From 29d66f2b926d46bff57f5bbd230d0757fe071c48 Mon Sep 17 00:00:00 2001 From: Greyson Parrelli Date: Wed, 10 Feb 2021 12:49:56 -0500 Subject: [PATCH] Remove unused signaling key code. --- .../ApplicationDependencyProvider.java | 5 - .../messages/IncomingMessageObserver.java | 2 - .../securesms/messages/WebsocketStrategy.java | 2 - .../securesms/util/TextSecurePreferences.java | 5 - .../api/SignalServiceAccountManager.java | 2 +- .../api/SignalServiceMessagePipe.java | 33 +---- .../api/SignalServiceMessageReceiver.java | 8 +- .../api/SignalServiceMessageSender.java | 2 +- .../api/messages/SignalServiceEnvelope.java | 115 +----------------- .../api/util/CredentialsProvider.java | 1 - .../util/StaticCredentialsProvider.java | 9 +- 11 files changed, 16 insertions(+), 168 deletions(-) diff --git a/app/src/main/java/org/thoughtcrime/securesms/dependencies/ApplicationDependencyProvider.java b/app/src/main/java/org/thoughtcrime/securesms/dependencies/ApplicationDependencyProvider.java index c4853a6688..6a76cfc867 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/dependencies/ApplicationDependencyProvider.java +++ b/app/src/main/java/org/thoughtcrime/securesms/dependencies/ApplicationDependencyProvider.java @@ -252,10 +252,5 @@ public class ApplicationDependencyProvider implements ApplicationDependencies.Pr public String getPassword() { return TextSecurePreferences.getPushServerPassword(context); } - - @Override - public String getSignalingKey() { - return TextSecurePreferences.getSignalingKey(context); - } } } diff --git a/app/src/main/java/org/thoughtcrime/securesms/messages/IncomingMessageObserver.java b/app/src/main/java/org/thoughtcrime/securesms/messages/IncomingMessageObserver.java index bfd8b52767..41bf32e982 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/messages/IncomingMessageObserver.java +++ b/app/src/main/java/org/thoughtcrime/securesms/messages/IncomingMessageObserver.java @@ -249,8 +249,6 @@ public class IncomingMessageObserver { } } catch (TimeoutException e) { Log.w(TAG, "Application level read timeout..."); - } catch (InvalidVersionException e) { - Log.w(TAG, e); } } } catch (Throwable e) { diff --git a/app/src/main/java/org/thoughtcrime/securesms/messages/WebsocketStrategy.java b/app/src/main/java/org/thoughtcrime/securesms/messages/WebsocketStrategy.java index 8eae9e2ae3..d4df57a4bf 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/messages/WebsocketStrategy.java +++ b/app/src/main/java/org/thoughtcrime/securesms/messages/WebsocketStrategy.java @@ -76,8 +76,6 @@ class WebsocketStrategy extends MessageRetrievalStrategy { } } catch (TimeoutException e) { Log.w(TAG, "Websocket timeout." + timeSuffix(startTime)); - } catch (InvalidVersionException e) { - Log.w(TAG, e); } } } finally { diff --git a/app/src/main/java/org/thoughtcrime/securesms/util/TextSecurePreferences.java b/app/src/main/java/org/thoughtcrime/securesms/util/TextSecurePreferences.java index 6d8325d026..c763cce08b 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/util/TextSecurePreferences.java +++ b/app/src/main/java/org/thoughtcrime/securesms/util/TextSecurePreferences.java @@ -79,7 +79,6 @@ public class TextSecurePreferences { private static final String SEEN_WELCOME_SCREEN_PREF = "pref_seen_welcome_screen"; private static final String PROMPTED_PUSH_REGISTRATION_PREF = "pref_prompted_push_registration"; private static final String PROMPTED_OPTIMIZE_DOZE_PREF = "pref_prompted_optimize_doze"; - private static final String SIGNALING_KEY_PREF = "pref_signaling_key"; private static final String DIRECTORY_FRESH_TIME_PREF = "pref_directory_refresh_time"; private static final String UPDATE_APK_REFRESH_TIME_PREF = "pref_update_apk_refresh_time"; private static final String UPDATE_APK_DOWNLOAD_ID = "pref_update_apk_download_id"; @@ -675,10 +674,6 @@ public class TextSecurePreferences { setStringPreference(context, GCM_PASSWORD_PREF, password); } - public static String getSignalingKey(Context context) { - return getStringPreference(context, SIGNALING_KEY_PREF, null); - } - public static boolean isEnterImeKeyEnabled(Context context) { return getBooleanPreference(context, ENTER_PRESENT_PREF, false); } diff --git