|
||||
keyAndHmac =
|
||||
await r.ratchetDecrypt(message, authMessage.writeToBuffer());
|
||||
final result = await _decryptAndVerifyHmac(ciphertext, keyAndHmac);
|
||||
|
||||
// Add the new ratchet
|
||||
@ -349,7 +390,8 @@ class OmemoManager {
|
||||
|
||||
try {
|
||||
if (rawKey.kex) {
|
||||
keyAndHmac = await ratchet.ratchetDecrypt(message, authMessage.writeToBuffer());
|
||||
keyAndHmac =
|
||||
await ratchet.ratchetDecrypt(message, authMessage.writeToBuffer());
|
||||
} else {
|
||||
keyAndHmac = await ratchet.ratchetDecrypt(message, decodedRawKey);
|
||||
}
|
||||
@ -390,14 +432,14 @@ class OmemoManager {
|
||||
Future<List<OmemoBundle>> _fetchNewBundles(String jid) async {
|
||||
// Check if we already requested the device list for [jid]
|
||||
List<int> bundlesToFetch;
|
||||
if (!_deviceListRequested.containsKey(jid) || !_deviceList.containsKey(jid)) {
|
||||
if (!_deviceListRequested.containsKey(jid) ||
|
||||
!_deviceList.containsKey(jid)) {
|
||||
// We don't have an up-to-date version of the device list
|
||||
final newDeviceList = await fetchDeviceListImpl(jid);
|
||||
if (newDeviceList == null) return [];
|
||||
|
||||
_deviceList[jid] = newDeviceList;
|
||||
bundlesToFetch = newDeviceList
|
||||
.where((id) {
|
||||
bundlesToFetch = newDeviceList.where((id) {
|
||||
return !_ratchetMap.containsKey(RatchetMapKey(jid, id)) ||
|
||||
_deviceList[jid]?.contains(id) == false;
|
||||
}).toList();
|
||||
@ -434,7 +476,10 @@ class OmemoManager {
|
||||
/// does not contain a <payload /> element. This means that the ciphertext attribute of
|
||||
/// the result will be null as well.
|
||||
/// NOTE: Must be called within the ratchet critical section
|
||||
Future<EncryptionResult> _encryptToJids(List<String> jids, String? plaintext) async {
|
||||
Future<EncryptionResult> _encryptToJids(
|
||||
List<String> jids,
|
||||
String? plaintext,
|
||||
) async {
|
||||
final encryptedKeys = List<EncryptedKey>.empty(growable: true);
|
||||
|
||||
var ciphertext = const <int>[];
|
||||
@ -495,11 +540,13 @@ class OmemoManager {
|
||||
var ratchet = _ratchetMap[ratchetKey];
|
||||
if (ratchet == null) {
|
||||
_log.severe('Ratchet ${ratchetKey.toJsonKey()} does not exist.');
|
||||
deviceEncryptionErrors[ratchetKey] = NoKeyMaterialAvailableException();
|
||||
deviceEncryptionErrors[ratchetKey] =
|
||||
NoKeyMaterialAvailableException();
|
||||
continue;
|
||||
}
|
||||
|
||||
final ciphertext = (await ratchet.ratchetEncrypt(keyPayload)).ciphertext;
|
||||
final ciphertext =
|
||||
(await ratchet.ratchetEncrypt(keyPayload)).ciphertext;
|
||||
|
||||
if (kex.containsKey(ratchetKey)) {
|
||||
// The ratchet did not exist
|
||||
@ -520,7 +567,8 @@ class OmemoManager {
|
||||
} else if (!ratchet.acknowledged) {
|
||||
// The ratchet exists but is not acked
|
||||
if (ratchet.kex != null) {
|
||||
final oldKex = OmemoKeyExchange.fromBuffer(base64.decode(ratchet.kex!))
|
||||
final oldKex =
|
||||
OmemoKeyExchange.fromBuffer(base64.decode(ratchet.kex!))
|
||||
..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext);
|
||||
|
||||
encryptedKeys.add(
|
||||
@ -533,7 +581,9 @@ class OmemoManager {
|
||||
);
|
||||
} else {
|
||||
// The ratchet is not acked but we don't have the old key exchange
|
||||
_log.warning('Ratchet for $jid:$deviceId is not acked but the kex attribute is null');
|
||||
_log.warning(
|
||||
'Ratchet for $jid:$deviceId is not acked but the kex attribute is null',
|
||||
);
|
||||
encryptedKeys.add(
|
||||
EncryptedKey(
|
||||
jid,
|
||||
@ -556,13 +606,13 @@ class OmemoManager {
|
||||
}
|
||||
|
||||
// Commit the ratchet
|
||||
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false, false));
|
||||
_eventStreamController
|
||||
.add(RatchetModifiedEvent(jid, deviceId, ratchet, false, false));
|
||||
}
|
||||
}
|
||||
|
||||
return EncryptionResult(
|
||||
plaintext != null ?
|
||||
ciphertext : null,
|
||||
plaintext != null ? ciphertext : null,
|
||||
encryptedKeys,
|
||||
deviceEncryptionErrors,
|
||||
jidEncryptionErrors,
|
||||
@ -579,13 +629,12 @@ class OmemoManager {
|
||||
_subscriptionMap[stanza.bareSenderJid] = true;
|
||||
}
|
||||
|
||||
final ratchetKey = RatchetMapKey(stanza.bareSenderJid, stanza.senderDeviceId);
|
||||
final ratchetKey =
|
||||
RatchetMapKey(stanza.bareSenderJid, stanza.senderDeviceId);
|
||||
final _InternalDecryptionResult result;
|
||||
try {
|
||||
result = await _decryptMessage(
|
||||
stanza.payload != null ?
|
||||
base64.decode(stanza.payload!) :
|
||||
null,
|
||||
stanza.payload != null ? base64.decode(stanza.payload!) : null,
|
||||
stanza.bareSenderJid,
|
||||
stanza.senderDeviceId,
|
||||
stanza.keys,
|
||||
@ -601,7 +650,10 @@ class OmemoManager {
|
||||
|
||||
// Check if the ratchet is acked
|
||||
final ratchet = getRatchet(ratchetKey);
|
||||
assert(ratchet != null, 'We decrypted the message, so the ratchet must exist');
|
||||
assert(
|
||||
ratchet != null,
|
||||
'We decrypted the message, so the ratchet must exist',
|
||||
);
|
||||
|
||||
if (ratchet!.acknowledged) {
|
||||
// Ratchet is acknowledged
|
||||
@ -673,18 +725,24 @@ class OmemoManager {
|
||||
}
|
||||
|
||||
/// Mark the ratchet for device [deviceId] from [jid] as acked.
|
||||
Future<void> ratchetAcknowledged(String jid, int deviceId, { bool enterCriticalSection = true }) async {
|
||||
Future<void> ratchetAcknowledged(
|
||||
String jid,
|
||||
int deviceId, {
|
||||
bool enterCriticalSection = true,
|
||||
}) async {
|
||||
if (enterCriticalSection) await _enterRatchetCriticalSection(jid);
|
||||
|
||||
final key = RatchetMapKey(jid, deviceId);
|
||||
if (_ratchetMap.containsKey(key)) {
|
||||
final ratchet = _ratchetMap[key]!
|
||||
..acknowledged = true;
|
||||
final ratchet = _ratchetMap[key]!..acknowledged = true;
|
||||
|
||||
// Commit it
|
||||
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false, false));
|
||||
_eventStreamController
|
||||
.add(RatchetModifiedEvent(jid, deviceId, ratchet, false, false));
|
||||
} else {
|
||||
_log.severe('Attempted to acknowledge ratchet ${key.toJsonKey()}, even though it does not exist');
|
||||
_log.severe(
|
||||
'Attempted to acknowledge ratchet ${key.toJsonKey()}, even though it does not exist',
|
||||
);
|
||||
}
|
||||
|
||||
if (enterCriticalSection) await _leaveRatchetCriticalSection(jid);
|
||||
@ -711,7 +769,8 @@ class OmemoManager {
|
||||
Future<OmemoBundle> getDeviceBundle() async => (await getDevice()).toBundle();
|
||||
|
||||
/// Directly aquire the current device's fingerprint.
|
||||
Future<String> getDeviceFingerprint() async => (await getDevice()).getFingerprint();
|
||||
Future<String> getDeviceFingerprint() async =>
|
||||
(await getDevice()).getFingerprint();
|
||||
|
||||
/// Returns the fingerprints for all devices of [jid] that we have a session with.
|
||||
/// If there are not sessions with [jid], then returns null.
