Signal/Android
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Android.git synced 2026-02-26 04:33:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Switch to libsignal for PIN hashing.

Browse Source
This commit is contained in:
Greyson Parrelli
2023-05-10 15:53:31 -04:00
parent 13248506c5
commit acb6510312
21 changed files with 148 additions and 195 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
app/src/test/java/org/thoughtcrime/securesms/registration/v2/HashedPinKbsDataTest.java → app/src/test/java/org/thoughtcrime/securesms/registration/v2/PinHashKbsDataTest.java
View File

@@ -2,29 +2,33 @@ package org.thoughtcrime.securesms.registration.v2;
import org.junit.Test;
import org.signal.core.util.StreamUtil;
import org.signal.libsignal.svr2.PinHash;
import org.thoughtcrime.securesms.registration.v2.testdata.KbsTestVector;
import org.whispersystems.signalservice.api.crypto.InvalidCiphertextException;
import org.whispersystems.signalservice.api.kbs.HashedPin;
import org.whispersystems.signalservice.api.kbs.KbsData;
import org.whispersystems.signalservice.api.kbs.MasterKey;
import org.whispersystems.signalservice.api.kbs.PinHashUtil;
import org.whispersystems.signalservice.internal.util.JsonUtil;
import java.io.IOException;
import java.io.InputStream;
import java.util.Arrays;
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import static org.thoughtcrime.securesms.testutil.SecureRandomTestUtil.mockRandom;
public final class HashedPinKbsDataTest {
public final class PinHashKbsDataTest {
@Test
public void vectors_createNewKbsData() throws IOException {
for (KbsTestVector vector : getKbsTestVectorList()) {
HashedPin hashedPin = HashedPin.fromArgon2Hash(vector.getArgon2Hash());
PinHash pinHash = fromArgon2Hash(vector.getArgon2Hash());
KbsData kbsData = hashedPin.createNewKbsData(MasterKey.createNew(mockRandom(vector.getMasterKey())));
KbsData kbsData = PinHashUtil.createNewKbsData(pinHash, MasterKey.createNew(mockRandom(vector.getMasterKey())));
assertArrayEquals(vector.getMasterKey(), kbsData.getMasterKey().serialize());
assertArrayEquals(vector.getIvAndCipher(), kbsData.getCipherText());
@@ -36,9 +40,9 @@ public final class HashedPinKbsDataTest {
@Test
public void vectors_decryptKbsDataIVCipherText() throws IOException, InvalidCiphertextException {
for (KbsTestVector vector : getKbsTestVectorList()) {
HashedPin hashedPin = HashedPin.fromArgon2Hash(vector.getArgon2Hash());
PinHash hashedPin = fromArgon2Hash(vector.getArgon2Hash());
KbsData kbsData = hashedPin.decryptKbsDataIVCipherText(vector.getIvAndCipher());
KbsData kbsData = PinHashUtil.decryptKbsDataIVCipherText(hashedPin, vector.getIvAndCipher());
assertArrayEquals(vector.getMasterKey(), kbsData.getMasterKey().serialize());
assertArrayEquals(vector.getIvAndCipher(), kbsData.getCipherText());
@@ -57,4 +61,17 @@ public final class HashedPinKbsDataTest {
return data;
}
}
public static PinHash fromArgon2Hash(byte[] argon2Hash64) {
if (argon2Hash64.length != 64) throw new AssertionError();
byte[] K = Arrays.copyOfRange(argon2Hash64, 0, 32);
byte[] kbsAccessKey = Arrays.copyOfRange(argon2Hash64, 32, 64);
PinHash mocked = mock(PinHash.class);
when(mocked.encryptionKey()).thenReturn(K);
when(mocked.accessKey()).thenReturn(kbsAccessKey);
return mocked;
}
}

6
app/src/test/java/org/thoughtcrime/securesms/registration/v2/PinHasher_normalize_Test.java → app/src/test/java/org/thoughtcrime/securesms/registration/v2/PinHashUtil_normalize_Test.java
View File

@@ -3,7 +3,7 @@ package org.thoughtcrime.securesms.registration.v2;
import org.junit.Test;
import org.signal.core.util.StreamUtil;
import org.thoughtcrime.securesms.registration.v2.testdata.PinSanitationVector;
import org.whispersystems.signalservice.internal.registrationpin.PinHasher;
import org.whispersystems.signalservice.api.kbs.PinHashUtil;
import org.whispersystems.signalservice.internal.util.Hex;
import org.whispersystems.signalservice.internal.util.JsonUtil;
@@ -14,12 +14,12 @@ import java.util.Arrays;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
public final class PinHasher_normalize_Test {
public final class PinHashUtil_normalize_Test {
@Test
public void vectors_normalize() throws IOException {
for (PinSanitationVector vector : getKbsPinSanitationTestVectorList()) {
byte[] normalized = PinHasher.normalize(vector.getPin());
byte[] normalized = PinHashUtil.normalize(vector.getPin());
if (!Arrays.equals(vector.getBytes(), normalized)) {
assertEquals(String.format("%s [%s]", vector.getName(), vector.getPin()),

2
app/src/test/java/org/thoughtcrime/securesms/registration/v2/PinValidityChecker_validity_Test.java
View File

@@ -3,7 +3,7 @@ package org.thoughtcrime.securesms.registration.v2;
import org.junit.Test;
import org.signal.core.util.StreamUtil;
import org.thoughtcrime.securesms.registration.v2.testdata.PinValidityVector;
import org.whispersystems.signalservice.internal.registrationpin.PinValidityChecker;
import org.whispersystems.signalservice.api.kbs.PinValidityChecker;
import org.whispersystems.signalservice.internal.util.JsonUtil;
import java.io.IOException;