Compare commits

..

18 Commits

Author SHA1 Message Date
3825232ebe
Merge pull request #24 from PapaTutuWawa/feat/omemomanager
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
OmemoManager.
2023-01-01 16:59:00 +01:00
32c0c5a4f0 feat: Update CHANGELOG and README 2023-01-01 16:55:15 +01:00
092ce36410 feat: Add last features for use in moxxmpp 2023-01-01 16:49:19 +01:00
4085631804 fix: Make logging less verbose 2022-12-27 12:49:11 +01:00
6a9e98665d fix: Track new KEX entries using a ratchet key 2022-12-27 12:47:45 +01:00
5f844dafda feat: Add getDeviceId 2022-12-27 12:43:50 +01:00
480de1ce8f test: Port the sending/receiving for the OmemoManager 2022-12-27 12:43:50 +01:00
5e6b54aab5 feat: Better guard against failed lookups 2022-12-27 12:43:50 +01:00
6c4dd62c5a feat: _decryptMessage explicitly tells us that a ratchet was created 2022-12-27 12:43:50 +01:00
54eeb816eb feat: Export OmemoManager 2022-12-27 12:43:50 +01:00
e35f65aff9 style: Fix style issues 2022-12-27 12:43:50 +01:00
4dc3cfb2b1 feat: Deprecate OmemoSessionManager 2022-12-27 12:43:50 +01:00
bca4840ca6 test: Add a test to ensure the library cannot get stuck 2022-12-27 12:43:50 +01:00
caf841c53e feat: Add more documentation 2022-12-27 12:43:50 +01:00
5bc1136ec0 feat: Implement getting fingerprints 2022-12-27 12:43:50 +01:00
d37a4bd719 chore: Bump version 2022-12-27 12:43:50 +01:00
b48665c357 feat: Begin work on the OmemoManager interface 2022-12-27 12:43:50 +01:00
06707d1a34 feat: Compute the fingerprint of a bundle 2022-12-27 12:43:18 +01:00
27 changed files with 1906 additions and 62 deletions

View File

@ -9,7 +9,6 @@
- Fix bug with the Double Ratchet causing only the initial message to be decryptable - Fix bug with the Double Ratchet causing only the initial message to be decryptable
- Expose `getDeviceMap` as a developer usable function - Expose `getDeviceMap` as a developer usable function
## 0.2.0 ## 0.2.0
- Add convenience functions `getDeviceId` and `getDeviceBundle` - Add convenience functions `getDeviceId` and `getDeviceBundle`
@ -36,3 +35,10 @@
- Fix a bug that caused the device's id to change when replacing a OPK - Fix a bug that caused the device's id to change when replacing a OPK
- Every decryption failure now causes the ratchet to be restored to a pre-decryption state - Every decryption failure now causes the ratchet to be restored to a pre-decryption state
- Add method to get the device's fingerprint - Add method to get the device's fingerprint
## 0.4.0
- Deprecate `OmemoSessionManager`. Use `OmemoManager` instead.
- Implement queued access to the ratchets inside the `OmemoManager`.
- Implement heartbeat messages.
- [BREAKING] Rename `Device` to `OmemoDevice`.

View File

@ -28,7 +28,7 @@ Include `omemo_dart` in your `pubspec.yaml` like this:
dependencies: dependencies:
omemo_dart: omemo_dart:
hosted: https://git.polynom.me/api/packages/PapaTutuWawa/pub hosted: https://git.polynom.me/api/packages/PapaTutuWawa/pub
version: ^0.3.1 version: ^0.4.0
# [...] # [...]
# [...] # [...]

View File

@ -10,3 +10,7 @@ linter:
analyzer: analyzer:
exclude: exclude:
- "lib/protobuf/*.dart" - "lib/protobuf/*.dart"
# TODO: Remove once OmemoSessionManager is gone
- "test/omemo_test.dart"
- "example/omemo_dart_example.dart"
- "test/serialisation_test.dart"

View File

@ -10,8 +10,10 @@ export 'src/omemo/encrypted_key.dart';
export 'src/omemo/encryption_result.dart'; export 'src/omemo/encryption_result.dart';
export 'src/omemo/events.dart'; export 'src/omemo/events.dart';
export 'src/omemo/fingerprint.dart'; export 'src/omemo/fingerprint.dart';
export 'src/omemo/omemomanager.dart';
export 'src/omemo/ratchet_map_key.dart'; export 'src/omemo/ratchet_map_key.dart';
export 'src/omemo/sessionmanager.dart'; export 'src/omemo/sessionmanager.dart';
export 'src/omemo/stanza.dart';
export 'src/trust/base.dart'; export 'src/trust/base.dart';
export 'src/trust/btbv.dart'; export 'src/trust/btbv.dart';
export 'src/x3dh/x3dh.dart'; export 'src/x3dh/x3dh.dart';

View File

@ -1,5 +1,6 @@
import 'dart:convert'; import 'dart:convert';
import 'package:cryptography/cryptography.dart'; import 'package:cryptography/cryptography.dart';
import 'package:hex/hex.dart';
import 'package:meta/meta.dart'; import 'package:meta/meta.dart';
import 'package:omemo_dart/src/crypto.dart'; import 'package:omemo_dart/src/crypto.dart';
import 'package:omemo_dart/src/double_ratchet/crypto.dart'; import 'package:omemo_dart/src/double_ratchet/crypto.dart';
@ -13,7 +14,6 @@ import 'package:omemo_dart/src/protobuf/omemo_message.dart';
const maxSkip = 1000; const maxSkip = 1000;
class RatchetStep { class RatchetStep {
const RatchetStep(this.header, this.ciphertext); const RatchetStep(this.header, this.ciphertext);
final OmemoMessage header; final OmemoMessage header;
final List<int> ciphertext; final List<int> ciphertext;
@ -21,7 +21,6 @@ class RatchetStep {
@immutable @immutable
class SkippedKey { class SkippedKey {
const SkippedKey(this.dh, this.n); const SkippedKey(this.dh, this.n);
factory SkippedKey.fromJson(Map<String, dynamic> data) { factory SkippedKey.fromJson(Map<String, dynamic> data) {
@ -54,7 +53,6 @@ class SkippedKey {
} }
class OmemoDoubleRatchet { class OmemoDoubleRatchet {
OmemoDoubleRatchet( OmemoDoubleRatchet(
this.dhs, // DHs this.dhs, // DHs
this.dhr, // DHr this.dhr, // DHr
@ -221,7 +219,7 @@ class OmemoDoubleRatchet {
ik, ik,
ad, ad,
{}, {},
false, true,
kexTimestamp, kexTimestamp,
null, null,
); );
@ -255,6 +253,12 @@ class OmemoDoubleRatchet {
}; };
} }
/// Returns the OMEMO compatible fingerprint of the ratchet session.
Future<String> getOmemoFingerprint() async {
final curveKey = await ik.toCurve25519();
return HEX.encode(await curveKey.getBytes());
}
Future<List<int>?> _trySkippedMessageKeys(OmemoMessage header, List<int> ciphertext) async { Future<List<int>?> _trySkippedMessageKeys(OmemoMessage header, List<int> ciphertext) async {
final key = SkippedKey( final key = SkippedKey(
OmemoPublicKey.fromBytes(header.dhPub!, KeyPairType.x25519), OmemoPublicKey.fromBytes(header.dhPub!, KeyPairType.x25519),

View File

@ -1,45 +1,54 @@
abstract class OmemoException {}
/// Triggered during X3DH if the signature if the SPK does verify to the actual SPK. /// Triggered during X3DH if the signature if the SPK does verify to the actual SPK.
class InvalidSignatureException implements Exception { class InvalidSignatureException extends OmemoException implements Exception {
String errMsg() => 'The signature of the SPK does not match the provided signature'; String errMsg() => 'The signature of the SPK does not match the provided signature';
} }
/// Triggered by the Double Ratchet if the computed HMAC does not match the attached HMAC. /// Triggered by the Double Ratchet if the computed HMAC does not match the attached HMAC.
/// Triggered by the Session Manager if the computed HMAC does not match the attached HMAC. /// Triggered by the Session Manager if the computed HMAC does not match the attached HMAC.
class InvalidMessageHMACException implements Exception { class InvalidMessageHMACException extends OmemoException implements Exception {
String errMsg() => 'The computed HMAC does not match the provided HMAC'; String errMsg() => 'The computed HMAC does not match the provided HMAC';
} }
/// Triggered by the Double Ratchet if skipping messages would cause skipping more than /// Triggered by the Double Ratchet if skipping messages would cause skipping more than
/// MAXSKIP messages /// MAXSKIP messages
class SkippingTooManyMessagesException implements Exception { class SkippingTooManyMessagesException extends OmemoException implements Exception {
String errMsg() => 'Skipping messages would cause a skip bigger than MAXSKIP'; String errMsg() => 'Skipping messages would cause a skip bigger than MAXSKIP';
} }
/// Triggered by the Session Manager if the message key is not encrypted for the device. /// Triggered by the Session Manager if the message key is not encrypted for the device.
class NotEncryptedForDeviceException implements Exception { class NotEncryptedForDeviceException extends OmemoException implements Exception {
String errMsg() => 'Not encrypted for this device'; String errMsg() => 'Not encrypted for this device';
} }
/// Triggered by the Session Manager when there is no key for decrypting the message. /// Triggered by the Session Manager when there is no key for decrypting the message.
class NoDecryptionKeyException implements Exception { class NoDecryptionKeyException extends OmemoException implements Exception {
String errMsg() => 'No key available for decrypting the message'; String errMsg() => 'No key available for decrypting the message';
} }
/// Triggered by the Session Manager when the identifier of the used Signed Prekey /// Triggered by the Session Manager when the identifier of the used Signed Prekey
/// is neither the current SPK's identifier nor the old one's. /// is neither the current SPK's identifier nor the old one's.
class UnknownSignedPrekeyException implements Exception { class UnknownSignedPrekeyException extends OmemoException implements Exception {
String errMsg() => 'Unknown Signed Prekey used.'; String errMsg() => 'Unknown Signed Prekey used.';
} }
/// Triggered by the Session Manager when the received Key Exchange message does not meet /// Triggered by the Session Manager when the received Key Exchange message does not meet
/// the requirement that a key exchange, given that the ratchet already exists, must be /// the requirement that a key exchange, given that the ratchet already exists, must be
/// sent after its creation. /// sent after its creation.
class InvalidKeyExchangeException implements Exception { class InvalidKeyExchangeException extends OmemoException implements Exception {
String errMsg() => 'The key exchange was sent before the last kex finished'; String errMsg() => 'The key exchange was sent before the last kex finished';
} }
/// Triggered by the Session Manager when a message's sequence number is smaller than we /// Triggered by the Session Manager when a message's sequence number is smaller than we
/// expect it to be. /// expect it to be.
class MessageAlreadyDecryptedException implements Exception { class MessageAlreadyDecryptedException extends OmemoException implements Exception {
String errMsg() => 'The message has already been decrypted'; String errMsg() => 'The message has already been decrypted';
} }
/// Triggered by the OmemoManager when we could not encrypt a message as we have
/// no key material available. That happens, for example, when we want to create a
/// ratchet session with a JID we had no session with but fetching the device bundle
/// failed.
class NoKeyMaterialAvailableException extends OmemoException implements Exception {
String errMsg() => 'No key material available to create a ratchet session with';
}

View File

@ -9,7 +9,6 @@ const privateKeyLength = 32;
const publicKeyLength = 32; const publicKeyLength = 32;
class OmemoPublicKey { class OmemoPublicKey {
const OmemoPublicKey(this._pubkey); const OmemoPublicKey(this._pubkey);
factory OmemoPublicKey.fromBytes(List<int> bytes, KeyPairType type) { factory OmemoPublicKey.fromBytes(List<int> bytes, KeyPairType type) {
@ -55,7 +54,6 @@ class OmemoPublicKey {
} }
class OmemoPrivateKey { class OmemoPrivateKey {
const OmemoPrivateKey(this._privkey, this.type); const OmemoPrivateKey(this._privkey, this.type);
final List<int> _privkey; final List<int> _privkey;
final KeyPairType type; final KeyPairType type;
@ -85,7 +83,6 @@ class OmemoPrivateKey {
/// A generic wrapper class for both Ed25519 and X25519 keypairs /// A generic wrapper class for both Ed25519 and X25519 keypairs
class OmemoKeyPair { class OmemoKeyPair {
const OmemoKeyPair(this.pk, this.sk, this.type); const OmemoKeyPair(this.pk, this.sk, this.type);
/// Create an OmemoKeyPair just from a [type] and the bytes of the private and public /// Create an OmemoKeyPair just from a [type] and the bytes of the private and public

View File

@ -1,5 +1,6 @@
import 'dart:convert'; import 'dart:convert';
import 'package:cryptography/cryptography.dart'; import 'package:cryptography/cryptography.dart';
import 'package:hex/hex.dart';
import 'package:omemo_dart/src/keys.dart'; import 'package:omemo_dart/src/keys.dart';
class OmemoBundle { class OmemoBundle {
@ -43,4 +44,10 @@ class OmemoBundle {
} }
List<int> get spkSignature => base64Decode(spkSignatureEncoded); List<int> get spkSignature => base64Decode(spkSignatureEncoded);
/// Calculates the fingerprint of the bundle (See
/// https://xmpp.org/extensions/xep-0384.html#security § 2).
Future<String> getFingerprint() async {
return HEX.encode(await ik.getBytes());
}
} }

View File

@ -0,0 +1,2 @@
/// The info used for when encrypting the AES key for the actual payload.
const omemoPayloadInfoString = 'OMEMO Payload';

View File

@ -0,0 +1,9 @@
import 'package:meta/meta.dart';
import 'package:omemo_dart/src/errors.dart';
@immutable
class DecryptionResult {
const DecryptionResult(this.payload, this.error);
final String? payload;
final OmemoException? error;
}

View File

@ -1,5 +1,6 @@
import 'dart:convert'; import 'dart:convert';
import 'package:cryptography/cryptography.dart'; import 'package:cryptography/cryptography.dart';
import 'package:hex/hex.dart';
import 'package:meta/meta.dart'; import 'package:meta/meta.dart';
import 'package:omemo_dart/src/helpers.dart'; import 'package:omemo_dart/src/helpers.dart';
import 'package:omemo_dart/src/keys.dart'; import 'package:omemo_dart/src/keys.dart';
@ -8,9 +9,8 @@ import 'package:omemo_dart/src/x3dh/x3dh.dart';
/// This class represents an OmemoBundle but with all keypairs belonging to the keys /// This class represents an OmemoBundle but with all keypairs belonging to the keys
@immutable @immutable
class Device { class OmemoDevice {
const OmemoDevice(
const Device(
this.jid, this.jid,
this.id, this.id,
this.ik, this.ik,
@ -23,7 +23,7 @@ class Device {
); );
/// Deserialize the Device /// Deserialize the Device
factory Device.fromJson(Map<String, dynamic> data) { factory OmemoDevice.fromJson(Map<String, dynamic> data) {
// NOTE: We use the way OpenSSH names their keys, meaning that ik is the Identity // NOTE: We use the way OpenSSH names their keys, meaning that ik is the Identity
// Keypair's private key, while ik_pub refers to the Identity Keypair's public // Keypair's private key, while ik_pub refers to the Identity Keypair's public
// key. // key.
@ -67,7 +67,7 @@ class Device {
), ),
); );
return Device( return OmemoDevice(
data['jid']! as String, data['jid']! as String,
data['id']! as int, data['id']! as int,
OmemoKeyPair.fromBytes( OmemoKeyPair.fromBytes(
@ -93,7 +93,7 @@ class Device {
} }
/// Generate a completely new device, i.e. cryptographic identity. /// Generate a completely new device, i.e. cryptographic identity.
static Future<Device> generateNewDevice(String jid, { int opkAmount = 100 }) async { static Future<OmemoDevice> generateNewDevice(String jid, { int opkAmount = 100 }) async {
final id = generateRandom32BitNumber(); final id = generateRandom32BitNumber();
final ik = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519); final ik = await OmemoKeyPair.generateNewPair(KeyPairType.ed25519);
final spk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); final spk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
@ -105,7 +105,7 @@ class Device {
opks[i] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); opks[i] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
} }
return Device(jid, id, ik, spk, spkId, signature, null, null, opks); return OmemoDevice(jid, id, ik, spk, spkId, signature, null, null, opks);
} }
/// Our bare Jid /// Our bare Jid
@ -135,10 +135,10 @@ class Device {
/// This replaces the Onetime-Prekey with id [id] with a completely new one. Returns /// This replaces the Onetime-Prekey with id [id] with a completely new one. Returns
/// a new Device object that copies over everything but replaces said key. /// a new Device object that copies over everything but replaces said key.
@internal @internal
Future<Device> replaceOnetimePrekey(int id) async { Future<OmemoDevice> replaceOnetimePrekey(int id) async {
opks[id] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); opks[id] = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
return Device( return OmemoDevice(
jid, jid,
this.id, this.id,
ik, ik,
@ -154,12 +154,12 @@ class Device {
/// This replaces the Signed-Prekey with a completely new one. Returns a new Device object /// This replaces the Signed-Prekey with a completely new one. Returns a new Device object
/// that copies over everything but replaces the Signed-Prekey and its signature. /// that copies over everything but replaces the Signed-Prekey and its signature.
@internal @internal
Future<Device> replaceSignedPrekey() async { Future<OmemoDevice> replaceSignedPrekey() async {
final newSpk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519); final newSpk = await OmemoKeyPair.generateNewPair(KeyPairType.x25519);
final newSpkId = generateRandom32BitNumber(); final newSpkId = generateRandom32BitNumber();
final newSignature = await sig(ik, await newSpk.pk.getBytes()); final newSignature = await sig(ik, await newSpk.pk.getBytes());
return Device( return OmemoDevice(
jid, jid,
id, id,
ik, ik,
@ -175,8 +175,8 @@ class Device {
/// Returns a new device that is equal to this one with the exception that the new /// Returns a new device that is equal to this one with the exception that the new
/// device's id is a new number between 0 and 2**32 - 1. /// device's id is a new number between 0 and 2**32 - 1.
@internal @internal
Device withNewId() { OmemoDevice withNewId() {
return Device( return OmemoDevice(
jid, jid,
generateRandom32BitNumber(), generateRandom32BitNumber(),
ik, ik,
@ -208,6 +208,13 @@ class Device {
); );
} }
/// Returns the fingerprint of the current device
Future<String> getFingerprint() async {
// Since the local key is Ed25519, we must convert it to Curve25519 first
final curveKey = await ik.pk.toCurve25519();
return HEX.encode(await curveKey.getBytes());
}
/// Serialise the device information. /// Serialise the device information.
Future<Map<String, dynamic>> toJson() async { Future<Map<String, dynamic>> toJson() async {
/// Serialise the OPKs /// Serialise the OPKs
@ -237,7 +244,7 @@ class Device {
} }
@visibleForTesting @visibleForTesting
Future<bool> equals(Device other) async { Future<bool> equals(OmemoDevice other) async {
var opksMatch = true; var opksMatch = true;
if (opks.length != other.opks.length) { if (opks.length != other.opks.length) {
opksMatch = false; opksMatch = false;

View File

@ -1,15 +1,26 @@
import 'package:meta/meta.dart'; import 'package:meta/meta.dart';
import 'package:omemo_dart/src/errors.dart';
import 'package:omemo_dart/src/omemo/encrypted_key.dart'; import 'package:omemo_dart/src/omemo/encrypted_key.dart';
import 'package:omemo_dart/src/omemo/ratchet_map_key.dart';
@immutable @immutable
class EncryptionResult { class EncryptionResult {
const EncryptionResult(this.ciphertext, this.encryptedKeys, this.deviceEncryptionErrors, this.jidEncryptionErrors);
const EncryptionResult(this.ciphertext, this.encryptedKeys); /// The actual message that was encrypted.
/// The actual message that was encrypted
final List<int>? ciphertext; final List<int>? ciphertext;
/// Mapping of the device Id to the key for decrypting ciphertext, encrypted /// Mapping of the device Id to the key for decrypting ciphertext, encrypted
/// for the ratchet with said device Id /// for the ratchet with said device Id.
final List<EncryptedKey> encryptedKeys; final List<EncryptedKey> encryptedKeys;
/// Mapping of a ratchet map keys to a possible exception.
final Map<RatchetMapKey, OmemoException> deviceEncryptionErrors;
/// Mapping of a JID to a possible exception.
final Map<String, OmemoException> jidEncryptionErrors;
/// True if the encryption was a success. This means that we could encrypt for
/// at least one ratchet.
bool isSuccess(int numberOfRecipients) => encryptedKeys.isNotEmpty && jidEncryptionErrors.length < numberOfRecipients;
} }

View File

@ -22,14 +22,14 @@ class RatchetRemovedEvent extends OmemoEvent {
} }
/// Triggered when the device map has been modified /// Triggered when the device map has been modified
class DeviceMapModifiedEvent extends OmemoEvent { class DeviceListModifiedEvent extends OmemoEvent {
DeviceMapModifiedEvent(this.map); DeviceListModifiedEvent(this.list);
final Map<String, List<int>> map; final Map<String, List<int>> list;
} }
/// Triggered by the OmemoSessionManager when our own device bundle was modified /// Triggered by the OmemoSessionManager when our own device bundle was modified
/// and thus should be republished. /// and thus should be republished.
class DeviceModifiedEvent extends OmemoEvent { class DeviceModifiedEvent extends OmemoEvent {
DeviceModifiedEvent(this.device); DeviceModifiedEvent(this.device);
final Device device; final OmemoDevice device;
} }

View File

@ -2,7 +2,6 @@ import 'package:meta/meta.dart';
@immutable @immutable
class DeviceFingerprint { class DeviceFingerprint {
const DeviceFingerprint(this.deviceId, this.fingerprint); const DeviceFingerprint(this.deviceId, this.fingerprint);
final String fingerprint; final String fingerprint;
final int deviceId; final int deviceId;

