Search in sources :

Example 1 with InvalidKeyIdException

use of org.whispersystems.libsignal.InvalidKeyIdException in project Signal-Android by WhisperSystems.

the class PushDecryptJob method handleMessage.

private void handleMessage(MasterSecretUnion masterSecret, SignalServiceEnvelope envelope, Optional<Long> smsMessageId) {
    try {
        GroupDatabase groupDatabase = DatabaseFactory.getGroupDatabase(context);
        SignalProtocolStore axolotlStore = new SignalProtocolStoreImpl(context);
        SignalServiceAddress localAddress = new SignalServiceAddress(TextSecurePreferences.getLocalNumber(context));
        SignalServiceCipher cipher = new SignalServiceCipher(localAddress, axolotlStore);
        SignalServiceContent content = cipher.decrypt(envelope);
        if (content.getDataMessage().isPresent()) {
            SignalServiceDataMessage message = content.getDataMessage().get();
            if (message.isEndSession())
                handleEndSessionMessage(masterSecret, envelope, message, smsMessageId);
            else if (message.isGroupUpdate())
                handleGroupMessage(masterSecret, envelope, message, smsMessageId);
            else if (message.isExpirationUpdate())
                handleExpirationUpdate(masterSecret, envelope, message, smsMessageId);
            else if (message.getAttachments().isPresent())
                handleMediaMessage(masterSecret, envelope, message, smsMessageId);
            else
                handleTextMessage(masterSecret, envelope, message, smsMessageId);
            if (message.getGroupInfo().isPresent() && groupDatabase.isUnknownGroup(message.getGroupInfo().get().getGroupId())) {
                handleUnknownGroupMessage(envelope, message.getGroupInfo().get());
            }
        } else if (content.getSyncMessage().isPresent()) {
            SignalServiceSyncMessage syncMessage = content.getSyncMessage().get();
            if (syncMessage.getSent().isPresent())
                handleSynchronizeSentMessage(masterSecret, envelope, syncMessage.getSent().get(), smsMessageId);
            else if (syncMessage.getRequest().isPresent())
                handleSynchronizeRequestMessage(masterSecret, syncMessage.getRequest().get());
            else if (syncMessage.getRead().isPresent())
                handleSynchronizeReadMessage(masterSecret, syncMessage.getRead().get(), envelope.getTimestamp());
            else
                Log.w(TAG, "Contains no known sync types...");
        } else if (content.getCallMessage().isPresent()) {
            Log.w(TAG, "Got call message...");
            SignalServiceCallMessage message = content.getCallMessage().get();
            if (message.getOfferMessage().isPresent())
                handleCallOfferMessage(envelope, message.getOfferMessage().get(), smsMessageId);
            else if (message.getAnswerMessage().isPresent())
                handleCallAnswerMessage(envelope, message.getAnswerMessage().get());
            else if (message.getIceUpdateMessages().isPresent())
                handleCallIceUpdateMessage(envelope, message.getIceUpdateMessages().get());
            else if (message.getHangupMessage().isPresent())
                handleCallHangupMessage(envelope, message.getHangupMessage().get(), smsMessageId);
        } else {
            Log.w(TAG, "Got unrecognized message...");
        }
        if (envelope.isPreKeySignalMessage()) {
            ApplicationContext.getInstance(context).getJobManager().add(new RefreshPreKeysJob(context));
        }
    } catch (InvalidVersionException e) {
        Log.w(TAG, e);
        handleInvalidVersionMessage(masterSecret, envelope, smsMessageId);
    } catch (InvalidMessageException | InvalidKeyIdException | InvalidKeyException | MmsException e) {
        Log.w(TAG, e);
        handleCorruptMessage(masterSecret, envelope, smsMessageId);
    } catch (NoSessionException e) {
        Log.w(TAG, e);
        handleNoSessionMessage(masterSecret, envelope, smsMessageId);
    } catch (LegacyMessageException e) {
        Log.w(TAG, e);
        handleLegacyMessage(masterSecret, envelope, smsMessageId);
    } catch (DuplicateMessageException e) {
        Log.w(TAG, e);
        handleDuplicateMessage(masterSecret, envelope, smsMessageId);
    } catch (UntrustedIdentityException e) {
        Log.w(TAG, e);
        handleUntrustedIdentityMessage(masterSecret, envelope, smsMessageId);
    }
}
Also used : InvalidMessageException(org.whispersystems.libsignal.InvalidMessageException) UntrustedIdentityException(org.whispersystems.libsignal.UntrustedIdentityException) SignalServiceCipher(org.whispersystems.signalservice.api.crypto.SignalServiceCipher) InvalidVersionException(org.whispersystems.libsignal.InvalidVersionException) InvalidKeyException(org.whispersystems.libsignal.InvalidKeyException) SignalServiceSyncMessage(org.whispersystems.signalservice.api.messages.multidevice.SignalServiceSyncMessage) SignalServiceContent(org.whispersystems.signalservice.api.messages.SignalServiceContent) NoSessionException(org.whispersystems.libsignal.NoSessionException) SignalServiceDataMessage(org.whispersystems.signalservice.api.messages.SignalServiceDataMessage) SignalProtocolStore(org.whispersystems.libsignal.state.SignalProtocolStore) MmsException(ws.com.google.android.mms.MmsException) DuplicateMessageException(org.whispersystems.libsignal.DuplicateMessageException) SignalProtocolStoreImpl(org.thoughtcrime.securesms.crypto.storage.SignalProtocolStoreImpl) GroupDatabase(org.thoughtcrime.securesms.database.GroupDatabase) SignalServiceAddress(org.whispersystems.signalservice.api.push.SignalServiceAddress) SignalServiceCallMessage(org.whispersystems.signalservice.api.messages.calls.SignalServiceCallMessage) InvalidKeyIdException(org.whispersystems.libsignal.InvalidKeyIdException) LegacyMessageException(org.whispersystems.libsignal.LegacyMessageException)

Example 2 with InvalidKeyIdException

use of org.whispersystems.libsignal.InvalidKeyIdException in project Signal-Android by signalapp.

the class CleanPreKeysJob method onRun.

@Override
public void onRun(MasterSecret masterSecret) throws IOException {
    try {
        Log.w(TAG, "Cleaning prekeys...");
        int activeSignedPreKeyId = PreKeyUtil.getActiveSignedPreKeyId(context);
        SignedPreKeyStore signedPreKeyStore = signedPreKeyStoreFactory.create();
        if (activeSignedPreKeyId < 0)
            return;
        SignedPreKeyRecord currentRecord = signedPreKeyStore.loadSignedPreKey(activeSignedPreKeyId);
        List<SignedPreKeyRecord> allRecords = signedPreKeyStore.loadSignedPreKeys();
        LinkedList<SignedPreKeyRecord> oldRecords = removeRecordFrom(currentRecord, allRecords);
        Collections.sort(oldRecords, new SignedPreKeySorter());
        Log.w(TAG, "Active signed prekey: " + activeSignedPreKeyId);
        Log.w(TAG, "Old signed prekey record count: " + oldRecords.size());
        boolean foundAgedRecord = false;
        for (SignedPreKeyRecord oldRecord : oldRecords) {
            long archiveDuration = System.currentTimeMillis() - oldRecord.getTimestamp();
            if (archiveDuration >= ARCHIVE_AGE) {
                if (!foundAgedRecord) {
                    foundAgedRecord = true;
                } else {
                    Log.w(TAG, "Removing signed prekey record: " + oldRecord.getId() + " with timestamp: " + oldRecord.getTimestamp());
                    signedPreKeyStore.removeSignedPreKey(oldRecord.getId());
                }
            }
        }
    } catch (InvalidKeyIdException e) {
        Log.w(TAG, e);
    }
}
Also used : SignedPreKeyStore(org.whispersystems.libsignal.state.SignedPreKeyStore) InvalidKeyIdException(org.whispersystems.libsignal.InvalidKeyIdException) SignedPreKeyRecord(org.whispersystems.libsignal.state.SignedPreKeyRecord)

Example 3 with InvalidKeyIdException

use of org.whispersystems.libsignal.InvalidKeyIdException in project Pix-Art-Messenger by kriztan.

the class XmppAxolotlSession method processReceiving.

@Nullable
public byte[] processReceiving(AxolotlKey encryptedKey) throws CryptoFailedException {
    byte[] plaintext;
    FingerprintStatus status = getTrust();
    if (!status.isCompromised()) {
        try {
            if (encryptedKey.prekey) {
                PreKeySignalMessage preKeySignalMessage = new PreKeySignalMessage(encryptedKey.key);
                Optional<Integer> optionalPreKeyId = preKeySignalMessage.getPreKeyId();
                IdentityKey identityKey = preKeySignalMessage.getIdentityKey();
                if (!optionalPreKeyId.isPresent()) {
                    throw new CryptoFailedException("PreKeyWhisperMessage did not contain a PreKeyId");
                }
                preKeyId = optionalPreKeyId.get();
                if (this.identityKey != null && !this.identityKey.equals(identityKey)) {
                    throw new CryptoFailedException("Received PreKeyWhisperMessage but preexisting identity key changed.");
                }
                this.identityKey = identityKey;
                plaintext = cipher.decrypt(preKeySignalMessage);
            } else {
                SignalMessage signalMessage = new SignalMessage(encryptedKey.key);
                plaintext = cipher.decrypt(signalMessage);
                // better safe than sorry because we use that to do special after prekey handling
                preKeyId = null;
            }
        } catch (InvalidVersionException | InvalidKeyException | LegacyMessageException | InvalidMessageException | DuplicateMessageException | NoSessionException | InvalidKeyIdException | UntrustedIdentityException e) {
            if (!(e instanceof DuplicateMessageException)) {
                e.printStackTrace();
            }
            throw new CryptoFailedException("Error decrypting WhisperMessage " + e.getClass().getSimpleName() + ": " + e.getMessage());
        }
        if (!status.isActive()) {
            setTrust(status.toActive());
        }
    } else {
        throw new CryptoFailedException("not encrypting omemo message from fingerprint " + getFingerprint() + " because it was marked as compromised");
    }
    return plaintext;
}
Also used : InvalidMessageException(org.whispersystems.libsignal.InvalidMessageException) IdentityKey(org.whispersystems.libsignal.IdentityKey) UntrustedIdentityException(org.whispersystems.libsignal.UntrustedIdentityException) SignalMessage(org.whispersystems.libsignal.protocol.SignalMessage) PreKeySignalMessage(org.whispersystems.libsignal.protocol.PreKeySignalMessage) InvalidVersionException(org.whispersystems.libsignal.InvalidVersionException) InvalidKeyException(org.whispersystems.libsignal.InvalidKeyException) NoSessionException(org.whispersystems.libsignal.NoSessionException) PreKeySignalMessage(org.whispersystems.libsignal.protocol.PreKeySignalMessage) DuplicateMessageException(org.whispersystems.libsignal.DuplicateMessageException) InvalidKeyIdException(org.whispersystems.libsignal.InvalidKeyIdException) LegacyMessageException(org.whispersystems.libsignal.LegacyMessageException) Nullable(android.support.annotation.Nullable)

Example 4 with InvalidKeyIdException

use of org.whispersystems.libsignal.InvalidKeyIdException in project toshi-android-client by toshiapp.

the class SignalPreKeyStore method migrateRecords.

public void migrateRecords() {
    synchronized (FILE_LOCK) {
        File preKeyRecords = getPreKeyDirectory();
        for (File preKeyRecord : preKeyRecords.listFiles()) {
            try {
                int preKeyId = Integer.parseInt(preKeyRecord.getName());
                PreKeyRecord record = loadPreKey(preKeyId);
                storePreKey(preKeyId, record);
            } catch (InvalidKeyIdException | NumberFormatException e) {
                LogUtil.exception("Error while migrating records", e);
            }
        }
        File signedPreKeyRecords = getSignedPreKeyDirectory();
        for (File signedPreKeyRecord : signedPreKeyRecords.listFiles()) {
            try {
                int signedPreKeyId = Integer.parseInt(signedPreKeyRecord.getName());
                SignedPreKeyRecord record = loadSignedPreKey(signedPreKeyId);
                storeSignedPreKey(signedPreKeyId, record);
            } catch (InvalidKeyIdException | NumberFormatException e) {
                LogUtil.exception("Error while migrating records", e);
            }
        }
    }
}
Also used : PreKeyRecord(org.whispersystems.libsignal.state.PreKeyRecord) SignedPreKeyRecord(org.whispersystems.libsignal.state.SignedPreKeyRecord) InvalidKeyIdException(org.whispersystems.libsignal.InvalidKeyIdException) RandomAccessFile(java.io.RandomAccessFile) File(java.io.File) SignedPreKeyRecord(org.whispersystems.libsignal.state.SignedPreKeyRecord)

Example 5 with InvalidKeyIdException

use of org.whispersystems.libsignal.InvalidKeyIdException in project Conversations by siacs.

the class AxolotlService method publishBundlesIfNeeded.

public void publishBundlesIfNeeded(final boolean announce, final boolean wipe) {
    if (pepBroken) {
        Log.d(Config.LOGTAG, getLogprefix(account) + "publishBundlesIfNeeded called, but PEP is broken. Ignoring... ");
        return;
    }
    if (account.getXmppConnection().getFeatures().pepPublishOptions()) {
        this.changeAccessMode.set(account.isOptionSet(Account.OPTION_REQUIRES_ACCESS_MODE_CHANGE));
    } else {
        if (account.setOption(Account.OPTION_REQUIRES_ACCESS_MODE_CHANGE, true)) {
            Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": server doesn’t support publish-options. setting for later access mode change");
            mXmppConnectionService.databaseBackend.updateAccount(account);
        }
    }
    if (this.changeAccessMode.get()) {
        Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": server gained publish-options capabilities. changing access model");
    }
    IqPacket packet = mXmppConnectionService.getIqGenerator().retrieveBundlesForDevice(account.getJid().asBareJid(), getOwnDeviceId());
    mXmppConnectionService.sendIqPacket(account, packet, new OnIqPacketReceived() {

        @Override
        public void onIqPacketReceived(Account account, IqPacket packet) {
            if (packet.getType() == IqPacket.TYPE.TIMEOUT) {
                // ignore timeout. do nothing
                return;
            }
            if (packet.getType() == IqPacket.TYPE.ERROR) {
                Element error = packet.findChild("error");
                if (error == null || !error.hasChild("item-not-found")) {
                    pepBroken = true;
                    Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "request for device bundles came back with something other than item-not-found" + packet);
                    return;
                }
            }
            PreKeyBundle bundle = mXmppConnectionService.getIqParser().bundle(packet);
            Map<Integer, ECPublicKey> keys = mXmppConnectionService.getIqParser().preKeyPublics(packet);
            boolean flush = false;
            if (bundle == null) {
                Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Received invalid bundle:" + packet);
                bundle = new PreKeyBundle(-1, -1, -1, null, -1, null, null, null);
                flush = true;
            }
            if (keys == null) {
                Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Received invalid prekeys:" + packet);
            }
            try {
                boolean changed = false;
                // Validate IdentityKey
                IdentityKeyPair identityKeyPair = axolotlStore.getIdentityKeyPair();
                if (flush || !identityKeyPair.getPublicKey().equals(bundle.getIdentityKey())) {
                    Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Adding own IdentityKey " + identityKeyPair.getPublicKey() + " to PEP.");
                    changed = true;
                }
                // Validate signedPreKeyRecord + ID
                SignedPreKeyRecord signedPreKeyRecord;
                int numSignedPreKeys = axolotlStore.getSignedPreKeysCount();
                try {
                    signedPreKeyRecord = axolotlStore.loadSignedPreKey(bundle.getSignedPreKeyId());
                    if (flush || !bundle.getSignedPreKey().equals(signedPreKeyRecord.getKeyPair().getPublicKey()) || !Arrays.equals(bundle.getSignedPreKeySignature(), signedPreKeyRecord.getSignature())) {
                        Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Adding new signedPreKey with ID " + (numSignedPreKeys + 1) + " to PEP.");
                        signedPreKeyRecord = KeyHelper.generateSignedPreKey(identityKeyPair, numSignedPreKeys + 1);
                        axolotlStore.storeSignedPreKey(signedPreKeyRecord.getId(), signedPreKeyRecord);
                        changed = true;
                    }
                } catch (InvalidKeyIdException e) {
                    Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Adding new signedPreKey with ID " + (numSignedPreKeys + 1) + " to PEP.");
                    signedPreKeyRecord = KeyHelper.generateSignedPreKey(identityKeyPair, numSignedPreKeys + 1);
                    axolotlStore.storeSignedPreKey(signedPreKeyRecord.getId(), signedPreKeyRecord);
                    changed = true;
                }
                // Validate PreKeys
                Set<PreKeyRecord> preKeyRecords = new HashSet<>();
                if (keys != null) {
                    for (Integer id : keys.keySet()) {
                        try {
                            PreKeyRecord preKeyRecord = axolotlStore.loadPreKey(id);
                            if (preKeyRecord.getKeyPair().getPublicKey().equals(keys.get(id))) {
                                preKeyRecords.add(preKeyRecord);
                            }
                        } catch (InvalidKeyIdException ignored) {
                        }
                    }
                }
                int newKeys = NUM_KEYS_TO_PUBLISH - preKeyRecords.size();
                if (newKeys > 0) {
                    List<PreKeyRecord> newRecords = KeyHelper.generatePreKeys(axolotlStore.getCurrentPreKeyId() + 1, newKeys);
                    preKeyRecords.addAll(newRecords);
                    for (PreKeyRecord record : newRecords) {
                        axolotlStore.storePreKey(record.getId(), record);
                    }
                    changed = true;
                    Log.i(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Adding " + newKeys + " new preKeys to PEP.");
                }
                if (changed || changeAccessMode.get()) {
                    if (account.getPrivateKeyAlias() != null && Config.X509_VERIFICATION) {
                        mXmppConnectionService.publishDisplayName(account);
                        publishDeviceVerificationAndBundle(signedPreKeyRecord, preKeyRecords, announce, wipe);
                    } else {
                        publishDeviceBundle(signedPreKeyRecord, preKeyRecords, announce, wipe);
                    }
                } else {
                    Log.d(Config.LOGTAG, getLogprefix(account) + "Bundle " + getOwnDeviceId() + " in PEP was current");
                    if (wipe) {
                        wipeOtherPepDevices();
                    } else if (announce) {
                        Log.d(Config.LOGTAG, getLogprefix(account) + "Announcing device " + getOwnDeviceId());
                        publishOwnDeviceIdIfNeeded();
                    }
                }
            } catch (InvalidKeyException e) {
                Log.e(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Failed to publish bundle " + getOwnDeviceId() + ", reason: " + e.getMessage());
            }
        }
    });
}
Also used : Account(eu.siacs.conversations.entities.Account) Set(java.util.Set) HashSet(java.util.HashSet) OnIqPacketReceived(eu.siacs.conversations.xmpp.OnIqPacketReceived) Element(eu.siacs.conversations.xml.Element) InvalidKeyException(org.whispersystems.libsignal.InvalidKeyException) IqPacket(eu.siacs.conversations.xmpp.stanzas.IqPacket) PreKeyBundle(org.whispersystems.libsignal.state.PreKeyBundle) SignedPreKeyRecord(org.whispersystems.libsignal.state.SignedPreKeyRecord) PreKeyRecord(org.whispersystems.libsignal.state.PreKeyRecord) InvalidKeyIdException(org.whispersystems.libsignal.InvalidKeyIdException) List(java.util.List) ArrayList(java.util.ArrayList) ImmutableList(com.google.common.collect.ImmutableList) IdentityKeyPair(org.whispersystems.libsignal.IdentityKeyPair) OmemoVerifiedRtpContentMap(eu.siacs.conversations.xmpp.jingle.OmemoVerifiedRtpContentMap) Map(java.util.Map) ImmutableMap(com.google.common.collect.ImmutableMap) HashMap(java.util.HashMap) RtpContentMap(eu.siacs.conversations.xmpp.jingle.RtpContentMap) SignedPreKeyRecord(org.whispersystems.libsignal.state.SignedPreKeyRecord)

Aggregations

InvalidKeyIdException (org.whispersystems.libsignal.InvalidKeyIdException)15 InvalidKeyException (org.whispersystems.libsignal.InvalidKeyException)9 SignedPreKeyRecord (org.whispersystems.libsignal.state.SignedPreKeyRecord)9 PreKeyRecord (org.whispersystems.libsignal.state.PreKeyRecord)7 DuplicateMessageException (org.whispersystems.libsignal.DuplicateMessageException)6 InvalidMessageException (org.whispersystems.libsignal.InvalidMessageException)6 InvalidVersionException (org.whispersystems.libsignal.InvalidVersionException)6 LegacyMessageException (org.whispersystems.libsignal.LegacyMessageException)6 UntrustedIdentityException (org.whispersystems.libsignal.UntrustedIdentityException)6 NoSessionException (org.whispersystems.libsignal.NoSessionException)5 PreKeySignalMessage (org.whispersystems.libsignal.protocol.PreKeySignalMessage)4 SignalMessage (org.whispersystems.libsignal.protocol.SignalMessage)4 List (java.util.List)3 ECKeyPair (org.whispersystems.libsignal.ecc.ECKeyPair)3 SignedPreKeyStore (org.whispersystems.libsignal.state.SignedPreKeyStore)3 File (java.io.File)2 RandomAccessFile (java.io.RandomAccessFile)2 ArrayList (java.util.ArrayList)2 HashMap (java.util.HashMap)2 HashSet (java.util.HashSet)2