1
0
mirror of https://github.com/profanity-im/profanity.git synced 2024-12-04 14:46:46 -05:00

Add OMEMO message encryption and decryption

This commit is contained in:
Paul Fariello 2019-02-26 20:33:06 +01:40
parent b1ae220aa4
commit 0fb27dc496
18 changed files with 681 additions and 35 deletions

View File

@ -283,6 +283,14 @@ if test "x$enable_omemo" != xno; then
[AS_IF([test "x$enable_omemo" = xyes], [AS_IF([test "x$enable_omemo" = xyes],
[AC_MSG_ERROR([libsodium is required for omemo support])], [AC_MSG_ERROR([libsodium is required for omemo support])],
[AC_MSG_NOTICE([libsodium not found, omemo support not enabled])])]) [AC_MSG_NOTICE([libsodium not found, omemo support not enabled])])])
AC_CHECK_LIB([gcrypt], [gcry_check_version],
[AM_CONDITIONAL([BUILD_OMEMO], [true])
AC_DEFINE([HAVE_OMEMO], [1], [Have omemo]),
LIBS="-lgcrypt $LIBS"],
[AS_IF([test "x$enable_omemo" = xyes],
[AC_MSG_ERROR([gcrypt is required for omemo support])],
[AC_MSG_NOTICE([gcrypt not found, omemo support not enabled])])])
fi fi
AS_IF([test "x$with_themes" = xno], AS_IF([test "x$with_themes" = xno],

View File

@ -7949,6 +7949,7 @@ cmd_omemo_start(ProfWin *window, const char *const command, gchar **args)
} }
omemo_start_session(barejid); omemo_start_session(barejid);
chatwin->is_omemo = TRUE;
} }
return TRUE; return TRUE;

View File

@ -58,6 +58,7 @@
#define PREF_GROUP_ALIAS "alias" #define PREF_GROUP_ALIAS "alias"
#define PREF_GROUP_OTR "otr" #define PREF_GROUP_OTR "otr"
#define PREF_GROUP_PGP "pgp" #define PREF_GROUP_PGP "pgp"
#define PREF_GROUP_OMEMO "omemo"
#define PREF_GROUP_MUC "muc" #define PREF_GROUP_MUC "muc"
#define PREF_GROUP_PLUGINS "plugins" #define PREF_GROUP_PLUGINS "plugins"
@ -822,6 +823,33 @@ prefs_set_pgp_char(char ch)
_save_prefs(); _save_prefs();
} }
char
prefs_get_omemo_char(void)
{
char result = '~';
char *resultstr = g_key_file_get_string(prefs, PREF_GROUP_OMEMO, "omemo.char", NULL);
if (!resultstr) {
result = '~';
} else {
result = resultstr[0];
}
free(resultstr);
return result;
}
void
prefs_set_omemo_char(char ch)
{
char str[2];
str[0] = ch;
str[1] = '\0';
g_key_file_set_string(prefs, PREF_GROUP_OMEMO, "omemo.char", str);
_save_prefs();
}
char char
prefs_get_roster_header_char(void) prefs_get_roster_header_char(void)
{ {

View File

@ -148,6 +148,7 @@ typedef enum {
PREF_STATUSBAR_SELF, PREF_STATUSBAR_SELF,
PREF_STATUSBAR_CHAT, PREF_STATUSBAR_CHAT,
PREF_STATUSBAR_ROOM, PREF_STATUSBAR_ROOM,
PREF_OMEMO_LOG,
} preference_t; } preference_t;
typedef struct prof_alias_t { typedef struct prof_alias_t {
@ -216,6 +217,8 @@ char prefs_get_otr_char(void);
void prefs_set_otr_char(char ch); void prefs_set_otr_char(char ch);
char prefs_get_pgp_char(void); char prefs_get_pgp_char(void);
void prefs_set_pgp_char(char ch); void prefs_set_pgp_char(char ch);
char prefs_get_omemo_char(void);
void prefs_set_omemo_char(char ch);
char prefs_get_roster_header_char(void); char prefs_get_roster_header_char(void);
void prefs_set_roster_header_char(char ch); void prefs_set_roster_header_char(char ch);

View File

@ -54,6 +54,10 @@
#include "pgp/gpg.h" #include "pgp/gpg.h"
#endif #endif
#ifdef HAVE_OMEMO
#include "omemo/omemo.h"
#endif
jabber_conn_status_t jabber_conn_status_t
cl_ev_connect_jid(const char *const jid, const char *const passwd, const char *const altdomain, const int port, const char *const tls_policy) cl_ev_connect_jid(const char *const jid, const char *const passwd, const char *const altdomain, const int port, const char *const tls_policy)
{ {
@ -203,6 +207,21 @@ cl_ev_send_msg(ProfChatWin *chatwin, const char *const msg, const char *const oo
#endif #endif
#endif #endif
#ifdef HAVE_OMEMO
if (chatwin->is_omemo) {
omemo_on_message_send(chatwin, plugin_msg, request_receipt);
} else {
char *id = message_send_chat(chatwin->barejid, plugin_msg, oob_url, request_receipt);
chat_log_msg_out(chatwin->barejid, plugin_msg);
chatwin_outgoing_msg(chatwin, plugin_msg, id, PROF_MSG_PLAIN, request_receipt);
free(id);
}
plugins_post_chat_message_send(chatwin->barejid, plugin_msg);
free(plugin_msg);
return;
#endif
// OTR unsupported, PGP unsupported // OTR unsupported, PGP unsupported
#ifndef HAVE_LIBOTR #ifndef HAVE_LIBOTR
#ifndef HAVE_LIBGPGME #ifndef HAVE_LIBGPGME