View File

@ -0,0 +1,783 @@
import 'dart:async';
import 'dart:collection';
import 'dart:convert';
import 'package:collection/collection.dart';
import 'package:cryptography/cryptography.dart';
import 'package:hex/hex.dart';
import 'package:logging/logging.dart';
import 'package:meta/meta.dart';
import 'package:omemo_dart/src/crypto.dart';
import 'package:omemo_dart/src/double_ratchet/double_ratchet.dart';
import 'package:omemo_dart/src/errors.dart';
import 'package:omemo_dart/src/helpers.dart';
import 'package:omemo_dart/src/keys.dart';
import 'package:omemo_dart/src/omemo/bundle.dart';
import 'package:omemo_dart/src/omemo/constants.dart';
import 'package:omemo_dart/src/omemo/decryption_result.dart';
import 'package:omemo_dart/src/omemo/device.dart';
import 'package:omemo_dart/src/omemo/encrypted_key.dart';
import 'package:omemo_dart/src/omemo/encryption_result.dart';
import 'package:omemo_dart/src/omemo/events.dart';
import 'package:omemo_dart/src/omemo/fingerprint.dart';
import 'package:omemo_dart/src/omemo/ratchet_map_key.dart';
import 'package:omemo_dart/src/omemo/stanza.dart';
import 'package:omemo_dart/src/protobuf/omemo_authenticated_message.dart';
import 'package:omemo_dart/src/protobuf/omemo_key_exchange.dart';
import 'package:omemo_dart/src/protobuf/omemo_message.dart';
import 'package:omemo_dart/src/trust/base.dart';
import 'package:omemo_dart/src/x3dh/x3dh.dart';
import 'package:synchronized/synchronized.dart';
class _InternalDecryptionResult {
const _InternalDecryptionResult(this.ratchetCreated, this.payload);
final bool ratchetCreated;
final String? payload;
}
class OmemoManager {
OmemoManager(
this._device,
this._trustManager,
this.sendEmptyOmemoMessageImpl,
this.fetchDeviceListImpl,
this.fetchDeviceBundleImpl,
this.subscribeToDeviceListNodeImpl,
);
final Logger _log = Logger('OmemoManager');
/// Functions for connecting with the OMEMO library
/// Send an empty OMEMO:2 message using the encrypted payload @result to
/// @recipientJid.
final Future<void> Function(EncryptionResult result, String recipientJid) sendEmptyOmemoMessageImpl;
/// Fetch the list of device ids associated with @jid. If the device list cannot be
/// fetched, return null.
final Future<List<int>?> Function(String jid) fetchDeviceListImpl;
/// Fetch the device bundle for the device with id @id of jid. If it cannot be fetched, return null.
final Future<OmemoBundle?> Function(String jid, int id) fetchDeviceBundleImpl;
/// Subscribe to the device list PEP node of @jid.
final Future<void> Function(String jid) subscribeToDeviceListNodeImpl;
/// Map bare JID to its known devices
Map<String, List<int>> _deviceList = {};
/// Map bare JIDs to whether we already requested the device list once
final Map<String, bool> _deviceListRequested = {};
/// Map bare a ratchet key to its ratchet. Note that this is also locked by
/// _ratchetCriticalSectionLock.
Map<RatchetMapKey, OmemoDoubleRatchet> _ratchetMap = {};
/// Map bare JID to whether we already tried to subscribe to the device list node.
final Map<String, bool> _subscriptionMap = {};
/// For preventing a race condition in encryption/decryption
final Map<String, Queue<Completer<void>>> _ratchetCriticalSectionQueue = {};
final Lock _ratchetCriticalSectionLock = Lock();
/// The OmemoManager's trust management
final TrustManager _trustManager;
TrustManager get trustManager => _trustManager;
/// Our own keys...
final Lock _deviceLock = Lock();
// ignore: prefer_final_fields
OmemoDevice _device;
/// The event bus of the session manager
final StreamController<OmemoEvent> _eventStreamController = StreamController<OmemoEvent>.broadcast();
Stream<OmemoEvent> get eventStream => _eventStreamController.stream;
/// Enter the critical section for performing cryptographic operations on the ratchets
Future<void> _enterRatchetCriticalSection(String jid) async {
final completer = await _ratchetCriticalSectionLock.synchronized(() {
if (_ratchetCriticalSectionQueue.containsKey(jid)) {
final c = Completer<void>();
_ratchetCriticalSectionQueue[jid]!.addLast(c);
return c;
}
_ratchetCriticalSectionQueue[jid] = Queue();
return null;
});
if (completer != null) {
await completer.future;
}
}
/// Leave the critical section for the ratchets.
Future<void> _leaveRatchetCriticalSection(String jid) async {
await _ratchetCriticalSectionLock.synchronized(() {
if (_ratchetCriticalSectionQueue.containsKey(jid)) {
if (_ratchetCriticalSectionQueue[jid]!.isEmpty) {
_ratchetCriticalSectionQueue.remove(jid);
} else {
_ratchetCriticalSectionQueue[jid]!.removeFirst().complete();
}
}
});
}
Future<String?> _decryptAndVerifyHmac(List<int>? ciphertext, List<int> keyAndHmac) async {
// Empty OMEMO messages should just have the key decrypted and/or session set up.
if (ciphertext == null) {
return null;
}
final key = keyAndHmac.sublist(0, 32);
final hmac = keyAndHmac.sublist(32, 48);
final derivedKeys = await deriveEncryptionKeys(key, omemoPayloadInfoString);
final computedHmac = await truncatedHmac(ciphertext, derivedKeys.authenticationKey);
if (!listsEqual(hmac, computedHmac)) {
throw InvalidMessageHMACException();
}
return utf8.decode(
await aes256CbcDecrypt(ciphertext, derivedKeys.encryptionKey, derivedKeys.iv),
);
}
/// Add a session [ratchet] with the [deviceId] to the internal tracking state.
/// NOTE: Must be called from within the ratchet critical section.
void _addSession(String jid, int deviceId, OmemoDoubleRatchet ratchet) {
// Add the bundle Id
if (!_deviceList.containsKey(jid)) {
_deviceList[jid] = [deviceId];
// Commit the device map
_eventStreamController.add(DeviceListModifiedEvent(_deviceList));
} else {
// Prevent having the same device multiple times in the list
if (!_deviceList[jid]!.contains(deviceId)) {
_deviceList[jid]!.add(deviceId);
// Commit the device map
_eventStreamController.add(DeviceListModifiedEvent(_deviceList));
}
}
// Add the ratchet session
final key = RatchetMapKey(jid, deviceId);
_ratchetMap[key] = ratchet;
// Commit the ratchet
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, true));
}
/// Build a new session with the user at [jid] with the device [deviceId] using data
/// from the key exchange [kex]. In case [kex] contains an unknown Signed Prekey
/// identifier an UnknownSignedPrekeyException will be thrown.
Future<OmemoDoubleRatchet> _addSessionFromKeyExchange(String jid, int deviceId, OmemoKeyExchange kex) async {
// Pick the correct SPK
final device = await getDevice();
OmemoKeyPair spk;
if (kex.spkId == _device.spkId) {
spk = _device.spk;
} else if (kex.spkId == _device.oldSpkId) {
spk = _device.oldSpk!;
} else {
throw UnknownSignedPrekeyException();
}
final kexResult = await x3dhFromInitialMessage(
X3DHMessage(
OmemoPublicKey.fromBytes(kex.ik!, KeyPairType.ed25519),
OmemoPublicKey.fromBytes(kex.ek!, KeyPairType.x25519),
kex.pkId!,
),
spk,
device.opks.values.elementAt(kex.pkId!),
device.ik,
);
final ratchet = await OmemoDoubleRatchet.acceptNewSession(
spk,
OmemoPublicKey.fromBytes(kex.ik!, KeyPairType.ed25519),
kexResult.sk,
kexResult.ad,
getTimestamp(),
);
return ratchet;
}
/// Create a ratchet session initiated by Alice to the user with Jid [jid] and the device
/// [deviceId] from the bundle [bundle].
@visibleForTesting
Future<OmemoKeyExchange> addSessionFromBundle(String jid, int deviceId, OmemoBundle bundle) async {
final device = await getDevice();
final kexResult = await x3dhFromBundle(
bundle,
device.ik,
);
final ratchet = await OmemoDoubleRatchet.initiateNewSession(
bundle.spk,
bundle.ik,
kexResult.sk,
kexResult.ad,
getTimestamp(),
);
await _trustManager.onNewSession(jid, deviceId);
_addSession(jid, deviceId, ratchet);
return OmemoKeyExchange()
..pkId = kexResult.opkId
..spkId = bundle.spkId
..ik = await device.ik.pk.getBytes()
..ek = await kexResult.ek.pk.getBytes();
}
/// In case a decryption error occurs, the Double Ratchet spec says to just restore
/// the ratchet to its old state. As such, this function restores the ratchet at
/// [mapKey] with [oldRatchet].
/// NOTE: Must be called from within the ratchet critical section
void _restoreRatchet(RatchetMapKey mapKey, OmemoDoubleRatchet oldRatchet) {
_log.finest('Restoring ratchet ${mapKey.jid}:${mapKey.deviceId} to ${oldRatchet.nr}');
_ratchetMap[mapKey] = oldRatchet;
// Commit the ratchet
_eventStreamController.add(
RatchetModifiedEvent(
mapKey.jid,
mapKey.deviceId,
oldRatchet,
false,
),
);
}
/// Attempt to decrypt [ciphertext]. [keys] refers to the <key /> elements inside the
/// <keys /> element with a "jid" attribute matching our own. [senderJid] refers to the
/// bare Jid of the sender. [senderDeviceId] refers to the "sid" attribute of the
/// <encrypted /> element.
/// [timestamp] refers to the time the message was sent. This might be either what the
/// server tells you via "XEP-0203: Delayed Delivery" or the point in time at which
/// you received the stanza, if no Delayed Delivery element was found.
///
/// If the received message is an empty OMEMO message, i.e. there is no <payload />
/// element, then [ciphertext] must be set to null. In this case, this function
/// will return null as there is no message to be decrypted. This, however, is used
/// to set up sessions or advance the ratchets.
Future<_InternalDecryptionResult> _decryptMessage(List<int>? ciphertext, String senderJid, int senderDeviceId, List<EncryptedKey> keys, int timestamp) async {
// Try to find a session we can decrypt with.
var device = await getDevice();
final rawKey = keys.firstWhereOrNull((key) => key.rid == device.id);
if (rawKey == null) {
throw NotEncryptedForDeviceException();
}
final ratchetKey = RatchetMapKey(senderJid, senderDeviceId);
final decodedRawKey = base64.decode(rawKey.value);
List<int>? keyAndHmac;
OmemoAuthenticatedMessage authMessage;
OmemoDoubleRatchet? oldRatchet;
OmemoMessage? message;
var ratchetCreated = false;
if (rawKey.kex) {
// If the ratchet already existed, we store it. If it didn't, oldRatchet will stay
// null.
final oldRatchet = _getRatchet(ratchetKey)?.clone();
final kex = OmemoKeyExchange.fromBuffer(decodedRawKey);
authMessage = kex.message!;
message = OmemoMessage.fromBuffer(authMessage.message!);
// Guard against old key exchanges
if (oldRatchet != null) {
_log.finest('KEX for existent ratchet ${ratchetKey.toJsonKey()}. ${oldRatchet.kexTimestamp} > $timestamp: ${oldRatchet.kexTimestamp > timestamp}');
if (oldRatchet.kexTimestamp > timestamp) {
throw InvalidKeyExchangeException();
}
// Try to decrypt it
try {
final decrypted = await oldRatchet.ratchetDecrypt(message, authMessage.writeToBuffer());
// Commit the ratchet
_eventStreamController.add(
RatchetModifiedEvent(
senderJid,
senderDeviceId,
oldRatchet,
false,
),
);
final plaintext = await _decryptAndVerifyHmac(
ciphertext,
decrypted,
);
_addSession(senderJid, senderDeviceId, oldRatchet);
return _InternalDecryptionResult(
true,
plaintext,
);
} catch (_) {
_log.finest('Failed to use old ratchet with KEX for existing ratchet');
}
}
final r = await _addSessionFromKeyExchange(senderJid, senderDeviceId, kex);
await _trustManager.onNewSession(senderJid, senderDeviceId);
_addSession(senderJid, senderDeviceId, r);
ratchetCreated = true;
// Replace the OPK
// TODO(PapaTutuWawa): Replace the OPK when we know that the KEX worked
await _deviceLock.synchronized(() async {
device = await device.replaceOnetimePrekey(kex.pkId!);
// Commit the device
_eventStreamController.add(DeviceModifiedEvent(device));
});
} else {
authMessage = OmemoAuthenticatedMessage.fromBuffer(decodedRawKey);
message = OmemoMessage.fromBuffer(authMessage.message!);
}
final devices = _deviceList[senderJid];
if (devices?.contains(senderDeviceId) != true) {
throw NoDecryptionKeyException();
}
// We can guarantee that the ratchet exists at this point in time
final ratchet = _getRatchet(ratchetKey)!;
oldRatchet ??= ratchet.clone();
try {
if (rawKey.kex) {
keyAndHmac = await ratchet.ratchetDecrypt(message, authMessage.writeToBuffer());
} else {
keyAndHmac = await ratchet.ratchetDecrypt(message, decodedRawKey);
}
} catch (_) {
_restoreRatchet(ratchetKey, oldRatchet);
rethrow;
}
// Commit the ratchet
_eventStreamController.add(
RatchetModifiedEvent(
senderJid,
senderDeviceId,
ratchet,
false,
),
);
try {
return _InternalDecryptionResult(
ratchetCreated,
await _decryptAndVerifyHmac(ciphertext, keyAndHmac),
);
} catch (_) {
_restoreRatchet(ratchetKey, oldRatchet);
rethrow;
}
}
/// Returns, if it exists, the ratchet associated with [key].
/// NOTE: Must be called from within the ratchet critical section.
OmemoDoubleRatchet? _getRatchet(RatchetMapKey key) => _ratchetMap[key];
/// Figure out what bundles we have to still build a session with.
Future<List<OmemoBundle>> _fetchNewBundles(String jid) async {
// Check if we already requested the device list for [jid]
List<int> bundlesToFetch;
if (!_deviceListRequested.containsKey(jid) || !_deviceList.containsKey(jid)) {
// We don't have an up-to-date version of the device list
final newDeviceList = await fetchDeviceListImpl(jid);
if (newDeviceList == null) return [];
_deviceList[jid] = newDeviceList;
bundlesToFetch = newDeviceList
.where((id) {
return !_ratchetMap.containsKey(RatchetMapKey(jid, id)) ||
_deviceList[jid]?.contains(id) == false;
}).toList();
// Trigger an event with the new device list
_eventStreamController.add(DeviceListModifiedEvent(_deviceList));
} else {
// We already have an up-to-date version of the device list
bundlesToFetch = _deviceList[jid]!
.where((id) => !_ratchetMap.containsKey(RatchetMapKey(jid, id)))
.toList();
}
if (bundlesToFetch.isNotEmpty) {
_log.finest('Fetching bundles $bundlesToFetch for $jid');
}
final newBundles = List<OmemoBundle>.empty(growable: true);
for (final id in bundlesToFetch) {
final bundle = await fetchDeviceBundleImpl(jid, id);
if (bundle != null) newBundles.add(bundle);
}
return newBundles;
}
/// Encrypt the key [plaintext] for all known bundles of the Jids in [jids]. Returns a
/// map that maps the device Id to the ciphertext of [plaintext].
///
/// If [plaintext] is null, then the result will be an empty OMEMO message, i.e. one that
/// does not contain a <payload /> element. This means that the ciphertext attribute of
/// the result will be null as well.
/// NOTE: Must be called within the ratchet critical section
Future<EncryptionResult> _encryptToJids(List<String> jids, String? plaintext) async {
final encryptedKeys = List<EncryptedKey>.empty(growable: true);
var ciphertext = const <int>[];
var keyPayload = const <int>[];
if (plaintext != null) {
// Generate the key and encrypt the plaintext
final key = generateRandomBytes(32);
final keys = await deriveEncryptionKeys(key, omemoPayloadInfoString);
ciphertext = await aes256CbcEncrypt(
utf8.encode(plaintext),
keys.encryptionKey,
keys.iv,
);
final hmac = await truncatedHmac(ciphertext, keys.authenticationKey);
keyPayload = concat([key, hmac]);
} else {
keyPayload = List<int>.filled(32, 0x0);
}
final kex = <RatchetMapKey, OmemoKeyExchange>{};
for (final jid in jids) {
for (final newSession in await _fetchNewBundles(jid)) {
kex[RatchetMapKey(jid, newSession.id)] = await addSessionFromBundle(
newSession.jid,
newSession.id,
newSession,
);
}
}
// We assume that the user already checked if the session exists
final deviceEncryptionErrors = <RatchetMapKey, OmemoException>{};
final jidEncryptionErrors = <String, OmemoException>{};
for (final jid in jids) {
final devices = _deviceList[jid];
if (devices == null) {
_log.severe('Device list does not exist for $jid.');
jidEncryptionErrors[jid] = NoKeyMaterialAvailableException();
continue;
}
if (!_subscriptionMap.containsKey(jid)) {
unawaited(subscribeToDeviceListNodeImpl(jid));
_subscriptionMap[jid] = true;
}
for (final deviceId in devices) {
// Empty OMEMO messages are allowed to bypass trust
if (plaintext != null) {
// Only encrypt to devices that are trusted
if (!(await _trustManager.isTrusted(jid, deviceId))) continue;
// Only encrypt to devices that are enabled
if (!(await _trustManager.isEnabled(jid, deviceId))) continue;
}
final ratchetKey = RatchetMapKey(jid, deviceId);
var ratchet = _ratchetMap[ratchetKey];
if (ratchet == null) {
_log.severe('Ratchet ${ratchetKey.toJsonKey()} does not exist.');
deviceEncryptionErrors[ratchetKey] = NoKeyMaterialAvailableException();
continue;
}
final ciphertext = (await ratchet.ratchetEncrypt(keyPayload)).ciphertext;
if (kex.containsKey(ratchetKey)) {
// The ratchet did not exist
final k = kex[ratchetKey]!
..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext);
final buffer = base64.encode(k.writeToBuffer());
encryptedKeys.add(
EncryptedKey(
jid,
deviceId,
buffer,
true,
),
);
ratchet = ratchet.cloneWithKex(buffer);
_ratchetMap[ratchetKey] = ratchet;
} else if (!ratchet.acknowledged) {
// The ratchet exists but is not acked
if (ratchet.kex != null) {
final oldKex = OmemoKeyExchange.fromBuffer(base64.decode(ratchet.kex!))
..message = OmemoAuthenticatedMessage.fromBuffer(ciphertext);
encryptedKeys.add(
EncryptedKey(
jid,
deviceId,
base64.encode(oldKex.writeToBuffer()),
true,
),
);
} else {
// The ratchet is not acked but we don't have the old key exchange
_log.warning('Ratchet for $jid:$deviceId is not acked but the kex attribute is null');
encryptedKeys.add(
EncryptedKey(
jid,
deviceId,
base64.encode(ciphertext),
false,
),
);
}
} else {
// The ratchet exists and is acked
encryptedKeys.add(
EncryptedKey(
jid,
deviceId,
base64.encode(ciphertext),
false,
),
);
}
// Commit the ratchet
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false));
}
}
return EncryptionResult(
plaintext != null ?
ciphertext : null,
encryptedKeys,
deviceEncryptionErrors,
jidEncryptionErrors,
);
}
/// Call when receiving an OMEMO:2 encrypted stanza. Will handle everything and
/// decrypt it.
Future<DecryptionResult> onIncomingStanza(OmemoIncomingStanza stanza) async {
await _enterRatchetCriticalSection(stanza.bareSenderJid);
if (!_subscriptionMap.containsKey(stanza.bareSenderJid)) {
unawaited(subscribeToDeviceListNodeImpl(stanza.bareSenderJid));
_subscriptionMap[stanza.bareSenderJid] = true;
}
final ratchetKey = RatchetMapKey(stanza.bareSenderJid, stanza.senderDeviceId);
final _InternalDecryptionResult result;
try {
result = await _decryptMessage(
stanza.payload != null ?
base64.decode(stanza.payload!) :
null,
stanza.bareSenderJid,
stanza.senderDeviceId,
stanza.keys,
stanza.timestamp,
);
} on OmemoException catch (ex) {
await _leaveRatchetCriticalSection(stanza.bareSenderJid);
return DecryptionResult(
null,
ex,
);
}
// Check if the ratchet is acked
final ratchet = _getRatchet(ratchetKey);
assert(ratchet != null, 'We decrypted the message, so the ratchet must exist');
if (ratchet!.acknowledged) {
// Ratchet is acknowledged
if (ratchet.nr > 53 || result.ratchetCreated) {
await sendEmptyOmemoMessageImpl(
await _encryptToJids(
[stanza.bareSenderJid],
null,
),
stanza.bareSenderJid,
);
}
// Ratchet is acked
await _leaveRatchetCriticalSection(stanza.bareSenderJid);
return DecryptionResult(
result.payload,
null,
);
} else {
// Ratchet is not acked.
// Mark as acked and send an empty OMEMO message.
await ratchetAcknowledged(
stanza.bareSenderJid,
stanza.senderDeviceId,
enterCriticalSection: false,
);
await sendEmptyOmemoMessageImpl(
await _encryptToJids(
[stanza.bareSenderJid],
null,
),
stanza.bareSenderJid,
);
await _leaveRatchetCriticalSection(stanza.bareSenderJid);
return DecryptionResult(
result.payload,
null,
);
}
}
/// Call when sending out an encrypted stanza. Will handle everything and
/// encrypt it.
Future<EncryptionResult> onOutgoingStanza(OmemoOutgoingStanza stanza) async {
_log.finest('Waiting to enter critical section');
await _enterRatchetCriticalSection(stanza.recipientJids.first);
_log.finest('Entered critical section');
final result = _encryptToJids(
stanza.recipientJids,
stanza.payload,
);
await _leaveRatchetCriticalSection(stanza.recipientJids.first);
return result;
}
// Sends a hearbeat message as specified by XEP-0384 to [jid].
Future<void> sendOmemoHeartbeat(String jid) async {
// TODO(Unknown): Include some error handling
final result = await _encryptToJids(
[jid],
null,
);
await sendEmptyOmemoMessageImpl(result, jid);
}
/// Mark the ratchet for device [deviceId] from [jid] as acked.
Future<void> ratchetAcknowledged(String jid, int deviceId, { bool enterCriticalSection = true }) async {
if (enterCriticalSection) await _enterRatchetCriticalSection(jid);
final key = RatchetMapKey(jid, deviceId);
if (_ratchetMap.containsKey(key)) {
final ratchet = _ratchetMap[key]!
..acknowledged = true;
// Commit it
_eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet, false));
} else {
_log.severe('Attempted to acknowledge ratchet ${key.toJsonKey()}, even though it does not exist');
}
if (enterCriticalSection) await _leaveRatchetCriticalSection(jid);
}
/// Generates an entirely new device. May be useful when the user wants to reset their cryptographic
/// identity. Triggers an event to commit it to storage.
Future<void> regenerateDevice() async {
await _deviceLock.synchronized(() async {
_device = await OmemoDevice.generateNewDevice(_device.jid);
// Commit it
_eventStreamController.add(DeviceModifiedEvent(_device));
});
}
/// Returns the device used for encryption and decryption.
Future<OmemoDevice> getDevice() => _deviceLock.synchronized(() => _device);
/// Returns the id of the device used for encryption and decryption.
Future<int> getDeviceId() async => (await getDevice()).id;
/// Directly aquire the current device as a OMEMO device bundle.
Future<OmemoBundle> getDeviceBundle() async => (await getDevice()).toBundle();
/// Directly aquire the current device's fingerprint.
Future<String> getDeviceFingerprint() async => (await getDevice()).getFingerprint();
/// Returns the fingerprints for all devices of [jid] that we have a session with.
/// If there are not sessions with [jid], then returns null.
Future<List<DeviceFingerprint>?> getFingerprintsForJid(String jid) async {
if (!_deviceList.containsKey(jid)) return null;
await _enterRatchetCriticalSection(jid);
final fingerprintKeys = _deviceList[jid]!
.map((id) => RatchetMapKey(jid, id))
.where((key) => _ratchetMap.containsKey(key));
final fingerprints = List<DeviceFingerprint>.empty(growable: true);
for (final key in fingerprintKeys) {
final curveKey = await _ratchetMap[key]!.ik.toCurve25519();
fingerprints.add(
DeviceFingerprint(
key.deviceId,
HEX.encode(await curveKey.getBytes()),
),
);
}
await _leaveRatchetCriticalSection(jid);
return fingerprints;
}
/// Ensures that the device list is fetched again on the next message sending.
void onNewConnection() {
_deviceListRequested.clear();
_subscriptionMap.clear();
}
/// Sets the device list for [jid] to [devices]. Triggers a DeviceListModifiedEvent.
void onDeviceListUpdate(String jid, List<int> devices) {
_deviceList[jid] = devices;
_deviceListRequested[jid] = true;
// Trigger an event
_eventStreamController.add(DeviceListModifiedEvent(_deviceList));
}
void initialize(Map<RatchetMapKey, OmemoDoubleRatchet> ratchetMap, Map<String, List<int>> deviceList) {
_deviceList = deviceList;
_ratchetMap = ratchetMap;
}
/// Removes all ratchets for JID [jid]. This also removes all trust decisions for
/// [jid] from the trust manager. This function triggers a RatchetRemovedEvent for
/// every removed ratchet and a DeviceListModifiedEvent afterwards. Behaviour for
/// the trust manager is dependent on its implementation.
Future<void> removeAllRatchets(String jid) async {
await _enterRatchetCriticalSection(jid);
for (final deviceId in _deviceList[jid]!) {
// Remove the ratchet and commit it
_ratchetMap.remove(jid);
_eventStreamController.add(RatchetRemovedEvent(jid, deviceId));
}
// Remove the devices from the device list cache and commit it
_deviceList.remove(jid);
_deviceListRequested.remove(jid);
_eventStreamController.add(DeviceListModifiedEvent(_deviceList));
// Remove trust decisions
await _trustManager.removeTrustDecisionsForJid(jid);
await _leaveRatchetCriticalSection(jid);
}
/// Replaces the internal device with [newDevice]. Does not trigger an event.
Future<void> replaceDevice(OmemoDevice newDevice) async {
await _deviceLock.synchronized(() {
_device = newDevice;
});
}
}

