release: Bump version to 0.2.0

feat: Add getDeviceId and getDeviceBundle
feat: Ratchets should overwrite each other
2022-08-18 15:33:49 +02:00 · 2022-08-18 15:30:31 +02:00 · 2022-08-18 15:20:32 +02:00 · 2022-08-18 15:08:05 +02:00 · 2022-08-18 15:02:17 +02:00 · 2022-08-16 14:02:04 +02:00
9 changed files with 259 additions and 49 deletions
--- a/.gitlint
+++ b/.gitlint
@@ -5,6 +5,6 @@ line-length=72
 [title-trailing-punctuation]
 [title-hard-tab]
 [title-match-regex]
-regex=^(feat|fix|test|release|chore|security|docs|refactor):.*$
+regex=^(feat|fix|test|release|chore|security|docs|refactor|style):.*$
 [body-trailing-whitespace]
 [body-first-line-empty]
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,3 +9,9 @@

 - Fix bug with the Double Ratchet causing only the initial message to be decryptable
 - Expose `getDeviceMap` as a developer usable function
+
+## 0.2.0
+
+- Add convenience functions `getDeviceId` and `getDeviceBundle`
+- Creating a new ratchet with an id for which we already have a ratchet will now overwrite the old ratchet
+- Ratchet now carry an "acknowledged" attribute
--- a/example/omemo_dart_example.dart
+++ b/example/omemo_dart_example.dart
@@ -65,7 +65,7 @@ void main() async {
    // a new session. Let's also assume that Bob only has one device. We may, however,
    // add more bundles to newSessions, if we know of more.
    newSessions: [
-      await (await bobSession.getDevice()).toBundle(),
+      await bobSession.getDeviceBundle(),
    ],
  );

--- a/lib/src/double_ratchet/double_ratchet.dart
+++ b/lib/src/double_ratchet/double_ratchet.dart
@@ -67,6 +67,7 @@ class OmemoDoubleRatchet {
    this.ik,
    this.sessionAd,
    this.mkSkipped, // MKSKIPPED
+    this.acknowledged,
  );

  factory OmemoDoubleRatchet.fromJson(Map<String, dynamic> data) {
@@ -83,6 +84,7 @@ class OmemoDoubleRatchet {
      'pn': 0,
      'ik_pub': 'base/64/encoded',
      'session_ad': 'base/64/encoded',
+      'acknowledged': true | false,
      'mkskipped': [
        {
          'key': 'base/64/encoded',
@@ -117,6 +119,7 @@ class OmemoDoubleRatchet {
      ),
      base64.decode(data['session_ad']! as String),
      mkSkipped,
+      data['acknowledged']! as bool,
    );
  }
  
@@ -148,6 +151,10 @@ class OmemoDoubleRatchet {

  final Map<SkippedKey, List<int>> mkSkipped;

+  /// Indicates whether we received an empty OMEMO message after building a session with
+  /// the device.
+  bool acknowledged;
+
  /// Create an OMEMO session using the Signed Pre Key [spk], the shared secret [sk] that
  /// was obtained using a X3DH and the associated data [ad] that was also obtained through
  /// a X3DH. [ik] refers to Bob's (the receiver's) IK public key.
@@ -169,6 +176,7 @@ class OmemoDoubleRatchet {
      ik,
      ad,
      {},
+      false,
    );
  }

@@ -189,6 +197,7 @@ class OmemoDoubleRatchet {
      ik,
      ad,
      {},
+      true,
    );
  }

@@ -214,6 +223,7 @@ class OmemoDoubleRatchet {
      'ik_pub': base64.encode(await ik.getBytes()),
      'session_ad': base64.encode(sessionAd),
      'mkskipped': mkSkippedSerialised,
+      'acknowledged': acknowledged,
    };
  }
  
--- a/lib/src/omemo/device.dart
+++ b/lib/src/omemo/device.dart
@@ -163,6 +163,23 @@ class Device {
    );
  }

+  /// Returns a new device that is equal to this one with the exception that the new
+  /// device's id is a new number between 0 and 2**32 - 1.
+  @internal
+  Device withNewId() {
+    return Device(
+      jid,
+      generateRandom32BitNumber(),
+      ik,
+      spk,
+      spkId,
+      spkSignature,
+      oldSpk,
+      oldSpkId,
+      opks,
+    );
+  }
+  
  /// Converts this device into an OmemoBundle that could be used for publishing.
  Future<OmemoBundle> toBundle() async {
    final encodedOpks = <int, String>{};
--- a/lib/src/omemo/sessionmanager.dart
+++ b/lib/src/omemo/sessionmanager.dart
@@ -104,27 +104,40 @@ class OmemoSessionManager {
    return dev!;
  }

