/**
* Build a new session from a received {@link org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage}.
*
* After a session is constructed in this way, the embedded {@link org.whispersystems.libaxolotl.protocol.WhisperMessage}
* can be decrypted.
*
* @param message The received {@link org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage}.
* @throws org.whispersystems.libaxolotl.InvalidKeyIdException when there is no local
* {@link org.whispersystems.libaxolotl.state.PreKeyRecord}
* that corresponds to the PreKey ID in
* the message.
* @throws org.whispersystems.libaxolotl.InvalidKeyException when the message is formatted incorrectly.
* @throws org.whispersystems.libaxolotl.UntrustedIdentityException when the {@link IdentityKey} of the sender is untrusted.
*/
/*package*/
internal May <uint> Process(SessionRecord sessionRecord, PreKeyWhisperMessage message)
{
uint messageVersion = message.GetMessageVersion();
IdentityKey theirIdentityKey = message.GetIdentityKey();
May <uint> unsignedPreKeyId;
if (!identityKeyStore.IsTrustedIdentity(remoteAddress.GetName(), theirIdentityKey))
{
throw new UntrustedIdentityException(remoteAddress.GetName(), theirIdentityKey);
}
switch (messageVersion)
{
case 2:
unsignedPreKeyId = ProcessV2(sessionRecord, message);
break;
case 3:
unsignedPreKeyId = ProcessV3(sessionRecord, message);
break;
default:
throw new Exception("Unknown version: " + messageVersion);
}
identityKeyStore.SaveIdentity(remoteAddress.GetName(), theirIdentityKey);
return(unsignedPreKeyId);
}
/**
* Encrypt a message.
*
* @param paddedMessage The plaintext message bytes, optionally padded to a constant multiple.
* @return A ciphertext message encrypted to the recipient+device tuple.
*/
public CiphertextMessage encrypt(byte[] paddedMessage)
{
lock (SESSION_LOCK)
{
SessionRecord sessionRecord = sessionStore.loadSession(remoteAddress);
SessionState sessionState = sessionRecord.getSessionState();
ChainKey chainKey = sessionState.getSenderChainKey();
MessageKeys messageKeys = chainKey.getMessageKeys();
ECPublicKey senderEphemeral = sessionState.getSenderRatchetKey();
uint previousCounter = sessionState.getPreviousCounter();
uint sessionVersion = sessionState.getSessionVersion();
byte[] ciphertextBody = getCiphertext(sessionVersion, messageKeys, paddedMessage);
CiphertextMessage ciphertextMessage = new WhisperMessage(sessionVersion, messageKeys.getMacKey(),
senderEphemeral, chainKey.getIndex(),
previousCounter, ciphertextBody,
sessionState.getLocalIdentityKey(),
sessionState.getRemoteIdentityKey());
if (sessionState.hasUnacknowledgedPreKeyMessage())
{
SessionState.UnacknowledgedPreKeyMessageItems items = sessionState.getUnacknowledgedPreKeyMessageItems();
uint localRegistrationId = sessionState.getLocalRegistrationId();
ciphertextMessage = new PreKeyWhisperMessage(sessionVersion, localRegistrationId, items.getPreKeyId(),
items.getSignedPreKeyId(), items.getBaseKey(),
sessionState.getLocalIdentityKey(),
(WhisperMessage)ciphertextMessage);
}
sessionState.setSenderChainKey(chainKey.getNextChainKey());
sessionStore.storeSession(remoteAddress, sessionRecord);
