From: AsamK Date: Thu, 13 May 2021 08:35:01 +0000 (+0200) Subject: Only send plain text pin if locked with registration lock v1 X-Git-Tag: v0.8.3~4 X-Git-Url: https://git.nmode.ca/signal-cli/commitdiff_plain/da29cdfe10645b83d9bc6cea80f1160470f24e40?ds=sidebyside Only send plain text pin if locked with registration lock v1 --- diff --git a/lib/src/main/java/org/asamk/signal/manager/RegistrationManager.java b/lib/src/main/java/org/asamk/signal/manager/RegistrationManager.java index 9dae3f41..88cba97b 100644 --- a/lib/src/main/java/org/asamk/signal/manager/RegistrationManager.java +++ b/lib/src/main/java/org/asamk/signal/manager/RegistrationManager.java @@ -129,9 +129,10 @@ public class RegistrationManager implements Closeable { VerifyAccountResponse response; MasterKey masterKey; try { - response = verifyAccountWithCode(verificationCode, pin, null); + response = verifyAccountWithCode(verificationCode, null, null); masterKey = null; + pin = null; } catch (LockedException e) { if (pin == null) { throw e; @@ -139,16 +140,17 @@ public class RegistrationManager implements Closeable { var registrationLockData = pinHelper.getRegistrationLockData(pin, e); if (registrationLockData == null) { - throw e; - } - - var registrationLock = registrationLockData.getMasterKey().deriveRegistrationLock(); - try { - response = verifyAccountWithCode(verificationCode, null, registrationLock); - } catch (LockedException _e) { - throw new AssertionError("KBS Pin appeared to matched but reg lock still failed!"); + response = verifyAccountWithCode(verificationCode, pin, null); + masterKey = null; + } else { + var registrationLock = registrationLockData.getMasterKey().deriveRegistrationLock(); + try { + response = verifyAccountWithCode(verificationCode, null, registrationLock); + } catch (LockedException _e) { + throw new AssertionError("KBS Pin appeared to matched but reg lock still failed!"); + } + masterKey = registrationLockData.getMasterKey(); } - masterKey = registrationLockData.getMasterKey(); } // TODO response.isStorageCapable()