def test_megolm_outbound_session():
session = MegolmOutboundSession()
assert session.max_messages == 100
assert session.max_age == timedelta(days=7)
session = MegolmOutboundSession(max_messages=1, max_age=100000)
assert session.max_messages == 1
assert session.max_age == timedelta(milliseconds=100000)
assert not session.devices
session.add_device('test')
assert 'test' in session.devices
session.add_devices({'test2', 'test3'})
assert 'test2' in session.devices and 'test3' in session.devices
assert not session.should_rotate()
session.encrypt('message')
assert session.should_rotate()
session.max_messages = 2
assert not session.should_rotate()
session.creation_time = datetime.now() - timedelta(milliseconds=100000)
assert session.should_rotate()
def test_megolm_decrypt_event(self, device):
out_session = MegolmOutboundSession()
plaintext = {
'content': {
"test": "test"
},
'type': 'm.text',
}
ciphertext = out_session.encrypt(json.dumps(plaintext))
content = {
'ciphertext': ciphertext,
'session_id': out_session.id,
'sender_key': self.alice_curve_key,
'algorithm': 'm.megolm.v1.aes-sha2',
'device_id': self.alice_device_id,
}
event = {
'sender': self.alice,
'room_id': self.room_id,
'content': content,
'type': 'm.room.encrypted',
'origin_server_ts': 1,
'event_id': 1
}
with pytest.raises(UnableToDecryptError):
device.megolm_decrypt_event(event)
session_key = out_session.session_key
in_session = MegolmInboundSession(session_key, self.alice_ed_key)
sessions = device.megolm_inbound_sessions[self.room_id]
sessions[self.alice_curve_key][in_session.id] = in_session
# Unknown message index
with pytest.raises(RuntimeError):
device.megolm_decrypt_event(event)
ciphertext = out_session.encrypt(json.dumps(plaintext))
event['content']['ciphertext'] = ciphertext
device.megolm_decrypt_event(event)
assert event['content'] == plaintext['content']
# No replay attack
event['content'] = content
device.megolm_decrypt_event(event)
assert event['content'] == plaintext['content']
# Replay attack
event['content'] = content
event['event_id'] = 2
with pytest.raises(RuntimeError):
device.megolm_decrypt_event(event)
event['event_id'] = 1
# Device verification
device.device_keys[self.alice][
self.alice_device_id] = self.alice_device
event['content'] = content
# Unverified
device.megolm_decrypt_event(event)
assert event['content'] == plaintext['content']
assert isinstance(event, dict)
event['content'] = content
# Verified
self.alice_device.verified = True
decrypted_event = device.megolm_decrypt_event(event)
assert decrypted_event['content'] == plaintext['content']
assert isinstance(decrypted_event, VerifiedEvent)
in_session = MegolmInboundSession(session_key, self.alice_curve_key)
sessions = device.megolm_inbound_sessions[self.room_id]
sessions[self.alice_curve_key][in_session.id] = in_session
# Wrong signing key
with pytest.raises(RuntimeError):
device.megolm_decrypt_event(event)
self.alice_device.verified = False
event['content']['algorithm'] = 'wrong'
with pytest.raises(RuntimeError):
device.megolm_decrypt_event(event)
event['content'].pop('algorithm')
event['type'] = 'encrypted'
device.megolm_decrypt_event(event)
assert event['type'] == 'encrypted'