From b8c5e147581202508a3d30191ff5dfdfc3800f2a Mon Sep 17 00:00:00 2001 From: Matthew Chen Date: Tue, 2 Oct 2018 16:26:08 -0400 Subject: [PATCH] Apply UD trust root value for staging. --- .../src/Messages/OWSMessageDecrypter.m | 27 +++++++------------ SignalServiceKit/src/TSConstants.h | 5 +++- 2 files changed, 14 insertions(+), 18 deletions(-) diff --git a/SignalServiceKit/src/Messages/OWSMessageDecrypter.m b/SignalServiceKit/src/Messages/OWSMessageDecrypter.m index 85874d339..58547a086 100644 --- a/SignalServiceKit/src/Messages/OWSMessageDecrypter.m +++ b/SignalServiceKit/src/Messages/OWSMessageDecrypter.m @@ -21,6 +21,7 @@ #import "TSPreKeyManager.h" #import #import +#import #import #import #import @@ -31,8 +32,6 @@ NS_ASSUME_NONNULL_BEGIN @property (nonatomic, readonly) OWSPrimaryStorage *primaryStorage; @property (nonatomic, readonly) YapDatabaseConnection *dbConnection; -@property (nonatomic, readonly) OWSBlockingManager *blockingManager; -@property (nonatomic, readonly) OWSIdentityManager *identityManager; @end @@ -203,7 +202,7 @@ NS_ASSUME_NONNULL_BEGIN OWSFailDebug(@"Received an invalid envelope: %@", exception.debugDescription); OWSProdFail([OWSAnalyticsEvents messageManagerErrorInvalidProtocolMessage]); - [[OWSPrimaryStorage.sharedManager newDatabaseConnection] + [[self.primaryStorage newDatabaseConnection] readWriteWithBlock:^(YapDatabaseReadWriteTransaction *transaction) { TSErrorMessage *errorMessage = [TSErrorMessage corruptedMessageInUnknownThread]; [SSKEnvironment.shared.notificationsManager notifyUserForThreadlessErrorMessage:errorMessage @@ -271,7 +270,6 @@ NS_ASSUME_NONNULL_BEGIN OWSAssertDebug(successBlock); OWSAssertDebug(failureBlock); - OWSPrimaryStorage *primaryStorage = self.primaryStorage; NSString *recipientId = envelope.source; int deviceId = envelope.sourceDevice; @@ -287,9 +285,9 @@ NS_ASSUME_NONNULL_BEGIN asyncReadWriteWithBlock:^(YapDatabaseReadWriteTransaction *transaction) { @try { id cipherMessage = cipherMessageBlock(encryptedData); - SessionCipher *cipher = [[SessionCipher alloc] initWithSessionStore:primaryStorage - preKeyStore:primaryStorage - signedPreKeyStore:primaryStorage + SessionCipher *cipher = [[SessionCipher alloc] initWithSessionStore:self.primaryStorage + preKeyStore:self.primaryStorage + signedPreKeyStore:self.primaryStorage identityKeyStore:self.identityManager recipientId:recipientId deviceId:deviceId]; @@ -322,11 +320,6 @@ NS_ASSUME_NONNULL_BEGIN // Check whether we need to refresh our PreKeys every time we receive a Unidentified Sender Message. [TSPreKeyManager checkPreKeys]; - OWSPrimaryStorage *primaryStorage = self.primaryStorage; - // TODO: Are source & sourceDevice going to eventually be obsolete? - NSString *recipientId = envelope.source; - int deviceId = envelope.sourceDevice; - // NOTE: We don't need to bother with `legacyMessage` for UD messages. NSData *encryptedData = envelope.content; if (!encryptedData) { @@ -342,8 +335,8 @@ NS_ASSUME_NONNULL_BEGIN } UInt64 serverTimestamp = envelope.serverTimestamp; - // TODO: This is temporary. - NSData *trustRootData = [Randomness generateRandomBytes:ECCKeyLength]; + NSData *_Nullable trustRootData = [NSData dataFromBase64String:kUDTrustRoot]; + OWSAssert(trustRootData); NSError *error; ECPublicKey *_Nullable trustRoot = [[ECPublicKey alloc] initWithKeyData:trustRootData error:&error]; if (error || !trustRoot) { @@ -358,9 +351,9 @@ NS_ASSUME_NONNULL_BEGIN @try { NSError *error; SMKSecretSessionCipher *_Nullable cipher = - [[SMKSecretSessionCipher alloc] initWithSessionStore:primaryStorage - preKeyStore:primaryStorage - signedPreKeyStore:primaryStorage + [[SMKSecretSessionCipher alloc] initWithSessionStore:self.primaryStorage + preKeyStore:self.primaryStorage + signedPreKeyStore:self.primaryStorage identityStore:self.identityManager error:&error]; if (error || !cipher) { diff --git a/SignalServiceKit/src/TSConstants.h b/SignalServiceKit/src/TSConstants.h index a5899b6fc..5d9496568 100644 --- a/SignalServiceKit/src/TSConstants.h +++ b/SignalServiceKit/src/TSConstants.h @@ -26,7 +26,7 @@ typedef NS_ENUM(NSInteger, TSWhisperMessageType) { //#ifndef DEBUG -//// Production +// Production //#define textSecureWebSocketAPI @"wss://textsecure-service.whispersystems.org/v1/websocket/" //#define textSecureServerURL @"https://textsecure-service.whispersystems.org/" //#define textSecureCDNServerURL @"https://cdn.signal.org" @@ -34,6 +34,8 @@ typedef NS_ENUM(NSInteger, TSWhisperMessageType) { //#define textSecureServiceReflectorHost @"textsecure-service-reflected.whispersystems.org" //#define textSecureCDNReflectorHost @"textsecure-service-reflected.whispersystems.org" //#define contactDiscoveryURL @"https://api.directory.signal.org" +//// TODO: The production value is not yet known. +//#define kUDTrustRoot @"BbqY1DzohE4NUZoVF+L18oUPrK3kILllLEJh2UnPSsEx" //#else // @@ -44,6 +46,7 @@ typedef NS_ENUM(NSInteger, TSWhisperMessageType) { #define textSecureServiceReflectorHost @"meek-signal-service-staging.appspot.com"; #define textSecureCDNReflectorHost @"meek-signal-cdn-staging.appspot.com"; #define contactDiscoveryURL @"https://api-staging.directory.signal.org" +#define kUDTrustRoot @"BbqY1DzohE4NUZoVF+L18oUPrK3kILllLEJh2UnPSsEx" // //#endif