|
||||
@ -754,7 +813,10 @@ class OmemoManager {
|
||||
_eventStreamController.add(DeviceListModifiedEvent(_deviceList));
|
||||
}
|
||||
|
||||
void initialize(Map<RatchetMapKey, OmemoDoubleRatchet> ratchetMap, Map<String, List<int>> deviceList) {
|
||||
void initialize(
|
||||
Map<RatchetMapKey, OmemoDoubleRatchet> ratchetMap,
|
||||
Map<String, List<int>> deviceList,
|
||||
) {
|
||||
_deviceList = deviceList;
|
||||
_ratchetMap = ratchetMap;
|
||||
}
|
||||
|
@ -23,7 +23,9 @@ class RatchetMapKey {
|
||||
|
||||
@override
|
||||
bool operator ==(Object other) {
|
||||
return other is RatchetMapKey && jid == other.jid && deviceId == other.deviceId;
|
||||
return other is RatchetMapKey &&
|
||||
jid == other.jid &&
|
||||
deviceId == other.deviceId;
|
||||
}
|
||||
|
||||
@override
|
||||
|
@ -1,679 +0,0 @@
|
||||
import 'dart:async';
|
||||
import 'dart:convert';
|
||||
import 'package:collection/collection.dart';
|
||||
import 'package:cryptography/cryptography.dart';
|
||||
import 'package:hex/hex.dart';
|
||||
import 'package:logging/logging.dart';
|
||||
import 'package:meta/meta.dart';
|
||||
import 'package:omemo_dart/src/crypto.dart';
|
||||
import 'package:omemo_dart/src/double_ratchet/double_ratchet.dart';
|
||||
import 'package:omemo_dart/src/errors.dart';
|
||||
import 'package:omemo_dart/src/helpers.dart';
|
||||
import 'package:omemo_dart/src/keys.dart';
|
||||
import 'package:omemo_dart/src/omemo/bundle.dart';
|
||||
import 'package:omemo_dart/src/omemo/constants.dart';
|
||||
import 'package:omemo_dart/src/omemo/device.dart';
|
||||
import 'package:omemo_dart/src/omemo/encrypted_key.dart';
|
||||
import 'package:omemo_dart/src/omemo/encryption_result.dart';
|
||||
import 'package:omemo_dart/src/omemo/events.dart';
|
||||
import 'package:omemo_dart/src/omemo/fingerprint.dart';
|
||||
import 'package:omemo_dart/src/omemo/ratchet_map_key.dart';
|
||||
import 'package:omemo_dart/src/protobuf/omemo_authenticated_message.dart';
|
||||
import 'package:omemo_dart/src/protobuf/omemo_key_exchange.dart';
|
||||
import 'package:omemo_dart/src/protobuf/omemo_message.dart';
|
||||
import 'package:omemo_dart/src/trust/base.dart';
|
||||
import 'package:omemo_dart/src/x3dh/x3dh.dart';
|
||||
import 'package:synchronized/synchronized.dart';
|
||||
|
||||
@Deprecated('Use OmemoManager instead')
|
||||
class OmemoSessionManager {
|
||||
@Deprecated('Use OmemoManager instead')
|
||||
OmemoSessionManager(this._device, this._deviceMap, this._ratchetMap, this._trustManager)
|
||||
: _lock = Lock(),
|
||||
_deviceLock = Lock(),
|
||||
_eventStreamController = StreamController<OmemoEvent>.broadcast(),
|
||||
_log = Logger('OmemoSessionManager');
|
||||
|
||||
/// Deserialise the OmemoSessionManager from JSON data [data] that does not contain
|
||||
/// the ratchet sessions.
|
||||
@Deprecated('Use OmemoManager instead')
|
||||
factory OmemoSessionManager.fromJsonWithoutSessions(
|
||||
Map<String, dynamic> data,
|
||||
Map<RatchetMapKey, OmemoDoubleRatchet> ratchetMap,
|
||||
TrustManager trustManager,
|
||||
) {
|
||||
// NOTE: Dart has some issues with just casting a List<dynamic> to List<Map<...>>, as
|
||||
// such we need to convert the items by hand.
|
||||
return OmemoSessionManager(
|
||||
OmemoDevice.fromJson(data['device']! as Map<String, dynamic>),
|
||||
(data['devices']! as Map<String, dynamic>).map<String, List<int>>(
|
||||
(key, value) {
|
||||
return MapEntry(
|
||||
key,
|
||||
(value as List<dynamic>).map<int>((i) => i as int).toList(),
|
||||
);
|
||||
}
|
||||
),
|
||||
ratchetMap,
|
||||
trustManager,
|
||||
);
|
||||
}
|
||||
|
||||
/// Generate a new cryptographic identity.
|
||||
static Future<OmemoSessionManager> generateNewIdentity(String jid, TrustManager trustManager, { int opkAmount = 100 }) async {
|
||||
assert(opkAmount > 0, 'opkAmount must be bigger than 0.');
|
||||
final device = await OmemoDevice.generateNewDevice(jid, opkAmount: opkAmount);
|
||||
|
||||
return OmemoSessionManager(device, {}, {}, trustManager);
|
||||
}
|
||||
|
||||
/// Logging
|
||||
Logger _log;
|
||||
|
||||
/// Lock for _ratchetMap and _bundleMap
|
||||
final Lock _lock;
|
||||
|
||||
/// Mapping of the Device Id to its OMEMO session
|
||||
final Map<RatchetMapKey, OmemoDoubleRatchet> _ratchetMap;
|
||||
|
||||
/// Mapping of a bare Jid to its Device Ids
|
||||
final Map<String, List<int>> _deviceMap;
|
||||
|
||||
/// The event bus of the session manager
|
||||
final StreamController<OmemoEvent> _eventStreamController;
|
||||
|
||||
/// Our own keys...
|
||||
// ignore: prefer_final_fields
|
||||
OmemoDevice _device;
|
||||
/// and its lock
|
||||
final Lock _deviceLock;
|
||||
|
||||
/// The trust manager
|
||||
final TrustManager _trustManager;
|
||||
TrustManager get trustManager => _trustManager;
|
||||
|
||||
/// A stream that receives events regarding the session
|
||||
Stream<OmemoEvent> get eventStream => _eventStreamController.stream;
|
||||
|
||||
/// Returns our own device.
|
||||
Future<OmemoDevice> getDevice() async {
|
||||
return _deviceLock.synchronized(() => _device);
|
||||
}
|
||||
|
||||
/// Returns the id attribute of our own device. This is just a short-hand for
|
||||
/// ```await (session.getDevice()).id```.
|
||||
Future<int> getDeviceId() async {
|
||||
return _deviceLock.synchronized(() => _device.id);
|
||||
}
|
||||
|
||||
/// Returns the device as an OmemoBundle. This is just a short-hand for
|
||||
/// ```await (await session.getDevice()).toBundle()```.
|
||||
Future<OmemoBundle> getDeviceBundle() async {
|
||||
return _deviceLock.synchronized(() async => _device.toBundle());
|
||||
}
|
||||
|
||||
/// Add a session [ratchet] with the [deviceId] to the internal tracking state.
|
||||
Future<void> _addSession(String jid, int deviceId, OmemoDoubleRatchet ratchet) async {
|
||||
await _lock.synchronized(() async {
|
||||
// Add the bundle Id
|
||||
if (!_deviceMap.containsKey(jid)) {
|
||||
_deviceMap[jid] = [deviceId];
|
||||
|
||||
// Commit the device map
|
||||
_eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
|
||||
} else {
|
||||
// Prevent having the same device multiple times in the list
|
||||
if (!_deviceMap[jid]!.contains(deviceId)) {
|
||||
_deviceMap[jid]!.add(deviceId);
|
||||
|
||||
// Commit the device map
|
||||
_eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
|
||||
}
|
||||
}
|
||||
|
||||
// Add the ratchet session
|
||||
final key = RatchetMapKey(jid, deviceId);
|
||||
_ratchetMap[key] = ratchet;
|
||||
|
||||
// Commit the ratchet
|
||||
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, true, false));
|
||||
});
|
||||
}
|
||||
|
||||
/// Create a ratchet session initiated by Alice to the user with Jid [jid] and the device
|
||||
/// [deviceId] from the bundle [bundle].
|
||||
@visibleForTesting
|
||||
Future<OmemoKeyExchange> addSessionFromBundle(String jid, int deviceId, OmemoBundle bundle) async {
|
||||
final device = await getDevice();
|
||||
final kexResult = await x3dhFromBundle(
|
||||
bundle,
|
||||
device.ik,
|
||||
);
|
||||
final ratchet = await OmemoDoubleRatchet.initiateNewSession(
|
||||
bundle.spk,
|
||||
bundle.ik,
|
||||
kexResult.sk,
|
||||
kexResult.ad,
|
||||
getTimestamp(),
|
||||
);
|
||||
|
||||
await _trustManager.onNewSession(jid, deviceId);
|
||||
await _addSession(jid, deviceId, ratchet);
|
||||
|
||||
return OmemoKeyExchange()
|
||||
..pkId = kexResult.opkId
|
||||
..spkId = bundle.spkId
|
||||
..ik = await device.ik.pk.getBytes()
|
||||
..ek = await kexResult.ek.pk.getBytes();
|
||||
}
|
||||
|
||||
/// Build a new session with the user at [jid] with the device [deviceId] using data
|
||||
/// from the key exchange [kex]. In case [kex] contains an unknown Signed Prekey
|
||||
/// identifier an UnknownSignedPrekeyException will be thrown.
