Add support for CDSI.

2026-02-23 19:26:17 +00:00 · 2022-05-18 11:42:38 -04:00
parent 8407f2ff69
commit 9ab275195f
16 changed files with 350 additions and 462 deletions
--- a/app/src/main/java/org/thoughtcrime/securesms/contacts/sync/ContactDiscoveryRefreshV1.java
+++ b/app/src/main/java/org/thoughtcrime/securesms/contacts/sync/ContactDiscoveryRefreshV1.java
@@ -111,12 +111,7 @@ class ContactDiscoveryRefreshV1 {

    Stopwatch stopwatch = new Stopwatch("refresh");

-    ContactIntersection result;
-    if (FeatureFlags.cdsh()) {
-      result = getIntersectionWithHsm(databaseNumbers, systemNumbers);
-    } else {
-      result = getIntersection(context, databaseNumbers, systemNumbers);
-    }
+    ContactIntersection result = getIntersection(context, databaseNumbers, systemNumbers);

    stopwatch.split("network");

@@ -250,38 +245,6 @@ class ContactDiscoveryRefreshV1 {
    }
  }

-  /**
-   * Retrieves the contact intersection using an HSM-backed implementation of CDS that is being tested.
-   */
-  private static ContactIntersection getIntersectionWithHsm(@NonNull Set<String> databaseNumbers,
-                                                            @NonNull Set<String> systemNumbers)
-      throws IOException
-  {
-    Set<String>                        allNumbers       = SetUtil.union(databaseNumbers, systemNumbers);
-    FuzzyPhoneNumberHelper.InputResult inputResult      = FuzzyPhoneNumberHelper.generateInput(allNumbers, databaseNumbers);
-    Set<String>                        sanitizedNumbers = sanitizeNumbers(inputResult.getNumbers());
-    Set<String>                        ignoredNumbers   = new HashSet<>();
-
-    if (sanitizedNumbers.size() > MAX_NUMBERS) {
-      Set<String> randomlySelected = randomlySelect(sanitizedNumbers, MAX_NUMBERS);
-
-      ignoredNumbers   = SetUtil.difference(sanitizedNumbers, randomlySelected);
-      sanitizedNumbers = randomlySelected;
-    }
-
-    SignalServiceAccountManager accountManager = ApplicationDependencies.getSignalServiceAccountManager();
-
-    try {
-      Map<String, ACI>                    results      = accountManager.getRegisteredUsersWithCdshV1(sanitizedNumbers, BuildConfig.CDSH_PUBLIC_KEY, BuildConfig.CDSH_CODE_HASH);
-      FuzzyPhoneNumberHelper.OutputResult outputResult = FuzzyPhoneNumberHelper.generateOutput(results, inputResult);
-
-      return new ContactIntersection(outputResult.getNumbers(), outputResult.getRewrites(), ignoredNumbers);
-    } catch (IOException e) {
-      Log.w(TAG, "Attestation error.", e);
-      throw new IOException(e);
-    }
-  }
-
  private static @NonNull Set<String> randomlySelect(@NonNull Set<String> numbers, int max) {
    List<String> list = new ArrayList<>(numbers);
    Collections.shuffle(list);
--- a/app/src/main/java/org/thoughtcrime/securesms/contacts/sync/ContactDiscoveryRefreshV2.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/contacts/sync/ContactDiscoveryRefreshV2.kt
@@ -15,7 +15,7 @@ import org.thoughtcrime.securesms.recipients.Recipient
 import org.thoughtcrime.securesms.recipients.RecipientId
 import org.thoughtcrime.securesms.util.Stopwatch
 import org.whispersystems.signalservice.api.push.ServiceId
-import org.whispersystems.signalservice.api.services.CdshV2Service
+import org.whispersystems.signalservice.api.services.CdsiV2Service
 import java.io.IOException
 import java.util.Optional

@@ -41,7 +41,12 @@ object ContactDiscoveryRefreshV2 {
  fun refreshAll(context: Context): ContactDiscovery.RefreshResult {
    val stopwatch = Stopwatch("refresh-all")

-    val previousE164s: Set<String> = SignalDatabase.cds.getAllE164s()
+    val previousE164s: Set<String> = if (SignalStore.misc().cdsToken != null) {
+      SignalDatabase.cds.getAllE164s()
+    } else {
+      Log.w(TAG, "No token set! Cannot provide previousE164s.")
+      emptySet()
+    }
    stopwatch.split("previous")

    val recipientE164s: Set<String> = SignalDatabase.recipients.getAllE164s().sanitize()
@@ -54,14 +59,15 @@ object ContactDiscoveryRefreshV2 {

    val newE164s: Set<String> = newRecipientE164s + newSystemE164s

-    val response: CdshV2Service.Response = makeRequest(
+    val response: CdsiV2Service.Response = makeRequest(
      previousE164s = previousE164s,
      newE164s = newE164s,
      serviceIds = SignalDatabase.recipients.getAllServiceIdProfileKeyPairs(),
+      token = SignalStore.misc().cdsToken,
+      saveToken = true
    )
    stopwatch.split("network")

-    SignalStore.misc().cdsToken = response.token
    SignalDatabase.cds.updateAfterCdsQuery(newE164s, recipientE164s + systemE164s)
    stopwatch.split("cds-db")

@@ -106,10 +112,12 @@ object ContactDiscoveryRefreshV2 {
      Log.i(TAG, "Doing a one-off request for ${inputE164s.size} recipients.")
    }

-    val response: CdshV2Service.Response = makeRequest(
+    val response: CdsiV2Service.Response = makeRequest(
      previousE164s = emptySet(),
      newE164s = inputE164s,
-      serviceIds = SignalDatabase.recipients.getAllServiceIdProfileKeyPairs()
+      serviceIds = SignalDatabase.recipients.getAllServiceIdProfileKeyPairs(),
+      token = null,
+      saveToken = false
    )
    stopwatch.split("network")

@@ -125,15 +133,18 @@ object ContactDiscoveryRefreshV2 {
  }

  @Throws(IOException::class)
-  private fun makeRequest(previousE164s: Set<String>, newE164s: Set<String>, serviceIds: Map<ServiceId, ProfileKey>): CdshV2Service.Response {
-    return ApplicationDependencies.getSignalServiceAccountManager().getRegisteredUsersWithCdshV2(
+  private fun makeRequest(previousE164s: Set<String>, newE164s: Set<String>, serviceIds: Map<ServiceId, ProfileKey>, token: ByteArray?, saveToken: Boolean): CdsiV2Service.Response {
+    return ApplicationDependencies.getSignalServiceAccountManager().getRegisteredUsersWithCdsi(
      previousE164s,
      newE164s,
      serviceIds,
-      Optional.ofNullable(SignalStore.misc().cdsToken),
-      BuildConfig.CDSH_PUBLIC_KEY,
-      BuildConfig.CDSH_CODE_HASH
-    )
+      Optional.ofNullable(token),
+      BuildConfig.CDSI_MRENCLAVE
+    ) { token ->
+      if (saveToken) {
+        SignalStore.misc().cdsToken = token
+      }
+    }
  }

  private fun Set<String>.toE164s(context: Context): Set<String> {
--- a/app/src/main/java/org/thoughtcrime/securesms/providers/PartProvider.java
+++ b/app/src/main/java/org/thoughtcrime/securesms/providers/PartProvider.java
@@ -79,6 +79,7 @@ public final class PartProvider extends BaseContentProvider {
      return null;
    }

+
    if (uriMatcher.match(uri) == SINGLE_ROW) {
      Log.i(TAG, "Parting out a single row...");
      try {
--- a/app/src/main/java/org/thoughtcrime/securesms/push/SignalServiceNetworkAccess.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/push/SignalServiceNetworkAccess.kt
@@ -21,7 +21,7 @@ import org.thoughtcrime.securesms.phonenumbers.PhoneNumberFormatter
 import org.thoughtcrime.securesms.util.Base64
 import org.whispersystems.signalservice.api.push.TrustStore
 import org.whispersystems.signalservice.internal.configuration.SignalCdnUrl
-import org.whispersystems.signalservice.internal.configuration.SignalCdshUrl
+import org.whispersystems.signalservice.internal.configuration.SignalCdsiUrl
 import org.whispersystems.signalservice.internal.configuration.SignalContactDiscoveryUrl
 import org.whispersystems.signalservice.internal.configuration.SignalKeyBackupServiceUrl
 import org.whispersystems.signalservice.internal.configuration.SignalServiceConfiguration
@@ -169,7 +169,7 @@ class SignalServiceNetworkAccess(context: Context) {
    fUrls.map { SignalContactDiscoveryUrl(it, F_DIRECTORY_HOST, fTrustStore, APP_CONNECTION_SPEC) }.toTypedArray(),
    fUrls.map { SignalKeyBackupServiceUrl(it, F_KBS_HOST, fTrustStore, APP_CONNECTION_SPEC) }.toTypedArray(),
    fUrls.map { SignalStorageUrl(it, F_STORAGE_HOST, fTrustStore, APP_CONNECTION_SPEC) }.toTypedArray(),
-    arrayOf(SignalCdshUrl(BuildConfig.SIGNAL_CDSH_URL, serviceTrustStore)),
+    arrayOf(SignalCdsiUrl(BuildConfig.SIGNAL_CDSI_URL, serviceTrustStore)),
    interceptors,
    Optional.of(DNS),
    Optional.empty(),
@@ -220,7 +220,7 @@ class SignalServiceNetworkAccess(context: Context) {
    arrayOf(SignalContactDiscoveryUrl(BuildConfig.SIGNAL_CONTACT_DISCOVERY_URL, serviceTrustStore)),
    arrayOf(SignalKeyBackupServiceUrl(BuildConfig.SIGNAL_KEY_BACKUP_URL, serviceTrustStore)),
    arrayOf(SignalStorageUrl(BuildConfig.STORAGE_URL, serviceTrustStore)),
-    arrayOf(SignalCdshUrl(BuildConfig.SIGNAL_CDSH_URL, serviceTrustStore)),
+    arrayOf(SignalCdsiUrl(BuildConfig.SIGNAL_CDSI_URL, serviceTrustStore)),
    interceptors,
    Optional.of(DNS),
    if (SignalStore.proxy().isProxyEnabled) Optional.ofNullable(SignalStore.proxy().proxy) else Optional.empty(),
@@ -276,7 +276,7 @@ class SignalServiceNetworkAccess(context: Context) {
    val cdsUrls: Array<SignalContactDiscoveryUrl> = hostConfigs.map { SignalContactDiscoveryUrl("${it.baseUrl}/directory", it.host, gTrustStore, it.connectionSpec) }.toTypedArray()
    val kbsUrls: Array<SignalKeyBackupServiceUrl> = hostConfigs.map { SignalKeyBackupServiceUrl("${it.baseUrl}/backup", it.host, gTrustStore, it.connectionSpec) }.toTypedArray()
    val storageUrls: Array<SignalStorageUrl> = hostConfigs.map { SignalStorageUrl("${it.baseUrl}/storage", it.host, gTrustStore, it.connectionSpec) }.toTypedArray()
-    val cdshUrls: Array<SignalCdshUrl> = listOf(SignalCdshUrl(BuildConfig.SIGNAL_CDSH_URL, serviceTrustStore)).toTypedArray()
+    val cdsiUrls: Array<SignalCdsiUrl> = listOf(SignalCdsiUrl(BuildConfig.SIGNAL_CDSI_URL, serviceTrustStore)).toTypedArray()

    return SignalServiceConfiguration(
      serviceUrls,
@@ -287,7 +287,7 @@ class SignalServiceNetworkAccess(context: Context) {
      cdsUrls,
      kbsUrls,
      storageUrls,
-      cdshUrls,
+      cdsiUrls,
      interceptors,
      Optional.of(DNS),
      Optional.empty(),