mirror
/
Signal-Android
kopia lustrzana https://github.com/ryukoposting/Signal-Android
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Update handling of unrestricted UD access.

fork-5.53.8
Greyson Parrelli 2021-08-04 10:36:49 -04:00 zatwierdzone przez GitHub
rodzic c131754874
commit c7551881b8
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: 4AEE18F83AFDEB23
1 zmienionych plików z 15 dodań i 7 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

22
app/src/main/java/org/thoughtcrime/securesms/crypto/UnidentifiedAccessUtil.java
Wyświetl plik

@ -41,6 +41,8 @@ public class UnidentifiedAccessUtil {
private static final String TAG = Log.tag(UnidentifiedAccessUtil.class); private static final String TAG = Log.tag(UnidentifiedAccessUtil.class);
private static final byte[] UNRESTRICTED_KEY = new byte[16];
public static CertificateValidator getCertificateValidator() { public static CertificateValidator getCertificateValidator() {
try { try {
ECPublicKey unidentifiedSenderTrustRoot = Curve.decodePoint(Base64.decode(BuildConfig.UNIDENTIFIED_SENDER_TRUST_ROOT), 0); ECPublicKey unidentifiedSenderTrustRoot = Curve.decodePoint(Base64.decode(BuildConfig.UNIDENTIFIED_SENDER_TRUST_ROOT), 0);
@ -86,7 +88,7 @@ public class UnidentifiedAccessUtil {
byte[] ourUnidentifiedAccessKey = UnidentifiedAccess.deriveAccessKeyFrom(ProfileKeyUtil.getSelfProfileKey()); byte[] ourUnidentifiedAccessKey = UnidentifiedAccess.deriveAccessKeyFrom(ProfileKeyUtil.getSelfProfileKey());
if (TextSecurePreferences.isUniversalUnidentifiedAccess(context)) { if (TextSecurePreferences.isUniversalUnidentifiedAccess(context)) {
ourUnidentifiedAccessKey = Util.getSecretBytes(16); ourUnidentifiedAccessKey = UNRESTRICTED_KEY;
} }
List<Optional<UnidentifiedAccessPair>> access = new ArrayList<>(recipients.size()); List<Optional<UnidentifiedAccessPair>> access = new ArrayList<>(recipients.size());
@ -133,7 +135,7 @@ public class UnidentifiedAccessUtil {
byte[] ourUnidentifiedAccessCertificate = getUnidentifiedAccessCertificate(Recipient.self()); byte[] ourUnidentifiedAccessCertificate = getUnidentifiedAccessCertificate(Recipient.self());
if (TextSecurePreferences.isUniversalUnidentifiedAccess(context)) { if (TextSecurePreferences.isUniversalUnidentifiedAccess(context)) {
ourUnidentifiedAccessKey = Util.getSecretBytes(16); ourUnidentifiedAccessKey = UNRESTRICTED_KEY;
} }
if (ourUnidentifiedAccessCertificate != null) { if (ourUnidentifiedAccessCertificate != null) {
@ -171,15 +173,21 @@ public class UnidentifiedAccessUtil {
switch (recipient.resolve().getUnidentifiedAccessMode()) { switch (recipient.resolve().getUnidentifiedAccessMode()) {
case UNKNOWN: case UNKNOWN:
if (theirProfileKey == null) return Util.getSecretBytes(16); if (theirProfileKey == null) {
else return UnidentifiedAccess.deriveAccessKeyFrom(theirProfileKey); return UNRESTRICTED_KEY;
} else {
return UnidentifiedAccess.deriveAccessKeyFrom(theirProfileKey);
}
case DISABLED: case DISABLED:
return null; return null;
case ENABLED: case ENABLED:
if (theirProfileKey == null) return null; if (theirProfileKey == null) {
else return UnidentifiedAccess.deriveAccessKeyFrom(theirProfileKey); return null;
} else {
return UnidentifiedAccess.deriveAccessKeyFrom(theirProfileKey);
}
case UNRESTRICTED: case UNRESTRICTED:
return Util.getSecretBytes(16); return UNRESTRICTED_KEY;
default: default:
throw new AssertionError("Unknown mode: " + recipient.getUnidentifiedAccessMode().getMode()); throw new AssertionError("Unknown mode: " + recipient.getUnidentifiedAccessMode().getMode());
} }