|
||||
Future<OmemoDoubleRatchet> _addSessionFromKeyExchange(String jid, int deviceId, OmemoKeyExchange kex) async {
|
||||
// Pick the correct SPK
|
||||
final device = await getDevice();
|
||||
final spk = await _lock.synchronized(() async {
|
||||
if (kex.spkId == _device.spkId) {
|
||||
return _device.spk;
|
||||
} else if (kex.spkId == _device.oldSpkId) {
|
||||
return _device.oldSpk;
|
||||
}
|
||||
|
||||
return null;
|
||||
});
|
||||
if (spk == null) {
|
||||
throw UnknownSignedPrekeyException();
|
||||
}
|
||||
|
||||
final kexResult = await x3dhFromInitialMessage(
|
||||
X3DHMessage(
|
||||
OmemoPublicKey.fromBytes(kex.ik!, KeyPairType.ed25519),
|
||||
OmemoPublicKey.fromBytes(kex.ek!, KeyPairType.x25519),
|
||||
kex.pkId!,
|
||||
),
|
||||
spk,
|
||||
device.opks.values.elementAt(kex.pkId!),
|
||||
device.ik,
|
||||
);
|
||||
final ratchet = await OmemoDoubleRatchet.acceptNewSession(
|
||||
spk,
|
||||
OmemoPublicKey.fromBytes(kex.ik!, KeyPairType.ed25519),
|
||||
kexResult.sk,
|
||||
kexResult.ad,
|
||||
getTimestamp(),
|
||||
);
|
||||
|
||||
return ratchet;
|
||||
}
|
||||
|
||||
/// Like [encryptToJids] but only for one Jid [jid].
|
||||
Future<EncryptionResult> encryptToJid(String jid, String? plaintext, { List<OmemoBundle>? newSessions }) {
|
||||
return encryptToJids([jid], plaintext, newSessions: newSessions);
|
||||
}
|
||||
|
||||
/// Encrypt the key [plaintext] for all known bundles of the Jids in [jids]. Returns a
|
||||
/// map that maps the device Id to the ciphertext of [plaintext].
|
||||
///
|
||||
/// If [plaintext] is null, then the result will be an empty OMEMO message, i.e. one that
|
||||
/// does not contain a <payload /> element. This means that the ciphertext attribute of
|
||||
/// the result will be null as well.
|
||||
Future<EncryptionResult> encryptToJids(List<String> jids, String? plaintext, { List<OmemoBundle>? newSessions }) async {
|
||||
final encryptedKeys = List<EncryptedKey>.empty(growable: true);
|
||||
|
||||
var ciphertext = const <int>[];
|
||||
var keyPayload = const <int>[];
|
||||
if (plaintext != null) {
|
||||
// Generate the key and encrypt the plaintext
|
||||
final key = generateRandomBytes(32);
|
||||
final keys = await deriveEncryptionKeys(key, omemoPayloadInfoString);
|
||||
ciphertext = await aes256CbcEncrypt(
|
||||
utf8.encode(plaintext),
|
||||
keys.encryptionKey,
|
||||
keys.iv,
|
||||
);
|
||||
final hmac = await truncatedHmac(ciphertext, keys.authenticationKey);
|
||||
keyPayload = concat([key, hmac]);
|
||||
} else {
|
||||
keyPayload = List<int>.filled(32, 0x0);
|
||||
}
|
||||
|
||||
final kex = <int, OmemoKeyExchange>{};
|
||||
if (newSessions != null) {
|
||||
for (final newSession in newSessions) {
|
||||
kex[newSession.id] = await addSessionFromBundle(
|
||||
newSession.jid,
|
||||
newSession.id,
|
||||
newSession,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
await _lock.synchronized(() async {
|
||||
// We assume that the user already checked if the session exists
|
||||
for (final jid in jids) {
|
||||
for (final deviceId in _deviceMap[jid]!) {
|
||||
// Empty OMEMO messages are allowed to bypass trust
|
||||
if (plaintext != null) {
|
||||
// Only encrypt to devices that are trusted
|
||||
if (!(await _trustManager.isTrusted(jid, deviceId))) continue;
|
||||
|
||||
// Onyl encrypt to devices that are enabled
|
||||
if (!(await _trustManager.isEnabled(jid, deviceId))) continue;
|
||||
}
|
||||
|
||||
final ratchetKey = RatchetMapKey(jid, deviceId);
|
||||
var ratchet = _ratchetMap[ratchetKey]!;
|
||||
final ciphertext = (await ratchet.ratchetEncrypt(keyPayload)).ciphertext;
|
||||
|
||||
if (kex.isNotEmpty && kex.containsKey(deviceId)) {
|
||||
// The ratchet did not exist
|
||||
final k = kex[deviceId]!
|
||||
..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext);
|
||||
final buffer = base64.encode(k.writeToBuffer());
|
||||
encryptedKeys.add(
|
||||
EncryptedKey(
|
||||
jid,
|
||||
deviceId,
|
||||
buffer,
|
||||
true,
|
||||
),
|
||||
);
|
||||
|
||||
ratchet = ratchet.cloneWithKex(buffer);
|
||||
_ratchetMap[ratchetKey] = ratchet;
|
||||
} else if (!ratchet.acknowledged) {
|
||||
// The ratchet exists but is not acked
|
||||
if (ratchet.kex != null) {
|
||||
final oldKex = OmemoKeyExchange.fromBuffer(base64.decode(ratchet.kex!))
|
||||
..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext);
|
||||
|
||||
encryptedKeys.add(
|
||||
EncryptedKey(
|
||||
jid,
|
||||
deviceId,
|
||||
base64.encode(oldKex.writeToBuffer()),
|
||||
true,
|
||||
),
|
||||
);
|
||||
} else {
|
||||
// The ratchet is not acked but we don't have the old key exchange
|
||||
_log.warning('Ratchet for $jid:$deviceId is not acked but the kex attribute is null');
|
||||
encryptedKeys.add(
|
||||
EncryptedKey(
|
||||
jid,
|
||||
deviceId,
|
||||
base64.encode(ciphertext),
|
||||
false,
|
||||
),
|
||||
);
|
||||
}
|
||||
} else {
|
||||
// The ratchet exists and is acked
|
||||
encryptedKeys.add(
|
||||
EncryptedKey(
|
||||
jid,
|
||||
deviceId,
|
||||
base64.encode(ciphertext),
|
||||
false,
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
// Commit the ratchet
|
||||
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false, false));
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
return EncryptionResult(
|
||||
plaintext != null ? ciphertext : null,
|
||||
encryptedKeys,
|
||||
const <RatchetMapKey, OmemoException>{},
|
||||
const <String, OmemoException>{},
|
||||
);
|
||||
}
|
||||
|
||||
/// In case a decryption error occurs, the Double Ratchet spec says to just restore
|
||||
/// the ratchet to its old state. As such, this function restores the ratchet at
|
||||
/// [mapKey] with [oldRatchet].
|
||||
Future<void> _restoreRatchet(RatchetMapKey mapKey, OmemoDoubleRatchet oldRatchet) async {
|
||||
await _lock.synchronized(() {
|
||||
_log.finest('Restoring ratchet ${mapKey.jid}:${mapKey.deviceId} to ${oldRatchet.nr}');
|
||||
_ratchetMap[mapKey] = oldRatchet;
|
||||
|
||||
// Commit the ratchet
|
||||
_eventStreamController.add(
|
||||
RatchetModifiedEvent(
|
||||
mapKey.jid,
|
||||
mapKey.deviceId,
|
||||
oldRatchet,
|
||||
false,
|
||||
false,
|
||||
),
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
Future<String?> _decryptAndVerifyHmac(List<int>? ciphertext, List<int> keyAndHmac) async {
|
||||
// Empty OMEMO messages should just have the key decrypted and/or session set up.
|
||||
if (ciphertext == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
final key = keyAndHmac.sublist(0, 32);
|
||||
final hmac = keyAndHmac.sublist(32, 48);
|
||||
final derivedKeys = await deriveEncryptionKeys(key, omemoPayloadInfoString);
|
||||
final computedHmac = await truncatedHmac(ciphertext, derivedKeys.authenticationKey);
|
||||
if (!listsEqual(hmac, computedHmac)) {
|
||||
throw InvalidMessageHMACException();
|
||||
}
|
||||
|
||||
return utf8.decode(
|
||||
await aes256CbcDecrypt(ciphertext, derivedKeys.encryptionKey, derivedKeys.iv),
|
||||
);
|
||||
}
|
||||
|
||||
/// Attempt to decrypt [ciphertext]. [keys] refers to the <key /> elements inside the
|
||||
/// <keys /> element with a "jid" attribute matching our own. [senderJid] refers to the
|
||||
/// bare Jid of the sender. [senderDeviceId] refers to the "sid" attribute of the
|
||||
/// <encrypted /> element.
|
||||
/// [timestamp] refers to the time the message was sent. This might be either what the
|
||||
/// server tells you via "XEP-0203: Delayed Delivery" or the point in time at which
|
||||
/// you received the stanza, if no Delayed Delivery element was found.
|
||||
///
|
||||
/// If the received message is an empty OMEMO message, i.e. there is no <payload />
|
||||
/// element, then [ciphertext] must be set to null. In this case, this function
|
||||
/// will return null as there is no message to be decrypted. This, however, is used
|
||||
/// to set up sessions or advance the ratchets.
|
||||
Future<String?> decryptMessage(List<int>? ciphertext, String senderJid, int senderDeviceId, List<EncryptedKey> keys, int timestamp) async {
|
||||
// Try to find a session we can decrypt with.
|
||||
var device = await getDevice();
|
||||
final rawKey = keys.firstWhereOrNull((key) => key.rid == device.id);
|
||||
if (rawKey == null) {
|
||||
throw NotEncryptedForDeviceException();
|
||||
}
|
||||
|
||||
final ratchetKey = RatchetMapKey(senderJid, senderDeviceId);
|
||||
final decodedRawKey = base64.decode(rawKey.value);
|
||||
List<int>? keyAndHmac;
|
||||
OmemoAuthenticatedMessage authMessage;
|
||||
OmemoDoubleRatchet? oldRatchet;
|
||||
OmemoMessage? message;
|
||||
if (rawKey.kex) {
|
||||
// If the ratchet already existed, we store it. If it didn't, oldRatchet will stay
|
||||
// null.
|
||||
final oldRatchet = (await _getRatchet(ratchetKey))?.clone();
|
||||
final kex = OmemoKeyExchange.fromBuffer(decodedRawKey);
|
||||
authMessage = kex.message!;
|
||||
message = OmemoMessage.fromBuffer(authMessage.message!);
|
||||
|
||||
// Guard against old key exchanges
|
||||
if (oldRatchet != null) {
|
||||
_log.finest('KEX for existent ratchet. ${oldRatchet.pn}');
|
||||
if (oldRatchet.kexTimestamp > timestamp) {
|
||||
throw InvalidKeyExchangeException();
|
||||
}
|
||||
|
||||
// Try to decrypt it
|
||||
try {
|
||||
final decrypted = await oldRatchet.ratchetDecrypt(message, authMessage.writeToBuffer());
|
||||
|
||||
// Commit the ratchet
|
||||
_eventStreamController.add(
|
||||
RatchetModifiedEvent(
|
||||
senderJid,
|
||||
senderDeviceId,
|
||||
oldRatchet,
|
||||
false,
|
||||
false,
|
||||
),
|
||||
);
|
||||
|
||||
final plaintext = await _decryptAndVerifyHmac(
|
||||
ciphertext,
|
||||
decrypted,
|
||||
);
|
||||
await _addSession(senderJid, senderDeviceId, oldRatchet);
|
||||
return plaintext;
|
||||
} catch (_) {
|
||||
_log.finest('Failed to use old ratchet with KEX for existing ratchet');
|
||||
}
|
||||
}
|
||||
|
||||
final r = await _addSessionFromKeyExchange(senderJid, senderDeviceId, kex);
|
||||
await _trustManager.onNewSession(senderJid, senderDeviceId);
|
||||
await _addSession(senderJid, senderDeviceId, r);
|
||||
|
||||
// Replace the OPK
|
||||
// TODO(PapaTutuWawa): Replace the OPK when we know that the KEX worked
|
||||
await _deviceLock.synchronized(() async {
|
||||
device = await device.replaceOnetimePrekey(kex.pkId!);
|
||||
|
||||
// Commit the device
|
||||
_eventStreamController.add(DeviceModifiedEvent(device));
|
||||
});
|
||||
} else {
|
||||
authMessage = OmemoAuthenticatedMessage.fromBuffer(decodedRawKey);
|
||||
message = OmemoMessage.fromBuffer(authMessage.message!);
|
||||
}
|
||||
|
||||
final devices = _deviceMap[senderJid];
|
||||
if (devices == null) {
|
||||
throw NoDecryptionKeyException();
|
||||
}
|
||||
if (!devices.contains(senderDeviceId)) {
|
||||
throw NoDecryptionKeyException();
|
||||
}
|
||||
|
||||
// We can guarantee that the ratchet exists at this point in time
|
||||
final ratchet = (await _getRatchet(ratchetKey))!;
|
||||
oldRatchet ??= ratchet.clone();
|
||||
|
||||
try {
|
||||
if (rawKey.kex) {
|
||||
keyAndHmac = await ratchet.ratchetDecrypt(message, authMessage.writeToBuffer());
|
||||
} else {
|
||||
keyAndHmac = await ratchet.ratchetDecrypt(message, decodedRawKey);
|
||||
}
|
||||
} catch (_) {
|
||||
await _restoreRatchet(ratchetKey, oldRatchet);
|
||||
rethrow;
|
||||
}
|
||||
|
||||
// Commit the ratchet
|
||||
_eventStreamController.add(
|
||||
RatchetModifiedEvent(
|
||||
senderJid,
|
||||
senderDeviceId,
|
||||
ratchet,
|
||||
false,
|
||||
false,
|
||||
),
|
||||
);
|
||||
|
||||
try {
|
||||
return _decryptAndVerifyHmac(ciphertext, keyAndHmac);
|
||||
} catch (_) {
|
||||
await _restoreRatchet(ratchetKey, oldRatchet);
|
||||
rethrow;
|
||||
}
|
||||
}
|
||||
|
||||
/// Returns the list of hex-encoded fingerprints we have for sessions with [jid].
|
||||
Future<List<DeviceFingerprint>> getHexFingerprintsForJid(String jid) async {
|
||||
final fingerprints = List<DeviceFingerprint>.empty(growable: true);
|
||||
|
||||
await _lock.synchronized(() async {
|
||||
// Get devices for jid
|
||||
final devices = _deviceMap[jid] ?? [];
|
||||
|
||||
for (final deviceId in devices) {
|
||||
final ratchet = _ratchetMap[RatchetMapKey(jid, deviceId)]!;
|
||||
|
||||
fingerprints.add(
|
||||
DeviceFingerprint(
|
||||
deviceId,
|
||||
HEX.encode(await ratchet.ik.getBytes()),
|
||||
),
|
||||
);
|
||||
}
|
||||
});
|
||||
|
||||
return fingerprints;
|
||||
}
|
||||
|
||||
/// Returns the hex-encoded fingerprint of the current device.
|
||||
Future<DeviceFingerprint> getHexFingerprintForDevice() async {
|
||||
final device = await getDevice();
|
||||
|
||||
return DeviceFingerprint(
|
||||
device.id,
|
||||
HEX.encode(await device.ik.pk.getBytes()),
|
||||
);
|
||||
}
|
||||
|
||||
/// Replaces the Signed Prekey and its signature in our own device bundle. Triggers
|
||||
/// a DeviceModifiedEvent when done.
|
||||
/// See https://xmpp.org/extensions/xep-0384.html#protocol-key_exchange under the point
|
||||
/// "signed PreKey rotation period" for recommendations.
|
||||
Future<void> rotateSignedPrekey() async {
|
||||
await _deviceLock.synchronized(() async {
|
||||
_device = await _device.replaceSignedPrekey();
|
||||
|
||||
// Commit the new device
|
||||
_eventStreamController.add(DeviceModifiedEvent(_device));
|
||||
});
|
||||
}
|
||||
|
||||
/// Returns the device map, i.e. the mapping of bare Jid to its device identifiers
|
||||
/// we have built sessions with.
|
||||
Future<Map<String, List<int>>> getDeviceMap() async {
|
||||
return _lock.synchronized(() => _deviceMap);
|
||||
}
|
||||
|
||||
/// Removes the ratchet identified by [jid] and [deviceId] from the session manager.
|
||||
/// Also triggers events for commiting the new device map to storage and removing
|
||||
/// the old ratchet.
|
||||
Future<void> removeRatchet(String jid, int deviceId) async {
|
||||
await _lock.synchronized(() async {
|
||||
// Remove the ratchet
|
||||
_ratchetMap.remove(RatchetMapKey(jid, deviceId));
|
||||
// Commit it
|
||||
_eventStreamController.add(RatchetRemovedEvent(jid, deviceId));
|
||||
|
||||
// Remove the device from jid
|
||||
_deviceMap[jid]!.remove(deviceId);
|
||||
if (_deviceMap[jid]!.isEmpty) {
|
||||
_deviceMap.remove(jid);
|
||||
}
|
||||
// Commit it
|
||||
_eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
|
||||
});
|
||||
}
|
||||
|
||||
/// Removes all ratchets for Jid [jid]. Triggers a DeviceMapModified event at the end and an
|
||||
/// RatchetRemovedEvent for each ratchet.
