Migrate to Curve25519.

1) Generate a Curve25519 identity key. 2) Use Curve25519 ephemerals and identities for v2 3DHE agreements. 3) Initiate v2 key exchange messages. 4) Accept v1 key exchange messages. 5) TOFU Curve25519 identities.
2025-10-26 03:11:36 +00:00 · 2013-11-10 04:15:29 -08:00
parent a03fff8b24
commit c38a8aa699
57 changed files with 2197 additions and 498 deletions
--- a/src/org/thoughtcrime/securesms/transport/MmsTransport.java
+++ b/src/org/thoughtcrime/securesms/transport/MmsTransport.java
@@ -1,3 +1,20 @@
+/**
+ * Copyright (C) 2013 Open Whisper Systems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
 package org.thoughtcrime.securesms.transport;

 import android.content.Context;
@@ -16,6 +33,8 @@ import org.thoughtcrime.securesms.mms.MmsSendHelper;
 import org.thoughtcrime.securesms.mms.TextTransport;
 import org.thoughtcrime.securesms.protocol.WirePrefix;
 import org.thoughtcrime.securesms.recipients.Recipient;
+import org.whispersystems.textsecure.crypto.ecc.Curve;
+import org.whispersystems.textsecure.crypto.ecc.ECPublicKey;
 import org.whispersystems.textsecure.crypto.protocol.CiphertextMessage;
 import org.whispersystems.textsecure.util.Hex;

@@ -138,7 +157,7 @@ public class MmsTransport {
  private byte[] getEncryptedPdu(MasterSecret masterSecret, String recipientString, byte[] pduBytes) {
    TextTransport     transportDetails  = new TextTransport();
    Recipient         recipient         = new Recipient(null, recipientString, null, null);
-    IdentityKeyPair   identityKey       = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret);
+    IdentityKeyPair   identityKey       = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret, Curve.DJB_TYPE);
    MessageCipher     messageCipher     = new MessageCipher(context, masterSecret, identityKey);
    CiphertextMessage ciphertextMessage = messageCipher.encrypt(recipient, pduBytes);

--- a/src/org/thoughtcrime/securesms/transport/PushTransport.java
+++ b/src/org/thoughtcrime/securesms/transport/PushTransport.java
@@ -1,3 +1,20 @@
+/**
+ * Copyright (C) 2013 Open Whisper Systems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
 package org.thoughtcrime.securesms.transport;

 import android.content.Context;
@@ -21,6 +38,7 @@ import org.whispersystems.textsecure.crypto.IdentityKeyPair;
 import org.whispersystems.textsecure.crypto.KeyUtil;
 import org.whispersystems.textsecure.crypto.MasterSecret;
 import org.whispersystems.textsecure.crypto.MessageCipher;
+import org.whispersystems.textsecure.crypto.ecc.Curve;
 import org.whispersystems.textsecure.crypto.protocol.CiphertextMessage;
 import org.whispersystems.textsecure.crypto.protocol.PreKeyBundleMessage;
 import org.whispersystems.textsecure.push.OutgoingPushMessage;
@@ -162,7 +180,7 @@ public class PushTransport extends BaseTransport {
  private byte[] getEncryptedPrekeyBundleMessageForExistingSession(Recipient recipient,
                                                                   byte[] plaintext)
  {
-    IdentityKeyPair     identityKeyPair     = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret);
+    IdentityKeyPair     identityKeyPair     = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret, Curve.DJB_TYPE);
    IdentityKey         identityKey         = identityKeyPair.getPublicKey();
    MessageCipher       messageCipher       = new MessageCipher(context, masterSecret, identityKeyPair);
    CiphertextMessage   ciphertextMessage   = messageCipher.encrypt(recipient, plaintext);
@@ -177,7 +195,7 @@ public class PushTransport extends BaseTransport {
                                                              byte[] plaintext)
      throws IOException
  {
-    IdentityKeyPair      identityKeyPair = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret);
+    IdentityKeyPair      identityKeyPair = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret, Curve.DJB_TYPE);
    IdentityKey          identityKey     = identityKeyPair.getPublicKey();
    PreKeyEntity         preKey          = socket.getPreKey(pushDestination);
    KeyExchangeProcessor processor       = new KeyExchangeProcessor(context, masterSecret, recipient);
@@ -194,7 +212,7 @@ public class PushTransport extends BaseTransport {
  private byte[] getEncryptedMessageForExistingSession(Recipient recipient, byte[] plaintext)
      throws IOException
  {
-    IdentityKeyPair   identityKeyPair   = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret);
+    IdentityKeyPair   identityKeyPair   = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret, Curve.DJB_TYPE);
    MessageCipher     messageCipher     = new MessageCipher(context, masterSecret, identityKeyPair);
    CiphertextMessage ciphertextMessage = messageCipher.encrypt(recipient, plaintext);

--- a/src/org/thoughtcrime/securesms/transport/SmsTransport.java
+++ b/src/org/thoughtcrime/securesms/transport/SmsTransport.java
@@ -1,3 +1,20 @@
+/**
+ * Copyright (C) 2013 Open Whisper Systems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
 package org.thoughtcrime.securesms.transport;

 import android.app.PendingIntent;
@@ -19,6 +36,8 @@ import org.whispersystems.textsecure.crypto.IdentityKeyPair;
 import org.whispersystems.textsecure.crypto.KeyUtil;
 import org.whispersystems.textsecure.crypto.MasterSecret;
 import org.whispersystems.textsecure.crypto.MessageCipher;
+import org.whispersystems.textsecure.crypto.ecc.Curve;
+import org.whispersystems.textsecure.crypto.ecc.ECPublicKey;
 import org.whispersystems.textsecure.crypto.protocol.CiphertextMessage;
 import org.whispersystems.textsecure.crypto.protocol.PreKeyBundleMessage;

@@ -116,7 +135,7 @@ public class SmsTransport extends BaseTransport {
  private ArrayList<PendingIntent> constructSentIntents(long messageId, long type, ArrayList<String> messages) {
    ArrayList<PendingIntent> sentIntents = new ArrayList<PendingIntent>(messages.size());

-    for (String message : messages) {
+    for (String ignored : messages) {
      sentIntents.add(PendingIntent.getBroadcast(context, 0,
                                                 constructSentIntent(context, messageId, type),
                                                 0));
@@ -132,7 +151,7 @@ public class SmsTransport extends BaseTransport {

    ArrayList<PendingIntent> deliveredIntents = new ArrayList<PendingIntent>(messages.size());

-    for (String message : messages) {
+    for (String ignored : messages) {
      deliveredIntents.add(PendingIntent.getBroadcast(context, 0,
                                                      constructDeliveredIntent(context, messageId, type),
                                                      0));
@@ -146,7 +165,9 @@ public class SmsTransport extends BaseTransport {
  {
    Recipient           recipient        = message.getRecipients().getPrimaryRecipient();
    String              body             = message.getMessageBody();
-    IdentityKeyPair     identityKey      = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret);
+    IdentityKeyPair     identityKey      = IdentityKeyUtil.getIdentityKeyPair(context, masterSecret,
+                                                                              Curve.DJB_TYPE);
+
    SmsTransportDetails transportDetails = new SmsTransportDetails();

    if (KeyUtil.isNonPrekeySessionFor(context, masterSecret, recipient)) {