nmode's Git Repositories - signal-cli/blob - src/main/java/org/asamk/signal/manager/ServiceConfig.java

   1 package org.asamk.signal.manager;
   2
   3 import org.bouncycastle.util.encoders.Hex;
   4 import org.signal.zkgroup.ServerPublicParams;
   5 import org.whispersystems.libsignal.InvalidKeyException;
   6 import org.whispersystems.libsignal.ecc.Curve;
   7 import org.whispersystems.libsignal.ecc.ECPublicKey;
   8 import org.whispersystems.libsignal.util.guava.Optional;
   9 import org.whispersystems.signalservice.api.KeyBackupService;
  10 import org.whispersystems.signalservice.api.SignalServiceAccountManager;
  11 import org.whispersystems.signalservice.api.account.AccountAttributes;
  12 import org.whispersystems.signalservice.api.push.TrustStore;
  13 import org.whispersystems.signalservice.internal.configuration.SignalCdnUrl;
  14 import org.whispersystems.signalservice.internal.configuration.SignalContactDiscoveryUrl;
  15 import org.whispersystems.signalservice.internal.configuration.SignalKeyBackupServiceUrl;
  16 import org.whispersystems.signalservice.internal.configuration.SignalServiceConfiguration;
  17 import org.whispersystems.signalservice.internal.configuration.SignalServiceUrl;
  18 import org.whispersystems.signalservice.internal.configuration.SignalStorageUrl;
  19
  20 import java.io.IOException;
  21 import java.security.KeyStore;
  22 import java.security.KeyStoreException;
  23 import java.security.NoSuchAlgorithmException;
  24 import java.security.cert.CertificateException;
  25 import java.util.Base64;
  26 import java.util.List;
  27 import java.util.Map;
  28
  29 import okhttp3.Dns;
  30 import okhttp3.Interceptor;
  31
  32 public class ServiceConfig {
  33
  34     final static byte[] UNIDENTIFIED_SENDER_TRUST_ROOT = Base64.getDecoder()
  35             .decode("BXu6QIKVz5MA8gstzfOgRQGqyLqOwNKHL6INkv3IHWMF");
  36     final static int PREKEY_MINIMUM_COUNT = 20;
  37     final static int PREKEY_BATCH_SIZE = 100;
  38     final static int MAX_ATTACHMENT_SIZE = 150 * 1024 * 1024;
  39     final static int MAX_ENVELOPE_SIZE = 0;
  40     final static long AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE = 10 * 1024 * 1024;
  41
  42     final static String CDS_MRENCLAVE = "c98e00a4e3ff977a56afefe7362a27e4961e4f19e211febfbb19b897e6b80b15";
  43
  44     final static String KEY_BACKUP_ENCLAVE_NAME = "fe7c1bfae98f9b073d220366ea31163ee82f6d04bead774f71ca8e5c40847bfe";
  45     final static byte[] KEY_BACKUP_SERVICE_ID = Hex.decode(
  46             "fe7c1bfae98f9b073d220366ea31163ee82f6d04bead774f71ca8e5c40847bfe");
  47     final static String KEY_BACKUP_MRENCLAVE = "a3baab19ef6ce6f34ab9ebb25ba722725ae44a8872dc0ff08ad6d83a9489de87";
  48
  49     private final static String URL = "https://textsecure-service.whispersystems.org";
  50     private final static String CDN_URL = "https://cdn.signal.org";
  51     private final static String CDN2_URL = "https://cdn2.signal.org";
  52     private final static String SIGNAL_CONTACT_DISCOVERY_URL = "https://api.directory.signal.org";
  53     private final static String SIGNAL_KEY_BACKUP_URL = "https://api.backup.signal.org";
  54     private final static String STORAGE_URL = "https://storage.signal.org";
  55     private final static TrustStore TRUST_STORE = new WhisperTrustStore();
  56     private final static TrustStore IAS_TRUST_STORE = new IasTrustStore();
  57
  58     private final static Optional<Dns> dns = Optional.absent();
  59
  60     private final static byte[] zkGroupServerPublicParams = Base64.getDecoder()
  61             .decode("AMhf5ywVwITZMsff/eCyudZx9JDmkkkbV6PInzG4p8x3VqVJSFiMvnvlEKWuRob/1eaIetR31IYeAbm0NdOuHH8Qi+Rexi1wLlpzIo1gstHWBfZzy1+qHRV5A4TqPp15YzBPm0WSggW6PbSn+F4lf57VCnHF7p8SvzAA2ZZJPYJURt8X7bbg+H3i+PEjH9DXItNEqs2sNcug37xZQDLm7X0=");
  62
  63     static final AccountAttributes.Capabilities capabilities;
  64
  65     static {
  66         boolean zkGroupAvailable;
  67         try {
  68             new ServerPublicParams(zkGroupServerPublicParams);
  69             zkGroupAvailable = true;
  70         } catch (Throwable ignored) {
  71             zkGroupAvailable = false;
  72         }
  73         capabilities = new AccountAttributes.Capabilities(false, zkGroupAvailable, false, zkGroupAvailable);
  74     }
  75
  76     public static SignalServiceConfiguration createDefaultServiceConfiguration(String userAgent) {
  77         final Interceptor userAgentInterceptor = chain -> chain.proceed(chain.request()
  78                 .newBuilder()
  79                 .header("User-Agent", userAgent)
  80                 .build());
  81
  82         final List<Interceptor> interceptors = List.of(userAgentInterceptor);
  83
  84         return new SignalServiceConfiguration(new SignalServiceUrl[]{new SignalServiceUrl(URL, TRUST_STORE)},
  85                 makeSignalCdnUrlMapFor(new SignalCdnUrl[]{new SignalCdnUrl(CDN_URL, TRUST_STORE)},
  86                         new SignalCdnUrl[]{new SignalCdnUrl(CDN2_URL, TRUST_STORE)}),
  87                 new SignalContactDiscoveryUrl[]{new SignalContactDiscoveryUrl(SIGNAL_CONTACT_DISCOVERY_URL,
  88                         TRUST_STORE)},
  89                 new SignalKeyBackupServiceUrl[]{new SignalKeyBackupServiceUrl(SIGNAL_KEY_BACKUP_URL, TRUST_STORE)},
  90                 new SignalStorageUrl[]{new SignalStorageUrl(STORAGE_URL, TRUST_STORE)},
  91                 interceptors,
  92                 dns,
  93                 zkGroupServerPublicParams);
  94     }
  95
  96     public static AccountAttributes.Capabilities getCapabilities() {
  97         return capabilities;
  98     }
  99
 100     static KeyStore getIasKeyStore() {
 101         try {
 102             TrustStore contactTrustStore = IAS_TRUST_STORE;
 103
 104             KeyStore keyStore = KeyStore.getInstance("BKS");
 105             keyStore.load(contactTrustStore.getKeyStoreInputStream(),
 106                     contactTrustStore.getKeyStorePassword().toCharArray());
 107
 108             return keyStore;
 109         } catch (KeyStoreException | CertificateException | IOException | NoSuchAlgorithmException e) {
 110             throw new AssertionError(e);
 111         }
 112     }
 113
 114     static KeyBackupService createKeyBackupService(SignalServiceAccountManager accountManager) {
 115         KeyStore keyStore = ServiceConfig.getIasKeyStore();
 116
 117         return accountManager.getKeyBackupService(keyStore,
 118                 ServiceConfig.KEY_BACKUP_ENCLAVE_NAME,
 119                 ServiceConfig.KEY_BACKUP_SERVICE_ID,
 120                 ServiceConfig.KEY_BACKUP_MRENCLAVE,
 121                 10);
 122     }
 123
 124     static ECPublicKey getUnidentifiedSenderTrustRoot() {
 125         try {
 126             return Curve.decodePoint(UNIDENTIFIED_SENDER_TRUST_ROOT, 0);
 127         } catch (InvalidKeyException e) {
 128             throw new AssertionError(e);
 129         }
 130     }
 131
 132     private static Map<Integer, SignalCdnUrl[]> makeSignalCdnUrlMapFor(
 133             SignalCdnUrl[] cdn0Urls, SignalCdnUrl[] cdn2Urls
 134     ) {
 135         return Map.of(0, cdn0Urls, 2, cdn2Urls);
 136     }
 137
 138     private ServiceConfig() {
 139     }
 140 }