]> nmode's Git Repositories - signal-cli/blob - lib/src/main/java/org/asamk/signal/manager/Manager.java
git.nmode.ca / signal-cli / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Implement add/remove admin privileges
[signal-cli] / lib / src / main / java / org / asamk / signal / manager / Manager.java
1 /*
2 Copyright (C) 2015-2021 AsamK and contributors
3
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation, either version 3 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>.
16 */
17 package org.asamk.signal.manager;
18
19 import org.asamk.signal.manager.api.Device;
20 import org.asamk.signal.manager.config.ServiceConfig;
21 import org.asamk.signal.manager.config.ServiceEnvironment;
22 import org.asamk.signal.manager.config.ServiceEnvironmentConfig;
23 import org.asamk.signal.manager.groups.GroupId;
24 import org.asamk.signal.manager.groups.GroupIdV1;
25 import org.asamk.signal.manager.groups.GroupInviteLinkUrl;
26 import org.asamk.signal.manager.groups.GroupNotFoundException;
27 import org.asamk.signal.manager.groups.GroupUtils;
28 import org.asamk.signal.manager.groups.NotAGroupMemberException;
29 import org.asamk.signal.manager.helper.GroupV2Helper;
30 import org.asamk.signal.manager.helper.PinHelper;
31 import org.asamk.signal.manager.helper.ProfileHelper;
32 import org.asamk.signal.manager.helper.UnidentifiedAccessHelper;
33 import org.asamk.signal.manager.storage.SignalAccount;
34 import org.asamk.signal.manager.storage.groups.GroupInfo;
35 import org.asamk.signal.manager.storage.groups.GroupInfoV1;
36 import org.asamk.signal.manager.storage.groups.GroupInfoV2;
37 import org.asamk.signal.manager.storage.identities.IdentityInfo;
38 import org.asamk.signal.manager.storage.messageCache.CachedMessage;
39 import org.asamk.signal.manager.storage.recipients.Contact;
40 import org.asamk.signal.manager.storage.recipients.Profile;
41 import org.asamk.signal.manager.storage.recipients.RecipientId;
42 import org.asamk.signal.manager.storage.stickers.Sticker;
43 import org.asamk.signal.manager.storage.stickers.StickerPackId;
44 import org.asamk.signal.manager.util.AttachmentUtils;
45 import org.asamk.signal.manager.util.IOUtils;
46 import org.asamk.signal.manager.util.KeyUtils;
47 import org.asamk.signal.manager.util.ProfileUtils;
48 import org.asamk.signal.manager.util.StickerUtils;
49 import org.asamk.signal.manager.util.Utils;
50 import org.signal.libsignal.metadata.InvalidMetadataMessageException;
51 import org.signal.libsignal.metadata.InvalidMetadataVersionException;
52 import org.signal.libsignal.metadata.ProtocolDuplicateMessageException;
53 import org.signal.libsignal.metadata.ProtocolInvalidKeyException;
54 import org.signal.libsignal.metadata.ProtocolInvalidKeyIdException;
55 import org.signal.libsignal.metadata.ProtocolInvalidMessageException;
56 import org.signal.libsignal.metadata.ProtocolInvalidVersionException;
57 import org.signal.libsignal.metadata.ProtocolLegacyMessageException;
58 import org.signal.libsignal.metadata.ProtocolNoSessionException;
59 import org.signal.libsignal.metadata.ProtocolUntrustedIdentityException;
60 import org.signal.libsignal.metadata.SelfSendException;
61 import org.signal.libsignal.metadata.certificate.CertificateValidator;
62 import org.signal.storageservice.protos.groups.GroupChange;
63 import org.signal.storageservice.protos.groups.local.DecryptedGroup;
64 import org.signal.zkgroup.InvalidInputException;
65 import org.signal.zkgroup.VerificationFailedException;
66 import org.signal.zkgroup.groups.GroupMasterKey;
67 import org.signal.zkgroup.groups.GroupSecretParams;
68 import org.signal.zkgroup.profiles.ClientZkProfileOperations;
69 import org.signal.zkgroup.profiles.ProfileKey;
70 import org.signal.zkgroup.profiles.ProfileKeyCredential;
71 import org.slf4j.Logger;
72 import org.slf4j.LoggerFactory;
73 import org.whispersystems.libsignal.IdentityKey;
74 import org.whispersystems.libsignal.IdentityKeyPair;
75 import org.whispersystems.libsignal.InvalidKeyException;
76 import org.whispersystems.libsignal.InvalidMessageException;
77 import org.whispersystems.libsignal.ecc.ECPublicKey;
78 import org.whispersystems.libsignal.state.PreKeyRecord;
79 import org.whispersystems.libsignal.state.SignedPreKeyRecord;
80 import org.whispersystems.libsignal.util.Pair;
81 import org.whispersystems.libsignal.util.guava.Optional;
82 import org.whispersystems.signalservice.api.SignalServiceAccountManager;
83 import org.whispersystems.signalservice.api.SignalServiceMessagePipe;
84 import org.whispersystems.signalservice.api.SignalServiceMessageReceiver;
85 import org.whispersystems.signalservice.api.SignalServiceMessageSender;
86 import org.whispersystems.signalservice.api.SignalSessionLock;
87 import org.whispersystems.signalservice.api.crypto.SignalServiceCipher;
88 import org.whispersystems.signalservice.api.crypto.UntrustedIdentityException;
