Support for contact discovery service - Part 2

Reflects signalapp/libsignal-service-java@c06f838

Author: golf1052

libsignal-service-dotnet/SignalServiceAccountManager.cs

@@ -14,11 +14,13 @@
 using libsignalservice.push.http;
 using libsignalservice.util;
 using libsignalservice.websocket;
+using Microsoft.Extensions.Logging;
 using org.whispersystems.curve25519;
 using Org.BouncyCastle.Crypto;
 using Strilanc.Value;
 using System;
 using System.Collections.Generic;
+using System.IO;
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
@@ -31,6 +33,7 @@ namespace libsignalservice
     /// </summary>
     public class SignalServiceAccountManager
     {
+        private readonly ILogger Logger = LibsignalLogging.CreateLogger<SignalServiceAccountManager>();
         private PushServiceSocket PushServiceSocket;
         private static ProvisioningSocket ProvisioningSocket;
         private SignalServiceConfiguration Configuration;
@@ -260,13 +263,13 @@ public async Task<IList<string>> GetRegisteredUsers(IList<string> e164numbers, s
             }
             try
             {
-                string authorizationToken = await PushServiceSocket.GetContactDiscoveryAuthorization(token);
+                string authorization = await PushServiceSocket.GetContactDiscoveryAuthorization(token);
                 Curve25519 curve = Curve25519.getInstance(Curve25519.BEST);
                 org.whispersystems.curve25519.Curve25519KeyPair keyPair = curve.generateKeyPair();
 
                 ContactDiscoveryCipher cipher = new ContactDiscoveryCipher();
                 RemoteAttestationRequest attestationRequest = new RemoteAttestationRequest(keyPair.getPublicKey());
-                (RemoteAttestationResponse, IList<string>) attestationResponse = await PushServiceSocket.GetContactDiscoveryRemoteAttestation(authorizationToken, attestationRequest, mrenclave, token);
+                (RemoteAttestationResponse, IList<string>) attestationResponse = await PushServiceSocket.GetContactDiscoveryRemoteAttestation(authorization, attestationRequest, mrenclave, token);
 
                 RemoteAttestationKeys keys = new RemoteAttestationKeys(keyPair, attestationResponse.Item1.ServerEphemeralPublic!, attestationResponse.Item1.ServerStaticPublic!);
                 Quote quote = new Quote(attestationResponse.Item1.Quote!);
@@ -284,7 +287,7 @@ public async Task<IList<string>> GetRegisteredUsers(IList<string> e164numbers, s
                 }
 
                 DiscoveryRequest request = cipher.CreateDiscoveryRequest(addressBook, remoteAttestation);
-                DiscoveryResponse response = await PushServiceSocket.GetContactDiscoveryRegisteredUsers(authorizationToken, request, attestationResponse.Item2, mrenclave, token);
+                DiscoveryResponse response = await PushServiceSocket.GetContactDiscoveryRegisteredUsers(authorization, request, attestationResponse.Item2, mrenclave, token);
                 byte[] data = cipher.GetDiscoveryResponseData(response, remoteAttestation);
 
                 IEnumerator<string> addressBookIterator = addressBook.GetEnumerator();
@@ -307,6 +310,74 @@ public async Task<IList<string>> GetRegisteredUsers(IList<string> e164numbers, s
             }
         }
 
