/** * Build a new session from a {@link org.whispersystems.libaxolotl.state.PreKeyBundle} retrieved from * a server. * * @param preKey A PreKey for the destination recipient, retrieved from a server. * @throws InvalidKeyException when the {@link org.whispersystems.libaxolotl.state.PreKeyBundle} is * badly formatted. * @throws org.whispersystems.libaxolotl.UntrustedIdentityException when the sender's * {@link IdentityKey} is not * trusted. */ public void Process(PreKeyBundle preKey) { lock (SessionCipher.SESSION_LOCK) { if (!identityKeyStore.IsTrustedIdentity(remoteAddress.GetName(), preKey.GetIdentityKey())) { throw new UntrustedIdentityException(remoteAddress.GetName(), preKey.GetIdentityKey()); } if (preKey.GetSignedPreKey() != null && !Curve.VerifySignature(preKey.GetIdentityKey().GetPublicKey(), preKey.GetSignedPreKey().Serialize(), preKey.GetSignedPreKeySignature())) { throw new InvalidKeyException("Invalid Signature on Device Key!"); } if (preKey.GetSignedPreKey() == null && preKey.GetPreKey() == null) { throw new InvalidKeyException("Both Signed and Unsigned Prekeys are Absent!"); } bool supportsV3 = preKey.GetSignedPreKey() != null; SessionRecord sessionRecord = sessionStore.LoadSession(remoteAddress); ECKeyPair ourBaseKey = Curve.GenerateKeyPair(); ECPublicKey theirSignedPreKey = supportsV3 ? preKey.GetSignedPreKey() : preKey.GetPreKey(); ECPublicKey test = preKey.GetPreKey(); // TODO: Cleanup May <ECPublicKey> theirOneTimePreKey = (test == null) ? May <ECPublicKey> .NoValue : new May <ECPublicKey>(test); May <uint> theirOneTimePreKeyId = theirOneTimePreKey.HasValue ? new May <uint>(preKey.GetPreKeyId()) : May <uint> .NoValue; AliceAxolotlParameters.Builder parameters = AliceAxolotlParameters.NewBuilder(); parameters.SetOurBaseKey(ourBaseKey) .SetOurIdentityKey(identityKeyStore.GetIdentityKeyPair()) .SetTheirIdentityKey(preKey.GetIdentityKey()) .SetTheirSignedPreKey(theirSignedPreKey) .SetTheirRatchetKey(theirSignedPreKey) .SetTheirOneTimePreKey(supportsV3 ? theirOneTimePreKey : May <ECPublicKey> .NoValue); if (!sessionRecord.IsFresh()) { sessionRecord.ArchiveCurrentState(); } RatchetingSession.InitializeSession(sessionRecord.GetSessionState(), supportsV3 ? (uint)3 : 2, parameters.Create()); sessionRecord.GetSessionState().SetUnacknowledgedPreKeyMessage(theirOneTimePreKeyId, preKey.GetSignedPreKeyId(), ourBaseKey.GetPublicKey()); sessionRecord.GetSessionState().SetLocalRegistrationId(identityKeyStore.GetLocalRegistrationId()); sessionRecord.GetSessionState().SetRemoteRegistrationId(preKey.GetRegistrationId()); sessionRecord.GetSessionState().SetAliceBaseKey(ourBaseKey.GetPublicKey().Serialize()); sessionStore.StoreSession(remoteAddress, sessionRecord); identityKeyStore.SaveIdentity(remoteAddress.GetName(), preKey.GetIdentityKey()); } }
/// <summary> /// Build a new session from a {@link org.whispersystems.libsignal.state.PreKeyBundle} retrieved from /// a server. /// </summary> /// @param preKey A PreKey for the destination recipient, retrieved from a server. /// @throws InvalidKeyException when the {@link org.whispersystems.libsignal.state.PreKeyBundle} is /// badly formatted. /// @throws org.whispersystems.libsignal.UntrustedIdentityException when the sender's /// {@link IdentityKey} is not /// trusted. /// public void Process(PreKeyBundle preKey) { lock (SessionCipher.SessionLock) { if (!_identityKeyStore.IsTrustedIdentity(_remoteAddress, preKey.GetIdentityKey(), Direction.Sending)) { throw new UntrustedIdentityException(_remoteAddress.Name, preKey.GetIdentityKey()); } if (preKey.GetSignedPreKey() != null && !Curve.VerifySignature(preKey.GetIdentityKey().GetPublicKey(), preKey.GetSignedPreKey().Serialize(), preKey.GetSignedPreKeySignature())) { throw new InvalidKeyException("Invalid signature on device key!"); } if (preKey.GetSignedPreKey() == null) { throw new InvalidKeyException("No signed prekey!"); } SessionRecord sessionRecord = _sessionStore.LoadSession(_remoteAddress); EcKeyPair ourBaseKey = Curve.GenerateKeyPair(); IEcPublicKey theirSignedPreKey = preKey.GetSignedPreKey(); IEcPublicKey test = preKey.GetPreKey(); May <IEcPublicKey> theirOneTimePreKey = (test == null) ? May <IEcPublicKey> .NoValue : new May <IEcPublicKey>(test); May <uint> theirOneTimePreKeyId = theirOneTimePreKey.HasValue ? new May <uint>(preKey.GetPreKeyId()) : May <uint> .NoValue; AliceSignalProtocolParameters.Builder parameters = AliceSignalProtocolParameters.NewBuilder(); parameters.SetOurBaseKey(ourBaseKey) .SetOurIdentityKey(_identityKeyStore.GetIdentityKeyPair()) .SetTheirIdentityKey(preKey.GetIdentityKey()) .SetTheirSignedPreKey(theirSignedPreKey) .SetTheirRatchetKey(theirSignedPreKey) .SetTheirOneTimePreKey(theirOneTimePreKey); if (!sessionRecord.IsFresh()) { sessionRecord.ArchiveCurrentState(); } RatchetingSession.InitializeSession(sessionRecord.GetSessionState(), parameters.Create()); sessionRecord.GetSessionState().SetUnacknowledgedPreKeyMessage(theirOneTimePreKeyId, preKey.GetSignedPreKeyId(), ourBaseKey.GetPublicKey()); sessionRecord.GetSessionState().SetLocalRegistrationId(_identityKeyStore.GetLocalRegistrationId()); sessionRecord.GetSessionState().SetRemoteRegistrationId(preKey.GetRegistrationId()); sessionRecord.GetSessionState().SetAliceBaseKey(ourBaseKey.GetPublicKey().Serialize()); _identityKeyStore.SaveIdentity(_remoteAddress, preKey.GetIdentityKey()); _sessionStore.StoreSession(_remoteAddress, sessionRecord); } }
private KeyExchangeMessage ProcessInitiate(KeyExchangeMessage message) { uint flags = KeyExchangeMessage.RESPONSE_FLAG; SessionRecord sessionRecord = sessionStore.LoadSession(remoteAddress); if (message.GetVersion() >= 3 && !Curve.VerifySignature(message.GetIdentityKey().GetPublicKey(), message.GetBaseKey().Serialize(), message.GetBaseKeySignature())) { throw new InvalidKeyException("Bad signature!"); } SymmetricAxolotlParameters.Builder builder = SymmetricAxolotlParameters.NewBuilder(); if (!sessionRecord.GetSessionState().HasPendingKeyExchange()) { builder.SetOurIdentityKey(identityKeyStore.GetIdentityKeyPair()) .SetOurBaseKey(Curve.GenerateKeyPair()) .SetOurRatchetKey(Curve.GenerateKeyPair()); } else { builder.SetOurIdentityKey(sessionRecord.GetSessionState().GetPendingKeyExchangeIdentityKey()) .SetOurBaseKey(sessionRecord.GetSessionState().GetPendingKeyExchangeBaseKey()) .SetOurRatchetKey(sessionRecord.GetSessionState().GetPendingKeyExchangeRatchetKey()); flags |= KeyExchangeMessage.SIMULTAENOUS_INITIATE_FLAG; } builder.SetTheirBaseKey(message.GetBaseKey()) .SetTheirRatchetKey(message.GetRatchetKey()) .SetTheirIdentityKey(message.GetIdentityKey()); SymmetricAxolotlParameters parameters = builder.Create(); if (!sessionRecord.IsFresh()) { sessionRecord.ArchiveCurrentState(); } RatchetingSession.InitializeSession(sessionRecord.GetSessionState(), Math.Min(message.GetMaxVersion(), CipherTextMessage.CURRENT_VERSION), parameters); sessionStore.StoreSession(remoteAddress, sessionRecord); identityKeyStore.SaveIdentity(remoteAddress.GetName(), message.GetIdentityKey()); byte[] baseKeySignature = Curve.CalculateSignature(parameters.GetOurIdentityKey().GetPrivateKey(), parameters.GetOurBaseKey().GetPublicKey().Serialize()); return(new KeyExchangeMessage(sessionRecord.GetSessionState().GetSessionVersion(), message.GetSequence(), flags, parameters.GetOurBaseKey().GetPublicKey(), baseKeySignature, parameters.GetOurRatchetKey().GetPublicKey(), parameters.GetOurIdentityKey().GetPublicKey())); }
private void ProcessResponse(KeyExchangeMessage message) { SessionRecord sessionRecord = sessionStore.LoadSession(remoteAddress); SessionState sessionState = sessionRecord.GetSessionState(); bool hasPendingKeyExchange = sessionState.HasPendingKeyExchange(); bool isSimultaneousInitiateResponse = message.IsResponseForSimultaneousInitiate(); if (!hasPendingKeyExchange || sessionState.GetPendingKeyExchangeSequence() != message.GetSequence()) { //Log.w(TAG, "No matching sequence for response. Is simultaneous initiate response: " + isSimultaneousInitiateResponse); if (!isSimultaneousInitiateResponse) { throw new StaleKeyExchangeException(); } else { return; } } SymmetricAxolotlParameters.Builder parameters = SymmetricAxolotlParameters.NewBuilder(); parameters.SetOurBaseKey(sessionRecord.GetSessionState().GetPendingKeyExchangeBaseKey()) .SetOurRatchetKey(sessionRecord.GetSessionState().GetPendingKeyExchangeRatchetKey()) .SetOurIdentityKey(sessionRecord.GetSessionState().GetPendingKeyExchangeIdentityKey()) .SetTheirBaseKey(message.GetBaseKey()) .SetTheirRatchetKey(message.GetRatchetKey()) .SetTheirIdentityKey(message.GetIdentityKey()); if (!sessionRecord.IsFresh()) { sessionRecord.ArchiveCurrentState(); } RatchetingSession.InitializeSession(sessionRecord.GetSessionState(), Math.Min(message.GetMaxVersion(), CipherTextMessage.CURRENT_VERSION), parameters.Create()); if (sessionRecord.GetSessionState().GetSessionVersion() >= 3 && !Curve.VerifySignature(message.GetIdentityKey().GetPublicKey(), message.GetBaseKey().Serialize(), message.GetBaseKeySignature())) { throw new InvalidKeyException("Base key signature doesn't match!"); } sessionStore.StoreSession(remoteAddress, sessionRecord); identityKeyStore.SaveIdentity(remoteAddress.GetName(), message.GetIdentityKey()); }
