]> nmode's Git Repositories - signal-cli/blob - src/main/java/org/asamk/signal/manager/ServiceConfig.java
git.nmode.ca / signal-cli / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Implement registration pin lock with KBS
[signal-cli] / src / main / java / org / asamk / signal / manager / ServiceConfig.java
1 package org.asamk.signal.manager;
2
3 import org.bouncycastle.util.encoders.Hex;
4 import org.signal.zkgroup.ServerPublicParams;
5 import org.whispersystems.libsignal.InvalidKeyException;
6 import org.whispersystems.libsignal.ecc.Curve;
7 import org.whispersystems.libsignal.ecc.ECPublicKey;
8 import org.whispersystems.libsignal.util.guava.Optional;
9 import org.whispersystems.signalservice.api.account.AccountAttributes;
10 import org.whispersystems.signalservice.api.push.TrustStore;
11 import org.whispersystems.signalservice.internal.configuration.SignalCdnUrl;
12 import org.whispersystems.signalservice.internal.configuration.SignalContactDiscoveryUrl;
13 import org.whispersystems.signalservice.internal.configuration.SignalKeyBackupServiceUrl;
14 import org.whispersystems.signalservice.internal.configuration.SignalServiceConfiguration;
15 import org.whispersystems.signalservice.internal.configuration.SignalServiceUrl;
16 import org.whispersystems.signalservice.internal.configuration.SignalStorageUrl;
17
18 import java.io.IOException;
19 import java.security.KeyStore;
20 import java.security.KeyStoreException;
21 import java.security.NoSuchAlgorithmException;
22 import java.security.cert.CertificateException;
23 import java.util.Base64;
24 import java.util.List;
25 import java.util.Map;
26
27 import okhttp3.Dns;
28 import okhttp3.Interceptor;
29
30 public class ServiceConfig {
31
32 final static byte[] UNIDENTIFIED_SENDER_TRUST_ROOT = Base64.getDecoder()
33 .decode("BXu6QIKVz5MA8gstzfOgRQGqyLqOwNKHL6INkv3IHWMF");
34 final static int PREKEY_MINIMUM_COUNT = 20;
35 final static int PREKEY_BATCH_SIZE = 100;
36 final static int MAX_ATTACHMENT_SIZE = 150 * 1024 * 1024;
37 final static int MAX_ENVELOPE_SIZE = 0;
38 final static long AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE = 10 * 1024 * 1024;
39
40 final static String CDS_MRENCLAVE = "c98e00a4e3ff977a56afefe7362a27e4961e4f19e211febfbb19b897e6b80b15";
41
42 final static String KEY_BACKUP_ENCLAVE_NAME = "fe7c1bfae98f9b073d220366ea31163ee82f6d04bead774f71ca8e5c40847bfe";
43 final static byte[] KEY_BACKUP_SERVICE_ID = Hex.decode(
44 "fe7c1bfae98f9b073d220366ea31163ee82f6d04bead774f71ca8e5c40847bfe");
45 final static String KEY_BACKUP_MRENCLAVE = "a3baab19ef6ce6f34ab9ebb25ba722725ae44a8872dc0ff08ad6d83a9489de87";
46
47 private final static String URL = "https://textsecure-service.whispersystems.org";
48 private final static String CDN_URL = "https://cdn.signal.org";
49 private final static String CDN2_URL = "https://cdn2.signal.org";
50 private final static String SIGNAL_CONTACT_DISCOVERY_URL = "https://api.directory.signal.org";
51 private final static String SIGNAL_KEY_BACKUP_URL = "https://api.backup.signal.org";
52 private final static String STORAGE_URL = "https://storage.signal.org";
53 private final static TrustStore TRUST_STORE = new WhisperTrustStore();
54 private final static TrustStore IAS_TRUST_STORE = new IasTrustStore();
55
56 private final static Optional<Dns> dns = Optional.absent();
57
58 private final static byte[] zkGroupServerPublicParams = Base64.getDecoder()
59 .decode("AMhf5ywVwITZMsff/eCyudZx9JDmkkkbV6PInzG4p8x3VqVJSFiMvnvlEKWuRob/1eaIetR31IYeAbm0NdOuHH8Qi+Rexi1wLlpzIo1gstHWBfZzy1+qHRV5A4TqPp15YzBPm0WSggW6PbSn+F4lf57VCnHF7p8SvzAA2ZZJPYJURt8X7bbg+H3i+PEjH9DXItNEqs2sNcug37xZQDLm7X0=");
60
61 static final AccountAttributes.Capabilities capabilities;
62
63 static {
64 boolean zkGroupAvailable;
65 try {
66 new ServerPublicParams(zkGroupServerPublicParams);
67 zkGroupAvailable = true;
68 } catch (Throwable ignored) {
69 zkGroupAvailable = false;
70 }
71 capabilities = new AccountAttributes.Capabilities(false, zkGroupAvailable, false, zkGroupAvailable);
72 }
73
74 public static SignalServiceConfiguration createDefaultServiceConfiguration(String userAgent) {
75 final Interceptor userAgentInterceptor = chain -> chain.proceed(chain.request()
76 .newBuilder()
77 .header("User-Agent", userAgent)
78 .build());
79
80 final List<Interceptor> interceptors = List.of(userAgentInterceptor);
81
82 return new SignalServiceConfiguration(new SignalServiceUrl[]{new SignalServiceUrl(URL, TRUST_STORE)},
83 makeSignalCdnUrlMapFor(new SignalCdnUrl[]{new SignalCdnUrl(CDN_URL, TRUST_STORE)},
84 new SignalCdnUrl[]{new SignalCdnUrl(CDN2_URL, TRUST_STORE)}),
85 new SignalContactDiscoveryUrl[]{new SignalContactDiscoveryUrl(SIGNAL_CONTACT_DISCOVERY_URL,
86 TRUST_STORE)},
87 new SignalKeyBackupServiceUrl[]{new SignalKeyBackupServiceUrl(SIGNAL_KEY_BACKUP_URL, TRUST_STORE)},
88 new SignalStorageUrl[]{new SignalStorageUrl(STORAGE_URL, TRUST_STORE)},
89 interceptors,
90 dns,
91 zkGroupServerPublicParams);
92 }
93
94 public static AccountAttributes.Capabilities getCapabilities() {
95 return capabilities;
96 }
97
98 static KeyStore getIasKeyStore() {
99 try {
100 TrustStore contactTrustStore = IAS_TRUST_STORE;
101
102 KeyStore keyStore = KeyStore.getInstance("BKS");
103 keyStore.load(contactTrustStore.getKeyStoreInputStream(),
104 contactTrustStore.getKeyStorePassword().toCharArray());
105
106 return keyStore;
107 } catch (KeyStoreException | CertificateException | IOException | NoSuchAlgorithmException e) {
108 throw new AssertionError(e);
109 }
110 }
111
112 static ECPublicKey getUnidentifiedSenderTrustRoot() {
113 try {
114 return Curve.decodePoint(UNIDENTIFIED_SENDER_TRUST_ROOT, 0);
115 } catch (InvalidKeyException e) {
116 throw new AssertionError(e);
117 }
118 }
119
120 private static Map<Integer, SignalCdnUrl[]> makeSignalCdnUrlMapFor(
121 SignalCdnUrl[] cdn0Urls, SignalCdnUrl[] cdn2Urls
122 ) {
123 return Map.of(0, cdn0Urls, 2, cdn2Urls);
124 }
125
126 private ServiceConfig() {
127 }
128 }
[GitHub/AsamK] signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Codeberg
GitHub
GitLab
SourceHut