fix: Hopefully fix all tests being flaky

It seems that the varint encoding function would not work for
some integers as input. This should in theory fix this issue. Since
the SPK IDs are randomly between 0 and 2**32 - 1, it makes sense that
the tests fail only sometimes.

.gitlint

@@ -5,6 +5,6 @@ line-length=72
 [title-trailing-punctuation]
 [title-hard-tab]
 [title-match-regex]
-regex=^(feat|fix|test|release|chore|security|docs|refactor):.*$
+regex=^(feat|fix|test|release|chore|security|docs|refactor|style):.*$
 [body-trailing-whitespace]
 [body-first-line-empty]

CHANGELOG.md

@@ -4,3 +4,19 @@
 - Implement the Double Ratchet, X3DH and OMEMO specific bits
 - Add a Blind-Trust-Before-Verification TrustManager
 - Supported OMEMO version: 0.8.3
+
+## 0.1.3
+
+- Fix bug with the Double Ratchet causing only the initial message to be decryptable
+- Expose `getDeviceMap` as a developer usable function
+
+## 0.2.0
+
+- Add convenience functions `getDeviceId` and `getDeviceBundle`
+- Creating a new ratchet with an id for which we already have a ratchet will now overwrite the old ratchet
+- Ratchet now carry an "acknowledged" attribute
+
+## 0.2.1
+
+- Add `isRatchetAcknowledged`
+- Ratchets that are created due to accepting a kex are now unacknowledged

README.md

@@ -26,10 +26,10 @@ Include `omemo_dart` in your `pubspec.yaml` like this:
 # [...]
 
 dependencies:
-	omemo_dart:
-		hosted: https://git.polynom.me/api/packages/PapaTutuWawa/pub
-		version: ^0.1.0
-	# [...]
+  omemo_dart:
+    hosted: https://git.polynom.me/api/packages/PapaTutuWawa/pub
+    version: ^0.2.0
+  # [...]
 
 # [...]
 ```

example/omemo_dart_example.dart

@@ -65,7 +65,7 @@ void main() async {
     // a new session. Let's also assume that Bob only has one device. We may, however,
     // add more bundles to newSessions, if we know of more.
     newSessions: [
-      await (await bobSession.getDevice()).toBundle(),
+      await bobSession.getDeviceBundle(),
     ],
   );
 

lib/src/double_ratchet/double_ratchet.dart

@@ -67,6 +67,7 @@ class OmemoDoubleRatchet {
     this.ik,
     this.sessionAd,
     this.mkSkipped, // MKSKIPPED
+    this.acknowledged,
   );
 
   factory OmemoDoubleRatchet.fromJson(Map<String, dynamic> data) {
@@ -83,6 +84,7 @@ class OmemoDoubleRatchet {
       'pn': 0,
       'ik_pub': 'base/64/encoded',
       'session_ad': 'base/64/encoded',
+      'acknowledged': true | false,
       'mkskipped': [
         {
           'key': 'base/64/encoded',
@@ -117,6 +119,7 @@ class OmemoDoubleRatchet {
       ),
       base64.decode(data['session_ad']! as String),
       mkSkipped,
+      data['acknowledged']! as bool,
     );
   }
   
@@ -148,6 +151,10 @@ class OmemoDoubleRatchet {
 
   final Map<SkippedKey, List<int>> mkSkipped;
 
+  /// Indicates whether we received an empty OMEMO message after building a session with
+  /// the device.
+  bool acknowledged;
+
   /// Create an OMEMO session using the Signed Pre Key [spk], the shared secret [sk] that
   /// was obtained using a X3DH and the associated data [ad] that was also obtained through
   /// a X3DH. [ik] refers to Bob's (the receiver's) IK public key.
@@ -169,6 +176,7 @@ class OmemoDoubleRatchet {
       ik,
       ad,
       {},
+      false,
     );
   }
 
@@ -189,6 +197,7 @@ class OmemoDoubleRatchet {
       ik,
       ad,
       {},
+      false,
     );
   }
 
@@ -214,6 +223,7 @@ class OmemoDoubleRatchet {
       'ik_pub': base64.encode(await ik.getBytes()),
       'session_ad': base64.encode(sessionAd),
       'mkskipped': mkSkippedSerialised,
+      'acknowledged': acknowledged,
     };
   }
   
@@ -293,11 +303,15 @@ class OmemoDoubleRatchet {
       return plaintext;
     }
 
-    if (header.dhPub != await dhr?.getBytes()) {
+    final dhPubMatches = listsEqual(
+      header.dhPub ?? <int>[],
+      await dhr?.getBytes() ?? <int>[],
+    );
+    if (!dhPubMatches) {
       await _skipMessageKeys(header.pn!);
       await _dhRatchet(header);
     }
-
+    
     await _skipMessageKeys(header.n!);
     final newCkr = await kdfCk(ckr!, kdfCkNextChainKey);
     final mk = await kdfCk(ckr!, kdfCkNextMessageKey);

lib/src/omemo/device.dart

@@ -163,6 +163,23 @@ class Device {
     );
   }
 
+  /// Returns a new device that is equal to this one with the exception that the new
+  /// device's id is a new number between 0 and 2**32 - 1.
+  @internal
+  Device withNewId() {
+    return Device(
+      jid,
+      generateRandom32BitNumber(),
+      ik,
+      spk,
+      spkId,
+      spkSignature,
+      oldSpk,
+      oldSpkId,
+      opks,
+    );
+  }
+  
   /// Converts this device into an OmemoBundle that could be used for publishing.
   Future<OmemoBundle> toBundle() async {
     final encodedOpks = <int, String>{};

lib/src/omemo/events.dart

@@ -12,6 +12,14 @@ class RatchetModifiedEvent extends OmemoEvent {
   final OmemoDoubleRatchet ratchet;
 }
 
+/// Triggered when a ratchet has been removed and should be removed from storage.
+class RatchetRemovedEvent extends OmemoEvent {
+
+  RatchetRemovedEvent(this.jid, this.deviceId);
+  final String jid;
+  final int deviceId;
+}
+
 /// Triggered when the device map has been modified
 class DeviceMapModifiedEvent extends OmemoEvent {
 

lib/src/omemo/ratchet_map_key.dart

@@ -4,9 +4,24 @@ import 'package:meta/meta.dart';
 class RatchetMapKey {
 
   const RatchetMapKey(this.jid, this.deviceId);
+
+  factory RatchetMapKey.fromJsonKey(String key) {
+    final parts = key.split(':');
+    final deviceId = int.parse(parts.first);
+
+    return RatchetMapKey(
+      parts.sublist(1).join(':'),
+      deviceId,
+    );
+  }
+
   final String jid;
   final int deviceId;
 
+  String toJsonKey() {
+    return '$deviceId:$jid';
+  }
+  
   @override
   bool operator ==(Object other) {
     return other is RatchetMapKey && jid == other.jid && deviceId == other.deviceId;

lib/src/omemo/sessionmanager.dart

@@ -49,7 +49,18 @@ class OmemoSessionManager {
       trustManager,
     );
   }
-      
+
+  /// Deserialise the OmemoSessionManager from JSON data [data] that does not contain
+  /// the ratchet sessions.