private May <uint> ProcessV3(SessionRecord sessionRecord, PreKeySignalMessage message) { if (sessionRecord.HasSessionState(message.GetMessageVersion(), message.GetBaseKey().Serialize())) { Debug.WriteLine("We've already setup a session for this V3 message, letting bundled message fall through..."); return(May <uint> .NoValue); } EcKeyPair ourSignedPreKey = _signedPreKeyStore.LoadSignedPreKey(message.GetSignedPreKeyId()).GetKeyPair(); BobSignalProtocolParameters.Builder parameters = BobSignalProtocolParameters.NewBuilder(); parameters.SetTheirBaseKey(message.GetBaseKey()) .SetTheirIdentityKey(message.GetIdentityKey()) .SetOurIdentityKey(_identityKeyStore.GetIdentityKeyPair()) .SetOurSignedPreKey(ourSignedPreKey) .SetOurRatchetKey(ourSignedPreKey); if (message.GetPreKeyId().HasValue) { parameters.SetOurOneTimePreKey(new May <EcKeyPair>(_preKeyStore.LoadPreKey(message.GetPreKeyId().ForceGetValue()).GetKeyPair())); } else { parameters.SetOurOneTimePreKey(May <EcKeyPair> .NoValue); } if (!sessionRecord.IsFresh()) { sessionRecord.ArchiveCurrentState(); } RatchetingSession.InitializeSession(sessionRecord.GetSessionState(), parameters.Create()); sessionRecord.GetSessionState().SetLocalRegistrationId(_identityKeyStore.GetLocalRegistrationId()); sessionRecord.GetSessionState().SetRemoteRegistrationId(message.GetRegistrationId()); sessionRecord.GetSessionState().SetAliceBaseKey(message.GetBaseKey().Serialize()); if (message.GetPreKeyId().HasValue) { return(message.GetPreKeyId()); } else { return(May <uint> .NoValue); } }
private May <uint> ProcessV3(SessionRecord sessionRecord, PreKeyWhisperMessage message) { if (sessionRecord.HasSessionState(message.GetMessageVersion(), message.GetBaseKey().Serialize())) { return(May <uint> .NoValue); } SignedPreKeyRecord signedPreKeyRecord = signedPreKeyStore.LoadSignedPreKey(message.GetSignedPreKeyId()); ECKeyPair ourSignedPreKey = signedPreKeyRecord.GetKeyPair(); BobAxolotlParameters.Builder parameters = BobAxolotlParameters.NewBuilder(); parameters.SetTheirBaseKey(message.GetBaseKey()) .SetTheirIdentityKey(message.GetIdentityKey()) .SetOurIdentityKey(identityKeyStore.GetIdentityKeyPair()) .SetOurSignedPreKey(ourSignedPreKey) .SetOurRatchetKey(ourSignedPreKey); if (message.GetPreKeyId().HasValue) { parameters.SetOurOneTimePreKey(new May <ECKeyPair>(preKeyStore.LoadPreKey(message.GetPreKeyId().ForceGetValue()).GetKeyPair())); } else { parameters.SetOurOneTimePreKey(May <ECKeyPair> .NoValue); } if (!sessionRecord.IsFresh()) { sessionRecord.ArchiveCurrentState(); } RatchetingSession.InitializeSession(sessionRecord.GetSessionState(), message.GetMessageVersion(), parameters.Create()); sessionRecord.GetSessionState().SetLocalRegistrationId(identityKeyStore.GetLocalRegistrationId()); sessionRecord.GetSessionState().SetRemoteRegistrationId(message.GetRegistrationId()); sessionRecord.GetSessionState().SetAliceBaseKey(message.GetBaseKey().Serialize()); if (message.GetPreKeyId().HasValue&& message.GetPreKeyId().ForceGetValue() != Medium.MAX_VALUE) { return(message.GetPreKeyId()); } else { return(May <uint> .NoValue); } }
private May <uint> ProcessV2(SessionRecord sessionRecord, PreKeyWhisperMessage message) { if (!message.GetPreKeyId().HasValue) { throw new InvalidKeyIdException("V2 message requires one time prekey id!"); } if (!preKeyStore.ContainsPreKey(message.GetPreKeyId().ForceGetValue()) && sessionStore.ContainsSession(remoteAddress)) { return(May <uint> .NoValue); } ECKeyPair ourPreKey = preKeyStore.LoadPreKey(message.GetPreKeyId().ForceGetValue()).GetKeyPair(); BobAxolotlParameters.Builder parameters = BobAxolotlParameters.NewBuilder(); parameters.SetOurIdentityKey(identityKeyStore.GetIdentityKeyPair()) .SetOurSignedPreKey(ourPreKey) .SetOurRatchetKey(ourPreKey) .SetOurOneTimePreKey(May <ECKeyPair> .NoValue) //absent .SetTheirIdentityKey(message.GetIdentityKey()) .SetTheirBaseKey(message.GetBaseKey()); if (!sessionRecord.IsFresh()) { sessionRecord.ArchiveCurrentState(); } RatchetingSession.InitializeSession(sessionRecord.GetSessionState(), message.GetMessageVersion(), parameters.Create()); sessionRecord.GetSessionState().SetLocalRegistrationId(identityKeyStore.GetLocalRegistrationId()); sessionRecord.GetSessionState().SetRemoteRegistrationId(message.GetRegistrationId()); sessionRecord.GetSessionState().SetAliceBaseKey(message.GetBaseKey().Serialize()); if (message.GetPreKeyId().ForceGetValue() != Medium.MAX_VALUE) { return(message.GetPreKeyId()); } else { return(May <uint> .NoValue); // May.absent(); } }
private void InitializeSessionsV3(SessionState aliceSessionState, SessionState bobSessionState) { EcKeyPair aliceIdentityKeyPair = Curve.GenerateKeyPair(); IdentityKeyPair aliceIdentityKey = new IdentityKeyPair(new IdentityKey(aliceIdentityKeyPair.GetPublicKey()), aliceIdentityKeyPair.GetPrivateKey()); EcKeyPair aliceBaseKey = Curve.GenerateKeyPair(); EcKeyPair aliceEphemeralKey = Curve.GenerateKeyPair(); EcKeyPair alicePreKey = aliceBaseKey; EcKeyPair bobIdentityKeyPair = Curve.GenerateKeyPair(); IdentityKeyPair bobIdentityKey = new IdentityKeyPair(new IdentityKey(bobIdentityKeyPair.GetPublicKey()), bobIdentityKeyPair.GetPrivateKey()); EcKeyPair bobBaseKey = Curve.GenerateKeyPair(); EcKeyPair bobEphemeralKey = bobBaseKey; EcKeyPair bobPreKey = Curve.GenerateKeyPair(); AliceSignalProtocolParameters aliceParameters = AliceSignalProtocolParameters.NewBuilder() .SetOurBaseKey(aliceBaseKey) .SetOurIdentityKey(aliceIdentityKey) .SetTheirOneTimePreKey(May <IEcPublicKey> .NoValue) .SetTheirRatchetKey(bobEphemeralKey.GetPublicKey()) .SetTheirSignedPreKey(bobBaseKey.GetPublicKey()) .SetTheirIdentityKey(bobIdentityKey.GetPublicKey()) .Create(); BobSignalProtocolParameters bobParameters = BobSignalProtocolParameters.NewBuilder() .SetOurRatchetKey(bobEphemeralKey) .SetOurSignedPreKey(bobBaseKey) .SetOurOneTimePreKey(May <EcKeyPair> .NoValue) .SetOurIdentityKey(bobIdentityKey) .SetTheirIdentityKey(aliceIdentityKey.GetPublicKey()) .SetTheirBaseKey(aliceBaseKey.GetPublicKey()) .Create(); RatchetingSession.InitializeSession(aliceSessionState, aliceParameters); RatchetingSession.InitializeSession(bobSessionState, bobParameters); }
public void TestRatchetingSessionAsBob() { byte[] bobPublic = { (byte)0x05, (byte)0x2c, (byte)0xb4, (byte)0x97, (byte)0x76, (byte)0xb8, (byte)0x77, (byte)0x02, (byte)0x05, (byte)0x74, (byte)0x5a, (byte)0x3a, (byte)0x6e, (byte)0x24, (byte)0xf5, (byte)0x79, (byte)0xcd, (byte)0xb4, (byte)0xba, (byte)0x7a, (byte)0x89, (byte)0x04, (byte)0x10, (byte)0x05, (byte)0x92, (byte)0x8e, (byte)0xbb, (byte)0xad, (byte)0xc9, (byte)0xc0, (byte)0x5a, (byte)0xd4, (byte)0x58 }; byte[] bobPrivate = { (byte)0xa1, (byte)0xca, (byte)0xb4, (byte)0x8f, (byte)0x7c, (byte)0x89, (byte)0x3f, (byte)0xaf, (byte)0xa9, (byte)0x88, (byte)0x0a, (byte)0x28, (byte)0xc3, (byte)0xb4, (byte)0x99, (byte)0x9d, (byte)0x28, (byte)0xd6, (byte)0x32, (byte)0x95, (byte)0x62, (byte)0xd2, (byte)0x7a, (byte)0x4e, (byte)0xa4, (byte)0xe2, (byte)0x2e, (byte)0x9f, (byte)0xf1, (byte)0xbd, (byte)0xd6, (byte)0x5a }; byte[] bobIdentityPublic = { (byte)0x05, (byte)0xf1, (byte)0xf4, (byte)0x38, (byte)0x74, (byte)0xf6, (byte)0x96, (byte)0x69, (byte)0x56, (byte)0xc2, (byte)0xdd, (byte)0x47, (byte)0x3f, (byte)0x8f, (byte)0xa1, (byte)0x5a, (byte)0xde, (byte)0xb7, (byte)0x1d, (byte)0x1c, (byte)0xb9, (byte)0x91, (byte)0xb2, (byte)0x34, (byte)0x16, (byte)0x92, (byte)0x32, (byte)0x4c, (byte)0xef, (byte)0xb1, (byte)0xc5, (byte)0xe6, (byte)0x26 }; byte[] bobIdentityPrivate = { (byte)0x48, (byte)0x75, (byte)0xcc, (byte)0x69, (byte)0xdd, (byte)0xf8, (byte)0xea, (byte)0x07, (byte)0x19, (byte)0xec, (byte)0x94, (byte)0x7d, (byte)0x61, (byte)0x08, (byte)0x11, (byte)0x35, (byte)0x86, (byte)0x8d, (byte)0x5f, (byte)0xd8, (byte)0x01, (byte)0xf0, (byte)0x2c, (byte)0x02, (byte)0x25, (byte)0xe5, (byte)0x16, (byte)0xdf, (byte)0x21, (byte)0x56, (byte)0x60, (byte)0x5e }; byte[] aliceBasePublic = { (byte)0x05, (byte)0x47, (byte)0x2d, (byte)0x1f, (byte)0xb1, (byte)0xa9, (byte)0x86, (byte)0x2c, (byte)0x3a, (byte)0xf6, (byte)0xbe, (byte)0xac, (byte)0xa8, (byte)0x92, (byte)0x02, (byte)0x77, (byte)0xe2, (byte)0xb2, (byte)0x6f, (byte)0x4a, (byte)0x79, (byte)0x21, (byte)0x3e, (byte)0xc7, (byte)0xc9, (byte)0x06, (byte)0xae, (byte)0xb3, (byte)0x5e, (byte)0x03, (byte)0xcf, (byte)0x89, (byte)0x50 }; byte[] aliceEphemeralPublic = { (byte)0x05, (byte)0x6c, (byte)0x3e, (byte)0x0d, (byte)0x1f, (byte)0x52, (byte)0x02, (byte)0x83, (byte)0xef, (byte)0xcc, (byte)0x55, (byte)0xfc, (byte)0xa5, (byte)0xe6, (byte)0x70, (byte)0x75, (byte)0xb9, (byte)0x04, (byte)0x00, (byte)0x7f, (byte)0x18, (byte)0x81, (byte)0xd1, (byte)0x51, (byte)0xaf, (byte)0x76, (byte)0xdf, (byte)0x18, (byte)0xc5, (byte)0x1d, (byte)0x29, (byte)0xd3, (byte)0x4b }; byte[] aliceIdentityPublic = { (byte)0x05, (byte)0xb4, (byte)0xa8, (byte)0x45, (byte)0x56, (byte)0x60, (byte)0xad, (byte)0xa6, (byte)0x5b, (byte)0x40, (byte)0x10, (byte)0x07, (byte)0xf6, (byte)0x15, (byte)0xe6, (byte)0x54, (byte)0x04, (byte)0x17, (byte)0x46, (byte)0x43, (byte)0x2e, (byte)0x33, (byte)0x39, (byte)0xc6, (byte)0x87, (byte)0x51, (byte)0x49, (byte)0xbc, (byte)0xee, (byte)0xfc, (byte)0xb4, (byte)0x2b, (byte)0x4a }; byte[] bobSignedPreKeyPublic = { (byte)0x05, (byte)0xac, (byte)0x24, (byte)0x8a, (byte)0x8f, (byte)0x26, (byte)0x3b, (byte)0xe6, (byte)0x86, (byte)0x35, (byte)0x76, (byte)0xeb, (byte)0x03, (byte)0x62, (byte)0xe2, (byte)0x8c, (byte)0x82, (byte)0x8f, (byte)0x01, (byte)0x07, (byte)0xa3, (byte)0x37, (byte)0x9d, (byte)0x34, (byte)0xba, (byte)0xb1, (byte)0x58, (byte)0x6b, (byte)0xf8, (byte)0xc7, (byte)0x70, (byte)0xcd, (byte)0x67 }; byte[] bobSignedPreKeyPrivate = { (byte)0x58, (byte)0x39, (byte)0x00, (byte)0x13, (byte)0x1f, (byte)0xb7, (byte)0x27, (byte)0x99, (byte)0x8b, (byte)0x78, (byte)0x03, (byte)0xfe, (byte)0x6a, (byte)0xc2, (byte)0x2c, (byte)0xc5, (byte)0x91, (byte)0xf3, (byte)0x42, (byte)0xe4, (byte)0xe4, (byte)0x2a, (byte)0x8c, (byte)0x8d, (byte)0x5d, (byte)0x78, (byte)0x19, (byte)0x42, (byte)0x09, (byte)0xb8, (byte)0xd2, (byte)0x53 }; byte[] senderChain = { (byte)0x97, (byte)0x97, (byte)0xca, (byte)0xca, (byte)0x53, (byte)0xc9, (byte)0x89, (byte)0xbb, (byte)0xe2, (byte)0x29, (byte)0xa4, (byte)0x0c, (byte)0xa7, (byte)0x72, (byte)0x70, (byte)0x10, (byte)0xeb, (byte)0x26, (byte)0x04, (byte)0xfc, (byte)0x14, (byte)0x94, (byte)0x5d, (byte)0x77, (byte)0x95, (byte)0x8a, (byte)0x0a, (byte)0xed, (byte)0xa0, (byte)0x88, (byte)0xb4, (byte)0x4d }; IdentityKey bobIdentityKeyPublic = new IdentityKey(bobIdentityPublic, 0); IEcPrivateKey bobIdentityKeyPrivate = Curve.DecodePrivatePoint(bobIdentityPrivate); IdentityKeyPair bobIdentityKey = new IdentityKeyPair(bobIdentityKeyPublic, bobIdentityKeyPrivate); IEcPublicKey bobEphemeralPublicKey = Curve.DecodePoint(bobPublic, 0); IEcPrivateKey bobEphemeralPrivateKey = Curve.DecodePrivatePoint(bobPrivate); EcKeyPair bobEphemeralKey = new EcKeyPair(bobEphemeralPublicKey, bobEphemeralPrivateKey); EcKeyPair bobBaseKey = bobEphemeralKey; EcKeyPair bobSignedPreKey = new EcKeyPair(Curve.DecodePoint(bobSignedPreKeyPublic, 0), Curve.DecodePrivatePoint(bobSignedPreKeyPrivate)); IEcPublicKey aliceBasePublicKey = Curve.DecodePoint(aliceBasePublic, 0); IEcPublicKey aliceEphemeralPublicKey = Curve.DecodePoint(aliceEphemeralPublic, 0); IdentityKey aliceIdentityPublicKey = new IdentityKey(aliceIdentityPublic, 0); BobSignalProtocolParameters parameters = BobSignalProtocolParameters.NewBuilder() .SetOurIdentityKey(bobIdentityKey) .SetOurSignedPreKey(bobSignedPreKey) .SetOurRatchetKey(bobEphemeralKey) .SetOurOneTimePreKey(May <EcKeyPair> .NoValue) .SetTheirIdentityKey(aliceIdentityPublicKey) .SetTheirBaseKey(aliceBasePublicKey) .Create(); SessionState session = new SessionState(); RatchetingSession.InitializeSession(session, parameters); Assert.AreEqual <IdentityKey>(session.GetLocalIdentityKey(), bobIdentityKey.GetPublicKey()); Assert.AreEqual <IdentityKey>(session.GetRemoteIdentityKey(), aliceIdentityPublicKey); CollectionAssert.AreEqual(session.GetSenderChainKey().GetKey(), senderChain); }