+        public async Task ReportContactDiscoveryServiceMatch(CancellationToken? token = null)
+        {
+            if (token == null)
+            {
+                token = CancellationToken.None;
+            }
+
+            try
+            {
+                await PushServiceSocket.ReportContactDiscoveryServiceMatch(token);
+            }
+            catch (IOException ex)
+            {
+                Logger.LogInformation(new EventId(), ex, "Request to indicate a contact discovery result match failed. Ignoring.");
+            }
+        }
+        
+        public async Task ReportContactDiscoveryServiceMismatch(CancellationToken? token = null)
+        {
+            if (token == null)
+            {
+                token = CancellationToken.None;
+            }
+
+            try
+            {
+                await PushServiceSocket.ReportContactDiscoveryServiceMismatch();
+            }
+            catch (IOException ex)
+            {
+                Logger.LogInformation(new EventId(), ex, "Request to indicate a contact discovery result mismatch failed. Ignoring.");
+            }
+        }
+
+        public async Task ReportContactDiscoveryServiceAttestationError(CancellationToken? token = null)
+        {
+            if (token == null)
+            {
+                token = CancellationToken.None;
+            }
+
+            try
+            {
+                await PushServiceSocket.ReportContactDiscoveryServiceAttestationError(token);
+            }
+            catch (IOException ex)
+            {
+                Logger.LogInformation(new EventId(), ex, "Request to indicate a contact discovery attestation error failed. Ignoring.");
+            }
+        }
+
+        public async Task ReportContactDiscoveryServiceUnexpectedError(CancellationToken? token = null)
+        {
+            if (token == null)
+            {
+                token = CancellationToken.None;
+            }
+
+            try
+            {
+                await PushServiceSocket.ReportContactDiscoveryServiceUnexpectedError(token);
+            }
+            catch (IOException ex)
+            {
+                Logger.LogInformation(new EventId(), ex, "Request to indicate a contact discovery unexpected error failed. Ignoring.");
+            }
+        }
+
         /// <summary>
         /// Request a UUID from the server for linking as a new device.
         /// Called by the new device.

libsignal-service-dotnet/contacts/ContactDiscoveryClient.cs

@@ -16,6 +16,9 @@ namespace libsignalservice.contacts.crypto
 {
     public class ContactDiscoveryCipher
     {
+        private const int TAG_LENGTH_BYTES = 16;
+        private const int TAG_LENGTH_BITS = TAG_LENGTH_BYTES * 8;
+
         public DiscoveryRequest CreateDiscoveryRequest(IList<string> addressBook, RemoteAttestation remoteAttestation)
         {
             try
@@ -32,16 +35,19 @@ public DiscoveryRequest CreateDiscoveryRequest(IList<string> addressBook, Remote
                 byte[] nonce = Util.GetSecretBytes(12);
                 GcmBlockCipher cipher = new GcmBlockCipher(new AesEngine());
 
-                cipher.Init(true, new AeadParameters(new KeyParameter(remoteAttestation.Keys.ClientKey), 128, nonce));
+                cipher.Init(true, new AeadParameters(new KeyParameter(remoteAttestation.Keys.ClientKey), TAG_LENGTH_BITS, nonce));
                 cipher.ProcessAadBytes(remoteAttestation.RequestId, 0, remoteAttestation.RequestId.Length);
 
-                byte[] ciphertext = new byte[cipher.GetUpdateOutputSize(requestData.Length)];
-                cipher.ProcessBytes(requestData, 0, requestData.Length, ciphertext, 0);
+                byte[] cipherText1 = new byte[cipher.GetUpdateOutputSize(requestData.Length)];
+                cipher.ProcessBytes(requestData, 0, requestData.Length, cipherText1, 0);
+
+                byte[] cipherText2 = new byte[cipher.GetOutputSize(0)];
+                cipher.DoFinal(cipherText2, 0);
 
-                byte[] tag = new byte[cipher.GetOutputSize(0)];
-                cipher.DoFinal(tag, 0);
+                byte[] cipherText = ByteUtil.combine(cipherText1, cipherText2);
+                byte[][] parts = ByteUtil.split(cipherText, cipherText.Length - TAG_LENGTH_BYTES, TAG_LENGTH_BYTES);
 
