mirror of
https://github.com/signalapp/Signal-Android.git
synced 2026-04-02 08:23:00 +01:00
Michelle Tang
Alex Hart
@@ -1,7 +1,7 @@
|
||||
package org.thoughtcrime.securesms.dependencies
|
||||
|
||||
import org.signal.libsignal.keytrans.KeyTransparencyException
|
||||
import org.signal.libsignal.net.KeyTransparency
|
||||
import org.signal.libsignal.net.KeyTransparency.CheckMode
|
||||
import org.signal.libsignal.net.RequestResult
|
||||
import org.signal.libsignal.net.getOrError
|
||||
import org.signal.libsignal.protocol.IdentityKey
|
||||
@@ -14,21 +14,9 @@ import org.whispersystems.signalservice.api.websocket.SignalWebSocket
|
||||
*/
|
||||
class KeyTransparencyApi(private val unauthWebSocket: SignalWebSocket.UnauthenticatedWebSocket) {
|
||||
|
||||
/**
|
||||
* Uses KT to verify recipient. This is an unauthenticated and should only be called the first time KT is being requested for this recipient.
|
||||
*/
|
||||
suspend fun search(aci: ServiceId.Aci, aciIdentityKey: IdentityKey, e164: String?, unidentifiedAccessKey: ByteArray?, usernameHash: ByteArray?, keyTransparencyStore: KeyTransparencyStore): RequestResult<Unit, KeyTransparencyException> {
|
||||
suspend fun check(checkMode: CheckMode, aci: ServiceId.Aci, aciIdentityKey: IdentityKey, e164: String?, unidentifiedAccessKey: ByteArray?, usernameHash: ByteArray?, keyTransparencyStore: KeyTransparencyStore): RequestResult<Unit, KeyTransparencyException> {
|
||||
return unauthWebSocket.runCatchingWithUnauthChatConnection { chatConnection ->
|
||||
chatConnection.keyTransparencyClient().search(aci, aciIdentityKey, e164, unidentifiedAccessKey, usernameHash, keyTransparencyStore)
|
||||
}.getOrError()
|
||||
}
|
||||
|
||||
/**
|
||||
* Monitors KT to verify recipient. This is an unauthenticated and should only be called following a successful [search].
|
||||
*/
|
||||
suspend fun monitor(monitorMode: KeyTransparency.MonitorMode, aci: ServiceId.Aci, aciIdentityKey: IdentityKey, e164: String?, unidentifiedAccessKey: ByteArray?, usernameHash: ByteArray?, keyTransparencyStore: KeyTransparencyStore): RequestResult<Unit, KeyTransparencyException> {
|
||||
return unauthWebSocket.runCatchingWithUnauthChatConnection { chatConnection ->
|
||||
chatConnection.keyTransparencyClient().monitor(monitorMode, aci, aciIdentityKey, e164, unidentifiedAccessKey, usernameHash, keyTransparencyStore)
|
||||
chatConnection.keyTransparencyClient().check(checkMode, aci, aciIdentityKey, e164, unidentifiedAccessKey, usernameHash, keyTransparencyStore)
|
||||
}.getOrError()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package org.thoughtcrime.securesms.jobs
|
||||
|
||||
import org.signal.core.util.logging.Log
|
||||
import org.signal.libsignal.net.KeyTransparency
|
||||
import org.signal.libsignal.net.KeyTransparency.CheckMode
|
||||
import org.signal.libsignal.net.RequestResult
|
||||
import org.signal.libsignal.usernames.Username
|
||||
import org.thoughtcrime.securesms.crypto.ProfileKeyUtil
|
||||
@@ -110,25 +110,16 @@ class CheckKeyTransparencyJob private constructor(
|
||||
SignalStore.misc.lastKeyTransparencyTime = System.currentTimeMillis()
|
||||
|
||||
val recipient = SignalDatabase.recipients.getRecord(Recipient.self().id)
|
||||
val aciIdentityKey = SignalStore.account.aciIdentityKey.publicKey
|
||||
val aci = recipient.aci!!.libSignalAci
|
||||
|
||||
val (e164, unidentifiedAccessKey) = if (SignalStore.phoneNumberPrivacy.phoneNumberDiscoverabilityMode == PhoneNumberDiscoverabilityMode.DISCOVERABLE) {
|
||||
Pair(recipient.e164!!, ProfileKeyUtil.profileKeyOrNull(recipient.profileKey).let { UnidentifiedAccess.deriveAccessKeyFrom(it) })
|
||||
} else {
|
||||
Pair(null, null)
|
||||
}
|
||||
|
||||
