use of org.signal.zkgroup.profiles.ProfileKey in project Signal-Android by signalapp.
the class ProfileCipherTest method testStreamBadAuthentication.
@Test
public void testStreamBadAuthentication() throws Exception {
assumeLibSignalSupportedOnOS();
ProfileKey key = new ProfileKey(Util.getSecretBytes(32));
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ProfileCipherOutputStream out = new ProfileCipherOutputStream(baos, key);
out.write("This is an avatar".getBytes());
out.flush();
out.close();
byte[] encrypted = baos.toByteArray();
encrypted[encrypted.length - 1] ^= 1;
try {
readStream(encrypted, key, 2048);
fail("failed to verify authenticate tag");
} catch (IOException e) {
}
}
use of org.signal.zkgroup.profiles.ProfileKey in project Signal-Android by signalapp.
the class SignalServiceAccountManager method setVersionedProfile.
/**
* @return The avatar URL path, if one was written.
*/
public Optional<String> setVersionedProfile(ACI aci, ProfileKey profileKey, String name, String about, String aboutEmoji, Optional<SignalServiceProtos.PaymentAddress> paymentsAddress, StreamDetails avatar, List<String> visibleBadgeIds) throws IOException {
if (name == null)
name = "";
ProfileCipher profileCipher = new ProfileCipher(profileKey);
byte[] ciphertextName = profileCipher.encryptString(name, ProfileCipher.getTargetNameLength(name));
byte[] ciphertextAbout = profileCipher.encryptString(about, ProfileCipher.getTargetAboutLength(about));
byte[] ciphertextEmoji = profileCipher.encryptString(aboutEmoji, ProfileCipher.EMOJI_PADDED_LENGTH);
byte[] ciphertextMobileCoinAddress = paymentsAddress.transform(address -> profileCipher.encryptWithLength(address.toByteArray(), ProfileCipher.PAYMENTS_ADDRESS_CONTENT_SIZE)).orNull();
boolean hasAvatar = avatar != null;
ProfileAvatarData profileAvatarData = null;
if (hasAvatar) {
profileAvatarData = new ProfileAvatarData(avatar.getStream(), ProfileCipherOutputStream.getCiphertextLength(avatar.getLength()), avatar.getContentType(), new ProfileCipherOutputStreamFactory(profileKey));
}
return this.pushServiceSocket.writeProfile(new SignalServiceProfileWrite(profileKey.getProfileKeyVersion(aci.uuid()).serialize(), ciphertextName, ciphertextAbout, ciphertextEmoji, ciphertextMobileCoinAddress, hasAvatar, profileKey.getCommitment(aci.uuid()).serialize(), visibleBadgeIds), profileAvatarData);
}
use of org.signal.zkgroup.profiles.ProfileKey in project Signal-Android by WhisperSystems.
the class RetrieveProfileJob method setProfileAbout.
private void setProfileAbout(@NonNull Recipient recipient, @Nullable String encryptedAbout, @Nullable String encryptedEmoji) {
try {
ProfileKey profileKey = ProfileKeyUtil.profileKeyOrNull(recipient.getProfileKey());
if (profileKey == null)
return;
String plaintextAbout = ProfileUtil.decryptString(profileKey, encryptedAbout);
String plaintextEmoji = ProfileUtil.decryptString(profileKey, encryptedEmoji);
SignalDatabase.recipients().setAbout(recipient.getId(), plaintextAbout, plaintextEmoji);
} catch (InvalidCiphertextException | IOException e) {
Log.w(TAG, e);
}
}
use of org.signal.zkgroup.profiles.ProfileKey in project Signal-Android by WhisperSystems.
the class RetrieveProfileJob method setUnidentifiedAccessMode.
private void setUnidentifiedAccessMode(Recipient recipient, String unidentifiedAccessVerifier, boolean unrestrictedUnidentifiedAccess) {
RecipientDatabase recipientDatabase = SignalDatabase.recipients();
ProfileKey profileKey = ProfileKeyUtil.profileKeyOrNull(recipient.getProfileKey());
if (unrestrictedUnidentifiedAccess && unidentifiedAccessVerifier != null) {
if (recipient.getUnidentifiedAccessMode() != UnidentifiedAccessMode.UNRESTRICTED) {
Log.i(TAG, "Marking recipient UD status as unrestricted.");
recipientDatabase.setUnidentifiedAccessMode(recipient.getId(), UnidentifiedAccessMode.UNRESTRICTED);
}
} else if (profileKey == null || unidentifiedAccessVerifier == null) {
if (recipient.getUnidentifiedAccessMode() != UnidentifiedAccessMode.DISABLED) {
Log.i(TAG, "Marking recipient UD status as disabled.");
recipientDatabase.setUnidentifiedAccessMode(recipient.getId(), UnidentifiedAccessMode.DISABLED);
}
} else {
ProfileCipher profileCipher = new ProfileCipher(profileKey);
boolean verifiedUnidentifiedAccess;
try {
verifiedUnidentifiedAccess = profileCipher.verifyUnidentifiedAccess(Base64.decode(unidentifiedAccessVerifier));
} catch (IOException e) {
Log.w(TAG, e);
verifiedUnidentifiedAccess = false;
}
UnidentifiedAccessMode mode = verifiedUnidentifiedAccess ? UnidentifiedAccessMode.ENABLED : UnidentifiedAccessMode.DISABLED;
if (recipient.getUnidentifiedAccessMode() != mode) {
Log.i(TAG, "Marking recipient UD status as " + mode.name() + " after verification.");
recipientDatabase.setUnidentifiedAccessMode(recipient.getId(), mode);
}
}
}
use of org.signal.zkgroup.profiles.ProfileKey in project Signal-Android by WhisperSystems.
the class ProfileKeySetTest method profile_key_update_by_self_is_authoritative.
@Test
public void profile_key_update_by_self_is_authoritative() {
UUID member = UUID.randomUUID();
ProfileKey profileKey = ProfileKeyUtil.createNew();
ProfileKeySet profileKeySet = new ProfileKeySet();
profileKeySet.addKeysFromGroupChange(changeBy(member).profileKeyUpdate(member, profileKey).build());
assertTrue(profileKeySet.getProfileKeys().isEmpty());
assertThat(profileKeySet.getAuthoritativeProfileKeys(), is(Collections.singletonMap(ACI.from(member), profileKey)));
}
Aggregations