[omemo] Remove pycrypto methods

omemo/omemo/state.py

@@ -1,498 +1,498 @@
-# -*- coding: utf-8 -*-
+# -*- coding: utf-8 -*-
-#
+#
-# Copyright 2015 Bahtiar `kalkin-` Gadimov <bahtiar@gadimov.de>
+# Copyright 2015 Bahtiar `kalkin-` Gadimov <bahtiar@gadimov.de>
-#
+#
-# This file is part of Gajim-OMEMO plugin.
+# This file is part of Gajim-OMEMO plugin.
-#
+#
-# The Gajim-OMEMO plugin is free software: you can redistribute it and/or modify
+# The Gajim-OMEMO plugin is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by the Free
+# it under the terms of the GNU General Public License as published by the Free
-# Software Foundation, either version 3 of the License, or (at your option) any
+# Software Foundation, either version 3 of the License, or (at your option) any
-# later version.
+# later version.
-#
+#
-# Gajim-OMEMO is distributed in the hope that it will be useful, but WITHOUT ANY
+# Gajim-OMEMO is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+# A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-#
+#
-# You should have received a copy of the GNU General Public License along with
+# You should have received a copy of the GNU General Public License along with
-# the Gajim-OMEMO plugin.  If not, see <http://www.gnu.org/licenses/>.
+# the Gajim-OMEMO plugin.  If not, see <http://www.gnu.org/licenses/>.
-#
+#
-
+
-import logging
+import logging
-import time
+import time
-import os
+import os
-from base64 import b64encode
+from base64 import b64encode
-
+
-from axolotl.ecc.djbec import DjbECPublicKey
+from axolotl.ecc.djbec import DjbECPublicKey
-from axolotl.identitykey import IdentityKey
+from axolotl.identitykey import IdentityKey
-from axolotl.duplicatemessagexception import DuplicateMessageException
+from axolotl.duplicatemessagexception import DuplicateMessageException
-from axolotl.invalidmessageexception import InvalidMessageException
+from axolotl.invalidmessageexception import InvalidMessageException
-from axolotl.invalidversionexception import InvalidVersionException
+from axolotl.invalidversionexception import InvalidVersionException
-from axolotl.untrustedidentityexception import UntrustedIdentityException
+from axolotl.untrustedidentityexception import UntrustedIdentityException
-from axolotl.nosessionexception import NoSessionException
+from axolotl.nosessionexception import NoSessionException
-from axolotl.protocol.prekeywhispermessage import PreKeyWhisperMessage
+from axolotl.protocol.prekeywhispermessage import PreKeyWhisperMessage
-from axolotl.protocol.whispermessage import WhisperMessage
+from axolotl.protocol.whispermessage import WhisperMessage
-from axolotl.sessionbuilder import SessionBuilder
+from axolotl.sessionbuilder import SessionBuilder
-from axolotl.sessioncipher import SessionCipher
+from axolotl.sessioncipher import SessionCipher
-from axolotl.state.prekeybundle import PreKeyBundle
+from axolotl.state.prekeybundle import PreKeyBundle
-from axolotl.util.keyhelper import KeyHelper
+from axolotl.util.keyhelper import KeyHelper
-
+
-from .aes_gcm import NoValidSessions, decrypt, encrypt
+from .aes_gcm import NoValidSessions, decrypt, encrypt
-from .liteaxolotlstore import (LiteAxolotlStore, DEFAULT_PREKEY_AMOUNT,
+from .liteaxolotlstore import (LiteAxolotlStore, DEFAULT_PREKEY_AMOUNT,
-                               MIN_PREKEY_AMOUNT, SPK_CYCLE_TIME,
+                               MIN_PREKEY_AMOUNT, SPK_CYCLE_TIME,
-                               SPK_ARCHIVE_TIME)
+                               SPK_ARCHIVE_TIME)
-
+
-log = logging.getLogger('gajim.plugin_system.omemo')
+log = logging.getLogger('gajim.plugin_system.omemo')
-logAxolotl = logging.getLogger('axolotl')
+logAxolotl = logging.getLogger('axolotl')
-
+
-
+
-UNTRUSTED = 0
+UNTRUSTED = 0
-TRUSTED = 1
+TRUSTED = 1
-UNDECIDED = 2
+UNDECIDED = 2
-
+
-
+
-class OmemoState:
+class OmemoState:
-    def __init__(self, own_jid, db_con, account, xmpp_con):
+    def __init__(self, own_jid, db_con, account, xmpp_con):
-        """ Instantiates an OmemoState object.
+        """ Instantiates an OmemoState object.
