empathicqubit/Signal-Android
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Update MobileCoin enclave measurements for v3.0.0

Browse source
This commit is contained in:
Alex Voloshyn 2022-11-02 12:48:03 -07:00 committed by Cody Henthorne
parent b38ac44d0f
commit c218e22566
6 changed files with 54 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
app/src/main/java/org/thoughtcrime/securesms/components/reminder/EnclaveFailureReminder.kt
View file

@ -3,14 +3,15 @@ package org.thoughtcrime.securesms.components.reminder
import android.content.Context
import android.view.View
import org.thoughtcrime.securesms.R
import org.thoughtcrime.securesms.util.TextSecurePreferences
import org.thoughtcrime.securesms.util.PlayStoreUtil
/**
* Banner to update app to the latest version because of enclave failure
*/
class EnclaveFailureReminder(context: Context) : Reminder(null,
context.getString(R.string.EnclaveFailureReminder_update_signal)) {
class EnclaveFailureReminder(context: Context) : Reminder(
null,
context.getString(R.string.EnclaveFailureReminder_update_signal)
) {
init {
addAction(Action(context.getString(R.string.ExpiredBuildReminder_update_now), R.id.reminder_action_update_now))
@ -20,6 +21,6 @@ class EnclaveFailureReminder(context: Context) : Reminder(null,
override fun isDismissable(): Boolean = false
override fun getImportance(): Importance {
return Importance.TERMINAL
return Importance.TERMINAL
}
}

1
app/src/main/java/org/thoughtcrime/securesms/keyvalue/PaymentsValues.kt
View file

@ -223,7 +223,6 @@ internal class PaymentsValues internal constructor(store: KeyValueStore) : Signa
return enclaveFailure
}
fun showAboutMobileCoinInfoCard(): Boolean {
return store.getBoolean(SHOW_ABOUT_MOBILE_COIN_INFO_CARD, true)
}

59
app/src/main/java/org/thoughtcrime/securesms/payments/MobileCoinMainNetConfig.java
View file

@ -64,31 +64,40 @@ final class MobileCoinMainNetConfig extends MobileCoinConfig {
@Override
@NonNull ClientConfig getConfig() {
try {
Set<X509Certificate> trustRoots = getTrustRoots(R.raw.signal_mobilecoin_authority);
ClientConfig config = new ClientConfig();
String[] hardeningAdvisories = { "INTEL-SA-00334", "INTEL-SA-00615" };
VerifierFactory verifierFactory = new VerifierFactory(hardeningAdvisories,
// ~June 23, 2021
new ServiceConfig(
"653228afd2b02a6c28f1dc3b108b1dfa457d170b32ae8ec2978f941bd1655c83",
"f3f7e9a674c55fb2af543513527b6a7872de305bac171783f6716a0bf6919499",
"89db0d1684fcc98258295c39f4ab68f7de5917ef30f0004d9a86f29930cebbbd",
"dd84abda7f05116e21fcd1ee6361b0ec29445fff0472131eaf37bf06255b567a"
),
// ~July 8th, 2022
new ServiceConfig(
"733080d6ece4504f66ba606fa8163dae0a5220f3dbf6ca55fbafbac12c6f1897",
"660103d766cde0fd1e1cfb443b99e52da2ce0617d0dee42f8b875f7104942c6b",
"ed8ed6e1b4b6827e5543b25c1c13b9c06b478d819f8df912eb11fa140780fc51",
"c64a3b04348b10596442868758875f312dc3a755b450805149774a091d2822d3"
),
// ~August 10th, 2022
new ServiceConfig(
"d6e54e43c368f0fa2c5f13361afd303ee8f890424e99bd6c367f6164b5fff1b5",
"3e9bf61f3191add7b054f0e591b62f832854606f6594fd63faef1e2aedec4021",
"92fb35d0f603ceb5eaf2988b24a41d4a4a83f8fb9cd72e67c3bc37960d864ad6",
"3d6e528ee0574ae3299915ea608b71ddd17cbe855d4f5e1c46df9b0d22b04cdb"
));
Set<X509Certificate> trustRoots = getTrustRoots(R.raw.signal_mobilecoin_authority);
ClientConfig config = new ClientConfig();
VerifierFactory verifierFactory = new VerifierFactory(// ~June 23, 2021
new ServiceConfig(
"653228afd2b02a6c28f1dc3b108b1dfa457d170b32ae8ec2978f941bd1655c83",
"f3f7e9a674c55fb2af543513527b6a7872de305bac171783f6716a0bf6919499",
"89db0d1684fcc98258295c39f4ab68f7de5917ef30f0004d9a86f29930cebbbd",
"dd84abda7f05116e21fcd1ee6361b0ec29445fff0472131eaf37bf06255b567a",
new String[] { "INTEL-SA-00334" }
),
// ~July 8th, 2022
new ServiceConfig(
"733080d6ece4504f66ba606fa8163dae0a5220f3dbf6ca55fbafbac12c6f1897",
"660103d766cde0fd1e1cfb443b99e52da2ce0617d0dee42f8b875f7104942c6b",
"ed8ed6e1b4b6827e5543b25c1c13b9c06b478d819f8df912eb11fa140780fc51",
"c64a3b04348b10596442868758875f312dc3a755b450805149774a091d2822d3",
new String[] { "INTEL-SA-00334" }
),
// ~August 10th, 2022
new ServiceConfig(
"d6e54e43c368f0fa2c5f13361afd303ee8f890424e99bd6c367f6164b5fff1b5",
"3e9bf61f3191add7b054f0e591b62f832854606f6594fd63faef1e2aedec4021",
"92fb35d0f603ceb5eaf2988b24a41d4a4a83f8fb9cd72e67c3bc37960d864ad6",
"3d6e528ee0574ae3299915ea608b71ddd17cbe855d4f5e1c46df9b0d22b04cdb",
new String[] { "INTEL-SA-00334", "INTEL-SA-00615" }
),
// ~November 1, 2022
new ServiceConfig(
"207c9705bf640fdb960034595433ee1ff914f9154fbe4bc7fc8a97e912961e5c",
"3370f131b41e5a49ed97c4188f7a976461ac6127f8d222a37929ac46b46d560e",
"dca7521ce4564cc2e54e1637e533ea9d1901c2adcbab0e7a41055e719fb0ff9d",
"fd4c1c82cca13fa007be15a4c90e2b506c093b21c2e7021a055cbb34aa232f3f",
new String[] { "INTEL-SA-00334", "INTEL-SA-00615", "INTEL-SA-00657" }
));
config.logAdapter = new MobileCoinLogAdapter();

23
app/src/main/java/org/thoughtcrime/securesms/payments/MobileCoinTestNetConfig.java
View file

@ -18,7 +18,7 @@ import java.util.Set;
final class MobileCoinTestNetConfig extends MobileCoinConfig {
private final SignalServiceAccountManager signalServiceAccountManager;
private final SignalServiceAccountManager signalServiceAccountManager;
public MobileCoinTestNetConfig(@NonNull SignalServiceAccountManager signalServiceAccountManager) {
this.signalServiceAccountManager = signalServiceAccountManager;
@ -52,17 +52,16 @@ final class MobileCoinTestNetConfig extends MobileCoinConfig {
@Override
@NonNull ClientConfig getConfig() {
try {
Set<X509Certificate> trustRoots = getTrustRoots(R.raw.signal_mobilecoin_authority);
ClientConfig config = new ClientConfig();
String[] hardeningAdvisories = { "INTEL-SA-00334", "INTEL-SA-00615" };
VerifierFactory verifierFactory = new VerifierFactory(hardeningAdvisories,
// ~August 15, 2022
new ServiceConfig(
"01746f4dd25f8623d603534425ed45833687eca2b3ba25bdd87180b9471dac28",
"3e9bf61f3191add7b054f0e591b62f832854606f6594fd63faef1e2aedec4021",
"92fb35d0f603ceb5eaf2988b24a41d4a4a83f8fb9cd72e67c3bc37960d864ad6",
"3d6e528ee0574ae3299915ea608b71ddd17cbe855d4f5e1c46df9b0d22b04cdb"
));
Set<X509Certificate> trustRoots = getTrustRoots(R.raw.signal_mobilecoin_authority);
ClientConfig config = new ClientConfig();
VerifierFactory verifierFactory = new VerifierFactory(// ~August 15, 2022
new ServiceConfig(
"01746f4dd25f8623d603534425ed45833687eca2b3ba25bdd87180b9471dac28",
"3e9bf61f3191add7b054f0e591b62f832854606f6594fd63faef1e2aedec4021",
"92fb35d0f603ceb5eaf2988b24a41d4a4a83f8fb9cd72e67c3bc37960d864ad6",
"3d6e528ee0574ae3299915ea608b71ddd17cbe855d4f5e1c46df9b0d22b04cdb",
new String[] { "INTEL-SA-00334", "INTEL-SA-00615" }
));
config.logAdapter = new MobileCoinLogAdapter();
config.fogView = new ClientConfig.Service().withTrustRoots(trustRoots)

3
app/src/main/java/org/thoughtcrime/securesms/payments/ServiceConfig.kt
View file

@ -10,7 +10,8 @@ class ServiceConfig(
consensus: String,
report: String,
ledger: String,
view: String
view: String,
val hardeningAdvisories: Array<String>
) {
val consensus: ByteArray = Hex.toByteArray(consensus)
val report: ByteArray = Hex.toByteArray(report)

4
app/src/main/java/org/thoughtcrime/securesms/payments/VerifierFactory.kt
View file

@ -8,7 +8,7 @@ import com.mobilecoin.lib.exceptions.AttestationException
* This is to ease the addition of new service configurations moving forward, which simply need a new ServiceConfig object
* to be added to the given list.
*/
class VerifierFactory(private val hardeningAdvisories: Array<String>, private vararg val serviceConfigs: ServiceConfig) {
class VerifierFactory(private vararg val serviceConfigs: ServiceConfig) {
@Throws(AttestationException::class)
fun createConsensusVerifier(): Verifier {
@ -33,7 +33,7 @@ class VerifierFactory(private val hardeningAdvisories: Array<String>, private va
@Throws(AttestationException::class)
private fun createVerifier(getConfigValue: (ServiceConfig) -> ByteArray): Verifier {
return serviceConfigs.fold(Verifier()) { verifier, config ->
verifier.withMrEnclave(getConfigValue(config), null, hardeningAdvisories)
verifier.withMrEnclave(getConfigValue(config), null, config.hardeningAdvisories)
}
}
}