-                return new DiscoveryRequest(addressBook.Count, remoteAttestation.RequestId, nonce, ciphertext, tag);
+                return new DiscoveryRequest(addressBook.Count, remoteAttestation.RequestId, nonce, parts[0], parts[1]);
             }
             catch (Exception ex) when (ex is IOException || ex is InvalidCipherTextException)
             {
@@ -112,6 +118,11 @@ public void VerifyServerQuote(Quote quote, byte[] serverPublicStatic, string mre
 
         public void VerifyIasSignature(string certificates, string signatureBody, string signature, Quote quote)
         {
+            if (string.IsNullOrWhiteSpace(certificates))
+            {
+                throw new CryptographicException("No certificates.");
+            }
+
             try
             {
                 SigningCertificate signingCertificate = new SigningCertificate(certificates);
@@ -124,7 +135,9 @@ public void VerifyIasSignature(string certificates, string signatureBody, string
                     throw new CryptographicException($"Signed quote is not the same as RA quote: {Hex.ToStringCondensed(signatureBodyEntity.IsvEnclaveQuoteBody!)} vs {Hex.ToStringCondensed(quote.QuoteBytes)}");
                 }
 
-                if ("OK" != signatureBodyEntity.IsvEnclaveQuoteStatus)
+                // TODO: "GROUP_OUT_OF_DATE" should only be allowed during testing
+                if ("OK" != signatureBodyEntity.IsvEnclaveQuoteStatus && "GROUP_OUT_OF_DATE" != signatureBodyEntity.IsvEnclaveQuoteStatus)
+                //if ("OK" != signatureBodyEntity.IsvEnclaveQuoteStatus)
                 {
                     throw new CryptographicException($"Quote status is: {signatureBodyEntity.IsvEnclaveQuoteStatus}");
                 }

libsignal-service-dotnet/contacts/crypto/ContactDiscoveryCipher.cs

@@ -1,3 +1,4 @@
+using libsignalservice.util;
 using Newtonsoft.Json;
 
 namespace libsignalservice.contacts.entities
@@ -34,7 +35,7 @@ public DiscoveryRequest(int addressCount, byte[] requestId, byte[] iv, byte[] da
 
         public override string ToString()
         {
-            return $"{{addressCount: {AddressCount}, ticket: {HelperMethods.ByteArrayToHexString(RequestId)}, iv: {HelperMethods.ByteArrayToHexString(Iv)}, data: {HelperMethods.ByteArrayToHexString(Data)}, mac: {HelperMethods.ByteArrayToHexString(Mac)}}}";
+            return $"{{addressCount: {AddressCount}, ticket: {Hex.ToString(RequestId!)}, iv: {Hex.ToString(Iv!)}, data: {Hex.ToString(Data!)}, mac: {Hex.ToString(Mac!)}}}";
         }
     }
 }

libsignal-service-dotnet/contacts/entities/DiscoveryRequest.cs

@@ -1,3 +1,4 @@
+using libsignalservice.util;
 using Newtonsoft.Json;
 
 namespace libsignalservice.contacts.entities
@@ -26,7 +27,7 @@ public DiscoveryResponse(byte[] iv, byte[] data, byte[] mac)
 
         public override string ToString()
         {
-            return $"{{iv: {(Iv == null ? null : HelperMethods.ByteArrayToHexString(Iv))}, data: {(Data == null ? null : HelperMethods.ByteArrayToHexString(Data))}, mac: {(Mac == null ? null : HelperMethods.ByteArrayToHexString(Mac))}}}";
+            return $"{{iv: {(Iv == null ? null : Hex.ToString(Iv))}, data: {(Data == null ? null : Hex.ToString(Data))}, mac: {(Mac == null ? null : Hex.ToString(Mac))}}}";
         }
     }
 }

libsignal-service-dotnet/contacts/entities/DiscoveryResponse.cs

@@ -0,0 +1,13 @@
+using Newtonsoft.Json;
+
+namespace libsignalservice.push
+{
+    public class ContactDiscoveryCredentials
+    {
+        [JsonProperty("username")]
+        public string? Username { get; set; }
+
+        [JsonProperty("password")]
+        public string? Password { get; set; }
+    }
+}