TheArchive/session-android
1
0
Fork 0
mirror of https://github.com/oxen-io/session-android.git synced 2025-12-03 14:42:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move identity key verification into libaxolotol. With tests.

Browse Source
This commit is contained in:
Moxie Marlinspike
2014-04-28 11:46:37 -07:00
parent 81ae9af2e4
commit 931605a1c4
13 changed files with 266 additions and 145 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
src/org/thoughtcrime/securesms/ReceiveKeyActivity.java
View File

@@ -29,9 +29,11 @@ import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.TextView;
import android.widget.Toast;
import org.thoughtcrime.securesms.crypto.DecryptingQueue;
import org.thoughtcrime.securesms.crypto.KeyExchangeProcessor;
import org.thoughtcrime.securesms.crypto.TextSecureIdentityKeyStore;
import org.thoughtcrime.securesms.database.DatabaseFactory;
import org.thoughtcrime.securesms.recipients.Recipient;
import org.thoughtcrime.securesms.service.SendReceiveService;
@@ -43,9 +45,12 @@ import org.whispersystems.libaxolotl.InvalidKeyException;
import org.whispersystems.libaxolotl.InvalidMessageException;
import org.whispersystems.libaxolotl.InvalidVersionException;
import org.whispersystems.libaxolotl.LegacyMessageException;
import org.whispersystems.libaxolotl.StaleKeyExchangeException;
import org.whispersystems.libaxolotl.UntrustedIdentityException;
import org.whispersystems.libaxolotl.protocol.CiphertextMessage;
import org.whispersystems.libaxolotl.protocol.KeyExchangeMessage;
import org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage;
import org.whispersystems.libaxolotl.state.IdentityKeyStore;
import org.whispersystems.textsecure.crypto.IdentityKeyParcelable;
import org.whispersystems.textsecure.crypto.MasterSecret;
import org.whispersystems.textsecure.push.IncomingPushMessage;
@@ -91,14 +96,8 @@ public class ReceiveKeyActivity extends Activity {
try {
initializeKey();
initializeText();
} catch (InvalidKeyException ike) {
} catch (InvalidKeyException | InvalidVersionException | InvalidMessageException | LegacyMessageException ike) {
Log.w("ReceiveKeyActivity", ike);
} catch (InvalidVersionException ive) {
Log.w("ReceiveKeyActivity", ive);
} catch (InvalidMessageException e) {
Log.w("ReceiveKeyActivity", e);
} catch (LegacyMessageException e) {
Log.w("ReceiveKeyActivity", e);
}
initializeListeners();
}
@@ -147,12 +146,12 @@ public class ReceiveKeyActivity extends Activity {
}
private boolean isTrusted(KeyExchangeMessage message, PreKeyWhisperMessage messageBundle, IdentityKey identityUpdateMessage) {
RecipientDevice recipientDevice = new RecipientDevice(recipient.getRecipientId(), recipientDeviceId);
KeyExchangeProcessor processor = new KeyExchangeProcessor(this, masterSecret, recipientDevice);
long recipientId = recipient.getRecipientId();
IdentityKeyStore identityKeyStore = new TextSecureIdentityKeyStore(this, masterSecret);
if (message != null) return processor.isTrusted(message);
else if (messageBundle != null) return processor.isTrusted(messageBundle);
else if (identityUpdateMessage != null) return processor.isTrusted(identityUpdateMessage);
if (message != null) return identityKeyStore.isTrustedIdentity(recipientId, message.getIdentityKey());
else if (messageBundle != null) return identityKeyStore.isTrustedIdentity(recipientId, messageBundle.getIdentityKey());
else if (identityUpdateMessage != null) return identityKeyStore.isTrustedIdentity(recipientId, identityUpdateMessage);
return false;
}
@@ -224,6 +223,10 @@ public class ReceiveKeyActivity extends Activity {
KeyExchangeProcessor processor = new KeyExchangeProcessor(ReceiveKeyActivity.this,
masterSecret, recipientDevice);
IdentityKeyStore identityKeyStore = new TextSecureIdentityKeyStore(ReceiveKeyActivity.this,
masterSecret);
identityKeyStore.saveIdentity(recipient.getRecipientId(), keyExchangeMessage.getIdentityKey());
processor.processKeyExchangeMessage(keyExchangeMessage, threadId);
DatabaseFactory.getEncryptingSmsDatabase(ReceiveKeyActivity.this)
@@ -232,12 +235,21 @@ public class ReceiveKeyActivity extends Activity {
Log.w("ReceiveKeyActivity", e);
DatabaseFactory.getEncryptingSmsDatabase(ReceiveKeyActivity.this)
.markAsCorruptKeyExchange(messageId);
} catch (StaleKeyExchangeException e) {
DatabaseFactory.getEncryptingSmsDatabase(ReceiveKeyActivity.this)
.markAsStaleKeyExchange(messageId);
} catch (UntrustedIdentityException e) {
throw new AssertionError(e);
}
} else if (keyExchangeMessageBundle != null) {
try {
RecipientDevice recipientDevice = new RecipientDevice(recipient.getRecipientId(), recipientDeviceId);
KeyExchangeProcessor processor = new KeyExchangeProcessor(ReceiveKeyActivity.this,
masterSecret, recipientDevice);
masterSecret, recipientDevice);
IdentityKeyStore identityKeyStore = new TextSecureIdentityKeyStore(ReceiveKeyActivity.this,
masterSecret);
identityKeyStore.saveIdentity(recipient.getRecipientId(), keyExchangeMessageBundle.getIdentityKey());
processor.processKeyExchangeMessage(keyExchangeMessageBundle);
CiphertextMessage bundledMessage = keyExchangeMessageBundle.getWhisperMessage();
@@ -264,18 +276,13 @@ public class ReceiveKeyActivity extends Activity {
threadId, recipient.getNumber(), recipientDeviceId,
messageBody, true, false, false);
}
} catch (InvalidKeyIdException e) {
} catch (InvalidKeyIdException | InvalidNumberException | InvalidKeyException e) {
Log.w("ReceiveKeyActivity", e);
DatabaseFactory.getEncryptingSmsDatabase(ReceiveKeyActivity.this)
.markAsCorruptKeyExchange(messageId);
} catch (InvalidKeyException e) {
} catch (UntrustedIdentityException e) {
Log.w("ReceiveKeyActivity", e);
DatabaseFactory.getEncryptingSmsDatabase(ReceiveKeyActivity.this)
.markAsCorruptKeyExchange(messageId);
} catch (InvalidNumberException e) {
Log.w("ReceiveKeyActivity", e);
DatabaseFactory.getEncryptingSmsDatabase(ReceiveKeyActivity.this)
.markAsCorruptKeyExchange(messageId);
Toast.makeText(ReceiveKeyActivity.this, "Untrusted!", Toast.LENGTH_LONG).show();
}
} else if (identityUpdateMessage != null) {
DatabaseFactory.getIdentityDatabase(ReceiveKeyActivity.this)

15
src/org/thoughtcrime/securesms/crypto/DecryptingQueue.java
View File

@@ -45,6 +45,8 @@ import org.whispersystems.libaxolotl.InvalidMessageException;
import org.whispersystems.libaxolotl.InvalidVersionException;
import org.whispersystems.libaxolotl.LegacyMessageException;
import org.whispersystems.libaxolotl.SessionCipher;
import org.whispersystems.libaxolotl.StaleKeyExchangeException;
import org.whispersystems.libaxolotl.UntrustedIdentityException;
import org.whispersystems.libaxolotl.protocol.KeyExchangeMessage;
import org.whispersystems.libaxolotl.protocol.WhisperMessage;
import org.whispersystems.libaxolotl.state.SessionStore;
@@ -433,12 +435,8 @@ public class DecryptingQueue {
KeyExchangeMessage message = new KeyExchangeMessage(Base64.decodeWithoutPadding(plaintextBody));
KeyExchangeProcessor processor = new KeyExchangeProcessor(context, masterSecret, recipientDevice);
if (processor.isStale(message)) {
DatabaseFactory.getEncryptingSmsDatabase(context).markAsStaleKeyExchange(messageId);
} else if (processor.isTrusted(message)) {
DatabaseFactory.getEncryptingSmsDatabase(context).markAsProcessedKeyExchange(messageId);
processor.processKeyExchangeMessage(message, threadId);
}
processor.processKeyExchangeMessage(message, threadId);
DatabaseFactory.getEncryptingSmsDatabase(context).markAsProcessedKeyExchange(messageId);
} catch (InvalidVersionException e) {
Log.w("DecryptingQueue", e);
DatabaseFactory.getEncryptingSmsDatabase(context).markAsInvalidVersionKeyExchange(messageId);
@@ -448,6 +446,11 @@ public class DecryptingQueue {
} catch (LegacyMessageException e) {
Log.w("DecryptingQueue", e);
DatabaseFactory.getEncryptingSmsDatabase(context).markAsLegacyVersion(messageId);
} catch (StaleKeyExchangeException e) {
Log.w("DecryptingQueue", e);
DatabaseFactory.getEncryptingSmsDatabase(context).markAsStaleKeyExchange(messageId);
} catch (UntrustedIdentityException e) {
Log.w("DecryptingQueue", e);
}
}
}

61
src/org/thoughtcrime/securesms/crypto/KeyExchangeProcessor.java
View File

@@ -3,22 +3,20 @@ package org.thoughtcrime.securesms.crypto;
import android.content.Context;
import android.content.Intent;
import org.thoughtcrime.securesms.database.DatabaseFactory;
import org.thoughtcrime.securesms.recipients.Recipient;
import org.thoughtcrime.securesms.recipients.RecipientFactory;
import org.thoughtcrime.securesms.service.KeyCachingService;
import org.thoughtcrime.securesms.service.PreKeyService;
import org.thoughtcrime.securesms.sms.MessageSender;
import org.thoughtcrime.securesms.sms.OutgoingKeyExchangeMessage;
import org.whispersystems.libaxolotl.IdentityKey;
import org.whispersystems.libaxolotl.InvalidKeyException;
import org.whispersystems.libaxolotl.InvalidKeyIdException;
import org.whispersystems.libaxolotl.SessionBuilder;
import org.whispersystems.libaxolotl.StaleKeyExchangeException;
import org.whispersystems.libaxolotl.UntrustedIdentityException;
import org.whispersystems.libaxolotl.protocol.KeyExchangeMessage;
import org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage;
import org.whispersystems.libaxolotl.state.IdentityKeyStore;
import org.whispersystems.libaxolotl.state.PreKeyStore;
import org.whispersystems.libaxolotl.state.SessionRecord;
import org.whispersystems.libaxolotl.state.SessionStore;
import org.whispersystems.textsecure.crypto.MasterSecret;
import org.whispersystems.textsecure.push.PreKeyEntity;
@@ -41,7 +39,6 @@ public class KeyExchangeProcessor {
private RecipientDevice recipientDevice;
private MasterSecret masterSecret;
private SessionBuilder sessionBuilder;
private SessionStore sessionStore;
public KeyExchangeProcessor(Context context, MasterSecret masterSecret, RecipientDevice recipientDevice)
{
@@ -51,51 +48,22 @@ public class KeyExchangeProcessor {
IdentityKeyStore identityKeyStore = new TextSecureIdentityKeyStore(context, masterSecret);
PreKeyStore preKeyStore = new TextSecurePreKeyStore(context, masterSecret);
SessionStore sessionStore = new TextSecureSessionStore(context, masterSecret);
this.sessionStore = new TextSecureSessionStore(context, masterSecret);
this.sessionBuilder = new SessionBuilder(sessionStore, preKeyStore, identityKeyStore,
recipientDevice.getRecipientId(),
recipientDevice.getDeviceId());
}
public boolean isTrusted(PreKeyWhisperMessage message) {
return isTrusted(message.getIdentityKey());
}
public boolean isTrusted(PreKeyEntity entity) {
return isTrusted(entity.getIdentityKey());
}
public boolean isTrusted(KeyExchangeMessage message) {
return message.hasIdentityKey() && isTrusted(message.getIdentityKey());
}
public boolean isTrusted(IdentityKey identityKey) {
return DatabaseFactory.getIdentityDatabase(context).isValidIdentity(masterSecret,
recipientDevice.getRecipientId(),
identityKey);
}
public boolean isStale(KeyExchangeMessage message) {
SessionRecord sessionRecord = sessionStore.load(recipientDevice.getRecipientId(),
recipientDevice.getDeviceId());
return
message.isResponse() &&
(!sessionRecord.getSessionState().hasPendingKeyExchange() ||
sessionRecord.getSessionState().getPendingKeyExchangeSequence() != message.getSequence()) &&
!message.isResponseForSimultaneousInitiate();
}
public void processKeyExchangeMessage(PreKeyWhisperMessage message)
throws InvalidKeyIdException, InvalidKeyException
throws InvalidKeyIdException, InvalidKeyException, UntrustedIdentityException
{
sessionBuilder.process(message);
PreKeyService.initiateRefresh(context, masterSecret);
}
public void processKeyExchangeMessage(PreKeyEntity message, long threadId)
throws InvalidKeyException
throws InvalidKeyException, UntrustedIdentityException
{
sessionBuilder.process(message);
@@ -104,24 +72,25 @@ public class KeyExchangeProcessor {
}
}
public void processKeyExchangeMessage(KeyExchangeMessage message, long threadId)
throws InvalidKeyException
public OutgoingKeyExchangeMessage processKeyExchangeMessage(KeyExchangeMessage message, long threadId)
throws InvalidKeyException, UntrustedIdentityException, StaleKeyExchangeException
{
KeyExchangeMessage responseMessage = sessionBuilder.process(message);
Recipient recipient = RecipientFactory.getRecipientsForIds(context,
Recipient recipient = RecipientFactory.getRecipientsForIds(context,
String.valueOf(recipientDevice.getRecipientId()),
false)
.getPrimaryRecipient();
if (responseMessage != null) {
String serializedResponse = Base64.encodeBytesWithoutPadding(responseMessage.serialize());
OutgoingKeyExchangeMessage textMessage = new OutgoingKeyExchangeMessage(recipient, serializedResponse);
MessageSender.send(context, masterSecret, textMessage, threadId, true);
}
DecryptingQueue.scheduleRogueMessages(context, masterSecret, recipient);
broadcastSecurityUpdateEvent(context, threadId);
if (responseMessage != null) {
String serializedResponse = Base64.encodeBytesWithoutPadding(responseMessage.serialize());
return new OutgoingKeyExchangeMessage(recipient, serializedResponse);
} else {
return null;
}
}
public static void broadcastSecurityUpdateEvent(Context context, long threadId) {

6
src/org/thoughtcrime/securesms/crypto/TextSecureIdentityKeyStore.java
View File

@@ -33,4 +33,10 @@ public class TextSecureIdentityKeyStore implements IdentityKeyStore {
public void saveIdentity(long recipientId, IdentityKey identityKey) {
DatabaseFactory.getIdentityDatabase(context).saveIdentity(masterSecret, recipientId, identityKey);
}
@Override
public boolean isTrustedIdentity(long recipientId, IdentityKey identityKey) {
return DatabaseFactory.getIdentityDatabase(context)
.isValidIdentity(masterSecret, recipientId, identityKey);
}
}

12
src/org/thoughtcrime/securesms/service/PushReceiver.java
View File

@@ -27,6 +27,7 @@ import org.thoughtcrime.securesms.util.TextSecurePreferences;
import org.whispersystems.libaxolotl.InvalidKeyException;
import org.whispersystems.libaxolotl.InvalidMessageException;
import org.whispersystems.libaxolotl.InvalidVersionException;
import org.whispersystems.libaxolotl.UntrustedIdentityException;
import org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage;
import org.whispersystems.libaxolotl.state.SessionStore;
import org.whispersystems.textsecure.crypto.MasterSecret;
@@ -117,15 +118,16 @@ public class PushReceiver {
KeyExchangeProcessor processor = new KeyExchangeProcessor(context, masterSecret, recipientDevice);
PreKeyWhisperMessage preKeyExchange = new PreKeyWhisperMessage(message.getBody());
if (processor.isTrusted(preKeyExchange)) {
try {
processor.processKeyExchangeMessage(preKeyExchange);
IncomingPushMessage bundledMessage = message.withBody(preKeyExchange.getWhisperMessage().serialize());
handleReceivedSecureMessage(masterSecret, bundledMessage);
} else {
String encoded = Base64.encodeBytes(message.getBody());
IncomingTextMessage textMessage = new IncomingTextMessage(message, encoded, null);
IncomingPreKeyBundleMessage bundleMessage = new IncomingPreKeyBundleMessage(textMessage, encoded);
} catch (UntrustedIdentityException uie) {
Log.w("PushReceiver", uie);
String encoded = Base64.encodeBytes(message.getBody());
IncomingTextMessage textMessage = new IncomingTextMessage(message, encoded, null);
IncomingPreKeyBundleMessage bundleMessage = new IncomingPreKeyBundleMessage(textMessage, encoded);
EncryptingSmsDatabase database = DatabaseFactory.getEncryptingSmsDatabase(context);
Pair<Long, Long> messageAndThreadId = database.insertMessageInbox(masterSecret, bundleMessage);

58
src/org/thoughtcrime/securesms/service/SmsReceiver.java
View File

@@ -32,17 +32,22 @@ import org.thoughtcrime.securesms.protocol.WirePrefix;
import org.thoughtcrime.securesms.recipients.Recipient;
import org.thoughtcrime.securesms.recipients.RecipientFactory;
import org.thoughtcrime.securesms.recipients.RecipientFormattingException;
import org.thoughtcrime.securesms.recipients.Recipients;
import org.thoughtcrime.securesms.sms.IncomingEncryptedMessage;
import org.thoughtcrime.securesms.sms.IncomingKeyExchangeMessage;
import org.thoughtcrime.securesms.sms.IncomingPreKeyBundleMessage;
import org.thoughtcrime.securesms.sms.IncomingTextMessage;
import org.thoughtcrime.securesms.sms.MessageSender;
import org.thoughtcrime.securesms.sms.MultipartSmsMessageHandler;
import org.thoughtcrime.securesms.sms.OutgoingKeyExchangeMessage;
import org.thoughtcrime.securesms.sms.SmsTransportDetails;
import org.thoughtcrime.securesms.util.TextSecurePreferences;
import org.whispersystems.libaxolotl.InvalidKeyException;
import org.whispersystems.libaxolotl.InvalidMessageException;
import org.whispersystems.libaxolotl.InvalidVersionException;
import org.whispersystems.libaxolotl.LegacyMessageException;
import org.whispersystems.libaxolotl.StaleKeyExchangeException;
import org.whispersystems.libaxolotl.UntrustedIdentityException;
import org.whispersystems.libaxolotl.protocol.KeyExchangeMessage;
import org.whispersystems.libaxolotl.protocol.PreKeyWhisperMessage;
import org.whispersystems.libaxolotl.protocol.WhisperMessage;
@@ -119,22 +124,20 @@ public class SmsReceiver {
byte[] rawMessage = transportDetails.getDecodedMessage(message.getMessageBody().getBytes());
PreKeyWhisperMessage preKeyExchange = new PreKeyWhisperMessage(rawMessage);
if (processor.isTrusted(preKeyExchange)) {
processor.processKeyExchangeMessage(preKeyExchange);
processor.processKeyExchangeMessage(preKeyExchange);
WhisperMessage ciphertextMessage = preKeyExchange.getWhisperMessage();
String bundledMessageBody = new String(transportDetails.getEncodedMessage(ciphertextMessage.serialize()));
IncomingEncryptedMessage bundledMessage = new IncomingEncryptedMessage(message, bundledMessageBody);
Pair<Long, Long> messageAndThreadId = storeSecureMessage(masterSecret, bundledMessage);
WhisperMessage ciphertextMessage = preKeyExchange.getWhisperMessage();
String bundledMessageBody = new String(transportDetails.getEncodedMessage(ciphertextMessage.serialize()));
IncomingEncryptedMessage bundledMessage = new IncomingEncryptedMessage(message, bundledMessageBody);
Pair<Long, Long> messageAndThreadId = storeSecureMessage(masterSecret, bundledMessage);
Intent intent = new Intent(KeyExchangeProcessor.SECURITY_UPDATE_EVENT);
intent.putExtra("thread_id", messageAndThreadId.second);
intent.setPackage(context.getPackageName());
context.sendBroadcast(intent, KeyCachingService.KEY_PERMISSION);
Intent intent = new Intent(KeyExchangeProcessor.SECURITY_UPDATE_EVENT);
intent.putExtra("thread_id", messageAndThreadId.second);
intent.setPackage(context.getPackageName());
context.sendBroadcast(intent, KeyCachingService.KEY_PERMISSION);
return messageAndThreadId;
}
} catch (InvalidKeyException e) {
return messageAndThreadId;
} catch (InvalidKeyException | RecipientFormattingException | InvalidMessageException | IOException e) {
Log.w("SmsReceiver", e);
message.setCorrupted(true);
} catch (InvalidVersionException e) {
@@ -143,15 +146,8 @@ public class SmsReceiver {
} catch (InvalidKeyIdException e) {
Log.w("SmsReceiver", e);
message.setStale(true);
} catch (IOException e) {
Log.w("SmsReceive", e);
message.setCorrupted(true);
} catch (InvalidMessageException e) {
} catch (UntrustedIdentityException e) {
Log.w("SmsReceiver", e);
message.setCorrupted(true);
} catch (RecipientFormattingException e) {
Log.w("SmsReceiver", e);
message.setCorrupted(true);
}
return storeStandardMessage(masterSecret, message);
@@ -166,17 +162,18 @@ public class SmsReceiver {
RecipientDevice recipientDevice = new RecipientDevice(recipient.getRecipientId(), message.getSenderDeviceId());
KeyExchangeMessage exchangeMessage = new KeyExchangeMessage(Base64.decodeWithoutPadding(message.getMessageBody()));
KeyExchangeProcessor processor = new KeyExchangeProcessor(context, masterSecret, recipientDevice);
long threadId = DatabaseFactory.getThreadDatabase(context).getThreadIdFor(new Recipients(recipient));
OutgoingKeyExchangeMessage response = processor.processKeyExchangeMessage(exchangeMessage, threadId);
if (processor.isStale(exchangeMessage)) {
message.setStale(true);
} else if (processor.isTrusted(exchangeMessage)) {
message.setProcessed(true);
message.setProcessed(true);
Pair<Long, Long> messageAndThreadId = storeStandardMessage(masterSecret, message);
processor.processKeyExchangeMessage(exchangeMessage, messageAndThreadId.second);
Pair<Long, Long> messageAndThreadId = storeStandardMessage(masterSecret, message);
return messageAndThreadId;
if (response != null) {
MessageSender.send(context, masterSecret, response, messageAndThreadId.second, true);
}
return messageAndThreadId;
} catch (InvalidVersionException e) {
Log.w("SmsReceiver", e);
message.setInvalidVersion(true);
@@ -186,6 +183,11 @@ public class SmsReceiver {
} catch (LegacyMessageException e) {
Log.w("SmsReceiver", e);
message.setLegacyVersion(true);
} catch (StaleKeyExchangeException e) {
Log.w("SmsReceiver", e);
message.setStale(true);
} catch (UntrustedIdentityException e) {
Log.w("SmsReceiver", e);
}
}

9
src/org/thoughtcrime/securesms/transport/PushTransport.java
View File

@@ -213,11 +213,12 @@ public class PushTransport extends BaseTransport {
PreKeyEntity preKey = socket.getPreKey(address);
KeyExchangeProcessor processor = new KeyExchangeProcessor(context, masterSecret, address);
if (processor.isTrusted(preKey)) {
try {
processor.processKeyExchangeMessage(preKey, threadId);
} else {
} catch (org.whispersystems.libaxolotl.UntrustedIdentityException e) {
throw new UntrustedIdentityException("Untrusted identity key!", e164number, preKey.getIdentityKey());
}
}
} catch (InvalidKeyException e) {
throw new IOException(e);
@@ -332,9 +333,9 @@ public class PushTransport extends BaseTransport {
PushAddress device = PushAddress.create(context, pushAddress.getRecipientId(), pushAddress.getNumber(), preKey.getDeviceId());
KeyExchangeProcessor processor = new KeyExchangeProcessor(context, masterSecret, device);
if (processor.isTrusted(preKey)) {
try {
processor.processKeyExchangeMessage(preKey, threadId);
} else {
} catch (org.whispersystems.libaxolotl.UntrustedIdentityException e) {
throw new UntrustedIdentityException("Untrusted identity key!", pushAddress.getNumber(), preKey.getIdentityKey());
}
}