View File

@ -304,6 +304,23 @@ chat_log_pgp_msg_out(const char *const barejid, const char *const msg)
} }
} }
void
chat_log_omemo_msg_out(const char *const barejid, const char *const msg)
{
if (prefs_get_boolean(PREF_CHLOG)) {
const char *jid = connection_get_fulljid();
Jid *jidp = jid_create(jid);
char *pref_omemo_log = prefs_get_string(PREF_OMEMO_LOG);
if (strcmp(pref_omemo_log, "on") == 0) {
_chat_log_chat(jidp->barejid, barejid, msg, PROF_OUT_LOG, NULL);
} else if (strcmp(pref_omemo_log, "redact") == 0) {
_chat_log_chat(jidp->barejid, barejid, "[redacted]", PROF_OUT_LOG, NULL);
}
prefs_free_string(pref_omemo_log);
jid_destroy(jidp);
}
}
void void
chat_log_otr_msg_in(const char *const barejid, const char *const msg, gboolean was_decrypted, GDateTime *timestamp) chat_log_otr_msg_in(const char *const barejid, const char *const msg, gboolean was_decrypted, GDateTime *timestamp)
{ {
@ -338,6 +355,23 @@ chat_log_pgp_msg_in(const char *const barejid, const char *const msg, GDateTime
} }
} }
void
chat_log_omemo_msg_in(const char *const barejid, const char *const msg, GDateTime *timestamp)
{
if (prefs_get_boolean(PREF_CHLOG)) {
const char *jid = connection_get_fulljid();
Jid *jidp = jid_create(jid);
char *pref_omemo_log = prefs_get_string(PREF_OMEMO_LOG);
if (strcmp(pref_omemo_log, "on") == 0) {
_chat_log_chat(jidp->barejid, barejid, msg, PROF_IN_LOG, timestamp);
} else if (strcmp(pref_omemo_log, "redact") == 0) {
_chat_log_chat(jidp->barejid, barejid, "[redacted]", PROF_IN_LOG, timestamp);
}
prefs_free_string(pref_omemo_log);
jid_destroy(jidp);
}
}
void void
chat_log_msg_in(const char *const barejid, const char *const msg, GDateTime *timestamp) chat_log_msg_in(const char *const barejid, const char *const msg, GDateTime *timestamp)
{ {

View File

@ -71,10 +71,12 @@ void chat_log_init(void);
void chat_log_msg_out(const char *const barejid, const char *const msg); void chat_log_msg_out(const char *const barejid, const char *const msg);
void chat_log_otr_msg_out(const char *const barejid, const char *const msg); void chat_log_otr_msg_out(const char *const barejid, const char *const msg);
void chat_log_pgp_msg_out(const char *const barejid, const char *const msg); void chat_log_pgp_msg_out(const char *const barejid, const char *const msg);
void chat_log_omemo_msg_out(const char *const barejid, const char *const msg);
void chat_log_msg_in(const char *const barejid, const char *const msg, GDateTime *timestamp); void chat_log_msg_in(const char *const barejid, const char *const msg, GDateTime *timestamp);
void chat_log_otr_msg_in(const char *const barejid, const char *const msg, gboolean was_decrypted, GDateTime *timestamp); void chat_log_otr_msg_in(const char *const barejid, const char *const msg, gboolean was_decrypted, GDateTime *timestamp);
void chat_log_pgp_msg_in(const char *const barejid, const char *const msg, GDateTime *timestamp); void chat_log_pgp_msg_in(const char *const barejid, const char *const msg, GDateTime *timestamp);
void chat_log_omemo_msg_in(const char *const barejid, const char *const msg, GDateTime *timestamp);
void chat_log_close(void); void chat_log_close(void);
GSList* chat_log_get_previous(const gchar *const login, const gchar *const recipient); GSList* chat_log_get_previous(const gchar *const login, const gchar *const recipient);

