]> nmode's Git Repositories - signal-cli/blob - lib/src/main/java/org/asamk/signal/manager/helper/IncomingMessageHandler.java
git.nmode.ca / signal-cli / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Refactor ACI/PNI store handling
[signal-cli] / lib / src / main / java / org / asamk / signal / manager / helper / IncomingMessageHandler.java
1 package org.asamk.signal.manager.helper;
2
3 import org.asamk.signal.manager.Manager;
4 import org.asamk.signal.manager.actions.HandleAction;
5 import org.asamk.signal.manager.actions.RefreshPreKeysAction;
6 import org.asamk.signal.manager.actions.RenewSessionAction;
7 import org.asamk.signal.manager.actions.ResendMessageAction;
8 import org.asamk.signal.manager.actions.RetrieveProfileAction;
9 import org.asamk.signal.manager.actions.RetrieveStorageDataAction;
10 import org.asamk.signal.manager.actions.SendGroupInfoAction;
11 import org.asamk.signal.manager.actions.SendGroupInfoRequestAction;
12 import org.asamk.signal.manager.actions.SendProfileKeyAction;
13 import org.asamk.signal.manager.actions.SendReceiptAction;
14 import org.asamk.signal.manager.actions.SendRetryMessageRequestAction;
15 import org.asamk.signal.manager.actions.SendSyncBlockedListAction;
16 import org.asamk.signal.manager.actions.SendSyncConfigurationAction;
17 import org.asamk.signal.manager.actions.SendSyncContactsAction;
18 import org.asamk.signal.manager.actions.SendSyncGroupsAction;
19 import org.asamk.signal.manager.actions.SendSyncKeysAction;
20 import org.asamk.signal.manager.actions.UpdateAccountAttributesAction;
21 import org.asamk.signal.manager.api.GroupId;
22 import org.asamk.signal.manager.api.GroupNotFoundException;
23 import org.asamk.signal.manager.api.MessageEnvelope;
24 import org.asamk.signal.manager.api.Pair;
25 import org.asamk.signal.manager.api.Profile;
26 import org.asamk.signal.manager.api.ReceiveConfig;
27 import org.asamk.signal.manager.api.StickerPackId;
28 import org.asamk.signal.manager.api.TrustLevel;
29 import org.asamk.signal.manager.api.UntrustedIdentityException;
30 import org.asamk.signal.manager.groups.GroupUtils;
31 import org.asamk.signal.manager.internal.SignalDependencies;
32 import org.asamk.signal.manager.jobs.RetrieveStickerPackJob;
33 import org.asamk.signal.manager.storage.SignalAccount;
34 import org.asamk.signal.manager.storage.groups.GroupInfoV1;
35 import org.asamk.signal.manager.storage.recipients.RecipientId;
36 import org.asamk.signal.manager.storage.stickers.StickerPack;
37 import org.signal.libsignal.metadata.ProtocolInvalidKeyException;
38 import org.signal.libsignal.metadata.ProtocolInvalidKeyIdException;
39 import org.signal.libsignal.metadata.ProtocolInvalidMessageException;
40 import org.signal.libsignal.metadata.ProtocolNoSessionException;
41 import org.signal.libsignal.metadata.ProtocolUntrustedIdentityException;
42 import org.signal.libsignal.metadata.SelfSendException;
43 import org.signal.libsignal.protocol.IdentityKeyPair;
44 import org.signal.libsignal.protocol.InvalidMessageException;
45 import org.signal.libsignal.protocol.groups.GroupSessionBuilder;
46 import org.signal.libsignal.protocol.message.DecryptionErrorMessage;
47 import org.signal.libsignal.protocol.state.SignedPreKeyRecord;
48 import org.signal.libsignal.zkgroup.InvalidInputException;
49 import org.signal.libsignal.zkgroup.profiles.ProfileKey;
50 import org.slf4j.Logger;
51 import org.slf4j.LoggerFactory;
52 import org.whispersystems.signalservice.api.InvalidMessageStructureException;
53 import org.whispersystems.signalservice.api.crypto.SignalGroupSessionBuilder;
54 import org.whispersystems.signalservice.api.crypto.SignalServiceCipherResult;
55 import org.whispersystems.signalservice.api.messages.EnvelopeContentValidator;
56 import org.whispersystems.signalservice.api.messages.SignalServiceContent;
57 import org.whispersystems.signalservice.api.messages.SignalServiceDataMessage;
58 import org.whispersystems.signalservice.api.messages.SignalServiceEnvelope;
59 import org.whispersystems.signalservice.api.messages.SignalServiceGroup;
60 import org.whispersystems.signalservice.api.messages.SignalServiceGroupContext;
61 import org.whispersystems.signalservice.api.messages.SignalServiceGroupV2;
62 import org.whispersystems.signalservice.api.messages.SignalServiceMetadata;
63 import org.whispersystems.signalservice.api.messages.SignalServicePniSignatureMessage;
64 import org.whispersystems.signalservice.api.messages.SignalServiceReceiptMessage;
65 import org.whispersystems.signalservice.api.messages.SignalServiceStoryMessage;
66 import org.whispersystems.signalservice.api.messages.multidevice.SignalServiceSyncMessage;
67 import org.whispersystems.signalservice.api.messages.multidevice.StickerPackOperationMessage;
68 import org.whispersystems.signalservice.api.push.ACI;
69 import org.whispersystems.signalservice.api.push.PNI;
70 import org.whispersystems.signalservice.api.push.ServiceId;
71 import org.whispersystems.signalservice.api.push.SignalServiceAddress;
72 import org.whispersystems.signalservice.internal.push.SignalServiceProtos;
73 import org.whispersystems.signalservice.internal.push.UnsupportedDataMessageException;
74 import org.whispersystems.signalservice.internal.serialize.SignalServiceAddressProtobufSerializer;
75 import org.whispersystems.signalservice.internal.serialize.SignalServiceMetadataProtobufSerializer;
76 import org.whispersystems.signalservice.internal.serialize.protos.SignalServiceContentProto;
77
78 import java.util.ArrayList;
79 import java.util.List;
80 import java.util.Optional;
81 import java.util.stream.Collectors;
82
83 public final class IncomingMessageHandler {
84
85 private final static Logger logger = LoggerFactory.getLogger(IncomingMessageHandler.class);
86
87 private final SignalAccount account;
88 private final SignalDependencies dependencies;
89 private final Context context;
90
91 public IncomingMessageHandler(final Context context) {
92 this.account = context.getAccount();
93 this.dependencies = context.getDependencies();
94 this.context = context;
95 }
96
97 public Pair<List<HandleAction>, Exception> handleRetryEnvelope(
98 final SignalServiceEnvelope envelope,
99 final ReceiveConfig receiveConfig,
100 final Manager.ReceiveMessageHandler handler
101 ) {
102 final List<HandleAction> actions = new ArrayList<>();
103 if (envelope.isPreKeySignalMessage()) {
104 actions.add(RefreshPreKeysAction.create());
105 }
106
107 SignalServiceContent content = null;
108 if (!envelope.isReceipt()) {
109 account.getIdentityKeyStore().setRetryingDecryption(true);
110 try {
111 final var cipherResult = dependencies.getCipher()
112 .decrypt(envelope.getProto(), envelope.getServerDeliveredTimestamp());
113 content = validate(envelope.getProto(), cipherResult, envelope.getServerDeliveredTimestamp());
114 if (content == null) {
115 return new Pair<>(List.of(), null);
116 }
117 } catch (ProtocolUntrustedIdentityException e) {
118 final var recipientId = account.getRecipientResolver().resolveRecipient(e.getSender());
119 final var exception = new UntrustedIdentityException(account.getRecipientAddressResolver()
120 .resolveRecipientAddress(recipientId)
121 .toApiRecipientAddress(), e.getSenderDevice());
122 return new Pair<>(List.of(), exception);
123 } catch (Exception e) {
124 return new Pair<>(List.of(), e);
125 } finally {
126 account.getIdentityKeyStore().setRetryingDecryption(false);
127 }
128 }
129 actions.addAll(checkAndHandleMessage(envelope, content, receiveConfig, handler, null));
130 return new Pair<>(actions, null);
131 }
132
133 public Pair<List<HandleAction>, Exception> handleEnvelope(
134 final SignalServiceEnvelope envelope,
135 final ReceiveConfig receiveConfig,
136 final Manager.ReceiveMessageHandler handler
137 ) {
138 final var actions = new ArrayList<HandleAction>();
139 if (envelope.hasSourceUuid()) {
140 // Store uuid if we don't have it already
141 // address/uuid in envelope is sent by server
142 account.getRecipientTrustedResolver().resolveRecipientTrusted(envelope.getSourceAddress());
143 }
144 SignalServiceContent content = null;
145 Exception exception = null;
146 if (!envelope.isReceipt()) {
147 try {
148 final var cipherResult = dependencies.getCipher()
149 .decrypt(envelope.getProto(), envelope.getServerDeliveredTimestamp());
150 content = validate(envelope.getProto(), cipherResult, envelope.getServerDeliveredTimestamp());
151 if (content == null) {
152 return new Pair<>(List.of(), null);
153 }
154 } catch (ProtocolUntrustedIdentityException e) {
155 final var recipientId = account.getRecipientResolver().resolveRecipient(e.getSender());
156 actions.add(new RetrieveProfileAction(recipientId));
157 exception = new UntrustedIdentityException(account.getRecipientAddressResolver()
158 .resolveRecipientAddress(recipientId)
159 .toApiRecipientAddress(), e.getSenderDevice());
160 } catch (ProtocolInvalidKeyIdException | ProtocolInvalidKeyException | ProtocolNoSessionException |
161 ProtocolInvalidMessageException e) {
162 logger.debug("Failed to decrypt incoming message", e);
163 final var sender = account.getRecipientResolver().resolveRecipient(e.getSender());
164 if (context.getContactHelper().isContactBlocked(sender)) {
165 logger.debug("Received invalid message from blocked contact, ignoring.");
166 } else {
167 final var senderProfile = context.getProfileHelper().getRecipientProfile(sender);
168 final var selfProfile = context.getProfileHelper().getSelfProfile();
169 var serviceId = ServiceId.parseOrNull(e.getSender());
170 if (serviceId == null) {
171 // Workaround for libsignal-client issue #492
172 serviceId = account.getRecipientAddressResolver()
173 .resolveRecipientAddress(sender)
174 .serviceId()
175 .orElse(null);
176 }
177 if (serviceId != null) {
178 final var isSelf = sender.equals(account.getSelfRecipientId())
179 && e.getSenderDevice() == account.getDeviceId();
180 final var isSenderSenderKeyCapable = senderProfile != null && senderProfile.getCapabilities()
181 .contains(Profile.Capability.senderKey);
182 final var isSelfSenderKeyCapable = selfProfile != null && selfProfile.getCapabilities()
183 .contains(Profile.Capability.senderKey);
184 final var destination = getDestination(envelope).serviceId();
185 if (!isSelf && isSenderSenderKeyCapable && isSelfSenderKeyCapable) {
186 logger.debug("Received invalid message, requesting message resend.");
187 actions.add(new SendRetryMessageRequestAction(sender, serviceId, e, envelope, destination));
188 } else {
189 logger.debug("Received invalid message, queuing renew session action.");
190 actions.add(new RenewSessionAction(sender, serviceId, destination));
191 }
192 } else {
193 logger.debug("Received invalid message from invalid sender: {}", e.getSender());
194 }
195 }
196 exception = e;
197 } catch (SelfSendException e) {
198 logger.debug("Dropping unidentified message from self.");
199 return new Pair<>(List.of(), null);
200 } catch (Exception e) {
201 logger.debug("Failed to handle incoming message", e);
202 exception = e;
203 }
204 }
205
206 actions.addAll(checkAndHandleMessage(envelope, content, receiveConfig, handler, exception));
207 return new Pair<>(actions, exception);
208 }
209
210 private SignalServiceContent validate(
211 SignalServiceProtos.Envelope envelope, SignalServiceCipherResult cipherResult, long serverDeliveredTimestamp
212 ) throws ProtocolInvalidKeyException, ProtocolInvalidMessageException, UnsupportedDataMessageException, InvalidMessageStructureException {
213 final var content = cipherResult.getContent();
214 final var envelopeMetadata = cipherResult.getMetadata();
215 final var validationResult = EnvelopeContentValidator.INSTANCE.validate(envelope, content);
216
217 if (validationResult instanceof EnvelopeContentValidator.Result.Invalid v) {
218 logger.warn("Invalid content! {}", v.getReason(), v.getThrowable());
219 return null;
220 }
221
222 if (validationResult instanceof EnvelopeContentValidator.Result.UnsupportedDataMessage v) {
223 logger.warn("Unsupported DataMessage! Our version: {}, their version: {}",
224 v.getOurVersion(),
225 v.getTheirVersion());
226 return null;
227 }
228
229 final var localAddress = new SignalServiceAddress(envelopeMetadata.getDestinationServiceId(),
230 Optional.ofNullable(account.getNumber()));
231 final var metadata = new SignalServiceMetadata(new SignalServiceAddress(envelopeMetadata.getSourceServiceId(),
232 Optional.ofNullable(envelopeMetadata.getSourceE164())),
233 envelopeMetadata.getSourceDeviceId(),
234 envelope.getTimestamp(),
235 envelope.getServerTimestamp(),
236 serverDeliveredTimestamp,
237 envelopeMetadata.getSealedSender(),
238 envelope.getServerGuid(),
239 Optional.ofNullable(envelopeMetadata.getGroupId()),
240 envelopeMetadata.getDestinationServiceId().toString());
241
242 final var contentProto = SignalServiceContentProto.newBuilder()
243 .setLocalAddress(SignalServiceAddressProtobufSerializer.toProtobuf(localAddress))
244 .setMetadata(SignalServiceMetadataProtobufSerializer.toProtobuf(metadata))
245 .setContent(content)
246 .build();
247
248 return SignalServiceContent.createFromProto(contentProto);
249 }
250
251 private List<HandleAction> checkAndHandleMessage(
252 final SignalServiceEnvelope envelope,
253 final SignalServiceContent content,
254 final ReceiveConfig receiveConfig,
255 final Manager.ReceiveMessageHandler handler,
256 final Exception exception
257 ) {
258 if (content != null) {
259 // Store uuid if we don't have it already
260 // address/uuid is validated by unidentified sender certificate
261
262 boolean handledPniSignature = false;
263 if (content.getPniSignatureMessage().isPresent()) {
264 final var message = content.getPniSignatureMessage().get();
265 final var senderAddress = getSenderAddress(envelope, content);
266 if (senderAddress != null) {
267 handledPniSignature = handlePniSignatureMessage(message, senderAddress);
268 }
269 }
270 if (!handledPniSignature) {
271 account.getRecipientTrustedResolver().resolveRecipientTrusted(content.getSender());
272 }
273 }
274 if (envelope.isReceipt()) {
275 final var senderDeviceAddress = getSender(envelope, content);
276 final var sender = senderDeviceAddress.serviceId();
277 final var senderDeviceId = senderDeviceAddress.deviceId();
278 account.getMessageSendLogStore().deleteEntryForRecipient(envelope.getTimestamp(), sender, senderDeviceId);
279 }
280
281 var notAllowedToSendToGroup = isNotAllowedToSendToGroup(envelope, content);
282 final var groupContext = getGroupContext(content);
283 if (groupContext != null && groupContext.getGroupV2().isPresent()) {
284 handleGroupV2Context(groupContext.getGroupV2().get());
285 }
286 // Check again in case the user just joined the group
287 notAllowedToSendToGroup = notAllowedToSendToGroup && isNotAllowedToSendToGroup(envelope, content);
288
289 if (isMessageBlocked(envelope, content)) {
290 logger.info("Ignoring a message from blocked user/group: {}", envelope.getTimestamp());
291 return List.of();
292 } else if (notAllowedToSendToGroup) {
293 final var senderAddress = getSenderAddress(envelope, content);
294 logger.info("Ignoring a group message from an unauthorized sender (no member or admin): {} {}",
295 senderAddress == null ? null : senderAddress.getIdentifier(),
296 envelope.getTimestamp());
297 return List.of();
298 } else {
299 List<HandleAction> actions;
300 if (content != null) {
301 actions = handleMessage(envelope, content, receiveConfig);
302 } else {
303 actions = List.of();
304 }
305 handler.handleMessage(MessageEnvelope.from(envelope,
306 content,
307 account.getRecipientResolver(),
308 account.getRecipientAddressResolver(),
309 context.getAttachmentHelper()::getAttachmentFile,
310 exception), exception);
311 return actions;
312 }
313 }
314
315 public List<HandleAction> handleMessage(
316 SignalServiceEnvelope envelope, SignalServiceContent content, ReceiveConfig receiveConfig
317 ) {
318 var actions = new ArrayList<HandleAction>();
319 final var senderDeviceAddress = getSender(envelope, content);
320 final var sender = senderDeviceAddress.recipientId();
321 final var senderServiceId = senderDeviceAddress.serviceId();
322 final var senderDeviceId = senderDeviceAddress.deviceId();
323 final var destination = getDestination(envelope);
324
325 if (content.getReceiptMessage().isPresent()) {
326 final var message = content.getReceiptMessage().get();
327 if (message.isDeliveryReceipt()) {
328 account.getMessageSendLogStore()
329 .deleteEntriesForRecipient(message.getTimestamps(), senderServiceId, senderDeviceId);
330 }
331 }
332
333 if (content.getSenderKeyDistributionMessage().isPresent()) {
334 final var message = content.getSenderKeyDistributionMessage().get();
335 final var protocolAddress = senderServiceId.toProtocolAddress(senderDeviceId);
336 logger.debug("Received a sender key distribution message for distributionId {} from {}",
337 message.getDistributionId(),
338 protocolAddress);
339 new SignalGroupSessionBuilder(dependencies.getSessionLock(),
340 new GroupSessionBuilder(account.getSenderKeyStore())).process(protocolAddress, message);
341 }
342
343 if (content.getDecryptionErrorMessage().isPresent()) {
344 var message = content.getDecryptionErrorMessage().get();
345 logger.debug("Received a decryption error message from {}.{} (resend request for {})",
346 sender,
347 senderDeviceId,
348 message.getTimestamp());
349 if (message.getDeviceId() == account.getDeviceId()) {
350 handleDecryptionErrorMessage(actions,
351 sender,
352 senderServiceId,
353 senderDeviceId,
354 message,
355 destination.serviceId());
356 } else {
357 logger.debug("Request is for another one of our devices");
358 }
359 }
360
361 if (content.getDataMessage().isPresent()) {
362 var message = content.getDataMessage().get();
363
364 if (content.isNeedsReceipt()) {
365 actions.add(new SendReceiptAction(sender,
366 SignalServiceReceiptMessage.Type.DELIVERY,
367 message.getTimestamp()));
368 } else {
369 // Message wasn't sent as unidentified sender message
370 final var contact = context.getAccount().getContactStore().getContact(sender);
371 if (account.isPrimaryDevice()
372 && contact != null
373 && !contact.isBlocked()
374 && contact.isProfileSharingEnabled()) {
375 actions.add(UpdateAccountAttributesAction.create());
376 actions.add(new SendProfileKeyAction(sender));
377 }
378 }
379 if (receiveConfig.sendReadReceipts()) {
380 actions.add(new SendReceiptAction(sender,
381 SignalServiceReceiptMessage.Type.READ,
382 message.getTimestamp()));
383 }
384
385 actions.addAll(handleSignalServiceDataMessage(message,
386 false,
387 senderDeviceAddress,
388 destination,
389 receiveConfig.ignoreAttachments()));
390 }
391
392 if (content.getStoryMessage().isPresent()) {
393 final var message = content.getStoryMessage().get();
394 actions.addAll(handleSignalServiceStoryMessage(message, sender, receiveConfig.ignoreAttachments()));
395 }
396
397 if (content.getSyncMessage().isPresent()) {
398 var syncMessage = content.getSyncMessage().get();
399 actions.addAll(handleSyncMessage(envelope,
400 syncMessage,
401 senderDeviceAddress,
402 receiveConfig.ignoreAttachments()));
403 }
404
405 return actions;
406 }
407
408 private boolean handlePniSignatureMessage(
409 final SignalServicePniSignatureMessage message, final SignalServiceAddress senderAddress
410 ) {
411 final var aci = ACI.from(senderAddress.getServiceId());
412 final var aciIdentity = account.getIdentityKeyStore().getIdentityInfo(aci);
413 final var pni = message.getPni();
414 final var pniIdentity = account.getIdentityKeyStore().getIdentityInfo(pni);
415
416 if (aciIdentity == null || pniIdentity == null || aci.equals(pni)) {
417 return false;
418 }
419
420 final var verified = pniIdentity.getIdentityKey()
421 .verifyAlternateIdentity(aciIdentity.getIdentityKey(), message.getSignature());
422
423 if (!verified) {
424 logger.debug("Invalid PNI signature of ACI {} with PNI {}", aci, pni);
425 return false;
426 }
427
428 logger.debug("Verified association of ACI {} with PNI {}", aci, pni);
429 account.getRecipientTrustedResolver()
430 .resolveRecipientTrusted(Optional.of(aci), Optional.of(pni), senderAddress.getNumber());
431 return true;
432 }
433
434 private void handleDecryptionErrorMessage(
435 final List<HandleAction> actions,
436 final RecipientId sender,
437 final ServiceId senderServiceId,
438 final int senderDeviceId,
439 final DecryptionErrorMessage message,
440 final ServiceId destination
441 ) {
442 final var logEntries = account.getMessageSendLogStore()
443 .findMessages(senderServiceId,
444 senderDeviceId,
445 message.getTimestamp(),
446 message.getRatchetKey().isEmpty());
447
448 for (final var logEntry : logEntries) {
449 actions.add(new ResendMessageAction(sender, message.getTimestamp(), logEntry));
450 }
451
452 if (message.getRatchetKey().isPresent()) {
453 final var sessionStore = account.getAccountData(destination).getSessionStore();
454 if (sessionStore.isCurrentRatchetKey(senderServiceId, senderDeviceId, message.getRatchetKey().get())) {
455 if (logEntries.isEmpty()) {
456 logger.debug("Renewing the session with sender");
457 actions.add(new RenewSessionAction(sender, senderServiceId, destination));
458 } else {
459 logger.trace("Archiving the session with sender, a resend message has already been queued");
460 sessionStore.archiveSessions(senderServiceId);
461 }
462 }
463 return;
464 }
465
466 var found = false;
467 for (final var logEntry : logEntries) {
468 if (logEntry.groupId().isEmpty()) {
469 continue;
470 }
471 final var group = account.getGroupStore().getGroup(logEntry.groupId().get());
472 if (group == null) {
473 continue;
474 }
475 found = true;
476 logger.trace("Deleting shared sender key with {} ({}): {}",
477 sender,
478 senderDeviceId,
479 group.getDistributionId());
480 account.getSenderKeyStore().deleteSharedWith(senderServiceId, senderDeviceId, group.getDistributionId());
481 }
482 if (!found) {
483 logger.debug("Reset all shared sender keys with this recipient, no related message found in send log");
484 account.getSenderKeyStore().deleteSharedWith(senderServiceId);
485 }
486 }
487
488 private List<HandleAction> handleSyncMessage(
489 final SignalServiceEnvelope envelope,
490 final SignalServiceSyncMessage syncMessage,
491 final DeviceAddress sender,
492 final boolean ignoreAttachments
493 ) {
494 var actions = new ArrayList<HandleAction>();
495 account.setMultiDevice(true);
496 if (syncMessage.getSent().isPresent()) {
497 var message = syncMessage.getSent().get();
498 final var destination = message.getDestination().orElse(null);
499 if (message.getDataMessage().isPresent()) {
500 actions.addAll(handleSignalServiceDataMessage(message.getDataMessage().get(),
501 true,
502 sender,
503 destination == null
504 ? null
505 : new DeviceAddress(context.getRecipientHelper().resolveRecipient(destination),
506 destination.getServiceId(),
507 0),
508 ignoreAttachments));
509 }
510 if (message.getStoryMessage().isPresent()) {
511 actions.addAll(handleSignalServiceStoryMessage(message.getStoryMessage().get(),
512 sender.recipientId(),
513 ignoreAttachments));
514 }
515 }
516 if (syncMessage.getRequest().isPresent() && account.isPrimaryDevice()) {
517 var rm = syncMessage.getRequest().get();
518 if (rm.isContactsRequest()) {
519 actions.add(SendSyncContactsAction.create());
520 }
521 if (rm.isGroupsRequest()) {
522 actions.add(SendSyncGroupsAction.create());
523 }
524 if (rm.isBlockedListRequest()) {
525 actions.add(SendSyncBlockedListAction.create());
526 }
527 if (rm.isKeysRequest()) {
528 actions.add(SendSyncKeysAction.create());
529 }
530 if (rm.isConfigurationRequest()) {
531 actions.add(SendSyncConfigurationAction.create());
532 }
533 }
534 if (syncMessage.getGroups().isPresent()) {
535 try {
536 final var groupsMessage = syncMessage.getGroups().get();
537 context.getAttachmentHelper()
538 .retrieveAttachment(groupsMessage, context.getSyncHelper()::handleSyncDeviceGroups);
539 } catch (Exception e) {
540 logger.warn("Failed to handle received sync groups, ignoring: {}", e.getMessage());
541 }
542 }
543 if (syncMessage.getBlockedList().isPresent()) {
544 final var blockedListMessage = syncMessage.getBlockedList().get();
545 for (var address : blockedListMessage.getAddresses()) {
546 context.getContactHelper()
547 .setContactBlocked(context.getRecipientHelper().resolveRecipient(address), true);
548 }
549 for (var groupId : blockedListMessage.getGroupIds()
550 .stream()
551 .map(GroupId::unknownVersion)
552 .collect(Collectors.toSet())) {
553 try {
554 context.getGroupHelper().setGroupBlocked(groupId, true);
555 } catch (GroupNotFoundException e) {
556 logger.warn("BlockedListMessage contained groupID that was not found in GroupStore: {}",
557 groupId.toBase64());
558 }
559 }
560 }
561 if (syncMessage.getContacts().isPresent()) {
562 try {
563 final var contactsMessage = syncMessage.getContacts().get();
564 context.getAttachmentHelper()
565 .retrieveAttachment(contactsMessage.getContactsStream(),
566 context.getSyncHelper()::handleSyncDeviceContacts);
567 } catch (Exception e) {
568 logger.warn("Failed to handle received sync contacts, ignoring: {}", e.getMessage());
569 }
570 }
571 if (syncMessage.getVerified().isPresent()) {
572 final var verifiedMessage = syncMessage.getVerified().get();
573 account.getIdentityKeyStore()
574 .setIdentityTrustLevel(verifiedMessage.getDestination().getServiceId(),
575 verifiedMessage.getIdentityKey(),
576 TrustLevel.fromVerifiedState(verifiedMessage.getVerified()));
577 }
578 if (syncMessage.getStickerPackOperations().isPresent()) {
579 final var stickerPackOperationMessages = syncMessage.getStickerPackOperations().get();
580 for (var m : stickerPackOperationMessages) {
581 if (m.getPackId().isEmpty()) {
582 continue;
583 }
584 final var stickerPackId = StickerPackId.deserialize(m.getPackId().get());
585 final var installed = m.getType().isEmpty()
586 || m.getType().get() == StickerPackOperationMessage.Type.INSTALL;
587
588 var sticker = account.getStickerStore().getStickerPack(stickerPackId);
589 if (m.getPackKey().isPresent()) {
590 if (sticker == null) {
591 sticker = new StickerPack(-1, stickerPackId, m.getPackKey().get(), installed);
592 account.getStickerStore().addStickerPack(sticker);
593 }
594 if (installed) {
595 context.getJobExecutor()
596 .enqueueJob(new RetrieveStickerPackJob(stickerPackId, m.getPackKey().get()));
597 }
598 }
599
600 if (sticker != null && sticker.isInstalled() != installed) {
601 account.getStickerStore().updateStickerPackInstalled(sticker.packId(), installed);
602 }
603 }
604 }
605 if (syncMessage.getFetchType().isPresent()) {
606 switch (syncMessage.getFetchType().get()) {
607 case LOCAL_PROFILE -> actions.add(new RetrieveProfileAction(account.getSelfRecipientId()));
608 case STORAGE_MANIFEST -> actions.add(RetrieveStorageDataAction.create());
609 }
610 }
611 if (syncMessage.getKeys().isPresent()) {
612 final var keysMessage = syncMessage.getKeys().get();
613 if (keysMessage.getStorageService().isPresent()) {
614 final var storageKey = keysMessage.getStorageService().get();
615 account.setStorageKey(storageKey);
616 actions.add(RetrieveStorageDataAction.create());
617 }
618 }
619 if (syncMessage.getConfiguration().isPresent()) {
620 final var configurationMessage = syncMessage.getConfiguration().get();
621 final var configurationStore = account.getConfigurationStore();
622 if (configurationMessage.getReadReceipts().isPresent()) {
623 configurationStore.setReadReceipts(configurationMessage.getReadReceipts().get());
624 }
625 if (configurationMessage.getLinkPreviews().isPresent()) {
626 configurationStore.setLinkPreviews(configurationMessage.getLinkPreviews().get());
627 }
628 if (configurationMessage.getTypingIndicators().isPresent()) {
629 configurationStore.setTypingIndicators(configurationMessage.getTypingIndicators().get());
630 }
631 if (configurationMessage.getUnidentifiedDeliveryIndicators().isPresent()) {
632 configurationStore.setUnidentifiedDeliveryIndicators(configurationMessage.getUnidentifiedDeliveryIndicators()
633 .get());
634 }
635 }
636 if (syncMessage.getPniChangeNumber().isPresent()) {
637 final var pniChangeNumber = syncMessage.getPniChangeNumber().get();
638 logger.debug("Received PNI change number sync message, applying.");
639 if (pniChangeNumber.hasIdentityKeyPair()
640 && pniChangeNumber.hasRegistrationId()
641 && pniChangeNumber.hasSignedPreKey()
642 && !envelope.getUpdatedPni().isEmpty()) {
643 logger.debug("New PNI: {}", envelope.getUpdatedPni());
644 try {
645 final var updatedPni = PNI.parseOrThrow(envelope.getUpdatedPni());
646 context.getAccountHelper()
647 .setPni(updatedPni,
648 new IdentityKeyPair(pniChangeNumber.getIdentityKeyPair().toByteArray()),
649 new SignedPreKeyRecord(pniChangeNumber.getSignedPreKey().toByteArray()),
650 pniChangeNumber.getRegistrationId());
651 } catch (Exception e) {
652 logger.warn("Failed to handle change number message", e);
653 }
654 }
655 }
656 return actions;
657 }
658
659 private SignalServiceGroupContext getGroupContext(SignalServiceContent content) {
660 if (content == null) {
661 return null;
662 }
663
664 if (content.getDataMessage().isPresent()) {
665 var message = content.getDataMessage().get();
666 if (message.getGroupContext().isPresent()) {
667 return message.getGroupContext().get();
668 }
669 }
670
671 if (content.getStoryMessage().isPresent()) {
672 var message = content.getStoryMessage().get();
673 if (message.getGroupContext().isPresent()) {
674 try {
675 return SignalServiceGroupContext.create(null, message.getGroupContext().get());
676 } catch (InvalidMessageException e) {
677 throw new AssertionError(e);
678 }
679 }
680 }
681
682 return null;
683 }
684
685 private boolean isMessageBlocked(SignalServiceEnvelope envelope, SignalServiceContent content) {
686 SignalServiceAddress source = getSenderAddress(envelope, content);
687 if (source == null) {
688 return false;
689 }
690 final var recipientId = context.getRecipientHelper().resolveRecipient(source);
691 if (context.getContactHelper().isContactBlocked(recipientId)) {
692 return true;
693 }
694
695 final var groupContext = getGroupContext(content);
696 if (groupContext != null) {
697 var groupId = GroupUtils.getGroupId(groupContext);
698 return context.getGroupHelper().isGroupBlocked(groupId);
699 }
700
701 return false;
702 }
703
704 private boolean isNotAllowedToSendToGroup(SignalServiceEnvelope envelope, SignalServiceContent content) {
705 SignalServiceAddress source = getSenderAddress(envelope, content);
706 if (source == null) {
707 return false;
708 }
709
710 final var groupContext = getGroupContext(content);
711 if (groupContext == null) {
712 return false;
713 }
714
715 if (groupContext.getGroupV1().isPresent()) {
716 var groupInfo = groupContext.getGroupV1().get();
717 if (groupInfo.getType() == SignalServiceGroup.Type.QUIT) {
718 return false;
719 }
720 }
721
722 var groupId = GroupUtils.getGroupId(groupContext);
723 var group = context.getGroupHelper().getGroup(groupId);
724 if (group == null) {
725 return false;
726 }
727
728 final var message = content.getDataMessage().orElse(null);
729
730 final var recipientId = context.getRecipientHelper().resolveRecipient(source);
731 if (!group.isMember(recipientId) && !(
732 group.isPendingMember(recipientId) && message != null && message.isGroupV2Update()
733 )) {
734 return true;
735 }
736
737 if (group.isAnnouncementGroup() && !group.isAdmin(recipientId)) {
738 return message == null
739 || message.getBody().isPresent()
740 || message.getAttachments().isPresent()
741 || message.getQuote().isPresent()
742 || message.getPreviews().isPresent()
743 || message.getMentions().isPresent()
744 || message.getSticker().isPresent();
745 }
746 return false;
747 }
748
749 private List<HandleAction> handleSignalServiceDataMessage(
750 SignalServiceDataMessage message,
751 boolean isSync,
752 DeviceAddress source,
753 DeviceAddress destination,
754 boolean ignoreAttachments
755 ) {
756 var actions = new ArrayList<HandleAction>();
757 if (message.getGroupContext().isPresent()) {
758 final var groupContext = message.getGroupContext().get();
759 if (groupContext.getGroupV1().isPresent()) {
760 var groupInfo = groupContext.getGroupV1().get();
761 var groupId = GroupId.v1(groupInfo.getGroupId());
762 var group = context.getGroupHelper().getGroup(groupId);
763 if (group == null || group instanceof GroupInfoV1) {
764 var groupV1 = (GroupInfoV1) group;
765 switch (groupInfo.getType()) {
766 case UPDATE -> {
767 if (groupV1 == null) {
768 groupV1 = new GroupInfoV1(groupId);
769 }
770
771 if (groupInfo.getAvatar().isPresent()) {
772 var avatar = groupInfo.getAvatar().get();
773 context.getGroupHelper().downloadGroupAvatar(groupV1.getGroupId(), avatar);
774 }
775
776 if (groupInfo.getName().isPresent()) {
777 groupV1.name = groupInfo.getName().get();
778 }
779
780 if (groupInfo.getMembers().isPresent()) {
781 groupV1.addMembers(groupInfo.getMembers()
782 .get()
783 .stream()
784 .map(context.getRecipientHelper()::resolveRecipient)
785 .collect(Collectors.toSet()));
786 }
787
788 account.getGroupStore().updateGroup(groupV1);
789 }
790 case DELIVER -> {
791 if (groupV1 == null && !isSync) {
792 actions.add(new SendGroupInfoRequestAction(source.recipientId(), groupId));
793 }
794 }
795 case QUIT -> {
796 if (groupV1 != null) {
797 groupV1.removeMember(source.recipientId());
798 account.getGroupStore().updateGroup(groupV1);
799 }
800 }
801 case REQUEST_INFO -> {
802 if (groupV1 != null && !isSync) {
803 actions.add(new SendGroupInfoAction(source.recipientId(), groupV1.getGroupId()));
804 }
805 }
806 }
807 } else {
808 // Received a group v1 message for a v2 group
809 }
810 }
811 if (groupContext.getGroupV2().isPresent()) {
812 handleGroupV2Context(groupContext.getGroupV2().get());
813 }
814 }
815
816 final var selfAddress = isSync ? source : destination;
817 final var conversationPartnerAddress = isSync ? destination : source;
818 if (conversationPartnerAddress != null && message.isEndSession()) {
819 account.getAccountData(selfAddress.serviceId())
820 .getSessionStore()
821 .deleteAllSessions(conversationPartnerAddress.serviceId());
822 }
823 if (message.isExpirationUpdate() || message.getBody().isPresent()) {
824 if (message.getGroupContext().isPresent()) {
825 final var groupContext = message.getGroupContext().get();
826 if (groupContext.getGroupV1().isPresent()) {
827 var groupInfo = groupContext.getGroupV1().get();
828 var group = account.getGroupStore().getOrCreateGroupV1(GroupId.v1(groupInfo.getGroupId()));
829 if (group != null) {
830 if (group.messageExpirationTime != message.getExpiresInSeconds()) {
831 group.messageExpirationTime = message.getExpiresInSeconds();
832 account.getGroupStore().updateGroup(group);
833 }
834 }
835 } else if (groupContext.getGroupV2().isPresent()) {
836 // disappearing message timer already stored in the DecryptedGroup
837 }
838 } else if (conversationPartnerAddress != null) {
839 context.getContactHelper()
840 .setExpirationTimer(conversationPartnerAddress.recipientId(), message.getExpiresInSeconds());
841 }
842 }
843 if (!ignoreAttachments) {
844 if (message.getAttachments().isPresent()) {
845 for (var attachment : message.getAttachments().get()) {
846 context.getAttachmentHelper().downloadAttachment(attachment);
847 }
848 }
849 if (message.getSharedContacts().isPresent()) {
850 for (var contact : message.getSharedContacts().get()) {
851 if (contact.getAvatar().isPresent()) {
852 context.getAttachmentHelper().downloadAttachment(contact.getAvatar().get().getAttachment());
853 }
854 }
855 }
856 if (message.getPreviews().isPresent()) {
857 final var previews = message.getPreviews().get();
858 for (var preview : previews) {
859 if (preview.getImage().isPresent()) {
860 context.getAttachmentHelper().downloadAttachment(preview.getImage().get());
861 }
862 }
863 }
864 if (message.getQuote().isPresent()) {
865 final var quote = message.getQuote().get();
866
867 if (quote.getAttachments() != null) {
868 for (var quotedAttachment : quote.getAttachments()) {
869 final var thumbnail = quotedAttachment.getThumbnail();
870 if (thumbnail != null) {
871 context.getAttachmentHelper().downloadAttachment(thumbnail);
872 }
873 }
874 }
875 }
876 }
877 if (message.getGiftBadge().isPresent()) {
878 handleIncomingGiftBadge(message.getGiftBadge().get());
879 }
880 if (message.getProfileKey().isPresent()) {
881 handleIncomingProfileKey(message.getProfileKey().get(), source.recipientId());
882 }
883 if (message.getSticker().isPresent()) {
884 final var messageSticker = message.getSticker().get();
885 final var stickerPackId = StickerPackId.deserialize(messageSticker.getPackId());
886 var sticker = account.getStickerStore().getStickerPack(stickerPackId);
887 if (sticker == null) {
888 sticker = new StickerPack(stickerPackId, messageSticker.getPackKey());
889 account.getStickerStore().addStickerPack(sticker);
890 }
891 context.getJobExecutor().enqueueJob(new RetrieveStickerPackJob(stickerPackId, messageSticker.getPackKey()));
892 }
893 return actions;
894 }
895
896 private void handleIncomingGiftBadge(final SignalServiceDataMessage.GiftBadge giftBadge) {
897 // TODO
898 }
899
900 private List<HandleAction> handleSignalServiceStoryMessage(
901 SignalServiceStoryMessage message, RecipientId source, boolean ignoreAttachments
902 ) {
903 var actions = new ArrayList<HandleAction>();
904 if (message.getGroupContext().isPresent()) {
905 handleGroupV2Context(message.getGroupContext().get());
906 }
907
908 if (!ignoreAttachments) {
909 if (message.getFileAttachment().isPresent()) {
910 context.getAttachmentHelper().downloadAttachment(message.getFileAttachment().get());
911 }
912 if (message.getTextAttachment().isPresent()) {
913 final var textAttachment = message.getTextAttachment().get();
914 if (textAttachment.getPreview().isPresent()) {
915 final var preview = textAttachment.getPreview().get();
916 if (preview.getImage().isPresent()) {
917 context.getAttachmentHelper().downloadAttachment(preview.getImage().get());
918 }
919 }
920 }
921 }
922
923 if (message.getProfileKey().isPresent()) {
924 handleIncomingProfileKey(message.getProfileKey().get(), source);
925 }
926
927 return actions;
928 }
929
930 private void handleGroupV2Context(final SignalServiceGroupV2 groupContext) {
931 final var groupMasterKey = groupContext.getMasterKey();
932
933 context.getGroupHelper()
934 .getOrMigrateGroup(groupMasterKey,
935 groupContext.getRevision(),
936 groupContext.hasSignedGroupChange() ? groupContext.getSignedGroupChange() : null);
937 }
938
939 private void handleIncomingProfileKey(final byte[] profileKeyBytes, final RecipientId source) {
940 if (profileKeyBytes.length != 32) {
941 logger.debug("Received invalid profile key of length {}", profileKeyBytes.length);
942 return;
943 }
944 final ProfileKey profileKey;
945 try {
946 profileKey = new ProfileKey(profileKeyBytes);
947 } catch (InvalidInputException e) {
948 throw new AssertionError(e);
949 }
950 if (account.getSelfRecipientId().equals(source)) {
951 this.account.setProfileKey(profileKey);
952 }
953 this.account.getProfileStore().storeProfileKey(source, profileKey);
954 }
955
956 private SignalServiceAddress getSenderAddress(SignalServiceEnvelope envelope, SignalServiceContent content) {
957 if (!envelope.isUnidentifiedSender() && envelope.hasSourceUuid()) {
958 return envelope.getSourceAddress();
959 } else if (content != null) {
960 return content.getSender();
961 } else {
962 return null;
963 }
964 }
965
966 private DeviceAddress getSender(SignalServiceEnvelope envelope, SignalServiceContent content) {
967 if (!envelope.isUnidentifiedSender() && envelope.hasSourceUuid()) {
968 return new DeviceAddress(context.getRecipientHelper().resolveRecipient(envelope.getSourceAddress()),
969 envelope.getSourceAddress().getServiceId(),
970 envelope.getSourceDevice());
971 } else {
972 return new DeviceAddress(context.getRecipientHelper().resolveRecipient(content.getSender()),
973 content.getSender().getServiceId(),
974 content.getSenderDevice());
975 }
976 }
977
978 private DeviceAddress getDestination(SignalServiceEnvelope envelope) {
979 if (!envelope.hasDestinationUuid()) {
980 return new DeviceAddress(account.getSelfRecipientId(), account.getAci(), account.getDeviceId());
981 }
982 final var addressOptional = SignalServiceAddress.fromRaw(envelope.getDestinationUuid(), null);
983 if (addressOptional.isEmpty()) {
984 return new DeviceAddress(account.getSelfRecipientId(), account.getAci(), account.getDeviceId());
985 }
986 final var address = addressOptional.get();
987 return new DeviceAddress(context.getRecipientHelper().resolveRecipient(address),
988 address.getServiceId(),
989 account.getDeviceId());
990 }
991
992 private record DeviceAddress(RecipientId recipientId, ServiceId serviceId, int deviceId) {}
993 }
[GitHub/AsamK] signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Codeberg
GitHub
GitLab
SourceHut