Clear sender key shared state on archive and prekey message receive.
We need to clear the sender key shared state whenever a registrationId changes. We don't have good hooks for that on Android, so instead we're just going to reset on every archive and prekey receive. It's a little overzealous, but given these are rare events anyway, it shouldn't be a big deal.
This commit is contained in:
Greyson Parrelli
parent
597cf3f576
commit
0558d5f0b3
4 changed files with 18 additions and 11 deletions
|
|
@ -19,6 +19,7 @@ import org.whispersystems.signalservice.api.SignalServiceAccountDataStore;
|
|||
import org.whispersystems.signalservice.api.push.DistributionId;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.UUID;
|
||||
|
|
@ -139,6 +140,7 @@ public class SignalServiceAccountDataStoreImpl implements SignalServiceAccountDa
|
|||
@Override
|
||||
public void archiveSession(SignalProtocolAddress address) {
|
||||
sessionStore.archiveSession(address);
|
||||
senderKeyStore.clearSenderKeySharedWith(Collections.singleton(address));
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -47,6 +47,7 @@ import org.whispersystems.libsignal.protocol.DecryptionErrorMessage;
|
|||
import org.whispersystems.libsignal.state.SignalProtocolStore;
|
||||
import org.whispersystems.libsignal.util.guava.Optional;
|
||||
import org.whispersystems.signalservice.api.InvalidMessageStructureException;
|
||||
import org.whispersystems.signalservice.api.SignalServiceAccountDataStore;
|
||||
import org.whispersystems.signalservice.api.crypto.ContentHint;
|
||||
import org.whispersystems.signalservice.api.crypto.SignalServiceCipher;
|
||||
import org.whispersystems.signalservice.api.messages.SignalServiceContent;
|
||||
|
|
@ -76,9 +77,9 @@ public final class MessageDecryptionUtil {
|
|||
* caller.
|
||||
*/
|
||||
public static @NonNull DecryptionResult decrypt(@NonNull Context context, @NonNull SignalServiceEnvelope envelope) {
|
||||
SignalProtocolStore axolotlStore = ApplicationDependencies.getProtocolStore().aci();
|
||||
SignalServiceAccountDataStore protocolStore = ApplicationDependencies.getProtocolStore().aci();
|
||||
SignalServiceAddress localAddress = new SignalServiceAddress(Recipient.self().requireAci(), Recipient.self().requireE164());
|
||||
SignalServiceCipher cipher = new SignalServiceCipher(localAddress, SignalStore.account().getDeviceId(), axolotlStore, ReentrantSessionLock.INSTANCE, UnidentifiedAccessUtil.getCertificateValidator());
|
||||
SignalServiceCipher cipher = new SignalServiceCipher(localAddress, SignalStore.account().getDeviceId(), protocolStore, ReentrantSessionLock.INSTANCE, UnidentifiedAccessUtil.getCertificateValidator());
|
||||
List<Job> jobs = new LinkedList<>();
|
||||
|
||||
if (envelope.isPreKeySignalMessage()) {
|
||||
|
|
|
|||
|
|
@ -2058,8 +2058,6 @@ public class SignalServiceMessageSender {
|
|||
for (SignalProtocolAddress address : addressesToClear) {
|
||||
store.archiveSession(address);
|
||||
}
|
||||
|
||||
store.clearSenderKeySharedWith(addressesToClear);
|
||||
}
|
||||
|
||||
private List<SignalProtocolAddress> convertToProtocolAddresses(SignalServiceAddress recipient, List<Integer> devices) {
|
||||
|
|
|
|||
|
|
@ -40,9 +40,9 @@ import org.whispersystems.libsignal.logging.Log;
|
|||
import org.whispersystems.libsignal.protocol.CiphertextMessage;
|
||||
import org.whispersystems.libsignal.protocol.PreKeySignalMessage;
|
||||
import org.whispersystems.libsignal.protocol.SignalMessage;
|
||||
import org.whispersystems.libsignal.state.SignalProtocolStore;
|
||||
import org.whispersystems.libsignal.util.guava.Optional;
|
||||
import org.whispersystems.signalservice.api.InvalidMessageStructureException;
|
||||
import org.whispersystems.signalservice.api.SignalServiceAccountDataStore;
|
||||
import org.whispersystems.signalservice.api.SignalSessionLock;
|
||||
import org.whispersystems.signalservice.api.messages.SignalServiceContent;
|
||||
import org.whispersystems.signalservice.api.messages.SignalServiceEnvelope;
|
||||
|
|
@ -50,7 +50,6 @@ import org.whispersystems.signalservice.api.messages.SignalServiceMetadata;
|
|||
import org.whispersystems.signalservice.api.push.ACI;
|
||||
import org.whispersystems.signalservice.api.push.DistributionId;
|
||||
import org.whispersystems.signalservice.api.push.SignalServiceAddress;
|
||||
import org.whispersystems.signalservice.api.util.UuidUtil;
|
||||
import org.whispersystems.signalservice.internal.push.OutgoingPushMessage;
|
||||
import org.whispersystems.signalservice.internal.push.PushTransportDetails;
|
||||
import org.whispersystems.signalservice.internal.push.SignalServiceProtos;
|
||||
|
|
@ -59,6 +58,7 @@ import org.whispersystems.signalservice.internal.serialize.SignalServiceAddressP
|
|||
import org.whispersystems.signalservice.internal.serialize.SignalServiceMetadataProtobufSerializer;
|
||||
import org.whispersystems.signalservice.internal.serialize.protos.SignalServiceContentProto;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
|
|
@ -69,7 +69,7 @@ public class SignalServiceCipher {
|
|||
@SuppressWarnings("unused")
|
||||
private static final String TAG = SignalServiceCipher.class.getSimpleName();
|
||||
|
||||
private final SignalProtocolStore signalProtocolStore;
|
||||
private final SignalServiceAccountDataStore signalProtocolStore;
|
||||
private final SignalSessionLock sessionLock;
|
||||
private final SignalServiceAddress localAddress;
|
||||
private final int localDeviceId;
|
||||
|
|
@ -77,7 +77,7 @@ public class SignalServiceCipher {
|
|||
|
||||
public SignalServiceCipher(SignalServiceAddress localAddress,
|
||||
int localDeviceId,
|
||||
SignalProtocolStore signalProtocolStore,
|
||||
SignalServiceAccountDataStore signalProtocolStore,
|
||||
SignalSessionLock sessionLock,
|
||||
CertificateValidator certificateValidator)
|
||||
{
|
||||
|
|
@ -195,6 +195,8 @@ public class SignalServiceCipher {
|
|||
|
||||
paddedMessage = sessionCipher.decrypt(new PreKeySignalMessage(ciphertext));
|
||||
metadata = new SignalServiceMetadata(envelope.getSourceAddress(), envelope.getSourceDevice(), envelope.getTimestamp(), envelope.getServerReceivedTimestamp(), envelope.getServerDeliveredTimestamp(), false, envelope.getServerGuid(), Optional.absent());
|
||||
|
||||
signalProtocolStore.clearSenderKeySharedWith(Collections.singleton(sourceAddress));
|
||||
} else if (envelope.isSignalMessage()) {
|
||||
SignalProtocolAddress sourceAddress = new SignalProtocolAddress(envelope.getSourceUuid().get(), envelope.getSourceDevice());
|
||||
SignalSessionCipher sessionCipher = new SignalSessionCipher(sessionLock, new SessionCipher(signalProtocolStore, sourceAddress));
|
||||
|
|
@ -213,6 +215,10 @@ public class SignalServiceCipher {
|
|||
needsReceipt = false;
|
||||
}
|
||||
|
||||
if (result.getCiphertextMessageType() == CiphertextMessage.PREKEY_TYPE) {
|
||||
signalProtocolStore.clearSenderKeySharedWith(Collections.singleton(new SignalProtocolAddress(result.getSenderUuid(), result.getDeviceId())));
|
||||
}
|
||||
|
||||
paddedMessage = result.getPaddedMessage();
|
||||
metadata = new SignalServiceMetadata(resultAddress, result.getDeviceId(), envelope.getTimestamp(), envelope.getServerReceivedTimestamp(), envelope.getServerDeliveredTimestamp(), needsReceipt, envelope.getServerGuid(), groupId);
|
||||
} else {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue