eliott/libsignal
1
0
Fork 0
mirror of https://github.com/signalapp/libsignal.git synced 2026-05-10 09:02:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

UnidentifiedSenderMessageContent: Don't validate the sender up front

Browse Source 
Both the Android and iOS clients currently allow customizing this
validatation logic for testing purposes, and iOS additionally wants to
log the information about the unwrapped message even if there are
problems with it.

iOS does also currently log information about the unwrapped message
even if the static key being used is wrong, but in order to fix that
we'd have to have a secondary return value (either the expected static
key, computed during decrypt-to-USMC, or a flag saying whether the
comparison failed).
This commit is contained in:
Jordan Rose
2020-12-01 16:50:49 -08:00
parent 643a637b34
commit df87cd2edf
6 changed files with 10 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/java/src/main/java/org/signal/internal/Native.java
View File

@@ -136,7 +136,7 @@ public final class Native {
public static native boolean ScannableFingerprint_Compare(byte[] fprint1, byte[] fprint2);
public static native long SealedSessionCipher_DecryptToUsmc(byte[] ctext, long trustRoot, long timestamp, IdentityKeyStore identityStore);
public static native long SealedSessionCipher_DecryptToUsmc(byte[] ctext, IdentityKeyStore identityStore);
public static native byte[] SealedSessionCipher_Encrypt(long destination, long senderCert, byte[] ptext, SessionStore sessionStore, IdentityKeyStore identityStore);
public static native long SenderCertificate_Deserialize(byte[] data);

6
java/java/src/main/java/org/signal/libsignal/metadata/SealedSessionCipher.java
View File

@@ -70,10 +70,8 @@ public class SealedSessionCipher {
UnidentifiedSenderMessageContent content;
try {
content = new UnidentifiedSenderMessageContent(
Native.SealedSessionCipher_DecryptToUsmc(ciphertext,
validator.getTrustRoot().nativeHandle(),
timestamp,
this.signalProtocolStore));
Native.SealedSessionCipher_DecryptToUsmc(ciphertext, this.signalProtocolStore));
validator.validate(content.getSenderCertificate(), timestamp);
} catch (Exception e) {
throw new InvalidMetadataMessageException(e);
}