Search in sources :

Example 11 with InvalidVersionException

use of org.whispersystems.libsignal.InvalidVersionException in project Smack by igniterealtime.

the class SignalOmemoRatchet method doubleRatchetDecrypt.

@Override
public byte[] doubleRatchetDecrypt(OmemoDevice sender, byte[] encryptedKey) throws CorruptedOmemoKeyException, NoRawSessionException, CryptoFailedException, UntrustedOmemoIdentityException, IOException {
    SessionCipher cipher = getCipher(sender);
    byte[] decryptedKey;
    // Try to handle the message as a PreKeySignalMessage...
    try {
        PreKeySignalMessage preKeyMessage = new PreKeySignalMessage(encryptedKey);
        if (!preKeyMessage.getPreKeyId().isPresent()) {
            throw new CryptoFailedException("PreKeyMessage did not contain a preKeyId.");
        }
        IdentityKey messageIdentityKey = preKeyMessage.getIdentityKey();
        IdentityKey previousIdentityKey = store.loadOmemoIdentityKey(storeConnector.getOurDevice(), sender);
        if (previousIdentityKey != null && !previousIdentityKey.getFingerprint().equals(messageIdentityKey.getFingerprint())) {
            throw new UntrustedOmemoIdentityException(sender, store.keyUtil().getFingerprintOfIdentityKey(previousIdentityKey), store.keyUtil().getFingerprintOfIdentityKey(messageIdentityKey));
        }
        try {
            decryptedKey = cipher.decrypt(preKeyMessage);
        } catch (UntrustedIdentityException e) {
            throw new AssertionError("Signals trust management MUST be disabled.");
        } catch (LegacyMessageException | InvalidKeyException e) {
            throw new CryptoFailedException(e);
        } catch (InvalidKeyIdException e) {
            throw new NoRawSessionException(sender, e);
        } catch (DuplicateMessageException e) {
            LOGGER.log(Level.INFO, "Decryption of PreKeyMessage from " + sender + " failed, since the message has been decrypted before.");
            return null;
        }
    } catch (InvalidVersionException | InvalidMessageException noPreKeyMessage) {
        // ...if that fails, handle it as a SignalMessage
        try {
            SignalMessage message = new SignalMessage(encryptedKey);
            decryptedKey = getCipher(sender).decrypt(message);
        } catch (UntrustedIdentityException e) {
            throw new AssertionError("Signals trust management MUST be disabled.");
        } catch (InvalidMessageException | NoSessionException e) {
            throw new NoRawSessionException(sender, e);
        } catch (LegacyMessageException e) {
            throw new CryptoFailedException(e);
        } catch (DuplicateMessageException e1) {
            LOGGER.log(Level.INFO, "Decryption of SignalMessage from " + sender + " failed, since the message has been decrypted before.");
            return null;
        }
    }
    return decryptedKey;
}
Also used : CryptoFailedException(org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException) InvalidMessageException(org.whispersystems.libsignal.InvalidMessageException) IdentityKey(org.whispersystems.libsignal.IdentityKey) UntrustedIdentityException(org.whispersystems.libsignal.UntrustedIdentityException) PreKeySignalMessage(org.whispersystems.libsignal.protocol.PreKeySignalMessage) SignalMessage(org.whispersystems.libsignal.protocol.SignalMessage) InvalidVersionException(org.whispersystems.libsignal.InvalidVersionException) NoRawSessionException(org.jivesoftware.smackx.omemo.exceptions.NoRawSessionException) InvalidKeyException(org.whispersystems.libsignal.InvalidKeyException) PreKeySignalMessage(org.whispersystems.libsignal.protocol.PreKeySignalMessage) DuplicateMessageException(org.whispersystems.libsignal.DuplicateMessageException) InvalidKeyIdException(org.whispersystems.libsignal.InvalidKeyIdException) LegacyMessageException(org.whispersystems.libsignal.LegacyMessageException) SessionCipher(org.whispersystems.libsignal.SessionCipher) UntrustedOmemoIdentityException(org.jivesoftware.smackx.omemo.exceptions.UntrustedOmemoIdentityException)

Example 12 with InvalidVersionException

use of org.whispersystems.libsignal.InvalidVersionException in project libsignal-service-java by signalapp.

the class SignalServiceCipher method decrypt.

private Plaintext decrypt(SignalServiceEnvelope envelope, byte[] ciphertext) throws InvalidMetadataMessageException, InvalidMetadataVersionException, ProtocolDuplicateMessageException, ProtocolUntrustedIdentityException, ProtocolLegacyMessageException, ProtocolInvalidKeyException, ProtocolInvalidVersionException, ProtocolInvalidMessageException, ProtocolInvalidKeyIdException, ProtocolNoSessionException, SelfSendException {
    try {
        byte[] paddedMessage;
        Metadata metadata;
        int sessionVersion;
        if (!envelope.hasSource() && !envelope.isUnidentifiedSender()) {
            throw new ProtocolInvalidMessageException(new InvalidMessageException("Non-UD envelope is missing a source!"), null, 0);
        }
        if (envelope.isPreKeySignalMessage()) {
            SignalProtocolAddress sourceAddress = getPreferredProtocolAddress(signalProtocolStore, envelope.getSourceAddress(), envelope.getSourceDevice());
            SessionCipher sessionCipher = new SessionCipher(signalProtocolStore, sourceAddress);
            paddedMessage = sessionCipher.decrypt(new PreKeySignalMessage(ciphertext));
            metadata = new Metadata(envelope.getSourceAddress(), envelope.getSourceDevice(), envelope.getTimestamp(), false);
            sessionVersion = sessionCipher.getSessionVersion();
        } else if (envelope.isSignalMessage()) {
            SignalProtocolAddress sourceAddress = getPreferredProtocolAddress(signalProtocolStore, envelope.getSourceAddress(), envelope.getSourceDevice());
            SessionCipher sessionCipher = new SessionCipher(signalProtocolStore, sourceAddress);
            paddedMessage = sessionCipher.decrypt(new SignalMessage(ciphertext));
            metadata = new Metadata(envelope.getSourceAddress(), envelope.getSourceDevice(), envelope.getTimestamp(), false);
            sessionVersion = sessionCipher.getSessionVersion();
        } else if (envelope.isUnidentifiedSender()) {
            SealedSessionCipher sealedSessionCipher = new SealedSessionCipher(signalProtocolStore, localAddress.getUuid().orNull(), localAddress.getNumber().orNull(), 1);
            DecryptionResult result = sealedSessionCipher.decrypt(certificateValidator, ciphertext, envelope.getServerTimestamp());
            SignalServiceAddress resultAddress = new SignalServiceAddress(UuidUtil.parse(result.getSenderUuid().orNull()), result.getSenderE164());
            SignalProtocolAddress protocolAddress = getPreferredProtocolAddress(signalProtocolStore, resultAddress, result.getDeviceId());
            paddedMessage = result.getPaddedMessage();
            metadata = new Metadata(resultAddress, result.getDeviceId(), envelope.getTimestamp(), true);
            sessionVersion = sealedSessionCipher.getSessionVersion(protocolAddress);
        } else {
            throw new InvalidMetadataMessageException("Unknown type: " + envelope.getType());
        }
        PushTransportDetails transportDetails = new PushTransportDetails(sessionVersion);
        byte[] data = transportDetails.getStrippedPaddingMessageBody(paddedMessage);
        return new Plaintext(metadata, data);
    } catch (DuplicateMessageException e) {
        throw new ProtocolDuplicateMessageException(e, envelope.getSourceIdentifier(), envelope.getSourceDevice());
    } catch (LegacyMessageException e) {
        throw new ProtocolLegacyMessageException(e, envelope.getSourceIdentifier(), envelope.getSourceDevice());
    } catch (InvalidMessageException e) {
        throw new ProtocolInvalidMessageException(e, envelope.getSourceIdentifier(), envelope.getSourceDevice());
    } catch (InvalidKeyIdException e) {
        throw new ProtocolInvalidKeyIdException(e, envelope.getSourceIdentifier(), envelope.getSourceDevice());
    } catch (InvalidKeyException e) {
        throw new ProtocolInvalidKeyException(e, envelope.getSourceIdentifier(), envelope.getSourceDevice());
    } catch (UntrustedIdentityException e) {
        throw new ProtocolUntrustedIdentityException(e, envelope.getSourceIdentifier(), envelope.getSourceDevice());
    } catch (InvalidVersionException e) {
        throw new ProtocolInvalidVersionException(e, envelope.getSourceIdentifier(), envelope.getSourceDevice());
    } catch (NoSessionException e) {
        throw new ProtocolNoSessionException(e, envelope.getSourceIdentifier(), envelope.getSourceDevice());
    }
}
Also used : ProtocolInvalidMessageException(org.signal.libsignal.metadata.ProtocolInvalidMessageException) SealedSessionCipher(org.signal.libsignal.metadata.SealedSessionCipher) InvalidMessageException(org.whispersystems.libsignal.InvalidMessageException) ProtocolInvalidMessageException(org.signal.libsignal.metadata.ProtocolInvalidMessageException) UntrustedIdentityException(org.whispersystems.libsignal.UntrustedIdentityException) ProtocolUntrustedIdentityException(org.signal.libsignal.metadata.ProtocolUntrustedIdentityException) ProtocolUntrustedIdentityException(org.signal.libsignal.metadata.ProtocolUntrustedIdentityException) ProtocolInvalidVersionException(org.signal.libsignal.metadata.ProtocolInvalidVersionException) InvalidVersionException(org.whispersystems.libsignal.InvalidVersionException) ProtocolInvalidVersionException(org.signal.libsignal.metadata.ProtocolInvalidVersionException) ProtocolInvalidKeyIdException(org.signal.libsignal.metadata.ProtocolInvalidKeyIdException) NoSessionException(org.whispersystems.libsignal.NoSessionException) ProtocolNoSessionException(org.signal.libsignal.metadata.ProtocolNoSessionException) ProtocolDuplicateMessageException(org.signal.libsignal.metadata.ProtocolDuplicateMessageException) PreKeySignalMessage(org.whispersystems.libsignal.protocol.PreKeySignalMessage) PushTransportDetails(org.whispersystems.signalservice.internal.push.PushTransportDetails) SignalServiceAddress(org.whispersystems.signalservice.api.push.SignalServiceAddress) ProtocolLegacyMessageException(org.signal.libsignal.metadata.ProtocolLegacyMessageException) SessionCipher(org.whispersystems.libsignal.SessionCipher) SealedSessionCipher(org.signal.libsignal.metadata.SealedSessionCipher) SignalProtocolAddress(org.whispersystems.libsignal.SignalProtocolAddress) ProtocolNoSessionException(org.signal.libsignal.metadata.ProtocolNoSessionException) PreKeySignalMessage(org.whispersystems.libsignal.protocol.PreKeySignalMessage) SignalMessage(org.whispersystems.libsignal.protocol.SignalMessage) InvalidKeyException(org.whispersystems.libsignal.InvalidKeyException) ProtocolInvalidKeyException(org.signal.libsignal.metadata.ProtocolInvalidKeyException) InvalidMetadataMessageException(org.signal.libsignal.metadata.InvalidMetadataMessageException) ProtocolInvalidKeyException(org.signal.libsignal.metadata.ProtocolInvalidKeyException) DuplicateMessageException(org.whispersystems.libsignal.DuplicateMessageException) ProtocolDuplicateMessageException(org.signal.libsignal.metadata.ProtocolDuplicateMessageException) DecryptionResult(org.signal.libsignal.metadata.SealedSessionCipher.DecryptionResult) InvalidKeyIdException(org.whispersystems.libsignal.InvalidKeyIdException) ProtocolInvalidKeyIdException(org.signal.libsignal.metadata.ProtocolInvalidKeyIdException) LegacyMessageException(org.whispersystems.libsignal.LegacyMessageException) ProtocolLegacyMessageException(org.signal.libsignal.metadata.ProtocolLegacyMessageException)

Aggregations

InvalidVersionException (org.whispersystems.libsignal.InvalidVersionException)12 InvalidMessageException (org.whispersystems.libsignal.InvalidMessageException)10 DuplicateMessageException (org.whispersystems.libsignal.DuplicateMessageException)8 InvalidKeyException (org.whispersystems.libsignal.InvalidKeyException)8 InvalidKeyIdException (org.whispersystems.libsignal.InvalidKeyIdException)8 LegacyMessageException (org.whispersystems.libsignal.LegacyMessageException)8 UntrustedIdentityException (org.whispersystems.libsignal.UntrustedIdentityException)8 PreKeySignalMessage (org.whispersystems.libsignal.protocol.PreKeySignalMessage)8 NoSessionException (org.whispersystems.libsignal.NoSessionException)7 SignalMessage (org.whispersystems.libsignal.protocol.SignalMessage)6 SignalServiceAddress (org.whispersystems.signalservice.api.push.SignalServiceAddress)6 IdentityKey (org.whispersystems.libsignal.IdentityKey)5 SessionCipher (org.whispersystems.libsignal.SessionCipher)4 InvalidMetadataMessageException (org.signal.libsignal.metadata.InvalidMetadataMessageException)3 ProtocolDuplicateMessageException (org.signal.libsignal.metadata.ProtocolDuplicateMessageException)3 ProtocolInvalidKeyException (org.signal.libsignal.metadata.ProtocolInvalidKeyException)3 ProtocolInvalidKeyIdException (org.signal.libsignal.metadata.ProtocolInvalidKeyIdException)3 ProtocolInvalidMessageException (org.signal.libsignal.metadata.ProtocolInvalidMessageException)3 ProtocolInvalidVersionException (org.signal.libsignal.metadata.ProtocolInvalidVersionException)3 ProtocolLegacyMessageException (org.signal.libsignal.metadata.ProtocolLegacyMessageException)3