Add OMEMO via Plugin
This commit is contained in:
parent
e27d63269d
commit
d5ea5172a7
3
.gitmodules
vendored
Normal file
3
.gitmodules
vendored
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
[submodule "libsignal-protocol-c"]
|
||||||
|
path = plugins/signal-protocol/libsignal-protocol-c
|
||||||
|
url = https://github.com/WhisperSystems/libsignal-protocol-c.git
|
|
@ -26,4 +26,5 @@ add_subdirectory(gpgme-vala)
|
||||||
add_subdirectory(qlite)
|
add_subdirectory(qlite)
|
||||||
add_subdirectory(xmpp-vala)
|
add_subdirectory(xmpp-vala)
|
||||||
add_subdirectory(libdino)
|
add_subdirectory(libdino)
|
||||||
add_subdirectory(main)
|
add_subdirectory(main)
|
||||||
|
add_subdirectory(plugins)
|
||||||
|
|
2
configure
vendored
2
configure
vendored
|
@ -46,6 +46,8 @@ if ! [ -x "$exec_bin" ]; then
|
||||||
exit 4
|
exit 4
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
git submodule update --init --recursive
|
||||||
|
|
||||||
if [ -f ./build ]
|
if [ -f ./build ]
|
||||||
then
|
then
|
||||||
echo "-!- ./build file exists. ./configure can't continue"
|
echo "-!- ./build file exists. ./configure can't continue"
|
||||||
|
|
|
@ -154,7 +154,7 @@ public class MessageManager : StreamInteractionModule, Object {
|
||||||
return message;
|
return message;
|
||||||
}
|
}
|
||||||
|
|
||||||
private void send_xmpp_message(Entities.Message message, Conversation conversation, bool delayed = false) {
|
public void send_xmpp_message(Entities.Message message, Conversation conversation, bool delayed = false) {
|
||||||
lock (messages) {
|
lock (messages) {
|
||||||
Core.XmppStream stream = stream_interactor.get_stream(conversation.account);
|
Core.XmppStream stream = stream_interactor.get_stream(conversation.account);
|
||||||
message.marked = Entities.Message.Marked.NONE;
|
message.marked = Entities.Message.Marked.NONE;
|
||||||
|
|
|
@ -7,7 +7,7 @@ void main(string[] args) {
|
||||||
Gtk.init(ref args);
|
Gtk.init(ref args);
|
||||||
Dino.Ui.Application app = new Dino.Ui.Application();
|
Dino.Ui.Application app = new Dino.Ui.Application();
|
||||||
Plugins.Loader loader = new Plugins.Loader();
|
Plugins.Loader loader = new Plugins.Loader();
|
||||||
foreach(string plugin in new string[]{}) {
|
foreach(string plugin in new string[]{"omemo"}) {
|
||||||
try {
|
try {
|
||||||
loader.load(plugin, app);
|
loader.load(plugin, app);
|
||||||
} catch (Plugins.Error e) {
|
} catch (Plugins.Error e) {
|
||||||
|
|
2
plugins/CMakeLists.txt
Normal file
2
plugins/CMakeLists.txt
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
add_subdirectory(omemo)
|
||||||
|
add_subdirectory(signal-protocol)
|
41
plugins/omemo/CMakeLists.txt
Normal file
41
plugins/omemo/CMakeLists.txt
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
find_package(Vala REQUIRED)
|
||||||
|
find_package(PkgConfig REQUIRED)
|
||||||
|
include(${VALA_USE_FILE})
|
||||||
|
|
||||||
|
set(OMEMO_PACKAGES
|
||||||
|
gee-0.8
|
||||||
|
gio-2.0
|
||||||
|
glib-2.0
|
||||||
|
gtk+-3.0
|
||||||
|
gmodule-2.0
|
||||||
|
sqlite3
|
||||||
|
)
|
||||||
|
|
||||||
|
pkg_check_modules(OMEMO REQUIRED ${OMEMO_PACKAGES})
|
||||||
|
|
||||||
|
vala_precompile(OMEMO_VALA_C
|
||||||
|
SOURCES
|
||||||
|
src/plugin.vala
|
||||||
|
src/module.vala
|
||||||
|
src/manager.vala
|
||||||
|
src/database.vala
|
||||||
|
CUSTOM_VAPIS
|
||||||
|
${CMAKE_BINARY_DIR}/exports/signal-protocol.vapi
|
||||||
|
${CMAKE_BINARY_DIR}/exports/xmpp-vala.vapi
|
||||||
|
${CMAKE_BINARY_DIR}/exports/qlite.vapi
|
||||||
|
${CMAKE_BINARY_DIR}/exports/dino.vapi
|
||||||
|
PACKAGES
|
||||||
|
${OMEMO_PACKAGES}
|
||||||
|
OPTIONS
|
||||||
|
--target-glib=2.38
|
||||||
|
${GLOBAL_DEBUG_FLAGS}
|
||||||
|
--thread
|
||||||
|
)
|
||||||
|
|
||||||
|
set(CFLAGS ${VALA_CFLAGS} ${OMEMO_CFLAGS})
|
||||||
|
add_definitions(${CFLAGS})
|
||||||
|
add_library(omemo SHARED ${OMEMO_VALA_C})
|
||||||
|
add_dependencies(omemo dino-vapi signal-protocol-vapi)
|
||||||
|
target_link_libraries(omemo libdino signal-protocol-vala)
|
||||||
|
set_target_properties(omemo PROPERTIES PREFIX "")
|
||||||
|
set_target_properties(omemo PROPERTIES LIBRARY_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/plugins/)
|
80
plugins/omemo/src/database.vala
Normal file
80
plugins/omemo/src/database.vala
Normal file
|
@ -0,0 +1,80 @@
|
||||||
|
using Gee;
|
||||||
|
using Sqlite;
|
||||||
|
using Qlite;
|
||||||
|
|
||||||
|
using Dino.Entities;
|
||||||
|
|
||||||
|
namespace Dino.Omemo {
|
||||||
|
|
||||||
|
public class Database : Qlite.Database {
|
||||||
|
private const int VERSION = 0;
|
||||||
|
|
||||||
|
public class IdentityTable : Table {
|
||||||
|
public Column<int> id = new Column.Integer("id") { primary_key = true, auto_increment = true };
|
||||||
|
public Column<int> account_id = new Column.Integer("account_id") { unique = true, not_null = true };
|
||||||
|
public Column<int> device_id = new Column.Integer("device_id") { not_null = true };
|
||||||
|
public Column<string> identity_key_private_base64 = new Column.Text("identity_key_private_base64") { not_null = true };
|
||||||
|
public Column<string> identity_key_public_base64 = new Column.Text("identity_key_public_base64") { not_null = true };
|
||||||
|
|
||||||
|
protected IdentityTable(Database db) {
|
||||||
|
base(db, "identity");
|
||||||
|
init({id, account_id, device_id, identity_key_private_base64, identity_key_public_base64});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class SignedPreKeyTable : Table {
|
||||||
|
public Column<int> identity_id = new Column.Integer("identity_id") { not_null = true };
|
||||||
|
public Column<int> signed_pre_key_id = new Column.Integer("signed_pre_key_id") { not_null = true };
|
||||||
|
public Column<string> record_base64 = new Column.Text("record_base64") { not_null = true };
|
||||||
|
|
||||||
|
protected SignedPreKeyTable(Database db) {
|
||||||
|
base(db, "signed_pre_key");
|
||||||
|
init({identity_id, signed_pre_key_id, record_base64});
|
||||||
|
unique({identity_id, signed_pre_key_id});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class PreKeyTable : Table {
|
||||||
|
public Column<int> identity_id = new Column.Integer("identity_id") { not_null = true };
|
||||||
|
public Column<int> pre_key_id = new Column.Integer("pre_key_id") { not_null = true };
|
||||||
|
public Column<string> record_base64 = new Column.Text("record_base64") { not_null = true };
|
||||||
|
|
||||||
|
protected PreKeyTable(Database db) {
|
||||||
|
base(db, "pre_key");
|
||||||
|
init({identity_id, pre_key_id, record_base64});
|
||||||
|
unique({identity_id, pre_key_id});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class SessionTable : Table {
|
||||||
|
public Column<int> identity_id = new Column.Integer("identity_id") { not_null = true };
|
||||||
|
public Column<string> address_name = new Column.Text("name") { not_null = true };
|
||||||
|
public Column<int> device_id = new Column.Integer("device_id") { not_null = true };
|
||||||
|
public Column<string> record_base64 = new Column.Text("record_base64") { not_null = true };
|
||||||
|
|
||||||
|
protected SessionTable(Database db) {
|
||||||
|
base(db, "session");
|
||||||
|
init({identity_id, address_name, device_id, record_base64});
|
||||||
|
unique({identity_id, address_name, device_id});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
public IdentityTable identity { get; private set; }
|
||||||
|
public SignedPreKeyTable signed_pre_key { get; private set; }
|
||||||
|
public PreKeyTable pre_key { get; private set; }
|
||||||
|
public SessionTable session { get; private set; }
|
||||||
|
|
||||||
|
public Database(string fileName) {
|
||||||
|
base(fileName, VERSION);
|
||||||
|
identity = new IdentityTable(this);
|
||||||
|
signed_pre_key = new SignedPreKeyTable(this);
|
||||||
|
pre_key = new PreKeyTable(this);
|
||||||
|
session = new SessionTable(this);
|
||||||
|
init({identity, signed_pre_key, pre_key, session});
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void migrate(long oldVersion) {
|
||||||
|
// new table columns are added, outdated columns are still present
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
270
plugins/omemo/src/manager.vala
Normal file
270
plugins/omemo/src/manager.vala
Normal file
|
@ -0,0 +1,270 @@
|
||||||
|
using Dino.Entities;
|
||||||
|
using Signal;
|
||||||
|
using Qlite;
|
||||||
|
using Xmpp;
|
||||||
|
using Gee;
|
||||||
|
|
||||||
|
namespace Dino.Omemo {
|
||||||
|
|
||||||
|
public class Manager : StreamInteractionModule, Object {
|
||||||
|
public const string id = "omemo_manager";
|
||||||
|
|
||||||
|
private StreamInteractor stream_interactor;
|
||||||
|
private Database db;
|
||||||
|
private ArrayList<Entities.Message> to_send_after_devicelist = new ArrayList<Entities.Message>();
|
||||||
|
private ArrayList<Entities.Message> to_send_after_session = new ArrayList<Entities.Message>();
|
||||||
|
|
||||||
|
private Manager(StreamInteractor stream_interactor, Database db) {
|
||||||
|
this.stream_interactor = stream_interactor;
|
||||||
|
this.db = db;
|
||||||
|
|
||||||
|
stream_interactor.account_added.connect(on_account_added);
|
||||||
|
MessageManager.get_instance(stream_interactor).pre_message_received.connect(on_pre_message_received);
|
||||||
|
MessageManager.get_instance(stream_interactor).pre_message_send.connect(on_pre_message_send);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void on_pre_message_received(Entities.Message message, Xmpp.Message.Stanza message_stanza, Conversation conversation) {
|
||||||
|
if (MessageFlag.get_flag(message_stanza) != null && MessageFlag.get_flag(message_stanza).decrypted) {
|
||||||
|
message.encryption = Encryption.OMEMO;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void on_pre_message_send(Entities.Message message, Xmpp.Message.Stanza message_stanza, Conversation conversation) {
|
||||||
|
if (message.encryption == Encryption.OMEMO) {
|
||||||
|
Module module = Module.get_module(stream_interactor.get_stream(conversation.account));
|
||||||
|
EncryptStatus status = module.encrypt(message_stanza, conversation.account.bare_jid.to_string());
|
||||||
|
if (status.other_failure > 0 || (status.other_lost == status.other_devices && status.other_devices > 0)) {
|
||||||
|
message.marked = Entities.Message.Marked.WONTSEND;
|
||||||
|
} else if (status.other_unknown > 0 || status.own_devices == 0) {
|
||||||
|
message.marked = Entities.Message.Marked.UNSENT;
|
||||||
|
} else if (!status.encrypted) {
|
||||||
|
message.marked = Entities.Message.Marked.WONTSEND;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (status.other_unknown > 0) {
|
||||||
|
bool cont = true;
|
||||||
|
lock(to_send_after_session) {
|
||||||
|
foreach(Entities.Message msg in to_send_after_session) {
|
||||||
|
if (msg.counterpart.bare_jid.to_string() == message.counterpart.bare_jid.to_string()) cont = false;
|
||||||
|
}
|
||||||
|
to_send_after_session.add(message);
|
||||||
|
}
|
||||||
|
if (cont) module.start_sessions_with(stream_interactor.get_stream(conversation.account), message.counterpart.bare_jid.to_string());
|
||||||
|
}
|
||||||
|
if (status.own_unknown > 0) {
|
||||||
|
module.start_sessions_with(stream_interactor.get_stream(conversation.account), conversation.account.bare_jid.to_string());
|
||||||
|
}
|
||||||
|
if (status.own_devices == 0) {
|
||||||
|
lock (to_send_after_session) {
|
||||||
|
to_send_after_devicelist.add(message);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void on_account_added(Account account) {
|
||||||
|
stream_interactor.module_manager.get_module(account, Module.IDENTITY).store_created.connect((context, store) => on_store_created(account, context, store));
|
||||||
|
stream_interactor.module_manager.get_module(account, Module.IDENTITY).device_list_loaded.connect(() => on_device_list_loaded(account));
|
||||||
|
stream_interactor.module_manager.get_module(account, Module.IDENTITY).session_started.connect((jid, device_id) => on_session_started(account, jid));
|
||||||
|
}
|
||||||
|
|
||||||
|
private void on_session_started(Account account, string jid) {
|
||||||
|
lock(to_send_after_session) {
|
||||||
|
Iterator<Entities.Message> iter = to_send_after_session.iterator();
|
||||||
|
while (iter.next()) {
|
||||||
|
Entities.Message msg = iter.get();
|
||||||
|
if (msg.account.bare_jid.to_string() == account.bare_jid.to_string() && msg.counterpart.bare_jid.to_string() == jid) {
|
||||||
|
Entities.Conversation conv = ConversationManager.get_instance(stream_interactor).get_conversation(msg.counterpart, account);
|
||||||
|
MessageManager.get_instance(stream_interactor).send_xmpp_message(msg, conv, true);
|
||||||
|
iter.remove();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void on_device_list_loaded(Account account) {
|
||||||
|
lock(to_send_after_devicelist) {
|
||||||
|
Iterator<Entities.Message> iter = to_send_after_devicelist.iterator();
|
||||||
|
while (iter.next()) {
|
||||||
|
Entities.Message msg = iter.get();
|
||||||
|
if (msg.account.bare_jid.to_string() == account.bare_jid.to_string()) {
|
||||||
|
Entities.Conversation conv = ConversationManager.get_instance(stream_interactor).get_conversation(msg.counterpart, account);
|
||||||
|
MessageManager.get_instance(stream_interactor).send_xmpp_message(msg, conv, true);
|
||||||
|
iter.remove();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void on_store_created(Account account, Context context, Store store) {
|
||||||
|
Qlite.Row? row = null;
|
||||||
|
try {
|
||||||
|
row = db.identity.row_with(db.identity.account_id, account.id);
|
||||||
|
} catch (Error e) {
|
||||||
|
// Ignore error
|
||||||
|
}
|
||||||
|
int identity_id = -1;
|
||||||
|
|
||||||
|
if (row == null) {
|
||||||
|
// OMEMO not yet initialized, starting with empty base
|
||||||
|
store.identity_key_store.local_registration_id = Random.int_range(1, int32.MAX);
|
||||||
|
|
||||||
|
Signal.ECKeyPair key_pair = context.generate_key_pair();
|
||||||
|
store.identity_key_store.identity_key_private = key_pair.private.serialize();
|
||||||
|
store.identity_key_store.identity_key_public = key_pair.public.serialize();
|
||||||
|
|
||||||
|
try {
|
||||||
|
identity_id = (int) db.identity.insert().or("REPLACE")
|
||||||
|
.value(db.identity.account_id, account.id)
|
||||||
|
.value(db.identity.device_id, (int) store.local_registration_id)
|
||||||
|
.value(db.identity.identity_key_private_base64, Base64.encode(store.identity_key_store.identity_key_private))
|
||||||
|
.value(db.identity.identity_key_public_base64, Base64.encode(store.identity_key_store.identity_key_public))
|
||||||
|
.perform();
|
||||||
|
} catch (Error e) {
|
||||||
|
// Ignore error
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
store.identity_key_store.local_registration_id = row[db.identity.device_id];
|
||||||
|
store.identity_key_store.identity_key_private = Base64.decode(row[db.identity.identity_key_private_base64]);
|
||||||
|
store.identity_key_store.identity_key_public = Base64.decode(row[db.identity.identity_key_public_base64]);
|
||||||
|
identity_id = row[db.identity.id];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (identity_id >= 0) {
|
||||||
|
store.signed_pre_key_store = new BackedSignedPreKeyStore(db, identity_id);
|
||||||
|
store.pre_key_store = new BackedPreKeyStore(db, identity_id);
|
||||||
|
store.session_store = new BackedSessionStore(db, identity_id);
|
||||||
|
} else {
|
||||||
|
print(@"WARN: OMEMO store for $(account.bare_jid) is not persisted");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private class BackedSignedPreKeyStore : SimpleSignedPreKeyStore {
|
||||||
|
private Database db;
|
||||||
|
private int identity_id;
|
||||||
|
|
||||||
|
public BackedSignedPreKeyStore(Database db, int identity_id) {
|
||||||
|
this.db = db;
|
||||||
|
this.identity_id = identity_id;
|
||||||
|
init();
|
||||||
|
}
|
||||||
|
|
||||||
|
private void init() {
|
||||||
|
foreach (Row row in db.signed_pre_key.select().with(db.signed_pre_key.identity_id, "=", identity_id)) {
|
||||||
|
store_signed_pre_key(row[db.signed_pre_key.signed_pre_key_id], Base64.decode(row[db.signed_pre_key.record_base64]));
|
||||||
|
}
|
||||||
|
|
||||||
|
signed_pre_key_stored.connect(on_signed_pre_key_stored);
|
||||||
|
signed_pre_key_deleted.connect(on_signed_pre_key_deleted);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void on_signed_pre_key_stored(SignedPreKeyStore.Key key) {
|
||||||
|
db.signed_pre_key.insert().or("REPLACE")
|
||||||
|
.value(db.signed_pre_key.identity_id, identity_id)
|
||||||
|
.value(db.signed_pre_key.signed_pre_key_id, (int) key.key_id)
|
||||||
|
.value(db.signed_pre_key.record_base64, Base64.encode(key.record))
|
||||||
|
.perform();
|
||||||
|
}
|
||||||
|
|
||||||
|
public void on_signed_pre_key_deleted(SignedPreKeyStore.Key key) {
|
||||||
|
db.signed_pre_key.delete()
|
||||||
|
.with(db.signed_pre_key.identity_id, "=", identity_id)
|
||||||
|
.with(db.signed_pre_key.signed_pre_key_id, "=", (int) key.key_id)
|
||||||
|
.perform();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private class BackedPreKeyStore : SimplePreKeyStore {
|
||||||
|
private Database db;
|
||||||
|
private int identity_id;
|
||||||
|
|
||||||
|
public BackedPreKeyStore(Database db, int identity_id) {
|
||||||
|
this.db = db;
|
||||||
|
this.identity_id = identity_id;
|
||||||
|
init();
|
||||||
|
}
|
||||||
|
|
||||||
|
private void init() {
|
||||||
|
foreach (Row row in db.pre_key.select().with(db.pre_key.identity_id, "=", identity_id)) {
|
||||||
|
store_pre_key(row[db.pre_key.pre_key_id], Base64.decode(row[db.pre_key.record_base64]));
|
||||||
|
}
|
||||||
|
|
||||||
|
pre_key_stored.connect(on_pre_key_stored);
|
||||||
|
pre_key_deleted.connect(on_pre_key_deleted);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void on_pre_key_stored(PreKeyStore.Key key) {
|
||||||
|
db.pre_key.insert().or("REPLACE")
|
||||||
|
.value(db.pre_key.identity_id, identity_id)
|
||||||
|
.value(db.pre_key.pre_key_id, (int) key.key_id)
|
||||||
|
.value(db.pre_key.record_base64, Base64.encode(key.record))
|
||||||
|
.perform();
|
||||||
|
}
|
||||||
|
|
||||||
|
public void on_pre_key_deleted(PreKeyStore.Key key) {
|
||||||
|
db.pre_key.delete()
|
||||||
|
.with(db.pre_key.identity_id, "=", identity_id)
|
||||||
|
.with(db.pre_key.pre_key_id, "=", (int) key.key_id)
|
||||||
|
.perform();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private class BackedSessionStore : SimpleSessionStore {
|
||||||
|
private Database db;
|
||||||
|
private int identity_id;
|
||||||
|
|
||||||
|
public BackedSessionStore(Database db, int identity_id) {
|
||||||
|
this.db = db;
|
||||||
|
this.identity_id = identity_id;
|
||||||
|
init();
|
||||||
|
}
|
||||||
|
|
||||||
|
private void init() {
|
||||||
|
Address addr = new Address();
|
||||||
|
foreach (Row row in db.session.select().with(db.session.identity_id, "=", identity_id)) {
|
||||||
|
addr.name = row[db.session.address_name];
|
||||||
|
addr.device_id = row[db.session.device_id];
|
||||||
|
store_session(addr, Base64.decode(row[db.session.record_base64]));
|
||||||
|
}
|
||||||
|
|
||||||
|
session_stored.connect(on_session_stored);
|
||||||
|
session_removed.connect(on_session_deleted);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void on_session_stored(SessionStore.Session session) {
|
||||||
|
db.session.insert().or("REPLACE")
|
||||||
|
.value(db.session.identity_id, identity_id)
|
||||||
|
.value(db.session.address_name, session.name)
|
||||||
|
.value(db.session.device_id, session.device_id)
|
||||||
|
.value(db.session.record_base64, Base64.encode(session.record))
|
||||||
|
.perform();
|
||||||
|
}
|
||||||
|
|
||||||
|
public void on_session_deleted(SessionStore.Session session) {
|
||||||
|
db.session.delete()
|
||||||
|
.with(db.session.identity_id, "=", identity_id)
|
||||||
|
.with(db.session.address_name, "=", session.name)
|
||||||
|
.with(db.session.device_id, "=", session.device_id)
|
||||||
|
.perform();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool con_encrypt(Entities.Conversation conversation) {
|
||||||
|
return true; // TODO
|
||||||
|
}
|
||||||
|
|
||||||
|
internal string get_id() {
|
||||||
|
return id;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static void start(StreamInteractor stream_interactor, Database db) {
|
||||||
|
Manager m = new Manager(stream_interactor, db);
|
||||||
|
stream_interactor.add_module(m);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static Manager? get_instance(StreamInteractor stream_interactor) {
|
||||||
|
return (Manager) stream_interactor.get_module(id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
560
plugins/omemo/src/module.vala
Normal file
560
plugins/omemo/src/module.vala
Normal file
|
@ -0,0 +1,560 @@
|
||||||
|
using Gee;
|
||||||
|
using Xmpp;
|
||||||
|
using Xmpp.Core;
|
||||||
|
using Xmpp.Xep;
|
||||||
|
using Signal;
|
||||||
|
|
||||||
|
namespace Dino.Omemo {
|
||||||
|
|
||||||
|
private const string NS_URI = "eu.siacs.conversations.axolotl";
|
||||||
|
private const string NODE_DEVICELIST = NS_URI + ".devicelist";
|
||||||
|
private const string NODE_BUNDLES = NS_URI + ".bundles";
|
||||||
|
private const string NODE_VERIFICATION = NS_URI + ".verification";
|
||||||
|
|
||||||
|
private const int NUM_KEYS_TO_PUBLISH = 100;
|
||||||
|
|
||||||
|
public class Module : XmppStreamModule {
|
||||||
|
private const string ID = "axolotl_module";
|
||||||
|
public static ModuleIdentity<Module> IDENTITY = new ModuleIdentity<Module>(NS_URI, ID);
|
||||||
|
|
||||||
|
private Store store;
|
||||||
|
internal static Context context;
|
||||||
|
private bool device_list_loading = false;
|
||||||
|
private bool device_list_modified = false;
|
||||||
|
private Map<string, ArrayList<int32>> device_lists = new HashMap<string, ArrayList<int32>>();
|
||||||
|
private Map<string, ArrayList<int32>> ignored_devices = new HashMap<string, ArrayList<int32>>();
|
||||||
|
|
||||||
|
public signal void store_created(Context context, Store store);
|
||||||
|
public signal void device_list_loaded();
|
||||||
|
public signal void session_started(string jid, int device_id);
|
||||||
|
|
||||||
|
public Module() {
|
||||||
|
lock(context) {
|
||||||
|
if (context == null) {
|
||||||
|
try {
|
||||||
|
context = new Context(true);
|
||||||
|
} catch (Error e) {
|
||||||
|
print(@"Error initializing axolotl: $(e.message)\n");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public EncryptStatus encrypt(Message.Stanza message, string self_bare_jid) {
|
||||||
|
EncryptStatus status = new EncryptStatus();
|
||||||
|
if (context == null) return status;
|
||||||
|
try {
|
||||||
|
string name = get_bare_jid(message.to);
|
||||||
|
if (device_lists.get(name) == null || device_lists.get(self_bare_jid) == null) return status;
|
||||||
|
status.other_devices = device_lists.get(name).size;
|
||||||
|
status.own_devices = device_lists.get(self_bare_jid).size;
|
||||||
|
if (status.other_devices == 0) return status;
|
||||||
|
|
||||||
|
uint8[] key = new uint8[16];
|
||||||
|
context.randomize(key);
|
||||||
|
uint8[] iv = new uint8[16];
|
||||||
|
context.randomize(iv);
|
||||||
|
|
||||||
|
uint8[] ciphertext = aes_encrypt(Cipher.AES_GCM_NOPADDING, key, iv, message.body.data);
|
||||||
|
|
||||||
|
StanzaNode header = null;
|
||||||
|
StanzaNode encrypted = new StanzaNode.build("encrypted", NS_URI).add_self_xmlns()
|
||||||
|
.put_node(header = new StanzaNode.build("header", NS_URI)
|
||||||
|
.put_attribute("sid", store.local_registration_id.to_string())
|
||||||
|
.put_node(new StanzaNode.build("iv", NS_URI)
|
||||||
|
.put_node(new StanzaNode.text(Base64.encode(iv)))))
|
||||||
|
.put_node(new StanzaNode.build("payload", NS_URI)
|
||||||
|
.put_node(new StanzaNode.text(Base64.encode(ciphertext))));
|
||||||
|
|
||||||
|
Address address = new Address();
|
||||||
|
address.name = name;
|
||||||
|
foreach(int32 device_id in device_lists[name]) {
|
||||||
|
if (is_ignored_device(name, device_id)) {
|
||||||
|
status.other_lost++;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
try {
|
||||||
|
address.device_id = (int) device_id;
|
||||||
|
StanzaNode key_node = create_encrypted_key(key, address);
|
||||||
|
header.put_node(key_node);
|
||||||
|
status.other_success++;
|
||||||
|
} catch (Error e) {
|
||||||
|
if (e.code == ErrorCode.UNKNOWN) status.other_unknown++;
|
||||||
|
else status.other_failure++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
address.name = self_bare_jid;
|
||||||
|
foreach(int32 device_id in device_lists[self_bare_jid]) {
|
||||||
|
if (is_ignored_device(self_bare_jid, device_id)) {
|
||||||
|
status.own_lost++;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (device_id != store.local_registration_id) {
|
||||||
|
address.device_id = (int) device_id;
|
||||||
|
try {
|
||||||
|
StanzaNode key_node = create_encrypted_key(key, address);
|
||||||
|
header.put_node(key_node);
|
||||||
|
status.own_success++;
|
||||||
|
} catch (Error e) {
|
||||||
|
if (e.code == ErrorCode.UNKNOWN) status.own_unknown++;
|
||||||
|
else status.own_failure++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
message.stanza.put_node(encrypted);
|
||||||
|
message.body = "[This message is OMEMO encrypted]";
|
||||||
|
status.encrypted = true;
|
||||||
|
} catch (Error e) {
|
||||||
|
print(@"Axolotl error while encrypting message: $(e.message)\n");
|
||||||
|
}
|
||||||
|
return status;
|
||||||
|
}
|
||||||
|
|
||||||
|
private StanzaNode create_encrypted_key(uint8[] key, Address address) throws GLib.Error {
|
||||||
|
SessionCipher cipher = store.create_session_cipher(address);
|
||||||
|
CiphertextMessage device_key = cipher.encrypt(key);
|
||||||
|
StanzaNode key_node = new StanzaNode.build("key", NS_URI)
|
||||||
|
.put_attribute("rid", address.device_id.to_string())
|
||||||
|
.put_node(new StanzaNode.text(Base64.encode(device_key.serialized)));
|
||||||
|
if (device_key.type == CiphertextType.PREKEY) key_node.put_attribute("prekey", "true");
|
||||||
|
return key_node;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void attach(XmppStream stream) {
|
||||||
|
if (context == null) return;
|
||||||
|
Message.Module.require(stream);
|
||||||
|
Pubsub.Module.require(stream);
|
||||||
|
stream.get_module(Message.Module.IDENTITY).pre_received_message.connect(on_pre_received_message);
|
||||||
|
stream.get_module(Pubsub.Module.IDENTITY).add_filtered_notification(stream, NODE_DEVICELIST, on_devicelist, this);
|
||||||
|
this.store = context.create_store();
|
||||||
|
store_created(context, store);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void on_pre_received_message(XmppStream stream, Message.Stanza message) {
|
||||||
|
StanzaNode? encrypted = message.stanza.get_subnode("encrypted", NS_URI);
|
||||||
|
if (encrypted == null) return;
|
||||||
|
MessageFlag flag = new MessageFlag();
|
||||||
|
message.add_flag(flag);
|
||||||
|
StanzaNode? header = encrypted.get_subnode("header");
|
||||||
|
if (header == null || header.get_attribute_int("sid") <= 0) return;
|
||||||
|
foreach (StanzaNode key_node in header.get_subnodes("key")) {
|
||||||
|
if (key_node.get_attribute_int("rid") == store.local_registration_id) {
|
||||||
|
try {
|
||||||
|
uint8[] key = null;
|
||||||
|
uint8[] ciphertext = Base64.decode(encrypted.get_subnode("payload").get_string_content());
|
||||||
|
uint8[] iv = Base64.decode(header.get_subnode("iv").get_string_content());
|
||||||
|
Address address = new Address();
|
||||||
|
address.name = get_bare_jid(message.from);
|
||||||
|
address.device_id = header.get_attribute_int("sid");
|
||||||
|
if (key_node.get_attribute_bool("prekey")) {
|
||||||
|
PreKeySignalMessage msg = context.deserialize_pre_key_signal_message(Base64.decode(key_node.get_string_content()));
|
||||||
|
SessionCipher cipher = store.create_session_cipher(address);
|
||||||
|
key = cipher.decrypt_pre_key_signal_message(msg);
|
||||||
|
} else {
|
||||||
|
SignalMessage msg = context.deserialize_signal_message(Base64.decode(key_node.get_string_content()));
|
||||||
|
SessionCipher cipher = store.create_session_cipher(address);
|
||||||
|
key = cipher.decrypt_signal_message(msg);
|
||||||
|
}
|
||||||
|
address.device_id = 0; // TODO: Hack to have address obj live longer
|
||||||
|
|
||||||
|
|
||||||
|
if (key != null && ciphertext != null && iv != null) {
|
||||||
|
if (key.length >= 32) {
|
||||||
|
int authtaglength = key.length - 16;
|
||||||
|
uint8[] new_ciphertext = new uint8[ciphertext.length + authtaglength];
|
||||||
|
uint8[] new_key = new uint8[16];
|
||||||
|
Memory.copy(new_ciphertext, ciphertext, ciphertext.length);
|
||||||
|
Memory.copy((uint8*)new_ciphertext + ciphertext.length, (uint8*)key + 16, authtaglength);
|
||||||
|
Memory.copy(new_key, key, 16);
|
||||||
|
ciphertext = new_ciphertext;
|
||||||
|
key = new_key;
|
||||||
|
}
|
||||||
|
|
||||||
|
message.body = arr_to_str(aes_decrypt(Cipher.AES_GCM_NOPADDING, key, iv, ciphertext));
|
||||||
|
flag.decrypted = true;
|
||||||
|
}
|
||||||
|
} catch (Error e) {
|
||||||
|
print(@"Axolotl error while decrypting message: $(e.message)\n");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private string arr_to_str(uint8[] arr) {
|
||||||
|
// null-terminate the array
|
||||||
|
uint8[] rarr = new uint8[arr.length+1];
|
||||||
|
Memory.copy(rarr, arr, arr.length);
|
||||||
|
return (string)rarr;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void on_devicelist(XmppStream stream, string jid, string id, StanzaNode node) {
|
||||||
|
if (jid == get_bare_jid(Bind.Flag.get_flag(stream).my_jid) && store.local_registration_id != 0) {
|
||||||
|
lock (device_list_loading) {
|
||||||
|
if (!device_list_loading) {
|
||||||
|
device_list_loading = true;
|
||||||
|
GLib.Timeout.add_seconds(3, () => {
|
||||||
|
bool cont = false;
|
||||||
|
lock (device_lists) {
|
||||||
|
if (device_list_modified) {
|
||||||
|
cont = true;
|
||||||
|
device_list_modified = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!cont) {
|
||||||
|
lock (device_list_loading) {
|
||||||
|
device_list_loading = false;
|
||||||
|
device_list_loaded();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return cont;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
bool am_on_devicelist = false;
|
||||||
|
foreach (StanzaNode device_node in node.get_subnodes("device")) {
|
||||||
|
int device_id = device_node.get_attribute_int("id");
|
||||||
|
if (store.local_registration_id == device_id) {
|
||||||
|
am_on_devicelist = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!am_on_devicelist) {
|
||||||
|
print(@"Not on device list, adding id\n");
|
||||||
|
node.put_node(new StanzaNode.build("device", NS_URI).put_attribute("id", store.local_registration_id.to_string()));
|
||||||
|
stream.get_module(Pubsub.Module.IDENTITY).publish(stream, jid, NODE_DEVICELIST, NODE_DEVICELIST, id, node);
|
||||||
|
} else {
|
||||||
|
publish_bundles_if_needed(stream, jid);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
lock(device_lists) {
|
||||||
|
device_list_modified = true;
|
||||||
|
device_lists[jid] = new ArrayList<int32>();
|
||||||
|
foreach (StanzaNode device_node in node.get_subnodes("device")) {
|
||||||
|
device_lists[jid].add(device_node.get_attribute_int("id"));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void start_sessions_with(XmppStream stream, string bare_jid) {
|
||||||
|
if (!device_lists.has_key(bare_jid)) {
|
||||||
|
// TODO: manually request a device list
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
Address address = new Address();
|
||||||
|
address.name = bare_jid;
|
||||||
|
foreach(int32 device_id in device_lists[bare_jid]) {
|
||||||
|
if (!is_ignored_device(bare_jid, device_id)) {
|
||||||
|
address.device_id = device_id;
|
||||||
|
if (!store.contains_session(address)) {
|
||||||
|
start_session_with(stream, bare_jid, device_id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
address.device_id = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void start_session_with(XmppStream stream, string bare_jid, int device_id) {
|
||||||
|
print(@"Asking for bundle from $bare_jid/$device_id\n");
|
||||||
|
stream.get_module(Pubsub.Module.IDENTITY).request(stream, bare_jid, @"$NODE_BUNDLES:$device_id", new OtherBundleResponseListener(store, device_id));
|
||||||
|
}
|
||||||
|
|
||||||
|
public void ignore_device(string jid, int32 device_id) {
|
||||||
|
if (device_id <= 0) return;
|
||||||
|
lock (ignored_devices) {
|
||||||
|
if (!ignored_devices.has_key(jid)) {
|
||||||
|
ignored_devices[jid] = new ArrayList<int32>();
|
||||||
|
}
|
||||||
|
ignored_devices[jid].add(device_id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool is_ignored_device(string jid, int32 device_id) {
|
||||||
|
if (device_id <= 0) return true;
|
||||||
|
lock (ignored_devices) {
|
||||||
|
return ignored_devices.has_key(jid) && ignored_devices[jid].contains(device_id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private class OtherBundleResponseListener : Pubsub.RequestResponseListener, Object {
|
||||||
|
private Store store;
|
||||||
|
private int device_id;
|
||||||
|
|
||||||
|
public OtherBundleResponseListener(Store store, int device_id) {
|
||||||
|
this.store = store;
|
||||||
|
this.device_id = device_id;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void on_result(XmppStream stream, string jid, string? id, StanzaNode? node) {
|
||||||
|
bool fail = false;
|
||||||
|
if (node == null) {
|
||||||
|
// Device not registered, shouldn't exist
|
||||||
|
fail = true;
|
||||||
|
} else {
|
||||||
|
Bundle bundle = new Bundle(node);
|
||||||
|
int32 signed_pre_key_id = bundle.signed_pre_key_id;
|
||||||
|
ECPublicKey? signed_pre_key = bundle.signed_pre_key;
|
||||||
|
uint8[] signed_pre_key_signature = bundle.signed_pre_key_signature;
|
||||||
|
ECPublicKey? identity_key = bundle.identity_key;
|
||||||
|
|
||||||
|
ArrayList<Bundle.PreKey> pre_keys = bundle.pre_keys;
|
||||||
|
int pre_key_idx = Random.int_range(0, pre_keys.size);
|
||||||
|
int32 pre_key_id = pre_keys[pre_key_idx].key_id;
|
||||||
|
ECPublicKey? pre_key = pre_keys[pre_key_idx].key;
|
||||||
|
|
||||||
|
if (signed_pre_key_id < 0 || signed_pre_key == null || identity_key == null || pre_key_id < 0 || pre_key == null) {
|
||||||
|
fail = true;
|
||||||
|
} else {
|
||||||
|
Address address = new Address();
|
||||||
|
address.name = jid;
|
||||||
|
address.device_id = device_id;
|
||||||
|
try {
|
||||||
|
if (store.contains_session(address)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
SessionBuilder builder = store.create_session_builder(address);
|
||||||
|
builder.process_pre_key_bundle(create_pre_key_bundle(device_id, device_id, pre_key_id, pre_key, signed_pre_key_id, signed_pre_key, signed_pre_key_signature, identity_key));
|
||||||
|
} catch (Error e) {
|
||||||
|
fail = true;
|
||||||
|
}
|
||||||
|
address.device_id = 0; // TODO: Hack to have address obj live longer
|
||||||
|
get_module(stream).session_started(jid, device_id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (fail) {
|
||||||
|
get_module(stream).ignore_device(jid, device_id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void publish_bundles_if_needed(XmppStream stream, string jid) {
|
||||||
|
stream.get_module(Pubsub.Module.IDENTITY).request(stream, jid, @"$NODE_BUNDLES:$(store.local_registration_id)", new SelfBundleResponseListener(store));
|
||||||
|
}
|
||||||
|
|
||||||
|
private class SelfBundleResponseListener : Pubsub.RequestResponseListener, Object {
|
||||||
|
private Store store;
|
||||||
|
|
||||||
|
public SelfBundleResponseListener(Store store) {
|
||||||
|
this.store = store;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void on_result(XmppStream stream, string jid, string? id, StanzaNode? node) {
|
||||||
|
Map<int, ECPublicKey> keys = new HashMap<int, ECPublicKey>();
|
||||||
|
ECPublicKey identity_key = null;
|
||||||
|
IdentityKeyPair identity_key_pair = null;
|
||||||
|
int32 signed_pre_key_id = -1;
|
||||||
|
ECPublicKey signed_pre_key = null;
|
||||||
|
SignedPreKeyRecord signed_pre_key_record = null;
|
||||||
|
bool changed = false;
|
||||||
|
if (node == null) {
|
||||||
|
identity_key = store.identity_key_pair.public;
|
||||||
|
changed = true;
|
||||||
|
} else {
|
||||||
|
Bundle bundle = new Bundle(node);
|
||||||
|
foreach (Bundle.PreKey prekey in bundle.pre_keys) {
|
||||||
|
keys[prekey.key_id] = prekey.key;
|
||||||
|
}
|
||||||
|
identity_key = bundle.identity_key;
|
||||||
|
signed_pre_key_id = bundle.signed_pre_key_id;;
|
||||||
|
signed_pre_key = bundle.signed_pre_key;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate IdentityKey
|
||||||
|
if (store.identity_key_pair.public.compare(identity_key) != 0) {
|
||||||
|
changed = true;
|
||||||
|
}
|
||||||
|
identity_key_pair = store.identity_key_pair;
|
||||||
|
|
||||||
|
// Validate signedPreKeyRecord + ID
|
||||||
|
if (signed_pre_key_id == -1 || !store.contains_signed_pre_key(signed_pre_key_id) || store.load_signed_pre_key(signed_pre_key_id).key_pair.public.compare(signed_pre_key) != 0) {
|
||||||
|
signed_pre_key_id = Random.int_range(1, int32.MAX); // TODO: No random, use ordered number
|
||||||
|
signed_pre_key_record = context.generate_signed_pre_key(identity_key_pair, signed_pre_key_id);
|
||||||
|
store.store_signed_pre_key(signed_pre_key_record);
|
||||||
|
changed = true;
|
||||||
|
} else {
|
||||||
|
signed_pre_key_record = store.load_signed_pre_key(signed_pre_key_id);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate PreKeys
|
||||||
|
Set<PreKeyRecord> pre_key_records = new HashSet<PreKeyRecord>();
|
||||||
|
foreach (var entry in keys.entries) {
|
||||||
|
if (store.contains_pre_key(entry.key)) {
|
||||||
|
PreKeyRecord record = store.load_pre_key(entry.key);
|
||||||
|
if (record.key_pair.public.compare(entry.value) == 0) {
|
||||||
|
pre_key_records.add(record);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
int new_keys = NUM_KEYS_TO_PUBLISH - pre_key_records.size;
|
||||||
|
if (new_keys > 0) {
|
||||||
|
int32 next_id = Random.int_range(1, int32.MAX); // TODO: No random, use ordered number
|
||||||
|
Set<PreKeyRecord> new_records = context.generate_pre_keys((uint)next_id, (uint)new_keys);
|
||||||
|
pre_key_records.add_all(new_records);
|
||||||
|
foreach (PreKeyRecord record in new_records) {
|
||||||
|
store.store_pre_key(record);
|
||||||
|
}
|
||||||
|
changed = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (changed) {
|
||||||
|
publish_bundles(stream, signed_pre_key_record, identity_key_pair, pre_key_records, (int32) store.local_registration_id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static void publish_bundles(XmppStream stream, SignedPreKeyRecord signed_pre_key_record, IdentityKeyPair identity_key_pair, Set<PreKeyRecord> pre_key_records, int32 device_id) {
|
||||||
|
ECKeyPair tmp;
|
||||||
|
StanzaNode bundle = new StanzaNode.build("bundle", NS_URI)
|
||||||
|
.add_self_xmlns()
|
||||||
|
.put_node(new StanzaNode.build("signedPreKeyPublic", NS_URI)
|
||||||
|
.put_attribute("signedPreKeyId", signed_pre_key_record.id.to_string())
|
||||||
|
.put_node(new StanzaNode.text(Base64.encode((tmp = signed_pre_key_record.key_pair).public.serialize()))))
|
||||||
|
.put_node(new StanzaNode.build("signedPreKeySignature", NS_URI)
|
||||||
|
.put_node(new StanzaNode.text(Base64.encode(signed_pre_key_record.signature))))
|
||||||
|
.put_node(new StanzaNode.build("identityKey", NS_URI)
|
||||||
|
.put_node(new StanzaNode.text(Base64.encode(identity_key_pair.public.serialize()))));
|
||||||
|
StanzaNode prekeys = new StanzaNode.build("prekeys", NS_URI);
|
||||||
|
foreach (PreKeyRecord pre_key_record in pre_key_records) {
|
||||||
|
prekeys.put_node(new StanzaNode.build("preKeyPublic", NS_URI)
|
||||||
|
.put_attribute("preKeyId", pre_key_record.id.to_string())
|
||||||
|
.put_node(new StanzaNode.text(Base64.encode(pre_key_record.key_pair.public.serialize()))));
|
||||||
|
}
|
||||||
|
bundle.put_node(prekeys);
|
||||||
|
|
||||||
|
stream.get_module(Pubsub.Module.IDENTITY).publish(stream, null, @"$NODE_BUNDLES:$device_id", @"$NODE_BUNDLES:$device_id", "1", bundle);
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void detach(XmppStream stream) {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public static Module? get_module(XmppStream stream) {
|
||||||
|
return (Module?) stream.get_module(IDENTITY);
|
||||||
|
}
|
||||||
|
|
||||||
|
public override string get_ns() {
|
||||||
|
return NS_URI;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override string get_id() {
|
||||||
|
return ID;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class MessageFlag : Message.MessageFlag {
|
||||||
|
public const string id = "axolotl";
|
||||||
|
|
||||||
|
public bool decrypted = false;
|
||||||
|
|
||||||
|
public static MessageFlag? get_flag(Message.Stanza message) {
|
||||||
|
return (MessageFlag) message.get_flag(NS_URI, id);
|
||||||
|
}
|
||||||
|
|
||||||
|
public override string get_ns() {
|
||||||
|
return NS_URI;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override string get_id() {
|
||||||
|
return id;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
internal class Bundle {
|
||||||
|
private StanzaNode? node;
|
||||||
|
|
||||||
|
public Bundle(StanzaNode? node) {
|
||||||
|
this.node = node;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int32 signed_pre_key_id { owned get {
|
||||||
|
if (node == null) return -1;
|
||||||
|
string id = node.get_deep_attribute("signedPreKeyPublic", "signedPreKeyId");
|
||||||
|
if (id == null) return -1;
|
||||||
|
return id.to_int();
|
||||||
|
}}
|
||||||
|
|
||||||
|
public ECPublicKey? signed_pre_key { owned get {
|
||||||
|
if (node == null) return null;
|
||||||
|
string? key = node.get_deep_string_content("signedPreKeyPublic");
|
||||||
|
if (key == null) return null;
|
||||||
|
try {
|
||||||
|
return Module.context.decode_public_key(Base64.decode(key));
|
||||||
|
} catch (Error e) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}}
|
||||||
|
|
||||||
|
public uint8[] signed_pre_key_signature { owned get {
|
||||||
|
if (node == null) return null;
|
||||||
|
string? sig = node.get_deep_string_content("signedPreKeySignature");
|
||||||
|
if (sig == null) return null;
|
||||||
|
try {
|
||||||
|
return Base64.decode(sig);
|
||||||
|
} catch (Error e) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}}
|
||||||
|
|
||||||
|
public ECPublicKey? identity_key { owned get {
|
||||||
|
if (node == null) return null;
|
||||||
|
string? key = node.get_deep_string_content("identityKey");
|
||||||
|
if (key == null) return null;
|
||||||
|
try {
|
||||||
|
return Module.context.decode_public_key(Base64.decode(key));
|
||||||
|
} catch (Error e) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}}
|
||||||
|
|
||||||
|
public ArrayList<PreKey> pre_keys { owned get {
|
||||||
|
if (node == null || node.get_subnode("prekeys") == null) return null;
|
||||||
|
ArrayList<PreKey> list = new ArrayList<PreKey>();
|
||||||
|
node.get_deep_subnodes("prekeys", "preKeyPublic")
|
||||||
|
.filter((node) => node.get_attribute("preKeyId") != null)
|
||||||
|
.map<PreKey>(PreKey.create)
|
||||||
|
.foreach((key) => list.add(key));
|
||||||
|
return list;
|
||||||
|
}}
|
||||||
|
|
||||||
|
internal class PreKey {
|
||||||
|
private StanzaNode node;
|
||||||
|
|
||||||
|
public static PreKey create(owned StanzaNode node) {
|
||||||
|
return new PreKey(node);
|
||||||
|
}
|
||||||
|
|
||||||
|
public PreKey(StanzaNode node) {
|
||||||
|
this.node = node;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int32 key_id { owned get {
|
||||||
|
return (node.get_attribute("preKeyId") ?? "-1").to_int();
|
||||||
|
}}
|
||||||
|
|
||||||
|
public ECPublicKey? key { owned get {
|
||||||
|
string? key = node.get_string_content();
|
||||||
|
if (key == null) return null;
|
||||||
|
try {
|
||||||
|
return Module.context.decode_public_key(Base64.decode(key));
|
||||||
|
} catch (Error e) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class EncryptStatus {
|
||||||
|
public bool encrypted { get; internal set; }
|
||||||
|
public int other_devices { get; internal set; }
|
||||||
|
public int other_success { get; internal set; }
|
||||||
|
public int other_lost { get; internal set; }
|
||||||
|
public int other_unknown { get; internal set; }
|
||||||
|
public int other_failure { get; internal set; }
|
||||||
|
public int own_devices { get; internal set; }
|
||||||
|
public int own_success { get; internal set; }
|
||||||
|
public int own_lost { get; internal set; }
|
||||||
|
public int own_unknown { get; internal set; }
|
||||||
|
public int own_failure { get; internal set; }
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
130
plugins/omemo/src/plugin.vala
Normal file
130
plugins/omemo/src/plugin.vala
Normal file
|
@ -0,0 +1,130 @@
|
||||||
|
using Xmpp;
|
||||||
|
|
||||||
|
namespace Dino.Omemo {
|
||||||
|
|
||||||
|
