private async Task HandleMismatchedDevices(CancellationToken token, PushServiceSocket socket, SignalServiceAddress recipient, MismatchedDevices mismatchedDevices)
{
try
{
foreach (uint extraDeviceId in mismatchedDevices.ExtraDevices)
{
store.DeleteSession(new SignalProtocolAddress(recipient.E164number, extraDeviceId));
}
foreach (uint missingDeviceId in mismatchedDevices.MissingDevices)
{
PreKeyBundle preKey = await socket.GetPreKey(token, recipient, missingDeviceId);
try
{
SessionBuilder sessionBuilder = new SessionBuilder(store, new SignalProtocolAddress(recipient.E164number, missingDeviceId));
sessionBuilder.process(preKey);
}
catch (libsignal.exceptions.UntrustedIdentityException)
{
throw new UntrustedIdentityException("Untrusted identity key!", recipient.E164number, preKey.getIdentityKey());
}
}
}
catch (InvalidKeyException e)
{
throw new Exception(e.Message);
}
}
private void handleMismatchedDevices(PushServiceSocket socket, SignalServiceAddress recipient, MismatchedDevices mismatchedDevices)
{
try
{
foreach (uint extraDeviceId in mismatchedDevices.getExtraDevices())
{
store.DeleteSession(new SignalProtocolAddress(recipient.getNumber(), extraDeviceId));
}
foreach (uint missingDeviceId in mismatchedDevices.getMissingDevices())
{
PreKeyBundle preKey = socket.getPreKey(recipient, missingDeviceId);
try
{
SessionBuilder sessionBuilder = new SessionBuilder(store, new SignalProtocolAddress(recipient.getNumber(), missingDeviceId));
sessionBuilder.process(preKey);
}
catch (libsignal.exceptions.UntrustedIdentityException e)
{
throw new UntrustedIdentityException("Untrusted identity key!", recipient.getNumber(), preKey.getIdentityKey());
}
}
}
catch (InvalidKeyException e)
{
throw new Exception(e.Message);
}
}
/**
* Build a new session from a {@link org.whispersystems.libaxolotl.state.PreKeyBundle} retrieved from
* a server.
*
* @param preKey A PreKey for the destination recipient, retrieved from a server.
* @throws InvalidKeyException when the {@link org.whispersystems.libaxolotl.state.PreKeyBundle} is
* badly formatted.
* @throws org.whispersystems.libaxolotl.UntrustedIdentityException when the sender's
* {@link IdentityKey} is not
* trusted.
*/
public void process(PreKeyBundle preKey)
{
lock (SessionCipher.SESSION_LOCK)
{
if (!identityKeyStore.IsTrustedIdentity(remoteAddress.getName(), preKey.getIdentityKey()))
{
throw new UntrustedIdentityException(remoteAddress.getName(), preKey.getIdentityKey());
}
if (preKey.getSignedPreKey() != null &&
!Curve.verifySignature(preKey.getIdentityKey().getPublicKey(),
preKey.getSignedPreKey().serialize(),
preKey.getSignedPreKeySignature()))
{
throw new InvalidKeyException("Invalid signature on device key!");
}
if (preKey.getSignedPreKey() == null && preKey.getPreKey() == null)
{
throw new InvalidKeyException("Both signed and unsigned prekeys are absent!");
}
bool supportsV3 = preKey.getSignedPreKey() != null;
SessionRecord sessionRecord = sessionStore.LoadSession(remoteAddress);
ECKeyPair ourBaseKey = Curve.generateKeyPair();
ECPublicKey theirSignedPreKey = supportsV3 ? preKey.getSignedPreKey() : preKey.getPreKey();
ECPublicKey test = preKey.getPreKey(); // TODO: cleanup
May <ECPublicKey> theirOneTimePreKey = (test == null) ? May <ECPublicKey> .NoValue : new May <ECPublicKey>(test);
May <uint> theirOneTimePreKeyId = theirOneTimePreKey.HasValue ? new May <uint>(preKey.getPreKeyId()) :
May <uint> .NoValue;
AliceAxolotlParameters.Builder parameters = AliceAxolotlParameters.newBuilder();
parameters.setOurBaseKey(ourBaseKey)
.setOurIdentityKey(identityKeyStore.GetIdentityKeyPair())
.setTheirIdentityKey(preKey.getIdentityKey())
.setTheirSignedPreKey(theirSignedPreKey)
.setTheirRatchetKey(theirSignedPreKey)
.setTheirOneTimePreKey(supportsV3 ? theirOneTimePreKey : May <ECPublicKey> .NoValue);
if (!sessionRecord.isFresh())
{
sessionRecord.archiveCurrentState();
}
RatchetingSession.initializeSession(sessionRecord.getSessionState(),
supportsV3 ? (uint)3 : 2,
parameters.create());
sessionRecord.getSessionState().setUnacknowledgedPreKeyMessage(theirOneTimePreKeyId, preKey.getSignedPreKeyId(), ourBaseKey.getPublicKey());
sessionRecord.getSessionState().setLocalRegistrationId(identityKeyStore.GetLocalRegistrationId());
sessionRecord.getSessionState().setRemoteRegistrationId(preKey.getRegistrationId());
sessionRecord.getSessionState().setAliceBaseKey(ourBaseKey.getPublicKey().serialize());
sessionStore.StoreSession(remoteAddress, sessionRecord);
identityKeyStore.SaveIdentity(remoteAddress.getName(), preKey.getIdentityKey());
}
}
public void testBadMessageBundle()
{
SignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
SignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
ECKeyPair bobPreKeyPair = Curve.generateKeyPair();
ECKeyPair bobSignedPreKeyPair = Curve.generateKeyPair();
byte[] bobSignedPreKeySignature = Curve.calculateSignature(bobStore.GetIdentityKeyPair().getPrivateKey(),
bobSignedPreKeyPair.getPublicKey().serialize());
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.getPublicKey(),
22, bobSignedPreKeyPair.getPublicKey(), bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().getPublicKey());
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(22, new SignedPreKeyRecord(22, DateUtil.currentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
aliceSessionBuilder.process(bobPreKey);
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
CiphertextMessage outgoingMessageOne = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.PREKEY_TYPE, outgoingMessageOne.getType());
byte[] goodMessage = outgoingMessageOne.serialize();
byte[] badMessage = new byte[goodMessage.Length];
Array.Copy(goodMessage, 0, badMessage, 0, badMessage.Length);
badMessage[badMessage.Length - 10] ^= 0x01;
PreKeySignalMessage incomingMessage = new PreKeySignalMessage(badMessage);
SessionCipher bobSessionCipher = new SessionCipher(bobStore, ALICE_ADDRESS);
byte[] plaintext = new byte[0];
try
{
plaintext = bobSessionCipher.decrypt(incomingMessage);
throw new Exception("Decrypt should have failed!");
}
catch (InvalidMessageException)
{
// good.
}
Assert.IsTrue(bobStore.ContainsPreKey(31337));
plaintext = bobSessionCipher.decrypt(new PreKeySignalMessage(goodMessage));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
Assert.IsFalse(bobStore.ContainsPreKey(31337));
}
/// <summary>
/// Build a new session from a {@link org.whispersystems.libsignal.state.PreKeyBundle} retrieved from
/// a server.
/// </summary>
/// @param preKey A PreKey for the destination recipient, retrieved from a server.
/// @throws InvalidKeyException when the {@link org.whispersystems.libsignal.state.PreKeyBundle} is
/// badly formatted.
/// @throws org.whispersystems.libsignal.UntrustedIdentityException when the sender's
/// {@link IdentityKey} is not
/// trusted.
