Search in sources :

Example 1 with ProfileCipher

use of org.whispersystems.signalservice.api.crypto.ProfileCipher in project libsignal-service-java by signalapp.

the class SignalServiceAccountManager method setProfileName.

public void setProfileName(byte[] key, String name) throws IOException {
    if (name == null)
        name = "";
    String ciphertextName = Base64.encodeBytesWithoutPadding(new ProfileCipher(key).encryptName(name.getBytes("UTF-8"), ProfileCipher.NAME_PADDED_LENGTH));
    this.pushServiceSocket.setProfileName(ciphertextName);
}
Also used : ProfileCipher(org.whispersystems.signalservice.api.crypto.ProfileCipher) ByteString(com.google.protobuf.ByteString)

Example 2 with ProfileCipher

use of org.whispersystems.signalservice.api.crypto.ProfileCipher in project Signal-Android by WhisperSystems.

the class ProfileUtil method getAddressForRecipient.

@WorkerThread
@NonNull
public static MobileCoinPublicAddress getAddressForRecipient(@NonNull Recipient recipient) throws IOException, PaymentsAddressException {
    ProfileKey profileKey;
    try {
        profileKey = getProfileKey(recipient);
    } catch (IOException e) {
        Log.w(TAG, "Profile key not available for " + recipient.getId());
        throw new PaymentsAddressException(PaymentsAddressException.Code.NO_PROFILE_KEY);
    }
    ProfileAndCredential profileAndCredential = ProfileUtil.retrieveProfileSync(ApplicationDependencies.getApplication(), recipient, SignalServiceProfile.RequestType.PROFILE);
    SignalServiceProfile profile = profileAndCredential.getProfile();
    byte[] encryptedPaymentsAddress = profile.getPaymentAddress();
    if (encryptedPaymentsAddress == null) {
        Log.w(TAG, "Payments not enabled for " + recipient.getId());
        throw new PaymentsAddressException(PaymentsAddressException.Code.NOT_ENABLED);
    }
    try {
        IdentityKey identityKey = new IdentityKey(Base64.decode(profileAndCredential.getProfile().getIdentityKey()), 0);
        ProfileCipher profileCipher = new ProfileCipher(profileKey);
        byte[] decrypted = profileCipher.decryptWithLength(encryptedPaymentsAddress);
        SignalServiceProtos.PaymentAddress paymentAddress = SignalServiceProtos.PaymentAddress.parseFrom(decrypted);
        byte[] bytes = MobileCoinPublicAddressProfileUtil.verifyPaymentsAddress(paymentAddress, identityKey);
        MobileCoinPublicAddress mobileCoinPublicAddress = MobileCoinPublicAddress.fromBytes(bytes);
        if (mobileCoinPublicAddress == null) {
            throw new PaymentsAddressException(PaymentsAddressException.Code.INVALID_ADDRESS);
        }
        return mobileCoinPublicAddress;
    } catch (InvalidCiphertextException | IOException e) {
        Log.w(TAG, "Could not decrypt payments address, ProfileKey may be outdated for " + recipient.getId(), e);
        throw new PaymentsAddressException(PaymentsAddressException.Code.COULD_NOT_DECRYPT);
    } catch (InvalidKeyException e) {
        Log.w(TAG, "Could not verify payments address due to bad identity key " + recipient.getId(), e);
        throw new PaymentsAddressException(PaymentsAddressException.Code.INVALID_ADDRESS_SIGNATURE);
    }
}
Also used : IdentityKey(org.whispersystems.libsignal.IdentityKey) InvalidCiphertextException(org.whispersystems.signalservice.api.crypto.InvalidCiphertextException) ProfileCipher(org.whispersystems.signalservice.api.crypto.ProfileCipher) ProfileAndCredential(org.whispersystems.signalservice.api.profiles.ProfileAndCredential) IOException(java.io.IOException) PaymentsAddressException(org.thoughtcrime.securesms.payments.PaymentsAddressException) InvalidKeyException(org.whispersystems.libsignal.InvalidKeyException) ProfileKey(org.signal.zkgroup.profiles.ProfileKey) SignalServiceProfile(org.whispersystems.signalservice.api.profiles.SignalServiceProfile) SignalServiceProtos(org.whispersystems.signalservice.internal.push.SignalServiceProtos) MobileCoinPublicAddress(org.thoughtcrime.securesms.payments.MobileCoinPublicAddress) WorkerThread(androidx.annotation.WorkerThread) NonNull(androidx.annotation.NonNull)

Example 3 with ProfileCipher

use of org.whispersystems.signalservice.api.crypto.ProfileCipher in project Signal-Android by signalapp.

the class RetrieveProfileJob method setProfileName.

private void setProfileName(Recipient recipient, String profileName) {
    try {
        byte[] profileKey = recipient.getProfileKey();
        if (profileKey == null)
            return;
        String plaintextProfileName = null;
        if (profileName != null) {
            ProfileCipher profileCipher = new ProfileCipher(profileKey);
            plaintextProfileName = new String(profileCipher.decryptName(Base64.decode(profileName)));
        }
        if (!Util.equals(plaintextProfileName, recipient.getProfileName())) {
            DatabaseFactory.getRecipientDatabase(context).setProfileName(recipient, plaintextProfileName);
        }
    } catch (ProfileCipher.InvalidCiphertextException | IOException e) {
        Log.w(TAG, e);
    }
}
Also used : ProfileCipher(org.whispersystems.signalservice.api.crypto.ProfileCipher) IOException(java.io.IOException)

Example 4 with ProfileCipher

use of org.whispersystems.signalservice.api.crypto.ProfileCipher in project Signal-Android by WhisperSystems.

the class RetrieveProfileJob method setUnidentifiedAccessMode.

private void setUnidentifiedAccessMode(Recipient recipient, String unidentifiedAccessVerifier, boolean unrestrictedUnidentifiedAccess) {
    RecipientDatabase recipientDatabase = SignalDatabase.recipients();
    ProfileKey profileKey = ProfileKeyUtil.profileKeyOrNull(recipient.getProfileKey());
    if (unrestrictedUnidentifiedAccess && unidentifiedAccessVerifier != null) {
        if (recipient.getUnidentifiedAccessMode() != UnidentifiedAccessMode.UNRESTRICTED) {
            Log.i(TAG, "Marking recipient UD status as unrestricted.");
            recipientDatabase.setUnidentifiedAccessMode(recipient.getId(), UnidentifiedAccessMode.UNRESTRICTED);
        }
    } else if (profileKey == null || unidentifiedAccessVerifier == null) {
        if (recipient.getUnidentifiedAccessMode() != UnidentifiedAccessMode.DISABLED) {
            Log.i(TAG, "Marking recipient UD status as disabled.");
            recipientDatabase.setUnidentifiedAccessMode(recipient.getId(), UnidentifiedAccessMode.DISABLED);
        }
    } else {
        ProfileCipher profileCipher = new ProfileCipher(profileKey);
        boolean verifiedUnidentifiedAccess;
        try {
            verifiedUnidentifiedAccess = profileCipher.verifyUnidentifiedAccess(Base64.decode(unidentifiedAccessVerifier));
        } catch (IOException e) {
            Log.w(TAG, e);
            verifiedUnidentifiedAccess = false;
        }
        UnidentifiedAccessMode mode = verifiedUnidentifiedAccess ? UnidentifiedAccessMode.ENABLED : UnidentifiedAccessMode.DISABLED;
        if (recipient.getUnidentifiedAccessMode() != mode) {
            Log.i(TAG, "Marking recipient UD status as " + mode.name() + " after verification.");
            recipientDatabase.setUnidentifiedAccessMode(recipient.getId(), mode);
        }
    }
}
Also used : RecipientDatabase(org.thoughtcrime.securesms.database.RecipientDatabase) ProfileCipher(org.whispersystems.signalservice.api.crypto.ProfileCipher) IOException(java.io.IOException) UnidentifiedAccessMode(org.thoughtcrime.securesms.database.RecipientDatabase.UnidentifiedAccessMode) ProfileKey(org.signal.zkgroup.profiles.ProfileKey)

Example 5 with ProfileCipher

use of org.whispersystems.signalservice.api.crypto.ProfileCipher in project Signal-Android by WhisperSystems.

the class SignalServiceAccountManager method setVersionedProfile.