-
+
-            :param connection: an :py:class:`sqlite3.Connection`
+            :param connection: an :py:class:`sqlite3.Connection`
-        """
+        """
-        self.account = account
+        self.account = account
-        self.xmpp_con = xmpp_con
+        self.xmpp_con = xmpp_con
-        self.session_ciphers = {}
+        self.session_ciphers = {}
-        self.own_jid = own_jid
+        self.own_jid = own_jid
-        self.device_ids = {}
+        self.device_ids = {}
-        self.own_devices = []
+        self.own_devices = []
-        self.store = LiteAxolotlStore(db_con)
+        self.store = LiteAxolotlStore(db_con)
-        self.encryption = self.store.encryptionStore
+        self.encryption = self.store.encryptionStore
-        for jid, device_id in self.store.getActiveDeviceTuples():
+        for jid, device_id in self.store.getActiveDeviceTuples():
-            if jid != own_jid:
+            if jid != own_jid:
-                self.add_device(jid, device_id)
+                self.add_device(jid, device_id)
-            else:
+            else:
-                self.add_own_device(device_id)
+                self.add_own_device(device_id)
-
+
-        log.info(self.account + ' => Roster devices after boot:' +
+        log.info(self.account + ' => Roster devices after boot:' +
-                 str(self.device_ids))
+                 str(self.device_ids))
-        log.info(self.account + ' => Own devices after boot:' +
+        log.info(self.account + ' => Own devices after boot:' +
-                 str(self.own_devices))
+                 str(self.own_devices))
-        log.debug(self.account + ' => ' +
+        log.debug(self.account + ' => ' +
-                  str(self.store.preKeyStore.getPreKeyCount()) +
+                  str(self.store.preKeyStore.getPreKeyCount()) +
-                  ' PreKeys available')
+                  ' PreKeys available')
-
+
-    def build_session(self, recipient_id, device_id, bundle_dict):
+    def build_session(self, recipient_id, device_id, bundle_dict):
-        sessionBuilder = SessionBuilder(self.store, self.store, self.store,
+        sessionBuilder = SessionBuilder(self.store, self.store, self.store,
-                                        self.store, recipient_id, device_id)
+                                        self.store, recipient_id, device_id)
-
+
-        registration_id = self.store.getLocalRegistrationId()
+        registration_id = self.store.getLocalRegistrationId()
-
+
-        preKeyPublic = DjbECPublicKey(bundle_dict['preKeyPublic'][1:])
+        preKeyPublic = DjbECPublicKey(bundle_dict['preKeyPublic'][1:])
-
+
-        signedPreKeyPublic = DjbECPublicKey(bundle_dict['signedPreKeyPublic'][
+        signedPreKeyPublic = DjbECPublicKey(bundle_dict['signedPreKeyPublic'][
-            1:])
+            1:])
-        identityKey = IdentityKey(DjbECPublicKey(bundle_dict['identityKey'][
+        identityKey = IdentityKey(DjbECPublicKey(bundle_dict['identityKey'][
-            1:]))
+            1:]))
-
+
-        prekey_bundle = PreKeyBundle(
+        prekey_bundle = PreKeyBundle(
-            registration_id, device_id, bundle_dict['preKeyId'], preKeyPublic,
+            registration_id, device_id, bundle_dict['preKeyId'], preKeyPublic,
-            bundle_dict['signedPreKeyId'], signedPreKeyPublic,
+            bundle_dict['signedPreKeyId'], signedPreKeyPublic,
-            bundle_dict['signedPreKeySignature'], identityKey)
+            bundle_dict['signedPreKeySignature'], identityKey)
-
+
-        sessionBuilder.processPreKeyBundle(prekey_bundle)
+        sessionBuilder.processPreKeyBundle(prekey_bundle)
-        return self.get_session_cipher(recipient_id, device_id)
+        return self.get_session_cipher(recipient_id, device_id)
-
+
-    def set_devices(self, name, devices):
+    def set_devices(self, name, devices):
-        """ Return a an.
+        """ Return a an.
-
+
-            Parameters
+            Parameters
-            ----------
+            ----------
-            jid : string
+            jid : string
-                The contacts jid
+                The contacts jid
-
+
-            devices: [int]
+            devices: [int]
-                A list of devices
+                A list of devices
-        """
+        """
-
+
-        self.device_ids[name] = devices
+        self.device_ids[name] = devices
-        log.info(self.account + ' => Saved devices for ' + name)
+        log.info(self.account + ' => Saved devices for ' + name)
-
+
-    def add_device(self, name, device_id):
+    def add_device(self, name, device_id):
-        if name not in self.device_ids:
+        if name not in self.device_ids:
-            self.device_ids[name] = [device_id]
+            self.device_ids[name] = [device_id]
-        elif device_id not in self.device_ids[name]:
+        elif device_id not in self.device_ids[name]:
-            self.device_ids[name].append(device_id)
+            self.device_ids[name].append(device_id)
-
+
-    def set_own_devices(self, devices):
+    def set_own_devices(self, devices):
-        """ Overwrite the current :py:attribute:`OmemoState.own_devices` with
+        """ Overwrite the current :py:attribute:`OmemoState.own_devices` with
-            the given devices.
