Allow fingerprint generation for collections of identity keys

// FREEBIE

Author: moxie0

Diff for: java/src/main/java/org/whispersystems/libsignal/devices/DeviceConsistencyCommitment.java

@@ -1,15 +1,13 @@
 package org.whispersystems.libsignal.devices;
 
 import org.whispersystems.libsignal.IdentityKey;
-import org.whispersystems.libsignal.protocol.DeviceConsistencyMessage;
-import org.whispersystems.libsignal.util.ByteArrayComparator;
 import org.whispersystems.libsignal.util.ByteUtil;
+import org.whispersystems.libsignal.util.IdentityKeyComparator;
 
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
 import java.util.Collections;
-import java.util.Comparator;
 import java.util.List;
 
 public class DeviceConsistencyCommitment {
@@ -47,13 +45,5 @@ public int getGeneration() {
     return generation;
   }
 
-  private static class IdentityKeyComparator extends ByteArrayComparator implements Comparator<IdentityKey> {
-
-    @Override
-    public int compare(IdentityKey first, IdentityKey second) {
-      return compare(first.getPublicKey().serialize(), second.getPublicKey().serialize());
-    }
-  }
-
 
 }

Diff for: java/src/main/java/org/whispersystems/libsignal/fingerprint/BaseFingerprintType.java

@@ -0,0 +1,22 @@
+package org.whispersystems.libsignal.fingerprint;
+
+
+import org.whispersystems.libsignal.IdentityKey;
+
+import java.io.ByteArrayOutputStream;
+import java.util.List;
+
+abstract class BaseFingerprintType {
+
+  protected byte[] getLogicalKeyBytes(List<IdentityKey> identityKeys) {
+    ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+    for (IdentityKey identityKey : identityKeys) {
+      byte[] publicKeyBytes = identityKey.getPublicKey().serialize();
+      baos.write(publicKeyBytes, 0, publicKeyBytes.length);
+    }
+
+    return baos.toByteArray();
+  }
+
+}

Diff for: java/src/main/java/org/whispersystems/libsignal/fingerprint/DisplayableFingerprint.java

@@ -5,14 +5,45 @@
  */
 package org.whispersystems.libsignal.fingerprint;
 
-public class DisplayableFingerprint {
+import org.whispersystems.libsignal.IdentityKey;
+import org.whispersystems.libsignal.util.ByteUtil;
+import org.whispersystems.libsignal.util.IdentityKeyComparator;
+
+import java.io.ByteArrayOutputStream;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.LinkedList;
+import java.util.List;
+
+public class DisplayableFingerprint extends BaseFingerprintType {
+
+  private static final int VERSION = 0;
 
   private final String localFingerprint;
   private final String remoteFingerprint;
 
-  public DisplayableFingerprint(String localFingerprint, String remoteFingerprint) {
-    this.localFingerprint  = localFingerprint;
-    this.remoteFingerprint = remoteFingerprint;
+  DisplayableFingerprint(int iterations,
+                         String localStableIdentifier, final IdentityKey localIdentityKey,
+                         String remoteStableIdentifier, final IdentityKey remoteIdentityKey)
+  {
+    this(iterations, localStableIdentifier,
+         new LinkedList<IdentityKey>(){{
+           add(localIdentityKey);
+         }},
+         remoteStableIdentifier,
+         new LinkedList<IdentityKey>() {{
+           add(remoteIdentityKey);
+         }});
+  }
+
+  DisplayableFingerprint(int iterations,
+                         String localStableIdentifier, List<IdentityKey> localIdentityKeys,
+                         String remoteStableIdentifier, List<IdentityKey> remoteIdentityKeys)
+  {
+    this.localFingerprint  = getDisplayStringFor(iterations, localStableIdentifier, localIdentityKeys);
+    this.remoteFingerprint = getDisplayStringFor(iterations, remoteStableIdentifier, remoteIdentityKeys);
   }
 
   public String getDisplayText() {
@@ -22,4 +53,36 @@ public String getDisplayText() {
       return remoteFingerprint + localFingerprint;
     }
   }
+
+  private String getDisplayStringFor(int iterations, String stableIdentifier, List<IdentityKey> unsortedIdentityKeys) {
+    try {
+      ArrayList<IdentityKey> sortedIdentityKeys = new ArrayList<>(unsortedIdentityKeys);
+      Collections.sort(sortedIdentityKeys, new IdentityKeyComparator());
+
+      MessageDigest digest    = MessageDigest.getInstance("SHA-512");
+      byte[]        publicKey = getLogicalKeyBytes(sortedIdentityKeys);
+      byte[]        hash      = ByteUtil.combine(ByteUtil.shortToByteArray(VERSION),
+                                                 publicKey, stableIdentifier.getBytes());
+
+      for (int i=0;i<iterations;i++) {
+        digest.update(hash);
+        hash = digest.digest(publicKey);
+      }
+
+      return getEncodedChunk(hash, 0) +
+          getEncodedChunk(hash, 5) +
+          getEncodedChunk(hash, 10) +
+          getEncodedChunk(hash, 15) +
+          getEncodedChunk(hash, 20) +
+          getEncodedChunk(hash, 25);
+    } catch (NoSuchAlgorithmException e) {
+      throw new AssertionError(e);
+    }
+  }
+
+  private String getEncodedChunk(byte[] hash, int offset) {
+    long chunk = ByteUtil.byteArray5ToLong(hash, offset) % 100000;
+    return String.format("%05d", chunk);
+  }
+
 }