///
public void Process(PreKeyBundle preKey)
{
lock (SessionCipher.SessionLock)
{
if (!_identityKeyStore.IsTrustedIdentity(_remoteAddress, preKey.GetIdentityKey(), Direction.Sending))
{
throw new UntrustedIdentityException(_remoteAddress.Name, preKey.GetIdentityKey());
}
if (preKey.GetSignedPreKey() != null &&
!Curve.VerifySignature(preKey.GetIdentityKey().GetPublicKey(),
preKey.GetSignedPreKey().Serialize(),
preKey.GetSignedPreKeySignature()))
{
throw new InvalidKeyException("Invalid signature on device key!");
}
if (preKey.GetSignedPreKey() == null)
{
throw new InvalidKeyException("No signed prekey!");
}
SessionRecord sessionRecord = _sessionStore.LoadSession(_remoteAddress);
EcKeyPair ourBaseKey = Curve.GenerateKeyPair();
IEcPublicKey theirSignedPreKey = preKey.GetSignedPreKey();
IEcPublicKey test = preKey.GetPreKey();
May <IEcPublicKey> theirOneTimePreKey = (test == null) ? May <IEcPublicKey> .NoValue : new May <IEcPublicKey>(test);
May <uint> theirOneTimePreKeyId = theirOneTimePreKey.HasValue ? new May <uint>(preKey.GetPreKeyId()) :
May <uint> .NoValue;
AliceSignalProtocolParameters.Builder parameters = AliceSignalProtocolParameters.NewBuilder();
parameters.SetOurBaseKey(ourBaseKey)
.SetOurIdentityKey(_identityKeyStore.GetIdentityKeyPair())
.SetTheirIdentityKey(preKey.GetIdentityKey())
.SetTheirSignedPreKey(theirSignedPreKey)
.SetTheirRatchetKey(theirSignedPreKey)
.SetTheirOneTimePreKey(theirOneTimePreKey);
if (!sessionRecord.IsFresh())
{
sessionRecord.ArchiveCurrentState();
}
RatchetingSession.InitializeSession(sessionRecord.GetSessionState(), parameters.Create());
sessionRecord.GetSessionState().SetUnacknowledgedPreKeyMessage(theirOneTimePreKeyId, preKey.GetSignedPreKeyId(), ourBaseKey.GetPublicKey());
sessionRecord.GetSessionState().SetLocalRegistrationId(_identityKeyStore.GetLocalRegistrationId());
sessionRecord.GetSessionState().SetRemoteRegistrationId(preKey.GetRegistrationId());
sessionRecord.GetSessionState().SetAliceBaseKey(ourBaseKey.GetPublicKey().Serialize());
_identityKeyStore.SaveIdentity(_remoteAddress, preKey.GetIdentityKey());
_sessionStore.StoreSession(_remoteAddress, sessionRecord);
}
}
public void testSimultaneousInitiateLostMessage()
{
AxolotlStore aliceStore = new TestInMemoryAxolotlStore();
AxolotlStore bobStore = new TestInMemoryAxolotlStore();
PreKeyBundle alicePreKeyBundle = createAlicePreKeyBundle(aliceStore);
PreKeyBundle bobPreKeyBundle = createBobPreKeyBundle(bobStore);
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
SessionBuilder bobSessionBuilder = new SessionBuilder(bobStore, ALICE_ADDRESS);
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
SessionCipher bobSessionCipher = new SessionCipher(bobStore, ALICE_ADDRESS);
aliceSessionBuilder.process(bobPreKeyBundle);
bobSessionBuilder.process(alicePreKeyBundle);
CiphertextMessage messageForBob = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes("hey there"));
CiphertextMessage messageForAlice = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes("sample message"));
Assert.AreEqual(CiphertextMessage.PREKEY_TYPE, messageForBob.getType());
Assert.AreEqual(CiphertextMessage.PREKEY_TYPE, messageForAlice.getType());
Assert.IsFalse(isSessionIdEqual(aliceStore, bobStore));
byte[] alicePlaintext = aliceSessionCipher.decrypt(new PreKeyWhisperMessage(messageForAlice.serialize()));
byte[] bobPlaintext = bobSessionCipher.decrypt(new PreKeyWhisperMessage(messageForBob.serialize()));
Assert.AreEqual("sample message", Encoding.UTF8.GetString(alicePlaintext));
Assert.AreEqual("hey there", Encoding.UTF8.GetString(bobPlaintext));
Assert.AreEqual((uint)3, aliceStore.LoadSession(BOB_ADDRESS).getSessionState().getSessionVersion());
Assert.AreEqual((uint)3, bobStore.LoadSession(ALICE_ADDRESS).getSessionState().getSessionVersion());
Assert.IsFalse(isSessionIdEqual(aliceStore, bobStore));
CiphertextMessage aliceResponse = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes("second message"));
Assert.AreEqual(CiphertextMessage.WHISPER_TYPE, aliceResponse.getType());
// byte[] responsePlaintext = bobSessionCipher.decrypt(new WhisperMessage(aliceResponse.serialize()));
//
// assertTrue(new String(responsePlaintext).equals("second message"));
// assertTrue(isSessionIdEqual(aliceStore, bobStore));
Assert.IsFalse(isSessionIdEqual(aliceStore, bobStore));
CiphertextMessage finalMessage = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes("third message"));
Assert.AreEqual(CiphertextMessage.WHISPER_TYPE, finalMessage.getType());
byte[] finalPlaintext = aliceSessionCipher.decrypt(new WhisperMessage(finalMessage.serialize()));
Assert.AreEqual("third message", Encoding.UTF8.GetString(finalPlaintext));
Assert.IsTrue(isSessionIdEqual(aliceStore, bobStore));
}
public void testRepeatBundleMessageV3()
{
SignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
SignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
ECKeyPair bobPreKeyPair = Curve.generateKeyPair();
ECKeyPair bobSignedPreKeyPair = Curve.generateKeyPair();
byte[] bobSignedPreKeySignature = Curve.calculateSignature(bobStore.GetIdentityKeyPair().getPrivateKey(),
bobSignedPreKeyPair.getPublicKey().serialize());
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.getPublicKey(),
22, bobSignedPreKeyPair.getPublicKey(), bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().getPublicKey());
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(22, new SignedPreKeyRecord(22, DateUtil.currentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
aliceSessionBuilder.process(bobPreKey);
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
CiphertextMessage outgoingMessageOne = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
CiphertextMessage outgoingMessageTwo = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.PREKEY_TYPE, outgoingMessageOne.getType());
Assert.AreEqual(CiphertextMessage.PREKEY_TYPE, outgoingMessageTwo.getType());
PreKeySignalMessage incomingMessage = new PreKeySignalMessage(outgoingMessageOne.serialize());
SessionCipher bobSessionCipher = new SessionCipher(bobStore, ALICE_ADDRESS);
byte[] plaintext = bobSessionCipher.decrypt(incomingMessage);
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
CiphertextMessage bobOutgoingMessage = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
byte[] alicePlaintext = aliceSessionCipher.decrypt(new SignalMessage(bobOutgoingMessage.serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(alicePlaintext));
// The test
PreKeySignalMessage incomingMessageTwo = new PreKeySignalMessage(outgoingMessageTwo.serialize());
plaintext = bobSessionCipher.decrypt(new PreKeySignalMessage(incomingMessageTwo.serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
bobOutgoingMessage = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
alicePlaintext = aliceSessionCipher.decrypt(new SignalMessage(bobOutgoingMessage.serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(alicePlaintext));
}
public void TestBasicSimultaneousInitiate()
{
ISignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
ISignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
PreKeyBundle alicePreKeyBundle = CreateAlicePreKeyBundle(aliceStore);
PreKeyBundle bobPreKeyBundle = CreateBobPreKeyBundle(bobStore);
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BobAddress);
SessionBuilder bobSessionBuilder = new SessionBuilder(bobStore, AliceAddress);
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BobAddress);
SessionCipher bobSessionCipher = new SessionCipher(bobStore, AliceAddress);
aliceSessionBuilder.Process(bobPreKeyBundle);
bobSessionBuilder.Process(alicePreKeyBundle);
CiphertextMessage messageForBob = aliceSessionCipher.Encrypt(Encoding.UTF8.GetBytes("hey there"));
CiphertextMessage messageForAlice = bobSessionCipher.Encrypt(Encoding.UTF8.GetBytes("sample message"));
Assert.AreEqual(CiphertextMessage.PrekeyType, messageForBob.GetMessageType());
Assert.AreEqual(CiphertextMessage.PrekeyType, messageForAlice.GetMessageType());
Assert.IsFalse(IsSessionIdEqual(aliceStore, bobStore));
byte[] alicePlaintext = aliceSessionCipher.Decrypt(new PreKeySignalMessage(messageForAlice.Serialize()));
byte[] bobPlaintext = bobSessionCipher.Decrypt(new PreKeySignalMessage(messageForBob.Serialize()));
Assert.AreEqual("sample message", Encoding.UTF8.GetString(alicePlaintext));
Assert.AreEqual("hey there", Encoding.UTF8.GetString(bobPlaintext));
Assert.AreEqual((uint)3, aliceStore.LoadSession(BobAddress).GetSessionState().GetSessionVersion());
Assert.AreEqual((uint)3, bobStore.LoadSession(AliceAddress).GetSessionState().GetSessionVersion());
Assert.IsFalse(IsSessionIdEqual(aliceStore, bobStore));
CiphertextMessage aliceResponse = aliceSessionCipher.Encrypt(Encoding.UTF8.GetBytes("second message"));
Assert.AreEqual(CiphertextMessage.WhisperType, aliceResponse.GetMessageType());
byte[] responsePlaintext = bobSessionCipher.Decrypt(new SignalMessage(aliceResponse.Serialize()));
Assert.AreEqual("second message", Encoding.UTF8.GetString(responsePlaintext));
Assert.IsTrue(IsSessionIdEqual(aliceStore, bobStore));
CiphertextMessage finalMessage = bobSessionCipher.Encrypt(Encoding.UTF8.GetBytes("third message"));
Assert.AreEqual(CiphertextMessage.WhisperType, finalMessage.GetMessageType());
byte[] finalPlaintext = aliceSessionCipher.Decrypt(new SignalMessage(finalMessage.Serialize()));
Assert.AreEqual("third message", Encoding.UTF8.GetString(finalPlaintext));
Assert.IsTrue(IsSessionIdEqual(aliceStore, bobStore));
}
private void InitializeSessions(TestInMemorySignalProtocolStore aliceStore, TestInMemorySignalProtocolStore bobStore)
{
ECKeyPair bobPreKey = Curve.generateKeyPair();
IdentityKeyPair bobIdentityKey = bobStore.GetIdentityKeyPair();
SignedPreKeyRecord bobSignedPreKey = KeyHelper.generateSignedPreKey(bobIdentityKey, 2);
PreKeyBundle bobBundle = new PreKeyBundle(1, 1, 1, bobPreKey.getPublicKey(), 2, bobSignedPreKey.getKeyPair().getPublicKey(), bobSignedPreKey.getSignature(), bobIdentityKey.getPublicKey());
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, new SignalProtocolAddress("+14152222222", 1));
aliceSessionBuilder.process(bobBundle);
bobStore.StoreSignedPreKey(2, bobSignedPreKey);
bobStore.StorePreKey(1, new PreKeyRecord(1, bobPreKey));
}
public void testOptionalOneTimePreKey()
{
SignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
SignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
ECKeyPair bobPreKeyPair = Curve.generateKeyPair();
ECKeyPair bobSignedPreKeyPair = Curve.generateKeyPair();
byte[] bobSignedPreKeySignature = Curve.calculateSignature(bobStore.GetIdentityKeyPair().getPrivateKey(),
bobSignedPreKeyPair.getPublicKey().serialize());
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
0, null,
22, bobSignedPreKeyPair.getPublicKey(),
bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().getPublicKey());
aliceSessionBuilder.process(bobPreKey);
Assert.IsTrue(aliceStore.ContainsSession(BOB_ADDRESS));
Assert.AreEqual((uint)3, aliceStore.LoadSession(BOB_ADDRESS).getSessionState().getSessionVersion());
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
CiphertextMessage outgoingMessage = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(outgoingMessage.getType(), CiphertextMessage.PREKEY_TYPE);
PreKeySignalMessage incomingMessage = new PreKeySignalMessage(outgoingMessage.serialize());
Assert.IsFalse(incomingMessage.getPreKeyId().HasValue);
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(22, new SignedPreKeyRecord(22, DateUtil.currentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
SessionCipher bobSessionCipher = new SessionCipher(bobStore, ALICE_ADDRESS);
byte[] plaintext = bobSessionCipher.decrypt(incomingMessage);
Assert.IsTrue(bobStore.ContainsSession(ALICE_ADDRESS));
Assert.AreEqual((uint)3, bobStore.LoadSession(ALICE_ADDRESS).getSessionState().getSessionVersion());
Assert.IsNotNull(bobStore.LoadSession(ALICE_ADDRESS).getSessionState().getAliceBaseKey());
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
}
private static PreKeyBundle CcreatePreKeyBundle(ISignalProtocolStore store, uint preKeyId, EcKeyPair signedPreKey)
{
EcKeyPair aliceUnsignedPreKey = Curve.GenerateKeyPair();
int aliceUnsignedPreKeyId = new Random().Next((int)Medium.MaxValue);
byte[] aliceSignature = Curve.CalculateSignature(store.GetIdentityKeyPair().GetPrivateKey(),
signedPreKey.GetPublicKey().Serialize());
PreKeyBundle alicePreKeyBundle = new PreKeyBundle(1, 1,
(uint)aliceUnsignedPreKeyId, aliceUnsignedPreKey.GetPublicKey(),
preKeyId, signedPreKey.GetPublicKey(),
aliceSignature, store.GetIdentityKeyPair().GetPublicKey());
store.StoreSignedPreKey(preKeyId, new SignedPreKeyRecord(preKeyId, (ulong)DateTime.UtcNow.Ticks, signedPreKey, aliceSignature));
store.StorePreKey((uint)aliceUnsignedPreKeyId, new PreKeyRecord((uint)aliceUnsignedPreKeyId, aliceUnsignedPreKey));
return(alicePreKeyBundle);
}
private PreKeyBundle createBobPreKeyBundle(AxolotlStore bobStore)
{
ECKeyPair bobUnsignedPreKey = Curve.generateKeyPair();
uint bobUnsignedPreKeyId = (uint)new Random().Next((int)Medium.MAX_VALUE);
byte[] bobSignature = Curve.calculateSignature(bobStore.GetIdentityKeyPair().getPrivateKey(),
bobSignedPreKey.getPublicKey().serialize());
PreKeyBundle bobPreKeyBundle = new PreKeyBundle(1, 1,
bobUnsignedPreKeyId, bobUnsignedPreKey.getPublicKey(),
bobSignedPreKeyId, bobSignedPreKey.getPublicKey(),
bobSignature, bobStore.GetIdentityKeyPair().getPublicKey());
bobStore.StoreSignedPreKey(bobSignedPreKeyId, new SignedPreKeyRecord(bobSignedPreKeyId, DateUtil.currentTimeMillis(), bobSignedPreKey, bobSignature));
bobStore.StorePreKey(bobUnsignedPreKeyId, new PreKeyRecord(bobUnsignedPreKeyId, bobUnsignedPreKey));
return(bobPreKeyBundle);
}
private PreKeyBundle createAlicePreKeyBundle(SignalProtocolStore aliceStore)
{
ECKeyPair aliceUnsignedPreKey = Curve.generateKeyPair();
int aliceUnsignedPreKeyId = new Random().Next((int)Medium.MAX_VALUE);
byte[] aliceSignature = Curve.calculateSignature(aliceStore.GetIdentityKeyPair().getPrivateKey(),
aliceSignedPreKey.getPublicKey().serialize());
PreKeyBundle alicePreKeyBundle = new PreKeyBundle(1, 1,
(uint)aliceUnsignedPreKeyId, aliceUnsignedPreKey.getPublicKey(),
aliceSignedPreKeyId, aliceSignedPreKey.getPublicKey(),
aliceSignature, aliceStore.GetIdentityKeyPair().getPublicKey());
aliceStore.StoreSignedPreKey(aliceSignedPreKeyId, new SignedPreKeyRecord(aliceSignedPreKeyId, (ulong)DateTime.UtcNow.Ticks, aliceSignedPreKey, aliceSignature));
aliceStore.StorePreKey((uint)aliceUnsignedPreKeyId, new PreKeyRecord((uint)aliceUnsignedPreKeyId, aliceUnsignedPreKey));
return(alicePreKeyBundle);
}
private PreKeyBundle createBobPreKeyBundle(SignalProtocolStore bobStore)
{
ECKeyPair bobUnsignedPreKey = Curve.generateKeyPair();
int bobUnsignedPreKeyId = new Random().Next((int)Medium.MAX_VALUE);
byte[] bobSignature = Curve.calculateSignature(bobStore.GetIdentityKeyPair().getPrivateKey(),
bobSignedPreKey.getPublicKey().serialize());
PreKeyBundle bobPreKeyBundle = new PreKeyBundle(1, 1,
(uint)bobUnsignedPreKeyId, bobUnsignedPreKey.getPublicKey(),
bobSignedPreKeyId, bobSignedPreKey.getPublicKey(),
bobSignature, bobStore.GetIdentityKeyPair().getPublicKey());
bobStore.StoreSignedPreKey(bobSignedPreKeyId, new SignedPreKeyRecord(bobSignedPreKeyId, (ulong)DateTime.UtcNow.Ticks, bobSignedPreKey, bobSignature));
bobStore.StorePreKey((uint)bobUnsignedPreKeyId, new PreKeyRecord((uint)bobUnsignedPreKeyId, bobUnsignedPreKey));
return(bobPreKeyBundle);
}
public void testBadSignedPreKeySignature()
{
SignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
IdentityKeyStore bobIdentityKeyStore = new TestInMemoryIdentityKeyStore();
ECKeyPair bobPreKeyPair = Curve.generateKeyPair();
ECKeyPair bobSignedPreKeyPair = Curve.generateKeyPair();
byte[] bobSignedPreKeySignature = Curve.calculateSignature(bobIdentityKeyStore.GetIdentityKeyPair().getPrivateKey(),
bobSignedPreKeyPair.getPublicKey().serialize());
for (int i = 0; i < bobSignedPreKeySignature.Length * 8; i++)
{
byte[] modifiedSignature = new byte[bobSignedPreKeySignature.Length];
Array.Copy(bobSignedPreKeySignature, 0, modifiedSignature, 0, modifiedSignature.Length);
modifiedSignature[i / 8] ^= (byte)(0x01 << (i % 8));
PreKeyBundle bobPreKey = new PreKeyBundle(bobIdentityKeyStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.getPublicKey(),
22, bobSignedPreKeyPair.getPublicKey(), modifiedSignature,
bobIdentityKeyStore.GetIdentityKeyPair().getPublicKey());
try
{
aliceSessionBuilder.process(bobPreKey);
throw new Exception("Accepted modified device key signature!");
}
catch (InvalidKeyException)
{
// good
}
}
PreKeyBundle bobPreKey2 = new PreKeyBundle(bobIdentityKeyStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.getPublicKey(),
22, bobSignedPreKeyPair.getPublicKey(), bobSignedPreKeySignature,
bobIdentityKeyStore.GetIdentityKeyPair().getPublicKey());
aliceSessionBuilder.process(bobPreKey2);
}
/// <summary>
/// intercept iq and precess the keys
/// </summary>
/// <param name="node"></param>
public ProtocolTreeNode[] ProcessIqTreeNode(ProtocolTreeNode node)
{
try
{
if (cipherKeys.Contains(node.GetAttribute("id")))
{
cipherKeys.Remove(node.GetAttribute("id"));
foreach (var child in node.children)
{
string jid = child.GetChild("user").GetAttribute("jid");
uint registrationId = deAdjustId(child.GetChild("registration").GetData());
IdentityKey identityKey = new IdentityKey(new DjbECPublicKey(child.GetChild("identity").GetData()));
uint signedPreKeyId = deAdjustId(child.GetChild("skey").GetChild("id").GetData());
DjbECPublicKey signedPreKeyPub = new DjbECPublicKey(child.GetChild("skey").GetChild("value").GetData());
byte[] signedPreKeySig = child.GetChild("skey").GetChild("signature").GetData();
uint preKeyId = deAdjustId(child.GetChild("key").GetChild("id").GetData());
DjbECPublicKey preKeyPublic = new DjbECPublicKey(child.GetChild("key").GetChild("value").GetData());
PreKeyBundle preKeyBundle = new PreKeyBundle(registrationId, 1, preKeyId, preKeyPublic, signedPreKeyId, signedPreKeyPub, signedPreKeySig, identityKey);
SessionBuilder sessionBuilder = new SessionBuilder(this, this, this, this, new AxolotlAddress(ExtractNumber(jid), 1));
// now do the work return nodelist
sessionBuilder.process(preKeyBundle);
// SignedPreKeyRecord rc = new SignedPreKeyRecord(signedPreKeyId, KeyHelper.getTime(), bobSignedPreKeyPair, signedPreKeySig);
// this.StoreSignedPreKey(signedPreKeyId,rc);
if (pending_nodes.ContainsKey(ExtractNumber(jid)))
{
var pendingNodes = pending_nodes[ExtractNumber(jid)].ToArray();
pending_nodes.Remove(ExtractNumber(jid));
return(pendingNodes);
}
}
}
}
catch (Exception e) { }
finally { }
return(null);
}
public Models.Message[] GetMessages(ISharedPreferences sharedPref, User SelectedFriend, SessionStore sessionStore,
PreKeyStore preKeyStore, SignedPreKeyStore signedPreKeyStore, IdentityKeyStore identityStore, SignalProtocolAddress SelectedFriendAddress)
{
// send the server the user name
// server side does the selection and return the messages and store it in a message array.