89 import org.whispersystems.signalservice.api.groupsv2.ClientZkOperations;
90 import org.whispersystems.signalservice.api.groupsv2.GroupLinkNotActiveException;
91 import org.whispersystems.signalservice.api.groupsv2.GroupsV2Api;
92 import org.whispersystems.signalservice.api.groupsv2.GroupsV2AuthorizationString;
93 import org.whispersystems.signalservice.api.groupsv2.GroupsV2Operations;
94 import org.whispersystems.signalservice.api.messages.SendMessageResult;
95 import org.whispersystems.signalservice.api.messages.SignalServiceAttachment;
96 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentPointer;
97 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentRemoteId;
98 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentStream;
99 import org.whispersystems.signalservice.api.messages.SignalServiceContent;
100 import org.whispersystems.signalservice.api.messages.SignalServiceDataMessage;
101 import org.whispersystems.signalservice.api.messages.SignalServiceEnvelope;
102 import org.whispersystems.signalservice.api.messages.SignalServiceGroup;
103 import org.whispersystems.signalservice.api.messages.SignalServiceGroupV2;
104 import org.whispersystems.signalservice.api.messages.SignalServiceReceiptMessage;
105 import org.whispersystems.signalservice.api.messages.multidevice.BlockedListMessage;
106 import org.whispersystems.signalservice.api.messages.multidevice.ContactsMessage;
107 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContact;
108 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContactsInputStream;
109 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContactsOutputStream;
110 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroup;
111 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroupsInputStream;
112 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroupsOutputStream;
113 import org.whispersystems.signalservice.api.messages.multidevice.RequestMessage;
114 import org.whispersystems.signalservice.api.messages.multidevice.SentTranscriptMessage;
115 import org.whispersystems.signalservice.api.messages.multidevice.SignalServiceSyncMessage;
116 import org.whispersystems.signalservice.api.messages.multidevice.StickerPackOperationMessage;
117 import org.whispersystems.signalservice.api.messages.multidevice.VerifiedMessage;
118 import org.whispersystems.signalservice.api.profiles.ProfileAndCredential;
119 import org.whispersystems.signalservice.api.profiles.SignalServiceProfile;
120 import org.whispersystems.signalservice.api.push.SignalServiceAddress;
121 import org.whispersystems.signalservice.api.push.exceptions.MissingConfigurationException;
122 import org.whispersystems.signalservice.api.push.exceptions.UnregisteredUserException;
123 import org.whispersystems.signalservice.api.util.DeviceNameUtil;
124 import org.whispersystems.signalservice.api.util.InvalidNumberException;
125 import org.whispersystems.signalservice.api.util.PhoneNumberFormatter;
126 import org.whispersystems.signalservice.api.util.SleepTimer;
127 import org.whispersystems.signalservice.api.util.UptimeSleepTimer;
128 import org.whispersystems.signalservice.api.util.UuidUtil;
129 import org.whispersystems.signalservice.internal.contacts.crypto.Quote;
130 import org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedQuoteException;
131 import org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedResponseException;
132 import org.whispersystems.signalservice.internal.push.SignalServiceProtos;
133 import org.whispersystems.signalservice.internal.push.UnsupportedDataMessageException;
134 import org.whispersystems.signalservice.internal.util.DynamicCredentialsProvider;
135 import org.whispersystems.signalservice.internal.util.Hex;
136 import org.whispersystems.signalservice.internal.util.Util;
137
138 import java.io.Closeable;
139 import java.io.File;
140 import java.io.FileInputStream;
141 import java.io.FileOutputStream;
142 import java.io.IOException;
143 import java.io.InputStream;
144 import java.io.OutputStream;
145 import java.net.URI;
146 import java.net.URISyntaxException;
147 import java.net.URLEncoder;
148 import java.nio.charset.StandardCharsets;
149 import java.nio.file.Files;
150 import java.security.SignatureException;
151 import java.util.ArrayList;
152 import java.util.Arrays;
153 import java.util.Base64;
154 import java.util.Collection;
155 import java.util.Date;
156 import java.util.HashSet;
157 import java.util.List;
158 import java.util.Map;
159 import java.util.Set;
160 import java.util.UUID;
161 import java.util.concurrent.ExecutorService;
162 import java.util.concurrent.Executors;
163 import java.util.concurrent.TimeUnit;
164 import java.util.concurrent.TimeoutException;
165 import java.util.concurrent.locks.ReentrantLock;
166 import java.util.function.Function;
167 import java.util.stream.Collectors;
168
169 import static org.asamk.signal.manager.config.ServiceConfig.capabilities;
170
171 public class Manager implements Closeable {
172
173 private final static Logger logger = LoggerFactory.getLogger(Manager.class);
174
175 private final CertificateValidator certificateValidator;
176
177 private final ServiceEnvironmentConfig serviceEnvironmentConfig;
178 private final String userAgent;
179
180 private SignalAccount account;
181 private final SignalServiceAccountManager accountManager;
182 private final GroupsV2Api groupsV2Api;
183 private final GroupsV2Operations groupsV2Operations;
184 private final SignalServiceMessageReceiver messageReceiver;
185 private final ClientZkProfileOperations clientZkProfileOperations;
186
187 private final ExecutorService executor = Executors.newCachedThreadPool();
188
189 private SignalServiceMessagePipe messagePipe = null;
190 private SignalServiceMessagePipe unidentifiedMessagePipe = null;
191
192 private final UnidentifiedAccessHelper unidentifiedAccessHelper;
193 private final ProfileHelper profileHelper;
194 private final GroupV2Helper groupV2Helper;
195 private final PinHelper pinHelper;
196 private final AvatarStore avatarStore;
197 private final AttachmentStore attachmentStore;
198 private final SignalSessionLock sessionLock = new SignalSessionLock() {
199 private final ReentrantLock LEGACY_LOCK = new ReentrantLock();
200
201 @Override
202 public Lock acquire() {
203 LEGACY_LOCK.lock();
204 return LEGACY_LOCK::unlock;
205 }
206 };
207
208 Manager(
209 SignalAccount account,
210 PathConfig pathConfig,
211 ServiceEnvironmentConfig serviceEnvironmentConfig,
212 String userAgent
213 ) {
214 this.account = account;
215 this.serviceEnvironmentConfig = serviceEnvironmentConfig;
216 this.certificateValidator = new CertificateValidator(serviceEnvironmentConfig.getUnidentifiedSenderTrustRoot());
217 this.userAgent = userAgent;
218 this.groupsV2Operations = capabilities.isGv2() ? new GroupsV2Operations(ClientZkOperations.create(
219 serviceEnvironmentConfig.getSignalServiceConfiguration())) : null;
220 final SleepTimer timer = new UptimeSleepTimer();
221 this.accountManager = new SignalServiceAccountManager(serviceEnvironmentConfig.getSignalServiceConfiguration(),
222 new DynamicCredentialsProvider(account.getUuid(),
223 account.getUsername(),
224 account.getPassword(),
225 account.getDeviceId()),
226 userAgent,
227 groupsV2Operations,
228 ServiceConfig.AUTOMATIC_NETWORK_RETRY,
229 timer);
230 this.groupsV2Api = accountManager.getGroupsV2Api();
231 final var keyBackupService = accountManager.getKeyBackupService(ServiceConfig.getIasKeyStore(),
232 serviceEnvironmentConfig.getKeyBackupConfig().getEnclaveName(),
233 serviceEnvironmentConfig.getKeyBackupConfig().getServiceId(),
234 serviceEnvironmentConfig.getKeyBackupConfig().getMrenclave(),
235 10);
236
237 this.pinHelper = new PinHelper(keyBackupService);
238 this.clientZkProfileOperations = capabilities.isGv2()
239 ? ClientZkOperations.create(serviceEnvironmentConfig.getSignalServiceConfiguration())
240 .getProfileOperations()
241 : null;
242 this.messageReceiver = new SignalServiceMessageReceiver(serviceEnvironmentConfig.getSignalServiceConfiguration(),
243 account.getUuid(),
244 account.getUsername(),
245 account.getPassword(),
246 account.getDeviceId(),
247 userAgent,
248 null,
249 timer,
250 clientZkProfileOperations,
251 ServiceConfig.AUTOMATIC_NETWORK_RETRY);
252
253 this.unidentifiedAccessHelper = new UnidentifiedAccessHelper(account::getProfileKey,
254 account.getProfileStore()::getProfileKey,
255 this::getRecipientProfile,
256 this::getSenderCertificate);
257 this.profileHelper = new ProfileHelper(account.getProfileStore()::getProfileKey,
258 unidentifiedAccessHelper::getAccessFor,
259 unidentified -> unidentified ? getOrCreateUnidentifiedMessagePipe() : getOrCreateMessagePipe(),
260 () -> messageReceiver,
261 this::resolveSignalServiceAddress);
262 this.groupV2Helper = new GroupV2Helper(this::getRecipientProfileKeyCredential,
263 this::getRecipientProfile,
264 account::getSelfRecipientId,
265 groupsV2Operations,
266 groupsV2Api,
267 this::getGroupAuthForToday,
268 this::resolveSignalServiceAddress);
269 this.avatarStore = new AvatarStore(pathConfig.getAvatarsPath());
270 this.attachmentStore = new AttachmentStore(pathConfig.getAttachmentsPath());
271 }
272
273 public String getUsername() {
274 return account.getUsername();
275 }
276
277 public SignalServiceAddress getSelfAddress() {
278 return account.getSelfAddress();
279 }
280
281 public RecipientId getSelfRecipientId() {
282 return account.getSelfRecipientId();
283 }
284
285 private IdentityKeyPair getIdentityKeyPair() {
286 return account.getIdentityKeyPair();
287 }
288
289 public int getDeviceId() {
290 return account.getDeviceId();
291 }
292
293 public static Manager init(
294 String username, File settingsPath, ServiceEnvironment serviceEnvironment, String userAgent
295 ) throws IOException, NotRegisteredException {
296 var pathConfig = PathConfig.createDefault(settingsPath);
297
298 if (!SignalAccount.userExists(pathConfig.getDataPath(), username)) {
299 throw new NotRegisteredException();
300 }
301
302 var account = SignalAccount.load(pathConfig.getDataPath(), username, true);
303
304 if (!account.isRegistered()) {
305 throw new NotRegisteredException();
306 }
307
308 final var serviceEnvironmentConfig = ServiceConfig.getServiceEnvironmentConfig(serviceEnvironment, userAgent);
309
310 return new Manager(account, pathConfig, serviceEnvironmentConfig, userAgent);
311 }
312
313 public static List<String> getAllLocalUsernames(File settingsPath) {
314 var pathConfig = PathConfig.createDefault(settingsPath);
315 final var dataPath = pathConfig.getDataPath();
316 final var files = dataPath.listFiles();
317
318 if (files == null) {
319 return List.of();
320 }
321
322 return Arrays.stream(files)
323 .filter(File::isFile)
324 .map(File::getName)
325 .filter(file -> PhoneNumberFormatter.isValidNumber(file, null))
326 .collect(Collectors.toList());
327 }
328
329 public void checkAccountState() throws IOException {
330 if (accountManager.getPreKeysCount() < ServiceConfig.PREKEY_MINIMUM_COUNT) {
331 refreshPreKeys();
332 }
333 if (account.getUuid() == null) {
334 account.setUuid(accountManager.getOwnUuid());
335 }
336 updateAccountAttributes();
337 }
338
339 /**
340 * This is used for checking a set of phone numbers for registration on Signal
341 *
342 * @param numbers The set of phone number in question
343 * @return A map of numbers to booleans. True if registered, false otherwise. Should never be null
344 * @throws IOException if its unable to get the contacts to check if they're registered
345 */
346 public Map<String, Boolean> areUsersRegistered(Set<String> numbers) throws IOException {
347 // Note "contactDetails" has no optionals. It only gives us info on users who are registered
348 var contactDetails = getRegisteredUsers(numbers);
349
350 var registeredUsers = contactDetails.keySet();
351
352 return numbers.stream().collect(Collectors.toMap(x -> x, registeredUsers::contains));
353 }
354
355 public void updateAccountAttributes() throws IOException {
356 accountManager.setAccountAttributes(account.getEncryptedDeviceName(),
357 null,
358 account.getLocalRegistrationId(),
359 true,
360 // set legacy pin only if no KBS master key is set
361 account.getPinMasterKey() == null ? account.getRegistrationLockPin() : null,
362 account.getPinMasterKey() == null ? null : account.getPinMasterKey().deriveRegistrationLock(),
363 account.getSelfUnidentifiedAccessKey(),
364 account.isUnrestrictedUnidentifiedAccess(),
365 capabilities,
366 account.isDiscoverableByPhoneNumber());
367 }
368
369 /**
370 * @param givenName if null, the previous givenName will be kept
371 * @param familyName if null, the previous familyName will be kept
372 * @param about if null, the previous about text will be kept
373 * @param aboutEmoji if null, the previous about emoji will be kept
374 * @param avatar if avatar is null the image from the local avatar store is used (if present),
375 */
376 public void setProfile(
377 String givenName, final String familyName, String about, String aboutEmoji, Optional<File> avatar
378 ) throws IOException {
379 var profile = getRecipientProfile(account.getSelfRecipientId());
380 var builder = profile == null ? Profile.newBuilder() : Profile.newBuilder(profile);
381 if (givenName != null) {
382 builder.withGivenName(givenName);
383 }
384 if (familyName != null) {
385 builder.withFamilyName(familyName);
386 }
387 if (about != null) {
388 builder.withAbout(about);
389 }
390 if (aboutEmoji != null) {
391 builder.withAboutEmoji(aboutEmoji);
392 }
393 var newProfile = builder.build();
394
395 try (final var streamDetails = avatar == null
396 ? avatarStore.retrieveProfileAvatar(getSelfAddress())
397 : avatar.isPresent() ? Utils.createStreamDetailsFromFile(avatar.get()) : null) {
398 accountManager.setVersionedProfile(account.getUuid(),
399 account.getProfileKey(),
400 newProfile.getInternalServiceName(),
401 newProfile.getAbout() == null ? "" : newProfile.getAbout(),
402 newProfile.getAboutEmoji() == null ? "" : newProfile.getAboutEmoji(),
403 Optional.absent(),
404 streamDetails);
405 }
406
407 if (avatar != null) {
408 if (avatar.isPresent()) {
409 avatarStore.storeProfileAvatar(getSelfAddress(),
410 outputStream -> IOUtils.copyFileToStream(avatar.get(), outputStream));
411 } else {
412 avatarStore.deleteProfileAvatar(getSelfAddress());
413 }
414 }
415 account.getProfileStore().storeProfile(account.getSelfRecipientId(), newProfile);
416
417 try {
418 sendSyncMessage(SignalServiceSyncMessage.forFetchLatest(SignalServiceSyncMessage.FetchType.LOCAL_PROFILE));
419 } catch (UntrustedIdentityException ignored) {
420 }
421 }
422
423 public void unregister() throws IOException {
424 // When setting an empty GCM id, the Signal-Server also sets the fetchesMessages property to false.
