public function verifySignature($signatureKey) { try { $parts = ByteUtil::split($this->serialized, strlen($this->serialized) - self::SIGNATURE_LENGTH, self::SIGNATURE_LENGTH); if (!Curve::verifySignature($signatureKey, $parts[0], $parts[1])) { throw new InvalidMessageException("Invalid signature!"); } } catch (InvalidKeyException $ex) { throw new InvalidMessageException($ex->getMessage()); } }
public function processResponse($keyExchangeMessage) { $sessionRecord = $this->sessionStore->loadSession($this->recipientId, $this->deviceId); $sessionState = $sessionRecord->getSessionState(); $hasPendingKeyExchange = $sessionState->hasPendingKeyExchange(); $isSimultaneousInitiateResponse = $keyExchangeMessage->isResponseForSimultaneousInitiate(); if (!$hasPendingKeyExchange || $sessionState->getPendingKeyExchangeSequence() != $keyExchangeMessage->getSequence()) { Log::warn('procResponse', 'No matching sequence for response. Is simultaneous initiate response:' . ($isSimultaneousInitiateResponse ? 'true' : 'false')); if (!$isSimultaneousInitiateResponse) { throw new StaleKeyExchangeException(); } else { return; } } $parameters = new SymmetricBuilder(); $parameters->setOurBaseKey($sessionRecord->getSessionState()->getPendingKeyExchangeBaseKey())->setOurRatchetKey($sessionRecord->getSessionState()->getPendingKeyExchangeRatchetKey())->setOurIdentityKey($sessionRecord->getSessionState()->getPendingKeyExchangeIdentityKey())->setTheirBaseKey($keyExchangeMessage->getBaseKey())->setTheirRatchetKey($keyExchangeMessage->getRatchetKey())->setTheirIdentityKey($keyExchangeMessage->getIdentityKey()); if (!$sessionRecord->isFresh()) { $sessionRecord->archiveCurrentState(); } RatchetingSession::initializeSession($sessionRecord->getSessionState(), min($keyExchangeMessage->getMaxVersion(), CiphertextMessage::CURRENT_VERSION), $parameters->create()); if ($sessionRecord->getSessionState()->getSessionVersion() >= 3 && !Curve::verifySignature($keyExchangeMessage->getIdentityKey()->getPublicKey(), $keyExchangeMessage->getBaseKey()->serialize(), $keyExchangeMessage->getBaseKeySignature())) { throw new InvalidKeyException("Base key signature doesn't match!"); } $this->sessionStore->storeSession($this->recipientId, $this->deviceId, $sessionRecord); $this->identityKeyStore->saveIdentity($this->recipientId, $keyExchangeMessage->getIdentityKey()); }