conversations-classic/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java

package eu.siacs.conversations.crypto.axolotl;

import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.util.Log;

import org.whispersystems.libaxolotl.AxolotlAddress;
import org.whispersystems.libaxolotl.DuplicateMessageException;
import org.whispersystems.libaxolotl.InvalidKeyException;
import org.whispersystems.libaxolotl.InvalidKeyIdException;
import org.whispersystems.libaxolotl.InvalidMessageException;
import org.whispersystems.libaxolotl.InvalidVersionException;
import org.whispersystems.libaxolotl.LegacyMessageException;
import org.whispersystems.libaxolotl.NoSessionException;
import org.whispersystems.libaxolotl.SessionCipher;
import org.whispersystems.libaxolotl.UntrustedIdentityException;
import org.whispersystems.libaxolotl.protocol.CiphertextMessage;
import org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage;
import org.whispersystems.libaxolotl.protocol.WhisperMessage;

import eu.siacs.conversations.Config;
import eu.siacs.conversations.entities.Account;

public class XmppAxolotlSession {
	private final SessionCipher cipher;
	private final SQLiteAxolotlStore sqLiteAxolotlStore;
	private final AxolotlAddress remoteAddress;
	private final Account account;
	private String fingerprint = null;
	private Integer preKeyId = null;
	private boolean fresh = true;

	public XmppAxolotlSession(Account account, SQLiteAxolotlStore store, AxolotlAddress remoteAddress, String fingerprint) {
		this(account, store, remoteAddress);
		this.fingerprint = fingerprint;
	}

	public XmppAxolotlSession(Account account, SQLiteAxolotlStore store, AxolotlAddress remoteAddress) {
		this.cipher = new SessionCipher(store, remoteAddress);
		this.remoteAddress = remoteAddress;
		this.sqLiteAxolotlStore = store;
		this.account = account;
	}

	public Integer getPreKeyId() {
		return preKeyId;
	}

	public void resetPreKeyId() {

		preKeyId = null;
	}

	public String getFingerprint() {
		return fingerprint;
	}

	public AxolotlAddress getRemoteAddress() {
		return remoteAddress;
	}

	public boolean isFresh() {
		return fresh;
	}

	public void setNotFresh() {
		this.fresh = false;
	}

	protected void setTrust(SQLiteAxolotlStore.Trust trust) {
		sqLiteAxolotlStore.setFingerprintTrust(fingerprint, trust);
	}

	protected SQLiteAxolotlStore.Trust getTrust() {
		SQLiteAxolotlStore.Trust trust = sqLiteAxolotlStore.getFingerprintTrust(fingerprint);
		return (trust == null) ? SQLiteAxolotlStore.Trust.UNDECIDED : trust;
	}

	@Nullable
	public byte[] processReceiving(byte[] encryptedKey) {
		byte[] plaintext = null;
		SQLiteAxolotlStore.Trust trust = getTrust();
		switch (trust) {
			case INACTIVE:
			case UNDECIDED:
			case UNTRUSTED:
			case TRUSTED:
				try {
					try {
						PreKeyWhisperMessage message = new PreKeyWhisperMessage(encryptedKey);
						Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "PreKeyWhisperMessage received, new session ID:" + message.getSignedPreKeyId() + "/" + message.getPreKeyId());
						String fingerprint = message.getIdentityKey().getFingerprint().replaceAll("\\s", "");
						if (this.fingerprint != null && !this.fingerprint.equals(fingerprint)) {
							Log.e(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Had session with fingerprint " + this.fingerprint + ", received message with fingerprint " + fingerprint);
						} else {
							this.fingerprint = fingerprint;
							plaintext = cipher.decrypt(message);
							if (message.getPreKeyId().isPresent()) {
								preKeyId = message.getPreKeyId().get();
							}
						}
					} catch (InvalidMessageException | InvalidVersionException e) {
						Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "WhisperMessage received");
						WhisperMessage message = new WhisperMessage(encryptedKey);
						plaintext = cipher.decrypt(message);
					} catch (InvalidKeyException | InvalidKeyIdException | UntrustedIdentityException e) {
						Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error decrypting axolotl header, " + e.getClass().getName() + ": " + e.getMessage());
					}
				} catch (LegacyMessageException | InvalidMessageException | DuplicateMessageException | NoSessionException e) {
					Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error decrypting axolotl header, " + e.getClass().getName() + ": " + e.getMessage());
				}

				if (plaintext != null && trust == SQLiteAxolotlStore.Trust.INACTIVE) {
					setTrust(SQLiteAxolotlStore.Trust.TRUSTED);
				}

				break;

			case COMPROMISED:
			default:
				// ignore
				break;
		}
		return plaintext;
	}

	@Nullable
	public byte[] processSending(@NonNull byte[] outgoingMessage) {
		SQLiteAxolotlStore.Trust trust = getTrust();
		if (trust == SQLiteAxolotlStore.Trust.TRUSTED) {
			CiphertextMessage ciphertextMessage = cipher.encrypt(outgoingMessage);
			return ciphertextMessage.serialize();
		} else {
			return null;
		}
	}
}
Refactor out inner classes, cache trust store Moves SQLiteAxolotlStore and XmppAxolotlSession into proper classes. IdentityKeys trust statuses are now cached in an LruCache to prevent hammering the database when rendering the UI. 2015-07-28 20:00:54 +00:00			`package eu.siacs.conversations.crypto.axolotl;`

			`import android.support.annotation.NonNull;`
			`import android.support.annotation.Nullable;`
			`import android.util.Log;`

			`import org.whispersystems.libaxolotl.AxolotlAddress;`
			`import org.whispersystems.libaxolotl.DuplicateMessageException;`
			`import org.whispersystems.libaxolotl.InvalidKeyException;`
			`import org.whispersystems.libaxolotl.InvalidKeyIdException;`
			`import org.whispersystems.libaxolotl.InvalidMessageException;`
			`import org.whispersystems.libaxolotl.InvalidVersionException;`
			`import org.whispersystems.libaxolotl.LegacyMessageException;`
			`import org.whispersystems.libaxolotl.NoSessionException;`
			`import org.whispersystems.libaxolotl.SessionCipher;`
			`import org.whispersystems.libaxolotl.UntrustedIdentityException;`
			`import org.whispersystems.libaxolotl.protocol.CiphertextMessage;`
			`import org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage;`
			`import org.whispersystems.libaxolotl.protocol.WhisperMessage;`

			`import eu.siacs.conversations.Config;`
			`import eu.siacs.conversations.entities.Account;`

			`public class XmppAxolotlSession {`
			`private final SessionCipher cipher;`
			`private final SQLiteAxolotlStore sqLiteAxolotlStore;`
			`private final AxolotlAddress remoteAddress;`
			`private final Account account;`
			`private String fingerprint = null;`
Provide process function for key transport message 2015-07-31 21:28:09 +00:00			`private Integer preKeyId = null;`
			`private boolean fresh = true;`
Refactor out inner classes, cache trust store Moves SQLiteAxolotlStore and XmppAxolotlSession into proper classes. IdentityKeys trust statuses are now cached in an LruCache to prevent hammering the database when rendering the UI. 2015-07-28 20:00:54 +00:00
			`public XmppAxolotlSession(Account account, SQLiteAxolotlStore store, AxolotlAddress remoteAddress, String fingerprint) {`
			`this(account, store, remoteAddress);`
			`this.fingerprint = fingerprint;`
			`}`

			`public XmppAxolotlSession(Account account, SQLiteAxolotlStore store, AxolotlAddress remoteAddress) {`
			`this.cipher = new SessionCipher(store, remoteAddress);`
			`this.remoteAddress = remoteAddress;`
			`this.sqLiteAxolotlStore = store;`
			`this.account = account;`
			`}`

			`public Integer getPreKeyId() {`
			`return preKeyId;`
			`}`

			`public void resetPreKeyId() {`

			`preKeyId = null;`
			`}`

			`public String getFingerprint() {`
			`return fingerprint;`
			`}`

Provide process function for key transport message 2015-07-31 21:28:09 +00:00			`public AxolotlAddress getRemoteAddress() {`
			`return remoteAddress;`
			`}`

			`public boolean isFresh() {`
			`return fresh;`
			`}`

			`public void setNotFresh() {`
			`this.fresh = false;`
			`}`

Refactor out inner classes, cache trust store Moves SQLiteAxolotlStore and XmppAxolotlSession into proper classes. IdentityKeys trust statuses are now cached in an LruCache to prevent hammering the database when rendering the UI. 2015-07-28 20:00:54 +00:00			`protected void setTrust(SQLiteAxolotlStore.Trust trust) {`
			`sqLiteAxolotlStore.setFingerprintTrust(fingerprint, trust);`
			`}`

			`protected SQLiteAxolotlStore.Trust getTrust() {`
Fix NPE: consider unknown keys UNDECIDED 2015-07-29 00:56:47 +00:00			`SQLiteAxolotlStore.Trust trust = sqLiteAxolotlStore.getFingerprintTrust(fingerprint);`
Reformat code 2015-07-31 16:05:32 +00:00			`return (trust == null) ? SQLiteAxolotlStore.Trust.UNDECIDED : trust;`
Refactor out inner classes, cache trust store Moves SQLiteAxolotlStore and XmppAxolotlSession into proper classes. IdentityKeys trust statuses are now cached in an LruCache to prevent hammering the database when rendering the UI. 2015-07-28 20:00:54 +00:00			`}`

			`@Nullable`
Refactor axolotl message processing workflow XmppAxolotlMessage is now entirely responsible for handling encryption and decryption of messages, only leveraging XmppAxolotlSession as a packing/unpacking primitive for payload keys. Removed pseudo-dead session generation code step from prepareMessage function, as sessions have been created by invoking the TrustKeysActivity for a while now. Added prepareKeyTransportMessage function, which creates a message with no payload. The key that is packed into the header keyElements can then be used for other purposes (e.g. encrypted file transfer). 2015-07-31 19:12:34 +00:00			`public byte[] processReceiving(byte[] encryptedKey) {`
Refactor out inner classes, cache trust store Moves SQLiteAxolotlStore and XmppAxolotlSession into proper classes. IdentityKeys trust statuses are now cached in an LruCache to prevent hammering the database when rendering the UI. 2015-07-28 20:00:54 +00:00			`byte[] plaintext = null;`
			`SQLiteAxolotlStore.Trust trust = getTrust();`
			`switch (trust) {`
			`case INACTIVE:`
			`case UNDECIDED:`
			`case UNTRUSTED:`
			`case TRUSTED:`
			`try {`
			`try {`
Refactor axolotl message processing workflow XmppAxolotlMessage is now entirely responsible for handling encryption and decryption of messages, only leveraging XmppAxolotlSession as a packing/unpacking primitive for payload keys. Removed pseudo-dead session generation code step from prepareMessage function, as sessions have been created by invoking the TrustKeysActivity for a while now. Added prepareKeyTransportMessage function, which creates a message with no payload. The key that is packed into the header keyElements can then be used for other purposes (e.g. encrypted file transfer). 2015-07-31 19:12:34 +00:00			`PreKeyWhisperMessage message = new PreKeyWhisperMessage(encryptedKey);`
Refactor out inner classes, cache trust store Moves SQLiteAxolotlStore and XmppAxolotlSession into proper classes. IdentityKeys trust statuses are now cached in an LruCache to prevent hammering the database when rendering the UI. 2015-07-28 20:00:54 +00:00			`Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "PreKeyWhisperMessage received, new session ID:" + message.getSignedPreKeyId() + "/" + message.getPreKeyId());`
			`String fingerprint = message.getIdentityKey().getFingerprint().replaceAll("\\s", "");`
			`if (this.fingerprint != null && !this.fingerprint.equals(fingerprint)) {`
			`Log.e(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Had session with fingerprint " + this.fingerprint + ", received message with fingerprint " + fingerprint);`
			`} else {`
			`this.fingerprint = fingerprint;`
			`plaintext = cipher.decrypt(message);`
			`if (message.getPreKeyId().isPresent()) {`
			`preKeyId = message.getPreKeyId().get();`
			`}`
			`}`
			`} catch (InvalidMessageException \| InvalidVersionException e) {`
			`Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "WhisperMessage received");`
Refactor axolotl message processing workflow XmppAxolotlMessage is now entirely responsible for handling encryption and decryption of messages, only leveraging XmppAxolotlSession as a packing/unpacking primitive for payload keys. Removed pseudo-dead session generation code step from prepareMessage function, as sessions have been created by invoking the TrustKeysActivity for a while now. Added prepareKeyTransportMessage function, which creates a message with no payload. The key that is packed into the header keyElements can then be used for other purposes (e.g. encrypted file transfer). 2015-07-31 19:12:34 +00:00			`WhisperMessage message = new WhisperMessage(encryptedKey);`
Refactor out inner classes, cache trust store Moves SQLiteAxolotlStore and XmppAxolotlSession into proper classes. IdentityKeys trust statuses are now cached in an LruCache to prevent hammering the database when rendering the UI. 2015-07-28 20:00:54 +00:00			`plaintext = cipher.decrypt(message);`
			`} catch (InvalidKeyException \| InvalidKeyIdException \| UntrustedIdentityException e) {`
			`Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error decrypting axolotl header, " + e.getClass().getName() + ": " + e.getMessage());`
			`}`
			`} catch (LegacyMessageException \| InvalidMessageException \| DuplicateMessageException \| NoSessionException e) {`
			`Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error decrypting axolotl header, " + e.getClass().getName() + ": " + e.getMessage());`
			`}`

			`if (plaintext != null && trust == SQLiteAxolotlStore.Trust.INACTIVE) {`
			`setTrust(SQLiteAxolotlStore.Trust.TRUSTED);`
			`}`

			`break;`

			`case COMPROMISED:`
			`default:`
			`// ignore`
			`break;`
			`}`
			`return plaintext;`
			`}`

			`@Nullable`
Refactor axolotl message processing workflow XmppAxolotlMessage is now entirely responsible for handling encryption and decryption of messages, only leveraging XmppAxolotlSession as a packing/unpacking primitive for payload keys. Removed pseudo-dead session generation code step from prepareMessage function, as sessions have been created by invoking the TrustKeysActivity for a while now. Added prepareKeyTransportMessage function, which creates a message with no payload. The key that is packed into the header keyElements can then be used for other purposes (e.g. encrypted file transfer). 2015-07-31 19:12:34 +00:00			`public byte[] processSending(@NonNull byte[] outgoingMessage) {`
Refactor out inner classes, cache trust store Moves SQLiteAxolotlStore and XmppAxolotlSession into proper classes. IdentityKeys trust statuses are now cached in an LruCache to prevent hammering the database when rendering the UI. 2015-07-28 20:00:54 +00:00			`SQLiteAxolotlStore.Trust trust = getTrust();`
			`if (trust == SQLiteAxolotlStore.Trust.TRUSTED) {`
			`CiphertextMessage ciphertextMessage = cipher.encrypt(outgoingMessage);`
Refactor axolotl message processing workflow XmppAxolotlMessage is now entirely responsible for handling encryption and decryption of messages, only leveraging XmppAxolotlSession as a packing/unpacking primitive for payload keys. Removed pseudo-dead session generation code step from prepareMessage function, as sessions have been created by invoking the TrustKeysActivity for a while now. Added prepareKeyTransportMessage function, which creates a message with no payload. The key that is packed into the header keyElements can then be used for other purposes (e.g. encrypted file transfer). 2015-07-31 19:12:34 +00:00			`return ciphertextMessage.serialize();`
Refactor out inner classes, cache trust store Moves SQLiteAxolotlStore and XmppAxolotlSession into proper classes. IdentityKeys trust statuses are now cached in an LruCache to prevent hammering the database when rendering the UI. 2015-07-28 20:00:54 +00:00			`} else {`
			`return null;`
			`}`
			`}`
			`}`