fixed fingerprint trust (was messed up after library upgrade)

This commit is contained in:
Daniel Gultsch 2017-06-25 18:18:13 +02:00
parent 24ab765e11
commit cbce73c301
5 changed files with 16 additions and 11 deletions

View file

@ -189,7 +189,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
SignalProtocolAddress axolotlAddress = new SignalProtocolAddress(bareJid, deviceId); SignalProtocolAddress axolotlAddress = new SignalProtocolAddress(bareJid, deviceId);
IdentityKey identityKey = store.loadSession(axolotlAddress).getSessionState().getRemoteIdentityKey(); IdentityKey identityKey = store.loadSession(axolotlAddress).getSessionState().getRemoteIdentityKey();
if(Config.X509_VERIFICATION) { if(Config.X509_VERIFICATION) {
X509Certificate certificate = store.getFingerprintCertificate(identityKey.getFingerprint().replaceAll("\\s", "")); X509Certificate certificate = store.getFingerprintCertificate(CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()));
if (certificate != null) { if (certificate != null) {
Bundle information = CryptoHelper.extractCertificateInformation(certificate); Bundle information = CryptoHelper.extractCertificateInformation(certificate);
try { try {
@ -891,7 +891,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
if (Config.X509_VERIFICATION) { if (Config.X509_VERIFICATION) {
verifySessionWithPEP(session); verifySessionWithPEP(session);
} else { } else {
FingerprintStatus status = getFingerprintTrust(bundle.getIdentityKey().getFingerprint().replaceAll("\\s","")); FingerprintStatus status = getFingerprintTrust(CryptoHelper.bytesToHex(bundle.getIdentityKey().getPublicKey().serialize()));
FetchStatus fetchStatus; FetchStatus fetchStatus;
if (status != null && status.isVerified()) { if (status != null && status.isVerified()) {
fetchStatus = FetchStatus.SUCCESS_VERIFIED; fetchStatus = FetchStatus.SUCCESS_VERIFIED;

View file

@ -22,6 +22,7 @@ import java.util.Set;
import eu.siacs.conversations.Config; import eu.siacs.conversations.Config;
import eu.siacs.conversations.entities.Account; import eu.siacs.conversations.entities.Account;
import eu.siacs.conversations.services.XmppConnectionService; import eu.siacs.conversations.services.XmppConnectionService;
import eu.siacs.conversations.utils.CryptoHelper;
public class SQLiteAxolotlStore implements SignalProtocolStore { public class SQLiteAxolotlStore implements SignalProtocolStore {
@ -186,7 +187,7 @@ public class SQLiteAxolotlStore implements SignalProtocolStore {
@Override @Override
public boolean saveIdentity(SignalProtocolAddress address, IdentityKey identityKey) { public boolean saveIdentity(SignalProtocolAddress address, IdentityKey identityKey) {
if (!mXmppConnectionService.databaseBackend.loadIdentityKeys(account, address.getName()).contains(identityKey)) { if (!mXmppConnectionService.databaseBackend.loadIdentityKeys(account, address.getName()).contains(identityKey)) {
String fingerprint = identityKey.getFingerprint().replaceAll("\\s", ""); String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize());
FingerprintStatus status = getFingerprintStatus(fingerprint); FingerprintStatus status = getFingerprintStatus(fingerprint);
if (status == null) { if (status == null) {
if (mXmppConnectionService.blindTrustBeforeVerification() && !account.getAxolotlService().hasVerifiedKeys(address.getName())) { if (mXmppConnectionService.blindTrustBeforeVerification() && !account.getAxolotlService().hasVerifiedKeys(address.getName())) {

View file

@ -50,6 +50,7 @@ import eu.siacs.conversations.entities.PresenceTemplate;
import eu.siacs.conversations.entities.Roster; import eu.siacs.conversations.entities.Roster;
import eu.siacs.conversations.entities.ServiceDiscoveryResult; import eu.siacs.conversations.entities.ServiceDiscoveryResult;
import eu.siacs.conversations.services.ShortcutService; import eu.siacs.conversations.services.ShortcutService;
import eu.siacs.conversations.utils.CryptoHelper;
import eu.siacs.conversations.utils.MimeUtils; import eu.siacs.conversations.utils.MimeUtils;
import eu.siacs.conversations.xmpp.jid.InvalidJidException; import eu.siacs.conversations.xmpp.jid.InvalidJidException;
import eu.siacs.conversations.xmpp.jid.Jid; import eu.siacs.conversations.xmpp.jid.Jid;
@ -311,7 +312,7 @@ public class DatabaseBackend extends SQLiteOpenHelper {
if (identityKeyPair != null) { if (identityKeyPair != null) {
String[] selectionArgs = { String[] selectionArgs = {
account.getUuid(), account.getUuid(),
identityKeyPair.getPublicKey().getFingerprint().replaceAll("\\s", "") CryptoHelper.bytesToHex(identityKeyPair.getPublicKey().serialize())
}; };
ContentValues values = new ContentValues(); ContentValues values = new ContentValues();
values.put(SQLiteAxolotlStore.TRUSTED, 2); values.put(SQLiteAxolotlStore.TRUSTED, 2);
@ -1353,11 +1354,11 @@ public class DatabaseBackend extends SQLiteOpenHelper {
} }
public void storeIdentityKey(Account account, String name, IdentityKey identityKey, FingerprintStatus status) { public void storeIdentityKey(Account account, String name, IdentityKey identityKey, FingerprintStatus status) {
storeIdentityKey(account, name, false, identityKey.getFingerprint().replaceAll("\\s", ""), Base64.encodeToString(identityKey.serialize(), Base64.DEFAULT), status); storeIdentityKey(account, name, false, CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()), Base64.encodeToString(identityKey.serialize(), Base64.DEFAULT), status);
} }
public void storeOwnIdentityKeyPair(Account account, IdentityKeyPair identityKeyPair) { public void storeOwnIdentityKeyPair(Account account, IdentityKeyPair identityKeyPair) {
storeIdentityKey(account, account.getJid().toBareJid().toPreppedString(), true, identityKeyPair.getPublicKey().getFingerprint().replaceAll("\\s", ""), Base64.encodeToString(identityKeyPair.serialize(), Base64.DEFAULT), FingerprintStatus.createActiveVerified(false)); storeIdentityKey(account, account.getJid().toBareJid().toPreppedString(), true, CryptoHelper.bytesToHex(identityKeyPair.getPublicKey().serialize()), Base64.encodeToString(identityKeyPair.serialize(), Base64.DEFAULT), FingerprintStatus.createActiveVerified(false));
} }

View file

@ -113,7 +113,7 @@ public abstract class OmemoActivity extends XmppActivity {
final String fingerprint = session.getFingerprint(); final String fingerprint = session.getFingerprint();
addFingerprintRowWithListeners(keys, addFingerprintRowWithListeners(keys,
session.getAccount(), session.getAccount(),
session.getFingerprint(), fingerprint,
highlight, highlight,
session.getTrust(), session.getTrust(),
true, true,

View file

@ -32,6 +32,7 @@ import eu.siacs.conversations.crypto.axolotl.AxolotlService;
import eu.siacs.conversations.crypto.axolotl.FingerprintStatus; import eu.siacs.conversations.crypto.axolotl.FingerprintStatus;
import eu.siacs.conversations.entities.Account; import eu.siacs.conversations.entities.Account;
import eu.siacs.conversations.entities.Conversation; import eu.siacs.conversations.entities.Conversation;
import eu.siacs.conversations.utils.CryptoHelper;
import eu.siacs.conversations.utils.XmppUri; import eu.siacs.conversations.utils.XmppUri;
import eu.siacs.conversations.xmpp.OnKeyStatusUpdated; import eu.siacs.conversations.xmpp.OnKeyStatusUpdated;
import eu.siacs.conversations.xmpp.jid.InvalidJidException; import eu.siacs.conversations.xmpp.jid.InvalidJidException;
@ -248,8 +249,9 @@ public class TrustKeysActivity extends OmemoActivity implements OnKeyStatusUpdat
AxolotlService service = this.mAccount.getAxolotlService(); AxolotlService service = this.mAccount.getAxolotlService();
Set<IdentityKey> ownKeysSet = service.getKeysWithTrust(FingerprintStatus.createActiveUndecided()); Set<IdentityKey> ownKeysSet = service.getKeysWithTrust(FingerprintStatus.createActiveUndecided());
for(final IdentityKey identityKey : ownKeysSet) { for(final IdentityKey identityKey : ownKeysSet) {
if(!ownKeysToTrust.containsKey(identityKey)) { final String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize());
ownKeysToTrust.put(identityKey.getFingerprint().replaceAll("\\s", ""), false); if(!ownKeysToTrust.containsKey(fingerprint)) {
ownKeysToTrust.put(fingerprint, false);
} }
} }
synchronized (this.foreignKeysToTrust) { synchronized (this.foreignKeysToTrust) {
@ -261,8 +263,9 @@ public class TrustKeysActivity extends OmemoActivity implements OnKeyStatusUpdat
} }
Map<String, Boolean> foreignFingerprints = new HashMap<>(); Map<String, Boolean> foreignFingerprints = new HashMap<>();
for (final IdentityKey identityKey : foreignKeysSet) { for (final IdentityKey identityKey : foreignKeysSet) {
if (!foreignFingerprints.containsKey(identityKey)) { final String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize());
foreignFingerprints.put(identityKey.getFingerprint().replaceAll("\\s", ""), false); if (!foreignFingerprints.containsKey(fingerprint)) {
foreignFingerprints.put(fingerprint, false);
} }
} }
if (foreignFingerprints.size() > 0 || !acceptedTargets.contains(jid)) { if (foreignFingerprints.size() > 0 || !acceptedTargets.contains(jid)) {