//Send the login username and password to the server and get response
string apiUrl = "https://ycandgap.me/api_server2.php";
string apiMethod = "getMessage";
//Login_Request has two properties:username and password
Login_Request myLogin_Request = new Login_Request();
Models.Message recieveMessage = new Models.Message();
//get the login username from previow login page.
recieveMessage.MessageReceiverRegisID = Convert.ToUInt32(sharedPref.GetString("RegistrationId", string.Empty));
recieveMessage.MessageSenderRegisID = SelectedFriend.RegisterationID;
myLogin_Request.message = recieveMessage;
UserID = myLogin_Request.RegistrationID;
// make http post request
string response = Http.Post(apiUrl, new NameValueCollection()
{
{ "api_method", apiMethod },
{ "api_data", JsonConvert.SerializeObject(myLogin_Request) }
});
// decode json string to dto object
API_Response2 r = JsonConvert.DeserializeObject <API_Response2>(response);
// check response
if (r != null)
{
if (!r.IsError && !string.IsNullOrEmpty(r.MessageText))
{
SessionCipher sessionCipher = new SessionCipher(sessionStore, preKeyStore, signedPreKeyStore, identityStore, SelectedFriendAddress);
byte[] decipherMessage;
if (!sessionStore.ContainsSession(SelectedFriendAddress))
{
decipherMessage = sessionCipher.decrypt(new PreKeySignalMessage((JsonConvert.DeserializeObject <byte[]>(r.MessageText))));
}
else
{
decipherMessage = sessionCipher.decrypt(new SignalMessage((JsonConvert.DeserializeObject <byte[]>(r.MessageText))));
}
string checkMessage = Encoding.UTF8.GetString(decipherMessage);
SelectedFriend.SelectedUserMessages.Add(new Models.Message
{
MessageID = r.MessageID,
MessageSenderRegisID = r.MessageSenderRegisID,
MessageReceiverRegisID = r.MessageReceiverRegisID,
MessageText = checkMessage,
MessageTimestamp = r.MessageTimestamp
});
return(SelectedFriend.SelectedUserMessages.ToArray());
}
else
{
//if login fails, pop up an alert message. Wrong username or password or a new user
AlertDialog.Builder dialogBuilder = new AlertDialog.Builder(this);
if (!string.IsNullOrEmpty(r.ErrorMessage))
{
dialogBuilder.SetMessage(r.ErrorMessage);
}
else
{
dialogBuilder.SetMessage("No new messages");
}
//dialogBuilder.SetPositiveButton("Ok", null);
dialogBuilder.Show();
return(null);
}
}
else
{
if (!sessionStore.ContainsSession(SelectedFriendAddress))
{
// Instantiate a SessionBuilder for a remote recipientId + deviceId tuple.
SessionBuilder sessionBuilder = new SessionBuilder(sessionStore, preKeyStore, signedPreKeyStore,
identityStore, SelectedFriendAddress);
RetrievedPreKey preKeyPublic = RetrieveSelectedFriendPublicPreKey(SelectedFriend);
IdentityKey SelectedFriendSignedPreKey = new IdentityKey(JsonConvert.DeserializeObject <byte[]>(SelectedFriend.SignedPreKey), 0);
PreKeyBundle retrievedPreKey = new PreKeyBundle(SelectedFriend.RegisterationID, 1, preKeyPublic.PrekeyID, preKeyPublic.PublicPreKey.getPublicKey()
, SelectedFriend.SignedPreKeyID, SelectedFriendSignedPreKey.getPublicKey(), JsonConvert.DeserializeObject <byte[]>(SelectedFriend.SignedPreKeySignature)
, new IdentityKey(JsonConvert.DeserializeObject <byte[]>(SelectedFriend.IdentityKey), 0));
// Build a session with a PreKey retrieved from the server.
sessionBuilder.process(retrievedPreKey);
}
return(null);
}
}
public void testBasicPreKeyV3()
{
SignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
SignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
ECKeyPair bobPreKeyPair = Curve.generateKeyPair();
ECKeyPair bobSignedPreKeyPair = Curve.generateKeyPair();
byte[] bobSignedPreKeySignature = Curve.calculateSignature(bobStore.GetIdentityKeyPair().getPrivateKey(),
bobSignedPreKeyPair.getPublicKey().serialize());
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.getPublicKey(),
22, bobSignedPreKeyPair.getPublicKey(),
bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().getPublicKey());
aliceSessionBuilder.process(bobPreKey);
Assert.IsTrue(aliceStore.ContainsSession(BOB_ADDRESS));
Assert.AreEqual((uint)3, aliceStore.LoadSession(BOB_ADDRESS).getSessionState().getSessionVersion());
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
CiphertextMessage outgoingMessage = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.PREKEY_TYPE, outgoingMessage.getType());
PreKeySignalMessage incomingMessage = new PreKeySignalMessage(outgoingMessage.serialize());
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(22, new SignedPreKeyRecord(22, DateUtil.currentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
SessionCipher bobSessionCipher = new SessionCipher(bobStore, ALICE_ADDRESS);
byte[] plaintext = bobSessionCipher.decrypt(incomingMessage, new BobDecryptionCallback(bobStore, originalMessage));
Assert.IsTrue(bobStore.ContainsSession(ALICE_ADDRESS));
Assert.AreEqual((uint)3, bobStore.LoadSession(ALICE_ADDRESS).getSessionState().getSessionVersion());
Assert.IsNotNull(bobStore.LoadSession(ALICE_ADDRESS).getSessionState().getAliceBaseKey());
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
CiphertextMessage bobOutgoingMessage = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.WHISPER_TYPE, bobOutgoingMessage.getType());
byte[] alicePlaintext = aliceSessionCipher.decrypt(new SignalMessage(bobOutgoingMessage.serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(alicePlaintext));
runInteraction(aliceStore, bobStore);
aliceStore = new TestInMemorySignalProtocolStore();
aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
bobPreKeyPair = Curve.generateKeyPair();
bobSignedPreKeyPair = Curve.generateKeyPair();
bobSignedPreKeySignature = Curve.calculateSignature(bobStore.GetIdentityKeyPair().getPrivateKey(), bobSignedPreKeyPair.getPublicKey().serialize());
bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(),
1, 31338, bobPreKeyPair.getPublicKey(),
23, bobSignedPreKeyPair.getPublicKey(), bobSignedPreKeySignature,
bobStore.GetIdentityKeyPair().getPublicKey());
bobStore.StorePreKey(31338, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
bobStore.StoreSignedPreKey(23, new SignedPreKeyRecord(23, DateUtil.currentTimeMillis(), bobSignedPreKeyPair, bobSignedPreKeySignature));
aliceSessionBuilder.process(bobPreKey);
outgoingMessage = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
try
{
plaintext = bobSessionCipher.decrypt(new PreKeySignalMessage(outgoingMessage.serialize()));
throw new Exception("shouldn't be trusted!");
}
catch (UntrustedIdentityException)
{
bobStore.SaveIdentity(ALICE_ADDRESS.getName(), new PreKeySignalMessage(outgoingMessage.serialize()).getIdentityKey());
}
plaintext = bobSessionCipher.decrypt(new PreKeySignalMessage(outgoingMessage.serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, Curve.generateKeyPair().getPublicKey(),
23, bobSignedPreKeyPair.getPublicKey(), bobSignedPreKeySignature,
aliceStore.GetIdentityKeyPair().getPublicKey());
try
{
aliceSessionBuilder.process(bobPreKey);
throw new Exception("shoulnd't be trusted!");
}
catch (UntrustedIdentityException)
{
// good
}
}
public void ProcessPreKey(string address, int deviceId, PreKeyBundle bundle)
{
_axolotl.ProcessPreKey(address, deviceId, bundle);
}
public void ProcessPreKey(string address, int deviceId, PreKeyBundle bundle)
{
throw new NotImplementedException();
}
public void Test_Libsignal_Enc_Dec_2()
{
// Generate Alices keys:
IdentityKeyPair aliceIdentKey = CryptoUtils.generateOmemoIdentityKeyPair();
IList <PreKeyRecord> alicePreKeys = CryptoUtils.generateOmemoPreKeys();
SignedPreKeyRecord aliceSignedPreKey = CryptoUtils.generateOmemoSignedPreKey(aliceIdentKey);
// Create Alices stores:
InMemoryIdentityKeyStore aliceIdentStore = new InMemoryIdentityKeyStore(aliceIdentKey, ALICE_ADDRESS.getDeviceId());
InMemoryPreKeyStore alicePreKeyStore = new InMemoryPreKeyStore();
foreach (PreKeyRecord key in alicePreKeys)
{
alicePreKeyStore.StorePreKey(key.getId(), key);
}
InMemorySignedPreKeyStore aliceSignedPreKeyStore = new InMemorySignedPreKeyStore();
aliceSignedPreKeyStore.StoreSignedPreKey(aliceSignedPreKey.getId(), aliceSignedPreKey);
InMemorySessionStore aliceSessionStore = new InMemorySessionStore();
// Generate Bobs keys:
IdentityKeyPair bobIdentKey = CryptoUtils.generateOmemoIdentityKeyPair();
IList <PreKeyRecord> bobPreKeys = CryptoUtils.generateOmemoPreKeys();
SignedPreKeyRecord bobSignedPreKey = CryptoUtils.generateOmemoSignedPreKey(bobIdentKey);
// Create Bobs stores:
InMemoryIdentityKeyStore bobIdentStore = new InMemoryIdentityKeyStore(bobIdentKey, BOB_ADDRESS.getDeviceId());
InMemoryPreKeyStore bobPreKeyStore = new InMemoryPreKeyStore();
foreach (PreKeyRecord key in bobPreKeys)
{
bobPreKeyStore.StorePreKey(key.getId(), key);
}
InMemorySignedPreKeyStore bobSignedPreKeyStore = new InMemorySignedPreKeyStore();
bobSignedPreKeyStore.StoreSignedPreKey(bobSignedPreKey.getId(), bobSignedPreKey);
InMemorySessionStore bobSessionStore = new InMemorySessionStore();
// Alice builds a session to Bob:
SessionBuilder sessionBuilder = new SessionBuilder(aliceSessionStore, alicePreKeyStore, aliceSignedPreKeyStore, aliceIdentStore, BOB_ADDRESS);
PreKeyBundle bobPreKey = new PreKeyBundle(BOB_ADDRESS.getDeviceId(), BOB_ADDRESS.getDeviceId(), bobPreKeys[0].getId(), bobPreKeys[0].getKeyPair().getPublicKey(), bobSignedPreKey.getId(), bobSignedPreKey.getKeyPair().getPublicKey(), bobSignedPreKey.getSignature(), bobIdentKey.getPublicKey());
sessionBuilder.process(bobPreKey);
// Check if session exists:
Assert.IsTrue(aliceSessionStore.ContainsSession(BOB_ADDRESS));
Assert.IsTrue(aliceSessionStore.LoadSession(BOB_ADDRESS).getSessionState().getSessionVersion() == 3);
// Alice sends a message:
string aliceOrigMsg = "$(rm -rvf .)";
SessionCipher aliceSessionCipher = new SessionCipher(aliceSessionStore, alicePreKeyStore, aliceSignedPreKeyStore, aliceIdentStore, BOB_ADDRESS);
CiphertextMessage aliceOutMsg = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(aliceOrigMsg));
// Check if successfully encrypted:
Assert.IsTrue(aliceOutMsg.getType() == CiphertextMessage.PREKEY_TYPE);
// Bob receives the message:
PreKeySignalMessage bobInMsg = new PreKeySignalMessage(aliceOutMsg.serialize());
SessionCipher bobSessionCipher = new SessionCipher(bobSessionStore, bobPreKeyStore, bobSignedPreKeyStore, bobIdentStore, ALICE_ADDRESS);
byte[] bobData = bobSessionCipher.decrypt(bobInMsg);
string bobRecMsg = Encoding.UTF8.GetString(bobData);
// Check if successfully send:
Assert.AreEqual(aliceOrigMsg, bobRecMsg);
Assert.IsTrue(bobSessionStore.ContainsSession(ALICE_ADDRESS));
//---------------------------Connection/App get restarted:---------------------------
// Bob answers:
string bobOrigMsg = ":(){ :|:& };:";
// Simulate a chat break:
bobSessionCipher = new SessionCipher(bobSessionStore, bobPreKeyStore, bobSignedPreKeyStore, bobIdentStore, ALICE_ADDRESS);
CiphertextMessage bobOutMsg = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes(bobOrigMsg));
// Alice receives the message:
aliceSessionCipher = new SessionCipher(aliceSessionStore, alicePreKeyStore, aliceSignedPreKeyStore, aliceIdentStore, BOB_ADDRESS);
SignalMessage aliceInMsg = new SignalMessage(bobOutMsg.serialize());
byte[] aliceData = aliceSessionCipher.decrypt(aliceInMsg);
string aliceRecMsg = Encoding.UTF8.GetString(aliceData);
// Check if successfully send:
Assert.AreEqual(bobOrigMsg, aliceRecMsg);
Assert.IsTrue(bobSessionStore.ContainsSession(ALICE_ADDRESS));
}
public SignalProtocolAddress newSession(string chatJid, uint recipientDeviceId, PreKeyBundle recipientPreKey)
{
SignalProtocolAddress address = new SignalProtocolAddress(chatJid, recipientDeviceId);
SessionBuilder builder = new SessionBuilder(OMEMO_STORE, address);
builder.process(recipientPreKey);
return(address);
}
public void ProcessPreKey(string address, int deviceId, PreKeyBundle bundle)
{
throw new NotImplementedException();
}
public void testBasicPreKeyV2()
{
AxolotlStore aliceStore = new TestInMemoryAxolotlStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
AxolotlStore bobStore = new TestInMemoryAxolotlStore();
ECKeyPair bobPreKeyPair = Curve.generateKeyPair();
PreKeyBundle bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, bobPreKeyPair.getPublicKey(),
0, null, null,
bobStore.GetIdentityKeyPair().getPublicKey());
aliceSessionBuilder.process(bobPreKey);
Assert.IsTrue(aliceStore.ContainsSession(BOB_ADDRESS));
Assert.AreEqual((uint)2, aliceStore.LoadSession(BOB_ADDRESS).getSessionState().getSessionVersion());
String originalMessage = "L'homme est condamné à être libre";
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
CiphertextMessage outgoingMessage = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.PREKEY_TYPE, outgoingMessage.getType());
PreKeyWhisperMessage incomingMessage = new PreKeyWhisperMessage(outgoingMessage.serialize());
bobStore.StorePreKey(31337, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
SessionCipher bobSessionCipher = new SessionCipher(bobStore, ALICE_ADDRESS);
byte[] plaintext = bobSessionCipher.decrypt(incomingMessage);
Assert.IsTrue(bobStore.ContainsSession(ALICE_ADDRESS));
Assert.AreEqual((uint)2, bobStore.LoadSession(ALICE_ADDRESS).getSessionState().getSessionVersion());
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
CiphertextMessage bobOutgoingMessage = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
Assert.AreEqual(CiphertextMessage.WHISPER_TYPE, bobOutgoingMessage.getType());
byte[] alicePlaintext = aliceSessionCipher.decrypt((WhisperMessage)bobOutgoingMessage);
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(alicePlaintext));
runInteraction(aliceStore, bobStore);
aliceStore = new TestInMemoryAxolotlStore();
aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
bobPreKeyPair = Curve.generateKeyPair();
bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(),
1, 31338, bobPreKeyPair.getPublicKey(),
0, null, null, bobStore.GetIdentityKeyPair().getPublicKey());
bobStore.StorePreKey(31338, new PreKeyRecord(bobPreKey.getPreKeyId(), bobPreKeyPair));
aliceSessionBuilder.process(bobPreKey);
outgoingMessage = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes(originalMessage));
try
{
bobSessionCipher.decrypt(new PreKeyWhisperMessage(outgoingMessage.serialize()));
throw new Exception("shouldn't be trusted!");
}
catch (UntrustedIdentityException uie)
{
bobStore.SaveIdentity(ALICE_ADDRESS.getName(), new PreKeyWhisperMessage(outgoingMessage.serialize()).getIdentityKey());
}
plaintext = bobSessionCipher.decrypt(new PreKeyWhisperMessage(outgoingMessage.serialize()));
Assert.AreEqual(originalMessage, Encoding.UTF8.GetString(plaintext));
bobPreKey = new PreKeyBundle(bobStore.GetLocalRegistrationId(), 1,
31337, Curve.generateKeyPair().getPublicKey(),
0, null, null,
aliceStore.GetIdentityKeyPair().getPublicKey());
try
{
aliceSessionBuilder.process(bobPreKey);
throw new Exception("shoulnd't be trusted!");
}
catch (UntrustedIdentityException uie)
{
// good
}
}
static void Main(string[] args)
{
// 1. Sender setup
// At install time, a libsignal client needs to generate its identity keys, registration id, and prekeys.
var senderIdentityKeyPair = KeyHelper.GenerateIdentityKeyPair();
var senderRegistrationId = KeyHelper.GenerateRegistrationId(false);
var senderPreKeys = KeyHelper.GeneratePreKeys(0, 100);
var senderSignedPreKey = KeyHelper.GenerateSignedPreKey(senderIdentityKeyPair, KeyHelper.GenerateSenderKeyId());
var senderAddress = new SignalProtocolAddress("sender", 1);
// TODO: Store identityKeyPair somewhere durable and safe.