View File

@ -2,7 +2,9 @@
#include <signal/signal_protocol.h> #include <signal/signal_protocol.h>
#include <signal/signal_protocol_types.h> #include <signal/signal_protocol_types.h>
#include <sodium.h> #include <sodium.h>
#include <gcrypt.h>
#include "omemo/omemo.h"
#include "omemo/crypto.h" #include "omemo/crypto.h"
int int
@ -12,10 +14,12 @@ omemo_crypto_init(void)
return -1; return -1;
} }
if (crypto_aead_aes256gcm_is_available() == 0) { if (!gcry_check_version(GCRYPT_VERSION)) {
return -1; return -1;
} }
gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
return 0; return 0;
} }
@ -96,41 +100,195 @@ int
omemo_encrypt_func(signal_buffer **output, int cipher, const uint8_t *key, size_t key_len, const uint8_t *iv, size_t iv_len, omemo_encrypt_func(signal_buffer **output, int cipher, const uint8_t *key, size_t key_len, const uint8_t *iv, size_t iv_len,
const uint8_t *plaintext, size_t plaintext_len, void *user_data) const uint8_t *plaintext, size_t plaintext_len, void *user_data)
{ {
gcry_cipher_hd_t hd;
unsigned char *padded_plaintext;
unsigned char *ciphertext; unsigned char *ciphertext;
unsigned long long ciphertext_len; size_t ciphertext_len;
int mode;
int algo;
uint8_t padding = 0;
assert(cipher != SG_CIPHER_AES_GCM_NOPADDING); switch (key_len) {
assert(key_len == crypto_aead_aes256gcm_KEYBYTES); case 32:
assert(iv_len == crypto_aead_aes256gcm_NPUBBYTES); algo = GCRY_CIPHER_AES256;
break;
default:
return OMEMO_ERR_UNSUPPORTED_CRYPTO;
}
ciphertext = malloc(plaintext_len + crypto_aead_aes256gcm_ABYTES); switch (cipher) {
crypto_aead_aes256gcm_encrypt(ciphertext, &ciphertext_len, plaintext, plaintext_len, NULL, 0, NULL, iv, key); case SG_CIPHER_AES_CBC_PKCS5:
mode = GCRY_CIPHER_MODE_CBC;
break;
default:
return OMEMO_ERR_UNSUPPORTED_CRYPTO;
}
gcry_cipher_open(&hd, algo, mode, GCRY_CIPHER_SECURE);
gcry_cipher_setkey(hd, key, key_len);
switch (cipher) {
case SG_CIPHER_AES_CBC_PKCS5:
gcry_cipher_setiv(hd, iv, iv_len);
padding = 16 - (plaintext_len % 16);
break;
default:
assert(FALSE);
}
padded_plaintext = malloc(plaintext_len + padding);
memcpy(padded_plaintext, plaintext, plaintext_len);
memset(padded_plaintext + plaintext_len, padding, padding);
ciphertext_len = plaintext_len + padding;
ciphertext = malloc(ciphertext_len);
gcry_cipher_encrypt(hd, ciphertext, ciphertext_len, padded_plaintext, plaintext_len + padding);
*output = signal_buffer_create(ciphertext, ciphertext_len); *output = signal_buffer_create(ciphertext, ciphertext_len);
free(padded_plaintext);
free(ciphertext); free(ciphertext);
return 0; gcry_cipher_close(hd);
return SG_SUCCESS;
} }
int int
omemo_decrypt_func(signal_buffer **output, int cipher, const uint8_t *key, size_t key_len, const uint8_t *iv, size_t iv_len, omemo_decrypt_func(signal_buffer **output, int cipher, const uint8_t *key, size_t key_len, const uint8_t *iv, size_t iv_len,
const uint8_t *ciphertext, size_t ciphertext_len, void *user_data) const uint8_t *ciphertext, size_t ciphertext_len, void *user_data)
{ {
int ret = SG_SUCCESS;
gcry_cipher_hd_t hd;
unsigned char *plaintext; unsigned char *plaintext;
unsigned long long plaintext_len; size_t plaintext_len;
int mode;
int algo;
uint8_t padding = 0;
assert(cipher != SG_CIPHER_AES_GCM_NOPADDING); switch (key_len) {
assert(key_len == crypto_aead_aes256gcm_KEYBYTES); case 32:
assert(iv_len == crypto_aead_aes256gcm_NPUBBYTES); algo = GCRY_CIPHER_AES256;
break;
plaintext = malloc(ciphertext_len - crypto_aead_aes256gcm_ABYTES); default:
if (crypto_aead_aes256gcm_decrypt(plaintext, &plaintext_len, NULL, ciphertext, ciphertext_len, NULL, 0, iv, key) < 0) { return OMEMO_ERR_UNSUPPORTED_CRYPTO;
free(plaintext);
return -1;
} }
*output = signal_buffer_create(plaintext, plaintext_len); switch (cipher) {
case SG_CIPHER_AES_CBC_PKCS5:
mode = GCRY_CIPHER_MODE_CBC;
break;
default:
return OMEMO_ERR_UNSUPPORTED_CRYPTO;
}
gcry_cipher_open(&hd, algo, mode, GCRY_CIPHER_SECURE);
gcry_cipher_setkey(hd, key, key_len);
switch (cipher) {
case SG_CIPHER_AES_CBC_PKCS5:
gcry_cipher_setiv(hd, iv, iv_len);
break;
default:
assert(FALSE);
}
plaintext_len = ciphertext_len;
plaintext = malloc(plaintext_len);
gcry_cipher_decrypt(hd, plaintext, plaintext_len, ciphertext, ciphertext_len);
switch (cipher) {
case SG_CIPHER_AES_CBC_PKCS5:
padding = plaintext[plaintext_len - 1];
break;
default:
assert(FALSE);
}
int i;
for (i = 0; i < padding; i++) {
if (plaintext[plaintext_len - 1 - i] != padding) {
ret = SG_ERR_UNKNOWN;
goto out;
}
}
*output = signal_buffer_create(plaintext, plaintext_len - padding);
out:
free(plaintext); free(plaintext);
return 0; gcry_cipher_close(hd);
return ret;
}
int
aes128gcm_encrypt(unsigned char *ciphertext, size_t *ciphertext_len, const unsigned char *const plaintext, size_t plaintext_len, const unsigned char *const iv, const unsigned char *const key)
{
gcry_error_t res;
gcry_cipher_hd_t hd;
res = gcry_cipher_open(&hd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_CIPHER_SECURE);
if (res != GPG_ERR_NO_ERROR) {
goto out;
}
res = gcry_cipher_setkey(hd, key, AES128_GCM_KEY_LENGTH);
if (res != GPG_ERR_NO_ERROR) {
goto out;
}
res = gcry_cipher_setiv(hd, iv, AES128_GCM_IV_LENGTH);
if (res != GPG_ERR_NO_ERROR) {
goto out;
}
res = gcry_cipher_encrypt(hd, ciphertext, *ciphertext_len, plaintext, plaintext_len);
if (res != GPG_ERR_NO_ERROR) {
goto out;
}
res = gcry_cipher_gettag(hd, ciphertext + plaintext_len, AES128_GCM_TAG_LENGTH);
if (res != GPG_ERR_NO_ERROR) {
goto out;
}
out:
gcry_cipher_close(hd);
return res;
}
int
aes128gcm_decrypt(unsigned char *plaintext, size_t *plaintext_len, const unsigned char *const ciphertext, size_t ciphertext_len, const unsigned char *const iv, const unsigned char *const key)
{
gcry_error_t res;
gcry_cipher_hd_t hd;
res = gcry_cipher_open(&hd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_CIPHER_SECURE);
if (res != GPG_ERR_NO_ERROR) {
goto out;
}
res = gcry_cipher_setkey(hd, key, AES128_GCM_KEY_LENGTH);
if (res != GPG_ERR_NO_ERROR) {
goto out;
}
res = gcry_cipher_setiv(hd, iv, AES128_GCM_IV_LENGTH);
if (res != GPG_ERR_NO_ERROR) {
goto out;
}
res = gcry_cipher_decrypt(hd, plaintext, *plaintext_len, ciphertext, ciphertext_len);
if (res != GPG_ERR_NO_ERROR) {
goto out;
}
//res = gcry_cipher_checktag(hd, ciphertext + ciphertext_len - AES128_GCM_TAG_LENGTH, AES128_GCM_TAG_LENGTH);
//if (res != GPG_ERR_NO_ERROR) {
// goto out;
//}
out:
gcry_cipher_close(hd);
return res;
} }

View File

@ -1,6 +1,8 @@
#include <signal/signal_protocol_types.h> #include <signal/signal_protocol_types.h>
#define SG_CIPHER_AES_GCM_NOPADDING 1000 #define AES128_GCM_KEY_LENGTH 16
#define AES128_GCM_IV_LENGTH 16
#define AES128_GCM_TAG_LENGTH 16
int omemo_crypto_init(void); int omemo_crypto_init(void);
/** /**
@ -134,3 +136,13 @@ int omemo_decrypt_func(signal_buffer **output,
const uint8_t *iv, size_t iv_len, const uint8_t *iv, size_t iv_len,
const uint8_t *ciphertext, size_t ciphertext_len, const uint8_t *ciphertext, size_t ciphertext_len,
void *user_data); void *user_data);
int aes128gcm_encrypt(unsigned char *ciphertext,
size_t *ciphertext_len, const unsigned char *const cleartext,
size_t cleatext_len, const unsigned char *const iv,
const unsigned char *const key);
int aes128gcm_decrypt(unsigned char *plaintext,
size_t *plaintext_len, const unsigned char *const ciphertext,
size_t ciphertext_len, const unsigned char *const iv,
const unsigned char *const key);

View File

@ -3,8 +3,10 @@
#include <glib.h> #include <glib.h>
#include <pthread.h> #include <pthread.h>
#include <signal/key_helper.h> #include <signal/key_helper.h>
#include <signal/protocol.h>
#include <signal/signal_protocol.h> #include <signal/signal_protocol.h>
#include <signal/session_builder.h> #include <signal/session_builder.h>
#include <signal/session_cipher.h>
#include <sodium.h> #include <sodium.h>
#include "config/account.h" #include "config/account.h"
@ -21,6 +23,7 @@ static gboolean loaded;
static void lock(void *user_data); static void lock(void *user_data);
static void unlock(void *user_data); static void unlock(void *user_data);
static void omemo_log(int level, const char *message, size_t len, void *user_data);
struct omemo_context_t { struct omemo_context_t {
pthread_mutexattr_t attr; pthread_mutexattr_t attr;
@ -37,6 +40,7 @@ struct omemo_context_t {
GHashTable *pre_key_store; GHashTable *pre_key_store;
GHashTable *signed_pre_key_store; GHashTable *signed_pre_key_store;
identity_key_store_t identity_key_store; identity_key_store_t identity_key_store;
GHashTable *device_ids;
}; };
static omemo_context omemo_ctx; static omemo_context omemo_ctx;
@ -73,6 +77,10 @@ omemo_init(void)
return; return;
} }
if (signal_context_set_log_function(omemo_ctx.signal, omemo_log) != 0) {
cons_show("Error initializing OMEMO log");
}
if (signal_context_set_crypto_provider(omemo_ctx.signal, &crypto_provider) != 0) { if (signal_context_set_crypto_provider(omemo_ctx.signal, &crypto_provider) != 0) {
cons_show("Error initializing OMEMO crypto"); cons_show("Error initializing OMEMO crypto");
return; return;
@ -123,6 +131,8 @@ omemo_init(void)
.get_local_registration_id = get_local_registration_id, .get_local_registration_id = get_local_registration_id,
.save_identity = save_identity, .save_identity = save_identity,
.is_trusted_identity = is_trusted_identity, .is_trusted_identity = is_trusted_identity,
.destroy_func = NULL,
.user_data = &omemo_ctx.identity_key_store
}; };
signal_protocol_store_context_set_identity_key_store(omemo_ctx.store, &identity_key_store); signal_protocol_store_context_set_identity_key_store(omemo_ctx.store, &identity_key_store);
@ -148,6 +158,9 @@ omemo_generate_crypto_materials(ProfAccount *account)
unsigned long long timestamp = (unsigned long long)(tv.tv_sec) * 1000 + (unsigned long long)(tv.tv_usec) / 1000; unsigned long long timestamp = (unsigned long long)(tv.tv_sec) * 1000 + (unsigned long long)(tv.tv_usec) / 1000;
signal_protocol_key_helper_generate_signed_pre_key(&omemo_ctx.signed_pre_key, omemo_ctx.identity_key_pair, 5, timestamp, omemo_ctx.signal); signal_protocol_key_helper_generate_signed_pre_key(&omemo_ctx.signed_pre_key, omemo_ctx.identity_key_pair, 5, timestamp, omemo_ctx.signal);
ec_public_key_serialize(&omemo_ctx.identity_key_store.public, ratchet_identity_key_pair_get_public(omemo_ctx.identity_key_pair));
ec_private_key_serialize(&omemo_ctx.identity_key_store.private, ratchet_identity_key_pair_get_private(omemo_ctx.identity_key_pair));
loaded = TRUE; loaded = TRUE;
/* Ensure we get our current device list, and it gets updated with our /* Ensure we get our current device list, and it gets updated with our
@ -191,7 +204,7 @@ omemo_identity_key(unsigned char **output, size_t *length)
ec_public_key_serialize(&buffer, ratchet_identity_key_pair_get_public(omemo_ctx.identity_key_pair)); ec_public_key_serialize(&buffer, ratchet_identity_key_pair_get_public(omemo_ctx.identity_key_pair));
*length = signal_buffer_len(buffer); *length = signal_buffer_len(buffer);
*output = malloc(*length); *output = malloc(*length);
memcpy(*output, signal_buffer_const_data(buffer), *length); memcpy(*output, signal_buffer_data(buffer), *length);
signal_buffer_free(buffer); signal_buffer_free(buffer);
} }
@ -202,7 +215,7 @@ omemo_signed_prekey(unsigned char **output, size_t *length)
ec_public_key_serialize(&buffer, ec_key_pair_get_public(session_signed_pre_key_get_key_pair(omemo_ctx.signed_pre_key))); ec_public_key_serialize(&buffer, ec_key_pair_get_public(session_signed_pre_key_get_key_pair(omemo_ctx.signed_pre_key)));
*length = signal_buffer_len(buffer); *length = signal_buffer_len(buffer);
*output = malloc(*length); *output = malloc(*length);
memcpy(*output, signal_buffer_const_data(buffer), *length); memcpy(*output, signal_buffer_data(buffer), *length);
signal_buffer_free(buffer); signal_buffer_free(buffer);
} }
@ -224,7 +237,7 @@ omemo_prekeys(GList **prekeys, GList **ids, GList **lengths)
ec_public_key_serialize(&buffer, ec_key_pair_get_public(session_pre_key_get_key_pair(prekey))); ec_public_key_serialize(&buffer, ec_key_pair_get_public(session_pre_key_get_key_pair(prekey)));
size_t length = signal_buffer_len(buffer); size_t length = signal_buffer_len(buffer);