|
||||
Future<void> removeAllRatchets(String jid) async {
|
||||
await _lock.synchronized(() async {
|
||||
for (final deviceId in _deviceMap[jid]!) {
|
||||
// Remove the ratchet
|
||||
_ratchetMap.remove(RatchetMapKey(jid, deviceId));
|
||||
// Commit it
|
||||
_eventStreamController.add(RatchetRemovedEvent(jid, deviceId));
|
||||
}
|
||||
|
||||
// Remove the device from jid
|
||||
_deviceMap.remove(jid);
|
||||
// Commit it
|
||||
_eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
|
||||
});
|
||||
}
|
||||
|
||||
/// Returns the list of device identifiers belonging to [jid] that are yet unacked, i.e.
|
||||
/// we have not yet received an empty OMEMO message from.
|
||||
Future<List<int>?> getUnacknowledgedRatchets(String jid) async {
|
||||
return _lock.synchronized(() async {
|
||||
final ret = List<int>.empty(growable: true);
|
||||
final devices = _deviceMap[jid];
|
||||
if (devices == null) return null;
|
||||
|
||||
for (final device in devices) {
|
||||
final ratchet = _ratchetMap[RatchetMapKey(jid, device)]!;
|
||||
if (!ratchet.acknowledged) ret.add(device);
|
||||
}
|
||||
|
||||
return ret;
|
||||
});
|
||||
}
|
||||
|
||||
/// Returns true if the ratchet for [jid] with device identifier [deviceId] is
|
||||
/// acknowledged. Returns false if not.
|
||||
Future<bool> isRatchetAcknowledged(String jid, int deviceId) async {
|
||||
return _lock.synchronized(() => _ratchetMap[RatchetMapKey(jid, deviceId)]!.acknowledged);
|
||||
}
|
||||
|
||||
/// Mark the ratchet for device [deviceId] from [jid] as acked.
|
||||
Future<void> ratchetAcknowledged(String jid, int deviceId) async {
|
||||
await _lock.synchronized(() async {
|
||||
final ratchet = _ratchetMap[RatchetMapKey(jid, deviceId)]!
|
||||
..acknowledged = true;
|
||||
|
||||
// Commit it
|
||||
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false, false));
|
||||
});
|
||||
}
|
||||
|
||||
/// Generates an entirely new device. May be useful when the user wants to reset their cryptographic
|
||||
/// identity. Triggers an event to commit it to storage.
|
||||
Future<void> regenerateDevice({ int opkAmount = 100 }) async {
|
||||
await _deviceLock.synchronized(() async {
|
||||
_device = await OmemoDevice.generateNewDevice(_device.jid, opkAmount: opkAmount);
|
||||
|
||||
// Commit it
|
||||
_eventStreamController.add(DeviceModifiedEvent(_device));
|
||||
});
|
||||
}
|
||||
|
||||
/// Make our device have a new identifier. Only useful before publishing it as a bundle
|
||||
/// to make sure that our device has a id that is account unique.
|
||||
Future<void> regenerateDeviceId() async {
|
||||
await _deviceLock.synchronized(() async {
|
||||
_device = _device.withNewId();
|
||||
|
||||
// Commit it
|
||||
_eventStreamController.add(DeviceModifiedEvent(_device));
|
||||
});
|
||||
}
|
||||
|
||||
Future<OmemoDoubleRatchet?> _getRatchet(RatchetMapKey key) async {
|
||||
return _lock.synchronized(() async {
|
||||
return _ratchetMap[key];
|
||||
});
|
||||
}
|
||||
|
||||
@visibleForTesting
|
||||
OmemoDoubleRatchet getRatchet(String jid, int deviceId) => _ratchetMap[RatchetMapKey(jid, deviceId)]!;
|
||||
|
||||
@visibleForTesting
|
||||
Map<RatchetMapKey, OmemoDoubleRatchet> getRatchetMap() => _ratchetMap;
|
||||
|
||||
/// Serialise the entire session manager into a JSON object.
|
||||
Future<Map<String, dynamic>> toJsonWithoutSessions() async {
|
||||
/*
|
||||
{
|
||||
'devices': {
|
||||
'alice@...': [1, 2, ...],
|
||||
'bob@...': [1],
|
||||
...
|
||||
},
|
||||
'device': { ... },
|
||||
}
|
||||
*/
|
||||
|
||||
return {
|
||||
'devices': _deviceMap,
|
||||
'device': await (await getDevice()).toJson(),
|
||||
};
|
||||
}
|
||||
}
|
@ -2,7 +2,6 @@ import 'package:omemo_dart/src/helpers.dart';
|
||||
import 'package:omemo_dart/src/protobuf/protobuf.dart';
|
||||
|
||||
class OmemoAuthenticatedMessage {
|
||||
|
||||
OmemoAuthenticatedMessage();
|
||||
|
||||
factory OmemoAuthenticatedMessage.fromBuffer(List<int> data) {
|
||||
|
@ -2,7 +2,6 @@ import 'package:omemo_dart/src/helpers.dart';
|
||||
import 'package:omemo_dart/src/protobuf/protobuf.dart';
|
||||
|
||||
class OmemoMessage {
|
||||
|
||||
OmemoMessage();
|
||||
|
||||
factory OmemoMessage.fromBuffer(List<int> data) {
|
||||
|
@ -13,7 +13,6 @@ int fieldId(int number, int type) {
|
||||
}
|
||||
|
||||
class VarintDecode {
|
||||
|
||||
const VarintDecode(this.n, this.length);
|
||||
final int n;
|
||||
final int length;
|
||||
|
@ -15,18 +15,25 @@ enum BTBVTrustState {
|
||||
|
||||
int _trustToInt(BTBVTrustState state) {
|
||||
switch (state) {
|
||||
case BTBVTrustState.notTrusted: return 1;
|
||||
case BTBVTrustState.blindTrust: return 2;
|
||||
case BTBVTrustState.verified: return 3;
|
||||
case BTBVTrustState.notTrusted:
|
||||
return 1;
|
||||
case BTBVTrustState.blindTrust:
|
||||
return 2;
|
||||
case BTBVTrustState.verified:
|
||||
return 3;
|
||||
}
|
||||
}
|
||||
|
||||
BTBVTrustState _trustFromInt(int i) {
|
||||
switch (i) {
|
||||
case 1: return BTBVTrustState.notTrusted;
|
||||
case 2: return BTBVTrustState.blindTrust;
|
||||
case 3: return BTBVTrustState.verified;
|
||||
default: return BTBVTrustState.notTrusted;
|
||||
case 1:
|
||||
return BTBVTrustState.notTrusted;
|
||||
case 2:
|
||||
return BTBVTrustState.blindTrust;
|
||||
case 3:
|
||||
return BTBVTrustState.verified;
|
||||
default:
|
||||
return BTBVTrustState.notTrusted;
|
||||
}
|
||||
}
|
||||
|
||||
@ -139,7 +146,11 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager {
|
||||
}
|
||||
|
||||
/// Sets the trust of [jid]'s device with identifier [deviceId] to [state].
|
||||
Future<void> setDeviceTrust(String jid, int deviceId, BTBVTrustState state) async {
|
||||
Future<void> setDeviceTrust(
|
||||
String jid,
|
||||
int deviceId,
|
||||
BTBVTrustState state,
|
||||
) async {
|
||||
await _lock.synchronized(() async {
|
||||
trustCache[RatchetMapKey(jid, deviceId)] = state;
|
||||
|
||||
@ -172,10 +183,14 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager {
|
||||
Future<Map<String, dynamic>> toJson() async {
|
||||
return {
|
||||
'devices': devices,
|
||||
'trust': trustCache.map((key, value) => MapEntry(
|
||||
key.toJsonKey(), _trustToInt(value),
|
||||
),),
|
||||
'enable': enablementCache.map((key, value) => MapEntry(key.toJsonKey(), value)),
|
||||
'trust': trustCache.map(
|
||||
(key, value) => MapEntry(
|
||||
key.toJsonKey(),
|
||||
_trustToInt(value),
|
||||
),
|
||||
),
|
||||
'enable':
|
||||
enablementCache.map((key, value) => MapEntry(key.toJsonKey(), value)),
|
||||
};
|
||||
}
|
||||
|
||||
@ -192,8 +207,11 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager {
|
||||
|
||||
/// From a serialized version of a BTBV trust manager, extract the trust cache.
|
||||
/// NOTE: This is needed as Dart cannot just cast a List<dynamic> to List<int> and so on.
|
||||
static Map<RatchetMapKey, BTBVTrustState> trustCacheFromJson(Map<String, dynamic> json) {
|
||||
return (json['trust']! as Map<String, dynamic>).map<RatchetMapKey, BTBVTrustState>(
|
||||
static Map<RatchetMapKey, BTBVTrustState> trustCacheFromJson(
|
||||
Map<String, dynamic> json,
|
||||
) {
|
||||
return (json['trust']! as Map<String, dynamic>)
|
||||
.map<RatchetMapKey, BTBVTrustState>(
|
||||
(key, value) => MapEntry(
|
||||
RatchetMapKey.fromJsonKey(key),
|
||||
_trustFromInt(value as int),
|
||||
@ -203,7 +221,9 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager {
|
||||
|
||||
/// From a serialized version of a BTBV trust manager, extract the enable cache.
|
||||
/// NOTE: This is needed as Dart cannot just cast a List<dynamic> to List<int> and so on.
|
||||
static Map<RatchetMapKey, bool> enableCacheFromJson(Map<String, dynamic> json) {
|
||||
static Map<RatchetMapKey, bool> enableCacheFromJson(
|
||||
Map<String, dynamic> json,
|
||||
) {
|
||||
return (json['enable']! as Map<String, dynamic>).map<RatchetMapKey, bool>(
|
||||
(key, value) => MapEntry(
|
||||
RatchetMapKey.fromJsonKey(key),
|
||||
@ -226,7 +246,8 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager {
|
||||
Future<void> commitState();
|
||||
|
||||
@visibleForTesting
|
||||
BTBVTrustState getDeviceTrust(String jid, int deviceId) => trustCache[RatchetMapKey(jid, deviceId)]!;
|
||||
BTBVTrustState getDeviceTrust(String jid, int deviceId) =>
|
||||
trustCache[RatchetMapKey(jid, deviceId)]!;
|
||||
}
|
||||
|
||||
/// A BTBV TrustManager that does not commit its state to persistent storage. Well suited
|
||||
|
@ -12,7 +12,6 @@ const omemoX3DHInfoString = 'OMEMO X3DH';
|
||||
|
||||
/// Performed by Alice
|
||||
class X3DHAliceResult {
|
||||
|
||||
const X3DHAliceResult(this.ek, this.sk, this.opkId, this.ad);
|
||||
final OmemoKeyPair ek;
|
||||
final List<int> sk;
|
||||
@ -22,7 +21,6 @@ class X3DHAliceResult {
|
||||
|
||||
/// Received by Bob
|
||||
class X3DHMessage {
|
||||
|
||||
const X3DHMessage(this.ik, this.ek, this.opkId);
|
||||
final OmemoPublicKey ik;
|
||||
final OmemoPublicKey ek;
|
||||
@ -30,7 +28,6 @@ class X3DHMessage {
|
||||
}
|
||||
|
||||
class X3DHBobResult {
|
||||
|
||||
const X3DHBobResult(this.sk, this.ad);
|
||||
final List<int> sk;
|
||||
final List<int> ad;
|
||||
@ -39,7 +36,10 @@ class X3DHBobResult {
|
||||
/// Sign [message] using the keypair [keyPair]. Note that [keyPair] must be
|
||||
/// a Ed25519 keypair.
|
||||
Future<List<int>> sig(OmemoKeyPair keyPair, List<int> message) async {
|
||||
assert(keyPair.type == KeyPairType.ed25519, 'Signature keypair must be Ed25519');
|
||||
assert(
|
||||
keyPair.type == KeyPairType.ed25519,
|
||||
'Signature keypair must be Ed25519',
|
||||
);
|
||||
final signature = await Ed25519().sign(
|
||||
message,
|
||||
keyPair: await keyPair.asKeyPair(),
|
||||
@ -70,7 +70,10 @@ Future<List<int>> kdf(List<int> km) async {
|
||||
|
||||
/// Alice builds a session with Bob using his bundle [bundle] and Alice's identity key
|
||||
/// pair [ik].
|
||||
Future<X3DHAliceResult> x3dhFromBundle(OmemoBundle bundle, OmemoKeyPair ik) async {
|
||||
Future<X3DHAliceResult> x3dhFromBundle(
|
||||
OmemoBundle bundle,
|
||||
OmemoKeyPair ik,
|
||||
) async {
|
||||
// Check the signature first
|
||||
final signatureValue = await Ed25519().verify(
|
||||
await bundle.spk.getBytes(),
|
||||
@ -108,7 +111,12 @@ Future<X3DHAliceResult> x3dhFromBundle(OmemoBundle bundle, OmemoKeyPair ik) asyn
|
||||
|
||||
/// Bob builds the X3DH shared secret from the inital message [msg], the SPK [spk], the
|
||||
/// OPK [opk] that was selected by Alice and our IK [ik]. Returns the shared secret.
|
||||
Future<X3DHBobResult> x3dhFromInitialMessage(X3DHMessage msg, OmemoKeyPair spk, OmemoKeyPair opk, OmemoKeyPair ik) async {
|
||||
Future<X3DHBobResult> x3dhFromInitialMessage(
|
||||
X3DHMessage msg,
|
||||
OmemoKeyPair spk,
|
||||
OmemoKeyPair opk,
|
||||
OmemoKeyPair ik,
|
||||
) async {
|
||||
final dh1 = await omemoDH(spk, msg.ik, 2);
|
||||
final dh2 = await omemoDH(ik, msg.ek, 1);
|
||||
final dh3 = await omemoDH(spk, msg.ek, 0);
|
||||
|
@ -76,7 +76,6 @@ void main() {
|
||||
|
||||
print('X3DH key exchange done');
|
||||
|
||||
|
||||
// Alice and Bob now share sk as a common secret and ad
|
||||
// Build a session
|
||||
final alicesRatchet = await OmemoDoubleRatchet.initiateNewSession(
|
||||
@ -101,7 +100,8 @@ void main() {
|
||||
|
||||
if (i.isEven) {
|
||||
// Alice encrypts a message
|
||||
final aliceRatchetResult = await alicesRatchet.ratchetEncrypt(utf8.encode(messageText));
|
||||
final aliceRatchetResult =
|
||||
await alicesRatchet.ratchetEncrypt(utf8.encode(messageText));
|
||||
print('Alice sent the message');
|
||||
|
||||
// Alice sends it to Bob
|
||||
@ -117,7 +117,8 @@ void main() {
|
||||
expect(utf8.encode(messageText), bobRatchetResult);
|
||||
} else {
|
||||
// Bob sends a message to Alice
|
||||
final bobRatchetResult = await bobsRatchet.ratchetEncrypt(utf8.encode(messageText));
|
||||
final bobRatchetResult =
|
||||
await bobsRatchet.ratchetEncrypt(utf8.encode(messageText));
|
||||
print('Bob sent the message');
|
||||
|
||||
// Bobs sends it to Alice
|
||||
|
@ -35,9 +35,9 @@ void main() {
|
||||
expect(await device.ik.equals(newDevice.ik), true);
|
||||
expect(await device.spk.equals(newDevice.spk), true);
|
||||
|
||||
final oldSpkMatch = device.oldSpk != null ?
|
||||
await device.oldSpk!.equals(newDevice.oldSpk!) :
|
||||
newDevice.oldSpk == null;
|
||||
final oldSpkMatch = device.oldSpk != null
|
||||
? await device.oldSpk!.equals(newDevice.oldSpk!)
|
||||
: newDevice.oldSpk == null;
|
||||
expect(oldSpkMatch, true);
|
||||
expect(listsEqual(device.spkSignature, newDevice.spkSignature), true);
|
||||
});
|
||||
@ -107,8 +107,10 @@ void main() {
|
||||
);
|
||||
|
||||
// Ratchets are acked
|
||||
await aliceSession.ratchetAcknowledged(bobJid, await bobSession.getDeviceId());
|
||||
await bobSession.ratchetAcknowledged(aliceJid, await aliceSession.getDeviceId());
|
||||
await aliceSession.ratchetAcknowledged(
|
||||
bobJid, await bobSession.getDeviceId());
|
||||
await bobSession.ratchetAcknowledged(
|
||||
aliceJid, await aliceSession.getDeviceId());
|
||||
|
||||
// Bob responds to Alice
|
||||
const bobResponseText = 'Oh, hello Alice!';
|
||||
@ -131,7 +133,8 @@ void main() {
|
||||
expect(bobResponseText, aliceReceivedMessage);
|
||||
});
|
||||
|
||||
test('Test using OMEMO sessions with only two devices for the receiver', () async {
|
||||
test('Test using OMEMO sessions with only two devices for the receiver',
|
||||
() async {
|
||||
const aliceJid = 'alice@server.example';
|
||||
const bobJid = 'bob@other.server.example';
|
||||
|
||||
@ -181,8 +184,10 @@ void main() {
|
||||
expect(messagePlaintext, bobMessage);
|
||||
|
||||
// Ratchets are acked
|
||||
await aliceSession.ratchetAcknowledged(bobJid, await bobSession.getDeviceId());
|
||||
await bobSession.ratchetAcknowledged(aliceJid, await aliceSession.getDeviceId());
|
||||
await aliceSession.ratchetAcknowledged(
|
||||
bobJid, await bobSession.getDeviceId());
|
||||
await bobSession.ratchetAcknowledged(
|
||||
aliceJid, await aliceSession.getDeviceId());
|
||||
|
||||
// Bob responds to Alice
|
||||
const bobResponseText = 'Oh, hello Alice!';
|
||||
@ -457,8 +462,10 @@ void main() {
|
||||
);
|
||||
|
||||
// Ratchets are acked
|
||||
await aliceSession.ratchetAcknowledged(bobJid, await bobSession.getDeviceId());
|
||||
await bobSession.ratchetAcknowledged(aliceJid, await aliceSession.getDeviceId());
|
||||
await aliceSession.ratchetAcknowledged(
|
||||
bobJid, await bobSession.getDeviceId());
|
||||
await bobSession.ratchetAcknowledged(
|
||||
aliceJid, await aliceSession.getDeviceId());
|
||||
|
||||
for (var i = 0; i < 100; i++) {
|
||||
final messageText = 'Test Message #$i';
|
||||
@ -597,7 +604,8 @@ void main() {
|
||||
// ...
