From 2767e298c4d6e8cb5142cba6ec2dee69db9ae1a0 Mon Sep 17 00:00:00 2001
From: gram-signal <84339875+gram-signal@users.noreply.github.com>
Date: Thu, 5 Jun 2025 11:26:19 -0700
Subject: [PATCH] API changes associated with update to libsignal 0.74.0

---
 gradle/libs.versions.toml                     |  2 +-
 gradle/verification-metadata.xml              | 20 +++++++++----------
 .../api/crypto/SignalSealedSessionCipher.java |  3 ++-
 .../api/crypto/SignalSessionBuilder.java      |  3 ++-
 .../api/crypto/SignalSessionCipher.java       |  3 ++-
 .../java/org/signal/util/SignalClient.kt      |  3 ++-
 6 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index 3ea90167cb..29ac66539f 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -13,7 +13,7 @@ androidx-window = "1.3.0"
 glide = "4.15.1"
 gradle = "8.9.0"
 kotlin = "2.1.0"
-libsignal-client = "0.73.2"
+libsignal-client = "0.74.0"
 mp4parser = "1.9.39"
 android-gradle-plugin = "8.7.2"
 accompanist = "0.28.0"
diff --git a/gradle/verification-metadata.xml b/gradle/verification-metadata.xml
index 7fcbfe9d08..ac764e0142 100644
--- a/gradle/verification-metadata.xml
+++ b/gradle/verification-metadata.xml
@@ -7216,20 +7216,20 @@ https://docs.gradle.org/current/userguide/dependency_verification.html
             <sha256 value="57b3cf8f247f1990211110734a7d1af413db145c8f17eb1b2cdc9b9321188c2b" origin="Generated by Gradle"/>
          </artifact>
       </component>
-      <component group="org.signal" name="libsignal-android" version="0.73.2">
-         <artifact name="libsignal-android-0.73.2.aar">
-            <sha256 value="7bad1c02e39e21ac338446b0fca79b795bc449d03df8c8b75254434a4afc64b7" origin="Generated by Gradle"/>
+      <component group="org.signal" name="libsignal-android" version="0.74.0">
+         <artifact name="libsignal-android-0.74.0.aar">
+            <sha256 value="11e38b7571df79bc075ca3728a9dfa5f1639a5eac9a75b57bd23b6ec9f584ea7" origin="Generated by Gradle"/>
          </artifact>
-         <artifact name="libsignal-android-0.73.2.module">
-            <sha256 value="3ede66a204627940b23437df560bbe4940d4f3d70bf949cf44ae2736bf6ba207" origin="Generated by Gradle"/>
+         <artifact name="libsignal-android-0.74.0.module">
+            <sha256 value="8902a6078dd64095fd6f5c3fb177a367935a3c1945541c82a4fef4bc1495e505" origin="Generated by Gradle"/>
          </artifact>
       </component>
-      <component group="org.signal" name="libsignal-client" version="0.73.2">
-         <artifact name="libsignal-client-0.73.2.jar">
-            <sha256 value="b5bd12094bbd1e46a203bfa9ee134492deb815a6cc5b2e50d7d317a3869f652b" origin="Generated by Gradle"/>
+      <component group="org.signal" name="libsignal-client" version="0.74.0">
+         <artifact name="libsignal-client-0.74.0.jar">
+            <sha256 value="8ef05c504ebb5be1ab2dd6ddfc0760f2ca48c2d26727a085d0e729930b81c099" origin="Generated by Gradle"/>
          </artifact>
-         <artifact name="libsignal-client-0.73.2.module">
-            <sha256 value="20ce9f2fa45f934e73f4629e9956946fd4a0868e2c6bb99154e8b4cb9aef8425" origin="Generated by Gradle"/>
+         <artifact name="libsignal-client-0.74.0.module">
+            <sha256 value="970c75164ec0ed83617d8a3bb11b9cef7fea9e95db52e50b0f01c022d90aa031" origin="Generated by Gradle"/>
          </artifact>
       </component>
       <component group="org.signal" name="ringrtc-android" version="2.53.0">
diff --git a/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSealedSessionCipher.java b/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSealedSessionCipher.java
index 8259872d7a..6e1ed63e0e 100644
--- a/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSealedSessionCipher.java
+++ b/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSealedSessionCipher.java
@@ -21,6 +21,7 @@ import org.signal.libsignal.protocol.InvalidRegistrationIdException;
 import org.signal.libsignal.protocol.NoSessionException;
 import org.signal.libsignal.protocol.SignalProtocolAddress;
 import org.signal.libsignal.protocol.UntrustedIdentityException;
+import org.signal.libsignal.protocol.UsePqRatchet;
 import org.signal.libsignal.protocol.state.SessionRecord;
 import org.signal.libsignal.protocol.state.SignalProtocolStore;
 import org.whispersystems.signalservice.api.SignalSessionLock;
@@ -67,7 +68,7 @@ public class SignalSealedSessionCipher {
 
   public SealedSessionCipher.DecryptionResult decrypt(CertificateValidator validator, byte[] ciphertext, long timestamp) throws InvalidMetadataMessageException, InvalidMetadataVersionException, ProtocolInvalidMessageException, ProtocolInvalidKeyException, ProtocolNoSessionException, ProtocolLegacyMessageException, ProtocolInvalidVersionException, ProtocolDuplicateMessageException, ProtocolInvalidKeyIdException, ProtocolUntrustedIdentityException, SelfSendException {
     try (SignalSessionLock.Lock unused = lock.acquire()) {
-      return cipher.decrypt(validator, ciphertext, timestamp);
+      return cipher.decrypt(validator, ciphertext, timestamp, UsePqRatchet.NO);
     }
   }
 
diff --git a/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSessionBuilder.java b/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSessionBuilder.java
index d1499c2e23..a2f3107c26 100644
--- a/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSessionBuilder.java
+++ b/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSessionBuilder.java
@@ -3,6 +3,7 @@ package org.whispersystems.signalservice.api.crypto;
 import org.signal.libsignal.protocol.InvalidKeyException;
 import org.signal.libsignal.protocol.SessionBuilder;
 import org.signal.libsignal.protocol.UntrustedIdentityException;
+import org.signal.libsignal.protocol.UsePqRatchet;
 import org.signal.libsignal.protocol.state.PreKeyBundle;
 import org.whispersystems.signalservice.api.SignalSessionLock;
 
@@ -21,7 +22,7 @@ public class SignalSessionBuilder {
 
   public void process(PreKeyBundle preKey) throws InvalidKeyException, UntrustedIdentityException {
     try (SignalSessionLock.Lock unused = lock.acquire()) {
-      builder.process(preKey);
+      builder.process(preKey, UsePqRatchet.NO);
     }
   }
 }
diff --git a/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSessionCipher.java b/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSessionCipher.java
index 201302a266..12a7129798 100644
--- a/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSessionCipher.java
+++ b/libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSessionCipher.java
@@ -9,6 +9,7 @@ import org.signal.libsignal.protocol.LegacyMessageException;
 import org.signal.libsignal.protocol.NoSessionException;
 import org.signal.libsignal.protocol.SessionCipher;
 import org.signal.libsignal.protocol.UntrustedIdentityException;
+import org.signal.libsignal.protocol.UsePqRatchet;
 import org.signal.libsignal.protocol.message.CiphertextMessage;
 import org.signal.libsignal.protocol.message.PreKeySignalMessage;
 import org.signal.libsignal.protocol.message.SignalMessage;
@@ -35,7 +36,7 @@ public class SignalSessionCipher {
 
   public byte[] decrypt(PreKeySignalMessage ciphertext) throws DuplicateMessageException, LegacyMessageException, InvalidMessageException, InvalidKeyIdException, InvalidKeyException, org.signal.libsignal.protocol.UntrustedIdentityException {
     try (SignalSessionLock.Lock unused = lock.acquire()) {
-      return cipher.decrypt(ciphertext);
+      return cipher.decrypt(ciphertext, UsePqRatchet.NO);
     }
   }
 
diff --git a/microbenchmark/src/androidTest/java/org/signal/util/SignalClient.kt b/microbenchmark/src/androidTest/java/org/signal/util/SignalClient.kt
index 898af331dc..b860037443 100644
--- a/microbenchmark/src/androidTest/java/org/signal/util/SignalClient.kt
+++ b/microbenchmark/src/androidTest/java/org/signal/util/SignalClient.kt
@@ -9,6 +9,7 @@ import org.signal.libsignal.metadata.certificate.SenderCertificate
 import org.signal.libsignal.metadata.certificate.ServerCertificate
 import org.signal.libsignal.protocol.SessionBuilder
 import org.signal.libsignal.protocol.SignalProtocolAddress
+import org.signal.libsignal.protocol.UsePqRatchet
 import org.signal.libsignal.protocol.ecc.Curve
 import org.signal.libsignal.protocol.ecc.ECKeyPair
 import org.signal.libsignal.protocol.ecc.ECPublicKey
@@ -74,7 +75,7 @@ class SignalClient {
    */
   fun initializeSession(to: SignalClient) {
     val address = SignalProtocolAddress(to.aci.toString(), 1)
-    SessionBuilder(store, address).process(to.createPreKeyBundle())
+    SessionBuilder(store, address).process(to.createPreKeyBundle(), UsePqRatchet.NO)
   }
 
   fun initializedGroupSession(distributionId: DistributionId): SenderKeyDistributionMessage {