Diff for: java/src/main/java/org/whispersystems/libsignal/fingerprint/FingerprintGenerator.java

@@ -7,7 +7,12 @@
 
 import org.whispersystems.libsignal.IdentityKey;
 
+import java.util.List;
+
 public interface FingerprintGenerator {
   public Fingerprint createFor(String localStableIdentifier, IdentityKey localIdentityKey,
                                String remoteStableIdentifier, IdentityKey remoteIdentityKey);
+
+  public Fingerprint createFor(String localStableIdentifier, List<IdentityKey> localIdentityKey,
+                               String remoteStableIdentifier, List<IdentityKey> remoteIdentityKey);
 }

Diff for: java/src/main/java/org/whispersystems/libsignal/fingerprint/NumericFingerprintGenerator.java

@@ -6,16 +6,22 @@
 package org.whispersystems.libsignal.fingerprint;
 
 import org.whispersystems.libsignal.IdentityKey;
+import org.whispersystems.libsignal.devices.DeviceConsistencySignature;
+import org.whispersystems.libsignal.util.ByteArrayComparator;
 import org.whispersystems.libsignal.util.ByteUtil;
+import org.whispersystems.libsignal.util.IdentityKeyComparator;
 
+import java.io.ByteArrayOutputStream;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.List;
 
 public class NumericFingerprintGenerator implements FingerprintGenerator {
 
-  private static final int VERSION = 0;
-
-  private final long iterations;
+  private final int iterations;
 
   /**
    * Construct a fingerprint generator for 60 digit numerics.
@@ -30,7 +36,7 @@ public class NumericFingerprintGenerator implements FingerprintGenerator {
    *                   - 1400 > 110 bits
    *                   - 5200 > 112 bits
    */
-  public NumericFingerprintGenerator(long iterations) {
+  public NumericFingerprintGenerator(int iterations) {
     this.iterations = iterations;
   }
 
@@ -47,42 +53,45 @@ public NumericFingerprintGenerator(long iterations) {
   public Fingerprint createFor(String localStableIdentifier, IdentityKey localIdentityKey,
                                String remoteStableIdentifier, IdentityKey remoteIdentityKey)
   {
-    DisplayableFingerprint displayableFingerprint = new DisplayableFingerprint(getDisplayStringFor(localStableIdentifier, localIdentityKey),
-                                                                               getDisplayStringFor(remoteStableIdentifier, remoteIdentityKey));
+    DisplayableFingerprint displayableFingerprint = new DisplayableFingerprint(iterations,
+                                                                               localStableIdentifier,
+                                                                               localIdentityKey,
+                                                                               remoteStableIdentifier,
+                                                                               remoteIdentityKey);
 
-    ScannableFingerprint scannableFingerprint = new ScannableFingerprint(VERSION,
-                                                                         localStableIdentifier, localIdentityKey,
+    ScannableFingerprint scannableFingerprint = new ScannableFingerprint(localStableIdentifier, localIdentityKey,
                                                                          remoteStableIdentifier, remoteIdentityKey);
 
     return new Fingerprint(displayableFingerprint, scannableFingerprint);
   }
 
-  private String getDisplayStringFor(String stableIdentifier, IdentityKey identityKey) {
-    try {
-      MessageDigest digest    = MessageDigest.getInstance("SHA-512");
-      byte[]        publicKey = identityKey.getPublicKey().serialize();
-      byte[]        hash      = ByteUtil.combine(ByteUtil.shortToByteArray(VERSION),
-                                                 publicKey, stableIdentifier.getBytes());
+  /**
+   * Generate a scannable and displayble fingerprint for logical identities that have multiple
+   * physical keys.
+   *
+   * Do not trust the output of this unless you've been through the device consistency process
+   * for the provided localIdentityKeys.
+   *
+   * @param localStableIdentifier The client's "stable" identifier.
+   * @param localIdentityKeys The client's collection of physical identity keys.
+   * @param remoteStableIdentifier The remote party's "stable" identifier.
+   * @param remoteIdentityKeys The remote party's collection of physical identity key.
+   * @return A unique fingerprint for this conversation.
+   */
+  public Fingerprint createFor(String localStableIdentifier, List<IdentityKey> localIdentityKeys,
+                               String remoteStableIdentifier, List<IdentityKey> remoteIdentityKeys)
+  {
+    DisplayableFingerprint displayableFingerprint = new DisplayableFingerprint(iterations,
+                                                                               localStableIdentifier,
+                                                                               localIdentityKeys,
+                                                                               remoteStableIdentifier,
+                                                                               remoteIdentityKeys);
 
-      for (int i=0;i<iterations;i++) {
-        digest.update(hash);
-        hash = digest.digest(publicKey);
-      }
+    ScannableFingerprint scannableFingerprint = new ScannableFingerprint(localStableIdentifier, localIdentityKeys,
+                                                                         remoteStableIdentifier, remoteIdentityKeys);
 
-      return getEncodedChunk(hash, 0) +
-          getEncodedChunk(hash, 5) +
-          getEncodedChunk(hash, 10) +
-          getEncodedChunk(hash, 15) +
-          getEncodedChunk(hash, 20) +
-          getEncodedChunk(hash, 25);
-    } catch (NoSuchAlgorithmException e) {
-      throw new AssertionError(e);
-    }
+    return new Fingerprint(displayableFingerprint, scannableFingerprint);
   }
 
-  private String getEncodedChunk(byte[] hash, int offset) {
-    long chunk = ByteUtil.byteArray5ToLong(hash, offset) % 100000;
-    return String.format("%05d", chunk);
-  }
 
 }

Diff for: java/src/main/java/org/whispersystems/libsignal/fingerprint/ScannableFingerprint.java

@@ -13,24 +13,37 @@
 import org.whispersystems.libsignal.fingerprint.FingerprintProtos.FingerprintData;
 
 import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.List;
 
-public class ScannableFingerprint {
+public class ScannableFingerprint extends BaseFingerprintType {
+
+  private static final int VERSION = 0;
 
   private final CombinedFingerprint combinedFingerprint;
 
-  public ScannableFingerprint(int version,
-                              String localStableIdentifier, IdentityKey localIdentityKey,
-                              String remoteStableIdentifier, IdentityKey remoteIdentityKey)
+  ScannableFingerprint(String localStableIdentifier, IdentityKey localIdentityKey,
+                       String remoteStableIdentifier, IdentityKey remoteIdentityKey)
+  {
+    this.combinedFingerprint = initializeCombinedFingerprint(localStableIdentifier, localIdentityKey.serialize(),
+                                                             remoteStableIdentifier, remoteIdentityKey.serialize());
+  }
+
+  ScannableFingerprint(String localStableIdentifier, List<IdentityKey> localIdentityKeys,
+                       String remoteStableIdentifier, List<IdentityKey> remoteIdentityKeys)
   {
-    this.combinedFingerprint = CombinedFingerprint.newBuilder()
-                                                  .setVersion(version)
-                                                  .setLocalFingerprint(FingerprintData.newBuilder()
-                                                                                      .setIdentifier(ByteString.copyFrom(localStableIdentifier.getBytes()))
-                                                                                      .setPublicKey(ByteString.copyFrom(localIdentityKey.serialize())))
-                                                  .setRemoteFingerprint(FingerprintData.newBuilder()
-                                                                                       .setIdentifier(ByteString.copyFrom(remoteStableIdentifier.getBytes()))
-                                                                                       .setPublicKey(ByteString.copyFrom(remoteIdentityKey.serialize())))
-                                                  .build();
+    try {
+      MessageDigest messageDigest = MessageDigest.getInstance("SHA-512");
+
+      byte[] localIdentityLogicalKey  = messageDigest.digest(getLogicalKeyBytes(localIdentityKeys));
+      byte[] remoteIdentityLogicalKey = messageDigest.digest(getLogicalKeyBytes(remoteIdentityKeys));
+
+
+      this.combinedFingerprint = initializeCombinedFingerprint(localStableIdentifier, localIdentityLogicalKey,
+                                                               remoteStableIdentifier, remoteIdentityLogicalKey);
+    } catch (NoSuchAlgorithmException e) {
+      throw new AssertionError(e);
+    }
   }
 
   /**
@@ -77,4 +90,18 @@ public boolean compareTo(byte[] scannedFingerprintData)
       throw new FingerprintParsingException(e);
     }
   }
+
+  private CombinedFingerprint initializeCombinedFingerprint(String localStableIdentifier, byte[] localIdentityKeyBytes,
+                                                            String remoteStableIdentifier, byte[] remoteIdentityKeyBytes)
+  {
+    return CombinedFingerprint.newBuilder()
+                              .setVersion(VERSION)
+                              .setLocalFingerprint(FingerprintData.newBuilder()
+                                                                  .setIdentifier(ByteString.copyFrom(localStableIdentifier.getBytes()))
+                                                                  .setPublicKey(ByteString.copyFrom(localIdentityKeyBytes)))
+                              .setRemoteFingerprint(FingerprintData.newBuilder()
+                                                                   .setIdentifier(ByteString.copyFrom(remoteStableIdentifier.getBytes()))
+                                                                   .setPublicKey(ByteString.copyFrom(remoteIdentityKeyBytes)))
+                              .build();
+  }
 }

Diff for: java/src/main/java/org/whispersystems/libsignal/util/IdentityKeyComparator.java

@@ -0,0 +1,13 @@
+package org.whispersystems.libsignal.util;
+
+import org.whispersystems.libsignal.IdentityKey;
+
+import java.util.Comparator;
+
+public class IdentityKeyComparator extends ByteArrayComparator implements Comparator<IdentityKey> {
+
+  @Override
+  public int compare(IdentityKey first, IdentityKey second) {
+    return compare(first.getPublicKey().serialize(), second.getPublicKey().serialize());
+  }
+}