+  factory OmemoSessionManager.fromJsonWithoutSessions(Map<String, dynamic> data, Map<RatchetMapKey, OmemoDoubleRatchet> ratchetMap, TrustManager trustManager) {
+    return OmemoSessionManager(
+      Device.fromJson(data['device']! as Map<String, dynamic>),
+      data['devices']! as Map<String, List<int>>,
+      ratchetMap,
+      trustManager,
+    );
+  }
+  
   /// Generate a new cryptographic identity.
   static Future<OmemoSessionManager> generateNewIdentity(String jid, TrustManager trustManager, { int opkAmount = 100 }) async {
     assert(opkAmount > 0, 'opkAmount must be bigger than 0.');
@@ -83,6 +94,7 @@ class OmemoSessionManager {
   /// A stream that receives events regarding the session
   Stream<OmemoEvent> get eventStream => _eventStreamController.stream;
 
+  /// Returns our own device.
   Future<Device> getDevice() async {
     Device? dev;
     await _deviceLock.synchronized(() async {
@@ -91,6 +103,18 @@ class OmemoSessionManager {
 
     return dev!;
   }
+
+  /// Returns the id attribute of our own device. This is just a short-hand for
+  /// ```await (session.getDevice()).id```.
+  Future<int> getDeviceId() async {
+    return _deviceLock.synchronized(() => _device.id);
+  }
+
+  /// Returns the device as an OmemoBundle. This is just a short-hand for
+  /// ```await (await session.getDevice()).toBundle()```.
+  Future<OmemoBundle> getDeviceBundle() async {
+    return _deviceLock.synchronized(() async => _device.toBundle());
+  }
   
   /// Add a session [ratchet] with the [deviceId] to the internal tracking state.
   Future<void> _addSession(String jid, int deviceId, OmemoDoubleRatchet ratchet) async {
@@ -98,21 +122,22 @@ class OmemoSessionManager {
       // Add the bundle Id
       if (!_deviceMap.containsKey(jid)) {
         _deviceMap[jid] = [deviceId];
-      } else {
-        _deviceMap[jid]!.add(deviceId);
-      }
 
-      // Commit the device map
-      _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
+        // Commit the device map
+        _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
+      } else {
+        // Prevent having the same device multiple times in the list
+        if (!_deviceMap[jid]!.contains(deviceId)) {
+          _deviceMap[jid]!.add(deviceId);
+
+          // Commit the device map
+          _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
+        }
+      }
 
       // Add the ratchet session
       final key = RatchetMapKey(jid, deviceId);
-      if (!_ratchetMap.containsKey(key)) {
-        _ratchetMap[key] = ratchet;
-      } else {
-        // TODO(PapaTutuWawa): What do we do now?
-        throw Exception();
-      }
+      _ratchetMap[key] = ratchet;
 
       // Commit the ratchet
       _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet));
@@ -152,15 +177,17 @@ class OmemoSessionManager {
     // Pick the correct SPK
     final device = await getDevice();
     OmemoKeyPair? spk;
-    if (kex.spkId == device.spkId) {
-      spk = device.spk;
-    } else if (kex.spkId == device.oldSpkId) {
-      spk = device.oldSpk;
-    } else {
+
+    await _lock.synchronized(() async {
+      if (kex.spkId == _device.spkId) {
+        spk = _device.spk;
+      } else if (kex.spkId == _device.oldSpkId) {
+        spk = _device.oldSpk;
+      }
+    });
+    if (spk == null) {
       throw UnknownSignedPrekeyException();
     }
-
-    assert(spk != null, 'The used SPK must be found');
     
     final kexResult = await x3dhFromInitialMessage(
       X3DHMessage(
@@ -173,7 +200,7 @@ class OmemoSessionManager {
       device.ik,
     );
     final ratchet = await OmemoDoubleRatchet.acceptNewSession(
-      spk,
+      spk!,
       OmemoPublicKey.fromBytes(kex.ik!, KeyPairType.ed25519),
       kexResult.sk,
       kexResult.ad,
@@ -229,6 +256,9 @@ class OmemoSessionManager {
           if (plaintext != null) {
             // Only encrypt to devices that are trusted
             if (!(await _trustManager.isTrusted(jid, deviceId))) continue;
+
+            // Onyl encrypt to devices that are enabled
+            if (!(await _trustManager.isEnabled(jid, deviceId))) continue;
           }
 
           final ratchetKey = RatchetMapKey(jid, deviceId);
@@ -269,6 +299,25 @@ class OmemoSessionManager {
     );
   }
 
+  /// In case a decryption error occurs, the Double Ratchet spec says to just restore
+  /// the ratchet to its old state. As such, this function restores the ratchet at
+  /// [mapKey] with [oldRatchet].
+  Future<void> _restoreRatchet(RatchetMapKey mapKey, OmemoDoubleRatchet oldRatchet) async {
+    await _lock.synchronized(() {
+      print('RESTORING RATCHETS');
+      _ratchetMap[mapKey] = oldRatchet;
+
+      // Commit the ratchet
+      _eventStreamController.add(
+        RatchetModifiedEvent(
+          mapKey.jid,
+          mapKey.deviceId,
+          oldRatchet,
+        ),
+      );
+    });
+  }
+  
   /// Attempt to decrypt [ciphertext]. [keys] refers to the <key /> elements inside the
   /// <keys /> element with a "jid" attribute matching our own. [senderJid] refers to the
   /// bare Jid of the sender. [senderDeviceId] refers to the "sid" attribute of the
@@ -286,9 +335,15 @@ class OmemoSessionManager {
       throw NotEncryptedForDeviceException();
     }
 
+    final ratchetKey = RatchetMapKey(senderJid, senderDeviceId);
     final decodedRawKey = base64.decode(rawKey.value);
     OmemoAuthenticatedMessage authMessage;
+    OmemoDoubleRatchet? oldRatchet;
     if (rawKey.kex) {
+      // If the ratchet already existed, we store it. If it didn't, oldRatchet will stay
+      // null.
+      oldRatchet = await _getRatchet(ratchetKey);
+
       // TODO(PapaTutuWawa): Only do this when we should
       final kex = OmemoKeyExchange.fromBuffer(decodedRawKey);
       await _addSessionFromKeyExchange(
@@ -319,31 +374,38 @@ class OmemoSessionManager {
     }
 
     final message = OmemoMessage.fromBuffer(authMessage.message!);
-    final ratchetKey = RatchetMapKey(senderJid, senderDeviceId);
     List<int>? keyAndHmac;
-    await _lock.synchronized(() async {
-      final ratchet = _ratchetMap[ratchetKey]!;
+    // We can guarantee that the ratchet exists at this point in time
+    final ratchet = (await _getRatchet(ratchetKey))!;
+    oldRatchet ??= ratchet ;
+
+    try {
       if (rawKey.kex) {
         keyAndHmac = await ratchet.ratchetDecrypt(message, authMessage.writeToBuffer());
       } else {
         keyAndHmac = await ratchet.ratchetDecrypt(message, decodedRawKey);
       }
+    } on InvalidMessageHMACException {
+      await _restoreRatchet(ratchetKey, oldRatchet);
+      rethrow;
+    }
 
-      // Commit the ratchet
-      _eventStreamController.add(RatchetModifiedEvent(senderJid, senderDeviceId, ratchet));
-    });
+    // Commit the ratchet
+    _eventStreamController.add(RatchetModifiedEvent(senderJid, senderDeviceId, ratchet));
 
     // Empty OMEMO messages should just have the key decrypted and/or session set up.
     if (ciphertext == null) {
       return null;
     }
     
-    final key = keyAndHmac!.sublist(0, 32);
-    final hmac = keyAndHmac!.sublist(32, 48);
+    final key = keyAndHmac.sublist(0, 32);
+    final hmac = keyAndHmac.sublist(32, 48);
     final derivedKeys = await deriveEncryptionKeys(key, omemoPayloadInfoString);
 
     final computedHmac = await truncatedHmac(ciphertext, derivedKeys.authenticationKey);
     if (!listsEqual(hmac, computedHmac)) {
+      // TODO(PapaTutuWawa): I am unsure if we should restore the ratchet here
+      await _restoreRatchet(ratchetKey, oldRatchet);
       throw InvalidMessageHMACException();
     }
     
@@ -386,13 +448,116 @@ class OmemoSessionManager {
       _eventStreamController.add(DeviceModifiedEvent(_device));
     });
   }
+
+  /// Returns the device map, i.e. the mapping of bare Jid to its device identifiers
+  /// we have built sessions with.
+  Future<Map<String, List<int>>> getDeviceMap() async {
+    return _lock.synchronized(() => _deviceMap);
+  }
+
+  /// Removes the ratchet identified by [jid] and [deviceId] from the session manager.
+  /// Also triggers events for commiting the new device map to storage and removing
+  /// the old ratchet.
+  Future<void> removeRatchet(String jid, int deviceId) async {
+    await _lock.synchronized(() async {
+      // Remove the ratchet
+      _ratchetMap.remove(RatchetMapKey(jid, deviceId));
+      // Commit it
+      _eventStreamController.add(RatchetRemovedEvent(jid, deviceId));
+
+      // Remove the device from jid
+      _deviceMap[jid]!.remove(deviceId);
+      if (_deviceMap[jid]!.isEmpty) {
+        _deviceMap.remove(jid);
+      }
+      // Commit it
+      _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
+    });
+  }
+
+  /// Removes all ratchets for Jid [jid]. Triggers a DeviceMapModified event at the end and an
+  /// RatchetRemovedEvent for each ratchet.
+  Future<void> removeAllRatchets(String jid) async {
+    await _lock.synchronized(() async {
+      for (final deviceId in _deviceMap[jid]!) {
+        // Remove the ratchet
+        _ratchetMap.remove(RatchetMapKey(jid, deviceId));
+        // Commit it
+        _eventStreamController.add(RatchetRemovedEvent(jid, deviceId));
+      }
+
+      // Remove the device from jid
+      _deviceMap.remove(jid);
+      // Commit it
+      _eventStreamController.add(DeviceMapModifiedEvent(_deviceMap));
+    });
+  }
+  
+  /// Returns the list of device identifiers belonging to [jid] that are yet unacked, i.e.
+  /// we have not yet received an empty OMEMO message from.
+  Future<List<int>?> getUnacknowledgedRatchets(String jid) async {
+    return _lock.synchronized(() async {
+      final ret = List<int>.empty(growable: true);
+      final devices = _deviceMap[jid];
+      if (devices == null) return null;
+
+      for (final device in devices) {
+        final ratchet = _ratchetMap[RatchetMapKey(jid, device)]!;
+        if (!ratchet.acknowledged) ret.add(device);
+      }
+
+      return ret;
+    });
+  }
+
+  /// Returns true if the ratchet for [jid] with device identifier [deviceId] is
+  /// acknowledged. Returns false if not.
+  Future<bool> isRatchetAcknowledged(String jid, int deviceId) async {
+    return _lock.synchronized(() => _ratchetMap[RatchetMapKey(jid, deviceId)]!.acknowledged);
+  }
+  
+  /// Mark the ratchet for device [deviceId] from [jid] as acked.
+  Future<void> ratchetAcknowledged(String jid, int deviceId) async {
+    await _lock.synchronized(() async {
+      final ratchet = _ratchetMap[RatchetMapKey(jid, deviceId)]!
+        ..acknowledged = true;
+
+      // Commit it
+      _eventStreamController.add(RatchetModifiedEvent(jid, deviceId, ratchet));
+    });
+  }
+
+  /// Generates an entirely new device. May be useful when the user wants to reset their cryptographic
+  /// identity. Triggers an event to commit it to storage.
+  Future<void> regenerateDevice({ int opkAmount = 100 }) async {
+    await _deviceLock.synchronized(() async {
+      _device = await Device.generateNewDevice(_device.jid, opkAmount: opkAmount);
+
+      // Commit it
+      _eventStreamController.add(DeviceModifiedEvent(_device));
+    });
+  }
+
+  /// Make our device have a new identifier. Only useful before publishing it as a bundle
+  /// to make sure that our device has a id that is account unique.
+  Future<void> regenerateDeviceId() async {
+    await _deviceLock.synchronized(() async {
+      _device = _device.withNewId();
+
+      // Commit it
+      _eventStreamController.add(DeviceModifiedEvent(_device));
+    });
+  }
+
+  Future<OmemoDoubleRatchet?> _getRatchet(RatchetMapKey key) async {
+    return _lock.synchronized(() async {
+      return _ratchetMap[key];
+    });
+  }
   
   @visibleForTesting
   OmemoDoubleRatchet getRatchet(String jid, int deviceId) => _ratchetMap[RatchetMapKey(jid, deviceId)]!;
 
-  @visibleForTesting
-  Map<String, List<int>> getDeviceMap() => _deviceMap;
-
   @visibleForTesting
   Map<RatchetMapKey, OmemoDoubleRatchet> getRatchetMap() => _ratchetMap;
 
@@ -414,7 +579,6 @@ class OmemoSessionManager {
         },
         ...
       ],
-      'trust': { ... }
     }
     */
 
@@ -430,8 +594,25 @@ class OmemoSessionManager {
       'devices': _deviceMap,
       'device': await (await getDevice()).toJson(),
       'sessions': sessions,
-      // TODO(PapaTutuWawa): Implement
-      'trust': <String, dynamic>{},
+    };
+  }
+
+  /// Serialise the entire session manager into a JSON object.
+  Future<Map<String, dynamic>> toJsonWithoutSessions() async {
+    /*
+    {
+      'devices': {
+        'alice@...': [1, 2, ...],
+        'bob@...': [1],
+        ...
+      },
+      'device': { ... },
+    }
+    */
+
+    return {
+      'devices': _deviceMap,
+      'device': await (await getDevice()).toJson(),
     };
   }
 }

lib/src/protobuf/protobuf.dart

@@ -46,21 +46,18 @@ List<int> encodeVarint(int i) {
   assert(i >= 0, "Two's complement is not implemented");
   final ret = List<int>.empty(growable: true);
 
-  var j = 0;
-  while (true) {
+  // Thanks to https://github.com/hathibelagal-dev/LEB128 for the trick with toRadixString!
+  final numSevenBlocks = (i.toRadixString(2).length / 7).ceil();
+  for (var j = 0; j < numSevenBlocks; j++) {
     // The 7 LSB of the byte we're creating
     final x = (i & (lsb7Mask << j * 7)) >> j * 7;
-    // The next bits
-    final next = i & (lsb7Mask << (j + 1) * 7);
 
-    if (next == 0) {
+    if (j == numSevenBlocks - 1) {
       // If we were to shift further, we only get zero, so we're at the end
       ret.add(x);
-      break;
     } else {
       // We still have at least one bit more to go, so set the MSB to 1
       ret.add(x + msb);
-      j++;
     }
   }
 

lib/src/trust/always.dart

@@ -11,4 +11,13 @@ class AlwaysTrustingTrustManager extends TrustManager {
 
   @override
   Future<void> onNewSession(String jid, int deviceId) async {}
+
+  @override
+  Future<bool> isEnabled(String jid, int deviceId) async => true;
+
+  @override
+  Future<void> setEnabled(String jid, int deviceId, bool enabled) async {}
+
+  @override
+  Future<Map<String, dynamic>> toJson() async => <String, dynamic>{};
 }

lib/src/trust/base.dart

@@ -8,4 +8,15 @@ abstract class TrustManager {
   /// Called by the OmemoSessionManager when a new session has been built. Should set
   /// a default trust state to [jid]'s device with identifier [deviceId].
   Future<void> onNewSession(String jid, int deviceId);
+
+  /// Return true if the device with id [deviceId] of Jid [jid] should be used for encryption.
+  /// If not, return false.
+  Future<bool> isEnabled(String jid, int deviceId);
+
+  /// Mark the device with id [deviceId] of Jid [jid] as enabled if [enabled] is true or as disabled
+  /// if [enabled] is false.
+  Future<void> setEnabled(String jid, int deviceId, bool enabled);
+
+  /// Serialize the trust manager to JSON.
+  Future<Map<String, dynamic>> toJson();
 }

lib/src/trust/btbv.dart

@@ -8,24 +8,52 @@ import 'package:synchronized/synchronized.dart';
 /// - blindTrust: The fingerprint is not verified using OOB means
 /// - verified: The fingerprint has been verified using OOB means
 enum BTBVTrustState {
-  notTrusted,
-  blindTrust,
-  verified,
+  notTrusted, // = 1
+  blindTrust, // = 2
+  verified,   // = 3
+}
+
+int _trustToInt(BTBVTrustState state) {
+  switch (state) {
+    case BTBVTrustState.notTrusted: return 1;
+    case BTBVTrustState.blindTrust: return 2;
+    case BTBVTrustState.verified:   return 3;
+  }
+}
+
+BTBVTrustState _trustFromInt(int i) {
+  switch (i) {
+    case 1: return BTBVTrustState.notTrusted;
+    case 2: return BTBVTrustState.blindTrust;
+    case 3: return BTBVTrustState.verified;
+    default: return BTBVTrustState.notTrusted;
+  }
 }
 
 /// A TrustManager that implements the idea of Blind Trust Before Verification.
 /// See https://gultsch.de/trust.html for more details.
 abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager {
-  BlindTrustBeforeVerificationTrustManager()
-    : trustCache = {},
-      devices = {},
-      _lock = Lock();
+  BlindTrustBeforeVerificationTrustManager({
+    Map<RatchetMapKey, BTBVTrustState>? trustCache,
+    Map<RatchetMapKey, bool>? enablementCache,
+    Map<String, List<int>>? devices,
+  }) : trustCache = trustCache ?? {},
+       enablementCache = enablementCache ?? {},
+       devices = devices ?? {},
+       _lock = Lock();
 
-  /// The cache for Mapping a RatchetMapKey to its trust state
+  /// The cache for mapping a RatchetMapKey to its trust state
+  @visibleForTesting
   @protected
   final Map<RatchetMapKey, BTBVTrustState> trustCache;
 
+  /// The cache for mapping a RatchetMapKey to whether it is enabled or not
+  @visibleForTesting
+  @protected
+  final Map<RatchetMapKey, bool> enablementCache;
+  
   /// Mapping of Jids to their device identifiers
+  @visibleForTesting
   @protected
   final Map<String, List<int>> devices;
 
@@ -74,10 +102,13 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager {
   @override
   Future<void> onNewSession(String jid, int deviceId) async {
     await _lock.synchronized(() async {
+      final key = RatchetMapKey(jid, deviceId);
       if (_hasAtLeastOneVerifiedDevice(jid)) {
-        trustCache[RatchetMapKey(jid, deviceId)] = BTBVTrustState.notTrusted;
+        trustCache[key] = BTBVTrustState.notTrusted;
+        enablementCache[key] = false;
       } else {
-        trustCache[RatchetMapKey(jid, deviceId)] = BTBVTrustState.blindTrust;
+        trustCache[key] = BTBVTrustState.blindTrust;
+        enablementCache[key] = true;
       }
 
       if (devices.containsKey(jid)) {
@@ -85,7 +116,7 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager {
       } else {
         devices[jid] = List<int>.from([deviceId]);
       }
-
+      
       // Commit the state
       await commitState();
     });
@@ -114,6 +145,70 @@ abstract class BlindTrustBeforeVerificationTrustManager extends TrustManager {
     });
   }
 
+  @override
+  Future<bool> isEnabled(String jid, int deviceId) async {
+    return _lock.synchronized(() async {
+      final value = enablementCache[RatchetMapKey(jid, deviceId)];
+
+      if (value == null) return false;
+      return value;
+    });
+  }
+
+  @override
+  Future<void> setEnabled(String jid, int deviceId, bool enabled) async {
+    await _lock.synchronized(() async {
+      enablementCache[RatchetMapKey(jid, deviceId)] = enabled;
+    });
+
+    // Commit the state
+    await commitState();
+  }
+
+  @override
+  Future<Map<String, dynamic>> toJson() async {
+    return {
+      'devices': devices,
+      'trust': trustCache.map((key, value) => MapEntry(
+        key.toJsonKey(), _trustToInt(value),
+      ),),
+      'enable': enablementCache.map((key, value) => MapEntry(key.toJsonKey(), value)),
+    };
+  }
+
+  /// From a serialized version of a BTBV trust manager, extract the device list.
+  /// NOTE: This is needed as Dart cannot just cast a List<dynamic> to List<int> and so on.
+  static Map<String, List<int>> deviceListFromJson(Map<String, dynamic> json) {
+    return (json['devices']! as Map<String, dynamic>).map<String, List<int>>(
+      (key, value) => MapEntry(
+        key,
+        (value as List<dynamic>).map<int>((i) => i as int).toList(),
+      ),
+    );
+  }
+
+  /// From a serialized version of a BTBV trust manager, extract the trust cache.
