def test_sealed_sender_happy():
alice_device_id = 2
bob_device_id = 3
alice_e164 = "alice_e164"
bob_e164 = "bob_e164"
alice_uuid = "alice_uuid"
bob_uuid = "bob_uuid"
alice_identity_key_pair = IdentityKeyPair.generate()
alice_registration_id = 1
alice_store = InMemSignalProtocolStore(
alice_identity_key_pair, alice_registration_id
)
alice_pubkey = alice_identity_key_pair.public_key()
bob_identity_key_pair = IdentityKeyPair.generate()
bob_registration_id = 2
bob_store = InMemSignalProtocolStore(bob_identity_key_pair, bob_registration_id)
bob_uuid_address = ProtocolAddress(bob_uuid, bob_device_id)
bob_pre_key_bundle = create_pre_key_bundle(bob_store)
process_prekey_bundle(
bob_uuid_address,
alice_store,
bob_pre_key_bundle,
)
trust_root = KeyPair.generate()
server_key = KeyPair.generate()
server_cert = ServerCertificate(
1, server_key.public_key(), trust_root.private_key()
)
expiration = 1234567
sender_cert = SenderCertificate(
alice_uuid,
alice_e164,
alice_pubkey,
alice_device_id,
expiration,
server_cert,
server_key.private_key(),
)
alice_plaintext = b"teehee"
alice_ciphertext = sealed_sender_encrypt(
bob_uuid_address, sender_cert, alice_plaintext, alice_store
)
bob_plaintext = sealed_sender_decrypt(
alice_ciphertext,
trust_root.public_key(),
expiration - 1,
bob_e164,
bob_uuid,
bob_device_id,
bob_store,
)
assert bob_plaintext.message() == alice_plaintext
assert bob_plaintext.sender_uuid() == alice_uuid
assert bob_plaintext.sender_e164() == alice_e164
assert bob_plaintext.device_id() == alice_device_id
def test_sealed_sender_invalid_trust_root():
alice_device_id = 2
bob_device_id = 3
alice_e164 = "alice_e164"
bob_e164 = "bob_e164"
alice_uuid = "alice_uuid"
bob_uuid = "bob_uuid"
alice_identity_key_pair = IdentityKeyPair.generate()
alice_registration_id = 1
alice_store = InMemSignalProtocolStore(
alice_identity_key_pair, alice_registration_id
)
alice_pubkey = alice_identity_key_pair.public_key()
bob_identity_key_pair = IdentityKeyPair.generate()
bob_registration_id = 2
bob_store = InMemSignalProtocolStore(bob_identity_key_pair, bob_registration_id)
bob_uuid_address = ProtocolAddress(bob_uuid, bob_device_id)
bob_pre_key_bundle = create_pre_key_bundle(bob_store)
process_prekey_bundle(
bob_uuid_address,
alice_store,
bob_pre_key_bundle,
)
trust_root = KeyPair.generate()
server_key = KeyPair.generate()
server_cert = ServerCertificate(
1, server_key.public_key(), trust_root.private_key()
)
expiration = 1234567
sender_cert = SenderCertificate(
alice_uuid,
alice_e164,
alice_pubkey,
alice_device_id,
expiration,
server_cert,
server_key.private_key(),
)
alice_plaintext = b"teehee"
alice_ciphertext = sealed_sender_encrypt(
bob_uuid_address, sender_cert, alice_plaintext, alice_store
)
invalid_trust_root = KeyPair.generate()
with pytest.raises(SignalProtocolException, match="invalid sealed sender"):
sealed_sender_decrypt(
alice_ciphertext,
invalid_trust_root.public_key(),
expiration + 1,
bob_e164,
bob_uuid,
bob_device_id,
bob_store,
)
def test_simultaneous_initiate_lost_message_repeated_messages():
alice_address = address.ProtocolAddress("+14151111111", 1)
bob_address = address.ProtocolAddress("+14151111112", 1)
alice_identity_key_pair = identity_key.IdentityKeyPair.generate()
bob_identity_key_pair = identity_key.IdentityKeyPair.generate()
alice_registration_id = 1 # TODO: generate these
bob_registration_id = 2
alice_store = storage.InMemSignalProtocolStore(alice_identity_key_pair,
alice_registration_id)
bob_store = storage.InMemSignalProtocolStore(bob_identity_key_pair,
bob_registration_id)
bob_pre_key_bundle = create_pre_key_bundle(bob_store)
session.process_prekey_bundle(
bob_address,
alice_store,
