Move to Signal Protocol written in Rust.

Co-authored-by: Alex Hart <alex@signal.org>

app/build.gradle

@@ -365,7 +365,8 @@ dependencies {
 
     implementation project(':libsignal-service')
     implementation 'org.signal:zkgroup-android:0.7.0'
-
+    implementation 'org.whispersystems:signal-client-android:0.1.4'
+    implementation 'com.google.protobuf:protobuf-javalite:3.10.0'
     implementation 'org.signal:argon2:13.1@aar'
 
     implementation 'org.signal:ringrtc-android:2.8.3'

app/src/main/java/org/thoughtcrime/securesms/contacts/sync/ContactDiscoveryV2.java

@@ -14,6 +14,7 @@
 import org.thoughtcrime.securesms.logging.Log;
 import org.thoughtcrime.securesms.push.IasTrustStore;
 import org.thoughtcrime.securesms.util.SetUtil;
+import org.whispersystems.libsignal.InvalidKeyException;
 import org.whispersystems.signalservice.api.SignalServiceAccountManager;
 import org.whispersystems.signalservice.api.push.TrustStore;
 import org.whispersystems.signalservice.internal.contacts.crypto.Quote;
@@ -69,7 +70,7 @@ static DirectoryResult getDirectoryResult(@NonNull Context context,
       FuzzyPhoneNumberHelper.OutputResultV2 outputResult = FuzzyPhoneNumberHelper.generateOutputV2(results, inputResult);
 
       return new DirectoryResult(outputResult.getNumbers(), outputResult.getRewrites(), ignoredNumbers);
-    } catch (SignatureException | UnauthenticatedQuoteException | UnauthenticatedResponseException | Quote.InvalidQuoteFormatException e) {
+    } catch (SignatureException | UnauthenticatedQuoteException | UnauthenticatedResponseException | Quote.InvalidQuoteFormatException |InvalidKeyException e) {
       Log.w(TAG, "Attestation error.", e);
       throw new IOException(e);
     }

app/src/main/java/org/thoughtcrime/securesms/lock/v2/ConfirmKbsPinRepository.java

@@ -9,6 +9,7 @@
 import org.thoughtcrime.securesms.logging.Log;
 import org.thoughtcrime.securesms.pin.PinState;
 import org.thoughtcrime.securesms.util.concurrent.SimpleTask;
+import org.whispersystems.libsignal.InvalidKeyException;
 import org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedResponseException;
 
 import java.io.IOException;
@@ -29,7 +30,7 @@ void setPin(@NonNull KbsPin kbsPin, @NonNull PinKeyboardType keyboard, @NonNull
         Log.i(TAG, "Pin set on KBS");
 
         return PinSetResult.SUCCESS;
-      } catch (IOException | UnauthenticatedResponseException e) {
+      } catch (IOException | UnauthenticatedResponseException | InvalidKeyException e) {
         Log.w(TAG, e);
         PinState.onPinCreateFailure();
         return PinSetResult.FAILURE;

app/src/main/java/org/thoughtcrime/securesms/migrations/RegistrationPinV2MigrationJob.java

@@ -15,6 +15,7 @@
 import org.thoughtcrime.securesms.logging.Log;
 import org.thoughtcrime.securesms.pin.PinState;
 import org.thoughtcrime.securesms.util.TextSecurePreferences;
+import org.whispersystems.libsignal.InvalidKeyException;
 import org.whispersystems.signalservice.api.KeyBackupService;
 import org.whispersystems.signalservice.api.KeyBackupServicePinException;
 import org.whispersystems.signalservice.api.KeyBackupSystemNoDataException;
@@ -60,7 +61,7 @@ private RegistrationPinV2MigrationJob(@NonNull Parameters parameters) {
   }
 
   @Override
-  protected void onRun() throws IOException, UnauthenticatedResponseException {
+  protected void onRun() throws IOException, UnauthenticatedResponseException, InvalidKeyException {
     if (!TextSecurePreferences.isV1RegistrationLockEnabled(context)) {
       Log.i(TAG, "Registration lock disabled");
       return;

app/src/main/java/org/thoughtcrime/securesms/pin/PinState.java

@@ -22,6 +22,7 @@
 import org.thoughtcrime.securesms.megaphone.Megaphones;
 import org.thoughtcrime.securesms.registration.service.KeyBackupSystemWrongPinException;
 import org.thoughtcrime.securesms.util.TextSecurePreferences;
+import org.whispersystems.libsignal.InvalidKeyException;
 import org.whispersystems.libsignal.util.guava.Optional;
 import org.whispersystems.signalservice.api.KbsPinData;
 import org.whispersystems.signalservice.api.KeyBackupService;
@@ -90,7 +91,7 @@ public final class PinState {
       }
 
       return kbsData;
-    } catch (UnauthenticatedResponseException e) {
+    } catch (UnauthenticatedResponseException | InvalidKeyException e) {
       Log.w(TAG, "Failed to restore key", e);
       throw new IOException(e);
     } catch (KeyBackupServicePinException e) {
@@ -170,7 +171,7 @@ public static synchronized void onPinRestoreForgottenOrSkipped() {
    */
   @WorkerThread
   public static synchronized void onPinChangedOrCreated(@NonNull Context context, @NonNull String pin, @NonNull PinKeyboardType keyboard)
-      throws IOException, UnauthenticatedResponseException
+      throws IOException, UnauthenticatedResponseException, InvalidKeyException
   {
     Log.i(TAG, "onPinChangedOrCreated()");
 
@@ -272,7 +273,7 @@ public static synchronized void onDisableRegistrationLockForUserWithPin() throws
    */
   @WorkerThread
   public static synchronized void onMigrateToRegistrationLockV2(@NonNull Context context, @NonNull String pin)
-      throws IOException, UnauthenticatedResponseException
+      throws IOException, UnauthenticatedResponseException, InvalidKeyException
   {
     Log.i(TAG, "onMigrateToRegistrationLockV2()");
 

app/src/main/java/org/thoughtcrime/securesms/service/webrtc/WebRtcUtil.java

@@ -14,7 +14,6 @@
 import org.thoughtcrime.securesms.webrtc.locks.LockManager;
 import org.whispersystems.libsignal.InvalidKeyException;
 import org.whispersystems.libsignal.ecc.Curve;
-import org.whispersystems.libsignal.ecc.DjbECPublicKey;
 import org.whispersystems.libsignal.ecc.ECPublicKey;
 import org.whispersystems.signalservice.api.messages.calls.OfferMessage;
 
@@ -27,11 +26,7 @@ private WebRtcUtil() {}
 
   public static @NonNull byte[] getPublicKeyBytes(@NonNull byte[] identityKey) throws InvalidKeyException {
     ECPublicKey key = Curve.decodePoint(identityKey, 0);
-
-    if (key instanceof DjbECPublicKey) {
-      return ((DjbECPublicKey) key).getPublicKey();
-    }
-    throw new InvalidKeyException();
+    return key.getPublicKeyBytes();
   }
 
   public static @NonNull LockManager.PhoneState getInCallPhoneState(@NonNull Context context) {

app/witness-verifications.gradle

@@ -420,6 +420,9 @@ dependencyVerification {
         ['org.apache.httpcomponents:httpclient-android:4.3.5',
          '6f56466a9bd0d42934b90bfbfe9977a8b654c058bf44a12bdc2877c4e1f033f1'],
 
+        ['org.aspectj:aspectjrt:1.9.4',
+         '4ff12340d4f1197b95fc9d53dd43b7ada6150426d685778979ceca4304361698'],
+
         ['org.conscrypt:conscrypt-android:2.0.0',
          '400ca559a49b860a82862b22cee0e3110764bdcf7ee7c79e7479895c25cdfc09'],
 
@@ -441,9 +444,6 @@ dependencyVerification {
         ['org.signal:ringrtc-android:2.8.3',
          '1cdc73ec34b11b9eeb0a650715e1095cade226736192c091991f31367245e37a'],
 
-        ['org.signal:signal-metadata-java:0.1.2',
-         '6aaeb6a33bf3161a3e6ac9db7678277f7a4cf5a2c96b84342e4007ee49bab1bd'],
-
         ['org.signal:zkgroup-android:0.7.0',
          '52b172565bd01526e93ebf1796b834bdc449d4fe3422c1b827e49cb8d4f13fbd'],
 
@@ -453,11 +453,11 @@ dependencyVerification {
         ['org.threeten:threetenbp:1.3.6',
          'f4c23ffaaed717c3b99c003e0ee02d6d66377fd47d866fec7d971bd8644fc1a7'],
 
-        ['org.whispersystems:curve25519-java:0.5.0',
-         '0aadd43cf01d11e9b58f867b3c4f25c3194e8b0623d1953d32dfbfbee009e38d'],
+        ['org.whispersystems:signal-client-android:0.1.4',
+         'a95f4d8125a22552da99b5db15589454789eee322e84d9ba613c258150366a64'],
 
-        ['org.whispersystems:signal-protocol-java:2.8.1',
-         'b19db36839ab008fdccefc7f8c005f2ea43dc7c7298a209bc424e6f9b6d5617b'],
+        ['org.whispersystems:signal-client-java:0.1.4',
+         '7d151220a203e43ecf419256eecb6309cc4c5644557beeb29f54ba34ee82645c'],
 
         ['pl.tajchert:waitingdots:0.1.0',
          '2835d49e0787dbcb606c5a60021ced66578503b1e9fddcd7a5ef0cd5f095ba2c'],

build.gradle

@@ -5,7 +5,7 @@ wrapper {
 subprojects {
     ext.lib_signal_service_version_number   = "2.15.3"
     ext.lib_signal_service_group_info       = "org.whispersystems"
-    ext.lib_signal_metadata_version         = "0.1.2"
+    ext.lib_signal_client_version           = "0.1.0"
 
     if (JavaVersion.current().isJava8Compatible()) {
         allprojects {

libsignal/service/build.gradle

@@ -32,7 +32,7 @@ dependencies {
     api 'com.googlecode.libphonenumber:libphonenumber:8.12.6'
     api 'com.fasterxml.jackson.core:jackson-databind:2.9.9.2'
 
-    api "org.signal:signal-metadata-java:${lib_signal_metadata_version}"
+    api 'org.whispersystems:signal-client-java:0.1.4'
     api 'com.squareup.okhttp3:okhttp:3.12.10'
     implementation 'org.threeten:threetenbp:1.3.6'
 

libsignal/service/src/main/java/org/whispersystems/signalservice/api/KeyBackupService.java

@@ -1,5 +1,6 @@
 package org.whispersystems.signalservice.api;
 
+import org.whispersystems.libsignal.InvalidKeyException;
 import org.whispersystems.libsignal.logging.Log;
 import org.whispersystems.signalservice.api.crypto.InvalidCiphertextException;
 import org.whispersystems.signalservice.api.kbs.HashedPin;
@@ -123,7 +124,7 @@ public byte[] hashSalt() {
 
     @Override
     public KbsPinData restorePin(HashedPin hashedPin)
-      throws UnauthenticatedResponseException, IOException, KeyBackupServicePinException, KeyBackupSystemNoDataException
+      throws UnauthenticatedResponseException, IOException, KeyBackupServicePinException, KeyBackupSystemNoDataException, InvalidKeyException
     {
       int           attempt = 0;
       SecureRandom  random  = new SecureRandom();
@@ -156,7 +157,7 @@ public KbsPinData restorePin(HashedPin hashedPin)
     }
 
     private KbsPinData restorePin(HashedPin hashedPin, TokenResponse token)
-      throws UnauthenticatedResponseException, IOException, TokenException, KeyBackupSystemNoDataException
+      throws UnauthenticatedResponseException, IOException, TokenException, KeyBackupSystemNoDataException, InvalidKeyException
     {
       try {
         final int               remainingTries    = token.getTries();
@@ -197,7 +198,7 @@ private KbsPinData restorePin(HashedPin hashedPin, TokenResponse token)
       }
     }
 
