private async Task buildSessionForDevicesAsync(OmemoDeviceGroup deviceGroup, IList <OmemoProtocolAddress> devices)
{
if (devices.Count <= 0)
{
return;
}
OmemoProtocolAddress device = devices[0];
devices.RemoveAt(0);
OmemoFingerprint fingerprint = OMEMO_HELPER.OMEMO_STORAGE.LoadFingerprint(device);
// Check if there exists already a session for this device:
OmemoSessionModel session = OMEMO_HELPER.OMEMO_STORAGE.LoadSession(device);
if (session is null)
{
// Try to build a new session by requesting the devices bundle information:
OmemoBundleInformationResultMessage bundleMsg = await requestBundleInformationAsync(device);
if (!(bundleMsg is null) && !(bundleMsg.BUNDLE_INFO.bundle is null))
{
int preKeyIndex = bundleMsg.BUNDLE_INFO.bundle.GetRandomPreKeyIndex();
session = new OmemoSessionModel(bundleMsg.BUNDLE_INFO.bundle, preKeyIndex, CONNECTION.account.omemoIdentityKey);
// Validate fingerprints:
if (fingerprint is null)
{
fingerprint = new OmemoFingerprint(bundleMsg.BUNDLE_INFO.bundle.identityKey, device);
OMEMO_HELPER.OMEMO_STORAGE.StoreFingerprint(fingerprint);
}
else
{
OmemoFingerprint receivedFingerprint = new OmemoFingerprint(bundleMsg.BUNDLE_INFO.bundle.identityKey, device);
// Make sure the fingerprint did not change or somebody is performing an attack:
if (!fingerprint.checkIdentityKey(receivedFingerprint.IDENTITY_KEY))
{
Logger.Warn("[OmemoSessionBuildHelper] Unable to establish session with " + device.ToString() + " - other fingerprint received than stored locally.");
await buildSessionForDevicesAsync(deviceGroup, devices);
return;
}
}
}
else
{
Logger.Warn("[OmemoSessionBuildHelper] Unable to establish session with: " + device.ToString());
}
}
public async Task decryptOmemoEncryptedMessageAsync(OmemoEncryptedMessage msg, bool trustedKeysOnly)
{
XMPPAccount account = CONNECTION.account;
OmemoProtocolAddress receiverAddress = new OmemoProtocolAddress(account.getBareJid(), account.omemoDeviceId);
// Try to decrypt the message, in case no exception occurred, everything went fine:
OmemoDecryptionContext decryptCtx = new OmemoDecryptionContext(receiverAddress, account.omemoIdentityKey, account.omemoSignedPreKey, account.OMEMO_PRE_KEYS, trustedKeysOnly, OMEMO_STORAGE);
msg.decrypt(decryptCtx);
Debug.Assert(!msg.ENCRYPTED);
Logger.Debug("Successfully decrypted an " + nameof(OmemoEncryptedMessage) + " for '" + receiverAddress.BARE_JID + "'.");
// Republish bundle information in case the message is a key exchange message and used a PreKey:
if (decryptCtx.keyExchange)
{
Logger.Info("Received a OMEMO key exchange message. Republishing bundle for '" + receiverAddress.BARE_JID + "'...");
PreKeyModel newPreKey = decryptCtx.STORAGE.ReplaceOmemoPreKey(decryptCtx.usedPreKey);
account.OMEMO_PRE_KEYS.Remove(decryptCtx.usedPreKey);
account.OMEMO_PRE_KEYS.Add(newPreKey);
await announceBundleInfoAsync();
Logger.Info("Bundle for '" + receiverAddress.BARE_JID + "' republished.");
// Reply with an empty message to confirm the successful key exchange:
// TODO: This is no good way, since there it would be possible to stalk people without them knowing.
