MirrorMirror
/
Signal-Server
mirror of https://github.com/signalapp/Signal-Server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change attachment key from long to base64 of 15 bytes

This commit is contained in:
Ehren Kret 2020-03-30 10:42:21 -07:00
parent 41286650cc
commit 56b134facd
1 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV3.java
View File

@ -17,8 +17,10 @@ import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.SecureRandom;
import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
@ -34,11 +36,15 @@ public class AttachmentControllerV3 extends AttachmentControllerBase {
@Nonnull
private final CanonicalRequestSigner canonicalRequestSigner;
@Nonnull
private final SecureRandom secureRandom;
public AttachmentControllerV3(@Nonnull RateLimiters rateLimiters, @Nonnull String domain, @Nonnull String email, int maxSizeInBytes, @Nonnull String pathPrefix, @Nonnull String rsaSigningKey)
throws IOException, InvalidKeyException {
this.rateLimiter = rateLimiters.getAttachmentLimiter();
this.canonicalRequestGenerator = new CanonicalRequestGenerator(domain, email, maxSizeInBytes, pathPrefix);
this.canonicalRequestSigner = new CanonicalRequestSigner(rsaSigningKey);
this.secureRandom = new SecureRandom();
}
@Timed
@ -49,23 +55,29 @@ public class AttachmentControllerV3 extends AttachmentControllerBase {
rateLimiter.validate(account.getNumber());
final ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
final String key = String.valueOf(generateAttachmentId());
final String key = generateAttachmentKey();
final CanonicalRequest canonicalRequest = canonicalRequestGenerator.createFor(key, now);
return new AttachmentDescriptorV3(2, key, getHeaderMap(canonicalRequest), getSignedUploadLocation(canonicalRequest));
}
public String getSignedUploadLocation(@Nonnull CanonicalRequest canonicalRequest) {
private String getSignedUploadLocation(@Nonnull CanonicalRequest canonicalRequest) {
return "https://" + canonicalRequest.getDomain() + canonicalRequest.getResourcePath()
+ '?' + canonicalRequest.getCanonicalQuery()
+ "&X-Goog-Signature=" + canonicalRequestSigner.sign(canonicalRequest);
}
public static Map<String, String> getHeaderMap(@Nonnull CanonicalRequest canonicalRequest) {
private static Map<String, String> getHeaderMap(@Nonnull CanonicalRequest canonicalRequest) {
Map<String, String> result = new HashMap<>(3);
result.put("host", canonicalRequest.getDomain());
result.put("x-goog-content-length-range", "1," + canonicalRequest.getMaxSizeInBytes());
result.put("x-goog-resumable", "start");
return result;
}
private String generateAttachmentKey() {
final byte[] bytes = new byte[15];
secureRandom.nextBytes(bytes);
return Base64.getUrlEncoder().encodeToString(bytes);
}
}