Signal/Android
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Android.git synced 2025-12-20 02:58:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Bump libsignal to v0.83.0

Browse Source
This commit is contained in:
gram-signal
2025-10-03 08:12:30 -07:00
committed by Michelle Tang
parent 5b8750a84f
commit d36a4232be
12 changed files with 29 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/src/androidTest/java/org/thoughtcrime/securesms/testing/BobClient.kt
View File

@@ -6,7 +6,6 @@ import org.signal.libsignal.protocol.IdentityKey
import org.signal.libsignal.protocol.IdentityKeyPair
import org.signal.libsignal.protocol.SessionBuilder
import org.signal.libsignal.protocol.SignalProtocolAddress
import org.signal.libsignal.protocol.UsePqRatchet
import org.signal.libsignal.protocol.ecc.ECKeyPair
import org.signal.libsignal.protocol.groups.state.SenderKeyRecord
import org.signal.libsignal.protocol.state.IdentityKeyStore
@@ -69,7 +68,7 @@ class BobClient(val serviceId: ServiceId, val e164: String, val identityKeyPair:
if (!aciStore.containsSession(getAliceProtocolAddress())) {
val sessionBuilder = SignalSessionBuilder(sessionLock, SessionBuilder(aciStore, getAliceProtocolAddress()))
sessionBuilder.process(getAlicePreKeyBundle(), UsePqRatchet.NO)
sessionBuilder.process(getAlicePreKeyBundle())
}
return cipher.encrypt(getAliceProtocolAddress(), getAliceUnidentifiedAccess(), envelopeContent)
@@ -78,7 +77,7 @@ class BobClient(val serviceId: ServiceId, val e164: String, val identityKeyPair:
fun decrypt(envelope: Envelope, serverDeliveredTimestamp: Long) {
val cipher = SignalServiceCipher(serviceAddress, 1, aciStore, sessionLock, SealedSenderAccessUtil.getCertificateValidator())
cipher.decrypt(envelope, serverDeliveredTimestamp, UsePqRatchet.NO)
cipher.decrypt(envelope, serverDeliveredTimestamp)
}
private fun getAliceServiceId(): ServiceId {

3
app/src/main/java/org/thoughtcrime/securesms/dependencies/ApplicationDependencyProvider.java
View File

@@ -174,8 +174,7 @@ public class ApplicationDependencyProvider implements AppDependencies.Provider {
Optional.of(new SecurityEventListener(context)),
SignalExecutors.newCachedBoundedExecutor("signal-messages", ThreadUtil.PRIORITY_IMPORTANT_BACKGROUND_THREAD, 1, 16, 30),
RemoteConfig.maxEnvelopeSizeBytes(),
RemoteConfig::useMessageSendRestFallback,
RemoteConfig.usePqRatchet());
RemoteConfig::useMessageSendRestFallback);
}
@Override

2
app/src/main/java/org/thoughtcrime/securesms/messages/MessageDecryptor.kt
View File

@@ -151,7 +151,7 @@ object MessageDecryptor {
return try {
val startTimeNanos = System.nanoTime()
val cipherResult: SignalServiceCipherResult? = cipher.decrypt(envelope, serverDeliveredTimestamp, RemoteConfig.usePqRatchet)
val cipherResult: SignalServiceCipherResult? = cipher.decrypt(envelope, serverDeliveredTimestamp)
val endTimeNanos = System.nanoTime()
if (cipherResult == null) {

11
app/src/main/java/org/thoughtcrime/securesms/util/RemoteConfig.kt
View File

@@ -11,7 +11,6 @@ import org.signal.core.util.gibiBytes
import org.signal.core.util.kibiBytes
import org.signal.core.util.logging.Log
import org.signal.core.util.mebiBytes
import org.signal.libsignal.protocol.UsePqRatchet
import org.thoughtcrime.securesms.dependencies.AppDependencies
import org.thoughtcrime.securesms.groups.SelectionLimits
import org.thoughtcrime.securesms.jobs.RemoteConfigRefreshJob
@@ -1165,16 +1164,6 @@ object RemoteConfig {
durationUnit = DurationUnit.DAYS
)
/** Whether or not to use the new post-quantum ratcheting. */
@JvmStatic
@get:JvmName("usePqRatchet")
val usePqRatchet: UsePqRatchet by remoteValue(
key = "android.usePqRatchet",
hotSwappable = false
) { value ->
if (value.asBoolean(false)) UsePqRatchet.YES else UsePqRatchet.NO
}
/** The maximum allowed envelope size for messages we send. */
@JvmStatic
@get:JvmName("maxEnvelopeSizeBytes")

