/**
         * Decrypt a SenderKey group message.
         *
         * @param senderKeyMessageBytes The received ciphertext.
         * @param callback   A callback that is triggered after decryption is complete,
         *                    but before the updated session state has been committed to the session
         *                    DB.  This allows some implementations to store the committed plaintext
         *                    to a DB first, in case they are concerned with a crash happening between
         *                    the time the session state is updated but before they're able to store
         *                    the plaintext to disk.
         * @return Plaintext
         * @throws LegacyMessageException
         * @throws InvalidMessageException
         * @throws DuplicateMessageException
         */
        public byte[] Decrypt(byte[] senderKeyMessageBytes, IDecryptionCallback callback)
        {
            lock (Lock)
            {
                try
                {
                    SenderKeyRecord record = _senderKeyStore.LoadSenderKey(_senderKeyId);

                    if (record.IsEmpty())
                    {
                        throw new NoSessionException("No sender key for: " + _senderKeyId);
                    }

                    SenderKeyMessage senderKeyMessage = new SenderKeyMessage(senderKeyMessageBytes);
                    SenderKeyState   senderKeyState   = record.GetSenderKeyState(senderKeyMessage.GetKeyId());

                    senderKeyMessage.VerifySignature(senderKeyState.GetSigningKeyPublic());

                    SenderMessageKey senderKey = GetSenderKey(senderKeyState, senderKeyMessage.GetIteration());

                    byte[] plaintext = GetPlainText(senderKey.GetIv(), senderKey.GetCipherKey(), senderKeyMessage.GetCipherText());

                    callback.HandlePlaintext(plaintext);

                    _senderKeyStore.StoreSenderKey(_senderKeyId, record);

                    return(plaintext);
                }
                catch (Exception e) when(e is InvalidKeyException || e is InvalidKeyIdException)
                {
                    throw new InvalidMessageException(e);
                }
            }
        }
Пример #2
0
        /**
         * Encrypt a message.
         *
         * @param paddedPlaintext The plaintext message bytes, optionally padded.
         * @return Ciphertext.
         * @throws NoSessionException
         */

        public byte[] Encrypt(byte[] paddedPlaintext)
        {
            lock (LOCK)
            {
                try
                {
                    SenderKeyRecord  record         = senderKeyStore.LoadSenderKey(senderKeyId);
                    SenderKeyState   senderKeyState = record.GetSenderKeyState();
                    SenderMessageKey senderKey      = senderKeyState.GetSenderChainKey().GetSenderMessageKey();
                    byte[]           ciphertext     = GetCipherText(senderKey.GetIv(), senderKey.GetCipherKey(), paddedPlaintext);

                    SenderKeyMessage senderKeyMessage = new SenderKeyMessage(senderKeyState.GetKeyId(),
                                                                             senderKey.GetIteration(),
                                                                             ciphertext,
                                                                             senderKeyState.GetSigningKeyPrivate());

                    senderKeyState.SetSenderChainKey(senderKeyState.GetSenderChainKey().GetNext());
                    senderKeyStore.StoreSenderKey(senderKeyId, record);

                    return(senderKeyMessage.Serialize());
                }
                catch (InvalidKeyIdException e)
                {
                    throw new NoSessionException(e);
                }
            }
        }