Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add support for endpoint checking prekey consistency.
- Loading branch information
1 parent
09b0f15
commit e1067e3
Showing
8 changed files
with
191 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
18 changes: 18 additions & 0 deletions
18
core-util-jvm/src/main/java/org/signal/core/util/LongExtensions.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
/* | ||
* Copyright 2024 Signal Messenger, LLC | ||
* SPDX-License-Identifier: AGPL-3.0-only | ||
*/ | ||
|
||
package org.signal.core.util | ||
|
||
import java.nio.ByteBuffer | ||
|
||
/** | ||
* Converts the long into [ByteArray]. | ||
*/ | ||
fun Long.toByteArray(): ByteArray { | ||
return ByteBuffer | ||
.allocate(Long.SIZE_BYTES) | ||
.putLong(this) | ||
.array() | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
57 changes: 57 additions & 0 deletions
57
libsignal-service/src/main/java/org/whispersystems/signalservice/api/keys/KeysApi.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
/* | ||
* Copyright 2024 Signal Messenger, LLC | ||
* SPDX-License-Identifier: AGPL-3.0-only | ||
*/ | ||
|
||
package org.whispersystems.signalservice.api.keys | ||
|
||
import org.signal.core.util.toByteArray | ||
import org.signal.libsignal.protocol.IdentityKey | ||
import org.signal.libsignal.protocol.ecc.ECPublicKey | ||
import org.signal.libsignal.protocol.kem.KEMPublicKey | ||
import org.whispersystems.signalservice.api.NetworkResult | ||
import org.whispersystems.signalservice.api.push.ServiceIdType | ||
import org.whispersystems.signalservice.internal.push.PushServiceSocket | ||
import java.security.MessageDigest | ||
|
||
/** | ||
* Contains APIs for interacting with /keys endpoints on the service. | ||
*/ | ||
class KeysApi(private val pushServiceSocket: PushServiceSocket) { | ||
|
||
companion object { | ||
@JvmStatic | ||
fun create(pushServiceSocket: PushServiceSocket): KeysApi { | ||
return KeysApi(pushServiceSocket) | ||
} | ||
} | ||
|
||
/** | ||
* Checks to see if our local view of our repeated-use prekeys matches the server's view. It's an all-or-nothing match, and no details can be given beyond | ||
* whether or not everything perfectly matches or not. | ||
* | ||
* Status codes: | ||
* - 200: Everything matches | ||
* - 409: Something doesn't match | ||
*/ | ||
fun checkRepeatedUseKeys( | ||
serviceIdType: ServiceIdType, | ||
identityKey: IdentityKey, | ||
signedPreKeyId: Int, | ||
signedPreKey: ECPublicKey, | ||
lastResortKyberKeyId: Int, | ||
lastResortKyberKey: KEMPublicKey | ||
): NetworkResult<Unit> { | ||
val digest: MessageDigest = MessageDigest.getInstance("SHA-256").apply { | ||
update(identityKey.serialize()) | ||
update(signedPreKeyId.toLong().toByteArray()) | ||
update(signedPreKey.serialize()) | ||
update(lastResortKyberKeyId.toLong().toByteArray()) | ||
update(lastResortKyberKey.serialize()) | ||
} | ||
|
||
return NetworkResult.fromFetch { | ||
pushServiceSocket.checkRepeatedUsePreKeys(serviceIdType, digest.digest()) | ||
} | ||
} | ||
} |
20 changes: 20 additions & 0 deletions
20
...c/main/java/org/whispersystems/signalservice/internal/push/ByteArrayDeserializerBase64.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
/* | ||
* Copyright 2024 Signal Messenger, LLC | ||
* SPDX-License-Identifier: AGPL-3.0-only | ||
*/ | ||
|
||
package org.whispersystems.signalservice.internal.push | ||
|
||
import com.fasterxml.jackson.core.JsonParser | ||
import com.fasterxml.jackson.databind.DeserializationContext | ||
import com.fasterxml.jackson.databind.JsonDeserializer | ||
import org.signal.core.util.Base64 | ||
|
||
/** | ||
* Deserializes any valid base64 (regardless of padding or url-safety) into a ByteArray. | ||
*/ | ||
class ByteArrayDeserializerBase64 : JsonDeserializer<ByteArray>() { | ||
override fun deserialize(p: JsonParser, ctxt: DeserializationContext): ByteArray { | ||
return Base64.decode(p.valueAsString) | ||
} | ||
} |
20 changes: 20 additions & 0 deletions
20
...java/org/whispersystems/signalservice/internal/push/ByteArraySerializerBase64NoPadding.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
/* | ||
* Copyright 2024 Signal Messenger, LLC | ||
* SPDX-License-Identifier: AGPL-3.0-only | ||
*/ | ||
|
||
package org.whispersystems.signalservice.internal.push | ||
|
||
import com.fasterxml.jackson.core.JsonGenerator | ||
import com.fasterxml.jackson.databind.JsonSerializer | ||
import com.fasterxml.jackson.databind.SerializerProvider | ||
import org.signal.core.util.Base64 | ||
|
||
/** | ||
* JSON serializer to encode a ByteArray as a base64 string without padding. | ||
*/ | ||
class ByteArraySerializerBase64NoPadding : JsonSerializer<ByteArray>() { | ||
override fun serialize(value: ByteArray, gen: JsonGenerator, serializers: SerializerProvider) { | ||
gen.writeString(Base64.encodeWithoutPadding(value)) | ||
} | ||
} |
21 changes: 21 additions & 0 deletions
21
...in/java/org/whispersystems/signalservice/internal/push/CheckRepeatedUsedPreKeysRequest.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
/* | ||
* Copyright 2024 Signal Messenger, LLC | ||
* SPDX-License-Identifier: AGPL-3.0-only | ||
*/ | ||
|
||
package org.whispersystems.signalservice.internal.push | ||
|
||
import com.fasterxml.jackson.annotation.JsonProperty | ||
import com.fasterxml.jackson.databind.annotation.JsonSerialize | ||
|
||
/** | ||
* Request body to check if our prekeys match what's on the service. | ||
*/ | ||
class CheckRepeatedUsedPreKeysRequest( | ||
@JsonProperty | ||
val identityType: String, | ||
|
||
@JsonProperty | ||
@JsonSerialize(using = ByteArraySerializerBase64NoPadding::class) | ||
val digest: ByteArray | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters