mirror of
https://github.com/oxen-io/session-android.git
synced 2023-12-14 02:53:01 +01:00
* feat: Add Session Id blinding
Including modified version of lazysodium-android to expose missing libsodium functions, we could build from a fork which we still need to setup.
* Add v4 onion request handling
* Update SOGS signature construction
* Fix SOGS signature construction
* Update onion request
* Update signature data
* Keep path prefixes for v4 endpoints
* Update SOGS signature message
* Rename to remove api version suffix
* Update onion response parsing
* Refactor file download paths
* Implement request batching
* Refactor batch response handling
* Handle batch endpoint responses
* Update batch endpoint responses
* Update attachment download handling
* Handle file downloads
* Handle inbox messages
* Fix issue with file downloads
* Preserve image bytearray encoding
* Refactor
* Open group message requests
* Check id blinding in user detail bottom sheet rather
* Message validation refactor
* Cache last inbox/outbox server ids
* Update message encryption/decryption
* Refactor
* Refactor
* Bypass user details bottom sheet in open groups for blinded session ids
* Fix capabilities call auth
* Refactor
* Revert default server details
* Update sodium dependency to forked repo
* Fix attachment upload
* Revert "Update sodium dependency to forked repo"
This reverts commit c7db9529f9
.
* Add signed sodium lib
* Update contact id truncation and mention logic
* Open group inbox messaging fix
* Refactor
* Update blinded id check
* Fix open group message sends
* Fix crash on open group direct message send
* Direct message refactor
* Direct message encrypt/decrypt fixes
* Use updated curve25519 version
* Updated lazysodium dependency
* Update encryption/decryption calls
* Handle direct message parse errors
* Minor refactor
* Existing chat refactor
* Update encryption & decryption parameters
* Fix authenticated ciphertext size
* Set direct message sync target
* Update direct message thread lookup
* Add blinded id mapping table
* Add blinded id mapping table
* Update threads after sends
* Update open group message timestamp handling
* Filter unblinded contacts
* Format blinded id mentions
* Add message deleted field
* Hide open group inbox id
* Update message request response handling
* Update message request response sender handling
* Fix mentions of blinded ids
* Handle open group poll failure
* fix: add log for failed open group onion request, add decoding body for blinding required error at destination
* fix: change the error check
* Persist group members
* Reschedule polling after capabilities update
* Retry on other exceptions
* Minor refactor
* Open group profile fix
* Group member db schema update
* Fix ban request key
* Update ban response type
* Ban endpoint updates
* Ban endpoint updates
* Delete messages
Co-authored-by: charles <charles@oxen.io>
Co-authored-by: jubb <hjubb@users.noreply.github.com>
80 lines
3.8 KiB
Kotlin
80 lines
3.8 KiB
Kotlin
package org.session.libsession.messaging.sending_receiving
|
|
|
|
import com.goterl.lazysodium.LazySodiumAndroid
|
|
import com.goterl.lazysodium.SodiumAndroid
|
|
import com.goterl.lazysodium.interfaces.Box
|
|
import com.goterl.lazysodium.interfaces.Sign
|
|
import org.session.libsession.messaging.MessagingModuleConfiguration
|
|
import org.session.libsession.messaging.sending_receiving.MessageSender.Error
|
|
import org.session.libsession.messaging.utilities.SodiumUtilities
|
|
import org.session.libsignal.utilities.Hex
|
|
import org.session.libsignal.utilities.IdPrefix
|
|
import org.session.libsignal.utilities.Log
|
|
import org.session.libsignal.utilities.removingIdPrefixIfNeeded
|
|
|
|
object MessageEncrypter {
|
|
|
|
private val sodium by lazy { LazySodiumAndroid(SodiumAndroid()) }
|
|
|
|
/**
|
|
* Encrypts `plaintext` using the Session protocol for `hexEncodedX25519PublicKey`.
|
|
*
|
|
* @param plaintext the plaintext to encrypt. Must already be padded.
|
|
* @param recipientHexEncodedX25519PublicKey the X25519 public key to encrypt for. Could be the Session ID of a user, or the public key of a closed group.
|
|
*
|
|
* @return the encrypted message.
|
|
*/
|
|
internal fun encrypt(plaintext: ByteArray, recipientHexEncodedX25519PublicKey: String): ByteArray {
|
|
val userED25519KeyPair = MessagingModuleConfiguration.shared.getUserED25519KeyPair() ?: throw Error.NoUserED25519KeyPair
|
|
val recipientX25519PublicKey = Hex.fromStringCondensed(recipientHexEncodedX25519PublicKey.removingIdPrefixIfNeeded())
|
|
|
|
val verificationData = plaintext + userED25519KeyPair.publicKey.asBytes + recipientX25519PublicKey
|
|
val signature = ByteArray(Sign.BYTES)
|
|
try {
|
|
sodium.cryptoSignDetached(signature, verificationData, verificationData.size.toLong(), userED25519KeyPair.secretKey.asBytes)
|
|
} catch (exception: Exception) {
|
|
Log.d("Loki", "Couldn't sign message due to error: $exception.")
|
|
throw Error.SigningFailed
|
|
}
|
|
val plaintextWithMetadata = plaintext + userED25519KeyPair.publicKey.asBytes + signature
|
|
val ciphertext = ByteArray(plaintextWithMetadata.size + Box.SEALBYTES)
|
|
try {
|
|
sodium.cryptoBoxSeal(ciphertext, plaintextWithMetadata, plaintextWithMetadata.size.toLong(), recipientX25519PublicKey)
|
|
} catch (exception: Exception) {
|
|
Log.d("Loki", "Couldn't encrypt message due to error: $exception.")
|
|
throw Error.EncryptionFailed
|
|
}
|
|
|
|
return ciphertext
|
|
}
|
|
|
|
internal fun encryptBlinded(
|
|
plaintext: ByteArray,
|
|
recipientBlindedId: String,
|
|
serverPublicKey: String
|
|
): ByteArray {
|
|
if (IdPrefix.fromValue(recipientBlindedId) != IdPrefix.BLINDED) throw Error.SigningFailed
|
|
val userEdKeyPair =
|
|
MessagingModuleConfiguration.shared.getUserED25519KeyPair() ?: throw Error.NoUserED25519KeyPair
|
|
val blindedKeyPair = SodiumUtilities.blindedKeyPair(serverPublicKey, userEdKeyPair) ?: throw Error.SigningFailed
|
|
val recipientBlindedPublicKey = Hex.fromStringCondensed(recipientBlindedId.removingIdPrefixIfNeeded())
|
|
|
|
// Calculate the shared encryption key, sending from A to B
|
|
val encryptionKey = SodiumUtilities.sharedBlindedEncryptionKey(
|
|
userEdKeyPair.secretKey.asBytes,
|
|
recipientBlindedPublicKey,
|
|
blindedKeyPair.publicKey.asBytes,
|
|
recipientBlindedPublicKey
|
|
) ?: throw Error.SigningFailed
|
|
|
|
// Inner data: msg || A (i.e. the sender's ed25519 master pubkey, *not* kA blinded pubkey)
|
|
val message = plaintext + userEdKeyPair.publicKey.asBytes
|
|
|
|
// Encrypt using xchacha20-poly1305
|
|
val nonce = sodium.nonce(24)
|
|
val ciphertext = SodiumUtilities.encrypt(message, encryptionKey, nonce) ?: throw Error.EncryptionFailed
|
|
// data = b'\x00' + ciphertext + nonce
|
|
return byteArrayOf(0.toByte()) + ciphertext + nonce
|
|
}
|
|
|
|
} |