public void TestBadMessageBundle()
{
ISignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BobAddress);
ISignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
EcKeyPair bobPreKeyPair = Curve.GenerateKeyPair();
EcKeyPair bobSignedPreKeyPair = Curve.GenerateKeyPair();
byte[] bobSignedPreKeySignature = Curve.CalculateSignature(bobStore.GetIdentityKeyPair().GetPrivateKey(),
bobSignedPreKeyPair.GetPublicKey().Serialize());
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.GetPublicKey(),
22, bobSignedPreKeyPair.GetPublicKey(), bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().GetPublicKey());
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.GetPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(22, new SignedPreKeyRecord(22, DateUtil.CurrentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
aliceSessionBuilder.Process(bobPreKey);
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BobAddress);
CiphertextMessage outgoingMessageOne = aliceSessionCipher.Encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.PrekeyType, outgoingMessageOne.GetMessageType());
byte[] goodMessage = outgoingMessageOne.Serialize();
byte[] badMessage = new byte[goodMessage.Length];
Array.Copy(goodMessage, 0, badMessage, 0, badMessage.Length);
badMessage[badMessage.Length - 10] ^= 0x01;
PreKeySignalMessage incomingMessage = new PreKeySignalMessage(badMessage);
SessionCipher bobSessionCipher = new SessionCipher(bobStore, AliceAddress);
byte[] plaintext = new byte[0];
try
{
plaintext = bobSessionCipher.Decrypt(incomingMessage);
throw new Exception("Decrypt should have failed!");
}
catch (InvalidMessageException)
{
// good.
}
Assert.IsTrue(bobStore.ContainsPreKey(31337));
plaintext = bobSessionCipher.Decrypt(new PreKeySignalMessage(goodMessage));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
Assert.IsFalse(bobStore.ContainsPreKey(31337));
}
public void TestRepeatBundleMessageV3()
{
ISignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BobAddress);
ISignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
EcKeyPair bobPreKeyPair = Curve.GenerateKeyPair();
EcKeyPair bobSignedPreKeyPair = Curve.GenerateKeyPair();
byte[] bobSignedPreKeySignature = Curve.CalculateSignature(bobStore.GetIdentityKeyPair().GetPrivateKey(),
bobSignedPreKeyPair.GetPublicKey().Serialize());
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.GetPublicKey(),
22, bobSignedPreKeyPair.GetPublicKey(), bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().GetPublicKey());
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.GetPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(22, new SignedPreKeyRecord(22, DateUtil.CurrentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
aliceSessionBuilder.Process(bobPreKey);
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BobAddress);
CiphertextMessage outgoingMessageOne = aliceSessionCipher.Encrypt(Encoding.UTF8.GetBytes(originalMessage));
CiphertextMessage outgoingMessageTwo = aliceSessionCipher.Encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.PrekeyType, outgoingMessageOne.GetMessageType());
Assert.AreEqual(CiphertextMessage.PrekeyType, outgoingMessageTwo.GetMessageType());
PreKeySignalMessage incomingMessage = new PreKeySignalMessage(outgoingMessageOne.Serialize());
SessionCipher bobSessionCipher = new SessionCipher(bobStore, AliceAddress);
byte[] plaintext = bobSessionCipher.Decrypt(incomingMessage);
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
CiphertextMessage bobOutgoingMessage = bobSessionCipher.Encrypt(Encoding.UTF8.GetBytes(originalMessage));
byte[] alicePlaintext = aliceSessionCipher.Decrypt(new SignalMessage(bobOutgoingMessage.Serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(alicePlaintext));
// The test
PreKeySignalMessage incomingMessageTwo = new PreKeySignalMessage(outgoingMessageTwo.Serialize());
plaintext = bobSessionCipher.Decrypt(new PreKeySignalMessage(incomingMessageTwo.Serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
bobOutgoingMessage = bobSessionCipher.Encrypt(Encoding.UTF8.GetBytes(originalMessage));
alicePlaintext = aliceSessionCipher.Decrypt(new SignalMessage(bobOutgoingMessage.Serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(alicePlaintext));
}
public void TestOptionalOneTimePreKey()
{
ISignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BobAddress);
ISignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
EcKeyPair bobPreKeyPair = Curve.GenerateKeyPair();
EcKeyPair bobSignedPreKeyPair = Curve.GenerateKeyPair();
byte[] bobSignedPreKeySignature = Curve.CalculateSignature(bobStore.GetIdentityKeyPair().GetPrivateKey(),
bobSignedPreKeyPair.GetPublicKey().Serialize());
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
0, null,
22, bobSignedPreKeyPair.GetPublicKey(),
bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().GetPublicKey());
aliceSessionBuilder.Process(bobPreKey);
Assert.IsTrue(aliceStore.ContainsSession(BobAddress));
Assert.AreEqual((uint)3, aliceStore.LoadSession(BobAddress).GetSessionState().GetSessionVersion());
