Update for SignalClient requiring SenderCertificates to have UUIDs

The removed test has been moved to SignalClient in https://github.com/signalapp/libsignal-client/pull/197
2021-02-16 13:17:54 -08:00 · 2021-02-16 13:17:54 -08:00 · 6bcb9a4e21
commit 6bcb9a4e21
parent c0b114797a
5 changed files with 20 additions and 78 deletions
--- a/SignalMetadataKit/src/SMKSecretSessionCipher.swift
+++ b/SignalMetadataKit/src/SMKSecretSessionCipher.swift
@ -135,13 +135,13 @@ fileprivate extension ProtocolAddress {
    }

    convenience init(from senderAddress: SealedSenderAddress) throws {
-        try self.init(name: senderAddress.uuidString ?? senderAddress.e164!, deviceId: senderAddress.deviceId)
+        try self.init(name: senderAddress.uuidString, deviceId: senderAddress.deviceId)
    }
 }

 fileprivate extension SMKAddress {
    init(_ address: SealedSenderAddress) {
-        try! self.init(uuid: address.uuidString.flatMap(UUID.init(uuidString:)), e164: address.e164)
+        try! self.init(uuid: UUID(uuidString: address.uuidString), e164: address.e164)
    }
 }

--- a/SignalMetadataKitTests/src/SMKMiscTest.swift
+++ b/SignalMetadataKitTests/src/SMKMiscTest.swift
@ -39,8 +39,8 @@ class SMKTest: XCTestCase {

    func testUDSessionCipher_encrypt() {
        // NOTE: We use MockClient to ensure consistency between of our session state.
-        let aliceMockClient = MockClient(address: .e164("+13213214321"), deviceId: 456, registrationId: 123)
-        let bobMockClient = MockClient(address: .e164("+13213214322"), deviceId: 321, registrationId: 512)
+        let aliceMockClient = MockClient(address: aliceAddress, deviceId: 456, registrationId: 123)
+        let bobMockClient = MockClient(address: bobAddress, deviceId: 321, registrationId: 512)

        let certificateValidator = MockCertificateValidator()

--- a/SignalMetadataKitTests/src/SMKSecretSessionCipherTest.swift
+++ b/SignalMetadataKitTests/src/SMKSecretSessionCipherTest.swift
@ -16,8 +16,8 @@ class SMKSecretSessionCipherTest: XCTestCase {
        // TestInMemorySignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
        // TestInMemorySignalProtocolStore bobStore   = new TestInMemorySignalProtocolStore();
        // NOTE: We use MockClient to ensure consistency between of our session state.
-        let aliceMockClient = MockClient(address: .e164("+14159999999"), deviceId: 1, registrationId: 1234)
-        let bobMockClient = MockClient(address: .e164("+14158888888"), deviceId: 1, registrationId: 1235)
+        let aliceMockClient = MockClient(address: aliceAddress, deviceId: 1, registrationId: 1234)
+        let bobMockClient = MockClient(address: bobAddress, deviceId: 1, registrationId: 1235)

        // initializeSessions(aliceStore, bobStore);
        initializeSessions(aliceMockClient: aliceMockClient, bobMockClient: bobMockClient)
@ -71,8 +71,8 @@ class SMKSecretSessionCipherTest: XCTestCase {
        // TestInMemorySignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
        // TestInMemorySignalProtocolStore bobStore   = new TestInMemorySignalProtocolStore();
        // NOTE: We use MockClient to ensure consistency between of our session state.
-        let aliceMockClient = MockClient(address: .e164("+14159999999"), deviceId: 1, registrationId: 1234)
-        let bobMockClient = MockClient(address: .e164("+14158888888"), deviceId: 1, registrationId: 1235)
+        let aliceMockClient = MockClient(address: aliceAddress, deviceId: 1, registrationId: 1234)
+        let bobMockClient = MockClient(address: bobAddress, deviceId: 1, registrationId: 1235)

        // initializeSessions(aliceStore, bobStore);
        initializeSessions(aliceMockClient: aliceMockClient, bobMockClient: bobMockClient)
@ -133,8 +133,8 @@ class SMKSecretSessionCipherTest: XCTestCase {
        // TestInMemorySignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
        // TestInMemorySignalProtocolStore bobStore   = new TestInMemorySignalProtocolStore();
        // NOTE: We use MockClient to ensure consistency between of our session state.
-        let aliceMockClient = MockClient(address: .e164("+14159999999"), deviceId: 1, registrationId: 1234)
-        let bobMockClient = MockClient(address: .e164("+14158888888"), deviceId: 1, registrationId: 1235)
+        let aliceMockClient = MockClient(address: aliceAddress, deviceId: 1, registrationId: 1234)
+        let bobMockClient = MockClient(address: bobAddress, deviceId: 1, registrationId: 1235)

        // initializeSessions(aliceStore, bobStore);
        initializeSessions(aliceMockClient: aliceMockClient, bobMockClient: bobMockClient)
@ -194,8 +194,8 @@ class SMKSecretSessionCipherTest: XCTestCase {
        // TestInMemorySignalProtocolStore aliceStore = new TestInMemorySignalProtocolStore();
        // TestInMemorySignalProtocolStore bobStore   = new TestInMemorySignalProtocolStore();
        // NOTE: We use MockClient to ensure consistency between of our session state.
-        let aliceMockClient = MockClient(address: .e164("+14159999999"), deviceId: 1, registrationId: 1234)
-        let bobMockClient = MockClient(address: .e164("+14158888888"), deviceId: 1, registrationId: 1235)
+        let aliceMockClient = MockClient(address: aliceAddress, deviceId: 1, registrationId: 1234)
+        let bobMockClient = MockClient(address: bobAddress, deviceId: 1, registrationId: 1235)

        // initializeSessions(aliceStore, bobStore);
        initializeSessions(aliceMockClient: aliceMockClient,
@ -266,7 +266,7 @@ class SMKSecretSessionCipherTest: XCTestCase {
                                                       publicKey: serverKey.publicKey,
                                                       trustRoot: trustRoot.privateKey)
        return try! SenderCertificate(sender: SealedSenderAddress(e164: senderAddress.e164,
-                                                                  uuidString: senderAddress.uuid?.uuidString,
+                                                                  uuidString: senderAddress.uuid!.uuidString,
                                                                  deviceId: senderDeviceId),
                                      publicKey: identityKey,
                                      expiration: expirationTimestamp,
--- a/SignalMetadataKitTests/src/SMKSenderCertificateTest.swift
+++ b/SignalMetadataKitTests/src/SMKSenderCertificateTest.swift
@ -35,7 +35,7 @@ class SMKSenderCertificateTest: XCTestCase {
                                                                        expires: 31337,
                                                                        identityKey: key.ecPublicKey().serialized,
                                                                        signer: signer)
-        builder.setSenderE164("+14152222222")
+        builder.setSenderUuid(aliceAddress.uuid!.uuidString)
        let certificateData = try! builder.buildSerializedData()

        // byte[] certificateSignature = Curve.calculateSignature(serverKey.getPrivateKey(), certificateBytes);
@ -77,7 +77,7 @@ class SMKSenderCertificateTest: XCTestCase {
                                                                        expires: 31337,
                                                                        identityKey: key.ecPublicKey().serialized,
                                                                        signer: signer)
-        builder.setSenderE164("+14152222222")
+        builder.setSenderUuid(aliceAddress.uuid!.uuidString)
        let certificateData = try! builder.buildSerializedData()

        // byte[] certificateSignature = Curve.calculateSignature(serverKey.getPrivateKey(), certificateBytes);
@ -123,7 +123,7 @@ class SMKSenderCertificateTest: XCTestCase {
                                                                        expires: 31337,
                                                                        identityKey: key.ecPublicKey().serialized,
                                                                        signer: signer)
-        builder.setSenderE164("+14152222222")
+        builder.setSenderUuid(aliceAddress.uuid!.uuidString)
        let certificateData = try! builder.buildSerializedData()

        // byte[] certificateSignature = Curve.calculateSignature(serverKey.getPrivateKey(), certificateBytes);
@ -164,68 +164,6 @@ class SMKSenderCertificateTest: XCTestCase {
        }
    }

-    func test_losslessRoundTrip() {
-        // To test a hypothetical addition of a new field:
-        //
-        // Step 1: tempororarily add a new field to the .proto.
-        //
-        //     index 537f8df..82e9263 100644
-        //     --- a/protobuf/OWSUnidentifiedDelivery.proto
-        //     +++ b/protobuf/OWSUnidentifiedDelivery.proto
-        //     @@ -40,6 +40,7 @@ message SenderCertificate {
-        //     optional bytes identityKey = 4;
-        //     // @required
-        //     optional ServerCertificate signer = 5;
-        //     +        optional string someFakeField = 999;
-        //     }
-        //
-        // Step 2: Serialize and print out the new fixture data (uncomment the following)
-        //
-        //     let serverKey = Curve25519.generateKeyPair()
-        //     let key = Curve25519.generateKeyPair()
-        //     let signer = try! getServerCertificate(serverKey: serverKey)
-        //     let builder = try! SMKProtoSenderCertificateCertificate.builder(sender: "+14152222222",
-        //                                                                     senderDevice: 1,
-        //                                                                     expires: 31337,
-        //                                                                     identityKey: key.ecPublicKey().serialized,
-        //                                                                     signer: signer)
-        //     builder.setSomeFakeField("crashing right down")
-        //
-        //     print("<SNIP>")
-        //     let serializedCertificateData = try! builder.buildSerializedData()
-        //     let certificateDataEncoded = serializedCertificateData.base64EncodedString()
-        //     print("let certificateDataEncoded = \"\(certificateDataEncoded)\"")
-        //
-        //     let certificateSignatureEncoded = try! Ed25519.sign(serializedCertificateData, with: serverKey).base64EncodedString()
-        //     print("let certificateSignatureEncoded = \"\(certificateSignatureEncoded)\"")
-        //
-        //     let trustRootPublicKeyDataEncoded = try! trustRoot.ecPublicKey().serialized.base64EncodedString()
-        //     print("let trustRootPublicKeyDataEncoded = \"\(trustRootPublicKeyDataEncoded)\"")
-        //     print("</SNIP>")
-
-        // Step 3: update the following *Encoded fixture data with the new values from above.
-        let certificateDataEncoded = "CgwrMTQxNTIyMjIyMjIQARlpegAAAAAAACIhBdyYGjVpE02g7CUlCvGNElHZNZmGy3Xhh5y+TuPh6dQIKmkKJQgBEiEFeszl2BGIxS95K+anx30GX6+Tgoqp70/aWKNEkH/5TGkSQPbz1mzKfidiWTuT8pRdnYYchEnL+ln5i/mVq5JP1MzzmqVnx8bzkFhfT4EGYSDY5rQoVfb5JnV0Kf3Aavdkd426PhNjcmFzaGluZyByaWdodCBkb3du"
-        let certificateSignatureEncoded = "Ii8DBO6yapzQwc0kJ6M5EhuFsgHccjlzFSJow408O1tceRVZiYGpR5MZO1SBgKHH2GEayiBNpvayFIL2i4POig=="
-        let trustRootPublicKeyDataEncoded = "BanGdQtiGO0KYbSu/rBz3MZvO+LGkjGVceXfmQV8eNwM"
-
-        let certificateData = Data(base64Encoded: certificateDataEncoded)!
-        let certificateSignature = Data(base64Encoded: certificateSignatureEncoded)!
-        let trustRootPublicKeyData = Data(base64Encoded: trustRootPublicKeyDataEncoded)!
-
-        // The rest of the test should be stable.
-        let senderCertificateData = try! SMKProtoSenderCertificate.builder(certificate: certificateData,
-                                                                           signature: certificateSignature)
-            .buildSerializedData()
-
-        let senderCertificate = try! SenderCertificate(senderCertificateData)
-
-        let stableTrustRoot = try! ECPublicKey(serializedKeyData: trustRootPublicKeyData)
-
-        let certificateValidator = SMKCertificateDefaultValidator(trustRoot: stableTrustRoot)
-        XCTAssertNoThrow(try certificateValidator.throwswrapped_validate(senderCertificate: senderCertificate,
-                                                                         validationTime: 31336))
-    }
-
    // MARK: - Utils

    // private SignalProtos.ServerCertificate getServerCertificate(ECKeyPair serverKey) throws InvalidKeyException, InvalidCertificateException {
--- a/SignalMetadataKitTests/src/SMKTestUtils.swift
+++ b/SignalMetadataKitTests/src/SMKTestUtils.swift
@ -6,6 +6,10 @@ import Foundation
 import SignalMetadataKit
 import SignalClient

+// Two manipulated-but-valid v1 UUIDs.
+let aliceAddress: SMKAddress = .uuid(UUID(uuidString: "aaaaaaaa-7000-11eb-b32a-33b8a8a487a6")!)
+let bobAddress: SMKAddress = .uuid(UUID(uuidString: "bbbbbbbb-7000-11eb-b32a-33b8a8a487a6")!)
+
 class MockCertificateValidator: NSObject, SMKCertificateValidator {

    public func throwswrapped_validate(senderCertificate: SenderCertificate, validationTime: UInt64) throws {