def test_sealed_sender_happy(): alice_device_id = 2 bob_device_id = 3 alice_e164 = "alice_e164" bob_e164 = "bob_e164" alice_uuid = "alice_uuid" bob_uuid = "bob_uuid" alice_identity_key_pair = IdentityKeyPair.generate() alice_registration_id = 1 alice_store = InMemSignalProtocolStore( alice_identity_key_pair, alice_registration_id ) alice_pubkey = alice_identity_key_pair.public_key() bob_identity_key_pair = IdentityKeyPair.generate() bob_registration_id = 2 bob_store = InMemSignalProtocolStore(bob_identity_key_pair, bob_registration_id) bob_uuid_address = ProtocolAddress(bob_uuid, bob_device_id) bob_pre_key_bundle = create_pre_key_bundle(bob_store) process_prekey_bundle( bob_uuid_address, alice_store, bob_pre_key_bundle, ) trust_root = KeyPair.generate() server_key = KeyPair.generate() server_cert = ServerCertificate( 1, server_key.public_key(), trust_root.private_key() ) expiration = 1234567 sender_cert = SenderCertificate( alice_uuid, alice_e164, alice_pubkey, alice_device_id, expiration, server_cert, server_key.private_key(), ) alice_plaintext = b"teehee" alice_ciphertext = sealed_sender_encrypt( bob_uuid_address, sender_cert, alice_plaintext, alice_store ) bob_plaintext = sealed_sender_decrypt( alice_ciphertext, trust_root.public_key(), expiration - 1, bob_e164, bob_uuid, bob_device_id, bob_store, ) assert bob_plaintext.message() == alice_plaintext assert bob_plaintext.sender_uuid() == alice_uuid assert bob_plaintext.sender_e164() == alice_e164 assert bob_plaintext.device_id() == alice_device_id
def test_sealed_sender_invalid_trust_root(): alice_device_id = 2 bob_device_id = 3 alice_e164 = "alice_e164" bob_e164 = "bob_e164" alice_uuid = "alice_uuid" bob_uuid = "bob_uuid" alice_identity_key_pair = IdentityKeyPair.generate() alice_registration_id = 1 alice_store = InMemSignalProtocolStore( alice_identity_key_pair, alice_registration_id ) alice_pubkey = alice_identity_key_pair.public_key() bob_identity_key_pair = IdentityKeyPair.generate() bob_registration_id = 2 bob_store = InMemSignalProtocolStore(bob_identity_key_pair, bob_registration_id) bob_uuid_address = ProtocolAddress(bob_uuid, bob_device_id) bob_pre_key_bundle = create_pre_key_bundle(bob_store) process_prekey_bundle( bob_uuid_address, alice_store, bob_pre_key_bundle, ) trust_root = KeyPair.generate() server_key = KeyPair.generate() server_cert = ServerCertificate( 1, server_key.public_key(), trust_root.private_key() ) expiration = 1234567 sender_cert = SenderCertificate( alice_uuid, alice_e164, alice_pubkey, alice_device_id, expiration, server_cert, server_key.private_key(), ) alice_plaintext = b"teehee" alice_ciphertext = sealed_sender_encrypt( bob_uuid_address, sender_cert, alice_plaintext, alice_store ) invalid_trust_root = KeyPair.generate() with pytest.raises(SignalProtocolException, match="invalid sealed sender"): sealed_sender_decrypt( alice_ciphertext, invalid_trust_root.public_key(), expiration + 1, bob_e164, bob_uuid, bob_device_id, bob_store, )
def test_simultaneous_initiate_lost_message_repeated_messages(): alice_address = address.ProtocolAddress("+14151111111", 1) bob_address = address.ProtocolAddress("+14151111112", 1) alice_identity_key_pair = identity_key.IdentityKeyPair.generate() bob_identity_key_pair = identity_key.IdentityKeyPair.generate() alice_registration_id = 1 # TODO: generate these bob_registration_id = 2 alice_store = storage.InMemSignalProtocolStore(alice_identity_key_pair, alice_registration_id) bob_store = storage.InMemSignalProtocolStore(bob_identity_key_pair, bob_registration_id) bob_pre_key_bundle = create_pre_key_bundle(bob_store) session.process_prekey_bundle( bob_address, alice_store, bob_pre_key_bundle, ) lost_message_for_bob = session_cipher.message_encrypt( alice_store, bob_address, b"it was so long ago") for _ in range(15): alice_pre_key_bundle = create_pre_key_bundle(alice_store) bob_pre_key_bundle = create_pre_key_bundle(bob_store) session.process_prekey_bundle( bob_address, alice_store, bob_pre_key_bundle, ) session.process_prekey_bundle( alice_address, bob_store, alice_pre_key_bundle, ) message_for_bob = session_cipher.message_encrypt( alice_store, bob_address, b"hi bob") message_for_alice = session_cipher.message_encrypt( bob_store, alice_address, b"hi alice") assert message_for_bob.message_type( ) == 3 # 3 == CiphertextMessageType::PreKey assert (message_for_alice.message_type() == 3 ) # 3 == CiphertextMessageType::PreKey assert not is_session_id_equal(alice_store, alice_address, bob_store, bob_address) alice_plaintext = session_cipher.message_decrypt( alice_store, bob_address, protocol.PreKeySignalMessage.try_from( message_for_alice.serialize()), ) assert alice_plaintext == b"hi alice" bob_plaintext = session_cipher.message_decrypt( bob_store, alice_address, protocol.PreKeySignalMessage.try_from(message_for_bob.serialize()), ) assert bob_plaintext == b"hi bob" assert alice_store.load_session(bob_address).session_version() == 3 assert bob_store.load_session(alice_address).session_version() == 3 assert not is_session_id_equal(alice_store, alice_address, bob_store, bob_address) for _ in range(50): message_for_bob = session_cipher.message_encrypt( alice_store, bob_address, b"hi bob") message_for_alice = session_cipher.message_encrypt( bob_store, alice_address, b"hi alice") assert (message_for_bob.message_type() == 2 ) # 2 == CiphertextMessageType::Whisper assert (message_for_alice.message_type() == 2 ) # 2 == CiphertextMessageType::Whisper assert not is_session_id_equal(alice_store, alice_address, bob_store, bob_address) alice_plaintext = session_cipher.message_decrypt( alice_store, bob_address, protocol.SignalMessage.try_from(message_for_alice.serialize()), ) assert alice_plaintext == b"hi alice" bob_plaintext = session_cipher.message_decrypt( bob_store, alice_address, protocol.SignalMessage.try_from(message_for_bob.serialize()), ) assert bob_plaintext == b"hi bob" assert alice_store.load_session(bob_address).session_version() == 3 assert bob_store.load_session(alice_address).session_version() == 3 assert not is_session_id_equal(alice_store, alice_address, bob_store, bob_address) alice_response = session_cipher.message_encrypt(alice_store, bob_address, b"nice to see you") assert alice_response.message_type( ) == 2 # 2 == CiphertextMessageType::Whisper assert not is_session_id_equal(alice_store, alice_address, bob_store, bob_address) bob_response = session_cipher.message_encrypt(bob_store, alice_address, b"you as well") assert bob_response.message_type( ) == 2 # CiphertextMessageType::Whisper => 2 response_plaintext = session_cipher.message_decrypt( alice_store, bob_address, protocol.SignalMessage.try_from(bob_response.serialize()), ) assert response_plaintext == b"you as well" assert is_session_id_equal(alice_store, alice_address, bob_store, bob_address) blast_from_the_past = session_cipher.message_decrypt( bob_store, alice_address, protocol.PreKeySignalMessage.try_from( lost_message_for_bob.serialize()), ) assert blast_from_the_past == b"it was so long ago" assert not is_session_id_equal(alice_store, alice_address, bob_store, bob_address) bob_response = session_cipher.message_encrypt(bob_store, alice_address, b"so it was") assert bob_response.message_type( ) == 2 # CiphertextMessageType::Whisper => 2 response_plaintext = session_cipher.message_decrypt( alice_store, bob_address, protocol.SignalMessage.try_from(bob_response.serialize()), ) assert response_plaintext == b"so it was" assert is_session_id_equal(alice_store, alice_address, bob_store, bob_address)