empathicqubit/Signal-Android
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Always use the UD cert with a UUID.

Browse source
This commit is contained in:
Greyson Parrelli 2020-05-06 12:36:42 -04:00 committed by Alex Hart
parent 30ac264cd3
commit b156e4a79a
4 changed files with 6 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
app/src/main/java/org/thoughtcrime/securesms/crypto/UnidentifiedAccessUtil.java
View file

@ -44,9 +44,7 @@ public class UnidentifiedAccessUtil {
try { try {
byte[] theirUnidentifiedAccessKey = getTargetUnidentifiedAccessKey(recipient); byte[] theirUnidentifiedAccessKey = getTargetUnidentifiedAccessKey(recipient);
byte[] ourUnidentifiedAccessKey = UnidentifiedAccess.deriveAccessKeyFrom(ProfileKeyUtil.getSelfProfileKey()); byte[] ourUnidentifiedAccessKey = UnidentifiedAccess.deriveAccessKeyFrom(ProfileKeyUtil.getSelfProfileKey());
byte[] ourUnidentifiedAccessCertificate = recipient.resolve().isUuidSupported() && Recipient.self().isUuidSupported() byte[] ourUnidentifiedAccessCertificate = TextSecurePreferences.getUnidentifiedAccessCertificate(context);
? TextSecurePreferences.getUnidentifiedAccessCertificate(context)
: TextSecurePreferences.getUnidentifiedAccessCertificateLegacy(context);
if (TextSecurePreferences.isUniversalUnidentifiedAccess(context)) { if (TextSecurePreferences.isUniversalUnidentifiedAccess(context)) {
ourUnidentifiedAccessKey = Util.getSecretBytes(16); ourUnidentifiedAccessKey = Util.getSecretBytes(16);
@ -77,8 +75,7 @@ public class UnidentifiedAccessUtil {
public static Optional<UnidentifiedAccessPair> getAccessForSync(@NonNull Context context) { public static Optional<UnidentifiedAccessPair> getAccessForSync(@NonNull Context context) {
try { try {
byte[] ourUnidentifiedAccessKey = UnidentifiedAccess.deriveAccessKeyFrom(ProfileKeyUtil.getSelfProfileKey()); byte[] ourUnidentifiedAccessKey = UnidentifiedAccess.deriveAccessKeyFrom(ProfileKeyUtil.getSelfProfileKey());
byte[] ourUnidentifiedAccessCertificate = Recipient.self().isUuidSupported() ? TextSecurePreferences.getUnidentifiedAccessCertificate(context) byte[] ourUnidentifiedAccessCertificate = TextSecurePreferences.getUnidentifiedAccessCertificate(context);
: TextSecurePreferences.getUnidentifiedAccessCertificateLegacy(context);
if (TextSecurePreferences.isUniversalUnidentifiedAccess(context)) { if (TextSecurePreferences.isUniversalUnidentifiedAccess(context)) {
ourUnidentifiedAccessKey = Util.getSecretBytes(16); ourUnidentifiedAccessKey = Util.getSecretBytes(16);

6
app/src/main/java/org/thoughtcrime/securesms/jobs/RotateCertificateJob.java
View file

@ -57,12 +57,10 @@ public class RotateCertificateJob extends BaseJob {
} }
synchronized (RotateCertificateJob.class) { synchronized (RotateCertificateJob.class) {
SignalServiceAccountManager accountManager = ApplicationDependencies.getSignalServiceAccountManager(); SignalServiceAccountManager accountManager = ApplicationDependencies.getSignalServiceAccountManager();
byte[] certificate = accountManager.getSenderCertificate(); byte[] certificate = accountManager.getSenderCertificate();
byte[] legacyCertificate = accountManager.getSenderCertificateLegacy();
TextSecurePreferences.setUnidentifiedAccessCertificate(context, certificate); TextSecurePreferences.setUnidentifiedAccessCertificate(context, certificate);
TextSecurePreferences.setUnidentifiedAccessCertificateLegacy(context, legacyCertificate);
} }
} }

6
app/src/main/java/org/thoughtcrime/securesms/migrations/UuidMigrationJob.java
View file

@ -79,12 +79,10 @@ public class UuidMigrationJob extends MigrationJob {
} }
private static void rotateSealedSenderCerts(@NonNull Context context) throws IOException { private static void rotateSealedSenderCerts(@NonNull Context context) throws IOException {
SignalServiceAccountManager accountManager = ApplicationDependencies.getSignalServiceAccountManager(); SignalServiceAccountManager accountManager = ApplicationDependencies.getSignalServiceAccountManager();
byte[] certificate = accountManager.getSenderCertificate(); byte[] certificate = accountManager.getSenderCertificate();
byte[] legacyCertificate = accountManager.getSenderCertificateLegacy();
TextSecurePreferences.setUnidentifiedAccessCertificate(context, certificate); TextSecurePreferences.setUnidentifiedAccessCertificate(context, certificate);
TextSecurePreferences.setUnidentifiedAccessCertificateLegacy(context, legacyCertificate);
} }

9
app/src/main/java/org/thoughtcrime/securesms/util/TextSecurePreferences.java
View file

@ -181,7 +181,6 @@ public class TextSecurePreferences {
private static final String NEEDS_MESSAGE_PULL = "pref_needs_message_pull"; private static final String NEEDS_MESSAGE_PULL = "pref_needs_message_pull";
private static final String UNIDENTIFIED_ACCESS_CERTIFICATE_ROTATION_TIME_PREF = "pref_unidentified_access_certificate_rotation_time"; private static final String UNIDENTIFIED_ACCESS_CERTIFICATE_ROTATION_TIME_PREF = "pref_unidentified_access_certificate_rotation_time";
private static final String UNIDENTIFIED_ACCESS_CERTIFICATE_LEGACY = "pref_unidentified_access_certificate";
private static final String UNIDENTIFIED_ACCESS_CERTIFICATE = "pref_unidentified_access_certificate_uuid"; private static final String UNIDENTIFIED_ACCESS_CERTIFICATE = "pref_unidentified_access_certificate_uuid";
public static final String UNIVERSAL_UNIDENTIFIED_ACCESS = "pref_universal_unidentified_access"; public static final String UNIVERSAL_UNIDENTIFIED_ACCESS = "pref_universal_unidentified_access";
public static final String SHOW_UNIDENTIFIED_DELIVERY_INDICATORS = "pref_show_unidentifed_delivery_indicators"; public static final String SHOW_UNIDENTIFIED_DELIVERY_INDICATORS = "pref_show_unidentifed_delivery_indicators";
@ -601,14 +600,6 @@ public class TextSecurePreferences {
return parseCertificate(getStringPreference(context, UNIDENTIFIED_ACCESS_CERTIFICATE, null)); return parseCertificate(getStringPreference(context, UNIDENTIFIED_ACCESS_CERTIFICATE, null));
} }
public static void setUnidentifiedAccessCertificateLegacy(Context context, byte[] value) {
setStringPreference(context, UNIDENTIFIED_ACCESS_CERTIFICATE_LEGACY, Base64.encodeBytes(value));
}
public static byte[] getUnidentifiedAccessCertificateLegacy(Context context) {
return parseCertificate(getStringPreference(context, UNIDENTIFIED_ACCESS_CERTIFICATE_LEGACY, null));
}
private static byte[] parseCertificate(String raw) { private static byte[] parseCertificate(String raw) {
try { try {
if (raw != null) { if (raw != null) {