void SessionBuilder::process(const PreKeyBundle &preKey) { if (!identityKeyStore->isTrustedIdentity(recipientId, preKey.getIdentityKey())) { throw UntrustedIdentityException(QString("Untrusted identity: %1").arg(recipientId)); } if (!preKey.getSignedPreKey().serialize().isEmpty() && !Curve::verifySignature(preKey.getSignedPreKey(), preKey.getIdentityKey().getPublicKey().serialize(), preKey.getSignedPreKeySignature())) { qWarning() << preKey.getIdentityKey().getPublicKey().serialize().toHex(); qWarning() << preKey.getSignedPreKey().serialize().toHex(); qWarning() << preKey.getSignedPreKeySignature().toHex(); throw InvalidKeyException("Invalid signature on device key!"); } if (preKey.getSignedPreKey().serialize().isEmpty() && preKey.getPreKey().serialize().isEmpty()) { throw InvalidKeyException("Both signed and unsigned prekeys are absent!"); } bool supportsV3 = !preKey.getSignedPreKey().serialize().isEmpty(); SessionRecord *sessionRecord = sessionStore->loadSession(recipientId, deviceId); ECKeyPair ourBaseKey = Curve::generateKeyPair(); DjbECPublicKey theirSignedPreKey = supportsV3 ? preKey.getSignedPreKey() : preKey.getPreKey(); DjbECPublicKey theirOneTimePreKey = preKey.getPreKey(); int theirOneTimePreKeyId = theirOneTimePreKey.serialize().isEmpty() ? -1 : preKey.getPreKeyId(); AliceAxolotlParameters parameters; parameters.setOurBaseKey(ourBaseKey); parameters.setOurIdentityKey(identityKeyStore->getIdentityKeyPair()); parameters.setTheirIdentityKey(preKey.getIdentityKey()); parameters.setTheirSignedPreKey(theirSignedPreKey); parameters.setTheirRatchetKey(theirSignedPreKey); if (supportsV3) { parameters.setTheirOneTimePreKey(theirOneTimePreKey); } if (!sessionRecord->isFresh()) sessionRecord->archiveCurrentState(); RatchetingSession::initializeSession(sessionRecord->getSessionState(), supportsV3 ? 3 : 2, parameters); sessionRecord->getSessionState()->setUnacknowledgedPreKeyMessage(theirOneTimePreKeyId, preKey.getSignedPreKeyId(), ourBaseKey.getPublicKey()); sessionRecord->getSessionState()->setLocalRegistrationId(identityKeyStore->getLocalRegistrationId()); sessionRecord->getSessionState()->setRemoteRegistrationId(preKey.getRegistrationId()); sessionRecord->getSessionState()->setAliceBaseKey(ourBaseKey.getPublicKey().serialize()); sessionStore->storeSession(recipientId, deviceId, sessionRecord); identityKeyStore->saveIdentity(recipientId, preKey.getIdentityKey()); }
TPElement* OpenSSLRSAPermutation::invert(TPElement * tpEl) { if (!isKeySet()) throw IllegalStateException("keys aren't set"); // If only the public key was set and not the private key - can't do the invert, throw exception. if (privKey == NULL && pubKey != NULL) throw InvalidKeyException("in order to decrypt a message, this object must be initialized with private key"); RSAElement * rsaEl = dynamic_cast<RSAElement *>(tpEl); if (!rsaEl) throw invalid_argument("trapdoor element type doesn't match the trapdoor permutation type"); // gets the pointer for the native object. biginteger elementP = rsaEl->getElement(); // Allocate a new byte array to hold the output. int size = RSA_size(rsa); std::shared_ptr<byte> ret(new byte[size], std::default_delete<byte[]>()); size_t encodedSize = bytesCount(elementP); std::shared_ptr<byte> encodedBi(new byte[encodedSize], std::default_delete<byte[]>()); encodeBigInteger(elementP, encodedBi.get(), encodedSize); string st(encodedBi.get(), encodedBi.get()+encodedSize); // invert the RSA permutation on the given bytes. int sucess = RSA_private_decrypt(encodedSize, encodedBi.get(), ret.get(), rsa, RSA_NO_PADDING); biginteger resValue = decodeBigInteger(ret.get(), size); // creates and initialize a RSAElement with the result. RSAElement * returnEl = new RSAElement(modulus, resValue, false); return returnEl; // return the result TPElement. }
SteadyStateSolver* SteadyStateSolverFactory::New(std::string name, ExecutableModel* m) const { for (SteadyStateSolverRegistrars::const_iterator it(mRegisteredSteadyStateSolvers.begin()); it != mRegisteredSteadyStateSolvers.end(); ++it) { if ((*it)->getName() == name) { return (*it)->construct(m); } } Log(Logger::LOG_ERROR) << "No such SteadyStateSolver '" << name << "'"; throw InvalidKeyException("No such SteadyStateSolver: " + name); }
Transposition::Transposition(const string& key) { if ( !validKey(key) ) throw InvalidKeyException(); _key = key; _cols = key.length(); _rows = 0; }
std::string get(std::string key) { auto res = findKey(key); if (res == _children.end()) { //std::cerr << "GET failure : invalid key\n"; //std::cerr << "dump : \n" << dump(); throw InvalidKeyException(); } KeyValuePair *k = static_cast<KeyValuePair*>(*res); return k->value(); }
KeyExchangeMessage SessionBuilder::processInitiate(QSharedPointer<KeyExchangeMessage> message) { int flags = KeyExchangeMessage::RESPONSE_FLAG; SessionRecord *sessionRecord = sessionStore->loadSession(recipientId, deviceId); if (message->getVersion() >= 3 && !Curve::verifySignature(message->getIdentityKey().getPublicKey(), message->getBaseKey().serialize(), message->getBaseKeySignature())) { throw InvalidKeyException("Bad signature!"); } SymmetricAxolotlParameters parameters; if (!sessionRecord->getSessionState()->hasPendingKeyExchange()) { parameters.setOurIdentityKey(identityKeyStore->getIdentityKeyPair()); parameters.setOurBaseKey(Curve::generateKeyPair()); parameters.setOurRatchetKey(Curve::generateKeyPair()); } else { parameters.setOurIdentityKey(sessionRecord->getSessionState()->getPendingKeyExchangeIdentityKey()); parameters.setOurBaseKey(sessionRecord->getSessionState()->getPendingKeyExchangeBaseKey()); parameters.setOurRatchetKey(sessionRecord->getSessionState()->getPendingKeyExchangeRatchetKey()); flags |= KeyExchangeMessage::SIMULTAENOUS_INITIATE_FLAG; } parameters.setTheirBaseKey(message->getBaseKey()); parameters.setTheirRatchetKey(message->getRatchetKey()); parameters.setTheirIdentityKey(message->getIdentityKey()); if (!sessionRecord->isFresh()) sessionRecord->archiveCurrentState(); RatchetingSession::initializeSession(sessionRecord->getSessionState(), qMin(message->getMaxVersion(), CURRENT_VERSION), parameters); sessionStore->storeSession(recipientId, deviceId, sessionRecord); identityKeyStore->saveIdentity(recipientId, message->getIdentityKey()); QByteArray baseKeySignature = Curve::calculateSignature(parameters.getOurIdentityKey().getPrivateKey(), parameters.getOurBaseKey().getPublicKey().serialize()); return KeyExchangeMessage(sessionRecord->getSessionState()->getSessionVersion(), message->getSequence(), flags, parameters.getOurBaseKey().getPublicKey(), baseKeySignature, parameters.getOurRatchetKey().getPublicKey(), parameters.getOurIdentityKey().getPublicKey()); }
void SessionBuilder::processResponse(QSharedPointer<KeyExchangeMessage> message) { SessionRecord *sessionRecord = sessionStore->loadSession(recipientId, deviceId); SessionState *sessionState = sessionRecord->getSessionState(); bool hasPendingKeyExchange = sessionState->hasPendingKeyExchange(); bool isSimultaneousInitiateResponse = message->isResponseForSimultaneousInitiate(); if (!hasPendingKeyExchange || sessionState->getPendingKeyExchangeSequence() != message->getSequence()) { if (!isSimultaneousInitiateResponse) throw StaleKeyExchangeException(""); else return; } SymmetricAxolotlParameters parameters; parameters.setOurBaseKey(sessionRecord->getSessionState()->getPendingKeyExchangeBaseKey()); parameters.setOurRatchetKey(sessionRecord->getSessionState()->getPendingKeyExchangeRatchetKey()); parameters.setOurIdentityKey(sessionRecord->getSessionState()->getPendingKeyExchangeIdentityKey()); parameters.setTheirBaseKey(message->getBaseKey()); parameters.setTheirRatchetKey(message->getRatchetKey()); parameters.setTheirIdentityKey(message->getIdentityKey()); if (!sessionRecord->isFresh()) sessionRecord->archiveCurrentState(); RatchetingSession::initializeSession(sessionRecord->getSessionState(), qMin(message->getMaxVersion(), CURRENT_VERSION), parameters); if (sessionRecord->getSessionState()->getSessionVersion() >= 3 && !Curve::verifySignature(message->getIdentityKey().getPublicKey(), message->getBaseKey().serialize(), message->getBaseKeySignature())) { throw InvalidKeyException("Base key signature doesn't match!"); } sessionStore->storeSession(recipientId, deviceId, sessionRecord); identityKeyStore->saveIdentity(recipientId, message->getIdentityKey()); }