Support CAPTCHA tokens when requesting a verification code.

Reflects signalapp/libsignal-service-java@5ac14f4

Also part of Ensure NonSuccessfulReponseCodeException knows the response code. signalapp/Signal-Android@4482bfc#diff-507a5191768a990795f0355668f7c384a88bfd18a4448c29c37ea80ca547f39b

Also some bug fixes for CDS

Author: golf1052

libsignal-service-dotnet/SignalServiceAccountManager.cs

@@ -128,25 +128,35 @@ public async Task SetGcmId(CancellationToken token,string gcmRegistrationId)// t
         /// an SMS verification code to this Signal user.
         /// </summary>
         /// <returns></returns>
-        public async Task RequestSmsVerificationCode(CancellationToken token)// throws IOException
+        public async Task RequestSmsVerificationCode(string? captchaToken, CancellationToken? token = null)// throws IOException
         {
-            await pushServiceSocket.CreateAccount(token, false);
+            if (token == null)
+            {
+                token = CancellationToken.None;
+            }
+
+            await pushServiceSocket.RequestSmsVerificationCodeAsync(captchaToken, token.Value);
         }
 
         /// <summary>
         /// Request a Voice verification code.  On success, the server will
         /// make a voice call to this Signal user.
         /// </summary>
         /// <returns></returns>
-        public async Task RequestVoiceVerificationCode(CancellationToken token)// throws IOException
+        public async Task RequestVoiceVerificationCode(string? captchaToken, CancellationToken? token = null)// throws IOException
         {
-            await pushServiceSocket.CreateAccount(token, true);
+            if (token == null)
+            {
+                token = CancellationToken.None;
+            }
+
+            await pushServiceSocket.RequestVoiceVerificationCodeAsync(captchaToken, token.Value);
         }
 
         /// <summary>
         /// Verify a Signal Service account with a received SMS or voice verification code.
         /// </summary>
-        /// <param name="token">The cacellation token</param>
+        /// <param name="token">The cancellation token</param>
         /// <param name="verificationCode">The verification code received via SMS or Voice
         /// <see cref="RequestSmsVerificationCode(CancellationToken)"/> and <see cref="RequestVoiceVerificationCode(CancellationToken)"/></param>
         /// <param name="signalingKey">52 random bytes.  A 32 byte AES key and a 20 byte Hmac256 key, concatenated.</param>

libsignal-service-dotnet/contacts/crypto/RemoteAttestationCipher.cs

@@ -83,7 +83,7 @@ public static void VerifyIasSignature(string certificates, string signatureBody,
                     throw new SignatureException($"Unexpected signed quote version {signatureBodyEntity.Version}");
                 }
 
-                if (Enumerable.SequenceEqual(ByteUtil.trim(signatureBodyEntity.IsvEnclaveQuoteBody, 432), ByteUtil.trim(quote.QuoteBytes, 432)))
+                if (!Enumerable.SequenceEqual(ByteUtil.trim(signatureBodyEntity.IsvEnclaveQuoteBody, 432), ByteUtil.trim(quote.QuoteBytes, 432)))
                 {
                     throw new SignatureException($"Signed quote is not the same as RA quote: {Hex.ToStringCondensed(signatureBodyEntity.IsvEnclaveQuoteBody!)} vs {Hex.ToStringCondensed(quote.QuoteBytes)}");
                 }
@@ -93,7 +93,7 @@ public static void VerifyIasSignature(string certificates, string signatureBody,
                     throw new SignatureException($"Quote status is: {signatureBodyEntity.IsvEnclaveQuoteStatus}");
                 }
 
-                DateTime datetime = DateTime.ParseExact(signatureBodyEntity.Timestamp, "yyy-MM-ddTHH:mm:ss.FFFFFF", CultureInfo.InvariantCulture);
+                DateTime datetime = DateTime.ParseExact(signatureBodyEntity.Timestamp, "yyyy-MM-ddTHH:mm:ss.FFFFFF", CultureInfo.InvariantCulture);
                 datetime = DateTime.SpecifyKind(datetime, DateTimeKind.Utc);
                 if (datetime.AddDays(1) < DateTime.UtcNow)
                 {

libsignal-service-dotnet/contacts/crypto/SignatureBodyEntity.cs

@@ -5,15 +5,15 @@ namespace libsignalservice.contacts.crypto
     internal class SignatureBodyEntity
     {
         [JsonProperty("isvEnclaveQuoteBody")]
-        public byte[]? IsvEnclaveQuoteBody { get; }
+        public byte[]? IsvEnclaveQuoteBody { get; private set; }
 
         [JsonProperty("isvEnclaveQuoteStatus")]
-        public string? IsvEnclaveQuoteStatus { get; }
+        public string? IsvEnclaveQuoteStatus { get; private set; }
 
         [JsonProperty("version")]
-        public long Version { get; }
+        public long Version { get; private set; }
 
         [JsonProperty("timestamp")]
-        public string? Timestamp { get; }
+        public string? Timestamp { get; private set; }
     }
 }

libsignal-service-dotnet/contacts/entities/DiscoveryResponse.cs

@@ -6,16 +6,16 @@ namespace libsignalservice.contacts.entities
     internal class DiscoveryResponse
     {
         [JsonProperty("requestId")]
-        public byte[]? RequestId { get; }
+        public byte[]? RequestId { get; private set; }
 
         [JsonProperty("iv")]
-        public byte[]? Iv { get; }
+        public byte[]? Iv { get; private set; }
 
         [JsonProperty("data")]
-        public byte[]? Data { get; }
+        public byte[]? Data { get; private set; }
 
         [JsonProperty("mac")]
-        public byte[]? Mac { get; }
+        public byte[]? Mac { get; private set; }
 
         public override string ToString()
         {

libsignal-service-dotnet/contacts/entities/MultiRemoteAttestationResponse.cs

@@ -6,6 +6,6 @@ namespace libsignalservice.contacts.entities
     internal class MultiRemoteAttestationResponse
     {
         [JsonProperty("attestations")]
-        public Dictionary<string, RemoteAttestationResponse>? Attestations { get; }
+        public Dictionary<string, RemoteAttestationResponse>? Attestations { get; private set; }
     }
 }

libsignal-service-dotnet/push/DeviceLimitExceededException.cs

@@ -2,15 +2,13 @@
 
 namespace libsignalservice.push
 {
-#pragma warning disable CS1591 // Missing XML comment for publicly visible type or member
-    public class DeviceLimitExceededException : NonSuccessfulResponseCodeException
+    internal class DeviceLimitExceededException : NonSuccessfulResponseCodeException
     {
         public DeviceLimit Limit { get; set; }
 
-        public DeviceLimitExceededException(DeviceLimit deviceLimit)
+        public DeviceLimitExceededException(DeviceLimit deviceLimit) : base(411)
         {
-            this.Limit = deviceLimit;
+            Limit = deviceLimit;
         }
     }
-#pragma warning disable CS1591 // Missing XML comment for publicly visible type or member
 }

libsignal-service-dotnet/push/LockedException.cs

@@ -1,20 +1,16 @@
-using System;
-using System.Collections.Generic;
-using System.Text;
+using libsignalservice.push.exceptions;
 
 namespace libsignalservice.push
 {
-#pragma warning disable CS1591 // Missing XML comment for publicly visible type or member
-    public class LockedException : Exception
+    internal class LockedException : NonSuccessfulResponseCodeException
     {
         public int Length { get; }
         public long TimeRemaining { get; }
 
-        public LockedException(int length, long timeRemaining)
+        public LockedException(int length, long timeRemaining) : base(423)
         {
             Length = length;
             TimeRemaining = timeRemaining;
         }
     }
-#pragma warning restore CS1591 // Missing XML comment for publicly visible type or member
 }

libsignal-service-dotnet/push/PushServiceSocket.cs

@@ -87,11 +87,50 @@ public PushServiceSocket(SignalServiceConfiguration serviceUrls,
             this.contactDiscoveryClients = CreateConnectionHolders(SignalConnectionInformation.SignalContactDiscoveryUrls);
         }
 
-        public async Task<bool> CreateAccount(CancellationToken token, bool voice)
+        public async Task RequestSmsVerificationCodeAsync(string? captchaToken, CancellationToken? token = null)
         {
-            string path = voice ? CREATE_ACCOUNT_VOICE_PATH : CREATE_ACCOUNT_SMS_PATH;
-            await MakeServiceRequestAsync(token, string.Format(path, CredentialsProvider.User), "GET", null);
-            return true;
+            if (token == null)
+            {
+                token = CancellationToken.None;
+            }
+
+            string path = string.Format(CREATE_ACCOUNT_SMS_PATH, CredentialsProvider.User);
+
+            if (captchaToken != null)
+            {
+                path += $"?captcha={captchaToken}";
+            }
+
+            await MakeServiceRequestAsync(token.Value, path, "GET", null, (responseCode) =>
+            {
+                if (responseCode == 402)
+                {
+                    throw new CaptchaRequiredException();
+                }
+            });
+        }
+
+        public async Task RequestVoiceVerificationCodeAsync(string? captchaToken, CancellationToken? token = null)
+        {
+            if (token == null)
+            {
+                token = CancellationToken.None;
+            }
+
+            string path = string.Format(CREATE_ACCOUNT_VOICE_PATH, CredentialsProvider.User);
+
+            if (captchaToken != null)
+            {
+                path += $"?captcha={captchaToken}";
+            }
+
+            await MakeServiceRequestAsync(token.Value, path, "GET", null, (responseCode) =>
+            {
+                if (responseCode == 402)
+                {
+                    throw new CaptchaRequiredException();
+                }
+            });
         }
 
         public async Task<bool> VerifyAccountCode(CancellationToken token, string verificationCode, string signalingKey, uint registrationId, bool fetchesMessages, string pin,
@@ -181,7 +220,7 @@ public async Task<SendMessageResponse> SendMessage(OutgoingPushMessageList bundl
 
             try
             {
-                string responseText = await MakeServiceRequestAsync(string.Format(MESSAGE_PATH, bundle.Destination), "PUT", JsonUtil.ToJson(bundle), unidentifiedAccess, token);
+                string responseText = await MakeServiceRequestAsync(string.Format(MESSAGE_PATH, bundle.Destination), "PUT", JsonUtil.ToJson(bundle), EmptyResponseCodeHandler, unidentifiedAccess, token);
                 return JsonUtil.FromJson<SendMessageResponse>(responseText);
             }
             catch (NotFoundException nfe)
@@ -258,7 +297,7 @@ public async Task<List<PreKeyBundle>> GetPreKeys(SignalServiceAddress destinatio
                     path = path + "?relay=" + destination.Relay;
                 }
 
-                string responseText = await MakeServiceRequestAsync(path, "GET", null, unidentifiedAccess, token.Value);
+                string responseText = await MakeServiceRequestAsync(path, "GET", null, EmptyResponseCodeHandler, unidentifiedAccess, token.Value);
                 PreKeyResponse response = JsonUtil.FromJson<PreKeyResponse>(responseText);
                 List<PreKeyBundle> bundles = new List<PreKeyBundle>();
 
@@ -427,12 +466,12 @@ public async Task<SignalServiceProfile> RetrieveProfile(SignalServiceAddress tar
 
             try
             {
-                string response = await MakeServiceRequestAsync(string.Format(PROFILE_PATH, target.E164number), "GET", null, unidentifiedAccess, token.Value);
+                string response = await MakeServiceRequestAsync(string.Format(PROFILE_PATH, target.E164number), "GET", null, EmptyResponseCodeHandler, unidentifiedAccess, token.Value);
                 return JsonUtil.FromJson<SignalServiceProfile>(response);
             }
             catch (Exception e)
             {
-                throw new NonSuccessfulResponseCodeException("Unable to parse entity: "+e.Message);
+                throw new MalformedResponseException("Unable to parse entity", e);
             }
         }
 
@@ -457,7 +496,7 @@ public async Task SetProfileAvatar(CancellationToken token, ProfileAvatarData pr
             }
             catch (IOException e)
             {
-                throw new NonSuccessfulResponseCodeException("Unable to parse entity ("+e.Message+")");
+                throw new MalformedResponseException("Unable to parse entity", e);
             }
 
             if (profileAvatar != null)
@@ -547,7 +586,7 @@ public async Task<DiscoveryResponse> GetContactDiscoveryRegisteredUsersAsync(str
             }
             else
             {
-                throw new NonSuccessfulResponseCodeException("Empty response!");
+                throw new MalformedResponseException("Empty response!");
             }
         }
 
@@ -688,9 +727,14 @@ private async Task<byte[]> UploadAttachment(CancellationToken token, string meth
             return (digest, encryptedData);
         }
 
-        private async Task<string> MakeServiceRequestAsync(CancellationToken token, string urlFragment, string method, string? body)
+        private async Task<string> MakeServiceRequestAsync(CancellationToken token, string urlFragment, string method, string? body, Action<int>? responseCodeHandler = null)
         {
-            return await MakeServiceRequestAsync(urlFragment, method, body, null, token);
+            if (responseCodeHandler == null)
+            {
+                responseCodeHandler = EmptyResponseCodeHandler;
+            }
+
+            return await MakeServiceRequestAsync(urlFragment, method, body, responseCodeHandler, null, token);
         }
 
 
@@ -705,7 +749,8 @@ private async Task<string> MakeServiceRequestAsync(CancellationToken token, stri
         /// <returns></returns>
         /// <exception cref="NonSuccessfulResponseCodeException"></exception>
         /// <exception cref="PushNetworkException"></exception>
-        private async Task<string> MakeServiceRequestAsync(string urlFragment, string method, string? body, UnidentifiedAccess? unidentifiedAccess, CancellationToken? token = null)
+        /// <exception cref="MalformedResponseException"></exception>
+        private async Task<string> MakeServiceRequestAsync(string urlFragment, string method, string? body, Action<int> responseCodeHandler, UnidentifiedAccess? unidentifiedAccess, CancellationToken? token = null)
         {
             if (token == null)
             {
@@ -728,13 +773,15 @@ private async Task<string> MakeServiceRequestAsync(string urlFragment, string me
                 throw new PushNetworkException(ioe);
             }
 
+            responseCodeHandler.Invoke((int)responseCode);
+
             switch ((uint)responseCode)
             {
                 case 413: // HttpStatusCode.RequestEntityTooLarge
                     throw new RateLimitException("Rate limit exceeded: " + responseCode);
                 case 401: // HttpStatusCode.Unauthorized
                 case 403: // HttpStatusCode.Forbidden
-                    throw new AuthorizationFailedException("Authorization failed!");
+                    throw new AuthorizationFailedException((int)responseCode, "Authorization failed!");
                 case 404: // HttpStatusCode.NotFound
                     throw new NotFoundException("Not found");
                 case 409: // HttpStatusCode.Conflict
@@ -789,8 +836,8 @@ private async Task<string> MakeServiceRequestAsync(string urlFragment, string me
 
             if (responseCode != HttpStatusCode.OK && responseCode != HttpStatusCode.NoContent) // 200 & 204
             {
-                throw new NonSuccessfulResponseCodeException("Bad response: " + (int)responseCode + " " +
-                                                             responseMessage);
+                throw new NonSuccessfulResponseCodeException((int)responseCode,
+                    $"Bad response: {(int)responseCode} {responseMessage}");
             }
 
             return responseBody;
@@ -925,7 +972,7 @@ private async Task<HttpResponseMessage> MakeRequestAsync(ConnectionHolder connec
             {
                 case 401:
                 case 403:
-                    throw new AuthorizationFailedException("Authorization failed!");
+                    throw new AuthorizationFailedException((int)response.StatusCode, "Authorization failed!");
                 case 409:
                     throw new RemoteAttestationResponseExpiredException("Remote attestation response expired");
                 case 429:
@@ -934,11 +981,12 @@ private async Task<HttpResponseMessage> MakeRequestAsync(ConnectionHolder connec
 
             if (response.Content != null)
             {
-                throw new NonSuccessfulResponseCodeException($"Response: {await response.Content.ReadAsStringAsync()}");
+                throw new NonSuccessfulResponseCodeException((int)response.StatusCode,
+                    $"Response: {await response.Content.ReadAsStringAsync()}");
             }
             else
             {
-                throw new NonSuccessfulResponseCodeException($"Response: null");
+                throw new NonSuccessfulResponseCodeException((int)response.StatusCode, $"Response: null");
             }
         }
 
@@ -968,6 +1016,10 @@ private T GetRandom<T>(T[] connections)
         {
             return connections[Util.generateRandomNumber() % connections.Length];
         }
+
+        private void EmptyResponseCodeHandler(int responseCode)
+        {
+        }
     }
 
     internal class GcmRegistrationId

libsignal-service-dotnet/push/RemoteAttestationUtil.cs

@@ -37,7 +37,7 @@ public static async Task<Dictionary<string, RemoteAttestation>> GetAndVerifyMult
 
             if (response.Attestations!.Count == 0 || response.Attestations.Count > 3)
             {
-                throw new NonSuccessfulResponseCodeException($"Incorrect number of attestations: {response.Attestations.Count}");
+                throw new MalformedResponseException($"Incorrect number of attestations: {response.Attestations.Count}");
             }
 
             foreach (var entry in response.Attestations)
@@ -67,7 +67,7 @@ private static async Task<ResponsePair> MakeAttestationRequestAsync(PushServiceS
 
             if (body == null)
             {
-                throw new NonSuccessfulResponseCodeException("Empty response!");
+                throw new MalformedResponseException("Empty response!");
             }
 
             return new ResponsePair(await body.ReadAsStringAsync(), ParseCookies(response));

libsignal-service-dotnet/push/exceptions/AuthorizationFailedException.cs

@@ -1,14 +1,9 @@
-using System;
-
 namespace libsignalservice.push.exceptions
 {
-#pragma warning disable CS1591 // Missing XML comment for publicly visible type or member
-    public class AuthorizationFailedException : Exception
+    public class AuthorizationFailedException : NonSuccessfulResponseCodeException
     {
-        public AuthorizationFailedException(String s)
-            : base(s)
+        public AuthorizationFailedException(int code, string s) : base(code, s)
         {
         }
-    }
-#pragma warning restore CS1591 // Missing XML comment for publicly visible type or member
+    }
 }