narayana/conversations-classic
3
2
Fork 0
Code Issues 3 Pull requests 2 Actions Packages Projects Releases 4 Wiki Activity

Reworked axolotl protocol layer

Browse source 
Numerous fixes
This commit is contained in:
Andreas Straub 2015-06-25 16:56:34 +02:00 committed by Andreas Straub
parent 077932eb55
commit f73aa1a200
8 changed files with 578 additions and 94 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

308
src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
View file

@ -1,15 +1,29 @@
package eu.siacs.conversations.crypto.axolotl;
import android.util.Base64;
import android.util.Log;
import org.whispersystems.libaxolotl.AxolotlAddress;
import org.whispersystems.libaxolotl.DuplicateMessageException;
import org.whispersystems.libaxolotl.IdentityKey;
import org.whispersystems.libaxolotl.IdentityKeyPair;
import org.whispersystems.libaxolotl.InvalidKeyException;
import org.whispersystems.libaxolotl.InvalidKeyIdException;
import org.whispersystems.libaxolotl.InvalidMessageException;
import org.whispersystems.libaxolotl.InvalidVersionException;
import org.whispersystems.libaxolotl.LegacyMessageException;
import org.whispersystems.libaxolotl.NoSessionException;
import org.whispersystems.libaxolotl.SessionBuilder;
import org.whispersystems.libaxolotl.SessionCipher;
import org.whispersystems.libaxolotl.UntrustedIdentityException;
import org.whispersystems.libaxolotl.ecc.Curve;
import org.whispersystems.libaxolotl.ecc.ECKeyPair;
import org.whispersystems.libaxolotl.ecc.ECPublicKey;
import org.whispersystems.libaxolotl.protocol.CiphertextMessage;
import org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage;
import org.whispersystems.libaxolotl.protocol.WhisperMessage;
import org.whispersystems.libaxolotl.state.AxolotlStore;
import org.whispersystems.libaxolotl.state.PreKeyBundle;
import org.whispersystems.libaxolotl.state.PreKeyRecord;
import org.whispersystems.libaxolotl.state.SessionRecord;
import org.whispersystems.libaxolotl.state.SignedPreKeyRecord;
@ -17,43 +31,50 @@ import org.whispersystems.libaxolotl.util.KeyHelper;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import eu.siacs.conversations.Config;
import eu.siacs.conversations.entities.Account;
import eu.siacs.conversations.entities.Contact;
import eu.siacs.conversations.entities.Conversation;
import eu.siacs.conversations.entities.Message;
import eu.siacs.conversations.services.XmppConnectionService;
import eu.siacs.conversations.xmpp.jid.InvalidJidException;
import eu.siacs.conversations.xmpp.jid.Jid;
public class AxolotlService {
private Account account;
private XmppConnectionService mXmppConnectionService;
private SQLiteAxolotlStore axolotlStore;
private Map<Jid,XmppAxolotlSession> sessions;
private final Account account;
private final XmppConnectionService mXmppConnectionService;
private final SQLiteAxolotlStore axolotlStore;
private final SessionMap sessions;
private int ownDeviceId;
public static class SQLiteAxolotlStore implements AxolotlStore {
public static final String PREKEY_TABLENAME = "prekeys";
public static final String SIGNED_PREKEY_TABLENAME = "signed_prekeys";
public static final String SESSION_TABLENAME = "signed_prekeys";
public static final String NAME = "name";
public static final String SESSION_TABLENAME = "sessions";
public static final String ACCOUNT = "account";
public static final String DEVICE_ID = "device_id";
public static final String ID = "id";
public static final String KEY = "key";
public static final String ACCOUNT = "account";
public static final String NAME = "name";
public static final String TRUSTED = "trusted";
public static final String JSONKEY_IDENTITY_KEY_PAIR = "axolotl_key";
public static final String JSONKEY_REGISTRATION_ID = "axolotl_reg_id";
public static final String JSONKEY_CURRENT_PREKEY_ID = "axolotl_cur_prekey_id";
private final Account account;
private final XmppConnectionService mXmppConnectionService;
private final IdentityKeyPair identityKeyPair;
private final int localRegistrationId;
private int currentPreKeyId = 0;
private static IdentityKeyPair generateIdentityKeyPair() {
@ -75,6 +96,14 @@ public class AxolotlService {
this.mXmppConnectionService = service;
this.identityKeyPair = loadIdentityKeyPair();
this.localRegistrationId = loadRegistrationId();
this.currentPreKeyId = loadCurrentPreKeyId();
for( SignedPreKeyRecord record:loadSignedPreKeys()) {
Log.d(Config.LOGTAG, "Got Axolotl signed prekey record:" + record.getId());
}
}
public int getCurrentPreKeyId() {
return currentPreKeyId;
}
// --------------------------------------
@ -86,21 +115,22 @@ public class AxolotlService {
IdentityKeyPair ownKey;
if( serializedKey != null ) {
try {
ownKey = new IdentityKeyPair(serializedKey.getBytes());
ownKey = new IdentityKeyPair(Base64.decode(serializedKey,Base64.DEFAULT));
return ownKey;
} catch (InvalidKeyException e) {
Log.d(Config.LOGTAG, "Invalid key stored for account " + account.getJid() + ": " + e.getMessage());
return null;
// return null;
}
} else {
} //else {
Log.d(Config.LOGTAG, "Could not retrieve axolotl key for account " + account.getJid());
ownKey = generateIdentityKeyPair();
boolean success = this.account.setKey(JSONKEY_IDENTITY_KEY_PAIR, new String(ownKey.serialize()));
boolean success = this.account.setKey(JSONKEY_IDENTITY_KEY_PAIR, Base64.encodeToString(ownKey.serialize(), Base64.DEFAULT));
if(success) {
mXmppConnectionService.databaseBackend.updateAccount(account);
} else {
Log.e(Config.LOGTAG, "Failed to write new key to the database!");
}
}
//}
return ownKey;
}
@ -122,6 +152,19 @@ public class AxolotlService {
return reg_id;
}
private int loadCurrentPreKeyId() {
String regIdString = this.account.getKey(JSONKEY_CURRENT_PREKEY_ID);
int reg_id;
if (regIdString != null) {
reg_id = Integer.valueOf(regIdString);
} else {
Log.d(Config.LOGTAG, "Could not retrieve current prekey id for account " + account.getJid());
reg_id = 0;
}
return reg_id;
}
/**
* Get the local client's identity key pair.
*
@ -159,7 +202,7 @@ public class AxolotlService {
Jid contactJid = Jid.fromString(name);
Conversation conversation = this.mXmppConnectionService.find(this.account, contactJid);
if (conversation != null) {
conversation.getContact().addAxolotlIdentityKey(identityKey, false);
conversation.getContact().addAxolotlIdentityKey(identityKey);
mXmppConnectionService.updateConversationUi();
mXmppConnectionService.syncRosterToDisk(conversation.getAccount());
}
@ -188,8 +231,8 @@ public class AxolotlService {
Jid contactJid = Jid.fromString(name);
Conversation conversation = this.mXmppConnectionService.find(this.account, contactJid);
if (conversation != null) {
List<IdentityKey> trustedKeys = conversation.getContact().getTrustedAxolotlIdentityKeys();
return trustedKeys.contains(identityKey);
List<IdentityKey> trustedKeys = conversation.getContact().getAxolotlIdentityKeys();
return trustedKeys.isEmpty() || trustedKeys.contains(identityKey);
} else {
return false;
}
@ -274,7 +317,15 @@ public class AxolotlService {
@Override
public void deleteAllSessions(String name) {
mXmppConnectionService.databaseBackend.deleteAllSessions(account,
new AxolotlAddress(name,0));
new AxolotlAddress(name, 0));
}
public boolean isTrustedSession(AxolotlAddress address) {
return mXmppConnectionService.databaseBackend.isTrustedSession(this.account, address);
}
public void setTrustedSession(AxolotlAddress address, boolean trusted) {
mXmppConnectionService.databaseBackend.setTrustedSession(this.account, address,trusted);
}
// --------------------------------------
@ -292,7 +343,7 @@ public class AxolotlService {
public PreKeyRecord loadPreKey(int preKeyId) throws InvalidKeyIdException {
PreKeyRecord record = mXmppConnectionService.databaseBackend.loadPreKey(account, preKeyId);
if(record == null) {
throw new InvalidKeyIdException("No such PreKeyRecord!");
throw new InvalidKeyIdException("No such PreKeyRecord: " + preKeyId);
}
return record;
}
@ -306,6 +357,13 @@ public class AxolotlService {
@Override
public void storePreKey(int preKeyId, PreKeyRecord record) {
mXmppConnectionService.databaseBackend.storePreKey(account, record);
currentPreKeyId = preKeyId;
boolean success = this.account.setKey(JSONKEY_CURRENT_PREKEY_ID,Integer.toString(preKeyId));
if(success) {
mXmppConnectionService.databaseBackend.updateAccount(account);
} else {
Log.e(Config.LOGTAG, "Failed to write new prekey id to the database!");
}
}
/**
@ -342,7 +400,7 @@ public class AxolotlService {
public SignedPreKeyRecord loadSignedPreKey(int signedPreKeyId) throws InvalidKeyIdException {
SignedPreKeyRecord record = mXmppConnectionService.databaseBackend.loadSignedPreKey(account, signedPreKeyId);
if(record == null) {
throw new InvalidKeyIdException("No such PreKeyRecord!");
throw new InvalidKeyIdException("No such SignedPreKeyRecord: " + signedPreKeyId);
}
return record;
}
@ -388,53 +446,229 @@ public class AxolotlService {
}
}
private static class XmppAxolotlSession {
private List<Message> untrustedMessages;
private AxolotlStore axolotlStore;
public static class XmppAxolotlSession {
private SessionCipher cipher;
private boolean isTrusted = false;
private SQLiteAxolotlStore sqLiteAxolotlStore;
private AxolotlAddress remoteAddress;
public XmppAxolotlSession(SQLiteAxolotlStore axolotlStore) {
this.untrustedMessages = new ArrayList<>();
this.axolotlStore = axolotlStore;
public XmppAxolotlSession(SQLiteAxolotlStore store, AxolotlAddress remoteAddress) {
this.cipher = new SessionCipher(store, remoteAddress);
this.remoteAddress = remoteAddress;
this.sqLiteAxolotlStore = store;
this.isTrusted = sqLiteAxolotlStore.isTrustedSession(remoteAddress);
}
public void trust() {
for (Message message : this.untrustedMessages) {
message.trust();
}
this.untrustedMessages = null;
sqLiteAxolotlStore.setTrustedSession(remoteAddress, true);
this.isTrusted = true;
}
public boolean isTrusted() {
return (this.untrustedMessages == null);
return this.isTrusted;
}
public String processReceiving(XmppAxolotlMessage incomingMessage) {
return null;
public byte[] processReceiving(XmppAxolotlMessage.XmppAxolotlMessageHeader incomingHeader) {
byte[] plaintext = null;
try {
try {
PreKeyWhisperMessage message = new PreKeyWhisperMessage(incomingHeader.getContents());
Log.d(Config.LOGTAG,"PreKeyWhisperMessage ID:" + message.getSignedPreKeyId() + "/" + message.getPreKeyId());
plaintext = cipher.decrypt(message);
} catch (InvalidMessageException|InvalidVersionException e) {
WhisperMessage message = new WhisperMessage(incomingHeader.getContents());
plaintext = cipher.decrypt(message);
} catch (InvalidKeyException|InvalidKeyIdException| UntrustedIdentityException e) {
Log.d(Config.LOGTAG, "Error decrypting axolotl header: " + e.getMessage());
}
} catch (LegacyMessageException|InvalidMessageException e) {
Log.d(Config.LOGTAG, "Error decrypting axolotl header: " + e.getMessage());
} catch (DuplicateMessageException|NoSessionException e) {
Log.d(Config.LOGTAG, "Error decrypting axolotl header: " + e.getMessage());
}
return plaintext;
}
public XmppAxolotlMessage processSending(String outgoingMessage) {
return null;
public XmppAxolotlMessage.XmppAxolotlMessageHeader processSending(byte[] outgoingMessage) {
CiphertextMessage ciphertextMessage = cipher.encrypt(outgoingMessage);
XmppAxolotlMessage.XmppAxolotlMessageHeader header =
new XmppAxolotlMessage.XmppAxolotlMessageHeader(remoteAddress.getDeviceId(),
ciphertextMessage.serialize());
return header;
}
}
private static class AxolotlAddressMap<T> {
protected Map<String, Map<Integer,T>> map;
protected final Object MAP_LOCK = new Object();
public AxolotlAddressMap() {
this.map = new HashMap<>();
}
public void put(AxolotlAddress address, T value) {
synchronized (MAP_LOCK) {
Map<Integer, T> devices = map.get(address.getName());
if (devices == null) {
devices = new HashMap<>();
map.put(address.getName(), devices);
}
devices.put(address.getDeviceId(), value);
}
}
public T get(AxolotlAddress address) {
synchronized (MAP_LOCK) {
Map<Integer, T> devices = map.get(address.getName());
if(devices == null) {
return null;
}
return devices.get(address.getDeviceId());
}
}
public Map<Integer, T> getAll(AxolotlAddress address) {
synchronized (MAP_LOCK) {
Map<Integer, T> devices = map.get(address.getName());
if(devices == null) {
return new HashMap<>();
}
return devices;
}
}
public boolean hasAny(AxolotlAddress address) {
synchronized (MAP_LOCK) {
Map<Integer, T> devices = map.get(address.getName());
return devices != null && !devices.isEmpty();
}
}
}
private static class SessionMap extends AxolotlAddressMap<XmppAxolotlSession> {
public SessionMap(SQLiteAxolotlStore store, Account account) {
super();
this.fillMap(store, account);
}
private void fillMap(SQLiteAxolotlStore store, Account account) {
for(Contact contact:account.getRoster().getContacts()){
Jid bareJid = contact.getJid().toBareJid();
if(bareJid == null) {
continue; // FIXME: handle this?
}
String address = bareJid.toString();
List<Integer> deviceIDs = store.getSubDeviceSessions(address);
for(Integer deviceId:deviceIDs) {
AxolotlAddress axolotlAddress = new AxolotlAddress(address, deviceId);
this.put(axolotlAddress, new XmppAxolotlSession(store, axolotlAddress));
}
}
}
}
}
public AxolotlService(Account account, XmppConnectionService connectionService) {
this.mXmppConnectionService = connectionService;
this.account = account;
this.axolotlStore = new SQLiteAxolotlStore(this.account, this.mXmppConnectionService);
this.sessions = new HashMap<>();
this.sessions = new SessionMap(axolotlStore, account);
this.ownDeviceId = axolotlStore.getLocalRegistrationId();
}
public void trustSession(Jid counterpart) {
public void trustSession(AxolotlAddress counterpart) {
XmppAxolotlSession session = sessions.get(counterpart);
if(session != null) {
session.trust();
}
}
public boolean isTrustedSession(Jid counterpart) {
public boolean isTrustedSession(AxolotlAddress counterpart) {
XmppAxolotlSession session = sessions.get(counterpart);
return session != null && session.isTrusted();
}
private AxolotlAddress getAddressForJid(Jid jid) {
return new AxolotlAddress(jid.toString(), 0);
}
private Set<XmppAxolotlSession> findOwnSessions() {
AxolotlAddress ownAddress = getAddressForJid(account.getJid());
Set<XmppAxolotlSession> ownDeviceSessions = new HashSet<>(this.sessions.getAll(ownAddress).values());
return ownDeviceSessions;
}
private Set<XmppAxolotlSession> findSessionsforContact(Contact contact) {
AxolotlAddress contactAddress = getAddressForJid(contact.getJid());
Set<XmppAxolotlSession> sessions = new HashSet<>(this.sessions.getAll(contactAddress).values());
return sessions;
}
private boolean hasAny(Contact contact) {
AxolotlAddress contactAddress = getAddressForJid(contact.getJid());
return sessions.hasAny(contactAddress);
}
public int getOwnDeviceId() {
return ownDeviceId;
}
private void createSessionsIfNeeded(Contact contact) throws NoSessionsCreatedException {
}
public XmppAxolotlMessage processSending(Contact contact, String outgoingMessage) throws NoSessionsCreatedException {
XmppAxolotlMessage message = new XmppAxolotlMessage(contact, ownDeviceId, outgoingMessage);
createSessionsIfNeeded(contact);
Log.d(Config.LOGTAG, "Building axolotl foreign headers...");
for(XmppAxolotlSession session : findSessionsforContact(contact)) {
// if(!session.isTrusted()) {
// TODO: handle this properly
// continue;
// }
message.addHeader(session.processSending(message.getInnerKey()));
}
Log.d(Config.LOGTAG, "Building axolotl own headers...");
for(XmppAxolotlSession session : findOwnSessions()) {
// if(!session.isTrusted()) {
// TODO: handle this properly
// continue;
// }
message.addHeader(session.processSending(message.getInnerKey()));
}
return message;
}
public XmppAxolotlMessage.XmppAxolotlPlaintextMessage processReceiving(XmppAxolotlMessage message) {
XmppAxolotlMessage.XmppAxolotlPlaintextMessage plaintextMessage = null;
AxolotlAddress senderAddress = new AxolotlAddress(message.getContact().getJid().toBareJid().toString(),
message.getSenderDeviceId());
XmppAxolotlSession session = sessions.get(senderAddress);
if (session == null) {
Log.d(Config.LOGTAG, "No axolotl session found while parsing received message " + message);
// TODO: handle this properly
session = new XmppAxolotlSession(axolotlStore, senderAddress);
}
for(XmppAxolotlMessage.XmppAxolotlMessageHeader header : message.getHeaders()) {
if (header.getRecipientDeviceId() == ownDeviceId) {
Log.d(Config.LOGTAG, "Found axolotl header matching own device ID, processing...");
byte[] payloadKey = session.processReceiving(header);
if (payloadKey != null) {
Log.d(Config.LOGTAG, "Got payload key from axolotl header. Decrypting message...");
plaintextMessage = message.decrypt(session, payloadKey);
}
}
}
return plaintextMessage;
}
}