+  /// Returns the id attribute of our own device. This is just a short-hand for
+  /// ```await (session.getDevice()).id```.
+  Future<int> getDeviceId() async {
+    return _deviceLock.synchronized(() => _device.id);
+  }
+
+  /// Returns the device as an OmemoBundle. This is just a short-hand for
+  /// ```await (await session.getDevice()).toBundle()```.
+  Future<OmemoBundle> getDeviceBundle() async {
+    return _deviceLock.synchronized(() async => _device.toBundle());
+  }
+  
  /// Add a session [ratchet] with the [deviceId] to the internal tracking state.
  Future<void> _addSession(String jid, int deviceId, OmemoDoubleRatchet ratchet) async {
    await _lock.synchronized(() async {
      // Add the bundle Id
      if (!_deviceMap.containsKey(jid)) {
        _deviceMap[jid] = [deviceId];
-      } else {
-        _deviceMap[jid]!.add(deviceId);
-      }

-      // Commit the device map
-      _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
+        // Commit the device map
+        _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
+      } else {
+        // Prevent having the same device multiple times in the list
+        if (!_deviceMap[jid]!.contains(deviceId)) {
+          _deviceMap[jid]!.add(deviceId);
+
+          // Commit the device map
+          _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
+        }
+      }

      // Add the ratchet session
      final key = RatchetMapKey(jid, deviceId);
-      if (!_ratchetMap.containsKey(key)) {
-        _ratchetMap[key] = ratchet;
-      } else {
-        // TODO(PapaTutuWawa): What do we do now?
-        throw Exception();
-      }
+      _ratchetMap[key] = ratchet;

      // Commit the ratchet
      _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet));
@@ -431,6 +444,55 @@ class OmemoSessionManager {
    });
  }

+  /// Returns the list of device identifiers belonging to [jid] that are yet unacked, i.e.
+  /// we have not yet received an empty OMEMO message from.
+  Future<List<int>> getUnacknowledgedRatchets(String jid) async {
+    final ret = List<int>.empty(growable: true);
+
+    await _lock.synchronized(() async {
+      final devices = _deviceMap[jid]!;
+      for (final device in devices) {
+        final ratchet = _ratchetMap[RatchetMapKey(jid, device)]!;
+        if (!ratchet.acknowledged) ret.add(device);
+      }
+    });
+
+    return ret;
+  }
+
+  /// Mark the ratchet for device [deviceId] from [jid] as acked.
+  Future<void> ratchetAcknowledged(String jid, int deviceId) async {
+    await _lock.synchronized(() async {
+      final ratchet = _ratchetMap[RatchetMapKey(jid, deviceId)]!
+        ..acknowledged = true;
+
+      // Commit it
+      _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet));
+    });
+  }
+
+  /// Generates an entirely new device. May be useful when the user wants to reset their cryptographic
+  /// identity. Triggers an event to commit it to storage.
+  Future<void> regenerateDevice({ int opkAmount = 100 }) async {
+    await _deviceLock.synchronized(() async {
+      _device = await Device.generateNewDevice(_device.jid, opkAmount: opkAmount);
+
+      // Commit it
+      _eventStreamController.add(DeviceModifiedEvent(_device));
+    });
+  }
+
+  /// Make our device have a new identifier. Only useful before publishing it as a bundle
+  /// to make sure that our device has a id that is account unique.
+  Future<void> regenerateDeviceId() async {
+    await _deviceLock.synchronized(() async {
+      _device = _device.withNewId();
+
+      // Commit it
+      _eventStreamController.add(DeviceModifiedEvent(_device));
+    });
+  }
+  
  @visibleForTesting
  OmemoDoubleRatchet getRatchet(String jid, int deviceId) => _ratchetMap[RatchetMapKey(jid, deviceId)]!;

--- a/pubspec.yaml
+++ b/pubspec.yaml
@@ -1,6 +1,6 @@
 name: omemo_dart
 description: An XMPP library independent OMEMO library
-version: 0.1.3
+version: 0.2.0
 homepage: https://github.com/PapaTutuWawa/omemo_dart
 publish_to: https://git.polynom.me/api/packages/PapaTutuWawa/pub

