nmode's Git Repositories - signal-cli/blob - src/main/java/org/asamk/signal/manager/ServiceConfig.java

   1 package org.asamk.signal.manager;
   2
   3 import org.bouncycastle.util.encoders.Hex;
   4 import org.signal.zkgroup.ServerPublicParams;
   5 import org.whispersystems.libsignal.InvalidKeyException;
   6 import org.whispersystems.libsignal.ecc.Curve;
   7 import org.whispersystems.libsignal.ecc.ECPublicKey;
   8 import org.whispersystems.libsignal.util.guava.Optional;
   9 import org.whispersystems.signalservice.api.KeyBackupService;
  10 import org.whispersystems.signalservice.api.SignalServiceAccountManager;
  11 import org.whispersystems.signalservice.api.account.AccountAttributes;
  12 import org.whispersystems.signalservice.api.push.TrustStore;
  13 import org.whispersystems.signalservice.internal.configuration.SignalCdnUrl;
  14 import org.whispersystems.signalservice.internal.configuration.SignalContactDiscoveryUrl;
  15 import org.whispersystems.signalservice.internal.configuration.SignalKeyBackupServiceUrl;
  16 import org.whispersystems.signalservice.internal.configuration.SignalServiceConfiguration;
  17 import org.whispersystems.signalservice.internal.configuration.SignalServiceUrl;
  18 import org.whispersystems.signalservice.internal.configuration.SignalStorageUrl;
  19
  20 import java.io.IOException;
  21 import java.security.KeyStore;
  22 import java.security.KeyStoreException;
  23 import java.security.NoSuchAlgorithmException;
  24 import java.security.cert.CertificateException;
  25 import java.util.Base64;
  26 import java.util.List;
  27 import java.util.Map;
  28
  29 import okhttp3.Dns;
  30 import okhttp3.Interceptor;
  31
  32 public class ServiceConfig {
  33
  34     final static byte[] UNIDENTIFIED_SENDER_TRUST_ROOT = Base64.getDecoder()
  35             .decode("BXu6QIKVz5MA8gstzfOgRQGqyLqOwNKHL6INkv3IHWMF");
  36     final static int PREKEY_MINIMUM_COUNT = 20;
  37     final static int PREKEY_BATCH_SIZE = 100;
  38     final static int MAX_ATTACHMENT_SIZE = 150 * 1024 * 1024;
  39     final static long MAX_ENVELOPE_SIZE = 0;
  40     final static long AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE = 10 * 1024 * 1024;
  41     final static boolean AUTOMATIC_NETWORK_RETRY = true;
  42
  43     final static String CDS_MRENCLAVE = "c98e00a4e3ff977a56afefe7362a27e4961e4f19e211febfbb19b897e6b80b15";
  44
  45     final static String KEY_BACKUP_ENCLAVE_NAME = "fe7c1bfae98f9b073d220366ea31163ee82f6d04bead774f71ca8e5c40847bfe";
  46     final static byte[] KEY_BACKUP_SERVICE_ID = Hex.decode(
  47             "fe7c1bfae98f9b073d220366ea31163ee82f6d04bead774f71ca8e5c40847bfe");
  48     final static String KEY_BACKUP_MRENCLAVE = "a3baab19ef6ce6f34ab9ebb25ba722725ae44a8872dc0ff08ad6d83a9489de87";
  49
  50     private final static String URL = "https://textsecure-service.whispersystems.org";
  51     private final static String CDN_URL = "https://cdn.signal.org";
  52     private final static String CDN2_URL = "https://cdn2.signal.org";
  53     private final static String SIGNAL_CONTACT_DISCOVERY_URL = "https://api.directory.signal.org";
  54     private final static String SIGNAL_KEY_BACKUP_URL = "https://api.backup.signal.org";
  55     private final static String STORAGE_URL = "https://storage.signal.org";
  56     private final static TrustStore TRUST_STORE = new WhisperTrustStore();
  57     private final static TrustStore IAS_TRUST_STORE = new IasTrustStore();
  58
  59     private final static Optional<Dns> dns = Optional.absent();
  60
  61     private final static byte[] zkGroupServerPublicParams = Base64.getDecoder()
  62             .decode("AMhf5ywVwITZMsff/eCyudZx9JDmkkkbV6PInzG4p8x3VqVJSFiMvnvlEKWuRob/1eaIetR31IYeAbm0NdOuHH8Qi+Rexi1wLlpzIo1gstHWBfZzy1+qHRV5A4TqPp15YzBPm0WSggW6PbSn+F4lf57VCnHF7p8SvzAA2ZZJPYJURt8X7bbg+H3i+PEjH9DXItNEqs2sNcug37xZQDLm7X0=");
  63
  64     static final AccountAttributes.Capabilities capabilities;
  65
  66     static {
  67         boolean zkGroupAvailable;
  68         try {
  69             new ServerPublicParams(zkGroupServerPublicParams);
  70             zkGroupAvailable = true;
  71         } catch (Throwable ignored) {
  72             zkGroupAvailable = false;
  73         }
  74         capabilities = new AccountAttributes.Capabilities(false, zkGroupAvailable, false, zkGroupAvailable);
  75     }
  76
  77     public static SignalServiceConfiguration createDefaultServiceConfiguration(String userAgent) {
  78         final Interceptor userAgentInterceptor = chain -> chain.proceed(chain.request()
  79                 .newBuilder()
  80                 .header("User-Agent", userAgent)
  81                 .build());
  82
  83         final List<Interceptor> interceptors = List.of(userAgentInterceptor);
  84
  85         return new SignalServiceConfiguration(new SignalServiceUrl[]{new SignalServiceUrl(URL, TRUST_STORE)},
  86                 makeSignalCdnUrlMapFor(new SignalCdnUrl[]{new SignalCdnUrl(CDN_URL, TRUST_STORE)},
  87                         new SignalCdnUrl[]{new SignalCdnUrl(CDN2_URL, TRUST_STORE)}),
  88                 new SignalContactDiscoveryUrl[]{new SignalContactDiscoveryUrl(SIGNAL_CONTACT_DISCOVERY_URL,
  89                         TRUST_STORE)},
  90                 new SignalKeyBackupServiceUrl[]{new SignalKeyBackupServiceUrl(SIGNAL_KEY_BACKUP_URL, TRUST_STORE)},
  91                 new SignalStorageUrl[]{new SignalStorageUrl(STORAGE_URL, TRUST_STORE)},
  92                 interceptors,
  93                 dns,
  94                 zkGroupServerPublicParams);
  95     }
  96
  97     public static AccountAttributes.Capabilities getCapabilities() {
  98         return capabilities;
  99     }
 100
 101     static KeyStore getIasKeyStore() {
 102         try {
 103             TrustStore contactTrustStore = IAS_TRUST_STORE;
 104
 105             KeyStore keyStore = KeyStore.getInstance("BKS");
 106             keyStore.load(contactTrustStore.getKeyStoreInputStream(),
 107                     contactTrustStore.getKeyStorePassword().toCharArray());
 108
 109             return keyStore;
 110         } catch (KeyStoreException | CertificateException | IOException | NoSuchAlgorithmException e) {
 111             throw new AssertionError(e);
 112         }
 113     }
 114
 115     static KeyBackupService createKeyBackupService(SignalServiceAccountManager accountManager) {
 116         KeyStore keyStore = ServiceConfig.getIasKeyStore();
 117
 118         return accountManager.getKeyBackupService(keyStore,
 119                 ServiceConfig.KEY_BACKUP_ENCLAVE_NAME,
 120                 ServiceConfig.KEY_BACKUP_SERVICE_ID,
 121                 ServiceConfig.KEY_BACKUP_MRENCLAVE,
 122                 10);
 123     }
 124
 125     static ECPublicKey getUnidentifiedSenderTrustRoot() {
 126         try {
 127             return Curve.decodePoint(UNIDENTIFIED_SENDER_TRUST_ROOT, 0);
 128         } catch (InvalidKeyException e) {
 129             throw new AssertionError(e);
 130         }
 131     }
 132
 133     private static Map<Integer, SignalCdnUrl[]> makeSignalCdnUrlMapFor(
 134             SignalCdnUrl[] cdn0Urls, SignalCdnUrl[] cdn2Urls
 135     ) {
 136         return Map.of(0, cdn0Urls, 2, cdn2Urls);
 137     }
 138
 139     private ServiceConfig() {
 140     }
 141 }