vanitasvitae
/
Smack
mirror of https://github.com/vanitasvitae/Smack.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Smack/smack-omemo/src/main/java/org/jivesoftware/smackx/omemo/util/OmemoMessageBuilder.java

286 lines
12 KiB
Java
Raw Normal View History

Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
/**
*
Do not explicity select the (crypto) Provider in smack-omemo This makes the system select the "best" available provider. Also the 'BC' provider in newer Android version does not longer implement certain Ciphers, which causes an NoSuchAlgorithmException if the Cipher is requested explicitly by the 'BC' provider: E/XmppService: XmppServiceConnection - Error while sending pending messages org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException: java.security.NoSuchAlgorithmException: The BC provider no longer provides an implementation for Cipher.AES/GCM/NoPadding. Please see https://android-developers.googleblog.com/2018/03/cryptography-changes-in-android-p.html for more details. at org.jivesoftware.smackx.omemo.OmemoService.encrypt(OmemoService.java:375) at org.jivesoftware.smackx.omemo.OmemoService.createOmemoMessage(OmemoService.java:537) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:341) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:314) at es.iecisa.xmppservice.XmppServiceConnection.lambda$sendMessage$0(XmppServiceConnection.java:516) at es.iecisa.xmppservice.-$$Lambda$XmppServiceConnection$aBU_80chagvypMTSd-aSm7pRQRY.run(Unknown Source:4) at java.lang.Thread.run(Thread.java:764) Caused by: java.security.NoSuchAlgorithmException: The BC provider no longer provides an implementation for Cipher.AES/GCM/NoPadding. Please see https://android-developers.googleblog.com/2018/03/cryptography-changes-in-android-p.html for more details. at sun.security.jca.Providers.checkBouncyCastleDeprecation(Providers.java:563) at sun.security.jca.Providers.checkBouncyCastleDeprecation(Providers.java:346) at javax.crypto.Cipher.createCipher(Cipher.java:722) at javax.crypto.Cipher.getInstance(Cipher.java:717) at javax.crypto.Cipher.getInstance(Cipher.java:674) at org.jivesoftware.smackx.omemo.util.OmemoMessageBuilder.setMessage(OmemoMessageBuilder.java:169) at org.jivesoftware.smackx.omemo.util.OmemoMessageBuilder.<init>(OmemoMessageBuilder.java:116) at org.jivesoftware.smackx.omemo.OmemoService.encrypt(OmemoService.java:372) at org.jivesoftware.smackx.omemo.OmemoService.createOmemoMessage(OmemoService.java:537) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:341) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:314) at es.iecisa.xmppservice.XmppServiceConnection.lambda$sendMessage$0(XmppServiceConnection.java:516) at es.iecisa.xmppservice.-$$Lambda$XmppServiceConnection$aBU_80chagvypMTSd-aSm7pRQRY.run(Unknown Source:4) at java.lang.Thread.run(Thread.java:764)
2019-04-02 15:55:31 +02:00
* Copyright 2017 Paul Schaub, 2019 Florian Schmaus
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.jivesoftware.smackx.omemo.util;
Add CustomImportOrder checkstyle rule And matching ImportOrder settings for Eclipse in resources/eclipse/smack.importorder
2017-06-14 17:12:43 +02:00
import static org.jivesoftware.smackx.omemo.util.OmemoConstants.Crypto.CIPHERMODE;
import static org.jivesoftware.smackx.omemo.util.OmemoConstants.Crypto.KEYLENGTH;
import static org.jivesoftware.smackx.omemo.util.OmemoConstants.Crypto.KEYTYPE;
import java.io.UnsupportedEncodingException;
Use StandardCharsets.(UTF_8|US_ASCII) This also gets rid of a ton of UnsupportedEncodingException s.
2019-05-08 11:34:40 +02:00
import java.nio.charset.StandardCharsets;
Add CustomImportOrder checkstyle rule And matching ImportOrder settings for Eclipse in resources/eclipse/smack.importorder
2017-06-14 17:12:43 +02:00
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.util.ArrayList;
Replace XPP3 by XmlPullParser interface wrapping StAX and XPP3 Introducing Smack's own XmlPullParser interface which tries to stay as compatible as possible to XPP3. The interface is used to either wrap StAX's XMLStreamReader if Smack is used on Java SE, and XPP3's XmlPullParser if Smack is used on on Android. Fixes SMACK-591. Also introduce JUnit 5 and non-strict javadoc projects.