|
||||
|
||||
// Alice marks the ratchet as acknowledged
|
||||
await aliceSession.ratchetAcknowledged(bobJid, await bobSession.getDeviceId());
|
||||
await aliceSession.ratchetAcknowledged(
|
||||
bobJid, await bobSession.getDeviceId());
|
||||
expect(
|
||||
(await aliceSession.getUnacknowledgedRatchets(bobJid))!.isEmpty,
|
||||
true,
|
||||
@ -726,7 +734,6 @@ void main() {
|
||||
msg2.encryptedKeys,
|
||||
getTimestamp(),
|
||||
);
|
||||
|
||||
});
|
||||
|
||||
test('Test receiving old messages including a KEX', () async {
|
||||
@ -768,8 +775,10 @@ void main() {
|
||||
);
|
||||
|
||||
// Ratchets are acked
|
||||
await aliceSession.ratchetAcknowledged(bobJid, await bobSession.getDeviceId());
|
||||
await bobSession.ratchetAcknowledged(aliceJid, await aliceSession.getDeviceId());
|
||||
await aliceSession.ratchetAcknowledged(
|
||||
bobJid, await bobSession.getDeviceId());
|
||||
await bobSession.ratchetAcknowledged(
|
||||
aliceJid, await aliceSession.getDeviceId());
|
||||
|
||||
// Bob responds
|
||||
final msg2 = await bobSession.encryptToJid(
|
||||
@ -838,7 +847,6 @@ void main() {
|
||||
expect(errorCounter, 100);
|
||||
expect(await ratchetPreError.equals(ratchetPostError), true);
|
||||
|
||||
|
||||
final msg3 = await aliceSession.encryptToJid(
|
||||
bobJid,
|
||||
'Are you okay?',
|
||||
@ -903,8 +911,10 @@ void main() {
|
||||
);
|
||||
|
||||
// Now the acks reach us
|
||||
await aliceSession.ratchetAcknowledged(bobJid, await bobSession.getDeviceId());
|
||||
await bobSession.ratchetAcknowledged(aliceJid, await aliceSession.getDeviceId());
|
||||
await aliceSession.ratchetAcknowledged(
|
||||
bobJid, await bobSession.getDeviceId());
|
||||
await bobSession.ratchetAcknowledged(
|
||||
aliceJid, await aliceSession.getDeviceId());
|
||||
|
||||
// Alice sends another message
|
||||
final msg3 = await aliceSession.encryptToJid(
|
||||
|
@ -5,6 +5,15 @@ import 'package:omemo_dart/src/protobuf/omemo_key_exchange.dart';
|
||||
import 'package:omemo_dart/src/trust/always.dart';
|
||||
import 'package:test/test.dart';
|
||||
|
||||
class TestingTrustManager extends AlwaysTrustingTrustManager {
|
||||
final Map<String, int> devices = {};
|
||||
|
||||
@override
|
||||
Future<void> onNewSession(String jid, int deviceId) async {
|
||||
devices[jid] = deviceId;
|
||||
}
|
||||
}
|
||||
|
||||
void main() {
|
||||
Logger.root
|
||||
..level = Level.ALL
|
||||
@ -19,7 +28,8 @@ void main() {
|
||||
var aliceEmptyMessageSent = 0;
|
||||
var bobEmptyMessageSent = 0;
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
@ -114,7 +124,8 @@ void main() {
|
||||
var aliceEmptyMessageSent = 0;
|
||||
var bobEmptyMessageSent = 0;
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
@ -226,7 +237,8 @@ void main() {
|
||||
test('Test accessing data without it existing', () async {
|
||||
const aliceJid = 'alice@server1';
|
||||
const bobJid = 'bob@server2';
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
aliceDevice,
|
||||
@ -255,9 +267,12 @@ void main() {
|
||||
const bobJid = 'bob@server2';
|
||||
var oldDevice = true;
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobOldDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
final bobCurrentDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobOldDevice =
|
||||
await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
final bobCurrentDevice =
|
||||
await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
aliceDevice,
|
||||
@ -266,15 +281,13 @@ void main() {
|
||||
(jid) async {
|
||||
expect(jid, bobJid);
|
||||
|
||||
return oldDevice ?
|
||||
[ bobOldDevice.id ] :
|
||||
[ bobCurrentDevice.id ];
|
||||
return oldDevice ? [bobOldDevice.id] : [bobCurrentDevice.id];
|
||||
},
|
||||
(jid, id) async {
|
||||
expect(jid, bobJid);
|
||||
return oldDevice ?
|
||||
bobOldDevice.toBundle() :
|
||||
bobCurrentDevice.toBundle();
|
||||
return oldDevice
|
||||
? bobOldDevice.toBundle()
|
||||
: bobCurrentDevice.toBundle();
|
||||
},
|
||||
(jid) async {},
|
||||
);
|
||||
@ -339,9 +352,12 @@ void main() {
|
||||
const bobJid = 'bob@server2';
|
||||
var bothDevices = false;
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice1 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
final bobDevice2 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice1 =
|
||||
await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
final bobDevice2 =
|
||||
await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
aliceDevice,
|
||||
@ -352,9 +368,7 @@ void main() {
|
||||
|
||||
return [
|
||||
bobDevice1.id,
|
||||
|
||||
if (bothDevices)
|
||||
bobDevice2.id,
|
||||
if (bothDevices) bobDevice2.id,
|
||||
];
|
||||
},
|
||||
(jid, id) async {
|
||||
@ -447,9 +461,12 @@ void main() {
|
||||
const bobJid = 'bob@server2';
|
||||
var bothDevices = false;
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice1 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
final bobDevice2 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice1 =
|
||||
await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
final bobDevice2 =
|
||||
await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
aliceDevice,
|
||||
@ -460,9 +477,7 @@ void main() {
|
||||
|
||||
return [
|
||||
bobDevice1.id,
|
||||
|
||||
if (bothDevices)
|
||||
bobDevice2.id,
|
||||
if (bothDevices) bobDevice2.id,
|
||||
];
|
||||
},
|
||||
(jid, id) async {
|
||||
@ -594,9 +609,11 @@ void main() {
|
||||
const bobJid = 'bob@server2';
|
||||
const cocoJid = 'coco@server3';
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
final cocoDevice = await OmemoDevice.generateNewDevice(cocoJid, opkAmount: 1);
|
||||
final cocoDevice =
|
||||
await OmemoDevice.generateNewDevice(cocoJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
aliceDevice,
|
||||
@ -678,7 +695,8 @@ void main() {
|
||||
const bobJid = 'bob@server2';
|
||||
var failure = false;
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
@ -688,16 +706,12 @@ void main() {
|
||||
(jid) async {
|
||||
expect(jid, bobJid);
|
||||
|
||||
return failure ?
|
||||
null :
|
||||
[bobDevice.id];
|
||||
return failure ? null : [bobDevice.id];
|
||||
},
|
||||
(jid, id) async {
|
||||
expect(jid, bobJid);
|
||||
|
||||
return failure ?
