Search in sources :

Example 1 with CorruptedOmemoKeyException

use of org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException in project Smack by igniterealtime.

the class OmemoService method onOmemoMessageStanzaReceived.

@Override
public void onOmemoMessageStanzaReceived(Stanza stanza, OmemoManager.LoggedInOmemoManager managerGuard) throws IOException {
    OmemoManager manager = managerGuard.get();
    // Avoid the ratchet being manipulated and the bundle being published multiple times simultaneously
    synchronized (manager) {
        OmemoDevice userDevice = manager.getOwnDevice();
        OmemoElement element = (OmemoElement) stanza.getExtensionElement(OmemoElement.NAME_ENCRYPTED, OmemoElement_VAxolotl.NAMESPACE);
        if (element == null) {
            return;
        }
        OmemoMessage.Received decrypted;
        BareJid sender;
        try {
            MultiUserChat muc = getMuc(manager.getConnection(), stanza.getFrom());
            if (muc != null) {
                Occupant occupant = muc.getOccupant(stanza.getFrom().asEntityFullJidIfPossible());
                if (occupant == null) {
                    LOGGER.log(Level.WARNING, "Cannot decrypt OMEMO MUC message; MUC Occupant is null.");
                    return;
                }
                Jid occupantJid = occupant.getJid();
                if (occupantJid == null) {
                    LOGGER.log(Level.WARNING, "Cannot decrypt OMEMO MUC message; Senders Jid is null. " + stanza.getFrom());
                    return;
                }
                sender = occupantJid.asBareJid();
                // try is for this
                decrypted = decryptMessage(managerGuard, sender, element);
                manager.notifyOmemoMucMessageReceived(muc, stanza, decrypted);
            } else {
                sender = stanza.getFrom().asBareJid();
                // and this
                decrypted = decryptMessage(managerGuard, sender, element);
                manager.notifyOmemoMessageReceived(stanza, decrypted);
            }
            if (decrypted.isPreKeyMessage() && OmemoConfiguration.getCompleteSessionWithEmptyMessage()) {
                LOGGER.log(Level.FINE, "Received a preKeyMessage from " + decrypted.getSenderDevice() + ".\n" + "Complete the session by sending an empty response message.");
                try {
                    sendRatchetUpdate(managerGuard, decrypted.getSenderDevice());
                } catch (CannotEstablishOmemoSessionException e) {
                    throw new AssertionError("Since we successfully received a message, we MUST be able to " + "establish a session. " + e);
                } catch (NoSuchAlgorithmException | InterruptedException | SmackException.NotConnectedException | SmackException.NoResponseException e) {
                    LOGGER.log(Level.WARNING, "Cannot send a ratchet update message.", e);
                }
            }
        } catch (NoRawSessionException e) {
            OmemoDevice device = e.getDeviceWithoutSession();
            LOGGER.log(Level.WARNING, "No raw session found for contact " + device + ". ", e);
            if (OmemoConfiguration.getRepairBrokenSessionsWithPreKeyMessages()) {
                repairBrokenSessionWithPreKeyMessage(managerGuard, device);
            }
        } catch (CorruptedOmemoKeyException | CryptoFailedException e) {
            LOGGER.log(Level.WARNING, "Could not decrypt incoming message: ", e);
        }
        // Upload fresh bundle.
        if (getOmemoStoreBackend().loadOmemoPreKeys(userDevice).size() < OmemoConstants.PRE_KEY_COUNT_PER_BUNDLE) {
            LOGGER.log(Level.FINE, "We used up a preKey. Upload a fresh bundle.");
            try {
                getOmemoStoreBackend().replenishKeys(userDevice);
                OmemoBundleElement bundleElement = getOmemoStoreBackend().packOmemoBundle(userDevice);
                publishBundle(manager.getConnection(), userDevice, bundleElement);
            } catch (CorruptedOmemoKeyException | InterruptedException | SmackException.NoResponseException | SmackException.NotConnectedException | XMPPException.XMPPErrorException | NotALeafNodeException e) {
                LOGGER.log(Level.WARNING, "Could not republish replenished bundle.", e);
            }
        }
    }
}
Also used : CryptoFailedException(org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException) MultiUserChat(org.jivesoftware.smackx.muc.MultiUserChat) OmemoDevice(org.jivesoftware.smackx.omemo.internal.OmemoDevice) EntityBareJid(org.jxmpp.jid.EntityBareJid) Jid(org.jxmpp.jid.Jid) BareJid(org.jxmpp.jid.BareJid) NotALeafNodeException(org.jivesoftware.smackx.pubsub.PubSubException.NotALeafNodeException) EntityBareJid(org.jxmpp.jid.EntityBareJid) BareJid(org.jxmpp.jid.BareJid) Occupant(org.jivesoftware.smackx.muc.Occupant) NoRawSessionException(org.jivesoftware.smackx.omemo.exceptions.NoRawSessionException) MessageOrOmemoMessage(org.jivesoftware.smackx.omemo.util.MessageOrOmemoMessage) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) OmemoBundleElement(org.jivesoftware.smackx.omemo.element.OmemoBundleElement) CannotEstablishOmemoSessionException(org.jivesoftware.smackx.omemo.exceptions.CannotEstablishOmemoSessionException) CorruptedOmemoKeyException(org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException) OmemoElement(org.jivesoftware.smackx.omemo.element.OmemoElement)

Example 2 with CorruptedOmemoKeyException

use of org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException in project Smack by igniterealtime.

the class OmemoService method decryptMamQueryResult.

/**
 * Decrypt a possible OMEMO encrypted messages in a {@link MamManager.MamQuery}.
 * The returned list contains wrappers that either hold an {@link OmemoMessage} in case the message was decrypted
 * properly, otherwise it contains the message itself.
 *
 * @param managerGuard authenticated OmemoManager.
 * @param mamQuery Mam archive query
 * @return list of {@link MessageOrOmemoMessage MessageOrOmemoMessages}.
 *
 * @throws IOException if an I/O error occurred.
 */
List<MessageOrOmemoMessage> decryptMamQueryResult(OmemoManager.LoggedInOmemoManager managerGuard, MamManager.MamQuery mamQuery) throws IOException {
    List<MessageOrOmemoMessage> result = new ArrayList<>();
    for (Message message : mamQuery.getMessages()) {
        if (OmemoManager.stanzaContainsOmemoElement(message)) {
            OmemoElement element = (OmemoElement) message.getExtensionElement(OmemoElement.NAME_ENCRYPTED, OmemoConstants.OMEMO_NAMESPACE_V_AXOLOTL);
            // Decrypt OMEMO messages
            try {
                OmemoMessage.Received omemoMessage = decryptMessage(managerGuard, message.getFrom().asBareJid(), element);
                result.add(new MessageOrOmemoMessage(omemoMessage));
            } catch (NoRawSessionException | CorruptedOmemoKeyException | CryptoFailedException e) {
                LOGGER.log(Level.WARNING, "decryptMamQueryResult failed to decrypt message from " + message.getFrom() + " due to corrupted session/key: " + e.getMessage());
                result.add(new MessageOrOmemoMessage(message));
            }
        } else {
            // Wrap cleartext messages
            result.add(new MessageOrOmemoMessage(message));
        }
    }
    return result;
}
Also used : CryptoFailedException(org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException) MessageOrOmemoMessage(org.jivesoftware.smackx.omemo.util.MessageOrOmemoMessage) MessageOrOmemoMessage(org.jivesoftware.smackx.omemo.util.MessageOrOmemoMessage) Message(org.jivesoftware.smack.packet.Message) NoRawSessionException(org.jivesoftware.smackx.omemo.exceptions.NoRawSessionException) ArrayList(java.util.ArrayList) MessageOrOmemoMessage(org.jivesoftware.smackx.omemo.util.MessageOrOmemoMessage) OmemoElement(org.jivesoftware.smackx.omemo.element.OmemoElement) CorruptedOmemoKeyException(org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException)

Example 3 with CorruptedOmemoKeyException

use of org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException in project Smack by igniterealtime.

the class OmemoService method onOmemoCarbonCopyReceived.

@Override
public void onOmemoCarbonCopyReceived(CarbonExtension.Direction direction, Message carbonCopy, Message wrappingMessage, OmemoManager.LoggedInOmemoManager managerGuard) throws IOException {
    OmemoManager manager = managerGuard.get();
    // Avoid the ratchet being manipulated and the bundle being published multiple times simultaneously
    synchronized (manager) {
        OmemoDevice userDevice = manager.getOwnDevice();
        OmemoElement element = (OmemoElement) carbonCopy.getExtensionElement(OmemoElement.NAME_ENCRYPTED, OmemoElement_VAxolotl.NAMESPACE);
        if (element == null) {
            return;
        }
        OmemoMessage.Received decrypted;
        BareJid sender = carbonCopy.getFrom().asBareJid();
        try {
            decrypted = decryptMessage(managerGuard, sender, element);
            manager.notifyOmemoCarbonCopyReceived(direction, carbonCopy, wrappingMessage, decrypted);
            if (decrypted.isPreKeyMessage() && OmemoConfiguration.getCompleteSessionWithEmptyMessage()) {
                LOGGER.log(Level.FINE, "Received a preKeyMessage in a carbon copy from " + decrypted.getSenderDevice() + ".\n" + "Complete the session by sending an empty response message.");
                try {
                    sendRatchetUpdate(managerGuard, decrypted.getSenderDevice());
                } catch (CannotEstablishOmemoSessionException e) {
                    throw new AssertionError("Since we successfully received a message, we MUST be able to " + "establish a session. " + e);
                } catch (NoSuchAlgorithmException | InterruptedException | SmackException.NotConnectedException | SmackException.NoResponseException e) {
                    LOGGER.log(Level.WARNING, "Cannot send a ratchet update message.", e);
                }
            }
        } catch (NoRawSessionException e) {
            OmemoDevice device = e.getDeviceWithoutSession();
            LOGGER.log(Level.WARNING, "No raw session found for contact " + device + ". ", e);
            if (OmemoConfiguration.getRepairBrokenSessionsWithPreKeyMessages()) {
                repairBrokenSessionWithPreKeyMessage(managerGuard, device);
            }
        } catch (CorruptedOmemoKeyException | CryptoFailedException e) {
            LOGGER.log(Level.WARNING, "Could not decrypt incoming carbon copy: ", e);
        }
        // Upload fresh bundle.
        if (getOmemoStoreBackend().loadOmemoPreKeys(userDevice).size() < OmemoConstants.PRE_KEY_COUNT_PER_BUNDLE) {
            LOGGER.log(Level.FINE, "We used up a preKey. Upload a fresh bundle.");
            try {
                getOmemoStoreBackend().replenishKeys(userDevice);
                OmemoBundleElement bundleElement = getOmemoStoreBackend().packOmemoBundle(userDevice);
                publishBundle(manager.getConnection(), userDevice, bundleElement);
            } catch (CorruptedOmemoKeyException | InterruptedException | SmackException.NoResponseException | SmackException.NotConnectedException | XMPPException.XMPPErrorException | NotALeafNodeException e) {
                LOGGER.log(Level.WARNING, "Could not republish replenished bundle.", e);
            }
        }
    }
}
Also used : CryptoFailedException(org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException) OmemoDevice(org.jivesoftware.smackx.omemo.internal.OmemoDevice) NotALeafNodeException(org.jivesoftware.smackx.pubsub.PubSubException.NotALeafNodeException) EntityBareJid(org.jxmpp.jid.EntityBareJid) BareJid(org.jxmpp.jid.BareJid) NoRawSessionException(org.jivesoftware.smackx.omemo.exceptions.NoRawSessionException) MessageOrOmemoMessage(org.jivesoftware.smackx.omemo.util.MessageOrOmemoMessage) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) OmemoBundleElement(org.jivesoftware.smackx.omemo.element.OmemoBundleElement) CannotEstablishOmemoSessionException(org.jivesoftware.smackx.omemo.exceptions.CannotEstablishOmemoSessionException) CorruptedOmemoKeyException(org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException) OmemoElement(org.jivesoftware.smackx.omemo.element.OmemoElement)

Example 4 with CorruptedOmemoKeyException

use of org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException in project Smack by igniterealtime.

the class LegacySignalOmemoKeyUtilTest method generateOmemoSignedPreKeyTest.

@Test
public void generateOmemoSignedPreKeyTest() {
    IdentityKeyPair ikp = keyUtil.generateOmemoIdentityKeyPair();
    try {
        SignedPreKeyRecord spk = keyUtil.generateOmemoSignedPreKey(ikp, 1);
        assertNotNull("SignedPreKey must not be null.", spk);
        assertEquals("SignedPreKeyId must match.", 1, spk.getId());
        assertEquals("singedPreKeyId must match here also.", 1, keyUtil.signedPreKeyIdFromKey(spk));
    } catch (CorruptedOmemoKeyException e) {
        fail("Caught an exception while generating signedPreKey (" + e + "): " + e.getMessage());
    }
}
Also used : IdentityKeyPair(org.whispersystems.libsignal.IdentityKeyPair) SignedPreKeyRecord(org.whispersystems.libsignal.state.SignedPreKeyRecord) CorruptedOmemoKeyException(org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException) Test(org.junit.Test)

Example 5 with CorruptedOmemoKeyException

use of org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException in project Smack by igniterealtime.

the class OmemoRatchet method retrieveMessageKeyAndAuthTag.

/**
 * Try to decrypt the transported message key using the double ratchet session.
 *
 * @param element omemoElement
 * @return tuple of cipher generated from the unpacked message key and the auth-tag
 *
 * @throws CryptoFailedException if decryption using the double ratchet fails
 * @throws NoRawSessionException if we have no session, but the element was NOT a PreKeyMessage
 * @throws IOException if an I/O error occurred.
 */
CipherAndAuthTag retrieveMessageKeyAndAuthTag(OmemoDevice sender, OmemoElement element) throws CryptoFailedException, NoRawSessionException, IOException {
    int keyId = omemoManager.getDeviceId();
    byte[] unpackedKey = null;
    List<CryptoFailedException> decryptExceptions = new ArrayList<>();
    List<OmemoKeyElement> keys = element.getHeader().getKeys();
    boolean preKey = false;
    // Find key with our ID.
    for (OmemoKeyElement k : keys) {
        if (k.getId() == keyId) {
            try {
                unpackedKey = doubleRatchetDecrypt(sender, k.getData());
                preKey = k.isPreKey();
                break;
            } catch (CryptoFailedException e) {
                // There might be multiple keys with our id, but we can only decrypt one.
                // So we can't throw the exception, when decrypting the first duplicate which is not for us.
                decryptExceptions.add(e);
            } catch (CorruptedOmemoKeyException e) {
                decryptExceptions.add(new CryptoFailedException(e));
            } catch (UntrustedOmemoIdentityException e) {
                LOGGER.log(Level.WARNING, "Received message from " + sender + " contained unknown identityKey. Ignore message.", e);
            }
        }
    }
    if (unpackedKey == null) {
        if (!decryptExceptions.isEmpty()) {
            throw MultipleCryptoFailedException.from(decryptExceptions);
        }
        throw new CryptoFailedException("Transported key could not be decrypted, since no suitable message key " + "was provided. Provides keys: " + keys);
    }
    // Split in AES auth-tag and key
    byte[] messageKey = new byte[16];
    byte[] authTag = null;
    if (unpackedKey.length == 32) {
        authTag = new byte[16];
        // copy key part into messageKey
        System.arraycopy(unpackedKey, 0, messageKey, 0, 16);
        // copy tag part into authTag
        System.arraycopy(unpackedKey, 16, authTag, 0, 16);
    } else if (element.isKeyTransportElement() && unpackedKey.length == 16) {
        messageKey = unpackedKey;
    } else {
        throw new CryptoFailedException("MessageKey has wrong length: " + unpackedKey.length + ". Probably legacy auth tag format.");
    }
    return new CipherAndAuthTag(messageKey, element.getHeader().getIv(), authTag, preKey);
}
Also used : MultipleCryptoFailedException(org.jivesoftware.smackx.omemo.exceptions.MultipleCryptoFailedException) CryptoFailedException(org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException) OmemoKeyElement(org.jivesoftware.smackx.omemo.element.OmemoKeyElement) ArrayList(java.util.ArrayList) CipherAndAuthTag(org.jivesoftware.smackx.omemo.internal.CipherAndAuthTag) UntrustedOmemoIdentityException(org.jivesoftware.smackx.omemo.exceptions.UntrustedOmemoIdentityException) CorruptedOmemoKeyException(org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException)

Aggregations

CorruptedOmemoKeyException (org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException)10 CryptoFailedException (org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException)7 CannotEstablishOmemoSessionException (org.jivesoftware.smackx.omemo.exceptions.CannotEstablishOmemoSessionException)6 OmemoDevice (org.jivesoftware.smackx.omemo.internal.OmemoDevice)6 OmemoElement (org.jivesoftware.smackx.omemo.element.OmemoElement)5 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 NoRawSessionException (org.jivesoftware.smackx.omemo.exceptions.NoRawSessionException)4 MessageOrOmemoMessage (org.jivesoftware.smackx.omemo.util.MessageOrOmemoMessage)4 BareJid (org.jxmpp.jid.BareJid)4 EntityBareJid (org.jxmpp.jid.EntityBareJid)4 OmemoBundleElement (org.jivesoftware.smackx.omemo.element.OmemoBundleElement)3 NotALeafNodeException (org.jivesoftware.smackx.pubsub.PubSubException.NotALeafNodeException)3 ArrayList (java.util.ArrayList)2 Message (org.jivesoftware.smack.packet.Message)2 MultiUserChat (org.jivesoftware.smackx.muc.MultiUserChat)2 Occupant (org.jivesoftware.smackx.muc.Occupant)2 UndecidedOmemoIdentityException (org.jivesoftware.smackx.omemo.exceptions.UndecidedOmemoIdentityException)2 UntrustedOmemoIdentityException (org.jivesoftware.smackx.omemo.exceptions.UntrustedOmemoIdentityException)2 OmemoFingerprint (org.jivesoftware.smackx.omemo.trust.OmemoFingerprint)2 Jid (org.jxmpp.jid.Jid)2