Signal/Android
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Android.git synced 2026-04-19 08:09:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add support for kyber prekeys.

Browse Source
This commit is contained in:
Greyson Parrelli
2023-05-22 14:03:31 -07:00
committed by Cody Henthorne
parent 15c248184f
commit e2ef8e2ef9
24 changed files with 669 additions and 208 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
app/src/main/java/org/thoughtcrime/securesms/crypto/PreKeyUtil.java
View File

@@ -25,11 +25,15 @@ import org.signal.libsignal.protocol.InvalidKeyIdException;
import org.signal.libsignal.protocol.ecc.Curve;
import org.signal.libsignal.protocol.ecc.ECKeyPair;
import org.signal.libsignal.protocol.ecc.ECPrivateKey;
import org.signal.libsignal.protocol.kem.KEMKeyPair;
import org.signal.libsignal.protocol.kem.KEMKeyType;
import org.signal.libsignal.protocol.state.KyberPreKeyRecord;
import org.signal.libsignal.protocol.state.PreKeyRecord;
import org.signal.libsignal.protocol.state.SignalProtocolStore;
import org.signal.libsignal.protocol.state.SignedPreKeyRecord;
import org.signal.libsignal.protocol.util.Medium;
import org.thoughtcrime.securesms.crypto.storage.PreKeyMetadataStore;
import org.whispersystems.signalservice.api.SignalServiceAccountDataStore;
import java.util.Comparator;
import java.util.LinkedList;
@@ -44,11 +48,11 @@ public class PreKeyUtil {
private static final int BATCH_SIZE = 100;
private static final long ARCHIVE_AGE = TimeUnit.DAYS.toMillis(30);
public synchronized static @NonNull List<PreKeyRecord> generateAndStoreOneTimePreKeys(@NonNull SignalProtocolStore protocolStore, @NonNull PreKeyMetadataStore metadataStore) {
Log.i(TAG, "Generating one-time prekeys...");
public synchronized static @NonNull List<PreKeyRecord> generateAndStoreOneTimeEcPreKeys(@NonNull SignalProtocolStore protocolStore, @NonNull PreKeyMetadataStore metadataStore) {
Log.i(TAG, "Generating one-time EC prekeys...");
List<PreKeyRecord> records = new LinkedList<>();
int preKeyIdOffset = metadataStore.getNextOneTimePreKeyId();
int preKeyIdOffset = metadataStore.getNextEcOneTimePreKeyId();
for (int i = 0; i < BATCH_SIZE; i++) {
int preKeyId = (preKeyIdOffset + i) % Medium.MAX_VALUE;
@@ -59,7 +63,27 @@ public class PreKeyUtil {
records.add(record);
}
metadataStore.setNextOneTimePreKeyId((preKeyIdOffset + BATCH_SIZE + 1) % Medium.MAX_VALUE);
metadataStore.setNextEcOneTimePreKeyId((preKeyIdOffset + BATCH_SIZE + 1) % Medium.MAX_VALUE);
return records;
}
public synchronized static @NonNull List<KyberPreKeyRecord> generateAndStoreOneTimeKyberPreKeys(@NonNull SignalProtocolStore protocolStore, @NonNull PreKeyMetadataStore metadataStore) {
Log.i(TAG, "Generating one-time kyber prekeys...");
List<KyberPreKeyRecord> records = new LinkedList<>();
int preKeyIdOffset = metadataStore.getNextKyberPreKeyId();
for (int i = 0; i < BATCH_SIZE; i++) {
int preKeyId = (preKeyIdOffset + i) % Medium.MAX_VALUE;
KyberPreKeyRecord record = generateKyberPreKey(preKeyId, protocolStore.getIdentityKeyPair().getPrivateKey());
protocolStore.storeKyberPreKey(preKeyId, record);
records.add(record);
}
metadataStore.setNextKyberPreKeyId((preKeyIdOffset + BATCH_SIZE + 1) % Medium.MAX_VALUE);
return records;
}
@@ -94,6 +118,31 @@ public class PreKeyUtil {
}
}
public synchronized static @NonNull KyberPreKeyRecord generateAndStoreLastResortKyberPreKey(@NonNull SignalServiceAccountDataStore protocolStore, @NonNull PreKeyMetadataStore metadataStore) {
return generateAndStoreLastResortKyberPreKey(protocolStore, metadataStore, protocolStore.getIdentityKeyPair().getPrivateKey());
}
public synchronized static @NonNull KyberPreKeyRecord generateAndStoreLastResortKyberPreKey(@NonNull SignalServiceAccountDataStore protocolStore,
@NonNull PreKeyMetadataStore metadataStore,
@NonNull ECPrivateKey privateKey)
{
int id = metadataStore.getNextKyberPreKeyId();
KyberPreKeyRecord record = generateKyberPreKey(id, privateKey);
protocolStore.storeKyberPreKey(id, record);
metadataStore.setNextKyberPreKeyId((id + 1) % Medium.MAX_VALUE);
return record;
}
public synchronized static @NonNull KyberPreKeyRecord generateKyberPreKey(int id, @NonNull ECPrivateKey privateKey) {
KEMKeyPair keyPair = KEMKeyPair.generate(KEMKeyType.KYBER_1024);
byte[] signature = privateKey.calculateSignature(keyPair.getPublicKey().serialize());
return new KyberPreKeyRecord(id, System.currentTimeMillis(), keyPair, signature);
}
/**
* Finds all of the signed prekeys that are older than the archive age, and archive all but the youngest of those.
*/
@@ -123,4 +172,34 @@ public class PreKeyUtil {
Log.w(TAG, e);
}
}
/**
* Finds all of the signed prekeys that are older than the archive age, and archive all but the youngest of those.
*/
public synchronized static void cleanLastResortKyberPreKeys(@NonNull SignalServiceAccountDataStore protocolStore, @NonNull PreKeyMetadataStore metadataStore) {
Log.i(TAG, "Cleaning kyber prekeys...");
int activeLastResortKeyId = metadataStore.getLastResortKyberPreKeyId();
if (activeLastResortKeyId < 0) {
return;
}
try {
long now = System.currentTimeMillis();
KyberPreKeyRecord currentRecord = protocolStore.loadKyberPreKey(activeLastResortKeyId);
List<KyberPreKeyRecord> allRecords = protocolStore.loadLastResortKyberPreKeys();
allRecords.stream()
.filter(r -> r.getId() != currentRecord.getId())
.filter(r -> (now - r.getTimestamp()) > ARCHIVE_AGE)
.sorted(Comparator.comparingLong(KyberPreKeyRecord::getTimestamp).reversed())
.skip(1)
.forEach(record -> {
Log.i(TAG, "Removing kyber prekey record: " + record.getId() + " with timestamp: " + record.getTimestamp());
protocolStore.removeKyberPreKey(record.getId());
});
} catch (InvalidKeyIdException e) {
Log.w(TAG, e);
}
}
}

5
app/src/main/java/org/thoughtcrime/securesms/crypto/storage/PreKeyMetadataStore.kt
View File

@@ -8,5 +8,8 @@ interface PreKeyMetadataStore {
var activeSignedPreKeyId: Int
var isSignedPreKeyRegistered: Boolean
var lastSignedPreKeyRotationTime: Long
var nextOneTimePreKeyId: Int
var nextEcOneTimePreKeyId: Int
var nextKyberPreKeyId: Int
var lastResortKyberPreKeyId: Int
var lastResortKyberPreKeyRotationTime: Long
}

25
app/src/main/java/org/thoughtcrime/securesms/crypto/storage/SignalKyberPreKeyStore.kt
View File

@@ -10,13 +10,14 @@ import org.signal.libsignal.protocol.state.KyberPreKeyRecord
import org.signal.libsignal.protocol.state.KyberPreKeyStore
import org.thoughtcrime.securesms.crypto.ReentrantSessionLock
import org.thoughtcrime.securesms.database.SignalDatabase
import org.whispersystems.signalservice.api.SignalServiceKyberPreKeyStore
import org.whispersystems.signalservice.api.push.ServiceId
import kotlin.jvm.Throws
/**
* An implementation of the [KyberPreKeyStore] that stores entries in [org.thoughtcrime.securesms.database.KyberPreKeyTable].
*/
class SignalKyberPreKeyStore(private val selfServiceId: ServiceId) : KyberPreKeyStore {
class SignalKyberPreKeyStore(private val selfServiceId: ServiceId) : SignalServiceKyberPreKeyStore {
@Throws(InvalidKeyIdException::class)
override fun loadKyberPreKey(kyberPreKeyId: Int): KyberPreKeyRecord {
@@ -31,8 +32,22 @@ class SignalKyberPreKeyStore(private val selfServiceId: ServiceId) : KyberPreKey
}
}
override fun loadLastResortKyberPreKeys(): List<KyberPreKeyRecord> {
ReentrantSessionLock.INSTANCE.acquire().use {
return SignalDatabase.kyberPreKeys.getAllLastResort(selfServiceId).map { it.record }
}
}
override fun storeKyberPreKey(kyberPreKeyId: Int, record: KyberPreKeyRecord) {
error("This method is only used in tests")
ReentrantSessionLock.INSTANCE.acquire().use {
return SignalDatabase.kyberPreKeys.insert(selfServiceId, kyberPreKeyId, record, false)
}
}
override fun storeLastResortKyberPreKey(kyberPreKeyId: Int, kyberPreKeyRecord: KyberPreKeyRecord) {
ReentrantSessionLock.INSTANCE.acquire().use {
return SignalDatabase.kyberPreKeys.insert(selfServiceId, kyberPreKeyId, kyberPreKeyRecord, true)
}
}
override fun containsKyberPreKey(kyberPreKeyId: Int): Boolean {
@@ -46,4 +61,10 @@ class SignalKyberPreKeyStore(private val selfServiceId: ServiceId) : KyberPreKey
SignalDatabase.kyberPreKeys.deleteIfNotLastResort(selfServiceId, kyberPreKeyId)
}
}
override fun removeKyberPreKey(kyberPreKeyId: Int) {
ReentrantSessionLock.INSTANCE.acquire().use {
SignalDatabase.kyberPreKeys.delete(selfServiceId, kyberPreKeyId)
}
}
}

15
app/src/main/java/org/thoughtcrime/securesms/crypto/storage/SignalServiceAccountDataStoreImpl.java
View File

@@ -181,11 +181,21 @@ public class SignalServiceAccountDataStoreImpl implements SignalServiceAccountDa
return kyberPreKeyStore.loadKyberPreKeys();
}
@Override
public @NonNull List<KyberPreKeyRecord> loadLastResortKyberPreKeys() {
return kyberPreKeyStore.loadLastResortKyberPreKeys();
}
@Override
public void storeKyberPreKey(int kyberPreKeyId, KyberPreKeyRecord record) {
kyberPreKeyStore.storeKyberPreKey(kyberPreKeyId, record);
}
@Override
public void storeLastResortKyberPreKey(int kyberPreKeyId, @NonNull KyberPreKeyRecord kyberPreKeyRecord) {
kyberPreKeyStore.storeKyberPreKey(kyberPreKeyId, kyberPreKeyRecord);
}
@Override
public boolean containsKyberPreKey(int kyberPreKeyId) {
return kyberPreKeyStore.containsKyberPreKey(kyberPreKeyId);
@@ -196,6 +206,11 @@ public class SignalServiceAccountDataStoreImpl implements SignalServiceAccountDa
kyberPreKeyStore.markKyberPreKeyUsed(kyberPreKeyId);
}
@Override
public void removeKyberPreKey(int kyberPreKeyId) {
kyberPreKeyStore.removeKyberPreKey(kyberPreKeyId);
}
@Override
public void storeSenderKey(SignalProtocolAddress sender, UUID distributionId, SenderKeyRecord record) {
senderKeyStore.storeSenderKey(sender, distributionId, record);