eliott/libsignal
1
0
Fork 0
mirror of https://github.com/signalapp/libsignal.git synced 2026-05-12 18:07:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

zkgroup: Add CallLinkAuthCredential

Browse Source 
This is very similar to the AuthCredential used by the group server,
but using CallLinkParams to encrypt the user ID rather than
GroupParams (and using GenericServerParams to issue the credential
rather than the group server's ServerParams).
This commit is contained in:
Jordan Rose
2023-04-25 17:18:05 -07:00
committed by GitHub
parent 1b5449e777
commit e588fa5450
24 changed files with 1004 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
java/client/src/test/java/org/signal/libsignal/zkgroup/integrationtests/CallLinksTest.java
View File

@@ -15,6 +15,9 @@ import org.signal.libsignal.zkgroup.SecureRandomTest;
import org.signal.libsignal.zkgroup.VerificationFailedException;
import org.signal.libsignal.zkgroup.calllinks.CallLinkPublicParams;
import org.signal.libsignal.zkgroup.calllinks.CallLinkSecretParams;
import org.signal.libsignal.zkgroup.calllinks.CallLinkAuthCredential;
import org.signal.libsignal.zkgroup.calllinks.CallLinkAuthCredentialPresentation;
import org.signal.libsignal.zkgroup.calllinks.CallLinkAuthCredentialResponse;
import org.signal.libsignal.zkgroup.calllinks.CreateCallLinkCredential;
import org.signal.libsignal.zkgroup.calllinks.CreateCallLinkCredentialPresentation;
import org.signal.libsignal.zkgroup.calllinks.CreateCallLinkCredentialRequest;
@@ -144,5 +147,43 @@ public final class CallLinksTest extends SecureRandomTest {
// expected
}
}
@Test
public void testCallLinkAuthIntegration() throws InvalidInputException, VerificationFailedException {
// SERVER
// Generate keys
GenericServerSecretParams serverSecretParams = GenericServerSecretParams.generate(createSecureRandom(TEST_ARRAY_32));
GenericServerPublicParams serverPublicParams = serverSecretParams.getPublicParams();
// CLIENT
// Generate keys
CallLinkSecretParams clientSecretParams = CallLinkSecretParams.deriveFromRootKey(TEST_ARRAY_32_1);
CallLinkPublicParams clientPublicParams = clientSecretParams.getPublicParams();
// SERVER
// Issue credential
Instant redemptionTime = Instant.now().truncatedTo(ChronoUnit.DAYS);
CallLinkAuthCredentialResponse response = CallLinkAuthCredentialResponse.issueCredential(TEST_UUID, redemptionTime, serverSecretParams, createSecureRandom(TEST_ARRAY_32_4));
// CLIENT
// Gets stored credential
CallLinkAuthCredential credential = response.receive(TEST_UUID, redemptionTime, serverPublicParams);
CallLinkAuthCredentialPresentation presentation = credential.present(TEST_UUID, redemptionTime, serverPublicParams, clientSecretParams, createSecureRandom(TEST_ARRAY_32_5));
// SERVER
// Verify presentation
presentation.verify(serverSecretParams, clientPublicParams);
presentation.verify(redemptionTime.plus(1, ChronoUnit.DAYS), serverSecretParams, clientPublicParams);
try {
presentation.verify(redemptionTime.plus(3, ChronoUnit.DAYS), serverSecretParams, clientPublicParams);
fail("credential expired 1");
} catch (VerificationFailedException e) {
// expected
}
// CLIENT
assertEquals(TEST_UUID, clientSecretParams.decryptUserId(presentation.getUserId()));
}
}