public void TestEncryptFromWrongIdentity()
{
TestInMemorySignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
TestInMemorySignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
InitializeSessions(aliceStore, bobStore);
ECKeyPair trustRoot = Curve.generateKeyPair();
ECKeyPair randomKeyPair = Curve.generateKeyPair();
SenderCertificate senderCertificate = CreateCertificateFor(trustRoot, "+14151111111", 1, randomKeyPair.getPublicKey(), 31337);
SealedSessionCipher aliceCipher = new SealedSessionCipher(aliceStore, new SignalProtocolAddress("+14151111111", 1));
byte[] ciphertext = aliceCipher.Encrypt(new SignalProtocolAddress("+14152222222", 1),
senderCertificate, Encoding.ASCII.GetBytes("smert za smert"));
SealedSessionCipher bobCipher = new SealedSessionCipher(bobStore, new SignalProtocolAddress("+14152222222", 1));
try
{
bobCipher.Decrypt(new CertificateValidator(trustRoot.getPublicKey()), ciphertext, 31335);
}
catch (InvalidMetadataMessageException)
{
// good
}
}
public void TestEncryptDecrypt()
{
TestInMemorySignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
TestInMemorySignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
InitializeSessions(aliceStore, bobStore);
ECKeyPair trustRoot = Curve.generateKeyPair();
SenderCertificate senderCertificate = CreateCertificateFor(trustRoot, "+14151111111", 1, aliceStore.GetIdentityKeyPair().getPublicKey().getPublicKey(), 31337);
SealedSessionCipher aliceCipher = new SealedSessionCipher(aliceStore, new SignalProtocolAddress("+14151111111", 1));
byte[] ciphertext = aliceCipher.Encrypt(new SignalProtocolAddress("+14152222222", 1),
senderCertificate, Encoding.ASCII.GetBytes("smert za smert"));
SealedSessionCipher bobCipher = new SealedSessionCipher(bobStore, new SignalProtocolAddress("+14152222222", 1));
(SignalProtocolAddress, byte[])plaintext = bobCipher.Decrypt(new CertificateValidator(trustRoot.getPublicKey()), ciphertext, 31335);
CollectionAssert.AreEqual(plaintext.Item2, Encoding.ASCII.GetBytes("smert za smert"));
Assert.AreEqual(plaintext.Item1.Name, "+14151111111");
Assert.AreEqual(plaintext.Item1.DeviceId, (uint)1);
}
private Plaintext Decrypt(SignalServiceEnvelope envelope, byte[] ciphertext)
{
try
{
SignalProtocolAddress sourceAddress = new SignalProtocolAddress(envelope.GetSource(), (uint)envelope.GetSourceDevice());
SessionCipher sessionCipher = new SessionCipher(SignalProtocolStore, sourceAddress);
SealedSessionCipher sealedSessionCipher = new SealedSessionCipher(SignalProtocolStore, new SignalProtocolAddress(LocalAddress.E164number, 1));
byte[] paddedMessage;
Metadata metadata;
uint sessionVersion;
if (envelope.IsPreKeySignalMessage())
{
paddedMessage = sessionCipher.decrypt(new PreKeySignalMessage(ciphertext));
metadata = new Metadata(envelope.GetSource(), envelope.GetSourceDevice(), envelope.GetTimestamp(), false);
sessionVersion = sessionCipher.getSessionVersion();
}
else if (envelope.IsSignalMessage())
{
paddedMessage = sessionCipher.decrypt(new SignalMessage(ciphertext));
metadata = new Metadata(envelope.GetSource(), envelope.GetSourceDevice(), envelope.GetTimestamp(), false);
sessionVersion = sessionCipher.getSessionVersion();
}
else if (envelope.IsUnidentifiedSender())
{
var results = sealedSessionCipher.Decrypt(CertificateValidator, ciphertext, (long)envelope.Envelope.ServerTimestamp);
paddedMessage = results.Item2;
metadata = new Metadata(results.Item1.Name, (int)results.Item1.DeviceId, (long)envelope.Envelope.Timestamp, true);
sessionVersion = (uint)sealedSessionCipher.GetSessionVersion(new SignalProtocolAddress(metadata.Sender, (uint)metadata.SenderDevice));
}
else
{
throw new InvalidMessageException("Unknown type: " + envelope.GetEnvelopeType() + " from " + envelope.GetSource());
}
PushTransportDetails transportDetails = new PushTransportDetails(sessionVersion);
byte[] data = transportDetails.GetStrippedPaddingMessageBody(paddedMessage);
return(new Plaintext(metadata, data));
}
catch (DuplicateMessageException e)
{
throw new ProtocolDuplicateMessageException(e, envelope.GetSource(), envelope.GetSourceDevice());
}
catch (LegacyMessageException e)
{
throw new ProtocolLegacyMessageException(e, envelope.GetSource(), envelope.GetSourceDevice());
}
catch (InvalidMessageException e)
{
throw new ProtocolInvalidMessageException(e, envelope.GetSource(), envelope.GetSourceDevice());
}
catch (InvalidKeyIdException e)
{
throw new ProtocolInvalidKeyIdException(e, envelope.GetSource(), envelope.GetSourceDevice());
}
catch (InvalidKeyException e)
{
throw new ProtocolInvalidKeyException(e, envelope.GetSource(), envelope.GetSourceDevice());
}
catch (libsignal.exceptions.UntrustedIdentityException e)
{
throw new ProtocolUntrustedIdentityException(e, envelope.GetSource(), envelope.GetSourceDevice());
}
catch (InvalidVersionException e)
{
throw new ProtocolInvalidVersionException(e, envelope.GetSource(), envelope.GetSourceDevice());
}
catch (NoSessionException e)
{
throw new ProtocolNoSessionException(e, envelope.GetSource(), envelope.GetSourceDevice());
}
}