Example 1 with InvalidKeyException
use of org.whispersystems.libaxolotl.InvalidKeyException in project Conversations by siacs.
the class DatabaseBackend method loadIdentityKeys.
public Set<IdentityKey> loadIdentityKeys(Account account, String name, FingerprintStatus status) {
Set<IdentityKey> identityKeys = new HashSet<>();
Cursor cursor = getIdentityKeyCursor(account, name, false);
while (cursor.moveToNext()) {
if (status != null && !FingerprintStatus.fromCursor(cursor).equals(status)) {
continue;
}
try {
String key = cursor.getString(cursor.getColumnIndex(SQLiteAxolotlStore.KEY));
if (key != null) {
identityKeys.add(new IdentityKey(Base64.decode(key, Base64.DEFAULT), 0));
} else {
Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Missing key (possibly preverified) in database for account" + account.getJid().toBareJid() + ", address: " + name);
}
} catch (InvalidKeyException e) {
Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Encountered invalid IdentityKey in database for account" + account.getJid().toBareJid() + ", address: " + name);
}
}
cursor.close();
return identityKeys;
}
Also used :
IdentityKey(org.whispersystems.libaxolotl.IdentityKey)
Cursor(android.database.Cursor)
InvalidKeyException(org.whispersystems.libaxolotl.InvalidKeyException)
HashSet(java.util.HashSet)
Example 2 with InvalidKeyException
use of org.whispersystems.libaxolotl.InvalidKeyException in project Conversations by siacs.
the class AxolotlService method buildSessionFromPEP.
private void buildSessionFromPEP(final AxolotlAddress address) {
Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Building new session for " + address.toString());
if (address.equals(getOwnAxolotlAddress())) {
throw new AssertionError("We should NEVER build a session with ourselves. What happened here?!");
}
try {
IqPacket bundlesPacket = mXmppConnectionService.getIqGenerator().retrieveBundlesForDevice(Jid.fromString(address.getName()), address.getDeviceId());
Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Retrieving bundle: " + bundlesPacket);
mXmppConnectionService.sendIqPacket(account, bundlesPacket, new OnIqPacketReceived() {
@Override
public void onIqPacketReceived(Account account, IqPacket packet) {
if (packet.getType() == IqPacket.TYPE.TIMEOUT) {
fetchStatusMap.put(address, FetchStatus.TIMEOUT);
} else if (packet.getType() == IqPacket.TYPE.RESULT) {
Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Received preKey IQ packet, processing...");
final IqParser parser = mXmppConnectionService.getIqParser();
final List<PreKeyBundle> preKeyBundleList = parser.preKeys(packet);
final PreKeyBundle bundle = parser.bundle(packet);
if (preKeyBundleList.isEmpty() || bundle == null) {
Log.e(Config.LOGTAG, AxolotlService.getLogprefix(account) + "preKey IQ packet invalid: " + packet);
fetchStatusMap.put(address, FetchStatus.ERROR);
finishBuildingSessionsFromPEP(address);
return;
}
Random random = new Random();
final PreKeyBundle preKey = preKeyBundleList.get(random.nextInt(preKeyBundleList.size()));
if (preKey == null) {
//should never happen
fetchStatusMap.put(address, FetchStatus.ERROR);
finishBuildingSessionsFromPEP(address);
return;
}
final PreKeyBundle preKeyBundle = new PreKeyBundle(0, address.getDeviceId(), preKey.getPreKeyId(), preKey.getPreKey(), bundle.getSignedPreKeyId(), bundle.getSignedPreKey(), bundle.getSignedPreKeySignature(), bundle.getIdentityKey());
try {
SessionBuilder builder = new SessionBuilder(axolotlStore, address);
builder.process(preKeyBundle);
XmppAxolotlSession session = new XmppAxolotlSession(account, axolotlStore, address, bundle.getIdentityKey());
sessions.put(address, session);
if (Config.X509_VERIFICATION) {
verifySessionWithPEP(session);
} else {
FingerprintStatus status = getFingerprintTrust(bundle.getIdentityKey().getFingerprint().replaceAll("\\s", ""));
FetchStatus fetchStatus;
if (status != null && status.isVerified()) {
fetchStatus = FetchStatus.SUCCESS_VERIFIED;
} else if (status != null && status.isTrusted()) {
fetchStatus = FetchStatus.SUCCESS_TRUSTED;
} else {
fetchStatus = FetchStatus.SUCCESS;
}
fetchStatusMap.put(address, fetchStatus);
finishBuildingSessionsFromPEP(address);
}
} catch (UntrustedIdentityException | InvalidKeyException e) {
Log.e(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error building session for " + address + ": " + e.getClass().getName() + ", " + e.getMessage());
fetchStatusMap.put(address, FetchStatus.ERROR);
finishBuildingSessionsFromPEP(address);
}
} else {
fetchStatusMap.put(address, FetchStatus.ERROR);
Log.d(Config.LOGTAG, getLogprefix(account) + "Error received while building session:" + packet.findChild("error"));
finishBuildingSessionsFromPEP(address);
}
}
});
} catch (InvalidJidException e) {
Log.e(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Got address with invalid jid: " + address.getName());
}
}
Also used :
Account(eu.siacs.conversations.entities.Account)
IqParser(eu.siacs.conversations.parser.IqParser)
UntrustedIdentityException(org.whispersystems.libaxolotl.UntrustedIdentityException)
OnIqPacketReceived(eu.siacs.conversations.xmpp.OnIqPacketReceived)
InvalidJidException(eu.siacs.conversations.xmpp.jid.InvalidJidException)
SessionBuilder(org.whispersystems.libaxolotl.SessionBuilder)
InvalidKeyException(org.whispersystems.libaxolotl.InvalidKeyException)
IqPacket(eu.siacs.conversations.xmpp.stanzas.IqPacket)
PreKeyBundle(org.whispersystems.libaxolotl.state.PreKeyBundle)
Random(java.util.Random)
Example 3 with InvalidKeyException
use of org.whispersystems.libaxolotl.InvalidKeyException in project Conversations by siacs.
the class AxolotlService method publishBundlesIfNeeded.
public void publishBundlesIfNeeded(final boolean announce, final boolean wipe) {
if (pepBroken) {
Log.d(Config.LOGTAG, getLogprefix(account) + "publishBundlesIfNeeded called, but PEP is broken. Ignoring... ");
return;
}
IqPacket packet = mXmppConnectionService.getIqGenerator().retrieveBundlesForDevice(account.getJid().toBareJid(), getOwnDeviceId());
mXmppConnectionService.sendIqPacket(account, packet, new OnIqPacketReceived() {
@Override
public void onIqPacketReceived(Account account, IqPacket packet) {
if (packet.getType() == IqPacket.TYPE.TIMEOUT) {
//ignore timeout. do nothing
return;
}
if (packet.getType() == IqPacket.TYPE.ERROR) {
Element error = packet.findChild("error");
if (error == null || !error.hasChild("item-not-found")) {
pepBroken = true;
Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "request for device bundles came back with something other than item-not-found" + packet);
return;
}
}
PreKeyBundle bundle = mXmppConnectionService.getIqParser().bundle(packet);
Map<Integer, ECPublicKey> keys = mXmppConnectionService.getIqParser().preKeyPublics(packet);
boolean flush = false;
if (bundle == null) {
Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Received invalid bundle:" + packet);
bundle = new PreKeyBundle(-1, -1, -1, null, -1, null, null, null);
flush = true;
}
if (keys == null) {
Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Received invalid prekeys:" + packet);
}
try {
boolean changed = false;
// Validate IdentityKey
IdentityKeyPair identityKeyPair = axolotlStore.getIdentityKeyPair();
if (flush || !identityKeyPair.getPublicKey().equals(bundle.getIdentityKey())) {
Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Adding own IdentityKey " + identityKeyPair.getPublicKey() + " to PEP.");
changed = true;
}
// Validate signedPreKeyRecord + ID
SignedPreKeyRecord signedPreKeyRecord;
int numSignedPreKeys = axolotlStore.loadSignedPreKeys().size();
try {
signedPreKeyRecord = axolotlStore.loadSignedPreKey(bundle.getSignedPreKeyId());
if (flush || !bundle.getSignedPreKey().equals(signedPreKeyRecord.getKeyPair().getPublicKey()) || !Arrays.equals(bundle.getSignedPreKeySignature(), signedPreKeyRecord.getSignature())) {
Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Adding new signedPreKey with ID " + (numSignedPreKeys + 1) + " to PEP.");
signedPreKeyRecord = KeyHelper.generateSignedPreKey(identityKeyPair, numSignedPreKeys + 1);
axolotlStore.storeSignedPreKey(signedPreKeyRecord.getId(), signedPreKeyRecord);
changed = true;
}
} catch (InvalidKeyIdException e) {
Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Adding new signedPreKey with ID " + (numSignedPreKeys + 1) + " to PEP.");
signedPreKeyRecord = KeyHelper.generateSignedPreKey(identityKeyPair, numSignedPreKeys + 1);
axolotlStore.storeSignedPreKey(signedPreKeyRecord.getId(), signedPreKeyRecord);
changed = true;
}
// Validate PreKeys
Set<PreKeyRecord> preKeyRecords = new HashSet<>();
if (keys != null) {
for (Integer id : keys.keySet()) {
try {
PreKeyRecord preKeyRecord = axolotlStore.loadPreKey(id);
if (preKeyRecord.getKeyPair().getPublicKey().equals(keys.get(id))) {
preKeyRecords.add(preKeyRecord);
}
} catch (InvalidKeyIdException ignored) {
}
}
}
int newKeys = NUM_KEYS_TO_PUBLISH - preKeyRecords.size();
if (newKeys > 0) {
List<PreKeyRecord> newRecords = KeyHelper.generatePreKeys(axolotlStore.getCurrentPreKeyId() + 1, newKeys);
preKeyRecords.addAll(newRecords);
for (PreKeyRecord record : newRecords) {
axolotlStore.storePreKey(record.getId(), record);
}
changed = true;
Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Adding " + newKeys + " new preKeys to PEP.");
}
if (changed) {
if (account.getPrivateKeyAlias() != null && Config.X509_VERIFICATION) {
mXmppConnectionService.publishDisplayName(account);
publishDeviceVerificationAndBundle(signedPreKeyRecord, preKeyRecords, announce, wipe);
} else {
publishDeviceBundle(signedPreKeyRecord, preKeyRecords, announce, wipe);
}
} else {
Log.d(Config.LOGTAG, getLogprefix(account) + "Bundle " + getOwnDeviceId() + " in PEP was current");
if (wipe) {
wipeOtherPepDevices();
} else if (announce) {
Log.d(Config.LOGTAG, getLogprefix(account) + "Announcing device " + getOwnDeviceId());
publishOwnDeviceIdIfNeeded();
}
}
} catch (InvalidKeyException e) {
Log.e(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Failed to publish bundle " + getOwnDeviceId() + ", reason: " + e.getMessage());
}
}
});
}
Also used :
Account(eu.siacs.conversations.entities.Account)
Set(java.util.Set)
HashSet(java.util.HashSet)
OnIqPacketReceived(eu.siacs.conversations.xmpp.OnIqPacketReceived)
Element(eu.siacs.conversations.xml.Element)
InvalidKeyException(org.whispersystems.libaxolotl.InvalidKeyException)
IqPacket(eu.siacs.conversations.xmpp.stanzas.IqPacket)
PreKeyBundle(org.whispersystems.libaxolotl.state.PreKeyBundle)
SignedPreKeyRecord(org.whispersystems.libaxolotl.state.SignedPreKeyRecord)
PreKeyRecord(org.whispersystems.libaxolotl.state.PreKeyRecord)
InvalidKeyIdException(org.whispersystems.libaxolotl.InvalidKeyIdException)
List(java.util.List)
ArrayList(java.util.ArrayList)
IdentityKeyPair(org.whispersystems.libaxolotl.IdentityKeyPair)
Map(java.util.Map)
HashMap(java.util.HashMap)
SignedPreKeyRecord(org.whispersystems.libaxolotl.state.SignedPreKeyRecord)
Example 4 with InvalidKeyException
use of org.whispersystems.libaxolotl.InvalidKeyException in project Conversations by siacs.
the class DatabaseBackend method loadOwnIdentityKeyPair.
private IdentityKeyPair loadOwnIdentityKeyPair(SQLiteDatabase db, Account account) {
String name = account.getJid().toBareJid().toPreppedString();
IdentityKeyPair identityKeyPair = null;
Cursor cursor = getIdentityKeyCursor(db, account, name, true);
if (cursor.getCount() != 0) {
cursor.moveToFirst();
try {
identityKeyPair = new IdentityKeyPair(Base64.decode(cursor.getString(cursor.getColumnIndex(SQLiteAxolotlStore.KEY)), Base64.DEFAULT));
} catch (InvalidKeyException e) {
Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Encountered invalid IdentityKey in database for account" + account.getJid().toBareJid() + ", address: " + name);
}
}
cursor.close();
return identityKeyPair;
}
Also used :
IdentityKeyPair(org.whispersystems.libaxolotl.IdentityKeyPair)
Cursor(android.database.Cursor)
InvalidKeyException(org.whispersystems.libaxolotl.InvalidKeyException)
Example 5 with InvalidKeyException
use of org.whispersystems.libaxolotl.InvalidKeyException in project Conversations by siacs.
the class XmppAxolotlSession method processReceiving.
@Nullable
public byte[] processReceiving(AxolotlKey encryptedKey) throws CryptoFailedException {
byte[] plaintext;
FingerprintStatus status = getTrust();
if (!status.isCompromised()) {
try {
CiphertextMessage ciphertextMessage;
try {
ciphertextMessage = new PreKeyWhisperMessage(encryptedKey.key);
Optional<Integer> optionalPreKeyId = ((PreKeyWhisperMessage) ciphertextMessage).getPreKeyId();
IdentityKey identityKey = ((PreKeyWhisperMessage) ciphertextMessage).getIdentityKey();
if (!optionalPreKeyId.isPresent()) {
throw new CryptoFailedException("PreKeyWhisperMessage did not contain a PreKeyId");
}
preKeyId = optionalPreKeyId.get();
if (this.identityKey != null && !this.identityKey.equals(identityKey)) {
throw new CryptoFailedException("Received PreKeyWhisperMessage but preexisting identity key changed.");
}
this.identityKey = identityKey;
} catch (InvalidVersionException | InvalidMessageException e) {
ciphertextMessage = new WhisperMessage(encryptedKey.key);
}
if (ciphertextMessage instanceof PreKeyWhisperMessage) {
plaintext = cipher.decrypt((PreKeyWhisperMessage) ciphertextMessage);
} else {
plaintext = cipher.decrypt((WhisperMessage) ciphertextMessage);
}
} catch (InvalidKeyException | LegacyMessageException | InvalidMessageException | DuplicateMessageException | NoSessionException | InvalidKeyIdException | UntrustedIdentityException e) {
if (!(e instanceof DuplicateMessageException)) {
e.printStackTrace();
}
throw new CryptoFailedException("Error decrypting WhisperMessage " + e.getClass().getSimpleName() + ": " + e.getMessage());
}
if (!status.isActive()) {
setTrust(status.toActive());
}
} else {
throw new CryptoFailedException("not encrypting omemo message from fingerprint " + getFingerprint() + " because it was marked as compromised");
}
return plaintext;
}
Also used :
InvalidMessageException(org.whispersystems.libaxolotl.InvalidMessageException)
IdentityKey(org.whispersystems.libaxolotl.IdentityKey)
UntrustedIdentityException(org.whispersystems.libaxolotl.UntrustedIdentityException)
PreKeyWhisperMessage(org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage)
CiphertextMessage(org.whispersystems.libaxolotl.protocol.CiphertextMessage)
InvalidVersionException(org.whispersystems.libaxolotl.InvalidVersionException)
InvalidKeyException(org.whispersystems.libaxolotl.InvalidKeyException)
NoSessionException(org.whispersystems.libaxolotl.NoSessionException)
DuplicateMessageException(org.whispersystems.libaxolotl.DuplicateMessageException)
InvalidKeyIdException(org.whispersystems.libaxolotl.InvalidKeyIdException)
WhisperMessage(org.whispersystems.libaxolotl.protocol.WhisperMessage)
PreKeyWhisperMessage(org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage)
LegacyMessageException(org.whispersystems.libaxolotl.LegacyMessageException)
Nullable(android.support.annotation.Nullable)
Aggregations
InvalidKeyException (org.whispersystems.libaxolotl.InvalidKeyException)5
Cursor (android.database.Cursor)2
Account (eu.siacs.conversations.entities.Account)2
OnIqPacketReceived (eu.siacs.conversations.xmpp.OnIqPacketReceived)2
IqPacket (eu.siacs.conversations.xmpp.stanzas.IqPacket)2
HashSet (java.util.HashSet)2
IdentityKey (org.whispersystems.libaxolotl.IdentityKey)2
IdentityKeyPair (org.whispersystems.libaxolotl.IdentityKeyPair)2
InvalidKeyIdException (org.whispersystems.libaxolotl.InvalidKeyIdException)2
UntrustedIdentityException (org.whispersystems.libaxolotl.UntrustedIdentityException)2
PreKeyBundle (org.whispersystems.libaxolotl.state.PreKeyBundle)2
Nullable (android.support.annotation.Nullable)1
IqParser (eu.siacs.conversations.parser.IqParser)1
Element (eu.siacs.conversations.xml.Element)1
InvalidJidException (eu.siacs.conversations.xmpp.jid.InvalidJidException)1
ArrayList (java.util.ArrayList)1
HashMap (java.util.HashMap)1
List (java.util.List)1
Map (java.util.Map)1
Random (java.util.Random)1