--- a/test/omemo_test.dart
+++ b/test/omemo_test.dart
@@ -38,7 +38,7 @@ void main() {
      bobJid,
      messagePlaintext,
      newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
      ],
    );
    expect(aliceMessage.encryptedKeys.length, 1);
@@ -50,7 +50,7 @@ void main() {
    final bobMessage = await bobSession.decryptMessage(
      aliceMessage.ciphertext,
      aliceJid,
-      (await aliceSession.getDevice()).id,
+      await aliceSession.getDeviceId(),
      aliceMessage.encryptedKeys,
    );
    expect(messagePlaintext, bobMessage);
@@ -81,7 +81,7 @@ void main() {
    final aliceReceivedMessage = await aliceSession.decryptMessage(
      bobResponseMessage.ciphertext,
      bobJid,
-      (await bobSession.getDevice()).id,
+      await bobSession.getDeviceId(),
      bobResponseMessage.encryptedKeys,
    );
    expect(bobResponseText, aliceReceivedMessage);
@@ -115,8 +115,8 @@ void main() {
      bobJid,
      messagePlaintext,
      newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
-        await (await bobSession2.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
+        await bobSession2.getDeviceBundle(),
      ],
    );
    expect(aliceMessage.encryptedKeys.length, 2);
@@ -130,7 +130,7 @@ void main() {
    final bobMessage = await bobSession.decryptMessage(
      aliceMessage.ciphertext,
      aliceJid,
-      (await aliceSession.getDevice()).id,
+      await aliceSession.getDeviceId(),
      aliceMessage.encryptedKeys,
    );
    expect(messagePlaintext, bobMessage);
@@ -149,7 +149,7 @@ void main() {
    final aliceReceivedMessage = await aliceSession.decryptMessage(
      bobResponseMessage.ciphertext,
      bobJid,
-      (await bobSession.getDevice()).id,
+      await bobSession.getDeviceId(),
      bobResponseMessage.encryptedKeys,
    );
    expect(bobResponseText, aliceReceivedMessage);
@@ -192,8 +192,8 @@ void main() {
      [bobJid, aliceJid],
      messagePlaintext,
      newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
-        await (await aliceSession2.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
+        await aliceSession2.getDeviceBundle(),
      ],
    );
    expect(aliceMessage.encryptedKeys.length, 2);
@@ -205,7 +205,7 @@ void main() {
    final bobMessage = await bobSession.decryptMessage(
      aliceMessage.ciphertext,
      aliceJid,
-      (await aliceSession1.getDevice()).id,
+      await aliceSession1.getDeviceId(),
      aliceMessage.encryptedKeys,
    );
    expect(messagePlaintext, bobMessage);
@@ -214,7 +214,7 @@ void main() {
    final aliceMessage2 = await aliceSession2.decryptMessage(
      aliceMessage.ciphertext,
      aliceJid,
-      (await aliceSession1.getDevice()).id,
+      await aliceSession1.getDeviceId(),
      aliceMessage.encryptedKeys,
    );
    expect(messagePlaintext, aliceMessage2);
@@ -241,7 +241,7 @@ void main() {
      bobJid,
      null,
      newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
      ],
    );
    expect(aliceMessage.encryptedKeys.length, 1);
@@ -254,13 +254,13 @@ void main() {
    final bobMessage = await bobSession.decryptMessage(
      aliceMessage.ciphertext,
      aliceJid,
-      (await aliceSession.getDevice()).id,
+      await aliceSession.getDeviceId(),
      aliceMessage.encryptedKeys,
    );
    expect(bobMessage, null);

    // This call must not cause an exception
-    bobSession.getRatchet(aliceJid, (await aliceSession.getDevice()).id);
+    bobSession.getRatchet(aliceJid, await aliceSession.getDeviceId());
  });

  test('Test rotating the Signed Prekey', () async {
@@ -316,7 +316,7 @@ void main() {
      bobJid,
      messagePlaintext,
      newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
      ],
    );
    expect(aliceMessage.encryptedKeys.length, 1);
@@ -331,7 +331,7 @@ void main() {
    final bobMessage = await bobSession.decryptMessage(
      aliceMessage.ciphertext,
      aliceJid,
-      (await aliceSession.getDevice()).id,
+      await aliceSession.getDeviceId(),
      aliceMessage.encryptedKeys,
    );
    expect(messagePlaintext, bobMessage);
@@ -358,7 +358,7 @@ void main() {
      bobJid,
      null,
      newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
      ],
    );

