diff options
Diffstat (limited to 'src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java')
-rw-r--r-- | src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java | 52 |
1 files changed, 28 insertions, 24 deletions
diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java index 773b6857..359cb7fd 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java @@ -4,6 +4,7 @@ import android.support.annotation.NonNull; import android.support.annotation.Nullable; import android.util.Log; +import org.bouncycastle.math.ec.PreCompInfo; import org.whispersystems.libaxolotl.AxolotlAddress; import org.whispersystems.libaxolotl.DuplicateMessageException; import org.whispersystems.libaxolotl.IdentityKey; @@ -18,9 +19,11 @@ import org.whispersystems.libaxolotl.UntrustedIdentityException; import org.whispersystems.libaxolotl.protocol.CiphertextMessage; import org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage; import org.whispersystems.libaxolotl.protocol.WhisperMessage; +import org.whispersystems.libaxolotl.util.guava.Optional; import eu.siacs.conversations.Config; import eu.siacs.conversations.entities.Account; +import eu.siacs.conversations.utils.CryptoHelper; public class XmppAxolotlSession implements Comparable<XmppAxolotlSession> { private final SessionCipher cipher; @@ -82,42 +85,43 @@ public class XmppAxolotlSession implements Comparable<XmppAxolotlSession> { } @Nullable - public byte[] processReceiving(AxolotlKey encryptedKey) { - byte[] plaintext = null; + public byte[] processReceiving(AxolotlKey encryptedKey) throws CryptoFailedException { + byte[] plaintext; FingerprintStatus status = getTrust(); if (!status.isCompromised()) { try { + CiphertextMessage ciphertextMessage; try { - PreKeyWhisperMessage message = new PreKeyWhisperMessage(encryptedKey.key); - if (!message.getPreKeyId().isPresent()) { - Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "PreKeyWhisperMessage did not contain a PreKeyId"); - return null; + ciphertextMessage = new PreKeyWhisperMessage(encryptedKey.key); + Optional<Integer> optionalPreKeyId = ((PreKeyWhisperMessage) ciphertextMessage).getPreKeyId(); + IdentityKey identityKey = ((PreKeyWhisperMessage) ciphertextMessage).getIdentityKey(); + if (!optionalPreKeyId.isPresent()) { + throw new CryptoFailedException("PreKeyWhisperMessage did not contain a PreKeyId"); + } + preKeyId = optionalPreKeyId.get(); + if (this.identityKey != null && !this.identityKey.equals(identityKey)) { + throw new CryptoFailedException("Received PreKeyWhisperMessage but preexisting identity key changed."); + } + this.identityKey = identityKey; + } catch (InvalidVersionException | InvalidMessageException e) { + ciphertextMessage = new WhisperMessage(encryptedKey.key); } - Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "PreKeyWhisperMessage received, new session ID:" + message.getSignedPreKeyId() + "/" + message.getPreKeyId()); - IdentityKey msgIdentityKey = message.getIdentityKey(); - if (this.identityKey != null && !this.identityKey.equals(msgIdentityKey)) { - Log.e(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Had session with fingerprint " + this.getFingerprint() + ", received message with fingerprint " + msgIdentityKey.getFingerprint()); + if (ciphertextMessage instanceof PreKeyWhisperMessage) { + plaintext = cipher.decrypt((PreKeyWhisperMessage) ciphertextMessage); } else { - this.identityKey = msgIdentityKey; - plaintext = cipher.decrypt(message); - preKeyId = message.getPreKeyId().get(); + plaintext = cipher.decrypt((WhisperMessage) ciphertextMessage); } - } catch (InvalidMessageException | InvalidVersionException e) { - Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "WhisperMessage received"); - WhisperMessage message = new WhisperMessage(encryptedKey.key); - plaintext = cipher.decrypt(message); - } catch (InvalidKeyException | InvalidKeyIdException | UntrustedIdentityException e) { - Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error decrypting axolotl header, " + e.getClass().getName() + ": " + e.getMessage()); + } catch (InvalidKeyException | LegacyMessageException | InvalidMessageException | DuplicateMessageException | NoSessionException | InvalidKeyIdException | UntrustedIdentityException e) { + if (!(e instanceof DuplicateMessageException)) { + e.printStackTrace(); } - } catch (LegacyMessageException | InvalidMessageException | DuplicateMessageException | NoSessionException e) { - Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error decrypting axolotl header, " + e.getClass().getName() + ": " + e.getMessage()); + throw new CryptoFailedException("Error decrypting WhisperMessage " + e.getClass().getSimpleName() + ": " + e.getMessage()); } - - if (plaintext != null) { if (!status.isActive()) { setTrust(status.toActive()); } - } + } else { + throw new CryptoFailedException("not encrypting omemo message from fingerprint "+getFingerprint()+" because it was marked as compromised"); } return plaintext; } |