XmppAxolotlSession.java

  1package eu.siacs.conversations.crypto.axolotl;
  2
  3import android.support.annotation.NonNull;
  4import android.support.annotation.Nullable;
  5
  6import org.whispersystems.libsignal.SignalProtocolAddress;
  7import org.whispersystems.libsignal.DuplicateMessageException;
  8import org.whispersystems.libsignal.IdentityKey;
  9import org.whispersystems.libsignal.InvalidKeyException;
 10import org.whispersystems.libsignal.InvalidKeyIdException;
 11import org.whispersystems.libsignal.InvalidMessageException;
 12import org.whispersystems.libsignal.InvalidVersionException;
 13import org.whispersystems.libsignal.LegacyMessageException;
 14import org.whispersystems.libsignal.NoSessionException;
 15import org.whispersystems.libsignal.SessionCipher;
 16import org.whispersystems.libsignal.UntrustedIdentityException;
 17import org.whispersystems.libsignal.protocol.CiphertextMessage;
 18import org.whispersystems.libsignal.protocol.PreKeySignalMessage;
 19import org.whispersystems.libsignal.protocol.SignalMessage;
 20import org.whispersystems.libsignal.util.guava.Optional;
 21
 22import eu.siacs.conversations.entities.Account;
 23import eu.siacs.conversations.utils.CryptoHelper;
 24
 25public class XmppAxolotlSession implements Comparable<XmppAxolotlSession> {
 26	private final SessionCipher cipher;
 27	private final SQLiteAxolotlStore sqLiteAxolotlStore;
 28	private final SignalProtocolAddress remoteAddress;
 29	private final Account account;
 30	private IdentityKey identityKey;
 31	private Integer preKeyId = null;
 32	private boolean fresh = true;
 33
 34	public XmppAxolotlSession(Account account, SQLiteAxolotlStore store, SignalProtocolAddress remoteAddress, IdentityKey identityKey) {
 35		this(account, store, remoteAddress);
 36		this.identityKey = identityKey;
 37	}
 38
 39	public XmppAxolotlSession(Account account, SQLiteAxolotlStore store, SignalProtocolAddress remoteAddress) {
 40		this.cipher = new SessionCipher(store, remoteAddress);
 41		this.remoteAddress = remoteAddress;
 42		this.sqLiteAxolotlStore = store;
 43		this.account = account;
 44	}
 45
 46	public Integer getPreKeyIdAndReset() {
 47		final Integer preKeyId = this.preKeyId;
 48		this.preKeyId = null;
 49		return preKeyId;
 50	}
 51
 52	public String getFingerprint() {
 53		return identityKey == null ? null : CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize());
 54	}
 55
 56	public IdentityKey getIdentityKey() {
 57		return identityKey;
 58	}
 59
 60	public SignalProtocolAddress getRemoteAddress() {
 61		return remoteAddress;
 62	}
 63
 64	public boolean isFresh() {
 65		return fresh;
 66	}
 67
 68	public void setNotFresh() {
 69		this.fresh = false;
 70	}
 71
 72	protected void setTrust(FingerprintStatus status) {
 73		sqLiteAxolotlStore.setFingerprintStatus(getFingerprint(), status);
 74	}
 75
 76	public FingerprintStatus getTrust() {
 77		FingerprintStatus status = sqLiteAxolotlStore.getFingerprintStatus(getFingerprint());
 78		return (status == null) ? FingerprintStatus.createActiveUndecided() : status;
 79	}
 80
 81	@Nullable
 82	public byte[] processReceiving(AxolotlKey encryptedKey) throws CryptoFailedException {
 83		byte[] plaintext;
 84		FingerprintStatus status = getTrust();
 85		if (!status.isCompromised()) {
 86			try {
 87				if (encryptedKey.prekey) {
 88					PreKeySignalMessage preKeySignalMessage = new PreKeySignalMessage(encryptedKey.key);
 89					Optional<Integer> optionalPreKeyId = preKeySignalMessage.getPreKeyId();
 90					IdentityKey identityKey = preKeySignalMessage.getIdentityKey();
 91					if (!optionalPreKeyId.isPresent()) {
 92						throw new CryptoFailedException("PreKeyWhisperMessage did not contain a PreKeyId");
 93					}
 94					preKeyId = optionalPreKeyId.get();
 95					if (this.identityKey != null && !this.identityKey.equals(identityKey)) {
 96						throw new CryptoFailedException("Received PreKeyWhisperMessage but preexisting identity key changed.");
 97					}
 98					this.identityKey = identityKey;
 99					plaintext = cipher.decrypt(preKeySignalMessage);
100				} else {
101					SignalMessage signalMessage = new SignalMessage(encryptedKey.key);
102					plaintext = cipher.decrypt(signalMessage);
103					preKeyId = null; //better safe than sorry because we use that to do special after prekey handling
104				}
105			} catch (InvalidVersionException | InvalidKeyException | LegacyMessageException | InvalidMessageException | DuplicateMessageException | NoSessionException | InvalidKeyIdException | UntrustedIdentityException e) {
106				if (!(e instanceof DuplicateMessageException)) {
107					e.printStackTrace();
108				}
109				throw new CryptoFailedException("Error decrypting WhisperMessage " + e.getClass().getSimpleName() + ": " + e.getMessage());
110			}
111			if (!status.isActive()) {
112				setTrust(status.toActive());
113			}
114		} else {
115			throw new CryptoFailedException("not encrypting omemo message from fingerprint "+getFingerprint()+" because it was marked as compromised");
116		}
117		return plaintext;
118	}
119
120	@Nullable
121	public AxolotlKey processSending(@NonNull byte[] outgoingMessage, boolean ignoreSessionTrust) {
122		FingerprintStatus status = getTrust();
123		if (ignoreSessionTrust || status.isTrustedAndActive()) {
124			try {
125				CiphertextMessage ciphertextMessage = cipher.encrypt(outgoingMessage);
126				return new AxolotlKey(ciphertextMessage.serialize(),ciphertextMessage.getType() == CiphertextMessage.PREKEY_TYPE);
127			} catch (UntrustedIdentityException e) {
128				return null;
129			}
130		} else {
131			return null;
132		}
133	}
134
135	public Account getAccount() {
136		return account;
137	}
138
139	@Override
140	public int compareTo(XmppAxolotlSession o) {
141		return getTrust().compareTo(o.getTrust());
142	}
143
144	public static class AxolotlKey {
145
146
147		public final byte[] key;
148		public final boolean prekey;
149
150		public AxolotlKey(byte[] key, boolean prekey) {
151			this.key = key;
152			this.prekey = prekey;
153		}
154	}
155}