Example 6 with SignalProtocolAddress
use of org.whispersystems.libsignal.SignalProtocolAddress in project Signal-Android by signalapp.
the class TextSecureIdentityKeyStore method isTrustedIdentity.
@Override
public boolean isTrustedIdentity(SignalProtocolAddress address, IdentityKey identityKey, Direction direction) {
synchronized (LOCK) {
IdentityDatabase identityDatabase = DatabaseFactory.getIdentityDatabase(context);
String ourNumber = TextSecurePreferences.getLocalNumber(context);
Address theirAddress = Address.fromExternal(context, address.getName());
if (ourNumber.equals(address.getName()) || Address.fromSerialized(ourNumber).equals(theirAddress)) {
return identityKey.equals(IdentityKeyUtil.getIdentityKey(context));
}
switch(direction) {
case SENDING:
return isTrustedForSending(identityKey, identityDatabase.getIdentity(theirAddress));
case RECEIVING:
return true;
default:
throw new AssertionError("Unknown direction: " + direction);
}
}
}
Also used :
IdentityDatabase(org.thoughtcrime.securesms.database.IdentityDatabase)
Address(org.thoughtcrime.securesms.database.Address)
SignalProtocolAddress(org.whispersystems.libsignal.SignalProtocolAddress)
Example 7 with SignalProtocolAddress
use of org.whispersystems.libsignal.SignalProtocolAddress in project Pix-Art-Messenger by kriztan.
the class AxolotlService method findOwnSessions.
public Collection<XmppAxolotlSession> findOwnSessions() {
SignalProtocolAddress ownAddress = getAddressForJid(account.getJid().toBareJid());
ArrayList<XmppAxolotlSession> s = new ArrayList<>(this.sessions.getAll(ownAddress.getName()).values());
Collections.sort(s);
return s;
}
Also used :
ArrayList(java.util.ArrayList)
SignalProtocolAddress(org.whispersystems.libsignal.SignalProtocolAddress)
Example 8 with SignalProtocolAddress
use of org.whispersystems.libsignal.SignalProtocolAddress in project Pix-Art-Messenger by kriztan.
the class AxolotlService method findDevicesWithoutSession.
public Set<SignalProtocolAddress> findDevicesWithoutSession(final Conversation conversation) {
Set<SignalProtocolAddress> addresses = new HashSet<>();
for (Jid jid : getCryptoTargets(conversation)) {
Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Finding devices without session for " + jid);
if (deviceIds.get(jid) != null) {
for (Integer foreignId : this.deviceIds.get(jid)) {
SignalProtocolAddress address = new SignalProtocolAddress(jid.toPreppedString(), foreignId);
if (sessions.get(address) == null) {
IdentityKey identityKey = axolotlStore.loadSession(address).getSessionState().getRemoteIdentityKey();
if (identityKey != null) {
Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Already have session for " + address.toString() + ", adding to cache...");
XmppAxolotlSession session = new XmppAxolotlSession(account, axolotlStore, address, identityKey);
sessions.put(address, session);
} else {
Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Found device " + jid + ":" + foreignId);
if (fetchStatusMap.get(address) != FetchStatus.ERROR) {
addresses.add(address);
} else {
Log.d(Config.LOGTAG, getLogprefix(account) + "skipping over " + address + " because it's broken");
}
}
}
}
} else {
mXmppConnectionService.keyStatusUpdated(FetchStatus.ERROR);
Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Have no target devices in PEP!");
}
}
if (deviceIds.get(account.getJid().toBareJid()) != null) {
for (Integer ownId : this.deviceIds.get(account.getJid().toBareJid())) {
SignalProtocolAddress address = new SignalProtocolAddress(account.getJid().toBareJid().toPreppedString(), ownId);
if (sessions.get(address) == null) {
IdentityKey identityKey = axolotlStore.loadSession(address).getSessionState().getRemoteIdentityKey();
if (identityKey != null) {
Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Already have session for " + address.toString() + ", adding to cache...");
XmppAxolotlSession session = new XmppAxolotlSession(account, axolotlStore, address, identityKey);
sessions.put(address, session);
} else {
Log.d(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Found device " + account.getJid().toBareJid() + ":" + ownId);
if (fetchStatusMap.get(address) != FetchStatus.ERROR) {
addresses.add(address);
} else {
Log.d(Config.LOGTAG, getLogprefix(account) + "skipping over " + address + " because it's broken");
}
}
}
}
}
return addresses;
}
Also used :
IdentityKey(org.whispersystems.libsignal.IdentityKey)
Jid(de.pixart.messenger.xmpp.jid.Jid)
SignalProtocolAddress(org.whispersystems.libsignal.SignalProtocolAddress)
HashSet(java.util.HashSet)
Example 9 with SignalProtocolAddress
use of org.whispersystems.libsignal.SignalProtocolAddress in project Pix-Art-Messenger by kriztan.
the class AxolotlService method registerDevices.
public void registerDevices(final Jid jid, @NonNull final Set<Integer> deviceIds) {
final int hash = deviceIds.hashCode();
final boolean me = jid.toBareJid().equals(account.getJid().toBareJid());
if (me) {
if (hash != 0 && hash == this.lastDeviceListNotificationHash) {
Log.d(Config.LOGTAG, account.getJid().toBareJid() + ": ignoring duplicate own device id list");
return;
}
this.lastDeviceListNotificationHash = hash;
}
boolean needsPublishing = me && !deviceIds.contains(getOwnDeviceId());
if (me) {
deviceIds.remove(getOwnDeviceId());
}
Set<Integer> expiredDevices = new HashSet<>(axolotlStore.getSubDeviceSessions(jid.toBareJid().toPreppedString()));
expiredDevices.removeAll(deviceIds);
for (Integer deviceId : expiredDevices) {
SignalProtocolAddress address = new SignalProtocolAddress(jid.toBareJid().toPreppedString(), deviceId);
XmppAxolotlSession session = sessions.get(address);
if (session != null && session.getFingerprint() != null) {
if (session.getTrust().isActive()) {
session.setTrust(session.getTrust().toInactive());
}
}
}
Set<Integer> newDevices = new HashSet<>(deviceIds);
for (Integer deviceId : newDevices) {
SignalProtocolAddress address = new SignalProtocolAddress(jid.toBareJid().toPreppedString(), deviceId);
XmppAxolotlSession session = sessions.get(address);
if (session != null && session.getFingerprint() != null) {
if (!session.getTrust().isActive()) {
Log.d(Config.LOGTAG, "reactivating device with fingerprint " + session.getFingerprint());
session.setTrust(session.getTrust().toActive());
}
}
}
if (me) {
if (Config.OMEMO_AUTO_EXPIRY != 0) {
needsPublishing |= deviceIds.removeAll(getExpiredDevices());
}
needsPublishing |= this.changeAccessMode.get();
for (Integer deviceId : deviceIds) {
SignalProtocolAddress ownDeviceAddress = new SignalProtocolAddress(jid.toBareJid().toPreppedString(), deviceId);
if (sessions.get(ownDeviceAddress) == null) {
FetchStatus status = fetchStatusMap.get(ownDeviceAddress);
if (status == null || status == FetchStatus.TIMEOUT) {
fetchStatusMap.put(ownDeviceAddress, FetchStatus.PENDING);
this.buildSessionFromPEP(ownDeviceAddress);
}
}
}
if (needsPublishing) {
publishOwnDeviceId(deviceIds);
}
}
this.deviceIds.put(jid, deviceIds);
// update the lock icon
mXmppConnectionService.updateConversationUi();
mXmppConnectionService.keyStatusUpdated(null);
}
Also used :
SignalProtocolAddress(org.whispersystems.libsignal.SignalProtocolAddress)
HashSet(java.util.HashSet)
Example 10 with SignalProtocolAddress
use of org.whispersystems.libsignal.SignalProtocolAddress in project Pix-Art-Messenger by kriztan.
the class AxolotlService method verifySessionWithPEP.
