fixed fingerprint trust (was messed up after library upgrade)
This commit is contained in:
parent
24ab765e11
commit
cbce73c301
|
@ -189,7 +189,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
|
||||||
SignalProtocolAddress axolotlAddress = new SignalProtocolAddress(bareJid, deviceId);
|
SignalProtocolAddress axolotlAddress = new SignalProtocolAddress(bareJid, deviceId);
|
||||||
IdentityKey identityKey = store.loadSession(axolotlAddress).getSessionState().getRemoteIdentityKey();
|
IdentityKey identityKey = store.loadSession(axolotlAddress).getSessionState().getRemoteIdentityKey();
|
||||||
if(Config.X509_VERIFICATION) {
|
if(Config.X509_VERIFICATION) {
|
||||||
X509Certificate certificate = store.getFingerprintCertificate(identityKey.getFingerprint().replaceAll("\\s", ""));
|
X509Certificate certificate = store.getFingerprintCertificate(CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()));
|
||||||
if (certificate != null) {
|
if (certificate != null) {
|
||||||
Bundle information = CryptoHelper.extractCertificateInformation(certificate);
|
Bundle information = CryptoHelper.extractCertificateInformation(certificate);
|
||||||
try {
|
try {
|
||||||
|
@ -891,7 +891,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
|
||||||
if (Config.X509_VERIFICATION) {
|
if (Config.X509_VERIFICATION) {
|
||||||
verifySessionWithPEP(session);
|
verifySessionWithPEP(session);
|
||||||
} else {
|
} else {
|
||||||
FingerprintStatus status = getFingerprintTrust(bundle.getIdentityKey().getFingerprint().replaceAll("\\s",""));
|
FingerprintStatus status = getFingerprintTrust(CryptoHelper.bytesToHex(bundle.getIdentityKey().getPublicKey().serialize()));
|
||||||
FetchStatus fetchStatus;
|
FetchStatus fetchStatus;
|
||||||
if (status != null && status.isVerified()) {
|
if (status != null && status.isVerified()) {
|
||||||
fetchStatus = FetchStatus.SUCCESS_VERIFIED;
|
fetchStatus = FetchStatus.SUCCESS_VERIFIED;
|
||||||
|
|
|
@ -22,6 +22,7 @@ import java.util.Set;
|
||||||
import eu.siacs.conversations.Config;
|
import eu.siacs.conversations.Config;
|
||||||
import eu.siacs.conversations.entities.Account;
|
import eu.siacs.conversations.entities.Account;
|
||||||
import eu.siacs.conversations.services.XmppConnectionService;
|
import eu.siacs.conversations.services.XmppConnectionService;
|
||||||
|
import eu.siacs.conversations.utils.CryptoHelper;
|
||||||
|
|
||||||
public class SQLiteAxolotlStore implements SignalProtocolStore {
|
public class SQLiteAxolotlStore implements SignalProtocolStore {
|
||||||
|
|
||||||
|
@ -186,7 +187,7 @@ public class SQLiteAxolotlStore implements SignalProtocolStore {
|
||||||
@Override
|
@Override
|
||||||
public boolean saveIdentity(SignalProtocolAddress address, IdentityKey identityKey) {
|
public boolean saveIdentity(SignalProtocolAddress address, IdentityKey identityKey) {
|
||||||
if (!mXmppConnectionService.databaseBackend.loadIdentityKeys(account, address.getName()).contains(identityKey)) {
|
if (!mXmppConnectionService.databaseBackend.loadIdentityKeys(account, address.getName()).contains(identityKey)) {
|
||||||
String fingerprint = identityKey.getFingerprint().replaceAll("\\s", "");
|
String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize());
|
||||||
FingerprintStatus status = getFingerprintStatus(fingerprint);
|
FingerprintStatus status = getFingerprintStatus(fingerprint);
|
||||||
if (status == null) {
|
if (status == null) {
|
||||||
if (mXmppConnectionService.blindTrustBeforeVerification() && !account.getAxolotlService().hasVerifiedKeys(address.getName())) {
|
if (mXmppConnectionService.blindTrustBeforeVerification() && !account.getAxolotlService().hasVerifiedKeys(address.getName())) {
|
||||||
|
|
|
@ -50,6 +50,7 @@ import eu.siacs.conversations.entities.PresenceTemplate;
|
||||||
import eu.siacs.conversations.entities.Roster;
|
import eu.siacs.conversations.entities.Roster;
|
||||||
import eu.siacs.conversations.entities.ServiceDiscoveryResult;
|
import eu.siacs.conversations.entities.ServiceDiscoveryResult;
|
||||||
import eu.siacs.conversations.services.ShortcutService;
|
import eu.siacs.conversations.services.ShortcutService;
|
||||||
|
import eu.siacs.conversations.utils.CryptoHelper;
|
||||||
import eu.siacs.conversations.utils.MimeUtils;
|
import eu.siacs.conversations.utils.MimeUtils;
|
||||||
import eu.siacs.conversations.xmpp.jid.InvalidJidException;
|
import eu.siacs.conversations.xmpp.jid.InvalidJidException;
|
||||||
import eu.siacs.conversations.xmpp.jid.Jid;
|
import eu.siacs.conversations.xmpp.jid.Jid;
|
||||||
|
@ -311,7 +312,7 @@ public class DatabaseBackend extends SQLiteOpenHelper {
|
||||||
if (identityKeyPair != null) {
|
if (identityKeyPair != null) {
|
||||||
String[] selectionArgs = {
|
String[] selectionArgs = {
|
||||||
account.getUuid(),
|
account.getUuid(),
|
||||||
identityKeyPair.getPublicKey().getFingerprint().replaceAll("\\s", "")
|
CryptoHelper.bytesToHex(identityKeyPair.getPublicKey().serialize())
|
||||||
};
|
};
|
||||||
ContentValues values = new ContentValues();
|
ContentValues values = new ContentValues();
|
||||||
values.put(SQLiteAxolotlStore.TRUSTED, 2);
|
values.put(SQLiteAxolotlStore.TRUSTED, 2);
|
||||||
|
@ -1353,11 +1354,11 @@ public class DatabaseBackend extends SQLiteOpenHelper {
|
||||||
}
|
}
|
||||||
|
|
||||||
public void storeIdentityKey(Account account, String name, IdentityKey identityKey, FingerprintStatus status) {
|
public void storeIdentityKey(Account account, String name, IdentityKey identityKey, FingerprintStatus status) {
|
||||||
storeIdentityKey(account, name, false, identityKey.getFingerprint().replaceAll("\\s", ""), Base64.encodeToString(identityKey.serialize(), Base64.DEFAULT), status);
|
storeIdentityKey(account, name, false, CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()), Base64.encodeToString(identityKey.serialize(), Base64.DEFAULT), status);
|
||||||
}
|
}
|
||||||
|
|
||||||
public void storeOwnIdentityKeyPair(Account account, IdentityKeyPair identityKeyPair) {
|
public void storeOwnIdentityKeyPair(Account account, IdentityKeyPair identityKeyPair) {
|
||||||
storeIdentityKey(account, account.getJid().toBareJid().toPreppedString(), true, identityKeyPair.getPublicKey().getFingerprint().replaceAll("\\s", ""), Base64.encodeToString(identityKeyPair.serialize(), Base64.DEFAULT), FingerprintStatus.createActiveVerified(false));
|
storeIdentityKey(account, account.getJid().toBareJid().toPreppedString(), true, CryptoHelper.bytesToHex(identityKeyPair.getPublicKey().serialize()), Base64.encodeToString(identityKeyPair.serialize(), Base64.DEFAULT), FingerprintStatus.createActiveVerified(false));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -113,7 +113,7 @@ public abstract class OmemoActivity extends XmppActivity {
|
||||||
final String fingerprint = session.getFingerprint();
|
final String fingerprint = session.getFingerprint();
|
||||||
addFingerprintRowWithListeners(keys,
|
addFingerprintRowWithListeners(keys,
|
||||||
session.getAccount(),
|
session.getAccount(),
|
||||||
session.getFingerprint(),
|
fingerprint,
|
||||||
highlight,
|
highlight,
|
||||||
session.getTrust(),
|
session.getTrust(),
|
||||||
true,
|
true,
|
||||||
|
|
|
@ -32,6 +32,7 @@ import eu.siacs.conversations.crypto.axolotl.AxolotlService;
|
||||||
import eu.siacs.conversations.crypto.axolotl.FingerprintStatus;
|
import eu.siacs.conversations.crypto.axolotl.FingerprintStatus;
|
||||||
import eu.siacs.conversations.entities.Account;
|
import eu.siacs.conversations.entities.Account;
|
||||||
import eu.siacs.conversations.entities.Conversation;
|
import eu.siacs.conversations.entities.Conversation;
|
||||||
|
import eu.siacs.conversations.utils.CryptoHelper;
|
||||||
import eu.siacs.conversations.utils.XmppUri;
|
import eu.siacs.conversations.utils.XmppUri;
|
||||||
import eu.siacs.conversations.xmpp.OnKeyStatusUpdated;
|
import eu.siacs.conversations.xmpp.OnKeyStatusUpdated;
|
||||||
import eu.siacs.conversations.xmpp.jid.InvalidJidException;
|
import eu.siacs.conversations.xmpp.jid.InvalidJidException;
|
||||||
|
@ -248,8 +249,9 @@ public class TrustKeysActivity extends OmemoActivity implements OnKeyStatusUpdat
|
||||||
AxolotlService service = this.mAccount.getAxolotlService();
|
AxolotlService service = this.mAccount.getAxolotlService();
|
||||||
Set<IdentityKey> ownKeysSet = service.getKeysWithTrust(FingerprintStatus.createActiveUndecided());
|
Set<IdentityKey> ownKeysSet = service.getKeysWithTrust(FingerprintStatus.createActiveUndecided());
|
||||||
for(final IdentityKey identityKey : ownKeysSet) {
|
for(final IdentityKey identityKey : ownKeysSet) {
|
||||||
if(!ownKeysToTrust.containsKey(identityKey)) {
|
final String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize());
|
||||||
ownKeysToTrust.put(identityKey.getFingerprint().replaceAll("\\s", ""), false);
|
if(!ownKeysToTrust.containsKey(fingerprint)) {
|
||||||
|
ownKeysToTrust.put(fingerprint, false);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
synchronized (this.foreignKeysToTrust) {
|
synchronized (this.foreignKeysToTrust) {
|
||||||
|
@ -261,8 +263,9 @@ public class TrustKeysActivity extends OmemoActivity implements OnKeyStatusUpdat
|
||||||
}
|
}
|
||||||
Map<String, Boolean> foreignFingerprints = new HashMap<>();
|
Map<String, Boolean> foreignFingerprints = new HashMap<>();
|
||||||
for (final IdentityKey identityKey : foreignKeysSet) {
|
for (final IdentityKey identityKey : foreignKeysSet) {
|
||||||
if (!foreignFingerprints.containsKey(identityKey)) {
|
final String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize());
|
||||||
foreignFingerprints.put(identityKey.getFingerprint().replaceAll("\\s", ""), false);
|
if (!foreignFingerprints.containsKey(fingerprint)) {
|
||||||
|
foreignFingerprints.put(fingerprint, false);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (foreignFingerprints.size() > 0 || !acceptedTargets.contains(jid)) {
|
if (foreignFingerprints.size() > 0 || !acceptedTargets.contains(jid)) {
|
||||||
|
|
Loading…
Reference in a new issue