Add support for OMEMO call encryption

This commit is contained in:
fiaxh 2021-04-25 19:49:10 +02:00
parent 5d85b6cdb0
commit 421f43dd8b
28 changed files with 859 additions and 435 deletions

View file

@ -40,8 +40,8 @@ namespace Dino {
private HashMap<Call, Xep.JingleRtp.Parameters> video_content_parameter = new HashMap<Call, Xep.JingleRtp.Parameters>(Call.hash_func, Call.equals_func); private HashMap<Call, Xep.JingleRtp.Parameters> video_content_parameter = new HashMap<Call, Xep.JingleRtp.Parameters>(Call.hash_func, Call.equals_func);
private HashMap<Call, Xep.Jingle.Content> audio_content = new HashMap<Call, Xep.Jingle.Content>(Call.hash_func, Call.equals_func); private HashMap<Call, Xep.Jingle.Content> audio_content = new HashMap<Call, Xep.Jingle.Content>(Call.hash_func, Call.equals_func);
private HashMap<Call, Xep.Jingle.Content> video_content = new HashMap<Call, Xep.Jingle.Content>(Call.hash_func, Call.equals_func); private HashMap<Call, Xep.Jingle.Content> video_content = new HashMap<Call, Xep.Jingle.Content>(Call.hash_func, Call.equals_func);
private HashMap<Call, Xep.Jingle.ContentEncryption> video_encryption = new HashMap<Call, Xep.Jingle.ContentEncryption>(Call.hash_func, Call.equals_func); private HashMap<Call, HashMap<string, Xep.Jingle.ContentEncryption>> video_encryptions = new HashMap<Call, HashMap<string, Xep.Jingle.ContentEncryption>>(Call.hash_func, Call.equals_func);
private HashMap<Call, Xep.Jingle.ContentEncryption> audio_encryption = new HashMap<Call, Xep.Jingle.ContentEncryption>(Call.hash_func, Call.equals_func); private HashMap<Call, HashMap<string, Xep.Jingle.ContentEncryption>> audio_encryptions = new HashMap<Call, HashMap<string, Xep.Jingle.ContentEncryption>>(Call.hash_func, Call.equals_func);
public static void start(StreamInteractor stream_interactor, Database db) { public static void start(StreamInteractor stream_interactor, Database db) {
Calls m = new Calls(stream_interactor, db); Calls m = new Calls(stream_interactor, db);
@ -498,24 +498,46 @@ namespace Dino {
} }
if (media == "audio") { if (media == "audio") {
audio_encryption[call] = content.encryption; audio_encryptions[call] = content.encryptions;
} else if (media == "video") { } else if (media == "video") {
video_encryption[call] = content.encryption; video_encryptions[call] = content.encryptions;
} }
if ((audio_encryption.has_key(call) && audio_encryption[call] == null) || (video_encryption.has_key(call) && video_encryption[call] == null)) { if ((audio_encryptions.has_key(call) && audio_encryptions[call].is_empty) || (video_encryptions.has_key(call) && video_encryptions[call].is_empty)) {
call.encryption = Encryption.NONE; call.encryption = Encryption.NONE;
encryption_updated(call, null); encryption_updated(call, null);
return; return;
} }
Xep.Jingle.ContentEncryption encryption = audio_encryption[call] ?? video_encryption[call]; HashMap<string, Xep.Jingle.ContentEncryption> encryptions = audio_encryptions[call] ?? video_encryptions[call];
if (encryption.encryption_ns == Xep.JingleIceUdp.DTLS_NS_URI) {
call.encryption = Encryption.DTLS_SRTP; Xep.Jingle.ContentEncryption? omemo_encryption = null, dtls_encryption = null, srtp_encryption = null;
foreach (string encr_name in encryptions.keys) {
if (video_encryptions.has_key(call) && !video_encryptions[call].has_key(encr_name)) continue;
var encryption = encryptions[encr_name];
if (encryption.encryption_ns == "http://gultsch.de/xmpp/drafts/omemo/dlts-srtp-verification") {
omemo_encryption = encryption;
} else if (encryption.encryption_ns == Xep.JingleIceUdp.DTLS_NS_URI) {
dtls_encryption = encryption;
} else if (encryption.encryption_name == "SRTP") { } else if (encryption.encryption_name == "SRTP") {
call.encryption = Encryption.SRTP; srtp_encryption = encryption;
}
}
if (omemo_encryption != null && dtls_encryption != null) {
call.encryption = Encryption.OMEMO;
encryption_updated(call, omemo_encryption);
} else if (dtls_encryption != null) {
call.encryption = Encryption.DTLS_SRTP;
encryption_updated(call, dtls_encryption);
} else if (srtp_encryption != null) {
call.encryption = Encryption.SRTP;
encryption_updated(call, srtp_encryption);
} else {
call.encryption = Encryption.NONE;
encryption_updated(call, null);
} }
encryption_updated(call, encryption);
} }
private void remove_call_from_datastructures(Call call) { private void remove_call_from_datastructures(Call call) {
@ -533,8 +555,8 @@ namespace Dino {
video_content_parameter.unset(call); video_content_parameter.unset(call);
audio_content.unset(call); audio_content.unset(call);
video_content.unset(call); video_content.unset(call);
audio_encryption.unset(call); audio_encryptions.unset(call);
video_encryption.unset(call); video_encryptions.unset(call);
} }
private void on_account_added(Account account) { private void on_account_added(Account account) {

View file

@ -350,7 +350,9 @@ public class ConnectionManager : Object {
foreach (Account account in connections.keys) { foreach (Account account in connections.keys) {
try { try {
make_offline(account); make_offline(account);
if (connections[account].stream != null) {
yield connections[account].stream.disconnect(); yield connections[account].stream.disconnect();
}
} catch (Error e) { } catch (Error e) {
debug("Error disconnecting stream %p: %s", connections[account].stream, e.message); debug("Error disconnecting stream %p: %s", connections[account].stream, e.message);
} }

View file

@ -100,16 +100,25 @@ public class Dino.Ui.CallBottomBar : Gtk.Box {
encryption_button.get_style_context().add_class("unencrypted"); encryption_button.get_style_context().add_class("unencrypted");
popover.add(new Label("This call isn't encrypted.") { margin=10, visible=true } ); popover.add(new Label("This call isn't encrypted.") { margin=10, visible=true } );
} else if (encryption.encryption_name == "OMEMO") {
encryption_image.set_from_icon_name("changes-prevent-symbolic", IconSize.BUTTON);
encryption_button.get_style_context().remove_class("unencrypted");
popover.add(new Label("This call is encrypted with OMEMO.") { margin=10, visible=true } );
} else { } else {
encryption_image.set_from_icon_name("changes-prevent-symbolic", IconSize.BUTTON); encryption_image.set_from_icon_name("changes-prevent-symbolic", IconSize.BUTTON);
encryption_button.get_style_context().remove_class("unencrypted"); encryption_button.get_style_context().remove_class("unencrypted");
Grid encryption_info_grid = new Grid() { margin=10, row_spacing=3, column_spacing=5, visible=true }; Grid encryption_info_grid = new Grid() { margin=10, row_spacing=3, column_spacing=5, visible=true };
encryption_info_grid.attach(new Label("<b>This call is end-to-end encrypted.</b>") { use_markup=true, xalign=0, visible=true }, 1, 1, 2, 1); encryption_info_grid.attach(new Label("<b>This call is end-to-end encrypted.</b>") { use_markup=true, xalign=0, visible=true }, 1, 1, 2, 1);
if (encryption.peer_key.length > 0) {
encryption_info_grid.attach(new Label("Peer key") { xalign=0, visible=true }, 1, 2, 1, 1); encryption_info_grid.attach(new Label("Peer key") { xalign=0, visible=true }, 1, 2, 1, 1);
encryption_info_grid.attach(new Label("Your key") { xalign=0, visible=true }, 1, 3, 1, 1);
encryption_info_grid.attach(new Label("<span font_family='monospace'>" + format_fingerprint(encryption.peer_key) + "</span>") { use_markup=true, max_width_chars=25, ellipsize=EllipsizeMode.MIDDLE, xalign=0, hexpand=true, visible=true }, 2, 2, 1, 1); encryption_info_grid.attach(new Label("<span font_family='monospace'>" + format_fingerprint(encryption.peer_key) + "</span>") { use_markup=true, max_width_chars=25, ellipsize=EllipsizeMode.MIDDLE, xalign=0, hexpand=true, visible=true }, 2, 2, 1, 1);
}
if (encryption.our_key.length > 0) {
encryption_info_grid.attach(new Label("Your key") { xalign=0, visible=true }, 1, 3, 1, 1);
encryption_info_grid.attach(new Label("<span font_family='monospace'>" + format_fingerprint(encryption.our_key) + "</span>") { use_markup=true, max_width_chars=25, ellipsize=EllipsizeMode.MIDDLE, xalign=0, hexpand=true, visible=true }, 2, 3, 1, 1); encryption_info_grid.attach(new Label("<span font_family='monospace'>" + format_fingerprint(encryption.our_key) + "</span>") { use_markup=true, max_width_chars=25, ellipsize=EllipsizeMode.MIDDLE, xalign=0, hexpand=true, visible=true }, 2, 3, 1, 1);
}
popover.add(encryption_info_grid); popover.add(encryption_info_grid);
} }

View file

@ -77,7 +77,10 @@ public class Dino.Plugins.Ice.TransportParameters : JingleIceUdp.IceUdpTransport
own_setup = "actpass"; own_setup = "actpass";
dtls_srtp_handler.mode = DtlsSrtp.Mode.SERVER; dtls_srtp_handler.mode = DtlsSrtp.Mode.SERVER;
dtls_srtp_handler.setup_dtls_connection.begin((_, res) => { dtls_srtp_handler.setup_dtls_connection.begin((_, res) => {
this.content.encryption = dtls_srtp_handler.setup_dtls_connection.end(res) ?? this.content.encryption; var content_encryption = dtls_srtp_handler.setup_dtls_connection.end(res);
if (content_encryption != null) {
this.content.encryptions[content_encryption.encryption_ns] = content_encryption;
}
}); });
} }
} }
@ -157,7 +160,10 @@ public class Dino.Plugins.Ice.TransportParameters : JingleIceUdp.IceUdpTransport
dtls_srtp_handler.mode = DtlsSrtp.Mode.CLIENT; dtls_srtp_handler.mode = DtlsSrtp.Mode.CLIENT;
dtls_srtp_handler.stop_dtls_connection(); dtls_srtp_handler.stop_dtls_connection();
dtls_srtp_handler.setup_dtls_connection.begin((_, res) => { dtls_srtp_handler.setup_dtls_connection.begin((_, res) => {
this.content.encryption = dtls_srtp_handler.setup_dtls_connection.end(res) ?? this.content.encryption; var content_encryption = dtls_srtp_handler.setup_dtls_connection.end(res);
if (content_encryption != null) {
this.content.encryptions[content_encryption.encryption_ns] = content_encryption;
}
}); });
} }
} else { } else {
@ -225,7 +231,10 @@ public class Dino.Plugins.Ice.TransportParameters : JingleIceUdp.IceUdpTransport
may_consider_ready(stream_id, component_id); may_consider_ready(stream_id, component_id);
if (incoming && dtls_srtp_handler != null && !dtls_srtp_handler.ready && is_component_ready(agent, stream_id, component_id) && dtls_srtp_handler.mode == DtlsSrtp.Mode.CLIENT) { if (incoming && dtls_srtp_handler != null && !dtls_srtp_handler.ready && is_component_ready(agent, stream_id, component_id) && dtls_srtp_handler.mode == DtlsSrtp.Mode.CLIENT) {
dtls_srtp_handler.setup_dtls_connection.begin((_, res) => { dtls_srtp_handler.setup_dtls_connection.begin((_, res) => {
this.content.encryption = dtls_srtp_handler.setup_dtls_connection.end(res) ?? this.content.encryption; Jingle.ContentEncryption? encryption = dtls_srtp_handler.setup_dtls_connection.end(res);
if (encryption != null) {
this.content.encryptions[encryption.encryption_ns] = encryption;
}
}); });
} }
} }

View file

@ -29,6 +29,7 @@ compile_gresources(
vala_precompile(OMEMO_VALA_C vala_precompile(OMEMO_VALA_C
SOURCES SOURCES
src/dtls_srtp_verification_draft.vala
src/plugin.vala src/plugin.vala
src/register_plugin.vala src/register_plugin.vala
src/trust_level.vala src/trust_level.vala
@ -39,7 +40,8 @@ SOURCES
src/jingle/jet_omemo.vala src/jingle/jet_omemo.vala
src/logic/database.vala src/logic/database.vala
src/logic/encrypt_state.vala src/logic/decrypt.vala
src/logic/encrypt.vala
src/logic/manager.vala src/logic/manager.vala
src/logic/pre_key_store.vala src/logic/pre_key_store.vala
src/logic/session_store.vala src/logic/session_store.vala

View file

@ -0,0 +1,195 @@
using Signal;
using Gee;
using Xmpp;
namespace Dino.Plugins.Omemo.DtlsSrtpVerificationDraft {
public const string NS_URI = "http://gultsch.de/xmpp/drafts/omemo/dlts-srtp-verification";
public class StreamModule : XmppStreamModule {
public static Xmpp.ModuleIdentity<StreamModule> IDENTITY = new Xmpp.ModuleIdentity<StreamModule>(NS_URI, "dtls_srtp_omemo_verification_draft");
private VerificationSendListener send_listener = new VerificationSendListener();
private HashMap<string, int> device_id_by_jingle_sid = new HashMap<string, int>();
private HashMap<string, Gee.List<string>> content_names_by_jingle_sid = new HashMap<string, Gee.List<string>>();
private void on_preprocess_incoming_iq_set_get(XmppStream stream, Xmpp.Iq.Stanza iq) {
if (iq.type_ != Iq.Stanza.TYPE_SET) return;
Gee.List<StanzaNode> content_nodes = iq.stanza.get_deep_subnodes(Xep.Jingle.NS_URI + ":jingle", Xep.Jingle.NS_URI + ":content");
if (content_nodes.size == 0) return;
string? jingle_sid = iq.stanza.get_deep_attribute(Xep.Jingle.NS_URI + ":jingle", "sid");
if (jingle_sid == null) return;
Xep.Omemo.OmemoDecryptor decryptor = stream.get_module(Xep.Omemo.OmemoDecryptor.IDENTITY);
foreach (StanzaNode content_node in content_nodes) {
string? content_name = content_node.get_attribute("name");
if (content_name == null) continue;
StanzaNode? transport_node = content_node.get_subnode("transport", Xep.JingleIceUdp.NS_URI);
if (transport_node == null) continue;
StanzaNode? fingerprint_node = transport_node.get_subnode("fingerprint", NS_URI);
if (fingerprint_node == null) continue;
StanzaNode? encrypted_node = fingerprint_node.get_subnode("encrypted", Omemo.NS_URI);
if (encrypted_node == null) continue;
Xep.Omemo.ParsedData? parsed_data = decryptor.parse_node(encrypted_node);
if (parsed_data == null || parsed_data.ciphertext == null) continue;
if (device_id_by_jingle_sid.has_key(jingle_sid) && device_id_by_jingle_sid[jingle_sid] != parsed_data.sid) {
warning("Expected DTLS fingerprint to be OMEMO encrypted from %s %d, but it was from %d", iq.from.to_string(), device_id_by_jingle_sid[jingle_sid], parsed_data.sid);
}
foreach (Bytes encr_key in parsed_data.our_potential_encrypted_keys.keys) {
parsed_data.is_prekey = parsed_data.our_potential_encrypted_keys[encr_key];
parsed_data.encrypted_key = encr_key.get_data();
try {
uint8[] key = decryptor.decrypt_key(parsed_data, iq.from.bare_jid);
string cleartext = decryptor.decrypt(parsed_data.ciphertext, key, parsed_data.iv);
StanzaNode new_fingerprint_node = new StanzaNode.build("fingerprint", Xep.JingleIceUdp.DTLS_NS_URI).add_self_xmlns()
.put_node(new StanzaNode.text(cleartext));
string? hash_attr = fingerprint_node.get_attribute("hash", NS_URI);
string? setup_attr = fingerprint_node.get_attribute("setup", NS_URI);
if (hash_attr != null) new_fingerprint_node.put_attribute("hash", hash_attr);
if (setup_attr != null) new_fingerprint_node.put_attribute("setup", setup_attr);
transport_node.put_node(new_fingerprint_node);
device_id_by_jingle_sid[jingle_sid] = parsed_data.sid;
if (!content_names_by_jingle_sid.has_key(content_name)) {
content_names_by_jingle_sid[content_name] = new ArrayList<string>();
}
content_names_by_jingle_sid[content_name].add(content_name);
stream.get_flag(Xep.Jingle.Flag.IDENTITY).get_session.begin(jingle_sid, (_, res) => {
Xep.Jingle.Session? session = stream.get_flag(Xep.Jingle.Flag.IDENTITY).get_session.end(res);
if (session != null) print(@"$(session.contents_map.has_key(content_name))\n");
if (session == null || !session.contents_map.has_key(content_name)) return;
var encryption = new OmemoContentEncryption() { encryption_ns=NS_URI, encryption_name="OMEMO", our_key=new uint8[0], peer_key=new uint8[0], peer_device_id=device_id_by_jingle_sid[jingle_sid] };
session.contents_map[content_name].encryptions[NS_URI] = encryption;
if (iq.stanza.get_deep_attribute(Xep.Jingle.NS_URI + ":jingle", "action") == "session-accept") {
session.additional_content_add_incoming.connect(on_content_add_received);
}
});
break;
} catch (Error e) {
debug("Decrypting message from %s/%d failed: %s", iq.from.bare_jid.to_string(), parsed_data.sid, e.message);
}
}
}
}
private void on_preprocess_outgoing_iq_set_get(XmppStream stream, Xmpp.Iq.Stanza iq) {
if (iq.type_ != Iq.Stanza.TYPE_SET) return;
StanzaNode? jingle_node = iq.stanza.get_subnode("jingle", Xep.Jingle.NS_URI);
if (jingle_node == null) return;
string? sid = jingle_node.get_attribute("sid", Xep.Jingle.NS_URI);
if (sid == null || !device_id_by_jingle_sid.has_key(sid)) return;
Gee.List<StanzaNode> content_nodes = jingle_node.get_subnodes("content", Xep.Jingle.NS_URI);
if (content_nodes.size == 0) return;
foreach (StanzaNode content_node in content_nodes) {
StanzaNode? transport_node = content_node.get_subnode("transport", Xep.JingleIceUdp.NS_URI);
if (transport_node == null) continue;
StanzaNode? fingerprint_node = transport_node.get_subnode("fingerprint", Xep.JingleIceUdp.DTLS_NS_URI);
if (fingerprint_node == null) continue;
string fingerprint = fingerprint_node.get_deep_string_content();
Xep.Omemo.OmemoEncryptor encryptor = stream.get_module(Xep.Omemo.OmemoEncryptor.IDENTITY);
Xep.Omemo.EncryptionData enc_data = encryptor.encrypt_plaintext(fingerprint);
encryptor.encrypt_key(enc_data, iq.to.bare_jid, device_id_by_jingle_sid[sid]);
StanzaNode new_fingerprint_node = new StanzaNode.build("fingerprint", NS_URI).add_self_xmlns().put_node(enc_data.get_encrypted_node());
string? hash_attr = fingerprint_node.get_attribute("hash", Xep.JingleIceUdp.DTLS_NS_URI);
string? setup_attr = fingerprint_node.get_attribute("setup", Xep.JingleIceUdp.DTLS_NS_URI);
if (hash_attr != null) new_fingerprint_node.put_attribute("hash", hash_attr);
if (setup_attr != null) new_fingerprint_node.put_attribute("setup", setup_attr);
transport_node.put_node(new_fingerprint_node);
transport_node.sub_nodes.remove(fingerprint_node);
}
}
private void on_message_received(XmppStream stream, Xmpp.MessageStanza message) {
StanzaNode? proceed_node = message.stanza.get_subnode("proceed", Xep.JingleMessageInitiation.NS_URI);
if (proceed_node == null) return;
string? jingle_sid = proceed_node.get_attribute("id");
if (jingle_sid == null) return;
StanzaNode? device_node = proceed_node.get_subnode("device", NS_URI);
if (device_node == null) return;
int device_id = device_node.get_attribute_int("id", -1);
if (device_id == -1) return;
device_id_by_jingle_sid[jingle_sid] = device_id;
}
private void on_session_initiate_received(XmppStream stream, Xep.Jingle.Session session) {
if (device_id_by_jingle_sid.has_key(session.sid)) {
foreach (Xep.Jingle.Content content in session.contents) {
on_content_add_received(stream, content);
}
}
session.additional_content_add_incoming.connect(on_content_add_received);
}
private void on_content_add_received(XmppStream stream, Xep.Jingle.Content content) {
if (!content_names_by_jingle_sid.has_key(content.session.sid) || content_names_by_jingle_sid[content.session.sid].contains(content.content_name)) {
var encryption = new OmemoContentEncryption() { encryption_ns=NS_URI, encryption_name="OMEMO", our_key=new uint8[0], peer_key=new uint8[0], peer_device_id=device_id_by_jingle_sid[content.session.sid] };
content.encryptions[encryption.encryption_ns] = encryption;
}
}
public override void attach(XmppStream stream) {
stream.get_module(Xmpp.MessageModule.IDENTITY).received_message.connect(on_message_received);
stream.get_module(Xmpp.MessageModule.IDENTITY).send_pipeline.connect(send_listener);
stream.get_module(Xmpp.Iq.Module.IDENTITY).preprocess_incoming_iq_set_get.connect(on_preprocess_incoming_iq_set_get);
stream.get_module(Xmpp.Iq.Module.IDENTITY).preprocess_outgoing_iq_set_get.connect(on_preprocess_outgoing_iq_set_get);
stream.get_module(Xep.Jingle.Module.IDENTITY).session_initiate_received.connect(on_session_initiate_received);
}
public override void detach(XmppStream stream) {
stream.get_module(Xmpp.MessageModule.IDENTITY).received_message.disconnect(on_message_received);
stream.get_module(Xmpp.MessageModule.IDENTITY).send_pipeline.disconnect(send_listener);
stream.get_module(Xmpp.Iq.Module.IDENTITY).preprocess_incoming_iq_set_get.disconnect(on_preprocess_incoming_iq_set_get);
stream.get_module(Xmpp.Iq.Module.IDENTITY).preprocess_outgoing_iq_set_get.disconnect(on_preprocess_outgoing_iq_set_get);
stream.get_module(Xep.Jingle.Module.IDENTITY).session_initiate_received.disconnect(on_session_initiate_received);
}
public override string get_ns() { return NS_URI; }
public override string get_id() { return IDENTITY.id; }
}
public class VerificationSendListener : StanzaListener<MessageStanza> {
private const string[] after_actions_const = {};
public override string action_group { get { return "REWRITE_NODES"; } }
public override string[] after_actions { get { return after_actions_const; } }
public override async bool run(XmppStream stream, MessageStanza message) {
StanzaNode? proceed_node = message.stanza.get_subnode("proceed", Xep.JingleMessageInitiation.NS_URI);
if (proceed_node == null) return false;
StanzaNode device_node = new StanzaNode.build("device", NS_URI).add_self_xmlns()
.put_attribute("id", stream.get_module(Omemo.StreamModule.IDENTITY).store.local_registration_id.to_string());
proceed_node.put_node(device_node);
return false;
}
}
public class OmemoContentEncryption : Xep.Jingle.ContentEncryption {
public int peer_device_id { get; set; }
}
}

