southerntofu eeb852de34 | ||
---|---|---|
omemo | ||
README.md | ||
sign.py | ||
test.py | ||
verify.py |
README.md
OMEMO signatures
This is a proof-of-concept script that takes OMEMO encryption keys from gajim to sign and verify messages. The signatures are read/written as hexadecimal (base16).
Requirements
omemo
plugin from gajim-plugins is provided in this repository, because otherwise trying to import it from actual gajim plugins tries to launch too many things (and fails). It is assumed gajim with OMEMO plugin is working properly and so python-axolotl library is installed system-wide.
These scripts were tested with Gajim 1.3.1 keys. I have no idea if the format has changed lately.
Where to find your keys
As i have no idea what in the hell i'm doing with this python code and the many ways it can fail, i'd recommend using a copy of your actual keys. The Gajim keys are usually stored in ~/.local/share/gajim/
in an SQLite database called youraccount@yourserver.db
Running tests
There's three tests embedded in the demo.py
script:
- a good signature is properly validated
- a bad signature with a good message is properly discarded
- a "good" signature with an altered message is properly discarded
You can run the tests by running demo.py YOURKEY.db
. Example run:
OK: Good signature is verified.
OK: Wrong signature is not verified.
OK: Wrong message is not verified.
Signing and verifying arbitrary messages
There is a sign.py
and a verify.py
script, demo:
$ ./sign.py ~/omemo.db "HELLO, WORLD!"
5bda8b40942327dad03b9c869b00d3416e9fc07f3d3df5dc694ddeae1d377889a541beada6839bfee63955c669bf33b78ef269c8087a77c40e14bb1b39fa5c8f
$ ./verify.py ~/omemo.db "HELLO, WORLD!" "5bda8b40942327dad03b9c869b00d3416e9fc07f3d3df5dc694ddeae1d377889a541beada6839bfee63955c669bf33b78ef269c8087a77c40e14bb1b39fa5c8f"
Signature OK
License
This work is too short and generic and does not have any license applied. Gajim OMEMO plugin is license GPLv3.
Contributing
I will not accept patches for this. It's a simple proof-of-concept.