OmemoEncryptedMessage reply = new OmemoEncryptedMessage(msg.getTo(), msg.getFrom(), null, msg.TYPE, false);
OmemoDeviceGroup deviceGroup = new OmemoDeviceGroup(decryptCtx.senderAddress.BARE_JID);
deviceGroup.SESSIONS.Add(decryptCtx.senderAddress.DEVICE_ID, decryptCtx.session);
try
{
reply.encrypt(CONNECTION.account.omemoDeviceId, CONNECTION.account.omemoIdentityKey, OMEMO_STORAGE, new List <OmemoDeviceGroup> {
deviceGroup
});
await CONNECTION.SendAsync(reply);
}
catch (Exception e)
{
Logger.Error("[OMEMO HELPER] Failed to encrypt and the empty OMEMO message reply with: ", e);
}
Logger.Info($"Send an empty OMEMO message to confirm the successful key exchange with '{msg.getFrom()}'.");
}
}
public void Test_Omemo_Send_Receive_Send()
{
// Generate Alices keys:
IdentityKeyPairModel aliceIdentKey = KeyHelper.GenerateIdentityKeyPair();
List <PreKeyModel> alicePreKeys = KeyHelper.GeneratePreKeys(0, 1);
SignedPreKeyModel aliceSignedPreKey = KeyHelper.GenerateSignedPreKey(0, aliceIdentKey.privKey);
Bundle aliceBundle = new Bundle()
{
identityKey = aliceIdentKey.pubKey,
preKeys = alicePreKeys.Select(key => new PreKeyModel(null, key.pubKey, key.keyId)).ToList(),
preKeySignature = aliceSignedPreKey.signature,
signedPreKey = aliceSignedPreKey.preKey.pubKey,
signedPreKeyId = aliceSignedPreKey.preKey.keyId
};
InMemmoryOmemoStorage aliceStorage = new InMemmoryOmemoStorage();
DoubleRachet aliceRachet = new DoubleRachet(aliceIdentKey);
// Generate Bobs keys:
IdentityKeyPairModel bobIdentKey = KeyHelper.GenerateIdentityKeyPair();
List <PreKeyModel> bobPreKeys = KeyHelper.GeneratePreKeys(0, 1);
SignedPreKeyModel bobSignedPreKey = KeyHelper.GenerateSignedPreKey(0, bobIdentKey.privKey);
Bundle bobBundle = new Bundle()
{
identityKey = bobIdentKey.pubKey,
preKeys = bobPreKeys.Select(key => new PreKeyModel(null, key.pubKey, key.keyId)).ToList(),
preKeySignature = bobSignedPreKey.signature,
signedPreKey = bobSignedPreKey.preKey.pubKey,
signedPreKeyId = bobSignedPreKey.preKey.keyId
};
InMemmoryOmemoStorage bobStorage = new InMemmoryOmemoStorage();
DoubleRachet bobRachet = new DoubleRachet(bobIdentKey);
//-----------------OMEOMO Session Building:-----------------
MessageParser2 parser = new MessageParser2();
string deviceListMsg = GetBobsDeviceListMsg();
List <AbstractMessage> messages = parser.parseMessages(ref deviceListMsg);
Assert.IsTrue(messages.Count == 1);
Assert.IsTrue(messages[0] is OmemoDeviceListResultMessage);
OmemoDeviceListResultMessage devList = messages[0] as OmemoDeviceListResultMessage;
uint selectedBobDeviceId = devList.DEVICES.getRandomDeviceId();
Assert.IsTrue(selectedBobDeviceId == BOB_ADDRESS.DEVICE_ID);
// Alice builds a session to Bob:
string bundleInfoMsg = GetBobsBundleInfoMsg(bobBundle);
messages = parser.parseMessages(ref bundleInfoMsg);
Assert.IsTrue(messages.Count == 1);
Assert.IsTrue(messages[0] is OmemoBundleInformationResultMessage);
OmemoBundleInformationResultMessage bundleInfo = messages[0] as OmemoBundleInformationResultMessage;
Assert.IsTrue(bundleInfo.BUNDLE_INFO.deviceId == BOB_ADDRESS.DEVICE_ID);
aliceStorage.StoreFingerprint(new OmemoFingerprint(bobBundle.identityKey, BOB_ADDRESS));
// Encrypt Message 1:
string msg1 = "Hello OMEMO";
OmemoEncryptedMessage omemoEncryptedMessage = new OmemoEncryptedMessage(ALICE_ADDRESS.BARE_JID, BOB_ADDRESS.BARE_JID, msg1, MessageMessage.TYPE_CHAT, false);
List <OmemoDeviceGroup> bobDevices = new List <OmemoDeviceGroup>();
OmemoDeviceGroup bobDeviceGroup = new OmemoDeviceGroup(BOB_ADDRESS.BARE_JID);
bobDeviceGroup.SESSIONS[BOB_ADDRESS.DEVICE_ID] = new OmemoSessionModel(bobBundle, 0, aliceIdentKey);
bobDevices.Add(bobDeviceGroup);
omemoEncryptedMessage.encrypt(ALICE_ADDRESS.DEVICE_ID, aliceIdentKey, aliceStorage, bobDevices);
Assert.IsTrue(omemoEncryptedMessage.ENCRYPTED);
Assert.IsNotNull(aliceStorage.LoadFingerprint(BOB_ADDRESS));
Assert.IsNotNull(aliceStorage.LoadSession(BOB_ADDRESS));
// Decrypt Message 1:
// Throws an exception in case something goes wrong:
OmemoDecryptionContext decryptCtx1 = new OmemoDecryptionContext(BOB_ADDRESS, bobIdentKey, bobSignedPreKey, bobPreKeys, false, bobStorage);
omemoEncryptedMessage.decrypt(decryptCtx1);
Assert.AreEqual(msg1, omemoEncryptedMessage.MESSAGE);
Assert.IsFalse(omemoEncryptedMessage.IS_PURE_KEY_EXCHANGE_MESSAGE);
Assert.IsFalse(omemoEncryptedMessage.ENCRYPTED);
Assert.IsNotNull(bobStorage.LoadFingerprint(ALICE_ADDRESS));
Assert.IsNotNull(bobStorage.LoadSession(ALICE_ADDRESS));
// Encrypt Message 2:
string msg2 = "Hello OMEMO 2";
OmemoEncryptedMessage omemoEncryptedMessage2 = new OmemoEncryptedMessage(BOB_ADDRESS.BARE_JID, ALICE_ADDRESS.BARE_JID, msg2, MessageMessage.TYPE_CHAT, false);
List <OmemoDeviceGroup> aliceDevices = new List <OmemoDeviceGroup>();
OmemoDeviceGroup aliceDeviceGroup = new OmemoDeviceGroup(ALICE_ADDRESS.BARE_JID);
aliceDeviceGroup.SESSIONS[ALICE_ADDRESS.DEVICE_ID] = bobStorage.LoadSession(ALICE_ADDRESS);
aliceDevices.Add(aliceDeviceGroup);
omemoEncryptedMessage2.encrypt(BOB_ADDRESS.DEVICE_ID, bobIdentKey, bobStorage, aliceDevices);
Assert.IsTrue(omemoEncryptedMessage2.ENCRYPTED);
// Decrypt Message 2:
// Throws an exception in case something goes wrong:
OmemoDecryptionContext decryptCtx2 = new OmemoDecryptionContext(ALICE_ADDRESS, aliceIdentKey, aliceSignedPreKey, alicePreKeys, false, aliceStorage);
omemoEncryptedMessage2.decrypt(decryptCtx2);
Assert.AreEqual(msg2, omemoEncryptedMessage2.MESSAGE);
Assert.IsFalse(omemoEncryptedMessage2.IS_PURE_KEY_EXCHANGE_MESSAGE);
Assert.IsFalse(omemoEncryptedMessage2.ENCRYPTED);
// Encrypt Message 3:
string msg3 = "Hello OMEMO 3";
OmemoEncryptedMessage omemoEncryptedMessage3 = new OmemoEncryptedMessage(ALICE_ADDRESS.BARE_JID, BOB_ADDRESS.BARE_JID, msg3, MessageMessage.TYPE_CHAT, false);
bobDeviceGroup.SESSIONS[BOB_ADDRESS.DEVICE_ID] = aliceStorage.LoadSession(BOB_ADDRESS);
omemoEncryptedMessage3.encrypt(ALICE_ADDRESS.DEVICE_ID, aliceIdentKey, aliceStorage, bobDevices);
Assert.IsFalse(omemoEncryptedMessage3.IS_PURE_KEY_EXCHANGE_MESSAGE);
Assert.IsTrue(omemoEncryptedMessage3.ENCRYPTED);
Assert.IsNotNull(aliceStorage.LoadFingerprint(BOB_ADDRESS));
Assert.IsNotNull(aliceStorage.LoadSession(BOB_ADDRESS));
// Decrypt Message 3:
// Throws an exception in case something goes wrong:
OmemoDecryptionContext decryptCtx3 = new OmemoDecryptionContext(BOB_ADDRESS, bobIdentKey, bobSignedPreKey, bobPreKeys, false, bobStorage);
omemoEncryptedMessage3.decrypt(decryptCtx3);
Assert.AreEqual(msg3, omemoEncryptedMessage3.MESSAGE);
Assert.IsFalse(omemoEncryptedMessage3.IS_PURE_KEY_EXCHANGE_MESSAGE);
Assert.IsFalse(omemoEncryptedMessage3.ENCRYPTED);
Assert.IsNotNull(bobStorage.LoadFingerprint(ALICE_ADDRESS));
Assert.IsNotNull(bobStorage.LoadSession(ALICE_ADDRESS));
}
//--------------------------------------------------------Constructor:----------------------------------------------------------------\\
#region --Constructors--
public OmemoSessions(OmemoDeviceGroup srcDeviceGroup, OmemoDeviceGroup dstDeviceGroup)
{
SRC_DEVICE_GROUP = srcDeviceGroup;
DST_DEVICE_GROUP = dstDeviceGroup;
}
