Forked curve25519 lib is replaced with the latest official maven artifact.

Use libsodium to generate user key pair seed.
2020-11-24 16:57:37 +11:00 · 2020-11-24 16:57:37 +11:00 · 0f189dd4cb
parent 1c5e62a2de
commit 0f189dd4cb
5 changed files with 19 additions and 33 deletions
--- a/messenger/src/org/thoughtcrime/securesms/crypto/IdentityKeyUtil.java
+++ b/messenger/src/org/thoughtcrime/securesms/crypto/IdentityKeyUtil.java
@ -87,23 +87,14 @@ public class IdentityKeyUtil {
    }
  }

-  public static void generateIdentityKeyPair(Context context, byte[] seed) {
-    ECKeyPair keyPair;
-    if (seed != null) {
-      keyPair = Curve.generateKeyPair(seed);
-    } else {
-      keyPair = Curve.generateKeyPair();
-    }
+  public static void generateIdentityKeyPair(Context context) {
+    ECKeyPair keyPair = Curve.generateKeyPair();;
    IdentityKey publicKey = new IdentityKey(keyPair.getPublicKey());
    ECPrivateKey privateKey = keyPair.getPrivateKey();
    save(context, IDENTITY_PUBLIC_KEY_PREF, Base64.encodeBytes(publicKey.serialize()));
    save(context, IDENTITY_PRIVATE_KEY_PREF, Base64.encodeBytes(privateKey.serialize()));
  }

-  public static void generateIdentityKeyPair(Context context) {
-    generateIdentityKeyPair(context, null);
-  }
-
  public static void migrateIdentityKeys(@NonNull Context context,
                                         @NonNull MasterSecret masterSecret)
  {
--- a/messenger/src/org/thoughtcrime/securesms/loki/activities/LandingActivity.kt
+++ b/messenger/src/org/thoughtcrime/securesms/loki/activities/LandingActivity.kt
@ -34,6 +34,7 @@ import org.whispersystems.signalservice.loki.protocol.sessionmanagement.SessionM
 import org.whispersystems.signalservice.loki.protocol.shelved.syncmessages.SyncMessagesProtocol
 import org.whispersystems.signalservice.loki.utilities.hexEncodedPublicKey
 import org.whispersystems.signalservice.loki.utilities.retryIfNeeded
+import java.lang.UnsupportedOperationException

 class LandingActivity : BaseActionBarActivity(), LinkDeviceSlaveModeDialogDelegate {

@ -79,14 +80,19 @@ class LandingActivity : BaseActionBarActivity(), LinkDeviceSlaveModeDialogDelega
    private fun requestDeviceLink(hexEncodedPublicKey: String) {
        var seed: ByteArray? = null
        var keyPair: ECKeyPair? = null
+
+        //FIXME AC: Previously we used the modified version of the Signal's Curve25519 lib to generate the seed and key pair.
+        // If you need to restore this logic you should probably fork and patch the lib to support that method as well.
+        // https://github.com/signalapp/curve25519-java
        fun generateKeyPair() {
-            val seedCandidate = Curve25519.getInstance(Curve25519.BEST).generateSeed(16)
-            try {
-                keyPair = Curve.generateKeyPair(seedCandidate + seedCandidate) // Validate the seed
-            } catch (exception: Exception) {
-                return generateKeyPair()
-            }
-            seed = seedCandidate
+            throw UnsupportedOperationException("Generating device link key pair is not supported at the moment.")
+//            val seedCandidate = Curve25519.getInstance(Curve25519.BEST).generateSeed(16)
+//            try {
+//                keyPair = Curve.generateKeyPair(seedCandidate + seedCandidate) // Validate the seed
+//            } catch (exception: Exception) {
+//                return generateKeyPair()
+//            }
+//            seed = seedCandidate
        }
        generateKeyPair()
        IdentityKeyUtil.save(this, IdentityKeyUtil.LOKI_SEED, Hex.toStringCondensed(seed))
--- a/messenger/src/org/thoughtcrime/securesms/loki/activities/RegisterActivity.kt
+++ b/messenger/src/org/thoughtcrime/securesms/loki/activities/RegisterActivity.kt
@ -13,11 +13,8 @@ import android.text.SpannableStringBuilder
 import android.text.method.LinkMovementMethod
 import android.text.style.ClickableSpan
 import android.text.style.StyleSpan
-import android.util.Log
 import android.view.View
 import android.widget.Toast
-import com.goterl.lazycode.lazysodium.LazySodiumAndroid
-import com.goterl.lazycode.lazysodium.SodiumAndroid
 import com.goterl.lazycode.lazysodium.utils.KeyPair
 import kotlinx.android.synthetic.main.activity_register.*
 import network.loki.messenger.R
@ -29,11 +26,8 @@ import org.thoughtcrime.securesms.database.IdentityDatabase
 import org.thoughtcrime.securesms.loki.utilities.KeyPairUtilities
 import org.thoughtcrime.securesms.loki.utilities.push
 import org.thoughtcrime.securesms.loki.utilities.setUpActionBarSessionLogo
-import org.thoughtcrime.securesms.util.Base64
-import org.thoughtcrime.securesms.util.Hex
 import org.thoughtcrime.securesms.util.TextSecurePreferences
-import org.whispersystems.curve25519.Curve25519
-import org.whispersystems.libsignal.ecc.*
+import org.whispersystems.libsignal.ecc.ECKeyPair
 import org.whispersystems.libsignal.util.KeyHelper
 import org.whispersystems.signalservice.loki.utilities.hexEncodedPublicKey

--- a/messenger/src/org/thoughtcrime/securesms/loki/utilities/KeyPairUtilities.kt
+++ b/messenger/src/org/thoughtcrime/securesms/loki/utilities/KeyPairUtilities.kt
@ -7,13 +7,14 @@ import com.goterl.lazycode.lazysodium.utils.KeyPair
 import org.thoughtcrime.securesms.crypto.IdentityKeyUtil
 import org.thoughtcrime.securesms.util.Base64
 import org.thoughtcrime.securesms.util.Hex
-import org.whispersystems.curve25519.Curve25519
 import org.whispersystems.libsignal.ecc.DjbECPrivateKey
 import org.whispersystems.libsignal.ecc.DjbECPublicKey
 import org.whispersystems.libsignal.ecc.ECKeyPair

 object KeyPairUtilities {

+    private val sodium = LazySodiumAndroid(SodiumAndroid())
+
    data class KeyPairGenerationResult(
        val seed: ByteArray,
        val ed25519KeyPair: KeyPair,
@ -21,7 +22,7 @@ object KeyPairUtilities {
    )

    fun generate(): KeyPairGenerationResult {
-        val seed = Curve25519.getInstance(Curve25519.BEST).generateSeed(16)
+        val seed = sodium.randomBytesBuf(16)
        try {
            return generate(seed)
        } catch (exception: Exception) {
@ -30,7 +31,6 @@ object KeyPairUtilities {
    }

    fun generate(seed: ByteArray): KeyPairGenerationResult {
-        val sodium = LazySodiumAndroid(SodiumAndroid())
        val padding = ByteArray(16) { 0 }
        val ed25519KeyPair = sodium.cryptoSignSeedKeypair(seed + padding)
        val sodiumX25519KeyPair = sodium.convertKeyPairEd25519ToCurve25519(ed25519KeyPair)
--- a/service/java/src/main/java/org/whispersystems/libsignal/ecc/Curve.java
+++ b/service/java/src/main/java/org/whispersystems/libsignal/ecc/Curve.java
@ -20,11 +20,6 @@ public class Curve {
    return Curve25519.getInstance(BEST).isNative();
  }

-  public static ECKeyPair generateKeyPair(byte[] seed) {
-    Curve25519KeyPair keyPair = Curve25519.getInstance(BEST).generateKeyPair(seed);
-    return new ECKeyPair(new DjbECPublicKey(keyPair.getPublicKey()), new DjbECPrivateKey(keyPair.getPrivateKey()));
-  }
-
  public static ECKeyPair generateKeyPair() {
    Curve25519KeyPair keyPair = Curve25519.getInstance(BEST).generateKeyPair();
    return new ECKeyPair(new DjbECPublicKey(keyPair.getPublicKey()), new DjbECPrivateKey(keyPair.getPrivateKey()));