return(ciphertextMessage);
}
}
/// <summary>
/// decrypt an incomming message
/// </summary>
/// <param name="from"></param>
/// <param name="ciphertext"></param>
/// <param name="type"></param>
/// <param name="id"></param>
/// <param name="t"></param>
/// <param name="retry_from"></param>
/// <param name="skip_unpad"></param>
public object decryptMessage(string from, byte[] ciphertext, string type, string id,
string t, string retry_from = null, bool skip_unpad = false)
{
string version = "1";
#region pkmsg routine
if (type == "pkmsg")
{
if (v2Jids.Contains(ExtractNumber(from)))
{
version = "2";
}
try
{
PreKeyWhisperMessage preKeyWhisperMessage = new PreKeyWhisperMessage(ciphertext);
SessionCipher sessionCipher = getSessionCipher(ExtractNumber(from));
var plaintext = sessionCipher.decrypt(preKeyWhisperMessage);
if (version == "2" && !skip_unpad)
{
return(unpadV2Plaintext(plaintext.ToString()));
}
}
catch (Exception e) {
}
}
#endregion
#region WhisperMessage routine
if (type == "msg")
{
if (v2Jids.Contains(ExtractNumber(from)))
{
version = "2";
}
try
{
PreKeyWhisperMessage preKeyWhisperMessage = new PreKeyWhisperMessage(ciphertext);
SessionCipher sessionCipher = getSessionCipher(ExtractNumber(from));
var plaintext = sessionCipher.decrypt(preKeyWhisperMessage);
if (version == "2" && !skip_unpad)
{
return(unpadV2Plaintext(plaintext.ToString()));
}
}
catch (Exception e)
{
}
}
#endregion
#region Group message Cipher routine
if (type == "skmsg")
{
throw new NotImplementedException();
}
#endregion
return(false);
}
public void testBadMessageBundle()
{
AxolotlStore aliceStore = new TestInMemoryAxolotlStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
AxolotlStore bobStore = new TestInMemoryAxolotlStore();
ECKeyPair bobPreKeyPair = Curve.generateKeyPair();
ECKeyPair bobSignedPreKeyPair = Curve.generateKeyPair();
byte[] bobSignedPreKeySignature = Curve.calculateSignature(bobStore.GetIdentityKeyPair().getPrivateKey(),
bobSignedPreKeyPair.getPublicKey().serialize());
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.getPublicKey(),
22, bobSignedPreKeyPair.getPublicKey(), bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().getPublicKey());
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(22, new SignedPreKeyRecord(22, DateUtil.currentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
aliceSessionBuilder.process(bobPreKey);
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
CiphertextMessage outgoingMessageOne = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.PREKEY_TYPE, outgoingMessageOne.getType());
byte[] goodMessage = outgoingMessageOne.serialize();
byte[] badMessage = new byte[goodMessage.Length];
Array.Copy(goodMessage, 0, badMessage, 0, badMessage.Length);
badMessage[badMessage.Length - 10] ^= 0x01;
PreKeyWhisperMessage incomingMessage = new PreKeyWhisperMessage(badMessage);
SessionCipher bobSessionCipher = new SessionCipher(bobStore, ALICE_ADDRESS);
byte[] plaintext = new byte[0];
try
{
plaintext = bobSessionCipher.decrypt(incomingMessage);
throw new Exception("Decrypt should have failed!");
}
catch (InvalidMessageException e)
{
// good.
}
Assert.IsTrue(bobStore.ContainsPreKey(31337));
plaintext = bobSessionCipher.decrypt(new PreKeyWhisperMessage(goodMessage));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
Assert.IsFalse(bobStore.ContainsPreKey(31337));
}
public void testRepeatBundleMessageV3()
{
AxolotlStore aliceStore = new TestInMemoryAxolotlStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
AxolotlStore bobStore = new TestInMemoryAxolotlStore();
ECKeyPair bobPreKeyPair = Curve.generateKeyPair();
ECKeyPair bobSignedPreKeyPair = Curve.generateKeyPair();
byte[] bobSignedPreKeySignature = Curve.calculateSignature(bobStore.GetIdentityKeyPair().getPrivateKey(),
bobSignedPreKeyPair.getPublicKey().serialize());
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.getPublicKey(),
22, bobSignedPreKeyPair.getPublicKey(), bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().getPublicKey());
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(22, new SignedPreKeyRecord(22, DateUtil.currentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
aliceSessionBuilder.process(bobPreKey);
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
CiphertextMessage outgoingMessageOne = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
CiphertextMessage outgoingMessageTwo = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.PREKEY_TYPE, outgoingMessageOne.getType());
Assert.AreEqual(CiphertextMessage.PREKEY_TYPE, outgoingMessageTwo.getType());
PreKeyWhisperMessage incomingMessage = new PreKeyWhisperMessage(outgoingMessageOne.serialize());
SessionCipher bobSessionCipher = new SessionCipher(bobStore, ALICE_ADDRESS);
byte[] plaintext = bobSessionCipher.decrypt(incomingMessage);
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
CiphertextMessage bobOutgoingMessage = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
byte[] alicePlaintext = aliceSessionCipher.decrypt(new WhisperMessage(bobOutgoingMessage.serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(alicePlaintext));
// The test
PreKeyWhisperMessage incomingMessageTwo = new PreKeyWhisperMessage(outgoingMessageTwo.serialize());
plaintext = bobSessionCipher.decrypt(new PreKeyWhisperMessage(incomingMessageTwo.serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
bobOutgoingMessage = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
alicePlaintext = aliceSessionCipher.decrypt(new WhisperMessage(bobOutgoingMessage.serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(alicePlaintext));
}
private May <uint> ProcessV3(SessionRecord sessionRecord, PreKeyWhisperMessage message)
{
if (sessionRecord.HasSessionState(message.GetMessageVersion(), message.GetBaseKey().Serialize()))
{
return(May <uint> .NoValue);
}
SignedPreKeyRecord signedPreKeyRecord = signedPreKeyStore.LoadSignedPreKey(message.GetSignedPreKeyId());
ECKeyPair ourSignedPreKey = signedPreKeyRecord.GetKeyPair();
BobAxolotlParameters.Builder parameters = BobAxolotlParameters.NewBuilder();
parameters.SetTheirBaseKey(message.GetBaseKey())
.SetTheirIdentityKey(message.GetIdentityKey())
.SetOurIdentityKey(identityKeyStore.GetIdentityKeyPair())
.SetOurSignedPreKey(ourSignedPreKey)
.SetOurRatchetKey(ourSignedPreKey);
if (message.GetPreKeyId().HasValue)
{
parameters.SetOurOneTimePreKey(new May <ECKeyPair>(preKeyStore.LoadPreKey(message.GetPreKeyId().ForceGetValue()).GetKeyPair()));
}
else
{
parameters.SetOurOneTimePreKey(May <ECKeyPair> .NoValue);
}
if (!sessionRecord.IsFresh())
{
sessionRecord.ArchiveCurrentState();
}
RatchetingSession.InitializeSession(sessionRecord.GetSessionState(), message.GetMessageVersion(), parameters.Create());
sessionRecord.GetSessionState().SetLocalRegistrationId(identityKeyStore.GetLocalRegistrationId());
sessionRecord.GetSessionState().SetRemoteRegistrationId(message.GetRegistrationId());
sessionRecord.GetSessionState().SetAliceBaseKey(message.GetBaseKey().Serialize());
if (message.GetPreKeyId().HasValue&& message.GetPreKeyId().ForceGetValue() != Medium.MAX_VALUE)
{
return(message.GetPreKeyId());
}
else
{
return(May <uint> .NoValue);
}
}
private May <uint> processV3(SessionRecord sessionRecord, PreKeyWhisperMessage message)
{
if (sessionRecord.hasSessionState(message.getMessageVersion(), message.getBaseKey().serialize()))
{
//Log.w(TAG, "We've already setup a session for this V3 message, letting bundled message fall through...");
return(May <uint> .NoValue);
}
ECKeyPair ourSignedPreKey = signedPreKeyStore.LoadSignedPreKey(message.getSignedPreKeyId()).getKeyPair();
BobAxolotlParameters.Builder parameters = BobAxolotlParameters.newBuilder();
parameters.setTheirBaseKey(message.getBaseKey())
.setTheirIdentityKey(message.getIdentityKey())
.setOurIdentityKey(identityKeyStore.GetIdentityKeyPair())
.setOurSignedPreKey(ourSignedPreKey)
.setOurRatchetKey(ourSignedPreKey);
if (message.getPreKeyId().HasValue)
{
parameters.setOurOneTimePreKey(new May <ECKeyPair>(preKeyStore.LoadPreKey(message.getPreKeyId().ForceGetValue()).getKeyPair()));
}
else
{
parameters.setOurOneTimePreKey(May <ECKeyPair> .NoValue);
}
if (!sessionRecord.isFresh())
{
sessionRecord.archiveCurrentState();
}
RatchetingSession.initializeSession(sessionRecord.getSessionState(), message.getMessageVersion(), parameters.create());
sessionRecord.getSessionState().setLocalRegistrationId(identityKeyStore.GetLocalRegistrationId());
sessionRecord.getSessionState().setRemoteRegistrationId(message.getRegistrationId());
sessionRecord.getSessionState().setAliceBaseKey(message.getBaseKey().serialize());
if (message.getPreKeyId().HasValue&& message.getPreKeyId().ForceGetValue() != Medium.MAX_VALUE)
{
return(message.getPreKeyId());
}
else
{
return(May <uint> .NoValue);
}
}
public void testOptionalOneTimePreKey()
{
AxolotlStore aliceStore = new TestInMemoryAxolotlStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
AxolotlStore bobStore = new TestInMemoryAxolotlStore();
ECKeyPair bobPreKeyPair = Curve.generateKeyPair();
ECKeyPair bobSignedPreKeyPair = Curve.generateKeyPair();
byte[] bobSignedPreKeySignature = Curve.calculateSignature(bobStore.GetIdentityKeyPair().getPrivateKey(),
bobSignedPreKeyPair.getPublicKey().serialize());
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
0, null,
22, bobSignedPreKeyPair.getPublicKey(),
bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().getPublicKey());
aliceSessionBuilder.process(bobPreKey);
Assert.IsTrue(aliceStore.ContainsSession(BOB_ADDRESS));
Assert.AreEqual((uint)3, aliceStore.LoadSession(BOB_ADDRESS).getSessionState().getSessionVersion());
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
CiphertextMessage outgoingMessage = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(outgoingMessage.getType(), CiphertextMessage.PREKEY_TYPE);
PreKeyWhisperMessage incomingMessage = new PreKeyWhisperMessage(outgoingMessage.serialize());
Assert.IsFalse(incomingMessage.getPreKeyId().HasValue);
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(22, new SignedPreKeyRecord(22, DateUtil.currentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
SessionCipher bobSessionCipher = new SessionCipher(bobStore, ALICE_ADDRESS);
byte[] plaintext = bobSessionCipher.decrypt(incomingMessage);
Assert.IsTrue(bobStore.ContainsSession(ALICE_ADDRESS));
Assert.AreEqual((uint)3, bobStore.LoadSession(ALICE_ADDRESS).getSessionState().getSessionVersion());
Assert.IsNotNull(bobStore.LoadSession(ALICE_ADDRESS).getSessionState().getAliceBaseKey());
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
}
private May <uint> processV2(SessionRecord sessionRecord, PreKeyWhisperMessage message)
{
if (!message.getPreKeyId().HasValue)
{
throw new InvalidKeyIdException("V2 message requires one time prekey id!");
}
if (!preKeyStore.ContainsPreKey(message.getPreKeyId().ForceGetValue()) &&
sessionStore.ContainsSession(remoteAddress))
{
//Log.w(TAG, "We've already processed the prekey part of this V2 session, letting bundled message fall through...");
return(May <uint> .NoValue); //May.absent();
}
ECKeyPair ourPreKey = preKeyStore.LoadPreKey(message.getPreKeyId().ForceGetValue()).getKeyPair();
BobAxolotlParameters.Builder parameters = BobAxolotlParameters.newBuilder();
parameters.setOurIdentityKey(identityKeyStore.GetIdentityKeyPair())
.setOurSignedPreKey(ourPreKey)
.setOurRatchetKey(ourPreKey)
.setOurOneTimePreKey(May <ECKeyPair> .NoValue) //absent
.setTheirIdentityKey(message.getIdentityKey())
.setTheirBaseKey(message.getBaseKey());
if (!sessionRecord.isFresh())
{
sessionRecord.archiveCurrentState();
}
RatchetingSession.initializeSession(sessionRecord.getSessionState(), message.getMessageVersion(), parameters.create());
sessionRecord.getSessionState().setLocalRegistrationId(identityKeyStore.GetLocalRegistrationId());
sessionRecord.getSessionState().setRemoteRegistrationId(message.getRegistrationId());
sessionRecord.getSessionState().setAliceBaseKey(message.getBaseKey().serialize());
if (message.getPreKeyId().ForceGetValue() != Medium.MAX_VALUE)
{
return(message.getPreKeyId());
}
else
{
return(May <uint> .NoValue); // May.absent();
}
}
private May <uint> ProcessV2(SessionRecord sessionRecord, PreKeyWhisperMessage message)
{
if (!message.GetPreKeyId().HasValue)
{
throw new InvalidKeyIdException("V2 message requires one time prekey id!");
}
if (!preKeyStore.ContainsPreKey(message.GetPreKeyId().ForceGetValue()) &&
sessionStore.ContainsSession(remoteAddress))
{
return(May <uint> .NoValue);
}
ECKeyPair ourPreKey = preKeyStore.LoadPreKey(message.GetPreKeyId().ForceGetValue()).GetKeyPair();
BobAxolotlParameters.Builder parameters = BobAxolotlParameters.NewBuilder();
parameters.SetOurIdentityKey(identityKeyStore.GetIdentityKeyPair())
.SetOurSignedPreKey(ourPreKey)
.SetOurRatchetKey(ourPreKey)
.SetOurOneTimePreKey(May <ECKeyPair> .NoValue) //absent
.SetTheirIdentityKey(message.GetIdentityKey())
.SetTheirBaseKey(message.GetBaseKey());
if (!sessionRecord.IsFresh())
{
sessionRecord.ArchiveCurrentState();
}
RatchetingSession.InitializeSession(sessionRecord.GetSessionState(), message.GetMessageVersion(), parameters.Create());
sessionRecord.GetSessionState().SetLocalRegistrationId(identityKeyStore.GetLocalRegistrationId());
sessionRecord.GetSessionState().SetRemoteRegistrationId(message.GetRegistrationId());
sessionRecord.GetSessionState().SetAliceBaseKey(message.GetBaseKey().Serialize());
if (message.GetPreKeyId().ForceGetValue() != Medium.MAX_VALUE)
{
return(message.GetPreKeyId());
}
else
{
return(May <uint> .NoValue); // May.absent();
}
}
/**
* Decrypt a message.
*
* @param ciphertext The {@link PreKeyWhisperMessage} to decrypt.
* @param callback A callback that is triggered after decryption is complete,
* but before the updated session state has been committed to the session
* DB. This allows some implementations to store the committed plaintext
* to a DB first, in case they are concerned with a crash happening between
* the time the session state is updated but before they're able to store
* the plaintext to disk.
*
* @return The plaintext.
* @throws InvalidMessageException if the input is not valid ciphertext.
* @throws DuplicateMessageException if the input is a message that has already been received.
* @throws LegacyMessageException if the input is a message formatted by a protocol version that
* is no longer supported.
* @throws InvalidKeyIdException when there is no local {@link org.whispersystems.libaxolotl.state.PreKeyRecord}
* that corresponds to the PreKey ID in the message.
* @throws InvalidKeyException when the message is formatted incorrectly.
* @throws UntrustedIdentityException when the {@link IdentityKey} of the sender is untrusted.
*/
public byte[] decrypt(PreKeyWhisperMessage ciphertext, DecryptionCallback callback)
{
lock (SESSION_LOCK)
{
SessionRecord sessionRecord = sessionStore.loadSession(remoteAddress);
May <uint> unsignedPreKeyId = sessionBuilder.process(sessionRecord, ciphertext);
byte[] plaintext = decrypt(sessionRecord, ciphertext.getWhisperMessage());
callback.handlePlaintext(plaintext);
sessionStore.storeSession(remoteAddress, sessionRecord);
if (unsignedPreKeyId.HasValue)
{
preKeyStore.removePreKey(unsignedPreKeyId.ForceGetValue());
}
return(plaintext);
}
}
/**
* Decrypt a message.
*
* @param ciphertext The {@link PreKeyWhisperMessage} to decrypt.
*
* @return The plaintext.
* @throws InvalidMessageException if the input is not valid ciphertext.
* @throws DuplicateMessageException if the input is a message that has already been received.
* @throws LegacyMessageException if the input is a message formatted by a protocol version that
* is no longer supported.
* @throws InvalidKeyIdException when there is no local {@link org.whispersystems.libaxolotl.state.PreKeyRecord}
* that corresponds to the PreKey ID in the message.
* @throws InvalidKeyException when the message is formatted incorrectly.
* @throws UntrustedIdentityException when the {@link IdentityKey} of the sender is untrusted.
*/
public byte[] decrypt(PreKeyWhisperMessage ciphertext)
{
return(decrypt(ciphertext, new NullDecryptionCallback()));
}
public void testBasicPreKeyV2()
{
AxolotlStore aliceStore = new TestInMemoryAxolotlStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
AxolotlStore bobStore = new TestInMemoryAxolotlStore();
ECKeyPair bobPreKeyPair = Curve.generateKeyPair();
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.getPublicKey(),
0, null, null,
bobStore.GetIdentityKeyPair().getPublicKey());
aliceSessionBuilder.process(bobPreKey);
Assert.IsTrue(aliceStore.ContainsSession(BOB_ADDRESS));
Assert.AreEqual((uint)2, aliceStore.LoadSession(BOB_ADDRESS).getSessionState().getSessionVersion());
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
CiphertextMessage outgoingMessage = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.PREKEY_TYPE, outgoingMessage.getType());
PreKeyWhisperMessage incomingMessage = new PreKeyWhisperMessage(outgoingMessage.serialize());
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
SessionCipher bobSessionCipher = new SessionCipher(bobStore, ALICE_ADDRESS);
byte[] plaintext = bobSessionCipher.decrypt(incomingMessage);
Assert.IsTrue(bobStore.ContainsSession(ALICE_ADDRESS));
Assert.AreEqual((uint)2, bobStore.LoadSession(ALICE_ADDRESS).getSessionState().getSessionVersion());
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
CiphertextMessage bobOutgoingMessage = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.WHISPER_TYPE, bobOutgoingMessage.getType());
byte[] alicePlaintext = aliceSessionCipher.decrypt((WhisperMessage)bobOutgoingMessage);
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(alicePlaintext));
runInteraction(aliceStore, bobStore);
aliceStore = new TestInMemoryAxolotlStore();
aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
bobPreKeyPair = Curve.generateKeyPair();
bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(),
1, 31338, bobPreKeyPair.getPublicKey(),
0, null, null, bobStore.GetIdentityKeyPair().getPublicKey());
bobStore.StorePreKey(31338, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
aliceSessionBuilder.process(bobPreKey);
outgoingMessage = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
try
{
bobSessionCipher.decrypt(new PreKeyWhisperMessage(outgoingMessage.serialize()));
throw new Exception("shouldn't be trusted!");
}
catch (UntrustedIdentityException uie)
{
bobStore.SaveIdentity(ALICE_ADDRESS.getName(), new PreKeyWhisperMessage(outgoingMessage.serialize()).getIdentityKey());
}
plaintext = bobSessionCipher.decrypt(new PreKeyWhisperMessage(outgoingMessage.serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, Curve.generateKeyPair().getPublicKey(),
0, null, null,
aliceStore.GetIdentityKeyPair().getPublicKey());
try
{
aliceSessionBuilder.process(bobPreKey);
throw new Exception("shoulnd't be trusted!");
}
catch (UntrustedIdentityException uie)
{
// good
}
}