View File

@ -2,7 +2,6 @@ import 'package:meta/meta.dart';
@immutable @immutable
class RatchetMapKey { class RatchetMapKey {
const RatchetMapKey(this.jid, this.deviceId); const RatchetMapKey(this.jid, this.deviceId);
factory RatchetMapKey.fromJsonKey(String key) { factory RatchetMapKey.fromJsonKey(String key) {

View File

@ -11,6 +11,7 @@ import 'package:omemo_dart/src/errors.dart';
import 'package:omemo_dart/src/helpers.dart'; import 'package:omemo_dart/src/helpers.dart';
import 'package:omemo_dart/src/keys.dart'; import 'package:omemo_dart/src/keys.dart';
import 'package:omemo_dart/src/omemo/bundle.dart'; import 'package:omemo_dart/src/omemo/bundle.dart';
import 'package:omemo_dart/src/omemo/constants.dart';
import 'package:omemo_dart/src/omemo/device.dart'; import 'package:omemo_dart/src/omemo/device.dart';
import 'package:omemo_dart/src/omemo/encrypted_key.dart'; import 'package:omemo_dart/src/omemo/encrypted_key.dart';
import 'package:omemo_dart/src/omemo/encryption_result.dart'; import 'package:omemo_dart/src/omemo/encryption_result.dart';
@ -24,10 +25,9 @@ import 'package:omemo_dart/src/trust/base.dart';
import 'package:omemo_dart/src/x3dh/x3dh.dart'; import 'package:omemo_dart/src/x3dh/x3dh.dart';
import 'package:synchronized/synchronized.dart'; import 'package:synchronized/synchronized.dart';
/// The info used for when encrypting the AES key for the actual payload. @Deprecated('Use OmemoManager instead')
const omemoPayloadInfoString = 'OMEMO Payload';
class OmemoSessionManager { class OmemoSessionManager {
@Deprecated('Use OmemoManager instead')
OmemoSessionManager(this._device, this._deviceMap, this._ratchetMap, this._trustManager) OmemoSessionManager(this._device, this._deviceMap, this._ratchetMap, this._trustManager)
: _lock = Lock(), : _lock = Lock(),
_deviceLock = Lock(), _deviceLock = Lock(),
@ -36,6 +36,7 @@ class OmemoSessionManager {
/// Deserialise the OmemoSessionManager from JSON data [data] that does not contain /// Deserialise the OmemoSessionManager from JSON data [data] that does not contain
/// the ratchet sessions. /// the ratchet sessions.
@Deprecated('Use OmemoManager instead')
factory OmemoSessionManager.fromJsonWithoutSessions( factory OmemoSessionManager.fromJsonWithoutSessions(
Map<String, dynamic> data, Map<String, dynamic> data,
Map<RatchetMapKey, OmemoDoubleRatchet> ratchetMap, Map<RatchetMapKey, OmemoDoubleRatchet> ratchetMap,
@ -44,7 +45,7 @@ class OmemoSessionManager {
// NOTE: Dart has some issues with just casting a List<dynamic> to List<Map<...>>, as // NOTE: Dart has some issues with just casting a List<dynamic> to List<Map<...>>, as
// such we need to convert the items by hand. // such we need to convert the items by hand.
return OmemoSessionManager( return OmemoSessionManager(
Device.fromJson(data['device']! as Map<String, dynamic>), OmemoDevice.fromJson(data['device']! as Map<String, dynamic>),
(data['devices']! as Map<String, dynamic>).map<String, List<int>>( (data['devices']! as Map<String, dynamic>).map<String, List<int>>(
(key, value) { (key, value) {
return MapEntry( return MapEntry(
@ -61,7 +62,7 @@ class OmemoSessionManager {
/// Generate a new cryptographic identity. /// Generate a new cryptographic identity.
static Future<OmemoSessionManager> generateNewIdentity(String jid, TrustManager trustManager, { int opkAmount = 100 }) async { static Future<OmemoSessionManager> generateNewIdentity(String jid, TrustManager trustManager, { int opkAmount = 100 }) async {
assert(opkAmount > 0, 'opkAmount must be bigger than 0.'); assert(opkAmount > 0, 'opkAmount must be bigger than 0.');
final device = await Device.generateNewDevice(jid, opkAmount: opkAmount); final device = await OmemoDevice.generateNewDevice(jid, opkAmount: opkAmount);
return OmemoSessionManager(device, {}, {}, trustManager); return OmemoSessionManager(device, {}, {}, trustManager);
} }
@ -83,7 +84,7 @@ class OmemoSessionManager {
/// Our own keys... /// Our own keys...
// ignore: prefer_final_fields // ignore: prefer_final_fields
Device _device; OmemoDevice _device;
/// and its lock /// and its lock
final Lock _deviceLock; final Lock _deviceLock;
@ -95,7 +96,7 @@ class OmemoSessionManager {
Stream<OmemoEvent> get eventStream => _eventStreamController.stream; Stream<OmemoEvent> get eventStream => _eventStreamController.stream;
/// Returns our own device. /// Returns our own device.
Future<Device> getDevice() async { Future<OmemoDevice> getDevice() async {
return _deviceLock.synchronized(() => _device); return _deviceLock.synchronized(() => _device);
} }
@ -119,14 +120,14 @@ class OmemoSessionManager {
_deviceMap[jid] = [deviceId]; _deviceMap[jid] = [deviceId];
// Commit the device map // Commit the device map
_eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); _eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
} else { } else {
// Prevent having the same device multiple times in the list // Prevent having the same device multiple times in the list
if (!_deviceMap[jid]!.contains(deviceId)) { if (!_deviceMap[jid]!.contains(deviceId)) {
_deviceMap[jid]!.add(deviceId); _deviceMap[jid]!.add(deviceId);
// Commit the device map // Commit the device map
_eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); _eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
} }
} }
@ -328,6 +329,8 @@ class OmemoSessionManager {
return EncryptionResult( return EncryptionResult(
plaintext != null ? ciphertext : null, plaintext != null ? ciphertext : null,
encryptedKeys, encryptedKeys,
const <RatchetMapKey, OmemoException>{},
const <String, OmemoException>{},
); );
} }
@ -562,7 +565,7 @@ class OmemoSessionManager {
_deviceMap.remove(jid); _deviceMap.remove(jid);
} }
// Commit it // Commit it
_eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); _eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
}); });
} }
@ -580,7 +583,7 @@ class OmemoSessionManager {
// Remove the device from jid // Remove the device from jid
_deviceMap.remove(jid); _deviceMap.remove(jid);
// Commit it // Commit it
_eventStreamController.add(DeviceMapModifiedEvent(_deviceMap)); _eventStreamController.add(DeviceListModifiedEvent(_deviceMap));
}); });
} }
@ -622,7 +625,7 @@ class OmemoSessionManager {
/// identity. Triggers an event to commit it to storage. /// identity. Triggers an event to commit it to storage.
Future<void> regenerateDevice({ int opkAmount = 100 }) async { Future<void> regenerateDevice({ int opkAmount = 100 }) async {
await _deviceLock.synchronized(() async { await _deviceLock.synchronized(() async {
_device = await Device.generateNewDevice(_device.jid, opkAmount: opkAmount); _device = await OmemoDevice.generateNewDevice(_device.jid, opkAmount: opkAmount);
// Commit it // Commit it
_eventStreamController.add(DeviceModifiedEvent(_device)); _eventStreamController.add(DeviceModifiedEvent(_device));

41
lib/src/omemo/stanza.dart Normal file
View File

@ -0,0 +1,41 @@
import 'package:omemo_dart/src/omemo/encrypted_key.dart';
/// Describes a stanza that was received by the underlying XMPP library.
class OmemoIncomingStanza {
const OmemoIncomingStanza(
this.bareSenderJid,
this.senderDeviceId,
this.timestamp,
this.keys,
this.payload,
);
/// The bare JID of the sender of the stanza.
final String bareSenderJid;
/// The device ID of the sender.
final int senderDeviceId;
/// The timestamp when the stanza was received.
final int timestamp;
/// The included encrypted keys
final List<EncryptedKey> keys;
/// The string payload included in the <encrypted /> element.
final String? payload;
}
/// Describes a stanza that is to be sent out
class OmemoOutgoingStanza {
const OmemoOutgoingStanza(
this.recipientJids,
this.payload,
);
/// The JIDs the stanza will be sent to.
final List<String> recipientJids;
/// The serialised XML data that should be encrypted.
final String payload;
}

View File

@ -3,7 +3,6 @@ import 'package:omemo_dart/src/protobuf/omemo_authenticated_message.dart';
import 'package:omemo_dart/src/protobuf/protobuf.dart'; import 'package:omemo_dart/src/protobuf/protobuf.dart';
class OmemoKeyExchange { class OmemoKeyExchange {
OmemoKeyExchange(); OmemoKeyExchange();
factory OmemoKeyExchange.fromBuffer(List<int> data) { factory OmemoKeyExchange.fromBuffer(List<int> data) {

View File

@ -18,6 +18,9 @@ class AlwaysTrustingTrustManager extends TrustManager {
@override @override
Future<void> setEnabled(String jid, int deviceId, bool enabled) async {} Future<void> setEnabled(String jid, int deviceId, bool enabled) async {}
@override
Future<void> removeTrustDecisionsForJid(String jid) async {}
@override @override
Future<Map<String, dynamic>> toJson() async => <String, dynamic>{}; Future<Map<String, dynamic>> toJson() async => <String, dynamic>{};
} }

View File

@ -19,4 +19,7 @@ abstract class TrustManager {
/// Serialize the trust manager to JSON. /// Serialize the trust manager to JSON.
Future<Map<String, dynamic>> toJson(); Future<Map<String, dynamic>> toJson();
/// Removes all trust decisions for [jid].
Future<void> removeTrustDecisionsForJid(String jid);
} }

View File

@ -212,6 +212,14 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager {
); );
} }
@override
Future<void> removeTrustDecisionsForJid(String jid) async {
await _lock.synchronized(() async {
devices.remove(jid);
await commitState();
});
}
/// Called when the state of the trust manager has been changed. Allows the user to /// Called when the state of the trust manager has been changed. Allows the user to
/// commit the trust state to persistent storage. /// commit the trust state to persistent storage.
@visibleForOverriding @visibleForOverriding

View File

@ -18,6 +18,9 @@ class NeverTrustingTrustManager extends TrustManager {
@override @override
Future<void> setEnabled(String jid, int deviceId, bool enabled) async {} Future<void> setEnabled(String jid, int deviceId, bool enabled) async {}
@override
Future<void> removeTrustDecisionsForJid(String jid) async {}
@override @override
Future<Map<String, dynamic>> toJson() async => <String, dynamic>{}; Future<Map<String, dynamic>> toJson() async => <String, dynamic>{};
} }

View File

@ -1,6 +1,6 @@
name: omemo_dart name: omemo_dart
description: An XMPP library independent OMEMO library description: An XMPP library independent OMEMO library
version: 0.3.2 version: 0.4.0
homepage: https://github.com/PapaTutuWawa/omemo_dart homepage: https://github.com/PapaTutuWawa/omemo_dart
publish_to: https://git.polynom.me/api/packages/PapaTutuWawa/pub publish_to: https://git.polynom.me/api/packages/PapaTutuWawa/pub

View File

@ -14,7 +14,7 @@ void main() {
test('Test replacing a onetime prekey', () async { test('Test replacing a onetime prekey', () async {
const aliceJid = 'alice@server.example'; const aliceJid = 'alice@server.example';
final device = await Device.generateNewDevice(aliceJid, opkAmount: 1); final device = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final newDevice = await device.replaceOnetimePrekey(0); final newDevice = await device.replaceOnetimePrekey(0);
@ -65,7 +65,7 @@ void main() {
deviceModified = true; deviceModified = true;
} else if (event is RatchetModifiedEvent) { } else if (event is RatchetModifiedEvent) {
ratchetModified++; ratchetModified++;
} else if (event is DeviceMapModifiedEvent) { } else if (event is DeviceListModifiedEvent) {
deviceMapModified++; deviceMapModified++;
} }
}); });
@ -327,7 +327,7 @@ void main() {
// Setup an event listener // Setup an event listener
final oldDevice = await aliceSession.getDevice(); final oldDevice = await aliceSession.getDevice();
Device? newDevice; OmemoDevice? newDevice;
aliceSession.eventStream.listen((event) { aliceSession.eventStream.listen((event) {
if (event is DeviceModifiedEvent) { if (event is DeviceModifiedEvent) {
newDevice = event.device; newDevice = event.device;

945
test/omemomanager_test.dart Normal file
View File

@ -0,0 +1,945 @@
import 'dart:convert';
import 'package:logging/logging.dart';
import 'package:omemo_dart/omemo_dart.dart';
import 'package:omemo_dart/src/trust/always.dart';
import 'package:test/test.dart';
void main() {
Logger.root
..level = Level.ALL
..onRecord.listen((record) {
// ignore: avoid_print
print('${record.level.name}: ${record.message}');
});
test('Test sending a message without the device list cache', () async {
const aliceJid = 'alice@server1';
const bobJid = 'bob@server2';
var aliceEmptyMessageSent = 0;
var bobEmptyMessageSent = 0;
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final aliceManager = OmemoManager(
aliceDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {
aliceEmptyMessageSent++;
},
(jid) async {
expect(jid, bobJid);
return [ bobDevice.id ];
},
(jid, id) async {
expect(jid, bobJid);
return bobDevice.toBundle();
},
(jid) async {},
);
final bobManager = OmemoManager(
bobDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {
bobEmptyMessageSent++;
},
(jid) async {
expect(jid, aliceJid);
return [aliceDevice.id];
},
(jid, id) async {
expect(jid, aliceJid);
return aliceDevice.toBundle();
},
(jid) async {},
);
// Alice sends a message
final aliceResult = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Hello world',
),
);
// Bob must be able to decrypt the message
final bobResult = await bobManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult.encryptedKeys,
base64.encode(aliceResult.ciphertext!),
),
);
expect(bobResult.payload, 'Hello world');
expect(bobResult.error, null);
expect(aliceEmptyMessageSent, 0);
expect(bobEmptyMessageSent, 1);
// Alice receives the ack message
await aliceManager.ratchetAcknowledged(
bobJid,
bobDevice.id,
);
// Bob now responds
final bobResult2 = await bobManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[aliceJid],
'Hello world, Alice',
),
);
final aliceResult2 = await aliceManager.onIncomingStanza(
OmemoIncomingStanza(
bobJid,
bobDevice.id,
DateTime.now().millisecondsSinceEpoch,
bobResult2.encryptedKeys,
base64.encode(bobResult2.ciphertext!),
),
);
expect(aliceResult2.error, null);
expect(aliceEmptyMessageSent, 0);
expect(bobEmptyMessageSent, 1);
expect(aliceResult2.payload, 'Hello world, Alice');
});
test('Test triggering the heartbeat', () async {
const aliceJid = 'alice@server1';
const bobJid = 'bob@server2';
var aliceEmptyMessageSent = 0;
var bobEmptyMessageSent = 0;
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final aliceManager = OmemoManager(
aliceDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {
aliceEmptyMessageSent++;
},
(jid) async {
expect(jid, bobJid);
return [ bobDevice.id ];
},
(jid, id) async {
expect(jid, bobJid);
return bobDevice.toBundle();
},
(jid) async {},
);
final bobManager = OmemoManager(
bobDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {
bobEmptyMessageSent++;
},
(jid) async {
expect(jid, aliceJid);
return [aliceDevice.id];
},
(jid, id) async {
expect(jid, aliceJid);
return aliceDevice.toBundle();
},
(jid) async {},
);
// Alice sends a message
final aliceResult = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Hello world',
),
);
// Bob must be able to decrypt the message
final bobResult = await bobManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult.encryptedKeys,
base64.encode(aliceResult.ciphertext!),
),
);
expect(aliceEmptyMessageSent, 0);
expect(bobEmptyMessageSent, 1);
expect(bobResult.payload, 'Hello world');
// Bob acknowledges the message
await aliceManager.ratchetAcknowledged(bobJid, bobDevice.id);
// Alice now sends 52 messages that Bob decrypts
for (var i = 0; i <= 51; i++) {
final aliceResultLoop = await aliceManager.onOutgoingStanza(
OmemoOutgoingStanza(
[bobJid],
'Test message $i',
),
);
final bobResultLoop = await bobManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResultLoop.encryptedKeys,
base64.encode(aliceResultLoop.ciphertext!),
),
);
expect(aliceEmptyMessageSent, 0);
expect(bobEmptyMessageSent, 1);
expect(bobResultLoop.payload, 'Test message $i');
}
// Alice sends a final message that triggers a heartbeat
final aliceResultFinal = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Test message last',
),
);
final bobResultFinal = await bobManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResultFinal.encryptedKeys,
base64.encode(aliceResultFinal.ciphertext!),
),
);
expect(aliceEmptyMessageSent, 0);
expect(bobEmptyMessageSent, 2);
expect(bobResultFinal.payload, 'Test message last');
});
test('Test accessing data without it existing', () async {
const aliceJid = 'alice@server1';
const bobJid = 'bob@server2';
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final aliceManager = OmemoManager(
aliceDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async => [],
(jid, id) async => null,
(jid) async {},
);
// Get non-existant fingerprints
expect(
await aliceManager.getFingerprintsForJid(bobJid),
null,
);
// Ack a non-existant ratchet
await aliceManager.ratchetAcknowledged(
bobJid,
42,
);
});
test('Test receiving a message encrypted for another device', () async {
const aliceJid = 'alice@server1';
const bobJid = 'bob@server2';
var oldDevice = true;
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final bobOldDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final bobCurrentDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final aliceManager = OmemoManager(
aliceDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async {
expect(jid, bobJid);
return oldDevice ?
[ bobOldDevice.id ] :
[ bobCurrentDevice.id ];
},
(jid, id) async {
expect(jid, bobJid);
return oldDevice ?
bobOldDevice.toBundle() :
bobCurrentDevice.toBundle();
},
(jid) async {},
);
final bobManager = OmemoManager(
bobCurrentDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async => [],
(jid, id) async => null,
(jid) async {},
);
// Alice encrypts a message to Bob
final aliceResult1 = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Hello Bob',
),
);
// Bob's current device receives it
final bobResult1 = await bobManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult1.encryptedKeys,
base64.encode(aliceResult1.ciphertext!),
),
);
expect(bobResult1.payload, null);
expect(bobResult1.error is NotEncryptedForDeviceException, true);
// Now Alice's client loses and regains the connection
aliceManager.onNewConnection();
oldDevice = false;
// And Alice sends a new message
final aliceResult2 = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Hello Bob x2',
),
);
final bobResult2 = await bobManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult2.encryptedKeys,
base64.encode(aliceResult2.ciphertext!),
),
);
expect(aliceResult2.encryptedKeys.length, 1);
expect(bobResult2.payload, 'Hello Bob x2');
});
test('Test receiving a response from a new device', () async {
const aliceJid = 'alice@server1';
const bobJid = 'bob@server2';
var bothDevices = false;
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final bobDevice1 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final bobDevice2 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final aliceManager = OmemoManager(
aliceDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async {
expect(jid, bobJid);
return [
bobDevice1.id,
if (bothDevices)
bobDevice2.id,
];
},
(jid, id) async {
expect(jid, bobJid);
if (bothDevices) {
if (id == bobDevice1.id) {
return bobDevice1.toBundle();
} else if (id == bobDevice2.id) {
return bobDevice2.toBundle();
}
} else {
if (id == bobDevice1.id) return bobDevice1.toBundle();
}
return null;
},
(jid) async {},
);
final bobManager1 = OmemoManager(
bobDevice1,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async => [],
(jid, id) async => null,
(jid) async {},
);
final bobManager2 = OmemoManager(
bobDevice2,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async {
expect(jid, aliceJid);
return [aliceDevice.id];
},
(jid, id) async {
expect(jid, aliceJid);
return aliceDevice.toBundle();
},
(jid) async {},
);
// Alice sends a message to Bob
final aliceResult1 = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Hello Bob!',
),
);
// Bob decrypts it
final bobResult1 = await bobManager1.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult1.encryptedKeys,
base64.encode(aliceResult1.ciphertext!),
),
);
expect(aliceResult1.encryptedKeys.length, 1);
expect(bobResult1.payload, 'Hello Bob!');
// Now Bob encrypts from his new device
bothDevices = true;
final bobResult2 = await bobManager2.onOutgoingStanza(
const OmemoOutgoingStanza(
[aliceJid],
'Hello from my new device',
),
);
// And Alice decrypts it
final aliceResult2 = await aliceManager.onIncomingStanza(
OmemoIncomingStanza(
bobJid,
bobDevice2.id,
DateTime.now().millisecondsSinceEpoch,
bobResult2.encryptedKeys,
base64.encode(bobResult2.ciphertext!),
),
);
expect(aliceResult2.payload, 'Hello from my new device');
});
test('Test receiving a device list update', () async {
const aliceJid = 'alice@server1';
const bobJid = 'bob@server2';
var bothDevices = false;
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final bobDevice1 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final bobDevice2 = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final aliceManager = OmemoManager(
aliceDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async {
expect(jid, bobJid);
return [
bobDevice1.id,
if (bothDevices)
bobDevice2.id,
];
},
(jid, id) async {
expect(jid, bobJid);
if (bothDevices) {
if (id == bobDevice1.id) {
return bobDevice1.toBundle();
} else if (id == bobDevice2.id) {
return bobDevice2.toBundle();
}
} else {
if (id == bobDevice1.id) return bobDevice1.toBundle();
}
return null;
},
(jid) async {},
);
final bobManager1 = OmemoManager(
bobDevice1,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async => null,
(jid, id) async => null,
(jid) async {},
);
final bobManager2 = OmemoManager(
bobDevice2,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async => null,
(jid, id) async => null,
(jid) async {},
);
// Alice sends a message to Bob
final aliceResult1 = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Hello Bob!',
),
);
// Bob decrypts it
final bobResult1 = await bobManager1.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult1.encryptedKeys,
base64.encode(aliceResult1.ciphertext!),
),
);
expect(aliceResult1.encryptedKeys.length, 1);
expect(bobResult1.payload, 'Hello Bob!');
// Bob acks the ratchet session
await aliceManager.ratchetAcknowledged(bobJid, bobDevice1.id);
// Bob now publishes a new device
bothDevices = true;
aliceManager.onDeviceListUpdate(
bobJid,
[
bobDevice1.id,
bobDevice2.id,
],
);
// Now Alice encrypts another message
final aliceResult2 = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Hello Bob! x2',
),
);
expect(aliceResult2.encryptedKeys.length, 2);
// And Bob decrypts it
final bobResult21 = await bobManager1.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult2.encryptedKeys,
base64.encode(aliceResult2.ciphertext!),
),
);
final bobResult22 = await bobManager2.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult2.encryptedKeys,
base64.encode(aliceResult2.ciphertext!),
),
);
expect(bobResult21.payload, 'Hello Bob! x2');
expect(bobResult22.payload, 'Hello Bob! x2');
// Bob2 now responds
final bobResult32 = await bobManager2.onOutgoingStanza(
const OmemoOutgoingStanza(
[aliceJid],
'Hello Alice!',
),
);
// And Alice responds
final aliceResult3 = await aliceManager.onIncomingStanza(
OmemoIncomingStanza(
bobJid,
bobDevice2.id,
DateTime.now().millisecondsSinceEpoch,
bobResult32.encryptedKeys,
base64.encode(bobResult32.ciphertext!),
),
);
expect(aliceResult3.payload, 'Hello Alice!');
});
test('Test sending a message to two different JIDs', () async {
const aliceJid = 'alice@server1';
const bobJid = 'bob@server2';
const cocoJid = 'coco@server3';
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final cocoDevice = await OmemoDevice.generateNewDevice(cocoJid, opkAmount: 1);
final aliceManager = OmemoManager(
aliceDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async {
if (jid == bobJid) {
return [bobDevice.id];
} else if (jid == cocoJid) {
return [cocoDevice.id];
}
return null;
},
(jid, id) async {
if (jid == bobJid) {
return bobDevice.toBundle();
} else if (jid == cocoJid) {
return cocoDevice.toBundle();
}
return null;
},
(jid) async {},
);
final bobManager = OmemoManager(
bobDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async => null,
(jid, id) async => null,
(jid) async {},
);
final cocoManager = OmemoManager(
cocoDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async => null,
(jid, id) async => null,
(jid) async {},
);
// Alice sends a message to Bob and Coco
final aliceResult = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid, cocoJid],
'Hello Bob and Coco!',
),
);
// Bob and Coco decrypt them
final bobResult = await bobManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult.encryptedKeys,
base64.encode(aliceResult.ciphertext!),
),
);
final cocoResult = await cocoManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult.encryptedKeys,
base64.encode(aliceResult.ciphertext!),
),
);
expect(bobResult.error, null);
expect(cocoResult.error, null);
expect(bobResult.payload, 'Hello Bob and Coco!');
expect(cocoResult.payload, 'Hello Bob and Coco!');
});
test('Test a fetch failure', () async {
const aliceJid = 'alice@server1';
const bobJid = 'bob@server2';
var failure = false;
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final aliceManager = OmemoManager(
aliceDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async {
expect(jid, bobJid);
return failure ?
null :
[bobDevice.id];
},
(jid, id) async {
expect(jid, bobJid);
return failure ?
null :
bobDevice.toBundle();
},
(jid) async {},
);
final bobManager = OmemoManager(
bobDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async => null,
(jid, id) async => null,
(jid) async {},
);
// Alice sends a message to Bob and Coco
final aliceResult1 = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Hello Bob!',
),
);
// Bob decrypts it
final bobResult1 = await bobManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult1.encryptedKeys,
base64.encode(aliceResult1.ciphertext!),
),
);
expect(bobResult1.error, null);
expect(bobResult1.payload, 'Hello Bob!');
// Bob acks the message
await aliceManager.ratchetAcknowledged(
bobJid,
bobDevice.id,
);
// Alice has to reconnect but has no connection yet
failure = true;
aliceManager.onNewConnection();
// Alice sends another message to Bob
final aliceResult2 = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Hello Bob! x2',
),
);
// And Bob decrypts it
final bobResult2 = await bobManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult2.encryptedKeys,
base64.encode(aliceResult2.ciphertext!),
),
);
expect(bobResult2.error, null);
expect(bobResult2.payload, 'Hello Bob! x2');
});
test('Test sending a message with failed lookups', () async {
const aliceJid = 'alice@server1';
const bobJid = 'bob@server2';
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final aliceManager = OmemoManager(
aliceDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async {
expect(jid, bobJid);
return null;
},
(jid, id) async {
expect(jid, bobJid);
return null;
},
(jid) async {},
);
// Alice sends a message to Bob
final aliceResult = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Hello Bob!',
),
);
expect(aliceResult.isSuccess(1), false);
expect(aliceResult.jidEncryptionErrors[bobJid] is NoKeyMaterialAvailableException, true);
});
test('Test sending a message two two JIDs with failed lookups', () async {
const aliceJid = 'alice@server1';
const bobJid = 'bob@server2';
const cocoJid = 'coco@server3';
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final aliceManager = OmemoManager(
aliceDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async {
if (jid == bobJid) {
return [bobDevice.id];
}
return null;
},
(jid, id) async {
if (jid == bobJid) {
return bobDevice.toBundle();
}
return null;
},
(jid) async {},
);
final bobManager = OmemoManager(
bobDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async => null,
(jid, id) async => null,
(jid) async {},
);
// Alice sends a message to Bob and Coco
final aliceResult = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid, cocoJid],
'Hello Bob and Coco!',
),
);
expect(aliceResult.isSuccess(2), true);
expect(aliceResult.jidEncryptionErrors[cocoJid] is NoKeyMaterialAvailableException, true);
// Bob decrypts it
final bobResult = await bobManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceResult.encryptedKeys,
base64.encode(aliceResult.ciphertext!),
),
);
expect(bobResult.payload, 'Hello Bob and Coco!');
});
test('Test sending multiple messages back and forth', () async {
const aliceJid = 'alice@server1';
const bobJid = 'bob@server2';
final aliceDevice = await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
final aliceManager = OmemoManager(
aliceDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async {
expect(jid, bobJid);
return [bobDevice.id];
},
(jid, id) async {
expect(jid, bobJid);
return bobDevice.toBundle();
},
(jid) async {},
);
final bobManager = OmemoManager(
bobDevice,
AlwaysTrustingTrustManager(),
(result, recipientJid) async {},
(jid) async => null,
(jid, id) async => null,
(jid) async {},
);
// Alice encrypts a message for Bob
final aliceMessage = await aliceManager.onOutgoingStanza(
const OmemoOutgoingStanza(
[bobJid],
'Hello Bob!',
),
);
// And Bob decrypts it
await bobManager.onIncomingStanza(
OmemoIncomingStanza(
aliceJid,
aliceDevice.id,
DateTime.now().millisecondsSinceEpoch,
aliceMessage.encryptedKeys,
base64.encode(aliceMessage.ciphertext!),
),
);
// Ratchets are acked
await aliceManager.ratchetAcknowledged(
bobJid,
bobDevice.id,
);
for (var i = 0; i < 100; i++) {
final messageText = 'Test Message #$i';
// Bob responds to Alice
final bobResponseMessage = await bobManager.onOutgoingStanza(
OmemoOutgoingStanza(
[aliceJid],
messageText,
),
);
expect(bobResponseMessage.isSuccess(1), true);
final aliceReceivedMessage = await aliceManager.onIncomingStanza(
OmemoIncomingStanza(
bobJid,
bobDevice.id,
DateTime.now().millisecondsSinceEpoch,
bobResponseMessage.encryptedKeys,
base64.encode(bobResponseMessage.ciphertext!),
),
);
expect(aliceReceivedMessage.payload, messageText);
}
});
}

View File

@ -18,7 +18,7 @@ void main() {
final oldDevice = await oldSession.getDevice(); final oldDevice = await oldSession.getDevice();
final serialised = jsonify(await oldDevice.toJson()); final serialised = jsonify(await oldDevice.toJson());
final newDevice = Device.fromJson(serialised); final newDevice = OmemoDevice.fromJson(serialised);
expect(await oldDevice.equals(newDevice), true); expect(await oldDevice.equals(newDevice), true);
}); });
@ -32,7 +32,7 @@ void main() {
final oldDevice = await (await oldSession.getDevice()).replaceSignedPrekey(); final oldDevice = await (await oldSession.getDevice()).replaceSignedPrekey();
final serialised = jsonify(await oldDevice.toJson()); final serialised = jsonify(await oldDevice.toJson());
final newDevice = Device.fromJson(serialised); final newDevice = OmemoDevice.fromJson(serialised);
expect(await oldDevice.equals(newDevice), true); expect(await oldDevice.equals(newDevice), true);
}); });