// TODO: Store registrationId somewhere durable and safe.
// Store preKeys in PreKeyStore.
var senderPreKeyStore = new InMemoryPreKeyStore();
foreach (var senderPreKey in senderPreKeys)
{
senderPreKeyStore.StorePreKey(senderPreKey.GetId(), senderPreKey);
}
// Store signed prekey in SignedPreKeyStore.
var senderSignedPreKeyStore = new InMemorySignedPreKeyStore();
senderSignedPreKeyStore.StoreSignedPreKey(senderSignedPreKey.GetId(), senderSignedPreKey);
var senderSessionStore = new InMemorySessionStore();
var senderIdentityStore = new InMemoryIdentityKeyStore(senderIdentityKeyPair, senderRegistrationId);
var senderProtocolStore = new InMemorySignalProtocolStore(senderIdentityKeyPair, senderRegistrationId);
var senderPreKeyBundle = new PreKeyBundle(
senderProtocolStore.GetLocalRegistrationId(),
senderAddress.DeviceId,
senderPreKeys[0].GetId(),
senderPreKeys[0].GetKeyPair().GetPublicKey(),
senderSignedPreKey.GetId(),
senderSignedPreKey.GetKeyPair().GetPublicKey(),
senderSignedPreKey.GetSignature(),
senderProtocolStore.GetIdentityKeyPair().GetPublicKey()
);
senderProtocolStore.StorePreKey(senderPreKeys[0].GetId(), new PreKeyRecord(senderPreKeyBundle.GetPreKeyId(), senderPreKeys[0].GetKeyPair()));
senderProtocolStore.StoreSignedPreKey(senderSignedPreKey.GetId(), new SignedPreKeyRecord(22, (ulong)DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(), senderSignedPreKey.GetKeyPair(), senderSignedPreKey.GetSignature()));
// 2. Destination setup
var destinationIdentityKeyPair = KeyHelper.GenerateIdentityKeyPair();
var destinationRegistrationId = KeyHelper.GenerateRegistrationId(false);
var destinationPreKeys = KeyHelper.GeneratePreKeys(0, 100);
var destinationSignedPreKey = KeyHelper.GenerateSignedPreKey(destinationIdentityKeyPair, KeyHelper.GenerateSenderKeyId());
var destinationAddress = new SignalProtocolAddress("destination", 1);
// TODO: Store identityKeyPair somewhere durable and safe.
// TODO: Store registrationId somewhere durable and safe.
var destinationPreKeyStore = new InMemoryPreKeyStore();
foreach (var destinationPreKey in destinationPreKeys)
{
destinationPreKeyStore.StorePreKey(destinationPreKey.GetId(), destinationPreKey);
}
// Store signed prekey in SignedPreKeyStore.
var destinationSignedPreKeyStore = new InMemorySignedPreKeyStore();
destinationSignedPreKeyStore.StoreSignedPreKey(destinationSignedPreKey.GetId(), destinationSignedPreKey);
var destinationSessionStore = new InMemorySessionStore();
var destinationIdentityStore = new InMemoryIdentityKeyStore(destinationIdentityKeyPair, destinationRegistrationId);
var destinationProtocolStore = new InMemorySignalProtocolStore(destinationIdentityKeyPair, destinationRegistrationId);
var destinationPreKeyBundle = new PreKeyBundle(
destinationProtocolStore.GetLocalRegistrationId(),
destinationAddress.DeviceId,
destinationPreKeys[0].GetId(),
destinationPreKeys[0].GetKeyPair().GetPublicKey(),
destinationSignedPreKey.GetId(),
destinationSignedPreKey.GetKeyPair().GetPublicKey(),
destinationSignedPreKey.GetSignature(),
destinationProtocolStore.GetIdentityKeyPair().GetPublicKey()
);
destinationProtocolStore.StorePreKey(destinationPreKeys[0].GetId(), new PreKeyRecord(destinationPreKeyBundle.GetPreKeyId(), destinationPreKeys[0].GetKeyPair()));
destinationProtocolStore.StoreSignedPreKey(destinationSignedPreKey.GetId(), new SignedPreKeyRecord(22, (ulong)DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(), destinationSignedPreKey.GetKeyPair(), destinationSignedPreKey.GetSignature()));
// Instantiate a SessionBuilder for a remote recipientId + deviceId tuple.
var senderToDestinationSessionBuilder = new SessionBuilder(senderProtocolStore, destinationAddress);
var destinationToSenderSessionBuilder = new SessionBuilder(destinationProtocolStore, senderAddress);
// Build a session with a PreKey retrieved from the server.
senderToDestinationSessionBuilder.Process(destinationPreKeyBundle);
destinationToSenderSessionBuilder.Process(senderPreKeyBundle);
SessionCipher senderToDestinationSessionCipher = new SessionCipher(senderProtocolStore, destinationAddress);
while (true)
{
Console.Write("Enter the text to encrypt: ");
var text = Console.ReadLine();
if (string.IsNullOrWhiteSpace(text) || text.Equals("quit", StringComparison.OrdinalIgnoreCase))
{
break;
}
CiphertextMessage message =
senderToDestinationSessionCipher.Encrypt(Encoding.UTF8.GetBytes(text));
var encryptedMessage = message.Serialize();
Console.WriteLine("Encrypted message: {0}", Convert.ToBase64String(encryptedMessage));
SessionCipher destinationToSenderSessionCipher =
new SessionCipher(destinationProtocolStore, senderAddress);
PreKeySignalMessage incomingMessage = new PreKeySignalMessage(encryptedMessage);
var decryptedMessage = destinationToSenderSessionCipher.Decrypt(incomingMessage);
Console.WriteLine("Decrypted message: {0}", Encoding.UTF8.GetString(decryptedMessage));
}
}
public void Test_Omemo_Enc_Dec_1()
{
// Generate Alices keys:
IdentityKeyPair aliceIdentKey = CryptoUtils.generateOmemoIdentityKeyPair();
IList <PreKeyRecord> alicePreKeys = CryptoUtils.generateOmemoPreKeys();
SignedPreKeyRecord aliceSignedPreKey = CryptoUtils.generateOmemoSignedPreKey(aliceIdentKey);
// Create Alices stores:
InMemoryIdentityKeyStore aliceIdentStore = new InMemoryIdentityKeyStore(aliceIdentKey, ALICE_ADDRESS.getDeviceId());
InMemoryPreKeyStore alicePreKeyStore = new InMemoryPreKeyStore();
foreach (PreKeyRecord key in alicePreKeys)
{
alicePreKeyStore.StorePreKey(key.getId(), key);
}
InMemorySignedPreKeyStore aliceSignedPreKeyStore = new InMemorySignedPreKeyStore();
aliceSignedPreKeyStore.StoreSignedPreKey(aliceSignedPreKey.getId(), aliceSignedPreKey);
InMemorySessionStore aliceSessionStore = new InMemorySessionStore();
// Generate Bobs keys:
IdentityKeyPair bobIdentKey = CryptoUtils.generateOmemoIdentityKeyPair();
IList <PreKeyRecord> bobPreKeys = CryptoUtils.generateOmemoPreKeys();
SignedPreKeyRecord bobSignedPreKey = CryptoUtils.generateOmemoSignedPreKey(bobIdentKey);
// Create Bobs stores:
InMemoryIdentityKeyStore bobIdentStore = new InMemoryIdentityKeyStore(bobIdentKey, BOB_ADDRESS.getDeviceId());
InMemoryPreKeyStore bobPreKeyStore = new InMemoryPreKeyStore();
foreach (PreKeyRecord key in bobPreKeys)
{
bobPreKeyStore.StorePreKey(key.getId(), key);
}
InMemorySignedPreKeyStore bobSignedPreKeyStore = new InMemorySignedPreKeyStore();
bobSignedPreKeyStore.StoreSignedPreKey(bobSignedPreKey.getId(), bobSignedPreKey);
InMemorySessionStore bobSessionStore = new InMemorySessionStore();
//-----------------OMEOMO Session Building:-----------------
MessageParser2 parser = new MessageParser2();
string deviceListMsg = getDeviceListMsg();
List <AbstractMessage> messages = parser.parseMessages(ref deviceListMsg);
Assert.IsTrue(messages.Count == 1);
Assert.IsTrue(messages[0] is OmemoDeviceListResultMessage);
OmemoDeviceListResultMessage devList = messages[0] as OmemoDeviceListResultMessage;
uint selectedBobDeviceId = devList.DEVICES.getRandomDeviceId();
Assert.IsTrue(selectedBobDeviceId == BOB_ADDRESS.getDeviceId());
// Alice builds a session to Bob:
string bundleInfoMsg = getBundleInfoMsg(bobIdentKey, bobSignedPreKey, bobPreKeys);
messages = parser.parseMessages(ref bundleInfoMsg);
Assert.IsTrue(messages.Count == 1);
Assert.IsTrue(messages[0] is OmemoBundleInformationResultMessage);
OmemoBundleInformationResultMessage bundleInfo = messages[0] as OmemoBundleInformationResultMessage;
Assert.IsTrue(bundleInfo.DEVICE_ID == BOB_ADDRESS.getDeviceId());
SessionBuilder sessionBuilder = new SessionBuilder(aliceSessionStore, alicePreKeyStore, aliceSignedPreKeyStore, aliceIdentStore, BOB_ADDRESS);
PreKeyBundle bobPreKey = bundleInfo.BUNDLE_INFO.getRandomPreKey(bundleInfo.DEVICE_ID);
sessionBuilder.process(bobPreKey);
// Check if session exists:
Assert.IsTrue(aliceSessionStore.ContainsSession(BOB_ADDRESS));
Assert.IsTrue(aliceSessionStore.LoadSession(BOB_ADDRESS).getSessionState().getSessionVersion() == 3);
// Alice sends a message:
string aliceOrigMsg = "$(rm -rvf .)";
// 1. Generate a new AES-128 GCM key/iv:
Aes128GcmCpp aes128Gcm = new Aes128GcmCpp();
aes128Gcm.generateKey();
aes128Gcm.generateIv();
// 2. Encrypt the message using the Aes128Gcm instance:
byte[] encryptedData = aes128Gcm.encrypt(Encoding.UTF8.GetBytes(aliceOrigMsg));
string base64Payload = Convert.ToBase64String(encryptedData);
string base64IV = Convert.ToBase64String(aes128Gcm.iv);
// 3. Concatenate key and authentication tag:
byte[] keyAuthTag = new byte[aes128Gcm.authTag.Length + aes128Gcm.key.Length];
Buffer.BlockCopy(aes128Gcm.key, 0, keyAuthTag, 0, aes128Gcm.key.Length);
Buffer.BlockCopy(aes128Gcm.authTag, 0, keyAuthTag, aes128Gcm.key.Length, aes128Gcm.authTag.Length);
SessionCipher aliceSessionCipher = new SessionCipher(aliceSessionStore, alicePreKeyStore, aliceSignedPreKeyStore, aliceIdentStore, BOB_ADDRESS);
CiphertextMessage ciphertextMessage = aliceSessionCipher.encrypt(keyAuthTag);
OmemoKey omemoKey = new OmemoKey(BOB_ADDRESS.getDeviceId(), ciphertextMessage is PreKeySignalMessage, Convert.ToBase64String(ciphertextMessage.serialize()));
Assert.IsTrue(string.Equals(Convert.ToBase64String(ciphertextMessage.serialize()), omemoKey.BASE_64_KEY));
//-------------------Decrypt Again:-------------------
// 2. Load the cipher:
SessionCipher cipher = new SessionCipher(bobSessionStore, bobPreKeyStore, bobSignedPreKeyStore, bobIdentStore, ALICE_ADDRESS);
byte[] encryptedKeyAuthTag = Convert.FromBase64String(omemoKey.BASE_64_KEY);
byte[] decryptedKeyAuthTag = null;
if (omemoKey.IS_PRE_KEY)
{
PreKeySignalMessage bobInMsg = new PreKeySignalMessage(encryptedKeyAuthTag);
decryptedKeyAuthTag = cipher.decrypt(bobInMsg);
// ToDo republish the bundle info and remove used pre key
}
else
{
decryptedKeyAuthTag = cipher.decrypt(new SignalMessage(encryptedKeyAuthTag));
}
// 3. Check if the cipher got loaded successfully:
Assert.IsTrue(decryptedKeyAuthTag != null);
// 4. Decrypt the payload:
byte[] aesIv = Convert.FromBase64String(base64IV);
byte[] aesKey = new byte[16];
byte[] aesAuthTag = new byte[decryptedKeyAuthTag.Length - aesKey.Length];
Buffer.BlockCopy(decryptedKeyAuthTag, 0, aesKey, 0, aesKey.Length);
Buffer.BlockCopy(decryptedKeyAuthTag, aesKey.Length, aesAuthTag, 0, aesAuthTag.Length);
aes128Gcm = new Aes128GcmCpp()
{
key = aesKey,
authTag = aesAuthTag,
iv = aesIv
};
encryptedData = Convert.FromBase64String(base64Payload);
byte[] bobData = aes128Gcm.decrypt(encryptedData);
// 5. Convert decrypted data to Unicode string:
string bobRecMsg = Encoding.UTF8.GetString(bobData);
// Check if successfully send:
Assert.AreEqual(aliceOrigMsg, bobRecMsg);
Assert.IsTrue(bobSessionStore.ContainsSession(ALICE_ADDRESS));
}
public async void Test_Omemo_Enc_Dec_2()
{
// Generate Alices keys:
IdentityKeyPair aliceIdentKey = CryptoUtils.generateOmemoIdentityKeyPair();
IList <PreKeyRecord> alicePreKeys = CryptoUtils.generateOmemoPreKeys();
SignedPreKeyRecord aliceSignedPreKey = CryptoUtils.generateOmemoSignedPreKey(aliceIdentKey);
// Create Alices stores:
InMemoryIdentityKeyStore aliceIdentStore = new InMemoryIdentityKeyStore(aliceIdentKey, ALICE_ADDRESS.getDeviceId());
InMemoryPreKeyStore alicePreKeyStore = new InMemoryPreKeyStore();
foreach (PreKeyRecord key in alicePreKeys)
{
alicePreKeyStore.StorePreKey(key.getId(), key);
}
InMemorySignedPreKeyStore aliceSignedPreKeyStore = new InMemorySignedPreKeyStore();
aliceSignedPreKeyStore.StoreSignedPreKey(aliceSignedPreKey.getId(), aliceSignedPreKey);
InMemorySessionStore aliceSessionStore = new InMemorySessionStore();
// Generate Bobs keys:
IdentityKeyPair bobIdentKey = CryptoUtils.generateOmemoIdentityKeyPair();
IList <PreKeyRecord> bobPreKeys = CryptoUtils.generateOmemoPreKeys();
SignedPreKeyRecord bobSignedPreKey = CryptoUtils.generateOmemoSignedPreKey(bobIdentKey);
// Create Bobs stores:
InMemoryIdentityKeyStore bobIdentStore = new InMemoryIdentityKeyStore(bobIdentKey, BOB_ADDRESS.getDeviceId());
InMemoryPreKeyStore bobPreKeyStore = new InMemoryPreKeyStore();
foreach (PreKeyRecord key in bobPreKeys)
{
bobPreKeyStore.StorePreKey(key.getId(), key);
}
InMemorySignedPreKeyStore bobSignedPreKeyStore = new InMemorySignedPreKeyStore();
bobSignedPreKeyStore.StoreSignedPreKey(bobSignedPreKey.getId(), bobSignedPreKey);
InMemorySessionStore bobSessionStore = new InMemorySessionStore();
//-----------------OMEOMO Session Building:-----------------
MessageParser2 parser = new MessageParser2();
string deviceListMsg = getDeviceListMsg();
List <AbstractMessage> messages = parser.parseMessages(ref deviceListMsg);
Assert.IsTrue(messages.Count == 1);
Assert.IsTrue(messages[0] is OmemoDeviceListResultMessage);
OmemoDeviceListResultMessage devList = messages[0] as OmemoDeviceListResultMessage;
uint selectedBobDeviceId = devList.DEVICES.getRandomDeviceId();
Assert.IsTrue(selectedBobDeviceId == BOB_ADDRESS.getDeviceId());
// Alice builds a session to Bob:
string bundleInfoMsg = getBundleInfoMsg(bobIdentKey, bobSignedPreKey, bobPreKeys);
messages = parser.parseMessages(ref bundleInfoMsg);
Assert.IsTrue(messages.Count == 1);
Assert.IsTrue(messages[0] is OmemoBundleInformationResultMessage);
OmemoBundleInformationResultMessage bundleInfo = messages[0] as OmemoBundleInformationResultMessage;
Assert.IsTrue(bundleInfo.DEVICE_ID == BOB_ADDRESS.getDeviceId());
SessionBuilder sessionBuilder = new SessionBuilder(aliceSessionStore, alicePreKeyStore, aliceSignedPreKeyStore, aliceIdentStore, BOB_ADDRESS);
PreKeyBundle bobPreKey = bundleInfo.BUNDLE_INFO.getRandomPreKey(bundleInfo.DEVICE_ID);
sessionBuilder.process(bobPreKey);
// Check if session exists:
Assert.IsTrue(aliceSessionStore.ContainsSession(BOB_ADDRESS));
Assert.IsTrue(aliceSessionStore.LoadSession(BOB_ADDRESS).getSessionState().getSessionVersion() == 3);
// Alice sends a message:
string aliceOrigMsg = "$(rm -rvf .)";
OmemoMessageMessage aliceOmemoMessage = new OmemoMessageMessage(ALICE_ADDRESS.getName() + "/SOME_RESOURCE", BOB_ADDRESS.getName(), aliceOrigMsg, MessageMessage.TYPE_CHAT, true);
Assert.IsFalse(aliceOmemoMessage.ENCRYPTED);
OmemoSession omemoSession = new OmemoSession(BOB_ADDRESS.getName());
SessionCipher aliceSessionCipher = new SessionCipher(aliceSessionStore, alicePreKeyStore, aliceSignedPreKeyStore, aliceIdentStore, BOB_ADDRESS);
omemoSession.DEVICE_SESSIONS_REMOTE.Add(BOB_ADDRESS.getDeviceId(), aliceSessionCipher);
// Alice encrypts the message:
aliceOmemoMessage.encrypt(omemoSession, ALICE_ADDRESS.getDeviceId());
Assert.IsTrue(aliceOmemoMessage.ENCRYPTED);
string aliceOmemoMsgText = aliceOmemoMessage.toXmlString();
// Bob receives the message from Alice:
messages = parser.parseMessages(ref aliceOmemoMsgText);
Assert.IsTrue(messages.Count == 1);
Assert.IsTrue(messages[0] is OmemoMessageMessage);
OmemoMessageMessage bobOmemoMessage = messages[0] as OmemoMessageMessage;
Assert.IsTrue(bobOmemoMessage.ENCRYPTED);
Assert.AreEqual(bobOmemoMessage.SOURCE_DEVICE_ID, aliceOmemoMessage.SOURCE_DEVICE_ID);
Assert.AreEqual(bobOmemoMessage.BASE_64_IV, aliceOmemoMessage.BASE_64_IV);
Assert.AreEqual(bobOmemoMessage.BASE_64_PAYLOAD, aliceOmemoMessage.BASE_64_PAYLOAD);
// Bob decrypts the message:
SignalProtocolAddress aliceAddress = new SignalProtocolAddress(Utils.getBareJidFromFullJid(bobOmemoMessage.getFrom()), bobOmemoMessage.SOURCE_DEVICE_ID);
SessionCipher bobSessionCipher = new SessionCipher(bobSessionStore, bobPreKeyStore, bobSignedPreKeyStore, bobIdentStore, aliceAddress);
await bobOmemoMessage.decryptAsync(bobSessionCipher, aliceAddress, BOB_ADDRESS.getDeviceId(), null);
Assert.IsFalse(bobOmemoMessage.ENCRYPTED);
Assert.AreEqual(aliceOrigMsg, bobOmemoMessage.MESSAGE);
}
public SignalProtocolAddress newSession(string chatJid, uint recipientDeviceId, PreKeyBundle recipientPreKey)
{
SignalProtocolAddress address = new SignalProtocolAddress(chatJid, recipientDeviceId);
SessionBuilder builder = new SessionBuilder(SESSION_STORE, PRE_KEY_STORE, SIGNED_PRE_KEY_STORE, IDENTITY_STORE, address);
builder.process(recipientPreKey);
return(address);
}
public void testRepeatedSimultaneousInitiateLostMessageRepeatedMessages()
{
SignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
SignalProtocolStore bobStore = new TestInMemorySignalProtocolStore();
SessionBuilder aliceSessionBuilder = new SessionBuilder(aliceStore, BOB_ADDRESS);
SessionBuilder bobSessionBuilder = new SessionBuilder(bobStore, ALICE_ADDRESS);
SessionCipher aliceSessionCipher = new SessionCipher(aliceStore, BOB_ADDRESS);
SessionCipher bobSessionCipher = new SessionCipher(bobStore, ALICE_ADDRESS);
// PreKeyBundle aliceLostPreKeyBundle = createAlicePreKeyBundle(aliceStore);
PreKeyBundle bobLostPreKeyBundle = createBobPreKeyBundle(bobStore);
aliceSessionBuilder.process(bobLostPreKeyBundle);
// bobSessionBuilder.process(aliceLostPreKeyBundle);
CiphertextMessage lostMessageForBob = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes("hey there"));
// CiphertextMessage lostMessageForAlice = bobSessionCipher.encrypt("sample message".getBytes());
for (int i = 0; i < 15; i++)
{
PreKeyBundle alicePreKeyBundle = createAlicePreKeyBundle(aliceStore);
PreKeyBundle bobPreKeyBundle = createBobPreKeyBundle(bobStore);
aliceSessionBuilder.process(bobPreKeyBundle);
bobSessionBuilder.process(alicePreKeyBundle);
CiphertextMessage messageForBob = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes("hey there"));
CiphertextMessage messageForAlice = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes("sample message"));
Assert.AreEqual <uint>(messageForBob.getType(), CiphertextMessage.PREKEY_TYPE);
Assert.AreEqual <uint>(messageForAlice.getType(), CiphertextMessage.PREKEY_TYPE);
Assert.IsFalse(isSessionIdEqual(aliceStore, bobStore));
byte[] alicePlaintext = aliceSessionCipher.decrypt(new PreKeySignalMessage(messageForAlice.serialize()));
byte[] bobPlaintext = bobSessionCipher.decrypt(new PreKeySignalMessage(messageForBob.serialize()));
Assert.IsTrue(Encoding.UTF8.GetString(alicePlaintext).Equals("sample message"));
Assert.IsTrue(Encoding.UTF8.GetString(bobPlaintext).Equals("hey there"));
Assert.IsTrue(aliceStore.LoadSession(BOB_ADDRESS).getSessionState().getSessionVersion() == 3);
Assert.IsTrue(bobStore.LoadSession(ALICE_ADDRESS).getSessionState().getSessionVersion() == 3);
Assert.IsFalse(isSessionIdEqual(aliceStore, bobStore));
}
for (int i = 0; i < 50; i++)
{
CiphertextMessage messageForBobRepeat = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes("hey there"));
CiphertextMessage messageForAliceRepeat = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes("sample message"));
Assert.AreEqual <uint>(messageForBobRepeat.getType(), CiphertextMessage.WHISPER_TYPE);
Assert.AreEqual <uint>(messageForAliceRepeat.getType(), CiphertextMessage.WHISPER_TYPE);
Assert.IsFalse(isSessionIdEqual(aliceStore, bobStore));
byte[] alicePlaintextRepeat = aliceSessionCipher.decrypt(new SignalMessage(messageForAliceRepeat.serialize()));
byte[] bobPlaintextRepeat = bobSessionCipher.decrypt(new SignalMessage(messageForBobRepeat.serialize()));
Assert.IsTrue(Encoding.UTF8.GetString(alicePlaintextRepeat).Equals("sample message"));
Assert.IsTrue(Encoding.UTF8.GetString(bobPlaintextRepeat).Equals("hey there"));
Assert.IsFalse(isSessionIdEqual(aliceStore, bobStore));
}
CiphertextMessage aliceResponse = aliceSessionCipher.encrypt(Encoding.UTF8.GetBytes("second message"));
Assert.AreEqual <uint>(aliceResponse.getType(), CiphertextMessage.WHISPER_TYPE);
byte[] responsePlaintext = bobSessionCipher.decrypt(new SignalMessage(aliceResponse.serialize()));
Assert.IsTrue(Encoding.UTF8.GetString(responsePlaintext).Equals("second message"));
Assert.IsTrue(isSessionIdEqual(aliceStore, bobStore));
CiphertextMessage finalMessage = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes("third message"));
Assert.AreEqual <uint>(finalMessage.getType(), CiphertextMessage.WHISPER_TYPE);
byte[] finalPlaintext = aliceSessionCipher.decrypt(new SignalMessage(finalMessage.serialize()));
Assert.IsTrue(Encoding.UTF8.GetString(finalPlaintext).Equals("third message"));
Assert.IsTrue(isSessionIdEqual(aliceStore, bobStore));
byte[] lostMessagePlaintext = bobSessionCipher.decrypt(new PreKeySignalMessage(lostMessageForBob.serialize()));
Assert.IsTrue(Encoding.UTF8.GetString(lostMessagePlaintext).Equals("hey there"));
Assert.IsFalse(isSessionIdEqual(aliceStore, bobStore));
CiphertextMessage blastFromThePast = bobSessionCipher.encrypt(Encoding.UTF8.GetBytes("unexpected!"));
byte[] blastFromThePastPlaintext = aliceSessionCipher.decrypt(new SignalMessage(blastFromThePast.serialize()));
Assert.IsTrue(Encoding.UTF8.GetString(blastFromThePastPlaintext).Equals("unexpected!"));
Assert.IsTrue(isSessionIdEqual(aliceStore, bobStore));
}