+            the given devices.
-
+
-            Parameters
+            Parameters
-            ----------
+            ----------
-            devices : [int]
+            devices : [int]
-                A list of device_ids
+                A list of device_ids
-        """
+        """
-        self.own_devices = devices
+        self.own_devices = devices
-        log.info(self.account + ' => Saved own devices')
+        log.info(self.account + ' => Saved own devices')
-
+
-    def add_own_device(self, device_id):
+    def add_own_device(self, device_id):
-        if device_id not in self.own_devices:
+        if device_id not in self.own_devices:
-            self.own_devices.append(device_id)
+            self.own_devices.append(device_id)
-
+
-    @property
+    @property
-    def own_device_id(self):
+    def own_device_id(self):
-        reg_id = self.store.getLocalRegistrationId()
+        reg_id = self.store.getLocalRegistrationId()
-        assert reg_id is not None, \
+        assert reg_id is not None, \
-            "Requested device_id but there is no generated"
+            "Requested device_id but there is no generated"
-
+
-        return ((reg_id % 2147483646) + 1)
+        return ((reg_id % 2147483646) + 1)
-
+
-    def own_device_id_published(self):
+    def own_device_id_published(self):
-        """ Return `True` only if own device id was added via
+        """ Return `True` only if own device id was added via
-            :py:method:`OmemoState.set_own_devices()`.
+            :py:method:`OmemoState.set_own_devices()`.
-        """
+        """
-        return self.own_device_id in self.own_devices
+        return self.own_device_id in self.own_devices
-
+
-    @property
+    @property
-    def bundle(self):
+    def bundle(self):
-        self.checkPreKeyAmount()
+        self.checkPreKeyAmount()
-        prekeys = [
+        prekeys = [
-            (k.getId(), b64encode(k.getKeyPair().getPublicKey().serialize()))
+            (k.getId(), b64encode(k.getKeyPair().getPublicKey().serialize()))
-            for k in self.store.loadPreKeys()
+            for k in self.store.loadPreKeys()
-        ]
+        ]
-
+
-        identityKeyPair = self.store.getIdentityKeyPair()
+        identityKeyPair = self.store.getIdentityKeyPair()
-
+
-        self.cycleSignedPreKey(identityKeyPair)
+        self.cycleSignedPreKey(identityKeyPair)
-
+
-        signedPreKey = self.store.loadSignedPreKey(
+        signedPreKey = self.store.loadSignedPreKey(
-            self.store.getCurrentSignedPreKeyId())
+            self.store.getCurrentSignedPreKeyId())
-
+
-        result = {
+        result = {
-            'signedPreKeyId': signedPreKey.getId(),
+            'signedPreKeyId': signedPreKey.getId(),
-            'signedPreKeyPublic':
+            'signedPreKeyPublic':
-            b64encode(signedPreKey.getKeyPair().getPublicKey().serialize()),
+            b64encode(signedPreKey.getKeyPair().getPublicKey().serialize()),
-            'signedPreKeySignature': b64encode(signedPreKey.getSignature()),
+            'signedPreKeySignature': b64encode(signedPreKey.getSignature()),
-            'identityKey':
+            'identityKey':
-            b64encode(identityKeyPair.getPublicKey().serialize()),
+            b64encode(identityKeyPair.getPublicKey().serialize()),
-            'prekeys': prekeys
+            'prekeys': prekeys
-        }
+        }
-        return result
+        return result
-
+
-    def decrypt_msg(self, msg_dict):
+    def decrypt_msg(self, msg_dict):
-        own_id = self.own_device_id
+        own_id = self.own_device_id
-        if msg_dict['sid'] == own_id:
+        if msg_dict['sid'] == own_id:
-            log.info('Received previously sent message by us')
+            log.info('Received previously sent message by us')
-            return
+            return
-        if own_id not in msg_dict['keys']:
+        if own_id not in msg_dict['keys']:
-            log.warning('OMEMO message does not contain our device key')
+            log.warning('OMEMO message does not contain our device key')
-            return
+            return
-
+
-        iv = msg_dict['iv']
+        iv = msg_dict['iv']
-        sid = msg_dict['sid']
+        sid = msg_dict['sid']
-        sender_jid = msg_dict['sender_jid']
+        sender_jid = msg_dict['sender_jid']
-        payload = msg_dict['payload']
+        payload = msg_dict['payload']
-
+
-        encrypted_key = msg_dict['keys'][own_id]
+        encrypted_key = msg_dict['keys'][own_id]
-
+
-        try:
+        try:
-            key = self.handlePreKeyWhisperMessage(sender_jid, sid,
+            key = self.handlePreKeyWhisperMessage(sender_jid, sid,
-                                                  encrypted_key)
+                                                  encrypted_key)
-        except (InvalidVersionException, InvalidMessageException):
+        except (InvalidVersionException, InvalidMessageException):
-            try:
+            try:
-                key = self.handleWhisperMessage(sender_jid, sid, encrypted_key)
+                key = self.handleWhisperMessage(sender_jid, sid, encrypted_key)
-            except (NoSessionException, InvalidMessageException) as e:
+            except (NoSessionException, InvalidMessageException) as e:
-                log.warning(e)
+                log.warning(e)
-                log.warning('sender_jid =>  ' + str(sender_jid) + ' sid =>' +
+                log.warning('sender_jid =>  ' + str(sender_jid) + ' sid =>' +
-                            str(sid))
+                            str(sid))
-                return
+                return
-            except (DuplicateMessageException) as e:
+            except (DuplicateMessageException) as e:
-                log.warning('Duplicate message found ' + str(e.args))
+                log.warning('Duplicate message found ' + str(e.args))
-                return
+                return
-
+
-        except (DuplicateMessageException) as e:
+        except (DuplicateMessageException) as e:
-            log.warning('Duplicate message found ' + str(e.args))
+            log.warning('Duplicate message found ' + str(e.args))
-            return
+            return
-
+
-        result = decrypt(key, iv, payload)
+        result = decrypt(key, iv, payload)
-
+
-        log.debug("Decrypted Message => " + result)
+        log.debug("Decrypted Message => " + result)
-        return result
+        return result
-
+
-    def create_msg(self, from_jid, jid, plaintext):
+    def create_msg(self, from_jid, jid, plaintext):
-        key = os.urandom(16)
+        key = os.urandom(16)
-        iv = os.urandom(16)
+        iv = os.urandom(16)
-        encrypted_keys = {}
+        encrypted_keys = {}
-
+
-        devices_list = self.device_list_for(jid)
+        devices_list = self.device_list_for(jid)
-        if len(devices_list) == 0:
+        if len(devices_list) == 0:
-            log.error('No known devices')
+            log.error('No known devices')
-            return
+            return
-
+
-        payload, tag = encrypt(key, iv, plaintext)
+        payload, tag = encrypt(key, iv, plaintext)
-
+
-        key += tag
+        key += tag
-
+
-        # Encrypt the message key with for each of receivers devices
+        # Encrypt the message key with for each of receivers devices
-        for device in devices_list:
+        for device in devices_list:
-            try:
+            try:
-                if self.isTrusted(jid, device) == TRUSTED:
+                if self.isTrusted(jid, device) == TRUSTED:
-                    cipher = self.get_session_cipher(jid, device)
+                    cipher = self.get_session_cipher(jid, device)
-                    cipher_key = cipher.encrypt(key)
+                    cipher_key = cipher.encrypt(key)
-                    prekey = isinstance(cipher_key, PreKeyWhisperMessage)
+                    prekey = isinstance(cipher_key, PreKeyWhisperMessage)
-                    encrypted_keys[device] = (cipher_key.serialize(), prekey)
+                    encrypted_keys[device] = (cipher_key.serialize(), prekey)
-                else:
+                else:
-                    log.debug('Skipped Device because Trust is: ' +
+                    log.debug('Skipped Device because Trust is: ' +
-                              str(self.isTrusted(jid, device)))
+                              str(self.isTrusted(jid, device)))
-            except:
+            except:
-                log.warning('Failed to find key for device ' + str(device))
+                log.warning('Failed to find key for device ' + str(device))
-
+
-        if len(encrypted_keys) == 0:
+        if len(encrypted_keys) == 0:
-            log.error('Encrypted keys empty')
+            log.error('Encrypted keys empty')
-            raise NoValidSessions('Encrypted keys empty')
+            raise NoValidSessions('Encrypted keys empty')
-
+
-        my_other_devices = set(self.own_devices) - set({self.own_device_id})
+        my_other_devices = set(self.own_devices) - set({self.own_device_id})
-        # Encrypt the message key with for each of our own devices
+        # Encrypt the message key with for each of our own devices
-        for device in my_other_devices:
+        for device in my_other_devices:
-            try:
+            try:
-                if self.isTrusted(from_jid, device) == TRUSTED:
+                if self.isTrusted(from_jid, device) == TRUSTED:
-                    cipher = self.get_session_cipher(from_jid, device)
+                    cipher = self.get_session_cipher(from_jid, device)
-                    cipher_key = cipher.encrypt(key)
+                    cipher_key = cipher.encrypt(key)
-                    prekey = isinstance(cipher_key, PreKeyWhisperMessage)
+                    prekey = isinstance(cipher_key, PreKeyWhisperMessage)
-                    encrypted_keys[device] = (cipher_key.serialize(), prekey)
+                    encrypted_keys[device] = (cipher_key.serialize(), prekey)
-                else:
+                else:
-                    log.debug('Skipped own Device because Trust is: ' +
+                    log.debug('Skipped own Device because Trust is: ' +
-                              str(self.isTrusted(from_jid, device)))
+                              str(self.isTrusted(from_jid, device)))
-            except:
+            except:
-                log.warning('Failed to find key for device ' + str(device))
+                log.warning('Failed to find key for device ' + str(device))
-
+
-        result = {'sid': self.own_device_id,
+        result = {'sid': self.own_device_id,
-                  'keys': encrypted_keys,
+                  'keys': encrypted_keys,
-                  'jid': jid,
+                  'jid': jid,
-                  'iv': iv,
+                  'iv': iv,
-                  'payload': payload}
+                  'payload': payload}
-
+
-        log.debug('Finished encrypting message')
+        log.debug('Finished encrypting message')
-        return result
+        return result
-
+
-    def create_gc_msg(self, from_jid, jid, plaintext):
+    def create_gc_msg(self, from_jid, jid, plaintext):
-        key = get_random_bytes(16)
+        key = os.urandom(16)
-        iv = get_random_bytes(16)
+        iv = os.urandom(16)
-        encrypted_keys = {}
+        encrypted_keys = {}
-        room = jid
+        room = jid
-        encrypted_jids = []
+        encrypted_jids = []
-
+
-        devices_list = self.device_list_for(jid, True)
+        devices_list = self.device_list_for(jid, True)
-
+
-        if len(devices_list) == 0:
+        if len(devices_list) == 0:
-            log.error('No known devices')
+            log.error('No known devices')
-            return
+            return
-
+
-        payload, tag = encrypt(key, iv, plaintext)
+        payload, tag = encrypt(key, iv, plaintext)
-
+
-        key += tag
+        key += tag
-
+
-        for tup in devices_list:
+        for tup in devices_list:
-            self.get_session_cipher(tup[0], tup[1])
+            self.get_session_cipher(tup[0], tup[1])
-
+
-        # Encrypt the message key with for each of receivers devices
+        # Encrypt the message key with for each of receivers devices
-        for nick in self.xmpp_con.groupchat[room]:
+        for nick in self.xmpp_con.groupchat[room]:
-            jid_to = self.xmpp_con.groupchat[room][nick]
+            jid_to = self.xmpp_con.groupchat[room][nick]
-            if jid_to == self.own_jid:
+            if jid_to == self.own_jid:
-                continue
+                continue
-            if jid_to in encrypted_jids:  # We already encrypted to this JID
+            if jid_to in encrypted_jids:  # We already encrypted to this JID
-                continue
+                continue
-            if jid_to not in self.session_ciphers:
+            if jid_to not in self.session_ciphers:
-                continue
+                continue
-            for rid, cipher in self.session_ciphers[jid_to].items():
+            for rid, cipher in self.session_ciphers[jid_to].items():
-                try:
+                try:
-                    if self.isTrusted(jid_to, rid) == TRUSTED:
+                    if self.isTrusted(jid_to, rid) == TRUSTED:
-                        cipher_key = cipher.encrypt(key)
+                        cipher_key = cipher.encrypt(key)
-                        prekey = isinstance(cipher_key, PreKeyWhisperMessage)
+                        prekey = isinstance(cipher_key, PreKeyWhisperMessage)
-                        encrypted_keys[rid] = (cipher_key.serialize(), prekey)
+                        encrypted_keys[rid] = (cipher_key.serialize(), prekey)
-                    else:
+                    else:
-                        log.debug('Skipped Device because Trust is: ' +
+                        log.debug('Skipped Device because Trust is: ' +
-                                  str(self.isTrusted(jid_to, rid)))
+                                  str(self.isTrusted(jid_to, rid)))
-                except:
+                except:
-                    log.exception('ERROR:')
+                    log.exception('ERROR:')
-                    log.warning('Failed to find key for device ' +
+                    log.warning('Failed to find key for device ' +
-                                str(rid))
+                                str(rid))
-            encrypted_jids.append(jid_to)
+            encrypted_jids.append(jid_to)
-        if len(encrypted_keys) == 0:
+        if len(encrypted_keys) == 0:
-            log_msg = 'Encrypted keys empty'
+            log_msg = 'Encrypted keys empty'
-            log.error(log_msg)
+            log.error(log_msg)
-            raise NoValidSessions(log_msg)
+            raise NoValidSessions(log_msg)
-
+
-        my_other_devices = set(self.own_devices) - set({self.own_device_id})
+        my_other_devices = set(self.own_devices) - set({self.own_device_id})
-        # Encrypt the message key with for each of our own devices
+        # Encrypt the message key with for each of our own devices
-        for dev in my_other_devices:
+        for dev in my_other_devices:
-            try:
+            try:
-                cipher = self.get_session_cipher(from_jid, dev)
+                cipher = self.get_session_cipher(from_jid, dev)
-                if self.isTrusted(from_jid, dev) == TRUSTED:
+                if self.isTrusted(from_jid, dev) == TRUSTED:
-                    cipher_key = cipher.encrypt(key)
+                    cipher_key = cipher.encrypt(key)
-                    prekey = isinstance(cipher_key, PreKeyWhisperMessage)
+                    prekey = isinstance(cipher_key, PreKeyWhisperMessage)