unsigned char *prekey_value = malloc(length); unsigned char *prekey_value = malloc(length);
memcpy(prekey_value, signal_buffer_const_data(buffer), length); memcpy(prekey_value, signal_buffer_data(buffer), length);
signal_buffer_free(buffer); signal_buffer_free(buffer);
*prekeys = g_list_append(*prekeys, prekey_value); *prekeys = g_list_append(*prekeys, prekey_value);
*ids = g_list_append(*ids, GINT_TO_POINTER(session_pre_key_get_id(prekey))); *ids = g_list_append(*ids, GINT_TO_POINTER(session_pre_key_get_id(prekey)));
@ -257,12 +270,15 @@ omemo_start_device_session(const char *const jid, uint32_t device_id,
size_t identity_key_len) size_t identity_key_len)
{ {
session_pre_key_bundle *bundle; session_pre_key_bundle *bundle;
signal_protocol_address address = { signal_protocol_address *address;
jid, strlen(jid), device_id
}; address = malloc(sizeof(signal_protocol_address));
address->name = strdup(jid);
address->name_len = strlen(jid);
address->device_id = device_id;
session_builder *builder; session_builder *builder;
session_builder_create(&builder, omemo_ctx.store, &address, omemo_ctx.signal); session_builder_create(&builder, omemo_ctx.store, address, omemo_ctx.signal);
ec_public_key *prekey; ec_public_key *prekey;
curve_decode_point(&prekey, prekey_raw, prekey_len, omemo_ctx.signal); curve_decode_point(&prekey, prekey_raw, prekey_len, omemo_ctx.signal);
@ -275,6 +291,142 @@ omemo_start_device_session(const char *const jid, uint32_t device_id,
session_builder_process_pre_key_bundle(builder, bundle); session_builder_process_pre_key_bundle(builder, bundle);
} }
gboolean
omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean request_receipt)
{
int res;
xmpp_ctx_t * const ctx = connection_get_ctx();
char *barejid = xmpp_jid_bare(ctx, session_get_account_name());
GList *device_ids = NULL;
GList *recipient_device_id = g_hash_table_lookup(omemo_ctx.device_list, chatwin->barejid);
if (!recipient_device_id) {
return FALSE;
}
device_ids = g_list_copy(recipient_device_id);
GList *sender_device_id = g_hash_table_lookup(omemo_ctx.device_list, barejid);
device_ids = g_list_concat(device_ids, g_list_copy(sender_device_id));
/* TODO generate fresh AES-GCM materials */
/* TODO encrypt message */
unsigned char *key;
unsigned char *iv;
unsigned char *ciphertext;
size_t ciphertext_len;
key = sodium_malloc(AES128_GCM_KEY_LENGTH);
iv = sodium_malloc(AES128_GCM_IV_LENGTH);
ciphertext_len = strlen(message) + AES128_GCM_TAG_LENGTH;
ciphertext = malloc(ciphertext_len);
randombytes_buf(key, 16);
randombytes_buf(iv, 16);
res = aes128gcm_encrypt(ciphertext, &ciphertext_len, (const unsigned char * const)message, strlen(message), iv, key);
if (res != 0) {
return FALSE;
}
GList *keys = NULL;
GList *device_ids_iter;
for (device_ids_iter = device_ids; device_ids_iter != NULL; device_ids_iter = device_ids_iter->next) {
int res;
ciphertext_message *ciphertext;
session_cipher *cipher;
signal_protocol_address address = {
chatwin->barejid, strlen(chatwin->barejid), GPOINTER_TO_INT(device_ids_iter->data)
};
res = session_cipher_create(&cipher, omemo_ctx.store, &address, omemo_ctx.signal);
if (res != 0) {
continue;
}
res = session_cipher_encrypt(cipher, key, AES128_GCM_KEY_LENGTH, &ciphertext);
if (res != 0) {
continue;
}
signal_buffer *buffer = ciphertext_message_get_serialized(ciphertext);
omemo_key_t *key = malloc(sizeof(omemo_key_t));
key->data = signal_buffer_data(buffer);
key->length = signal_buffer_len(buffer);
key->device_id = GPOINTER_TO_INT(device_ids_iter->data);
key->prekey = TRUE;
keys = g_list_append(keys, key);
}
char *id = message_send_chat_omemo(chatwin->barejid, omemo_ctx.device_id, keys, iv, AES128_GCM_IV_LENGTH, ciphertext, ciphertext_len, request_receipt);
chat_log_omemo_msg_out(chatwin->barejid, message);
chatwin_outgoing_msg(chatwin, message, id, PROF_MSG_OMEMO, request_receipt);
free(id);
g_list_free_full(keys, free);
free(ciphertext);
sodium_free(key);
sodium_free(iv);
g_list_free(device_ids);
return TRUE;
}
char *
omemo_on_message_recv(const char *const from, uint32_t sid,
const unsigned char *const iv, size_t iv_len, GList *keys,
const unsigned char *const payload, size_t payload_len)
{
int res;
GList *key_iter;
omemo_key_t *key = NULL;
for (key_iter = keys; key_iter != NULL; key_iter = key_iter->next) {
if (((omemo_key_t *)key_iter->data)->device_id == omemo_ctx.device_id) {
key = key_iter->data;
break;
}
}
if (!key) {
return NULL;
}
session_cipher *cipher;
signal_buffer *plaintext_key;
signal_protocol_address address = {
from, strlen(from), sid
};
res = session_cipher_create(&cipher, omemo_ctx.store, &address, omemo_ctx.signal);
if (res != 0) {
return NULL;
}
if (key->prekey) {
pre_key_signal_message *message;
pre_key_signal_message_deserialize(&message, key->data, key->length, omemo_ctx.signal);
res = session_cipher_decrypt_pre_key_signal_message(cipher, message, NULL, &plaintext_key);
} else {
signal_message *message;
signal_message_deserialize(&message, key->data, key->length, omemo_ctx.signal);
res = session_cipher_decrypt_signal_message(cipher, message, NULL, &plaintext_key);
}
if (res != 0) {
return NULL;
}
size_t plaintext_len = payload_len;
unsigned char *plaintext = malloc(plaintext_len + 1);
res = aes128gcm_decrypt(plaintext, &plaintext_len, payload, payload_len, iv, signal_buffer_data(plaintext_key));
if (res != 0) {
free(plaintext);
return NULL;
}
plaintext[plaintext_len] = '\0';
return (char *)plaintext;
}
static void static void
lock(void *user_data) lock(void *user_data)
{ {
@ -288,3 +440,9 @@ unlock(void *user_data)
omemo_context *ctx = (omemo_context *)user_data; omemo_context *ctx = (omemo_context *)user_data;
pthread_mutex_unlock(&ctx->lock); pthread_mutex_unlock(&ctx->lock);
} }
static void
omemo_log(int level, const char *message, size_t len, void *user_data)
{
cons_show(message);
}

View File

@ -1,9 +1,19 @@
#include <glib.h> #include <glib.h>
#include "ui/ui.h"
#include "config/account.h" #include "config/account.h"
#define OMEMO_ERR_UNSUPPORTED_CRYPTO -10000
typedef struct omemo_context_t omemo_context; typedef struct omemo_context_t omemo_context;
typedef struct omemo_key {
const unsigned char *data;
size_t length;
gboolean prekey;
uint32_t device_id;
} omemo_key_t;
void omemo_init(void); void omemo_init(void);
void omemo_generate_crypto_materials(ProfAccount *account); void omemo_generate_crypto_materials(ProfAccount *account);
@ -18,3 +28,5 @@ void omemo_start_session(const char *const barejid);
void omemo_start_device_session(const char *const jid, uint32_t device_id, uint32_t prekey_id, const unsigned char *const prekey, size_t prekey_len, uint32_t signed_prekey_id, const unsigned char *const signed_prekey, size_t signed_prekey_len, const unsigned char *const signature, size_t signature_len, const unsigned char *const identity_key, size_t identity_key_len); void omemo_start_device_session(const char *const jid, uint32_t device_id, uint32_t prekey_id, const unsigned char *const prekey, size_t prekey_len, uint32_t signed_prekey_id, const unsigned char *const signed_prekey, size_t signed_prekey_len, const unsigned char *const signature, size_t signature_len, const unsigned char *const identity_key, size_t identity_key_len);
gboolean omemo_loaded(void); gboolean omemo_loaded(void);
gboolean omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean request_receipt);
char * omemo_on_message_recv(const char *const from, uint32_t sid, const unsigned char *const iv, size_t iv_len, GList *keys, const unsigned char *const payload, size_t payload_len);

View File

@ -39,12 +39,16 @@ load_session(signal_buffer **record, const signal_protocol_address *address,
device_store = g_hash_table_lookup(session_store, address->name); device_store = g_hash_table_lookup(session_store, address->name);
if (!device_store) { if (!device_store) {
*record = NULL; *record = NULL;
return SG_SUCCESS; return 0;
} }
signal_buffer *original = g_hash_table_lookup(device_store, GINT_TO_POINTER(address->device_id)); signal_buffer *original = g_hash_table_lookup(device_store, GINT_TO_POINTER(address->device_id));
if (!original) {
*record = NULL;
return 0;
}
*record = signal_buffer_copy(original); *record = signal_buffer_copy(original);
return SG_SUCCESS; return 1;
} }
int int
@ -208,8 +212,8 @@ get_identity_key_pair(signal_buffer **public_data, signal_buffer **private_data,
{ {
identity_key_store_t *identity_key_store = (identity_key_store_t *)user_data; identity_key_store_t *identity_key_store = (identity_key_store_t *)user_data;
*public_data = identity_key_store->public; *public_data = signal_buffer_copy(identity_key_store->public);
*private_data = identity_key_store->private; *private_data = signal_buffer_copy(identity_key_store->private);
return SG_SUCCESS; return SG_SUCCESS;
} }

View File

@ -305,6 +305,8 @@ chatwin_outgoing_msg(ProfChatWin *chatwin, const char *const message, char *id,
enc_char = prefs_get_otr_char(); enc_char = prefs_get_otr_char();
} else if (enc_mode == PROF_MSG_PGP) { } else if (enc_mode == PROF_MSG_PGP) {
enc_char = prefs_get_pgp_char(); enc_char = prefs_get_pgp_char();
} else if (enc_mode == PROF_MSG_OMEMO) {
enc_char = prefs_get_omemo_char();
} }
if (request_receipt && id) { if (request_receipt && id) {

View File

@ -56,7 +56,8 @@
typedef enum { typedef enum {
PROF_MSG_PLAIN, PROF_MSG_PLAIN,
PROF_MSG_OTR, PROF_MSG_OTR,
PROF_MSG_PGP PROF_MSG_PGP,
PROF_MSG_OMEMO
} prof_enc_t; } prof_enc_t;
// core UI // core UI

View File

@ -1058,6 +1058,8 @@ win_print_incoming(ProfWin *window, GDateTime *timestamp,
enc_char = prefs_get_otr_char(); enc_char = prefs_get_otr_char();
} else if (enc_mode == PROF_MSG_PGP) { } else if (enc_mode == PROF_MSG_PGP) {
enc_char = prefs_get_pgp_char(); enc_char = prefs_get_pgp_char();
} else if (enc_mode == PROF_MSG_OMEMO) {
enc_char = prefs_get_omemo_char();
} }
_win_printf(window, enc_char, 0, timestamp, NO_ME, THEME_TEXT_THEM, from, "%s", message); _win_printf(window, enc_char, 0, timestamp, NO_ME, THEME_TEXT_THEM, from, "%s", message);
break; break;

View File

@ -52,6 +52,7 @@
#include "pgp/gpg.h" #include "pgp/gpg.h"
#include "plugins/plugins.h" #include "plugins/plugins.h"
#include "ui/ui.h" #include "ui/ui.h"
#include "ui/window_list.h"
#include "xmpp/chat_session.h" #include "xmpp/chat_session.h"
#include "xmpp/muc.h" #include "xmpp/muc.h"
#include "xmpp/session.h" #include "xmpp/session.h"
@ -62,6 +63,10 @@
#include "xmpp/connection.h" #include "xmpp/connection.h"
#include "xmpp/xmpp.h" #include "xmpp/xmpp.h"
#ifdef HAVE_OMEMO
#include "omemo/omemo.h"
#endif
typedef struct p_message_handle_t { typedef struct p_message_handle_t {
ProfMessageCallback func; ProfMessageCallback func;
ProfMessageFreeCallback free_func; ProfMessageFreeCallback free_func;
@ -77,6 +82,7 @@ static void _handle_conference(xmpp_stanza_t *const stanza);
static void _handle_captcha(xmpp_stanza_t *const stanza); static void _handle_captcha(xmpp_stanza_t *const stanza);
static void _handle_receipt_received(xmpp_stanza_t *const stanza); static void _handle_receipt_received(xmpp_stanza_t *const stanza);
static void _handle_chat(xmpp_stanza_t *const stanza); static void _handle_chat(xmpp_stanza_t *const stanza);
static void _handle_omemo(xmpp_stanza_t *const stanza);
static void _send_message_stanza(xmpp_stanza_t *const stanza); static void _send_message_stanza(xmpp_stanza_t *const stanza);
@ -144,6 +150,13 @@ _message_handler(xmpp_conn_t *const conn, xmpp_stanza_t *const stanza, void *con
} }
} }
#ifdef HAVE_OMEMO
xmpp_stanza_t *omemo = xmpp_stanza_get_child_by_ns(stanza, STANZA_NS_OMEMO);
if (omemo) {
_handle_omemo(stanza);
}
#endif
_handle_chat(stanza); _handle_chat(stanza);
return 1; return 1;
@ -307,6 +320,99 @@ message_send_chat_otr(const char *const barejid, const char *const msg, gboolean
return id; return id;
} }
#ifdef HAVE_OMEMO
char*
message_send_chat_omemo(const char *const jid, uint32_t sid, GList *keys,
const unsigned char *const iv, size_t iv_len,
const unsigned char *const ciphertext, size_t ciphertext_len,
gboolean request_receipt)
{
xmpp_ctx_t * const ctx = connection_get_ctx();
char *id = connection_create_stanza_id("msg");
xmpp_stanza_t *message = xmpp_message_new(ctx, STANZA_TYPE_CHAT, jid, id);
xmpp_stanza_t *encrypted = xmpp_stanza_new(ctx);
xmpp_stanza_set_name(encrypted, "encrypted");
xmpp_stanza_set_ns(encrypted, STANZA_NS_OMEMO);
xmpp_stanza_t *header = xmpp_stanza_new(ctx);
xmpp_stanza_set_name(header, "header");
char *sid_text = g_strdup_printf("%d", sid);
xmpp_stanza_set_attribute(header, "sid", sid_text);
g_free(sid_text);
GList *key_iter;
for (key_iter = keys; key_iter != NULL; key_iter = key_iter->next) {
omemo_key_t *key = (omemo_key_t *)key_iter->data;
xmpp_stanza_t *key_stanza = xmpp_stanza_new(ctx);
xmpp_stanza_set_name(key_stanza, "key");
char *rid = g_strdup_printf("%d", key->device_id);
xmpp_stanza_set_attribute(key_stanza, "rid", rid);
g_free(rid);
if (key->prekey) {
xmpp_stanza_set_attribute(key_stanza, "prekey", "true");
}
gchar *key_raw = g_base64_encode(key->data, key->length);
xmpp_stanza_t *key_text = xmpp_stanza_new(ctx);
xmpp_stanza_set_text(key_text, key_raw);
g_free(key_raw);
xmpp_stanza_add_child(key_stanza, key_text);
xmpp_stanza_add_child(header, key_stanza);
xmpp_stanza_release(key_text);
xmpp_stanza_release(key_stanza);
}
xmpp_stanza_t *iv_stanza = xmpp_stanza_new(ctx);
xmpp_stanza_set_name(iv_stanza, "iv");
gchar *iv_raw = g_base64_encode(iv, iv_len);
xmpp_stanza_t *iv_text = xmpp_stanza_new(ctx);
xmpp_stanza_set_text(iv_text, iv_raw);
g_free(iv_raw);
xmpp_stanza_add_child(iv_stanza, iv_text);
xmpp_stanza_add_child(header, iv_stanza);
xmpp_stanza_release(iv_text);
xmpp_stanza_release(iv_stanza);
xmpp_stanza_add_child(encrypted, header);
xmpp_stanza_release(header);
xmpp_stanza_t *payload = xmpp_stanza_new(ctx);
xmpp_stanza_set_name(payload, "payload");
gchar *ciphertext_raw = g_base64_encode(ciphertext, ciphertext_len);
xmpp_stanza_t *payload_text = xmpp_stanza_new(ctx);
xmpp_stanza_set_text(payload_text, ciphertext_raw);
g_free(ciphertext_raw);
xmpp_stanza_add_child(payload, payload_text);
xmpp_stanza_add_child(encrypted, payload);
xmpp_stanza_release(payload_text);
xmpp_stanza_release(payload);
xmpp_stanza_add_child(message, encrypted);
xmpp_stanza_release(encrypted);
stanza_attach_carbons_private(ctx, message);
stanza_attach_hints_no_copy(ctx, message);
stanza_attach_hints_no_store(ctx, message);
if (request_receipt) {
stanza_attach_receipt_request(ctx, message);
}
_send_message_stanza(message);
xmpp_stanza_release(message);
return id;
}
#endif
void void
message_send_private(const char *const fulljid, const char *const msg, const char *const oob_url) message_send_private(const char *const fulljid, const char *const msg, const char *const oob_url)
{ {
@ -828,7 +934,8 @@ _handle_chat(xmpp_stanza_t *const stanza)
// ignore handled namespaces // ignore handled namespaces
xmpp_stanza_t *conf = xmpp_stanza_get_child_by_ns(stanza, STANZA_NS_CONFERENCE); xmpp_stanza_t *conf = xmpp_stanza_get_child_by_ns(stanza, STANZA_NS_CONFERENCE);
xmpp_stanza_t *captcha = xmpp_stanza_get_child_by_ns(stanza, STANZA_NS_CAPTCHA); xmpp_stanza_t *captcha = xmpp_stanza_get_child_by_ns(stanza, STANZA_NS_CAPTCHA);
if (conf || captcha) { xmpp_stanza_t *omemo = xmpp_stanza_get_child_by_ns(stanza, STANZA_NS_OMEMO);
if (conf || captcha || omemo) {
return; return;
} }
@ -896,6 +1003,100 @@ _handle_chat(xmpp_stanza_t *const stanza)
jid_destroy(jid); jid_destroy(jid);
} }
static void
_handle_omemo(xmpp_stanza_t *const stanza)
{
xmpp_stanza_t *encrypted = xmpp_stanza_get_child_by_ns(stanza, STANZA_NS_OMEMO);
if (!encrypted) {
return;
}
xmpp_stanza_t *header = xmpp_stanza_get_child_by_name(encrypted, "header");
if (!header) {
return;
}
const char *sid_text = xmpp_stanza_get_attribute(header, "sid");
if (!sid_text) {
return;
}
uint32_t sid = strtoul(sid_text, NULL, 10);
xmpp_stanza_t *iv = xmpp_stanza_get_child_by_name(header, "iv");
if (!iv) {
return;
}
const char *iv_text = xmpp_stanza_get_text(iv);
if (!iv_text) {
return;
}
size_t iv_len;
const unsigned char *iv_raw = g_base64_decode(iv_text, &iv_len);
xmpp_stanza_t *payload = xmpp_stanza_get_child_by_name(encrypted, "payload");
if (!payload) {
return;
}
const char *payload_text = xmpp_stanza_get_text(payload);
if (!payload_text) {
return;
}
size_t payload_len;
const unsigned char *payload_raw = g_base64_decode(payload_text, &payload_len);
GList *keys = NULL;
xmpp_stanza_t *key_stanza;
for (key_stanza = xmpp_stanza_get_children(header); key_stanza != NULL; key_stanza = xmpp_stanza_get_next(key_stanza)) {
if (g_strcmp0(xmpp_stanza_get_name(key_stanza), "key") != 0) {
continue;
}
omemo_key_t *key = malloc(sizeof(omemo_key_t));
const char *key_text = xmpp_stanza_get_text(key_stanza);
if (!key_text) {
goto skip;
}
const char *rid_text = xmpp_stanza_get_attribute(key_stanza, "rid");
key->device_id = strtoul(rid_text, NULL, 10);
if (!key->device_id) {
goto skip;
}
key->data = g_base64_decode(key_text, &key->length);
key->prekey = g_strcmp0(xmpp_stanza_get_attribute(key_stanza, "prekey"), "true") == 0;
keys = g_list_append(keys, key);
continue;
skip:
free(key);
}
const char *from = xmpp_stanza_get_from(stanza);
Jid *jid = jid_create(from);
GDateTime *timestamp = stanza_get_delay(stanza);
char *plaintext = omemo_on_message_recv(jid->barejid, sid, iv_raw, iv_len, keys, payload_raw, payload_len);
if (!plaintext) {
goto out;
}
gboolean new_win = FALSE;
ProfChatWin *chatwin = wins_get_chat(jid->barejid);
if (!chatwin) {
ProfWin *window = wins_new_chat(jid->barejid);
chatwin = (ProfChatWin*)window;
new_win = TRUE;
}
chat_log_omemo_msg_in(jid->barejid, plaintext, timestamp);
chatwin_incoming_msg(chatwin, jid->resourcepart, plaintext, timestamp, new_win, PROF_MSG_OMEMO);
out:
jid_destroy(jid);
if (timestamp) g_date_time_unref(timestamp);
}
static void static void
_send_message_stanza(xmpp_stanza_t *const stanza) _send_message_stanza(xmpp_stanza_t *const stanza)
{ {