View file

@ -7,18 +7,15 @@ using Xmpp;
using Xmpp.Xep; using Xmpp.Xep;
namespace Dino.Plugins.JetOmemo { namespace Dino.Plugins.JetOmemo {
private const string NS_URI = "urn:xmpp:jingle:jet-omemo:0"; private const string NS_URI = "urn:xmpp:jingle:jet-omemo:0";
private const string AES_128_GCM_URI = "urn:xmpp:ciphers:aes-128-gcm-nopadding"; private const string AES_128_GCM_URI = "urn:xmpp:ciphers:aes-128-gcm-nopadding";
public class Module : XmppStreamModule, Jet.EnvelopEncoding { public class Module : XmppStreamModule, Jet.EnvelopEncoding {
public static Xmpp.ModuleIdentity<Module> IDENTITY = new Xmpp.ModuleIdentity<Module>(NS_URI, "0396_jet_omemo"); public static Xmpp.ModuleIdentity<Module> IDENTITY = new Xmpp.ModuleIdentity<Module>(NS_URI, "0396_jet_omemo");
private Omemo.Plugin plugin;
const uint KEY_SIZE = 16; const uint KEY_SIZE = 16;
const uint IV_SIZE = 12; const uint IV_SIZE = 12;
public Module(Omemo.Plugin plugin) {
this.plugin = plugin;
}
public override void attach(XmppStream stream) { public override void attach(XmppStream stream) {
if (stream.get_module(Jet.Module.IDENTITY) != null) { if (stream.get_module(Jet.Module.IDENTITY) != null) {
stream.get_module(ServiceDiscovery.Module.IDENTITY).add_feature(stream, NS_URI); stream.get_module(ServiceDiscovery.Module.IDENTITY).add_feature(stream, NS_URI);
@ -44,71 +41,38 @@ public class Module : XmppStreamModule, Jet.EnvelopEncoding {
} }
public Jet.TransportSecret decode_envolop(XmppStream stream, Jid local_full_jid, Jid peer_full_jid, StanzaNode security) throws Jingle.IqError { public Jet.TransportSecret decode_envolop(XmppStream stream, Jid local_full_jid, Jid peer_full_jid, StanzaNode security) throws Jingle.IqError {
Store store = stream.get_module(Omemo.StreamModule.IDENTITY).store;
StanzaNode? encrypted = security.get_subnode("encrypted", Omemo.NS_URI); StanzaNode? encrypted = security.get_subnode("encrypted", Omemo.NS_URI);
if (encrypted == null) throw new Jingle.IqError.BAD_REQUEST("Invalid JET-OMEMO envelop: missing encrypted element"); if (encrypted == null) throw new Jingle.IqError.BAD_REQUEST("Invalid JET-OMEMO envelop: missing encrypted element");
StanzaNode? header = encrypted.get_subnode("header", Omemo.NS_URI);
if (header == null) throw new Jingle.IqError.BAD_REQUEST("Invalid JET-OMEMO envelop: missing header element");
string? iv_node = header.get_deep_string_content("iv");
if (header == null) throw new Jingle.IqError.BAD_REQUEST("Invalid JET-OMEMO envelop: missing iv element");
uint8[] iv = Base64.decode((!)iv_node);
foreach (StanzaNode key_node in header.get_subnodes("key")) {
if (key_node.get_attribute_int("rid") == store.local_registration_id) {
string? key_node_content = key_node.get_string_content();
uint8[] key; Xep.Omemo.OmemoDecryptor decryptor = stream.get_module(Xep.Omemo.OmemoDecryptor.IDENTITY);
Address address = new Address(peer_full_jid.bare_jid.to_string(), header.get_attribute_int("sid"));
if (key_node.get_attribute_bool("prekey")) {
PreKeySignalMessage msg = Omemo.Plugin.get_context().deserialize_pre_key_signal_message(Base64.decode((!)key_node_content));
SessionCipher cipher = store.create_session_cipher(address);
key = cipher.decrypt_pre_key_signal_message(msg);
} else {
SignalMessage msg = Omemo.Plugin.get_context().deserialize_signal_message(Base64.decode((!)key_node_content));
SessionCipher cipher = store.create_session_cipher(address);
key = cipher.decrypt_signal_message(msg);
}
address.device_id = 0; // TODO: Hack to have address obj live longer
uint8[] authtag = null; Xmpp.Xep.Omemo.ParsedData? data = decryptor.parse_node(encrypted);
if (key.length >= 32) { if (data == null) throw new Jingle.IqError.BAD_REQUEST("Invalid JET-OMEMO envelop: bad encrypted element");
int authtaglength = key.length - 16;
authtag = new uint8[authtaglength]; foreach (Bytes encr_key in data.our_potential_encrypted_keys.keys) {
uint8[] new_key = new uint8[16]; data.is_prekey = data.our_potential_encrypted_keys[encr_key];
Memory.copy(authtag, (uint8*)key + 16, 16); data.encrypted_key = encr_key.get_data();
Memory.copy(new_key, key, 16);
key = new_key; try {
} uint8[] key = decryptor.decrypt_key(data, peer_full_jid.bare_jid);
// TODO: authtag? return new Jet.TransportSecret(key, data.iv);
return new Jet.TransportSecret(key, iv); } catch (GLib.Error e) {
debug("Decrypting JET key from %s/%d failed: %s", peer_full_jid.bare_jid.to_string(), data.sid, e.message);
} }
} }
throw new Jingle.IqError.NOT_ACCEPTABLE("Not encrypted for targeted device"); throw new Jingle.IqError.NOT_ACCEPTABLE("Not encrypted for targeted device");
} }
public void encode_envelop(XmppStream stream, Jid local_full_jid, Jid peer_full_jid, Jet.SecurityParameters security_params, StanzaNode security) { public void encode_envelop(XmppStream stream, Jid local_full_jid, Jid peer_full_jid, Jet.SecurityParameters security_params, StanzaNode security) {
ArrayList<Account> accounts = plugin.app.stream_interactor.get_accounts();
Store store = stream.get_module(Omemo.StreamModule.IDENTITY).store; Store store = stream.get_module(Omemo.StreamModule.IDENTITY).store;
Account? account = null;
foreach (Account compare in accounts) {
if (compare.bare_jid.equals_bare(local_full_jid)) {
account = compare;
break;
}
}
if (account == null) {
// TODO
critical("Sending from offline account %s", local_full_jid.to_string());
}
StanzaNode header_node; var encryption_data = new Xep.Omemo.EncryptionData(store.local_registration_id);
StanzaNode encrypted_node = new StanzaNode.build("encrypted", Omemo.NS_URI).add_self_xmlns() encryption_data.iv = security_params.secret.initialization_vector;
.put_node(header_node = new StanzaNode.build("header", Omemo.NS_URI) encryption_data.keytag = security_params.secret.transport_key;
.put_attribute("sid", store.local_registration_id.to_string()) Xep.Omemo.OmemoEncryptor encryptor = stream.get_module(Xep.Omemo.OmemoEncryptor.IDENTITY);
.put_node(new StanzaNode.build("iv", Omemo.NS_URI) encryptor.encrypt_key_to_recipient(stream, encryption_data, peer_full_jid.bare_jid);
.put_node(new StanzaNode.text(Base64.encode(security_params.secret.initialization_vector)))));
plugin.trust_manager.encrypt_key(header_node, security_params.secret.transport_key, local_full_jid.bare_jid, new ArrayList<Jid>.wrap(new Jid[] {peer_full_jid.bare_jid}), stream, account); security.put_node(encryption_data.get_encrypted_node());
security.put_node(encrypted_node);
} }
public override string get_ns() { return NS_URI; } public override string get_ns() { return NS_URI; }

View file

@ -0,0 +1,210 @@
using Dino.Entities;
using Qlite;
using Gee;
using Signal;
using Xmpp;
namespace Dino.Plugins.Omemo {
public class OmemoDecryptor : Xep.Omemo.OmemoDecryptor {
private Account account;
private Store store;
private Database db;
private StreamInteractor stream_interactor;
private TrustManager trust_manager;
public override uint32 own_device_id { get { return store.local_registration_id; }}
public OmemoDecryptor(Account account, StreamInteractor stream_interactor, TrustManager trust_manager, Database db, Store store) {
this.account = account;
this.stream_interactor = stream_interactor;
this.trust_manager = trust_manager;
this.db = db;
this.store = store;
}
public bool decrypt_message(Entities.Message message, Xmpp.MessageStanza stanza, Conversation conversation) {
StanzaNode? encrypted_node = stanza.stanza.get_subnode("encrypted", NS_URI);
if (encrypted_node == null || MessageFlag.get_flag(stanza) != null || stanza.from == null) return false;
if (message.body == null && Xep.ExplicitEncryption.get_encryption_tag(stanza) == NS_URI) {
message.body = "[This message is OMEMO encrypted]"; // TODO temporary
}
if (!Plugin.ensure_context()) return false;
int identity_id = db.identity.get_id(conversation.account.id);
MessageFlag flag = new MessageFlag();
stanza.add_flag(flag);
Xep.Omemo.ParsedData? data = parse_node(encrypted_node);
if (data == null || data.ciphertext == null) return false;
foreach (Bytes encr_key in data.our_potential_encrypted_keys.keys) {
data.is_prekey = data.our_potential_encrypted_keys[encr_key];
data.encrypted_key = encr_key.get_data();
Gee.List<Jid> possible_jids = get_potential_message_jids(message, data, identity_id);
if (possible_jids.size == 0) {
debug("Received message from unknown entity with device id %d", data.sid);
}
foreach (Jid possible_jid in possible_jids) {
try {
uint8[] key = decrypt_key(data, possible_jid);
string cleartext = arr_to_str(aes_decrypt(Cipher.AES_GCM_NOPADDING, key, data.iv, data.ciphertext));
// If we figured out which real jid a message comes from due to decryption working, save it
if (conversation.type_ == Conversation.Type.GROUPCHAT && message.real_jid == null) {
message.real_jid = possible_jid;
}
trust_manager.message_device_id_map[message] = data.sid;
message.body = cleartext;
message.encryption = Encryption.OMEMO;
return true;
} catch (Error e) {
debug("Decrypting message from %s/%d failed: %s", possible_jid.to_string(), data.sid, e.message);
}
}
}
if (
encrypted_node.get_deep_string_content("payload") != null && // Ratchet forwarding doesn't contain payload and might not include us, which is ok
data.our_potential_encrypted_keys.size == 0 && // The message was not encrypted to us
stream_interactor.module_manager.get_module(message.account, StreamModule.IDENTITY).store.local_registration_id != data.sid // Message from this device. Never encrypted to itself.
) {
db.identity_meta.update_last_message_undecryptable(identity_id, data.sid, message.time);
trust_manager.bad_message_state_updated(conversation.account, message.from, data.sid);
}
debug("Received OMEMO encryped message that could not be decrypted.");
return false;
}
public Gee.List<Jid> get_potential_message_jids(Entities.Message message, Xmpp.Xep.Omemo.ParsedData data, int identity_id) {
Gee.List<Jid> possible_jids = new ArrayList<Jid>();
if (message.type_ == Message.Type.CHAT) {
possible_jids.add(message.from.bare_jid);
} else {
if (message.real_jid != null) {
possible_jids.add(message.real_jid.bare_jid);
} else if (data.is_prekey) {
// pre key messages do store the identity key, so we can use that to find the real jid
PreKeySignalMessage msg = Plugin.get_context().deserialize_pre_key_signal_message(data.encrypted_key);
string identity_key = Base64.encode(msg.identity_key.serialize());
foreach (Row row in db.identity_meta.get_with_device_id(identity_id, data.sid).with(db.identity_meta.identity_key_public_base64, "=", identity_key)) {
try {
possible_jids.add(new Jid(row[db.identity_meta.address_name]));
} catch (InvalidJidError e) {
warning("Ignoring invalid jid from database: %s", e.message);
}
}
} else {
// If we don't know the device name (MUC history w/o MAM), test decryption with all keys with fitting device id
foreach (Row row in db.identity_meta.get_with_device_id(identity_id, data.sid)) {
try {
possible_jids.add(new Jid(row[db.identity_meta.address_name]));
} catch (InvalidJidError e) {
warning("Ignoring invalid jid from database: %s", e.message);
}
}
}
}
return possible_jids;
}
public override uint8[] decrypt_key(Xmpp.Xep.Omemo.ParsedData data, Jid from_jid) throws GLib.Error {
int sid = data.sid;
uint8[] ciphertext = data.ciphertext;
uint8[] encrypted_key = data.encrypted_key;
Address address = new Address(from_jid.to_string(), sid);
uint8[] key;
if (data.is_prekey) {
int identity_id = db.identity.get_id(account.id);
PreKeySignalMessage msg = Plugin.get_context().deserialize_pre_key_signal_message(encrypted_key);
string identity_key = Base64.encode(msg.identity_key.serialize());
bool ok = update_db_for_prekey(identity_id, identity_key, from_jid, sid);
if (!ok) return null;
debug("Starting new session for decryption with device from %s/%d", from_jid.to_string(), sid);
SessionCipher cipher = store.create_session_cipher(address);
key = cipher.decrypt_pre_key_signal_message(msg);
// TODO: Finish session
} else {
debug("Continuing session for decryption with device from %s/%d", from_jid.to_string(), sid);
SignalMessage msg = Plugin.get_context().deserialize_signal_message(encrypted_key);
SessionCipher cipher = store.create_session_cipher(address);
key = cipher.decrypt_signal_message(msg);
}
if (key.length >= 32) {
int authtaglength = key.length - 16;
uint8[] new_ciphertext = new uint8[ciphertext.length + authtaglength];
uint8[] new_key = new uint8[16];
Memory.copy(new_ciphertext, ciphertext, ciphertext.length);
Memory.copy((uint8*)new_ciphertext + ciphertext.length, (uint8*)key + 16, authtaglength);
Memory.copy(new_key, key, 16);
data.ciphertext = new_ciphertext;
key = new_key;
}
return key;
}
public override string decrypt(uint8[] ciphertext, uint8[] key, uint8[] iv) throws GLib.Error {
return arr_to_str(aes_decrypt(Cipher.AES_GCM_NOPADDING, key, iv, ciphertext));
}
private bool update_db_for_prekey(int identity_id, string identity_key, Jid from_jid, int sid) {
Row? device = db.identity_meta.get_device(identity_id, from_jid.to_string(), sid);
if (device != null && device[db.identity_meta.identity_key_public_base64] != null) {
if (device[db.identity_meta.identity_key_public_base64] != identity_key) {
critical("Tried to use a different identity key for a known device id.");
return false;
}
} else {
debug("Learn new device from incoming message from %s/%d", from_jid.to_string(), sid);
bool blind_trust = db.trust.get_blind_trust(identity_id, from_jid.to_string(), true);
if (db.identity_meta.insert_device_session(identity_id, from_jid.to_string(), sid, identity_key, blind_trust ? TrustLevel.TRUSTED : TrustLevel.UNKNOWN) < 0) {
critical("Failed learning a device.");
return false;
}
XmppStream? stream = stream_interactor.get_stream(account);
if (device == null && stream != null) {
stream.get_module(StreamModule.IDENTITY).request_user_devicelist.begin(stream, from_jid);
}
}
return true;
}
private string arr_to_str(uint8[] arr) {
// null-terminate the array
uint8[] rarr = new uint8[arr.length+1];
Memory.copy(rarr, arr, arr.length);
return (string)rarr;
}
}
public class DecryptMessageListener : MessageListener {
public string[] after_actions_const = new string[]{ };
public override string action_group { get { return "DECRYPT"; } }
public override string[] after_actions { get { return after_actions_const; } }
private HashMap<Account, OmemoDecryptor> decryptors;
public DecryptMessageListener(HashMap<Account, OmemoDecryptor> decryptors) {
this.decryptors = decryptors;
}
public override async bool run(Entities.Message message, Xmpp.MessageStanza stanza, Conversation conversation) {
decryptors[message.account].decrypt_message(message, stanza, conversation);
return false;
}
}
}

View file

@ -0,0 +1,131 @@
using Gee;
using Signal;
using Dino.Entities;
using Xmpp;
using Xmpp.Xep.Omemo;
namespace Dino.Plugins.Omemo {
public class OmemoEncryptor : Xep.Omemo.OmemoEncryptor {
private Account account;
private Store store;
private TrustManager trust_manager;
public override uint32 own_device_id { get { return store.local_registration_id; }}
public OmemoEncryptor(Account account, TrustManager trust_manager, Store store) {
this.account = account;
this.trust_manager = trust_manager;
this.store = store;
}
public override Xep.Omemo.EncryptionData encrypt_plaintext(string plaintext) throws GLib.Error {
const uint KEY_SIZE = 16;
const uint IV_SIZE = 12;
//Create a key and use it to encrypt the message
uint8[] key = new uint8[KEY_SIZE];
Plugin.get_context().randomize(key);
uint8[] iv = new uint8[IV_SIZE];
Plugin.get_context().randomize(iv);
uint8[] aes_encrypt_result = aes_encrypt(Cipher.AES_GCM_NOPADDING, key, iv, plaintext.data);
uint8[] ciphertext = aes_encrypt_result[0:aes_encrypt_result.length - 16];
uint8[] tag = aes_encrypt_result[aes_encrypt_result.length - 16:aes_encrypt_result.length];
uint8[] keytag = new uint8[key.length + tag.length];
Memory.copy(keytag, key, key.length);
Memory.copy((uint8*)keytag + key.length, tag, tag.length);
var ret = new Xep.Omemo.EncryptionData(own_device_id);
ret.ciphertext = ciphertext;
ret.keytag = keytag;
ret.iv = iv;
return ret;
}
public EncryptState encrypt(MessageStanza message, Jid self_jid, Gee.List<Jid> recipients, XmppStream stream) {
EncryptState status = new EncryptState();
if (!Plugin.ensure_context()) return status;
if (message.to == null) return status;
try {
EncryptionData enc_data = encrypt_plaintext(message.body);
status = encrypt_key_to_recipients(enc_data, self_jid, recipients, stream);
message.stanza.put_node(enc_data.get_encrypted_node());
Xep.ExplicitEncryption.add_encryption_tag_to_message(message, NS_URI, "OMEMO");
message.body = "[This message is OMEMO encrypted]";
status.encrypted = true;
} catch (Error e) {
warning(@"Signal error while encrypting message: $(e.message)\n");
message.body = "[OMEMO encryption failed]";
status.encrypted = false;
}
return status;
}
internal EncryptState encrypt_key_to_recipients(EncryptionData enc_data, Jid self_jid, Gee.List<Jid> recipients, XmppStream stream) throws Error {
EncryptState status = new EncryptState();
//Check we have the bundles and device lists needed to send the message
if (!trust_manager.is_known_address(account, self_jid)) return status;
status.own_list = true;
status.own_devices = trust_manager.get_trusted_devices(account, self_jid).size;
status.other_waiting_lists = 0;
status.other_devices = 0;
foreach (Jid recipient in recipients) {
if (!trust_manager.is_known_address(account, recipient)) {
status.other_waiting_lists++;
}
if (status.other_waiting_lists > 0) return status;
status.other_devices += trust_manager.get_trusted_devices(account, recipient).size;
}
if (status.own_devices == 0 || status.other_devices == 0) return status;
//Encrypt the key for each recipient's device individually
foreach (Jid recipient in recipients) {
EncryptionResult enc_res = encrypt_key_to_recipient(stream, enc_data, recipient);
status.add_result(enc_res, false);
}
// Encrypt the key for each own device
EncryptionResult enc_res = encrypt_key_to_recipient(stream, enc_data, self_jid);
status.add_result(enc_res, true);
return status;
}
public override EncryptionResult encrypt_key_to_recipient(XmppStream stream, Xep.Omemo.EncryptionData enc_data, Jid recipient) throws GLib.Error {
var result = new EncryptionResult();
StreamModule module = stream.get_module(StreamModule.IDENTITY);
foreach(int32 device_id in trust_manager.get_trusted_devices(account, recipient)) {
if (module.is_ignored_device(recipient, device_id)) {
result.lost++;
continue;
}
try {
encrypt_key(enc_data, recipient, device_id);
result.success++;
} catch (Error e) {
if (e.code == ErrorCode.UNKNOWN) result.unknown++;
else result.failure++;
}
}
return result;
}
public override void encrypt_key(Xep.Omemo.EncryptionData encryption_data, Jid jid, int32 device_id) throws GLib.Error {
Address address = new Address(jid.to_string(), device_id);
SessionCipher cipher = store.create_session_cipher(address);
CiphertextMessage device_key = cipher.encrypt(encryption_data.keytag);
address.device_id = 0;
debug("Created encrypted key for %s/%d", jid.to_string(), device_id);
encryption_data.add_device_key(device_id, device_key.serialized, device_key.type == CiphertextType.PREKEY);
}
}
}

View file

@ -1,24 +0,0 @@
namespace Dino.Plugins.Omemo {
public class EncryptState {
public bool encrypted { get; internal set; }
public int other_devices { get; internal set; }
public int other_success { get; internal set; }
public int other_lost { get; internal set; }
public int other_unknown { get; internal set; }
public int other_failure { get; internal set; }
public int other_waiting_lists { get; internal set; }
public int own_devices { get; internal set; }
public int own_success { get; internal set; }
public int own_lost { get; internal set; }
public int own_unknown { get; internal set; }
public int own_failure { get; internal set; }
public bool own_list { get; internal set; }
public string to_string() {
return @"EncryptState (encrypted=$encrypted, other=(devices=$other_devices, success=$other_success, lost=$other_lost, unknown=$other_unknown, failure=$other_failure, waiting_lists=$other_waiting_lists, own=(devices=$own_devices, success=$own_success, lost=$own_lost, unknown=$own_unknown, failure=$own_failure, list=$own_list))";
}
}
}

View file

@ -13,11 +13,12 @@ public class Manager : StreamInteractionModule, Object {
private StreamInteractor stream_interactor; private StreamInteractor stream_interactor;
private Database db; private Database db;
private TrustManager trust_manager; private TrustManager trust_manager;
private HashMap<Account, OmemoEncryptor> encryptors;
private Map<Entities.Message, MessageState> message_states = new HashMap<Entities.Message, MessageState>(Entities.Message.hash_func, Entities.Message.equals_func); private Map<Entities.Message, MessageState> message_states = new HashMap<Entities.Message, MessageState>(Entities.Message.hash_func, Entities.Message.equals_func);
private class MessageState { private class MessageState {
public Entities.Message msg { get; private set; } public Entities.Message msg { get; private set; }
public EncryptState last_try { get; private set; } public Xep.Omemo.EncryptState last_try { get; private set; }
public int waiting_other_sessions { get; set; } public int waiting_other_sessions { get; set; }
public int waiting_own_sessions { get; set; } public int waiting_own_sessions { get; set; }
public bool waiting_own_devicelist { get; set; } public bool waiting_own_devicelist { get; set; }
@ -26,11 +27,11 @@ public class Manager : StreamInteractionModule, Object {
public bool will_send_now { get; private set; } public bool will_send_now { get; private set; }
public bool active_send_attempt { get; set; } public bool active_send_attempt { get; set; }
public MessageState(Entities.Message msg, EncryptState last_try) { public MessageState(Entities.Message msg, Xep.Omemo.EncryptState last_try) {
update_from_encrypt_status(msg, last_try); update_from_encrypt_status(msg, last_try);
} }
public void update_from_encrypt_status(Entities.Message msg, EncryptState new_try) { public void update_from_encrypt_status(Entities.Message msg, Xep.Omemo.EncryptState new_try) {
this.msg = msg; this.msg = msg;
this.last_try = new_try; this.last_try = new_try;
this.waiting_other_sessions = new_try.other_unknown; this.waiting_other_sessions = new_try.other_unknown;
@ -59,10 +60,11 @@ public class Manager : StreamInteractionModule, Object {
} }
} }
private Manager(StreamInteractor stream_interactor, Database db, TrustManager trust_manager) { private Manager(StreamInteractor stream_interactor, Database db, TrustManager trust_manager, HashMap<Account, OmemoEncryptor> encryptors) {
this.stream_interactor = stream_interactor; this.stream_interactor = stream_interactor;
this.db = db; this.db = db;
this.trust_manager = trust_manager; this.trust_manager = trust_manager;
this.encryptors = encryptors;
stream_interactor.stream_negotiated.connect(on_stream_negotiated); stream_interactor.stream_negotiated.connect(on_stream_negotiated);
stream_interactor.get_module(MessageProcessor.IDENTITY).pre_message_send.connect(on_pre_message_send); stream_interactor.get_module(MessageProcessor.IDENTITY).pre_message_send.connect(on_pre_message_send);
@ -125,7 +127,7 @@ public class Manager : StreamInteractionModule, Object {
} }
//Attempt to encrypt the message //Attempt to encrypt the message
EncryptState enc_state = trust_manager.encrypt(message_stanza, conversation.account.bare_jid, recipients, stream, conversation.account); Xep.Omemo.EncryptState enc_state = encryptors[conversation.account].encrypt(message_stanza, conversation.account.bare_jid, recipients, stream);
MessageState state; MessageState state;
lock (message_states) { lock (message_states) {
if (message_states.has_key(message)) { if (message_states.has_key(message)) {
@ -411,8 +413,8 @@ public class Manager : StreamInteractionModule, Object {
return true; // TODO wait for stream? return true; // TODO wait for stream?
} }
public static void start(StreamInteractor stream_interactor, Database db, TrustManager trust_manager) { public static void start(StreamInteractor stream_interactor, Database db, TrustManager trust_manager, HashMap<Account, OmemoEncryptor> encryptors) {
Manager m = new Manager(stream_interactor, db, trust_manager); Manager m = new Manager(stream_interactor, db, trust_manager, encryptors);
stream_interactor.add_module(m); stream_interactor.add_module(m);
} }
} }

View file

@ -12,18 +12,15 @@ public class TrustManager {
private StreamInteractor stream_interactor; private StreamInteractor stream_interactor;
private Database db; private Database db;
private DecryptMessageListener decrypt_message_listener;
private TagMessageListener tag_message_listener; private TagMessageListener tag_message_listener;
private HashMap<Message, int> message_device_id_map = new HashMap<Message, int>(Message.hash_func, Message.equals_func); public HashMap<Message, int> message_device_id_map = new HashMap<Message, int>(Message.hash_func, Message.equals_func);
public TrustManager(StreamInteractor stream_interactor, Database db) { public TrustManager(StreamInteractor stream_interactor, Database db) {
this.stream_interactor = stream_interactor; this.stream_interactor = stream_interactor;
this.db = db; this.db = db;
decrypt_message_listener = new DecryptMessageListener(stream_interactor, this, db, message_device_id_map);
tag_message_listener = new TagMessageListener(stream_interactor, this, db, message_device_id_map); tag_message_listener = new TagMessageListener(stream_interactor, this, db, message_device_id_map);
stream_interactor.get_module(MessageProcessor.IDENTITY).received_pipeline.connect(decrypt_message_listener);
stream_interactor.get_module(MessageProcessor.IDENTITY).received_pipeline.connect(tag_message_listener); stream_interactor.get_module(MessageProcessor.IDENTITY).received_pipeline.connect(tag_message_listener);
} }
@ -69,127 +66,6 @@ public class TrustManager {
} }
} }
private StanzaNode create_encrypted_key_node(uint8[] key, Address address, Store store) throws GLib.Error {
SessionCipher cipher = store.create_session_cipher(address);
CiphertextMessage device_key = cipher.encrypt(key);
debug("Created encrypted key for %s/%d", address.name, address.device_id);
StanzaNode key_node = new StanzaNode.build("key", NS_URI)
.put_attribute("rid", address.device_id.to_string())
.put_node(new StanzaNode.text(Base64.encode(device_key.serialized)));
if (device_key.type == CiphertextType.PREKEY) key_node.put_attribute("prekey", "true");
return key_node;
}
internal EncryptState encrypt_key(StanzaNode header_node, uint8[] keytag, Jid self_jid, Gee.List<Jid> recipients, XmppStream stream, Account account) throws Error {
EncryptState status = new EncryptState();
StreamModule module = stream.get_module(StreamModule.IDENTITY);
//Check we have the bundles and device lists needed to send the message
if (!is_known_address(account, self_jid)) return status;
status.own_list = true;
status.own_devices = get_trusted_devices(account, self_jid).size;
status.other_waiting_lists = 0;
status.other_devices = 0;
foreach (Jid recipient in recipients) {
if (!is_known_address(account, recipient)) {
status.other_waiting_lists++;
}
if (status.other_waiting_lists > 0) return status;
status.other_devices += get_trusted_devices(account, recipient).size;
}
if (status.own_devices == 0 || status.other_devices == 0) return status;
//Encrypt the key for each recipient's device individually
Address address = new Address("", 0);
foreach (Jid recipient in recipients) {
foreach(int32 device_id in get_trusted_devices(account, recipient)) {
if (module.is_ignored_device(recipient, device_id)) {
status.other_lost++;
continue;
}
try {
address.name = recipient.bare_jid.to_string();
address.device_id = (int) device_id;
StanzaNode key_node = create_encrypted_key_node(keytag, address, module.store);
header_node.put_node(key_node);
status.other_success++;
} catch (Error e) {
if (e.code == ErrorCode.UNKNOWN) status.other_unknown++;
else status.other_failure++;
}
}
}
// Encrypt the key for each own device
address.name = self_jid.bare_jid.to_string();
foreach(int32 device_id in get_trusted_devices(account, self_jid)) {
if (module.is_ignored_device(self_jid, device_id)) {
status.own_lost++;
continue;
}
if (device_id != module.store.local_registration_id) {
address.device_id = (int) device_id;
try {
StanzaNode key_node = create_encrypted_key_node(keytag, address, module.store);
header_node.put_node(key_node);
status.own_success++;
} catch (Error e) {
if (e.code == ErrorCode.UNKNOWN) status.own_unknown++;
else status.own_failure++;
}
}
}
return status;
}
public EncryptState encrypt(MessageStanza message, Jid self_jid, Gee.List<Jid> recipients, XmppStream stream, Account account) {
const uint KEY_SIZE = 16;
const uint IV_SIZE = 12;
EncryptState status = new EncryptState();
if (!Plugin.ensure_context()) return status;
if (message.to == null) return status;
StreamModule module = stream.get_module(StreamModule.IDENTITY);
try {
//Create a key and use it to encrypt the message
uint8[] key = new uint8[KEY_SIZE];
Plugin.get_context().randomize(key);
uint8[] iv = new uint8[IV_SIZE];
Plugin.get_context().randomize(iv);
uint8[] aes_encrypt_result = aes_encrypt(Cipher.AES_GCM_NOPADDING, key, iv, message.body.data);
uint8[] ciphertext = aes_encrypt_result[0:aes_encrypt_result.length-16];
uint8[] tag = aes_encrypt_result[aes_encrypt_result.length-16:aes_encrypt_result.length];
uint8[] keytag = new uint8[key.length + tag.length];
Memory.copy(keytag, key, key.length);
Memory.copy((uint8*)keytag + key.length, tag, tag.length);
StanzaNode header_node;
StanzaNode encrypted_node = new StanzaNode.build("encrypted", NS_URI).add_self_xmlns()
.put_node(header_node = new StanzaNode.build("header", NS_URI)
.put_attribute("sid", module.store.local_registration_id.to_string())
.put_node(new StanzaNode.build("iv", NS_URI)
.put_node(new StanzaNode.text(Base64.encode(iv)))))
.put_node(new StanzaNode.build("payload", NS_URI)
.put_node(new StanzaNode.text(Base64.encode(ciphertext))));
status = encrypt_key(header_node, keytag, self_jid, recipients, stream, account);
message.stanza.put_node(encrypted_node);
Xep.ExplicitEncryption.add_encryption_tag_to_message(message, NS_URI, "OMEMO");
message.body = "[This message is OMEMO encrypted]";
status.encrypted = true;
} catch (Error e) {
warning(@"Signal error while encrypting message: $(e.message)\n");
message.body = "[OMEMO encryption failed]";
status.encrypted = false;
}
return status;
}
public bool is_known_address(Account account, Jid jid) { public bool is_known_address(Account account, Jid jid) {
int identity_id = db.identity.get_id(account.id); int identity_id = db.identity.get_id(account.id);
if (identity_id < 0) return false; if (identity_id < 0) return false;
@ -260,182 +136,6 @@ public class TrustManager {
return false; return false;
} }
} }
private class DecryptMessageListener : MessageListener {
public string[] after_actions_const = new string[]{ };
public override string action_group { get { return "DECRYPT"; } }
public override string[] after_actions { get { return after_actions_const; } }
private StreamInteractor stream_interactor;
private TrustManager trust_manager;
private Database db;
private HashMap<Message, int> message_device_id_map;
public DecryptMessageListener(StreamInteractor stream_interactor, TrustManager trust_manager, Database db, HashMap<Message, int> message_device_id_map) {
this.stream_interactor = stream_interactor;
this.trust_manager = trust_manager;
this.db = db;
this.message_device_id_map = message_device_id_map;
}
public override async bool run(Entities.Message message, Xmpp.MessageStanza stanza, Conversation conversation) {
StreamModule module = stream_interactor.module_manager.get_module(conversation.account, StreamModule.IDENTITY);
Store store = module.store;
StanzaNode? _encrypted = stanza.stanza.get_subnode("encrypted", NS_URI);
if (_encrypted == null || MessageFlag.get_flag(stanza) != null || stanza.from == null) return false;
StanzaNode encrypted = (!)_encrypted;
if (message.body == null && Xep.ExplicitEncryption.get_encryption_tag(stanza) == NS_URI) {
message.body = "[This message is OMEMO encrypted]"; // TODO temporary
};
if (!Plugin.ensure_context()) return false;
int identity_id = db.identity.get_id(conversation.account.id);
MessageFlag flag = new MessageFlag();
stanza.add_flag(flag);
StanzaNode? _header = encrypted.get_subnode("header");
if (_header == null) return false;
StanzaNode header = (!)_header;
int sid = header.get_attribute_int("sid");
if (sid <= 0) return false;
var our_nodes = new ArrayList<StanzaNode>();
foreach (StanzaNode key_node in header.get_subnodes("key")) {
debug("Is ours? %d =? %u", key_node.get_attribute_int("rid"), store.local_registration_id);
if (key_node.get_attribute_int("rid") == store.local_registration_id) {
our_nodes.add(key_node);
}
}
string? payload = encrypted.get_deep_string_content("payload");
string? iv_node = header.get_deep_string_content("iv");
foreach (StanzaNode key_node in our_nodes) {
string? key_node_content = key_node.get_string_content();
if (payload == null || iv_node == null || key_node_content == null) continue;
uint8[] key;
uint8[] ciphertext = Base64.decode((!)payload);
uint8[] iv = Base64.decode((!)iv_node);
Gee.List<Jid> possible_jids = new ArrayList<Jid>();
if (conversation.type_ == Conversation.Type.CHAT) {
possible_jids.add(stanza.from.bare_jid);
} else {
Jid? real_jid = message.real_jid;
if (real_jid != null) {
possible_jids.add(real_jid.bare_jid);
} else if (key_node.get_attribute_bool("prekey")) {
// pre key messages do store the identity key, so we can use that to find the real jid
PreKeySignalMessage msg = Plugin.get_context().deserialize_pre_key_signal_message(Base64.decode((!)key_node_content));
string identity_key = Base64.encode(msg.identity_key.serialize());
foreach (Row row in db.identity_meta.get_with_device_id(identity_id, sid).with(db.identity_meta.identity_key_public_base64, "=", identity_key)) {
try {
possible_jids.add(new Jid(row[db.identity_meta.address_name]));
} catch (InvalidJidError e) {
warning("Ignoring invalid jid from database: %s", e.message);
}
}
if (possible_jids.size != 1) {
continue;
}
} else {
// If we don't know the device name (MUC history w/o MAM), test decryption with all keys with fitting device id
foreach (Row row in db.identity_meta.get_with_device_id(identity_id, sid)) {
try {
possible_jids.add(new Jid(row[db.identity_meta.address_name]));
} catch (InvalidJidError e) {
warning("Ignoring invalid jid from database: %s", e.message);
}
}
}
}
if (possible_jids.size == 0) {
debug("Received message from unknown entity with device id %d", sid);
}
foreach (Jid possible_jid in possible_jids) {
try {
Address address = new Address(possible_jid.to_string(), sid);
if (key_node.get_attribute_bool("prekey")) {
Row? device = db.identity_meta.get_device(identity_id, possible_jid.to_string(), sid);
PreKeySignalMessage msg = Plugin.get_context().deserialize_pre_key_signal_message(Base64.decode((!)key_node_content));
string identity_key = Base64.encode(msg.identity_key.serialize());
if (device != null && device[db.identity_meta.identity_key_public_base64] != null) {
if (device[db.identity_meta.identity_key_public_base64] != identity_key) {
critical("Tried to use a different identity key for a known device id.");
continue;
}
} else {
debug("Learn new device from incoming message from %s/%d", possible_jid.to_string(), sid);
bool blind_trust = db.trust.get_blind_trust(identity_id, possible_jid.to_string(), true);
if (db.identity_meta.insert_device_session(identity_id, possible_jid.to_string(), sid, identity_key, blind_trust ? TrustLevel.TRUSTED : TrustLevel.UNKNOWN) < 0) {
critical("Failed learning a device.");
continue;
}
XmppStream? stream = stream_interactor.get_stream(conversation.account);
if (device == null && stream != null) {
module.request_user_devicelist.begin(stream, possible_jid);
}
}
debug("Starting new session for decryption with device from %s/%d", possible_jid.to_string(), sid);
SessionCipher cipher = store.create_session_cipher(address);
key = cipher.decrypt_pre_key_signal_message(msg);
// TODO: Finish session
} else {
debug("Continuing session for decryption with device from %s/%d", possible_jid.to_string(), sid);
SignalMessage msg = Plugin.get_context().deserialize_signal_message(Base64.decode((!)key_node_content));
SessionCipher cipher = store.create_session_cipher(address);
key = cipher.decrypt_signal_message(msg);
}
//address.device_id = 0; // TODO: Hack to have address obj live longer
if (key.length >= 32) {
int authtaglength = key.length - 16;
uint8[] new_ciphertext = new uint8[ciphertext.length + authtaglength];
uint8[] new_key = new uint8[16];
Memory.copy(new_ciphertext, ciphertext, ciphertext.length);
Memory.copy((uint8*)new_ciphertext + ciphertext.length, (uint8*)key + 16, authtaglength);
Memory.copy(new_key, key, 16);
ciphertext = new_ciphertext;
key = new_key;
}
message.body = arr_to_str(aes_decrypt(Cipher.AES_GCM_NOPADDING, key, iv, ciphertext));
message_device_id_map[message] = address.device_id;
message.encryption = Encryption.OMEMO;
flag.decrypted = true;
} catch (Error e) {
debug("Decrypting message from %s/%d failed: %s", possible_jid.to_string(), sid, e.message);
continue;
}
// If we figured out which real jid a message comes from due to decryption working, save it
if (conversation.type_ == Conversation.Type.GROUPCHAT && message.real_jid == null) {
message.real_jid = possible_jid;
}
return false;
}
}
if (
payload != null && // Ratchet forwarding doesn't contain payload and might not include us, which is ok
our_nodes.size == 0 && // The message was not encrypted to us
module.store.local_registration_id != sid // Message from this device. Never encrypted to itself.
) {
db.identity_meta.update_last_message_undecryptable(identity_id, sid, message.time);
trust_manager.bad_message_state_updated(conversation.account, message.from, sid);
}
debug("Received OMEMO encryped message that could not be decrypted.");
return false;
}
private string arr_to_str(uint8[] arr) {
// null-terminate the array
uint8[] rarr = new uint8[arr.length+1];
Memory.copy(rarr, arr, arr.length);
return (string)rarr;
}
}
} }
} }

View file

@ -1,3 +1,4 @@
using Gee;
using Dino.Entities; using Dino.Entities;
extern const string GETTEXT_PACKAGE; extern const string GETTEXT_PACKAGE;
@ -20,6 +21,7 @@ public class Plugin : RootInterface, Object {
} }
return true; return true;
} catch (Error e) { } catch (Error e) {
warning("Error initializing Signal Context %s", e.message);
return false; return false;
} }
} }
@ -33,6 +35,9 @@ public class Plugin : RootInterface, Object {
public DeviceNotificationPopulator device_notification_populator; public DeviceNotificationPopulator device_notification_populator;
public OwnNotifications own_notifications; public OwnNotifications own_notifications;
public TrustManager trust_manager; public TrustManager trust_manager;
public DecryptMessageListener decrypt_message_listener;
public HashMap<Account, OmemoDecryptor> decryptors = new HashMap<Account, OmemoDecryptor>(Account.hash_func, Account.equals_func);
public HashMap<Account, OmemoEncryptor> encryptors = new HashMap<Account, OmemoEncryptor>(Account.hash_func, Account.equals_func);
public void registered(Dino.Application app) { public void registered(Dino.Application app) {
ensure_context(); ensure_context();
@ -43,22 +48,33 @@ public class Plugin : RootInterface, Object {
this.contact_details_provider = new ContactDetailsProvider(this); this.contact_details_provider = new ContactDetailsProvider(this);
this.device_notification_populator = new DeviceNotificationPopulator(this, this.app.stream_interactor); this.device_notification_populator = new DeviceNotificationPopulator(this, this.app.stream_interactor);
this.trust_manager = new TrustManager(this.app.stream_interactor, this.db); this.trust_manager = new TrustManager(this.app.stream_interactor, this.db);
this.app.plugin_registry.register_encryption_list_entry(list_entry); this.app.plugin_registry.register_encryption_list_entry(list_entry);
this.app.plugin_registry.register_account_settings_entry(settings_entry); this.app.plugin_registry.register_account_settings_entry(settings_entry);
this.app.plugin_registry.register_contact_details_entry(contact_details_provider); this.app.plugin_registry.register_contact_details_entry(contact_details_provider);
this.app.plugin_registry.register_notification_populator(device_notification_populator); this.app.plugin_registry.register_notification_populator(device_notification_populator);
this.app.plugin_registry.register_conversation_addition_populator(new BadMessagesPopulator(this.app.stream_interactor, this)); this.app.plugin_registry.register_conversation_addition_populator(new BadMessagesPopulator(this.app.stream_interactor, this));
this.app.stream_interactor.module_manager.initialize_account_modules.connect((account, list) => { this.app.stream_interactor.module_manager.initialize_account_modules.connect((account, list) => {
list.add(new StreamModule()); Signal.Store signal_store = Plugin.get_context().create_store();
list.add(new JetOmemo.Module(this)); list.add(new StreamModule(signal_store));
decryptors[account] = new OmemoDecryptor(account, app.stream_interactor, trust_manager, db, signal_store);
list.add(decryptors[account]);
encryptors[account] = new OmemoEncryptor(account, trust_manager,signal_store);
list.add(encryptors[account]);
list.add(new JetOmemo.Module());
list.add(new DtlsSrtpVerificationDraft.StreamModule());
this.own_notifications = new OwnNotifications(this, this.app.stream_interactor, account); this.own_notifications = new OwnNotifications(this, this.app.stream_interactor, account);
}); });
decrypt_message_listener = new DecryptMessageListener(decryptors);
app.stream_interactor.get_module(MessageProcessor.IDENTITY).received_pipeline.connect(decrypt_message_listener);
app.stream_interactor.get_module(FileManager.IDENTITY).add_file_decryptor(new OmemoFileDecryptor()); app.stream_interactor.get_module(FileManager.IDENTITY).add_file_decryptor(new OmemoFileDecryptor());
app.stream_interactor.get_module(FileManager.IDENTITY).add_file_encryptor(new OmemoFileEncryptor()); app.stream_interactor.get_module(FileManager.IDENTITY).add_file_encryptor(new OmemoFileEncryptor());
JingleFileHelperRegistry.instance.add_encryption_helper(Encryption.OMEMO, new JetOmemo.EncryptionHelper(app.stream_interactor)); JingleFileHelperRegistry.instance.add_encryption_helper(Encryption.OMEMO, new JetOmemo.EncryptionHelper(app.stream_interactor));
Manager.start(this.app.stream_interactor, db, trust_manager); Manager.start(this.app.stream_interactor, db, trust_manager, encryptors);
SimpleAction own_keys_action = new SimpleAction("own-keys", VariantType.INT32); SimpleAction own_keys_action = new SimpleAction("own-keys", VariantType.INT32);
own_keys_action.activate.connect((variant) => { own_keys_action.activate.connect((variant) => {

View file

@ -25,10 +25,8 @@ public class StreamModule : XmppStreamModule {
public signal void bundle_fetched(Jid jid, int device_id, Bundle bundle); public signal void bundle_fetched(Jid jid, int device_id, Bundle bundle);
public signal void bundle_fetch_failed(Jid jid, int device_id); public signal void bundle_fetch_failed(Jid jid, int device_id);
public StreamModule() { public StreamModule(Store store) {
if (Plugin.ensure_context()) { this.store = store;
this.store = Plugin.get_context().create_store();
}
} }
public override void attach(XmppStream stream) { public override void attach(XmppStream stream) {

View file

@ -109,6 +109,9 @@ SOURCES
"src/module/xep/0176_jingle_ice_udp/jingle_ice_udp_module.vala" "src/module/xep/0176_jingle_ice_udp/jingle_ice_udp_module.vala"
"src/module/xep/0176_jingle_ice_udp/transport_parameters.vala" "src/module/xep/0176_jingle_ice_udp/transport_parameters.vala"
"src/module/xep/0384_omemo/omemo_encryptor.vala"
"src/module/xep/0384_omemo/omemo_decryptor.vala"
"src/module/xep/0184_message_delivery_receipts.vala" "src/module/xep/0184_message_delivery_receipts.vala"
"src/module/xep/0191_blocking_command.vala" "src/module/xep/0191_blocking_command.vala"
"src/module/xep/0198_stream_management.vala" "src/module/xep/0198_stream_management.vala"

View file

@ -6,6 +6,9 @@ namespace Xmpp.Iq {
public class Module : XmppStreamNegotiationModule { public class Module : XmppStreamNegotiationModule {
public static ModuleIdentity<Module> IDENTITY = new ModuleIdentity<Module>(NS_URI, "iq_module"); public static ModuleIdentity<Module> IDENTITY = new ModuleIdentity<Module>(NS_URI, "iq_module");
public signal void preprocess_incoming_iq_set_get(XmppStream stream, Stanza iq_stanza);
public signal void preprocess_outgoing_iq_set_get(XmppStream stream, Stanza iq_stanza);
private HashMap<string, ResponseListener> responseListeners = new HashMap<string, ResponseListener>(); private HashMap<string, ResponseListener> responseListeners = new HashMap<string, ResponseListener>();
private HashMap<string, ArrayList<Handler>> namespaceRegistrants = new HashMap<string, ArrayList<Handler>>(); private HashMap<string, ArrayList<Handler>> namespaceRegistrants = new HashMap<string, ArrayList<Handler>>();
@ -23,6 +26,7 @@ namespace Xmpp.Iq {
public delegate void OnResult(XmppStream stream, Iq.Stanza iq); public delegate void OnResult(XmppStream stream, Iq.Stanza iq);
public void send_iq(XmppStream stream, Iq.Stanza iq, owned OnResult? listener = null) { public void send_iq(XmppStream stream, Iq.Stanza iq, owned OnResult? listener = null) {
preprocess_outgoing_iq_set_get(stream, iq);
stream.write(iq.stanza); stream.write(iq.stanza);
if (listener != null) { if (listener != null) {
responseListeners[iq.id] = new ResponseListener((owned) listener); responseListeners[iq.id] = new ResponseListener((owned) listener);
@ -70,6 +74,7 @@ namespace Xmpp.Iq {
} else { } else {
Gee.List<StanzaNode> children = node.get_all_subnodes(); Gee.List<StanzaNode> children = node.get_all_subnodes();
if (children.size == 1 && namespaceRegistrants.has_key(children[0].ns_uri)) { if (children.size == 1 && namespaceRegistrants.has_key(children[0].ns_uri)) {
preprocess_incoming_iq_set_get(stream, iq);
Gee.List<Handler> handlers = namespaceRegistrants[children[0].ns_uri]; Gee.List<Handler> handlers = namespaceRegistrants[children[0].ns_uri];
foreach (Handler handler in handlers) { foreach (Handler handler in handlers) {
if (iq.type_ == Iq.Stanza.TYPE_GET) { if (iq.type_ == Iq.Stanza.TYPE_GET) {

View file

@ -34,9 +34,8 @@ public class Xmpp.Xep.Jingle.Content : Object {
public weak Session session; public weak Session session;
public Map<uint8, ComponentConnection> component_connections = new HashMap<uint8, ComponentConnection>(); // TODO private public Map<uint8, ComponentConnection> component_connections = new HashMap<uint8, ComponentConnection>(); // TODO private
public ContentEncryption? encryption { get; set; } public HashMap<string, ContentEncryption> encryptions = new HashMap<string, ContentEncryption>();
// INITIATE_SENT | INITIATE_RECEIVED | CONNECTING
public Set<string> tried_transport_methods = new HashSet<string>(); public Set<string> tried_transport_methods = new HashSet<string>();

View file

@ -21,7 +21,7 @@ namespace Xmpp.Xep.Jingle {
public abstract uint8 components { get; } public abstract uint8 components { get; }
public abstract void set_content(Content content); public abstract void set_content(Content content);
public abstract StanzaNode to_transport_stanza_node(); public abstract StanzaNode to_transport_stanza_node(string action_type);
public abstract void handle_transport_accept(StanzaNode transport) throws IqError; public abstract void handle_transport_accept(StanzaNode transport) throws IqError;
public abstract void handle_transport_info(StanzaNode transport) throws IqError; public abstract void handle_transport_info(StanzaNode transport) throws IqError;
public abstract void create_transport_connection(XmppStream stream, Content content); public abstract void create_transport_connection(XmppStream stream, Content content);

View file

@ -3,7 +3,7 @@ using Xmpp;
namespace Xmpp.Xep.Jingle { namespace Xmpp.Xep.Jingle {
internal const string NS_URI = "urn:xmpp:jingle:1"; public const string NS_URI = "urn:xmpp:jingle:1";
private const string ERROR_NS_URI = "urn:xmpp:jingle:errors:1"; private const string ERROR_NS_URI = "urn:xmpp:jingle:errors:1";
// This module can only be attached to one stream at a time. // This module can only be attached to one stream at a time.
@ -131,7 +131,7 @@ namespace Xmpp.Xep.Jingle {
.put_attribute("name", content.content_name) .put_attribute("name", content.content_name)
.put_attribute("senders", content.senders.to_string()) .put_attribute("senders", content.senders.to_string())
.put_node(content.content_params.get_description_node()) .put_node(content.content_params.get_description_node())
.put_node(content.transport_params.to_transport_stanza_node()); .put_node(content.transport_params.to_transport_stanza_node("session-initiate"));
if (content.security_params != null) { if (content.security_params != null) {
content_node.put_node(content.security_params.to_security_stanza_node(stream, my_jid, receiver_full_jid)); content_node.put_node(content.security_params.to_security_stanza_node(stream, my_jid, receiver_full_jid));
} }

View file

@ -221,7 +221,7 @@ public class Xmpp.Xep.Jingle.Session : Object {
.put_attribute("name", content.content_name) .put_attribute("name", content.content_name)
.put_attribute("senders", content.senders.to_string()) .put_attribute("senders", content.senders.to_string())
.put_node(content.content_params.get_description_node()) .put_node(content.content_params.get_description_node())
.put_node(content.transport_params.to_transport_stanza_node())); .put_node(content.transport_params.to_transport_stanza_node("content-add")));
Iq.Stanza iq = new Iq.Stanza.set(content_add_node) { to=peer_full_jid }; Iq.Stanza iq = new Iq.Stanza.set(content_add_node) { to=peer_full_jid };
yield stream.get_module(Iq.Module.IDENTITY).send_iq_async(stream, iq); yield stream.get_module(Iq.Module.IDENTITY).send_iq_async(stream, iq);
@ -343,7 +343,7 @@ public class Xmpp.Xep.Jingle.Session : Object {
.put_attribute("name", content.content_name) .put_attribute("name", content.content_name)
.put_attribute("senders", content.senders.to_string()) .put_attribute("senders", content.senders.to_string())
.put_node(content.content_params.get_description_node()) .put_node(content.content_params.get_description_node())
.put_node(content.transport_params.to_transport_stanza_node()); .put_node(content.transport_params.to_transport_stanza_node("session-accept"));
jingle.put_node(content_node); jingle.put_node(content_node);
} }
@ -379,7 +379,7 @@ public class Xmpp.Xep.Jingle.Session : Object {
.put_attribute("name", content.content_name) .put_attribute("name", content.content_name)
.put_attribute("senders", content.senders.to_string()) .put_attribute("senders", content.senders.to_string())
.put_node(content.content_params.get_description_node()) .put_node(content.content_params.get_description_node())
.put_node(content.transport_params.to_transport_stanza_node())); .put_node(content.transport_params.to_transport_stanza_node("content-accept")));
Iq.Stanza iq = new Iq.Stanza.set(content_accept_node) { to=peer_full_jid }; Iq.Stanza iq = new Iq.Stanza.set(content_accept_node) { to=peer_full_jid };
stream.get_module(Iq.Module.IDENTITY).send_iq(stream, iq); stream.get_module(Iq.Module.IDENTITY).send_iq(stream, iq);
@ -477,7 +477,7 @@ public class Xmpp.Xep.Jingle.Session : Object {
.put_node(new StanzaNode.build("content", NS_URI) .put_node(new StanzaNode.build("content", NS_URI)
.put_attribute("creator", "initiator") .put_attribute("creator", "initiator")
.put_attribute("name", content.content_name) .put_attribute("name", content.content_name)
.put_node(transport_params.to_transport_stanza_node()) .put_node(transport_params.to_transport_stanza_node("transport-accept"))
); );
Iq.Stanza iq_response = new Iq.Stanza.set(jingle_response) { to=peer_full_jid }; Iq.Stanza iq_response = new Iq.Stanza.set(jingle_response) { to=peer_full_jid };
stream.get_module(Iq.Module.IDENTITY).send_iq(stream, iq_response); stream.get_module(Iq.Module.IDENTITY).send_iq(stream, iq_response);
@ -493,7 +493,7 @@ public class Xmpp.Xep.Jingle.Session : Object {
.put_node(new StanzaNode.build("content", NS_URI) .put_node(new StanzaNode.build("content", NS_URI)
.put_attribute("creator", "initiator") .put_attribute("creator", "initiator")
.put_attribute("name", content.content_name) .put_attribute("name", content.content_name)
.put_node(transport_params.to_transport_stanza_node()) .put_node(transport_params.to_transport_stanza_node("transport-replace"))
); );
Iq.Stanza iq = new Iq.Stanza.set(jingle) { to=peer_full_jid }; Iq.Stanza iq = new Iq.Stanza.set(jingle) { to=peer_full_jid };
stream.get_module(Iq.Module.IDENTITY).send_iq(stream, iq); stream.get_module(Iq.Module.IDENTITY).send_iq(stream, iq);

View file

@ -133,7 +133,8 @@ public class Xmpp.Xep.JingleRtp.Parameters : Jingle.ContentParameters, Object {
local_crypto = null; local_crypto = null;
} }
if (remote_crypto != null && local_crypto != null) { if (remote_crypto != null && local_crypto != null) {
content.encryption = new Xmpp.Xep.Jingle.ContentEncryption() { encryption_ns = "", encryption_name = "SRTP", our_key=local_crypto.key, peer_key=remote_crypto.key }; var content_encryption = new Xmpp.Xep.Jingle.ContentEncryption() { encryption_ns = "", encryption_name = "SRTP", our_key=local_crypto.key, peer_key=remote_crypto.key };
content.encryptions[content_encryption.encryption_name] = content_encryption;
} }
this.stream = parent.create_stream(content); this.stream = parent.create_stream(content);

View file

@ -4,7 +4,7 @@ using Xmpp;
namespace Xmpp.Xep.JingleIceUdp { namespace Xmpp.Xep.JingleIceUdp {
private const string NS_URI = "urn:xmpp:jingle:transports:ice-udp:1"; public const string NS_URI = "urn:xmpp:jingle:transports:ice-udp:1";
public const string DTLS_NS_URI = "urn:xmpp:jingle:apps:dtls:0"; public const string DTLS_NS_URI = "urn:xmpp:jingle:apps:dtls:0";
public abstract class Module : XmppStreamModule, Jingle.Transport { public abstract class Module : XmppStreamModule, Jingle.Transport {

View file

@ -65,13 +65,13 @@ public abstract class Xmpp.Xep.JingleIceUdp.IceUdpTransportParameters : Jingle.T
this.content = null; this.content = null;
} }
public StanzaNode to_transport_stanza_node() { public StanzaNode to_transport_stanza_node(string action_type) {
var node = new StanzaNode.build("transport", NS_URI) var node = new StanzaNode.build("transport", NS_URI)
.add_self_xmlns() .add_self_xmlns()
.put_attribute("ufrag", local_ufrag) .put_attribute("ufrag", local_ufrag)
.put_attribute("pwd", local_pwd); .put_attribute("pwd", local_pwd);
if (own_fingerprint != null) { if (own_fingerprint != null && action_type != "transport-info") {
var fingerprint_node = new StanzaNode.build("fingerprint", DTLS_NS_URI) var fingerprint_node = new StanzaNode.build("fingerprint", DTLS_NS_URI)
.add_self_xmlns() .add_self_xmlns()
.put_attribute("hash", "sha-256") .put_attribute("hash", "sha-256")
@ -137,7 +137,7 @@ public abstract class Xmpp.Xep.JingleIceUdp.IceUdpTransportParameters : Jingle.T
private void check_send_transport_info() { private void check_send_transport_info() {
if (this.content != null && unsent_local_candidates.size > 0) { if (this.content != null && unsent_local_candidates.size > 0) {
content.send_transport_info(to_transport_stanza_node()); content.send_transport_info(to_transport_stanza_node("transport-info"));
} }
} }

View file

@ -391,7 +391,7 @@ class Parameters : Jingle.TransportParameters, Object {
} }
public StanzaNode to_transport_stanza_node() { public StanzaNode to_transport_stanza_node(string action_type) {
StanzaNode transport = new StanzaNode.build("transport", NS_URI) StanzaNode transport = new StanzaNode.build("transport", NS_URI)
.add_self_xmlns() .add_self_xmlns()
.put_attribute("dstaddr", local_dstaddr); .put_attribute("dstaddr", local_dstaddr);

View file

@ -73,7 +73,7 @@ class Parameters : Jingle.TransportParameters, Object {
} }
public StanzaNode to_transport_stanza_node() { public StanzaNode to_transport_stanza_node(string action_type) {
return new StanzaNode.build("transport", NS_URI) return new StanzaNode.build("transport", NS_URI)
.add_self_xmlns() .add_self_xmlns()
.put_attribute("block-size", block_size.to_string()) .put_attribute("block-size", block_size.to_string())

View file

@ -102,10 +102,12 @@ namespace Xmpp.Xep.JingleMessageInitiation {
} }
public override void attach(XmppStream stream) { public override void attach(XmppStream stream) {
stream.get_module(ServiceDiscovery.Module.IDENTITY).add_feature(stream, NS_URI);
stream.get_module(MessageModule.IDENTITY).received_message.connect(on_received_message); stream.get_module(MessageModule.IDENTITY).received_message.connect(on_received_message);
} }
public override void detach(XmppStream stream) { public override void detach(XmppStream stream) {
stream.get_module(ServiceDiscovery.Module.IDENTITY).remove_feature(stream, NS_URI);
stream.get_module(MessageModule.IDENTITY).received_message.disconnect(on_received_message); stream.get_module(MessageModule.IDENTITY).received_message.disconnect(on_received_message);
} }

View file

@ -0,0 +1,62 @@
using Gee;
using Xmpp.Xep;
using Xmpp;
namespace Xmpp.Xep.Omemo {
public abstract class OmemoDecryptor : XmppStreamModule {
public static Xmpp.ModuleIdentity<OmemoDecryptor> IDENTITY = new Xmpp.ModuleIdentity<OmemoDecryptor>(NS_URI, "0384_omemo_decryptor");
public abstract uint32 own_device_id { get; }
public abstract string decrypt(uint8[] ciphertext, uint8[] key, uint8[] iv) throws GLib.Error;
public abstract uint8[] decrypt_key(ParsedData data, Jid from_jid) throws GLib.Error;
public ParsedData? parse_node(StanzaNode encrypted_node) {
ParsedData ret = new ParsedData();
StanzaNode? header_node = encrypted_node.get_subnode("header");
if (header_node == null) return null;
ret.sid = header_node.get_attribute_int("sid", -1);
if (ret.sid == -1) return null;
string? payload_str = encrypted_node.get_deep_string_content("payload");
if (payload_str != null) ret.ciphertext = Base64.decode(payload_str);
string? iv_str = header_node.get_deep_string_content("iv");
if (iv_str == null) return null;
ret.iv = Base64.decode(iv_str);
foreach (StanzaNode key_node in header_node.get_subnodes("key")) {
debug("Is ours? %d =? %u", key_node.get_attribute_int("rid"), own_device_id);
if (key_node.get_attribute_int("rid") == own_device_id) {
string? key_node_content = key_node.get_string_content();
if (key_node_content == null) continue;
uchar[] encrypted_key = Base64.decode(key_node_content);
ret.our_potential_encrypted_keys[new Bytes.take(encrypted_key)] = key_node.get_attribute_bool("prekey");
}
}
return ret;
}
public override void attach(XmppStream stream) { }
public override void detach(XmppStream stream) { }
public override string get_ns() { return NS_URI; }
public override string get_id() { return IDENTITY.id; }
}
public class ParsedData {
public int sid;
public uint8[] ciphertext;
public uint8[] iv;
public uchar[] encrypted_key;
public bool is_prekey;
public HashMap<Bytes, bool> our_potential_encrypted_keys = new HashMap<Bytes, bool>();
}
}

View file

@ -0,0 +1,116 @@
using Gee;
using Xmpp.Xep;
using Xmpp;
namespace Xmpp.Xep.Omemo {
public const string NS_URI = "eu.siacs.conversations.axolotl";
public const string NODE_DEVICELIST = NS_URI + ".devicelist";
public const string NODE_BUNDLES = NS_URI + ".bundles";
public const string NODE_VERIFICATION = NS_URI + ".verification";
public abstract class OmemoEncryptor : XmppStreamModule {
public static Xmpp.ModuleIdentity<OmemoEncryptor> IDENTITY = new Xmpp.ModuleIdentity<OmemoEncryptor>(NS_URI, "0384_omemo_encryptor");
public abstract uint32 own_device_id { get; }
public abstract EncryptionData encrypt_plaintext(string plaintext) throws GLib.Error;
public abstract void encrypt_key(Xep.Omemo.EncryptionData encryption_data, Jid jid, int32 device_id) throws GLib.Error;
public abstract EncryptionResult encrypt_key_to_recipient(XmppStream stream, Xep.Omemo.EncryptionData enc_data, Jid recipient) throws GLib.Error;
public override void attach(XmppStream stream) { }
public override void detach(XmppStream stream) { }
public override string get_ns() { return NS_URI; }
public override string get_id() { return IDENTITY.id; }
}
public class EncryptionData {
public uint32 own_device_id;
public uint8[] ciphertext;
public uint8[] keytag;
public uint8[] iv;
public Gee.List<StanzaNode> key_nodes = new ArrayList<StanzaNode>();
public EncryptionData(uint32 own_device_id) {
this.own_device_id = own_device_id;
}
public void add_device_key(int device_id, uint8[] device_key, bool prekey) {
StanzaNode key_node = new StanzaNode.build("key", NS_URI)
.put_attribute("rid", device_id.to_string())
.put_node(new StanzaNode.text(Base64.encode(device_key)));
if (prekey) {
key_node.put_attribute("prekey", "true");
}
key_nodes.add(key_node);
}
public StanzaNode get_encrypted_node() {
StanzaNode encrypted_node = new StanzaNode.build("encrypted", NS_URI).add_self_xmlns();
StanzaNode header_node = new StanzaNode.build("header", NS_URI)
.put_attribute("sid", own_device_id.to_string())
.put_node(new StanzaNode.build("iv", NS_URI).put_node(new StanzaNode.text(Base64.encode(iv))));
encrypted_node.put_node(header_node);
if (ciphertext != null) {
StanzaNode payload_node = new StanzaNode.build("payload", NS_URI)
.put_node(new StanzaNode.text(Base64.encode(ciphertext)));
encrypted_node.put_node(payload_node);
}
foreach (StanzaNode key_node in key_nodes) {
header_node.put_node(key_node);
}
return encrypted_node;
}
}
public class EncryptionResult {
public int lost { get; internal set; }
public int success { get; internal set; }
public int unknown { get; internal set; }
public int failure { get; internal set; }
}
public class EncryptState {
public bool encrypted { get; internal set; }
public int other_devices { get; internal set; }
public int other_success { get; internal set; }
public int other_lost { get; internal set; }
public int other_unknown { get; internal set; }
public int other_failure { get; internal set; }
public int other_waiting_lists { get; internal set; }
public int own_devices { get; internal set; }
public int own_success { get; internal set; }
public int own_lost { get; internal set; }
public int own_unknown { get; internal set; }
public int own_failure { get; internal set; }
public bool own_list { get; internal set; }
public void add_result(EncryptionResult enc_res, bool own) {
if (own) {
own_lost += enc_res.lost;
own_success += enc_res.success;
own_unknown += enc_res.unknown;
own_failure += enc_res.failure;
} else {
other_lost += enc_res.lost;
other_success += enc_res.success;
other_unknown += enc_res.unknown;
other_failure += enc_res.failure;
}
}
public string to_string() {
return @"EncryptState (encrypted=$encrypted, other=(devices=$other_devices, success=$other_success, lost=$other_lost, unknown=$other_unknown, failure=$other_failure, waiting_lists=$other_waiting_lists, own=(devices=$own_devices, success=$own_success, lost=$own_lost, unknown=$own_unknown, failure=$own_failure, list=$own_list))";
}
}
}