From d8e1df9233d4caf39ef6e31cb532036e810f5679 Mon Sep 17 00:00:00 2001 From: Moxie Marlinspike Date: Mon, 17 Feb 2014 12:41:06 -0800 Subject: [PATCH] Check prekey identity on mismatched devices too. --- .../thoughtcrime/securesms/transport/PushTransport.java | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/org/thoughtcrime/securesms/transport/PushTransport.java b/src/org/thoughtcrime/securesms/transport/PushTransport.java index 8312d07330..3744ed4108 100644 --- a/src/org/thoughtcrime/securesms/transport/PushTransport.java +++ b/src/org/thoughtcrime/securesms/transport/PushTransport.java @@ -189,7 +189,7 @@ public class PushTransport extends BaseTransport { private void handleMismatchedDevices(PushServiceSocket socket, long threadId, Recipient recipient, MismatchedDevices mismatchedDevices) - throws InvalidNumberException, IOException + throws InvalidNumberException, IOException, UntrustedIdentityException { try { String e164number = Util.canonicalizeNumber(context, recipient.getNumber()); @@ -205,7 +205,11 @@ public class PushTransport extends BaseTransport { PreKeyEntity preKey = socket.getPreKey(address); KeyExchangeProcessorV2 processor = new KeyExchangeProcessorV2(context, masterSecret, address); - processor.processKeyExchangeMessage(preKey, threadId); + if (processor.isTrusted(preKey)) { + processor.processKeyExchangeMessage(preKey, threadId); + } else { + throw new UntrustedIdentityException("Untrusted identity key!", e164number, preKey.getIdentityKey()); + } } } catch (InvalidKeyException e) { throw new IOException(e);