bob_pre_key_bundle,
)
lost_message_for_bob = session_cipher.message_encrypt(
alice_store, bob_address, b"it was so long ago")
for _ in range(15):
alice_pre_key_bundle = create_pre_key_bundle(alice_store)
bob_pre_key_bundle = create_pre_key_bundle(bob_store)
session.process_prekey_bundle(
bob_address,
alice_store,
bob_pre_key_bundle,
)
session.process_prekey_bundle(
alice_address,
bob_store,
alice_pre_key_bundle,
)
message_for_bob = session_cipher.message_encrypt(
alice_store, bob_address, b"hi bob")
message_for_alice = session_cipher.message_encrypt(
bob_store, alice_address, b"hi alice")
assert message_for_bob.message_type(
) == 3 # 3 == CiphertextMessageType::PreKey
assert (message_for_alice.message_type() == 3
) # 3 == CiphertextMessageType::PreKey
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
alice_plaintext = session_cipher.message_decrypt(
alice_store,
bob_address,
protocol.PreKeySignalMessage.try_from(
message_for_alice.serialize()),
)
assert alice_plaintext == b"hi alice"
bob_plaintext = session_cipher.message_decrypt(
bob_store,
alice_address,
protocol.PreKeySignalMessage.try_from(message_for_bob.serialize()),
)
assert bob_plaintext == b"hi bob"
assert alice_store.load_session(bob_address).session_version() == 3
assert bob_store.load_session(alice_address).session_version() == 3
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
for _ in range(50):
message_for_bob = session_cipher.message_encrypt(
alice_store, bob_address, b"hi bob")
message_for_alice = session_cipher.message_encrypt(
bob_store, alice_address, b"hi alice")
assert (message_for_bob.message_type() == 2
) # 2 == CiphertextMessageType::Whisper
assert (message_for_alice.message_type() == 2
) # 2 == CiphertextMessageType::Whisper
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
alice_plaintext = session_cipher.message_decrypt(
alice_store,
bob_address,
protocol.SignalMessage.try_from(message_for_alice.serialize()),
)
assert alice_plaintext == b"hi alice"
bob_plaintext = session_cipher.message_decrypt(
bob_store,
alice_address,
protocol.SignalMessage.try_from(message_for_bob.serialize()),
)
assert bob_plaintext == b"hi bob"
assert alice_store.load_session(bob_address).session_version() == 3
assert bob_store.load_session(alice_address).session_version() == 3
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
alice_response = session_cipher.message_encrypt(alice_store, bob_address,
b"nice to see you")
assert alice_response.message_type(
) == 2 # 2 == CiphertextMessageType::Whisper
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
bob_response = session_cipher.message_encrypt(bob_store, alice_address,
b"you as well")
assert bob_response.message_type(
) == 2 # CiphertextMessageType::Whisper => 2
response_plaintext = session_cipher.message_decrypt(
alice_store,
bob_address,
protocol.SignalMessage.try_from(bob_response.serialize()),
)
assert response_plaintext == b"you as well"
assert is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
blast_from_the_past = session_cipher.message_decrypt(
bob_store,
alice_address,
protocol.PreKeySignalMessage.try_from(
lost_message_for_bob.serialize()),
)
assert blast_from_the_past == b"it was so long ago"
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
bob_response = session_cipher.message_encrypt(bob_store, alice_address,
b"so it was")
assert bob_response.message_type(
) == 2 # CiphertextMessageType::Whisper => 2
response_plaintext = session_cipher.message_decrypt(
alice_store,
bob_address,
protocol.SignalMessage.try_from(bob_response.serialize()),
)
assert response_plaintext == b"so it was"
assert is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)