2
gradle/libs.versions.toml
View File

@@ -13,7 +13,7 @@ androidx-window = "1.3.0"
glide = "4.15.1"
gradle = "8.9.0"
kotlin = "2.2.20"
libsignal-client = "0.82.1"
libsignal-client = "0.83.0"
mp4parser = "1.9.39"
android-gradle-plugin = "8.10.1"
accompanist = "0.28.0"

20
gradle/verification-metadata.xml
View File

@@ -9535,20 +9535,20 @@ https://docs.gradle.org/current/userguide/dependency_verification.html
<sha256 value="57b3cf8f247f1990211110734a7d1af413db145c8f17eb1b2cdc9b9321188c2b" origin="Generated by Gradle"/>
</artifact>
</component>
<component group="org.signal" name="libsignal-android" version="0.82.1">
<artifact name="libsignal-android-0.82.1.aar">
<sha256 value="b920814a7fe73d9264ec37b875822f40c5302173b987935da2d60dab664b9ad3" origin="Generated by Gradle"/>
<component group="org.signal" name="libsignal-android" version="0.83.0">
<artifact name="libsignal-android-0.83.0.aar">
<sha256 value="8bf0e2fb1f645f0d34fe6d4af1936a8f5ece7ddaa8e73202ca754755e228a6b6" origin="Generated by Gradle"/>
</artifact>
<artifact name="libsignal-android-0.82.1.module">
<sha256 value="d30bc01df4801d24d8375f56b58a376eb1542069dff35a3ebbf5191d05ca4122" origin="Generated by Gradle"/>
<artifact name="libsignal-android-0.83.0.module">
<sha256 value="b4485089a774296918e7164b679514fd327eb610e65c39a5aaa7dd13da330ed4" origin="Generated by Gradle"/>
</artifact>
</component>
<component group="org.signal" name="libsignal-client" version="0.82.1">
<artifact name="libsignal-client-0.82.1.jar">
<sha256 value="d85ce6318daff33462993c673ac9abb9ea57cd2658eae6f3247c9c33367c2f6f" origin="Generated by Gradle"/>
<component group="org.signal" name="libsignal-client" version="0.83.0">
<artifact name="libsignal-client-0.83.0.jar">
<sha256 value="99ca1b7d246c660145739c03c06bd112b499873fa8b39dd432466b8a06477f5c" origin="Generated by Gradle"/>
</artifact>
<artifact name="libsignal-client-0.82.1.module">
<sha256 value="fce029da954ed056c7588c9bb38e3143c6322352e55295666807556d97ee20e9" origin="Generated by Gradle"/>
<artifact name="libsignal-client-0.83.0.module">
<sha256 value="d7cd7d99519fd4a0595a174b515b47533a3a7fcf4839e1bd5b7226d3f893d8fc" origin="Generated by Gradle"/>
</artifact>
</component>
<component group="org.signal" name="ringrtc-android" version="2.59.0">

10
libsignal-service/src/main/java/org/whispersystems/signalservice/api/SignalServiceMessageSender.java
View File

@@ -14,7 +14,6 @@ import org.signal.libsignal.protocol.InvalidRegistrationIdException;
import org.signal.libsignal.protocol.NoSessionException;
import org.signal.libsignal.protocol.SessionBuilder;
import org.signal.libsignal.protocol.SignalProtocolAddress;
import org.signal.libsignal.protocol.UsePqRatchet;
import org.signal.libsignal.protocol.groups.GroupSessionBuilder;
import org.signal.libsignal.protocol.logging.Log;
import org.signal.libsignal.protocol.message.DecryptionErrorMessage;
@@ -185,7 +184,6 @@ public class SignalServiceMessageSender {
private final Scheduler scheduler;
private final long maxEnvelopeSize;
private final BooleanSupplier useRestFallback;
private final UsePqRatchet usePqRatchet;
public SignalServiceMessageSender(PushServiceSocket pushServiceSocket,
SignalServiceDataStore store,
@@ -196,8 +194,7 @@ public class SignalServiceMessageSender {
Optional<EventListener> eventListener,
ExecutorService executor,
long maxEnvelopeSize,
BooleanSupplier useRestFallback,
UsePqRatchet usePqRatchet)
BooleanSupplier useRestFallback)
{
CredentialsProvider credentialsProvider = pushServiceSocket.getCredentialsProvider();
@@ -215,7 +212,6 @@ public class SignalServiceMessageSender {
this.scheduler = Schedulers.from(executor, false, false);
this.keysApi = keysApi;
this.useRestFallback = useRestFallback;
this.usePqRatchet = usePqRatchet;
}
/**
@@ -2738,7 +2734,7 @@ public class SignalServiceMessageSender {
try {
SignalProtocolAddress preKeyAddress = new SignalProtocolAddress(recipient.getIdentifier(), preKey.getDeviceId());
SignalSessionBuilder sessionBuilder = new SignalSessionBuilder(sessionLock, new SessionBuilder(aciStore, preKeyAddress));
sessionBuilder.process(preKey, usePqRatchet);
sessionBuilder.process(preKey);
} catch (org.signal.libsignal.protocol.UntrustedIdentityException e) {
throw new UntrustedIdentityException("Untrusted identity key!", recipient.getIdentifier(), preKey.getIdentityKey());
}
@@ -2790,7 +2786,7 @@ public class SignalServiceMessageSender {
try {
SignalSessionBuilder sessionBuilder = new SignalSessionBuilder(sessionLock, new SessionBuilder(aciStore, new SignalProtocolAddress(recipient.getIdentifier(), missingDeviceId)));
sessionBuilder.process(preKey, usePqRatchet);
sessionBuilder.process(preKey);
} catch (org.signal.libsignal.protocol.UntrustedIdentityException e) {
throw new UntrustedIdentityException("Untrusted identity key!", recipient.getIdentifier(), preKey.getIdentityKey());
}

3
libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSealedSessionCipher.java
View File

@@ -19,7 +19,6 @@ import org.signal.libsignal.protocol.InvalidRegistrationIdException;
import org.signal.libsignal.protocol.NoSessionException;
import org.signal.libsignal.protocol.SignalProtocolAddress;
import org.signal.libsignal.protocol.UntrustedIdentityException;
import org.signal.libsignal.protocol.UsePqRatchet;
import org.signal.libsignal.protocol.state.SessionRecord;
import org.signal.libsignal.protocol.state.SignalProtocolStore;
import org.whispersystems.signalservice.api.SignalSessionLock;
@@ -66,7 +65,7 @@ public class SignalSealedSessionCipher {
public SealedSessionCipher.DecryptionResult decrypt(CertificateValidator validator, byte[] ciphertext, long timestamp) throws InvalidMetadataMessageException, InvalidMetadataVersionException, ProtocolInvalidMessageException, ProtocolInvalidKeyException, ProtocolNoSessionException, ProtocolLegacyMessageException, ProtocolInvalidVersionException, ProtocolDuplicateMessageException, ProtocolInvalidKeyIdException, ProtocolUntrustedIdentityException, SelfSendException {
try (SignalSessionLock.Lock unused = lock.acquire()) {
return cipher.decrypt(validator, ciphertext, timestamp, UsePqRatchet.NO);
return cipher.decrypt(validator, ciphertext, timestamp);
}
}

9
libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalServiceCipher.java
View File

@@ -34,7 +34,6 @@ import org.signal.libsignal.protocol.NoSessionException;
import org.signal.libsignal.protocol.SessionCipher;
import org.signal.libsignal.protocol.SignalProtocolAddress;
import org.signal.libsignal.protocol.UntrustedIdentityException;
import org.signal.libsignal.protocol.UsePqRatchet;
import org.signal.libsignal.protocol.groups.GroupCipher;
import org.signal.libsignal.protocol.logging.Log;
import org.signal.libsignal.protocol.message.CiphertextMessage;
@@ -132,7 +131,7 @@ public class SignalServiceCipher {
}
}
public SignalServiceCipherResult decrypt(Envelope envelope, long serverDeliveredTimestamp, UsePqRatchet usePqRatchet)
public SignalServiceCipherResult decrypt(Envelope envelope, long serverDeliveredTimestamp)
throws InvalidMetadataMessageException, InvalidMetadataVersionException,
ProtocolInvalidKeyIdException, ProtocolLegacyMessageException,
ProtocolUntrustedIdentityException, ProtocolNoSessionException,
@@ -142,7 +141,7 @@ public class SignalServiceCipher {
{
try {
if (envelope.content != null) {
Plaintext plaintext = decryptInternal(envelope, serverDeliveredTimestamp, usePqRatchet);
Plaintext plaintext = decryptInternal(envelope, serverDeliveredTimestamp);
Content content = Content.ADAPTER.decode(plaintext.getData());
return new SignalServiceCipherResult(
@@ -164,7 +163,7 @@ public class SignalServiceCipher {
}
}
private Plaintext decryptInternal(Envelope envelope, long serverDeliveredTimestamp, UsePqRatchet usePqRatchet)
private Plaintext decryptInternal(Envelope envelope, long serverDeliveredTimestamp)
throws InvalidMetadataMessageException, InvalidMetadataVersionException,
ProtocolDuplicateMessageException, ProtocolUntrustedIdentityException,
ProtocolLegacyMessageException, ProtocolInvalidKeyException,
@@ -185,7 +184,7 @@ public class SignalServiceCipher {
SignalProtocolAddress sourceAddress = new SignalProtocolAddress(envelope.sourceServiceId, envelope.sourceDevice);
SignalSessionCipher sessionCipher = new SignalSessionCipher(sessionLock, new SessionCipher(signalProtocolStore, sourceAddress));
paddedMessage = sessionCipher.decrypt(new PreKeySignalMessage(envelope.content.toByteArray()), usePqRatchet);
paddedMessage = sessionCipher.decrypt(new PreKeySignalMessage(envelope.content.toByteArray()));
metadata = new SignalServiceMetadata(getSourceAddress(envelope), envelope.sourceDevice, envelope.timestamp, envelope.serverTimestamp, serverDeliveredTimestamp, false, envelope.serverGuid, Optional.empty(), envelope.destinationServiceId);
signalProtocolStore.clearSenderKeySharedWith(Collections.singleton(sourceAddress));

5
libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSessionBuilder.java
View File

@@ -3,7 +3,6 @@ package org.whispersystems.signalservice.api.crypto;
import org.signal.libsignal.protocol.InvalidKeyException;
import org.signal.libsignal.protocol.SessionBuilder;
import org.signal.libsignal.protocol.UntrustedIdentityException;
import org.signal.libsignal.protocol.UsePqRatchet;
import org.signal.libsignal.protocol.state.PreKeyBundle;
import org.whispersystems.signalservice.api.SignalSessionLock;
@@ -20,9 +19,9 @@ public class SignalSessionBuilder {
this.builder = builder;
}
public void process(PreKeyBundle preKey, UsePqRatchet usePqRatchet) throws InvalidKeyException, UntrustedIdentityException {
public void process(PreKeyBundle preKey) throws InvalidKeyException, UntrustedIdentityException {
try (SignalSessionLock.Lock unused = lock.acquire()) {
builder.process(preKey, usePqRatchet);
builder.process(preKey);
}
}
}

5
libsignal-service/src/main/java/org/whispersystems/signalservice/api/crypto/SignalSessionCipher.java
View File

@@ -9,7 +9,6 @@ import org.signal.libsignal.protocol.LegacyMessageException;
import org.signal.libsignal.protocol.NoSessionException;
import org.signal.libsignal.protocol.SessionCipher;
import org.signal.libsignal.protocol.UntrustedIdentityException;
import org.signal.libsignal.protocol.UsePqRatchet;
import org.signal.libsignal.protocol.message.CiphertextMessage;
import org.signal.libsignal.protocol.message.PreKeySignalMessage;
import org.signal.libsignal.protocol.message.SignalMessage;
@@ -34,9 +33,9 @@ public class SignalSessionCipher {
}
}
public byte[] decrypt(PreKeySignalMessage ciphertext, UsePqRatchet usePqRatchet) throws DuplicateMessageException, LegacyMessageException, InvalidMessageException, InvalidKeyIdException, InvalidKeyException, org.signal.libsignal.protocol.UntrustedIdentityException {
public byte[] decrypt(PreKeySignalMessage ciphertext) throws DuplicateMessageException, LegacyMessageException, InvalidMessageException, InvalidKeyIdException, InvalidKeyException, org.signal.libsignal.protocol.UntrustedIdentityException {
try (SignalSessionLock.Lock unused = lock.acquire()) {
return cipher.decrypt(ciphertext, usePqRatchet);
return cipher.decrypt(ciphertext);
}
}

5
microbenchmark/src/androidTest/java/org/signal/util/SignalClient.kt
View File

@@ -7,7 +7,6 @@ import org.signal.libsignal.metadata.certificate.SenderCertificate
import org.signal.libsignal.metadata.certificate.ServerCertificate
import org.signal.libsignal.protocol.SessionBuilder
import org.signal.libsignal.protocol.SignalProtocolAddress
import org.signal.libsignal.protocol.UsePqRatchet
import org.signal.libsignal.protocol.ecc.ECKeyPair
import org.signal.libsignal.protocol.ecc.ECPublicKey
import org.signal.libsignal.protocol.groups.GroupSessionBuilder
@@ -74,7 +73,7 @@ class SignalClient {
*/
fun initializeSession(to: SignalClient) {
val address = SignalProtocolAddress(to.aci.toString(), 1)
SessionBuilder(store, address).process(to.createPreKeyBundle(), UsePqRatchet.NO)
SessionBuilder(store, address).process(to.createPreKeyBundle())
}
fun initializedGroupSession(distributionId: DistributionId): SenderKeyDistributionMessage {
@@ -161,7 +160,7 @@ class SignalClient {
}
fun decryptMessage(envelope: Envelope) {
cipher.decrypt(envelope, System.currentTimeMillis(), UsePqRatchet.NO)
cipher.decrypt(envelope, System.currentTimeMillis())
}
private fun createPreKeyBundle(): PreKeyBundle {