jdev - 2020-05-03

  1. alexis has left

  2. alexis has joined

  3. SouL has left

  4. larma has left

  5. larma has joined

  6. aj has joined

  7. aj has left

  8. alexis has left

  9. debacle has left

  10. alexis has joined

  11. sonny has left

  12. sonny has joined

  13. alexis has left

  14. sonny has left

  15. sonny has joined

  16. alexis has joined

  17. sonny has left

  18. sonny has joined

  19. sonny has left

  20. sonny has joined

  21. alexis has left

  22. alexis has joined

  23. sonny has left

  24. sonny has joined

  25. sonny has left

  26. sonny has joined

  27. sonny has left

  28. sonny has joined

  29. sonny has left

  30. sonny has joined

  31. SouL has joined

  32. DebXWoody has joined

  33. goffi has left

  34. paul has joined

  35. lovetox has joined

  36. lovetox has left

  37. sonny has left

  38. sonny has joined

  39. adrien has left

  40. alexis has left

  41. alexis has joined

  42. sonny has left

  43. sonny has joined

  44. adrien has joined

  45. Marc has joined

  46. lovetox has joined

  47. Marc has left

  48. Marc has joined

  49. pulkomandy has left

  50. pulkomandy has joined

  51. pulkomandy has left

  52. asterix has joined

  53. pulkomandy has joined

  54. Yagizа has joined

  55. DebXWoody has left

  56. Yagizа


  57. jonas’

    welcome back :)

  58. DebXWoody has joined

  59. Yagizа

    jonas’, (^_^)

  60. jonas’

    Yagizа, if there are still people in the old jdev@, can you make sure that they know about new-jdev? I can’t even join there because the server uses outdated SSL settings :/

  61. Yagizа

    jonas’, ok, I'll post a message there.

  62. Yagizа

    Can anyone here help me figure out the implementation of the latest version of OMEMO?

  63. jonas’

    I’m sure someone can

  64. jonas’

    some of the folks involved in working on new-OMEMO are right here

  65. Yagizа

    jonas’, sounds encouraging.

  66. Yagizа

    jonas’, just noticed that information about moving to this room is in that room's subject.

  67. jonas’

    Yagizа, ah, so that’s still there, very good

  68. pulkomandy has left

  69. Yagizа

    jonas’, the only problem is that it is not an XMPP URI.

  70. pulkomandy has joined

  71. Yagizа

    jonas’, do you mean someone here have a client with new OMEMO implementation?

  72. jonas’

    Yagizа, what is your specific question?

  73. pulkomandy has left

  74. Yagizа

    jonas’, first of all, I want to clarify section 4.2

  75. jonas’

    Yagizа, if there are questions about the standard itself, the mailing list would indeed be best I guess

  76. Yagizа

    jonas’, the question is about upgrading from old version of OMEMO to a new one.

  77. Yagizа

    jonas’, this part is too complicated for me:
XEdDSA OMEMO does not mandate the usage of XEdDSA [10] with X3DH [9] for the IdentityKey. Instead, there are three simple rules that implementations MUST follow: Implementations must use the birational map between the curves Curve25519 and Ed25519 to convert the public part of the IdentityKey whenever required, as defined in RFC 7748 [11] (on page 5). Implementations must be able to perform X25519 (ECDH on Curve25519) using the IdentityKey. Implementations must be able to create EdDSA-compatible signatures on the curve Ed25519 using the IdentityKey. There are essentially two ways in which libraries can fulfill these requirements: Libraries can use a Curve25519 key pair as their internal IdentityKey. In this case, the IdentityKey can be used for X25519 directly, and XEdDSA has to be used to produce EdDSA-compatible signatures. Note that libsignal by default does NOT use XEdDSA. libsignal includes XEdDSA though and has to be modified to use that to be compatible with OMEMO. Libraries can use an Ed25519 key pair as their internal IdentityKey. In this case, the IdentityKey can create EdDSA-compatible signatures directly, and has to be converted first to perform X25519.

  78. jonas’

    yeah, I suppose this type of complex questions is better suited for the ML then

  79. pulkomandy has joined

  80. goffi has joined

  81. Yagizа

    jonas’, ok. I'll post it there. But anyway, I hope someone will also reply here.

  82. lovetox

    Yagizа, how many people use your omemo impl

  83. lovetox

    when i remember correctly its not that old

  84. lovetox

    you may consider not trying to stay backwards compatibel

  85. Yagizа

    lovetox, I suppose right now no clients have new version of OMEMO implementation.

  86. Yagizа

    lovetox, so, I can't even test if my implementation is correct.

  87. Yagizа

    lovetox, it is absolutely incompatible with old version, so it's impossible to keep backwards compatibility at all. All I can do it make both versions supported at the same time.

  88. lovetox

    yes protocol wise its incompatible

  89. Yagizа

    lovetox, but I don't care bout it right now. Right now I just want correctly implement new version.

  90. lovetox

    but this part you posted is about the encryption keys

  91. lovetox

    and they should be compatibel with the old version

  92. lovetox

    means you can keep your secret keys

  93. Yagizа

    lovetox, in old version just Signal Protocol was used. But new version do not mention Signal Protocol. It says something about XEdDSA.

  94. Yagizа

    lovetox, it says that if I'm using libsignal-protocol, I have to modify it to use XEdDSA to be compatible with OMEMO.

  95. Yagizа

    lovetox, but I have no idea what I need to modify and how.

  96. lovetox

    yes you need to ave a good understanding of the crypto now to implement the new omemo, or you wait until someone writes a lib for you in your language

  97. Yagizа

    lovetox, so, it's impossible just tell in a few words how can I use xeddsa.c/h together with libsignal-protocol-c to make it compatible with new version of OMEMO?

  98. lovetox

    no im not saying that, i have no clue about it

  99. Yagizа

    lovetox, ah, ok

  100. lovetox

    if you have that question, either wait here, or write to the list

  101. lovetox

    larma, and Syndace probably can help you ^

  102. Yagizа

    lovetox, let's wait for their answer.

  103. flow

    Yagizа, I think this is telling in a few words how you can use it

  104. larma

    Yagizа: https://github.com/dino/libomemo-c

  105. Yagizа

    flow, this?

  106. Yagizа

    larma, ok, thank you. Investigating it.

  107. Syndace

    Yagizа: Section 4 is for people who want to write new OMEMO libraries. The rest is for people who want to use existing OMEMO libraries. Basically. So 4 is very technical and crypto-heavy.

  108. Syndace

    Yagizа: We aim to provide OMEMO libraries for C (what larma linked), Java, JavaScript and Python at some point. Also note that the spec is still moving, a rather large PR is currently being worked on.

  109. kikuchiyo has left

  110. Alex has left

  111. Alex has joined

  112. Yagizа

    Syndace, larma , so, instead of using original libsignal-protocol-c, I just have to switch to libomemo-c?

  113. larma

    And set protocol version to 4 when working with session/cipher builder

  114. larma

    Like `session_builder_set_version(builder, 4);`

  115. Yagizа

    larma, ok, thanx.

  116. larma

    There is a test for it at https://github.com/dino/libomemo-c/blob/omemo/tests/test_session_builder.c#L492

  117. larma

    Yagizа: note however that the planned changes for the next iteration of omemo will not be fully compatible (although I think they can be rolled out backwards compatible)

  118. adrien has left

  119. Yagizа

    larma, thanx. Anyway, I hope upgrade from 0.3 to 0.5 will leave less work, when I'll upgrade it to the next version.

