Versioned Profiles support (disabled).

2026-04-25 03:11:10 +01:00 · 2020-02-10 18:40:22 -05:00
parent f10d1eac61
commit 7ecb50a3fe
67 changed files with 1200 additions and 321 deletions
--- a/app/src/main/java/org/thoughtcrime/securesms/crypto/ProfileKeyUtil.java
+++ b/app/src/main/java/org/thoughtcrime/securesms/crypto/ProfileKeyUtil.java
@@ -3,17 +3,27 @@ package org.thoughtcrime.securesms.crypto;
 import android.content.Context;

 import androidx.annotation.NonNull;
+import androidx.annotation.Nullable;

+import org.signal.zkgroup.InvalidInputException;
+import org.signal.zkgroup.profiles.ProfileKey;
+import org.thoughtcrime.securesms.logging.Log;
 import org.thoughtcrime.securesms.recipients.Recipient;
+import org.thoughtcrime.securesms.util.Util;
+import org.whispersystems.libsignal.util.guava.Optional;
+
+import java.util.Locale;

 public final class ProfileKeyUtil {

+  private static final String TAG = Log.tag(ProfileKeyUtil.class);
+
  private ProfileKeyUtil() {
  }

-  /**
-   * @deprecated Will inline later as part of Versioned profiles.
-   */
+  /** @deprecated Use strongly typed {@link org.signal.zkgroup.profiles.ProfileKey}
+   * from {@link #getSelfProfileKey()}
+   * or {@code getSelfProfileKey().serialize()} if you need the bytes. */
  @Deprecated
  public static @NonNull byte[] getProfileKey(@NonNull Context context) {
    byte[] profileKey = Recipient.self().getProfileKey();
@@ -22,4 +32,48 @@ public final class ProfileKeyUtil {
    }
    return profileKey;
  }
+
+  public static synchronized @NonNull ProfileKey getSelfProfileKey() {
+    try {
+      return new ProfileKey(Recipient.self().getProfileKey());
+    } catch (InvalidInputException e) {
+      throw new AssertionError(e);
+    }
+  }
+
+  public static @Nullable ProfileKey profileKeyOrNull(@Nullable byte[] profileKey) {
+    if (profileKey != null) {
+      try {
+        return new ProfileKey(profileKey);
+      } catch (InvalidInputException e) {
+        Log.w(TAG, String.format(Locale.US, "Seen non-null profile key of wrong length %d", profileKey.length), e);
+      }
+    }
+
+    return null;
+  }
+
+  public static @NonNull ProfileKey profileKeyOrThrow(@NonNull byte[] profileKey) {
+    try {
+      return new ProfileKey(profileKey);
+    } catch (InvalidInputException e) {
+      throw new AssertionError(e);
+    }
+  }
+
+  public static @NonNull Optional<ProfileKey> profileKeyOptional(@Nullable byte[] profileKey) {
+    return Optional.fromNullable(profileKeyOrNull(profileKey));
+  }
+
+  public static @NonNull Optional<ProfileKey> profileKeyOptionalOrThrow(@NonNull byte[] profileKey) {
+    return Optional.of(profileKeyOrThrow(profileKey));
+  }
+
+  public static @NonNull ProfileKey createNew() {
+    try {
+      return new ProfileKey(Util.getSecretBytes(32));
+    } catch (InvalidInputException e) {
+      throw new AssertionError(e);
+    }
+  }
 }
--- a/app/src/main/java/org/thoughtcrime/securesms/crypto/UnidentifiedAccessUtil.java
+++ b/app/src/main/java/org/thoughtcrime/securesms/crypto/UnidentifiedAccessUtil.java
@@ -8,6 +8,7 @@ import androidx.annotation.WorkerThread;

 import org.signal.libsignal.metadata.certificate.CertificateValidator;
 import org.signal.libsignal.metadata.certificate.InvalidCertificateException;
+import org.signal.zkgroup.profiles.ProfileKey;
 import org.thoughtcrime.securesms.BuildConfig;
 import org.thoughtcrime.securesms.logging.Log;
 import org.thoughtcrime.securesms.recipients.Recipient;
@@ -42,7 +43,7 @@ public class UnidentifiedAccessUtil {
  {
    try {
      byte[] theirUnidentifiedAccessKey       = getTargetUnidentifiedAccessKey(recipient);
-      byte[] ourUnidentifiedAccessKey         = getSelfUnidentifiedAccessKey(ProfileKeyUtil.getProfileKey(context));
+      byte[] ourUnidentifiedAccessKey         = UnidentifiedAccess.deriveAccessKeyFrom(ProfileKeyUtil.getSelfProfileKey());
      byte[] ourUnidentifiedAccessCertificate = recipient.resolve().isUuidSupported() && Recipient.self().isUuidSupported()
                                                  ? TextSecurePreferences.getUnidentifiedAccessCertificate(context)
                                                  : TextSecurePreferences.getUnidentifiedAccessCertificateLegacy(context);
@@ -75,7 +76,7 @@ public class UnidentifiedAccessUtil {

  public static Optional<UnidentifiedAccessPair> getAccessForSync(@NonNull Context context) {
    try {
-      byte[] ourUnidentifiedAccessKey         = getSelfUnidentifiedAccessKey(ProfileKeyUtil.getProfileKey(context));
+      byte[] ourUnidentifiedAccessKey         = UnidentifiedAccess.deriveAccessKeyFrom(ProfileKeyUtil.getSelfProfileKey());
      byte[] ourUnidentifiedAccessCertificate = Recipient.self().isUuidSupported() ? TextSecurePreferences.getUnidentifiedAccessCertificate(context)
                                                                                   : TextSecurePreferences.getUnidentifiedAccessCertificateLegacy(context);

@@ -97,12 +98,8 @@ public class UnidentifiedAccessUtil {
    }
  }

-  public static @NonNull byte[] getSelfUnidentifiedAccessKey(@NonNull byte[] selfProfileKey) {
-    return UnidentifiedAccess.deriveAccessKeyFrom(selfProfileKey);
-  }
-
  private static @Nullable byte[] getTargetUnidentifiedAccessKey(@NonNull Recipient recipient) {
-    byte[] theirProfileKey = recipient.resolve().getProfileKey();
+    ProfileKey theirProfileKey = ProfileKeyUtil.profileKeyOrNull(recipient.resolve().getProfileKey());

    switch (recipient.resolve().getUnidentifiedAccessMode()) {
      case UNKNOWN: