webmaster/signal-cli
1
0
Fork 0
mirror of https://github.com/AsamK/signal-cli synced 2025-08-29 10:30:38 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Trust an identity with its scannable safety numbers from the other device

Browse source 
Attention, the scannable fingerprints are asymetric, so the scannable
fingerprints from the local listIdentities command can't be used to trust
an identity. The scannable fingerprint must come from the other device.
This commit is contained in:
AsamK 2021-08-22 19:23:49 +02:00
parent 0a5e836ab6
commit 4f67ac674b
2 changed files with 82 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

38
lib/src/main/java/org/asamk/signal/manager/Manager.java
View file

@ -81,6 +81,9 @@ import org.whispersystems.libsignal.IdentityKeyPair;
import org.whispersystems.libsignal.InvalidKeyException;
import org.whispersystems.libsignal.InvalidMessageException;
import org.whispersystems.libsignal.ecc.ECPublicKey;
import org.whispersystems.libsignal.fingerprint.Fingerprint;
import org.whispersystems.libsignal.fingerprint.FingerprintParsingException;
import org.whispersystems.libsignal.fingerprint.FingerprintVersionMismatchException;
import org.whispersystems.libsignal.state.PreKeyRecord;
import org.whispersystems.libsignal.state.SignedPreKeyRecord;
import org.whispersystems.libsignal.util.Pair;
@ -2668,6 +2671,25 @@ public class Manager implements Closeable {
TrustLevel.TRUSTED_VERIFIED);
}
/**
* Trust this the identity with this scannable safety number
*
* @param name username of the identity
* @param safetyNumber Scannable safety number
*/
public boolean trustIdentityVerifiedSafetyNumber(String name, byte[] safetyNumber) throws InvalidNumberException {
var recipientId = canonicalizeAndResolveRecipient(name);
var address = account.getRecipientStore().resolveServiceAddress(recipientId);
return trustIdentity(recipientId, identityKey -> {
final var fingerprint = computeSafetyNumberFingerprint(address, identityKey);
try {
return fingerprint != null && fingerprint.getScannableFingerprint().compareTo(safetyNumber);
} catch (FingerprintVersionMismatchException | FingerprintParsingException e) {
return false;
}
}, TrustLevel.TRUSTED_VERIFIED);
}
/**
* Trust all keys of this identity without verification
*
@ -2717,21 +2739,23 @@ public class Manager implements Closeable {
}
public String computeSafetyNumber(SignalServiceAddress theirAddress, IdentityKey theirIdentityKey) {
final var fingerprint = Utils.computeSafetyNumber(capabilities.isUuid(),
account.getSelfAddress(),
getIdentityKeyPair().getPublicKey(),
theirAddress,
theirIdentityKey);
final Fingerprint fingerprint = computeSafetyNumberFingerprint(theirAddress, theirIdentityKey);
return fingerprint == null ? null : fingerprint.getDisplayableFingerprint().getDisplayText();
}
public byte[] computeSafetyNumberForScanning(SignalServiceAddress theirAddress, IdentityKey theirIdentityKey) {
final var fingerprint = Utils.computeSafetyNumber(capabilities.isUuid(),
final Fingerprint fingerprint = computeSafetyNumberFingerprint(theirAddress, theirIdentityKey);
return fingerprint == null ? null : fingerprint.getScannableFingerprint().getSerialized();
}
private Fingerprint computeSafetyNumberFingerprint(
final SignalServiceAddress theirAddress, final IdentityKey theirIdentityKey
) {
return Utils.computeSafetyNumber(capabilities.isUuid(),
account.getSelfAddress(),
getIdentityKeyPair().getPublicKey(),
theirAddress,
theirIdentityKey);
return fingerprint == null ? null : fingerprint.getScannableFingerprint().getSerialized();
}
@Deprecated