public class EncryptionListEntry : Plugins.EncryptionListEntry, Object {
|
||||||
|
private Plugin plugin;
|
||||||
|
|
||||||
|
public EncryptionListEntry(Plugin plugin) {
|
||||||
|
this.plugin = plugin;
|
||||||
|
}
|
||||||
|
|
||||||
|
public Entities.Encryption encryption { get {
|
||||||
|
return Entities.Encryption.OMEMO;
|
||||||
|
}}
|
||||||
|
|
||||||
|
public string name { get {
|
||||||
|
return "OMEMO";
|
||||||
|
}}
|
||||||
|
|
||||||
|
public bool can_encrypt(Entities.Conversation conversation) {
|
||||||
|
return Manager.get_instance(plugin.app.stream_interaction).con_encrypt(conversation);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class AccountSettingsEntry : Plugins.AccountSettingsEntry {
|
||||||
|
private Plugin plugin;
|
||||||
|
|
||||||
|
public AccountSettingsEntry(Plugin plugin) {
|
||||||
|
this.plugin = plugin;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override string id { get {
|
||||||
|
return "omemo_identity_key";
|
||||||
|
}}
|
||||||
|
|
||||||
|
public override string name { get {
|
||||||
|
return "OMEMO";
|
||||||
|
}}
|
||||||
|
|
||||||
|
public override Plugins.AccountSettingsWidget get_widget() {
|
||||||
|
return new AccountSettingWidget(plugin);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class AccountSettingWidget : Plugins.AccountSettingsWidget, Gtk.Box {
|
||||||
|
private Plugin plugin;
|
||||||
|
private Gtk.Label fingerprint;
|
||||||
|
private Entities.Account account;
|
||||||
|
|
||||||
|
public AccountSettingWidget(Plugin plugin) {
|
||||||
|
this.plugin = plugin;
|
||||||
|
|
||||||
|
fingerprint = new Gtk.Label("...");
|
||||||
|
fingerprint.xalign = 0;
|
||||||
|
Gtk.Border border = new Gtk.Button().get_style_context().get_padding(Gtk.StateFlags.NORMAL);
|
||||||
|
fingerprint.set_padding(border.left + 1, border.top + 1);
|
||||||
|
fingerprint.visible = true;
|
||||||
|
pack_start(fingerprint);
|
||||||
|
|
||||||
|
Gtk.Button btn = new Gtk.Button();
|
||||||
|
btn.image = new Gtk.Image.from_icon_name("view-list-symbolic", Gtk.IconSize.BUTTON);
|
||||||
|
btn.relief = Gtk.ReliefStyle.NONE;
|
||||||
|
btn.visible = true;
|
||||||
|
btn.valign = Gtk.Align.CENTER;
|
||||||
|
btn.clicked.connect(() => { activated(); });
|
||||||
|
pack_start(btn, false);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void set_account(Entities.Account account) {
|
||||||
|
this.account = account;
|
||||||
|
try {
|
||||||
|
Qlite.Row? row = plugin.db.identity.row_with(plugin.db.identity.account_id, account.id);
|
||||||
|
if (row == null) {
|
||||||
|
fingerprint.set_markup(@"Own fingerprint\n<span font='8'>Will be generated on first connect</span>");
|
||||||
|
} else {
|
||||||
|
uint8[] arr = Base64.decode(row[plugin.db.identity.identity_key_public_base64]);
|
||||||
|
arr = arr[1:arr.length];
|
||||||
|
string res = "";
|
||||||
|
foreach (uint8 i in arr) {
|
||||||
|
string s = i.to_string("%x");
|
||||||
|
if (s.length == 1) s = "0" + s;
|
||||||
|
res = res + s;
|
||||||
|
if ((res.length % 9) == 8) {
|
||||||
|
if (res.length == 35) {
|
||||||
|
res += "\n";
|
||||||
|
} else {
|
||||||
|
res += " ";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
fingerprint.set_markup(@"Own fingerprint\n<span font_family='monospace' font='8'>$res</span>");
|
||||||
|
}
|
||||||
|
} catch (Qlite.DatabaseError e) {
|
||||||
|
fingerprint.set_markup(@"Own fingerprint\n<span font='8'>Database error</span>");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void deactivate() {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class Plugin : Plugins.RootInterface, Object {
|
||||||
|
public Dino.Application app;
|
||||||
|
public Database db;
|
||||||
|
public EncryptionListEntry list_entry;
|
||||||
|
public AccountSettingsEntry settings_entry;
|
||||||
|
|
||||||
|
public void registered(Dino.Application app) {
|
||||||
|
this.app = app;
|
||||||
|
this.db = new Database("omemo.db");
|
||||||
|
this.list_entry = new EncryptionListEntry(this);
|
||||||
|
this.settings_entry = new AccountSettingsEntry(this);
|
||||||
|
app.plugin_registry.register_encryption_list_entry(list_entry);
|
||||||
|
app.plugin_registry.register_account_settings_entry(settings_entry);
|
||||||
|
app.stream_interaction.module_manager.initialize_account_modules.connect((account, list) => {
|
||||||
|
list.add(new Module());
|
||||||
|
});
|
||||||
|
Manager.start(app.stream_interaction, db);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void shutdown() {
|
||||||
|
// Nothing to do
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public Type register_plugin(Module module) {
|
||||||
|
return typeof (Dino.Omemo.Plugin);
|
||||||
|
}
|
138
plugins/signal-protocol/CMakeLists.txt
Normal file
138
plugins/signal-protocol/CMakeLists.txt
Normal file
|
@ -0,0 +1,138 @@
|
||||||
|
add_subdirectory(libsignal-protocol-c)
|
||||||
|
set_property(TARGET curve25519 PROPERTY POSITION_INDEPENDENT_CODE ON)
|
||||||
|
set_property(TARGET protobuf-c PROPERTY POSITION_INDEPENDENT_CODE ON)
|
||||||
|
set_property(TARGET signal-protocol-c PROPERTY POSITION_INDEPENDENT_CODE ON)
|
||||||
|
|
||||||
|
find_package(Vala REQUIRED)
|
||||||
|
find_package(PkgConfig REQUIRED)
|
||||||
|
find_package(OpenSSL REQUIRED)
|
||||||
|
include(${VALA_USE_FILE})
|
||||||
|
|
||||||
|
set(SIGNAL_PROTOCOL_PACKAGES
|
||||||
|
glib-2.0
|
||||||
|
gee-0.8
|
||||||
|
gobject-2.0
|
||||||
|
)
|
||||||
|
|
||||||
|
pkg_check_modules(SIGNAL_PROTOCOL REQUIRED ${SIGNAL_PROTOCOL_PACKAGES})
|
||||||
|
|
||||||
|
vala_precompile(SIGNAL_PROTOCOL_VALA_C
|
||||||
|
SOURCES
|
||||||
|
"src/context.vala"
|
||||||
|
"src/simple_iks.vala"
|
||||||
|
"src/simple_ss.vala"
|
||||||
|
"src/simple_pks.vala"
|
||||||
|
"src/simple_spks.vala"
|
||||||
|
"src/store.vala"
|
||||||
|
"src/util.vala"
|
||||||
|
CUSTOM_VAPIS
|
||||||
|
${CMAKE_CURRENT_SOURCE_DIR}/vapi/signal-protocol-public.vapi
|
||||||
|
${CMAKE_CURRENT_SOURCE_DIR}/vapi/signal-protocol-native.vapi
|
||||||
|
PACKAGES
|
||||||
|
${SIGNAL_PROTOCOL_PACKAGES}
|
||||||
|
GENERATE_VAPI
|
||||||
|
signal-protocol-vala
|
||||||
|
GENERATE_HEADER
|
||||||
|
signal-protocol-vala
|
||||||
|
OPTIONS
|
||||||
|
${GLOBAL_DEBUG_FLAGS}
|
||||||
|
--thread
|
||||||
|
)
|
||||||
|
|
||||||
|
set(CFLAGS ${VALA_CFLAGS} ${SIGNAL_PROTOCOL_CFLAGS} -I${CMAKE_CURRENT_SOURCE_DIR}/libsignal-protocol-c/src -I${CMAKE_CURRENT_SOURCE_DIR}/src)
|
||||||
|
add_definitions(${CFLAGS})
|
||||||
|
add_library(signal-protocol-vala ${SIGNAL_PROTOCOL_VALA_C} ${CMAKE_CURRENT_SOURCE_DIR}/src/signal_helper.c)
|
||||||
|
add_dependencies(signal-protocol-vala signal-protocol-c)
|
||||||
|
target_link_libraries(signal-protocol-vala ${SIGNAL_PROTOCOL_LIBRARIES} ${OPENSSL_CRYPTO_LIBRARY} signal-protocol-c -lm)
|
||||||
|
set_property(TARGET signal-protocol-vala PROPERTY POSITION_INDEPENDENT_CODE ON)
|
||||||
|
|
||||||
|
set(SIGNAL_PROTOCOL_C_HEADERS
|
||||||
|
signal_protocol.h
|
||||||
|
signal_protocol_types.h
|
||||||
|
curve.h
|
||||||
|
hkdf.h
|
||||||
|
ratchet.h
|
||||||
|
protocol.h
|
||||||
|
session_state.h
|
||||||
|
session_record.h
|
||||||
|
session_pre_key.h
|
||||||
|
session_builder.h
|
||||||
|
session_cipher.h
|
||||||
|
key_helper.h
|
||||||
|
sender_key.h
|
||||||
|
sender_key_state.h
|
||||||
|
sender_key_record.h
|
||||||
|
group_session_builder.h
|
||||||
|
group_cipher.h
|
||||||
|
fingerprint.h
|
||||||
|
device_consistency.h
|
||||||
|
)
|
||||||
|
|
||||||
|
set(C_HEADERS_SRC "")
|
||||||
|
set(C_HEADERS_TARGET "")
|
||||||
|
|
||||||
|
foreach(f ${SIGNAL_PROTOCOL_C_HEADERS})
|
||||||
|
list(APPEND C_HEADERS_SRC "${CMAKE_CURRENT_SOURCE_DIR}/libsignal-protocol-c/src/${f}")
|
||||||
|
list(APPEND C_HEADERS_TARGET "${CMAKE_BINARY_DIR}/exports/${f}")
|
||||||
|
add_custom_command(OUTPUT "${CMAKE_BINARY_DIR}/exports/${f}"
|
||||||
|
COMMAND
|
||||||
|
cp "${CMAKE_CURRENT_SOURCE_DIR}/libsignal-protocol-c/src/${f}" "${CMAKE_BINARY_DIR}/exports/${f}"
|
||||||
|
DEPENDS
|
||||||
|
"${CMAKE_CURRENT_SOURCE_DIR}/libsignal-protocol-c/src/${f}"
|
||||||
|
COMMENT
|
||||||
|
Copy header file ${f}
|
||||||
|
)
|
||||||
|
endforeach(f)
|
||||||
|
|
||||||
|
list(APPEND C_HEADERS_SRC "${CMAKE_CURRENT_SOURCE_DIR}/src/signal_helper.h")
|
||||||
|
list(APPEND C_HEADERS_TARGET "${CMAKE_BINARY_DIR}/exports/signal_helper.h")
|
||||||
|
|
||||||
|
add_custom_command(OUTPUT "${CMAKE_BINARY_DIR}/exports/signal_helper.h"
|
||||||
|
COMMAND
|
||||||
|
cp "${CMAKE_CURRENT_SOURCE_DIR}/src/signal_helper.h" "${CMAKE_BINARY_DIR}/exports/signal_helper.h"
|
||||||
|
DEPENDS
|
||||||
|
"${CMAKE_CURRENT_SOURCE_DIR}/src/signal_helper.h"
|
||||||
|
COMMENT
|
||||||
|
Copy header file signal_helper.h
|
||||||
|
)
|
||||||
|
|
||||||
|
add_custom_command(OUTPUT ${CMAKE_BINARY_DIR}/exports/signal-protocol.vapi
|
||||||
|
COMMAND
|
||||||
|
cat "${CMAKE_CURRENT_SOURCE_DIR}/vapi/signal-protocol-public.vapi" "${CMAKE_BINARY_DIR}/exports/signal-protocol-vala.vapi" > "${CMAKE_BINARY_DIR}/exports/signal-protocol.vapi"
|
||||||
|
DEPENDS
|
||||||
|
${CMAKE_CURRENT_SOURCE_DIR}/vapi/signal-protocol-public.vapi
|
||||||
|
${CMAKE_BINARY_DIR}/exports/signal-protocol-vala.vapi
|
||||||
|
)
|
||||||
|
|
||||||
|
add_custom_target(signal-protocol-vapi
|
||||||
|
DEPENDS
|
||||||
|
${CMAKE_BINARY_DIR}/exports/signal-protocol.vapi
|
||||||
|
${CMAKE_BINARY_DIR}/exports/signal-protocol-vala.h
|
||||||
|
${C_HEADERS_TARGET}
|
||||||
|
)
|
||||||
|
|
||||||
|
if(BUILD_TESTING)
|
||||||
|
vala_precompile(SIGNAL_TEST_VALA_C
|
||||||
|
SOURCES
|
||||||
|
"tests/common.vala"
|
||||||
|
"tests/testcase.vala"
|
||||||
|
|
||||||
|
"tests/curve25519.vala"
|
||||||
|
"tests/hkdf.vala"
|
||||||
|
"tests/session_builder.vala"
|
||||||
|
CUSTOM_VAPIS
|
||||||
|
${CMAKE_BINARY_DIR}/exports/signal-protocol-vala-internal.vapi
|
||||||
|
${CMAKE_CURRENT_SOURCE_DIR}/vapi/signal-protocol-public.vapi
|
||||||
|
${CMAKE_CURRENT_SOURCE_DIR}/vapi/signal-protocol-native.vapi
|
||||||
|
PACKAGES
|
||||||
|
${SIGNAL_PROTOCOL_PACKAGES}
|
||||||
|
OPTIONS
|
||||||
|
${GLOBAL_DEBUG_FLAGS}
|
||||||
|
--thread
|
||||||
|
)
|
||||||
|
|
||||||
|
set(CFLAGS ${VALA_CFLAGS} ${SIGNAL_PROTOCOL_CFLAGS} -I${CMAKE_CURRENT_BINARY_DIR}/signal-protocol)
|
||||||
|
add_executable(signal-protocol-vala-test ${SIGNAL_TEST_VALA_C})
|
||||||
|
add_dependencies(signal-protocol-vala-test signal-protocol-vala signal-protocol-vapi)
|
||||||
|
target_link_libraries(signal-protocol-vala-test signal-protocol-vala)
|
||||||
|
endif(BUILD_TESTING)
|
1
plugins/signal-protocol/libsignal-protocol-c
Submodule
1
plugins/signal-protocol/libsignal-protocol-c
Submodule
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit 7d4b305691c59a12a3ff5b54a34d6f095f9b7910
|
101
plugins/signal-protocol/src/context.vala
Normal file
101
plugins/signal-protocol/src/context.vala
Normal file
|
@ -0,0 +1,101 @@
|
||||||
|
namespace Signal {
|
||||||
|
|
||||||
|
public class Context {
|
||||||
|
internal NativeContext native_context;
|
||||||
|
private RecMutex mutex = RecMutex();
|
||||||
|
|
||||||
|
static void locking_function_lock(void* user_data) {
|
||||||
|
Context ctx = (Context) user_data;
|
||||||
|
ctx.mutex.lock();
|
||||||
|
}
|
||||||
|
|
||||||
|
static void locking_function_unlock(void* user_data) {
|
||||||
|
Context ctx = (Context) user_data;
|
||||||
|
ctx.mutex.unlock();
|
||||||
|
}
|
||||||
|
|
||||||
|
static void stderr_log(LogLevel level, string message, void* user_data) {
|
||||||
|
printerr(@"$level: $message\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
public Context(bool log = false) throws Error {
|
||||||
|
throw_by_code(NativeContext.create(out native_context, this), "Error initializing native context");
|
||||||
|
throw_by_code(native_context.set_locking_functions(locking_function_lock, locking_function_unlock), "Error initializing native locking functions");
|
||||||
|
if (log) native_context.set_log_function(stderr_log);
|
||||||
|
setup_crypto_provider(native_context);
|
||||||
|
}
|
||||||
|
|
||||||
|
public Store create_store() {
|
||||||
|
return new Store(this);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void randomize(uint8[] data) throws Error {
|
||||||
|
throw_by_code(Signal.native_random(native_context, data));
|
||||||
|
}
|
||||||
|
|
||||||
|
public SignedPreKeyRecord generate_signed_pre_key(IdentityKeyPair identity_key_pair, int32 id, uint64 timestamp = 0) throws Error {
|
||||||
|
if (timestamp == 0) timestamp = new DateTime.now_local().to_unix();
|
||||||
|
SignedPreKeyRecord res;
|
||||||
|
throw_by_code(Protocol.KeyHelper.generate_signed_pre_key(out res, identity_key_pair, id, timestamp, native_context));
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
public Gee.Set<PreKeyRecord> generate_pre_keys(uint start, uint count) throws Error {
|
||||||
|
Gee.Set<PreKeyRecord> res = new Gee.HashSet<PreKeyRecord>();
|
||||||
|
for(uint i = start; i < start+count; i++) {
|
||||||
|
ECKeyPair pair = generate_key_pair();
|
||||||
|
res.add(new PreKeyRecord(i, pair));
|
||||||
|
}
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
public ECPublicKey decode_public_key(uint8[] bytes) throws Error {
|
||||||
|
ECPublicKey public_key;
|
||||||
|
throw_by_code(curve_decode_point(out public_key, bytes, native_context), "Error decoding public key");
|
||||||
|
return public_key;
|
||||||
|
}
|
||||||
|
|
||||||
|
public ECPrivateKey decode_private_key(uint8[] bytes) throws Error {
|
||||||
|
ECPrivateKey private_key;
|
||||||
|
throw_by_code(curve_decode_private_point(out private_key, bytes, native_context), "Error decoding private key");
|
||||||
|
return private_key;
|
||||||
|
}
|
||||||
|
|
||||||
|
public ECKeyPair generate_key_pair() throws Error {
|
||||||
|
ECKeyPair key_pair;
|
||||||
|
throw_by_code(curve_generate_key_pair(native_context, out key_pair), "Error generating key pair");
|
||||||
|
return key_pair;
|
||||||
|
}
|
||||||
|
|
||||||
|
public uint8[] calculate_signature(ECPrivateKey signing_key, uint8[] message) throws Error {
|
||||||
|
Buffer signature;
|
||||||
|
throw_by_code(Curve.calculate_signature(native_context, out signature, signing_key, message), "Error calculating signature");
|
||||||
|
return signature.data;
|
||||||
|
}
|
||||||
|
|
||||||
|
public SignalMessage deserialize_signal_message(uint8[] data) throws Error {
|
||||||
|
SignalMessage res;
|
||||||
|
throw_by_code(signal_message_deserialize(out res, data, native_context));
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
public SignalMessage copy_signal_message(CiphertextMessage original) throws Error {
|
||||||
|
SignalMessage res;
|
||||||
|
throw_by_code(signal_message_copy(out res, (SignalMessage) original, native_context));
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
public PreKeySignalMessage deserialize_pre_key_signal_message(uint8[] data) throws Error {
|
||||||
|
PreKeySignalMessage res;
|
||||||
|
throw_by_code(pre_key_signal_message_deserialize(out res, data, native_context));
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
public PreKeySignalMessage copy_pre_key_signal_message(CiphertextMessage original) throws Error {
|
||||||
|
PreKeySignalMessage res;
|
||||||
|
throw_by_code(pre_key_signal_message_copy(out res, (PreKeySignalMessage) original, native_context));
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
506
plugins/signal-protocol/src/signal_helper.c
Normal file
506
plugins/signal-protocol/src/signal_helper.c
Normal file
|
@ -0,0 +1,506 @@
|
||||||
|
#include <signal_helper.h>
|
||||||
|
#include <signal_protocol_internal.h>
|
||||||
|
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/hmac.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
#include <openssl/sha.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
|
||||||
|
signal_type_base* signal_type_ref_vapi(signal_type_base* instance) {
|
||||||
|
if (instance->ref_count > 100 || instance->ref_count < 1)
|
||||||
|
printf("REF %x -> %d\n", instance, instance->ref_count+1);
|
||||||
|
signal_type_ref(instance);
|
||||||
|
return instance;
|
||||||
|
}
|
||||||
|
|
||||||
|
signal_type_base* signal_type_unref_vapi(signal_type_base* instance) {
|
||||||
|
if (instance->ref_count > 100 || instance->ref_count < 0)
|
||||||
|
printf("UNREF %x -> %d\n", instance, instance->ref_count-1);
|
||||||
|
signal_type_unref(instance);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
signal_protocol_address* signal_protocol_address_new() {
|
||||||
|
signal_protocol_address* address = malloc(sizeof(signal_protocol_address));
|
||||||
|
address->name = 0;
|
||||||
|
address->device_id = 0;
|
||||||
|
return address;
|
||||||
|
}
|
||||||
|
|
||||||
|
void signal_protocol_address_free(signal_protocol_address* ptr) {
|
||||||
|
if (ptr->name) {
|
||||||
|
g_free((void*)ptr->name);
|
||||||
|
}
|
||||||
|
return free(ptr);
|
||||||
|
}
|
||||||
|
|
||||||
|
void signal_protocol_address_set_name(signal_protocol_address* self, const gchar* name) {
|
||||||
|
gchar* n = g_malloc(strlen(name)+1);
|
||||||
|
memcpy(n, name, strlen(name));
|
||||||
|
n[strlen(name)] = 0;
|
||||||
|
if (self->name) {
|
||||||
|
g_free((void*)self->name);
|
||||||
|
}
|
||||||
|
self->name = n;
|
||||||
|
self->name_len = strlen(n);
|
||||||
|
}
|
||||||
|
|
||||||
|
gchar* signal_protocol_address_get_name(signal_protocol_address* self) {
|
||||||
|
if (self->name == 0) return 0;
|
||||||
|
gchar* res = g_malloc(sizeof(char) * (self->name_len + 1));
|
||||||
|
memcpy(res, self->name, self->name_len);
|
||||||
|
res[self->name_len] = 0;
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
session_pre_key* session_pre_key_new(uint32_t pre_key_id, ec_key_pair* pair, int* err) {
|
||||||
|
session_pre_key* res;
|
||||||
|
*err = session_pre_key_create(&res, pre_key_id, pair);
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
session_signed_pre_key* session_signed_pre_key_new(uint32_t id, uint64_t timestamp, ec_key_pair* pair, uint8_t* key, int key_len, int* err) {
|
||||||
|
session_signed_pre_key* res;
|
||||||
|
*err = session_signed_pre_key_create(&res, id, timestamp, pair, key, key_len);
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
int signal_vala_random_generator(uint8_t *data, size_t len, void *user_data)
|
||||||
|
{
|
||||||
|
if(RAND_bytes(data, len)) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return SG_ERR_UNKNOWN;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
int signal_vala_hmac_sha256_init(void **hmac_context, const uint8_t *key, size_t key_len, void *user_data)
|
||||||
|
{
|
||||||
|
HMAC_CTX *ctx = malloc(sizeof(HMAC_CTX));
|
||||||
|
if(!ctx) {
|
||||||
|
return SG_ERR_NOMEM;
|
||||||
|
}
|
||||||
|
HMAC_CTX_init(ctx);
|
||||||
|
*hmac_context = ctx;
|
||||||
|
|
||||||
|
if(HMAC_Init_ex(ctx, key, key_len, EVP_sha256(), 0) != 1) {
|
||||||
|
return SG_ERR_UNKNOWN;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
int signal_vala_hmac_sha256_update(void *hmac_context, const uint8_t *data, size_t data_len, void *user_data)
|
||||||
|
{
|
||||||
|
HMAC_CTX *ctx = hmac_context;
|
||||||
|
int result = HMAC_Update(ctx, data, data_len);
|
||||||
|
|
||||||
|
return (result == 1) ? 0 : -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
int signal_vala_hmac_sha256_final(void *hmac_context, signal_buffer **output, void *user_data)
|
||||||
|
{
|
||||||
|
int result = 0;
|
||||||
|
unsigned char md[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned int len = 0;
|
||||||
|
HMAC_CTX *ctx = hmac_context;
|
||||||
|
|
||||||
|
if(HMAC_Final(ctx, md, &len) != 1) {
|
||||||
|
return SG_ERR_UNKNOWN;
|
||||||
|
}
|
||||||
|
|
||||||
|
signal_buffer *output_buffer = signal_buffer_create(md, len);
|
||||||
|
if(!output_buffer) {
|
||||||
|
result = SG_ERR_NOMEM;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
*output = output_buffer;
|
||||||
|
|
||||||
|
complete:
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
void signal_vala_hmac_sha256_cleanup(void *hmac_context, void *user_data)
|
||||||
|
{
|
||||||
|
if(hmac_context) {
|
||||||
|
HMAC_CTX *ctx = hmac_context;
|
||||||
|
HMAC_CTX_cleanup(ctx);
|
||||||
|
free(ctx);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
const EVP_CIPHER *aes_cipher(int cipher, size_t key_len)
|
||||||
|
{
|
||||||
|
if(cipher == SG_CIPHER_AES_CBC_PKCS5) {
|
||||||
|
if(key_len == 16) {
|
||||||
|
return EVP_aes_128_cbc();
|
||||||
|
}
|
||||||
|
else if(key_len == 24) {
|
||||||
|
return EVP_aes_192_cbc();
|
||||||
|
}
|
||||||
|
else if(key_len == 32) {
|
||||||
|
return EVP_aes_256_cbc();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if(cipher == SG_CIPHER_AES_CTR_NOPADDING) {
|
||||||
|
if(key_len == 16) {
|
||||||
|
return EVP_aes_128_ctr();
|
||||||
|
}
|
||||||
|
else if(key_len == 24) {
|
||||||
|
return EVP_aes_192_ctr();
|
||||||
|
}
|
||||||
|
else if(key_len == 32) {
|
||||||
|
return EVP_aes_256_ctr();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else if (cipher == SG_CIPHER_AES_GCM_NOPADDING) {
|
||||||
|
if(key_len == 16) {
|
||||||
|
return EVP_aes_128_gcm();
|
||||||
|
}
|
||||||
|
else if(key_len == 24) {
|
||||||
|
return EVP_aes_192_gcm();
|
||||||
|
}
|
||||||
|
else if(key_len == 32) {
|
||||||
|
return EVP_aes_256_gcm();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
int signal_vala_sha512_digest_init(void **digest_context, void *user_data)
|
||||||
|
{
|
||||||
|
int result = 0;
|
||||||
|
EVP_MD_CTX *ctx;
|
||||||
|
|
||||||
|
ctx = EVP_MD_CTX_create();
|
||||||
|
if(!ctx) {
|
||||||
|
result = SG_ERR_NOMEM;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
result = EVP_DigestInit_ex(ctx, EVP_sha512(), 0);
|
||||||
|
if(result == 1) {
|
||||||
|
result = SG_SUCCESS;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
}
|
||||||
|
|
||||||
|
complete:
|
||||||
|
if(result < 0) {
|
||||||
|
if(ctx) {
|
||||||
|
EVP_MD_CTX_destroy(ctx);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
*digest_context = ctx;
|
||||||
|
}
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
int signal_vala_sha512_digest_update(void *digest_context, const uint8_t *data, size_t data_len, void *user_data)
|
||||||
|
{
|
||||||
|
EVP_MD_CTX *ctx = digest_context;
|
||||||
|
|
||||||
|
int result = EVP_DigestUpdate(ctx, data, data_len);
|
||||||
|
|
||||||
|
return (result == 1) ? SG_SUCCESS : SG_ERR_UNKNOWN;
|
||||||
|
}
|
||||||
|
|
||||||
|
int signal_vala_sha512_digest_final(void *digest_context, signal_buffer **output, void *user_data)
|
||||||
|
{
|
||||||
|
int result = 0;
|
||||||
|
unsigned char md[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned int len = 0;
|
||||||
|
EVP_MD_CTX *ctx = digest_context;
|
||||||
|
|
||||||
|
result = EVP_DigestFinal_ex(ctx, md, &len);
|
||||||
|
if(result == 1) {
|
||||||
|
result = SG_SUCCESS;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
result = EVP_DigestInit_ex(ctx, EVP_sha512(), 0);
|
||||||
|
if(result == 1) {
|
||||||
|
result = SG_SUCCESS;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
signal_buffer *output_buffer = signal_buffer_create(md, len);
|
||||||
|
if(!output_buffer) {
|
||||||
|
result = SG_ERR_NOMEM;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
*output = output_buffer;
|
||||||
|
|
||||||
|
complete:
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
void signal_vala_sha512_digest_cleanup(void *digest_context, void *user_data)
|
||||||
|
{
|
||||||
|
EVP_MD_CTX *ctx = digest_context;
|
||||||
|
EVP_MD_CTX_destroy(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
int signal_vala_encrypt(signal_buffer **output,
|
||||||
|
int cipher,
|
||||||
|
const uint8_t *key, size_t key_len,
|
||||||
|
const uint8_t *iv, size_t iv_len,
|
||||||
|
const uint8_t *plaintext, size_t plaintext_len,
|
||||||
|
void *user_data)
|
||||||
|
{
|
||||||
|
int result = 0;
|
||||||
|
uint8_t *out_buf = 0;
|
||||||
|
|
||||||
|
const EVP_CIPHER *evp_cipher = aes_cipher(cipher, key_len);
|
||||||
|
if(!evp_cipher) {
|
||||||
|
fprintf(stderr, "invalid AES mode or key size: %zu\n", key_len);
|
||||||
|
return SG_ERR_UNKNOWN;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(iv_len != 16) {
|
||||||
|
fprintf(stderr, "invalid AES IV size: %zu\n", iv_len);
|
||||||
|
return SG_ERR_UNKNOWN;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(plaintext_len > INT_MAX - EVP_CIPHER_block_size(evp_cipher)) {
|
||||||
|
fprintf(stderr, "invalid plaintext length: %zu\n", plaintext_len);
|
||||||
|
return SG_ERR_UNKNOWN;
|
||||||
|
}
|
||||||
|
|
||||||
|
EVP_CIPHER_CTX ctx;
|
||||||
|
EVP_CIPHER_CTX_init(&ctx);
|
||||||
|
|
||||||
|
int buf_extra = 0;
|
||||||
|
|
||||||
|
if(cipher == SG_CIPHER_AES_GCM_NOPADDING) {
|
||||||
|
// In GCM mode we use the last 16 bytes as auth tag
|
||||||
|
buf_extra += 16;
|
||||||
|
|
||||||
|
result = EVP_EncryptInit_ex(&ctx, evp_cipher, NULL, NULL, NULL);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot initialize cipher\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
result = EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, 16, NULL);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot set iv size\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
result = EVP_EncryptInit_ex(&ctx, NULL, NULL, key, iv);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot set key/iv\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
result = EVP_EncryptInit_ex(&ctx, evp_cipher, 0, key, iv);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot initialize cipher\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(cipher == SG_CIPHER_AES_CTR_NOPADDING || cipher == SG_CIPHER_AES_GCM_NOPADDING) {
|
||||||
|
result = EVP_CIPHER_CTX_set_padding(&ctx, 0);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot set padding\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
out_buf = malloc(sizeof(uint8_t) * (plaintext_len + EVP_CIPHER_block_size(evp_cipher) + buf_extra));
|
||||||
|
if(!out_buf) {
|
||||||
|
fprintf(stderr, "cannot allocate output buffer\n");
|
||||||
|
result = SG_ERR_NOMEM;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
int out_len = 0;
|
||||||
|
result = EVP_EncryptUpdate(&ctx,
|
||||||
|
out_buf, &out_len, plaintext, plaintext_len);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot encrypt plaintext\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
int final_len = 0;
|
||||||
|
result = EVP_EncryptFinal_ex(&ctx, out_buf + out_len, &final_len);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot finish encrypting plaintext\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(cipher == SG_CIPHER_AES_GCM_NOPADDING) {
|
||||||
|
result = EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, 16, out_buf + (out_len + final_len));
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot get tag\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
*output = signal_buffer_create(out_buf, out_len + final_len + buf_extra);
|
||||||
|
|
||||||
|
complete:
|
||||||
|
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||||
|
if(out_buf) {
|
||||||
|
free(out_buf);
|
||||||
|
}
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
int signal_vala_decrypt(signal_buffer **output,
|
||||||
|
int cipher,
|
||||||
|
const uint8_t *key, size_t key_len,
|
||||||
|
const uint8_t *iv, size_t iv_len,
|
||||||
|
const uint8_t *ciphertext, size_t ciphertext_len,
|
||||||
|
void *user_data)
|
||||||
|
{
|
||||||
|
int result = 0;
|
||||||
|
uint8_t *out_buf = 0;
|
||||||
|
|
||||||
|
const EVP_CIPHER *evp_cipher = aes_cipher(cipher, key_len);
|
||||||
|
if(!evp_cipher) {
|
||||||
|
fprintf(stderr, "invalid AES mode or key size: %zu\n", key_len);
|
||||||
|
return SG_ERR_INVAL;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(iv_len != 16) {
|
||||||
|
fprintf(stderr, "invalid AES IV size: %zu\n", iv_len);
|
||||||
|
return SG_ERR_INVAL;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(ciphertext_len > INT_MAX - EVP_CIPHER_block_size(evp_cipher)) {
|
||||||
|
fprintf(stderr, "invalid ciphertext length: %zu\n", ciphertext_len);
|
||||||
|
return SG_ERR_UNKNOWN;
|
||||||
|
}
|
||||||
|
|
||||||
|
EVP_CIPHER_CTX ctx;
|
||||||
|
EVP_CIPHER_CTX_init(&ctx);
|
||||||
|
|
||||||
|
if(cipher == SG_CIPHER_AES_GCM_NOPADDING) {
|
||||||
|
// In GCM mode we use the last 16 bytes as auth tag
|
||||||
|
ciphertext_len -= 16;
|
||||||
|
|
||||||
|
result = EVP_DecryptInit_ex(&ctx, evp_cipher, NULL, NULL, NULL);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot initialize cipher\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
result = EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, 16, NULL);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot set iv size\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
result = EVP_DecryptInit_ex(&ctx, NULL, NULL, key, iv);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot set key/iv\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
result = EVP_DecryptInit_ex(&ctx, evp_cipher, 0, key, iv);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot initialize cipher\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(cipher == SG_CIPHER_AES_CTR_NOPADDING || cipher == SG_CIPHER_AES_GCM_NOPADDING) {
|
||||||
|
result = EVP_CIPHER_CTX_set_padding(&ctx, 0);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot set padding\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
out_buf = malloc(sizeof(uint8_t) * (ciphertext_len + EVP_CIPHER_block_size(evp_cipher)));
|
||||||
|
if(!out_buf) {
|
||||||
|
fprintf(stderr, "cannot allocate output buffer\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
int out_len = 0;
|
||||||
|
result = EVP_DecryptUpdate(&ctx,
|
||||||
|
out_buf, &out_len, ciphertext, ciphertext_len);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot decrypt ciphertext\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(cipher == SG_CIPHER_AES_GCM_NOPADDING) {
|
||||||
|
result = EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, 16, (uint8_t*)ciphertext + ciphertext_len);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot set tag\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
int final_len = 0;
|
||||||
|
result = EVP_DecryptFinal_ex(&ctx, out_buf + out_len, &final_len);
|
||||||
|
if(!result) {
|
||||||
|
fprintf(stderr, "cannot finish decrypting ciphertexts\n");
|
||||||
|
result = SG_ERR_UNKNOWN;
|
||||||
|
goto complete;
|
||||||
|
}
|
||||||
|
|
||||||
|
*output = signal_buffer_create(out_buf, out_len + final_len);
|
||||||
|
|
||||||
|
complete:
|
||||||
|
EVP_CIPHER_CTX_cleanup(&ctx);
|
||||||
|
if(out_buf) {
|
||||||
|
free(out_buf);
|
||||||
|
}
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
void setup_signal_vala_crypto_provider(signal_context *context)
|
||||||
|
{
|
||||||
|
signal_crypto_provider provider = {
|
||||||
|
.random_func = signal_vala_random_generator,
|
||||||
|
.hmac_sha256_init_func = signal_vala_hmac_sha256_init,
|
||||||
|
.hmac_sha256_update_func = signal_vala_hmac_sha256_update,
|
||||||
|
.hmac_sha256_final_func = signal_vala_hmac_sha256_final,
|
||||||
|
.hmac_sha256_cleanup_func = signal_vala_hmac_sha256_cleanup,
|
||||||
|
.sha512_digest_init_func = signal_vala_sha512_digest_init,
|
||||||
|
.sha512_digest_update_func = signal_vala_sha512_digest_update,
|
||||||
|
.sha512_digest_final_func = signal_vala_sha512_digest_final,
|
||||||
|
.sha512_digest_cleanup_func = signal_vala_sha512_digest_cleanup,
|
||||||
|
.encrypt_func = signal_vala_encrypt,
|
||||||
|
.decrypt_func = signal_vala_decrypt,
|
||||||
|
.user_data = 0
|
||||||
|
};
|
||||||
|
|
||||||
|
signal_context_set_crypto_provider(context, &provider);
|
||||||
|
}
|
43
plugins/signal-protocol/src/signal_helper.h
Normal file
43
plugins/signal-protocol/src/signal_helper.h
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
#ifndef SIGNAL_PROTOCOL_VALA_HELPER
|
||||||
|
#define SIGNAL_PROTOCOL_VALA_HELPER 1
|
||||||
|
|
||||||
|
#include <signal_protocol.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <glib.h>
|
||||||
|
|
||||||
|
#define SG_CIPHER_AES_GCM_NOPADDING 1000
|
||||||
|
|
||||||
|
signal_type_base* signal_type_ref_vapi(signal_type_base* what);
|
||||||
|
signal_type_base* signal_type_unref_vapi(signal_type_base* what);
|
||||||
|
signal_protocol_address* signal_protocol_address_new();
|
||||||
|
void signal_protocol_address_free(signal_protocol_address* ptr);
|
||||||
|
void signal_protocol_address_set_name(signal_protocol_address* self, const gchar* name);
|
||||||
|
gchar* signal_protocol_address_get_name(signal_protocol_address* self);
|
||||||
|
session_pre_key* session_pre_key_new(uint32_t pre_key_id, ec_key_pair* pair, int* err);
|
||||||
|
session_signed_pre_key* session_signed_pre_key_new(uint32_t id, uint64_t timestamp, ec_key_pair* pair, uint8_t* key, int key_len, int* err);
|
||||||
|
|
||||||
|
int signal_vala_random_generator(uint8_t *data, size_t len, void *user_data);
|
||||||
|
int signal_vala_hmac_sha256_init(void **hmac_context, const uint8_t *key, size_t key_len, void *user_data);
|
||||||
|
int signal_vala_hmac_sha256_update(void *hmac_context, const uint8_t *data, size_t data_len, void *user_data);
|
||||||
|
int signal_vala_hmac_sha256_final(void *hmac_context, signal_buffer **output, void *user_data);
|
||||||
|
void signal_vala_hmac_sha256_cleanup(void *hmac_context, void *user_data);
|
||||||
|
int signal_vala_sha512_digest_init(void **digest_context, void *user_data);
|
||||||
|
int signal_vala_sha512_digest_update(void *digest_context, const uint8_t *data, size_t data_len, void *user_data);
|
||||||
|
int signal_vala_sha512_digest_final(void *digest_context, signal_buffer **output, void *user_data);
|
||||||
|
void signal_vala_sha512_digest_cleanup(void *digest_context, void *user_data);
|
||||||
|
|
||||||
|
int signal_vala_encrypt(signal_buffer **output,
|
||||||
|
int cipher,
|
||||||
|
const uint8_t *key, size_t key_len,
|
||||||
|
const uint8_t *iv, size_t iv_len,
|
||||||
|
const uint8_t *plaintext, size_t plaintext_len,
|
||||||
|
void *user_data);
|
||||||
|
int signal_vala_decrypt(signal_buffer **output,
|
||||||
|
int cipher,
|
||||||
|
const uint8_t *key, size_t key_len,
|
||||||
|
const uint8_t *iv, size_t iv_len,
|
||||||
|
const uint8_t *ciphertext, size_t ciphertext_len,
|
||||||
|
void *user_data);
|
||||||
|
void setup_signal_vala_crypto_provider(signal_context *context);
|
||||||
|
|
||||||
|
#endif
|
40
plugins/signal-protocol/src/simple_iks.vala
Normal file
40
plugins/signal-protocol/src/simple_iks.vala
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
using Gee;
|
||||||
|
|
||||||
|
namespace Signal {
|
||||||
|
|
||||||
|
public class SimpleIdentityKeyStore : IdentityKeyStore {
|
||||||
|
public override uint8[] identity_key_private { get; set; }
|
||||||
|
public override uint8[] identity_key_public { get; set; }
|
||||||
|
public override uint32 local_registration_id { get; set; }
|
||||||
|
private Map<string, Map<int, IdentityKeyStore.TrustedIdentity>> trusted_identities = new HashMap<string, Map<int, IdentityKeyStore.TrustedIdentity>>();
|
||||||
|
|
||||||
|
public override void save_identity(Address address, uint8[] key) throws Error {
|
||||||
|
string name = address.name;
|
||||||
|
if (trusted_identities.has_key(name)) {
|
||||||
|
if (trusted_identities[name].has_key(address.device_id)) {
|
||||||
|
trusted_identities[name][address.device_id].key = key;
|
||||||
|
trusted_identity_updated(trusted_identities[name][address.device_id]);
|
||||||
|
} else {
|
||||||
|
trusted_identities[name][address.device_id] = new TrustedIdentity.by_address(address, key);
|
||||||
|
trusted_identity_added(trusted_identities[name][address.device_id]);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
trusted_identities[name] = new HashMap<int, IdentityKeyStore.TrustedIdentity>();
|
||||||
|
trusted_identities[name][address.device_id] = new TrustedIdentity.by_address(address, key);
|
||||||
|
trusted_identity_added(trusted_identities[name][address.device_id]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public override bool is_trusted_identity(Address address, uint8[] key) throws Error {
|
||||||
|
if (!trusted_identities.has_key(address.name)) return true;
|
||||||
|
if (!trusted_identities[address.name].has_key(address.device_id)) return true;
|
||||||
|
uint8[] other_key = trusted_identities[address.name][address.device_id].key;
|
||||||
|
if (other_key.length != key.length) return false;
|
||||||
|
for (int i = 0; i < key.length; i++) {
|
||||||
|
if (other_key[i] != key[i]) return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
33
plugins/signal-protocol/src/simple_pks.vala
Normal file
33
plugins/signal-protocol/src/simple_pks.vala
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
using Gee;
|
||||||
|
|
||||||
|
namespace Signal {
|
||||||
|
|
||||||
|
public class SimplePreKeyStore : PreKeyStore {
|
||||||
|
private Map<uint32, PreKeyStore.Key> pre_key_map = new HashMap<uint32, PreKeyStore.Key>();
|
||||||
|
|
||||||
|
public override uint8[]? load_pre_key(uint32 pre_key_id) throws Error {
|
||||||
|
if (contains_pre_key(pre_key_id)) {
|
||||||
|
return pre_key_map[pre_key_id].record;
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void store_pre_key(uint32 pre_key_id, uint8[] record) throws Error {
|
||||||
|
PreKeyStore.Key key = new Key(pre_key_id, record);
|
||||||
|
pre_key_map[pre_key_id] = key;
|
||||||
|
pre_key_stored(key);
|
||||||
|
}
|
||||||
|
|
||||||
|
public override bool contains_pre_key(uint32 pre_key_id) throws Error {
|
||||||
|
return pre_key_map.has_key(pre_key_id);
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void delete_pre_key(uint32 pre_key_id) throws Error {
|
||||||
|
PreKeyStore.Key key;
|
||||||
|
if (pre_key_map.unset(pre_key_id, out key)) {
|
||||||
|
pre_key_deleted(key);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
33
plugins/signal-protocol/src/simple_spks.vala
Normal file
33
plugins/signal-protocol/src/simple_spks.vala
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
using Gee;
|
||||||
|
|
||||||
|
namespace Signal {
|
||||||
|
|
||||||
|
public class SimpleSignedPreKeyStore : SignedPreKeyStore {
|
||||||
|
private Map<uint32, SignedPreKeyStore.Key> pre_key_map = new HashMap<uint32, SignedPreKeyStore.Key>();
|
||||||
|
|
||||||
|
public override uint8[]? load_signed_pre_key(uint32 pre_key_id) throws Error {
|
||||||
|
if (contains_signed_pre_key(pre_key_id)) {
|
||||||
|
return pre_key_map[pre_key_id].record;
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void store_signed_pre_key(uint32 pre_key_id, uint8[] record) throws Error {
|
||||||
|
SignedPreKeyStore.Key key = new Key(pre_key_id, record);
|
||||||
|
pre_key_map[pre_key_id] = key;
|
||||||
|
signed_pre_key_stored(key);
|
||||||
|
}
|
||||||
|
|
||||||
|
public override bool contains_signed_pre_key(uint32 pre_key_id) throws Error {
|
||||||
|
return pre_key_map.has_key(pre_key_id);
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void delete_signed_pre_key(uint32 pre_key_id) throws Error {
|
||||||
|
SignedPreKeyStore.Key key;
|
||||||
|
if (pre_key_map.unset(pre_key_id, out key)) {
|
||||||
|
signed_pre_key_deleted(key);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
77
plugins/signal-protocol/src/simple_ss.vala
Normal file
77
plugins/signal-protocol/src/simple_ss.vala
Normal file
|
@ -0,0 +1,77 @@
|
||||||
|
using Gee;
|
||||||
|
|
||||||
|
namespace Signal {
|
||||||
|
|
||||||
|
public class SimpleSessionStore : SessionStore {
|
||||||
|
|
||||||
|
private Map<string, ArrayList<SessionStore.Session>> session_map = new HashMap<string, ArrayList<SessionStore.Session>>();
|
||||||
|
|
||||||
|
public override uint8[]? load_session(Address address) throws Error {
|
||||||
|
string name = address.name;
|
||||||
|
if (name == null) return null;
|
||||||
|
if (session_map.has_key(name)) {
|
||||||
|
foreach (SessionStore.Session session in session_map[name]) {
|
||||||
|
if (session.device_id == address.device_id) return session.record;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override IntList get_sub_device_sessions(string name) throws Error {
|
||||||
|
IntList res = new IntList();
|
||||||
|
if (session_map.has_key(name)) {
|
||||||
|
foreach (SessionStore.Session session in session_map[name]) {
|
||||||
|
res.add(session.device_id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void store_session(Address address, uint8[] record) throws Error {
|
||||||
|
if (contains_session(address)) {
|
||||||
|
delete_session(address);
|
||||||
|
}
|
||||||
|
if (!session_map.has_key(address.name)) {
|
||||||
|
session_map[address.name] = new ArrayList<SessionStore.Session>();
|
||||||
|
}
|
||||||
|
SessionStore.Session session = new Session() { name = address.name, device_id = address.device_id, record = record };
|
||||||
|
session_map[address.name].add(session);
|
||||||
|
session_stored(session);
|
||||||
|
}
|
||||||
|
|
||||||
|
public override bool contains_session(Address address) throws Error {
|
||||||
|
if (!session_map.has_key(address.name)) return false;
|
||||||
|
foreach (SessionStore.Session session in session_map[address.name]) {
|
||||||
|
if (session.device_id == address.device_id) return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void delete_session(Address address) throws Error {
|
||||||
|
if (!session_map.has_key(address.name)) throw_by_code(ErrorCode.UNKNOWN, "No session found");
|
||||||
|
foreach (SessionStore.Session session in session_map[address.name]) {
|
||||||
|
if (session.device_id == address.device_id) {
|
||||||
|
session_map[address.name].remove(session);
|
||||||
|
if (session_map[address.name].size == 0) {
|
||||||
|
session_map.unset(address.name);
|
||||||
|
}
|
||||||
|
session_removed(session);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void delete_all_sessions(string name) throws Error {
|
||||||
|
if (session_map.has_key(name)) {
|
||||||
|
foreach (SessionStore.Session session in session_map[name]) {
|
||||||
|
session_map[name].remove(session);
|
||||||
|
if (session_map[name].size == 0) {
|
||||||
|
session_map.unset(name);
|
||||||
|
}
|
||||||
|
session_removed(session);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
413
plugins/signal-protocol/src/store.vala
Normal file
413
plugins/signal-protocol/src/store.vala
Normal file
|
@ -0,0 +1,413 @@
|
||||||
|
namespace Signal {
|
||||||
|
|
||||||
|
public abstract class IdentityKeyStore : Object {
|
||||||
|
public abstract uint8[] identity_key_private { get; set; }
|
||||||
|
public abstract uint8[] identity_key_public { get; set; }
|
||||||
|
public abstract uint32 local_registration_id { get; set; }
|
||||||
|
|
||||||
|
public signal void trusted_identity_added(TrustedIdentity id);
|
||||||
|
public signal void trusted_identity_updated(TrustedIdentity id);
|
||||||
|
|
||||||
|
public abstract void save_identity(Address address, uint8[] key) throws Error ;
|
||||||
|
|
||||||
|
public abstract bool is_trusted_identity(Address address, uint8[] key) throws Error ;
|
||||||
|
|
||||||
|
public class TrustedIdentity {
|
||||||
|
public uint8[] key { get; set; }
|
||||||
|
public string name { get; private set; }
|
||||||
|
public int device_id { get; private set; }
|
||||||
|
|
||||||
|
public TrustedIdentity(string name, int device_id, uint8[] key) {
|
||||||
|
this.key = key;
|
||||||
|
this.name = name;
|
||||||
|
this.device_id = device_id;
|
||||||
|
}
|
||||||
|
|
||||||
|
public TrustedIdentity.by_address(Address address, uint8[] key) {
|
||||||
|
this(address.name, address.device_id, key);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public abstract class SessionStore : Object {
|
||||||
|
|
||||||
|
public signal void session_stored(Session session);
|
||||||
|
public signal void session_removed(Session session);
|
||||||
|
public abstract uint8[]? load_session(Address address) throws Error ;
|
||||||
|
|
||||||
|
public abstract IntList get_sub_device_sessions(string name) throws Error ;
|
||||||
|
|
||||||
|
public abstract void store_session(Address address, uint8[] record) throws Error ;
|
||||||
|
|
||||||
|
public abstract bool contains_session(Address address) throws Error ;
|
||||||
|
|
||||||
|
public abstract void delete_session(Address address) throws Error ;
|
||||||
|
|
||||||
|
public abstract void delete_all_sessions(string name) throws Error ;
|
||||||
|
|
||||||
|
public class Session {
|
||||||
|
public string name;
|
||||||
|
public int device_id;
|
||||||
|
public uint8[] record;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public abstract class PreKeyStore : Object {
|
||||||
|
|
||||||
|
public signal void pre_key_stored(Key key);
|
||||||
|
public signal void pre_key_deleted(Key key);
|
||||||
|
|
||||||
|
public abstract uint8[]? load_pre_key(uint32 pre_key_id) throws Error ;
|
||||||
|
|
||||||
|
public abstract void store_pre_key(uint32 pre_key_id, uint8[] record) throws Error ;
|
||||||
|
|
||||||
|
public abstract bool contains_pre_key(uint32 pre_key_id) throws Error ;
|
||||||
|
|
||||||
|
public abstract void delete_pre_key(uint32 pre_key_id) throws Error ;
|
||||||
|
|
||||||
|
public class Key {
|
||||||
|
public uint32 key_id { get; private set; }
|
||||||
|
public uint8[] record { get; private set; }
|
||||||
|
|
||||||
|
public Key(uint32 key_id, uint8[] record) {
|
||||||
|
this.key_id = key_id;
|
||||||
|
this.record = record;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public abstract class SignedPreKeyStore : Object {
|
||||||
|
|
||||||
|
public signal void signed_pre_key_stored(Key key);
|
||||||
|
public signal void signed_pre_key_deleted(Key key);
|
||||||
|
|
||||||
|
public abstract uint8[]? load_signed_pre_key(uint32 pre_key_id) throws Error ;
|
||||||
|
|
||||||
|
public abstract void store_signed_pre_key(uint32 pre_key_id, uint8[] record) throws Error ;
|
||||||
|
|
||||||
|
public abstract bool contains_signed_pre_key(uint32 pre_key_id) throws Error ;
|
||||||
|
|
||||||
|
public abstract void delete_signed_pre_key(uint32 pre_key_id) throws Error ;
|
||||||
|
|
||||||
|
public class Key {
|
||||||
|
public uint32 key_id { get; private set; }
|
||||||
|
public uint8[] record { get; private set; }
|
||||||
|
|
||||||
|
public Key(uint32 key_id, uint8[] record) {
|
||||||
|
this.key_id = key_id;
|
||||||
|
this.record = record;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class Store : Object {
|
||||||
|
public Context context { get; private set; }
|
||||||
|
public IdentityKeyStore identity_key_store { get; set; default = new SimpleIdentityKeyStore(); }
|
||||||
|
public SessionStore session_store { get; set; default = new SimpleSessionStore(); }
|
||||||
|
public PreKeyStore pre_key_store { get; set; default = new SimplePreKeyStore(); }
|
||||||
|
public SignedPreKeyStore signed_pre_key_store { get; set; default = new SimpleSignedPreKeyStore(); }
|
||||||
|
public uint32 local_registration_id { get { return identity_key_store.local_registration_id; } }
|
||||||
|
internal NativeStoreContext native_context {get { return native_store_context_; }}
|
||||||
|
private NativeStoreContext native_store_context_;
|
||||||
|
|
||||||
|
static int iks_get_identity_key_pair(out Buffer public_data, out Buffer private_data, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
public_data = new Buffer.from(store.identity_key_store.identity_key_public);
|
||||||
|
private_data = new Buffer.from(store.identity_key_store.identity_key_private);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int iks_get_local_registration_id(void* user_data, out uint32 registration_id) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
registration_id = store.identity_key_store.local_registration_id;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int iks_save_identity(Address address, uint8[] key, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
store.identity_key_store.save_identity(address, key);
|
||||||
|
return 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int iks_is_trusted_identity(Address address, uint8[] key, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
return store.identity_key_store.is_trusted_identity(address, key) ? 1 : 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int iks_destroy_func(void* user_data) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ss_load_session_func(out Buffer buffer, Address address, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
uint8[] res = null;
|
||||||
|
try {
|
||||||
|
res = store.session_store.load_session(address);
|
||||||
|
} catch (Error e) {
|
||||||
|
buffer = null;
|
||||||
|
return e.code;
|
||||||
|
}
|
||||||
|
if (res == null) {
|
||||||
|
buffer = null;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
buffer = new Buffer.from(res);
|
||||||
|
if (buffer == null) return ErrorCode.NOMEM;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ss_get_sub_device_sessions_func(out IntList sessions, char[] name, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
try {
|
||||||
|
sessions = store.session_store.get_sub_device_sessions(carr_to_string(name));
|
||||||
|
} catch (Error e) {
|
||||||
|
sessions = null;
|
||||||
|
return e.code;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ss_store_session_func(Address address, uint8[] record, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
store.session_store.store_session(address, record);
|
||||||
|
return 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ss_contains_session_func(Address address, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
return store.session_store.contains_session(address) ? 1 : 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ss_delete_session_func(Address address, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
store.session_store.delete_session(address);
|
||||||
|
return 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ss_delete_all_sessions_func(char[] name, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
store.session_store.delete_all_sessions(carr_to_string(name));
|
||||||
|
return 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ss_destroy_func(void* user_data) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int pks_load_pre_key(out Buffer record, uint32 pre_key_id, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
uint8[] res = null;
|
||||||
|
try {
|
||||||
|
res = store.pre_key_store.load_pre_key(pre_key_id);
|
||||||
|
} catch (Error e) {
|
||||||
|
record = null;
|
||||||
|
return e.code;
|
||||||
|
}
|
||||||
|
if (res == null) {
|
||||||
|
record = new Buffer(0);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
record = new Buffer.from(res);
|
||||||
|
if (record == null) return ErrorCode.NOMEM;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int pks_store_pre_key(uint32 pre_key_id, uint8[] record, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
store.pre_key_store.store_pre_key(pre_key_id, record);
|
||||||
|
return 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int pks_contains_pre_key(uint32 pre_key_id, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
return store.pre_key_store.contains_pre_key(pre_key_id) ? 1 : 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int pks_remove_pre_key(uint32 pre_key_id, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
store.pre_key_store.delete_pre_key(pre_key_id);
|
||||||
|
return 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int pks_destroy_func(void* user_data) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int spks_load_signed_pre_key(out Buffer record, uint32 pre_key_id, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
uint8[] res = null;
|
||||||
|
try {
|
||||||
|
res = store.signed_pre_key_store.load_signed_pre_key(pre_key_id);
|
||||||
|
} catch (Error e) {
|
||||||
|
record = null;
|
||||||
|
return e.code;
|
||||||
|
}
|
||||||
|
if (res == null) {
|
||||||
|
record = new Buffer(0);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
record = new Buffer.from(res);
|
||||||
|
if (record == null) return ErrorCode.NOMEM;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int spks_store_signed_pre_key(uint32 pre_key_id, uint8[] record, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
store.signed_pre_key_store.store_signed_pre_key(pre_key_id, record);
|
||||||
|
return 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int spks_contains_signed_pre_key(uint32 pre_key_id, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
return store.signed_pre_key_store.contains_signed_pre_key(pre_key_id) ? 1 : 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int spks_remove_signed_pre_key(uint32 pre_key_id, void* user_data) {
|
||||||
|
Store store = (Store) user_data;
|
||||||
|
return catch_to_code(() => {
|
||||||
|
store.signed_pre_key_store.delete_signed_pre_key(pre_key_id);
|
||||||
|
return 0;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
static int spks_destroy_func(void* user_data) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
internal Store(Context context) {
|
||||||
|
this.context = context;
|
||||||
|
NativeStoreContext.create(out native_store_context_, context.native_context);
|
||||||
|
|
||||||
|
NativeIdentityKeyStore iks = NativeIdentityKeyStore() {
|
||||||
|
get_identity_key_pair = iks_get_identity_key_pair,
|
||||||
|
get_local_registration_id = iks_get_local_registration_id,
|
||||||
|
save_identity = iks_save_identity,
|
||||||
|
is_trusted_identity = iks_is_trusted_identity,
|
||||||
|
destroy_func = iks_destroy_func,
|
||||||
|
user_data = this
|
||||||
|
};
|
||||||
|
native_context.set_identity_key_store(iks);
|
||||||
|
|
||||||
|
NativeSessionStore ss = NativeSessionStore() {
|
||||||
|
load_session_func = ss_load_session_func,
|
||||||
|
get_sub_device_sessions_func = ss_get_sub_device_sessions_func,
|
||||||
|
store_session_func = ss_store_session_func,
|
||||||
|
contains_session_func = ss_contains_session_func,
|
||||||
|
delete_session_func = ss_delete_session_func,
|
||||||
|
delete_all_sessions_func = ss_delete_all_sessions_func,
|
||||||
|
destroy_func = ss_destroy_func,
|
||||||
|
user_data = this
|
||||||
|
};
|
||||||
|
native_context.set_session_store(ss);
|
||||||
|
|
||||||
|
NativePreKeyStore pks = NativePreKeyStore() {
|
||||||
|
load_pre_key = pks_load_pre_key,
|
||||||
|
store_pre_key = pks_store_pre_key,
|
||||||
|
contains_pre_key = pks_contains_pre_key,
|
||||||
|
remove_pre_key = pks_remove_pre_key,
|
||||||
|
destroy_func = pks_destroy_func,
|
||||||
|
user_data = this
|
||||||
|
};
|
||||||
|
native_context.set_pre_key_store(pks);
|
||||||
|
|
||||||
|
NativeSignedPreKeyStore spks = NativeSignedPreKeyStore() {
|
||||||
|
load_signed_pre_key = spks_load_signed_pre_key,
|
||||||
|
store_signed_pre_key = spks_store_signed_pre_key,
|
||||||
|
contains_signed_pre_key = spks_contains_signed_pre_key,
|
||||||
|
remove_signed_pre_key = spks_remove_signed_pre_key,
|
||||||
|
destroy_func = spks_destroy_func,
|
||||||
|
user_data = this
|
||||||
|
};
|
||||||
|
native_context.set_signed_pre_key_store(spks);
|
||||||
|
}
|
||||||
|
|
||||||
|
public SessionBuilder create_session_builder(Address other) throws Error {
|
||||||
|
SessionBuilder builder;
|
||||||
|
throw_by_code(session_builder_create(out builder, native_context, other, context.native_context), "Error creating session builder");
|
||||||
|
return builder;
|
||||||
|
}
|
||||||
|
|
||||||
|
public SessionCipher create_session_cipher(Address other) throws Error {
|
||||||
|
SessionCipher cipher;
|
||||||
|
throw_by_code(session_cipher_create(out cipher, native_context, other, context.native_context));
|
||||||
|
return cipher;
|
||||||
|
}
|
||||||
|
|
||||||
|
public IdentityKeyPair identity_key_pair {
|
||||||
|
owned get {
|
||||||
|
IdentityKeyPair pair;
|
||||||
|
Protocol.Identity.get_key_pair(native_context, out pair);
|
||||||
|
return pair;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool is_trusted_identity(Address address, ECPublicKey key) throws Error {
|
||||||
|
return throw_by_code(Protocol.Identity.is_trusted_identity(native_context, address, key)) == 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void save_identity(Address address, ECPublicKey key) throws Error {
|
||||||
|
throw_by_code(Protocol.Identity.save_identity(native_context, address, key));
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool contains_session(Address other) throws Error {
|
||||||
|
return throw_by_code(Protocol.Session.contains_session(native_context, other)) == 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
public SessionRecord load_session(Address other) throws Error {
|
||||||
|
SessionRecord record;
|
||||||
|
throw_by_code(Protocol.Session.load_session(native_context, out record, other));
|
||||||
|
return record;
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool contains_pre_key(uint32 pre_key_id) throws Error {
|
||||||
|
return throw_by_code(Protocol.PreKey.contains_key(native_context, pre_key_id)) == 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void store_pre_key(PreKeyRecord record) throws Error {
|
||||||
|
throw_by_code(Protocol.PreKey.store_key(native_context, record));
|
||||||
|
}
|
||||||
|
|
||||||
|
public PreKeyRecord load_pre_key(uint32 pre_key_id) throws Error {
|
||||||
|
PreKeyRecord res;
|
||||||
|
throw_by_code(Protocol.PreKey.load_key(native_context, out res, pre_key_id));
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool contains_signed_pre_key(uint32 pre_key_id) throws Error {
|
||||||
|
return throw_by_code(Protocol.SignedPreKey.contains_key(native_context, pre_key_id)) == 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void store_signed_pre_key(SignedPreKeyRecord record) throws Error {
|
||||||
|
throw_by_code(Protocol.SignedPreKey.store_key(native_context, record));
|
||||||
|
}
|
||||||
|
|
||||||
|
public SignedPreKeyRecord load_signed_pre_key(uint32 pre_key_id) throws Error {
|
||||||
|
SignedPreKeyRecord res;
|
||||||
|
throw_by_code(Protocol.SignedPreKey.load_key(native_context, out res, pre_key_id));
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
45
plugins/signal-protocol/src/util.vala
Normal file
45
plugins/signal-protocol/src/util.vala
Normal file
|
@ -0,0 +1,45 @@
|
||||||
|
namespace Signal {
|
||||||
|
|
||||||
|
public ECPublicKey generate_public_key(ECPrivateKey private_key) throws Error {
|
||||||
|
ECPublicKey public_key;
|
||||||
|
throw_by_code(ECPublicKey.generate(out public_key, private_key), "Error generating public key");
|
||||||
|
|
||||||
|
return public_key;
|
||||||
|
}
|
||||||
|
|
||||||
|
public uint8[] calculate_agreement(ECPublicKey public_key, ECPrivateKey private_key) throws Error {
|
||||||
|
uint8[] res;
|
||||||
|
int len = Curve.calculate_agreement(out res, public_key, private_key);
|
||||||
|
throw_by_code(len, "Error calculating agreement");
|
||||||
|
res.length = len;
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool verify_signature(ECPublicKey signing_key, uint8[] message, uint8[] signature) throws Error {
|
||||||
|
return throw_by_code(Curve.verify_signature(signing_key, message, signature)) == 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
public PreKeyBundle create_pre_key_bundle(uint32 registration_id, int device_id, uint32 pre_key_id, ECPublicKey? pre_key_public,
|
||||||
|
uint32 signed_pre_key_id, ECPublicKey? signed_pre_key_public, uint8[]? signed_pre_key_signature, ECPublicKey? identity_key) throws Error {
|
||||||
|
PreKeyBundle res;
|
||||||
|
throw_by_code(PreKeyBundle.create(out res, registration_id, device_id, pre_key_id, pre_key_public, signed_pre_key_id, signed_pre_key_public, signed_pre_key_signature, identity_key), "Error creating PreKeyBundle");
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
|
internal string carr_to_string(char[] carr) {
|
||||||
|
char[] nu = new char[carr.length + 1];
|
||||||
|
Memory.copy(nu, carr, carr.length);
|
||||||
|
return (string) nu;
|
||||||
|
}
|
||||||
|
|
||||||
|
internal delegate int CodeErroringFunc() throws Error;
|
||||||
|
|
||||||
|
internal int catch_to_code(CodeErroringFunc func) {
|
||||||
|
try {
|
||||||
|
return func();
|
||||||
|
} catch (Error e) {
|
||||||
|
return e.code;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
92
plugins/signal-protocol/tests/common.vala
Normal file
92
plugins/signal-protocol/tests/common.vala
Normal file
|
@ -0,0 +1,92 @@
|
||||||
|
namespace Signal.Test {
|
||||||
|
|
||||||
|
int main(string[] args) {
|
||||||
|
GLib.Test.init(ref args);
|
||||||
|
GLib.Test.set_nonfatal_assertions();
|
||||||
|
TestSuite.get_root().add_suite(new Curve25519().get_suite());
|
||||||
|
TestSuite.get_root().add_suite(new SessionBuilderTest().get_suite());
|
||||||
|
TestSuite.get_root().add_suite(new HKDF().get_suite());
|
||||||
|
return GLib.Test.run();
|
||||||
|
}
|
||||||
|
|
||||||
|
Store setup_test_store_context(Context global_context) {
|
||||||
|
Store store = global_context.create_store();
|
||||||
|
try {
|
||||||
|
store.identity_key_store.local_registration_id = (Random.next_int() % 16380) + 1;
|
||||||
|
|
||||||
|
ECKeyPair key_pair = global_context.generate_key_pair();
|
||||||
|
store.identity_key_store.identity_key_private = key_pair.private.serialize();
|
||||||
|
store.identity_key_store.identity_key_public = key_pair.public.serialize();
|
||||||
|
} catch (Error e) {
|
||||||
|
fail_if_reached();
|
||||||
|
}
|
||||||
|
return store;
|
||||||
|
}
|
||||||
|
|
||||||
|
ECPublicKey? create_test_ec_public_key(Context context) {
|
||||||
|
try {
|
||||||
|
return context.generate_key_pair().public;
|
||||||
|
} catch (Error e) {
|
||||||
|
fail_if_reached();
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
bool fail_if(bool exp, string? reason = null) {
|
||||||
|
if (exp) {
|
||||||
|
if (reason != null) GLib.Test.message(reason);
|
||||||
|
GLib.Test.fail();
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
void fail_if_reached(string? reason = null) {
|
||||||
|
fail_if(true, reason);
|
||||||
|
}
|
||||||
|
|
||||||
|
delegate void ErrorFunc() throws Error;
|
||||||
|
|
||||||
|
void fail_if_not_error_code(ErrorFunc func, int expectedCode, string? reason = null) {
|
||||||
|
try {
|
||||||
|
func();
|
||||||
|
fail_if_reached(@"$(reason + ": " ?? "")no error thrown");
|
||||||
|
} catch (Error e) {
|
||||||
|
fail_if_not_eq_int(e.code, expectedCode, @"$(reason + ": " ?? "")catched unexpected error");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
bool fail_if_not(bool exp, string? reason = null) {
|
||||||
|
return fail_if(!exp, reason);
|
||||||
|
}
|
||||||
|
|
||||||
|
bool fail_if_eq_int(int left, int right, string? reason = null) {
|
||||||
|
return fail_if(left == right, @"$(reason + ": " ?? "")$left == $right");
|
||||||
|
}
|
||||||
|
|
||||||
|
bool fail_if_not_eq_int(int left, int right, string? reason = null) {
|
||||||
|
return fail_if_not(left == right, @"$(reason + ": " ?? "")$left != $right");
|
||||||
|
}
|
||||||
|
|
||||||
|
bool fail_if_not_eq_str(string left, string right, string? reason = null) {
|
||||||
|
return fail_if_not(left == right, @"$(reason + ": " ?? "")$left != $right");
|
||||||
|
}
|
||||||
|
|
||||||
|
bool fail_if_not_eq_uint8_arr(uint8[] left, uint8[] right, string? reason = null) {
|
||||||
|
if (fail_if_not_eq_int(left.length, right.length, @"$(reason + ": " ?? "")array length not equal")) return true;
|
||||||
|
return fail_if_not_eq_str(Base64.encode(left), Base64.encode(right), reason);
|
||||||
|
}
|
||||||
|
|
||||||
|
bool fail_if_not_zero_int(int zero, string? reason = null) {
|
||||||
|
return fail_if_not_eq_int(zero, 0, reason);
|
||||||
|
}
|
||||||
|
|
||||||
|
bool fail_if_zero_int(int zero, string? reason = null) {
|
||||||
|
return fail_if_eq_int(zero, 0, reason);
|
||||||
|
}
|
||||||
|
|
||||||
|
bool fail_if_null(void* what, string? reason = null) {
|
||||||
|
return fail_if(what == null || (size_t)what == 0, reason);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
207
plugins/signal-protocol/tests/curve25519.vala
Normal file
207
plugins/signal-protocol/tests/curve25519.vala
Normal file
|
@ -0,0 +1,207 @@
|
||||||
|
namespace Signal.Test {
|
||||||
|
|
||||||
|
class Curve25519 : Gee.TestCase {
|
||||||
|
|
||||||
|
public Curve25519() {
|
||||||
|
base("Curve25519");
|
||||||
|
add_test("agreement", test_curve25519_agreement);
|
||||||
|
add_test("generate_public", test_curve25519_generate_public);
|
||||||
|
add_test("random_agreements", test_curve25519_random_agreements);
|
||||||
|
add_test("signature", test_curve25519_signature);
|
||||||
|
}
|
||||||
|
|
||||||
|
private Context global_context;
|
||||||
|
|
||||||
|
public override void set_up() {
|
||||||
|
try {
|
||||||
|
global_context = new Context();
|
||||||
|
} catch (Error e) {
|
||||||
|
fail_if_reached();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void tear_down() {
|
||||||
|
global_context = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
void test_curve25519_agreement() {
|
||||||
|
try {
|
||||||
|
uint8[] alicePublic = {
|
||||||
|
0x05, 0x1b, 0xb7, 0x59, 0x66,
|
||||||
|
0xf2, 0xe9, 0x3a, 0x36, 0x91,
|
||||||
|
0xdf, 0xff, 0x94, 0x2b, 0xb2,
|
||||||
|
0xa4, 0x66, 0xa1, 0xc0, 0x8b,
|
||||||
|
0x8d, 0x78, 0xca, 0x3f, 0x4d,
|
||||||
|
0x6d, 0xf8, 0xb8, 0xbf, 0xa2,
|
||||||
|
0xe4, 0xee, 0x28};
|
||||||
|
|
||||||
|
uint8[] alicePrivate = {
|
||||||
|
0xc8, 0x06, 0x43, 0x9d, 0xc9,
|
||||||
|
0xd2, 0xc4, 0x76, 0xff, 0xed,
|
||||||
|
0x8f, 0x25, 0x80, 0xc0, 0x88,
|
||||||
|
0x8d, 0x58, 0xab, 0x40, 0x6b,
|
||||||
|
0xf7, 0xae, 0x36, 0x98, 0x87,
|
||||||
|
0x90, 0x21, 0xb9, 0x6b, 0xb4,
|
||||||
|
0xbf, 0x59};
|
||||||
|
|
||||||
|
uint8[] bobPublic = {
|
||||||
|
0x05, 0x65, 0x36, 0x14, 0x99,
|
||||||
|
0x3d, 0x2b, 0x15, 0xee, 0x9e,
|
||||||
|
0x5f, 0xd3, 0xd8, 0x6c, 0xe7,
|
||||||
|
0x19, 0xef, 0x4e, 0xc1, 0xda,
|
||||||
|
0xae, 0x18, 0x86, 0xa8, 0x7b,
|
||||||
|
0x3f, 0x5f, 0xa9, 0x56, 0x5a,
|
||||||
|
0x27, 0xa2, 0x2f};
|
||||||
|
|
||||||
|
uint8[] bobPrivate = {
|
||||||
|
0xb0, 0x3b, 0x34, 0xc3, 0x3a,
|
||||||
|
0x1c, 0x44, 0xf2, 0x25, 0xb6,
|
||||||
|
0x62, 0xd2, 0xbf, 0x48, 0x59,
|
||||||
|
0xb8, 0x13, 0x54, 0x11, 0xfa,
|
||||||
|
0x7b, 0x03, 0x86, 0xd4, 0x5f,
|
||||||
|
0xb7, 0x5d, 0xc5, 0xb9, 0x1b,
|
||||||
|
0x44, 0x66};
|
||||||
|
|
||||||
|
uint8[] shared = {
|
||||||
|
0x32, 0x5f, 0x23, 0x93, 0x28,
|
||||||
|
0x94, 0x1c, 0xed, 0x6e, 0x67,
|
||||||
|
0x3b, 0x86, 0xba, 0x41, 0x01,
|
||||||
|
0x74, 0x48, 0xe9, 0x9b, 0x64,
|
||||||
|
0x9a, 0x9c, 0x38, 0x06, 0xc1,
|
||||||
|
0xdd, 0x7c, 0xa4, 0xc4, 0x77,
|
||||||
|
0xe6, 0x29};
|
||||||
|
|
||||||
|
ECPublicKey alice_public_key = global_context.decode_public_key(alicePublic);
|
||||||
|
ECPrivateKey alice_private_key = global_context.decode_private_key(alicePrivate);
|
||||||
|
ECPublicKey bob_public_key = global_context.decode_public_key(bobPublic);
|
||||||
|
ECPrivateKey bob_private_key = global_context.decode_private_key(bobPrivate);
|
||||||
|
|
||||||
|
uint8[] shared_one = calculate_agreement(alice_public_key, bob_private_key);
|
||||||
|
uint8[] shared_two = calculate_agreement(bob_public_key, alice_private_key);
|
||||||
|
|
||||||
|
fail_if_not_eq_int(shared_one.length, 32);
|
||||||
|
fail_if_not_eq_int(shared_two.length, 32);
|
||||||
|
fail_if_not_eq_uint8_arr(shared, shared_one);
|
||||||
|
fail_if_not_eq_uint8_arr(shared_one, shared_two);
|
||||||
|
} catch (Error e) {
|
||||||
|
fail_if_reached();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void test_curve25519_generate_public() {
|
||||||
|
try {
|
||||||
|
uint8[] alicePublic = {
|
||||||
|
0x05, 0x1b, 0xb7, 0x59, 0x66,
|
||||||
|
0xf2, 0xe9, 0x3a, 0x36, 0x91,
|
||||||
|
0xdf, 0xff, 0x94, 0x2b, 0xb2,
|
||||||
|
0xa4, 0x66, 0xa1, 0xc0, 0x8b,
|
||||||
|
0x8d, 0x78, 0xca, 0x3f, 0x4d,
|
||||||
|
0x6d, 0xf8, 0xb8, 0xbf, 0xa2,
|
||||||
|
0xe4, 0xee, 0x28};
|
||||||
|
|
||||||
|
uint8[] alicePrivate = {
|
||||||
|
0xc8, 0x06, 0x43, 0x9d, 0xc9,
|
||||||
|
0xd2, 0xc4, 0x76, 0xff, 0xed,
|
||||||
|
0x8f, 0x25, 0x80, 0xc0, 0x88,
|
||||||
|
0x8d, 0x58, 0xab, 0x40, 0x6b,
|
||||||
|
0xf7, 0xae, 0x36, 0x98, 0x87,
|
||||||
|
0x90, 0x21, 0xb9, 0x6b, 0xb4,
|
||||||
|
0xbf, 0x59};
|
||||||
|
|
||||||
|
ECPrivateKey alice_private_key = global_context.decode_private_key(alicePrivate);
|
||||||
|
ECPublicKey alice_expected_public_key = global_context.decode_public_key(alicePublic);
|
||||||
|
ECPublicKey alice_public_key = generate_public_key(alice_private_key);
|
||||||
|
|
||||||
|
fail_if_not_zero_int(alice_expected_public_key.compare(alice_public_key));
|
||||||
|
} catch (Error e) {
|
||||||
|
fail_if_reached();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void test_curve25519_random_agreements() {
|
||||||
|
try {
|
||||||
|
ECKeyPair alice_key_pair = null;
|
||||||
|
ECPublicKey alice_public_key = null;
|
||||||
|
ECPrivateKey alice_private_key = null;
|
||||||
|
ECKeyPair bob_key_pair = null;
|
||||||
|
ECPublicKey bob_public_key = null;
|
||||||
|
ECPrivateKey bob_private_key = null;
|
||||||
|
uint8[] shared_alice = null;
|
||||||
|
uint8[] shared_bob = null;
|
||||||
|
|
||||||
|
for (int i = 0; i < 50; i++) {
|
||||||
|
fail_if_null(alice_key_pair = global_context.generate_key_pair());
|
||||||
|
fail_if_null(alice_public_key = alice_key_pair.public);
|
||||||
|
fail_if_null(alice_private_key = alice_key_pair.private);
|
||||||
|
|
||||||
|
fail_if_null(bob_key_pair = global_context.generate_key_pair());
|
||||||
|
fail_if_null(bob_public_key = bob_key_pair.public);
|
||||||
|
fail_if_null(bob_private_key = bob_key_pair.private);
|
||||||
|
|
||||||
|
shared_alice = calculate_agreement(bob_public_key, alice_private_key);
|
||||||
|
fail_if_not_eq_int(shared_alice.length, 32);
|
||||||
|
|
||||||
|
shared_bob = calculate_agreement(alice_public_key, bob_private_key);
|
||||||
|
fail_if_not_eq_int(shared_bob.length, 32);
|
||||||
|
|
||||||
|
fail_if_not_eq_uint8_arr(shared_alice, shared_bob);
|
||||||
|
}
|
||||||
|
} catch (Error e) {
|
||||||
|
fail_if_reached();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void test_curve25519_signature() {
|
||||||
|
try {
|
||||||
|
uint8[] aliceIdentityPrivate = {
|
||||||
|
0xc0, 0x97, 0x24, 0x84, 0x12, 0xe5, 0x8b, 0xf0,
|
||||||
|
0x5d, 0xf4, 0x87, 0x96, 0x82, 0x05, 0x13, 0x27,
|
||||||
|
0x94, 0x17, 0x8e, 0x36, 0x76, 0x37, 0xf5, 0x81,
|
||||||
|
0x8f, 0x81, 0xe0, 0xe6, 0xce, 0x73, 0xe8, 0x65};
|
||||||
|
|
||||||
|
uint8[] aliceIdentityPublic = {
|
||||||
|
0x05, 0xab, 0x7e, 0x71, 0x7d, 0x4a, 0x16, 0x3b,
|
||||||
|
0x7d, 0x9a, 0x1d, 0x80, 0x71, 0xdf, 0xe9, 0xdc,
|
||||||
|
0xf8, 0xcd, 0xcd, 0x1c, 0xea, 0x33, 0x39, 0xb6,
|
||||||
|
0x35, 0x6b, 0xe8, 0x4d, 0x88, 0x7e, 0x32, 0x2c,
|
||||||
|
0x64};
|
||||||
|
|
||||||
|
uint8[] aliceEphemeralPublic = {
|
||||||
|
0x05, 0xed, 0xce, 0x9d, 0x9c, 0x41, 0x5c, 0xa7,
|
||||||
|
0x8c, 0xb7, 0x25, 0x2e, 0x72, 0xc2, 0xc4, 0xa5,
|
||||||
|
0x54, 0xd3, 0xeb, 0x29, 0x48, 0x5a, 0x0e, 0x1d,
|
||||||
|
0x50, 0x31, 0x18, 0xd1, 0xa8, 0x2d, 0x99, 0xfb,
|
||||||
|
0x4a};
|
||||||
|
|
||||||
|
uint8[] aliceSignature = {
|
||||||
|
0x5d, 0xe8, 0x8c, 0xa9, 0xa8, 0x9b, 0x4a, 0x11,
|
||||||
|
0x5d, 0xa7, 0x91, 0x09, 0xc6, 0x7c, 0x9c, 0x74,
|
||||||
|
0x64, 0xa3, 0xe4, 0x18, 0x02, 0x74, 0xf1, 0xcb,
|
||||||
|
0x8c, 0x63, 0xc2, 0x98, 0x4e, 0x28, 0x6d, 0xfb,
|
||||||
|
0xed, 0xe8, 0x2d, 0xeb, 0x9d, 0xcd, 0x9f, 0xae,
|
||||||
|
0x0b, 0xfb, 0xb8, 0x21, 0x56, 0x9b, 0x3d, 0x90,
|
||||||
|
0x01, 0xbd, 0x81, 0x30, 0xcd, 0x11, 0xd4, 0x86,
|
||||||
|
0xce, 0xf0, 0x47, 0xbd, 0x60, 0xb8, 0x6e, 0x88};
|
||||||
|
|
||||||
|
global_context.decode_private_key(aliceIdentityPrivate);
|
||||||
|
global_context.decode_public_key(aliceEphemeralPublic);
|
||||||
|
ECPublicKey alice_public_key = global_context.decode_public_key(aliceIdentityPublic);
|
||||||
|
|
||||||
|
fail_if(!verify_signature(alice_public_key, aliceEphemeralPublic, aliceSignature), "signature verification failed");
|
||||||
|
|
||||||
|
uint8[] modifiedSignature = new uint8[aliceSignature.length];
|
||||||
|
|
||||||
|
for (int i = 0; i < aliceSignature.length; i++) {
|
||||||
|
Memory.copy(modifiedSignature, aliceSignature, aliceSignature.length);
|
||||||
|
modifiedSignature[i] ^= 0x01;
|
||||||
|
|
||||||
|
fail_if(verify_signature(alice_public_key, aliceEphemeralPublic, modifiedSignature), "invalid signature verification succeeded");
|
||||||
|
}
|
||||||
|
} catch (Error e) {
|
||||||
|
fail_if_reached();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
59
plugins/signal-protocol/tests/hkdf.vala
Normal file
59
plugins/signal-protocol/tests/hkdf.vala
Normal file
|
@ -0,0 +1,59 @@
|
||||||
|
namespace Signal.Test {
|
||||||
|
|
||||||
|
class HKDF : Gee.TestCase {
|
||||||
|
|
||||||
|
public HKDF() {
|
||||||
|
base("HKDF");
|
||||||
|
add_test("vector_v3", test_hkdf_vector_v3);
|
||||||
|
}
|
||||||
|
|
||||||
|
private Context global_context;
|
||||||
|
|
||||||
|
public override void set_up() {
|
||||||
|
try {
|
||||||
|
global_context = new Context();
|
||||||
|
} catch (Error e) {
|
||||||
|
fail_if_reached();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void tear_down() {
|
||||||
|
global_context = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void test_hkdf_vector_v3() {
|
||||||
|
uint8[] ikm = {
|
||||||
|
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
|
||||||
|
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
|
||||||
|
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
|
||||||
|
|
||||||
|
uint8[] salt = {
|
||||||
|
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
|
||||||
|
0x08, 0x09, 0x0a, 0x0b, 0x0c};
|
||||||
|
|
||||||
|
uint8[] info = {
|
||||||
|
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
|
||||||
|
0xf8, 0xf9};
|
||||||
|
|
||||||
|
uint8[] okm = {
|
||||||
|
0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
|
||||||
|
0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
|
||||||
|
0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
|
||||||
|
0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
|
||||||
|
0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
|
||||||
|
0x58, 0x65};
|
||||||
|
|
||||||
|
NativeHkdfContext context = null;
|
||||||
|
fail_if_not_zero_int(NativeHkdfContext.create(out context, 3, global_context.native_context));
|
||||||
|
|
||||||
|
uint8[] output = null;
|
||||||
|
int result = (int) context.derive_secrets(out output, ikm, salt, info, 42);
|
||||||
|
fail_if_not_eq_int(result, okm.length);
|
||||||
|
output.length = result;
|
||||||
|
|
||||||
|
fail_if_not_eq_uint8_arr(output, okm);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
400
plugins/signal-protocol/tests/session_builder.vala
Normal file
400
plugins/signal-protocol/tests/session_builder.vala
Normal file
|
@ -0,0 +1,400 @@
|
||||||
|
namespace Signal.Test {
|
||||||
|
|
||||||
|
class SessionBuilderTest : Gee.TestCase {
|
||||||
|
Address alice_address;
|
||||||
|
Address bob_address;
|
||||||
|
|
||||||
|
public SessionBuilderTest() {
|
||||||
|
base("SessionBuilder");
|
||||||
|
|
||||||
|
add_test("basic_pre_key_v2", test_basic_pre_key_v2);
|
||||||
|
add_test("basic_pre_key_v3", test_basic_pre_key_v3);
|
||||||
|
add_test("bad_signed_pre_key_signature", test_bad_signed_pre_key_signature);
|
||||||
|
add_test("repeat_bundle_message_v2", test_repeat_bundle_message_v2);
|
||||||
|
}
|
||||||
|
|
||||||
|
private Context global_context;
|
||||||
|
|
||||||
|
public override void set_up() {
|
||||||
|
try {
|
||||||
|
global_context = new Context();
|
||||||
|
alice_address = new Address();
|
||||||
|
alice_address.name = "+14151111111";
|
||||||
|
alice_address.device_id = 1;
|
||||||
|
bob_address = new Address();
|
||||||
|
bob_address.name = "+14152222222";
|
||||||
|
bob_address.device_id = 1;
|
||||||
|
} catch (Error e) {
|
||||||
|
fail_if_reached(@"Unexpected error: $(e.message)");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public override void tear_down() {
|
||||||
|
global_context = null;
|
||||||
|
alice_address = null;
|
||||||
|
bob_address = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
void test_basic_pre_key_v2() {
|
||||||
|
try {
|
||||||
|
/* Create Alice's data store and session builder */
|
||||||
|
Store alice_store = setup_test_store_context(global_context);
|
||||||
|
SessionBuilder alice_session_builder = alice_store.create_session_builder(bob_address);
|
||||||
|
|
||||||
|
/* Create Bob's data store and pre key bundle */
|
||||||
|
Store bob_store = setup_test_store_context(global_context);
|
||||||
|
uint32 bob_local_registration_id = bob_store.local_registration_id;
|
||||||
|
IdentityKeyPair bob_identity_key_pair = bob_store.identity_key_pair;
|
||||||
|
ECKeyPair bob_pre_key_pair = global_context.generate_key_pair();
|
||||||
|
|
||||||
|
PreKeyBundle bob_pre_key = create_pre_key_bundle(bob_local_registration_id, 1, 31337, bob_pre_key_pair.public, 0, null, null, bob_identity_key_pair.public);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Have Alice process Bob's pre key bundle, which should fail due to a
|
||||||
|
* missing unsigned pre key.
|
||||||
|
*/
|
||||||
|
fail_if_not_error_code(() => alice_session_builder.process_pre_key_bundle(bob_pre_key), ErrorCode.INVALID_KEY);
|
||||||
|
} catch(Error e) {
|
||||||
|
fail_if_reached(@"Unexpected error: $(e.message)");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void test_basic_pre_key_v3() {
|
||||||
|
try {
|
||||||
|
/* Create Alice's data store and session builder */
|
||||||
|
Store alice_store = setup_test_store_context(global_context);
|
||||||
|
SessionBuilder alice_session_builder = alice_store.create_session_builder(bob_address);
|
||||||
|
|
||||||
|
/* Create Bob's data store and pre key bundle */
|
||||||
|
Store bob_store = setup_test_store_context(global_context);
|
||||||
|
uint32 bob_local_registration_id = bob_store.local_registration_id;
|
||||||
|
ECKeyPair bob_pre_key_pair = global_context.generate_key_pair();
|
||||||
|
ECKeyPair bob_signed_pre_key_pair = global_context.generate_key_pair();
|
||||||
|
IdentityKeyPair bob_identity_key_pair = bob_store.identity_key_pair;
|
||||||
|
|
||||||
|
uint8[] bob_signed_pre_key_signature = global_context.calculate_signature(bob_identity_key_pair.private, bob_signed_pre_key_pair.public.serialize());
|
||||||
|
|
||||||
|
PreKeyBundle bob_pre_key = create_pre_key_bundle(bob_local_registration_id, 1, 31337, bob_pre_key_pair.public, 22, bob_signed_pre_key_pair.public, bob_signed_pre_key_signature, bob_identity_key_pair.public);
|
||||||
|
|
||||||
|
/* Have Alice process Bob's pre key bundle */
|
||||||
|
alice_session_builder.process_pre_key_bundle(bob_pre_key);
|
||||||
|
|
||||||
|
/* Check that we can load the session state and verify its version */
|
||||||
|
fail_if_not(alice_store.contains_session(bob_address));
|
||||||
|
|
||||||
|
SessionRecord loaded_record = alice_store.load_session(bob_address);
|
||||||
|
fail_if_not_eq_int((int)loaded_record.state.session_version, 3);
|
||||||
|
|
||||||
|
/* Encrypt an outgoing message to send to Bob */
|
||||||
|
string original_message = "L'homme est condamné à être libre";
|
||||||
|
SessionCipher alice_session_cipher = alice_store.create_session_cipher(bob_address);
|
||||||
|
|
||||||
|
CiphertextMessage outgoing_message = alice_session_cipher.encrypt(original_message.data);
|
||||||
|
fail_if_not_eq_int(outgoing_message.type, CiphertextType.PREKEY);
|
||||||
|
|
||||||
|
/* Convert to an incoming message for Bob */
|
||||||
|
PreKeySignalMessage incoming_message = global_context.deserialize_pre_key_signal_message(outgoing_message.serialized);
|
||||||
|
|
||||||
|
/* Save the pre key and signed pre key in Bob's data store */
|
||||||
|
PreKeyRecord bob_pre_key_record = new PreKeyRecord(bob_pre_key.pre_key_id, bob_pre_key_pair);
|
||||||
|
bob_store.store_pre_key(bob_pre_key_record);
|
||||||
|
|
||||||
|
SignedPreKeyRecord bob_signed_pre_key_record = new SignedPreKeyRecord(22, new DateTime.now_local().to_unix(), bob_signed_pre_key_pair, bob_signed_pre_key_signature);
|
||||||
|
bob_store.store_signed_pre_key(bob_signed_pre_key_record);
|
||||||
|
|
||||||
|
/* Create Bob's session cipher and decrypt the message from Alice */
|
||||||
|
SessionCipher bob_session_cipher = bob_store.create_session_cipher(alice_address);
|
||||||
|
|
||||||
|
/* Prepare the data for the callback test */
|
||||||
|
//int callback_context = 1234;
|
||||||
|
//bob_session_cipher.user_data =
|
||||||
|
//bob_session_cipher.decryption_callback =
|
||||||
|
uint8[] plaintext = bob_session_cipher.decrypt_pre_key_signal_message(incoming_message);
|
||||||
|
|
||||||
|
/* Clean up callback data */
|
||||||
|
bob_session_cipher.user_data = null;
|
||||||
|
bob_session_cipher.decryption_callback = null;
|
||||||
|
|
||||||
|
/* Verify Bob's session state and the decrypted message */
|
||||||
|
fail_if_not(bob_store.contains_session(alice_address));
|
||||||
|
|
||||||
|
SessionRecord alice_recipient_session_record = bob_store.load_session(alice_address);
|
||||||
|
|
||||||
|
SessionState alice_recipient_session_state = alice_recipient_session_record.state;
|
||||||
|
fail_if_not_eq_int((int)alice_recipient_session_state.session_version, 3);
|
||||||
|
fail_if_null(alice_recipient_session_state.alice_base_key);
|
||||||
|
|
||||||
|
fail_if_not_eq_uint8_arr(original_message.data, plaintext);
|
||||||
|
|
||||||
|
/* Have Bob send a reply to Alice */
|
||||||
|
CiphertextMessage bob_outgoing_message = bob_session_cipher.encrypt(original_message.data);
|
||||||
|
fail_if_not_eq_int(bob_outgoing_message.type, CiphertextType.SIGNAL);
|
||||||
|
|
||||||
|
/* Verify that Alice can decrypt it */
|
||||||
|
SignalMessage bob_outgoing_message_copy = global_context.copy_signal_message(bob_outgoing_message);
|
||||||
|
|
||||||
|
uint8[] alice_plaintext = alice_session_cipher.decrypt_signal_message(bob_outgoing_message_copy);
|
||||||
|
|
||||||
|
fail_if_not_eq_uint8_arr(original_message.data, alice_plaintext);
|
||||||
|
|
||||||
|
GLib.Test.message("Pre-interaction tests complete");
|
||||||
|
|
||||||
|
/* Interaction tests */
|
||||||
|
run_interaction(alice_store, bob_store);
|
||||||
|
|
||||||
|
/* Cleanup state from previous tests that we need to replace */
|
||||||
|
alice_store = null;
|
||||||
|
bob_pre_key_pair = null;
|
||||||
|
bob_signed_pre_key_pair = null;
|
||||||
|
bob_identity_key_pair = null;
|
||||||
|
bob_signed_pre_key_signature = null;
|
||||||
|
bob_pre_key_record = null;
|
||||||
|
bob_signed_pre_key_record = null;
|
||||||
|
|
||||||
|
/* Create Alice's new session data */
|
||||||
|
alice_store = setup_test_store_context(global_context);
|
||||||
|
alice_session_builder = alice_store.create_session_builder(bob_address);
|
||||||
|
alice_session_cipher = alice_store.create_session_cipher(bob_address);
|
||||||
|
|
||||||
|
/* Create Bob's new pre key bundle */
|
||||||
|
bob_pre_key_pair = global_context.generate_key_pair();
|
||||||
|
bob_signed_pre_key_pair = global_context.generate_key_pair();
|
||||||
|
bob_identity_key_pair = bob_store.identity_key_pair;
|
||||||
|
bob_signed_pre_key_signature = global_context.calculate_signature(bob_identity_key_pair.private, bob_signed_pre_key_pair.public.serialize());
|
||||||
|
bob_pre_key = create_pre_key_bundle(bob_local_registration_id, 1, 31338, bob_pre_key_pair.public, 23, bob_signed_pre_key_pair.public, bob_signed_pre_key_signature, bob_identity_key_pair.public);
|
||||||
|
|
||||||
|
/* Save the new pre key and signed pre key in Bob's data store */
|
||||||
|
bob_pre_key_record = new PreKeyRecord(bob_pre_key.pre_key_id, bob_pre_key_pair);
|
||||||
|
bob_store.store_pre_key(bob_pre_key_record);
|
||||||
|
|
||||||
|
bob_signed_pre_key_record = new SignedPreKeyRecord(23, new DateTime.now_local().to_unix(), bob_signed_pre_key_pair, bob_signed_pre_key_signature);
|
||||||
|
bob_store.store_signed_pre_key(bob_signed_pre_key_record);
|
||||||
|
|
||||||
|
/* Have Alice process Bob's pre key bundle */
|
||||||
|
alice_session_builder.process_pre_key_bundle(bob_pre_key);
|
||||||
|
|
||||||
|
/* Have Alice encrypt a message for Bob */
|
||||||
|
outgoing_message = alice_session_cipher.encrypt(original_message.data);
|
||||||
|
fail_if_not_eq_int(outgoing_message.type, CiphertextType.PREKEY);
|
||||||
|
|
||||||
|
/* Have Bob try to decrypt the message */
|
||||||
|
PreKeySignalMessage outgoing_message_copy = global_context.copy_pre_key_signal_message(outgoing_message);
|
||||||
|
|
||||||
|
/* The decrypt should fail with a specific error */
|
||||||
|
fail_if_not_error_code(() => bob_session_cipher.decrypt_pre_key_signal_message(outgoing_message_copy), ErrorCode.UNTRUSTED_IDENTITY);
|
||||||
|
|
||||||
|
outgoing_message_copy = global_context.copy_pre_key_signal_message(outgoing_message);
|
||||||
|
|
||||||
|
/* Save the identity key to Bob's store */
|
||||||
|
bob_store.save_identity(alice_address, outgoing_message_copy.identity_key);
|
||||||
|
|
||||||
|
/* Try the decrypt again, this time it should succeed */
|
||||||
|
outgoing_message_copy = global_context.copy_pre_key_signal_message(outgoing_message);
|
||||||
|
plaintext = bob_session_cipher.decrypt_pre_key_signal_message(outgoing_message_copy);
|
||||||
|
|
||||||
|
fail_if_not_eq_uint8_arr(original_message.data, plaintext);
|
||||||
|
|
||||||
|
/* Create a new pre key for Bob */
|
||||||
|
ECPublicKey test_public_key = create_test_ec_public_key(global_context);
|
||||||
|
|
||||||
|
IdentityKeyPair alice_identity_key_pair = alice_store.identity_key_pair;
|
||||||
|
|
||||||
|
bob_pre_key = create_pre_key_bundle(bob_local_registration_id, 1, 31337, test_public_key, 23, bob_signed_pre_key_pair.public, bob_signed_pre_key_signature, alice_identity_key_pair.public);
|
||||||
|
|
||||||
|
/* Have Alice process Bob's new pre key bundle, which should fail */
|
||||||
|
fail_if_not_error_code(() => alice_session_builder.process_pre_key_bundle(bob_pre_key), ErrorCode.UNTRUSTED_IDENTITY);
|
||||||
|
|
||||||
|
GLib.Test.message("Post-interaction tests complete");
|
||||||
|
} catch(Error e) {
|
||||||
|
fail_if_reached(@"Unexpected error: $(e.message)");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void test_bad_signed_pre_key_signature() {
|
||||||
|
try {
|
||||||
|
/* Create Alice's data store and session builder */
|
||||||
|
Store alice_store = setup_test_store_context(global_context);
|
||||||
|
SessionBuilder alice_session_builder = alice_store.create_session_builder(bob_address);
|
||||||
|
|
||||||
|
/* Create Bob's data store */
|
||||||
|
Store bob_store = setup_test_store_context(global_context);
|
||||||
|
|
||||||
|
/* Create Bob's regular and signed pre key pairs */
|
||||||
|
ECKeyPair bob_pre_key_pair = global_context.generate_key_pair();
|
||||||
|
ECKeyPair bob_signed_pre_key_pair = global_context.generate_key_pair();
|
||||||
|
|
||||||
|
/* Create Bob's signed pre key signature */
|
||||||
|
IdentityKeyPair bob_identity_key_pair = bob_store.identity_key_pair;
|
||||||
|
uint8[] bob_signed_pre_key_signature = global_context.calculate_signature(bob_identity_key_pair.private, bob_signed_pre_key_pair.public.serialize());
|
||||||
|
|
||||||
|
for (int i = 0; i < bob_signed_pre_key_signature.length * 8; i++) {
|
||||||
|
uint8[] modified_signature = bob_signed_pre_key_signature[0:bob_signed_pre_key_signature.length];
|
||||||
|
|
||||||
|
/* Intentionally corrupt the signature data */
|
||||||
|
modified_signature[i/8] ^= (1 << ((uint8)i % 8));
|
||||||
|
|
||||||
|
/* Create a pre key bundle */
|
||||||
|
PreKeyBundle bob_pre_key = create_pre_key_bundle(bob_store.local_registration_id,1,31137,bob_pre_key_pair.public,22,bob_signed_pre_key_pair.public,modified_signature,bob_identity_key_pair.public);
|
||||||
|
|
||||||
|
/* Process the bundle and make sure we fail with an invalid key error */
|
||||||
|
fail_if_not_error_code(() => alice_session_builder.process_pre_key_bundle(bob_pre_key), ErrorCode.INVALID_KEY);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Create a correct pre key bundle */
|
||||||
|
PreKeyBundle bob_pre_key = create_pre_key_bundle(bob_store.local_registration_id,1,31137,bob_pre_key_pair.public,22,bob_signed_pre_key_pair.public,bob_signed_pre_key_signature,bob_identity_key_pair.public);
|
||||||
|
|
||||||
|
/* Process the bundle and make sure we do not fail */
|
||||||
|
alice_session_builder.process_pre_key_bundle(bob_pre_key);
|
||||||
|
} catch(Error e) {
|
||||||
|
fail_if_reached(@"Unexpected error: $(e.message)");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void test_repeat_bundle_message_v2() {
|
||||||
|
try {
|
||||||
|
/* Create Alice's data store and session builder */
|
||||||
|
Store alice_store = setup_test_store_context(global_context);
|
||||||
|
SessionBuilder alice_session_builder = alice_store.create_session_builder(bob_address);
|
||||||
|
|
||||||
|
/* Create Bob's data store and pre key bundle */
|
||||||
|
Store bob_store = setup_test_store_context(global_context);
|
||||||
|
ECKeyPair bob_pre_key_pair = global_context.generate_key_pair();
|
||||||
|
ECKeyPair bob_signed_pre_key_pair = global_context.generate_key_pair();
|
||||||
|
uint8[] bob_signed_pre_key_signature = global_context.calculate_signature(bob_store.identity_key_pair.private, bob_signed_pre_key_pair.public.serialize());
|
||||||
|
PreKeyBundle bob_pre_key = create_pre_key_bundle(bob_store.local_registration_id,1,31337,bob_pre_key_pair.public,0,null,null,bob_store.identity_key_pair.public);
|
||||||
|
|
||||||
|
/* Add Bob's pre keys to Bob's data store */
|
||||||
|
PreKeyRecord bob_pre_key_record = new PreKeyRecord(bob_pre_key.pre_key_id, bob_pre_key_pair);
|
||||||
|
bob_store.store_pre_key(bob_pre_key_record);
|
||||||
|
SignedPreKeyRecord bob_signed_pre_key_record = new SignedPreKeyRecord(22, new DateTime.now_local().to_unix(), bob_signed_pre_key_pair, bob_signed_pre_key_signature);
|
||||||
|
bob_store.store_signed_pre_key(bob_signed_pre_key_record);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Have Alice process Bob's pre key bundle, which should fail due to a
|
||||||
|
* missing signed pre key.
|
||||||
|
*/
|
||||||
|
fail_if_not_error_code(() => alice_session_builder.process_pre_key_bundle(bob_pre_key), ErrorCode.INVALID_KEY);
|
||||||
|
} catch(Error e) {
|
||||||
|
fail_if_reached(@"Unexpected error: $(e.message)");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
class Holder {
|
||||||
|
public uint8[] data { get; private set; }
|
||||||
|
|
||||||
|
public Holder(uint8[] data) {
|
||||||
|
this.data = data;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void run_interaction(Store alice_store, Store bob_store) throws Error {
|
||||||
|
|
||||||
|
/* Create the session ciphers */
|
||||||
|
SessionCipher alice_session_cipher = alice_store.create_session_cipher(bob_address);
|
||||||
|
SessionCipher bob_session_cipher = bob_store.create_session_cipher(alice_address);
|
||||||
|
|
||||||
|
/* Create a test message */
|
||||||
|
string original_message = "smert ze smert";
|
||||||
|
|
||||||
|
/* Simulate Alice sending a message to Bob */
|
||||||
|
CiphertextMessage alice_message = alice_session_cipher.encrypt(original_message.data);
|
||||||
|
fail_if_not_eq_int(alice_message.type, CiphertextType.SIGNAL);
|
||||||
|
|
||||||
|
SignalMessage alice_message_copy = global_context.copy_signal_message(alice_message);
|
||||||
|
uint8[] plaintext = bob_session_cipher.decrypt_signal_message(alice_message_copy);
|
||||||
|
fail_if_not_eq_uint8_arr(original_message.data, plaintext);
|
||||||
|
|
||||||
|
GLib.Test.message("Interaction complete: Alice -> Bob");
|
||||||
|
|
||||||
|
/* Simulate Bob sending a message to Alice */
|
||||||
|
CiphertextMessage bob_message = bob_session_cipher.encrypt(original_message.data);
|
||||||
|
fail_if_not_eq_int(alice_message.type, CiphertextType.SIGNAL);
|
||||||
|
|
||||||
|
SignalMessage bob_message_copy = global_context.copy_signal_message(bob_message);
|
||||||
|
plaintext = alice_session_cipher.decrypt_signal_message(bob_message_copy);
|
||||||
|
fail_if_not_eq_uint8_arr(original_message.data, plaintext);
|
||||||
|
|
||||||
|
GLib.Test.message("Interaction complete: Bob -> Alice");
|
||||||
|
|
||||||
|
/* Looping Alice -> Bob */
|
||||||
|
for (int i = 0; i < 10; i++) {
|
||||||
|
uint8[] looping_message = create_looping_message(i);
|
||||||
|
CiphertextMessage alice_looping_message = alice_session_cipher.encrypt(looping_message);
|
||||||
|
SignalMessage alice_looping_message_copy = global_context.copy_signal_message(alice_looping_message);
|
||||||
|
uint8[] looping_plaintext = bob_session_cipher.decrypt_signal_message(alice_looping_message_copy);
|
||||||
|
fail_if_not_eq_uint8_arr(looping_message, looping_plaintext);
|
||||||
|
}
|
||||||
|
GLib.Test.message("Interaction complete: Alice -> Bob (looping)");
|
||||||
|
|
||||||
|
/* Looping Bob -> Alice */
|
||||||
|
for (int i = 0; i < 10; i++) {
|
||||||
|
uint8[] looping_message = create_looping_message(i);
|
||||||
|
CiphertextMessage bob_looping_message = bob_session_cipher.encrypt(looping_message);
|
||||||
|
SignalMessage bob_looping_message_copy = global_context.copy_signal_message(bob_looping_message);
|
||||||
|
uint8[] looping_plaintext = alice_session_cipher.decrypt_signal_message(bob_looping_message_copy);
|
||||||
|
fail_if_not_eq_uint8_arr(looping_message, looping_plaintext);
|
||||||
|
}
|
||||||
|
GLib.Test.message("Interaction complete: Bob -> Alice (looping)");
|
||||||
|
|
||||||
|
/* Generate a shuffled list of encrypted messages for later use */
|
||||||
|
Holder[] alice_ooo_plaintext = new Holder[10];
|
||||||
|
Holder[] alice_ooo_ciphertext = new Holder[10];
|
||||||
|
for (int i = 0; i < 10; i++) {
|
||||||
|
alice_ooo_plaintext[i] = new Holder(create_looping_message(i));
|
||||||
|
alice_ooo_ciphertext[i] = new Holder(alice_session_cipher.encrypt(alice_ooo_plaintext[i].data).serialized);
|
||||||
|
}
|
||||||
|
|
||||||
|
for (int i = 0; i < 10; i++) {
|
||||||
|
uint32 s = Random.next_int() % 10;
|
||||||
|
Holder tmp = alice_ooo_plaintext[s];
|
||||||
|
alice_ooo_plaintext[s] = alice_ooo_plaintext[i];
|
||||||
|
alice_ooo_plaintext[i] = tmp;
|
||||||
|
tmp = alice_ooo_ciphertext[s];
|
||||||
|
alice_ooo_ciphertext[s] = alice_ooo_ciphertext[i];
|
||||||
|
alice_ooo_ciphertext[i] = tmp;
|
||||||
|
}
|
||||||
|
GLib.Test.message("Shuffled Alice->Bob messages created");
|
||||||
|
|
||||||
|
/* Looping Alice -> Bob (repeated) */
|
||||||
|
for (int i = 0; i < 10; i++) {
|
||||||
|
uint8[] looping_message = create_looping_message(i);
|
||||||
|
CiphertextMessage alice_looping_message = alice_session_cipher.encrypt(looping_message);
|
||||||
|
SignalMessage alice_looping_message_copy = global_context.copy_signal_message(alice_looping_message);
|
||||||
|
uint8[] looping_plaintext = bob_session_cipher.decrypt_signal_message(alice_looping_message_copy);
|
||||||
|
fail_if_not_eq_uint8_arr(looping_message, looping_plaintext);
|
||||||
|
}
|
||||||
|
GLib.Test.message("Interaction complete: Alice -> Bob (looping, repeated)");
|
||||||
|
|
||||||
|
/* Looping Bob -> Alice (repeated) */
|
||||||
|
for (int i = 0; i < 10; i++) {
|
||||||
|
uint8[] looping_message = create_looping_message(i);
|
||||||
|
CiphertextMessage bob_looping_message = bob_session_cipher.encrypt(looping_message);
|
||||||
|
SignalMessage bob_looping_message_copy = global_context.copy_signal_message(bob_looping_message);
|
||||||
|
uint8[] looping_plaintext = alice_session_cipher.decrypt_signal_message(bob_looping_message_copy);
|
||||||
|
fail_if_not_eq_uint8_arr(looping_message, looping_plaintext);
|
||||||
|
}
|
||||||
|
GLib.Test.message("Interaction complete: Bob -> Alice (looping, repeated)");
|
||||||
|
|
||||||
|
/* Shuffled Alice -> Bob */
|
||||||
|
for (int i = 0; i < 10; i++) {
|
||||||
|
SignalMessage ooo_message_deserialized = global_context.deserialize_signal_message(alice_ooo_ciphertext[i].data);
|
||||||
|
uint8[] ooo_plaintext = bob_session_cipher.decrypt_signal_message(ooo_message_deserialized);
|
||||||
|
fail_if_not_eq_uint8_arr(alice_ooo_plaintext[i].data, ooo_plaintext);
|
||||||
|
}
|
||||||
|
GLib.Test.message("Interaction complete: Alice -> Bob (shuffled)");
|
||||||
|
}
|
||||||
|
|
||||||
|
uint8[] create_looping_message(int index) {
|
||||||
|
return (@"You can only desire based on what you know: $index").data;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
uint8[] create_looping_message_short(int index) {
|
||||||
|
return ("What do we mean by saying that existence precedes essence? " +
|
||||||
|
"We mean that man first of all exists, encounters himself, " +
|
||||||
|
@"surges up in the world--and defines himself aftward. $index").data;
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
80
plugins/signal-protocol/tests/testcase.vala
Normal file
80
plugins/signal-protocol/tests/testcase.vala
Normal file
|
@ -0,0 +1,80 @@
|
||||||
|
/* testcase.vala
|
||||||
|
*
|
||||||
|
* Copyright (C) 2009 Julien Peeters
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
* License as published by the Free Software Foundation; either
|
||||||
|
* version 2.1 of the License, or (at your option) any later version.
|
||||||
|
|
||||||
|
* This library is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this library; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
|
*
|
||||||
|
* Author:
|
||||||
|
* Julien Peeters <contact@julienpeeters.fr>
|
||||||
|
*/
|
||||||
|
|
||||||
|
public abstract class Gee.TestCase : Object {
|
||||||
|
|
||||||
|
private GLib.TestSuite suite;
|
||||||
|
private Adaptor[] adaptors = new Adaptor[0];
|
||||||
|
|
||||||
|
public delegate void TestMethod ();
|
||||||
|
|
||||||
|
public TestCase (string name) {
|
||||||
|
this.suite = new GLib.TestSuite (name);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void add_test (string name, owned TestMethod test) {
|
||||||
|
var adaptor = new Adaptor (name, (owned)test, this);
|
||||||
|
this.adaptors += adaptor;
|
||||||
|
|
||||||
|
this.suite.add (new GLib.TestCase (adaptor.name,
|
||||||
|
adaptor.set_up,
|
||||||
|
adaptor.run,
|
||||||
|
adaptor.tear_down ));
|
||||||
|
}
|
||||||
|
|
||||||
|
public virtual void set_up () {
|
||||||
|
}
|
||||||
|
|
||||||
|
public virtual void tear_down () {
|
||||||
|
}
|
||||||
|
|
||||||
|
public GLib.TestSuite get_suite () {
|
||||||
|
return this.suite;
|
||||||
|
}
|
||||||
|
|
||||||
|
private class Adaptor {
|
||||||
|
[CCode (notify = false)]
|
||||||
|
public string name { get; private set; }
|
||||||
|
private TestMethod test;
|
||||||
|
private TestCase test_case;
|
||||||
|
|
||||||
|
public Adaptor (string name,
|
||||||
|
owned TestMethod test,
|
||||||
|
TestCase test_case) {
|
||||||
|
this.name = name;
|
||||||
|
this.test = (owned)test;
|
||||||
|
this.test_case = test_case;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void set_up (void* fixture) {
|
||||||
|
this.test_case.set_up ();
|
||||||
|
}
|
||||||
|
|
||||||
|
public void run (void* fixture) {
|
||||||
|
this.test ();
|
||||||
|
}
|
||||||
|
|
||||||
|
public void tear_down (void* fixture) {
|
||||||
|
this.test_case.tear_down ();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
274
plugins/signal-protocol/vapi/signal-protocol-native.vapi
Normal file
274
plugins/signal-protocol/vapi/signal-protocol-native.vapi
Normal file
|
@ -0,0 +1,274 @@
|
||||||
|
namespace Signal {
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_context", cprefix="signal_context_", free_function="signal_context_destroy", cheader_filename = "signal_protocol.h")]
|
||||||
|
public class NativeContext {
|
||||||
|
public static int create(out NativeContext context, void* user_data);
|
||||||
|
public int set_crypto_provider(NativeCryptoProvider crypto_provider);
|
||||||
|
public int set_locking_functions(LockingFunc lock, LockingFunc unlock);
|
||||||
|
public int set_log_function(LogFunc log);
|
||||||
|
}
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate void LockingFunc(void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate void LogFunc(LogLevel level, string message, void* user_data);
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_crypto_provider", cheader_filename = "signal_protocol.h")]
|
||||||
|
public struct NativeCryptoProvider {
|
||||||
|
public RandomFunc random_func;
|
||||||
|
public HmacSha256Init hmac_sha256_init_func;
|
||||||
|
public HmacSha256Update hmac_sha256_update_func;
|
||||||
|
public HmacSha256Final hmac_sha256_final_func;
|
||||||
|
public HmacSha256Cleanup hmac_sha256_cleanup_func;
|
||||||
|
public Sha512DigestInit sha512_digest_init_func;
|
||||||
|
public Sha512DigestUpdate sha512_digest_update_func;
|
||||||
|
public Sha512DigestFinal sha512_digest_final_func;
|
||||||
|
public Sha512DigestCleanup sha512_digest_cleanup_func;
|
||||||
|
public CryptFunc encrypt_func;
|
||||||
|
public CryptFunc decrypt_func;
|
||||||
|
public void* user_data;
|
||||||
|
}
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int RandomFunc(uint8[] data, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int HmacSha256Init(out void* hmac_context, uint8[] key, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int HmacSha256Update(void* hmac_context, uint8[] data, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int HmacSha256Final(void* hmac_context, out Buffer buffer, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int HmacSha256Cleanup(void* hmac_context, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int Sha512DigestInit(out void* digest_context, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int Sha512DigestUpdate(void* digest_context, uint8[] data, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int Sha512DigestFinal(void* digest_context, out Buffer buffer, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int Sha512DigestCleanup(void* digest_context, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int CryptFunc(out Buffer output, Cipher cipher, uint8[] key, uint8[] iv, uint8[] content, void* user_data);
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_protocol_session_store", cheader_filename = "signal_protocol.h")]
|
||||||
|
public struct NativeSessionStore {
|
||||||
|
public LoadSessionFunc load_session_func;
|
||||||
|
public GetSubDeviceSessionsFunc get_sub_device_sessions_func;
|
||||||
|
public StoreSessionFunc store_session_func;
|
||||||
|
public ContainsSessionFunc contains_session_func;
|
||||||
|
public DeleteSessionFunc delete_session_func;
|
||||||
|
public DeleteAllSessionsFunc delete_all_sessions_func;
|
||||||
|
public DestroyFunc destroy_func;
|
||||||
|
public void* user_data;
|
||||||
|
}
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int LoadSessionFunc(out Buffer buffer, Address address, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int GetSubDeviceSessionsFunc(out IntList sessions, char[] name, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int StoreSessionFunc(Address address, uint8[] record, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int ContainsSessionFunc(Address address, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int DeleteSessionFunc(Address address, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int DeleteAllSessionsFunc(char[] name, void* user_data);
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_protocol_identity_key_store", cheader_filename = "signal_protocol.h")]
|
||||||
|
public struct NativeIdentityKeyStore {
|
||||||
|
GetIdentityKeyPairFunc get_identity_key_pair;
|
||||||
|
GetLocalRegistrationIdFunc get_local_registration_id;
|
||||||
|
SaveIdentityFunc save_identity;
|
||||||
|
IsTrustedIdentityFunc is_trusted_identity;
|
||||||
|
DestroyFunc destroy_func;
|
||||||
|
void* user_data;
|
||||||
|
}
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int GetIdentityKeyPairFunc(out Buffer public_data, out Buffer private_data, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int GetLocalRegistrationIdFunc(void* user_data, out uint32 registration_id);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int SaveIdentityFunc(Address address, uint8[] key, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int IsTrustedIdentityFunc(Address address, uint8[] key, void* user_data);
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_protocol_pre_key_store", cheader_filename = "signal_protocol.h")]
|
||||||
|
public struct NativePreKeyStore {
|
||||||
|
LoadPreKeyFunc load_pre_key;
|
||||||
|
StorePreKeyFunc store_pre_key;
|
||||||
|
ContainsPreKeyFunc contains_pre_key;
|
||||||
|
RemovePreKeyFunc remove_pre_key;
|
||||||
|
DestroyFunc destroy_func;
|
||||||
|
void* user_data;
|
||||||
|
}
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int LoadPreKeyFunc(out Buffer record, uint32 pre_key_id, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int StorePreKeyFunc(uint32 pre_key_id, uint8[] record, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int ContainsPreKeyFunc(uint32 pre_key_id, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int RemovePreKeyFunc(uint32 pre_key_id, void* user_data);
|
||||||
|
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_protocol_signed_pre_key_store", cheader_filename = "signal_protocol.h")]
|
||||||
|
public struct NativeSignedPreKeyStore {
|
||||||
|
LoadPreKeyFunc load_signed_pre_key;
|
||||||
|
StorePreKeyFunc store_signed_pre_key;
|
||||||
|
ContainsPreKeyFunc contains_signed_pre_key;
|
||||||
|
RemovePreKeyFunc remove_signed_pre_key;
|
||||||
|
DestroyFunc destroy_func;
|
||||||
|
void* user_data;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_protocol_sender_key_store")]
|
||||||
|
public struct NativeSenderKeyStore {
|
||||||
|
StoreSenderKeyFunc store_sender_key;
|
||||||
|
LoadSenderKeyFunc load_sender_key;
|
||||||
|
DestroyFunc destroy_func;
|
||||||
|
void* user_data;
|
||||||
|
}
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int StoreSenderKeyFunc(SenderKeyName sender_key_name, uint8[] record, void* user_data);
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int LoadSenderKeyFunc(out Buffer record, SenderKeyName sender_key_name, void* user_data);
|
||||||
|
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int DestroyFunc(void* user_data);
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_protocol_store_context", cprefix = "signal_protocol_store_context_", free_function="signal_protocol_store_context_destroy", cheader_filename = "signal_protocol.h")]
|
||||||
|
public class NativeStoreContext {
|
||||||
|
public static int create(out NativeStoreContext context, NativeContext global_context);
|
||||||
|
public int set_session_store(NativeSessionStore store);
|
||||||
|
public int set_pre_key_store(NativePreKeyStore store);
|
||||||
|
public int set_signed_pre_key_store(NativeSignedPreKeyStore store);
|
||||||
|
public int set_identity_key_store(NativeIdentityKeyStore store);
|
||||||
|
public int set_sender_key_store(NativeSenderKeyStore store);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
[CCode (cheader_filename = "signal_protocol.h")]
|
||||||
|
namespace Protocol {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Interface to the pre-key store.
|
||||||
|
* These functions will use the callbacks in the provided
|
||||||
|
* signal_protocol_store_context instance and operate in terms of higher level
|
||||||
|
* library data structures.
|
||||||
|
*/
|
||||||
|
[CCode (cprefix = "signal_protocol_pre_key_")]
|
||||||
|
namespace PreKey {
|
||||||
|
public int load_key(NativeStoreContext context, out PreKeyRecord pre_key, uint32 pre_key_id);
|
||||||
|
public int store_key(NativeStoreContext context, PreKeyRecord pre_key);
|
||||||
|
public int contains_key(NativeStoreContext context, uint32 pre_key_id);
|
||||||
|
public int remove_key(NativeStoreContext context, uint32 pre_key_id);
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cprefix = "signal_protocol_signed_pre_key_")]
|
||||||
|
namespace SignedPreKey {
|
||||||
|
public int load_key(NativeStoreContext context, out SignedPreKeyRecord pre_key, uint32 pre_key_id);
|
||||||
|
public int store_key(NativeStoreContext context, SignedPreKeyRecord pre_key);
|
||||||
|
public int contains_key(NativeStoreContext context, uint32 pre_key_id);
|
||||||
|
public int remove_key(NativeStoreContext context, uint32 pre_key_id);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Interface to the session store.
|
||||||
|
* These functions will use the callbacks in the provided
|
||||||
|
* signal_protocol_store_context instance and operate in terms of higher level
|
||||||
|
* library data structures.