View File

@ -93,7 +93,7 @@ omemo_start_device_session_handle_bundle(xmpp_stanza_t *const stanza, void *cons
return 1; return 1;
} }
if (!g_strcmp0(from, userdata)) { if (g_strcmp0(from, userdata) != 0) {
return 1; return 1;
} }
@ -112,7 +112,7 @@ omemo_start_device_session_handle_bundle(xmpp_stanza_t *const stanza, void *cons
return 1; return 1;
} }
uint32_t device_id = strtoul(device_id_str, NULL, 10); uint32_t device_id = strtoul(++device_id_str, NULL, 10);
xmpp_stanza_t *item = xmpp_stanza_get_child_by_name(items, "item"); xmpp_stanza_t *item = xmpp_stanza_get_child_by_name(items, "item");
if (!item) { if (!item) {

View File

@ -140,6 +140,7 @@ char* message_send_chat(const char *const barejid, const char *const msg, const
gboolean request_receipt); gboolean request_receipt);
char* message_send_chat_otr(const char *const barejid, const char *const msg, gboolean request_receipt); char* message_send_chat_otr(const char *const barejid, const char *const msg, gboolean request_receipt);
char* message_send_chat_pgp(const char *const barejid, const char *const msg, gboolean request_receipt); char* message_send_chat_pgp(const char *const barejid, const char *const msg, gboolean request_receipt);
char* message_send_chat_omemo(const char *const jid, uint32_t sid, GList *keys, const unsigned char *const iv, size_t iv_len, const unsigned char *const ciphertext, size_t ciphertext_len, gboolean request_receipt);
void message_send_private(const char *const fulljid, const char *const msg, const char *const oob_url); void message_send_private(const char *const fulljid, const char *const msg, const char *const oob_url);
void message_send_groupchat(const char *const roomjid, const char *const msg, const char *const oob_url); void message_send_groupchat(const char *const roomjid, const char *const msg, const char *const oob_url);
void message_send_groupchat_subject(const char *const roomjid, const char *const subject); void message_send_groupchat_subject(const char *const roomjid, const char *const subject);