mirror of
https://github.com/oxen-io/session-android.git
synced 2025-08-21 12:27:38 +00:00
Curve25519 keys to 1 mod 8 for ephemerals.
This commit is contained in:
Moxie Marlinspike
@@ -93,7 +93,7 @@ public class AsymmetricMasterCipher {
|
||||
theirPublic = asymmetricMasterSecret.getNistPublicKey();
|
||||
}
|
||||
|
||||
ECKeyPair ourKeyPair = Curve.generateKeyPairForType(theirPublic.getType());
|
||||
ECKeyPair ourKeyPair = Curve.generateKeyPairForType(theirPublic.getType(), true);
|
||||
byte[] secret = Curve.calculateAgreement(theirPublic, ourKeyPair.getPrivateKey());
|
||||
MasterCipher masterCipher = getMasterCipherForSecret(secret);
|
||||
byte[] encryptedBodyBytes = masterCipher.encryptBytes(body.getBytes());
|
||||
|
||||
@@ -135,8 +135,8 @@ public class IdentityKeyUtil {
|
||||
}
|
||||
|
||||
public static void generateIdentityKeys(Context context, MasterSecret masterSecret) {
|
||||
ECKeyPair nistKeyPair = Curve.generateKeyPairForType(Curve.NIST_TYPE);
|
||||
ECKeyPair djbKeyPair = Curve.generateKeyPairForType(Curve.DJB_TYPE);
|
||||
ECKeyPair nistKeyPair = Curve.generateKeyPairForType(Curve.NIST_TYPE, false);
|
||||
ECKeyPair djbKeyPair = Curve.generateKeyPairForType(Curve.DJB_TYPE, false);
|
||||
|
||||
MasterCipher masterCipher = new MasterCipher(masterSecret);
|
||||
IdentityKey nistIdentityKey = new IdentityKey(nistKeyPair.getPublicKey());
|
||||
@@ -160,7 +160,7 @@ public class IdentityKeyUtil {
|
||||
|
||||
public static void generateCurve25519IdentityKeys(Context context, MasterSecret masterSecret) {
|
||||
MasterCipher masterCipher = new MasterCipher(masterSecret);
|
||||
ECKeyPair djbKeyPair = Curve.generateKeyPairForType(Curve.DJB_TYPE);
|
||||
ECKeyPair djbKeyPair = Curve.generateKeyPairForType(Curve.DJB_TYPE, false);
|
||||
IdentityKey djbIdentityKey = new IdentityKey(djbKeyPair.getPublicKey());
|
||||
byte[] djbPrivateKey = masterCipher.encryptKey(djbKeyPair.getPrivateKey());
|
||||
|
||||
|
||||
@@ -62,8 +62,8 @@ public class KeyExchangeInitiator {
|
||||
private static void initiateKeyExchange(Context context, MasterSecret masterSecret, Recipient recipient) {
|
||||
int sequence = getRandomSequence();
|
||||
int flags = KeyExchangeMessageV2.INITIATE_FLAG;
|
||||
ECKeyPair baseKey = Curve.generateKeyPairForSession(CiphertextMessage.CURRENT_VERSION);
|
||||
ECKeyPair ephemeralKey = Curve.generateKeyPairForSession(CiphertextMessage.CURRENT_VERSION);
|
||||
ECKeyPair baseKey = Curve.generateKeyPairForSession(CiphertextMessage.CURRENT_VERSION, true);
|
||||
ECKeyPair ephemeralKey = Curve.generateKeyPairForSession(CiphertextMessage.CURRENT_VERSION, true);
|
||||
IdentityKeyPair identityKey = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret, Curve.DJB_TYPE);
|
||||
|
||||
KeyExchangeMessageV2 message = new KeyExchangeMessageV2(sequence, flags,
|
||||
|
||||
@@ -136,8 +136,8 @@ public class KeyExchangeProcessorV1 extends KeyExchangeProcessor {
|
||||
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
|
||||
int initialId = secureRandom.nextInt(4094) + 1;
|
||||
|
||||
KeyPair currentPair = new KeyPair(initialId, Curve.generateKeyPairForSession(1), masterSecret);
|
||||
KeyPair nextPair = new KeyPair(initialId + 1, Curve.generateKeyPairForSession(1), masterSecret);
|
||||
KeyPair currentPair = new KeyPair(initialId, Curve.generateKeyPairForSession(1, true), masterSecret);
|
||||
KeyPair nextPair = new KeyPair(initialId + 1, Curve.generateKeyPairForSession(1, true), masterSecret);
|
||||
LocalKeyRecord record = new LocalKeyRecord(context, masterSecret, recipient);
|
||||
|
||||
record.setCurrentKeyPair(currentPair);
|
||||
|
||||
@@ -131,8 +131,8 @@ public class KeyExchangeProcessorV2 extends KeyExchangeProcessor {
|
||||
public void processKeyExchangeMessage(PreKeyEntity message, long threadId)
|
||||
throws InvalidKeyException
|
||||
{
|
||||
ECKeyPair ourBaseKey = Curve.generateKeyPairForSession(2);
|
||||
ECKeyPair ourEphemeralKey = Curve.generateKeyPairForSession(2);
|
||||
ECKeyPair ourBaseKey = Curve.generateKeyPairForSession(2, true);
|
||||
ECKeyPair ourEphemeralKey = Curve.generateKeyPairForSession(2, true);
|
||||
ECPublicKey theirBaseKey = message.getPublicKey();
|
||||
ECPublicKey theirEphemeralKey = theirBaseKey;
|
||||
IdentityKey theirIdentityKey = message.getIdentityKey();
|
||||
@@ -184,8 +184,8 @@ public class KeyExchangeProcessorV2 extends KeyExchangeProcessor {
|
||||
|
||||
if (!sessionRecord.getSessionState().hasPendingKeyExchange()) {
|
||||
Log.w("KeyExchangeProcessorV2", "We don't have a pending initiate...");
|
||||
ourBaseKey = Curve.generateKeyPairForType(message.getBaseKey().getType());
|
||||
ourEphemeralKey = Curve.generateKeyPairForType(message.getBaseKey().getType());
|
||||
ourBaseKey = Curve.generateKeyPairForType(message.getBaseKey().getType(), true);
|
||||
ourEphemeralKey = Curve.generateKeyPairForType(message.getBaseKey().getType(), true);
|
||||
ourIdentityKey = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret, message.getBaseKey().getType());
|
||||
|
||||
sessionRecord.getSessionState().setPendingKeyExchange(message.getSequence(), ourBaseKey,
|
||||
|
||||
@@ -160,7 +160,7 @@ public class MasterSecretUtil {
|
||||
MasterSecret masterSecret)
|
||||
{
|
||||
MasterCipher masterCipher = new MasterCipher(masterSecret);
|
||||
ECKeyPair keyPair = Curve.generateKeyPairForType(Curve.DJB_TYPE);
|
||||
ECKeyPair keyPair = Curve.generateKeyPairForType(Curve.DJB_TYPE, true);
|
||||
|
||||
save(context, ASYMMETRIC_LOCAL_PUBLIC_DJB, keyPair.getPublicKey().serialize());
|
||||
save(context, ASYMMETRIC_LOCAL_PRIVATE_DJB, masterCipher.encryptKey(keyPair.getPrivateKey()));
|
||||
|
||||
Reference in New Issue
Block a user