Deprecate 'signaling key'.

6 years ago · ed25f4748d
parent b29f55b99c
commit ed25f4748d
4 changed files with 13 additions and 15 deletions
--- a/SignalServiceKit/src/Account/TSAccountManager.m
+++ b/SignalServiceKit/src/Account/TSAccountManager.m
@ -389,7 +389,6 @@ NSString *const TSAccountManager_NeedsAccountAttributesUpdateKey = @"TSAccountMa
    TSRequest *request = [OWSRequestFactory verifyCodeRequestWithVerificationCode:verificationCode
                                                                        forNumber:phoneNumber
                                                                              pin:pin
-                                                                     signalingKey:signalingKey
                                                                          authKey:authToken];

    [self.networkManager makeRequest:request
--- a/SignalServiceKit/src/Network/API/Requests/OWSRequestFactory.h
+++ b/SignalServiceKit/src/Network/API/Requests/OWSRequestFactory.h
@ -66,7 +66,6 @@ typedef NS_ENUM(NSUInteger, TSVerificationTransport) { TSVerificationTransportVo
 + (TSRequest *)verifyCodeRequestWithVerificationCode:(NSString *)verificationCode
                                           forNumber:(NSString *)phoneNumber
                                                 pin:(nullable NSString *)pin
-                                        signalingKey:(NSString *)signalingKey
                                             authKey:(NSString *)authKey;

 #pragma mark - Prekeys
--- a/SignalServiceKit/src/Network/API/Requests/OWSRequestFactory.m
+++ b/SignalServiceKit/src/Network/API/Requests/OWSRequestFactory.m
@ -219,14 +219,11 @@ NS_ASSUME_NONNULL_BEGIN
 {
    NSString *path = [textSecureAccountsAPI stringByAppendingString:textSecureAttributesAPI];

-    NSString *signalingKey = self.tsAccountManager.signalingKey;
-    OWSAssertDebug(signalingKey.length > 0);
    NSString *authKey = self.tsAccountManager.serverAuthToken;
    OWSAssertDebug(authKey.length > 0);
    NSString *_Nullable pin = [self.ows2FAManager pinCode];

-    NSDictionary<NSString *, id> *accountAttributes =
-        [self accountAttributesWithPin:pin signalingKey:signalingKey authKey:authKey];
+    NSDictionary<NSString *, id> *accountAttributes = [self accountAttributesWithPin:pin authKey:authKey];

    return [TSRequest requestWithUrl:[NSURL URLWithString:path] method:@"PUT" parameters:accountAttributes];
 }
@ -293,18 +290,16 @@ NS_ASSUME_NONNULL_BEGIN
 + (TSRequest *)verifyCodeRequestWithVerificationCode:(NSString *)verificationCode
                                           forNumber:(NSString *)phoneNumber
                                                 pin:(nullable NSString *)pin
-                                        signalingKey:(NSString *)signalingKey
                                             authKey:(NSString *)authKey
 {
    OWSAssertDebug(verificationCode.length > 0);
    OWSAssertDebug(phoneNumber.length > 0);
-    OWSAssertDebug(signalingKey.length > 0);
    OWSAssertDebug(authKey.length > 0);

    NSString *path = [NSString stringWithFormat:@"%@/code/%@", textSecureAccountsAPI, verificationCode];

    NSMutableDictionary<NSString *, id> *accountAttributes =
-        [[self accountAttributesWithPin:pin signalingKey:signalingKey authKey:authKey] mutableCopy];
+        [[self accountAttributesWithPin:pin authKey:authKey] mutableCopy];
    [accountAttributes removeObjectForKey:@"AuthKey"];

    TSRequest *request =
@ -316,10 +311,8 @@ NS_ASSUME_NONNULL_BEGIN
 }

 + (NSDictionary<NSString *, id> *)accountAttributesWithPin:(nullable NSString *)pin
-                                              signalingKey:(NSString *)signalingKey
                                                   authKey:(NSString *)authKey
 {
-    OWSAssertDebug(signalingKey.length > 0);
    OWSAssertDebug(authKey.length > 0);
    uint32_t registrationId = [self.tsAccountManager getOrGenerateRegistrationId];

@ -334,8 +327,8 @@ NS_ASSUME_NONNULL_BEGIN
    }
    BOOL allowUnrestrictedUD = [self.udManager shouldAllowUnrestrictedAccessLocal] && udAccessKey != nil;

+    // We no longer include the signalingKey.
    NSMutableDictionary *accountAttributes = [@{
-        @"signalingKey" : signalingKey,
        @"AuthKey" : authKey,
        @"voice" : @(YES), // all Signal-iOS clients support voice
        @"video" : @(YES), // all Signal-iOS clients support WebRTC-based voice and video calls.
--- a/SignalServiceKit/src/Network/WebSockets/OWSWebSocket.m
+++ b/SignalServiceKit/src/Network/WebSockets/OWSWebSocket.m
@ -770,9 +770,16 @@ NSString *const kNSNotification_OWSWebSocketStateDidChange = @"kNSNotification_O
        dispatch_async(self.serialQueue, ^{
            BOOL success = NO;
            @try {
-                NSData *_Nullable decryptedPayload =
-                    [Cryptography decryptAppleMessagePayload:message.body
-                                            withSignalingKey:TSAccountManager.signalingKey];
+                BOOL useSignalingKey = [message.headers containsObject:@"X-Signal-Key: true"];
+                NSData *_Nullable decryptedPayload;
+                if (useSignalingKey) {
+                    decryptedPayload = [Cryptography decryptAppleMessagePayload:message.body
+                                                               withSignalingKey:TSAccountManager.signalingKey];
+                } else {
+                    OWSAssertDebug([message.headers containsObject:@"X-Signal-Key: false"]);
+
+                    decryptedPayload = message.body;
+                }

                if (!decryptedPayload) {
                    OWSLogWarn(@"Failed to decrypt incoming payload or bad HMAC");