AnsweredAssumed Answered

Smack OMEMO UndecidedOmemoIdentityException#getUntrustedDevices returns only undecidedOmemoIdentity

Question asked by cmeng on Jul 11, 2017
Latest reply on Jul 13, 2017 by cmeng

Smack Omemo handling of the "UNSTRUSTED" omemoDevices are transparent to the application when sending OMEMO encrypted messages. In muc or single user chat, omemoManager just encrypted and send the the message without the embedding the untrusted </key rid> for decryption. No UndecidedOmemoIdentityException is being thrown. The method getUntrustedDevices() returns only devices that are undecided but not the untrusted.

 

In a single user chat, when there is only one untrusted device, user may not aware that the omemo messages although are being sent but to unreachable destination.

aTalk currently implements a local check for unTrusted device to alert user of this case in single user chat and muc. Just uploaded aTalk released version 0.8.3.

 

/**
* Check to see if all muc recipients are verified or trusted
*
* @param multiUserChat
* MultiUserChat
* @return return <tt>true</tt> if all muc recipients are verified or trusted. Otherwise
* <tt>false</tt>
*/
private boolean isAllTrusted(MultiUserChat multiUserChat)
{
   boolean allTrusted = true;
   OmemoFingerprint fingerPrint;
   BareJid recipient;

   for (EntityFullJid e : multiUserChat.getOccupants()) {
   recipient = multiUserChat.getOccupant(e).getJid().asBareJid();
   CachedDeviceList theirDevices
   = mOmemoStore.loadCachedDeviceList(mOmemoManager, recipient);
   for (int id : theirDevices.getActiveDevices()) {
   OmemoDevice recipientDevice = new OmemoDevice(recipient, id);
   try {
   fingerPrint = mOmemoManager.getFingerprint(recipientDevice);
   allTrusted = mOmemoManager.isTrustedOmemoIdentity(recipientDevice, fingerPrint)
   && allTrusted;
   }
   catch (CannotEstablishOmemoSessionException e1) {
   logger.warn("AllTrusted check exception: " + e1.getMessage());
   }
  }
  }
   return allTrusted;
}

 

May be smack Omemo would consider to include the unTrusted devices in UndecidedOmemoIdentityException#getUntrustedDevices().

 

========= OMEMO encrypted chat message to untrusted device =================

07-11 14:54:31.432 D/SMACK: SENT (0): <message to='swan@atalk.org' id='sTTpC-283' type='chat'><body>I sent you an OMEMO encrypted message but your client doesn’t seem to support that. Find more information on https://conversations.im/omemo</body><thread>a922d234-89c8-491b-b665-969f064050e8</thread><encrypted xmlns='eu.siacs.conversations.axolotl'><header sid='1011347036'><iv>FudDR5iu+XgFvFvgR2XzOA==</iv></header><payload>SZs=</paylo ad></encrypted><store xmlns='urn:xmpp:hints'/><encryption xmlns='urn:xmpp:eme:0' namespace='eu.siacs.conversations.axolotl' name='OMEMO'/></message><r xmlns='urn:xmpp:sm:3'/>

 

========= OMEMO encrypted MUC message to ntrusted device =================

07-12 09:44:46.471 D/SMACK: SENT (1): <message to='chatroom@conference.atalk.org' id='Y78BR-281' type='groupchat'><body>I sent you an OMEMO encrypted message but your client doesn’t seem to support that. Find more information on https://conversations.im/omemo</body><encrypted xmlns='eu.siacs.conversations.axolotl'><header sid='1011347036'><key rid='1796289951'>MwohBahtoHlbzwR7oy0flhpXOMGULr8t+/visw5W1xAlerV1EAEYBCIwVxoJ0w xZbI7QbKzMuYPpuLkXia0c4AAGcXpfQqGWB9w1U6tD5tGe5L3s5iBIcf/H7o9igDVg1EQ=</key><iv> 9wHU010d+g9XSvmOTQWqrw==</iv></header><payload>rbLiavI=</payload></encrypted><st ore xmlns='urn:xmpp:hints'/><encryption xmlns='urn:xmpp:eme:0' namespace='eu.siacs.conversations.axolotl' name='OMEMO'/></message><r xmlns='urn:xmpp:sm:3'/>

Outcomes