val usernameHash = SignalStore.account.username?.let { Username(it).hash }
|
||||
val firstSearch = recipient.keyTransparencyData == null
|
||||
|
||||
val result = if (firstSearch) {
|
||||
Log.i(TAG, "First search in key transparency")
|
||||
SignalNetwork.keyTransparency.search(aci, aciIdentityKey, e164, unidentifiedAccessKey, usernameHash, KeyTransparencyStore)
|
||||
} else {
|
||||
Log.i(TAG, "Monitoring search in key transparency")
|
||||
SignalNetwork.keyTransparency.monitor(KeyTransparency.MonitorMode.SELF, aci, aciIdentityKey, e164, unidentifiedAccessKey, usernameHash, KeyTransparencyStore)
|
||||
}
|
||||
val result = SignalNetwork.keyTransparency.check(
|
||||
checkMode = CheckMode.Self(isE164Discoverable = SignalStore.phoneNumberPrivacy.phoneNumberDiscoverabilityMode == PhoneNumberDiscoverabilityMode.DISCOVERABLE),
|
||||
aci = recipient.aci!!.libSignalAci,
|
||||
aciIdentityKey = SignalStore.account.aciIdentityKey.publicKey,
|
||||
e164 = recipient.e164!!,
|
||||
unidentifiedAccessKey = ProfileKeyUtil.profileKeyOrNull(recipient.profileKey).let { UnidentifiedAccess.deriveAccessKeyFrom(it) },
|
||||
usernameHash = SignalStore.account.username?.let { Username(it).hash },
|
||||
keyTransparencyStore = KeyTransparencyStore
|
||||
)
|
||||
|
||||
Log.i(TAG, "Key transparency complete, result: $result")
|
||||
return when (result) {
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package org.thoughtcrime.securesms.verify
|
||||
|
||||
import org.signal.core.util.logging.Log
|
||||
import org.signal.libsignal.net.KeyTransparency
|
||||
import org.signal.libsignal.net.KeyTransparency.CheckMode
|
||||
import org.signal.libsignal.net.RequestResult
|
||||
import org.thoughtcrime.securesms.crypto.ProfileKeyUtil
|
||||
import org.thoughtcrime.securesms.database.model.KeyTransparencyStore
|
||||
@@ -19,7 +19,7 @@ object VerifySafetyNumberRepository {
|
||||
private val TAG = Log.tag(VerifySafetyNumberRepository::class.java)
|
||||
|
||||
/**
|
||||
* Given a recipient will try to verify via search (first time) or monitor (subsequent).
|
||||
* Given a recipient will try to verify via key transparency.
|
||||
*/
|
||||
suspend fun verifyAutomatically(recipient: Recipient): VerifyResult {
|
||||
val profileKey = ProfileKeyUtil.profileKeyOrNull(recipient.profileKey)
|
||||
@@ -31,18 +31,16 @@ object VerifySafetyNumberRepository {
|
||||
}
|
||||
|
||||
val aciIdentityKey = identityRecord.get().identityKey
|
||||
val aci = recipient.requireAci().libSignalAci
|
||||
val e164 = recipient.requireE164()
|
||||
val unidentifiedAccessKey = profileKey.let { UnidentifiedAccess.deriveAccessKeyFrom(it) }
|
||||
val firstSearch = recipient.keyTransparencyData == null
|
||||
|
||||
val result = if (firstSearch) {
|
||||
Log.i(TAG, "First search in key transparency")
|
||||
SignalNetwork.keyTransparency.search(aci, aciIdentityKey, e164, unidentifiedAccessKey, usernameHash = null, KeyTransparencyStore)
|
||||
} else {
|
||||
Log.i(TAG, "Monitoring search in key transparency")
|
||||
SignalNetwork.keyTransparency.monitor(KeyTransparency.MonitorMode.OTHER, aci, aciIdentityKey, e164, unidentifiedAccessKey, usernameHash = null, KeyTransparencyStore)
|
||||
}
|
||||
val result = SignalNetwork.keyTransparency.check(
|
||||
checkMode = CheckMode.Contact,
|
||||
aci = recipient.requireAci().libSignalAci,
|
||||
aciIdentityKey = aciIdentityKey,
|
||||
e164 = recipient.requireE164(),
|
||||
unidentifiedAccessKey = profileKey.let { UnidentifiedAccess.deriveAccessKeyFrom(it) },
|
||||
usernameHash = null,
|
||||
keyTransparencyStore = KeyTransparencyStore
|
||||
)
|
||||
|
||||
Log.i(TAG, "Key transparency complete, result: $result")
|
||||
return when (result) {
|
||||
|
||||
Reference in New Issue
Block a user