Key transparency search and monitor endpoints

2026-04-20 16:08:03 +01:00 · 2024-08-12 13:14:42 -07:00
parent 4349ceaf0e
commit 84c329e911
24 changed files with 1525 additions and 45 deletions
--- a/service/src/main/java/org/whispersystems/textsecuregcm/entities/KeyTransparencyMonitorRequest.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/entities/KeyTransparencyMonitorRequest.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2024 Signal Messenger, LLC
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+package org.whispersystems.textsecuregcm.entities;
+
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import io.swagger.v3.oas.annotations.media.Schema;
+import org.whispersystems.textsecuregcm.identity.AciServiceIdentifier;
+import org.whispersystems.textsecuregcm.util.ByteArrayBase64UrlAdapter;
+import org.whispersystems.textsecuregcm.util.ServiceIdentifierAdapter;
+
+import javax.validation.constraints.AssertTrue;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Positive;
+import java.util.List;
+import java.util.Optional;
+
+public record KeyTransparencyMonitorRequest(
+    @NotNull
+    @JsonSerialize(using = ServiceIdentifierAdapter.ServiceIdentifierSerializer.class)
+    @JsonDeserialize(using = ServiceIdentifierAdapter.AciServiceIdentifierDeserializer.class)
+    @Schema(description = "The aci identifier to monitor")
+    AciServiceIdentifier aci,
+
+    @NotEmpty
+    @Schema(description = "A list of log tree positions maintained by the client for the aci search key.")
+    List<@Positive Long> aciPositions,
+
+    @Schema(description = "The e164-formatted phone number to monitor")
+    Optional<String> e164,
+
+    @Schema(description = "A list of log tree positions maintained by the client for the e164 search key.")
+    Optional<List<@Positive Long>> e164Positions,
+
+    @JsonSerialize(contentUsing = ByteArrayBase64UrlAdapter.Serializing.class)
+    @JsonDeserialize(contentUsing = ByteArrayBase64UrlAdapter.Deserializing.class)
+    @Schema(description = "The username hash to monitor, encoded in url-safe unpadded base64.")
+    Optional<byte[]> usernameHash,
+
+    @Schema(description = "A list of log tree positions maintained by the client for the username hash search key.")
+    Optional<List<@Positive Long>> usernameHashPositions,
+
+    @Schema(description = "The tree head size to prove consistency against.")
+    Optional<@Positive Long> lastTreeHeadSize
+) {
+
+  @AssertTrue
+  public boolean isUsernameHashFieldsValid() {
+    return (usernameHash.isEmpty() && usernameHashPositions.isEmpty()) ||
+        (usernameHash.isPresent() && usernameHashPositions.isPresent() && !usernameHashPositions.get().isEmpty());
+  }
+
+  @AssertTrue
+  public boolean isE164VFieldsValid() {
+    return (e164.isEmpty() && e164Positions.isEmpty()) ||
+        (e164.isPresent() && e164Positions.isPresent() && !e164Positions.get().isEmpty());
+  }
+}
--- a/service/src/main/java/org/whispersystems/textsecuregcm/entities/KeyTransparencyMonitorResponse.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/entities/KeyTransparencyMonitorResponse.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2024 Signal Messenger, LLC
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+package org.whispersystems.textsecuregcm.entities;
+
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import io.swagger.v3.oas.annotations.media.Schema;
+import katie.FullTreeHead;
+import katie.MonitorProof;
+import org.whispersystems.textsecuregcm.util.ByteArrayAdapter;
+import org.whispersystems.textsecuregcm.util.FullTreeHeadProtobufAdapter;
+import org.whispersystems.textsecuregcm.util.MonitorProofProtobufAdapter;
+
+import javax.validation.constraints.NotNull;
+import java.util.List;
+import java.util.Optional;
+
+public record KeyTransparencyMonitorResponse(
+    @NotNull
+    @JsonSerialize(using = FullTreeHeadProtobufAdapter.Serializer.class)
+    @JsonDeserialize(using = FullTreeHeadProtobufAdapter.Deserializer.class)
+    @Schema(description = """
+        The key transparency log's tree head along with a consistency proof and possibly an auditor-signed tree head
+        """)
+    FullTreeHead fullTreeHead,
+
+    @NotNull
+    @JsonSerialize(using = MonitorProofProtobufAdapter.Serializer.class)
+    @JsonDeserialize(using = MonitorProofProtobufAdapter.Deserializer.class)
+    @Schema(description = "The monitor proof for the aci search key")
+    MonitorProof aciMonitorProof,
+
+    @JsonSerialize(contentUsing = MonitorProofProtobufAdapter.Serializer.class)
+    @JsonDeserialize(contentUsing = MonitorProofProtobufAdapter.Deserializer.class)
+    @Schema(description = "The monitor proof for the e164 search key")
+    Optional<MonitorProof> e164MonitorProof,
+
+    @JsonSerialize(contentUsing = MonitorProofProtobufAdapter.Serializer.class)
+    @JsonDeserialize(contentUsing = MonitorProofProtobufAdapter.Deserializer.class)
+    @Schema(description = "The monitor proof for the username hash search key")
+    Optional<MonitorProof> usernameHashMonitorProof,
+
+    @NotNull
+    @JsonSerialize(contentUsing = ByteArrayAdapter.Serializing.class)
+    @JsonDeserialize(contentUsing = ByteArrayAdapter.Deserializing.class)
+    @Schema(description = "A list of hashes encoded in standard, unpadded base64 that prove inclusion across all monitor proofs ")
+    List<byte[]> inclusionProof
+) {}
--- a/service/src/main/java/org/whispersystems/textsecuregcm/entities/KeyTransparencySearchRequest.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/entities/KeyTransparencySearchRequest.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2024 Signal Messenger, LLC
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+package org.whispersystems.textsecuregcm.entities;
+
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import io.swagger.v3.oas.annotations.media.Schema;
+import org.whispersystems.textsecuregcm.identity.AciServiceIdentifier;
+import org.whispersystems.textsecuregcm.util.ByteArrayBase64UrlAdapter;
+import org.whispersystems.textsecuregcm.util.E164;
+import org.whispersystems.textsecuregcm.util.ServiceIdentifierAdapter;
+
+import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Positive;
+import java.util.Optional;
+
+public record KeyTransparencySearchRequest(
+    @NotNull
+    @JsonSerialize(using = ServiceIdentifierAdapter.ServiceIdentifierSerializer.class)
+    @JsonDeserialize(using = ServiceIdentifierAdapter.AciServiceIdentifierDeserializer.class)
+    @Schema(description = "The aci identifier to look up")
+    AciServiceIdentifier aci,
+
+    @E164
+    @Schema(description = "The e164-formatted phone number to look up")
+    Optional<String> e164,
+
+    @JsonSerialize(contentUsing = ByteArrayBase64UrlAdapter.Serializing.class)
+    @JsonDeserialize(contentUsing = ByteArrayBase64UrlAdapter.Deserializing.class)
+    @Schema(description = "The username hash to look up, encoded in web-safe unpadded base64.")
+    Optional<byte[]> usernameHash,
+
+    @Schema(description = "The tree head size to prove consistency against.")
+    Optional<@Positive Long> lastTreeHeadSize
+) {}
--- a/service/src/main/java/org/whispersystems/textsecuregcm/entities/KeyTransparencySearchResponse.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/entities/KeyTransparencySearchResponse.java
@@ -0,0 +1,33 @@
+/*
+ * Copyright 2024 Signal Messenger, LLC
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+package org.whispersystems.textsecuregcm.entities;
+
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import io.swagger.v3.oas.annotations.media.Schema;
+import katie.SearchResponse;
+import org.whispersystems.textsecuregcm.util.SearchResponseProtobufAdapter;
+
+import javax.validation.constraints.NotNull;
+import java.util.Optional;
+
+public record KeyTransparencySearchResponse(
+    @NotNull
+    @JsonSerialize(using = SearchResponseProtobufAdapter.Serializer.class)
+    @JsonDeserialize(using = SearchResponseProtobufAdapter.Deserializer.class)
+    @Schema(description = "The search response for the aci search key")
+    SearchResponse aciSearchResponse,
+
+    @JsonSerialize(contentUsing = SearchResponseProtobufAdapter.Serializer.class)
+    @JsonDeserialize(contentUsing = SearchResponseProtobufAdapter.Deserializer.class)
+    @Schema(description = "The search response for the e164 search key")
+    Optional<SearchResponse> e164SearchResponse,
+
+    @JsonSerialize(contentUsing = SearchResponseProtobufAdapter.Serializer.class)
+    @JsonDeserialize(contentUsing = SearchResponseProtobufAdapter.Deserializer.class)
+    @Schema(description = "The search response for the username hash search key")
+    Optional<SearchResponse> usernameHashSearchResponse
+) {}