  120. larma

    Yeah, I guess so

  121. pulkomandy has left

  122. pulkomandy has joined

  123. debacle has joined

  124. debacle has left

  125. debacle has joined

  126. pulkomandy has left

  127. pulkomandy has joined

  128. lovetox has left

  129. Martin has left

  130. Martin has joined

  131. sonny has left

  132. sonny has joined

  133. sonny has left

  134. sonny has joined

  135. sonny has left

  136. sonny has joined

  137. Yagizа has left

  138. Yagizа has joined

  139. pulkomandy has left

  140. pulkomandy has joined

  141. Marc has left

  142. Marc has joined

  143. pulkomandy has left

  144. pulkomandy has joined

  145. lovetox has joined

  146. pulkomandy has left

  147. pulkomandy has joined

  148. DebXWoody has left

  149. pulkomandy has left

  150. pulkomandy has joined

  151. adrien has joined

  152. DebXWoody has joined

  153. adrien has left

  154. pulkomandy has left

  155. pulkomandy has joined

  156. adrien has joined

  157. pulkomandy has left

  158. adrien has left

  159. pulkomandy has joined

  160. adrien has joined

  161. pulkomandy has left

  162. pulkomandy has joined

  163. adrien has left

  164. adrien has joined

  165. Zash has left

  166. Zash has joined

  167. pulkomandy has left

  168. pulkomandy has joined

  169. pulkomandy has left

  170. pulkomandy has joined

  171. pulkomandy has left

  172. pulkomandy has joined

  173. pulkomandy has left

  174. Marc has left

  175. Marc has joined

  176. kikuchiyo has joined

  177. pulkomandy has joined

  178. pulkomandy has left

  179. pulkomandy has joined

  180. debacle has left

  181. alexis has left

  182. alexis has joined

  183. pulkomandy has left

  184. rion has left

  185. rion has joined

  186. pulkomandy has joined

  187. pulkomandy has left

  188. sonny has left

  189. sonny has joined

  190. sonny has left

  191. pulkomandy has joined

  192. lovetox has left

  193. pulkomandy has left

  194. pulkomandy has joined

  195. paul has left

  196. paul has joined

  197. adrien has left

  198. pulkomandy has left

  199. pulkomandy has joined

  200. lovetox has joined

  201. pulkomandy has left

  202. pulkomandy has joined

  203. sonny has joined

  204. adrien has joined

  205. pulkomandy has left

  206. pulkomandy has joined

  207. pulkomandy has left

  208. pulkomandy has joined

  209. debacle has joined

  210. pulkomandy has left

  211. sonny has left

  212. sonny has joined

  213. Marc has left

  214. Marc has joined

  215. adrien has left

  216. adrien has joined

  217. pulkomandy has joined

  218. Marc has left

  219. Marc has joined

  220. sonny has left

  221. sonny has joined

  222. sonny has left

  223. sonny has joined

  224. sonny has left

  225. sonny has joined

  226. sonny has left

  227. sonny has joined

  228. sonny has left

  229. sonny has joined

  230. strar has left

  231. edhelas has left

  232. edhelas has joined

  233. pulkomandy has left

  234. pulkomandy has joined

  235. Marc has left

  236. Marc has joined

  237. kikuchiyo has left

  238. kikuchiyo has joined

  239. strar has joined

  240. sonny has left

  241. sonny has joined

  242. pulkomandy has left

  243. pulkomandy has joined

  244. lovetox has left

  245. rion has left

  246. rion has joined

  247. pulkomandy has left

  248. pulkomandy has joined

  249. lovetox has joined

  250. pulkomandy has left

  251. lovetox has left

  252. lovetox has joined

  253. pulkomandy has joined

  254. pulkomandy has left

  255. pulkomandy has joined

  256. rion has left

  257. rion has joined

  258. strar has left

  259. Yagizа

    larma, do I have to execute session_cipher_set_version() as well?

  260. larma

    depends on how you use the lib, but usually yes

  261. larma

    it never hurts to do so if you don't run in a mixed environment (where you use both old omemo and omemo:1 at the same time)

  262. pulkomandy has left

  263. Yagizа

    larma, ok. So, I can use *_set_version(..., 3) to use encryption protocols compatible with old versions of OMEMO?

  264. strar has joined

  265. larma

    old omemo uses versions 2 and 3 (though practically you only see 3). If you want to use old omemo, just do not set version on the corresponding builder/cipher at all, it will then select automatically 2 or 3.

  266. Yagizа

    larma, ok, thanx.

  267. pulkomandy has joined

  268. ralphm has left

  269. ralphm has joined

  270. Yagizа

    larma, and what abut signal_protocol_session_load_session()? Its 'version' parameter is required.

  271. larma

    why do you need to call it directly?

  272. larma

    IIRC, `signal_protocol_session_load_session()` creates a new session with specified version when it doesn't exist yet. if it already exists, the version parameter is ignored

  273. Yagizа

    larma, so, it doesn't matter which version I'll specify, if I use it only for loading existing session, not for creating a new session?

  274. larma


  275. larma

    default to 2 if unsure

  276. larma

    (which is the lowest supported version and thus can be upgraded if needed)

  277. Yagizа

    larma, and what did you mean by "why do you need to call it directly"? Is there any way for loading sessions without calling the function directly?

  278. pulkomandy has left

  279. pulkomandy has joined

  280. larma

    well, session_cipher and session_builder or doing all the session loading needed in the background for you

  281. larma

    at least for normal decryption/encryption work

  282. larma

    or do I miss something?

  283. Yagizа

    larma, well... I still don't understand. Now I'm calling that function to load existing OMEMO session from local storage. How can I do it without calling that function?

