Archives
/
matterbridge
mirror of https://github.com/42wim/matterbridge
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
updatexmppp
fix-1540
usemautrixlib
addtengodownload
rocketchat-reconnect
discord-webhook-fixes
v0.1
v0.10.0
v0.10.1
v0.10.2
v0.10.2-dev
v0.10.3
v0.11.0
v0.11.0-beta1
v0.11.0-beta2
v0.11.0-beta3
v0.12.0
v0.12.1
v0.13.0
v0.14.0
v0.15.0
v0.16.0
v0.16.0-rc1
v0.16.0-rc2
v0.16.1
v0.16.2
v0.16.3
v0.2
v0.3
v0.4
v0.4.1
v0.4.2
v0.5.0
v0.5.0-beta1
v0.5.0-beta2
v0.6.0-beta1
v0.6.0-beta2
v0.6.1
v0.7.0
v0.7.1
v0.8.0
v0.8.1
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v1.0.0
v1.0.0-rc1
v1.0.1
v1.1.0
v1.1.1
v1.1.2
v1.10.0
v1.10.1
v1.11.0
v1.11.1
v1.11.2
v1.11.3
v1.12.0
v1.12.1
v1.12.2
v1.12.3
v1.13.0
v1.13.1
v1.14.0
v1.14.0-rc1
v1.14.0-rc2
v1.14.1
v1.14.2
v1.14.3
v1.14.4
v1.15.0
v1.15.1
v1.16.0
v1.16.1
v1.16.2
v1.16.3
v1.16.4
v1.16.5
v1.17.0
v1.17.1
v1.17.2
v1.17.3
v1.17.4
v1.17.5
v1.18.0
v1.18.1
v1.18.2
v1.18.3
v1.19.0
v1.2.0
v1.20.0
v1.21.0
v1.22.0
v1.22.1
v1.22.2
v1.22.3
v1.23.0
v1.23.1
v1.23.2
v1.24.0
v1.24.1
v1.25.0
v1.25.1
v1.25.2
v1.26.0
v1.3.0
v1.3.1
v1.4.0
v1.4.1
v1.5.0
v1.5.1
v1.6.0
v1.6.1
v1.6.2
v1.6.3
v1.7.0
v1.7.1
v1.8.0
v1.9.0
v1.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e3cafeaf92'
${ noResults }
matterbridge/vendor/go.mau.fi/libsignal/groups/GroupCipher.go

142 lines
4.4 KiB
Go
Raw Blame History

package groups
import (
"fmt"
"go.mau.fi/libsignal/cipher"
"go.mau.fi/libsignal/ecc"
"go.mau.fi/libsignal/groups/ratchet"
"go.mau.fi/libsignal/groups/state/record"
"go.mau.fi/libsignal/groups/state/store"
"go.mau.fi/libsignal/protocol"
"go.mau.fi/libsignal/signalerror"
)
// NewGroupCipher will return a new group message cipher that can be used for
// encrypt/decrypt operations.
func NewGroupCipher(builder *SessionBuilder, senderKeyID *protocol.SenderKeyName,
senderKeyStore store.SenderKey) *GroupCipher {
return &GroupCipher{
senderKeyID: senderKeyID,
senderKeyStore: senderKeyStore,
sessionBuilder: builder,
}
}
// GroupCipher is the main entry point for group encrypt/decrypt operations.
// Once a session has been established, this can be used for
// all encrypt/decrypt operations within that session.
type GroupCipher struct {
senderKeyID *protocol.SenderKeyName
senderKeyStore store.SenderKey
sessionBuilder *SessionBuilder
}
// Encrypt will take the given message in bytes and return encrypted bytes.
func (c *GroupCipher) Encrypt(plaintext []byte) (protocol.GroupCiphertextMessage, error) {
// Load the sender key based on id from our store.
keyRecord := c.senderKeyStore.LoadSenderKey(c.senderKeyID)
senderKeyState, err := keyRecord.SenderKeyState()
if err != nil {
return nil, err
}
// Get the message key from the senderkey state.
senderKey, err := senderKeyState.SenderChainKey().SenderMessageKey()
if err != nil {
return nil, err
}
// Encrypt the plaintext.
ciphertext, err := cipher.EncryptCbc(senderKey.Iv(), senderKey.CipherKey(), plaintext)
if err != nil {
return nil, err
}
senderKeyMessage := protocol.NewSenderKeyMessage(
senderKeyState.KeyID(),
senderKey.Iteration(),
ciphertext,
senderKeyState.SigningKey().PrivateKey(),
c.sessionBuilder.serializer.SenderKeyMessage,
)
senderKeyState.SetSenderChainKey(senderKeyState.SenderChainKey().Next())
c.senderKeyStore.StoreSenderKey(c.senderKeyID, keyRecord)
return senderKeyMessage, nil
}
// Decrypt decrypts the given message using an existing session that
// is stored in the senderKey store.
func (c *GroupCipher) Decrypt(senderKeyMessage *protocol.SenderKeyMessage) ([]byte, error) {
keyRecord := c.senderKeyStore.LoadSenderKey(c.senderKeyID)
if keyRecord.IsEmpty() {
return nil, fmt.Errorf("%w for %s in %s", signalerror.ErrNoSenderKeyForUser, c.senderKeyID.Sender().String(), c.senderKeyID.GroupID())
}
// Get the senderkey state by id.
senderKeyState, err := keyRecord.GetSenderKeyStateByID(senderKeyMessage.KeyID())
if err != nil {
return nil, err
}
// Verify the signature of the senderkey message.
verified := c.verifySignature(senderKeyState.SigningKey().PublicKey(), senderKeyMessage)
if !verified {
return nil, signalerror.ErrSenderKeyStateVerificationFailed
}
senderKey, err := c.getSenderKey(senderKeyState, senderKeyMessage.Iteration())
if err != nil {
return nil, err
}
// Decrypt the message ciphertext.
plaintext, err := cipher.DecryptCbc(senderKey.Iv(), senderKey.CipherKey(), senderKeyMessage.Ciphertext())
if err != nil {
return nil, err
}
// Store the sender key by id.
c.senderKeyStore.StoreSenderKey(c.senderKeyID, keyRecord)
return plaintext, nil
}
// verifySignature will verify the signature of the senderkey message with
// the given public key.
func (c *GroupCipher) verifySignature(signingPubKey ecc.ECPublicKeyable,
senderKeyMessage *protocol.SenderKeyMessage) bool {
return ecc.VerifySignature(signingPubKey, senderKeyMessage.Serialize(), senderKeyMessage.Signature())
}
func (c *GroupCipher) getSenderKey(senderKeyState *record.SenderKeyState, iteration uint32) (*ratchet.SenderMessageKey, error) {
senderChainKey := senderKeyState.SenderChainKey()
if senderChainKey.Iteration() > iteration {
if senderKeyState.HasSenderMessageKey(iteration) {
return senderKeyState.RemoveSenderMessageKey(iteration), nil
}
return nil, fmt.Errorf("%w (current: %d, received: %d)", signalerror.ErrOldCounter, senderChainKey.Iteration(), iteration)
}
if iteration-senderChainKey.Iteration() > 2000 {
return nil, signalerror.ErrTooFarIntoFuture
}
for senderChainKey.Iteration() < iteration {
senderMessageKey, err := senderChainKey.SenderMessageKey()
if err != nil {
return nil, err
}
senderKeyState.AddSenderMessageKey(senderMessageKey)
senderChainKey = senderChainKey.Next()
}
senderKeyState.SetSenderChainKey(senderChainKey.Next())
return senderChainKey.SenderMessageKey()
}
Reference in New Issue View Git Blame Copy Permalink