2019-02-21 13:04:01 -05:00
|
|
|
#include <sys/time.h>
|
2019-03-01 12:41:20 -05:00
|
|
|
#include <sys/stat.h>
|
2019-02-21 13:04:01 -05:00
|
|
|
|
2019-03-01 12:41:20 -05:00
|
|
|
#include <errno.h>
|
2019-02-21 13:04:01 -05:00
|
|
|
#include <glib.h>
|
2019-02-19 12:58:40 -05:00
|
|
|
#include <pthread.h>
|
2019-02-21 13:04:01 -05:00
|
|
|
#include <signal/key_helper.h>
|
2019-02-26 13:53:06 -05:00
|
|
|
#include <signal/protocol.h>
|
2019-02-18 23:44:47 -05:00
|
|
|
#include <signal/signal_protocol.h>
|
2019-02-25 11:27:11 -05:00
|
|
|
#include <signal/session_builder.h>
|
2019-02-26 13:53:06 -05:00
|
|
|
#include <signal/session_cipher.h>
|
2019-03-06 12:17:11 -05:00
|
|
|
#include <gcrypt.h>
|
2019-02-18 23:44:47 -05:00
|
|
|
|
|
|
|
#include "config/account.h"
|
2019-02-21 13:04:01 -05:00
|
|
|
#include "log.h"
|
2019-02-25 11:27:11 -05:00
|
|
|
#include "omemo/store.h"
|
2019-02-19 12:38:15 -05:00
|
|
|
#include "omemo/crypto.h"
|
2019-02-21 13:04:01 -05:00
|
|
|
#include "omemo/omemo.h"
|
|
|
|
#include "ui/ui.h"
|
2019-02-22 13:17:26 -05:00
|
|
|
#include "xmpp/xmpp.h"
|
|
|
|
#include "xmpp/connection.h"
|
2019-02-21 13:04:01 -05:00
|
|
|
#include "xmpp/omemo.h"
|
2019-03-01 12:41:20 -05:00
|
|
|
#include "config/files.h"
|
2019-02-21 13:04:01 -05:00
|
|
|
|
|
|
|
static gboolean loaded;
|
2019-02-18 23:44:47 -05:00
|
|
|
|
2019-03-01 12:41:20 -05:00
|
|
|
static void omemo_generate_short_term_crypto_materials(ProfAccount *account);
|
2019-02-19 12:58:40 -05:00
|
|
|
static void lock(void *user_data);
|
|
|
|
static void unlock(void *user_data);
|
2019-02-26 13:53:06 -05:00
|
|
|
static void omemo_log(int level, const char *message, size_t len, void *user_data);
|
2019-03-04 00:58:32 -05:00
|
|
|
static gboolean handle_own_device_list(const char *const jid, GList *device_list);
|
|
|
|
static gboolean handle_device_list_start_session(const char *const jid, GList *device_list);
|
|
|
|
|
|
|
|
typedef gboolean (*OmemoDeviceListHandler)(const char *const jid, GList *device_list);
|
2019-02-19 12:58:40 -05:00
|
|
|
|
|
|
|
struct omemo_context_t {
|
|
|
|
pthread_mutexattr_t attr;
|
|
|
|
pthread_mutex_t lock;
|
2019-02-21 13:04:01 -05:00
|
|
|
signal_context *signal;
|
|
|
|
uint32_t device_id;
|
2019-02-22 13:17:26 -05:00
|
|
|
GHashTable *device_list;
|
2019-03-04 00:58:32 -05:00
|
|
|
GHashTable *device_list_handler;
|
2019-02-21 13:04:01 -05:00
|
|
|
ratchet_identity_key_pair *identity_key_pair;
|
|
|
|
uint32_t registration_id;
|
2019-03-05 13:21:15 -05:00
|
|
|
uint32_t signed_pre_key_id;
|
2019-02-25 11:27:11 -05:00
|
|
|
signal_protocol_store_context *store;
|
|
|
|
GHashTable *session_store;
|
|
|
|
GHashTable *pre_key_store;
|
|
|
|
GHashTable *signed_pre_key_store;
|
|
|
|
identity_key_store_t identity_key_store;
|
2019-02-26 13:53:06 -05:00
|
|
|
GHashTable *device_ids;
|
2019-03-01 12:41:20 -05:00
|
|
|
GString *identity_filename;
|
|
|
|
GKeyFile *identity_keyfile;
|
2019-02-19 12:58:40 -05:00
|
|
|
};
|
|
|
|
|
2019-02-21 13:04:01 -05:00
|
|
|
static omemo_context omemo_ctx;
|
|
|
|
|
2019-02-18 23:44:47 -05:00
|
|
|
void
|
2019-02-19 13:23:50 -05:00
|
|
|
omemo_init(void)
|
2019-02-18 23:44:47 -05:00
|
|
|
{
|
2019-02-19 13:23:50 -05:00
|
|
|
log_info("Initialising OMEMO");
|
2019-02-19 12:38:15 -05:00
|
|
|
signal_crypto_provider crypto_provider = {
|
|
|
|
.random_func = omemo_random_func,
|
|
|
|
.hmac_sha256_init_func = omemo_hmac_sha256_init_func,
|
|
|
|
.hmac_sha256_update_func = omemo_hmac_sha256_update_func,
|
|
|
|
.hmac_sha256_final_func = omemo_hmac_sha256_final_func,
|
|
|
|
.hmac_sha256_cleanup_func = omemo_hmac_sha256_cleanup_func,
|
|
|
|
.sha512_digest_init_func = omemo_sha512_digest_init_func,
|
|
|
|
.sha512_digest_update_func = omemo_sha512_digest_update_func,
|
|
|
|
.sha512_digest_final_func = omemo_sha512_digest_final_func,
|
|
|
|
.sha512_digest_cleanup_func = omemo_sha512_digest_cleanup_func,
|
|
|
|
.encrypt_func = omemo_encrypt_func,
|
|
|
|
.decrypt_func = omemo_decrypt_func,
|
|
|
|
.user_data = NULL
|
|
|
|
};
|
|
|
|
|
|
|
|
if (omemo_crypto_init() != 0) {
|
2019-02-19 13:23:50 -05:00
|
|
|
cons_show("Error initializing OMEMO crypto");
|
2019-02-19 12:38:15 -05:00
|
|
|
}
|
|
|
|
|
2019-02-21 13:04:01 -05:00
|
|
|
pthread_mutexattr_init(&omemo_ctx.attr);
|
|
|
|
pthread_mutexattr_settype(&omemo_ctx.attr, PTHREAD_MUTEX_RECURSIVE);
|
|
|
|
pthread_mutex_init(&omemo_ctx.lock, &omemo_ctx.attr);
|
2019-02-19 12:58:40 -05:00
|
|
|
|
2019-02-21 13:04:01 -05:00
|
|
|
if (signal_context_create(&omemo_ctx.signal, &omemo_ctx) != 0) {
|
2019-02-19 13:23:50 -05:00
|
|
|
cons_show("Error initializing OMEMO context");
|
2019-02-19 12:38:15 -05:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2019-02-26 13:53:06 -05:00
|
|
|
if (signal_context_set_log_function(omemo_ctx.signal, omemo_log) != 0) {
|
|
|
|
cons_show("Error initializing OMEMO log");
|
|
|
|
}
|
|
|
|
|
2019-02-21 13:04:01 -05:00
|
|
|
if (signal_context_set_crypto_provider(omemo_ctx.signal, &crypto_provider) != 0) {
|
2019-02-19 13:23:50 -05:00
|
|
|
cons_show("Error initializing OMEMO crypto");
|
2019-02-19 12:38:15 -05:00
|
|
|
return;
|
|
|
|
}
|
2019-02-19 12:58:40 -05:00
|
|
|
|
2019-02-21 13:04:01 -05:00
|
|
|
signal_context_set_locking_functions(omemo_ctx.signal, lock, unlock);
|
|
|
|
|
2019-02-25 11:27:11 -05:00
|
|
|
signal_protocol_store_context_create(&omemo_ctx.store, omemo_ctx.signal);
|
|
|
|
|
|
|
|
omemo_ctx.session_store = session_store_new();
|
|
|
|
signal_protocol_session_store session_store = {
|
|
|
|
.load_session_func = load_session,
|
|
|
|
.get_sub_device_sessions_func = get_sub_device_sessions,
|
|
|
|
.store_session_func = store_session,
|
|
|
|
.contains_session_func = contains_session,
|
|
|
|
.delete_session_func = delete_session,
|
|
|
|
.delete_all_sessions_func = delete_all_sessions,
|
|
|
|
.destroy_func = NULL,
|
|
|
|
.user_data = omemo_ctx.session_store
|
|
|
|
};
|
|
|
|
signal_protocol_store_context_set_session_store(omemo_ctx.store, &session_store);
|
|
|
|
|
|
|
|
omemo_ctx.pre_key_store = pre_key_store_new();
|
|
|
|
signal_protocol_pre_key_store pre_key_store = {
|
|
|
|
.load_pre_key = load_pre_key,
|
|
|
|
.store_pre_key = store_pre_key,
|
|
|
|
.contains_pre_key = contains_pre_key,
|
|
|
|
.remove_pre_key = remove_pre_key,
|
|
|
|
.destroy_func = NULL,
|
|
|
|
.user_data = omemo_ctx.pre_key_store
|
|
|
|
};
|
|
|
|
signal_protocol_store_context_set_pre_key_store(omemo_ctx.store, &pre_key_store);
|
|
|
|
|
|
|
|
omemo_ctx.signed_pre_key_store = signed_pre_key_store_new();
|
|
|
|
signal_protocol_signed_pre_key_store signed_pre_key_store = {
|
|
|
|
.load_signed_pre_key = load_signed_pre_key,
|
|
|
|
.store_signed_pre_key = store_signed_pre_key,
|
|
|
|
.contains_signed_pre_key = contains_signed_pre_key,
|
|
|
|
.remove_signed_pre_key = remove_signed_pre_key,
|
|
|
|
.destroy_func = NULL,
|
2019-03-05 13:21:15 -05:00
|
|
|
.user_data = omemo_ctx.signed_pre_key_store
|
2019-02-25 11:27:11 -05:00
|
|
|
};
|
|
|
|
signal_protocol_store_context_set_signed_pre_key_store(omemo_ctx.store, &signed_pre_key_store);
|
|
|
|
|
|
|
|
identity_key_store_new(&omemo_ctx.identity_key_store);
|
|
|
|
signal_protocol_identity_key_store identity_key_store = {
|
|
|
|
.get_identity_key_pair = get_identity_key_pair,
|
|
|
|
.get_local_registration_id = get_local_registration_id,
|
|
|
|
.save_identity = save_identity,
|
|
|
|
.is_trusted_identity = is_trusted_identity,
|
2019-02-26 13:53:06 -05:00
|
|
|
.destroy_func = NULL,
|
|
|
|
.user_data = &omemo_ctx.identity_key_store
|
2019-02-25 11:27:11 -05:00
|
|
|
};
|
|
|
|
signal_protocol_store_context_set_identity_key_store(omemo_ctx.store, &identity_key_store);
|
|
|
|
|
|
|
|
|
2019-02-21 13:04:01 -05:00
|
|
|
loaded = FALSE;
|
2019-02-22 13:17:26 -05:00
|
|
|
omemo_ctx.device_list = g_hash_table_new_full(g_str_hash, g_str_equal, free, (GDestroyNotify)g_list_free);
|
2019-03-04 00:58:32 -05:00
|
|
|
omemo_ctx.device_list_handler = g_hash_table_new_full(g_str_hash, g_str_equal, free, NULL);
|
2019-02-19 12:58:40 -05:00
|
|
|
}
|
|
|
|
|
2019-02-19 13:23:50 -05:00
|
|
|
void
|
2019-03-01 12:41:20 -05:00
|
|
|
omemo_on_connect(ProfAccount *account)
|
2019-02-19 13:23:50 -05:00
|
|
|
{
|
2019-02-22 13:17:26 -05:00
|
|
|
xmpp_ctx_t * const ctx = connection_get_ctx();
|
|
|
|
char *barejid = xmpp_jid_bare(ctx, session_get_account_name());
|
2019-03-01 12:41:20 -05:00
|
|
|
char *omemodir = files_get_data_path(DIR_OMEMO);
|
|
|
|
GString *basedir = g_string_new(omemodir);
|
|
|
|
free(omemodir);
|
|
|
|
gchar *account_dir = str_replace(barejid, "@", "_at_");
|
|
|
|
g_string_append(basedir, "/");
|
|
|
|
g_string_append(basedir, account_dir);
|
|
|
|
g_string_append(basedir, "/");
|
|
|
|
free(account_dir);
|
|
|
|
|
|
|
|
omemo_ctx.identity_filename = g_string_new(basedir->str);
|
|
|
|
g_string_append(omemo_ctx.identity_filename, "identity.txt");
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
int res = g_mkdir_with_parents(basedir->str, S_IRWXU);
|
|
|
|
if (res == -1) {
|
|
|
|
char *errmsg = strerror(errno);
|
|
|
|
if (errmsg) {
|
|
|
|
log_error("Error creating directory: %s, %s", omemo_ctx.identity_filename->str, errmsg);
|
|
|
|
} else {
|
|
|
|
log_error("Error creating directory: %s", omemo_ctx.identity_filename->str);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
omemo_ctx.identity_keyfile = g_key_file_new();
|
|
|
|
if (g_key_file_load_from_file(omemo_ctx.identity_keyfile, omemo_ctx.identity_filename->str, G_KEY_FILE_KEEP_COMMENTS, NULL)) {
|
|
|
|
omemo_ctx.device_id = g_key_file_get_uint64(omemo_ctx.identity_keyfile, OMEMO_STORE_GROUP_IDENTITY, OMEMO_STORE_KEY_DEVICE_ID, NULL);
|
|
|
|
omemo_ctx.registration_id = g_key_file_get_uint64(omemo_ctx.identity_keyfile, OMEMO_STORE_GROUP_IDENTITY, OMEMO_STORE_KEY_REGISTRATION_ID, NULL);
|
|
|
|
|
|
|
|
char *identity_key_public_b64 = g_key_file_get_string(omemo_ctx.identity_keyfile, OMEMO_STORE_GROUP_IDENTITY, OMEMO_STORE_KEY_IDENTITY_KEY_PUBLIC, NULL);
|
|
|
|
size_t identity_key_public_len;
|
|
|
|
unsigned char *identity_key_public = g_base64_decode(identity_key_public_b64, &identity_key_public_len);
|
|
|
|
omemo_ctx.identity_key_store.public = signal_buffer_create(identity_key_public, identity_key_public_len);
|
|
|
|
|
|
|
|
char *identity_key_private_b64 = g_key_file_get_string(omemo_ctx.identity_keyfile, OMEMO_STORE_GROUP_IDENTITY, OMEMO_STORE_KEY_IDENTITY_KEY_PRIVATE, NULL);
|
|
|
|
size_t identity_key_private_len;
|
|
|
|
unsigned char *identity_key_private = g_base64_decode(identity_key_private_b64, &identity_key_private_len);
|
|
|
|
omemo_ctx.identity_key_store.private = signal_buffer_create(identity_key_private, identity_key_private_len);
|
|
|
|
signal_buffer_create(identity_key_private, identity_key_private_len);
|
|
|
|
|
|
|
|
ec_public_key *public_key;
|
|
|
|
curve_decode_point(&public_key, identity_key_public, identity_key_public_len, omemo_ctx.signal);
|
|
|
|
ec_private_key *private_key;
|
|
|
|
curve_decode_private_point(&private_key, identity_key_private, identity_key_private_len, omemo_ctx.signal);
|
|
|
|
ratchet_identity_key_pair_create(&omemo_ctx.identity_key_pair, public_key, private_key);
|
|
|
|
|
|
|
|
g_free(identity_key_public);
|
|
|
|
g_free(identity_key_private);
|
|
|
|
|
|
|
|
omemo_generate_short_term_crypto_materials(account);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
omemo_generate_crypto_materials(ProfAccount *account)
|
|
|
|
{
|
|
|
|
GError *error = NULL;
|
|
|
|
|
|
|
|
if (loaded) {
|
|
|
|
return;
|
|
|
|
}
|
2019-02-22 13:17:26 -05:00
|
|
|
|
2019-03-06 12:17:11 -05:00
|
|
|
gcry_randomize(&omemo_ctx.device_id, 4, GCRY_VERY_STRONG_RANDOM);
|
|
|
|
omemo_ctx.device_id &= 0x7fffffff;
|
2019-02-22 13:17:26 -05:00
|
|
|
|
2019-02-21 13:04:01 -05:00
|
|
|
signal_protocol_key_helper_generate_identity_key_pair(&omemo_ctx.identity_key_pair, omemo_ctx.signal);
|
|
|
|
signal_protocol_key_helper_generate_registration_id(&omemo_ctx.registration_id, 0, omemo_ctx.signal);
|
2019-03-01 12:41:20 -05:00
|
|
|
|
|
|
|
ec_public_key_serialize(&omemo_ctx.identity_key_store.public, ratchet_identity_key_pair_get_public(omemo_ctx.identity_key_pair));
|
|
|
|
ec_private_key_serialize(&omemo_ctx.identity_key_store.private, ratchet_identity_key_pair_get_private(omemo_ctx.identity_key_pair));
|
|
|
|
|
|
|
|
g_key_file_set_uint64(omemo_ctx.identity_keyfile, OMEMO_STORE_GROUP_IDENTITY, OMEMO_STORE_KEY_DEVICE_ID, omemo_ctx.device_id);
|
|
|
|
g_key_file_set_uint64(omemo_ctx.identity_keyfile, OMEMO_STORE_GROUP_IDENTITY, OMEMO_STORE_KEY_REGISTRATION_ID, omemo_ctx.registration_id);
|
|
|
|
char *identity_key_public = g_base64_encode(signal_buffer_data(omemo_ctx.identity_key_store.public), signal_buffer_len(omemo_ctx.identity_key_store.public));
|
|
|
|
g_key_file_set_string(omemo_ctx.identity_keyfile, OMEMO_STORE_GROUP_IDENTITY, OMEMO_STORE_KEY_IDENTITY_KEY_PUBLIC, identity_key_public);
|
|
|
|
g_free(identity_key_public);
|
|
|
|
char *identity_key_private = g_base64_encode(signal_buffer_data(omemo_ctx.identity_key_store.private), signal_buffer_len(omemo_ctx.identity_key_store.private));
|
|
|
|
g_key_file_set_string(omemo_ctx.identity_keyfile, OMEMO_STORE_GROUP_IDENTITY, OMEMO_STORE_KEY_IDENTITY_KEY_PRIVATE, identity_key_private);
|
|
|
|
g_free(identity_key_private);
|
|
|
|
|
|
|
|
if (!g_key_file_save_to_file(omemo_ctx.identity_keyfile, omemo_ctx.identity_filename->str, &error)) {
|
|
|
|
log_error("Error saving OMEMO identity to: %s, %s", omemo_ctx.identity_filename->str, error->message);
|
|
|
|
}
|
|
|
|
|
|
|
|
omemo_generate_short_term_crypto_materials(account);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
omemo_generate_short_term_crypto_materials(ProfAccount *account)
|
|
|
|
{
|
2019-03-06 12:17:11 -05:00
|
|
|
unsigned int start;
|
|
|
|
|
|
|
|
gcry_randomize(&start, sizeof(unsigned int), GCRY_VERY_STRONG_RANDOM);
|
2019-03-05 13:21:15 -05:00
|
|
|
signal_protocol_key_helper_pre_key_list_node *pre_keys_head;
|
2019-03-06 12:17:11 -05:00
|
|
|
signal_protocol_key_helper_generate_pre_keys(&pre_keys_head, start, 100, omemo_ctx.signal);
|
2019-02-21 13:04:01 -05:00
|
|
|
|
2019-03-05 13:21:15 -05:00
|
|
|
session_signed_pre_key *signed_pre_key;
|
2019-02-21 13:04:01 -05:00
|
|
|
struct timeval tv;
|
|
|
|
gettimeofday(&tv, NULL);
|
|
|
|
unsigned long long timestamp = (unsigned long long)(tv.tv_sec) * 1000 + (unsigned long long)(tv.tv_usec) / 1000;
|
2019-03-05 13:21:15 -05:00
|
|
|
|
|
|
|
omemo_ctx.signed_pre_key_id = 1;
|
|
|
|
signal_protocol_key_helper_generate_signed_pre_key(&signed_pre_key, omemo_ctx.identity_key_pair, omemo_ctx.signed_pre_key_id, timestamp, omemo_ctx.signal);
|
|
|
|
|
|
|
|
signal_protocol_key_helper_pre_key_list_node *p;
|
|
|
|
for (p = pre_keys_head; p != NULL; p = signal_protocol_key_helper_key_list_next(p)) {
|
|
|
|
session_pre_key *prekey = signal_protocol_key_helper_key_list_element(p);
|
|
|
|
signal_protocol_pre_key_store_key(omemo_ctx.store, prekey);
|
|
|
|
}
|
|
|
|
signal_protocol_signed_pre_key_store_key(omemo_ctx.store, signed_pre_key);
|
2019-02-21 13:04:01 -05:00
|
|
|
|
|
|
|
loaded = TRUE;
|
|
|
|
|
2019-02-24 23:59:41 -05:00
|
|
|
/* Ensure we get our current device list, and it gets updated with our
|
|
|
|
* device_id */
|
2019-03-01 12:41:20 -05:00
|
|
|
xmpp_ctx_t * const ctx = connection_get_ctx();
|
|
|
|
char *barejid = xmpp_jid_bare(ctx, session_get_account_name());
|
2019-03-04 00:58:32 -05:00
|
|
|
g_hash_table_insert(omemo_ctx.device_list_handler, strdup(barejid), handle_own_device_list);
|
2019-02-24 23:59:41 -05:00
|
|
|
omemo_devicelist_request(barejid);
|
2019-03-04 00:58:32 -05:00
|
|
|
free(barejid);
|
2019-03-01 12:41:20 -05:00
|
|
|
|
2019-02-21 13:04:01 -05:00
|
|
|
omemo_bundle_publish();
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2019-02-25 11:27:11 -05:00
|
|
|
omemo_start_session(const char *const barejid)
|
2019-02-21 13:04:01 -05:00
|
|
|
{
|
2019-03-05 13:39:46 -05:00
|
|
|
log_info("Start OMEMO session with %s", barejid);
|
2019-02-25 11:27:11 -05:00
|
|
|
GList *device_list = g_hash_table_lookup(omemo_ctx.device_list, barejid);
|
|
|
|
if (!device_list) {
|
|
|
|
omemo_devicelist_request(barejid);
|
2019-03-04 00:58:32 -05:00
|
|
|
g_hash_table_insert(omemo_ctx.device_list_handler, strdup(barejid), handle_device_list_start_session);
|
2019-02-25 11:27:11 -05:00
|
|
|
return;
|
|
|
|
}
|
2019-02-21 13:04:01 -05:00
|
|
|
|
2019-02-25 11:27:11 -05:00
|
|
|
GList *device_id;
|
|
|
|
for (device_id = device_list; device_id != NULL; device_id = device_id->next) {
|
|
|
|
omemo_bundle_request(barejid, GPOINTER_TO_INT(device_id->data), omemo_start_device_session_handle_bundle, free, strdup(barejid));
|
|
|
|
}
|
2019-02-21 13:04:01 -05:00
|
|
|
}
|
2019-02-19 13:23:50 -05:00
|
|
|
|
2019-02-21 13:04:01 -05:00
|
|
|
gboolean
|
|
|
|
omemo_loaded(void)
|
|
|
|
{
|
|
|
|
return loaded;
|
|
|
|
}
|
|
|
|
|
|
|
|
uint32_t
|
|
|
|
omemo_device_id(void)
|
|
|
|
{
|
|
|
|
return omemo_ctx.device_id;
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
omemo_identity_key(unsigned char **output, size_t *length)
|
|
|
|
{
|
|
|
|
signal_buffer *buffer = NULL;
|
|
|
|
ec_public_key_serialize(&buffer, ratchet_identity_key_pair_get_public(omemo_ctx.identity_key_pair));
|
|
|
|
*length = signal_buffer_len(buffer);
|
|
|
|
*output = malloc(*length);
|
2019-02-26 13:53:06 -05:00
|
|
|
memcpy(*output, signal_buffer_data(buffer), *length);
|
2019-02-21 13:04:01 -05:00
|
|
|
signal_buffer_free(buffer);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
omemo_signed_prekey(unsigned char **output, size_t *length)
|
|
|
|
{
|
2019-03-05 13:21:15 -05:00
|
|
|
session_signed_pre_key *signed_pre_key;
|
2019-02-21 13:04:01 -05:00
|
|
|
signal_buffer *buffer = NULL;
|
2019-03-05 13:21:15 -05:00
|
|
|
|
|
|
|
signal_protocol_signed_pre_key_load_key(omemo_ctx.store, &signed_pre_key, omemo_ctx.signed_pre_key_id);
|
|
|
|
ec_public_key_serialize(&buffer, ec_key_pair_get_public(session_signed_pre_key_get_key_pair(signed_pre_key)));
|
2019-02-21 13:04:01 -05:00
|
|
|
*length = signal_buffer_len(buffer);
|
|
|
|
*output = malloc(*length);
|
2019-02-26 13:53:06 -05:00
|
|
|
memcpy(*output, signal_buffer_data(buffer), *length);
|
2019-02-21 13:04:01 -05:00
|
|
|
signal_buffer_free(buffer);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
omemo_signed_prekey_signature(unsigned char **output, size_t *length)
|
|
|
|
{
|
2019-03-05 13:21:15 -05:00
|
|
|
session_signed_pre_key *signed_pre_key;
|
|
|
|
|
|
|
|
signal_protocol_signed_pre_key_load_key(omemo_ctx.store, &signed_pre_key, omemo_ctx.signed_pre_key_id);
|
|
|
|
*length = session_signed_pre_key_get_signature_len(signed_pre_key);
|
2019-02-21 13:04:01 -05:00
|
|
|
*output = malloc(*length);
|
2019-03-05 13:21:15 -05:00
|
|
|
memcpy(*output, session_signed_pre_key_get_signature(signed_pre_key), *length);
|
2019-02-21 13:04:01 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2019-02-25 11:27:11 -05:00
|
|
|
omemo_prekeys(GList **prekeys, GList **ids, GList **lengths)
|
2019-02-21 13:04:01 -05:00
|
|
|
{
|
2019-03-05 13:21:15 -05:00
|
|
|
GHashTableIter iter;
|
|
|
|
gpointer id;
|
|
|
|
|
|
|
|
g_hash_table_iter_init(&iter, omemo_ctx.pre_key_store);
|
|
|
|
while (g_hash_table_iter_next(&iter, &id, NULL)) {
|
|
|
|
session_pre_key *pre_key;
|
|
|
|
int ret;
|
|
|
|
ret = signal_protocol_pre_key_load_key(omemo_ctx.store, &pre_key, GPOINTER_TO_INT(id));
|
|
|
|
if (ret != SG_SUCCESS) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
signal_buffer *public_key;
|
|
|
|
ec_public_key_serialize(&public_key, ec_key_pair_get_public(session_pre_key_get_key_pair(pre_key)));
|
|
|
|
size_t length = signal_buffer_len(public_key);
|
2019-02-21 13:04:01 -05:00
|
|
|
unsigned char *prekey_value = malloc(length);
|
2019-03-05 13:21:15 -05:00
|
|
|
memcpy(prekey_value, signal_buffer_data(public_key), length);
|
2019-02-21 13:04:01 -05:00
|
|
|
*prekeys = g_list_append(*prekeys, prekey_value);
|
2019-03-05 13:21:15 -05:00
|
|
|
*ids = g_list_append(*ids, GINT_TO_POINTER(id));
|
2019-02-21 13:04:01 -05:00
|
|
|
*lengths = g_list_append(*lengths, GINT_TO_POINTER(length));
|
|
|
|
}
|
2019-02-19 13:23:50 -05:00
|
|
|
}
|
|
|
|
|
2019-02-22 13:17:26 -05:00
|
|
|
void
|
2019-02-24 23:24:03 -05:00
|
|
|
omemo_set_device_list(const char *const jid, GList * device_list)
|
2019-02-22 13:17:26 -05:00
|
|
|
{
|
2019-02-24 23:24:03 -05:00
|
|
|
xmpp_ctx_t * const ctx = connection_get_ctx();
|
2019-03-04 00:58:32 -05:00
|
|
|
char *barejid = xmpp_jid_bare(ctx, jid);
|
2019-02-24 23:24:03 -05:00
|
|
|
|
2019-03-04 00:58:32 -05:00
|
|
|
g_hash_table_insert(omemo_ctx.device_list, strdup(barejid), device_list);
|
2019-03-05 13:21:15 -05:00
|
|
|
if (strchr(barejid, '@') == NULL) {
|
|
|
|
// barejid is server so we should handle it as our own device list
|
|
|
|
g_hash_table_insert(omemo_ctx.device_list_handler, strdup(barejid), handle_own_device_list);
|
|
|
|
}
|
2019-03-04 00:58:32 -05:00
|
|
|
|
|
|
|
OmemoDeviceListHandler handler = g_hash_table_lookup(omemo_ctx.device_list_handler, barejid);
|
|
|
|
if (handler) {
|
|
|
|
gboolean keep = handler(barejid, device_list);
|
|
|
|
if (!keep) {
|
|
|
|
g_hash_table_remove(omemo_ctx.device_list_handler, barejid);
|
2019-02-24 23:24:03 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-03-04 00:58:32 -05:00
|
|
|
free(barejid);
|
2019-02-22 13:17:26 -05:00
|
|
|
}
|
|
|
|
|
2019-02-25 11:27:11 -05:00
|
|
|
void
|
2019-02-26 12:23:08 -05:00
|
|
|
omemo_start_device_session(const char *const jid, uint32_t device_id,
|
|
|
|
uint32_t prekey_id, const unsigned char *const prekey_raw, size_t prekey_len,
|
|
|
|
uint32_t signed_prekey_id, const unsigned char *const signed_prekey_raw,
|
|
|
|
size_t signed_prekey_len, const unsigned char *const signature,
|
|
|
|
size_t signature_len, const unsigned char *const identity_key_raw,
|
|
|
|
size_t identity_key_len)
|
2019-02-25 11:27:11 -05:00
|
|
|
{
|
2019-03-05 13:39:46 -05:00
|
|
|
log_info("Start OMEMO session with %s device %d", jid, device_id);
|
2019-02-26 12:23:08 -05:00
|
|
|
session_pre_key_bundle *bundle;
|
2019-02-26 13:53:06 -05:00
|
|
|
signal_protocol_address *address;
|
|
|
|
|
|
|
|
address = malloc(sizeof(signal_protocol_address));
|
|
|
|
address->name = strdup(jid);
|
|
|
|
address->name_len = strlen(jid);
|
|
|
|
address->device_id = device_id;
|
2019-02-25 11:27:11 -05:00
|
|
|
|
|
|
|
session_builder *builder;
|
2019-02-26 13:53:06 -05:00
|
|
|
session_builder_create(&builder, omemo_ctx.store, address, omemo_ctx.signal);
|
2019-02-26 12:23:08 -05:00
|
|
|
|
|
|
|
ec_public_key *prekey;
|
|
|
|
curve_decode_point(&prekey, prekey_raw, prekey_len, omemo_ctx.signal);
|
|
|
|
ec_public_key *signed_prekey;
|
|
|
|
curve_decode_point(&signed_prekey, signed_prekey_raw, signed_prekey_len, omemo_ctx.signal);
|
|
|
|
ec_public_key *identity_key;
|
|
|
|
curve_decode_point(&identity_key, identity_key_raw, identity_key_len, omemo_ctx.signal);
|
|
|
|
|
|
|
|
session_pre_key_bundle_create(&bundle, 0, device_id, prekey_id, prekey, signed_prekey_id, signed_prekey, signature, signature_len, identity_key);
|
|
|
|
session_builder_process_pre_key_bundle(builder, bundle);
|
2019-02-25 11:27:11 -05:00
|
|
|
}
|
|
|
|
|
2019-02-26 13:53:06 -05:00
|
|
|
gboolean
|
|
|
|
omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean request_receipt)
|
|
|
|
{
|
|
|
|
int res;
|
|
|
|
xmpp_ctx_t * const ctx = connection_get_ctx();
|
|
|
|
char *barejid = xmpp_jid_bare(ctx, session_get_account_name());
|
|
|
|
|
|
|
|
GList *recipient_device_id = g_hash_table_lookup(omemo_ctx.device_list, chatwin->barejid);
|
|
|
|
if (!recipient_device_id) {
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
GList *sender_device_id = g_hash_table_lookup(omemo_ctx.device_list, barejid);
|
|
|
|
|
|
|
|
/* TODO generate fresh AES-GCM materials */
|
|
|
|
/* TODO encrypt message */
|
|
|
|
unsigned char *key;
|
|
|
|
unsigned char *iv;
|
|
|
|
unsigned char *ciphertext;
|
2019-03-06 14:03:06 -05:00
|
|
|
unsigned char *tag;
|
|
|
|
unsigned char *key_tag;
|
|
|
|
size_t ciphertext_len, tag_len;
|
2019-02-26 13:53:06 -05:00
|
|
|
|
2019-03-06 14:03:06 -05:00
|
|
|
ciphertext_len = strlen(message);
|
2019-02-26 13:53:06 -05:00
|
|
|
ciphertext = malloc(ciphertext_len);
|
2019-03-06 14:03:06 -05:00
|
|
|
tag_len = AES128_GCM_TAG_LENGTH;
|
|
|
|
tag = gcry_malloc_secure(tag_len);