2019-05-06 22:06:13 +02:00
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
import org.jivesoftware.smackx.omemo.OmemoRatchet;
import org.jivesoftware.smackx.omemo.OmemoService;
import org.jivesoftware.smackx.omemo.element.OmemoElement;
import org.jivesoftware.smackx.omemo.element.OmemoElement_VAxolotl;
import org.jivesoftware.smackx.omemo.element.OmemoHeaderElement_VAxolotl;
import org.jivesoftware.smackx.omemo.element.OmemoKeyElement;
Add CustomImportOrder checkstyle rule And matching ImportOrder settings for Eclipse in resources/eclipse/smack.importorder
2017-06-14 17:12:43 +02:00
import org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException;
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
import org.jivesoftware.smackx.omemo.exceptions.NoIdentityKeyException;
Add CustomImportOrder checkstyle rule And matching ImportOrder settings for Eclipse in resources/eclipse/smack.importorder
2017-06-14 17:12:43 +02:00
import org.jivesoftware.smackx.omemo.exceptions.UndecidedOmemoIdentityException;
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
import org.jivesoftware.smackx.omemo.exceptions.UntrustedOmemoIdentityException;
Add CustomImportOrder checkstyle rule And matching ImportOrder settings for Eclipse in resources/eclipse/smack.importorder
2017-06-14 17:12:43 +02:00
import org.jivesoftware.smackx.omemo.internal.CiphertextTuple;
import org.jivesoftware.smackx.omemo.internal.OmemoDevice;
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
import org.jivesoftware.smackx.omemo.trust.OmemoFingerprint;
import org.jivesoftware.smackx.omemo.trust.OmemoTrustCallback;
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
/**
* Class used to build OMEMO messages.
*
* @param <T_IdKeyPair> IdentityKeyPair class
* @param <T_IdKey> IdentityKey class
* @param <T_PreKey> PreKey class
* @param <T_SigPreKey> SignedPreKey class
* @param <T_Sess> Session class
* @param <T_Addr> Address class
* @param <T_ECPub> Elliptic Curve PublicKey class
* @param <T_Bundle> Bundle class
* @param <T_Ciph> Cipher class
* @author Paul Schaub
*/
public class OmemoMessageBuilder<T_IdKeyPair, T_IdKey, T_PreKey, T_SigPreKey, T_Sess, T_Addr, T_ECPub, T_Bundle, T_Ciph> {
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
private final OmemoDevice userDevice;
private final OmemoRatchet<T_IdKeyPair, T_IdKey, T_PreKey, T_SigPreKey, T_Sess, T_Addr, T_ECPub, T_Bundle, T_Ciph> ratchet;
private final OmemoTrustCallback trustCallback;
private byte[] messageKey;
private final byte[] initializationVector;
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
private byte[] ciphertextMessage;
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
private final ArrayList<OmemoKeyElement> keys = new ArrayList<>();
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
/**
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
* Create an OmemoMessageBuilder.
*
* @param userDevice our OmemoDevice
* @param callback trustCallback for querying trust decisions
* @param ratchet our OmemoRatchet
* @param aesKey aes message key used for message encryption
* @param iv initialization vector used for message encryption
* @param message message we want to send
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
*
* @throws NoSuchPaddingException
* @throws BadPaddingException
* @throws InvalidKeyException
* @throws NoSuchAlgorithmException
* @throws IllegalBlockSizeException
* @throws InvalidAlgorithmParameterException
*/
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
public OmemoMessageBuilder(OmemoDevice userDevice,
OmemoTrustCallback callback,
OmemoRatchet<T_IdKeyPair, T_IdKey, T_PreKey, T_SigPreKey, T_Sess, T_Addr, T_ECPub, T_Bundle, T_Ciph> ratchet,
byte[] aesKey,
byte[] iv,
String message)
throws NoSuchPaddingException, BadPaddingException, InvalidKeyException, NoSuchAlgorithmException,
IllegalBlockSizeException,
Use StandardCharsets.(UTF_8|US_ASCII) This also gets rid of a ton of UnsupportedEncodingException s.
2019-05-08 11:34:40 +02:00
InvalidAlgorithmParameterException {
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
this.userDevice = userDevice;
this.trustCallback = callback;
this.ratchet = ratchet;
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
this.messageKey = aesKey;
this.initializationVector = iv;
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
setMessage(message);
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
}
/**
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
* Create an OmemoMessageBuilder.
*
* @param userDevice our OmemoDevice
* @param callback trustCallback for querying trust decisions
* @param ratchet our OmemoRatchet
* @param message message we want to send
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
*
* @throws NoSuchPaddingException
* @throws BadPaddingException
* @throws InvalidKeyException
* @throws NoSuchAlgorithmException
* @throws IllegalBlockSizeException
* @throws UnsupportedEncodingException
* @throws InvalidAlgorithmParameterException
*/
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
public OmemoMessageBuilder(OmemoDevice userDevice,
OmemoTrustCallback callback,
OmemoRatchet<T_IdKeyPair, T_IdKey, T_PreKey, T_SigPreKey, T_Sess, T_Addr, T_ECPub, T_Bundle, T_Ciph> ratchet,
String message)
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
throws NoSuchPaddingException, BadPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException,
Do not explicity select the (crypto) Provider in smack-omemo This makes the system select the "best" available provider. Also the 'BC' provider in newer Android version does not longer implement certain Ciphers, which causes an NoSuchAlgorithmException if the Cipher is requested explicitly by the 'BC' provider: E/XmppService: XmppServiceConnection - Error while sending pending messages org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException: java.security.NoSuchAlgorithmException: The BC provider no longer provides an implementation for Cipher.AES/GCM/NoPadding. Please see https://android-developers.googleblog.com/2018/03/cryptography-changes-in-android-p.html for more details. at org.jivesoftware.smackx.omemo.OmemoService.encrypt(OmemoService.java:375) at org.jivesoftware.smackx.omemo.OmemoService.createOmemoMessage(OmemoService.java:537) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:341) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:314) at es.iecisa.xmppservice.XmppServiceConnection.lambda$sendMessage$0(XmppServiceConnection.java:516) at es.iecisa.xmppservice.-$$Lambda$XmppServiceConnection$aBU_80chagvypMTSd-aSm7pRQRY.run(Unknown Source:4) at java.lang.Thread.run(Thread.java:764) Caused by: java.security.NoSuchAlgorithmException: The BC provider no longer provides an implementation for Cipher.AES/GCM/NoPadding. Please see https://android-developers.googleblog.com/2018/03/cryptography-changes-in-android-p.html for more details. at sun.security.jca.Providers.checkBouncyCastleDeprecation(Providers.java:563) at sun.security.jca.Providers.checkBouncyCastleDeprecation(Providers.java:346) at javax.crypto.Cipher.createCipher(Cipher.java:722) at javax.crypto.Cipher.getInstance(Cipher.java:717) at javax.crypto.Cipher.getInstance(Cipher.java:674) at org.jivesoftware.smackx.omemo.util.OmemoMessageBuilder.setMessage(OmemoMessageBuilder.java:169) at org.jivesoftware.smackx.omemo.util.OmemoMessageBuilder.<init>(OmemoMessageBuilder.java:116) at org.jivesoftware.smackx.omemo.OmemoService.encrypt(OmemoService.java:372) at org.jivesoftware.smackx.omemo.OmemoService.createOmemoMessage(OmemoService.java:537) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:341) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:314) at es.iecisa.xmppservice.XmppServiceConnection.lambda$sendMessage$0(XmppServiceConnection.java:516) at es.iecisa.xmppservice.-$$Lambda$XmppServiceConnection$aBU_80chagvypMTSd-aSm7pRQRY.run(Unknown Source:4) at java.lang.Thread.run(Thread.java:764)
2019-04-02 15:55:31 +02:00
UnsupportedEncodingException, InvalidAlgorithmParameterException {
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
this(userDevice, callback, ratchet, generateKey(KEYTYPE, KEYLENGTH), generateIv(), message);
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
}
/**
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
* Encrypt the message with the aes key.
* Move the AuthTag from the end of the cipherText to the end of the messageKey afterwards.
* This prevents an attacker which compromised one recipient device to switch out the cipherText for other recipients.
* @see <a href="https://conversations.im/omemo/audit.pdf">OMEMO security audit</a>.
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
*
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
* @param message plaintext message
* @throws NoSuchPaddingException
* @throws NoSuchProviderException
* @throws InvalidAlgorithmParameterException
* @throws InvalidKeyException
* @throws BadPaddingException
* @throws IllegalBlockSizeException
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
*/
Use StandardCharsets.(UTF_8|US_ASCII) This also gets rid of a ton of UnsupportedEncodingException s.
2019-05-08 11:34:40 +02:00
private void setMessage(String message)
throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException,
InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
if (message == null) {
return;
}
Add comment style checkstyle rule requiring a space
2017-11-20 08:53:19 +01:00
// Encrypt message body
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
SecretKey secretKey = new SecretKeySpec(messageKey, KEYTYPE);
IvParameterSpec ivSpec = new IvParameterSpec(initializationVector);
Do not explicity select the (crypto) Provider in smack-omemo This makes the system select the "best" available provider. Also the 'BC' provider in newer Android version does not longer implement certain Ciphers, which causes an NoSuchAlgorithmException if the Cipher is requested explicitly by the 'BC' provider: E/XmppService: XmppServiceConnection - Error while sending pending messages org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException: java.security.NoSuchAlgorithmException: The BC provider no longer provides an implementation for Cipher.AES/GCM/NoPadding. Please see https://android-developers.googleblog.com/2018/03/cryptography-changes-in-android-p.html for more details. at org.jivesoftware.smackx.omemo.OmemoService.encrypt(OmemoService.java:375) at org.jivesoftware.smackx.omemo.OmemoService.createOmemoMessage(OmemoService.java:537) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:341) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:314) at es.iecisa.xmppservice.XmppServiceConnection.lambda$sendMessage$0(XmppServiceConnection.java:516) at es.iecisa.xmppservice.-$$Lambda$XmppServiceConnection$aBU_80chagvypMTSd-aSm7pRQRY.run(Unknown Source:4) at java.lang.Thread.run(Thread.java:764) Caused by: java.security.NoSuchAlgorithmException: The BC provider no longer provides an implementation for Cipher.AES/GCM/NoPadding. Please see https://android-developers.googleblog.com/2018/03/cryptography-changes-in-android-p.html for more details. at sun.security.jca.Providers.checkBouncyCastleDeprecation(Providers.java:563) at sun.security.jca.Providers.checkBouncyCastleDeprecation(Providers.java:346) at javax.crypto.Cipher.createCipher(Cipher.java:722) at javax.crypto.Cipher.getInstance(Cipher.java:717) at javax.crypto.Cipher.getInstance(Cipher.java:674) at org.jivesoftware.smackx.omemo.util.OmemoMessageBuilder.setMessage(OmemoMessageBuilder.java:169) at org.jivesoftware.smackx.omemo.util.OmemoMessageBuilder.<init>(OmemoMessageBuilder.java:116) at org.jivesoftware.smackx.omemo.OmemoService.encrypt(OmemoService.java:372) at org.jivesoftware.smackx.omemo.OmemoService.createOmemoMessage(OmemoService.java:537) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:341) at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:314) at es.iecisa.xmppservice.XmppServiceConnection.lambda$sendMessage$0(XmppServiceConnection.java:516) at es.iecisa.xmppservice.-$$Lambda$XmppServiceConnection$aBU_80chagvypMTSd-aSm7pRQRY.run(Unknown Source:4) at java.lang.Thread.run(Thread.java:764)
2019-04-02 15:55:31 +02:00
Cipher cipher = Cipher.getInstance(CIPHERMODE);
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivSpec);
byte[] body;
byte[] ciphertext;
Use StandardCharsets.(UTF_8|US_ASCII) This also gets rid of a ton of UnsupportedEncodingException s.
2019-05-08 11:34:40 +02:00
body = message.getBytes(StandardCharsets.UTF_8);
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
ciphertext = cipher.doFinal(body);
byte[] clearKeyWithAuthTag = new byte[messageKey.length + 16];
byte[] cipherTextWithoutAuthTag = new byte[ciphertext.length - 16];
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
moveAuthTag(messageKey, ciphertext, clearKeyWithAuthTag, cipherTextWithoutAuthTag);
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
ciphertextMessage = cipherTextWithoutAuthTag;
messageKey = clearKeyWithAuthTag;
}
/**
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
* Move the auth tag from the end of the cipherText to the messageKey.
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
*
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
* @param messageKey source messageKey without authTag
* @param cipherText source cipherText with authTag
* @param messageKeyWithAuthTag destination messageKey with authTag
* @param cipherTextWithoutAuthTag destination cipherText without authTag
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
*/
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
static void moveAuthTag(byte[] messageKey,
byte[] cipherText,
byte[] messageKeyWithAuthTag,
byte[] cipherTextWithoutAuthTag) {
// Check dimensions of arrays
if (messageKeyWithAuthTag.length != messageKey.length + 16) {
throw new IllegalArgumentException("Length of messageKeyWithAuthTag must be length of messageKey + " +
"length of AuthTag (16)");
}
if (cipherTextWithoutAuthTag.length != cipherText.length - 16) {
throw new IllegalArgumentException("Length of cipherTextWithoutAuthTag must be length of cipherText " +
"- length of AuthTag (16)");
}
// Move auth tag from cipherText to messageKey
System.arraycopy(messageKey, 0, messageKeyWithAuthTag, 0, 16);
System.arraycopy(cipherText, 0, cipherTextWithoutAuthTag, 0, cipherTextWithoutAuthTag.length);
System.arraycopy(cipherText, cipherText.length - 16, messageKeyWithAuthTag, 16, 16);
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
}
/**
* Add a new recipient device to the message.
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
*
* @param contactsDevice device of the recipient
* @throws NoIdentityKeyException if we have no identityKey of that device. Can be fixed by fetching and
* processing the devices bundle.
* @throws CorruptedOmemoKeyException if the identityKey of that device is corrupted.
* @throws UndecidedOmemoIdentityException if the user hasn't yet decided whether to trust that device or not.
* @throws UntrustedOmemoIdentityException if the user has decided not to trust that device.
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
*/
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
public void addRecipient(OmemoDevice contactsDevice)
throws NoIdentityKeyException, CorruptedOmemoKeyException, UndecidedOmemoIdentityException,
UntrustedOmemoIdentityException {
OmemoFingerprint fingerprint;
fingerprint = OmemoService.getInstance().getOmemoStoreBackend().getFingerprint(userDevice, contactsDevice);
switch (trustCallback.getTrust(contactsDevice, fingerprint)) {
case undecided:
throw new UndecidedOmemoIdentityException(contactsDevice);
case trusted:
CiphertextTuple encryptedKey = ratchet.doubleRatchetEncrypt(contactsDevice, messageKey);
keys.add(new OmemoKeyElement(encryptedKey.getCiphertext(), contactsDevice.getDeviceId(), encryptedKey.isPreKeyMessage()));
break;
case untrusted:
throw new UntrustedOmemoIdentityException(contactsDevice, fingerprint);
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
}
}
/**
* Assemble an OmemoMessageElement from the current state of the builder.
*
* @return OmemoMessageElement
*/
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
public OmemoElement finish() {
OmemoHeaderElement_VAxolotl header = new OmemoHeaderElement_VAxolotl(
userDevice.getDeviceId(),
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
keys,
initializationVector
);
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
return new OmemoElement_VAxolotl(header, ciphertextMessage);
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
}
/**
* Generate a new AES key used to encrypt the message.
*
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
* @param keyType Key Type
* @param keyLength Key Length in bit
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
* @return new AES key
* @throws NoSuchAlgorithmException
*/
Rework support for XEP-0384: OMEMO Encryption Changes: Rework integration tests New structure of base integration test classes bump dependency on signal-protocol-java from 2.4.0 to 2.6.2 Introduced CachingOmemoStore implementations Use CachingOmemoStore classes in integration tests Removed OmemoSession classes (replaced with more logical OmemoRatchet classes) Consequently also removed load/storeOmemoSession methods from OmemoStore Removed some clutter from KeyUtil classes Moved trust decision related code from OmemoStore to TrustCallback Require authenticated connection for many functions Add async initialization function in OmemoStore Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx) Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped) Attempt to make OmemoManager thread safe new logic for getInstanceFor() deviceId determination OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself Added OmemoMessage class for that purpose Reworked entire OmemoService class Use safer logic for creating trust-ignoring messages (like ratchet-update messages) Restructure elements/provider in order to prepare for OMEMO namespace bumps Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId) Removed some unnecessary configuration options Prepare for support of more AES message key types Simplify session creation Where possible, avoid side effects in methods Add UntrustedOmemoIdentityException Add TrustState enum More improved tests
2018-06-13 12:29:16 +02:00
public static byte[] generateKey(String keyType, int keyLength) throws NoSuchAlgorithmException {
KeyGenerator generator = KeyGenerator.getInstance(keyType);
generator.init(keyLength);
Add OMEMO support This commit adds the modules smack-omemo and smack-omemo-signal. smack-omemo is licensed under the Apache license like the rest of the smack project. smack-omemo-signal on the other hand is licensed under the GPLv3. Due to the fact, that smack-omemo is not of much use without smack-omemo-signal, the OMEMO feature can currently only be used by GPLv3 compatible software. This may change in the future, when a more permissively licensed module becomes available. Fixes SMACK-743.
2017-06-02 12:26:37 +02:00
return generator.generateKey().getEncoded();
}
/**
* Generate a 16 byte initialization vector for AES encryption.
*
* @return iv
*/
public static byte[] generateIv() {
SecureRandom random = new SecureRandom();
byte[] iv = new byte[16];
random.nextBytes(iv);
return iv;
}
}