|
||||
null :
|
||||
bobDevice.toBundle();
|
||||
return failure ? null : bobDevice.toBundle();
|
||||
},
|
||||
(jid) async {},
|
||||
);
|
||||
@ -769,7 +783,8 @@ void main() {
|
||||
const aliceJid = 'alice@server1';
|
||||
const bobJid = 'bob@server2';
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
aliceDevice,
|
||||
@ -797,7 +812,11 @@ void main() {
|
||||
);
|
||||
|
||||
expect(aliceResult.isSuccess(1), false);
|
||||
expect(aliceResult.jidEncryptionErrors[bobJid] is NoKeyMaterialAvailableException, true);
|
||||
expect(
|
||||
aliceResult.jidEncryptionErrors[bobJid]
|
||||
is NoKeyMaterialAvailableException,
|
||||
true,
|
||||
);
|
||||
});
|
||||
|
||||
test('Test sending a message two two JIDs with failed lookups', () async {
|
||||
@ -805,7 +824,8 @@ void main() {
|
||||
const bobJid = 'bob@server2';
|
||||
const cocoJid = 'coco@server3';
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
@ -846,7 +866,11 @@ void main() {
|
||||
);
|
||||
|
||||
expect(aliceResult.isSuccess(2), true);
|
||||
expect(aliceResult.jidEncryptionErrors[cocoJid] is NoKeyMaterialAvailableException, true);
|
||||
expect(
|
||||
aliceResult.jidEncryptionErrors[cocoJid]
|
||||
is NoKeyMaterialAvailableException,
|
||||
true,
|
||||
);
|
||||
|
||||
// Bob decrypts it
|
||||
final bobResult = await bobManager.onIncomingStanza(
|
||||
@ -866,7 +890,8 @@ void main() {
|
||||
const aliceJid = 'alice@server1';
|
||||
const bobJid = 'bob@server2';
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
@ -911,7 +936,6 @@ void main() {
|
||||
aliceMessage.encryptedKeys,
|
||||
base64.encode(aliceMessage.ciphertext!),
|
||||
),
|
||||
|
||||
);
|
||||
|
||||
// Ratchets are acked
|
||||
@ -948,7 +972,8 @@ void main() {
|
||||
const aliceJid = 'alice@server1';
|
||||
const bobJid = 'bob@server2';
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
EncryptionResult? aliceEmptyMessage;
|
||||
@ -1075,14 +1100,17 @@ void main() {
|
||||
expect(aliceResult4.payload, "That's okay.");
|
||||
});
|
||||
|
||||
test('Test removing all ratchets and sending a message without post-heartbeat ack', () async {
|
||||
test(
|
||||
'Test removing all ratchets and sending a message without post-heartbeat ack',
|
||||
() async {
|
||||
// This test is the same as "Test removing all ratchets and sending a message" except
|
||||
// that bob does not ack the ratchet after Alice's heartbeat after she recreated
|
||||
// all ratchets.
|
||||
const aliceJid = 'alice@server1';
|
||||
const bobJid = 'bob@server2';
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
EncryptionResult? aliceEmptyMessage;
|
||||
@ -1207,7 +1235,8 @@ void main() {
|
||||
const aliceJid = 'alice@server1';
|
||||
const bobJid = 'bob@server2';
|
||||
|
||||
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
@ -1350,4 +1379,68 @@ void main() {
|
||||
expect(bobResult4.error, null);
|
||||
expect(bobResult4.payload, 'Hi Bob');
|
||||
});
|
||||
|
||||
test('Test correct trust behaviour on receiving', () async {
|
||||
const aliceJid = 'alice@server1';
|
||||
const bobJid = 'bob@server2';
|
||||
|
||||
final aliceDevice =
|
||||
await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
|
||||
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
|
||||
|
||||
final aliceManager = OmemoManager(
|
||||
aliceDevice,
|
||||
AlwaysTrustingTrustManager(),
|
||||
(result, recipientJid) async {},
|
||||
(jid) async {
|
||||
expect(jid, bobJid);
|
||||
return [bobDevice.id];
|
||||
},
|
||||
(jid, id) async {
|
||||
expect(jid, bobJid);
|
||||
return bobDevice.toBundle();
|
||||
},
|
||||
(jid) async {},
|
||||
);
|
||||
final bobManager = OmemoManager(
|
||||
bobDevice,
|
||||
TestingTrustManager(),
|
||||
(result, recipientJid) async {},
|
||||
(jid) async {
|
||||
expect(jid, aliceJid);
|
||||
return [aliceDevice.id];
|
||||
},
|
||||
(jid, id) async {
|
||||
expect(jid, aliceJid);
|
||||
return aliceDevice.toBundle();
|
||||
},
|
||||
(jid) async {},
|
||||
);
|
||||
|
||||
// Alice sends Bob a message
|
||||
final aliceResult1 = await aliceManager.onOutgoingStanza(
|
||||
const OmemoOutgoingStanza(
|
||||
[bobJid],
|
||||
'Hello World!',
|
||||
),
|
||||
);
|
||||
|
||||
// Bob decrypts Alice's message
|
||||
final bobResult1 = await bobManager.onIncomingStanza(
|
||||
OmemoIncomingStanza(
|
||||
aliceJid,
|
||||
aliceDevice.id,
|
||||
DateTime.now().millisecondsSinceEpoch,
|
||||
aliceResult1.encryptedKeys,
|
||||
base64.encode(aliceResult1.ciphertext!),
|
||||
),
|
||||
);
|
||||
expect(bobResult1.error, null);
|
||||
|
||||
// Bob should have some trust state
|
||||
expect(
|
||||
(bobManager.trustManager as TestingTrustManager).devices[aliceJid],
|
||||
await aliceManager.getDeviceId(),
|
||||
);
|
||||
});
|
||||
}
|
||||
|
@ -22,14 +22,16 @@ void main() {
|
||||
expect(await oldDevice.equals(newDevice), true);
|
||||
});
|
||||
|
||||
test('Test serialising and deserialising the Device after rotating the SPK', () async {
|
||||
test('Test serialising and deserialising the Device after rotating the SPK',
|
||||
() async {
|
||||
// Generate a random session
|
||||
final oldSession = await OmemoSessionManager.generateNewIdentity(
|
||||
'user@test.server',
|
||||
AlwaysTrustingTrustManager(),
|
||||
opkAmount: 1,
|
||||
);
|
||||
final oldDevice = await (await oldSession.getDevice()).replaceSignedPrekey();
|
||||
final oldDevice =
|
||||
await (await oldSession.getDevice()).replaceSignedPrekey();
|
||||
final serialised = jsonify(await oldDevice.toJson());
|
||||
|
||||
final newDevice = OmemoDevice.fromJson(serialised);
|
||||
@ -64,7 +66,8 @@ void main() {
|
||||
aliceMessage.encryptedKeys,
|
||||
getTimestamp(),
|
||||
);
|
||||
final aliceOld = aliceSession.getRatchet(bobJid, await bobSession.getDeviceId());
|
||||
final aliceOld =
|
||||
aliceSession.getRatchet(bobJid, await bobSession.getDeviceId());
|
||||
final aliceSerialised = jsonify(await aliceOld.toJson());
|
||||
final aliceNew = OmemoDoubleRatchet.fromJson(aliceSerialised);
|
||||
|
||||
@ -116,7 +119,8 @@ void main() {
|
||||
expect(result2.deviceId, test2.deviceId);
|
||||
});
|
||||
|
||||
test('Test serializing and deserializing the components of the BTBV manager', () async {
|
||||
test('Test serializing and deserializing the components of the BTBV manager',
|
||||
() async {
|
||||
// Caroline's BTBV manager
|
||||
final btbv = MemoryBTBVTrustManager();
|
||||
// Example data
|
||||
@ -130,17 +134,20 @@ void main() {
|
||||
await btbv.onNewSession(bobJid, 4);
|
||||
|
||||
final serialized = jsonify(await btbv.toJson());
|
||||
final deviceList = BlindTrustBeforeVerificationTrustManager.deviceListFromJson(
|
||||
final deviceList =
|
||||
BlindTrustBeforeVerificationTrustManager.deviceListFromJson(
|
||||
serialized,
|
||||
);
|
||||
expect(btbv.devices, deviceList);
|
||||
|
||||
final trustCache = BlindTrustBeforeVerificationTrustManager.trustCacheFromJson(
|
||||
final trustCache =
|
||||
BlindTrustBeforeVerificationTrustManager.trustCacheFromJson(
|
||||
serialized,
|
||||
);
|
||||
expect(btbv.trustCache, trustCache);
|
||||
|
||||
final enableCache = BlindTrustBeforeVerificationTrustManager.enableCacheFromJson(
|
||||
final enableCache =
|
||||
BlindTrustBeforeVerificationTrustManager.enableCacheFromJson(
|
||||
serialized,
|
||||
);
|
||||
expect(btbv.enablementCache, enableCache);
|
||||
|
@ -73,7 +73,11 @@ void main() {
|
||||
await x3dhFromBundle(bundleBob, ikAlice);
|
||||
} catch (e) {
|
||||
exception = true;
|
||||
expect(e is InvalidSignatureException, true, reason: 'Expected InvalidSignatureException, but got $e');
|
||||
expect(
|
||||
e is InvalidSignatureException,
|
||||
true,
|
||||
reason: 'Expected InvalidSignatureException, but got $e',
|
||||
);
|
||||
}
|
||||
|
||||
expect(exception, true, reason: 'Expected test failure');
|
||||
|
Loading…
Reference in New Issue
Block a user