-    private RemoteAttestation getAndVerifyRemoteAttestation() throws UnauthenticatedResponseException, IOException {
+    private RemoteAttestation getAndVerifyRemoteAttestation() throws UnauthenticatedResponseException, IOException, InvalidKeyException {
       try {
         return RemoteAttestationUtil.getAndVerifyRemoteAttestation(pushServiceSocket, PushServiceSocket.ClientSet.KeyBackup, iasKeyStore, enclaveName, mrenclave, authorization);
       } catch (Quote.InvalidQuoteFormatException | UnauthenticatedQuoteException | InvalidCiphertextException | SignatureException e) {
@@ -226,7 +227,7 @@ public void removePin()
         KeyBackupResponse response          = pushServiceSocket.putKbsData(authorization, request, remoteAttestation.getCookies(), enclaveName);
 
         KeyBackupCipher.getKeyDeleteResponseStatus(response, remoteAttestation);
-      } catch (InvalidCiphertextException e) {
+      } catch (InvalidCiphertextException | InvalidKeyException e) {
         throw new UnauthenticatedResponseException(e);
       }
     }
@@ -261,7 +262,7 @@ private TokenResponse putKbsData(byte[] kbsAccessKey, byte[] kbsData, String enc
           default:
             throw new AssertionError("Unknown response status " + status);
         }
-      } catch (InvalidCiphertextException e) {
+      } catch (InvalidCiphertextException | InvalidKeyException e) {
         throw new UnauthenticatedResponseException(e);
       }
     }
@@ -275,7 +276,7 @@ public interface HashSession {
   public interface RestoreSession extends HashSession {
 
     KbsPinData restorePin(HashedPin hashedPin)
-      throws UnauthenticatedResponseException, IOException, KeyBackupServicePinException, KeyBackupSystemNoDataException;
+      throws UnauthenticatedResponseException, IOException, KeyBackupServicePinException, KeyBackupSystemNoDataException, InvalidKeyException;
   }
 
   public interface PinChangeSession extends HashSession {

libsignal/service/src/main/java/org/whispersystems/signalservice/api/SignalServiceAccountManager.java

@@ -366,7 +366,7 @@ public List<ContactTokenDetails> getContacts(Set<String> e164numbers)
   }
 
   public Map<String, UUID> getRegisteredUsers(KeyStore iasKeyStore, Set<String> e164numbers, String mrenclave)
-      throws IOException, Quote.InvalidQuoteFormatException, UnauthenticatedQuoteException, SignatureException, UnauthenticatedResponseException
+      throws IOException, Quote.InvalidQuoteFormatException, UnauthenticatedQuoteException, SignatureException, UnauthenticatedResponseException, InvalidKeyException
   {
     if (e164numbers.isEmpty()) {
       return Collections.emptyMap();

libsignal/service/src/main/java/org/whispersystems/signalservice/internal/contacts/crypto/RemoteAttestationKeys.java

@@ -1,8 +1,10 @@
 package org.whispersystems.signalservice.internal.contacts.crypto;
 
 
-import org.whispersystems.curve25519.Curve25519;
-import org.whispersystems.curve25519.Curve25519KeyPair;
+import org.whispersystems.libsignal.InvalidKeyException;
+import org.whispersystems.libsignal.ecc.Curve;
+import org.whispersystems.libsignal.ecc.ECKeyPair;
+import org.whispersystems.libsignal.ecc.ECPublicKey;
 import org.whispersystems.libsignal.kdf.HKDFv3;
 import org.whispersystems.libsignal.util.ByteUtil;
 
@@ -11,12 +13,12 @@ public class RemoteAttestationKeys {
   private final byte[] clientKey = new byte[32];
   private final byte[] serverKey = new byte[32];
 
-  public RemoteAttestationKeys(Curve25519KeyPair keyPair, byte[] serverPublicEphemeral, byte[] serverPublicStatic) {
-    byte[] ephemeralToEphemeral = Curve25519.getInstance(Curve25519.BEST).calculateAgreement(serverPublicEphemeral, keyPair.getPrivateKey());
-    byte[] ephemeralToStatic    = Curve25519.getInstance(Curve25519.BEST).calculateAgreement(serverPublicStatic, keyPair.getPrivateKey());
+  public RemoteAttestationKeys(ECKeyPair keyPair, byte[] serverPublicEphemeral, byte[] serverPublicStatic) throws InvalidKeyException {
+    byte[] ephemeralToEphemeral = Curve.calculateAgreement(ECPublicKey.fromPublicKeyBytes(serverPublicEphemeral), keyPair.getPrivateKey());
+    byte[] ephemeralToStatic    = Curve.calculateAgreement(ECPublicKey.fromPublicKeyBytes(serverPublicStatic), keyPair.getPrivateKey());
 
     byte[] masterSecret = ByteUtil.combine(ephemeralToEphemeral, ephemeralToStatic                          );
-    byte[] publicKeys   = ByteUtil.combine(keyPair.getPublicKey(), serverPublicEphemeral, serverPublicStatic);
+    byte[] publicKeys   = ByteUtil.combine(keyPair.getPublicKey().getPublicKeyBytes(), serverPublicEphemeral, serverPublicStatic);
 
     HKDFv3 generator = new HKDFv3();
     byte[] keys      = generator.deriveSecrets(masterSecret, publicKeys, null, clientKey.length + serverKey.length);

libsignal/service/src/main/java/org/whispersystems/signalservice/internal/push/RemoteAttestationUtil.java

@@ -1,8 +1,8 @@
 package org.whispersystems.signalservice.internal.push;
 
-import org.whispersystems.curve25519.Curve25519;
-import org.whispersystems.curve25519.Curve25519KeyPair;
-import org.whispersystems.libsignal.util.Pair;
+import org.whispersystems.libsignal.InvalidKeyException;
+import org.whispersystems.libsignal.ecc.Curve;
+import org.whispersystems.libsignal.ecc.ECKeyPair;
 import org.whispersystems.signalservice.api.crypto.InvalidCiphertextException;
 import org.whispersystems.signalservice.api.push.exceptions.NonSuccessfulResponseCodeException;
 import org.whispersystems.signalservice.internal.contacts.crypto.Quote;
@@ -38,9 +38,9 @@ public static RemoteAttestation getAndVerifyRemoteAttestation(PushServiceSocket
                                                                 String enclaveName,
                                                                 String mrenclave,
                                                                 String authorization)
-    throws IOException, Quote.InvalidQuoteFormatException, InvalidCiphertextException, UnauthenticatedQuoteException, SignatureException
+    throws IOException, Quote.InvalidQuoteFormatException, InvalidCiphertextException, UnauthenticatedQuoteException, SignatureException, InvalidKeyException
   {
-    Curve25519KeyPair         keyPair  = buildKeyPair();
+    ECKeyPair                 keyPair  = buildKeyPair();
     ResponsePair              result   = makeAttestationRequest(socket, clientSet, authorization, enclaveName, keyPair);
     RemoteAttestationResponse response = JsonUtil.fromJson(result.body, RemoteAttestationResponse.class);
 
@@ -53,9 +53,9 @@ public static Map<String, RemoteAttestation> getAndVerifyMultiRemoteAttestation(
                                                                                   String enclaveName,
                                                                                   String mrenclave,
                                                                                   String authorization)
-      throws IOException, Quote.InvalidQuoteFormatException, InvalidCiphertextException, UnauthenticatedQuoteException, SignatureException
+      throws IOException, Quote.InvalidQuoteFormatException, InvalidCiphertextException, UnauthenticatedQuoteException, SignatureException, InvalidKeyException
   {
-    Curve25519KeyPair              keyPair      = buildKeyPair();
+    ECKeyPair                      keyPair      = buildKeyPair();
     ResponsePair                   result       = makeAttestationRequest(socket, clientSet, authorization, enclaveName, keyPair);
     MultiRemoteAttestationResponse response     = JsonUtil.fromJson(result.body, MultiRemoteAttestationResponse.class);
     Map<String, RemoteAttestation> attestations = new HashMap<>();
@@ -76,19 +76,18 @@ public static Map<String, RemoteAttestation> getAndVerifyMultiRemoteAttestation(
     return attestations;
   }
 
-  private static Curve25519KeyPair buildKeyPair() {
-    Curve25519 curve = Curve25519.getInstance(Curve25519.BEST);
-    return curve.generateKeyPair();
+  private static ECKeyPair buildKeyPair() {
+    return Curve.generateKeyPair();
   }
 
   private static ResponsePair makeAttestationRequest(PushServiceSocket socket,
                                                      PushServiceSocket.ClientSet clientSet,
                                                      String authorization,
                                                      String enclaveName,
-                                                     Curve25519KeyPair keyPair)
+                                                     ECKeyPair keyPair)
       throws IOException
   {
-    RemoteAttestationRequest attestationRequest = new RemoteAttestationRequest(keyPair.getPublicKey());
+    RemoteAttestationRequest attestationRequest = new RemoteAttestationRequest(keyPair.getPublicKey().getPublicKeyBytes());
     Response                 response           = socket.makeRequest(clientSet, authorization, new LinkedList<String>(), "/v1/attestation/" + enclaveName, "PUT", JsonUtil.toJson(attestationRequest));
     ResponseBody             body               = response.body();
 
@@ -113,9 +112,9 @@ private static List<String> parseCookies(Response response) {
   private static RemoteAttestation validateAndBuildRemoteAttestation(RemoteAttestationResponse response,
                                                                      List<String> cookies,
                                                                      KeyStore iasKeyStore,
-                                                                     Curve25519KeyPair keyPair,
+                                                                     ECKeyPair keyPair,
                                                                      String mrenclave)
-      throws Quote.InvalidQuoteFormatException, InvalidCiphertextException, UnauthenticatedQuoteException, SignatureException
+      throws Quote.InvalidQuoteFormatException, InvalidCiphertextException, UnauthenticatedQuoteException, SignatureException, InvalidKeyException
   {
     RemoteAttestationKeys keys      = new RemoteAttestationKeys(keyPair, response.getServerEphemeralPublic(), response.getServerStaticPublic());
     Quote                 quote     = new Quote(response.getQuote());

libsignal/service/witness-verifications.gradle

@@ -24,19 +24,13 @@ dependencyVerification {
         ['com.squareup.okio:okio:1.15.0',
          '693fa319a7e8843300602b204023b7674f106ebcb577f2dd5807212b66118bd2'],
 
-        ['org.signal:signal-metadata-java:0.1.2',
-         '6aaeb6a33bf3161a3e6ac9db7678277f7a4cf5a2c96b84342e4007ee49bab1bd'],
-
         ['org.signal:zkgroup-java:0.7.0',
          'd0099eedd60d6f7d4df5b288175e5d585228ed8897789926bdab69bf8c05659f'],
 
         ['org.threeten:threetenbp:1.3.6',
          'f4c23ffaaed717c3b99c003e0ee02d6d66377fd47d866fec7d971bd8644fc1a7'],
 
-        ['org.whispersystems:curve25519-java:0.5.0',
-         '0aadd43cf01d11e9b58f867b3c4f25c3194e8b0623d1953d32dfbfbee009e38d'],
-
-        ['org.whispersystems:signal-protocol-java:2.8.1',
-         'b19db36839ab008fdccefc7f8c005f2ea43dc7c7298a209bc424e6f9b6d5617b'],
+        ['org.whispersystems:signal-client-java:0.1.4',
+         '7d151220a203e43ecf419256eecb6309cc4c5644557beeb29f54ba34ee82645c'],
     ]
 }