async def test_room_key_on_client_sync_stream(self, client):
await client.receive_response(self.login_response)
await client.receive_response(
SyncResponse.from_dict(self.initial_sync_response))
await client.receive_response(
KeysUploadResponse.from_dict(self.keys_upload_response))
await client.receive_response(
KeysQueryResponse.from_dict(self.keys_query_response))
BobId = "@bob:example.org"
Bob_device = "BOBDEVICE"
bob_olm = Olm(BobId, Bob_device,
SqliteMemoryStore("ephemeral", "DEVICEID"))
alice_device = OlmDevice(client.user_id, client.device_id,
client.olm.account.identity_keys)
bob_device = OlmDevice(bob_olm.user_id, bob_olm.device_id,
bob_olm.account.identity_keys)
client.olm.device_store.add(bob_device)
bob_olm.device_store.add(alice_device)
bob_olm.store.save_device_keys(
{client.user_id: {
client.device_id: alice_device
}})
client.olm.account.generate_one_time_keys(1)
one_time = list(
client.olm.account.one_time_keys["curve25519"].values())[0]
client.olm.account.mark_keys_as_published()
bob_olm.create_session(one_time, alice_device.curve25519)
_, to_device = bob_olm.share_group_session(
TEST_ROOM_ID, [client.user_id], ignore_unverified_devices=True)
outbound_session = bob_olm.outbound_group_sessions[TEST_ROOM_ID]
olm_content = to_device["messages"][client.user_id][client.device_id]
payload = {
"sender": bob_olm.user_id,
"type": "m.room.encrypted",
"content": olm_content,
}
sync_response = self.empty_sync
sync_response["to_device"]["events"].append(payload)
session = client.olm.inbound_group_store.get(TEST_ROOM_ID,
bob_device.curve25519,
outbound_session.id)
assert not session
client.handle_to_device_from_sync_body(sync_response)
session = client.olm.inbound_group_store.get(TEST_ROOM_ID,
bob_device.curve25519,
outbound_session.id)
assert session
def test_client_full_sas(self, olm_machine):
alice_device = OlmDevice(olm_machine.user_id, olm_machine.device_id,
olm_machine.account.identity_keys)
bob_device = olm_machine.device_store[bob_id][bob_device_id]
bob_sas = Sas(
bob_id,
bob_device_id,
bob_device.ed25519,
alice_device,
)
start = {
"sender": bob_id,
"content": bob_sas.start_verification().content
}
start_event = KeyVerificationStart.from_dict(start)
assert olm_machine.device_store[bob_id][bob_device_id]
olm_machine.handle_key_verification(start_event)
alice_sas = olm_machine.key_verifications[start_event.transaction_id]
accept = {
"sender": olm_machine.user_id,
"content": alice_sas.accept_verification().content
}
accept_event = KeyVerificationAccept.from_dict(accept)
bob_sas.receive_accept_event(accept_event)
bob_key = {"sender": bob_id, "content": bob_sas.share_key().content}
bob_key_event = KeyVerificationKey.from_dict(bob_key)
olm_machine.handle_key_verification(bob_key_event)
alice_key = {
"sender": alice_id,
"content": alice_sas.share_key().content
}
alice_key_event = KeyVerificationKey.from_dict(alice_key)
bob_sas.receive_key_event(alice_key_event)
assert alice_sas.other_key_set
assert bob_sas.other_key_set
bob_sas.accept_sas()
bob_mac = {"sender": bob_id, "content": bob_sas.get_mac().content}
bob_mac_event = KeyVerificationMac.from_dict(bob_mac)
olm_machine.handle_key_verification(bob_mac_event)
assert alice_sas.state == SasState.mac_received
assert not alice_sas.verified
alice_sas.accept_sas()
assert alice_sas.verified
bob_mac_event.keys = "fake_keys"
olm_machine.handle_key_verification(bob_mac_event)
assert alice_sas.verified
def test_client_cancel_event(self, olm_machine):
alice_device = OlmDevice(olm_machine.user_id, olm_machine.device_id,
olm_machine.account.identity_keys)
bob_device = olm_machine.device_store[bob_id][bob_device_id]
start = {
"sender": alice_device.user_id,
"content": olm_machine.create_sas(bob_device).content
}
start_event = KeyVerificationStart.from_dict(start)
bob_sas = Sas.from_key_verification_start(bob_device.user_id,
bob_device.id,
