Esempio n. 1
0
    def test_sas_local_errors(self):
        alice = Sas(
            alice_id,
            alice_device_id,
            alice_keys["ed25519"],
            bob_device,
        )
        start = {
            "sender": alice_id,
            "content": alice.start_verification().content
        }
        start_event = KeyVerificationStart.from_dict(start)

        bob = Sas.from_key_verification_start(bob_id, bob_device_id,
                                              bob_keys["ed25519"],
                                              alice_device, start_event)

        alice.set_their_pubkey(bob.pubkey)
        alice.state = SasState.canceled
        bob.state = SasState.canceled

        with pytest.raises(LocalProtocolError):
            bob.accept_verification()

        with pytest.raises(LocalProtocolError):
            alice.share_key()

        alice.sas_accepted = True

        with pytest.raises(LocalProtocolError):
            alice.get_mac()
Esempio n. 2
0
    def test_client_full_sas(self, olm_machine):
        alice_device = OlmDevice(olm_machine.user_id, olm_machine.device_id,
                                 olm_machine.account.identity_keys)
        bob_device = olm_machine.device_store[bob_id][bob_device_id]
        bob_sas = Sas(
            bob_id,
            bob_device_id,
            bob_device.ed25519,
            alice_device,
        )

        start = {
            "sender": bob_id,
            "content": bob_sas.start_verification().content
        }
        start_event = KeyVerificationStart.from_dict(start)

        assert olm_machine.device_store[bob_id][bob_device_id]
        olm_machine.handle_key_verification(start_event)

        alice_sas = olm_machine.key_verifications[start_event.transaction_id]

        accept = {
            "sender": olm_machine.user_id,
            "content": alice_sas.accept_verification().content
        }
        accept_event = KeyVerificationAccept.from_dict(accept)

        bob_sas.receive_accept_event(accept_event)

        bob_key = {"sender": bob_id, "content": bob_sas.share_key().content}
        bob_key_event = KeyVerificationKey.from_dict(bob_key)

        olm_machine.handle_key_verification(bob_key_event)

        alice_key = {
            "sender": alice_id,
            "content": alice_sas.share_key().content
        }
        alice_key_event = KeyVerificationKey.from_dict(alice_key)
        bob_sas.receive_key_event(alice_key_event)

        assert alice_sas.other_key_set
        assert bob_sas.other_key_set

        bob_sas.accept_sas()

        bob_mac = {"sender": bob_id, "content": bob_sas.get_mac().content}

        bob_mac_event = KeyVerificationMac.from_dict(bob_mac)

        olm_machine.handle_key_verification(bob_mac_event)
        assert alice_sas.state == SasState.mac_received
        assert not alice_sas.verified

        alice_sas.accept_sas()
        assert alice_sas.verified
        bob_mac_event.keys = "fake_keys"
        olm_machine.handle_key_verification(bob_mac_event)
        assert alice_sas.verified
Esempio n. 3
0
    def test_sas_old_mac_method(self):
        alice = Sas(
            alice_id,
            alice_device_id,
            alice_keys["ed25519"],
            bob_device,
        )
        start = {
            "sender": alice_id,
            "content": alice.start_verification().content
        }
        start_event = KeyVerificationStart.from_dict(start)
        start_event.message_authentication_codes.remove(Sas._mac_normal)

        bob = Sas.from_key_verification_start(bob_id, bob_device_id,
                                              bob_keys["ed25519"],
                                              alice_device, start_event)

        with pytest.raises(LocalProtocolError):
            alice.accept_sas()

        alice.set_their_pubkey(bob.pubkey)
        bob.set_their_pubkey(alice.pubkey)

        alice.state = SasState.key_received
        bob.state = SasState.key_received
        alice.chosen_mac_method = Sas._mac_normal
        bob.chosen_mac_method = Sas._mac_normal

        with pytest.raises(LocalProtocolError):
            alice.get_mac()

        alice.accept_sas()
        alice_mac = {"sender": alice_id, "content": alice.get_mac().content}

        mac_event = KeyVerificationMac.from_dict(alice_mac)
        assert isinstance(mac_event, KeyVerificationMac)
        assert not bob.verified

        bob.receive_mac_event(mac_event)
        assert bob.state == SasState.mac_received
        assert not bob.verified

        bob.accept_sas()
        assert bob.verified
Esempio n. 4
0
    def test_client_invalid_key(self, olm_machine):
        alice_device = OlmDevice(olm_machine.user_id, olm_machine.device_id,
                                 olm_machine.account.identity_keys)
        bob_sas = Sas(
            bob_id,
            bob_device_id,
            faker.olm_key_pair()["ed25519"],
            alice_device,
        )

        start = {
            "sender": bob_id,
            "content": bob_sas.start_verification().content
        }
        start_event = KeyVerificationStart.from_dict(start)

        assert olm_machine.device_store[bob_id][bob_device_id]
        olm_machine.handle_key_verification(start_event)

        alice_sas = olm_machine.key_verifications[start_event.transaction_id]

        accept = {
            "sender": olm_machine.user_id,
            "content": alice_sas.accept_verification().content
        }
        accept_event = KeyVerificationAccept.from_dict(accept)

        bob_sas.receive_accept_event(accept_event)

        bob_key = {"sender": bob_id, "content": bob_sas.share_key().content}
        bob_key_event = KeyVerificationKey.from_dict(bob_key)

        olm_machine.handle_key_verification(bob_key_event)

        alice_key = {
            "sender": alice_id,
            "content": alice_sas.share_key().content
        }
        alice_key_event = KeyVerificationKey.from_dict(alice_key)
        bob_sas.receive_key_event(alice_key_event)

        assert alice_sas.other_key_set
        assert bob_sas.other_key_set

        bob_sas.accept_sas()

        bob_mac = {"sender": bob_id, "content": bob_sas.get_mac().content}

        bob_mac_event = KeyVerificationMac.from_dict(bob_mac)

        olm_machine.handle_key_verification(bob_mac_event)
        assert alice_sas.state == SasState.canceled
        assert not alice_sas.verified

        with pytest.raises(LocalProtocolError):
            alice_sas.accept_sas()
Esempio n. 5
0
    def test_sas_mac(self):
        alice = Sas(
            alice_id,
            alice_device_id,
            alice_keys["ed25519"],
            bob_device,
        )
        start = {"sender": alice_id, "content": alice.start_verification()}
        start_event = KeyVerificationStart.from_dict(start)

        bob = Sas.from_key_verification_start(bob_id, bob_device_id,
                                              bob_keys["ed25519"],
                                              alice_device, start_event)

        with pytest.raises(LocalProtocolError):
            alice.accept_sas()

        alice.set_their_pubkey(bob.pubkey)
        bob.set_their_pubkey(alice.pubkey)

        alice.state = SasState.key_received
        bob.state = SasState.key_received

        with pytest.raises(LocalProtocolError):
            alice.get_mac()

        alice.accept_sas()
        alice_mac = {"sender": alice_id, "content": alice.get_mac()}

        mac_event = KeyVerificationMac.from_dict(alice_mac)
        assert isinstance(mac_event, KeyVerificationMac)
        assert not bob.verified

        bob.receive_mac_event(mac_event)
        assert bob.state == SasState.mac_received
        assert not bob.verified

        bob.accept_sas()
        assert bob.verified
Esempio n. 6
0
    def test_sas_invalid_mac(self):
        alice = Sas(
            alice_id,
            alice_device_id,
            alice_keys["ed25519"],
            bob_device,
        )
        start = {
            "sender": alice_id,
            "content": alice.start_verification().content
        }
        start_event = KeyVerificationStart.from_dict(start)

        bob = Sas.from_key_verification_start(bob_id, bob_device_id,
                                              bob_keys["ed25519"],
                                              alice_device, start_event)

        with pytest.raises(LocalProtocolError):
            alice.accept_sas()

        alice.set_their_pubkey(bob.pubkey)
        bob.set_their_pubkey(alice.pubkey)

        alice.state = SasState.key_received
        bob.state = SasState.key_received
        alice.chosen_mac_method = Sas._mac_normal
        bob.chosen_mac_method = Sas._mac_normal

        alice.accept_sas()
        alice_mac = {"sender": alice_id, "content": alice.get_mac().content}

        mac_event = KeyVerificationMac.from_dict(alice_mac)
        mac_event.keys = "FAKEKEYS"

        bob.receive_mac_event(mac_event)
        assert bob.canceled
        assert not bob.verified

        bob.state = SasState.key_received
        assert not bob.canceled

        mac_event = KeyVerificationMac.from_dict(alice_mac)
        mac_event.mac["ed25519:{}".format(alice_device_id)] = "FAKEKEYS"

        bob.receive_mac_event(mac_event)
        assert bob.canceled
        assert not bob.verified