425 // If this is the master device, other users can't send messages to this number anymore.
426 // If this is a linked device, other users can still send messages, but this device doesn't receive them anymore.
427 accountManager.setGcmId(Optional.absent());
428
429 account.setRegistered(false);
430 }
431
432 public void deleteAccount() throws IOException {
433 accountManager.deleteAccount();
434
435 account.setRegistered(false);
436 }
437
438 public List<Device> getLinkedDevices() throws IOException {
439 var devices = accountManager.getDevices();
440 account.setMultiDevice(devices.size() > 1);
441 var identityKey = account.getIdentityKeyPair().getPrivateKey();
442 return devices.stream().map(d -> {
443 String deviceName = d.getName();
444 if (deviceName != null) {
445 try {
446 deviceName = DeviceNameUtil.decryptDeviceName(deviceName, identityKey);
447 } catch (IOException e) {
448 logger.debug("Failed to decrypt device name, maybe plain text?", e);
449 }
450 }
451 return new Device(d.getId(), deviceName, d.getCreated(), d.getLastSeen());
452 }).collect(Collectors.toList());
453 }
454
455 public void removeLinkedDevices(int deviceId) throws IOException {
456 accountManager.removeDevice(deviceId);
457 var devices = accountManager.getDevices();
458 account.setMultiDevice(devices.size() > 1);
459 }
460
461 public void addDeviceLink(URI linkUri) throws IOException, InvalidKeyException {
462 var info = DeviceLinkInfo.parseDeviceLinkUri(linkUri);
463
464 addDevice(info.deviceIdentifier, info.deviceKey);
465 }
466
467 private void addDevice(String deviceIdentifier, ECPublicKey deviceKey) throws IOException, InvalidKeyException {
468 var identityKeyPair = getIdentityKeyPair();
469 var verificationCode = accountManager.getNewDeviceVerificationCode();
470
471 accountManager.addDevice(deviceIdentifier,
472 deviceKey,
473 identityKeyPair,
474 Optional.of(account.getProfileKey().serialize()),
475 verificationCode);
476 account.setMultiDevice(true);
477 }
478
479 public void setRegistrationLockPin(Optional<String> pin) throws IOException, UnauthenticatedResponseException {
480 if (!account.isMasterDevice()) {
481 throw new RuntimeException("Only master device can set a PIN");
482 }
483 if (pin.isPresent()) {
484 final var masterKey = account.getPinMasterKey() != null
485 ? account.getPinMasterKey()
486 : KeyUtils.createMasterKey();
487
488 pinHelper.setRegistrationLockPin(pin.get(), masterKey);
489
490 account.setRegistrationLockPin(pin.get(), masterKey);
491 } else {
492 // Remove legacy registration lock
493 accountManager.removeRegistrationLockV1();
494
495 // Remove KBS Pin
496 pinHelper.removeRegistrationLockPin();
497
498 account.setRegistrationLockPin(null, null);
499 }
500 }
501
502 void refreshPreKeys() throws IOException {
503 var oneTimePreKeys = generatePreKeys();
504 final var identityKeyPair = getIdentityKeyPair();
505 var signedPreKeyRecord = generateSignedPreKey(identityKeyPair);
506
507 accountManager.setPreKeys(identityKeyPair.getPublicKey(), signedPreKeyRecord, oneTimePreKeys);
508 }
509
510 private List<PreKeyRecord> generatePreKeys() {
511 final var offset = account.getPreKeyIdOffset();
512
513 var records = KeyUtils.generatePreKeyRecords(offset, ServiceConfig.PREKEY_BATCH_SIZE);
514 account.addPreKeys(records);
515
516 return records;
517 }
518
519 private SignedPreKeyRecord generateSignedPreKey(IdentityKeyPair identityKeyPair) {
520 final var signedPreKeyId = account.getNextSignedPreKeyId();
521
522 var record = KeyUtils.generateSignedPreKeyRecord(identityKeyPair, signedPreKeyId);
523 account.addSignedPreKey(record);
524
525 return record;
526 }
527
528 private SignalServiceMessagePipe getOrCreateMessagePipe() {
529 if (messagePipe == null) {
530 messagePipe = messageReceiver.createMessagePipe();
531 }
532 return messagePipe;
533 }
534
535 private SignalServiceMessagePipe getOrCreateUnidentifiedMessagePipe() {
536 if (unidentifiedMessagePipe == null) {
537 unidentifiedMessagePipe = messageReceiver.createUnidentifiedMessagePipe();
538 }
539 return unidentifiedMessagePipe;
540 }
541
542 private SignalServiceMessageSender createMessageSender() {
543 return new SignalServiceMessageSender(serviceEnvironmentConfig.getSignalServiceConfiguration(),
544 account.getUuid(),
545 account.getUsername(),
546 account.getPassword(),
547 account.getDeviceId(),
548 account.getSignalProtocolStore(),
549 sessionLock,
550 userAgent,
551 account.isMultiDevice(),
552 Optional.fromNullable(messagePipe),
553 Optional.fromNullable(unidentifiedMessagePipe),
554 Optional.absent(),
555 clientZkProfileOperations,
556 executor,
557 ServiceConfig.MAX_ENVELOPE_SIZE,
558 ServiceConfig.AUTOMATIC_NETWORK_RETRY);
559 }
560
561 public Profile getRecipientProfile(
562 RecipientId recipientId
563 ) {
564 return getRecipientProfile(recipientId, false);
565 }
566
567 private final Set<RecipientId> pendingProfileRequest = new HashSet<>();
568
569 Profile getRecipientProfile(
570 RecipientId recipientId, boolean force
571 ) {
572 var profile = account.getProfileStore().getProfile(recipientId);
573
574 var now = new Date().getTime();
575 // Profiles are cached for 24h before retrieving them again, unless forced
576 if (!force && profile != null && now - profile.getLastUpdateTimestamp() < 24 * 60 * 60 * 1000) {
577 return profile;
578 }
579
580 synchronized (pendingProfileRequest) {
581 if (pendingProfileRequest.contains(recipientId)) {
582 return profile;
583 }
584 pendingProfileRequest.add(recipientId);
585 }
586 final SignalServiceProfile encryptedProfile;
587 try {
588 encryptedProfile = retrieveEncryptedProfile(recipientId);
589 } finally {
590 synchronized (pendingProfileRequest) {
591 pendingProfileRequest.remove(recipientId);
592 }
593 }
594 if (encryptedProfile == null) {
595 return null;
596 }
597
598 var profileKey = account.getProfileStore().getProfileKey(recipientId);
599 if (profileKey == null) {
600 profile = new Profile(new Date().getTime(),
601 null,
602 null,
603 null,
604 null,
605 ProfileUtils.getUnidentifiedAccessMode(encryptedProfile, null),
606 ProfileUtils.getCapabilities(encryptedProfile));
607 } else {
608 profile = decryptProfileAndDownloadAvatar(recipientId, profileKey, encryptedProfile);
609 }
610 account.getProfileStore().storeProfile(recipientId, profile);
611
612 return profile;
613 }
614
615 private SignalServiceProfile retrieveEncryptedProfile(RecipientId recipientId) {
616 try {
617 return retrieveProfileAndCredential(recipientId, SignalServiceProfile.RequestType.PROFILE).getProfile();
618 } catch (IOException e) {
619 logger.warn("Failed to retrieve profile, ignoring: {}", e.getMessage());
620 return null;
621 }
622 }
623
624 private ProfileAndCredential retrieveProfileAndCredential(
625 final RecipientId recipientId, final SignalServiceProfile.RequestType requestType
626 ) throws IOException {
627 final var profileAndCredential = profileHelper.retrieveProfileSync(recipientId, requestType);
628 final var profile = profileAndCredential.getProfile();
629
630 try {
631 var newIdentity = account.getIdentityKeyStore()
632 .saveIdentity(recipientId,
633 new IdentityKey(Base64.getDecoder().decode(profile.getIdentityKey())),
634 new Date());
635
636 if (newIdentity) {
637 account.getSessionStore().archiveSessions(recipientId);
638 }
639 } catch (InvalidKeyException ignored) {
640 logger.warn("Got invalid identity key in profile for {}",
641 resolveSignalServiceAddress(recipientId).getLegacyIdentifier());
642 }
643 return profileAndCredential;
644 }
645
646 private ProfileKeyCredential getRecipientProfileKeyCredential(RecipientId recipientId) {
647 var profileKeyCredential = account.getProfileStore().getProfileKeyCredential(recipientId);
648 if (profileKeyCredential != null) {
649 return profileKeyCredential;
650 }
651
652 ProfileAndCredential profileAndCredential;
653 try {
654 profileAndCredential = retrieveProfileAndCredential(recipientId,
655 SignalServiceProfile.RequestType.PROFILE_AND_CREDENTIAL);
656 } catch (IOException e) {
657 logger.warn("Failed to retrieve profile key credential, ignoring: {}", e.getMessage());
658 return null;
659 }
660
661 profileKeyCredential = profileAndCredential.getProfileKeyCredential().orNull();
662 account.getProfileStore().storeProfileKeyCredential(recipientId, profileKeyCredential);
663
664 var profileKey = account.getProfileStore().getProfileKey(recipientId);
