fix(moxxy): Fix dependency compatibility with moxxmpp and Moxxy

.gitlint

@@ -5,6 +5,6 @@ line-length=72
 [title-trailing-punctuation]
 [title-hard-tab]
 [title-match-regex]
-regex=^(feat|fix|test|release|chore|security|docs|refactor|style):.*$
+regex=^(feat|fix|test|release|chore|security|docs|refactor|style|ci):.*$
 [body-trailing-whitespace]
 [body-first-line-empty]

.woodpecker.yml

@@ -1,11 +1,22 @@
 pipeline:
-  lint:
-    image: dart:2.18.1
+  analysis:
+    image: dart:3.0.7
     commands:
-      - dart pub get
+      # Proxy requests to pub.dev using pubcached
+      - PUB_HOSTED_URL=http://172.17.0.1:8000 dart pub get
       - dart analyze --fatal-infos --fatal-warnings
-  test:
-    image: dart:2.18.1
-    commands:
-      - dart pub get
       - dart test
+    when:
+      path:
+        includes: ['lib/**', 'test/**']
+  notify:
+    image: git.polynom.me/papatutuwawa/woodpecker-xmpp
+    settings:
+      xmpp_is_muc: 1
+      xmpp_tls: 1
+      xmpp_recipient: moxxy-build@muc.moxxy.org
+      xmpp_alias: 2Bot
+    secrets: [ xmpp_jid, xmpp_password, xmpp_server ]
+    when:
+      status:
+        - failure

CHANGELOG.md

@@ -66,3 +66,12 @@ This version is a complete rework of omemo_dart!
 - Ratchets and trust data is now loaded and cached on demand
 - Accessing the trust manager must happen via `withTrustManager`
 - Overriding the base implementations is replaced by providing callback functions
+
+## 0.5.1
+
+- Remove `added` and `replaced` from the data passed to the `CommitRatchetsCallback`
+- Added a list of newly added and replaced ratchets to the encryption and decryption results. This is useful for displaying messages like "Contact added a new device"
+
+## 0.6.0
+
+- Bump dependencies to fix running with never version of Dart

README.md

@@ -1,5 +1,7 @@
 # omemo_dart
 
+[![status-badge](https://ci.polynom.me/api/badges/16/status.svg)](https://ci.polynom.me/repos/16)
+
 `omemo_dart` is a Dart library to help developers of Dart/Flutter XMPP clients to implement
 [OMEMO](https://xmpp.org/extensions/xep-0384.html) in its newest version - currently 0.8.3.
 

example/omemo_dart_example.dart

@@ -17,7 +17,7 @@ void main() async {
     // implements "Blind Trust Before Verification". To make things simpler, we keep
     // no persistent data and can thus use the MemoryBTBVTrustManager. If we wanted to keep
     // the state, we would have to override BlindTrustBeforeVerificationTrustManager.
-    MemoryBTBVTrustManager(),
+    BlindTrustBeforeVerificationTrustManager(),
     // This function is called whenever we need to send an OMEMO heartbeat to [recipient].
     // [result] is the encryted data to include. This needs to be wired into your XMPP library's
     // OMEMO implementation.
@@ -41,9 +41,7 @@ void main() async {
     (device) async {},
   );
 
-  // Alice now wants to chat with Bob at his bare Jid "bob@other.server". To make things
-  // simple, we just generate the identity bundle ourselves. In the real world, we would
-  // request it using PEP and then convert the device bundle into a OmemoBundle object.
+  // Bob, on his side, also creates an [OmemoManager] similar to Alice.
   final bobManager = OmemoManager(
     await OmemoDevice.generateNewDevice(bobJid),
     BlindTrustBeforeVerificationTrustManager(),
@@ -51,10 +49,13 @@ void main() async {
     (jid) async => [],
     (jid, id) async => null,
     (jid) async {},
+    (device) async {},
   );
 
   // Alice prepares to send the message to Bob, so she builds the message stanza and
   // collects all the children of the stanza that should be encrypted into a string.
+  // Note that this leaves out the wrapping stanza, i.e. if we want to send a <message />
+  // we only include the <message />'s children.
   const aliceMessageStanzaBody = '''
   <body>Hello Bob, it's me, Alice!</body>
   <super-secret-element xmlns='super-secret-element' />
@@ -75,10 +76,10 @@ void main() async {
 </envelope>
 ''';
 
-  // Since Alice has no open session with Bob, we need to tell the session manager to build
-  // it when sending the message.
-  final message = await aliceSession.onOutgoingStanza(
-    OmemoOutgoingStanza(
+  // Next, we encrypt the envelope element using Alice's [OmemoManager]. It will
+  // automatically attempt to fetch the device bundles of Bob.
+  final message = await aliceManager.onOutgoingStanza(
+    const OmemoOutgoingStanza(
       // The bare receiver Jid
       [bobJid],
 
@@ -87,17 +88,15 @@ void main() async {
     ),
   );
 
-  // In a proper implementation, we should also do some error checking here.
+  // In a proper implementation, we would also do some error checking here.
 
