Check prekey identity on mismatched devices too.

This commit is contained in:
Moxie Marlinspike 2014-02-17 12:41:06 -08:00
parent 6b5753337c
commit d8e1df9233

View File

@ -189,7 +189,7 @@ public class PushTransport extends BaseTransport {
private void handleMismatchedDevices(PushServiceSocket socket, long threadId, private void handleMismatchedDevices(PushServiceSocket socket, long threadId,
Recipient recipient, Recipient recipient,
MismatchedDevices mismatchedDevices) MismatchedDevices mismatchedDevices)
throws InvalidNumberException, IOException throws InvalidNumberException, IOException, UntrustedIdentityException
{ {
try { try {
String e164number = Util.canonicalizeNumber(context, recipient.getNumber()); String e164number = Util.canonicalizeNumber(context, recipient.getNumber());
@ -205,7 +205,11 @@ public class PushTransport extends BaseTransport {
PreKeyEntity preKey = socket.getPreKey(address); PreKeyEntity preKey = socket.getPreKey(address);
KeyExchangeProcessorV2 processor = new KeyExchangeProcessorV2(context, masterSecret, address); KeyExchangeProcessorV2 processor = new KeyExchangeProcessorV2(context, masterSecret, address);
processor.processKeyExchangeMessage(preKey, threadId); if (processor.isTrusted(preKey)) {
processor.processKeyExchangeMessage(preKey, threadId);
} else {
throw new UntrustedIdentityException("Untrusted identity key!", e164number, preKey.getIdentityKey());
}
} }
} catch (InvalidKeyException e) { } catch (InvalidKeyException e) {
throw new IOException(e); throw new IOException(e);