From b156e4a79a8429ab560d4dc4d02e2b2b666a61d7 Mon Sep 17 00:00:00 2001 From: Greyson Parrelli Date: Wed, 6 May 2020 12:36:42 -0400 Subject: [PATCH] Always use the UD cert with a UUID. --- .../securesms/crypto/UnidentifiedAccessUtil.java | 7 ++----- .../securesms/jobs/RotateCertificateJob.java | 6 ++---- .../securesms/migrations/UuidMigrationJob.java | 6 ++---- .../securesms/util/TextSecurePreferences.java | 9 --------- 4 files changed, 6 insertions(+), 22 deletions(-) diff --git a/app/src/main/java/org/thoughtcrime/securesms/crypto/UnidentifiedAccessUtil.java b/app/src/main/java/org/thoughtcrime/securesms/crypto/UnidentifiedAccessUtil.java index 4ac03c9ae9..849ec6e25a 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/crypto/UnidentifiedAccessUtil.java +++ b/app/src/main/java/org/thoughtcrime/securesms/crypto/UnidentifiedAccessUtil.java @@ -44,9 +44,7 @@ public class UnidentifiedAccessUtil { try { byte[] theirUnidentifiedAccessKey = getTargetUnidentifiedAccessKey(recipient); byte[] ourUnidentifiedAccessKey = UnidentifiedAccess.deriveAccessKeyFrom(ProfileKeyUtil.getSelfProfileKey()); - byte[] ourUnidentifiedAccessCertificate = recipient.resolve().isUuidSupported() && Recipient.self().isUuidSupported() - ? TextSecurePreferences.getUnidentifiedAccessCertificate(context) - : TextSecurePreferences.getUnidentifiedAccessCertificateLegacy(context); + byte[] ourUnidentifiedAccessCertificate = TextSecurePreferences.getUnidentifiedAccessCertificate(context); if (TextSecurePreferences.isUniversalUnidentifiedAccess(context)) { ourUnidentifiedAccessKey = Util.getSecretBytes(16); @@ -77,8 +75,7 @@ public class UnidentifiedAccessUtil { public static Optional getAccessForSync(@NonNull Context context) { try { byte[] ourUnidentifiedAccessKey = UnidentifiedAccess.deriveAccessKeyFrom(ProfileKeyUtil.getSelfProfileKey()); - byte[] ourUnidentifiedAccessCertificate = Recipient.self().isUuidSupported() ? TextSecurePreferences.getUnidentifiedAccessCertificate(context) - : TextSecurePreferences.getUnidentifiedAccessCertificateLegacy(context); + byte[] ourUnidentifiedAccessCertificate = TextSecurePreferences.getUnidentifiedAccessCertificate(context); if (TextSecurePreferences.isUniversalUnidentifiedAccess(context)) { ourUnidentifiedAccessKey = Util.getSecretBytes(16); diff --git a/app/src/main/java/org/thoughtcrime/securesms/jobs/RotateCertificateJob.java b/app/src/main/java/org/thoughtcrime/securesms/jobs/RotateCertificateJob.java index 856a0c39f1..dbd7f177c5 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/jobs/RotateCertificateJob.java +++ b/app/src/main/java/org/thoughtcrime/securesms/jobs/RotateCertificateJob.java @@ -57,12 +57,10 @@ public class RotateCertificateJob extends BaseJob { } synchronized (RotateCertificateJob.class) { - SignalServiceAccountManager accountManager = ApplicationDependencies.getSignalServiceAccountManager(); - byte[] certificate = accountManager.getSenderCertificate(); - byte[] legacyCertificate = accountManager.getSenderCertificateLegacy(); + SignalServiceAccountManager accountManager = ApplicationDependencies.getSignalServiceAccountManager(); + byte[] certificate = accountManager.getSenderCertificate(); TextSecurePreferences.setUnidentifiedAccessCertificate(context, certificate); - TextSecurePreferences.setUnidentifiedAccessCertificateLegacy(context, legacyCertificate); } } diff --git a/app/src/main/java/org/thoughtcrime/securesms/migrations/UuidMigrationJob.java b/app/src/main/java/org/thoughtcrime/securesms/migrations/UuidMigrationJob.java index a01f4de347..e7b6378c6e 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/migrations/UuidMigrationJob.java +++ b/app/src/main/java/org/thoughtcrime/securesms/migrations/UuidMigrationJob.java @@ -79,12 +79,10 @@ public class UuidMigrationJob extends MigrationJob { } private static void rotateSealedSenderCerts(@NonNull Context context) throws IOException { - SignalServiceAccountManager accountManager = ApplicationDependencies.getSignalServiceAccountManager(); - byte[] certificate = accountManager.getSenderCertificate(); - byte[] legacyCertificate = accountManager.getSenderCertificateLegacy(); + SignalServiceAccountManager accountManager = ApplicationDependencies.getSignalServiceAccountManager(); + byte[] certificate = accountManager.getSenderCertificate(); TextSecurePreferences.setUnidentifiedAccessCertificate(context, certificate); - TextSecurePreferences.setUnidentifiedAccessCertificateLegacy(context, legacyCertificate); } diff --git a/app/src/main/java/org/thoughtcrime/securesms/util/TextSecurePreferences.java b/app/src/main/java/org/thoughtcrime/securesms/util/TextSecurePreferences.java index 4e3d0107e6..969f146b6a 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/util/TextSecurePreferences.java +++ b/app/src/main/java/org/thoughtcrime/securesms/util/TextSecurePreferences.java @@ -181,7 +181,6 @@ public class TextSecurePreferences { private static final String NEEDS_MESSAGE_PULL = "pref_needs_message_pull"; private static final String UNIDENTIFIED_ACCESS_CERTIFICATE_ROTATION_TIME_PREF = "pref_unidentified_access_certificate_rotation_time"; - private static final String UNIDENTIFIED_ACCESS_CERTIFICATE_LEGACY = "pref_unidentified_access_certificate"; private static final String UNIDENTIFIED_ACCESS_CERTIFICATE = "pref_unidentified_access_certificate_uuid"; public static final String UNIVERSAL_UNIDENTIFIED_ACCESS = "pref_universal_unidentified_access"; public static final String SHOW_UNIDENTIFIED_DELIVERY_INDICATORS = "pref_show_unidentifed_delivery_indicators"; @@ -601,14 +600,6 @@ public class TextSecurePreferences { return parseCertificate(getStringPreference(context, UNIDENTIFIED_ACCESS_CERTIFICATE, null)); } - public static void setUnidentifiedAccessCertificateLegacy(Context context, byte[] value) { - setStringPreference(context, UNIDENTIFIED_ACCESS_CERTIFICATE_LEGACY, Base64.encodeBytes(value)); - } - - public static byte[] getUnidentifiedAccessCertificateLegacy(Context context) { - return parseCertificate(getStringPreference(context, UNIDENTIFIED_ACCESS_CERTIFICATE_LEGACY, null)); - } - private static byte[] parseCertificate(String raw) { try { if (raw != null) {