From 38880f2a15cde3d21c597e2d69b76c69febb3eff Mon Sep 17 00:00:00 2001 From: Christian Schneppe Date: Sun, 25 Jun 2017 19:18:07 +0200 Subject: fixed fingerprint trust (was messed up after library upgrade) --- .../de/pixart/messenger/crypto/axolotl/AxolotlService.java | 4 ++-- .../pixart/messenger/crypto/axolotl/SQLiteAxolotlStore.java | 7 ++++--- .../java/de/pixart/messenger/persistance/DatabaseBackend.java | 9 +++++---- src/main/java/de/pixart/messenger/ui/OmemoActivity.java | 2 +- src/main/java/de/pixart/messenger/ui/TrustKeysActivity.java | 11 +++++++---- 5 files changed, 19 insertions(+), 14 deletions(-) (limited to 'src/main/java/de') diff --git a/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java b/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java index c53ec40fe..b444349b2 100644 --- a/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java +++ b/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java @@ -188,7 +188,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded { SignalProtocolAddress axolotlAddress = new SignalProtocolAddress(bareJid, deviceId); IdentityKey identityKey = store.loadSession(axolotlAddress).getSessionState().getRemoteIdentityKey(); if (Config.X509_VERIFICATION) { - X509Certificate certificate = store.getFingerprintCertificate(identityKey.getFingerprint().replaceAll("\\s", "")); + X509Certificate certificate = store.getFingerprintCertificate(CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize())); if (certificate != null) { Bundle information = CryptoHelper.extractCertificateInformation(certificate); try { @@ -887,7 +887,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded { if (Config.X509_VERIFICATION) { verifySessionWithPEP(session); } else { - FingerprintStatus status = getFingerprintTrust(bundle.getIdentityKey().getFingerprint().replaceAll("\\s", "")); + FingerprintStatus status = getFingerprintTrust(CryptoHelper.bytesToHex(bundle.getIdentityKey().getPublicKey().serialize())); FetchStatus fetchStatus; if (status != null && status.isVerified()) { fetchStatus = FetchStatus.SUCCESS_VERIFIED; diff --git a/src/main/java/de/pixart/messenger/crypto/axolotl/SQLiteAxolotlStore.java b/src/main/java/de/pixart/messenger/crypto/axolotl/SQLiteAxolotlStore.java index 3c5ddd3db..748f9f6d9 100644 --- a/src/main/java/de/pixart/messenger/crypto/axolotl/SQLiteAxolotlStore.java +++ b/src/main/java/de/pixart/messenger/crypto/axolotl/SQLiteAxolotlStore.java @@ -3,15 +3,15 @@ package de.pixart.messenger.crypto.axolotl; import android.util.Log; import android.util.LruCache; -import org.whispersystems.libsignal.SignalProtocolAddress; import org.whispersystems.libsignal.IdentityKey; import org.whispersystems.libsignal.IdentityKeyPair; import org.whispersystems.libsignal.InvalidKeyIdException; +import org.whispersystems.libsignal.SignalProtocolAddress; import org.whispersystems.libsignal.ecc.Curve; import org.whispersystems.libsignal.ecc.ECKeyPair; -import org.whispersystems.libsignal.state.SignalProtocolStore; import org.whispersystems.libsignal.state.PreKeyRecord; import org.whispersystems.libsignal.state.SessionRecord; +import org.whispersystems.libsignal.state.SignalProtocolStore; import org.whispersystems.libsignal.state.SignedPreKeyRecord; import org.whispersystems.libsignal.util.KeyHelper; @@ -22,6 +22,7 @@ import java.util.Set; import de.pixart.messenger.Config; import de.pixart.messenger.entities.Account; import de.pixart.messenger.services.XmppConnectionService; +import de.pixart.messenger.utils.CryptoHelper; public class SQLiteAxolotlStore implements SignalProtocolStore { @@ -186,7 +187,7 @@ public class SQLiteAxolotlStore implements SignalProtocolStore { @Override public boolean saveIdentity(SignalProtocolAddress address, IdentityKey identityKey) { if (!mXmppConnectionService.databaseBackend.loadIdentityKeys(account, address.getName()).contains(identityKey)) { - String fingerprint = identityKey.getFingerprint().replaceAll("\\s", ""); + String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()); FingerprintStatus status = getFingerprintStatus(fingerprint); if (status == null) { if (mXmppConnectionService.blindTrustBeforeVerification() && !account.getAxolotlService().hasVerifiedKeys(address.getName())) { diff --git a/src/main/java/de/pixart/messenger/persistance/DatabaseBackend.java b/src/main/java/de/pixart/messenger/persistance/DatabaseBackend.java index ff8caeeb7..c2688890f 100644 --- a/src/main/java/de/pixart/messenger/persistance/DatabaseBackend.java +++ b/src/main/java/de/pixart/messenger/persistance/DatabaseBackend.java @@ -13,10 +13,10 @@ import android.util.Log; import org.json.JSONException; import org.json.JSONObject; -import org.whispersystems.libsignal.SignalProtocolAddress; import org.whispersystems.libsignal.IdentityKey; import org.whispersystems.libsignal.IdentityKeyPair; import org.whispersystems.libsignal.InvalidKeyException; +import org.whispersystems.libsignal.SignalProtocolAddress; import org.whispersystems.libsignal.state.PreKeyRecord; import org.whispersystems.libsignal.state.SessionRecord; import org.whispersystems.libsignal.state.SignedPreKeyRecord; @@ -49,6 +49,7 @@ import de.pixart.messenger.entities.PresenceTemplate; import de.pixart.messenger.entities.Roster; import de.pixart.messenger.entities.ServiceDiscoveryResult; import de.pixart.messenger.services.ShortcutService; +import de.pixart.messenger.utils.CryptoHelper; import de.pixart.messenger.xmpp.jid.InvalidJidException; import de.pixart.messenger.xmpp.jid.Jid; import de.pixart.messenger.xmpp.mam.MamReference; @@ -308,7 +309,7 @@ public class DatabaseBackend extends SQLiteOpenHelper { if (identityKeyPair != null) { String[] selectionArgs = { account.getUuid(), - identityKeyPair.getPublicKey().getFingerprint().replaceAll("\\s", "") + CryptoHelper.bytesToHex(identityKeyPair.getPublicKey().serialize()) }; ContentValues values = new ContentValues(); values.put(SQLiteAxolotlStore.TRUSTED, 2); @@ -1363,11 +1364,11 @@ public class DatabaseBackend extends SQLiteOpenHelper { } public void storeIdentityKey(Account account, String name, IdentityKey identityKey, FingerprintStatus status) { - storeIdentityKey(account, name, false, identityKey.getFingerprint().replaceAll("\\s", ""), Base64.encodeToString(identityKey.serialize(), Base64.DEFAULT), status); + storeIdentityKey(account, name, false, CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()), Base64.encodeToString(identityKey.serialize(), Base64.DEFAULT), status); } public void storeOwnIdentityKeyPair(Account account, IdentityKeyPair identityKeyPair) { - storeIdentityKey(account, account.getJid().toBareJid().toPreppedString(), true, identityKeyPair.getPublicKey().getFingerprint().replaceAll("\\s", ""), Base64.encodeToString(identityKeyPair.serialize(), Base64.DEFAULT), FingerprintStatus.createActiveVerified(false)); + storeIdentityKey(account, account.getJid().toBareJid().toPreppedString(), true, CryptoHelper.bytesToHex(identityKeyPair.getPublicKey().serialize()), Base64.encodeToString(identityKeyPair.serialize(), Base64.DEFAULT), FingerprintStatus.createActiveVerified(false)); } public void recreateAxolotlDb(SQLiteDatabase db) { diff --git a/src/main/java/de/pixart/messenger/ui/OmemoActivity.java b/src/main/java/de/pixart/messenger/ui/OmemoActivity.java index 409dca033..e7eca173a 100644 --- a/src/main/java/de/pixart/messenger/ui/OmemoActivity.java +++ b/src/main/java/de/pixart/messenger/ui/OmemoActivity.java @@ -112,7 +112,7 @@ public abstract class OmemoActivity extends XmppActivity { final String fingerprint = session.getFingerprint(); addFingerprintRowWithListeners(keys, session.getAccount(), - session.getFingerprint(), + fingerprint, highlight, session.getTrust(), true, diff --git a/src/main/java/de/pixart/messenger/ui/TrustKeysActivity.java b/src/main/java/de/pixart/messenger/ui/TrustKeysActivity.java index 300210ac9..2e3a51bd4 100644 --- a/src/main/java/de/pixart/messenger/ui/TrustKeysActivity.java +++ b/src/main/java/de/pixart/messenger/ui/TrustKeysActivity.java @@ -32,6 +32,7 @@ import de.pixart.messenger.crypto.axolotl.AxolotlService; import de.pixart.messenger.crypto.axolotl.FingerprintStatus; import de.pixart.messenger.entities.Account; import de.pixart.messenger.entities.Conversation; +import de.pixart.messenger.utils.CryptoHelper; import de.pixart.messenger.utils.XmppUri; import de.pixart.messenger.xmpp.OnKeyStatusUpdated; import de.pixart.messenger.xmpp.jid.InvalidJidException; @@ -250,8 +251,9 @@ public class TrustKeysActivity extends OmemoActivity implements OnKeyStatusUpdat AxolotlService service = this.mAccount.getAxolotlService(); Set ownKeysSet = service.getKeysWithTrust(FingerprintStatus.createActiveUndecided()); for (final IdentityKey identityKey : ownKeysSet) { - if (!ownKeysToTrust.containsKey(identityKey)) { - ownKeysToTrust.put(identityKey.getFingerprint().replaceAll("\\s", ""), false); + final String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()); + if (!ownKeysToTrust.containsKey(fingerprint)) { + ownKeysToTrust.put(fingerprint, false); } } synchronized (this.foreignKeysToTrust) { @@ -263,8 +265,9 @@ public class TrustKeysActivity extends OmemoActivity implements OnKeyStatusUpdat } Map foreignFingerprints = new HashMap<>(); for (final IdentityKey identityKey : foreignKeysSet) { - if (!foreignFingerprints.containsKey(identityKey)) { - foreignFingerprints.put(identityKey.getFingerprint().replaceAll("\\s", ""), false); + final String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()); + if (!foreignFingerprints.containsKey(fingerprint)) { + foreignFingerprints.put(fingerprint, false); } } if (foreignFingerprints.size() > 0 || !acceptedTargets.contains(jid)) { -- cgit v1.2.3