665 if (profileKey != null) {
666 final var profile = decryptProfileAndDownloadAvatar(recipientId,
667 profileKey,
668 profileAndCredential.getProfile());
669 account.getProfileStore().storeProfile(recipientId, profile);
670 }
671
672 return profileKeyCredential;
673 }
674
675 private Profile decryptProfileAndDownloadAvatar(
676 final RecipientId recipientId, final ProfileKey profileKey, final SignalServiceProfile encryptedProfile
677 ) {
678 if (encryptedProfile.getAvatar() != null) {
679 downloadProfileAvatar(resolveSignalServiceAddress(recipientId), encryptedProfile.getAvatar(), profileKey);
680 }
681
682 return ProfileUtils.decryptProfile(profileKey, encryptedProfile);
683 }
684
685 private Optional<SignalServiceAttachmentStream> createGroupAvatarAttachment(GroupId groupId) throws IOException {
686 final var streamDetails = avatarStore.retrieveGroupAvatar(groupId);
687 if (streamDetails == null) {
688 return Optional.absent();
689 }
690
691 return Optional.of(AttachmentUtils.createAttachment(streamDetails, Optional.absent()));
692 }
693
694 private Optional<SignalServiceAttachmentStream> createContactAvatarAttachment(SignalServiceAddress address) throws IOException {
695 final var streamDetails = avatarStore.retrieveContactAvatar(address);
696 if (streamDetails == null) {
697 return Optional.absent();
698 }
699
700 return Optional.of(AttachmentUtils.createAttachment(streamDetails, Optional.absent()));
701 }
702
703 private GroupInfo getGroupForSending(GroupId groupId) throws GroupNotFoundException, NotAGroupMemberException {
704 var g = getGroup(groupId);
705 if (g == null) {
706 throw new GroupNotFoundException(groupId);
707 }
708 if (!g.isMember(account.getSelfRecipientId())) {
709 throw new NotAGroupMemberException(groupId, g.getTitle());
710 }
711 return g;
712 }
713
714 private GroupInfo getGroupForUpdating(GroupId groupId) throws GroupNotFoundException, NotAGroupMemberException {
715 var g = getGroup(groupId);
716 if (g == null) {
717 throw new GroupNotFoundException(groupId);
718 }
719 if (!g.isMember(account.getSelfRecipientId()) && !g.isPendingMember(account.getSelfRecipientId())) {
720 throw new NotAGroupMemberException(groupId, g.getTitle());
721 }
722 return g;
723 }
724
725 public List<GroupInfo> getGroups() {
726 return account.getGroupStore().getGroups();
727 }
728
729 public Pair<Long, List<SendMessageResult>> sendGroupMessage(
730 String messageText, List<String> attachments, GroupId groupId
731 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, NotAGroupMemberException {
732 final var messageBuilder = SignalServiceDataMessage.newBuilder().withBody(messageText);
733 if (attachments != null) {
734 messageBuilder.withAttachments(AttachmentUtils.getSignalServiceAttachments(attachments));
735 }
736
737 return sendGroupMessage(messageBuilder, groupId);
738 }
739
740 public Pair<Long, List<SendMessageResult>> sendGroupMessageReaction(
741 String emoji, boolean remove, String targetAuthor, long targetSentTimestamp, GroupId groupId
742 ) throws IOException, InvalidNumberException, NotAGroupMemberException, GroupNotFoundException {
743 var targetAuthorRecipientId = canonicalizeAndResolveRecipient(targetAuthor);
744 var reaction = new SignalServiceDataMessage.Reaction(emoji,
745 remove,
746 resolveSignalServiceAddress(targetAuthorRecipientId),
747 targetSentTimestamp);
748 final var messageBuilder = SignalServiceDataMessage.newBuilder().withReaction(reaction);
749
750 return sendGroupMessage(messageBuilder, groupId);
751 }
752
753 public Pair<Long, List<SendMessageResult>> sendGroupMessage(
754 SignalServiceDataMessage.Builder messageBuilder, GroupId groupId
755 ) throws IOException, GroupNotFoundException, NotAGroupMemberException {
756 final var g = getGroupForSending(groupId);
757
758 GroupUtils.setGroupContext(messageBuilder, g);
759 messageBuilder.withExpiration(g.getMessageExpirationTime());
760
761 return sendMessage(messageBuilder, g.getMembersWithout(account.getSelfRecipientId()));
762 }
763
764 public Pair<Long, List<SendMessageResult>> sendQuitGroupMessage(GroupId groupId) throws GroupNotFoundException, IOException, NotAGroupMemberException {