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BobAddress);
CiphertextMessage outgoingMessage = aliceSessionCipher.Encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(outgoingMessage.GetMessageType(), CiphertextMessage.PrekeyType);
PreKeySignalMessage incomingMessage = new PreKeySignalMessage(outgoingMessage.Serialize());
Assert.IsFalse(incomingMessage.GetPreKeyId().HasValue);
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.GetPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(22, new SignedPreKeyRecord(22, DateUtil.CurrentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
SessionCipher bobSessionCipher = new SessionCipher(bobStore, AliceAddress);
byte[] plaintext = bobSessionCipher.Decrypt(incomingMessage);
Assert.IsTrue(bobStore.ContainsSession(AliceAddress));
Assert.AreEqual((uint)3, bobStore.LoadSession(AliceAddress).GetSessionState().GetSessionVersion());
Assert.IsNotNull(bobStore.LoadSession(AliceAddress).GetSessionState().GetAliceBaseKey());
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
}
public void TestBasicPreKeyV3()
{
ISignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BobAddress);
ISignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
EcKeyPair bobPreKeyPair = Curve.GenerateKeyPair();
EcKeyPair bobSignedPreKeyPair = Curve.GenerateKeyPair();
byte[] bobSignedPreKeySignature = Curve.CalculateSignature(bobStore.GetIdentityKeyPair().GetPrivateKey(),
bobSignedPreKeyPair.GetPublicKey().Serialize());
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.GetPublicKey(),
22, bobSignedPreKeyPair.GetPublicKey(),
bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().GetPublicKey());
aliceSessionBuilder.Process(bobPreKey);
Assert.IsTrue(aliceStore.ContainsSession(BobAddress));
Assert.AreEqual((uint)3, aliceStore.LoadSession(BobAddress).GetSessionState().GetSessionVersion());
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BobAddress);
CiphertextMessage outgoingMessage = aliceSessionCipher.Encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.PrekeyType, outgoingMessage.GetMessageType());
PreKeySignalMessage incomingMessage = new PreKeySignalMessage(outgoingMessage.Serialize());
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.GetPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(22, new SignedPreKeyRecord(22, DateUtil.CurrentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
SessionCipher bobSessionCipher = new SessionCipher(bobStore, AliceAddress);
byte[] plaintext = bobSessionCipher.Decrypt(incomingMessage, new BobDecryptionCallback(bobStore, originalMessage));
Assert.IsTrue(bobStore.ContainsSession(AliceAddress));
Assert.AreEqual((uint)3, bobStore.LoadSession(AliceAddress).GetSessionState().GetSessionVersion());
Assert.IsNotNull(bobStore.LoadSession(AliceAddress).GetSessionState().GetAliceBaseKey());
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
CiphertextMessage bobOutgoingMessage = bobSessionCipher.Encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.WhisperType, bobOutgoingMessage.GetMessageType());
byte[] alicePlaintext = aliceSessionCipher.Decrypt(new SignalMessage(bobOutgoingMessage.Serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(alicePlaintext));
RunInteraction(aliceStore, bobStore);
aliceStore = new TestInMemorySignalProtocolStore();
aliceSessionBuilder = new SessionBuilder(aliceStore, BobAddress);
aliceSessionCipher = new SessionCipher(aliceStore, BobAddress);
bobPreKeyPair = Curve.GenerateKeyPair();
bobSignedPreKeyPair = Curve.GenerateKeyPair();
bobSignedPreKeySignature = Curve.CalculateSignature(bobStore.GetIdentityKeyPair().GetPrivateKey(), bobSignedPreKeyPair.GetPublicKey().Serialize());
bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(),
1, 31338, bobPreKeyPair.GetPublicKey(),
23, bobSignedPreKeyPair.GetPublicKey(), bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().GetPublicKey());
bobStore.StorePreKey(31338, new PreKeyRecord(bobPreKey.GetPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(23, new SignedPreKeyRecord(23, DateUtil.CurrentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
aliceSessionBuilder.Process(bobPreKey);
outgoingMessage = aliceSessionCipher.Encrypt(Encoding.UTF8.GetBytes(originalMessage));
try
{
plaintext = bobSessionCipher.Decrypt(new PreKeySignalMessage(outgoingMessage.Serialize()));
throw new Exception("shouldn't be trusted!");
}
catch (UntrustedIdentityException)
{
bobStore.SaveIdentity(AliceAddress, new PreKeySignalMessage(outgoingMessage.Serialize()).GetIdentityKey());
}
plaintext = bobSessionCipher.Decrypt(new PreKeySignalMessage(outgoingMessage.Serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, Curve.GenerateKeyPair().GetPublicKey(),
23, bobSignedPreKeyPair.GetPublicKey(), bobSignedPreKeySignature,
aliceStore.GetIdentityKeyPair().GetPublicKey());
try
{
aliceSessionBuilder.Process(bobPreKey);
throw new Exception("shoulnd't be trusted!");
}
catch (UntrustedIdentityException)
{
// good
}
}