Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-21 22:18:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make UUID in sealed sender certificate optional for buggy clients

Browse Source
This commit is contained in:
Moxie Marlinspike
2019-07-11 19:14:39 -07:00
parent 07822b371f
commit 79f2efdfd9
3 changed files with 47 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/CertificateControllerTest.java
View File

@@ -25,6 +25,7 @@ import io.dropwizard.auth.PolymorphicAuthValueFactoryProvider;
import io.dropwizard.testing.junit.ResourceTestRule;
import static junit.framework.TestCase.assertTrue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
public class CertificateControllerTest {
@@ -64,6 +65,31 @@ public class CertificateControllerTest {
.get(DeliveryCertificate.class);
SenderCertificate certificateHolder = SenderCertificate.parseFrom(certificateObject.getCertificate());
SenderCertificate.Certificate certificate = SenderCertificate.Certificate.parseFrom(certificateHolder.getCertificate());
ServerCertificate serverCertificateHolder = certificate.getSigner();
ServerCertificate.Certificate serverCertificate = ServerCertificate.Certificate.parseFrom(serverCertificateHolder.getCertificate());
assertTrue(Curve.verifySignature(Curve.decodePoint(serverCertificate.getKey().toByteArray(), 0), certificateHolder.getCertificate().toByteArray(), certificateHolder.getSignature().toByteArray()));
assertTrue(Curve.verifySignature(Curve.decodePoint(Base64.decode(caPublicKey), 0), serverCertificateHolder.getCertificate().toByteArray(), serverCertificateHolder.getSignature().toByteArray()));
assertEquals(certificate.getSender(), AuthHelper.VALID_NUMBER);
assertEquals(certificate.getSenderDevice(), 1L);
assertFalse(certificate.hasSenderUuid());
assertTrue(Arrays.equals(certificate.getIdentityKey().toByteArray(), Base64.decode(AuthHelper.VALID_IDENTITY)));
}
@Test
public void testValidCertificateWithUuid() throws Exception {
DeliveryCertificate certificateObject = resources.getJerseyTest()
.target("/v1/certificate/delivery")
.queryParam("includeUuid", "true")
.request()
.header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
.get(DeliveryCertificate.class);
SenderCertificate certificateHolder = SenderCertificate.parseFrom(certificateObject.getCertificate());
SenderCertificate.Certificate certificate = SenderCertificate.Certificate.parseFrom(certificateHolder.getCertificate());