예제 #1
0
def test_sealed_sender_happy():
    alice_device_id = 2
    bob_device_id = 3

    alice_e164 = "alice_e164"
    bob_e164 = "bob_e164"
    alice_uuid = "alice_uuid"
    bob_uuid = "bob_uuid"

    alice_identity_key_pair = IdentityKeyPair.generate()
    alice_registration_id = 1
    alice_store = InMemSignalProtocolStore(
        alice_identity_key_pair, alice_registration_id
    )
    alice_pubkey = alice_identity_key_pair.public_key()

    bob_identity_key_pair = IdentityKeyPair.generate()
    bob_registration_id = 2
    bob_store = InMemSignalProtocolStore(bob_identity_key_pair, bob_registration_id)
    bob_uuid_address = ProtocolAddress(bob_uuid, bob_device_id)

    bob_pre_key_bundle = create_pre_key_bundle(bob_store)

    process_prekey_bundle(
        bob_uuid_address,
        alice_store,
        bob_pre_key_bundle,
    )

    trust_root = KeyPair.generate()
    server_key = KeyPair.generate()
    server_cert = ServerCertificate(
        1, server_key.public_key(), trust_root.private_key()
    )

    expiration = 1234567
    sender_cert = SenderCertificate(
        alice_uuid,
        alice_e164,
        alice_pubkey,
        alice_device_id,
        expiration,
        server_cert,
        server_key.private_key(),
    )

    alice_plaintext = b"teehee"
    alice_ciphertext = sealed_sender_encrypt(
        bob_uuid_address, sender_cert, alice_plaintext, alice_store
    )

    bob_plaintext = sealed_sender_decrypt(
        alice_ciphertext,
        trust_root.public_key(),
        expiration - 1,
        bob_e164,
        bob_uuid,
        bob_device_id,
        bob_store,
    )

    assert bob_plaintext.message() == alice_plaintext
    assert bob_plaintext.sender_uuid() == alice_uuid
    assert bob_plaintext.sender_e164() == alice_e164
    assert bob_plaintext.device_id() == alice_device_id
예제 #2
0
def test_sealed_sender_invalid_trust_root():
    alice_device_id = 2
    bob_device_id = 3

    alice_e164 = "alice_e164"
    bob_e164 = "bob_e164"
    alice_uuid = "alice_uuid"
    bob_uuid = "bob_uuid"

    alice_identity_key_pair = IdentityKeyPair.generate()
    alice_registration_id = 1
    alice_store = InMemSignalProtocolStore(
        alice_identity_key_pair, alice_registration_id
    )
    alice_pubkey = alice_identity_key_pair.public_key()

    bob_identity_key_pair = IdentityKeyPair.generate()
    bob_registration_id = 2
    bob_store = InMemSignalProtocolStore(bob_identity_key_pair, bob_registration_id)
    bob_uuid_address = ProtocolAddress(bob_uuid, bob_device_id)

    bob_pre_key_bundle = create_pre_key_bundle(bob_store)

    process_prekey_bundle(
        bob_uuid_address,
        alice_store,
        bob_pre_key_bundle,
    )

    trust_root = KeyPair.generate()
    server_key = KeyPair.generate()
    server_cert = ServerCertificate(
        1, server_key.public_key(), trust_root.private_key()
    )

    expiration = 1234567
    sender_cert = SenderCertificate(
        alice_uuid,
        alice_e164,
        alice_pubkey,
        alice_device_id,
        expiration,
        server_cert,
        server_key.private_key(),
    )

    alice_plaintext = b"teehee"
    alice_ciphertext = sealed_sender_encrypt(
        bob_uuid_address, sender_cert, alice_plaintext, alice_store
    )

    invalid_trust_root = KeyPair.generate()

    with pytest.raises(SignalProtocolException, match="invalid sealed sender"):
        sealed_sender_decrypt(
            alice_ciphertext,
            invalid_trust_root.public_key(),
            expiration + 1,
            bob_e164,
            bob_uuid,
            bob_device_id,
            bob_store,
        )
예제 #3
0
def test_simultaneous_initiate_lost_message_repeated_messages():
    alice_address = address.ProtocolAddress("+14151111111", 1)
    bob_address = address.ProtocolAddress("+14151111112", 1)

    alice_identity_key_pair = identity_key.IdentityKeyPair.generate()
    bob_identity_key_pair = identity_key.IdentityKeyPair.generate()
    alice_registration_id = 1  # TODO: generate these
    bob_registration_id = 2
    alice_store = storage.InMemSignalProtocolStore(alice_identity_key_pair,
                                                   alice_registration_id)
    bob_store = storage.InMemSignalProtocolStore(bob_identity_key_pair,
                                                 bob_registration_id)

    bob_pre_key_bundle = create_pre_key_bundle(bob_store)

    session.process_prekey_bundle(
        bob_address,
        alice_store,
        bob_pre_key_bundle,
    )

    lost_message_for_bob = session_cipher.message_encrypt(
        alice_store, bob_address, b"it was so long ago")

    for _ in range(15):
        alice_pre_key_bundle = create_pre_key_bundle(alice_store)
        bob_pre_key_bundle = create_pre_key_bundle(bob_store)

        session.process_prekey_bundle(
            bob_address,
            alice_store,
            bob_pre_key_bundle,
        )
        session.process_prekey_bundle(
            alice_address,
            bob_store,
            alice_pre_key_bundle,
        )

        message_for_bob = session_cipher.message_encrypt(
            alice_store, bob_address, b"hi bob")
        message_for_alice = session_cipher.message_encrypt(
            bob_store, alice_address, b"hi alice")

        assert message_for_bob.message_type(
        ) == 3  # 3 == CiphertextMessageType::PreKey
        assert (message_for_alice.message_type() == 3
                )  # 3 == CiphertextMessageType::PreKey

        assert not is_session_id_equal(alice_store, alice_address, bob_store,
                                       bob_address)

        alice_plaintext = session_cipher.message_decrypt(
            alice_store,
            bob_address,
            protocol.PreKeySignalMessage.try_from(
                message_for_alice.serialize()),
        )
        assert alice_plaintext == b"hi alice"

        bob_plaintext = session_cipher.message_decrypt(
            bob_store,
            alice_address,
            protocol.PreKeySignalMessage.try_from(message_for_bob.serialize()),
        )
        assert bob_plaintext == b"hi bob"

        assert alice_store.load_session(bob_address).session_version() == 3
        assert bob_store.load_session(alice_address).session_version() == 3

        assert not is_session_id_equal(alice_store, alice_address, bob_store,
                                       bob_address)

    for _ in range(50):
        message_for_bob = session_cipher.message_encrypt(
            alice_store, bob_address, b"hi bob")
        message_for_alice = session_cipher.message_encrypt(
            bob_store, alice_address, b"hi alice")

        assert (message_for_bob.message_type() == 2
                )  # 2 == CiphertextMessageType::Whisper
        assert (message_for_alice.message_type() == 2
                )  # 2 == CiphertextMessageType::Whisper

        assert not is_session_id_equal(alice_store, alice_address, bob_store,
                                       bob_address)

        alice_plaintext = session_cipher.message_decrypt(
            alice_store,
            bob_address,
            protocol.SignalMessage.try_from(message_for_alice.serialize()),
        )
        assert alice_plaintext == b"hi alice"

        bob_plaintext = session_cipher.message_decrypt(
            bob_store,
            alice_address,
            protocol.SignalMessage.try_from(message_for_bob.serialize()),
        )
        assert bob_plaintext == b"hi bob"

        assert alice_store.load_session(bob_address).session_version() == 3
        assert bob_store.load_session(alice_address).session_version() == 3

        assert not is_session_id_equal(alice_store, alice_address, bob_store,
                                       bob_address)

    alice_response = session_cipher.message_encrypt(alice_store, bob_address,
                                                    b"nice to see you")

    assert alice_response.message_type(
    ) == 2  # 2 == CiphertextMessageType::Whisper

    assert not is_session_id_equal(alice_store, alice_address, bob_store,
                                   bob_address)

    bob_response = session_cipher.message_encrypt(bob_store, alice_address,
                                                  b"you as well")
    assert bob_response.message_type(
    ) == 2  # CiphertextMessageType::Whisper => 2

    response_plaintext = session_cipher.message_decrypt(
        alice_store,
        bob_address,
        protocol.SignalMessage.try_from(bob_response.serialize()),
    )
    assert response_plaintext == b"you as well"
    assert is_session_id_equal(alice_store, alice_address, bob_store,
                               bob_address)

    blast_from_the_past = session_cipher.message_decrypt(
        bob_store,
        alice_address,
        protocol.PreKeySignalMessage.try_from(
            lost_message_for_bob.serialize()),
    )
    assert blast_from_the_past == b"it was so long ago"

    assert not is_session_id_equal(alice_store, alice_address, bob_store,
                                   bob_address)

    bob_response = session_cipher.message_encrypt(bob_store, alice_address,
                                                  b"so it was")
    assert bob_response.message_type(
    ) == 2  # CiphertextMessageType::Whisper => 2

    response_plaintext = session_cipher.message_decrypt(
        alice_store,
        bob_address,
        protocol.SignalMessage.try_from(bob_response.serialize()),
    )
    assert response_plaintext == b"so it was"
    assert is_session_id_equal(alice_store, alice_address, bob_store,
                               bob_address)