+  /// NOTE: This is needed as Dart cannot just cast a List<dynamic> to List<int> and so on.
+  static Map<RatchetMapKey, BTBVTrustState> trustCacheFromJson(Map<String, dynamic> json) {
+    return (json['trust']! as Map<String, dynamic>).map<RatchetMapKey, BTBVTrustState>(
+      (key, value) => MapEntry(
+        RatchetMapKey.fromJsonKey(key),
+        _trustFromInt(value as int),
+      ),
+    );
+  }
+
+  /// From a serialized version of a BTBV trust manager, extract the enable cache.
+  /// NOTE: This is needed as Dart cannot just cast a List<dynamic> to List<int> and so on.
+  static Map<RatchetMapKey, bool> enableCacheFromJson(Map<String, dynamic> json) {
+    return (json['enable']! as Map<String, dynamic>).map<RatchetMapKey, bool>(
+      (key, value) => MapEntry(
+        RatchetMapKey.fromJsonKey(key),
+        value as bool,
+      ),
+    );
+  }
+  
   /// Called when the state of the trust manager has been changed. Allows the user to
   /// commit the trust state to persistent storage.
   @visibleForOverriding

lib/src/trust/never.dart

@@ -11,4 +11,13 @@ class NeverTrustingTrustManager extends TrustManager {
 
   @override
   Future<void> onNewSession(String jid, int deviceId) async {}
+
+  @override
+  Future<bool> isEnabled(String jid, int deviceId) async => true;
+
+  @override
+  Future<void> setEnabled(String jid, int deviceId, bool enabled) async {}
+
+  @override
+  Future<Map<String, dynamic>> toJson() async => <String, dynamic>{};
 }

pubspec.yaml

@@ -1,6 +1,6 @@
 name: omemo_dart
 description: An XMPP library independent OMEMO library
-version: 0.1.2
+version: 0.2.1
 homepage: https://github.com/PapaTutuWawa/omemo_dart
 publish_to: https://git.polynom.me/api/packages/PapaTutuWawa/pub
 
@@ -11,7 +11,7 @@ dependencies:
   collection: ^1.16.0
   cryptography: ^2.0.5
   hex: ^0.2.0
-  meta: ^1.8.0
+  meta: ^1.7.0
   pinenacl: ^0.5.1
   synchronized: ^3.0.0+2
 

test/omemo_test.dart

@@ -7,7 +7,6 @@ void main() {
   test('Test using OMEMO sessions with only one device per user', () async {
     const aliceJid = 'alice@server.example';
     const bobJid = 'bob@other.server.example';
-      
     // Alice and Bob generate their sessions
     var deviceModified = false;
     var ratchetModified = 0;
@@ -39,7 +38,7 @@ void main() {
       bobJid,
       messagePlaintext,
       newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
       ],
     );
     expect(aliceMessage.encryptedKeys.length, 1);
@@ -51,7 +50,7 @@ void main() {
     final bobMessage = await bobSession.decryptMessage(
       aliceMessage.ciphertext,
       aliceJid,
-      (await aliceSession.getDevice()).id,
+      await aliceSession.getDeviceId(),
       aliceMessage.encryptedKeys,
     );
     expect(messagePlaintext, bobMessage);
@@ -82,7 +81,7 @@ void main() {
     final aliceReceivedMessage = await aliceSession.decryptMessage(
       bobResponseMessage.ciphertext,
       bobJid,
-      (await bobSession.getDevice()).id,
+      await bobSession.getDeviceId(),
       bobResponseMessage.encryptedKeys,
     );
     expect(bobResponseText, aliceReceivedMessage);
@@ -116,8 +115,8 @@ void main() {
       bobJid,
       messagePlaintext,
       newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
-        await (await bobSession2.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
+        await bobSession2.getDeviceBundle(),
       ],
     );
     expect(aliceMessage.encryptedKeys.length, 2);
@@ -131,7 +130,7 @@ void main() {
     final bobMessage = await bobSession.decryptMessage(
       aliceMessage.ciphertext,
       aliceJid,
-      (await aliceSession.getDevice()).id,
+      await aliceSession.getDeviceId(),
       aliceMessage.encryptedKeys,
     );
     expect(messagePlaintext, bobMessage);
@@ -150,7 +149,7 @@ void main() {
     final aliceReceivedMessage = await aliceSession.decryptMessage(
       bobResponseMessage.ciphertext,
       bobJid,
-      (await bobSession.getDevice()).id,
+      await bobSession.getDeviceId(),
       bobResponseMessage.encryptedKeys,
     );
     expect(bobResponseText, aliceReceivedMessage);
@@ -193,8 +192,8 @@ void main() {
       [bobJid, aliceJid],
       messagePlaintext,
       newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
-        await (await aliceSession2.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
+        await aliceSession2.getDeviceBundle(),
       ],
     );
     expect(aliceMessage.encryptedKeys.length, 2);
@@ -206,7 +205,7 @@ void main() {
     final bobMessage = await bobSession.decryptMessage(
       aliceMessage.ciphertext,
       aliceJid,
-      (await aliceSession1.getDevice()).id,
+      await aliceSession1.getDeviceId(),
       aliceMessage.encryptedKeys,
     );
     expect(messagePlaintext, bobMessage);
@@ -215,13 +214,13 @@ void main() {
     final aliceMessage2 = await aliceSession2.decryptMessage(
       aliceMessage.ciphertext,
       aliceJid,
-      (await aliceSession1.getDevice()).id,
+      await aliceSession1.getDeviceId(),
       aliceMessage.encryptedKeys,
     );
     expect(messagePlaintext, aliceMessage2);
   });
 
-  test('Test using sending empty OMEMO messages', () async {
+  test('Test sending empty OMEMO messages', () async {
     const aliceJid = 'alice@server.example';
     const bobJid = 'bob@other.server.example';
       
@@ -242,7 +241,7 @@ void main() {
       bobJid,
       null,
       newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
       ],
     );
     expect(aliceMessage.encryptedKeys.length, 1);
@@ -255,13 +254,13 @@ void main() {
     final bobMessage = await bobSession.decryptMessage(
       aliceMessage.ciphertext,
       aliceJid,
-      (await aliceSession.getDevice()).id,
+      await aliceSession.getDeviceId(),
       aliceMessage.encryptedKeys,
     );
     expect(bobMessage, null);
 
     // This call must not cause an exception
-    bobSession.getRatchet(aliceJid, (await aliceSession.getDevice()).id);
+    bobSession.getRatchet(aliceJid, await aliceSession.getDeviceId());
   });
 
   test('Test rotating the Signed Prekey', () async {
@@ -317,7 +316,7 @@ void main() {
       bobJid,
       messagePlaintext,
       newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
       ],
     );
     expect(aliceMessage.encryptedKeys.length, 1);
@@ -332,7 +331,7 @@ void main() {
     final bobMessage = await bobSession.decryptMessage(
       aliceMessage.ciphertext,
       aliceJid,
-      (await aliceSession.getDevice()).id,
+      await aliceSession.getDeviceId(),
       aliceMessage.encryptedKeys,
     );
     expect(messagePlaintext, bobMessage);
@@ -359,7 +358,7 @@ void main() {
       bobJid,
       null,
       newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
       ],
     );
 
@@ -367,4 +366,393 @@ void main() {
     // untrusted device.
     expect(aliceMessage.encryptedKeys.length, 1);
   });
+
+  test('Test by sending multiple messages back and forth', () async {
+    const aliceJid = 'alice@server.example';
+    const bobJid = 'bob@other.server.example';
+    // Alice and Bob generate their sessions
+    final aliceSession = await OmemoSessionManager.generateNewIdentity(
+      aliceJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 1,
+    );
+    final bobSession = await OmemoSessionManager.generateNewIdentity(
+      bobJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 1,
+    );
+
+    // Alice encrypts a message for Bob
+    final aliceMessage = await aliceSession.encryptToJid(
+      bobJid,
+      'Hello Bob!',
+      newSessions: [
+        await bobSession.getDeviceBundle(),
+      ],
+    );
+
+    // Alice sends the message to Bob
+    // ...
+
+    await bobSession.decryptMessage(
+      aliceMessage.ciphertext,
+      aliceJid,
+      await aliceSession.getDeviceId(),
+      aliceMessage.encryptedKeys,
+    );
+
+    for (var i = 0; i < 100; i++) {
+      final messageText = 'Test Message #$i';
+      // Bob responds to Alice
+      final bobResponseMessage = await bobSession.encryptToJid(
+        aliceJid,
+        messageText,
+      );
+
+      // Bob sends the message to Alice
+      // ...
+
+      // Alice decrypts it
+      final aliceReceivedMessage = await aliceSession.decryptMessage(
+        bobResponseMessage.ciphertext,
+        bobJid,
+        await bobSession.getDeviceId(),
+        bobResponseMessage.encryptedKeys,
+      );
+      expect(messageText, aliceReceivedMessage);
+    }
+  });
+
+  group('Test removing a ratchet', () {
+    test('Test removing a ratchet when the user has multiple', () async {
+      const aliceJid = 'alice@server.local';
+      const bobJid = 'bob@some.server.local';
+      final aliceSession = await OmemoSessionManager.generateNewIdentity(
+        aliceJid,
+        AlwaysTrustingTrustManager(),
+        opkAmount: 1,
+      );
+      final bobSession1 = await OmemoSessionManager.generateNewIdentity(
+        bobJid,
+        AlwaysTrustingTrustManager(),
+        opkAmount: 1,
+      );
+      final bobSession2 = await OmemoSessionManager.generateNewIdentity(
+        bobJid,
+        AlwaysTrustingTrustManager(),
+        opkAmount: 1,
+      );
+
+      // Alice sends a message to those two Bobs
+      await aliceSession.encryptToJid(
+        bobJid,
+        'Hallo Welt',
+        newSessions: [
+          await bobSession1.getDeviceBundle(),
+          await bobSession2.getDeviceBundle(),
+        ],
+      );
+
+      // One of those two sessions is broken, so Alice removes the session2 ratchet
+      final id1 = await bobSession1.getDeviceId();
+      final id2 = await bobSession2.getDeviceId();
+      await aliceSession.removeRatchet(bobJid, id1);
+
+      final map = aliceSession.getRatchetMap();
+      expect(map.containsKey(RatchetMapKey(bobJid, id1)), false);
+      expect(map.containsKey(RatchetMapKey(bobJid, id2)), true);
+      final deviceMap = await aliceSession.getDeviceMap();
+      expect(deviceMap.containsKey(bobJid), true);
+      expect(deviceMap[bobJid], [id2]);
+    });
+
+    test('Test removing a ratchet when the user has only one', () async {
+      const aliceJid = 'alice@server.local';
+      const bobJid = 'bob@some.server.local';
+      final aliceSession = await OmemoSessionManager.generateNewIdentity(
+        aliceJid,
+        AlwaysTrustingTrustManager(),
+        opkAmount: 1,
+      );
+      final bobSession = await OmemoSessionManager.generateNewIdentity(
+        bobJid,
+        AlwaysTrustingTrustManager(),
+        opkAmount: 1,
+      );
+
+      // Alice sends a message to those two Bobs
+      await aliceSession.encryptToJid(
+        bobJid,
+        'Hallo Welt',
+        newSessions: [
+          await bobSession.getDeviceBundle(),
+        ],
+      );
+
+      // One of those two sessions is broken, so Alice removes the session2 ratchet
+      final id = await bobSession.getDeviceId();
+      await aliceSession.removeRatchet(bobJid, id);
+
+      final map = aliceSession.getRatchetMap();
+      expect(map.containsKey(RatchetMapKey(bobJid, id)), false);
+      final deviceMap = await aliceSession.getDeviceMap();
+      expect(deviceMap.containsKey(bobJid), false);
+    });
+  });
+
+  test('Test acknowledging a ratchet', () async {
+    const aliceJid = 'alice@server.example';
+    const bobJid = 'bob@other.server.example';
+    // Alice and Bob generate their sessions
+    final aliceSession = await OmemoSessionManager.generateNewIdentity(
+      aliceJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 1,
+    );
+    final bobSession = await OmemoSessionManager.generateNewIdentity(
+      bobJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 1,
+    );
+
+    // Alice sends Bob a message
+    await aliceSession.encryptToJid(
+      bobJid,
+      'Hallo Welt',
+      newSessions: [
+        await bobSession.getDeviceBundle(),
+      ],
+    );
+    expect(
+      await aliceSession.getUnacknowledgedRatchets(bobJid),
+      [
+        await bobSession.getDeviceId(),
+      ],
+    );
+
+    // Bob sends alice an empty message
+    // ...
+
+    // Alice decrypts it
+    // ...
+
+    // Alice marks the ratchet as acknowledged
+    await aliceSession.ratchetAcknowledged(bobJid, await bobSession.getDeviceId());
+    expect(
+      (await aliceSession.getUnacknowledgedRatchets(bobJid))!.isEmpty,
+      true,
+    );
+  });
+
+  test('Test overwriting sessions', () async {
+    const aliceJid = 'alice@server.example';
+    const bobJid = 'bob@other.server.example';
+    // Alice and Bob generate their sessions
+    final aliceSession = await OmemoSessionManager.generateNewIdentity(
+      aliceJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 1,
+    );
+    final bobSession = await OmemoSessionManager.generateNewIdentity(
+      bobJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 2,
+    );
+
+    // Alice sends Bob a message
+    final msg1 = await aliceSession.encryptToJid(
+      bobJid,
+      'Hallo Welt',
+      newSessions: [
+        await bobSession.getDeviceBundle(),
+      ],
+    );
+    await bobSession.decryptMessage(
+      msg1.ciphertext,
+      aliceJid,
+      await aliceSession.getDeviceId(),
+      msg1.encryptedKeys,
+    );
+    final aliceRatchet1 = aliceSession.getRatchet(
+      bobJid,
+      await bobSession.getDeviceId(),
+    );
+    final bobRatchet1 = bobSession.getRatchet(
+      aliceJid,
+      await aliceSession.getDeviceId(),
+    );
+
+    // Alice is impatient and immediately sends another message before the original one
+    // can be acknowledged by Bob
+    final msg2 = await aliceSession.encryptToJid(
+      bobJid,
+      "Why don't you answer?",
+      newSessions: [
+        await bobSession.getDeviceBundle(),
+      ],
+    );
+    await bobSession.decryptMessage(
+      msg2.ciphertext,
+      aliceJid,
+      await aliceSession.getDeviceId(),
+      msg2.encryptedKeys,
+    );
+    final aliceRatchet2 = aliceSession.getRatchet(
+      bobJid,
+      await bobSession.getDeviceId(),
+    );
+    final bobRatchet2 = bobSession.getRatchet(
+      aliceJid,
+      await aliceSession.getDeviceId(),
+    );
+
+    // Both should only have one ratchet
+    expect(aliceSession.getRatchetMap().length, 1);
+    expect(bobSession.getRatchetMap().length, 1);
+    
+    // The ratchets should both be different
+    expect(await aliceRatchet1.equals(aliceRatchet2), false);
+    expect(await bobRatchet1.equals(bobRatchet2), false);
+  });
+
+  test('Test receiving an old message that contains a KEX', () async {
+    const aliceJid = 'alice@server.example';
+    const bobJid = 'bob@other.server.example';
+    // Alice and Bob generate their sessions
+    final aliceSession = await OmemoSessionManager.generateNewIdentity(
+      aliceJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 1,
+    );
+    final bobSession = await OmemoSessionManager.generateNewIdentity(
+      bobJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 2,
+    );
+
+    // Alice sends Bob a message
+    final msg1 = await aliceSession.encryptToJid(
+      bobJid,
+      'Hallo Welt',
+      newSessions: [
+        await bobSession.getDeviceBundle(),
+      ],
+    );
+
+    await bobSession.decryptMessage(
+      msg1.ciphertext,
+      aliceJid,
+      await aliceSession.getDeviceId(),
+      msg1.encryptedKeys,
+    );
+
+    // Bob responds
+    final msg2 = await bobSession.encryptToJid(
+      aliceJid,
+      'Hello!',
+    );
+    await aliceSession.decryptMessage(
+      msg2.ciphertext,
+      bobJid,
+      await bobSession.getDeviceId(),
+      msg2.encryptedKeys,
+    );
+
+    // Due to some issue with the transport protocol, the first message Bob received is
+    // received again
+    try {
+      await bobSession.decryptMessage(
+        msg1.ciphertext,
+        aliceJid,
+        await aliceSession.getDeviceId(),
+        msg1.encryptedKeys,
+      );
+      expect(true, false);
+    } on InvalidMessageHMACException {
+      // NOOP
+    }
+
+    final msg3 = await aliceSession.encryptToJid(
+      bobJid,
+      'Are you okay?',
+    );
+    final result = await bobSession.decryptMessage(
+      msg3.ciphertext,
+      aliceJid,
+      await aliceSession.getDeviceId(),
+      msg3.encryptedKeys,
+    );
+
+    expect(result, 'Are you okay?');
+  });
+
+  test('Test receiving an old message that does not contain a KEX', () async {
+    const aliceJid = 'alice@server.example';
+    const bobJid = 'bob@other.server.example';
+    // Alice and Bob generate their sessions
+    final aliceSession = await OmemoSessionManager.generateNewIdentity(
+      aliceJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 1,
+    );
+    final bobSession = await OmemoSessionManager.generateNewIdentity(
+      bobJid,
+      AlwaysTrustingTrustManager(),
+      opkAmount: 2,
+    );
+
+    // Alice sends Bob a message
+    final msg1 = await aliceSession.encryptToJid(
+      bobJid,
+      'Hallo Welt',
+      newSessions: [
+        await bobSession.getDeviceBundle(),
+      ],
+    );
+    await bobSession.decryptMessage(
+      msg1.ciphertext,
+      aliceJid,
+      await aliceSession.getDeviceId(),
+      msg1.encryptedKeys,
+    );
+
+    // Bob responds
+    final msg2 = await bobSession.encryptToJid(
+      aliceJid,
+      'Hello!',
+    );
+    await aliceSession.decryptMessage(
+      msg2.ciphertext,
+      bobJid,
+      await bobSession.getDeviceId(),
+      msg2.encryptedKeys,
+    );
+
+    // Due to some issue with the transport protocol, the first message Alice received is
+    // received again.
+    try {
+      await aliceSession.decryptMessage(
+        msg2.ciphertext,
+        bobJid,
+        await bobSession.getDeviceId(),
+        msg2.encryptedKeys,
+      );
+      expect(true, false);
+    } catch (_) {
+      // NOOP
+    }
+
+    final msg3 = await aliceSession.encryptToJid(
+      bobJid,
+      'Are you okay?',
+    );
+    final result = await bobSession.decryptMessage(
+      msg3.ciphertext,
+      aliceJid,
+      await aliceSession.getDeviceId(),
+      msg3.encryptedKeys,
+    );
+
+    expect(result, 'Are you okay?');
+  });
 }

test/protobuf_test.dart

@@ -48,6 +48,10 @@ void main() {
         <int>[172, 2],
       );
     });
+
+    test('Test some special cases', () {
+      expect(decodeVarint(encodeVarint(1042464893), 0).n, 1042464893);
+    });
   });
 
   group('OMEMOMessage', () {
@@ -170,5 +174,13 @@ void main() {
       expect(decoded.message!.mac, <int>[5, 6, 8, 0]);
       expect(decoded.message!.message, <int>[4, 5, 7, 3, 2]);
     });
+    test('Test decoding an issue', () {
+      /*
+      final data = 'CAAQfRogc2GwslU219dUkrMHNM4KdZRmuFnBTae+bQaJ+55IsAMiII7aZKj2sUpb6xR/3Ari7WZUmKFV0G6czUc4NMvjKDBaKnwKEM2ZpI8X3TgcxhxwENANnlsSaAgAEAAaICy8T9WPgLb7RdYd8/4JkrLF0RahEkC3ZaEfk5jw3dsLIkBMILzLyByweLgF4lCn0oNea+kbdrFr6rY7r/7WyI8hXEQz38QpnN+jyGGwC7Ga0dq70WuyqE7VpiFArQwqZh2G';
+      final kex = OmemoKeyExchange.fromBuffer(base64Decode(data));
+
+      expect(kex.spkId!, 1042464893);
+      */
+    });
   });
 }

test/serialisation_test.dart

@@ -1,3 +1,4 @@
+import 'dart:convert';
 import 'package:omemo_dart/omemo_dart.dart';
 import 'package:omemo_dart/src/trust/always.dart';
 import 'package:test/test.dart';
@@ -49,16 +50,16 @@ void main() {
       bobJid,
       'Hello Bob!',
       newSessions: [
-        await (await bobSession.getDevice()).toBundle(),
+        await bobSession.getDeviceBundle(),
       ],
     );
     await bobSession.decryptMessage(
       aliceMessage.ciphertext,
       aliceJid,
-      (await aliceSession.getDevice()).id,
+      await aliceSession.getDeviceId(),
       aliceMessage.encryptedKeys,
     );
-    final aliceOld = aliceSession.getRatchet(bobJid, (await bobSession.getDevice()).id);
+    final aliceOld = aliceSession.getRatchet(bobJid, await bobSession.getDeviceId());
     final aliceSerialised = await aliceOld.toJson();
     final aliceNew = OmemoDoubleRatchet.fromJson(aliceSerialised);
 
@@ -79,8 +80,8 @@ void main() {
     );
     await oldSession.addSessionFromBundle(
       'bob@localhost',
-      (await bobSession.getDevice()).id,
-      await (await bobSession.getDevice()).toBundle(),
+      await bobSession.getDeviceId(),
+      await bobSession.getDeviceBundle(),
     );
 
     // Serialise and deserialise
@@ -93,7 +94,7 @@ void main() {
     final oldDevice = await oldSession.getDevice();
     final newDevice = await newSession.getDevice();
     expect(await oldDevice.equals(newDevice), true);
-    expect(oldSession.getDeviceMap(), newSession.getDeviceMap());
+    expect(await oldSession.getDeviceMap(), await newSession.getDeviceMap());
 
     expect(oldSession.getRatchetMap().length, newSession.getRatchetMap().length);
     for (final session in oldSession.getRatchetMap().entries) {
@@ -104,4 +105,84 @@ void main() {
       expect(await oldRatchet.equals(newRatchet), true);
     }
   });
+
+  test('Test serialising and deserialising the BlindTrustBeforeVerificationTrustManager', () async {
+    // Caroline's BTBV manager
+    final btbv = MemoryBTBVTrustManager();
+    // Example data
+    const aliceJid = 'alice@some.server';
+    const bobJid = 'bob@other.server';
+    
+    // Caroline starts a chat a device from Alice
+    await btbv.onNewSession(aliceJid, 1);
+    expect(await btbv.isTrusted(aliceJid, 1), true);
+    expect(await btbv.isEnabled(aliceJid, 1), true);
+
+    // Caroline meets with Alice and verifies her fingerprint
+    await btbv.setDeviceTrust(aliceJid, 1, BTBVTrustState.verified);
+    expect(await btbv.isTrusted(aliceJid, 1), true);
+
+    // Alice adds a new device
+    await btbv.onNewSession(aliceJid, 2);
+    expect(await btbv.isTrusted(aliceJid, 2), false);
+    expect(btbv.getDeviceTrust(aliceJid, 2), BTBVTrustState.notTrusted);
+    expect(await btbv.isEnabled(aliceJid, 2), false);
+
+    // Caronline starts a chat with Bob but since they live far apart, Caroline cannot
+    // verify his fingerprint.
+    await btbv.onNewSession(bobJid, 3);
+
+    // Bob adds a new device
+    await btbv.onNewSession(bobJid, 4);
+    expect(await btbv.isTrusted(bobJid, 3), true);
+    expect(await btbv.isTrusted(bobJid, 4), true);
+    expect(btbv.getDeviceTrust(bobJid, 3), BTBVTrustState.blindTrust);
+    expect(btbv.getDeviceTrust(bobJid, 4), BTBVTrustState.blindTrust);
+    expect(await btbv.isEnabled(bobJid, 3), true);
+    expect(await btbv.isEnabled(bobJid, 4), true);
+  });
+
+  test('Test serializing and deserializing RatchetMapKey', () {
+    const test1 = RatchetMapKey('user@example.org', 1234);
+    final result1 = RatchetMapKey.fromJsonKey(test1.toJsonKey());
+    expect(result1.jid, test1.jid);
+    expect(result1.deviceId, test1.deviceId);
+
+    const test2 = RatchetMapKey('user@example.org/hallo:welt', 3333);
+    final result2 = RatchetMapKey.fromJsonKey(test2.toJsonKey());
+    expect(result2.jid, test2.jid);
+    expect(result2.deviceId, test2.deviceId);
+  });
+
+  test('Test serializing and deserializing the components of the BTBV manager', () async {
+    // Caroline's BTBV manager
+    final btbv = MemoryBTBVTrustManager();
+    // Example data
+    const aliceJid = 'alice@some.server';
+    const bobJid = 'bob@other.server';
+    
+    await btbv.onNewSession(aliceJid, 1);
+    await btbv.setDeviceTrust(aliceJid, 1, BTBVTrustState.verified);
+    await btbv.onNewSession(aliceJid, 2);
+    await btbv.onNewSession(bobJid, 3);
+    await btbv.onNewSession(bobJid, 4);
+
+    final managerJson = await btbv.toJson();
+    final managerString = jsonEncode(managerJson);
+    final managerPostJson = jsonDecode(managerString) as Map<String, dynamic>;
+    final deviceList = BlindTrustBeforeVerificationTrustManager.deviceListFromJson(
+      managerPostJson,
+    );
+    expect(btbv.devices, deviceList);
+
+    final trustCache = BlindTrustBeforeVerificationTrustManager.trustCacheFromJson(
+      managerPostJson,
+    );
+    expect(btbv.trustCache, trustCache);
+
+    final enableCache = BlindTrustBeforeVerificationTrustManager.enableCacheFromJson(
+      managerPostJson,
+    );
+    expect(btbv.enablementCache, enableCache);
+  });
 }

test/trust_test.dart

@@ -12,6 +12,7 @@ void main() {
     // Caroline starts a chat a device from Alice
     await btbv.onNewSession(aliceJid, 1);
     expect(await btbv.isTrusted(aliceJid, 1), true);
+    expect(await btbv.isEnabled(aliceJid, 1), true);
 
     // Caroline meets with Alice and verifies her fingerprint
     await btbv.setDeviceTrust(aliceJid, 1, BTBVTrustState.verified);
@@ -21,6 +22,7 @@ void main() {
     await btbv.onNewSession(aliceJid, 2);
     expect(await btbv.isTrusted(aliceJid, 2), false);
     expect(btbv.getDeviceTrust(aliceJid, 2), BTBVTrustState.notTrusted);
+    expect(await btbv.isEnabled(aliceJid, 2), false);
 
     // Caronline starts a chat with Bob but since they live far apart, Caroline cannot
     // verify his fingerprint.
@@ -32,5 +34,7 @@ void main() {
     expect(await btbv.isTrusted(bobJid, 4), true);
     expect(btbv.getDeviceTrust(bobJid, 3), BTBVTrustState.blindTrust);
     expect(btbv.getDeviceTrust(bobJid, 4), BTBVTrustState.blindTrust);
+    expect(await btbv.isEnabled(bobJid, 3), true);
+    expect(await btbv.isEnabled(bobJid, 4), true);
   });
 }