|
|
|
|
key_tag = gcry_malloc_secure(AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH);
|
2019-02-26 13:53:06 -05:00
|
|
|
|
2019-03-06 14:03:06 -05:00
|
|
|
key = gcry_random_bytes_secure(AES128_GCM_KEY_LENGTH, GCRY_VERY_STRONG_RANDOM);
|
|
|
|
iv = gcry_random_bytes_secure(AES128_GCM_IV_LENGTH, GCRY_VERY_STRONG_RANDOM);
|
2019-02-26 13:53:06 -05:00
|
|
|
|
2019-03-06 14:03:06 -05:00
|
|
|
res = aes128gcm_encrypt(ciphertext, &ciphertext_len, tag, &tag_len, (const unsigned char * const)message, strlen(message), iv, key);
|
2019-02-26 13:53:06 -05:00
|
|
|
if (res != 0) {
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2019-03-06 14:03:06 -05:00
|
|
|
memcpy(key_tag, key, AES128_GCM_KEY_LENGTH);
|
|
|
|
memcpy(key_tag + AES128_GCM_KEY_LENGTH, tag, AES128_GCM_TAG_LENGTH);
|
|
|
|
|
2019-02-26 13:53:06 -05:00
|
|
|
GList *keys = NULL;
|
|
|
|
GList *device_ids_iter;
|
2019-03-05 13:21:15 -05:00
|
|
|
for (device_ids_iter = recipient_device_id; device_ids_iter != NULL; device_ids_iter = device_ids_iter->next) {
|
2019-02-26 13:53:06 -05:00
|
|
|
int res;
|
|
|
|
ciphertext_message *ciphertext;
|
|
|
|
session_cipher *cipher;
|
|
|
|
signal_protocol_address address = {
|
|
|
|
chatwin->barejid, strlen(chatwin->barejid), GPOINTER_TO_INT(device_ids_iter->data)
|
|
|
|
};
|
|
|
|
|
|
|
|
res = session_cipher_create(&cipher, omemo_ctx.store, &address, omemo_ctx.signal);
|
|
|
|
if (res != 0) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2019-03-06 14:03:06 -05:00
|
|
|
res = session_cipher_encrypt(cipher, key_tag, AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH, &ciphertext);
|
2019-02-26 13:53:06 -05:00
|
|
|
if (res != 0) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
signal_buffer *buffer = ciphertext_message_get_serialized(ciphertext);
|
|
|
|
omemo_key_t *key = malloc(sizeof(omemo_key_t));
|
|
|
|
key->data = signal_buffer_data(buffer);
|
|
|
|
key->length = signal_buffer_len(buffer);
|
|
|
|
key->device_id = GPOINTER_TO_INT(device_ids_iter->data);
|
2019-03-05 13:21:15 -05:00
|
|
|
key->prekey = ciphertext_message_get_type(ciphertext) == CIPHERTEXT_PREKEY_TYPE;
|
|
|
|
keys = g_list_append(keys, key);
|
|
|
|
}
|
|
|
|
|
|
|
|
for (device_ids_iter = sender_device_id; device_ids_iter != NULL; device_ids_iter = device_ids_iter->next) {
|
|
|
|
int res;
|
|
|
|
ciphertext_message *ciphertext;
|
|
|
|
session_cipher *cipher;
|
|
|
|
signal_protocol_address address = {
|
|
|
|
barejid, strlen(barejid), GPOINTER_TO_INT(device_ids_iter->data)
|
|
|
|
};
|
|
|
|
|
|
|
|
res = session_cipher_create(&cipher, omemo_ctx.store, &address, omemo_ctx.signal);
|
|
|
|
if (res != 0) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2019-03-06 14:03:06 -05:00
|
|
|
res = session_cipher_encrypt(cipher, key_tag, AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH, &ciphertext);
|
2019-03-05 13:21:15 -05:00
|
|
|
if (res != 0) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
signal_buffer *buffer = ciphertext_message_get_serialized(ciphertext);
|
|
|
|
omemo_key_t *key = malloc(sizeof(omemo_key_t));
|
|
|
|
key->data = signal_buffer_data(buffer);
|
|
|
|
key->length = signal_buffer_len(buffer);
|
|
|
|
key->device_id = GPOINTER_TO_INT(device_ids_iter->data);
|
|
|
|
key->prekey = ciphertext_message_get_type(ciphertext) == CIPHERTEXT_PREKEY_TYPE;
|
2019-02-26 13:53:06 -05:00
|
|
|
keys = g_list_append(keys, key);
|
|
|
|
}
|
|
|
|
|
|
|
|
char *id = message_send_chat_omemo(chatwin->barejid, omemo_ctx.device_id, keys, iv, AES128_GCM_IV_LENGTH, ciphertext, ciphertext_len, request_receipt);
|
|
|
|
chat_log_omemo_msg_out(chatwin->barejid, message);
|
|
|
|
chatwin_outgoing_msg(chatwin, message, id, PROF_MSG_OMEMO, request_receipt);
|
|
|
|
|
|
|
|
free(id);
|
|
|
|
g_list_free_full(keys, free);
|
|
|
|
free(ciphertext);
|
2019-03-06 12:17:11 -05:00
|
|
|
gcry_free(key);
|
|
|
|
gcry_free(iv);
|
2019-03-06 14:03:06 -05:00
|
|
|
gcry_free(tag);
|
|
|
|
gcry_free(key_tag);
|
2019-02-26 13:53:06 -05:00
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
char *
|
|
|
|
omemo_on_message_recv(const char *const from, uint32_t sid,
|
|
|
|
const unsigned char *const iv, size_t iv_len, GList *keys,
|
|
|
|
const unsigned char *const payload, size_t payload_len)
|
|
|
|
{
|
|
|
|
int res;
|
|
|
|
GList *key_iter;
|
|
|
|
omemo_key_t *key = NULL;
|
|
|
|
for (key_iter = keys; key_iter != NULL; key_iter = key_iter->next) {
|
|
|
|
if (((omemo_key_t *)key_iter->data)->device_id == omemo_ctx.device_id) {
|
|
|
|
key = key_iter->data;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!key) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
session_cipher *cipher;
|
|
|
|
signal_buffer *plaintext_key;
|
|
|
|
signal_protocol_address address = {
|
|
|
|
from, strlen(from), sid
|
|
|
|
};
|
|
|
|
|
|
|
|
res = session_cipher_create(&cipher, omemo_ctx.store, &address, omemo_ctx.signal);
|
|
|
|
if (res != 0) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (key->prekey) {
|
|
|
|
pre_key_signal_message *message;
|
|
|
|
pre_key_signal_message_deserialize(&message, key->data, key->length, omemo_ctx.signal);
|
|
|
|
res = session_cipher_decrypt_pre_key_signal_message(cipher, message, NULL, &plaintext_key);
|
|
|
|
} else {
|
|
|
|
signal_message *message;
|
|
|
|
signal_message_deserialize(&message, key->data, key->length, omemo_ctx.signal);
|
|
|
|
res = session_cipher_decrypt_signal_message(cipher, message, NULL, &plaintext_key);
|
|
|
|
}
|
|
|
|
if (res != 0) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
size_t plaintext_len = payload_len;
|
|
|
|
unsigned char *plaintext = malloc(plaintext_len + 1);
|
|
|
|
res = aes128gcm_decrypt(plaintext, &plaintext_len, payload, payload_len, iv, signal_buffer_data(plaintext_key));
|
|
|
|
if (res != 0) {
|
|
|
|
free(plaintext);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
plaintext[plaintext_len] = '\0';
|
|
|
|
|
|
|
|
return (char *)plaintext;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2019-02-19 12:58:40 -05:00
|
|
|
static void
|
|
|
|
lock(void *user_data)
|
|
|
|
{
|
|
|
|
omemo_context *ctx = (omemo_context *)user_data;
|
|
|
|
pthread_mutex_lock(&ctx->lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
unlock(void *user_data)
|
|
|
|
{
|
|
|
|
omemo_context *ctx = (omemo_context *)user_data;
|
|
|
|
pthread_mutex_unlock(&ctx->lock);
|
2019-02-18 23:44:47 -05:00
|
|
|
}
|
2019-02-26 13:53:06 -05:00
|
|
|
|
|
|
|
static void
|
|
|
|
omemo_log(int level, const char *message, size_t len, void *user_data)
|
|
|
|
{
|
2019-03-05 13:34:02 -05:00
|
|
|
switch (level) {
|
|
|
|
case SG_LOG_ERROR:
|
|
|
|
log_error("OMEMO: %s", message);
|
|
|
|
break;
|
|
|
|
case SG_LOG_WARNING:
|
|
|
|
log_warning("OMEMO: %s", message);
|
|
|
|
break;
|
|
|
|
case SG_LOG_NOTICE:
|
|
|
|
case SG_LOG_INFO:
|
|
|
|
log_info("OMEMO: %s", message);
|
|
|
|
break;
|
|
|
|
case SG_LOG_DEBUG:
|
|
|
|
log_debug("OMEMO: %s", message);
|
|
|
|
break;
|
|
|
|
}
|
2019-02-26 13:53:06 -05:00
|
|
|
}
|
2019-03-04 00:58:32 -05:00
|
|
|
|
|
|
|
static gboolean
|
|
|
|
handle_own_device_list(const char *const jid, GList *device_list)
|
|
|
|
{
|
|
|
|
if (!g_list_find(device_list, GINT_TO_POINTER(omemo_ctx.device_id))) {
|
|
|
|
gpointer original_jid;
|
|
|
|
g_hash_table_steal_extended(omemo_ctx.device_list, jid, &original_jid, NULL);
|
|
|
|
free(original_jid);
|
|
|
|
device_list = g_list_append(device_list, GINT_TO_POINTER(omemo_ctx.device_id));
|
|
|
|
g_hash_table_insert(omemo_ctx.device_list, strdup(jid), device_list);
|
|
|
|
omemo_devicelist_publish(device_list);
|
|
|
|
}
|
|
|
|
|
2019-03-05 13:21:15 -05:00
|
|
|
GList *device_id;
|
|
|
|
for (device_id = device_list; device_id != NULL; device_id = device_id->next) {
|
|
|
|
omemo_bundle_request(jid, GPOINTER_TO_INT(device_id->data), omemo_start_device_session_handle_bundle, free, strdup(jid));
|
|
|
|
}
|
|
|
|
|
2019-03-04 00:58:32 -05:00
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
static gboolean
|
|
|
|
handle_device_list_start_session(const char *const jid, GList *device_list)
|
|
|
|
{
|
|
|
|
omemo_start_session(jid);
|
|
|
|
|
|
|
|
return FALSE;
|
|
|
|
}
|