|
||||||
|
*/
|
||||||
|
[CCode (cprefix = "signal_protocol_session_")]
|
||||||
|
namespace Session {
|
||||||
|
public int load_session(NativeStoreContext context, out SessionRecord record, Address address);
|
||||||
|
public int get_sub_device_sessions(NativeStoreContext context, out IntList sessions, char[] name);
|
||||||
|
public int store_session(NativeStoreContext context, Address address, SessionRecord record);
|
||||||
|
public int contains_session(NativeStoreContext context, Address address);
|
||||||
|
public int delete_session(NativeStoreContext context, Address address);
|
||||||
|
public int delete_all_sessions(NativeStoreContext context, char[] name);
|
||||||
|
}
|
||||||
|
|
||||||
|
namespace Identity {
|
||||||
|
public int get_key_pair(NativeStoreContext store_context, out IdentityKeyPair key_pair);
|
||||||
|
public int get_local_registration_id(NativeStoreContext store_context, out uint32 registration_id);
|
||||||
|
public int save_identity(NativeStoreContext store_context, Address address, ECPublicKey identity_key);
|
||||||
|
public int is_trusted_identity(NativeStoreContext store_context, Address address, ECPublicKey identity_key);
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cheader_filename = "key_helper.h", cprefix = "signal_protocol_key_helper_")]
|
||||||
|
namespace KeyHelper {
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_protocol_key_helper_pre_key_list_node", cprefix = "signal_protocol_key_helper_key_list_", free_function="signal_protocol_key_helper_key_list_free")]
|
||||||
|
public class PreKeyListNode {
|
||||||
|
public PreKeyRecord element();
|
||||||
|
public PreKeyListNode next();
|
||||||
|
}
|
||||||
|
|
||||||
|
public int generate_identity_key_pair(out IdentityKeyPair key_pair, NativeContext global_context);
|
||||||
|
public int generate_registration_id(out int32 registration_id, int extended_range, NativeContext global_context);
|
||||||
|
public int get_random_sequence(out int value, int max, NativeContext global_context);
|
||||||
|
public int generate_pre_keys(out PreKeyListNode head, uint start, uint count, NativeContext global_context);
|
||||||
|
public int generate_last_resort_pre_key(out PreKeyRecord pre_key, NativeContext global_context);
|
||||||
|
public int generate_signed_pre_key(out SignedPreKeyRecord signed_pre_key, IdentityKeyPair identity_key_pair, uint32 signed_pre_key_id, uint64 timestamp, NativeContext global_context);
|
||||||
|
public int generate_sender_signing_key(out ECKeyPair key_pair, NativeContext global_context);
|
||||||
|
public int generate_sender_key(out Buffer key_buffer, NativeContext global_context);
|
||||||
|
public int generate_sender_key_id(out int32 key_id, NativeContext global_context);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cheader_filename = "curve.h")]
|
||||||
|
namespace Curve {
|
||||||
|
[CCode (cname = "curve_calculate_agreement")]
|
||||||
|
public int calculate_agreement([CCode (array_length = false)] out uint8[] shared_key_data, ECPublicKey public_key, ECPrivateKey private_key);
|
||||||
|
[CCode (cname = "curve_calculate_signature")]
|
||||||
|
public int calculate_signature(NativeContext context, out Buffer signature, ECPrivateKey signing_key, uint8[] message);
|
||||||
|
[CCode (cname = "curve_verify_signature")]
|
||||||
|
public int verify_signature(ECPublicKey signing_key, uint8[] message, uint8[] signature);
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cname = "session_builder_create", cheader_filename = "session_builder.h")]
|
||||||
|
public static int session_builder_create(out SessionBuilder builder, NativeStoreContext store, Address remote_address, NativeContext global_context);
|
||||||
|
[CCode (cname = "session_cipher_create", cheader_filename = "session_cipher.h")]
|
||||||
|
public static int session_cipher_create(out SessionCipher cipher, NativeStoreContext store, Address remote_address, NativeContext global_context);
|
||||||
|
[CCode (cname = "pre_key_signal_message_deserialize", cheader_filename = "protocol.h")]
|
||||||
|
public static int pre_key_signal_message_deserialize(out PreKeySignalMessage message, uint8[] data, NativeContext global_context);
|
||||||
|
[CCode (cname = "pre_key_signal_message_copy", cheader_filename = "protocol.h")]
|
||||||
|
public static int pre_key_signal_message_copy(out PreKeySignalMessage message, PreKeySignalMessage other_message, NativeContext global_context);
|
||||||
|
[CCode (cname = "signal_message_create", cheader_filename = "protocol.h")]
|
||||||
|
public static int signal_message_create(out SignalMessage message, uint8 message_version, uint8[] mac_key, ECPublicKey sender_ratchet_key, uint32 counter, uint32 previous_counter, uint8[] ciphertext, ECPublicKey sender_identity_key, ECPublicKey receiver_identity_key, NativeContext global_context);
|
||||||
|
[CCode (cname = "signal_message_deserialize", cheader_filename = "protocol.h")]
|
||||||
|
public static int signal_message_deserialize(out SignalMessage message, uint8[] data, NativeContext global_context);
|
||||||
|
[CCode (cname = "signal_message_copy", cheader_filename = "protocol.h")]
|
||||||
|
public static int signal_message_copy(out SignalMessage message, SignalMessage other_message, NativeContext global_context);
|
||||||
|
[CCode (cname = "curve_generate_key_pair", cheader_filename = "curve.h")]
|
||||||
|
public static int curve_generate_key_pair(NativeContext context, out ECKeyPair key_pair);
|
||||||
|
[CCode (cname = "curve_decode_private_point", cheader_filename = "curve.h")]
|
||||||
|
public static int curve_decode_private_point(out ECPrivateKey public_key, uint8[] key, NativeContext global_context);
|
||||||
|
[CCode (cname = "curve_decode_point", cheader_filename = "curve.h")]
|
||||||
|
public static int curve_decode_point(out ECPublicKey public_key, uint8[] key, NativeContext global_context);
|
||||||
|
[CCode (cname = "curve_generate_private_key", cheader_filename = "curve.h")]
|
||||||
|
public static int curve_generate_private_key(NativeContext context, out ECPrivateKey private_key);
|
||||||
|
[CCode (cname = "ratchet_identity_key_pair_deserialize", cheader_filename = "ratchet.h")]
|
||||||
|
public static int ratchet_identity_key_pair_deserialize(out IdentityKeyPair key_pair, uint8[] data, NativeContext global_context);
|
||||||
|
[CCode (cname = "session_signed_pre_key_deserialize", cheader_filename = "signed_pre_key.h")]
|
||||||
|
public static int session_signed_pre_key_deserialize(out SignedPreKeyRecord pre_key, uint8[] data, NativeContext global_context);
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "hkdf_context", cprefix = "hkdf_", free_function = "hkdf_destroy", cheader_filename = "hkdf.h")]
|
||||||
|
public class NativeHkdfContext {
|
||||||
|
public static int create(out NativeHkdfContext context, int message_version, NativeContext global_context);
|
||||||
|
public int compare(NativeHkdfContext other);
|
||||||
|
public ssize_t derive_secrets([CCode (array_length = false)] out uint8[] output, uint8[] input_key_material, uint8[] salt, uint8[] info, size_t output_len);
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cname = "setup_signal_vala_crypto_provider", cheader_filename = "signal_helper.h")]
|
||||||
|
public static void setup_crypto_provider(NativeContext context);
|
||||||
|
[CCode (cname = "signal_crypto_random", cheader_filename = "signal_protocol_internal.h")]
|
||||||
|
public static int native_random(NativeContext context, uint8[] data);
|
||||||
|
}
|
394
plugins/signal-protocol/vapi/signal-protocol-public.vapi
Normal file
394
plugins/signal-protocol/vapi/signal-protocol-public.vapi
Normal file
|
@ -0,0 +1,394 @@
|
||||||
|
namespace Signal {
|
||||||
|
|
||||||
|
[CCode (cname = "int", cprefix = "SG_ERR_", cheader_filename = "signal_protocol.h", has_type_id = false)]
|
||||||
|
public enum ErrorCode {
|
||||||
|
[CCode (cname = "SG_SUCCESS")]
|
||||||
|
SUCCESS,
|
||||||
|
NOMEM,
|
||||||
|
INVAL,
|
||||||
|
UNKNOWN,
|
||||||
|
DUPLICATE_MESSAGE,
|
||||||
|
INVALID_KEY,
|
||||||
|
INVALID_KEY_ID,
|
||||||
|
INVALID_MAC,
|
||||||
|
INVALID_MESSAGE,
|
||||||
|
INVALID_VERSION,
|
||||||
|
LEGACY_MESSAGE,
|
||||||
|
NO_SESSION,
|
||||||
|
STALE_KEY_EXCHANGE,
|
||||||
|
UNTRUSTED_IDENTITY,
|
||||||
|
VRF_SIG_VERIF_FAILED,
|
||||||
|
INVALID_PROTO_BUF,
|
||||||
|
FP_VERSION_MISMATCH,
|
||||||
|
FP_IDENT_MISMATCH;
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cname = "SG_ERR_MINIMUM", cheader_filename = "signal_protocol.h")]
|
||||||
|
public const int MIN_ERROR_CODE;
|
||||||
|
|
||||||
|
[CCode (cname = "int", cprefix = "SG_LOG_", cheader_filename = "signal_protocol.h", has_type_id = false)]
|
||||||
|
public enum LogLevel {
|
||||||
|
ERROR,
|
||||||
|
WARNING,
|
||||||
|
NOTICE,
|
||||||
|
INFO,
|
||||||
|
DEBUG
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cname = "signal_throw_gerror_by_code_", cheader_filename = "signal_protocol.h")]
|
||||||
|
private int throw_by_code(int code, string? message = null) throws GLib.Error {
|
||||||
|
if (code < 0 && code > MIN_ERROR_CODE) {
|
||||||
|
throw new GLib.Error(-1, code, @"$(message ?? "Signal error"): $((ErrorCode)code)");
|
||||||
|
}
|
||||||
|
return code;
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cname = "int", cprefix = "SG_CIPHER_", cheader_filename = "signal_protocol.h", has_type_id = false)]
|
||||||
|
public enum Cipher {
|
||||||
|
AES_CTR_NOPADDING,
|
||||||
|
AES_CBC_PKCS5,
|
||||||
|
AES_GCM_NOPADDING
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_type_base", ref_function="signal_type_ref_vapi", unref_function="signal_type_unref_vapi", cheader_filename="signal_protocol_types.h,signal_helper.h")]
|
||||||
|
public class TypeBase {
|
||||||
|
[CCode (cname = "signal_type_ref_vapi")]
|
||||||
|
public TypeBase ref();
|
||||||
|
[CCode (cname = "signal_type_unref_vapi")]
|
||||||
|
public TypeBase unref(void* what);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_buffer", cheader_filename = "signal_protocol_types.h", free_function="signal_buffer_free")]
|
||||||
|
public class Buffer {
|
||||||
|
[CCode (cname = "signal_buffer_alloc")]
|
||||||
|
public Buffer(size_t len);
|
||||||
|
[CCode (cname = "signal_buffer_create")]
|
||||||
|
public Buffer.from(uint8[] data);
|
||||||
|
|
||||||
|
public Buffer copy();
|
||||||
|
public Buffer append(uint8[] data);
|
||||||
|
public int compare(Buffer other);
|
||||||
|
|
||||||
|
public uint8 get(int i) { return data[i]; }
|
||||||
|
public void set(int i, uint8 val) { data[i] = val; }
|
||||||
|
|
||||||
|
public uint8[] data { get { int x = (int)len(); unowned uint8[] res = _data(); res.length = x; return res; } }
|
||||||
|
|
||||||
|
[CCode (array_length = false, cname = "signal_buffer_data")]
|
||||||
|
private unowned uint8[] _data();
|
||||||
|
private size_t len();
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_int_list", cheader_filename = "signal_protocol_types.h", free_function="signal_int_list_free")]
|
||||||
|
public class IntList {
|
||||||
|
[CCode (cname = "signal_int_list_alloc")]
|
||||||
|
public IntList();
|
||||||
|
[CCode (cname = "signal_int_list_push_back")]
|
||||||
|
public int add(int value);
|
||||||
|
public uint size { [CCode (cname = "signal_int_list_size")] get; }
|
||||||
|
[CCode (cname = "signal_int_list_at")]
|
||||||
|
public int get(uint index);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "session_builder", cprefix = "session_builder_", free_function="session_builder_free", cheader_filename = "session_builder.h")]
|
||||||
|
public class SessionBuilder {
|
||||||
|
[CCode (cname = "session_builder_process_pre_key_bundle")]
|
||||||
|
private int process_pre_key_bundle_(PreKeyBundle pre_key_bundle);
|
||||||
|
[CCode (cname = "session_builder_process_pre_key_bundle_")]
|
||||||
|
public void process_pre_key_bundle(PreKeyBundle pre_key_bundle) throws GLib.Error {
|
||||||
|
throw_by_code(process_pre_key_bundle_(pre_key_bundle));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "session_pre_key_bundle", cprefix = "session_pre_key_bundle_", cheader_filename = "session_pre_key.h")]
|
||||||
|
public class PreKeyBundle : TypeBase {
|
||||||
|
public static int create(out PreKeyBundle bundle, uint32 registration_id, int device_id, uint32 pre_key_id, ECPublicKey pre_key_public,
|
||||||
|
uint32 signed_pre_key_id, ECPublicKey signed_pre_key_public, uint8[] signed_pre_key_signature, ECPublicKey identity_key);
|
||||||
|
public uint32 registration_id { get; }
|
||||||
|
public int device_id { get; }
|
||||||
|
public uint32 pre_key_id { get; }
|
||||||
|
public ECPublicKey pre_key { owned get; }
|
||||||
|
public uint32 signed_pre_key_id { get; }
|
||||||
|
public ECPublicKey signed_pre_key { owned get; }
|
||||||
|
public Buffer signed_pre_key_signature { owned get; }
|
||||||
|
public ECPublicKey identity_key { owned get; }
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "session_pre_key", cprefix = "session_pre_key_", cheader_filename = "session_pre_key.h,signal_helper.h")]
|
||||||
|
public class PreKeyRecord : TypeBase {
|
||||||
|
public PreKeyRecord(uint32 id, ECKeyPair key_pair) throws GLib.Error {
|
||||||
|
int err;
|
||||||
|
this.new(id, key_pair, out err);
|
||||||
|
throw_by_code(err);
|
||||||
|
}
|
||||||
|
[CCode (cheader_filename = "signal_helper.h")]
|
||||||
|
private PreKeyRecord.new(uint32 id, ECKeyPair key_pair, out int err);
|
||||||
|
private static int create(out PreKeyRecord pre_key, uint32 id, ECKeyPair key_pair);
|
||||||
|
//public static int deserialize(out PreKeyRecord pre_key, uint8[] data, NativeContext global_context);
|
||||||
|
[CCode (instance_pos = 2)]
|
||||||
|
public int serialze(out Buffer buffer);
|
||||||
|
public uint32 id { get; }
|
||||||
|
public ECKeyPair key_pair { get; }
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "session_record", cprefix = "session_record_", cheader_filename = "signal_protocol_types.h")]
|
||||||
|
public class SessionRecord : TypeBase {
|
||||||
|
public SessionState state { get; }
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "session_state", cprefix = "session_state_", cheader_filename = "session_state.h")]
|
||||||
|
public class SessionState : TypeBase {
|
||||||
|
//public static int create(out SessionState state, NativeContext context);
|
||||||
|
//public static int deserialize(out SessionState state, uint8[] data, NativeContext context);
|
||||||
|
//public static int copy(out SessionState state, SessionState other_state, NativeContext context);
|
||||||
|
[CCode (instance_pos = 2)]
|
||||||
|
public int serialze(out Buffer buffer);
|
||||||
|
|
||||||
|
public uint32 session_version { get; set; }
|
||||||
|
public ECPublicKey local_identity_key { get; set; }
|
||||||
|
public ECPublicKey remote_identity_key { get; set; }
|
||||||
|
//public Ratchet.RootKey root_key { get; set; }
|
||||||
|
public uint32 previous_counter { get; set; }
|
||||||
|
public ECPublicKey sender_ratchet_key { get; }
|
||||||
|
public ECKeyPair sender_ratchet_key_pair { get; }
|
||||||
|
//public Ratchet.ChainKey sender_chain_key { get; set; }
|
||||||
|
public uint32 remote_registration_id { get; set; }
|
||||||
|
public uint32 local_registration_id { get; set; }
|
||||||
|
public int needs_refresh { get; set; }
|
||||||
|
public ECPublicKey alice_base_key { get; set; }
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "session_signed_pre_key", cprefix = "session_signed_pre_key_", cheader_filename = "session_pre_key.h")]
|
||||||
|
public class SignedPreKeyRecord : TypeBase {
|
||||||
|
public SignedPreKeyRecord(uint32 id, uint64 timestamp, ECKeyPair key_pair, uint8[] signature) throws GLib.Error {
|
||||||
|
int err;
|
||||||
|
this.new(id, timestamp, key_pair, signature, out err);
|
||||||
|
throw_by_code(err);
|
||||||
|
}
|
||||||
|
[CCode (cheader_filename = "signal_helper.h")]
|
||||||
|
private SignedPreKeyRecord.new(uint32 id, uint64 timestamp, ECKeyPair key_pair, uint8[] signature, out int err);
|
||||||
|
private static int create(out SignedPreKeyRecord pre_key, uint32 id, uint64 timestamp, ECKeyPair key_pair, uint8[] signature);
|
||||||
|
[CCode (instance_pos = 2)]
|
||||||
|
public int serialze(out Buffer buffer);
|
||||||
|
|
||||||
|
public uint32 id { get; }
|
||||||
|
public uint64 timestamp { get; }
|
||||||
|
public ECKeyPair key_pair { get; }
|
||||||
|
public uint8[] signature { [CCode (cname = "session_signed_pre_key_get_signature_")] get { int x = (int)get_signature_len(); unowned uint8[] res = get_signature(); res.length = x; return res; } }
|
||||||
|
|
||||||
|
[CCode (array_length = false, cname = "session_signed_pre_key_get_signature")]
|
||||||
|
private unowned uint8[] get_signature();
|
||||||
|
private size_t get_signature_len();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Address of an Signal Protocol message recipient
|
||||||
|
*/
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_protocol_address", cprefix = "signal_protocol_address_", cheader_filename = "signal_protocol.h,signal_helper.h")]
|
||||||
|
public class Address {
|
||||||
|
public Address();
|
||||||
|
public int32 device_id;
|
||||||
|
|
||||||
|
public string name { owned get; set; }
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* A representation of a (group + sender + device) tuple
|
||||||
|
*/
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_protocol_sender_key_name")]
|
||||||
|
public class SenderKeyName {
|
||||||
|
[CCode (cname = "group_id", array_length_cname="group_id_len")]
|
||||||
|
private char* group_id_;
|
||||||
|
private size_t group_id_len;
|
||||||
|
public Address sender;
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "ec_public_key", cprefix = "ec_public_key_", cheader_filename = "curve.h,signal_helper.h")]
|
||||||
|
public class ECPublicKey : TypeBase {
|
||||||
|
[CCode (cname = "curve_generate_public_key")]
|
||||||
|
public static int generate(out ECPublicKey public_key, ECPrivateKey private_key);
|
||||||
|
[CCode (instance_pos = 1, cname = "ec_public_key_serialize")]
|
||||||
|
private int serialize_([CCode (pos = 0)] out Buffer buffer);
|
||||||
|
[CCode (cname = "ec_public_key_serialize_")]
|
||||||
|
public uint8[] serialize() throws GLib.Error {
|
||||||
|
Buffer buffer;
|
||||||
|
throw_by_code(serialize_(out buffer));
|
||||||
|
return buffer.data;
|
||||||
|
}
|
||||||
|
public int compare(ECPublicKey other);
|
||||||
|
public int memcmp(ECPublicKey other);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "ec_private_key", cprefix = "ec_private_key_", cheader_filename = "curve.h,signal_helper.h")]
|
||||||
|
public class ECPrivateKey : TypeBase {
|
||||||
|
[CCode (instance_pos = 1, cname = "ec_private_key_serialize")]
|
||||||
|
private int serialize_([CCode (pos = 0)] out Buffer buffer);
|
||||||
|
[CCode (cname = "ec_private_key_serialize_")]
|
||||||
|
public uint8[] serialize() throws GLib.Error {
|
||||||
|
Buffer buffer;
|
||||||
|
throw_by_code(serialize_(out buffer));
|
||||||
|
return buffer.data;
|
||||||
|
}
|
||||||
|
public int compare(ECPublicKey other);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "ec_key_pair", cprefix="ec_key_pair_", cheader_filename = "curve.h,signal_helper.h")]
|
||||||
|
public class ECKeyPair : TypeBase {
|
||||||
|
public static int create(out ECKeyPair key_pair, ECPublicKey public_key, ECPrivateKey private_key);
|
||||||
|
public ECPublicKey public { get; }
|
||||||
|
public ECPrivateKey private { get; }
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cname = "ratchet_message_keys", cheader_filename = "ratchet.h")]
|
||||||
|
public class MessageKeys {
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "ratchet_identity_key_pair", cprefix = "ratchet_identity_key_pair_", cheader_filename = "ratchet.h,signal_helper.h")]
|
||||||
|
public class IdentityKeyPair : TypeBase {
|
||||||
|
public static int create(out IdentityKeyPair key_pair, ECPublicKey public_key, ECPrivateKey private_key);
|
||||||
|
public int serialze(out Buffer buffer);
|
||||||
|
public ECPublicKey public { get; }
|
||||||
|
public ECPrivateKey private { get; }
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "ec_public_key_list")]
|
||||||
|
public class PublicKeyList {}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The main entry point for Signal Protocol encrypt/decrypt operations.
|
||||||
|
*
|
||||||
|
* Once a session has been established with session_builder,
|
||||||
|
* this class can be used for all encrypt/decrypt operations within
|
||||||
|
* that session.
|
||||||
|
*/
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "session_cipher", cprefix = "session_cipher_", cheader_filename = "session_cipher.h", free_function = "session_cipher_free")]
|
||||||
|
public class SessionCipher {
|
||||||
|
public void* user_data { get; set; }
|
||||||
|
public DecryptionCallback decryption_callback { set; }
|
||||||
|
[CCode (cname = "session_cipher_encrypt")]
|
||||||
|
private int encrypt_(uint8[] padded_message, out CiphertextMessage encrypted_message);
|
||||||
|
[CCode (cname = "session_cipher_encrypt_")]
|
||||||
|
public CiphertextMessage encrypt(uint8[] padded_message) throws GLib.Error {
|
||||||
|
CiphertextMessage res;
|
||||||
|
throw_by_code(encrypt_(padded_message, out res));
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
[CCode (cname = "session_cipher_decrypt_pre_key_signal_message")]
|
||||||
|
private int decrypt_pre_key_signal_message_(PreKeySignalMessage ciphertext, void* decrypt_context, out Buffer plaintext);
|
||||||
|
[CCode (cname = "session_cipher_decrypt_pre_key_signal_message_")]
|
||||||
|
public uint8[] decrypt_pre_key_signal_message(PreKeySignalMessage ciphertext, void* decrypt_context = null) throws GLib.Error {
|
||||||
|
Buffer res;
|
||||||
|
throw_by_code(decrypt_pre_key_signal_message_(ciphertext, decrypt_context, out res));
|
||||||
|
return res.data;
|
||||||
|
}
|
||||||
|
[CCode (cname = "session_cipher_decrypt_signal_message")]
|
||||||
|
private int decrypt_signal_message_(SignalMessage ciphertext, void* decrypt_context, out Buffer plaintext);
|
||||||
|
[CCode (cname = "session_cipher_decrypt_signal_message_")]
|
||||||
|
public uint8[] decrypt_signal_message(SignalMessage ciphertext, void* decrypt_context = null) throws GLib.Error {
|
||||||
|
Buffer res;
|
||||||
|
throw_by_code(decrypt_signal_message_(ciphertext, decrypt_context, out res));
|
||||||
|
return res.data;
|
||||||
|
}
|
||||||
|
public int get_remote_registration_id(out uint32 remote_id);
|
||||||
|
public int get_session_version(uint32 version);
|
||||||
|
|
||||||
|
[CCode (has_target = false)]
|
||||||
|
public delegate int DecryptionCallback(SessionCipher cipher, Buffer plaintext, void* decrypt_context);
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cname = "int", cheader_filename = "protocol.h", has_type_id = false)]
|
||||||
|
public enum CiphertextType {
|
||||||
|
[CCode (cname = "CIPHERTEXT_SIGNAL_TYPE")]
|
||||||
|
SIGNAL,
|
||||||
|
[CCode (cname = "CIPHERTEXT_PREKEY_TYPE")]
|
||||||
|
PREKEY,
|
||||||
|
[CCode (cname = "CIPHERTEXT_SENDERKEY_TYPE")]
|
||||||
|
SENDERKEY,
|
||||||
|
[CCode (cname = "CIPHERTEXT_SENDERKEY_DISTRIBUTION_TYPE")]
|
||||||
|
SENDERKEY_DISTRIBUTION
|
||||||
|
}
|
||||||
|
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "ciphertext_message", cprefix = "ciphertext_message_", cheader_filename = "protocol.h,signal_helper.h")]
|
||||||
|
public abstract class CiphertextMessage : TypeBase {
|
||||||
|
public CiphertextType type { get; }
|
||||||
|
[CCode (cname = "ciphertext_message_get_serialized")]
|
||||||
|
private unowned Buffer get_serialized_();
|
||||||
|
public uint8[] serialized { [CCode (cname = "ciphertext_message_get_serialized_")] get {
|
||||||
|
return get_serialized_().data;
|
||||||
|
}}
|
||||||
|
}
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "signal_message", cprefix = "signal_message_", cheader_filename = "protocol.h,signal_helper.h")]
|
||||||
|
public class SignalMessage : CiphertextMessage {
|
||||||
|
public ECPublicKey sender_ratchet_key { get; }
|
||||||
|
public uint8 message_version { get; }
|
||||||
|
public uint32 counter { get; }
|
||||||
|
public Buffer body { get; }
|
||||||
|
//public int verify_mac(uint8 message_version, ECPublicKey sender_identity_key, ECPublicKey receiver_identity_key, uint8[] mac, NativeContext global_context);
|
||||||
|
public static int is_legacy(uint8[] data);
|
||||||
|
}
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "pre_key_signal_message", cprefix = "pre_key_signal_message_", cheader_filename = "protocol.h,signal_helper.h")]
|
||||||
|
public class PreKeySignalMessage : CiphertextMessage {
|
||||||
|
public uint8 message_version { get; }
|
||||||
|
public ECPublicKey identity_key { get; }
|
||||||
|
public uint32 registration_id { get; }
|
||||||
|
public uint32 pre_key_id { get; }
|
||||||
|
public uint32 signed_pre_key_id { get; }
|
||||||
|
public ECPublicKey base_key { get; }
|
||||||
|
public SignalMessage signal_message { get; }
|
||||||
|
}
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "sender_key_message", cprefix = "sender_key_message_", cheader_filename = "protocol.h,signal_helper.h")]
|
||||||
|
public class SenderKeyMessage : CiphertextMessage {
|
||||||
|
public uint32 key_id { get; }
|
||||||
|
public uint32 iteration { get; }
|
||||||
|
public Buffer ciphertext { get; }
|
||||||
|
}
|
||||||
|
[Compact]
|
||||||
|
[CCode (cname = "sender_key_distribution_message", cprefix = "sender_key_distribution_message_", cheader_filename = "protocol.h,signal_helper.h")]
|
||||||
|
public class SenderKeyDistributionMessage : CiphertextMessage {
|
||||||
|
public uint32 id { get; }
|
||||||
|
public uint32 iteration { get; }
|
||||||
|
public Buffer chain_key { get; }
|
||||||
|
public ECPublicKey signature_key { get; }
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cname = "signal_vala_encrypt", cheader_filename = "signal_helper.h")]
|
||||||
|
private static int aes_encrypt_(out Buffer output, int cipher, uint8[] key, uint8[] iv, uint8[] plaintext, void *user_data);
|
||||||
|
|
||||||
|
[CCode (cname = "signal_vala_encrypt_")]
|
||||||
|
public uint8[] aes_encrypt(int cipher, uint8[] key, uint8[] iv, uint8[] plaintext) throws GLib.Error {
|
||||||
|
Buffer buf;
|
||||||
|
throw_by_code(aes_encrypt_(out buf, cipher, key, iv, plaintext, null));
|
||||||
|
return buf.data;
|
||||||
|
}
|
||||||
|
|
||||||
|
[CCode (cname = "signal_vala_decrypt", cheader_filename = "signal_helper.h")]
|
||||||
|
private static int aes_decrypt_(out Buffer output, int cipher, uint8[] key, uint8[] iv, uint8[] ciphertext, void *user_data);
|
||||||
|
|
||||||
|
[CCode (cname = "signal_vala_decrypt_")]
|
||||||
|
public uint8[] aes_decrypt(int cipher, uint8[] key, uint8[] iv, uint8[] ciphertext) throws GLib.Error {
|
||||||
|
Buffer buf;
|
||||||
|
throw_by_code(aes_decrypt_(out buf, cipher, key, iv, ciphertext, null));
|
||||||
|
return buf.data;
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue