From cbce73c30103d754a7dca0c9be72da1be8fceb64 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Sun, 25 Jun 2017 18:18:13 +0200 Subject: [PATCH] fixed fingerprint trust (was messed up after library upgrade) --- .../conversations/crypto/axolotl/AxolotlService.java | 4 ++-- .../crypto/axolotl/SQLiteAxolotlStore.java | 3 ++- .../conversations/persistance/DatabaseBackend.java | 7 ++++--- .../java/eu/siacs/conversations/ui/OmemoActivity.java | 2 +- .../eu/siacs/conversations/ui/TrustKeysActivity.java | 11 +++++++---- 5 files changed, 16 insertions(+), 11 deletions(-) diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java index ff3f7fcee..045795c08 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java @@ -189,7 +189,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded { SignalProtocolAddress axolotlAddress = new SignalProtocolAddress(bareJid, deviceId); IdentityKey identityKey = store.loadSession(axolotlAddress).getSessionState().getRemoteIdentityKey(); if(Config.X509_VERIFICATION) { - X509Certificate certificate = store.getFingerprintCertificate(identityKey.getFingerprint().replaceAll("\\s", "")); + X509Certificate certificate = store.getFingerprintCertificate(CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize())); if (certificate != null) { Bundle information = CryptoHelper.extractCertificateInformation(certificate); try { @@ -891,7 +891,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded { if (Config.X509_VERIFICATION) { verifySessionWithPEP(session); } else { - FingerprintStatus status = getFingerprintTrust(bundle.getIdentityKey().getFingerprint().replaceAll("\\s","")); + FingerprintStatus status = getFingerprintTrust(CryptoHelper.bytesToHex(bundle.getIdentityKey().getPublicKey().serialize())); FetchStatus fetchStatus; if (status != null && status.isVerified()) { fetchStatus = FetchStatus.SUCCESS_VERIFIED; diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/SQLiteAxolotlStore.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/SQLiteAxolotlStore.java index 29f85161e..313755537 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/SQLiteAxolotlStore.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/SQLiteAxolotlStore.java @@ -22,6 +22,7 @@ import java.util.Set; import eu.siacs.conversations.Config; import eu.siacs.conversations.entities.Account; import eu.siacs.conversations.services.XmppConnectionService; +import eu.siacs.conversations.utils.CryptoHelper; public class SQLiteAxolotlStore implements SignalProtocolStore { @@ -186,7 +187,7 @@ public class SQLiteAxolotlStore implements SignalProtocolStore { @Override public boolean saveIdentity(SignalProtocolAddress address, IdentityKey identityKey) { if (!mXmppConnectionService.databaseBackend.loadIdentityKeys(account, address.getName()).contains(identityKey)) { - String fingerprint = identityKey.getFingerprint().replaceAll("\\s", ""); + String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()); FingerprintStatus status = getFingerprintStatus(fingerprint); if (status == null) { if (mXmppConnectionService.blindTrustBeforeVerification() && !account.getAxolotlService().hasVerifiedKeys(address.getName())) { diff --git a/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java b/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java index f38abfa6c..589858b86 100644 --- a/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java +++ b/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java @@ -50,6 +50,7 @@ import eu.siacs.conversations.entities.PresenceTemplate; import eu.siacs.conversations.entities.Roster; import eu.siacs.conversations.entities.ServiceDiscoveryResult; import eu.siacs.conversations.services.ShortcutService; +import eu.siacs.conversations.utils.CryptoHelper; import eu.siacs.conversations.utils.MimeUtils; import eu.siacs.conversations.xmpp.jid.InvalidJidException; import eu.siacs.conversations.xmpp.jid.Jid; @@ -311,7 +312,7 @@ public class DatabaseBackend extends SQLiteOpenHelper { if (identityKeyPair != null) { String[] selectionArgs = { account.getUuid(), - identityKeyPair.getPublicKey().getFingerprint().replaceAll("\\s", "") + CryptoHelper.bytesToHex(identityKeyPair.getPublicKey().serialize()) }; ContentValues values = new ContentValues(); values.put(SQLiteAxolotlStore.TRUSTED, 2); @@ -1353,11 +1354,11 @@ public class DatabaseBackend extends SQLiteOpenHelper { } public void storeIdentityKey(Account account, String name, IdentityKey identityKey, FingerprintStatus status) { - storeIdentityKey(account, name, false, identityKey.getFingerprint().replaceAll("\\s", ""), Base64.encodeToString(identityKey.serialize(), Base64.DEFAULT), status); + storeIdentityKey(account, name, false, CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()), Base64.encodeToString(identityKey.serialize(), Base64.DEFAULT), status); } public void storeOwnIdentityKeyPair(Account account, IdentityKeyPair identityKeyPair) { - storeIdentityKey(account, account.getJid().toBareJid().toPreppedString(), true, identityKeyPair.getPublicKey().getFingerprint().replaceAll("\\s", ""), Base64.encodeToString(identityKeyPair.serialize(), Base64.DEFAULT), FingerprintStatus.createActiveVerified(false)); + storeIdentityKey(account, account.getJid().toBareJid().toPreppedString(), true, CryptoHelper.bytesToHex(identityKeyPair.getPublicKey().serialize()), Base64.encodeToString(identityKeyPair.serialize(), Base64.DEFAULT), FingerprintStatus.createActiveVerified(false)); } diff --git a/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java b/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java index 20ae71b03..ad94e8c9e 100644 --- a/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java +++ b/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java @@ -113,7 +113,7 @@ public abstract class OmemoActivity extends XmppActivity { final String fingerprint = session.getFingerprint(); addFingerprintRowWithListeners(keys, session.getAccount(), - session.getFingerprint(), + fingerprint, highlight, session.getTrust(), true, diff --git a/src/main/java/eu/siacs/conversations/ui/TrustKeysActivity.java b/src/main/java/eu/siacs/conversations/ui/TrustKeysActivity.java index b8b918d58..5e8954c93 100644 --- a/src/main/java/eu/siacs/conversations/ui/TrustKeysActivity.java +++ b/src/main/java/eu/siacs/conversations/ui/TrustKeysActivity.java @@ -32,6 +32,7 @@ import eu.siacs.conversations.crypto.axolotl.AxolotlService; import eu.siacs.conversations.crypto.axolotl.FingerprintStatus; import eu.siacs.conversations.entities.Account; import eu.siacs.conversations.entities.Conversation; +import eu.siacs.conversations.utils.CryptoHelper; import eu.siacs.conversations.utils.XmppUri; import eu.siacs.conversations.xmpp.OnKeyStatusUpdated; import eu.siacs.conversations.xmpp.jid.InvalidJidException; @@ -248,8 +249,9 @@ public class TrustKeysActivity extends OmemoActivity implements OnKeyStatusUpdat AxolotlService service = this.mAccount.getAxolotlService(); Set ownKeysSet = service.getKeysWithTrust(FingerprintStatus.createActiveUndecided()); for(final IdentityKey identityKey : ownKeysSet) { - if(!ownKeysToTrust.containsKey(identityKey)) { - ownKeysToTrust.put(identityKey.getFingerprint().replaceAll("\\s", ""), false); + final String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()); + if(!ownKeysToTrust.containsKey(fingerprint)) { + ownKeysToTrust.put(fingerprint, false); } } synchronized (this.foreignKeysToTrust) { @@ -261,8 +263,9 @@ public class TrustKeysActivity extends OmemoActivity implements OnKeyStatusUpdat } Map foreignFingerprints = new HashMap<>(); for (final IdentityKey identityKey : foreignKeysSet) { - if (!foreignFingerprints.containsKey(identityKey)) { - foreignFingerprints.put(identityKey.getFingerprint().replaceAll("\\s", ""), false); + final String fingerprint = CryptoHelper.bytesToHex(identityKey.getPublicKey().serialize()); + if (!foreignFingerprints.containsKey(fingerprint)) { + foreignFingerprints.put(fingerprint, false); } } if (foreignFingerprints.size() > 0 || !acceptedTargets.contains(jid)) {