4
src/main/java/eu/siacs/conversations/crypto/axolotl/NoSessionsCreatedException.java Normal file
View file

@ -0,0 +1,4 @@
package eu.siacs.conversations.crypto.axolotl;
public class NoSessionsCreatedException extends Throwable{
}

180
src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlMessage.java
View file

@ -1,4 +1,184 @@
package eu.siacs.conversations.crypto.axolotl;
import android.util.Base64;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidKeyException;
import java.util.HashSet;
import java.util.Set;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import eu.siacs.conversations.entities.Contact;
import eu.siacs.conversations.xml.Element;
public class XmppAxolotlMessage {
private byte[] innerKey;
private byte[] ciphertext;
private byte[] iv;
private final Set<XmppAxolotlMessageHeader> headers;
private final Contact contact;
private final int sourceDeviceId;
public static class XmppAxolotlMessageHeader {
private final int recipientDeviceId;
private final byte[] content;
public XmppAxolotlMessageHeader(int deviceId, byte[] content) {
this.recipientDeviceId = deviceId;
this.content = content;
}
public XmppAxolotlMessageHeader(Element header) {
if("header".equals(header.getName())) {
this.recipientDeviceId = Integer.parseInt(header.getAttribute("rid"));
this.content = Base64.decode(header.getContent(),Base64.DEFAULT);
} else {
throw new IllegalArgumentException("Argument not a <header> Element!");
}
}
public int getRecipientDeviceId() {
return recipientDeviceId;
}
public byte[] getContents() {
return content;
}
public Element toXml() {
Element headerElement = new Element("header");
// TODO: generate XML
headerElement.setAttribute("rid", getRecipientDeviceId());
headerElement.setContent(Base64.encodeToString(getContents(), Base64.DEFAULT));
return headerElement;
}
}
public static class XmppAxolotlPlaintextMessage {
private final AxolotlService.XmppAxolotlSession session;
private final String plaintext;
public XmppAxolotlPlaintextMessage(AxolotlService.XmppAxolotlSession session, String plaintext) {
this.session = session;
this.plaintext = plaintext;
}
public String getPlaintext() {
return plaintext;
}
}
public XmppAxolotlMessage(Contact contact, Element axolotlMessage) {
this.contact = contact;
this.sourceDeviceId = Integer.parseInt(axolotlMessage.getAttribute("id"));
this.headers = new HashSet<>();
for(Element child:axolotlMessage.getChildren()) {
switch(child.getName()) {
case "header":
headers.add(new XmppAxolotlMessageHeader(child));
break;
case "message":
iv = Base64.decode(child.getAttribute("iv"),Base64.DEFAULT);
ciphertext = Base64.decode(child.getContent(),Base64.DEFAULT);
break;
default:
break;
}
}
}
public XmppAxolotlMessage(Contact contact, int sourceDeviceId, String plaintext) {
this.contact = contact;
this.sourceDeviceId = sourceDeviceId;
this.headers = new HashSet<>();
this.encrypt(plaintext);
}
private void encrypt(String plaintext) {
try {
KeyGenerator generator = KeyGenerator.getInstance("AES");
generator.init(128);
SecretKey secretKey = generator.generateKey();
Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
this.innerKey = secretKey.getEncoded();
this.iv = cipher.getIV();
this.ciphertext = cipher.doFinal(plaintext.getBytes());
} catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException
| IllegalBlockSizeException | BadPaddingException e) {
}
}
public Contact getContact() {
return this.contact;
}
public int getSenderDeviceId() {
return sourceDeviceId;
}
public byte[] getCiphertext() {
return ciphertext;
}
public Set<XmppAxolotlMessageHeader> getHeaders() {
return headers;
}
public void addHeader(XmppAxolotlMessageHeader header) {
headers.add(header);
}
public byte[] getInnerKey(){
return innerKey;
}
public byte[] getIV() {
return this.iv;
}
public Element toXml() {
// TODO: generate outer XML, add in header XML
Element message= new Element("axolotl_message", AxolotlService.PEP_PREFIX);
message.setAttribute("id", sourceDeviceId);
for(XmppAxolotlMessageHeader header: headers) {
message.addChild(header.toXml());
}
Element payload = message.addChild("message");
payload.setAttribute("iv",Base64.encodeToString(iv, Base64.DEFAULT));
payload.setContent(Base64.encodeToString(ciphertext,Base64.DEFAULT));
return message;
}
public XmppAxolotlPlaintextMessage decrypt(AxolotlService.XmppAxolotlSession session, byte[] key) {
XmppAxolotlPlaintextMessage plaintextMessage = null;
try {
Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
IvParameterSpec ivSpec = new IvParameterSpec(iv);
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
String plaintext = new String(cipher.doFinal(ciphertext));
plaintextMessage = new XmppAxolotlPlaintextMessage(session, plaintext);
} catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException
| InvalidAlgorithmParameterException | IllegalBlockSizeException
| BadPaddingException e) {
throw new AssertionError(e);
}
return plaintextMessage;
}
}

7
src/main/java/eu/siacs/conversations/entities/Account.java
View file

@ -20,6 +20,7 @@ import java.util.concurrent.CopyOnWriteArraySet;
import eu.siacs.conversations.Config;
import eu.siacs.conversations.R;
import eu.siacs.conversations.crypto.OtrService;
import eu.siacs.conversations.crypto.axolotl.AxolotlService;
import eu.siacs.conversations.services.XmppConnectionService;
import eu.siacs.conversations.xmpp.XmppConnection;
import eu.siacs.conversations.xmpp.jid.InvalidJidException;
@ -122,6 +123,7 @@ public class Account extends AbstractEntity {
protected String avatar;
protected boolean online = false;
private OtrService mOtrService = null;
private AxolotlService axolotlService = null;
private XmppConnection xmppConnection = null;
private long mEndGracePeriod = 0L;
private String otrFingerprint;
@ -281,8 +283,13 @@ public class Account extends AbstractEntity {
return values;
}
public AxolotlService getAxolotlService() {
return axolotlService;
}
public void initAccountServices(final XmppConnectionService context) {
this.mOtrService = new OtrService(context, this);
this.axolotlService = new AxolotlService(this, context);
}
public OtrService getOtrService() {

62
src/main/java/eu/siacs/conversations/entities/Contact.java
View file

@ -2,6 +2,7 @@ package eu.siacs.conversations.entities;
import android.content.ContentValues;
import android.database.Cursor;
import android.util.Base64;
import android.util.Log;
import org.json.JSONArray;
@ -349,20 +350,38 @@ public class Contact implements ListItem, Blockable {
}
}
public List<IdentityKey> getTrustedAxolotlIdentityKeys() {
public List<IdentityKey> getAxolotlIdentityKeys() {
synchronized (this.keys) {
JSONArray serializedKeyItems = this.keys.optJSONArray("axolotl_identity_key");
List<IdentityKey> identityKeys = new ArrayList<>();
List<Integer> toDelete = new ArrayList<>();
if(serializedKeyItems != null) {
for(int i = 0; i<serializedKeyItems.length();++i) {
try {
String serializedKeyItem = serializedKeyItems.getString(i);
IdentityKey identityKey = new IdentityKey(serializedKeyItem.getBytes(), 0);
IdentityKey identityKey = new IdentityKey(Base64.decode(serializedKeyItem, Base64.DEFAULT), 0);
identityKeys.add(identityKey);
} catch (InvalidKeyException e) {
Log.e(Config.LOGTAG, "Invalid axolotl identity key encountered at" + this.getJid() + ": " + e.getMessage());
Log.e(Config.LOGTAG, "Invalid axolotl identity key encountered at contact" + this.getJid() + ": " + e.getMessage() + ", marking for deletion...");
toDelete.add(i);
} catch (JSONException e) {
Log.e(Config.LOGTAG, "Error retrieving axolotl identity key at" + this.getJid() + ": " + e.getMessage());
Log.e(Config.LOGTAG, "Error retrieving axolotl identity key at contact " + this.getJid() + ": " + e.getMessage());
} catch (IllegalArgumentException e) {
Log.e(Config.LOGTAG, "Encountered malformed identity key for contact" + this.getJid() + ": " + e.getMessage() + ", marking for deletion... ");
toDelete.add(i);
}
}
if(!toDelete.isEmpty()) {
try {
JSONArray filteredKeyItems = new JSONArray();
for (int i = 0; i < serializedKeyItems.length(); ++i) {
if (!toDelete.contains(i)) {
filteredKeyItems.put(serializedKeyItems.get(i));
}
}
this.keys.put("axolotl_identity_key", filteredKeyItems);
} catch (JSONException e) {
//should never happen
}
}
}
@ -370,23 +389,28 @@ public class Contact implements ListItem, Blockable {
}
}
public boolean addAxolotlIdentityKey(IdentityKey identityKey, boolean trusted) {
public boolean addAxolotlIdentityKey(IdentityKey identityKey) {
synchronized (this.keys) {
JSONArray keysList;
try {
keysList = this.keys.getJSONArray("axolotl_identity_key");
} catch (JSONException e) {
keysList = new JSONArray();
}
keysList.put(new String(identityKey.serialize()));
try {
this.keys.put("axolotl_identity_key", keysList);
} catch (JSONException e) {
Log.e(Config.LOGTAG, "Error adding Identity Key to Contact " + this.getJid() + ": " + e.getMessage());
return false;
}
if(!getAxolotlIdentityKeys().contains(identityKey)) {
JSONArray keysList;
try {
keysList = this.keys.getJSONArray("axolotl_identity_key");
} catch (JSONException e) {
keysList = new JSONArray();
}
keysList.put(Base64.encodeToString(identityKey.serialize(), Base64.DEFAULT));
try {
this.keys.put("axolotl_identity_key", keysList);
} catch (JSONException e) {
Log.e(Config.LOGTAG, "Error adding Identity Key to Contact " + this.getJid() + ": " + e.getMessage());
return false;
}
return true;
} else {
return false;
}
}
return true;
}

14
src/main/java/eu/siacs/conversations/entities/Message.java
View file

@ -8,6 +8,7 @@ import java.net.URL;
import java.util.Arrays;
import eu.siacs.conversations.Config;
import eu.siacs.conversations.crypto.axolotl.AxolotlService;
import eu.siacs.conversations.utils.GeoHelper;
import eu.siacs.conversations.utils.MimeUtils;
import eu.siacs.conversations.utils.UIHelper;
@ -34,6 +35,7 @@ public class Message extends AbstractEntity {
public static final int ENCRYPTION_OTR = 2;
public static final int ENCRYPTION_DECRYPTED = 3;
public static final int ENCRYPTION_DECRYPTION_FAILED = 4;
public static final int ENCRYPTION_AXOLOTL = 5;
public static final int TYPE_TEXT = 0;
public static final int TYPE_IMAGE = 1;
@ -65,7 +67,7 @@ public class Message extends AbstractEntity {
protected int encryption;
protected int status;
protected int type;
private boolean isTrusted = true;
private AxolotlService.XmppAxolotlSession axolotlSession = null;
protected String relativeFilePath;
protected boolean read = true;
protected String remoteMsgId = null;
@ -665,15 +667,7 @@ public class Message extends AbstractEntity {
public int height = 0;
}
public void trust() {
this.isTrusted = true;
}
public void distrust() {
this.isTrusted = false;
}
public boolean isTrusted() {
return this.isTrusted;
return this.axolotlSession != null && this.axolotlSession.isTrusted();
}
}

90
src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java
View file

@ -1,5 +1,19 @@
package eu.siacs.conversations.persistance;
import android.content.ContentValues;
import android.content.Context;
import android.database.Cursor;
import android.database.sqlite.SQLiteCantOpenDatabaseException;
import android.database.sqlite.SQLiteDatabase;
import android.database.sqlite.SQLiteOpenHelper;
import android.util.Base64;
import android.util.Log;
import org.whispersystems.libaxolotl.AxolotlAddress;
import org.whispersystems.libaxolotl.state.PreKeyRecord;
import org.whispersystems.libaxolotl.state.SessionRecord;
import org.whispersystems.libaxolotl.state.SignedPreKeyRecord;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
@ -15,25 +29,12 @@ import eu.siacs.conversations.entities.Roster;
import eu.siacs.conversations.xmpp.jid.InvalidJidException;
import eu.siacs.conversations.xmpp.jid.Jid;
import android.content.ContentValues;
import android.content.Context;
import android.database.Cursor;
import android.database.sqlite.SQLiteCantOpenDatabaseException;
import android.database.sqlite.SQLiteDatabase;
import android.database.sqlite.SQLiteOpenHelper;
import android.util.Log;
import org.whispersystems.libaxolotl.AxolotlAddress;
import org.whispersystems.libaxolotl.state.PreKeyRecord;
import org.whispersystems.libaxolotl.state.SessionRecord;
import org.whispersystems.libaxolotl.state.SignedPreKeyRecord;
public class DatabaseBackend extends SQLiteOpenHelper {
private static DatabaseBackend instance = null;
private static final String DATABASE_NAME = "history";
private static final int DATABASE_VERSION = 14;
private static final int DATABASE_VERSION = 15;
private static String CREATE_CONTATCS_STATEMENT = "create table "
+ Contact.TABLENAME + "(" + Contact.ACCOUNT + " TEXT, "
@ -49,8 +50,9 @@ public class DatabaseBackend extends SQLiteOpenHelper {
private static String CREATE_PREKEYS_STATEMENT = "CREATE TABLE "
+ AxolotlService.SQLiteAxolotlStore.PREKEY_TABLENAME + "("
+ AxolotlService.SQLiteAxolotlStore.ACCOUNT + " TEXT, "
+ AxolotlService.SQLiteAxolotlStore.ID + " INTEGER, "
+ AxolotlService.SQLiteAxolotlStore.KEY + "TEXT, FOREIGN KEY("
+ AxolotlService.SQLiteAxolotlStore.KEY + " TEXT, FOREIGN KEY("
+ AxolotlService.SQLiteAxolotlStore.ACCOUNT
+ ") REFERENCES " + Account.TABLENAME + "(" + Account.UUID + ") ON DELETE CASCADE, "
+ "UNIQUE( " + AxolotlService.SQLiteAxolotlStore.ACCOUNT + ", "
@ -60,8 +62,9 @@ public class DatabaseBackend extends SQLiteOpenHelper {
private static String CREATE_SIGNED_PREKEYS_STATEMENT = "CREATE TABLE "
+ AxolotlService.SQLiteAxolotlStore.SIGNED_PREKEY_TABLENAME + "("
+ AxolotlService.SQLiteAxolotlStore.ACCOUNT + " TEXT, "
+ AxolotlService.SQLiteAxolotlStore.ID + " INTEGER, "
+ AxolotlService.SQLiteAxolotlStore.KEY + "TEXT, FOREIGN KEY("
+ AxolotlService.SQLiteAxolotlStore.KEY + " TEXT, FOREIGN KEY("
+ AxolotlService.SQLiteAxolotlStore.ACCOUNT
+ ") REFERENCES " + Account.TABLENAME + "(" + Account.UUID + ") ON DELETE CASCADE, "
+ "UNIQUE( " + AxolotlService.SQLiteAxolotlStore.ACCOUNT + ", "
@ -71,13 +74,16 @@ public class DatabaseBackend extends SQLiteOpenHelper {
private static String CREATE_SESSIONS_STATEMENT = "CREATE TABLE "
+ AxolotlService.SQLiteAxolotlStore.SESSION_TABLENAME + "("
+ AxolotlService.SQLiteAxolotlStore.ACCOUNT + " TEXT, "
+ AxolotlService.SQLiteAxolotlStore.NAME + " TEXT, "
+ AxolotlService.SQLiteAxolotlStore.DEVICE_ID+ " INTEGER, "
+ AxolotlService.SQLiteAxolotlStore.KEY + "TEXT, FOREIGN KEY("
+ AxolotlService.SQLiteAxolotlStore.DEVICE_ID + " INTEGER, "
+ AxolotlService.SQLiteAxolotlStore.TRUSTED + " INTEGER, "
+ AxolotlService.SQLiteAxolotlStore.KEY + " TEXT, FOREIGN KEY("
+ AxolotlService.SQLiteAxolotlStore.ACCOUNT
+ ") REFERENCES " + Account.TABLENAME + "(" + Account.UUID + ") ON DELETE CASCADE, "
+ "UNIQUE( " + AxolotlService.SQLiteAxolotlStore.ACCOUNT + ", "
+ AxolotlService.SQLiteAxolotlStore.NAME
+ AxolotlService.SQLiteAxolotlStore.NAME + ", "
+ AxolotlService.SQLiteAxolotlStore.DEVICE_ID
+ ") ON CONFLICT REPLACE"
+");";
@ -257,6 +263,14 @@ public class DatabaseBackend extends SQLiteOpenHelper {
}
cursor.close();
}
if (oldVersion < 15 && newVersion >= 15) {
db.execSQL("DROP TABLE IF EXISTS " + AxolotlService.SQLiteAxolotlStore.SESSION_TABLENAME);
db.execSQL(CREATE_SESSIONS_STATEMENT);
db.execSQL("DROP TABLE IF EXISTS " + AxolotlService.SQLiteAxolotlStore.PREKEY_TABLENAME);
db.execSQL(CREATE_PREKEYS_STATEMENT);
db.execSQL("DROP TABLE IF EXISTS " + AxolotlService.SQLiteAxolotlStore.SIGNED_PREKEY_TABLENAME);
db.execSQL(CREATE_SIGNED_PREKEYS_STATEMENT);
}
}
public static synchronized DatabaseBackend getInstance(Context context) {
@ -547,7 +561,7 @@ public class DatabaseBackend extends SQLiteOpenHelper {
if(cursor.getCount() != 0) {
cursor.moveToFirst();
try {
session = new SessionRecord(cursor.getString(cursor.getColumnIndex(AxolotlService.SQLiteAxolotlStore.KEY)).getBytes());
session = new SessionRecord(Base64.decode(cursor.getString(cursor.getColumnIndex(AxolotlService.SQLiteAxolotlStore.KEY)),Base64.DEFAULT));
} catch (IOException e) {
throw new AssertionError(e);
}
@ -590,7 +604,7 @@ public class DatabaseBackend extends SQLiteOpenHelper {
ContentValues values = new ContentValues();
values.put(AxolotlService.SQLiteAxolotlStore.NAME, contact.getName());
values.put(AxolotlService.SQLiteAxolotlStore.DEVICE_ID, contact.getDeviceId());
values.put(AxolotlService.SQLiteAxolotlStore.KEY, session.serialize());
values.put(AxolotlService.SQLiteAxolotlStore.KEY, Base64.encodeToString(session.serialize(),Base64.DEFAULT));
values.put(AxolotlService.SQLiteAxolotlStore.ACCOUNT, account.getUuid());
db.insert(AxolotlService.SQLiteAxolotlStore.SESSION_TABLENAME, null, values);
}
@ -616,6 +630,28 @@ public class DatabaseBackend extends SQLiteOpenHelper {
args);
}
public boolean isTrustedSession(Account account, AxolotlAddress contact) {
boolean trusted = false;
Cursor cursor = getCursorForSession(account, contact);
if(cursor.getCount() != 0) {
cursor.moveToFirst();
trusted = cursor.getInt(cursor.getColumnIndex(
AxolotlService.SQLiteAxolotlStore.TRUSTED)) > 0;
}
cursor.close();
return trusted;
}
public void setTrustedSession(Account account, AxolotlAddress contact, boolean trusted) {
SQLiteDatabase db = this.getWritableDatabase();
ContentValues values = new ContentValues();
values.put(AxolotlService.SQLiteAxolotlStore.NAME, contact.getName());
values.put(AxolotlService.SQLiteAxolotlStore.DEVICE_ID, contact.getDeviceId());
values.put(AxolotlService.SQLiteAxolotlStore.ACCOUNT, account.getUuid());
values.put(AxolotlService.SQLiteAxolotlStore.TRUSTED, trusted?1:0);
db.insert(AxolotlService.SQLiteAxolotlStore.SESSION_TABLENAME, null, values);
}
private Cursor getCursorForPreKey(Account account, int preKeyId) {
SQLiteDatabase db = this.getReadableDatabase();
String[] columns = {AxolotlService.SQLiteAxolotlStore.KEY};
@ -636,7 +672,7 @@ public class DatabaseBackend extends SQLiteOpenHelper {
if(cursor.getCount() != 0) {
cursor.moveToFirst();
try {
record = new PreKeyRecord(cursor.getString(cursor.getColumnIndex(AxolotlService.SQLiteAxolotlStore.KEY)).getBytes());
record = new PreKeyRecord(Base64.decode(cursor.getString(cursor.getColumnIndex(AxolotlService.SQLiteAxolotlStore.KEY)),Base64.DEFAULT));
} catch (IOException e ) {
throw new AssertionError(e);
}
@ -656,7 +692,7 @@ public class DatabaseBackend extends SQLiteOpenHelper {
SQLiteDatabase db = this.getWritableDatabase();
ContentValues values = new ContentValues();
values.put(AxolotlService.SQLiteAxolotlStore.ID, record.getId());
values.put(AxolotlService.SQLiteAxolotlStore.KEY, record.serialize());
values.put(AxolotlService.SQLiteAxolotlStore.KEY, Base64.encodeToString(record.serialize(),Base64.DEFAULT));
values.put(AxolotlService.SQLiteAxolotlStore.ACCOUNT, account.getUuid());
db.insert(AxolotlService.SQLiteAxolotlStore.PREKEY_TABLENAME, null, values);
}
@ -685,11 +721,11 @@ public class DatabaseBackend extends SQLiteOpenHelper {
public SignedPreKeyRecord loadSignedPreKey(Account account, int signedPreKeyId) {
SignedPreKeyRecord record = null;
Cursor cursor = getCursorForPreKey(account, signedPreKeyId);
Cursor cursor = getCursorForSignedPreKey(account, signedPreKeyId);
if(cursor.getCount() != 0) {
cursor.moveToFirst();
try {
record = new SignedPreKeyRecord(cursor.getString(cursor.getColumnIndex(AxolotlService.SQLiteAxolotlStore.KEY)).getBytes());
record = new SignedPreKeyRecord(Base64.decode(cursor.getString(cursor.getColumnIndex(AxolotlService.SQLiteAxolotlStore.KEY)),Base64.DEFAULT));
} catch (IOException e ) {
throw new AssertionError(e);
}
@ -711,7 +747,7 @@ public class DatabaseBackend extends SQLiteOpenHelper {
while(cursor.moveToNext()) {
try {
prekeys.add(new SignedPreKeyRecord(cursor.getString(cursor.getColumnIndex(AxolotlService.SQLiteAxolotlStore.KEY)).getBytes()));
prekeys.add(new SignedPreKeyRecord(Base64.decode(cursor.getString(cursor.getColumnIndex(AxolotlService.SQLiteAxolotlStore.KEY)), Base64.DEFAULT)));
} catch (IOException ignored) {
}
}
@ -729,7 +765,7 @@ public class DatabaseBackend extends SQLiteOpenHelper {
SQLiteDatabase db = this.getWritableDatabase();
ContentValues values = new ContentValues();
values.put(AxolotlService.SQLiteAxolotlStore.ID, record.getId());
values.put(AxolotlService.SQLiteAxolotlStore.KEY, record.serialize());
values.put(AxolotlService.SQLiteAxolotlStore.KEY, Base64.encodeToString(record.serialize(),Base64.DEFAULT));
values.put(AxolotlService.SQLiteAxolotlStore.ACCOUNT, account.getUuid());
db.insert(AxolotlService.SQLiteAxolotlStore.SIGNED_PREKEY_TABLENAME, null, values);
}

7
src/main/java/eu/siacs/conversations/services/XmppConnectionService.java
View file

@ -52,6 +52,7 @@ import de.duenndns.ssl.MemorizingTrustManager;
import eu.siacs.conversations.Config;
import eu.siacs.conversations.R;
import eu.siacs.conversations.crypto.PgpEngine;
import eu.siacs.conversations.crypto.axolotl.NoSessionsCreatedException;
import eu.siacs.conversations.entities.Account;
import eu.siacs.conversations.entities.Blockable;
import eu.siacs.conversations.entities.Bookmark;
@ -273,7 +274,11 @@ public class XmppConnectionService extends Service implements OnPhoneContactsLoa
}
}
syncDirtyContacts(account);
scheduleWakeUpCall(Config.PING_MAX_INTERVAL,account.getUuid().hashCode());
account.getAxolotlService().publishOwnDeviceIdIfNeeded();
account.getAxolotlService().publishBundleIfNeeded();
account.getAxolotlService().publishPreKeysIfNeeded();
scheduleWakeUpCall(Config.PING_MAX_INTERVAL, account.getUuid().hashCode());
} else if (account.getStatus() == Account.State.OFFLINE) {
resetSendingToWaiting(account);
if (!account.isOptionSet(Account.OPTION_DISABLED)) {