private async Task buildSessionForDevicesAsync(Dictionary <uint, SessionCipher> sessions, IList <SignalProtocolAddress> devices)
{
if (devices.Count <= 0)
{
return;
}
SignalProtocolAddress device = devices[0];
devices.RemoveAt(0);
// Check if there exists already a session for this device:
if (OMEMO_HELPER.OMEMO_STORE.ContainsSession(device))
{
// If yes, the load it:
SessionCipher cipher = OMEMO_HELPER.loadCipher(device);
sessions.Add(device.getDeviceId(), cipher);
Logger.Info("[OmemoSessionBuildHelper] Session for " + device.ToString() + " loaded from cache.");
}
else
{
// Else try to build a new one by requesting the devices bundle information:
OmemoBundleInformationResultMessage bundleMsg = await requestBundleInformationAsync(device);
if (!(bundleMsg is null))
{
SignalProtocolAddress address = OMEMO_HELPER.newSession(CHAT_JID, bundleMsg);
SessionCipher cipher = OMEMO_HELPER.loadCipher(address);
sessions.Add(device.getDeviceId(), cipher);
Logger.Info("[OmemoSessionBuildHelper] Session with " + device.ToString() + " established.");
}
public SessionRecord LoadSession(SignalProtocolAddress address)
{
SessionRecord session = OmemoSignalKeyDBManager.INSTANCE.getSession(address, ACCOUNT.getBareJid());
if (session is null)
{
Logger.Warn("No existing libsignal session found for: " + address.ToString());
session = new SessionRecord();
}
return(session);
}
private async Task buildSessionForDevicesAsync(Dictionary <uint, SessionCipher> sessions, IList <SignalProtocolAddress> devices)
{
if (devices.Count <= 0)
{
return;
}
SignalProtocolAddress device = devices[0];
devices.RemoveAt(0);
// Validate the device fingerprint:
OmemoFingerprint fingerprint = OMEMO_HELPER.OMEMO_STORE.LoadFingerprint(device);
if (!(fingerprint is null) && !OMEMO_HELPER.OMEMO_STORE.IsFingerprintTrusted(fingerprint))
{
Logger.Warn("[OmemoSessionBuildHelper] Not building a session with " + device.ToString() + " - key not trusted.");
await buildSessionForDevicesAsync(sessions, devices);
return;
}
// Check if there exists already a session for this device:
if (OMEMO_HELPER.OMEMO_STORE.ContainsSession(device))
{
// If yes, the load it:
SessionCipher cipher = OMEMO_HELPER.loadCipher(device);
sessions.Add(device.getDeviceId(), cipher);
Logger.Info("[OmemoSessionBuildHelper] Session for " + device.ToString() + " loaded from cache.");
}
else
{
// Else try to build a new one by requesting the devices bundle information:
OmemoBundleInformationResultMessage bundleMsg = await requestBundleInformationAsync(device);
if (!(bundleMsg is null))
{
OMEMO_HELPER.newSession(device.getName(), bundleMsg);
// Validate fingerprints:
if (fingerprint is null)
{
fingerprint = new OmemoFingerprint(bundleMsg.BUNDLE_INFO.PUBLIC_IDENTITY_KEY, device);
OMEMO_HELPER.OMEMO_STORE.StoreFingerprint(fingerprint);
}
else
{
OmemoFingerprint receivedFingerprint = new OmemoFingerprint(bundleMsg.BUNDLE_INFO.PUBLIC_IDENTITY_KEY, device);
// Make sure the fingerprint did not change or somebody is doing an attack:
if (!fingerprint.checkIdentityKey(receivedFingerprint.IDENTITY_PUB_KEY))
{
Logger.Warn("[OmemoSessionBuildHelper] Unable to establish session with " + device.ToString() + " - other fingerprint received than stored locally.");
await buildSessionForDevicesAsync(sessions, devices);
return;
}
}
// Check if the fingerprint is trusted:
if (OMEMO_HELPER.OMEMO_STORE.IsFingerprintTrusted(fingerprint))
{
SessionCipher cipher = OMEMO_HELPER.loadCipher(device);
sessions.Add(device.getDeviceId(), cipher);
Logger.Info("[OmemoSessionBuildHelper] Session with " + device.ToString() + " established.");
}
else
{
Logger.Warn("[OmemoSessionBuildHelper] Unable to establish session with " + device.ToString() + " - key not trusted.");
}
}
/// <summary>
/// Validates if the given identity public key should be trusted.
/// </summary>
/// <param name="address">The signal protocol address corresponding to the given public identity key.</param>
/// <param name="publicKey">The public identity key we want to validate.</param>
/// <param name="omemoStore">The OMEMO store that keeps all OMEMO related keys.</param>
/// <returns>True if we trust else false.</returns>
private Task <bool> isFingerprintTrustedAsync(SignalProtocolAddress address, ECPublicKey publicKey, IOmemoStore omemoStore)
{
return(Task.Run(() =>
{
OmemoFingerprint fingerprint = omemoStore.LoadFingerprint(address);
if (!(fingerprint is null))
{
if (!fingerprint.checkIdentityKey(publicKey))
{
Logger.Warn("Received not OMEMO encrypted message with a not matching public identity key from: " + address.ToString());
return false;
}
fingerprint.lastSeen = DateTime.Now;
}
