Search in sources :

Example 1 with RemoteAttestationResponse

use of org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse in project Signal-Android by WhisperSystems.

the class RemoteAttestationUtil method getAndVerifyRemoteAttestation.

public static RemoteAttestation getAndVerifyRemoteAttestation(PushServiceSocket socket, PushServiceSocket.ClientSet clientSet, KeyStore iasKeyStore, String enclaveName, String mrenclave, String authorization) throws IOException, Quote.InvalidQuoteFormatException, InvalidCiphertextException, UnauthenticatedQuoteException, SignatureException, InvalidKeyException {
    ECKeyPair keyPair = buildKeyPair();
    ResponsePair result = makeAttestationRequest(socket, clientSet, authorization, enclaveName, keyPair);
    RemoteAttestationResponse response = JsonUtil.fromJson(result.body, RemoteAttestationResponse.class);
    return validateAndBuildRemoteAttestation(response, result.cookies, iasKeyStore, keyPair, mrenclave);
}
Also used : MultiRemoteAttestationResponse(org.whispersystems.signalservice.internal.contacts.entities.MultiRemoteAttestationResponse) RemoteAttestationResponse(org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse) ECKeyPair(org.whispersystems.libsignal.ecc.ECKeyPair)

Example 2 with RemoteAttestationResponse

use of org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse in project Signal-Android by WhisperSystems.

the class RemoteAttestationUtil method getAndVerifyMultiRemoteAttestation.

public static Map<String, RemoteAttestation> getAndVerifyMultiRemoteAttestation(PushServiceSocket socket, PushServiceSocket.ClientSet clientSet, KeyStore iasKeyStore, String enclaveName, String mrenclave, String authorization) throws IOException, Quote.InvalidQuoteFormatException, InvalidCiphertextException, UnauthenticatedQuoteException, SignatureException, InvalidKeyException {
    ECKeyPair keyPair = buildKeyPair();
    ResponsePair result = makeAttestationRequest(socket, clientSet, authorization, enclaveName, keyPair);
    MultiRemoteAttestationResponse response = JsonUtil.fromJson(result.body, MultiRemoteAttestationResponse.class);
    Map<String, RemoteAttestation> attestations = new HashMap<>();
    if (response.getAttestations().isEmpty() || response.getAttestations().size() > 3) {
        throw new MalformedResponseException("Incorrect number of attestations: " + response.getAttestations().size());
    }
    for (Map.Entry<String, RemoteAttestationResponse> entry : response.getAttestations().entrySet()) {
        attestations.put(entry.getKey(), validateAndBuildRemoteAttestation(entry.getValue(), result.cookies, iasKeyStore, keyPair, mrenclave));
    }
    return attestations;
}
Also used : RemoteAttestation(org.whispersystems.signalservice.internal.contacts.crypto.RemoteAttestation) HashMap(java.util.HashMap) MultiRemoteAttestationResponse(org.whispersystems.signalservice.internal.contacts.entities.MultiRemoteAttestationResponse) RemoteAttestationResponse(org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse) ECKeyPair(org.whispersystems.libsignal.ecc.ECKeyPair) MalformedResponseException(org.whispersystems.signalservice.api.push.exceptions.MalformedResponseException) MultiRemoteAttestationResponse(org.whispersystems.signalservice.internal.contacts.entities.MultiRemoteAttestationResponse) HashMap(java.util.HashMap) Map(java.util.Map)

Example 3 with RemoteAttestationResponse

use of org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse in project libsignal-service-java by signalapp.

the class SignalServiceAccountManager method getRegisteredUsers.

public List<String> getRegisteredUsers(KeyStore iasKeyStore, Set<String> e164numbers, String mrenclave) throws IOException, Quote.InvalidQuoteFormatException, UnauthenticatedQuoteException, SignatureException, UnauthenticatedResponseException {
    try {
        String authorization = this.pushServiceSocket.getContactDiscoveryAuthorization();
        Curve25519 curve = Curve25519.getInstance(Curve25519.BEST);
        Curve25519KeyPair keyPair = curve.generateKeyPair();
        ContactDiscoveryCipher cipher = new ContactDiscoveryCipher();
        RemoteAttestationRequest attestationRequest = new RemoteAttestationRequest(keyPair.getPublicKey());
        Pair<RemoteAttestationResponse, List<String>> attestationResponse = this.pushServiceSocket.getContactDiscoveryRemoteAttestation(authorization, attestationRequest, mrenclave);
        RemoteAttestationKeys keys = new RemoteAttestationKeys(keyPair, attestationResponse.first().getServerEphemeralPublic(), attestationResponse.first().getServerStaticPublic());
        Quote quote = new Quote(attestationResponse.first().getQuote());
        byte[] requestId = cipher.getRequestId(keys, attestationResponse.first());
        cipher.verifyServerQuote(quote, attestationResponse.first().getServerStaticPublic(), mrenclave);
        cipher.verifyIasSignature(iasKeyStore, attestationResponse.first().getCertificates(), attestationResponse.first().getSignatureBody(), attestationResponse.first().getSignature(), quote);
        RemoteAttestation remoteAttestation = new RemoteAttestation(requestId, keys);
        List<String> addressBook = new LinkedList<>();
        for (String e164number : e164numbers) {
            addressBook.add(e164number.substring(1));
        }
        DiscoveryRequest request = cipher.createDiscoveryRequest(addressBook, remoteAttestation);
        DiscoveryResponse response = this.pushServiceSocket.getContactDiscoveryRegisteredUsers(authorization, request, attestationResponse.second(), mrenclave);
        byte[] data = cipher.getDiscoveryResponseData(response, remoteAttestation);
        Iterator<String> addressBookIterator = addressBook.iterator();
        List<String> results = new LinkedList<>();
        for (byte aData : data) {
            String candidate = addressBookIterator.next();
            if (aData != 0)
                results.add('+' + candidate);
        }
        return results;
    } catch (InvalidCiphertextException e) {
        throw new UnauthenticatedResponseException(e);
    }
}
Also used : ContactDiscoveryCipher(org.whispersystems.signalservice.internal.contacts.crypto.ContactDiscoveryCipher) DiscoveryResponse(org.whispersystems.signalservice.internal.contacts.entities.DiscoveryResponse) InvalidCiphertextException(org.whispersystems.signalservice.api.crypto.InvalidCiphertextException) RemoteAttestationResponse(org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse) RemoteAttestationKeys(org.whispersystems.signalservice.internal.contacts.crypto.RemoteAttestationKeys) ByteString(com.google.protobuf.ByteString) LinkedList(java.util.LinkedList) Quote(org.whispersystems.signalservice.internal.contacts.crypto.Quote) RemoteAttestation(org.whispersystems.signalservice.internal.contacts.crypto.RemoteAttestation) RemoteAttestationRequest(org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationRequest) UnauthenticatedResponseException(org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedResponseException) Curve25519KeyPair(org.whispersystems.curve25519.Curve25519KeyPair) List(java.util.List) LinkedList(java.util.LinkedList) DiscoveryRequest(org.whispersystems.signalservice.internal.contacts.entities.DiscoveryRequest) Curve25519(org.whispersystems.curve25519.Curve25519)