a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceAccountManager.java b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceAccountManager.java index 82ddc98f16..d3818e7781 100644 --- a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceAccountManager.java +++ b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceAccountManager.java @@ -125,7 +125,7 @@ public class SignalServiceAccountManager { String signalAgent, boolean automaticNetworkRetry) { this(configuration, - new StaticCredentialsProvider(uuid, e164, password, null), + new StaticCredentialsProvider(uuid, e164, password), signalAgent, new GroupsV2Operations(ClientZkOperations.create(configuration)), automaticNetworkRetry); diff --git a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessagePipe.java b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessagePipe.java index 826b5172f0..2c1f04eb13 100644 --- a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessagePipe.java +++ b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessagePipe.java @@ -139,17 +139,15 @@ public class SignalServiceMessagePipe { * connection breaks (if, for instance, you lose and regain network). */ public Optional readOrEmpty(long timeout, TimeUnit unit, MessagePipeCallback callback) - throws TimeoutException, IOException, InvalidVersionException + throws TimeoutException, IOException { if (!credentialsProvider.isPresent()) { throw new IllegalArgumentException("You can't read messages if you haven't specified credentials"); } while (true) { - WebSocketRequestMessage request = websocket.readRequest(unit.toMillis(timeout)); - WebSocketResponseMessage response = createWebSocketResponse(request); - boolean signalKeyEncrypted = isSignalKeyEncrypted(request); - + WebSocketRequestMessage request = websocket.readRequest(unit.toMillis(timeout)); + WebSocketResponseMessage response = createWebSocketResponse(request); try { if (isSignalServiceEnvelope(request)) { Optional timestampHeader = findHeader(request, SERVER_DELIVERED_TIMESTAMP_HEADER); @@ -163,10 +161,7 @@ public class SignalServiceMessagePipe { } } - SignalServiceEnvelope envelope = new SignalServiceEnvelope(request.getBody().toByteArray(), - credentialsProvider.get().getSignalingKey(), - signalKeyEncrypted, - timestamp); + SignalServiceEnvelope envelope = new SignalServiceEnvelope(request.getBody().toByteArray(), timestamp); callback.onMessage(envelope); return Optional.of(envelope); @@ -329,26 +324,6 @@ public class SignalServiceMessagePipe { return "PUT".equals(message.getVerb()) && "/api/v1/queue/empty".equals(message.getPath()); } - private boolean isSignalKeyEncrypted(WebSocketRequestMessage message) { - List headers = message.getHeadersList(); - - if (headers == null || headers.isEmpty()) { - return true; - } - - for (String header : headers) { - String[] parts = header.split(":"); - - if (parts.length == 2 && parts[0] != null && parts[0].trim().equalsIgnoreCase("X-Signal-Key")) { - if (parts[1] != null && parts[1].trim().equalsIgnoreCase("false")) { - return false; - } - } - } - - return true; - } - private WebSocketResponseMessage createWebSocketResponse(WebSocketRequestMessage request) { if (isSignalServiceEnvelope(request)) { return WebSocketResponseMessage.newBuilder() diff --git a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessageReceiver.java b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessageReceiver.java index fe2ef19119..13b24c950c 100644 --- a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessageReceiver.java +++ b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessageReceiver.java @@ -76,14 +76,16 @@ public class SignalServiceMessageReceiver { * @param signalingKey The 52 byte signaling key assigned to this user at registration. */ public SignalServiceMessageReceiver(SignalServiceConfiguration urls, - UUID uuid, String e164, String password, - String signalingKey, String signalAgent, + UUID uuid, + String e164, + String password, + String signalAgent, ConnectivityListener listener, SleepTimer timer, ClientZkProfileOperations clientZkProfileOperations, boolean automaticNetworkRetry) { - this(urls, new StaticCredentialsProvider(uuid, e164, password, signalingKey), signalAgent, listener, timer, clientZkProfileOperations, automaticNetworkRetry); + this(urls, new StaticCredentialsProvider(uuid, e164, password), signalAgent, listener, timer, clientZkProfileOperations, automaticNetworkRetry); } /** diff --git a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessageSender.java b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessageSender.java index 6a3d5d0491..abba3f6e30 100644 --- a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessageSender.java +++ b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessageSender.java @@ -153,7 +153,7 @@ public class SignalServiceMessageSender { ExecutorService executor, boolean automaticNetworkRetry) { - this(urls, new StaticCredentialsProvider(uuid, e164, password, null), store, signalAgent, isMultiDevice, pipe, unidentifiedPipe, eventListener, clientZkProfileOperations, executor, 0, automaticNetworkRetry); + this(urls, new StaticCredentialsProvider(uuid, e164, password), store, signalAgent, isMultiDevice, pipe, unidentifiedPipe, eventListener, clientZkProfileOperations, executor, 0, automaticNetworkRetry); } public SignalServiceMessageSender(SignalServiceConfiguration urls, diff --git a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/messages/SignalServiceEnvelope.java b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/messages/SignalServiceEnvelope.java index a8bd136a37..590b807ef5 100644 --- a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/messages/SignalServiceEnvelope.java +++ b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/messages/SignalServiceEnvelope.java @@ -43,17 +43,6 @@ public class SignalServiceEnvelope { private static final String TAG = SignalServiceEnvelope.class.getSimpleName(); - private static final int SUPPORTED_VERSION = 1; - private static final int CIPHER_KEY_SIZE = 32; - private static final int MAC_KEY_SIZE = 20; - private static final int MAC_SIZE = 10; - - private static final int VERSION_OFFSET = 0; - private static final int VERSION_LENGTH = 1; - private static final int IV_OFFSET = VERSION_OFFSET + VERSION_LENGTH; - private static final int IV_LENGTH = 16; - private static final int CIPHERTEXT_OFFSET = IV_OFFSET + IV_LENGTH; - private final Envelope envelope; private final long serverDeliveredTimestamp; @@ -62,48 +51,18 @@ public class SignalServiceEnvelope { * with a signaling key. * * @param message The serialized SignalServiceEnvelope, base64 encoded and encrypted. - * @param signalingKey The signaling key. - * @throws IOException - * @throws InvalidVersionException */ - public SignalServiceEnvelope(String message, - String signalingKey, - boolean isSignalingKeyEncrypted, - long serverDeliveredTimestamp) - throws IOException, InvalidVersionException - { - this(Base64.decode(message), signalingKey, isSignalingKeyEncrypted, serverDeliveredTimestamp); + public SignalServiceEnvelope(String message, long serverDeliveredTimestamp) throws IOException { + this(Base64.decode(message), serverDeliveredTimestamp); } /** * Construct an envelope from a serialized SignalServiceEnvelope, encrypted with a signaling key. * * @param input The serialized and (optionally) encrypted SignalServiceEnvelope. - * @param signalingKey The signaling key. - * @throws InvalidVersionException - * @throws IOException */ - public SignalServiceEnvelope(byte[] input, - String signalingKey, - boolean isSignalingKeyEncrypted, - long serverDeliveredTimestamp) - throws InvalidVersionException, IOException - { - if (!isSignalingKeyEncrypted) { - this.envelope = Envelope.parseFrom(input); - } else { - if (input.length < VERSION_LENGTH || input[VERSION_OFFSET] != SUPPORTED_VERSION) { - throw new InvalidVersionException("Unsupported version!"); - } - - SecretKeySpec cipherKey = getCipherKey(signalingKey); - SecretKeySpec macKey = getMacKey(signalingKey); - - verifyMac(input, macKey); - - this.envelope = Envelope.parseFrom(getPlaintext(input, cipherKey)); - } - + public SignalServiceEnvelope(byte[] input, long serverDeliveredTimestamp) throws IOException { + this.envelope = Envelope.parseFrom(input); this.serverDeliveredTimestamp = serverDeliveredTimestamp; } @@ -299,70 +258,4 @@ public class SignalServiceEnvelope { public boolean isUnidentifiedSender() { return