]> nmode's Git Repositories - signal-cli/blob - lib/src/main/java/org/asamk/signal/manager/helper/IncomingMessageHandler.java
git.nmode.ca / signal-cli / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update documentation
[signal-cli] / lib / src / main / java / org / asamk / signal / manager / helper / IncomingMessageHandler.java
1 package org.asamk.signal.manager.helper;
2
3 import org.asamk.signal.manager.Manager;
4 import org.asamk.signal.manager.actions.HandleAction;
5 import org.asamk.signal.manager.actions.RefreshPreKeysAction;
6 import org.asamk.signal.manager.actions.RenewSessionAction;
7 import org.asamk.signal.manager.actions.ResendMessageAction;
8 import org.asamk.signal.manager.actions.RetrieveProfileAction;
9 import org.asamk.signal.manager.actions.SendGroupInfoAction;
10 import org.asamk.signal.manager.actions.SendGroupInfoRequestAction;
11 import org.asamk.signal.manager.actions.SendProfileKeyAction;
12 import org.asamk.signal.manager.actions.SendReceiptAction;
13 import org.asamk.signal.manager.actions.SendRetryMessageRequestAction;
14 import org.asamk.signal.manager.actions.SendSyncBlockedListAction;
15 import org.asamk.signal.manager.actions.SendSyncConfigurationAction;
16 import org.asamk.signal.manager.actions.SendSyncContactsAction;
17 import org.asamk.signal.manager.actions.SendSyncGroupsAction;
18 import org.asamk.signal.manager.actions.SendSyncKeysAction;
19 import org.asamk.signal.manager.actions.SyncStorageDataAction;
20 import org.asamk.signal.manager.actions.UpdateAccountAttributesAction;
21 import org.asamk.signal.manager.api.GroupId;
22 import org.asamk.signal.manager.api.GroupNotFoundException;
23 import org.asamk.signal.manager.api.MessageEnvelope;
24 import org.asamk.signal.manager.api.Pair;
25 import org.asamk.signal.manager.api.Profile;
26 import org.asamk.signal.manager.api.ReceiveConfig;
27 import org.asamk.signal.manager.api.StickerPackId;
28 import org.asamk.signal.manager.api.TrustLevel;
29 import org.asamk.signal.manager.api.UntrustedIdentityException;
30 import org.asamk.signal.manager.groups.GroupUtils;
31 import org.asamk.signal.manager.internal.SignalDependencies;
32 import org.asamk.signal.manager.jobs.RetrieveStickerPackJob;
33 import org.asamk.signal.manager.storage.SignalAccount;
34 import org.asamk.signal.manager.storage.groups.GroupInfoV1;
35 import org.asamk.signal.manager.storage.recipients.RecipientId;
36 import org.asamk.signal.manager.storage.stickers.StickerPack;
37 import org.signal.libsignal.metadata.ProtocolInvalidKeyException;
38 import org.signal.libsignal.metadata.ProtocolInvalidKeyIdException;
39 import org.signal.libsignal.metadata.ProtocolInvalidMessageException;
40 import org.signal.libsignal.metadata.ProtocolNoSessionException;
41 import org.signal.libsignal.metadata.ProtocolUntrustedIdentityException;
42 import org.signal.libsignal.metadata.SelfSendException;
43 import org.signal.libsignal.protocol.InvalidMessageException;
44 import org.signal.libsignal.protocol.groups.GroupSessionBuilder;
45 import org.signal.libsignal.protocol.message.DecryptionErrorMessage;
46 import org.signal.libsignal.zkgroup.InvalidInputException;
47 import org.signal.libsignal.zkgroup.profiles.ProfileKey;
48 import org.slf4j.Logger;
49 import org.slf4j.LoggerFactory;
50 import org.whispersystems.signalservice.api.InvalidMessageStructureException;
51 import org.whispersystems.signalservice.api.crypto.SignalGroupSessionBuilder;
52 import org.whispersystems.signalservice.api.crypto.SignalServiceCipherResult;
53 import org.whispersystems.signalservice.api.messages.EnvelopeContentValidator;
54 import org.whispersystems.signalservice.api.messages.SignalServiceContent;
55 import org.whispersystems.signalservice.api.messages.SignalServiceDataMessage;
56 import org.whispersystems.signalservice.api.messages.SignalServiceEnvelope;
57 import org.whispersystems.signalservice.api.messages.SignalServiceGroup;
58 import org.whispersystems.signalservice.api.messages.SignalServiceGroupContext;
59 import org.whispersystems.signalservice.api.messages.SignalServiceGroupV2;
60 import org.whispersystems.signalservice.api.messages.SignalServicePniSignatureMessage;
61 import org.whispersystems.signalservice.api.messages.SignalServiceReceiptMessage;
62 import org.whispersystems.signalservice.api.messages.SignalServiceStoryMessage;
63 import org.whispersystems.signalservice.api.messages.multidevice.SignalServiceSyncMessage;
64 import org.whispersystems.signalservice.api.messages.multidevice.StickerPackOperationMessage;
65 import org.whispersystems.signalservice.api.push.ServiceId;
66 import org.whispersystems.signalservice.api.push.ServiceId.ACI;
67 import org.whispersystems.signalservice.api.push.ServiceIdType;
68 import org.whispersystems.signalservice.api.push.SignalServiceAddress;
69 import org.whispersystems.signalservice.internal.push.Envelope;
70 import org.whispersystems.signalservice.internal.push.UnsupportedDataMessageException;
71
72 import java.util.ArrayList;
73 import java.util.List;
74 import java.util.Optional;
75 import java.util.stream.Collectors;
76
77 public final class IncomingMessageHandler {
78
79 private static final Logger logger = LoggerFactory.getLogger(IncomingMessageHandler.class);
80
81 private final SignalAccount account;
82 private final SignalDependencies dependencies;
83 private final Context context;
84
85 public IncomingMessageHandler(final Context context) {
86 this.account = context.getAccount();
87 this.dependencies = context.getDependencies();
88 this.context = context;
89 }
90
91 public Pair<List<HandleAction>, Exception> handleRetryEnvelope(
92 final SignalServiceEnvelope envelope,
93 final ReceiveConfig receiveConfig,
94 final Manager.ReceiveMessageHandler handler
95 ) {
96 final List<HandleAction> actions = new ArrayList<>();
97 if (envelope.isPreKeySignalMessage()) {
98 actions.add(RefreshPreKeysAction.create());
99 }
100
101 SignalServiceContent content = null;
102 if (!envelope.isReceipt()) {
103 account.getIdentityKeyStore().setRetryingDecryption(true);
104 final var destination = getDestination(envelope).serviceId();
105 try {
106 final var cipherResult = dependencies.getCipher(destination == null
107 || destination.equals(account.getAci()) ? ServiceIdType.ACI : ServiceIdType.PNI)
108 .decrypt(envelope.getProto(), envelope.getServerDeliveredTimestamp());
109 content = validate(envelope.getProto(), cipherResult, envelope.getServerDeliveredTimestamp());
110 if (content == null) {
111 return new Pair<>(List.of(), null);
112 }
113 } catch (ProtocolUntrustedIdentityException e) {
114 final var recipientId = account.getRecipientResolver().resolveRecipient(e.getSender());
115 final var exception = new UntrustedIdentityException(account.getRecipientAddressResolver()
116 .resolveRecipientAddress(recipientId)
117 .toApiRecipientAddress(), e.getSenderDevice());
118 return new Pair<>(List.of(), exception);
119 } catch (Exception e) {
120 return new Pair<>(List.of(), e);
121 } finally {
122 account.getIdentityKeyStore().setRetryingDecryption(false);
123 }
124 }
125 actions.addAll(checkAndHandleMessage(envelope, content, receiveConfig, handler, null));
126 return new Pair<>(actions, null);
127 }
128
129 public Pair<List<HandleAction>, Exception> handleEnvelope(
130 final SignalServiceEnvelope envelope,
131 final ReceiveConfig receiveConfig,
132 final Manager.ReceiveMessageHandler handler
133 ) {
134 final var actions = new ArrayList<HandleAction>();
135 SignalServiceContent content = null;
136 Exception exception = null;
137 envelope.getSourceServiceId().map(ServiceId::parseOrNull)
138 // Store uuid if we don't have it already
139 // uuid in envelope is sent by server
140 .ifPresent(serviceId -> account.getRecipientResolver().resolveRecipient(serviceId));
141 if (!envelope.isReceipt()) {
142 final var destination = getDestination(envelope).serviceId();
143 try {
144 final var cipherResult = dependencies.getCipher(destination == null
145 || destination.equals(account.getAci()) ? ServiceIdType.ACI : ServiceIdType.PNI)
146 .decrypt(envelope.getProto(), envelope.getServerDeliveredTimestamp());
147 content = validate(envelope.getProto(), cipherResult, envelope.getServerDeliveredTimestamp());
148 if (content == null) {
149 return new Pair<>(List.of(), null);
150 }
151 } catch (ProtocolUntrustedIdentityException e) {
152 final var recipientId = account.getRecipientResolver().resolveRecipient(e.getSender());
153 actions.add(new RetrieveProfileAction(recipientId));
154 exception = new UntrustedIdentityException(account.getRecipientAddressResolver()
155 .resolveRecipientAddress(recipientId)
156 .toApiRecipientAddress(), e.getSenderDevice());
157 } catch (ProtocolInvalidKeyIdException | ProtocolInvalidKeyException | ProtocolNoSessionException |
158 ProtocolInvalidMessageException e) {
159 logger.debug("Failed to decrypt incoming message", e);
160 final var sender = account.getRecipientResolver().resolveRecipient(e.getSender());
161 if (context.getContactHelper().isContactBlocked(sender)) {
162 logger.debug("Received invalid message from blocked contact, ignoring.");
163 } else {
164 final var senderProfile = context.getProfileHelper().getRecipientProfile(sender);
165 final var selfProfile = context.getProfileHelper().getSelfProfile();
166 var serviceId = ServiceId.parseOrNull(e.getSender());
167 if (serviceId == null) {
168 // Workaround for libsignal-client issue #492
169 serviceId = account.getRecipientAddressResolver()
170 .resolveRecipientAddress(sender)
171 .serviceId()
172 .orElse(null);
173 }
174 if (serviceId != null) {
175 final var isSelf = sender.equals(account.getSelfRecipientId())
176 && e.getSenderDevice() == account.getDeviceId();
177 final var isSenderSenderKeyCapable = senderProfile != null && senderProfile.getCapabilities()
178 .contains(Profile.Capability.senderKey);
179 final var isSelfSenderKeyCapable = selfProfile != null && selfProfile.getCapabilities()
180 .contains(Profile.Capability.senderKey);
181 if (!isSelf && isSenderSenderKeyCapable && isSelfSenderKeyCapable) {
182 logger.debug("Received invalid message, requesting message resend.");
183 actions.add(new SendRetryMessageRequestAction(sender, serviceId, e, envelope, destination));
184 } else {
185 logger.debug("Received invalid message, queuing renew session action.");
186 actions.add(new RenewSessionAction(sender, serviceId, destination));
187 }
188 } else {
189 logger.debug("Received invalid message from invalid sender: {}", e.getSender());
190 }
191 }
192 exception = e;
193 } catch (SelfSendException e) {
194 logger.debug("Dropping unidentified message from self.");
195 return new Pair<>(List.of(), null);
196 } catch (Exception e) {
197 logger.debug("Failed to handle incoming message", e);
198 exception = e;
199 }
200 }
201
202 actions.addAll(checkAndHandleMessage(envelope, content, receiveConfig, handler, exception));
203 return new Pair<>(actions, exception);
204 }
205
206 private SignalServiceContent validate(
207 Envelope envelope, SignalServiceCipherResult cipherResult, long serverDeliveredTimestamp
208 ) throws ProtocolInvalidKeyException, ProtocolInvalidMessageException, UnsupportedDataMessageException, InvalidMessageStructureException {
209 final var content = cipherResult.getContent();
210 final var envelopeMetadata = cipherResult.getMetadata();
211 final var validationResult = EnvelopeContentValidator.INSTANCE.validate(envelope, content);
212
213 if (validationResult instanceof EnvelopeContentValidator.Result.Invalid v) {
214 logger.warn("Invalid content! {}", v.getReason(), v.getThrowable());
215 return null;
216 }
217
218 if (validationResult instanceof EnvelopeContentValidator.Result.UnsupportedDataMessage v) {
219 logger.warn("Unsupported DataMessage! Our version: {}, their version: {}",
220 v.getOurVersion(),
221 v.getTheirVersion());
222 return null;
223 }
224
225 return SignalServiceContent.Companion.createFrom(account.getNumber(),
226 envelope,
227 envelopeMetadata,
228 content,
229 serverDeliveredTimestamp);
230 }
231
232 private List<HandleAction> checkAndHandleMessage(
233 final SignalServiceEnvelope envelope,
234 final SignalServiceContent content,
235 final ReceiveConfig receiveConfig,
236 final Manager.ReceiveMessageHandler handler,
237 final Exception exception
238 ) {
239 if (content != null) {
240 // Store uuid if we don't have it already
241 // address/uuid is validated by unidentified sender certificate
242
243 boolean handledPniSignature = false;
244 if (content.getPniSignatureMessage().isPresent()) {
245 final var message = content.getPniSignatureMessage().get();
246 final var senderAddress = getSenderAddress(envelope, content);
247 if (senderAddress != null) {
248 handledPniSignature = handlePniSignatureMessage(message, senderAddress);
249 }
250 }
251 if (!handledPniSignature) {
252 account.getRecipientTrustedResolver().resolveRecipientTrusted(content.getSender());
253 }
254 }
255 if (envelope.isReceipt()) {
256 final var senderDeviceAddress = getSender(envelope, content);
257 final var sender = senderDeviceAddress.serviceId();
258 final var senderDeviceId = senderDeviceAddress.deviceId();
259 account.getMessageSendLogStore().deleteEntryForRecipient(envelope.getTimestamp(), sender, senderDeviceId);
260 }
261
262 var notAllowedToSendToGroup = isNotAllowedToSendToGroup(envelope, content);
263 final var groupContext = getGroupContext(content);
264 if (groupContext != null && groupContext.getGroupV2().isPresent()) {
265 handleGroupV2Context(groupContext.getGroupV2().get());
266 }
267 // Check again in case the user just joined the group
268 notAllowedToSendToGroup = notAllowedToSendToGroup && isNotAllowedToSendToGroup(envelope, content);
269
270 if (isMessageBlocked(envelope, content)) {
271 logger.info("Ignoring a message from blocked user/group: {}", envelope.getTimestamp());
272 return List.of();
273 } else if (notAllowedToSendToGroup) {
274 final var senderAddress = getSenderAddress(envelope, content);
275 logger.info("Ignoring a group message from an unauthorized sender (no member or admin): {} {}",
276 senderAddress == null ? null : senderAddress.getIdentifier(),
277 envelope.getTimestamp());
278 return List.of();
279 } else {
280 List<HandleAction> actions;
281 if (content != null) {
282 actions = handleMessage(envelope, content, receiveConfig);
283 } else {
284 actions = List.of();
285 }
286 handler.handleMessage(MessageEnvelope.from(envelope,
287 content,
288 account.getRecipientResolver(),
289 account.getRecipientAddressResolver(),
290 context.getAttachmentHelper()::getAttachmentFile,
291 exception), exception);
292 return actions;
293 }
294 }
295
296 public List<HandleAction> handleMessage(
297 SignalServiceEnvelope envelope, SignalServiceContent content, ReceiveConfig receiveConfig
298 ) {
299 var actions = new ArrayList<HandleAction>();
300 final var senderDeviceAddress = getSender(envelope, content);
301 final var sender = senderDeviceAddress.recipientId();
302 final var senderServiceId = senderDeviceAddress.serviceId();
303 final var senderDeviceId = senderDeviceAddress.deviceId();
304 final var destination = getDestination(envelope);
305
306 if (account.getPni().equals(destination.serviceId)) {
307 account.getRecipientStore().markNeedsPniSignature(destination.recipientId, true);
308 } else if (account.getAci().equals(destination.serviceId)) {
309 account.getRecipientStore().markNeedsPniSignature(destination.recipientId, false);
310 }
311
312 if (content.getReceiptMessage().isPresent()) {
313 final var message = content.getReceiptMessage().get();
314 if (message.isDeliveryReceipt()) {
315 account.getMessageSendLogStore()
316 .deleteEntriesForRecipient(message.getTimestamps(), senderServiceId, senderDeviceId);
317 }
318 }
319
320 if (content.getSenderKeyDistributionMessage().isPresent()) {
321 final var message = content.getSenderKeyDistributionMessage().get();
322 final var protocolAddress = senderServiceId.toProtocolAddress(senderDeviceId);
323 logger.debug("Received a sender key distribution message for distributionId {} from {}",
324 message.getDistributionId(),
325 protocolAddress);
326 new SignalGroupSessionBuilder(dependencies.getSessionLock(),
327 new GroupSessionBuilder(account.getSenderKeyStore())).process(protocolAddress, message);
328 }
329
330 if (content.getDecryptionErrorMessage().isPresent()) {
331 var message = content.getDecryptionErrorMessage().get();
332 logger.debug("Received a decryption error message from {}.{} (resend request for {})",
333 sender,
334 senderDeviceId,
335 message.getTimestamp());
336 if (message.getDeviceId() == account.getDeviceId()) {
337 handleDecryptionErrorMessage(actions,
338 sender,
339 senderServiceId,
340 senderDeviceId,
341 message,
342 destination.serviceId());
343 } else {
344 logger.debug("Request is for another one of our devices");
345 }
346 }
347
348 if (content.getDataMessage().isPresent() || content.getEditMessage().isPresent()) {
349 var message = content.getDataMessage().isPresent()
350 ? content.getDataMessage().get()
351 : content.getEditMessage().get().getDataMessage();
352
353 if (content.isNeedsReceipt()) {
354 actions.add(new SendReceiptAction(sender,
355 SignalServiceReceiptMessage.Type.DELIVERY,
356 message.getTimestamp()));
357 } else {
358 // Message wasn't sent as unidentified sender message
359 final var contact = context.getAccount().getContactStore().getContact(sender);
360 if (account.isPrimaryDevice()
361 && contact != null
362 && !contact.isBlocked()
363 && contact.isProfileSharingEnabled()) {
364 actions.add(UpdateAccountAttributesAction.create());
365 actions.add(new SendProfileKeyAction(sender));
366 }
367 }
368 if (receiveConfig.sendReadReceipts()) {
369 actions.add(new SendReceiptAction(sender,
370 SignalServiceReceiptMessage.Type.READ,
371 message.getTimestamp()));
372 }
373
374 actions.addAll(handleSignalServiceDataMessage(message,
375 false,
376 senderDeviceAddress,
377 destination,
378 receiveConfig.ignoreAttachments()));
379 }
380
381 if (content.getStoryMessage().isPresent()) {
382 final var message = content.getStoryMessage().get();
383 actions.addAll(handleSignalServiceStoryMessage(message, sender, receiveConfig.ignoreAttachments()));
384 }
385
386 if (content.getSyncMessage().isPresent()) {
387 var syncMessage = content.getSyncMessage().get();
388 actions.addAll(handleSyncMessage(envelope,
389 syncMessage,
390 senderDeviceAddress,
391 receiveConfig.ignoreAttachments()));
392 }
393
394 return actions;
395 }
396
397 private boolean handlePniSignatureMessage(
398 final SignalServicePniSignatureMessage message, final SignalServiceAddress senderAddress
399 ) {
400 final var aci = senderAddress.getServiceId();
401 final var aciIdentity = account.getIdentityKeyStore().getIdentityInfo(aci);
402 final var pni = message.getPni();
403 final var pniIdentity = account.getIdentityKeyStore().getIdentityInfo(pni);
404
405 if (aciIdentity == null || pniIdentity == null || aci.equals(pni)) {
406 return false;
407 }
408
409 final var verified = pniIdentity.getIdentityKey()
410 .verifyAlternateIdentity(aciIdentity.getIdentityKey(), message.getSignature());
411
412 if (!verified) {
413 logger.debug("Invalid PNI signature of ACI {} with PNI {}", aci, pni);
414 return false;
415 }
416
417 logger.debug("Verified association of ACI {} with PNI {}", aci, pni);
418 account.getRecipientTrustedResolver()
419 .resolveRecipientTrusted(Optional.of(ACI.from(aci.getRawUuid())),
420 Optional.of(pni),
421 senderAddress.getNumber());
422 return true;
423 }
424
425 private void handleDecryptionErrorMessage(
426 final List<HandleAction> actions,
427 final RecipientId sender,
428 final ServiceId senderServiceId,
429 final int senderDeviceId,
430 final DecryptionErrorMessage message,
431 final ServiceId destination
432 ) {
433 final var logEntries = account.getMessageSendLogStore()
434 .findMessages(senderServiceId,
435 senderDeviceId,
436 message.getTimestamp(),
437 message.getRatchetKey().isEmpty());
438
439 for (final var logEntry : logEntries) {
440 actions.add(new ResendMessageAction(sender, message.getTimestamp(), logEntry));
441 }
442
443 if (message.getRatchetKey().isPresent()) {
444 final var sessionStore = account.getAccountData(destination).getSessionStore();
445 if (sessionStore.isCurrentRatchetKey(senderServiceId, senderDeviceId, message.getRatchetKey().get())) {
446 if (logEntries.isEmpty()) {
447 logger.debug("Renewing the session with sender");
448 actions.add(new RenewSessionAction(sender, senderServiceId, destination));
449 } else {
450 logger.trace("Archiving the session with sender, a resend message has already been queued");
451 sessionStore.archiveSessions(senderServiceId);
452 }
453 }
454 return;
455 }
456
457 var found = false;
458 for (final var logEntry : logEntries) {
459 if (logEntry.groupId().isEmpty()) {
460 continue;
461 }
462 final var group = account.getGroupStore().getGroup(logEntry.groupId().get());
463 if (group == null) {
464 continue;
465 }
466 found = true;
467 logger.trace("Deleting shared sender key with {} ({}): {}",
468 sender,
469 senderDeviceId,
470 group.getDistributionId());
471 account.getSenderKeyStore().deleteSharedWith(senderServiceId, senderDeviceId, group.getDistributionId());
472 }
473 if (!found) {
474 logger.debug("Reset all shared sender keys with this recipient, no related message found in send log");
475 account.getSenderKeyStore().deleteSharedWith(senderServiceId);
476 }
477 }
478
479 private List<HandleAction> handleSyncMessage(
480 final SignalServiceEnvelope envelope,
481 final SignalServiceSyncMessage syncMessage,
482 final DeviceAddress sender,
483 final boolean ignoreAttachments
484 ) {
485 var actions = new ArrayList<HandleAction>();
486 account.setMultiDevice(true);
487 if (syncMessage.getSent().isPresent()) {
488 var message = syncMessage.getSent().get();
489 final var destination = message.getDestination().orElse(null);
490 if (message.getDataMessage().isPresent()) {
491 actions.addAll(handleSignalServiceDataMessage(message.getDataMessage().get(),
492 true,
493 sender,
494 destination == null
495 ? null
496 : new DeviceAddress(account.getRecipientResolver().resolveRecipient(destination),
497 destination.getServiceId(),
498 0),
499 ignoreAttachments));
500 }
501 if (message.getStoryMessage().isPresent()) {
502 actions.addAll(handleSignalServiceStoryMessage(message.getStoryMessage().get(),
503 sender.recipientId(),
504 ignoreAttachments));
505 }
506 }
507 if (syncMessage.getRequest().isPresent() && account.isPrimaryDevice()) {
508 var rm = syncMessage.getRequest().get();
509 if (rm.isContactsRequest()) {
510 actions.add(SendSyncContactsAction.create());
511 }
512 if (rm.isGroupsRequest()) {
513 actions.add(SendSyncGroupsAction.create());
514 }
515 if (rm.isBlockedListRequest()) {
516 actions.add(SendSyncBlockedListAction.create());
517 }
518 if (rm.isKeysRequest()) {
519 actions.add(SendSyncKeysAction.create());
520 }
521 if (rm.isConfigurationRequest()) {
522 actions.add(SendSyncConfigurationAction.create());
523 }
524 actions.add(SyncStorageDataAction.create());
525 }
526 if (syncMessage.getGroups().isPresent()) {
527 try {
528 final var groupsMessage = syncMessage.getGroups().get();
529 context.getAttachmentHelper()
530 .retrieveAttachment(groupsMessage, context.getSyncHelper()::handleSyncDeviceGroups);
531 } catch (Exception e) {
532 logger.warn("Failed to handle received sync groups, ignoring: {}", e.getMessage());
533 }
534 }
535 if (syncMessage.getBlockedList().isPresent()) {
536 final var blockedListMessage = syncMessage.getBlockedList().get();
537 for (var address : blockedListMessage.getAddresses()) {
538 context.getContactHelper()
539 .setContactBlocked(account.getRecipientResolver().resolveRecipient(address), true);
540 }
541 for (var groupId : blockedListMessage.getGroupIds()
542 .stream()
543 .map(GroupId::unknownVersion)
544 .collect(Collectors.toSet())) {
545 try {
546 context.getGroupHelper().setGroupBlocked(groupId, true);
547 } catch (GroupNotFoundException e) {
548 logger.warn("BlockedListMessage contained groupID that was not found in GroupStore: {}",
549 groupId.toBase64());
550 }
551 }
552 }
553 if (syncMessage.getContacts().isPresent()) {
554 try {
555 final var contactsMessage = syncMessage.getContacts().get();
556 context.getAttachmentHelper()
557 .retrieveAttachment(contactsMessage.getContactsStream(),
558 context.getSyncHelper()::handleSyncDeviceContacts);
559 } catch (Exception e) {
560 logger.warn("Failed to handle received sync contacts, ignoring: {}", e.getMessage());
561 }
562 }
563 if (syncMessage.getVerified().isPresent()) {
564 final var verifiedMessage = syncMessage.getVerified().get();
565 account.getIdentityKeyStore()
566 .setIdentityTrustLevel(verifiedMessage.getDestination().getServiceId(),
567 verifiedMessage.getIdentityKey(),
568 TrustLevel.fromVerifiedState(verifiedMessage.getVerified()));
569 }
570 if (syncMessage.getStickerPackOperations().isPresent()) {
571 final var stickerPackOperationMessages = syncMessage.getStickerPackOperations().get();
572 for (var m : stickerPackOperationMessages) {
573 if (m.getPackId().isEmpty()) {
574 continue;
575 }
576 final var stickerPackId = StickerPackId.deserialize(m.getPackId().get());
577 final var stickerPackKey = m.getPackKey().orElse(null);
578 final var installed = m.getType().isEmpty()
579 || m.getType().get() == StickerPackOperationMessage.Type.INSTALL;
580
581 final var sticker = context.getStickerHelper()
582 .addOrUpdateStickerPack(stickerPackId, stickerPackKey, installed);
583
584 if (sticker != null && installed) {
585 context.getJobExecutor().enqueueJob(new RetrieveStickerPackJob(stickerPackId, sticker.packKey()));
586 }
587 }
588 }
589 if (syncMessage.getFetchType().isPresent()) {
590 switch (syncMessage.getFetchType().get()) {
591 case LOCAL_PROFILE -> actions.add(new RetrieveProfileAction(account.getSelfRecipientId()));
592 case STORAGE_MANIFEST -> actions.add(SyncStorageDataAction.create());
593 }
594 }
595 if (syncMessage.getKeys().isPresent()) {
596 final var keysMessage = syncMessage.getKeys().get();
597 if (keysMessage.getStorageService().isPresent()) {
598 final var storageKey = keysMessage.getStorageService().get();
599 account.setStorageKey(storageKey);
600 actions.add(SyncStorageDataAction.create());
601 }
602 if (keysMessage.getMaster().isPresent()) {
603 final var masterKey = keysMessage.getMaster().get();
604 account.setMasterKey(masterKey);
605 actions.add(SyncStorageDataAction.create());
606 }
607 }
608 if (syncMessage.getConfiguration().isPresent()) {
609 final var configurationMessage = syncMessage.getConfiguration().get();
610 final var configurationStore = account.getConfigurationStore();
611 if (configurationMessage.getReadReceipts().isPresent()) {
612 configurationStore.setReadReceipts(configurationMessage.getReadReceipts().get());
613 }
614 if (configurationMessage.getLinkPreviews().isPresent()) {
615 configurationStore.setLinkPreviews(configurationMessage.getLinkPreviews().get());
616 }
617 if (configurationMessage.getTypingIndicators().isPresent()) {
618 configurationStore.setTypingIndicators(configurationMessage.getTypingIndicators().get());
619 }
620 if (configurationMessage.getUnidentifiedDeliveryIndicators().isPresent()) {
621 configurationStore.setUnidentifiedDeliveryIndicators(configurationMessage.getUnidentifiedDeliveryIndicators()
622 .get());
623 }
624 }
625 if (syncMessage.getPniChangeNumber().isPresent()) {
626 final var pniChangeNumber = syncMessage.getPniChangeNumber().get();
627 logger.debug("Received PNI change number sync message, applying.");
628 final var updatedPniString = envelope.getUpdatedPni();
629 if (updatedPniString != null && !updatedPniString.isEmpty()) {
630 final var updatedPni = ServiceId.PNI.parseOrThrow(updatedPniString);
631 context.getAccountHelper().handlePniChangeNumberMessage(pniChangeNumber, updatedPni);
632 }
633 }
634 return actions;
635 }
636
637 private SignalServiceGroupContext getGroupContext(SignalServiceContent content) {
638 if (content == null) {
639 return null;
640 }
641
642 if (content.getDataMessage().isPresent()) {
643 var message = content.getDataMessage().get();
644 if (message.getGroupContext().isPresent()) {
645 return message.getGroupContext().get();
646 }
647 }
648
649 if (content.getStoryMessage().isPresent()) {
650 var message = content.getStoryMessage().get();
651 if (message.getGroupContext().isPresent()) {
652 try {
653 return SignalServiceGroupContext.create(null, message.getGroupContext().get());
654 } catch (InvalidMessageException e) {
655 throw new AssertionError(e);
656 }
657 }
658 }
659
660 return null;
661 }
662
663 private boolean isMessageBlocked(SignalServiceEnvelope envelope, SignalServiceContent content) {
664 SignalServiceAddress source = getSenderAddress(envelope, content);
665 if (source == null) {
666 return false;
667 }
668 final var recipientId = account.getRecipientResolver().resolveRecipient(source);
669 if (context.getContactHelper().isContactBlocked(recipientId)) {
670 return true;
671 }
672
673 final var groupContext = getGroupContext(content);
674 if (groupContext != null) {
675 var groupId = GroupUtils.getGroupId(groupContext);
676 return context.getGroupHelper().isGroupBlocked(groupId);
677 }
678
679 return false;
680 }
681
682 private boolean isNotAllowedToSendToGroup(SignalServiceEnvelope envelope, SignalServiceContent content) {
683 SignalServiceAddress source = getSenderAddress(envelope, content);
684 if (source == null) {
685 return false;
686 }
687
688 final var groupContext = getGroupContext(content);
689 if (groupContext == null) {
690 return false;
691 }
692
693 if (groupContext.getGroupV1().isPresent()) {
694 var groupInfo = groupContext.getGroupV1().get();
695 if (groupInfo.getType() == SignalServiceGroup.Type.QUIT) {
696 return false;
697 }
698 }
699
700 var groupId = GroupUtils.getGroupId(groupContext);
701 var group = context.getGroupHelper().getGroup(groupId);
702 if (group == null) {
703 return false;
704 }
705
706 final var message = content.getDataMessage().orElse(null);
707
708 final var recipientId = account.getRecipientResolver().resolveRecipient(source);
709 if (!group.isMember(recipientId) && !(
710 group.isPendingMember(recipientId) && message != null && message.isGroupV2Update()
711 )) {
712 return true;
713 }
714
715 if (group.isAnnouncementGroup() && !group.isAdmin(recipientId)) {
716 return message == null
717 || message.getBody().isPresent()
718 || message.getAttachments().isPresent()
719 || message.getQuote().isPresent()
720 || message.getPreviews().isPresent()
721 || message.getMentions().isPresent()
722 || message.getSticker().isPresent();
723 }
724 return false;
725 }
726
727 private List<HandleAction> handleSignalServiceDataMessage(
728 SignalServiceDataMessage message,
729 boolean isSync,
730 DeviceAddress source,
731 DeviceAddress destination,
732 boolean ignoreAttachments
733 ) {
734 var actions = new ArrayList<HandleAction>();
735 if (message.getGroupContext().isPresent()) {
736 final var groupContext = message.getGroupContext().get();
737 if (groupContext.getGroupV1().isPresent()) {
738 var groupInfo = groupContext.getGroupV1().get();
739 var groupId = GroupId.v1(groupInfo.getGroupId());
740 var group = context.getGroupHelper().getGroup(groupId);
741 if (group == null || group instanceof GroupInfoV1) {
742 var groupV1 = (GroupInfoV1) group;
743 switch (groupInfo.getType()) {
744 case UPDATE -> {
745 if (groupV1 == null) {
746 groupV1 = new GroupInfoV1(groupId);
747 }
748
749 if (groupInfo.getAvatar().isPresent()) {
750 var avatar = groupInfo.getAvatar().get();
751 context.getGroupHelper().downloadGroupAvatar(groupV1.getGroupId(), avatar);
752 }
753
754 if (groupInfo.getName().isPresent()) {
755 groupV1.name = groupInfo.getName().get();
756 }
757
758 if (groupInfo.getMembers().isPresent()) {
759 final var recipientResolver = account.getRecipientResolver();
760 groupV1.addMembers(groupInfo.getMembers()
761 .get()
762 .stream()
763 .map(recipientResolver::resolveRecipient)
764 .collect(Collectors.toSet()));
765 }
766
767 account.getGroupStore().updateGroup(groupV1);
768 }
769 case DELIVER -> {
770 if (groupV1 == null && !isSync) {
771 actions.add(new SendGroupInfoRequestAction(source.recipientId(), groupId));
772 }
773 }
774 case QUIT -> {
775 if (groupV1 != null) {
776 groupV1.removeMember(source.recipientId());
777 account.getGroupStore().updateGroup(groupV1);
778 }
779 }
780 case REQUEST_INFO -> {
781 if (groupV1 != null && !isSync) {
782 actions.add(new SendGroupInfoAction(source.recipientId(), groupV1.getGroupId()));
783 }
784 }
785 }
786 } else {
787 // Received a group v1 message for a v2 group
788 }
789 }
790 if (groupContext.getGroupV2().isPresent()) {
791 handleGroupV2Context(groupContext.getGroupV2().get());
792 }
793 }
794
795 final var selfAddress = isSync ? source : destination;
796 final var conversationPartnerAddress = isSync ? destination : source;
797 if (conversationPartnerAddress != null && message.isEndSession()) {
798 account.getAccountData(selfAddress.serviceId())
799 .getSessionStore()
800 .deleteAllSessions(conversationPartnerAddress.serviceId());
801 }
802 if (message.isExpirationUpdate() || message.getBody().isPresent()) {
803 if (message.getGroupContext().isPresent()) {
804 final var groupContext = message.getGroupContext().get();
805 if (groupContext.getGroupV1().isPresent()) {
806 var groupInfo = groupContext.getGroupV1().get();
807 var group = account.getGroupStore().getOrCreateGroupV1(GroupId.v1(groupInfo.getGroupId()));
808 if (group != null) {
809 if (group.messageExpirationTime != message.getExpiresInSeconds()) {
810 group.messageExpirationTime = message.getExpiresInSeconds();
811 account.getGroupStore().updateGroup(group);
812 }
813 }
814 } else if (groupContext.getGroupV2().isPresent()) {
815 // disappearing message timer already stored in the DecryptedGroup
816 }
817 } else if (conversationPartnerAddress != null) {
818 context.getContactHelper()
819 .setExpirationTimer(conversationPartnerAddress.recipientId(), message.getExpiresInSeconds());
820 }
821 }
822 if (!ignoreAttachments) {
823 if (message.getAttachments().isPresent()) {
824 for (var attachment : message.getAttachments().get()) {
825 context.getAttachmentHelper().downloadAttachment(attachment);
826 }
827 }
828 if (message.getSharedContacts().isPresent()) {
829 for (var contact : message.getSharedContacts().get()) {
830 if (contact.getAvatar().isPresent()) {
831 context.getAttachmentHelper().downloadAttachment(contact.getAvatar().get().getAttachment());
832 }
833 }
834 }
835 if (message.getPreviews().isPresent()) {
836 final var previews = message.getPreviews().get();
837 for (var preview : previews) {
838 if (preview.getImage().isPresent()) {
839 context.getAttachmentHelper().downloadAttachment(preview.getImage().get());
840 }
841 }
842 }
843 if (message.getQuote().isPresent()) {
844 final var quote = message.getQuote().get();
845
846 if (quote.getAttachments() != null) {
847 for (var quotedAttachment : quote.getAttachments()) {
848 final var thumbnail = quotedAttachment.getThumbnail();
849 if (thumbnail != null) {
850 context.getAttachmentHelper().downloadAttachment(thumbnail);
851 }
852 }
853 }
854 }
855 }
856 if (message.getGiftBadge().isPresent()) {
857 handleIncomingGiftBadge(message.getGiftBadge().get());
858 }
859 if (message.getProfileKey().isPresent()) {
860 handleIncomingProfileKey(message.getProfileKey().get(), source.recipientId());
861 }
862 if (message.getSticker().isPresent()) {
863 final var messageSticker = message.getSticker().get();
864 final var stickerPackId = StickerPackId.deserialize(messageSticker.getPackId());
865 var sticker = account.getStickerStore().getStickerPack(stickerPackId);
866 if (sticker == null) {
867 sticker = new StickerPack(stickerPackId, messageSticker.getPackKey());
868 account.getStickerStore().addStickerPack(sticker);
869 }
870 context.getJobExecutor().enqueueJob(new RetrieveStickerPackJob(stickerPackId, messageSticker.getPackKey()));
871 }
872 return actions;
873 }
874
875 private void handleIncomingGiftBadge(final SignalServiceDataMessage.GiftBadge giftBadge) {
876 // TODO
877 }
878
879 private List<HandleAction> handleSignalServiceStoryMessage(
880 SignalServiceStoryMessage message, RecipientId source, boolean ignoreAttachments
881 ) {
882 var actions = new ArrayList<HandleAction>();
883 if (message.getGroupContext().isPresent()) {
884 handleGroupV2Context(message.getGroupContext().get());
885 }
886
887 if (!ignoreAttachments) {
888 if (message.getFileAttachment().isPresent()) {
889 context.getAttachmentHelper().downloadAttachment(message.getFileAttachment().get());
890 }
891 if (message.getTextAttachment().isPresent()) {
892 final var textAttachment = message.getTextAttachment().get();
893 if (textAttachment.getPreview().isPresent()) {
894 final var preview = textAttachment.getPreview().get();
895 if (preview.getImage().isPresent()) {
896 context.getAttachmentHelper().downloadAttachment(preview.getImage().get());
897 }
898 }
899 }
900 }
901
902 if (message.getProfileKey().isPresent()) {
903 handleIncomingProfileKey(message.getProfileKey().get(), source);
904 }
905
906 return actions;
907 }
908
909 private void handleGroupV2Context(final SignalServiceGroupV2 groupContext) {
910 final var groupMasterKey = groupContext.getMasterKey();
911
912 context.getGroupHelper()
913 .getOrMigrateGroup(groupMasterKey,
914 groupContext.getRevision(),
915 groupContext.hasSignedGroupChange() ? groupContext.getSignedGroupChange() : null);
916 }
917
918 private void handleIncomingProfileKey(final byte[] profileKeyBytes, final RecipientId source) {
919 if (profileKeyBytes.length != 32) {
920 logger.debug("Received invalid profile key of length {}", profileKeyBytes.length);
921 return;
922 }
923 final ProfileKey profileKey;
924 try {
925 profileKey = new ProfileKey(profileKeyBytes);
926 } catch (InvalidInputException e) {
927 throw new AssertionError(e);
928 }
929 if (account.getSelfRecipientId().equals(source)) {
930 this.account.setProfileKey(profileKey);
931 }
932 this.account.getProfileStore().storeProfileKey(source, profileKey);
933 }
934
935 private SignalServiceAddress getSenderAddress(SignalServiceEnvelope envelope, SignalServiceContent content) {
936 final var serviceId = envelope.getSourceServiceId().map(ServiceId::parseOrNull).orElse(null);
937 if (!envelope.isUnidentifiedSender() && serviceId != null) {
938 return new SignalServiceAddress(serviceId);
939 } else if (content != null) {
940 return content.getSender();
941 } else {
942 return null;
943 }
944 }
945
946 private DeviceAddress getSender(SignalServiceEnvelope envelope, SignalServiceContent content) {
947 final var serviceId = envelope.getSourceServiceId().map(ServiceId::parseOrNull).orElse(null);
948 if (!envelope.isUnidentifiedSender() && serviceId != null) {
949 return new DeviceAddress(account.getRecipientResolver().resolveRecipient(serviceId),
950 serviceId,
951 envelope.getSourceDevice());
952 } else {
953 return new DeviceAddress(account.getRecipientResolver().resolveRecipient(content.getSender()),
954 content.getSender().getServiceId(),
955 content.getSenderDevice());
956 }
957 }
958
959 private DeviceAddress getDestination(SignalServiceEnvelope envelope) {
960 final var destination = envelope.getDestinationServiceId();
961 if (destination == null) {
962 return new DeviceAddress(account.getSelfRecipientId(), account.getAci(), account.getDeviceId());
963 }
964 return new DeviceAddress(account.getRecipientResolver().resolveRecipient(destination),
965 destination,
966 account.getDeviceId());
967 }
968
969 private record DeviceAddress(RecipientId recipientId, ServiceId serviceId, int deviceId) {}
970 }
[GitHub/AsamK] signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Codeberg
GitHub
GitLab
SourceHut