From da29cdfe10645b83d9bc6cea80f1160470f24e40 Mon Sep 17 00:00:00 2001 From: AsamK Date: Thu, 13 May 2021 10:35:01 +0200 Subject: [PATCH] Only send plain text pin if locked with registration lock v1 --- .../signal/manager/RegistrationManager.java | 22 ++++++++++--------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/lib/src/main/java/org/asamk/signal/manager/RegistrationManager.java b/lib/src/main/java/org/asamk/signal/manager/RegistrationManager.java index 9dae3f41..88cba97b 100644 --- a/lib/src/main/java/org/asamk/signal/manager/RegistrationManager.java +++ b/lib/src/main/java/org/asamk/signal/manager/RegistrationManager.java @@ -129,9 +129,10 @@ public class RegistrationManager implements Closeable { VerifyAccountResponse response; MasterKey masterKey; try { - response = verifyAccountWithCode(verificationCode, pin, null); + response = verifyAccountWithCode(verificationCode, null, null); masterKey = null; + pin = null; } catch (LockedException e) { if (pin == null) { throw e; @@ -139,16 +140,17 @@ public class RegistrationManager implements Closeable { var registrationLockData = pinHelper.getRegistrationLockData(pin, e); if (registrationLockData == null) { - throw e; - } - - var registrationLock = registrationLockData.getMasterKey().deriveRegistrationLock(); - try { - response = verifyAccountWithCode(verificationCode, null, registrationLock); - } catch (LockedException _e) { - throw new AssertionError("KBS Pin appeared to matched but reg lock still failed!"); + response = verifyAccountWithCode(verificationCode, pin, null); + masterKey = null; + } else { + var registrationLock = registrationLockData.getMasterKey().deriveRegistrationLock(); + try { + response = verifyAccountWithCode(verificationCode, null, registrationLock); + } catch (LockedException _e) { + throw new AssertionError("KBS Pin appeared to matched but reg lock still failed!"); + } + masterKey = registrationLockData.getMasterKey(); } - masterKey = registrationLockData.getMasterKey(); } // TODO response.isStorageCapable() -- 2.50.1