Bump libsignal to 0.76.0

2026-04-28 04:34:21 +01:00 · 2025-06-26 12:09:59 -04:00
parent bc10cd0d03
commit 0f16be81b0
238 changed files with 122 additions and 120 deletions
--- a/libsignal-service/src/main/java/org/whispersystems/signalservice/api/archive/ArchiveApi.kt
+++ b/libsignal-service/src/main/java/org/whispersystems/signalservice/api/archive/ArchiveApi.kt
@@ -384,7 +384,7 @@ class ArchiveApi(
    val presentation: ByteArray,
    val signedPresentation: ByteArray
  ) {
-    val publicKey: ECPublicKey = privateKey.publicKey()
+    val publicKey: ECPublicKey = privateKey.getPublicKey()

    companion object {
      fun from(backupKey: BackupKey, aci: ACI, credential: BackupAuthCredential, backupServerPublicParams: GenericServerPublicParams): CredentialPresentationData {
--- a/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/Crypto.kt
+++ b/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/Crypto.kt
@@ -13,6 +13,6 @@ import org.signal.libsignal.protocol.kdf.HKDF
 object Crypto {

  fun hkdf(inputKeyMaterial: ByteArray, info: ByteArray, outputLength: Int, salt: ByteArray? = null): ByteArray {
-    return HKDF.deriveSecrets(inputKeyMaterial, salt, info, outputLength)
+    return HKDF.deriveSecrets(inputKeyMaterial, salt ?: byteArrayOf(), info, outputLength)
  }
 }
--- a/libsignal-service/src/main/java/org/whispersystems/signalservice/api/keys/KeysApi.kt
+++ b/libsignal-service/src/main/java/org/whispersystems/signalservice/api/keys/KeysApi.kt
@@ -218,17 +218,26 @@ class KeysApi(
          signedPreKey = device.getSignedPreKey().publicKey
          signedPreKeyId = device.getSignedPreKey().keyId
          signedPreKeySignature = device.getSignedPreKey().signature
+        } else {
+          Log.w(TAG, "No signed prekey for device! Skipping.")
+          continue
        }

        if (device.getPreKey() != null) {
          preKeyId = device.getPreKey().keyId
          preKey = device.getPreKey().publicKey
+        } else {
+          Log.w(TAG, "No prekey for device! Skipping.")
+          continue
        }

        if (device.getKyberPreKey() != null) {
          kyberPreKey = device.getKyberPreKey().publicKey
          kyberPreKeyId = device.getKyberPreKey().keyId
          kyberPreKeySignature = device.getKyberPreKey().signature
+        } else {
+          Log.w(TAG, "No kyber prekey for device! Skipping.")
+          continue
        }

        bundles.add(
--- a/libsignal-service/src/main/java/org/whispersystems/signalservice/internal/crypto/PrimaryProvisioningCipher.java
+++ b/libsignal-service/src/main/java/org/whispersystems/signalservice/internal/crypto/PrimaryProvisioningCipher.java
@@ -7,8 +7,8 @@
 package org.whispersystems.signalservice.internal.crypto;

 import org.signal.libsignal.protocol.InvalidKeyException;
-import org.signal.libsignal.protocol.ecc.Curve;
 import org.signal.libsignal.protocol.ecc.ECKeyPair;
+import org.signal.libsignal.protocol.ecc.ECPrivateKey;
 import org.signal.libsignal.protocol.ecc.ECPublicKey;
 import org.signal.libsignal.protocol.kdf.HKDF;
 import org.signal.registration.proto.RegistrationProvisionEnvelope;
@@ -39,8 +39,8 @@ public class PrimaryProvisioningCipher {
  }

  public byte[] encrypt(ProvisionMessage message) throws InvalidKeyException {
-    ECKeyPair ourKeyPair    = Curve.generateKeyPair();
-    byte[]    sharedSecret  = Curve.calculateAgreement(theirPublicKey, ourKeyPair.getPrivateKey());
+    ECKeyPair ourKeyPair    = ECKeyPair.generate();
+    byte[]    sharedSecret  = ourKeyPair.getPrivateKey().calculateAgreement(theirPublicKey);
    byte[]    derivedSecret = HKDF.deriveSecrets(sharedSecret, PROVISIONING_MESSAGE.getBytes(), 64);
    byte[][]  parts         = Util.split(derivedSecret, 32, 32);

@@ -57,8 +57,8 @@ public class PrimaryProvisioningCipher {
  }

  public byte[] encrypt(RegistrationProvisionMessage message) throws InvalidKeyException {
-    ECKeyPair ourKeyPair    = Curve.generateKeyPair();
-    byte[]    sharedSecret  = Curve.calculateAgreement(theirPublicKey, ourKeyPair.getPrivateKey());
+    ECKeyPair ourKeyPair    = ECKeyPair.generate();
+    byte[]    sharedSecret  = ourKeyPair.getPrivateKey().calculateAgreement(theirPublicKey);
    byte[]    derivedSecret = HKDF.deriveSecrets(sharedSecret, PROVISIONING_MESSAGE.getBytes(), 64);
    byte[][]  parts         = Util.split(derivedSecret, 32, 32);

--- a/libsignal-service/src/main/java/org/whispersystems/signalservice/internal/crypto/SecondaryProvisioningCipher.kt
+++ b/libsignal-service/src/main/java/org/whispersystems/signalservice/internal/crypto/SecondaryProvisioningCipher.kt
@@ -8,7 +8,7 @@ package org.whispersystems.signalservice.internal.crypto
 import org.signal.core.util.logging.Log
 import org.signal.libsignal.protocol.IdentityKey
 import org.signal.libsignal.protocol.IdentityKeyPair
-import org.signal.libsignal.protocol.ecc.Curve
+import org.signal.libsignal.protocol.ecc.ECPrivateKey
 import org.signal.libsignal.protocol.ecc.ECPublicKey
 import org.signal.libsignal.protocol.kdf.HKDF
 import org.signal.libsignal.zkgroup.profiles.ProfileKey
@@ -58,7 +58,7 @@ class SecondaryProvisioningCipher(private val secondaryIdentityKeyPair: Identity
    return ProvisionDecryptResult.Success(
      uuid = UuidUtil.parseOrThrow(provisioningMessage.aci),
      e164 = provisioningMessage.number!!,
-      identityKeyPair = IdentityKeyPair(IdentityKey(provisioningMessage.aciIdentityKeyPublic!!.toByteArray()), Curve.decodePrivatePoint(provisioningMessage.aciIdentityKeyPrivate!!.toByteArray())),
+      identityKeyPair = IdentityKeyPair(IdentityKey(provisioningMessage.aciIdentityKeyPublic!!.toByteArray()), ECPrivateKey(provisioningMessage.aciIdentityKeyPrivate!!.toByteArray())),
      profileKey = ProfileKey(provisioningMessage.profileKey!!.toByteArray()),
      areReadReceiptsEnabled = provisioningMessage.readReceipts == true,
      primaryUserAgent = provisioningMessage.userAgent,
@@ -99,7 +99,7 @@ class SecondaryProvisioningCipher(private val secondaryIdentityKeyPair: Identity
    val message = body.sliceArray(0 until body.size - MAC_LENGTH)
    val cipherText = body.sliceArray((1 + IV_LENGTH) until body.size - MAC_LENGTH)

-    val sharedSecret = Curve.calculateAgreement(ECPublicKey(primaryEphemeralPublicKey), secondaryIdentityKeyPair.privateKey)
+    val sharedSecret = secondaryIdentityKeyPair.privateKey.calculateAgreement(ECPublicKey(primaryEphemeralPublicKey))
    val derivedSecret: ByteArray = HKDF.deriveSecrets(sharedSecret, PrimaryProvisioningCipher.PROVISIONING_MESSAGE.toByteArray(), 64)

    val cipherKey = derivedSecret.sliceArray(0 until 32)
--- a/libsignal-service/src/main/java/org/whispersystems/signalservice/internal/push/PreKeyEntity.java
+++ b/libsignal-service/src/main/java/org/whispersystems/signalservice/internal/push/PreKeyEntity.java
@@ -17,7 +17,6 @@ import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import com.fasterxml.jackson.databind.annotation.JsonSerialize;

 import org.signal.libsignal.protocol.InvalidKeyException;
-import org.signal.libsignal.protocol.ecc.Curve;
 import org.signal.libsignal.protocol.ecc.ECPublicKey;
 import org.signal.core.util.Base64;

@@ -59,7 +58,7 @@ public class PreKeyEntity {
    @Override
    public ECPublicKey deserialize(JsonParser p, DeserializationContext ctxt) throws IOException {
      try {
-        return Curve.decodePoint(Base64.decode(p.getValueAsString()), 0);
+        return new ECPublicKey(Base64.decode(p.getValueAsString()));
      } catch (InvalidKeyException e) {
        throw new IOException(e);
      }