bob_device.ed25519,
alice_device, start_event)
alice_sas = olm_machine.key_verifications[start_event.transaction_id]
assert alice_sas
bob_sas.cancel()
cancel = {
"sender": bob_id,
"content": bob_sas.get_cancellation().content
}
cancel_event = KeyVerificationCancel.from_dict(cancel)
assert not alice_sas.canceled
olm_machine.handle_key_verification(cancel_event)
assert alice_sas.canceled
assert alice_sas.transaction_id not in olm_machine.key_verifications
def test_session_sharing(self, alice_client, async_client, aioresponse):
loop = asyncio.get_event_loop()
async_client.receive_response(
LoginResponse.from_dict(self.login_response))
assert async_client.logged_in
async_client.receive_response(self.encryption_sync_response)
alice_client.load_store()
alice_device = OlmDevice(
ALICE_ID,
ALICE_DEVICE_ID,
alice_client.olm.account.identity_keys["ed25519"],
alice_client.olm.account.identity_keys["curve25519"],
)
async_client.device_store.add(alice_device)
async_client.verify_device(alice_device)
missing = async_client.get_missing_sessions(TEST_ROOM_ID)
assert ALICE_ID in missing
assert ALICE_DEVICE_ID in missing[ALICE_ID]
to_share = alice_client.olm.share_keys()
one_time_key = list(to_share["one_time_keys"].items())[0]
key_claim_dict = {
"one_time_keys": {
ALICE_ID: {
ALICE_DEVICE_ID: {
one_time_key[0]: one_time_key[1]
},
},
},
"failures": {},
}
aioresponse.post(
"https://example.org/_matrix/client/r0/keys/claim?access_token=abc123",
status=200,
payload=key_claim_dict)
aioresponse.put(
"https://example.org/_matrix/client/r0/sendToDevice/m.room.encrypted/1?access_token=abc123",
status=200,
payload={})
with pytest.raises(KeyError):
session = async_client.olm.outbound_group_sessions[TEST_ROOM_ID]
response = loop.run_until_complete(
async_client.share_group_session(TEST_ROOM_ID, "1"))
session = async_client.olm.outbound_group_sessions[TEST_ROOM_ID]
assert session.shared
assert isinstance(response, ShareGroupSessionResponse)
assert not async_client.get_missing_sessions(TEST_ROOM_ID)
assert async_client.olm.session_store.get(alice_device.curve25519)
def test_key_cancel(self, olm_machine):
alice_device = OlmDevice(olm_machine.user_id, olm_machine.device_id,
olm_machine.account.identity_keys)
bob_device = olm_machine.device_store[bob_id][bob_device_id]
bob_sas = Sas(bob_device.user_id, bob_device.id, bob_device.ed25519,
alice_device)
start = {
"sender": bob_device.user_id,
"content": bob_sas.start_verification().content
}
start_event = KeyVerificationStart.from_dict(start)
olm_machine.handle_key_verification(start_event)
bob_key = {"sender": bob_id, "content": bob_sas.share_key().content}
assert not olm_machine.outgoing_to_device_messages
bob_key_event = KeyVerificationKey.from_dict(bob_key)
olm_machine.handle_key_verification(bob_key_event)
alice_sas = olm_machine.key_verifications[start_event.transaction_id]
assert alice_sas
assert not alice_sas.canceled
assert alice_sas.other_key_set
olm_machine.handle_key_verification(bob_key_event)
assert alice_sas.canceled
assert olm_machine.outgoing_to_device_messages
to_device = olm_machine.outgoing_to_device_messages[0]
assert (
start_event.transaction_id == to_device.content["transaction_id"])
def olm_device(self):
user_id = faker.mx_id()
device_id = faker.device_id()
key_pair = faker.olm_key_pair()
return OlmDevice(user_id, device_id, key_pair["ed25519"],
key_pair["curve25519"])
def test_client_unknown_txid(self, olm_machine):
alice_device = OlmDevice(olm_machine.user_id, olm_machine.device_id,
olm_machine.account.identity_keys)
bob_device = olm_machine.device_store[bob_id][bob_device_id]
bob_sas = Sas(bob_device.user_id, bob_device.id, bob_device.ed25519,
alice_device)
start = {
"sender": bob_device.user_id,
"content": bob_sas.start_verification().content
}
start_event = KeyVerificationStart.from_dict(start)
olm_machine.handle_key_verification(start_event)
bob_key = {"sender": bob_id, "content": bob_sas.share_key().content}
bob_key_event = KeyVerificationKey.from_dict(bob_key)
bob_key_event.transaction_id = "unknown"
olm_machine.handle_key_verification(bob_key_event)
alice_sas = olm_machine.key_verifications[start_event.transaction_id]
assert alice_sas
assert not alice_sas.other_key_set
assert (bob_key_event.transaction_id
not in olm_machine.key_verifications)
def test_client_invalid_key(self, olm_machine):
alice_device = OlmDevice(olm_machine.user_id, olm_machine.device_id,
olm_machine.account.identity_keys)
bob_sas = Sas(
bob_id,
bob_device_id,
faker.olm_key_pair()["ed25519"],
alice_device,
)
start = {
"sender": bob_id,
"content": bob_sas.start_verification().content
}
start_event = KeyVerificationStart.from_dict(start)
assert olm_machine.device_store[bob_id][bob_device_id]
olm_machine.handle_key_verification(start_event)
alice_sas = olm_machine.key_verifications[start_event.transaction_id]
accept = {
"sender": olm_machine.user_id,
"content": alice_sas.accept_verification().content
}
accept_event = KeyVerificationAccept.from_dict(accept)
bob_sas.receive_accept_event(accept_event)
bob_key = {"sender": bob_id, "content": bob_sas.share_key().content}
bob_key_event = KeyVerificationKey.from_dict(bob_key)
olm_machine.handle_key_verification(bob_key_event)
alice_key = {
"sender": alice_id,
"content": alice_sas.share_key().content
}
alice_key_event = KeyVerificationKey.from_dict(alice_key)
bob_sas.receive_key_event(alice_key_event)
assert alice_sas.other_key_set
assert bob_sas.other_key_set
bob_sas.accept_sas()
bob_mac = {"sender": bob_id, "content": bob_sas.get_mac().content}
bob_mac_event = KeyVerificationMac.from_dict(bob_mac)
olm_machine.handle_key_verification(bob_mac_event)
assert alice_sas.state == SasState.canceled
assert not alice_sas.verified
with pytest.raises(LocalProtocolError):
alice_sas.accept_sas()
def olm_machine():
key_pair = Account().identity_keys
bob_device = OlmDevice(BOB_DEVICE, BOB_DEVICE_ID, key_pair)
store = SqliteMemoryStore(ALICE_ID, ALICE_DEVICE_ID)
client = Olm(ALICE_ID, ALICE_DEVICE_ID, store)
client.device_store.add(bob_device)
store.save_device_keys(client.device_store)
return client
def olm_device(self):
user_id = faker.mx_id()
device_id = faker.device_id()
key_pair = faker.olm_key_pair()
return OlmDevice(
user_id,
device_id,
key_pair,
)
def example_devices(self):
devices = defaultdict(dict)
for _ in range(10):
device = faker.olm_device()
devices[device.user_id][device.id] = device
bob_device = OlmDevice(BOB_ID, BOB_DEVICE, {
"ed25519": BOB_ONETIME,
"curve25519": BOB_CURVE
})
devices[BOB_ID][BOB_DEVICE] = bob_device
return devices
def test_key_claiming(self, alice_client, async_client, aioresponse):
loop = asyncio.get_event_loop()
async_client.receive_response(
LoginResponse.from_dict(self.login_response))
assert async_client.logged_in
async_client.receive_response(self.encryption_sync_response)
alice_client.load_store()
alice_device = OlmDevice(
ALICE_ID,
ALICE_DEVICE_ID,
alice_client.olm.account.identity_keys["ed25519"],
alice_client.olm.account.identity_keys["curve25519"],
)
async_client.device_store.add(alice_device)
missing = async_client.get_missing_sessions(TEST_ROOM_ID)
assert ALICE_ID in missing
assert ALICE_DEVICE_ID in missing[ALICE_ID]
to_share = alice_client.olm.share_keys()
one_time_key = list(to_share["one_time_keys"].items())[0]
key_claim_dict = {
"one_time_keys": {
ALICE_ID: {
ALICE_DEVICE_ID: {
one_time_key[0]: one_time_key[1]
},
},
},
"failures": {},
}
aioresponse.post(
"https://example.org/_matrix/client/r0/keys/claim?access_token=abc123",
status=200,
payload=key_claim_dict)
response = loop.run_until_complete(async_client.keys_claim(missing))
assert isinstance(response, KeysClaimResponse)
assert not async_client.get_missing_sessions(TEST_ROOM_ID)
assert async_client.olm.session_store.get(alice_device.curve25519)
def test_client_unknown_device(self, olm_machine):
alice_device = OlmDevice(olm_machine.user_id, olm_machine.device_id,
olm_machine.account.identity_keys)
bob_device = faker.olm_device()
bob_sas = Sas(bob_device.user_id, bob_device.id, bob_device.ed25519,
alice_device)
start = {
"sender": bob_device.user_id,
"content": bob_sas.start_verification().content
}
start_event = KeyVerificationStart.from_dict(start)
olm_machine.handle_key_verification(start_event)
assert start_event.transaction_id not in olm_machine.key_verifications
assert bob_device.user_id in olm_machine.users_for_key_query
def test_client_unsupported_method(self, olm_machine):
alice_device = OlmDevice(olm_machine.user_id, olm_machine.device_id,
olm_machine.account.identity_keys)
bob_device = olm_machine.device_store[bob_id][bob_device_id]
bob_sas = Sas(bob_device.user_id, bob_device.id, bob_device.ed25519,
alice_device)
start = {
"sender": bob_device.user_id,
"content": bob_sas.start_verification().content
}
start_event = KeyVerificationStart.from_dict(start)
start_event.method = "unsupported"
assert not olm_machine.outgoing_to_device_messages
olm_machine.handle_key_verification(start_event)
assert start_event.transaction_id not in olm_machine.key_verifications
assert olm_machine.outgoing_to_device_messages
to_device = olm_machine.outgoing_to_device_messages[0]
assert (
start_event.transaction_id == to_device.content["transaction_id"])
def test_duplicate_verification(self, olm_machine):
alice_device = OlmDevice(olm_machine.user_id, olm_machine.device_id,
olm_machine.account.identity_keys)
bob_device = olm_machine.device_store[bob_id][bob_device_id]
bob_sas = Sas(bob_device.user_id, bob_device.id, bob_device.ed25519,
alice_device)
start = {
"sender": bob_device.user_id,
"content": bob_sas.start_verification().content
}
start_event = KeyVerificationStart.from_dict(start)
olm_machine.handle_key_verification(start_event)
alice_sas = olm_machine.key_verifications[start_event.transaction_id]
assert alice_sas
olm_machine.handle_key_verification(start_event)
assert alice_sas.canceled
new_alice_sas = olm_machine.get_active_sas(bob_id, bob_device_id)
assert new_alice_sas
assert not new_alice_sas.canceled
from nio.crypto import Sas, SasState, OlmDevice
from nio.exceptions import LocalProtocolError
from nio.events import (KeyVerificationStart, KeyVerificationAccept,
KeyVerificationKey, KeyVerificationMac)
from helpers import faker
alice_id = faker.mx_id()
alice_device_id = faker.device_id()
alice_keys = faker.olm_key_pair()
bob_id = faker.mx_id()
bob_device_id = faker.device_id()
bob_keys = faker.olm_key_pair()
alice_device = OlmDevice(alice_id, alice_device_id, alice_keys["ed25519"],
alice_keys["curve25519"])
bob_device = OlmDevice(bob_id, bob_device_id, bob_keys["ed25519"],
bob_keys["curve25519"])
class TestClass(object):
def test_sas_creation(self):
alice = Sas(alice_id, alice_device_id, alice_keys["ed25519"],
bob_device)
with pytest.raises(LocalProtocolError):
alice.accept_verification()
def test_sas_start(self):
alice = Sas(
from helpers import faker
from nio.crypto import OlmDevice, Sas, SasState
from nio.events import (KeyVerificationAccept, KeyVerificationCancel,
KeyVerificationKey, KeyVerificationMac,
KeyVerificationStart)
from nio.exceptions import LocalProtocolError
alice_id = "@alice:example.org"
alice_device_id = "JLAFKJWSCS"
alice_keys = faker.olm_key_pair()
bob_id = "@bob:example.org"
bob_device_id = "JLAFKJWSRS"
bob_keys = faker.olm_key_pair()
alice_device = OlmDevice(alice_id, alice_device_id, alice_keys)
bob_device = OlmDevice(bob_id, bob_device_id, bob_keys)
class TestClass:
def test_sas_creation(self):
alice = Sas(alice_id, alice_device_id, alice_keys["ed25519"],
bob_device)
with pytest.raises(LocalProtocolError):
alice.accept_verification()
def test_sas_start(self):
alice = Sas(
alice_id,
