def test_sealed_sender_happy():
alice_device_id = 2
bob_device_id = 3
alice_e164 = "alice_e164"
bob_e164 = "bob_e164"
alice_uuid = "alice_uuid"
bob_uuid = "bob_uuid"
alice_identity_key_pair = IdentityKeyPair.generate()
alice_registration_id = 1
alice_store = InMemSignalProtocolStore(
alice_identity_key_pair, alice_registration_id
)
alice_pubkey = alice_identity_key_pair.public_key()
bob_identity_key_pair = IdentityKeyPair.generate()
bob_registration_id = 2
bob_store = InMemSignalProtocolStore(bob_identity_key_pair, bob_registration_id)
bob_uuid_address = ProtocolAddress(bob_uuid, bob_device_id)
bob_pre_key_bundle = create_pre_key_bundle(bob_store)
process_prekey_bundle(
bob_uuid_address,
alice_store,
bob_pre_key_bundle,
)
trust_root = KeyPair.generate()
server_key = KeyPair.generate()
server_cert = ServerCertificate(
1, server_key.public_key(), trust_root.private_key()
)
expiration = 1234567
sender_cert = SenderCertificate(
alice_uuid,
alice_e164,
alice_pubkey,
alice_device_id,
expiration,
server_cert,
server_key.private_key(),
)
alice_plaintext = b"teehee"
alice_ciphertext = sealed_sender_encrypt(
bob_uuid_address, sender_cert, alice_plaintext, alice_store
)
bob_plaintext = sealed_sender_decrypt(
alice_ciphertext,
trust_root.public_key(),
expiration - 1,
bob_e164,
bob_uuid,
bob_device_id,
bob_store,
)
assert bob_plaintext.message() == alice_plaintext
assert bob_plaintext.sender_uuid() == alice_uuid
assert bob_plaintext.sender_e164() == alice_e164
assert bob_plaintext.device_id() == alice_device_id
def test_sealed_sender_invalid_trust_root():
alice_device_id = 2
bob_device_id = 3
alice_e164 = "alice_e164"
bob_e164 = "bob_e164"
alice_uuid = "alice_uuid"
bob_uuid = "bob_uuid"
alice_identity_key_pair = IdentityKeyPair.generate()
alice_registration_id = 1
alice_store = InMemSignalProtocolStore(
alice_identity_key_pair, alice_registration_id
)
alice_pubkey = alice_identity_key_pair.public_key()
bob_identity_key_pair = IdentityKeyPair.generate()
bob_registration_id = 2
bob_store = InMemSignalProtocolStore(bob_identity_key_pair, bob_registration_id)
bob_uuid_address = ProtocolAddress(bob_uuid, bob_device_id)
bob_pre_key_bundle = create_pre_key_bundle(bob_store)
process_prekey_bundle(
bob_uuid_address,
alice_store,
bob_pre_key_bundle,
)
trust_root = KeyPair.generate()
server_key = KeyPair.generate()
server_cert = ServerCertificate(
1, server_key.public_key(), trust_root.private_key()
)
expiration = 1234567
sender_cert = SenderCertificate(
alice_uuid,
alice_e164,
alice_pubkey,
alice_device_id,
expiration,
server_cert,
server_key.private_key(),
)
alice_plaintext = b"teehee"
alice_ciphertext = sealed_sender_encrypt(
bob_uuid_address, sender_cert, alice_plaintext, alice_store
)
invalid_trust_root = KeyPair.generate()
with pytest.raises(SignalProtocolException, match="invalid sealed sender"):
sealed_sender_decrypt(
alice_ciphertext,
invalid_trust_root.public_key(),
expiration + 1,
bob_e164,
bob_uuid,
bob_device_id,
bob_store,
)
def test_optional_one_time_prekey():
alice_address = address.ProtocolAddress("+14151111111", DEVICE_ID)
bob_address = address.ProtocolAddress("+14151111112", DEVICE_ID)
alice_identity_key_pair = identity_key.IdentityKeyPair.generate()
bob_identity_key_pair = identity_key.IdentityKeyPair.generate()
alice_registration_id = 1 # TODO: generate these
bob_registration_id = 2
alice_store = storage.InMemSignalProtocolStore(alice_identity_key_pair,
alice_registration_id)
bob_store = storage.InMemSignalProtocolStore(bob_identity_key_pair,
bob_registration_id)
bob_signed_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_public = bob_signed_pre_key_pair.public_key().serialize(
)
bob_signed_pre_key_signature = (bob_store.get_identity_key_pair(
).private_key().calculate_signature(bob_signed_pre_key_public))
signed_pre_key_id = 22
bob_pre_key_bundle = state.PreKeyBundle(
bob_store.get_local_registration_id(),
DEVICE_ID,
None, # No prekey
None, # No prekey
signed_pre_key_id,
bob_signed_pre_key_pair.public_key(),
bob_signed_pre_key_signature,
bob_store.get_identity_key_pair().identity_key(),
)
session.process_prekey_bundle(
bob_address,
alice_store,
bob_pre_key_bundle,
)
assert alice_store.load_session(bob_address).session_version() == 3
original_message = b"Hobgoblins hold themselves to high standards of military honor"
outgoing_message = session_cipher.message_encrypt(alice_store, bob_address,
original_message)
outgoing_message.message_type() == 3 # 3 == CiphertextMessageType::PreKey
incoming_message = protocol.PreKeySignalMessage.try_from(
outgoing_message.serialize())
signed_prekey = state.SignedPreKeyRecord(
signed_pre_key_id,
42,
bob_signed_pre_key_pair,
bob_signed_pre_key_signature,
)
bob_store.save_signed_pre_key(signed_pre_key_id, signed_prekey)
plaintext = session_cipher.message_decrypt(bob_store, alice_address,
incoming_message)
assert original_message == plaintext
def test_simultaneous_initiate_lost_message_repeated_messages():
alice_address = address.ProtocolAddress("+14151111111", 1)
bob_address = address.ProtocolAddress("+14151111112", 1)
alice_identity_key_pair = identity_key.IdentityKeyPair.generate()
bob_identity_key_pair = identity_key.IdentityKeyPair.generate()
alice_registration_id = 1 # TODO: generate these
bob_registration_id = 2
alice_store = storage.InMemSignalProtocolStore(alice_identity_key_pair,
alice_registration_id)
bob_store = storage.InMemSignalProtocolStore(bob_identity_key_pair,
bob_registration_id)
bob_pre_key_bundle = create_pre_key_bundle(bob_store)
session.process_prekey_bundle(
bob_address,
alice_store,
bob_pre_key_bundle,
)
lost_message_for_bob = session_cipher.message_encrypt(
alice_store, bob_address, b"it was so long ago")
for _ in range(15):
alice_pre_key_bundle = create_pre_key_bundle(alice_store)
bob_pre_key_bundle = create_pre_key_bundle(bob_store)
session.process_prekey_bundle(
bob_address,
alice_store,
bob_pre_key_bundle,
)
session.process_prekey_bundle(
alice_address,
bob_store,
alice_pre_key_bundle,
)
message_for_bob = session_cipher.message_encrypt(
alice_store, bob_address, b"hi bob")
message_for_alice = session_cipher.message_encrypt(
bob_store, alice_address, b"hi alice")
assert message_for_bob.message_type(
) == 3 # 3 == CiphertextMessageType::PreKey
assert (message_for_alice.message_type() == 3
) # 3 == CiphertextMessageType::PreKey
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
alice_plaintext = session_cipher.message_decrypt(
alice_store,
bob_address,
protocol.PreKeySignalMessage.try_from(
message_for_alice.serialize()),
)
assert alice_plaintext == b"hi alice"
bob_plaintext = session_cipher.message_decrypt(
bob_store,
alice_address,
protocol.PreKeySignalMessage.try_from(message_for_bob.serialize()),
)
assert bob_plaintext == b"hi bob"
assert alice_store.load_session(bob_address).session_version() == 3
assert bob_store.load_session(alice_address).session_version() == 3
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
for _ in range(50):
message_for_bob = session_cipher.message_encrypt(
alice_store, bob_address, b"hi bob")
message_for_alice = session_cipher.message_encrypt(
bob_store, alice_address, b"hi alice")
assert (message_for_bob.message_type() == 2
) # 2 == CiphertextMessageType::Whisper
assert (message_for_alice.message_type() == 2
) # 2 == CiphertextMessageType::Whisper
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
alice_plaintext = session_cipher.message_decrypt(
alice_store,
bob_address,
protocol.SignalMessage.try_from(message_for_alice.serialize()),
)
assert alice_plaintext == b"hi alice"
bob_plaintext = session_cipher.message_decrypt(
bob_store,
alice_address,
protocol.SignalMessage.try_from(message_for_bob.serialize()),
)
assert bob_plaintext == b"hi bob"
assert alice_store.load_session(bob_address).session_version() == 3
assert bob_store.load_session(alice_address).session_version() == 3
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
alice_response = session_cipher.message_encrypt(alice_store, bob_address,
b"nice to see you")
assert alice_response.message_type(
) == 2 # 2 == CiphertextMessageType::Whisper
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
bob_response = session_cipher.message_encrypt(bob_store, alice_address,
b"you as well")
assert bob_response.message_type(
) == 2 # CiphertextMessageType::Whisper => 2
response_plaintext = session_cipher.message_decrypt(
alice_store,
bob_address,
protocol.SignalMessage.try_from(bob_response.serialize()),
)
assert response_plaintext == b"you as well"
assert is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
blast_from_the_past = session_cipher.message_decrypt(
bob_store,
alice_address,
protocol.PreKeySignalMessage.try_from(
lost_message_for_bob.serialize()),
)
assert blast_from_the_past == b"it was so long ago"
assert not is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
bob_response = session_cipher.message_encrypt(bob_store, alice_address,
b"so it was")
assert bob_response.message_type(
) == 2 # CiphertextMessageType::Whisper => 2
response_plaintext = session_cipher.message_decrypt(
alice_store,
bob_address,
protocol.SignalMessage.try_from(bob_response.serialize()),
)
assert response_plaintext == b"so it was"
assert is_session_id_equal(alice_store, alice_address, bob_store,
bob_address)
def test_bad_message_bundle():
alice_address = address.ProtocolAddress("+14151111111", DEVICE_ID)
bob_address = address.ProtocolAddress("+14151111112", DEVICE_ID)
alice_identity_key_pair = identity_key.IdentityKeyPair.generate()
bob_identity_key_pair = identity_key.IdentityKeyPair.generate()
alice_registration_id = 1 # TODO: generate these
bob_registration_id = 2
alice_store = storage.InMemSignalProtocolStore(alice_identity_key_pair,
alice_registration_id)
bob_store = storage.InMemSignalProtocolStore(bob_identity_key_pair,
bob_registration_id)
bob_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_public = bob_signed_pre_key_pair.public_key().serialize(
)
bob_signed_pre_key_signature = (bob_store.get_identity_key_pair(
).private_key().calculate_signature(bob_signed_pre_key_public))
pre_key_id = 31337
signed_pre_key_id = 22
bob_pre_key_bundle = state.PreKeyBundle(
bob_store.get_local_registration_id(),
DEVICE_ID,
pre_key_id,
bob_pre_key_pair.public_key(),
signed_pre_key_id,
bob_signed_pre_key_pair.public_key(),
bob_signed_pre_key_signature,
bob_store.get_identity_key_pair().identity_key(),
)
session.process_prekey_bundle(
bob_address,
alice_store,
bob_pre_key_bundle,
)
bob_prekey = state.PreKeyRecord(pre_key_id, bob_pre_key_pair)
bob_store.save_pre_key(pre_key_id, bob_prekey)
signed_prekey = state.SignedPreKeyRecord(
signed_pre_key_id,
42,
bob_signed_pre_key_pair,
bob_signed_pre_key_signature,
)
bob_store.save_signed_pre_key(signed_pre_key_id, signed_prekey)
assert alice_store.load_session(bob_address)
assert alice_store.load_session(bob_address).session_version() == 3
original_message = b"Hobgoblins hold themselves to high standards of military honor"
assert bob_store.get_pre_key(pre_key_id)
outgoing_message = session_cipher.message_encrypt(alice_store, bob_address,
original_message)
outgoing_message.message_type() == 3 # 3 == CiphertextMessageType::PreKey
outgoing_message_wire = outgoing_message.serialize()
edit_point = len(outgoing_message_wire) - 10
corrupted_message = (outgoing_message_wire[:edit_point] +
bytes([outgoing_message_wire[edit_point] ^ 0x01]) +
outgoing_message_wire[edit_point + 1:])
incoming_message = protocol.PreKeySignalMessage.try_from(corrupted_message)
# This incoming message is corrupted, so we expect an exception to be raised
with pytest.raises(SignalProtocolException):
session_cipher.message_decrypt(bob_store, alice_address,
incoming_message)
assert bob_store.get_pre_key(pre_key_id)
incoming_message = protocol.PreKeySignalMessage.try_from(
outgoing_message_wire)
plaintext = session_cipher.message_decrypt(bob_store, alice_address,
incoming_message)
assert original_message == plaintext
# Trying to get the prekey will now fail, as the prekey has been used and removed from the store
with pytest.raises(SignalProtocolException,
match="invalid prekey identifier"):
assert bob_store.get_pre_key(pre_key_id)
def test_repeat_bundle_message_v3():
alice_address = address.ProtocolAddress("+14151111111", DEVICE_ID)
bob_address = address.ProtocolAddress("+14151111112", DEVICE_ID)
alice_identity_key_pair = identity_key.IdentityKeyPair.generate()
bob_identity_key_pair = identity_key.IdentityKeyPair.generate()
alice_registration_id = 1 # TODO: generate these
bob_registration_id = 2
alice_store = storage.InMemSignalProtocolStore(alice_identity_key_pair,
alice_registration_id)
bob_store = storage.InMemSignalProtocolStore(bob_identity_key_pair,
bob_registration_id)
bob_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_public = bob_signed_pre_key_pair.public_key().serialize(
)
bob_signed_pre_key_signature = (bob_store.get_identity_key_pair(
).private_key().calculate_signature(bob_signed_pre_key_public))
pre_key_id = 31337
signed_pre_key_id = 22
bob_pre_key_bundle = state.PreKeyBundle(
bob_store.get_local_registration_id(),
DEVICE_ID,
pre_key_id,
bob_pre_key_pair.public_key(),
signed_pre_key_id,
bob_signed_pre_key_pair.public_key(),
bob_signed_pre_key_signature,
bob_store.get_identity_key_pair().identity_key(),
)
session.process_prekey_bundle(
bob_address,
alice_store,
bob_pre_key_bundle,
)
assert alice_store.load_session(bob_address)
assert alice_store.load_session(bob_address).session_version() == 3
original_message = b"Hobgoblins hold themselves to high standards of military honor"
outgoing_message1 = session_cipher.message_encrypt(alice_store,
bob_address,
original_message)
outgoing_message2 = session_cipher.message_encrypt(alice_store,
bob_address,
original_message)
outgoing_message1.message_type() == 3 # 3 == CiphertextMessageType::PreKey
outgoing_message2.message_type() == 3 # 3 == CiphertextMessageType::PreKey
incoming_message = protocol.PreKeySignalMessage.try_from(
outgoing_message1.serialize())
bob_prekey = state.PreKeyRecord(pre_key_id, bob_pre_key_pair)
bob_store.save_pre_key(pre_key_id, bob_prekey)
signed_prekey = state.SignedPreKeyRecord(
signed_pre_key_id,
42,
bob_signed_pre_key_pair,
bob_signed_pre_key_signature,
)
bob_store.save_signed_pre_key(signed_pre_key_id, signed_prekey)
ptext = session_cipher.message_decrypt(bob_store, alice_address,
incoming_message)
assert original_message == ptext
bob_outgoing = session_cipher.message_encrypt(bob_store, alice_address,
original_message)
assert bob_outgoing.message_type(
) == 2 # 2 == CiphertextMessageType::Whisper
alice_decrypts = session_cipher.message_decrypt(alice_store, bob_address,
bob_outgoing)
assert alice_decrypts == original_message
# Verify the second message can be processed
incoming_message2 = protocol.PreKeySignalMessage.try_from(
outgoing_message2.serialize())
ptext = session_cipher.message_decrypt(bob_store, alice_address,
incoming_message2)
assert original_message == ptext
bob_outgoing = session_cipher.message_encrypt(bob_store, alice_address,
original_message)
alice_decrypts = session_cipher.message_decrypt(alice_store, bob_address,
bob_outgoing)
assert alice_decrypts == original_message
def test_basic_prekey_v3():
alice_address = address.ProtocolAddress("+14151111111", DEVICE_ID)
bob_address = address.ProtocolAddress("+14151111112", DEVICE_ID)
alice_identity_key_pair = identity_key.IdentityKeyPair.generate()
bob_identity_key_pair = identity_key.IdentityKeyPair.generate()
alice_registration_id = 1 # TODO: generate these
bob_registration_id = 2
alice_store = storage.InMemSignalProtocolStore(alice_identity_key_pair,
alice_registration_id)
bob_store = storage.InMemSignalProtocolStore(bob_identity_key_pair,
bob_registration_id)
bob_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_public = bob_signed_pre_key_pair.public_key().serialize(
)
bob_signed_pre_key_signature = (bob_store.get_identity_key_pair(
).private_key().calculate_signature(bob_signed_pre_key_public))
pre_key_id = 31337
signed_pre_key_id = 22
bob_pre_key_bundle = state.PreKeyBundle(
bob_store.get_local_registration_id(),
DEVICE_ID,
pre_key_id,
bob_pre_key_pair.public_key(),
signed_pre_key_id,
bob_signed_pre_key_pair.public_key(),
bob_signed_pre_key_signature,
bob_store.get_identity_key_pair().identity_key(),
)
assert alice_store.load_session(bob_address) is None
# Below standalone function would make more sense as a method on alice_store?
session.process_prekey_bundle(
bob_address,
alice_store,
bob_pre_key_bundle,
)
assert alice_store.load_session(bob_address)
assert alice_store.load_session(bob_address).session_version() == 3
original_message = b"Hobgoblins hold themselves to high standards of military honor"
outgoing_message = session_cipher.message_encrypt(alice_store, bob_address,
original_message)
outgoing_message.message_type() == 3 # 3 == CiphertextMessageType::PreKey
outgoing_message_wire = outgoing_message.serialize()
# Now over to fake Bob for processing the first message
incoming_message = protocol.PreKeySignalMessage.try_from(
outgoing_message_wire)
bob_prekey = state.PreKeyRecord(pre_key_id, bob_pre_key_pair)
bob_store.save_pre_key(pre_key_id, bob_prekey)
signed_prekey = state.SignedPreKeyRecord(
signed_pre_key_id,
42,
bob_signed_pre_key_pair,
bob_signed_pre_key_signature,
)
bob_store.save_signed_pre_key(signed_pre_key_id, signed_prekey)
assert bob_store.load_session(alice_address) is None
plaintext = session_cipher.message_decrypt(bob_store, alice_address,
incoming_message)
assert original_message == plaintext
bobs_response = b"Who watches the watchers?"
assert bob_store.load_session(alice_address)
bobs_session_with_alice = bob_store.load_session(alice_address)
assert bobs_session_with_alice.session_version() == 3
assert len(bobs_session_with_alice.alice_base_key()) == 32 + 1
bob_outgoing = session_cipher.message_encrypt(bob_store, alice_address,
bobs_response)
assert bob_outgoing.message_type(
) == 2 # 2 == CiphertextMessageType::Whisper
# Now back to fake alice
alice_decrypts = session_cipher.message_decrypt(alice_store, bob_address,
bob_outgoing)
assert alice_decrypts == bobs_response
run_interaction(alice_store, alice_address, bob_store, bob_address)
alice_identity_key_pair = identity_key.IdentityKeyPair.generate()
alice_registration_id = 1 # TODO: generate these
alice_store = storage.InMemSignalProtocolStore(alice_identity_key_pair,
alice_registration_id)
bob_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_public = bob_signed_pre_key_pair.public_key().serialize(
)
bob_signed_pre_key_signature = (bob_store.get_identity_key_pair(
).private_key().calculate_signature(bob_signed_pre_key_public))
pre_key_id = 31337
signed_pre_key_id = 22
bob_pre_key_bundle = state.PreKeyBundle(
bob_store.get_local_registration_id(),
DEVICE_ID,
pre_key_id + 1,
bob_pre_key_pair.public_key(),
signed_pre_key_id + 1,
bob_signed_pre_key_pair.public_key(),
bob_signed_pre_key_signature,
bob_store.get_identity_key_pair().identity_key(),
)
bob_prekey = state.PreKeyRecord(pre_key_id + 1, bob_pre_key_pair)
bob_store.save_pre_key(pre_key_id + 1, bob_prekey)
signed_prekey = state.SignedPreKeyRecord(
signed_pre_key_id + 1,
42,
bob_signed_pre_key_pair,
bob_signed_pre_key_signature,
)
bob_store.save_signed_pre_key(signed_pre_key_id + 1, signed_prekey)
session.process_prekey_bundle(
bob_address,
alice_store,
bob_pre_key_bundle,
)
outgoing_message = session_cipher.message_encrypt(alice_store, bob_address,
original_message)
with pytest.raises(SignalProtocolException, match="untrusted identity"):
session_cipher.message_decrypt(bob_store, alice_address,
outgoing_message)
assert bob_store.save_identity(
alice_address,
alice_store.get_identity_key_pair().identity_key())
decrypted = session_cipher.message_decrypt(bob_store, alice_address,
outgoing_message)
assert decrypted == original_message
# Sign pre-key with wrong key
bob_pre_key_bundle = state.PreKeyBundle(
bob_store.get_local_registration_id(),
DEVICE_ID,
pre_key_id,
bob_pre_key_pair.public_key(),
signed_pre_key_id,
bob_signed_pre_key_pair.public_key(),
bob_signed_pre_key_signature,
alice_store.get_identity_key_pair().identity_key(),
)
with pytest.raises(SignalProtocolException):
session.process_prekey_bundle(bob_address, alice_store,
bob_pre_key_bundle)
def test_bad_signed_pre_key_signature():
bob_address = address.ProtocolAddress("+14151111112", DEVICE_ID)
alice_identity_key_pair = identity_key.IdentityKeyPair.generate()
bob_identity_key_pair = identity_key.IdentityKeyPair.generate()
alice_registration_id = 1 # TODO: generate these
bob_registration_id = 2
alice_store = storage.InMemSignalProtocolStore(alice_identity_key_pair,
alice_registration_id)
bob_store = storage.InMemSignalProtocolStore(bob_identity_key_pair,
bob_registration_id)
bob_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_public = bob_signed_pre_key_pair.public_key().serialize(
)
bob_signed_pre_key_signature = (bob_store.get_identity_key_pair(
).private_key().calculate_signature(bob_signed_pre_key_public))
pre_key_id = 31337
signed_pre_key_id = 22
for bit in range(8):
bit *= len(bob_signed_pre_key_signature)
edit_point = bit // 8
bad_signature = (bob_signed_pre_key_signature[:edit_point] + bytes(
[bob_signed_pre_key_signature[edit_point] ^ 0x01 <<
(bit % 8)]) + bob_signed_pre_key_signature[edit_point + 1:])
# Sanity checks for bad signature
assert len(bad_signature) == len(bob_signed_pre_key_signature)
assert bad_signature != bob_signed_pre_key_signature
bob_pre_key_bundle = state.PreKeyBundle(
bob_store.get_local_registration_id(),
DEVICE_ID,
pre_key_id,
bob_pre_key_pair.public_key(),
signed_pre_key_id,
bob_signed_pre_key_pair.public_key(),
bad_signature,
bob_store.get_identity_key_pair().identity_key(),
)
with pytest.raises(SignalProtocolException):
session.process_prekey_bundle(bob_address, alice_store,
bob_pre_key_bundle)
# Finally check that the non-corrupted signature is accepted:
bob_pre_key_bundle = state.PreKeyBundle(
bob_store.get_local_registration_id(),
DEVICE_ID,
pre_key_id,
bob_pre_key_pair.public_key(),
signed_pre_key_id,
bob_signed_pre_key_pair.public_key(),
bob_signed_pre_key_signature,
bob_store.get_identity_key_pair().identity_key(),
)
session.process_prekey_bundle(bob_address, alice_store, bob_pre_key_bundle)
def test_basic_large_message():
alice_address = address.ProtocolAddress("+14151111111", DEVICE_ID)
bob_address = address.ProtocolAddress("+14151111112", DEVICE_ID)
alice_identity_key_pair = identity_key.IdentityKeyPair.generate()
bob_identity_key_pair = identity_key.IdentityKeyPair.generate()
alice_registration_id = 1 # TODO: generate these
bob_registration_id = 2
alice_store = storage.InMemSignalProtocolStore(alice_identity_key_pair,
alice_registration_id)
bob_store = storage.InMemSignalProtocolStore(bob_identity_key_pair,
bob_registration_id)
bob_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_pair = curve.KeyPair.generate()
bob_signed_pre_key_public = bob_signed_pre_key_pair.public_key().serialize(
)
bob_signed_pre_key_signature = (bob_store.get_identity_key_pair(
).private_key().calculate_signature(bob_signed_pre_key_public))
pre_key_id = 31337
signed_pre_key_id = 22
bob_pre_key_bundle = state.PreKeyBundle(
bob_store.get_local_registration_id(),
DEVICE_ID,
pre_key_id,
bob_pre_key_pair.public_key(),
signed_pre_key_id,
bob_signed_pre_key_pair.public_key(),
bob_signed_pre_key_signature,
bob_store.get_identity_key_pair().identity_key(),
)
assert alice_store.load_session(bob_address) is None
# Below standalone function would make more sense as a method on alice_store?
session.process_prekey_bundle(
bob_address,
alice_store,
bob_pre_key_bundle,
)
assert alice_store.load_session(bob_address)
assert alice_store.load_session(bob_address).session_version() == 3
original_message = bytes(1024 * 1000) # 1 MB empty attachment
outgoing_message = session_cipher.message_encrypt(alice_store, bob_address,
original_message)
outgoing_message.message_type() == 3 # 3 == CiphertextMessageType::PreKey
outgoing_message_wire = outgoing_message.serialize()
incoming_message = protocol.PreKeySignalMessage.try_from(
outgoing_message_wire)
bob_prekey = state.PreKeyRecord(pre_key_id, bob_pre_key_pair)
bob_store.save_pre_key(pre_key_id, bob_prekey)
signed_prekey = state.SignedPreKeyRecord(
signed_pre_key_id,
42,
bob_signed_pre_key_pair,
bob_signed_pre_key_signature,
)
bob_store.save_signed_pre_key(signed_pre_key_id, signed_prekey)
plaintext = session_cipher.message_decrypt(bob_store, alice_address,
incoming_message)
assert original_message == plaintext
