[OTR-dev] How to properly detect the end of the AKE?
Ian Goldberg
ian at cypherpunks.ca
Wed Oct 30 13:46:14 EDT 2013
On Wed, Oct 30, 2013 at 03:44:47PM +0100, Thomas Balthazar wrote:
> Hi,
>
> * The situation :
> I use libotr v4.0.0 in an iOS app I'm working on.
> The objective-c wrapper I use is here :
> https://github.com/tbalthazar/TBOTRManager
>
> * My goal :
> I try to have my app exchange messages with another app that uses OTR too (but not libotr).
> When the user wants to send an OTR message with my app, I keep this message until the OTR conversation is secured.
> I'd like to know *when* I can consider the OTR conversation as secured and send the very first user message.
>
> * My problem
> I tried to consider the gone_secure callback as the signal that the conversation was secure, but it seems that the gone_secure callback is called before libotr has sent the signature message (?OTR:AAMS), which seem to trigger an error on the recipient side.
>
> This is the sequence I observe :
>
> - user wants to send "hello", I don't send his message yet and :
> - I send ?OTRv23?
> - I receive ?OTR:AAMC
> - I send ?OTR:AAMK
> - I receive ?OTR:AAMR
> - gone_secure callback is called
> - I send ?OTR:AAMD (the "hello" user message)
> - I send ?OTR:AAMS
> - I receive ?OTR Error
>
> The recipient client refuses my "hello" message since it considers the conversation is not secure yet. If I delay the sending of the "hello" message for a few seconds, everything works fine.
>
> Is there a callback I can plug in or a value I can observe to help me determine when I can send the user "hello" message?
>
> Please let me know if I miss something obvious.
>
> Thanks a lot for your help!
> Thomas.
Ah, interesting problem. libotr indeed calls the gone_secure callback
when the conversation switches to encrypted at your end. But right
after that (i.e. when otrl_message_receiving returns), it returns to you
the AAMS message, which your application then delivers to the other side.
So I guess you could have gone_secure just set a flag, which you check
(and clear) after you deliver that AAMS message?
- Ian
More information about the OTR-dev
mailing list