   // Alice now builds the actual message stanza for Bob
   final payload = base64.encode(message.ciphertext!);
-  final aliceDevice = await aliceSession.getDevice();
-  // ignore: unused_local_variable
-  final bobDevice = await bobSession.getDevice();
+  final aliceDevice = await aliceManager.getDevice();
   // Since we know we have just one key for Bob, we take a shortcut. However, in the real
   // world, we have to serialise every EncryptedKey to a <key /> element and group them
   // per Jid.
-  final key = message.encryptedKeys[0];
+  final key = message.encryptedKeys[bobJid]![0];
 
   // Note that the key's "kex" attribute refers to key.kex. It just means that the
   // encrypted key also contains the required data for Bob to build a session with Alice.
@@ -107,7 +106,7 @@ void main() async {
   <encrypted xmlns='urn:xmpp:omemo:2'>
     <header sid='${aliceDevice.id}'>
       <keys jid='$bobJid'>
-        <key rid='${key.rid} kex='true'>
+        <key rid='${key.rid} kex='${key.kex}'>
           ${key.value}
         </key>
       </keys>
@@ -125,7 +124,7 @@ void main() async {
   // Bob now receives an OMEMO encrypted message from Alice and wants to decrypt it.
   // Since we have just one key, let's just deserialise the one key by hand.
   final keys = [
-    EncryptedKey(bobJid, key.rid, key.value, true),
+    EncryptedKey(key.rid, key.value, true),
   ];
 
   // Bob extracts the payload and attempts to decrypt it.
@@ -134,14 +133,9 @@ void main() async {
     OmemoIncomingStanza(
       // The bare sender JID of the message. In this case, it's Alice's.
       aliceJid,
-
       // The 'sid' attribute of the <header /> element. Here, we know that Alice only has one device.
       aliceDevice.id,
 
-      // Time the message was sent. Since the message was not delayed, we use the
-      // current time.
-      DateTime.now().millisecondsSinceEpoch,
-
       /// The decoded <key /> elements. from the header. Note that we only include the ones
       /// relevant for Bob, so all children of <keys jid='$bobJid' />.
       keys,

flake.lock

@@ -1,12 +1,15 @@
 {
   "nodes": {
     "flake-utils": {
+      "inputs": {
+        "systems": "systems"
+      },
       "locked": {
-        "lastModified": 1656065134,
-        "narHash": "sha256-oc6E6ByIw3oJaIyc67maaFcnjYOz1mMcOtHxbEf9NwQ=",
+        "lastModified": 1692799911,
+        "narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "bee6a7250dd1b01844a2de7e02e4df7d8a0a206c",
+        "rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44",
         "type": "github"
       },
       "original": {
@@ -17,16 +20,16 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1657540956,
-        "narHash": "sha256-ihGbOFWtAkENwxBE5kV/yWt2MncvW+BObLDsmxCLo/Q=",
-        "owner": "NANASHI0X74",
+        "lastModified": 1727586919,
+        "narHash": "sha256-e/YXG0tO5GWHDS8QQauj8aj4HhXEm602q9swrrlTlKQ=",
+        "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "043de04db8a6b0391b3fefaaade160514d866946",
+        "rev": "2dcd9c55e8914017226f5948ac22c53872a13ee2",
         "type": "github"
       },
       "original": {
-        "owner": "NANASHI0X74",
-        "ref": "flutter-3-0-0",
+        "owner": "NixOS",
+        "ref": "nixpkgs-unstable",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -36,6 +39,21 @@
         "flake-utils": "flake-utils",
         "nixpkgs": "nixpkgs"
       }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
     }
   },
   "root": "root",

flake.nix

@@ -1,7 +1,7 @@
 {
   description = "omemo_dart";
   inputs = {
-    nixpkgs.url = "github:NANASHI0X74/nixpkgs/flutter-3-0-0";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
     flake-utils.url = "github:numtide/flake-utils";
   };
   outputs = { self, nixpkgs, flake-utils }: flake-utils.lib.eachDefaultSystem (system: let

lib/src/omemo/decryption_result.dart

@@ -3,7 +3,13 @@ import 'package:omemo_dart/src/errors.dart';
 
 @immutable
 class DecryptionResult {
-  const DecryptionResult(this.payload, this.usedOpkId, this.error);
+  const DecryptionResult(
+    this.payload,
+    this.usedOpkId,
+    this.newRatchets,
+    this.replacedRatchets,
+    this.error,
+  );
 
   /// The decrypted payload or null, if it was an empty OMEMO message.
   final String? payload;
@@ -12,6 +18,13 @@ class DecryptionResult {
   /// replacing the OPK after a message catch-up.
   final int? usedOpkId;
 
+  /// Mapping of JIDs to a list of device ids for which we created a new ratchet session.
+  final Map<String, List<int>> newRatchets;
+
+  /// Similar to [newRatchets], but the ratchets listed in [replacedRatchets] where also existent before
+  /// and replaced with the new ratchet.
+  final Map<String, List<int>> replacedRatchets;
+
   /// The error that occurred during decryption or null, if no error occurred.
   final OmemoError? error;
 }

lib/src/omemo/encryption_result.dart

@@ -8,6 +8,8 @@ class EncryptionResult {
     this.ciphertext,
     this.encryptedKeys,
     this.deviceEncryptionErrors,
+    this.newRatchets,
+    this.replacedRatchets,
     this.canSend,
   );
 
@@ -21,6 +23,13 @@ class EncryptionResult {
   /// Mapping of a JID to
   final Map<String, List<EncryptToJidError>> deviceEncryptionErrors;
 
+  /// Mapping of JIDs to a list of device ids for which we created a new ratchet session.
+  final Map<String, List<int>> newRatchets;
+
+  /// Similar to [newRatchets], but the ratchets listed in [replacedRatchets] where also existent before
+  /// and replaced with the new ratchet.
+  final Map<String, List<int>> replacedRatchets;
+
   /// A flag indicating that the message could be sent like that, i.e. we were able
   /// to encrypt to at-least one device per recipient.
   final bool canSend;

lib/src/omemo/omemo.dart

@@ -356,6 +356,8 @@ class OmemoManager {
       return DecryptionResult(
         null,
         null,
+        const {},
+        const {},
         NotEncryptedForDeviceError(),
       );
     }
@@ -365,6 +367,8 @@ class OmemoManager {
       return DecryptionResult(
         null,
         null,
+        const {},
+        const {},
         MalformedEncryptedKeyError(),
       );
     }
@@ -373,7 +377,8 @@ class OmemoManager {
     final ratchetKey =
         RatchetMapKey(stanza.bareSenderJid, stanza.senderDeviceId);
     var processAsKex = key.kex;
-    if (key.kex && _ratchetMap.containsKey(ratchetKey)) {
+    final ratchetAlreadyExists = _ratchetMap.containsKey(ratchetKey);
+    if (key.kex && ratchetAlreadyExists) {
       final ratchet = _ratchetMap[ratchetKey]!;
       final kexMessage = OMEMOKeyExchange.fromBuffer(key.data);
       final ratchetEk = await ratchet.kex.ek.getBytes();
@@ -403,6 +408,8 @@ class OmemoManager {
         return DecryptionResult(
           null,
           null,
+          const {},
+          const {},
           UnknownSignedPrekeyError(),
         );
       }
@@ -443,7 +450,13 @@ class OmemoManager {
         final error = keyAndHmac.get<OmemoError>();
         _log.warning('Failed to decrypt symmetric key: $error');
 
-        return DecryptionResult(null, null, error);
+        return DecryptionResult(
+          null,
+          null,
+          const {},
+          const {},
+          error,
+        );
       }
 
       Result<OmemoError, String?> result;
@@ -459,6 +472,8 @@ class OmemoManager {
           return DecryptionResult(
             null,
             null,
+            const {},
+            const {},
             error,
           );
         }
@@ -487,8 +502,6 @@ class OmemoManager {
           stanza.bareSenderJid,
           stanza.senderDeviceId,
           ratchet,
-          true,
-          false,
         ),
       ]);
 
@@ -512,9 +525,14 @@ class OmemoManager {
         _ratchetMap.containsKey(ratchetKey),
       );
 
+      final newlyCreatedDevice = {
+        stanza.bareSenderJid: [stanza.senderDeviceId],
+      };
       return DecryptionResult(
         result.get<String?>(),
         kexMessage.pkId,
+        ratchetAlreadyExists ? {} : newlyCreatedDevice,
+        ratchetAlreadyExists ? newlyCreatedDevice : {},
         null,
       );
     } else {
@@ -526,11 +544,13 @@ class OmemoManager {
             .contains(stanza.senderDeviceId)) {
           _deviceList[stanza.bareSenderJid]!.add(stanza.senderDeviceId);
         }
-        await _sendOmemoHeartbeat(stanza.bareSenderJid);
+        final emptyResult = await _sendOmemoHeartbeat(stanza.bareSenderJid);
 
         return DecryptionResult(
           null,
           null,
+          emptyResult.newRatchets,
+          emptyResult.replacedRatchets,
           NoSessionWithDeviceError(),
         );
       }
@@ -553,7 +573,13 @@ class OmemoManager {
       if (keyAndHmac.isType<OmemoError>()) {
         final error = keyAndHmac.get<OmemoError>();
         _log.warning('Failed to decrypt symmetric key: $error');
-        return DecryptionResult(null, null, error);
+        return DecryptionResult(
+          null,
+          null,
+          const {},
+          const {},
+          error,
+        );
       }
 
       Result<OmemoError, String?> result;
@@ -568,6 +594,8 @@ class OmemoManager {
           return DecryptionResult(
             null,
             null,
+            const {},
+            const {},
             error,
           );
         }
@@ -589,8 +617,6 @@ class OmemoManager {
           stanza.bareSenderJid,
           stanza.senderDeviceId,
           ratchet,
-          false,
-          false,
         ),
       ]);
 
@@ -600,6 +626,8 @@ class OmemoManager {
       return DecryptionResult(
         result.get<String?>(),
         null,
+        const {},
+        const {},
         null,
       );
     }
@@ -642,6 +670,8 @@ class OmemoManager {
     );
     final encryptionErrors = <String, List<EncryptToJidError>>{};
     final addedRatchetKeys = List<RatchetMapKey>.empty(growable: true);
+    final newRatchets = <String, List<int>>{};
+    final replacedRatchets = <String, List<int>>{};
     final kex = <RatchetMapKey, OMEMOKeyExchange>{};
     for (final jid in stanza.recipientJids) {
       final newBundles = await _fetchNewOmemoBundles(jid);
@@ -683,6 +713,11 @@ class OmemoManager {
         );
 
         // Track the ratchet
+        if (_ratchetMap.containsKey(ratchetKey)) {
+          replacedRatchets.appendOrCreate(ratchetKey.jid, ratchetKey.deviceId);
+        } else {
+          newRatchets.appendOrCreate(ratchetKey.jid, ratchetKey.deviceId);
+        }
         _ratchetMap[ratchetKey] = newRatchet;
         addedRatchetKeys.add(ratchetKey);
 
@@ -708,8 +743,6 @@ class OmemoManager {
             key.jid,
             key.deviceId,
             _ratchetMap[key]!,
-            true,
-            false,
           );
         }).toList(),
       );
@@ -819,6 +852,8 @@ class OmemoManager {
       ciphertext,
       encryptedKeys,
       encryptionErrors,
+      newRatchets,
+      replacedRatchets,
       successfulEncryptions.values.every((n) => n > 0),
     );
   }
@@ -832,7 +867,7 @@ class OmemoManager {
   }
 
   /// Like [sendOmemoHeartbeat], but does not acquire the lock for [jid].
-  Future<void> _sendOmemoHeartbeat(String jid) async {
+  Future<EncryptionResult> _sendOmemoHeartbeat(String jid) async {
     final result = await _onOutgoingStanzaImpl(
       OmemoOutgoingStanza(
         [jid],
@@ -840,6 +875,7 @@ class OmemoManager {
       ),
     );
     await sendEmptyOmemoMessageImpl(result, jid);
+    return result;
   }
 
   /// Removes all ratchets associated with [jid].
@@ -915,8 +951,6 @@ class OmemoManager {
           jid,
           device,
           ratchet,
-          false,
-          false,
         ),
       ]);
     }

lib/src/omemo/ratchet_data.dart

@@ -5,8 +5,6 @@ class OmemoRatchetData {
     this.jid,
     this.id,
     this.ratchet,
-    this.added,
-    this.replaced,
   );
 
   /// The JID we have the ratchet with.
@@ -17,10 +15,4 @@ class OmemoRatchetData {
 
   /// The actual double ratchet to commit.
   final OmemoDoubleRatchet ratchet;
-
-  /// Indicates whether the ratchet has just been created (true) or just modified (false).
-  final bool added;
-
-  /// Indicates whether the ratchet has been replaced (true) or not.
-  final bool replaced;
 }

omemo_dart.doap

@@ -0,0 +1,53 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'
+         xmlns="http://usefulinc.com/ns/doap#"
+         xmlns:foaf="http://xmlns.com/foaf/0.1/"
+         xmlns:xmpp="https://linkmauve.fr/ns/xmpp-doap#"
+         xmlns:schema="https://schema.org/">
+  <Project xml:lang='en'>
+    <!-- Moxxy information -->
+    <name>omemo_dart</name>
+    <created>2022-06-30</created>
+    <homepage rdf:resource="https://github.com/PapaTutuWawa/omemo_dart" />
+    <os>Linux</os>
+    <os>Windows</os>
+    <os>macOS</os>
+    <os>Android</os>
+    <os>iOS</os>
+
+    <!-- Description -->
+    <shortdesc xml:lang="de">A Dart implementation of the cryptography needed for OMEMO 0.8.3</shortdesc>
+    <description xml:lang="en">omemo_dart is a pure Dart implementation of the low-level components (X3DH, Double Ratchet) with a high-level library-agnostic interface for implementing OMEMO 0.8.3.</description>
+
+    <!-- Maintainer information -->
+    <maintainer>
+      <foaf:Person>
+      	<foaf:name>Alexander "Polynomdivision"</foaf:name>
+      	<foaf:homepage rdf:resource="https://polynom.me" />
+      </foaf:Person>
+    </maintainer>
+
+    <!-- Channel list -->
+    <developer-forum rdf:resource='xmpp:dev@muc.moxxy.org?join'/>
+
+    <!-- Repository information -->
+    <programming-language>Dart</programming-language>
+    <bug-database rdf:resource="https://github.com/PapaTutuWawa/omemo_dart/issues" />
+    <license rdf:resource="https://github.com/PapaTutuWawa/omemo_dart/blob/master/LICENSE" />
+    <repository>
+      <GitRepository>
+        <browse rdf:resource="https://github.com/PapaTutuWawa/omemo_dart" />
+        <location rdf:resource="https://github.com/PapaTutuWawa/omemo_dart.git" />
+      </GitRepository>
+    </repository>
+
+    <!-- XEP list -->
+    <implements>
+      <xmpp:SupportedXep>
+        <xmpp:xep rdf:resource="https://xmpp.org/extensions/xep-0384.html"/>
+        <xmpp:status>partial</xmpp:status>
+        <xmpp:version>0.8.3</xmpp:version>
+      </xmpp:SupportedXep>
+    </implements>
+  </Project>
+</rdf:RDF>

pubspec.yaml

@@ -1,27 +1,27 @@
 name: omemo_dart
 description: An XMPP library independent OMEMO library
-version: 0.5.0
+version: 0.6.0
 homepage: https://github.com/PapaTutuWawa/omemo_dart
 publish_to: https://git.polynom.me/api/packages/PapaTutuWawa/pub
 
 environment:
-  sdk: '>=2.17.0 <3.0.0'
+  sdk: ">=3.0.0 <4.0.0"
 
 dependencies:
-  collection: ^1.16.0
-  cryptography: ^2.0.5
+  collection: ^1.18.0
+  cryptography: ^2.7.0
   hex: ^0.2.0
-  logging: ^1.0.2
-  meta: ^1.7.0
+  logging: ^1.2.0
+  meta: ^1.15.0
   moxlib:
     version: ^0.2.0
     hosted: https://git.polynom.me/api/packages/Moxxy/pub
-  pinenacl: ^0.5.1
-  protobuf: ^2.1.0
-  protoc_plugin: ^20.0.1
-  synchronized: ^3.0.0+2
+  pinenacl: ^0.6.0
+  protobuf: ^3.1.0
+  protoc_plugin: ^21.1.2
+  synchronized: ^3.3.0+3
 
 dev_dependencies:
-  lints: ^2.0.0
-  test: ^1.21.0
-  very_good_analysis: ^3.0.1
+  lints: ^5.0.0
+  test: ^1.25.8
+  very_good_analysis: ^6.0.0

test/omemo_test.dart

@@ -1880,7 +1880,12 @@ void main() {
     );
     expect(aliceResult2.error, isNull);
     expect(aliceResult2.payload, isNull);
-    expect(aliceManager.getRatchet(RatchetMapKey(bobJid, bobDevice.id))!.acknowledged, isTrue);
+    expect(
+      aliceManager
+          .getRatchet(RatchetMapKey(bobJid, bobDevice.id))!
+          .acknowledged,
+      isTrue,
+    );
 