envelope.getType().getNumber() == Envelope.Type.UNIDENTIFIED_SENDER_VALUE; } - - private byte[] getPlaintext(byte[] ciphertext, SecretKeySpec cipherKey) throws IOException { - try { - byte[] ivBytes = new byte[IV_LENGTH]; - System.arraycopy(ciphertext, IV_OFFSET, ivBytes, 0, ivBytes.length); - IvParameterSpec iv = new IvParameterSpec(ivBytes); - - Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); - cipher.init(Cipher.DECRYPT_MODE, cipherKey, iv); - - return cipher.doFinal(ciphertext, CIPHERTEXT_OFFSET, - ciphertext.length - VERSION_LENGTH - IV_LENGTH - MAC_SIZE); - } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | InvalidAlgorithmParameterException | IllegalBlockSizeException e) { - throw new AssertionError(e); - } catch (BadPaddingException e) { - Log.w(TAG, e); - throw new IOException("Bad padding?"); - } - } - - private void verifyMac(byte[] ciphertext, SecretKeySpec macKey) throws IOException { - try { - Mac mac = Mac.getInstance("HmacSHA256"); - mac.init(macKey); - - if (ciphertext.length < MAC_SIZE + 1) - throw new IOException("Invalid MAC!"); - - mac.update(ciphertext, 0, ciphertext.length - MAC_SIZE); - - byte[] ourMacFull = mac.doFinal(); - byte[] ourMacBytes = new byte[MAC_SIZE]; - System.arraycopy(ourMacFull, 0, ourMacBytes, 0, ourMacBytes.length); - - byte[] theirMacBytes = new byte[MAC_SIZE]; - System.arraycopy(ciphertext, ciphertext.length-MAC_SIZE, theirMacBytes, 0, theirMacBytes.length); - - Log.w(TAG, "Our MAC: " + Hex.toString(ourMacBytes)); - Log.w(TAG, "Thr MAC: " + Hex.toString(theirMacBytes)); - - if (!Arrays.equals(ourMacBytes, theirMacBytes)) { - throw new IOException("Invalid MAC compare!"); - } - } catch (NoSuchAlgorithmException | InvalidKeyException e) { - throw new AssertionError(e); - } - } - - - private SecretKeySpec getCipherKey(String signalingKey) throws IOException { - byte[] signalingKeyBytes = Base64.decode(signalingKey); - byte[] cipherKey = new byte[CIPHER_KEY_SIZE]; - System.arraycopy(signalingKeyBytes, 0, cipherKey, 0, cipherKey.length); - - return new SecretKeySpec(cipherKey, "AES"); - } - - - private SecretKeySpec getMacKey(String signalingKey) throws IOException { - byte[] signalingKeyBytes = Base64.decode(signalingKey); - byte[] macKey = new byte[MAC_KEY_SIZE]; - System.arraycopy(signalingKeyBytes, CIPHER_KEY_SIZE, macKey, 0, macKey.length); - - return new SecretKeySpec(macKey, "HmacSHA256"); - } - } diff --git a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/util/CredentialsProvider.java b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/util/CredentialsProvider.java index e09c97742b..4d3cec8502 100644 --- a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/util/CredentialsProvider.java +++ b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/util/CredentialsProvider.java @@ -12,5 +12,4 @@ public interface CredentialsProvider { public UUID getUuid(); public String getE164(); public String getPassword(); - public String getSignalingKey(); } diff --git a/libsignal/service/src/main/java/org/whispersystems/signalservice/internal/util/StaticCredentialsProvider.java b/libsignal/service/src/main/java/org/whispersystems/signalservice/internal/util/StaticCredentialsProvider.java index 4459e7d90a..828adc0753 100644 --- a/libsignal/service/src/main/java/org/whispersystems/signalservice/internal/util/StaticCredentialsProvider.java +++ b/libsignal/service/src/main/java/org/whispersystems/signalservice/internal/util/StaticCredentialsProvider.java @@ -15,13 +15,11 @@ public class StaticCredentialsProvider implements CredentialsProvider { private final UUID uuid; private final String e164; private final String password; - private final String signalingKey; - public StaticCredentialsProvider(UUID uuid, String e164, String password, String signalingKey) { + public StaticCredentialsProvider(UUID uuid, String e164, String password) { this.uuid = uuid; this.e164 = e164; this.password = password; - this.signalingKey = signalingKey; } @Override @@ -38,9 +36,4 @@ public class StaticCredentialsProvider implements CredentialsProvider { public String getPassword() { return password; } - - @Override - public String getSignalingKey() { - return signalingKey; - } }