session-android/src/org/thoughtcrime/securesms/database/IdentityDatabase.java

/**
 * Copyright (C) 2011 Whisper Systems
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
package org.thoughtcrime.securesms.database;

import android.content.ContentValues;
import android.content.Context;
import android.database.Cursor;
import android.database.sqlite.SQLiteDatabase;
import android.database.sqlite.SQLiteOpenHelper;
import android.net.Uri;
import android.util.Log;

import org.thoughtcrime.securesms.recipients.Recipient;
import org.thoughtcrime.securesms.recipients.RecipientFactory;
import org.thoughtcrime.securesms.recipients.Recipients;
import org.whispersystems.textsecure.crypto.IdentityKey;
import org.whispersystems.textsecure.crypto.InvalidKeyException;
import org.whispersystems.textsecure.crypto.MasterCipher;
import org.whispersystems.textsecure.crypto.MasterSecret;
import org.whispersystems.textsecure.crypto.ecc.Curve;
import org.whispersystems.textsecure.util.Base64;

import java.io.IOException;

public class IdentityDatabase extends Database {

  private static final Uri CHANGE_URI = Uri.parse("content://textsecure/identities");

  private static final String TABLE_NAME    = "identities";
  private static final String ID            = "_id";
  public  static final String RECIPIENT     = "recipient";
  public  static final String IDENTITY_KEY  = "key";
  public  static final String MAC           = "mac";

  public static final String CREATE_TABLE = "CREATE TABLE " + TABLE_NAME +
      " (" + ID + " INTEGER PRIMARY KEY, " +
      RECIPIENT + " INTEGER UNIQUE, " +
      IDENTITY_KEY + " TEXT, " +
      MAC + " TEXT);";

  public IdentityDatabase(Context context, SQLiteOpenHelper databaseHelper) {
    super(context, databaseHelper);
  }

  public Cursor getIdentities() {
    SQLiteDatabase database = databaseHelper.getReadableDatabase();
    Cursor cursor           = database.query(TABLE_NAME, null, null, null, null, null, null);

    if (cursor != null)
      cursor.setNotificationUri(context.getContentResolver(), CHANGE_URI);

    return cursor;
  }

  public boolean isValidIdentity(MasterSecret masterSecret,
                                 Recipient recipient,
                                 IdentityKey theirIdentity)
  {
    SQLiteDatabase database   = databaseHelper.getReadableDatabase();
    String number             = recipient.getNumber();
    long recipientId          = DatabaseFactory.getAddressDatabase(context).getCanonicalAddress(number);
    MasterCipher masterCipher = new MasterCipher(masterSecret);
    Cursor cursor             = null;

    try {
      cursor = database.query(TABLE_NAME, null, RECIPIENT + " = ?",
                              new String[] {recipientId+""}, null, null,null);

      if (cursor != null && cursor.moveToFirst()) {
        String serializedIdentity = cursor.getString(cursor.getColumnIndexOrThrow(IDENTITY_KEY));
        String mac                = cursor.getString(cursor.getColumnIndexOrThrow(MAC));

        if (!masterCipher.verifyMacFor(recipientId + serializedIdentity, Base64.decode(mac))) {
          Log.w("IdentityDatabase", "MAC failed");
          return false;
        }

        IdentityKey ourIdentity = new IdentityKey(Base64.decode(serializedIdentity), 0);

        if (theirIdentity.getPublicKey().getType() == Curve.DJB_TYPE &&
            ourIdentity.getPublicKey().getType() == Curve.NIST_TYPE)
        {
          return true;
        }

        return ourIdentity.equals(theirIdentity);
      } else {
        return true;
      }
    } catch (IOException e) {
      Log.w("IdentityDatabase", e);
      return false;
    } catch (InvalidKeyException e) {
      Log.w("IdentityDatabase", e);
      return false;
    } finally {
      if (cursor != null) {
        cursor.close();
      }
    }
  }

  public void saveIdentity(MasterSecret masterSecret, Recipient recipient, IdentityKey identityKey)
  {
    SQLiteDatabase database   = databaseHelper.getWritableDatabase();
    String number             = recipient.getNumber();
    long recipientId          = DatabaseFactory.getAddressDatabase(context).getCanonicalAddress(number);
    MasterCipher masterCipher = new MasterCipher(masterSecret);
    String identityKeyString  = Base64.encodeBytes(identityKey.serialize());
    String macString          = Base64.encodeBytes(masterCipher.getMacFor(recipientId +
                                                                              identityKeyString));

    ContentValues contentValues = new ContentValues();
    contentValues.put(RECIPIENT, recipientId);
    contentValues.put(IDENTITY_KEY, identityKeyString);
    contentValues.put(MAC, macString);

    database.replace(TABLE_NAME, null, contentValues);

    context.getContentResolver().notifyChange(CHANGE_URI, null);
  }

  public void deleteIdentity(long id) {
    SQLiteDatabase database = databaseHelper.getWritableDatabase();
    database.delete(TABLE_NAME, ID_WHERE, new String[] {id+""});

    context.getContentResolver().notifyChange(CHANGE_URI, null);
  }

  public Reader readerFor(MasterSecret masterSecret, Cursor cursor) {
    return new Reader(masterSecret, cursor);
  }

  public class Reader {
    private final Cursor cursor;
    private final MasterCipher cipher;

    public Reader(MasterSecret masterSecret, Cursor cursor) {
      this.cursor = cursor;
      this.cipher = new MasterCipher(masterSecret);
    }

    public Identity getCurrent() {
      long recipientId      = cursor.getLong(cursor.getColumnIndexOrThrow(RECIPIENT));
      Recipients recipients = RecipientFactory.getRecipientsForIds(context, recipientId + "", true);

      try {
        String identityKeyString = cursor.getString(cursor.getColumnIndexOrThrow(IDENTITY_KEY));
        String mac               = cursor.getString(cursor.getColumnIndexOrThrow(MAC));

        if (!cipher.verifyMacFor(recipientId + identityKeyString, Base64.decode(mac))) {
          return new Identity(recipients, null);
        }

        IdentityKey identityKey = new IdentityKey(Base64.decode(identityKeyString), 0);
        return new Identity(recipients, identityKey);
      } catch (IOException e) {
        Log.w("IdentityDatabase", e);
        return new Identity(recipients, null);
      } catch (InvalidKeyException e) {
        Log.w("IdentityDatabase", e);
        return new Identity(recipients, null);
      }
    }
  }

  public class Identity {
    private final Recipients  recipients;
    private final IdentityKey identityKey;

    public Identity(Recipients recipients, IdentityKey identityKey) {
      this.recipients  = recipients;
      this.identityKey = identityKey;
    }

    public Recipients getRecipients() {
      return recipients;
    }

    public IdentityKey getIdentityKey() {
      return identityKey;
    }
  }

}
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00			`/**`
Initial Project Import 2011-12-20 18:20:44 +00:00			`* Copyright (C) 2011 Whisper Systems`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00			`*`
Initial Project Import 2011-12-20 18:20:44 +00:00			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation, either version 3 of the License, or`
			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00			`*`
Initial Project Import 2011-12-20 18:20:44 +00:00			`* You should have received a copy of the GNU General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*/`
			`package org.thoughtcrime.securesms.database;`

			`import android.content.ContentValues;`
			`import android.content.Context;`
			`import android.database.Cursor;`
			`import android.database.sqlite.SQLiteDatabase;`
			`import android.database.sqlite.SQLiteOpenHelper;`
			`import android.net.Uri;`
			`import android.util.Log;`

Migrate to Curve25519. 1) Generate a Curve25519 identity key. 2) Use Curve25519 ephemerals and identities for v2 3DHE agreements. 3) Initiate v2 key exchange messages. 4) Accept v1 key exchange messages. 5) TOFU Curve25519 identities. 2013-11-10 12:15:29 +00:00			`import org.thoughtcrime.securesms.recipients.Recipient;`
			`import org.thoughtcrime.securesms.recipients.RecipientFactory;`
			`import org.thoughtcrime.securesms.recipients.Recipients;`
Move common crypto classes into TextSecureLibrary. 1) Move all the crypto classes from securesms.crypto. 2) Move all the crypto storage from securesms.database.keys 3) Replace the old imported BC code with spongycastle. 2013-08-18 01:37:18 +00:00			`import org.whispersystems.textsecure.crypto.IdentityKey;`
			`import org.whispersystems.textsecure.crypto.InvalidKeyException;`
			`import org.whispersystems.textsecure.crypto.MasterCipher;`
			`import org.whispersystems.textsecure.crypto.MasterSecret;`
Migrate to Curve25519. 1) Generate a Curve25519 identity key. 2) Use Curve25519 ephemerals and identities for v2 3DHE agreements. 3) Initiate v2 key exchange messages. 4) Accept v1 key exchange messages. 5) TOFU Curve25519 identities. 2013-11-10 12:15:29 +00:00			`import org.whispersystems.textsecure.crypto.ecc.Curve;`
Move most of Util into library 2013-07-10 02:48:33 +00:00			`import org.whispersystems.textsecure.util.Base64;`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
			`import java.io.IOException;`

Initial Project Import 2011-12-20 18:20:44 +00:00			`public class IdentityDatabase extends Database {`

			`private static final Uri CHANGE_URI = Uri.parse("content://textsecure/identities");`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
			`private static final String TABLE_NAME = "identities";`
Initial Project Import 2011-12-20 18:20:44 +00:00			`private static final String ID = "_id";`
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`public static final String RECIPIENT = "recipient";`
Initial Project Import 2011-12-20 18:20:44 +00:00			`public static final String IDENTITY_KEY = "key";`
			`public static final String MAC = "mac";`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`public static final String CREATE_TABLE = "CREATE TABLE " + TABLE_NAME +`
			`" (" + ID + " INTEGER PRIMARY KEY, " +`
			`RECIPIENT + " INTEGER UNIQUE, " +`
			`IDENTITY_KEY + " TEXT, " +`
			`MAC + " TEXT);";`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Initial Project Import 2011-12-20 18:20:44 +00:00			`public IdentityDatabase(Context context, SQLiteOpenHelper databaseHelper) {`
			`super(context, databaseHelper);`
			`}`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Initial Project Import 2011-12-20 18:20:44 +00:00			`public Cursor getIdentities() {`
			`SQLiteDatabase database = databaseHelper.getReadableDatabase();`
			`Cursor cursor = database.query(TABLE_NAME, null, null, null, null, null, null);`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Initial Project Import 2011-12-20 18:20:44 +00:00			`if (cursor != null)`
			`cursor.setNotificationUri(context.getContentResolver(), CHANGE_URI);`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Initial Project Import 2011-12-20 18:20:44 +00:00			`return cursor;`
			`}`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`public boolean isValidIdentity(MasterSecret masterSecret,`
			`Recipient recipient,`
			`IdentityKey theirIdentity)`
			`{`
Initial Project Import 2011-12-20 18:20:44 +00:00			`SQLiteDatabase database = databaseHelper.getReadableDatabase();`
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`String number = recipient.getNumber();`
			`long recipientId = DatabaseFactory.getAddressDatabase(context).getCanonicalAddress(number);`
			`MasterCipher masterCipher = new MasterCipher(masterSecret);`
Initial Project Import 2011-12-20 18:20:44 +00:00			`Cursor cursor = null;`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Initial Project Import 2011-12-20 18:20:44 +00:00			`try {`
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`cursor = database.query(TABLE_NAME, null, RECIPIENT + " = ?",`
			`new String[] {recipientId+""}, null, null,null);`

			`if (cursor != null && cursor.moveToFirst()) {`
			`String serializedIdentity = cursor.getString(cursor.getColumnIndexOrThrow(IDENTITY_KEY));`
			`String mac = cursor.getString(cursor.getColumnIndexOrThrow(MAC));`

			`if (!masterCipher.verifyMacFor(recipientId + serializedIdentity, Base64.decode(mac))) {`
			`Log.w("IdentityDatabase", "MAC failed");`
			`return false;`
			`}`

			`IdentityKey ourIdentity = new IdentityKey(Base64.decode(serializedIdentity), 0);`
Migrate to Curve25519. 1) Generate a Curve25519 identity key. 2) Use Curve25519 ephemerals and identities for v2 3DHE agreements. 3) Initiate v2 key exchange messages. 4) Accept v1 key exchange messages. 5) TOFU Curve25519 identities. 2013-11-10 12:15:29 +00:00
			`if (theirIdentity.getPublicKey().getType() == Curve.DJB_TYPE &&`
			`ourIdentity.getPublicKey().getType() == Curve.NIST_TYPE)`
			`{`
			`return true;`
			`}`

Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`return ourIdentity.equals(theirIdentity);`
			`} else {`
			`return true;`
Initial Project Import 2011-12-20 18:20:44 +00:00			`}`
			`} catch (IOException e) {`
			`Log.w("IdentityDatabase", e);`
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`return false;`
			`} catch (InvalidKeyException e) {`
			`Log.w("IdentityDatabase", e);`
			`return false;`
Initial Project Import 2011-12-20 18:20:44 +00:00			`} finally {`
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`if (cursor != null) {`
Initial Project Import 2011-12-20 18:20:44 +00:00			`cursor.close();`
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`}`
Initial Project Import 2011-12-20 18:20:44 +00:00			`}`
			`}`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`public void saveIdentity(MasterSecret masterSecret, Recipient recipient, IdentityKey identityKey)`
			`{`
Initial Project Import 2011-12-20 18:20:44 +00:00			`SQLiteDatabase database = databaseHelper.getWritableDatabase();`
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`String number = recipient.getNumber();`
			`long recipientId = DatabaseFactory.getAddressDatabase(context).getCanonicalAddress(number);`
Initial Project Import 2011-12-20 18:20:44 +00:00			`MasterCipher masterCipher = new MasterCipher(masterSecret);`
			`String identityKeyString = Base64.encodeBytes(identityKey.serialize());`
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`String macString = Base64.encodeBytes(masterCipher.getMacFor(recipientId +`
			`identityKeyString));`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Initial Project Import 2011-12-20 18:20:44 +00:00			`ContentValues contentValues = new ContentValues();`
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`contentValues.put(RECIPIENT, recipientId);`
Initial Project Import 2011-12-20 18:20:44 +00:00			`contentValues.put(IDENTITY_KEY, identityKeyString);`
			`contentValues.put(MAC, macString);`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`database.replace(TABLE_NAME, null, contentValues);`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Initial Project Import 2011-12-20 18:20:44 +00:00			`context.getContentResolver().notifyChange(CHANGE_URI, null);`
			`}`

Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`public void deleteIdentity(long id) {`
Initial Project Import 2011-12-20 18:20:44 +00:00			`SQLiteDatabase database = databaseHelper.getWritableDatabase();`
Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`database.delete(TABLE_NAME, ID_WHERE, new String[] {id+""});`
Fix for NPE during a secure session with no sender identity key. 2012-08-08 02:03:00 +00:00
Initial Project Import 2011-12-20 18:20:44 +00:00			`context.getContentResolver().notifyChange(CHANGE_URI, null);`
			`}`

Switch to a more heavily TOFU model for identity keys. 1) There is no longer a concept of "verified" or "unverified." Only "what we saw last time" and "different from last time." 2) Let's eliminate "verify session," since we're all about identity keys now. 3) Mark manually processed key exchanges as processed. 2013-05-23 23:36:24 +00:00			`public Reader readerFor(MasterSecret masterSecret, Cursor cursor) {`
			`return new Reader(masterSecret, cursor);`
			`}`

			`public class Reader {`
			`private final Cursor cursor;`
			`private final MasterCipher cipher;`

			`public Reader(MasterSecret masterSecret, Cursor cursor) {`
			`this.cursor = cursor;`
			`this.cipher = new MasterCipher(masterSecret);`
			`}`

			`public Identity getCurrent() {`
			`long recipientId = cursor.getLong(cursor.getColumnIndexOrThrow(RECIPIENT));`
			`Recipients recipients = RecipientFactory.getRecipientsForIds(context, recipientId + "", true);`

			`try {`
			`String identityKeyString = cursor.getString(cursor.getColumnIndexOrThrow(IDENTITY_KEY));`
			`String mac = cursor.getString(cursor.getColumnIndexOrThrow(MAC));`

			`if (!cipher.verifyMacFor(recipientId + identityKeyString, Base64.decode(mac))) {`
			`return new Identity(recipients, null);`
			`}`

			`IdentityKey identityKey = new IdentityKey(Base64.decode(identityKeyString), 0);`
			`return new Identity(recipients, identityKey);`
			`} catch (IOException e) {`
			`Log.w("IdentityDatabase", e);`
			`return new Identity(recipients, null);`
			`} catch (InvalidKeyException e) {`
			`Log.w("IdentityDatabase", e);`
			`return new Identity(recipients, null);`
			`}`
			`}`
			`}`

			`public class Identity {`
			`private final Recipients recipients;`
			`private final IdentityKey identityKey;`

			`public Identity(Recipients recipients, IdentityKey identityKey) {`
			`this.recipients = recipients;`
			`this.identityKey = identityKey;`
			`}`

			`public Recipients getRecipients() {`
			`return recipients;`
			`}`

			`public IdentityKey getIdentityKey() {`
			`return identityKey;`
			`}`
			`}`

Initial Project Import 2011-12-20 18:20:44 +00:00			`}`