Skip to content
This repository has been archived by the owner on Feb 12, 2022. It is now read-only.

Last resort key still in documentation #63

Open
bneijt opened this issue Nov 3, 2018 · 3 comments
Open

Last resort key still in documentation #63

bneijt opened this issue Nov 3, 2018 · 3 comments

Comments

@bneijt
Copy link

bneijt commented Nov 3, 2018

signalapp/libsignal-protocol-java@111df84 removed the Last Resort Pre Key, but it's still mentioned in the documentation/README.md of this git repository.
@ahachmann
Copy link

Yeah, and I am wondering what the correct way of usage now is. Could anyone please help me out?

@croesch
Copy link

croesch commented Dec 28, 2018
edited
Loading

Did you find a solution? I got this far and am not sure what parts are wrong or if everything works as expected, but I receive the verification SMS - I am able to verify it (just type only the digits) - I receive HTTP 413 a lot - so I would really like to now when this limit hits and why it hits me.

    IdentityKeyPair identityKeyPair = KeyHelper.generateIdentityKeyPair();
    int registrationId = KeyHelper.generateRegistrationId(false);
    int startId = 0;
    List<PreKeyRecord> oneTimePreKeys = KeyHelper.generatePreKeys(startId, 100);
    SignedPreKeyRecord signedPreKey = KeyHelper.generateSignedPreKey(identityKeyPair, 5);

    idStore = new IdStore(identityKeyPair, registrationId);

    MyPreKeyStore preKeyStore = new MyPreKeyStore();
    MySignedPreKeyStore signedPreKeyStore = new MySignedPreKeyStore();
    MySessionStore sessionStore = new MySessionStore();

    signedPreKeyStore.storeSignedPreKey(signedPreKey.getId(), signedPreKey);

    MyIdentityKeyStore identityKeyStore = new MyIdentityKeyStore(identityKeyPair, registrationId);

    store = new MySignalStore(identityKeyStore, preKeyStore, sessionStore, signedPreKeyStore);

    SignalServiceAccountManager accountManager = new SignalServiceAccountManager(config, USERNAME, PASSWORD,
        USER_AGENT);
    accountManager.requestSmsVerificationCode(false);
    System.out.println("Enter SMS verification code: ");
    String verificationCode = new BufferedReader(new InputStreamReader(System.in)).readLine();
    // TODO this is correct, right?
    byte[] signalingKey = new byte[52];
    SecureRandom secureRandom = new SecureRandom();
    secureRandom.nextBytes(signalingKey);
    // FIXME from Android project, but does it work like that? Does it need to be saved?
    byte[] secret = new byte[32];
    secureRandom.nextBytes(secret);
    byte[] unidentifiedAccessKey = UnidentifiedAccess.deriveAccessKeyFrom(secret);
    accountManager.verifyAccountWithCode(verificationCode, Base64.encodeBytes(signalingKey), registrationId, false, null,
        unidentifiedAccessKey, true /* FIXME true/false? */);
    accountManager.setPreKeys(identityKeyPair.getPublicKey(), signedPreKey, oneTimePreKeys);

    // save at the end to ensure nothing is written in case of an error
    idStore.save();
    signedPreKeyStore.save();

I applied also this answer and had to install the trust store using the BKS format, using the BouncyCastleProvider that is bundled in the prov-jar.

Certainly would appreciate some hint where to find proper documentation, too ;-)

Can the password, signalingKey and unidentifiedAccessKey be randomly generated? What size limits exist? Should they differ from client to client? Should they be stored for use within later communication?

When does the rate limit hit?

Sending messages with this code results in my Signal app to suggest inviting the other account. Looks like my Signal app thinks this was sent via SMS. Which I think it was not...

Can anybody help / update the documentation!?

@magnusja
Copy link

magnusja commented Jul 9, 2019

I am getting this...

Exception in thread "main" java.lang.NullPointerException: No password supplied for PKCS#12 KeyStore.
	at org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.engineLoad(Unknown Source)
	at java.base/java.security.KeyStore.load(KeyStore.java:1472)
	at java.base/sun.security.ssl.TrustStoreManager$TrustAnchorManager.loadKeyStore(TrustStoreManager.java:365)
	at java.base/sun.security.ssl.TrustStoreManager$TrustAnchorManager.getTrustedCerts(TrustStoreManager.java:313)
	at java.base/sun.security.ssl.TrustStoreManager.getTrustedCerts(TrustStoreManager.java:55)
	at java.base/sun.security.ssl.TrustManagerFactoryImpl.engineInit(TrustManagerFactoryImpl.java:49)
	at java.base/javax.net.ssl.TrustManagerFactory.init(TrustManagerFactory.java:278)
	at org.whispersystems.signalservice.internal.push.PushServiceSocket.createAttachmentClient(PushServiceSocket.java:1039)
	at org.whispersystems.signalservice.internal.push.PushServiceSocket.<init>(PushServiceSocket.java:164)
	at org.whispersystems.signalservice.api.SignalServiceAccountManager.<init>(SignalServiceAccountManager.java:100)
	at org.whispersystems.signalservice.api.SignalServiceAccountManager.<init>(SignalServiceAccountManager.java:93)
	at me.jahnen.service.signal.signal.RegisterKt$main$1.invoke(register.kt:47)
	at me.jahnen.service.signal.signal.RegisterKt$main$1.invoke(register.kt)
	at com.xenomachina.argparser.SystemExitExceptionKt.mainBody(SystemExitException.kt:74)
	at com.xenomachina.argparser.SystemExitExceptionKt.mainBody$default(SystemExitException.kt:72)
	at me.jahnen.service.signal.signal.RegisterKt.main(register.kt:25)

@croesch Can you please tell me what your Store implementations look like? How does the Signal API know about them (I assume it is using all the key storages?)

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bneijt @croesch @magnusja @ahachmann