/// <summary>
/// Tries to decrypt the message and returns true on success.
/// </summary>
/// <param name="decryptCtx">The <see cref="OmemoDecryptionContext"/> containing all necessary information for decrypting the message.</param>
/// <param name="storage">An instance of the <see cref="IOmemoStorage"/> interface.</param>
public void decrypt(OmemoDecryptionContext decryptCtx)
{
try
{
// Check if the message has been encrypted for us:
OmemoKeys omemoKeys = keys.Where(k => string.Equals(k.BARE_JID, decryptCtx.RECEIVER_ADDRESS.BARE_JID)).FirstOrDefault();
if (keys is null)
{
throw new NotForDeviceException("Failed to decrypt message. Not encrypted for JID.");
}
decryptCtx.key = omemoKeys.KEYS?.Where(k => k.DEVICE_ID == decryptCtx.RECEIVER_ADDRESS.DEVICE_ID).FirstOrDefault();
if (decryptCtx.key is null)
{
throw new NotForDeviceException("Failed to decrypt message. Not encrypted for device.");
}
decryptCtx.senderAddress = new OmemoProtocolAddress(Utils.getBareJidFromFullJid(FROM), SID);
// Check if the PreKey and SignedPreKey are still available in case the massage is a key exchange message:
byte[] data = Convert.FromBase64String(decryptCtx.key.BASE64_PAYLOAD);
if (decryptCtx.key.KEY_EXCHANGE)
{
decryptCtx.keyExchangeMsg = new OmemoKeyExchangeMessage(data);
// Check if there already exists a session. In case yes, compare the ephemeral public key stored in the Double Ratchet:
OmemoSessionModel oldSession = decryptCtx.STORAGE.LoadSession(decryptCtx.senderAddress);
if (!(oldSession is null) && oldSession.ek.Equals(decryptCtx.keyExchangeMsg.EK))
{
// Process only the auth message:
decryptCtx.authMsg = decryptCtx.keyExchangeMsg.MESSAGE;
decryptCtx.keyExchange = false;
Logger.Info($"Received an {nameof(OmemoKeyExchangeMessage)} for a session from '{decryptCtx.senderAddress.ToString()}' that already exists. This could be because we have not yet responded with an own message to the sender.");
}
else
{
decryptCtx.keyExchange = true;
decryptCtx.authMsg = decryptCtx.keyExchangeMsg.MESSAGE;
if (decryptCtx.keyExchangeMsg.SPK_ID != decryptCtx.RECEIVER_SIGNED_PRE_KEY.preKey.keyId)
{
throw new NotForDeviceException("Failed to decrypt message. Signed PreKey with id " + decryptCtx.keyExchangeMsg.SPK_ID + " not available any more.");
}
decryptCtx.usedPreKey = decryptCtx.RECEIVER_PRE_KEYS.Where(k => k.keyId == decryptCtx.keyExchangeMsg.PK_ID).FirstOrDefault();
if (decryptCtx.usedPreKey is null)
{
throw new NotForDeviceException("Failed to decrypt message. PreKey with id " + decryptCtx.keyExchangeMsg.PK_ID + " not available any more.");
}
}
}
else
{
decryptCtx.authMsg = new OmemoAuthenticatedMessage(data);
}
// Content can be null in case we have a pure keys exchange message:
byte[] contentEnc = null;
if (!string.IsNullOrEmpty(BASE_64_PAYLOAD))
{
contentEnc = Convert.FromBase64String(BASE_64_PAYLOAD);
}
else
{
IS_PURE_KEY_EXCHANGE_MESSAGE = true;
}
// Check the senders fingerprint and handle new devices:
ValidateSender(decryptCtx);
byte[] contentDec = decryptContent(contentEnc, decryptCtx);
if (!IS_PURE_KEY_EXCHANGE_MESSAGE)
{
string contentStr = Encoding.UTF8.GetString(contentDec);
XmlNode contentNode = getContentNode(contentStr);
parseContentNode(contentNode);
}
// In case nothing went wrong, store the session:
decryptCtx.STORAGE.StoreSession(decryptCtx.senderAddress, decryptCtx.session);
ENCRYPTED = false;
}
/// <summary>
/// Tries to decrypt the message and returns true on success.
/// </summary>
/// <param name="decryptCtx">The <see cref="OmemoDecryptionContext"/> containing all necessary information for decrypting the message.</param>
/// <param name="storage">An instance of the <see cref="IOmemoStorage"/> interface.</param>
public void decrypt(OmemoDecryptionContext decryptCtx)
{
try
{
// Check if the message has been encrypted for us:
OmemoKeys omemoKeys = keys.Where(k => string.Equals(k.BARE_JID, decryptCtx.RECEIVER_ADDRESS.BARE_JID)).FirstOrDefault();
if (omemoKeys is null)
{
throw new NotForDeviceException("Failed to decrypt message. Not encrypted for JID.");
}
decryptCtx.key = omemoKeys.KEYS?.Where(k => k.DEVICE_ID == decryptCtx.RECEIVER_ADDRESS.DEVICE_ID).FirstOrDefault();
if (decryptCtx.key is null)
{
throw new NotForDeviceException("Failed to decrypt message. Not encrypted for device.");
}
decryptCtx.senderAddress = new OmemoProtocolAddress(Utils.getBareJidFromFullJid(FROM), SID);
// Check if the PreKey and SignedPreKey are still available in case the massage is a key exchange message:
byte[] data = Convert.FromBase64String(decryptCtx.key.BASE64_PAYLOAD);
if (decryptCtx.key.KEY_EXCHANGE)
{
decryptCtx.keyExchangeMsg = new OmemoKeyExchangeMessage(data);
// Check if there already exists a session. In case yes, compare the ephemeral public key stored in the Double Ratchet:
OmemoSessionModel oldSession = decryptCtx.STORAGE.LoadSession(decryptCtx.senderAddress);
if (!(oldSession is null) && oldSession.ek.Equals(decryptCtx.keyExchangeMsg.EK))
{
// Process only the auth message:
decryptCtx.authMsg = decryptCtx.keyExchangeMsg.MESSAGE;
decryptCtx.keyExchange = false;
Logger.Info($"Received an {nameof(OmemoKeyExchangeMessage)} for a session from '{decryptCtx.senderAddress}' that already exists. This could be because we have not yet responded with an own message to the sender.");
}
else
{
decryptCtx.keyExchange = true;
decryptCtx.authMsg = decryptCtx.keyExchangeMsg.MESSAGE;
if (decryptCtx.keyExchangeMsg.SPK_ID != decryptCtx.RECEIVER_SIGNED_PRE_KEY.preKey.keyId)
{
throw new NotForDeviceException($"Failed to decrypt message. Signed PreKey with id {decryptCtx.keyExchangeMsg.SPK_ID} not available any more.");
}
decryptCtx.usedPreKey = decryptCtx.RECEIVER_PRE_KEYS.Where(k => k.keyId == decryptCtx.keyExchangeMsg.PK_ID).FirstOrDefault();
if (decryptCtx.usedPreKey is null)
{
throw new NotForDeviceException($"Failed to decrypt message. PreKey with id {decryptCtx.keyExchangeMsg.PK_ID} not available any more.");
}
}
}
else
{
decryptCtx.authMsg = new OmemoAuthenticatedMessage(data);
}
// Check the senders fingerprint and handle new devices:
validateSender(decryptCtx);
// Load the existing OMEMO session and create a new one if the message is a key exchange message:
loadSession(decryptCtx);
if (!IS_PURE_KEY_EXCHANGE_MESSAGE)
{
// Content can be null in case we have a pure keys exchange message:
byte[] contentEnc = Convert.FromBase64String(BASE_64_PAYLOAD);
byte[] contentDec = decryptContent(contentEnc, decryptCtx);
string contentStr = Encoding.UTF8.GetString(contentDec);
XmlNode envelopeNode = getEnvelopeNode(contentStr);
parseEnvelopeNode(envelopeNode);
}
else
{
// For pure key exchange messages we decrypt 32 zero bytes instead the (key || HMAC) combination:
byte[] dummyKeyHmac = decryptKeyHmac(decryptCtx);
if (!dummyKeyHmac.SequenceEqual(new byte[32]))
{
throw new OmemoException($"Expected to decrypt 32 zero bytes from pure key exchange messages, but received: {CryptoUtils.ToHexString(dummyKeyHmac)}");
}
}
// In case nothing went wrong, store the session:
if (decryptCtx.session.state == SessionState.SEND)
{
decryptCtx.session.state = SessionState.READY;
}
decryptCtx.STORAGE.StoreSession(decryptCtx.senderAddress, decryptCtx.session);
ENCRYPTED = false;
}