-                    encrypted_keys[dev] = (cipher_key.serialize(), prekey)
+                    encrypted_keys[dev] = (cipher_key.serialize(), prekey)
-                else:
+                else:
-                    log.debug('Skipped own Device because Trust is: ' +
+                    log.debug('Skipped own Device because Trust is: ' +
-                              str(self.isTrusted(from_jid, dev)))
+                              str(self.isTrusted(from_jid, dev)))
-            except:
+            except:
-                log.exception('ERROR:')
+                log.exception('ERROR:')
-                log.warning('Failed to find key for device ' + str(dev))
+                log.warning('Failed to find key for device ' + str(dev))
-
+
-        result = {'sid': self.own_device_id,
+        result = {'sid': self.own_device_id,
-                  'keys': encrypted_keys,
+                  'keys': encrypted_keys,
-                  'jid': jid,
+                  'jid': jid,
-                  'iv': iv,
+                  'iv': iv,
-                  'payload': payload}
+                  'payload': payload}
-
+
-        log.debug('Finished encrypting message')
+        log.debug('Finished encrypting message')
-        return result
+        return result
-
+
-    def device_list_for(self, jid, gc=False):
+    def device_list_for(self, jid, gc=False):
-        """ Return a list of known device ids for the specified jid.
+        """ Return a list of known device ids for the specified jid.
-            Parameters
+            Parameters
-            ----------
+            ----------
-            jid : string
+            jid : string
-                The contacts jid
+                The contacts jid
-            gc : bool
+            gc : bool
-                Groupchat Message
+                Groupchat Message
-        """
+        """
-        if gc:
+        if gc:
-            room = jid
+            room = jid
-            devicelist = []
+            devicelist = []
-            for nick in self.xmpp_con.groupchat[room]:
+            for nick in self.xmpp_con.groupchat[room]:
-                jid_to = self.xmpp_con.groupchat[room][nick]
+                jid_to = self.xmpp_con.groupchat[room][nick]
-                if jid_to == self.own_jid:
+                if jid_to == self.own_jid:
-                    continue
+                    continue
-                try:
+                try:
-                    for device in self.device_ids[jid_to]:
+                    for device in self.device_ids[jid_to]:
-                        devicelist.append((jid_to, device))
+                        devicelist.append((jid_to, device))
-                except KeyError:
+                except KeyError:
-                    log.warning('no device ids found for %s', jid_to)
+                    log.warning('no device ids found for %s', jid_to)
-                    continue
+                    continue
-            return devicelist
+            return devicelist
-
+
-        if jid == self.own_jid:
+        if jid == self.own_jid:
-            return set(self.own_devices) - set({self.own_device_id})
+            return set(self.own_devices) - set({self.own_device_id})
-        if jid not in self.device_ids:
+        if jid not in self.device_ids:
-            return set()
+            return set()
-        return set(self.device_ids[jid])
+        return set(self.device_ids[jid])
-
+
-    def isTrusted(self, recipient_id, device_id):
+    def isTrusted(self, recipient_id, device_id):
-        record = self.store.loadSession(recipient_id, device_id)
+        record = self.store.loadSession(recipient_id, device_id)
-        identity_key = record.getSessionState().getRemoteIdentityKey()
+        identity_key = record.getSessionState().getRemoteIdentityKey()
-        return self.store.isTrustedIdentity(recipient_id, identity_key)
+        return self.store.isTrustedIdentity(recipient_id, identity_key)
-
+
-    def getTrustedFingerprints(self, recipient_id):
+    def getTrustedFingerprints(self, recipient_id):
-        inactive = self.store.getInactiveSessionsKeys(recipient_id)
+        inactive = self.store.getInactiveSessionsKeys(recipient_id)
-        trusted = self.store.getTrustedFingerprints(recipient_id)
+        trusted = self.store.getTrustedFingerprints(recipient_id)
-        trusted = set(trusted) - set(inactive)
+        trusted = set(trusted) - set(inactive)
-
+
-        return trusted
+        return trusted
-
+
-    def getUndecidedFingerprints(self, recipient_id):
+    def getUndecidedFingerprints(self, recipient_id):
-        inactive = self.store.getInactiveSessionsKeys(recipient_id)
+        inactive = self.store.getInactiveSessionsKeys(recipient_id)
-        undecided = self.store.getUndecidedFingerprints(recipient_id)
+        undecided = self.store.getUndecidedFingerprints(recipient_id)
-        undecided = set(undecided) - set(inactive)
+        undecided = set(undecided) - set(inactive)
-
+
-        return undecided
+        return undecided
-
+
-    def devices_without_sessions(self, jid):
+    def devices_without_sessions(self, jid):
-        """ List device_ids for the given jid which have no axolotl session.
+        """ List device_ids for the given jid which have no axolotl session.
-
+
-            Parameters
+            Parameters
-            ----------
+            ----------
-            jid : string
+            jid : string
-                The contacts jid
+                The contacts jid
-
+
-            Returns
+            Returns
-            -------
+            -------
-            [int]
+            [int]
-                A list of device_ids
+                A list of device_ids
-        """
+        """
-        known_devices = self.device_list_for(jid)
+        known_devices = self.device_list_for(jid)
-        missing_devices = [dev
+        missing_devices = [dev
-                           for dev in known_devices
+                           for dev in known_devices
-                           if not self.store.containsSession(jid, dev)]
+                           if not self.store.containsSession(jid, dev)]
-        if missing_devices:
+        if missing_devices:
-            log.info(self.account + ' => Missing device sessions for ' +
+            log.info(self.account + ' => Missing device sessions for ' +
-                     jid + ': ' + str(missing_devices))
+                     jid + ': ' + str(missing_devices))
-        return missing_devices
+        return missing_devices
-
+
-    def get_session_cipher(self, jid, device_id):
+    def get_session_cipher(self, jid, device_id):
-        if jid not in self.session_ciphers:
+        if jid not in self.session_ciphers:
-            self.session_ciphers[jid] = {}
+            self.session_ciphers[jid] = {}
-
+
-        if device_id not in self.session_ciphers[jid]:
+        if device_id not in self.session_ciphers[jid]:
-            cipher = SessionCipher(self.store, self.store, self.store,
+            cipher = SessionCipher(self.store, self.store, self.store,
-                                   self.store, jid, device_id)
+                                   self.store, jid, device_id)
-            self.session_ciphers[jid][device_id] = cipher
+            self.session_ciphers[jid][device_id] = cipher
-
+
-        return self.session_ciphers[jid][device_id]
+        return self.session_ciphers[jid][device_id]
-
+
-    def handlePreKeyWhisperMessage(self, recipient_id, device_id, key):
+    def handlePreKeyWhisperMessage(self, recipient_id, device_id, key):
-        preKeyWhisperMessage = PreKeyWhisperMessage(serialized=key)
+        preKeyWhisperMessage = PreKeyWhisperMessage(serialized=key)
-        if not preKeyWhisperMessage.getPreKeyId():
+        if not preKeyWhisperMessage.getPreKeyId():
-            raise Exception("Received PreKeyWhisperMessage without PreKey =>" +
+            raise Exception("Received PreKeyWhisperMessage without PreKey =>" +
-                            recipient_id)
+                            recipient_id)
-        sessionCipher = self.get_session_cipher(recipient_id, device_id)
+        sessionCipher = self.get_session_cipher(recipient_id, device_id)
-        try:
+        try:
-            log.debug(self.account +
+            log.debug(self.account +
-                      " => Received PreKeyWhisperMessage from " +
+                      " => Received PreKeyWhisperMessage from " +
-                      recipient_id)
+                      recipient_id)
-            key = sessionCipher.decryptPkmsg(preKeyWhisperMessage)
+            key = sessionCipher.decryptPkmsg(preKeyWhisperMessage)
-            # Publish new bundle after PreKey has been used
+            # Publish new bundle after PreKey has been used
-            # for building a new Session
+            # for building a new Session
-            self.xmpp_con.publish_bundle()
+            self.xmpp_con.publish_bundle()
-            self.add_device(recipient_id, device_id)
+            self.add_device(recipient_id, device_id)
-            return key
+            return key
-        except UntrustedIdentityException as e:
+        except UntrustedIdentityException as e:
-            log.info(self.account + " => Received WhisperMessage " +
+            log.info(self.account + " => Received WhisperMessage " +
-                     "from Untrusted Fingerprint! => " + e.getName())
+                     "from Untrusted Fingerprint! => " + e.getName())
-
+
-    def handleWhisperMessage(self, recipient_id, device_id, key):
+    def handleWhisperMessage(self, recipient_id, device_id, key):
-        whisperMessage = WhisperMessage(serialized=key)
+        whisperMessage = WhisperMessage(serialized=key)
-        log.debug(self.account + " => Received WhisperMessage from " +
+        log.debug(self.account + " => Received WhisperMessage from " +
-                  recipient_id)
+                  recipient_id)
-        if self.isTrusted(recipient_id, device_id):
+        if self.isTrusted(recipient_id, device_id):
-            sessionCipher = self.get_session_cipher(recipient_id, device_id)
+            sessionCipher = self.get_session_cipher(recipient_id, device_id)
-            key = sessionCipher.decryptMsg(whisperMessage, textMsg=False)
+            key = sessionCipher.decryptMsg(whisperMessage, textMsg=False)
-            self.add_device(recipient_id, device_id)
+            self.add_device(recipient_id, device_id)
-            return key
+            return key
-        else:
+        else:
-            raise Exception("Received WhisperMessage "
+            raise Exception("Received WhisperMessage "
-                            "from Untrusted Fingerprint! => " + recipient_id)
+                            "from Untrusted Fingerprint! => " + recipient_id)
-
+
-    def checkPreKeyAmount(self):
+    def checkPreKeyAmount(self):
-        # Check if enough PreKeys are available
+        # Check if enough PreKeys are available
-        preKeyCount = self.store.preKeyStore.getPreKeyCount()
+        preKeyCount = self.store.preKeyStore.getPreKeyCount()
-        if preKeyCount < MIN_PREKEY_AMOUNT:
+        if preKeyCount < MIN_PREKEY_AMOUNT:
-            newKeys = DEFAULT_PREKEY_AMOUNT - preKeyCount
+            newKeys = DEFAULT_PREKEY_AMOUNT - preKeyCount
-            self.store.preKeyStore.generateNewPreKeys(newKeys)
+            self.store.preKeyStore.generateNewPreKeys(newKeys)
-            log.info(self.account + ' => ' + str(newKeys) +
+            log.info(self.account + ' => ' + str(newKeys) +
-                     ' PreKeys created')
+                     ' PreKeys created')
-
+
-    def cycleSignedPreKey(self, identityKeyPair):
+    def cycleSignedPreKey(self, identityKeyPair):
-        # Publish every SPK_CYCLE_TIME a new SignedPreKey
+        # Publish every SPK_CYCLE_TIME a new SignedPreKey
-        # Delete all exsiting SignedPreKeys that are older
+        # Delete all exsiting SignedPreKeys that are older
-        # then SPK_ARCHIVE_TIME
+        # then SPK_ARCHIVE_TIME
-
+
-        # Check if SignedPreKey exist and create if not
+        # Check if SignedPreKey exist and create if not
-        if not self.store.getCurrentSignedPreKeyId():
+        if not self.store.getCurrentSignedPreKeyId():
-            signedPreKey = KeyHelper.generateSignedPreKey(
+            signedPreKey = KeyHelper.generateSignedPreKey(
-                identityKeyPair, self.store.getNextSignedPreKeyId())
+                identityKeyPair, self.store.getNextSignedPreKeyId())
-            self.store.storeSignedPreKey(signedPreKey.getId(), signedPreKey)
+            self.store.storeSignedPreKey(signedPreKey.getId(), signedPreKey)
-            log.debug(self.account +
+            log.debug(self.account +
-                      ' => New SignedPreKey created, because none existed')
+                      ' => New SignedPreKey created, because none existed')
-
+
-        # if SPK_CYCLE_TIME is reached, generate a new SignedPreKey
+        # if SPK_CYCLE_TIME is reached, generate a new SignedPreKey
-        now = int(time.time())
+        now = int(time.time())
-        timestamp = self.store.getSignedPreKeyTimestamp(
+        timestamp = self.store.getSignedPreKeyTimestamp(
-            self.store.getCurrentSignedPreKeyId())
+            self.store.getCurrentSignedPreKeyId())
-
+
-        if int(timestamp) < now - SPK_CYCLE_TIME:
+        if int(timestamp) < now - SPK_CYCLE_TIME:
-            signedPreKey = KeyHelper.generateSignedPreKey(
+            signedPreKey = KeyHelper.generateSignedPreKey(
-                identityKeyPair, self.store.getNextSignedPreKeyId())
+                identityKeyPair, self.store.getNextSignedPreKeyId())
-            self.store.storeSignedPreKey(signedPreKey.getId(), signedPreKey)
+            self.store.storeSignedPreKey(signedPreKey.getId(), signedPreKey)
-            log.debug(self.account + ' => Cycled SignedPreKey')
+            log.debug(self.account + ' => Cycled SignedPreKey')
-
+
-        # Delete all SignedPreKeys that are older than SPK_ARCHIVE_TIME
+        # Delete all SignedPreKeys that are older than SPK_ARCHIVE_TIME
-        timestamp = now - SPK_ARCHIVE_TIME
+        timestamp = now - SPK_ARCHIVE_TIME
-        self.store.removeOldSignedPreKeys(timestamp)
+        self.store.removeOldSignedPreKeys(timestamp)