private void verifySessionWithPEP(final XmppAxolotlSession session) {
Log.d(Config.LOGTAG, "trying to verify fresh session (" + session.getRemoteAddress().getName() + ") with pep");
final SignalProtocolAddress address = session.getRemoteAddress();
final IdentityKey identityKey = session.getIdentityKey();
try {
IqPacket packet = mXmppConnectionService.getIqGenerator().retrieveVerificationForDevice(Jid.fromString(address.getName()), address.getDeviceId());
mXmppConnectionService.sendIqPacket(account, packet, new OnIqPacketReceived() {
@Override
public void onIqPacketReceived(Account account, IqPacket packet) {
Pair<X509Certificate[], byte[]> verification = mXmppConnectionService.getIqParser().verification(packet);
if (verification != null) {
try {
Signature verifier = Signature.getInstance("sha256WithRSA");
verifier.initVerify(verification.first[0]);
verifier.update(identityKey.serialize());
if (verifier.verify(verification.second)) {
try {
mXmppConnectionService.getMemorizingTrustManager().getNonInteractive().checkClientTrusted(verification.first, "RSA");
String fingerprint = session.getFingerprint();
Log.d(Config.LOGTAG, "verified session with x.509 signature. fingerprint was: " + fingerprint);
setFingerprintTrust(fingerprint, FingerprintStatus.createActiveVerified(true));
axolotlStore.setFingerprintCertificate(fingerprint, verification.first[0]);
fetchStatusMap.put(address, FetchStatus.SUCCESS_VERIFIED);
Bundle information = CryptoHelper.extractCertificateInformation(verification.first[0]);
try {
final String cn = information.getString("subject_cn");
final Jid jid = Jid.fromString(address.getName());
Log.d(Config.LOGTAG, "setting common name for " + jid + " to " + cn);
account.getRoster().getContact(jid).setCommonName(cn);
} catch (final InvalidJidException ignored) {
// ignored
}
finishBuildingSessionsFromPEP(address);
return;
} catch (Exception e) {
Log.d(Config.LOGTAG, "could not verify certificate");
}
}
} catch (Exception e) {
Log.d(Config.LOGTAG, "error during verification " + e.getMessage());
}
} else {
Log.d(Config.LOGTAG, "no verification found");
}
fetchStatusMap.put(address, FetchStatus.SUCCESS);
finishBuildingSessionsFromPEP(address);
}
});
} catch (InvalidJidException e) {
fetchStatusMap.put(address, FetchStatus.SUCCESS);
finishBuildingSessionsFromPEP(address);
}
}
Also used :
Account(de.pixart.messenger.entities.Account)
IdentityKey(org.whispersystems.libsignal.IdentityKey)
OnIqPacketReceived(de.pixart.messenger.xmpp.OnIqPacketReceived)
Jid(de.pixart.messenger.xmpp.jid.Jid)
Bundle(android.os.Bundle)
PreKeyBundle(org.whispersystems.libsignal.state.PreKeyBundle)
InvalidJidException(de.pixart.messenger.xmpp.jid.InvalidJidException)
X509Certificate(java.security.cert.X509Certificate)
UntrustedIdentityException(org.whispersystems.libsignal.UntrustedIdentityException)
InvalidKeyIdException(org.whispersystems.libsignal.InvalidKeyIdException)
InvalidJidException(de.pixart.messenger.xmpp.jid.InvalidJidException)
InvalidKeyException(org.whispersystems.libsignal.InvalidKeyException)
IqPacket(de.pixart.messenger.xmpp.stanzas.IqPacket)
Signature(java.security.Signature)
SignalProtocolAddress(org.whispersystems.libsignal.SignalProtocolAddress)
IdentityKeyPair(org.whispersystems.libsignal.IdentityKeyPair)
Pair(android.util.Pair)
Aggregations
SignalProtocolAddress (org.whispersystems.libsignal.SignalProtocolAddress)77
InvalidKeyException (org.whispersystems.libsignal.InvalidKeyException)14
PreKeyBundle (org.whispersystems.libsignal.state.PreKeyBundle)11
SignalServiceAddress (org.whispersystems.signalservice.api.push.SignalServiceAddress)11
ArrayList (java.util.ArrayList)10
Recipient (org.thoughtcrime.securesms.recipients.Recipient)10
IOException (java.io.IOException)9
SessionBuilder (org.whispersystems.libsignal.SessionBuilder)9
Optional (org.whispersystems.libsignal.util.guava.Optional)9
UntrustedIdentityException (org.whispersystems.signalservice.api.crypto.UntrustedIdentityException)9
HashMap (java.util.HashMap)8
HashSet (java.util.HashSet)8
List (java.util.List)8
ContentHint (org.whispersystems.signalservice.api.crypto.ContentHint)8
DistributionId (org.whispersystems.signalservice.api.push.DistributionId)8
NonNull (androidx.annotation.NonNull)6
LinkedList (java.util.LinkedList)6
Collectors (java.util.stream.Collectors)6
SenderKeyDistributionMessage (org.whispersystems.libsignal.protocol.SenderKeyDistributionMessage)6
SignalServiceMessageSender (org.whispersystems.signalservice.api.SignalServiceMessageSender)6
