org.whispersystems.libsignal.InvalidKeyIdException Java Examples

public IncomingEncryptedMessage decrypt(Context context, IncomingPreKeyBundleMessage message)
    throws InvalidVersionException, InvalidMessageException, DuplicateMessageException,
           UntrustedIdentityException, LegacyMessageException
{
  try {
    byte[]              decoded       = transportDetails.getDecodedMessage(message.getMessageBody().getBytes());
    PreKeySignalMessage preKeyMessage = new PreKeySignalMessage(decoded);
    SessionCipher       sessionCipher = new SessionCipher(signalProtocolStore, new SignalProtocolAddress(message.getSender(), 1));
    byte[]              padded        = sessionCipher.decrypt(preKeyMessage);
    byte[]              plaintext     = transportDetails.getStrippedPaddingMessageBody(padded);

    return new IncomingEncryptedMessage(message, new String(plaintext));
  } catch (IOException | InvalidKeyException | InvalidKeyIdException e) {
    throw new InvalidMessageException(e);
  }
}
 

/**
 * Encrypt a message.
 *
 * @param paddedPlaintext The plaintext message bytes, optionally padded.
 * @return Ciphertext.
 * @throws NoSessionException
 */
public byte[] encrypt(byte[] paddedPlaintext) throws NoSessionException {
  synchronized (LOCK) {
    try {
      SenderKeyRecord  record         = senderKeyStore.loadSenderKey(senderKeyId);
      SenderKeyState   senderKeyState = record.getSenderKeyState();
      SenderMessageKey senderKey      = senderKeyState.getSenderChainKey().getSenderMessageKey();
      byte[]           ciphertext     = getCipherText(senderKey.getIv(), senderKey.getCipherKey(), paddedPlaintext);

      SenderKeyMessage senderKeyMessage = new SenderKeyMessage(senderKeyState.getKeyId(),
                                                               senderKey.getIteration(),
                                                               ciphertext,
                                                               senderKeyState.getSigningKeyPrivate());

      senderKeyState.setSenderChainKey(senderKeyState.getSenderChainKey().getNext());

      senderKeyStore.storeSenderKey(senderKeyId, record);

      return senderKeyMessage.serialize();
    } catch (InvalidKeyIdException e) {
      throw new NoSessionException(e);
    }
  }
}
 

/**
 * Construct a group session for sending messages.
 *
 * @param senderKeyName The (groupId, senderId, deviceId) tuple.  In this case, 'senderId' should be the caller.
 * @return A SenderKeyDistributionMessage that is individually distributed to each member of the group.
 */
public SenderKeyDistributionMessage create(SenderKeyName senderKeyName) {
  synchronized (GroupCipher.LOCK) {
    try {
      SenderKeyRecord senderKeyRecord = senderKeyStore.loadSenderKey(senderKeyName);

      if (senderKeyRecord.isEmpty()) {
        senderKeyRecord.setSenderKeyState(KeyHelper.generateSenderKeyId(),
                                          0,
                                          KeyHelper.generateSenderKey(),
                                          KeyHelper.generateSenderSigningKey());
        senderKeyStore.storeSenderKey(senderKeyName, senderKeyRecord);
      }

      SenderKeyState state = senderKeyRecord.getSenderKeyState();

      return new SenderKeyDistributionMessage(state.getKeyId(),
                                              state.getSenderChainKey().getIteration(),
                                              state.getSenderChainKey().getSeed(),
                                              state.getSigningKeyPublic());

    } catch (InvalidKeyIdException | InvalidKeyException e) {
      throw new AssertionError(e);
    }
  }
}
 

@Override
public PreKeyRecord loadPreKey(int preKeyId) throws InvalidKeyIdException {
    try {
        if (!store.containsKey(preKeyId)) {
            throw new InvalidKeyIdException("No such prekeyrecord!");
        }

        return new PreKeyRecord(store.get(preKeyId));
    } catch (IOException e) {
        throw new AssertionError(e);
    }
}
 

/**
 * Load a local SignedPreKeyRecord.
 *
 * @param signedPreKeyId the ID of the local SignedPreKeyRecord.
 * @return the corresponding SignedPreKeyRecord.
 * @throws InvalidKeyIdException when there is no corresponding SignedPreKeyRecord.
 */
@Override
public SignedPreKeyRecord loadSignedPreKey(int signedPreKeyId) throws InvalidKeyIdException {
    SignedPreKeyRecord record = mXmppConnectionService.databaseBackend.loadSignedPreKey(account, signedPreKeyId);
    if (record == null) {
        throw new InvalidKeyIdException("No such SignedPreKeyRecord: " + signedPreKeyId);
    }
    return record;
}
 

/**
 * Load a local PreKeyRecord.
 *
 * @param preKeyId the ID of the local PreKeyRecord.
 * @return the corresponding PreKeyRecord.
 * @throws InvalidKeyIdException when there is no corresponding PreKeyRecord.
 */
@Override
public PreKeyRecord loadPreKey(int preKeyId) throws InvalidKeyIdException {
    PreKeyRecord record = mXmppConnectionService.databaseBackend.loadPreKey(account, preKeyId);
    if (record == null) {
        throw new InvalidKeyIdException("No such PreKeyRecord: " + preKeyId);
    }
    return record;
}
 

@Override
public PreKeyRecord loadPreKey(int preKeyId) throws InvalidKeyIdException {
  synchronized (FILE_LOCK) {
    PreKeyRecord preKeyRecord = DatabaseFactory.getPreKeyDatabase(context).getPreKey(preKeyId);

    if (preKeyRecord == null) throw new InvalidKeyIdException("No such key: " + preKeyId);
    else                      return preKeyRecord;
  }
}
 

/**
 * Build a new session from a received {@link PreKeySignalMessage}.
 *
 * After a session is constructed in this way, the embedded {@link SignalMessage}
 * can be decrypted.
 *
 * @param message The received {@link PreKeySignalMessage}.
 * @throws org.whispersystems.libsignal.InvalidKeyIdException when there is no local
 *                                                             {@link org.whispersystems.libsignal.state.PreKeyRecord}
 *                                                             that corresponds to the PreKey ID in
 *                                                             the message.
 * @throws org.whispersystems.libsignal.InvalidKeyException when the message is formatted incorrectly.
 * @throws org.whispersystems.libsignal.UntrustedIdentityException when the {@link IdentityKey} of the sender is untrusted.
 */
/*package*/ Optional<Integer> process(SessionRecord sessionRecord, PreKeySignalMessage message)
    throws InvalidKeyIdException, InvalidKeyException, UntrustedIdentityException
{
  IdentityKey theirIdentityKey = message.getIdentityKey();

  if (!identityKeyStore.isTrustedIdentity(remoteAddress, theirIdentityKey, IdentityKeyStore.Direction.RECEIVING)) {
    throw new UntrustedIdentityException(remoteAddress.getName(), theirIdentityKey);
  }

  Optional<Integer> unsignedPreKeyId = processV3(sessionRecord, message);

  identityKeyStore.saveIdentity(remoteAddress, theirIdentityKey);
  return unsignedPreKeyId;
}
 

private Optional<Integer> processV3(SessionRecord sessionRecord, PreKeySignalMessage message)
    throws UntrustedIdentityException, InvalidKeyIdException, InvalidKeyException
{

  if (sessionRecord.hasSessionState(message.getMessageVersion(), message.getBaseKey().serialize())) {
    Log.w(TAG, "We've already setup a session for this V3 message, letting bundled message fall through...");
    return Optional.absent();
  }

  ECKeyPair ourSignedPreKey = signedPreKeyStore.loadSignedPreKey(message.getSignedPreKeyId()).getKeyPair();

  BobSignalProtocolParameters.Builder parameters = BobSignalProtocolParameters.newBuilder();

  parameters.setTheirBaseKey(message.getBaseKey())
            .setTheirIdentityKey(message.getIdentityKey())
            .setOurIdentityKey(identityKeyStore.getIdentityKeyPair())
            .setOurSignedPreKey(ourSignedPreKey)
            .setOurRatchetKey(ourSignedPreKey);

  if (message.getPreKeyId().isPresent()) {
    parameters.setOurOneTimePreKey(Optional.of(preKeyStore.loadPreKey(message.getPreKeyId().get()).getKeyPair()));
  } else {
    parameters.setOurOneTimePreKey(Optional.<ECKeyPair>absent());
  }

  if (!sessionRecord.isFresh()) sessionRecord.archiveCurrentState();

  RatchetingSession.initializeSession(sessionRecord.getSessionState(), parameters.create());

  sessionRecord.getSessionState().setLocalRegistrationId(identityKeyStore.getLocalRegistrationId());
  sessionRecord.getSessionState().setRemoteRegistrationId(message.getRegistrationId());
  sessionRecord.getSessionState().setAliceBaseKey(message.getBaseKey().serialize());

  if (message.getPreKeyId().isPresent() && message.getPreKeyId().get() != Medium.MAX_VALUE) {
    return message.getPreKeyId();
  } else {
    return Optional.absent();
  }
}
 

@Override
public PreKeyRecord loadPreKey(int preKeyId) throws InvalidKeyIdException {
  synchronized (FILE_LOCK) {
    try {
      return new PreKeyRecord(loadSerializedRecord(getPreKeyFile(preKeyId)));
    } catch (IOException | InvalidMessageException e) {
      Log.w(TAG, e);
      throw new InvalidKeyIdException(e);
    }
  }
}
 

@Override
public SignedPreKeyRecord loadSignedPreKey(int signedPreKeyId) throws InvalidKeyIdException {
  synchronized (FILE_LOCK) {
    try {
      return new SignedPreKeyRecord(loadSerializedRecord(getSignedPreKeyFile(signedPreKeyId)));
    } catch (IOException | InvalidMessageException e) {
      Log.w(TAG, e);
      throw new InvalidKeyIdException(e);
    }
  }
}
 

public SenderKeyState getSenderKeyState() throws InvalidKeyIdException {
  if (!senderKeyStates.isEmpty()) {
    return senderKeyStates.get(0);
  } else {
    throw new InvalidKeyIdException("No key state in record!");
  }
}
 

public SenderKeyState getSenderKeyState(int keyId) throws InvalidKeyIdException {
  for (SenderKeyState state : senderKeyStates) {
    if (state.getKeyId() == keyId) {
      return state;
    }
  }

  throw new InvalidKeyIdException("No keys for: " + keyId);
}
 

/**
 * Decrypt a SenderKey group message.
 *
 * @param senderKeyMessageBytes The received ciphertext.
 * @param callback   A callback that is triggered after decryption is complete,
 *                    but before the updated session state has been committed to the session
 *                    DB.  This allows some implementations to store the committed plaintext
 *                    to a DB first, in case they are concerned with a crash happening between
 *                    the time the session state is updated but before they're able to store
 *                    the plaintext to disk.
 * @return Plaintext
 * @throws LegacyMessageException
 * @throws InvalidMessageException
 * @throws DuplicateMessageException
 */
public byte[] decrypt(byte[] senderKeyMessageBytes, DecryptionCallback callback)
    throws LegacyMessageException, InvalidMessageException, DuplicateMessageException,
           NoSessionException
{
  synchronized (LOCK) {
    try {
      SenderKeyRecord record = senderKeyStore.loadSenderKey(senderKeyId);

      if (record.isEmpty()) {
        throw new NoSessionException("No sender key for: " + senderKeyId);
      }

      SenderKeyMessage senderKeyMessage = new SenderKeyMessage(senderKeyMessageBytes);
      SenderKeyState   senderKeyState   = record.getSenderKeyState(senderKeyMessage.getKeyId());

      senderKeyMessage.verifySignature(senderKeyState.getSigningKeyPublic());

      SenderMessageKey senderKey = getSenderKey(senderKeyState, senderKeyMessage.getIteration());

      byte[] plaintext = getPlainText(senderKey.getIv(), senderKey.getCipherKey(), senderKeyMessage.getCipherText());

      callback.handlePlaintext(plaintext);

      senderKeyStore.storeSenderKey(senderKeyId, record);

      return plaintext;
    } catch (org.whispersystems.libsignal.InvalidKeyException | InvalidKeyIdException e) {
      throw new InvalidMessageException(e);
    }
  }
}
 

@Override
public PreKeyRecord loadPreKey(int preKeyId) throws InvalidKeyIdException {
  try {
    if (!store.containsKey(preKeyId)) {
      throw new InvalidKeyIdException("No such prekeyrecord!");
    }

    return new PreKeyRecord(store.get(preKeyId));
  } catch (IOException e) {
    throw new AssertionError(e);
  }
}
 

@Override
public SignedPreKeyRecord loadSignedPreKey(int signedPreKeyId) throws InvalidKeyIdException {
  try {
    if (!store.containsKey(signedPreKeyId)) {
      throw new InvalidKeyIdException("No such signedprekeyrecord! " + signedPreKeyId);
    }

    return new SignedPreKeyRecord(store.get(signedPreKeyId));
  } catch (IOException e) {
    throw new AssertionError(e);
  }
}
 

@Override
public PreKeyRecord loadPreKey(int i) throws InvalidKeyIdException {
    PreKeyRecord preKey;
    try {
        preKey = omemoStore.loadOmemoPreKey(getOurDevice(), i);
    } catch (IOException e) {
        throw new IllegalStateException(e);
    }

    if (preKey == null) {
        throw new InvalidKeyIdException("No PreKey with Id " + i + " found.");
    }

    return preKey;
}
 

@Override
public boolean containsPreKey(int i) {
    try {
        return loadPreKey(i) != null;
    } catch (InvalidKeyIdException e) {
        return false;
    }
}
 

@Override
public SignedPreKeyRecord loadSignedPreKey(int i) throws InvalidKeyIdException {
    SignedPreKeyRecord signedPreKeyRecord;
    try {
        signedPreKeyRecord = omemoStore.loadOmemoSignedPreKey(getOurDevice(), i);
    } catch (IOException e) {
        throw new IllegalStateException(e);
    }
    if (signedPreKeyRecord == null) {
        throw new InvalidKeyIdException("No signed preKey with id " + i + " found.");
    }
    return signedPreKeyRecord;
}
 

@Override
public boolean containsSignedPreKey(int i) {
    try {
        return loadSignedPreKey(i) != null;
    } catch (InvalidKeyIdException e) {
        LOGGER.log(Level.WARNING, "containsSignedPreKey has failed: " + e.getMessage());
        return false;
    }
}
 

/**
 * Load a local PreKeyRecord.
 *
 * @param preKeyId the ID of the local PreKeyRecord.
 * @return the corresponding PreKeyRecord.
 * @throws InvalidKeyIdException when there is no corresponding PreKeyRecord.
 */
@Override
public PreKeyRecord loadPreKey(int preKeyId) throws InvalidKeyIdException {
	PreKeyRecord record = mXmppConnectionService.databaseBackend.loadPreKey(account, preKeyId);
	if (record == null) {
		throw new InvalidKeyIdException("No such PreKeyRecord: " + preKeyId);
	}
	return record;
}
 

/**
 * Load a local SignedPreKeyRecord.
 *
 * @param signedPreKeyId the ID of the local SignedPreKeyRecord.
 * @return the corresponding SignedPreKeyRecord.
 * @throws InvalidKeyIdException when there is no corresponding SignedPreKeyRecord.
 */
@Override
public SignedPreKeyRecord loadSignedPreKey(int signedPreKeyId) throws InvalidKeyIdException {
	SignedPreKeyRecord record = mXmppConnectionService.databaseBackend.loadSignedPreKey(account, signedPreKeyId);
	if (record == null) {
		throw new InvalidKeyIdException("No such SignedPreKeyRecord: " + signedPreKeyId);
	}
	return record;
}
 

@Override
public SignedPreKeyRecord loadSignedPreKey(int signedPreKeyId) throws InvalidKeyIdException {
  synchronized (FILE_LOCK) {
    SignedPreKeyRecord signedPreKeyRecord = DatabaseFactory.getSignedPreKeyDatabase(context).getSignedPreKey(signedPreKeyId);

    if (signedPreKeyRecord == null) throw new InvalidKeyIdException("No such signed prekey: " + signedPreKeyId);
    else                            return signedPreKeyRecord;
  }
}
 

@Override
public PreKeyRecord loadPreKey(int preKeyId) throws InvalidKeyIdException {
    if (!store.containsKey(preKeyId)) {
        throw new InvalidKeyIdException("No such prekeyrecord!");
    }

    try {
        return new PreKeyRecord(store.get(preKeyId));
    } catch (IOException e) {
        throw new AssertionError(e);
    }
}
 

@Override
public void onRun() throws IOException {
  try {
    Log.i(TAG, "Cleaning prekeys...");

    int                activeSignedPreKeyId = PreKeyUtil.getActiveSignedPreKeyId(context);
    SignedPreKeyStore  signedPreKeyStore    = new SignalProtocolStoreImpl(context);

    if (activeSignedPreKeyId < 0) return;

    SignedPreKeyRecord             currentRecord = signedPreKeyStore.loadSignedPreKey(activeSignedPreKeyId);
    List<SignedPreKeyRecord>       allRecords    = signedPreKeyStore.loadSignedPreKeys();
    LinkedList<SignedPreKeyRecord> oldRecords    = removeRecordFrom(currentRecord, allRecords);

    Collections.sort(oldRecords, new SignedPreKeySorter());

    Log.i(TAG, "Active signed prekey: " + activeSignedPreKeyId);
    Log.i(TAG, "Old signed prekey record count: " + oldRecords.size());

    boolean foundAgedRecord = false;

    for (SignedPreKeyRecord oldRecord : oldRecords) {
      long archiveDuration = System.currentTimeMillis() - oldRecord.getTimestamp();

      if (archiveDuration >= ARCHIVE_AGE) {
        if (!foundAgedRecord) {
          foundAgedRecord = true;
        } else {
          Log.i(TAG, "Removing signed prekey record: " + oldRecord.getId() + " with timestamp: " + oldRecord.getTimestamp());
          signedPreKeyStore.removeSignedPreKey(oldRecord.getId());
        }
      }
    }
  } catch (InvalidKeyIdException e) {
    Log.w(TAG, e);
  }
}
 

@Override
public SignedPreKeyRecord loadSignedPreKey(int signedPreKeyId) throws InvalidKeyIdException {
    try {
        if (!store.containsKey(signedPreKeyId)) {
            throw new InvalidKeyIdException("No such signedprekeyrecord! " + signedPreKeyId);
        }
        return new SignedPreKeyRecord(store.get(signedPreKeyId));
    } catch (IOException e) {
        throw new AssertionError(e);
    }
}
 

@Override
public PreKeyRecord loadPreKey(int preKeyId) throws InvalidKeyIdException {
    try {
        if (!store.containsKey(preKeyId)) {
            throw new InvalidKeyIdException("No such prekeyrecord!");
        }

        return new PreKeyRecord(store.get(preKeyId));
    } catch (IOException e) {
        throw new AssertionError(e);
    }
}
 

@Override
public void onRun(MasterSecret masterSecret) throws IOException {
    try {
        Log.w(TAG, "Cleaning prekeys...");

        int activeSignedPreKeyId = PreKeyUtil.getActiveSignedPreKeyId(context, accountContext);
        SignedPreKeyStore signedPreKeyStore = signedPreKeyStoreFactory.create();

        if (activeSignedPreKeyId < 0) return;

        SignedPreKeyRecord currentRecord = signedPreKeyStore.loadSignedPreKey(activeSignedPreKeyId);
        List<SignedPreKeyRecord> allRecords = signedPreKeyStore.loadSignedPreKeys();
        LinkedList<SignedPreKeyRecord> oldRecords = removeRecordFrom(currentRecord, allRecords);

        Collections.sort(oldRecords, new SignedPreKeySorter());

        Log.w(TAG, "Active signed prekey: " + activeSignedPreKeyId);
        Log.w(TAG, "Old signed prekey record count: " + oldRecords.size());

        boolean foundAgedRecord = false;

        for (SignedPreKeyRecord oldRecord : oldRecords) {
            long archiveDuration = System.currentTimeMillis() - oldRecord.getTimestamp();

            if (archiveDuration >= ARCHIVE_AGE) {
                if (!foundAgedRecord) {
                    foundAgedRecord = true;
                } else {
                    Log.w(TAG, "Removing signed prekey record: " + oldRecord.getId() + " with timestamp: " + oldRecord.getTimestamp());
                    signedPreKeyStore.removeSignedPreKey(oldRecord.getId());
                }
            }
        }
    } catch (InvalidKeyIdException e) {
        Log.w(TAG, e);
    }
}
 

private byte[] decrypt(SignalServiceProtos.Envelope envelope, byte[] ciphertext)
    throws InvalidVersionException, InvalidMessageException, InvalidKeyException,
           DuplicateMessageException, InvalidKeyIdException, UntrustedIdentityException,
           LegacyMessageException, NoSessionException
{
  SignalProtocolAddress sourceAddress = new SignalProtocolAddress(envelope.getSource(), envelope.getSourceDevice());
  SessionCipher         sessionCipher = new SessionCipher(signalProtocolStore, sourceAddress);

  byte[] paddedMessage;

  if (envelope.getType() == Type.PREKEY_BUNDLE) {
    paddedMessage = sessionCipher.decrypt(new PreKeySignalMessage(ciphertext));
      //纠正remote register id
      SessionRecord sessionRecord = signalProtocolStore.loadSession(sourceAddress);
      if (sessionRecord.getSessionState().getRemoteRegistrationId() == 0) {
          sessionRecord.getSessionState().setRemoteRegistrationId(envelope.getSourceRegistration());
          signalProtocolStore.storeSession(sourceAddress, sessionRecord);
      }

  } else if (envelope.getType() == Type.CIPHERTEXT) {
    paddedMessage = sessionCipher.decrypt(new SignalMessage(ciphertext));
  } else {
    throw new InvalidMessageException("Unknown type: " + envelope.getType());
  }

  PushTransportDetails transportDetails = new PushTransportDetails(sessionCipher.getSessionVersion());
  return transportDetails.getStrippedPaddingMessageBody(paddedMessage);
}
 

@Override
public SignedPreKeyRecord loadSignedPreKey(int signedPreKeyId) throws InvalidKeyIdException {
    try {
        if (!store.containsKey(signedPreKeyId)) {
            throw new InvalidKeyIdException("No such signedprekeyrecord! " + signedPreKeyId);
        }

        return new SignedPreKeyRecord(store.get(signedPreKeyId));
    } catch (IOException e) {
        throw new AssertionError(e);
    }
}