SES-3053 Send only the first 32 bytes of admin key as promotion message (#860)

4 months ago · 8cc85337dc
parent 0876f872c1
commit 8cc85337dc
3 changed files with 38 additions and 8 deletions
--- a/app/src/main/java/org/thoughtcrime/securesms/groups/GroupManagerV2Impl.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/groups/GroupManagerV2Impl.kt
@ -501,7 +501,7 @@ class GroupManagerV2Impl @Inject constructor(
            GroupUpdateMessage.newBuilder()
                .setPromoteMessage(
                    DataMessage.GroupUpdatePromoteMessage.newBuilder()
-                        .setGroupIdentitySeed(ByteString.copyFrom(adminKey))
+                        .setGroupIdentitySeed(ByteString.copyFrom(adminKey).substring(0, 32))
                        .setName(groupName)
                )
                .build()
@ -693,7 +693,7 @@ class GroupManagerV2Impl @Inject constructor(
        handleInvitation(
            groupId = groupId,
            groupName = groupName,
-            authDataOrAdminKey = authData,
+            authDataOrAdminSeed = authData,
            fromPromotion = false,
            inviter = inviter,
            inviterName = inviterName,
@ -721,7 +721,7 @@ class GroupManagerV2Impl @Inject constructor(
            handleInvitation(
                groupId = groupId,
                groupName = groupName,
-                authDataOrAdminKey = adminKey,
+                authDataOrAdminSeed = adminKey,
                fromPromotion = true,
                inviter = promoter,
                inviterName = promoterName,
@ -759,7 +759,7 @@ class GroupManagerV2Impl @Inject constructor(
     *
     * @param groupId the group ID
     * @param groupName the group name
-     * @param authDataOrAdminKey the auth data or admin key. If this is an invitation, this is the auth data, if this is a promotion, this is the admin key.
+     * @param authDataOrAdminSeed the auth data or admin key. If this is an invitation, this is the auth data, if this is a promotion, this is the admin key.
     * @param fromPromotion true if this is a promotion, false if this is an invitation
     * @param inviter the invite message sender
     * @return The newly created group info if the invitation is processed, null otherwise.
@ -767,7 +767,7 @@ class GroupManagerV2Impl @Inject constructor(
    private suspend fun handleInvitation(
        groupId: AccountId,
        groupName: String,
-        authDataOrAdminKey: ByteArray,
+        authDataOrAdminSeed: ByteArray,
        fromPromotion: Boolean,
        inviter: AccountId,
        inviterName: String?,
@ -781,8 +781,8 @@ class GroupManagerV2Impl @Inject constructor(
            storage.getRecipientApproved(Address.fromSerialized(inviter.hexString))
        val closedGroupInfo = GroupInfo.ClosedGroupInfo(
            groupAccountId = groupId,
-            adminKey = authDataOrAdminKey.takeIf { fromPromotion },
-            authData = authDataOrAdminKey.takeIf { !fromPromotion },
+            adminKey = authDataOrAdminSeed.takeIf { fromPromotion }?.let { GroupInfo.ClosedGroupInfo.adminKeyFromSeed(it) },
+            authData = authDataOrAdminSeed.takeIf { !fromPromotion },
            priority = PRIORITY_VISIBLE,
            invited = !shouldAutoApprove,
            name = groupName,
--- a/libsession-util/src/main/cpp/user_groups.cpp
+++ b/libsession-util/src/main/cpp/user_groups.cpp
@ -1,6 +1,8 @@
 #include "user_groups.h"
 #include "oxenc/hex.h"

+#include "session/ed25519.hpp"
+
 extern "C"
 JNIEXPORT jint JNICALL
 Java_network_loki_messenger_libsession_1util_util_GroupInfo_00024LegacyGroupInfo_00024Companion_NAME_1MAX_1LENGTH(
@ -324,3 +326,21 @@ Java_network_loki_messenger_libsession_1util_UserGroupsConfig_eraseClosedGroup(J
    env->ReleaseStringUTFChars(session_id, session_id_bytes);
    return return_value;
 }
+
+extern "C"
+JNIEXPORT jbyteArray JNICALL
+Java_network_loki_messenger_libsession_1util_util_GroupInfo_00024ClosedGroupInfo_adminKeyFromSeed(
+        JNIEnv *env, jclass clazz, jbyteArray seed) {
+    auto len = env->GetArrayLength(seed);
+    if (len != 32) {
+        env->ThrowNew(env->FindClass("java/lang/IllegalArgumentException"), "Seed must be 32 bytes");
+        return nullptr;
+    }
+
+    auto seed_bytes = env->GetByteArrayElements(seed, nullptr);
+    auto admin_key = session::ed25519::ed25519_key_pair(
+            session::ustring_view(reinterpret_cast<unsigned char *>(seed_bytes), 32)).second;
+    env->ReleaseByteArrayElements(seed, seed_bytes, 0);
+
+    return util::bytes_from_ustring(env, session::ustring_view(admin_key.data(), admin_key.size()));
+}
--- a/libsession-util/src/main/java/network/loki/messenger/libsession_util/util/GroupInfo.kt
+++ b/libsession-util/src/main/java/network/loki/messenger/libsession_util/util/GroupInfo.kt
@ -17,7 +17,6 @@ sealed class GroupInfo {
        val destroyed: Boolean,
        val joinedAtSecs: Long
    ): GroupInfo() {
-
        init {
            require(adminKey == null || adminKey.isNotEmpty()) {
                "Admin key must be non-empty if present"
@ -29,6 +28,17 @@ sealed class GroupInfo {
        }

        fun hasAdminKey() = adminKey != null
+
+        companion object {
+            /**
+             * Generate the group's admin key(64 bytes) from seed (32 bytes, normally used
+             * in group promotions).
+             *
+             * Use of JvmStatic makes the JNI signature less esoteric.
+             */
+            @JvmStatic
+            external fun adminKeyFromSeed(seed: ByteArray): ByteArray
+        }
    }

    data class LegacyGroupInfo(