Commit 8eb87121 authored by johan's avatar johan

Proper management of max sending chain

- test still failing due to server connection issue not fixed yet
parent 4a3b5f1e
......@@ -129,7 +129,7 @@ namespace lime {
template <typename Curve>
void Lime<Curve>::encrypt(std::shared_ptr<const std::string> recipientUserId, std::shared_ptr<std::vector<recipientData>> recipients, std::shared_ptr<const std::vector<uint8_t>> plainMessage, std::shared_ptr<std::vector<uint8_t>> cipherMessage, const limeCallback &callback) {
bctbx_debug("encrypt from %s to %ld recipients", m_selfDeviceId.data(), recipients->size());
/* Check if we have all the Double Ratcher sessions ready or shall we go for an X3DH */
/* Check if we have all the Double Ratchet sessions ready or shall we go for an X3DH */
std::vector<std::string> missingPeers; /* vector of userId(GRUU) which are requested to perform X3DH before the encryption can occurs */
/* Create the appropriate recipient infos and fill it with sessions found in cache */
......@@ -137,7 +137,12 @@ namespace lime {
for (auto &recipient : *recipients) {
auto sessionElem = m_DR_sessions_cache.find(recipient.deviceId);
if (sessionElem != m_DR_sessions_cache.end()) { // session is in cache
internal_recipients.emplace_back(recipient.deviceId, sessionElem->second);
if (sessionElem->second->isActive()) { // the session in cache is active
internal_recipients.emplace_back(recipient.deviceId, sessionElem->second);
} else { // session in cache is not active(may append if last encryption reach sending chain symmetric ratchet usage)
internal_recipients.emplace_back(recipient.deviceId);
m_DR_sessions_cache.erase(recipient.deviceId); // remove unactive session from cache
}
} else { // session is not in cache, just create it and the session ptr will be a nullptr
internal_recipients.emplace_back(recipient.deviceId);
}
......
......@@ -332,6 +332,9 @@ namespace lime {
ciphertext.resize(ciphertext.size()+plaintext.size()+lime::settings::DRMessageAuthTagSize);
if (encrypt(MK, plaintext, headerSize, AD, ciphertext)) {
if (m_Ns >= lime::settings::maxSendingChain) { // if we reached maximum encryption wuthout DH ratchet step, session becomes inactive
m_active_status = false;
}
if (session_save() == true) {
m_dirty = DRSessionDbStatus::clean; // this session and local storage are back in sync
}
......
......@@ -102,6 +102,7 @@ namespace lime {
void ratchetEncrypt(const std::array<uint8_t, 48> &plaintext, std::vector<uint8_t> &&AD, std::vector<uint8_t> &ciphertext);
bool ratchetDecrypt(const std::vector<uint8_t> &cipherText, const std::vector<uint8_t> &AD, std::array<uint8_t, 48> &plaintext);
long int dbSessionId(void) const {return m_dbSessionId;}; // retrieve the session's local storage id
bool isActive(void) const {return m_active_status;} // return the current status of session
};
......
......@@ -299,7 +299,7 @@ bool DR<DHKey>::session_save() {
{
blob CKs(m_localStorage->sql);
CKs.write(0, (char *)(m_CKs.data()), m_CKs.size());
m_localStorage->sql<<"UPDATE DR_sessions SET Ns= :Ns, CKs= :CKs WHERE sessionId = :sessionId;", use(m_Ns), use(CKs), use(m_dbSessionId);
m_localStorage->sql<<"UPDATE DR_sessions SET Ns= :Ns, CKs= :CKs, Status = :active_status WHERE sessionId = :sessionId;", use(m_Ns), use(CKs), use((m_active_status==true)?0x01:0x00), use(m_dbSessionId);
}
break;
case DRSessionDbStatus::clean: // Session is clean? So why have we been called?
......
......@@ -215,6 +215,9 @@ static void x3dh_sending_chain_limit_test(const lime::CurveId curve, const std::
return; // no reason to continue the test
}
// destroy and reload the Managers(tests everything is correctly saved/load from local Storage)
if (!continuousSession) { managersClean (aliceManager, bobManager, dbFilenameAlice, dbFilenameBob);}
try {
// alice encrypt, we are over the maximum number, so Alice shall fetch a new key on server and start a new session
aliceMessage->assign(lime_messages_pattern[0].begin(), lime_messages_pattern[0].end());
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment