blallo
/
Signal-Android
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

We need to force plaintext on key exchange messages.

master
Moxie Marlinspike 2012-10-29 20:53:04 -07:00
parent c5ed820590
commit 93c0fffc31
2 changed files with 33 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/org/thoughtcrime/securesms/crypto/KeyExchangeInitiator.java
View File

@ -58,7 +58,7 @@ public class KeyExchangeInitiator {
LinkedList<Recipient> list = new LinkedList<Recipient>();
list.add(recipient);
MessageSender.send(context, masterSecret, new Recipients(list), -1, message.serialize(), false);
MessageSender.send(context, masterSecret, new Recipients(list), -1, message.serialize(), true);
}
private static boolean hasInitiatedSession(Context context, MasterSecret masterSecret, Recipient recipient) {

64
src/org/thoughtcrime/securesms/crypto/KeyExchangeProcessor.java
View File

@ -1,6 +1,6 @@
/**
/**
* Copyright (C) 2011 Whisper Systems
*
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
@ -10,14 +10,15 @@
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package org.thoughtcrime.securesms.crypto;
import java.util.LinkedList;
import java.util.List;
import android.content.Context;
import android.content.Intent;
import android.util.Log;
import org.bouncycastle.util.Arrays;
import org.thoughtcrime.securesms.database.LocalKeyRecord;
@ -30,18 +31,17 @@ import org.thoughtcrime.securesms.service.KeyCachingService;
import org.thoughtcrime.securesms.sms.MessageSender;
import org.thoughtcrime.securesms.util.Conversions;
import android.content.Context;
import android.content.Intent;
import android.util.Log;
import java.util.LinkedList;
import java.util.List;
/**
* This class processes key exchange interactions.
*
*
* @author Moxie Marlinspike
*/
public class KeyExchangeProcessor {
public static final String SECURITY_UPDATE_EVENT = "org.thoughtcrime.securesms.KEY_EXCHANGE_UPDATE";
private Context context;
@ -55,7 +55,7 @@ public class KeyExchangeProcessor {
this.context = context;
this.recipient = recipient;
this.masterSecret = masterSecret;
this.remoteKeyRecord = new RemoteKeyRecord(context, recipient);
this.localKeyRecord = new LocalKeyRecord(context, masterSecret, recipient);
this.sessionRecord = new SessionRecord(context, masterSecret, recipient);
@ -64,19 +64,19 @@ public class KeyExchangeProcessor {
public boolean hasCompletedSession() {
return sessionRecord.getLocalFingerprint() != null;
}
public boolean hasSameSessionIdentity(KeyExchangeMessage message) {
return
return
(this.sessionRecord.getIdentityKey() != null) &&
(message.getIdentityKey() != null) &&
(this.sessionRecord.getIdentityKey().equals(message.getIdentityKey()) &&
!isRemoteKeyExchangeForExistingSession(message));
}
public boolean hasInitiatedSession() {
return localKeyRecord.getCurrentKeyPair() != null;
}
private boolean needsResponseFromUs() {
return !hasInitiatedSession() || remoteKeyRecord.getCurrentRemoteKey() != null;
}
@ -84,56 +84,56 @@ public class KeyExchangeProcessor {
public boolean isRemoteKeyExchangeForExistingSession(KeyExchangeMessage message) {
return Arrays.areEqual(message.getPublicKey().getFingerprintBytes(), sessionRecord.getRemoteFingerprint());
}
public boolean isLocalKeyExchangeForExistingSession(KeyExchangeMessage message) {
return Arrays.areEqual(message.getPublicKey().getFingerprintBytes(), sessionRecord.getLocalFingerprint());
}
public boolean isStale(KeyExchangeMessage message) {
int responseKeyId = Conversions.highBitsToMedium(message.getPublicKey().getId());
Log.w("KeyExchangeProcessor", "Key Exchange High ID Bits: " + responseKeyId);
return responseKeyId != 0 &&
(localKeyRecord.getCurrentKeyPair() != null && localKeyRecord.getCurrentKeyPair().getId() != responseKeyId);
}
public boolean processKeyExchangeMessage(KeyExchangeMessage message, long threadId) {
int initiateKeyId = Conversions.lowBitsToMedium(message.getPublicKey().getId());
int initiateKeyId = Conversions.lowBitsToMedium(message.getPublicKey().getId());
message.getPublicKey().setId(initiateKeyId);
if (needsResponseFromUs()) {
List<Recipient> recipients = new LinkedList<Recipient>();
recipients.add(recipient);
localKeyRecord = KeyUtil.initializeRecordFor(recipient, context, masterSecret);
KeyExchangeMessage ourMessage = new KeyExchangeMessage(context, masterSecret, Math.min(Message.SUPPORTED_VERSION, message.getMaxVersion()), localKeyRecord, initiateKeyId);
Log.w("KeyExchangeProcessor", "Responding with key exchange message fingerprint: " + ourMessage.getPublicKey().getFingerprint());
Log.w("KeyExchangeProcessor", "Which has a local key record fingerprint: " + localKeyRecord.getCurrentKeyPair().getPublicKey().getFingerprint());
MessageSender.send(context, masterSecret, new Recipients(recipients), threadId, ourMessage.serialize(), false);
MessageSender.send(context, masterSecret, new Recipients(recipients), threadId, ourMessage.serialize(), true);
}
remoteKeyRecord.setCurrentRemoteKey(message.getPublicKey());
remoteKeyRecord.setLastRemoteKey(message.getPublicKey());
remoteKeyRecord.save();
sessionRecord.setSessionId(localKeyRecord.getCurrentKeyPair().getPublicKey().getFingerprintBytes(),
remoteKeyRecord.getCurrentRemoteKey().getFingerprintBytes());
sessionRecord.setIdentityKey(message.getIdentityKey());
sessionRecord.setSessionVersion(Math.min(Message.SUPPORTED_VERSION, message.getMaxVersion()));
Log.w("KeyExchangeUtil", "Setting session version: " + Math.min(Message.SUPPORTED_VERSION, message.getMaxVersion()));
sessionRecord.save();
sessionRecord.save();
DecryptingQueue.scheduleRogueMessages(context, masterSecret, recipient);
Intent intent = new Intent(SECURITY_UPDATE_EVENT);
intent.putExtra("thread_id", threadId);
intent.setPackage(context.getPackageName());
context.sendBroadcast(intent, KeyCachingService.KEY_PERMISSION);
return true;
}
}