     // Now Alice sends something to Bob
     final aliceResult3 = await aliceManager.onOutgoingStanza(
@@ -1903,4 +1908,118 @@ void main() {
     expect(bobResult.error, isNull);
     expect(bobResult.payload, 'Hello Bob');
   });
+
+  test('Test correct new and replaced lists', () async {
+    const aliceJid = 'alice@server1';
+    const bobJid = 'bob@server2';
+
+    final aliceDevice =
+        await OmemoDevice.generateNewDevice(aliceJid, opkAmount: 1);
+    final bobDevice = await OmemoDevice.generateNewDevice(bobJid, opkAmount: 1);
+
+    final aliceManager = OmemoManager(
+      aliceDevice,
+      AlwaysTrustingTrustManager(),
+      (result, recipientJid) async {},
+      (jid) async {
+        expect(jid, bobJid);
+        return [bobDevice.id];
+      },
+      (jid, id) async {
+        expect(jid, bobJid);
+        return bobDevice.toBundle();
+      },
+      (jid) async {},
+      (_) async {},
+    );
+
+    EncryptionResult? bobEmptyMessage;
+    final bobManager = OmemoManager(
+      bobDevice,
+      TestingTrustManager(),
+      (result, recipientJid) async {
+        bobEmptyMessage = result;
+      },
+      (jid) async {
+        expect(jid, aliceJid);
+        return [
+          aliceDevice.id,
+        ];
+      },
+      (jid, id) async {
+        expect(jid, aliceJid);
+
+        if (id == aliceDevice.id) {
+          return aliceDevice.toBundle();
+        }
+
+        return null;
+      },
+      (jid) async {},
+      (_) async {},
+    );
+
+    // Alice sends Bob a message
+    final aliceResult1 = await aliceManager.onOutgoingStanza(
+      const OmemoOutgoingStanza(
+        [bobJid],
+        'Hello World!',
+      ),
+    );
+    expect(aliceResult1.newRatchets[bobJid], [bobDevice.id]);
+    expect(aliceResult1.replacedRatchets.isEmpty, isTrue);
+
+    // Bob decrypts Alice's message
+    final bobResult1 = await bobManager.onIncomingStanza(
+      OmemoIncomingStanza(
+        aliceJid,
+        aliceDevice.id,
+        aliceResult1.encryptedKeys[bobJid]!,
+        base64.encode(aliceResult1.ciphertext!),
+        false,
+      ),
+    );
+    expect(bobResult1.error, null);
+    expect(bobEmptyMessage, isNotNull);
+    expect(bobResult1.newRatchets[aliceJid], [aliceDevice.id]);
+    expect(bobResult1.replacedRatchets.isEmpty, isTrue);
+
+    // Bob now sends the empty OMEMO message to Alice, who then decrypts
+    // it.
+    final aliceResult2 = await aliceManager.onIncomingStanza(
+      OmemoIncomingStanza(
+        bobJid,
+        bobDevice.id,
+        bobEmptyMessage!.encryptedKeys[aliceJid]!,
+        bobEmptyMessage!.ciphertext?.toBase64(),
+        false,
+      ),
+    );
+    expect(aliceResult2.newRatchets.isEmpty, isTrue);
+    expect(aliceResult2.replacedRatchets.isEmpty, isTrue);
+
+    // Bob now removes all ratchets and sends a new message to alice
+    await bobManager.removeAllRatchets(aliceJid);
+    final bobResult2 = await bobManager.onOutgoingStanza(
+      const OmemoOutgoingStanza(
+        [aliceJid],
+        'New Ratchet, so cool',
+      ),
+    );
+
+    // And Alice decrypts it
+    final aliceResult3 = await aliceManager.onIncomingStanza(
+      OmemoIncomingStanza(
+        bobJid,
+        bobDevice.id,
+        bobResult2.encryptedKeys[aliceJid]!,
+        bobResult2.ciphertext?.toBase64(),
+        false,
+      ),
+    );
+    expect(aliceResult3.error, isNull);
+    expect(aliceResult3.payload, 'New Ratchet, so cool');
+    expect(aliceResult3.newRatchets.isEmpty, isTrue);
+    expect(aliceResult3.replacedRatchets[bobJid], [bobDevice.id]);
+  });
 }