/**
 * @return The avatar URL path, if one was written.
 */
public Optional<String> setVersionedProfile(ACI aci, ProfileKey profileKey, String name, String about, String aboutEmoji, Optional<SignalServiceProtos.PaymentAddress> paymentsAddress, StreamDetails avatar, List<String> visibleBadgeIds) throws IOException {
    if (name == null)
        name = "";
    ProfileCipher profileCipher = new ProfileCipher(profileKey);
    byte[] ciphertextName = profileCipher.encryptString(name, ProfileCipher.getTargetNameLength(name));
    byte[] ciphertextAbout = profileCipher.encryptString(about, ProfileCipher.getTargetAboutLength(about));
    byte[] ciphertextEmoji = profileCipher.encryptString(aboutEmoji, ProfileCipher.EMOJI_PADDED_LENGTH);
    byte[] ciphertextMobileCoinAddress = paymentsAddress.transform(address -> profileCipher.encryptWithLength(address.toByteArray(), ProfileCipher.PAYMENTS_ADDRESS_CONTENT_SIZE)).orNull();
    boolean hasAvatar = avatar != null;
    ProfileAvatarData profileAvatarData = null;
    if (hasAvatar) {
        profileAvatarData = new ProfileAvatarData(avatar.getStream(), ProfileCipherOutputStream.getCiphertextLength(avatar.getLength()), avatar.getContentType(), new ProfileCipherOutputStreamFactory(profileKey));
    }
    return this.pushServiceSocket.writeProfile(new SignalServiceProfileWrite(profileKey.getProfileKeyVersion(aci.uuid()).serialize(), ciphertextName, ciphertextAbout, ciphertextEmoji, ciphertextMobileCoinAddress, hasAvatar, profileKey.getCommitment(aci.uuid()).serialize(), visibleBadgeIds), profileAvatarData);
}
Also used : ReadOperation(org.whispersystems.signalservice.internal.storage.protos.ReadOperation) ServiceIdType(org.whispersystems.signalservice.api.push.ServiceIdType) Quote(org.whispersystems.signalservice.internal.contacts.crypto.Quote) ProfileKey(org.signal.zkgroup.profiles.ProfileKey) StorageManifest(org.whispersystems.signalservice.internal.storage.protos.StorageManifest) ProfileCipher(org.whispersystems.signalservice.api.crypto.ProfileCipher) ProfileAndCredential(org.whispersystems.signalservice.api.profiles.ProfileAndCredential) StorageKey(org.whispersystems.signalservice.api.storage.StorageKey) Preconditions(org.whispersystems.libsignal.util.guava.Preconditions) Map(java.util.Map) SignalStorageModels(org.whispersystems.signalservice.api.storage.SignalStorageModels) AuthCredentials(org.whispersystems.signalservice.internal.push.AuthCredentials) ProvisionMessage(org.whispersystems.signalservice.internal.push.ProvisioningProtos.ProvisionMessage) RequestVerificationCodeResponse(org.whispersystems.signalservice.internal.push.RequestVerificationCodeResponse) SignalStorageCipher(org.whispersystems.signalservice.api.storage.SignalStorageCipher) SignalServiceProtos(org.whispersystems.signalservice.internal.push.SignalServiceProtos) RemoteAttestationUtil(org.whispersystems.signalservice.internal.push.RemoteAttestationUtil) ACI(org.whispersystems.signalservice.api.push.ACI) Set(java.util.Set) GroupsV2Operations(org.whispersystems.signalservice.api.groupsv2.GroupsV2Operations) IdentityKey(org.whispersystems.libsignal.IdentityKey) CredentialsProvider(org.whispersystems.signalservice.api.util.CredentialsProvider) ProfileCipherOutputStream(org.whispersystems.signalservice.api.crypto.ProfileCipherOutputStream) Base64(org.whispersystems.util.Base64) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IdentityKeyPair(org.whispersystems.libsignal.IdentityKeyPair) StorageManifestKey(org.whispersystems.signalservice.api.storage.StorageManifestKey) SignalStorageRecord(org.whispersystems.signalservice.api.storage.SignalStorageRecord) NoContentException(org.whispersystems.signalservice.api.push.exceptions.NoContentException) Single(io.reactivex.rxjava3.core.Single) SignalServiceProfileWrite(org.whispersystems.signalservice.api.profiles.SignalServiceProfileWrite) PreKeyRecord(org.whispersystems.libsignal.state.PreKeyRecord) InvalidKeyException(org.whispersystems.libsignal.InvalidKeyException) ArrayList(java.util.ArrayList) WhoAmIResponse(org.whispersystems.signalservice.internal.push.WhoAmIResponse) ECPublicKey(org.whispersystems.libsignal.ecc.ECPublicKey) DeviceInfo(org.whispersystems.signalservice.api.messages.multidevice.DeviceInfo) StaticCredentialsProvider(org.whispersystems.signalservice.internal.util.StaticCredentialsProvider) UnauthenticatedQuoteException(org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedQuoteException) ProfileKeyCredential(org.signal.zkgroup.profiles.ProfileKeyCredential) PushNetworkException(org.whispersystems.signalservice.api.push.exceptions.PushNetworkException) StreamDetails(org.whispersystems.signalservice.api.util.StreamDetails) IOException(java.io.IOException) ProfileAvatarData(org.whispersystems.signalservice.internal.push.ProfileAvatarData) GroupsV2Api(org.whispersystems.signalservice.api.groupsv2.GroupsV2Api) Optional(org.whispersystems.libsignal.util.guava.Optional) ExecutionException(java.util.concurrent.ExecutionException) PrimaryProvisioningCipher(org.whispersystems.signalservice.internal.crypto.PrimaryProvisioningCipher) ServiceId(org.whispersystems.signalservice.api.push.ServiceId) RemoteConfigResponse(org.whispersystems.signalservice.internal.push.RemoteConfigResponse) StorageItems(org.whispersystems.signalservice.internal.storage.protos.StorageItems) MasterKey(org.whispersystems.signalservice.api.kbs.MasterKey) TurnServerInfo(org.whispersystems.signalservice.api.messages.calls.TurnServerInfo) ManifestRecord(org.whispersystems.signalservice.internal.storage.protos.ManifestRecord) WriteOperation(org.whispersystems.signalservice.internal.storage.protos.WriteOperation) Util(org.whispersystems.signalservice.internal.util.Util) TimeoutException(java.util.concurrent.TimeoutException) SignedPreKeyRecord(org.whispersystems.libsignal.state.SignedPreKeyRecord) NotFoundException(org.whispersystems.signalservice.api.push.exceptions.NotFoundException) DiscoveryRequest(org.whispersystems.signalservice.internal.contacts.entities.DiscoveryRequest) ByteArrayInputStream(java.io.ByteArrayInputStream) Locale(java.util.Locale) NonSuccessfulResponseCodeException(org.whispersystems.signalservice.api.push.exceptions.NonSuccessfulResponseCodeException) InvalidCiphertextException(org.whispersystems.signalservice.api.crypto.InvalidCiphertextException) CdshAuthResponse(org.whispersystems.signalservice.internal.push.CdshAuthResponse) StorageId(org.whispersystems.signalservice.api.storage.StorageId) ContactDiscoveryCipher(org.whispersystems.signalservice.internal.contacts.crypto.ContactDiscoveryCipher) VerifyAccountResponse(org.whispersystems.signalservice.internal.push.VerifyAccountResponse) PushServiceSocket(org.whispersystems.signalservice.internal.push.PushServiceSocket) VerifyDeviceResponse(org.whispersystems.signalservice.api.messages.multidevice.VerifyDeviceResponse) SignatureException(java.security.SignatureException) Collection(java.util.Collection) KeyStore(java.security.KeyStore) UUID(java.util.UUID) SignalServiceConfiguration(org.whispersystems.signalservice.internal.configuration.SignalServiceConfiguration) ByteString(com.google.protobuf.ByteString) DiscoveryResponse(org.whispersystems.signalservice.internal.contacts.entities.DiscoveryResponse) List(java.util.List) CurrencyConversions(org.whispersystems.signalservice.api.payments.CurrencyConversions) ProfileCipherOutputStreamFactory(org.whispersystems.signalservice.internal.push.http.ProfileCipherOutputStreamFactory) ProvisioningVersion(org.whispersystems.signalservice.internal.push.ProvisioningProtos.ProvisioningVersion) CdshService(org.whispersystems.signalservice.api.services.CdshService) AccountAttributes(org.whispersystems.signalservice.api.account.AccountAttributes) DataInputStream(java.io.DataInputStream) MessageDigest(java.security.MessageDigest) HashMap(java.util.HashMap) ClientZkOperations(org.whispersystems.signalservice.api.groupsv2.ClientZkOperations) UnauthenticatedResponseException(org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedResponseException) Log(org.whispersystems.libsignal.logging.Log) LinkedList(java.util.LinkedList) SignalStorageManifest(org.whispersystems.signalservice.api.storage.SignalStorageManifest) PNI(org.whispersystems.signalservice.api.push.PNI) SignedPreKeyEntity(org.whispersystems.signalservice.api.push.SignedPreKeyEntity) RemoteAttestation(org.whispersystems.signalservice.internal.contacts.crypto.RemoteAttestation) ServiceResponse(org.whispersystems.signalservice.internal.ServiceResponse) TimeUnit(java.util.concurrent.TimeUnit) StorageItem(org.whispersystems.signalservice.internal.storage.protos.StorageItem) Collections(java.util.Collections) ProfileCipherOutputStreamFactory(org.whispersystems.signalservice.internal.push.http.ProfileCipherOutputStreamFactory) SignalServiceProfileWrite(org.whispersystems.signalservice.api.profiles.SignalServiceProfileWrite) ProfileCipher(org.whispersystems.signalservice.api.crypto.ProfileCipher) ProfileAvatarData(org.whispersystems.signalservice.internal.push.ProfileAvatarData)

Aggregations

ProfileCipher (org.whispersystems.signalservice.api.crypto.ProfileCipher)5 IOException (java.io.IOException)4 ProfileKey (org.signal.zkgroup.profiles.ProfileKey)3 ByteString (com.google.protobuf.ByteString)2 IdentityKey (org.whispersystems.libsignal.IdentityKey)2 InvalidKeyException (org.whispersystems.libsignal.InvalidKeyException)2 InvalidCiphertextException (org.whispersystems.signalservice.api.crypto.InvalidCiphertextException)2 NonNull (androidx.annotation.NonNull)1 WorkerThread (androidx.annotation.WorkerThread)1 Single (io.reactivex.rxjava3.core.Single)1 ByteArrayInputStream (java.io.ByteArrayInputStream)1 DataInputStream (java.io.DataInputStream)1 KeyStore (java.security.KeyStore)1 MessageDigest (java.security.MessageDigest)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 SignatureException (java.security.SignatureException)1 ArrayList (java.util.ArrayList)1 Collection (java.util.Collection)1 Collections (java.util.Collections)1 HashMap (java.util.HashMap)1