private KeyExchangeMessage processInitiate(KeyExchangeMessage message)
{
uint flags = KeyExchangeMessage.RESPONSE_FLAG;
SessionRecord sessionRecord = sessionStore.LoadSession(remoteAddress);
if (message.getVersion() >= 3 &&
!Curve.verifySignature(message.getIdentityKey().getPublicKey(),
message.getBaseKey().serialize(),
message.getBaseKeySignature()))
{
throw new InvalidKeyException("Bad signature!");
}
SymmetricAxolotlParameters.Builder builder = SymmetricAxolotlParameters.newBuilder();
if (!sessionRecord.getSessionState().hasPendingKeyExchange())
{
builder.setOurIdentityKey(identityKeyStore.GetIdentityKeyPair())
.setOurBaseKey(Curve.generateKeyPair())
.setOurRatchetKey(Curve.generateKeyPair());
}
else
{
builder.setOurIdentityKey(sessionRecord.getSessionState().getPendingKeyExchangeIdentityKey())
.setOurBaseKey(sessionRecord.getSessionState().getPendingKeyExchangeBaseKey())
.setOurRatchetKey(sessionRecord.getSessionState().getPendingKeyExchangeRatchetKey());
flags |= KeyExchangeMessage.SIMULTAENOUS_INITIATE_FLAG;
}
builder.setTheirBaseKey(message.getBaseKey())
.setTheirRatchetKey(message.getRatchetKey())
.setTheirIdentityKey(message.getIdentityKey());
SymmetricAxolotlParameters parameters = builder.create();
if (!sessionRecord.isFresh())
{
sessionRecord.archiveCurrentState();
}
RatchetingSession.initializeSession(sessionRecord.getSessionState(),
Math.Min(message.getMaxVersion(), CiphertextMessage.CURRENT_VERSION),
parameters);
sessionStore.StoreSession(remoteAddress, sessionRecord);
identityKeyStore.SaveIdentity(remoteAddress.getName(), message.getIdentityKey());
byte[] baseKeySignature = Curve.calculateSignature(parameters.getOurIdentityKey().getPrivateKey(),
parameters.getOurBaseKey().getPublicKey().serialize());
return(new KeyExchangeMessage(sessionRecord.getSessionState().getSessionVersion(),
message.getSequence(), flags,
parameters.getOurBaseKey().getPublicKey(),
baseKeySignature, parameters.getOurRatchetKey().getPublicKey(),
parameters.getOurIdentityKey().getPublicKey()));
}