  284. pulkomandy has left

  285. pulkomandy has joined

  286. larma

    well, you can't do it without that, but the question is more *why* you need to load a session. To find out if you already have a session (so you know if you need to fetch a bundle or not) - signal_protocol_session_contains_session To process the bundle before encrypting the first message for a device you do - session_builder_create - session_builder_process_pre_key_bundle When encrypting a message you do - session_cipher_create - session_cipher_encrypt When decrypting a message you do - session_cipher_create - session_cipher_decrypt_pre_key_signal_message / session_cipher_decrypt_signal_message

  287. pulkomandy has left

  288. strar has left

  289. strar has joined

  290. Marc has left

  291. Marc has joined

  292. strar has left

  293. Yagizа

    larma, so existing sessions will work ok without loading them with that function?

  294. larma

    what have you been doing with it after loading?

  295. Yagizа

    larma, nothing. I just though I have to do it to make it work.

  296. larma

    ah. no that shouldn't be needed

  297. Yagizа

    larma, ok. I'll try to remove that code.

  298. pulkomandy has joined

  299. Yagizа

    larma, well...

  300. Yagizа

    larma, just substituted libsignal-protocol-c with libomemo-c in my code. Then added session_builder_set_version() and session_cipher_set_version() in proper places, specifying version as 4.

  301. Yagizа

    larma, but I see no changes in functionality. New client still normally communicates via OMEMO with previous build, which uses libsignal-protoco-c.

  302. Yagizа

    larma, is that normal?

  303. larma

    If you use old libsignal database it will have sessions properly initialized at version 3 and continue to use those.

  304. Yagizа

    So, if I delete the database, I won't be able to initiate an OMEMO session anymore?

  305. pulkomandy has left

  306. pulkomandy has joined

  307. Yagizа

    BTW, is there a client around with latest version of OMEMO implemented? Just for testing.

  308. larma

    Only outgoing, incoming will probably still work

  309. larma

    also when parsing incoming messages you'll need to use deserialize_pre_key_signal_message_omemo instead of deserialize_pre_key_signal_message for omemo:1 and doing that on a incoming message of old omemo will break

  310. Yagizа

    larma, ok. I'll check. Thank you.

  311. sonny has left

  312. sonny has joined

  313. larma

    There is a branch of dino with very basic omemo:1 support: https://github.com/dino/dino/tree/feature/omemo1

  314. Yagizа

    larma, ok, thanx.

  315. Yagizа

    larma, BTW... about fingerprints. Are there functions for fingerprint generation in libomemo, which generate fingerprints, compatible with XEP?

  316. strar has joined

  317. larma

    Yagizа, no, but probably something worth adding

  318. Yagizа

    larma, ok

  319. Yagizа

    larma, and... is there any docs, which describe changes in code I have to perform when upgrading from v3 libsignal-protocol to v4 libomemo?

  320. Yagizа

    Or deserialize_pre_key_signal_message_omemo instead of deserialize_pre_key_signal_message is the only change?

  321. pulkomandy has left

  322. DebXWoody has left

  323. larma

    what do you meain with upgrading? the protocols are very much incompatible on the XMPP side. Also libomemo-c only implements the same feature set of libsignal-protocol-c (just adjusted for omemo:1), which equals to 4.2 and 4.3 of XEP-0384. You'll still have to implement 4.4/4.5 on top of that (just as you also had to do some AES-GCM in old omemo)

  324. pulkomandy has joined

  325. larma

    https://github.com/dino/dino/blob/feature/omemo1/plugins/omemo/src/logic/trust_manager.vala#L226 <- here is the legacy omemo and omemo:1 encryption code (4.4 in the XEP) next to each other

  326. sonny has left

  327. sonny has joined

  328. pulkomandy has left

  329. pulkomandy has joined

  330. asterix has left

  331. aj has joined

  332. Yagizа

    larma, all XMPP part is already upgraded to v0.5

  333. Yagizа

    larma, cryptographic protocols is the only part left.

  334. larma

    ah, ok

  335. aj has left

  336. goffi has left

  337. lovetox has left

  338. sonny has left

  339. sonny has joined

  340. alexis has left

  341. alexis has joined

  342. lovetox has joined

  343. Yagizа

    larma, here's my code for getting session initialization status: https://pastebin.com/gy2yEGtF

  344. Yagizа

    Is signal_protocol_session_load_session() call redundant here?

  345. pulkomandy has left

  346. pulkomandy has joined

  347. Yagizа has left

  348. sonny has left

  349. sonny has joined

  350. Zash has left

  351. Zash has joined

  352. lovetox has left

  353. debacle has left

  354. SouL has left

  355. Zash has left

  356. Zash has joined

  357. Marc has left

  358. Zash has left