Add support for UUID-only delivery certificates. (SERVER-132)

2026-04-22 10:18:04 +01:00 · 2020-08-19 11:24:23 -04:00
parent a709a3bcc0
commit 2d75f59d33
4 changed files with 100 additions and 3 deletions
--- a/service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/CertificateControllerTest.java
+++ b/service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/CertificateControllerTest.java
@@ -1,6 +1,7 @@
 package org.whispersystems.textsecuregcm.tests.controllers;

 import com.google.common.collect.ImmutableSet;
+import org.apache.commons.lang3.StringUtils;
 import org.glassfish.jersey.test.grizzly.GrizzlyWebTestContainerFactory;
 import org.junit.ClassRule;
 import org.junit.Test;
@@ -36,6 +37,7 @@ import static junit.framework.TestCase.assertTrue;
 import static org.assertj.core.api.Java6Assertions.assertThat;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;

 public class CertificateControllerTest {

@@ -117,6 +119,45 @@ public class CertificateControllerTest {
    assertTrue(Arrays.equals(certificate.getIdentityKey().toByteArray(), Base64.decode(AuthHelper.VALID_IDENTITY)));
  }

+  @Test
+  public void testValidCertificateWithUuidNoE164() throws Exception {
+    DeliveryCertificate certificateObject = resources.getJerseyTest()
+            .target("/v1/certificate/delivery")
+            .queryParam("includeUuid", "true")
+            .queryParam("includeE164", "false")
+            .request()
+            .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+            .get(DeliveryCertificate.class);
+
+
+    SenderCertificate             certificateHolder = SenderCertificate.parseFrom(certificateObject.getCertificate());
+    SenderCertificate.Certificate certificate       = SenderCertificate.Certificate.parseFrom(certificateHolder.getCertificate());
+
+    ServerCertificate             serverCertificateHolder = certificate.getSigner();
+    ServerCertificate.Certificate serverCertificate       = ServerCertificate.Certificate.parseFrom(serverCertificateHolder.getCertificate());
+
+    assertTrue(Curve.verifySignature(Curve.decodePoint(serverCertificate.getKey().toByteArray(), 0), certificateHolder.getCertificate().toByteArray(), certificateHolder.getSignature().toByteArray()));
+    assertTrue(Curve.verifySignature(Curve.decodePoint(Base64.decode(caPublicKey), 0), serverCertificateHolder.getCertificate().toByteArray(), serverCertificateHolder.getSignature().toByteArray()));
+
+    assertTrue(StringUtils.isBlank(certificate.getSender()));
+    assertEquals(certificate.getSenderDevice(), 1L);
+    assertEquals(certificate.getSenderUuid(), AuthHelper.VALID_UUID.toString());
+    assertTrue(Arrays.equals(certificate.getIdentityKey().toByteArray(), Base64.decode(AuthHelper.VALID_IDENTITY)));
+  }
+
+  @Test
+  public void testValidCertificateWithNoUuidNoE164() throws Exception {
+    Response response = resources.getJerseyTest()
+                                 .target("/v1/certificate/delivery")
+                                 .queryParam("includeUuid", "false")
+                                 .queryParam("includeE164", "false")
+                                 .request()
+                                 .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+                                 .get();
+
+    assertEquals(response.getStatus(), 400);
+  }
+
  @Test
  public void testBadAuthentication() throws Exception {
    Response response = resources.getJerseyTest()