Example 4 with RemoteAttestationResponse

use of org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse in project libsignal-service-java by signalapp.

the class PushServiceSocket method getContactDiscoveryRemoteAttestation.

public Pair<RemoteAttestationResponse, List<String>> getContactDiscoveryRemoteAttestation(String authorization, RemoteAttestationRequest request, String mrenclave) throws IOException {
    Response response = makeContactDiscoveryRequest(authorization, new LinkedList<String>(), "/v1/attestation/" + mrenclave, "PUT", JsonUtil.toJson(request));
    ResponseBody body = response.body();
    List<String> rawCookies = response.headers("Set-Cookie");
    List<String> cookies = new LinkedList<>();
    for (String cookie : rawCookies) {
        cookies.add(cookie.split(";")[0]);
    }
    if (body != null) {
        return new Pair<>(JsonUtil.fromJson(body.string(), RemoteAttestationResponse.class), cookies);
    } else {
        throw new NonSuccessfulResponseCodeException("Empty response!");
    }
}
Also used : RemoteAttestationResponse(org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse) DiscoveryResponse(org.whispersystems.signalservice.internal.contacts.entities.DiscoveryResponse) Response(okhttp3.Response) RemoteAttestationResponse(org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse) NonSuccessfulResponseCodeException(org.whispersystems.signalservice.api.push.exceptions.NonSuccessfulResponseCodeException) LinkedList(java.util.LinkedList) ResponseBody(okhttp3.ResponseBody) Pair(org.whispersystems.libsignal.util.Pair)

Example 5 with RemoteAttestationResponse

use of org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse in project Signal-Android by signalapp.

the class RemoteAttestationUtil method getAndVerifyRemoteAttestation.

public static RemoteAttestation getAndVerifyRemoteAttestation(PushServiceSocket socket, PushServiceSocket.ClientSet clientSet, KeyStore iasKeyStore, String enclaveName, String mrenclave, String authorization) throws IOException, Quote.InvalidQuoteFormatException, InvalidCiphertextException, UnauthenticatedQuoteException, SignatureException, InvalidKeyException {
    ECKeyPair keyPair = buildKeyPair();
    ResponsePair result = makeAttestationRequest(socket, clientSet, authorization, enclaveName, keyPair);
    RemoteAttestationResponse response = JsonUtil.fromJson(result.body, RemoteAttestationResponse.class);
    return validateAndBuildRemoteAttestation(response, result.cookies, iasKeyStore, keyPair, mrenclave);
}
Also used : MultiRemoteAttestationResponse(org.whispersystems.signalservice.internal.contacts.entities.MultiRemoteAttestationResponse) RemoteAttestationResponse(org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse) ECKeyPair(org.whispersystems.libsignal.ecc.ECKeyPair)

Aggregations

RemoteAttestationResponse (org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse)6 ECKeyPair (org.whispersystems.libsignal.ecc.ECKeyPair)4 MultiRemoteAttestationResponse (org.whispersystems.signalservice.internal.contacts.entities.MultiRemoteAttestationResponse)4 RemoteAttestation (org.whispersystems.signalservice.internal.contacts.crypto.RemoteAttestation)3 HashMap (java.util.HashMap)2 LinkedList (java.util.LinkedList)2 Map (java.util.Map)2 MalformedResponseException (org.whispersystems.signalservice.api.push.exceptions.MalformedResponseException)2 DiscoveryResponse (org.whispersystems.signalservice.internal.contacts.entities.DiscoveryResponse)2 ByteString (com.google.protobuf.ByteString)1 List (java.util.List)1 Response (okhttp3.Response)1 ResponseBody (okhttp3.ResponseBody)1 Curve25519 (org.whispersystems.curve25519.Curve25519)1 Curve25519KeyPair (org.whispersystems.curve25519.Curve25519KeyPair)1 Pair (org.whispersystems.libsignal.util.Pair)1 InvalidCiphertextException (org.whispersystems.signalservice.api.crypto.InvalidCiphertextException)1 NonSuccessfulResponseCodeException (org.whispersystems.signalservice.api.push.exceptions.NonSuccessfulResponseCodeException)1 ContactDiscoveryCipher (org.whispersystems.signalservice.internal.contacts.crypto.ContactDiscoveryCipher)1 Quote (org.whispersystems.signalservice.internal.contacts.crypto.Quote)1