Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-20 07:38:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add support for UUID-only delivery certificates. (SERVER-132)

Browse Source
This commit is contained in:
Jon Chambers
2020-08-19 11:24:23 -04:00
committed by Jon Chambers
parent a709a3bcc0
commit 2d75f59d33
4 changed files with 100 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
service/src/main/java/org/whispersystems/textsecuregcm/auth/CertificateGenerator.java
View File

@@ -28,14 +28,21 @@ public class CertificateGenerator {
this.serverCertificate = ServerCertificate.parseFrom(serverCertificate);
}
public byte[] createFor(Account account, Device device, boolean includeUuid) throws IOException, InvalidKeyException {
public byte[] createFor(Account account, Device device, boolean includeE164, boolean includeUuid) throws IOException, InvalidKeyException {
SenderCertificate.Certificate.Builder builder = SenderCertificate.Certificate.newBuilder()
.setSender(account.getNumber())
.setSenderDevice(Math.toIntExact(device.getId()))
.setExpires(System.currentTimeMillis() + TimeUnit.DAYS.toMillis(expiresDays))
.setIdentityKey(ByteString.copyFrom(Base64.decode(account.getIdentityKey())))
.setSigner(serverCertificate);
if (!includeE164 && !includeUuid) {
throw new IllegalArgumentException("Certificates must include one of a sender phone number or UUID");
}
if (includeE164) {
builder.setSender(account.getNumber());
}
if (includeUuid) {
builder.setSenderUuid(account.getUuid().toString());
}

10
service/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java
View File

@@ -47,6 +47,7 @@ public class CertificateController {
@Produces(MediaType.APPLICATION_JSON)
@Path("/delivery")
public DeliveryCertificate getDeliveryCertificate(@Auth Account account,
@QueryParam("includeE164") Optional<Boolean> includeE164,
@QueryParam("includeUuid") Optional<Boolean> includeUuid)
throws IOException, InvalidKeyException
{
@@ -56,7 +57,14 @@ public class CertificateController {
throw new WebApplicationException(Response.Status.BAD_REQUEST);
}
return new DeliveryCertificate(certificateGenerator.createFor(account, account.getAuthenticatedDevice().get(), includeUuid.orElse(false)));
final boolean effectiveIncludeE164 = includeE164.orElse(true);
final boolean effectiveIncludeUuid = includeUuid.orElse(false);
if (!effectiveIncludeE164 && !effectiveIncludeUuid) {
throw new WebApplicationException(Response.Status.BAD_REQUEST);
}
return new DeliveryCertificate(certificateGenerator.createFor(account, account.getAuthenticatedDevice().get(), effectiveIncludeE164, effectiveIncludeUuid));
}
@Timed