Include an out-of-order double ratchet

[claucece]

Why

As we are currently implementing the revision number 2 of the OTRv4 specification, we need to include an out-of-order double ratchet.

Reference

Please, refer to "Interactive DAKE Overview" and "Non-Interactive DAKE Overview" for knowing how to initialize the Double Ratchet after the DAKE, on the OTRv4 specification.

Refer to "When you send a Data Message:" and "When you receive a Data Message:" for knowing how to handle data messages with the Double Ratchet, on the OTRv4 specification.

Related to #64, #68 and #82

Tasks

• [x] Correctly initialize the Double Ratchet after the DAKE. This includes the new behavior of deriving like this, for example r = KDF_1(0x20, K, 80).
• [x] Correctly set up i, j, k and pn. Correctly increment these values.
• [x] Correctly interpret the first mixed shared secret as the first root key.
• [x] Correctly derive the root, chain, message and MAC keys.
• [x] Create an storage of skipped message keys.
• [x] Define the max_skip variable.
• [x] Define when to delete the stored message keys. Take this value from client or decided by the library.
• [x] Include the appropriate values to the data message (i, pn, j).
• [x] Check that all the parameters used for the double ratchet algorithm are correctly set up.
• [x] Derive the extra symmetric key when storing message keys that correspond to skipped messages.
• [x] Correctly delete this extra symmetric key when not needed.
• [x] Check the revelation of MAC keys.
• [x] Check how parameters are initialized for the encrypted message over the non-interactive DAKE.
• [x] Correctly calculate the shared secret on the interactive DAKE.
• [x] Add the approppiate KDFs.

Open questions

Is the max_skip variable going to be taken from the client?

[claucece]

The max_skip will be taken from the client. We should add this to the plugin.

[claucece]

From the last OTR meeting:

• We need to not move the ratchet keys and info if the message is undecryptable. Check for this about corrupted messages.
• Check the out of order for the first data message sent.

Check: https://github.com/otrv4/libotr-ng/commit/1350b486b741e9a1f91df8ea5ab9f641d147ee7a#commitcomment-29380704