@@ -387,7 +387,7 @@ void main() {
      bobJid,
      'Hello Bob!',
      newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
      ],
    );

@@ -397,7 +397,7 @@ void main() {
    await bobSession.decryptMessage(
      aliceMessage.ciphertext,
      aliceJid,
-      (await aliceSession.getDevice()).id,
+      await aliceSession.getDeviceId(),
      aliceMessage.encryptedKeys,
    );

@@ -416,7 +416,7 @@ void main() {
      final aliceReceivedMessage = await aliceSession.decryptMessage(
        bobResponseMessage.ciphertext,
        bobJid,
-        (await bobSession.getDevice()).id,
+        await bobSession.getDeviceId(),
        bobResponseMessage.encryptedKeys,
      );
      expect(messageText, aliceReceivedMessage);
@@ -444,21 +444,21 @@ void main() {
      );

      // Alice sends a message to those two Bobs
-      final aliceMessage = await aliceSession.encryptToJid(
+      await aliceSession.encryptToJid(
        bobJid,
        'Hallo Welt',
        newSessions: [
-          await (await bobSession1.getDevice()).toBundle(),
-          await (await bobSession2.getDevice()).toBundle(),
+          await bobSession1.getDeviceBundle(),
+          await bobSession2.getDeviceBundle(),
        ],
      );

      // One of those two sessions is broken, so Alice removes the session2 ratchet
-      final id1 = (await bobSession1.getDevice()).id;
-      final id2 = (await bobSession2.getDevice()).id;
+      final id1 = await bobSession1.getDeviceId();
+      final id2 = await bobSession2.getDeviceId();
      await aliceSession.removeRatchet(bobJid, id1);

-      final map = await aliceSession.getRatchetMap();
+      final map = aliceSession.getRatchetMap();
      expect(map.containsKey(RatchetMapKey(bobJid, id1)), false);
      expect(map.containsKey(RatchetMapKey(bobJid, id2)), true);
      final deviceMap = await aliceSession.getDeviceMap();
@@ -481,22 +481,137 @@ void main() {
      );

      // Alice sends a message to those two Bobs
-      final aliceMessage = await aliceSession.encryptToJid(
+      await aliceSession.encryptToJid(
        bobJid,
        'Hallo Welt',
        newSessions: [
-          await (await bobSession.getDevice()).toBundle(),
+          await bobSession.getDeviceBundle(),
        ],
      );

      // One of those two sessions is broken, so Alice removes the session2 ratchet
-      final id = (await bobSession.getDevice()).id;
+      final id = await bobSession.getDeviceId();
      await aliceSession.removeRatchet(bobJid, id);

-      final map = await aliceSession.getRatchetMap();
+      final map = aliceSession.getRatchetMap();
      expect(map.containsKey(RatchetMapKey(bobJid, id)), false);
      final deviceMap = await aliceSession.getDeviceMap();
      expect(deviceMap.containsKey(bobJid), false);
    });
  });
+
+  test('Test acknowledging a ratchet', () async {
+    const aliceJid = 'alice@server.example';
+    const bobJid = 'bob@other.server.example';
+    // Alice and Bob generate their sessions
+    final aliceSession = await OmemoSessionManager.generateNewIdentity(
+      aliceJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 1,
+    );
+    final bobSession = await OmemoSessionManager.generateNewIdentity(
+      bobJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 1,
+    );
+
+    // Alice sends Bob a message
+    await aliceSession.encryptToJid(
+      bobJid,
+      'Hallo Welt',
+      newSessions: [
+        await bobSession.getDeviceBundle(),
+      ],
+    );
+    expect(
+      await aliceSession.getUnacknowledgedRatchets(bobJid),
+      [
+        await bobSession.getDeviceId(),
+      ],
+    );
+
+    // Bob sends alice an empty message
+    // ...
+
+    // Alice decrypts it
+    // ...
+
+    // Alice marks the ratchet as acknowledged
+    await aliceSession.ratchetAcknowledged(bobJid, await bobSession.getDeviceId());
+    expect(
+      (await aliceSession.getUnacknowledgedRatchets(bobJid)).isEmpty,
+      true,
+    );
+  });
+
+  test('Test overwriting sessions', () async {
+    const aliceJid = 'alice@server.example';
+    const bobJid = 'bob@other.server.example';
+    // Alice and Bob generate their sessions
+    final aliceSession = await OmemoSessionManager.generateNewIdentity(
+      aliceJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 1,
+    );
+    final bobSession = await OmemoSessionManager.generateNewIdentity(
+      bobJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 2,
+    );
+
+    // Alice sends Bob a message
+    final msg1 = await aliceSession.encryptToJid(
+      bobJid,
+      'Hallo Welt',
+      newSessions: [
+        await bobSession.getDeviceBundle(),
+      ],
+    );
+    await bobSession.decryptMessage(
+      msg1.ciphertext,
+      aliceJid,
+      await aliceSession.getDeviceId(),
+      msg1.encryptedKeys,
+    );
+    final aliceRatchet1 = aliceSession.getRatchet(
+      bobJid,
+      await bobSession.getDeviceId(),
+    );
+    final bobRatchet1 = bobSession.getRatchet(
+      aliceJid,
+      await aliceSession.getDeviceId(),
+    );
+
+    // Alice is impatient and immediately sends another message before the original one
+    // can be acknowledged by Bob
+    final msg2 = await aliceSession.encryptToJid(
+      bobJid,
+      "Why don't you answer?",
+      newSessions: [
+        await bobSession.getDeviceBundle(),
+      ],
+    );
+    await bobSession.decryptMessage(
+      msg2.ciphertext,
+      aliceJid,
+      await aliceSession.getDeviceId(),
+      msg2.encryptedKeys,
+    );
+    final aliceRatchet2 = aliceSession.getRatchet(
+      bobJid,
+      await bobSession.getDeviceId(),
+    );
+    final bobRatchet2 = bobSession.getRatchet(
+      aliceJid,
+      await aliceSession.getDeviceId(),
+    );
+
+    // Both should only have one ratchet
+    expect(aliceSession.getRatchetMap().length, 1);
+    expect(bobSession.getRatchetMap().length, 1);
+    
+    // The ratchets should both be different
+    expect(await aliceRatchet1.equals(aliceRatchet2), false);
+    expect(await bobRatchet1.equals(bobRatchet2), false);
+  });
 }
--- a/test/serialisation_test.dart
+++ b/test/serialisation_test.dart
@@ -49,16 +49,16 @@ void main() {
      bobJid,
      'Hello Bob!',
      newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
      ],
    );
    await bobSession.decryptMessage(
      aliceMessage.ciphertext,
      aliceJid,
-      (await aliceSession.getDevice()).id,
+      await aliceSession.getDeviceId(),
      aliceMessage.encryptedKeys,
    );
-    final aliceOld = aliceSession.getRatchet(bobJid, (await bobSession.getDevice()).id);
+    final aliceOld = aliceSession.getRatchet(bobJid, await bobSession.getDeviceId());
    final aliceSerialised = await aliceOld.toJson();
    final aliceNew = OmemoDoubleRatchet.fromJson(aliceSerialised);

@@ -79,8 +79,8 @@ void main() {
    );
    await oldSession.addSessionFromBundle(
      'bob@localhost',
-      (await bobSession.getDevice()).id,
-      await (await bobSession.getDevice()).toBundle(),
+      await bobSession.getDeviceId(),
+      await bobSession.getDeviceBundle(),
    );

    // Serialise and deserialise
Author	SHA1	Message	Date
Alexander "PapaTutuWawa	345596923e	release: Bump version to 0.2.0	2022-08-18 15:33:49 +02:00
Alexander "PapaTutuWawa	d5d4aa9014	feat: Add getDeviceId and getDeviceBundle	2022-08-18 15:30:31 +02:00
Alexander "PapaTutuWawa	ee7b09bdb0	feat: Ratchets should overwrite each other	2022-08-18 15:20:32 +02:00
Alexander "PapaTutuWawa	73613e266f	feat: Allow regerating a device's id	2022-08-18 15:08:05 +02:00
Alexander "PapaTutuWawa	0a03483aaf	feat: Allow regenerating one's device identity	2022-08-18 15:02:17 +02:00
Alexander "PapaTutuWawa	fda06cef55	feat: Implement acknowledging ratchet sessions	2022-08-16 14:02:04 +02:00
Alexander "PapaTutuWawa	800b53b11f	style: Fix linter warnings	2022-08-16 13:46:08 +02:00