765 SignalServiceDataMessage.Builder messageBuilder;
766
767 final var g = getGroupForUpdating(groupId);
768 if (g instanceof GroupInfoV1) {
769 var groupInfoV1 = (GroupInfoV1) g;
770 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.QUIT).withId(groupId.serialize()).build();
771 messageBuilder = SignalServiceDataMessage.newBuilder().asGroupMessage(group);
772 groupInfoV1.removeMember(account.getSelfRecipientId());
773 account.getGroupStore().updateGroup(groupInfoV1);
774 } else {
775 final var groupInfoV2 = (GroupInfoV2) g;
776 final var groupGroupChangePair = groupV2Helper.leaveGroup(groupInfoV2);
777 groupInfoV2.setGroup(groupGroupChangePair.first(), this::resolveRecipient);
778 messageBuilder = getGroupUpdateMessageBuilder(groupInfoV2, groupGroupChangePair.second().toByteArray());
779 account.getGroupStore().updateGroup(groupInfoV2);
780 }
781
782 return sendMessage(messageBuilder, g.getMembersWithout(account.getSelfRecipientId()));
783 }
784
785 public Pair<GroupId, List<SendMessageResult>> createGroup(
786 String name, List<String> members, File avatarFile
787 ) throws IOException, AttachmentInvalidException, InvalidNumberException {
788 return createGroup(name, members == null ? null : getSignalServiceAddresses(members), avatarFile);
789 }
790
791 private Pair<GroupId, List<SendMessageResult>> createGroup(
792 String name, Set<RecipientId> members, File avatarFile
793 ) throws IOException, AttachmentInvalidException {
794 final var selfRecipientId = account.getSelfRecipientId();
795 if (members != null && members.contains(selfRecipientId)) {
796 members = new HashSet<>(members);
797 members.remove(selfRecipientId);
798 }
799
800 var gv2Pair = groupV2Helper.createGroup(name == null ? "" : name,
801 members == null ? Set.of() : members,
802 avatarFile);
803
804 SignalServiceDataMessage.Builder messageBuilder;
805 if (gv2Pair == null) {
806 // Failed to create v2 group, creating v1 group instead
807 var gv1 = new GroupInfoV1(GroupIdV1.createRandom());
808 gv1.addMembers(List.of(selfRecipientId));
809 final var result = updateGroupV1(gv1, name, members, avatarFile);
810 return new Pair<>(gv1.getGroupId(), result.second());
811 }
812
813 final var gv2 = gv2Pair.first();
814 final var decryptedGroup = gv2Pair.second();
815
816 gv2.setGroup(decryptedGroup, this::resolveRecipient);
817 if (avatarFile != null) {
818 avatarStore.storeGroupAvatar(gv2.getGroupId(),
819 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
820 }
821 messageBuilder = getGroupUpdateMessageBuilder(gv2, null);
822 account.getGroupStore().updateGroup(gv2);
823
824 final var result = sendMessage(messageBuilder, gv2.getMembersIncludingPendingWithout(selfRecipientId));
825 return new Pair<>(gv2.getGroupId(), result.second());
826 }
827
828 public Pair<Long, List<SendMessageResult>> updateGroup(
829 GroupId groupId,
830 String name,
831 String description,
832 List<String> members,
833 List<String> removeMembers,
834 List<String> admins,
835 List<String> removeAdmins,
836 File avatarFile
837 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, InvalidNumberException, NotAGroupMemberException {
838 return updateGroup(groupId,
839 name,
840 description,
841 members == null ? null : getSignalServiceAddresses(members),
842 removeMembers == null ? null : getSignalServiceAddresses(removeMembers),
843 admins == null ? null : getSignalServiceAddresses(admins),
844 removeAdmins == null ? null : getSignalServiceAddresses(removeAdmins),
845 avatarFile);
846 }
847
848 private Pair<Long, List<SendMessageResult>> updateGroup(
849 final GroupId groupId,
850 final String name,
851 final String description,
852 final Set<RecipientId> members,
853 final Set<RecipientId> removeMembers,
854 final Set<RecipientId> admins,
855 final Set<RecipientId> removeAdmins,
856 final File avatarFile
857 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, NotAGroupMemberException {
858 var group = getGroupForUpdating(groupId);
859
860 if (group instanceof GroupInfoV2) {
861 return updateGroupV2((GroupInfoV2) group,
862 name,
863 description,
864 members,
865 removeMembers,
866 admins,
867 removeAdmins,
868 avatarFile);
869 }
870
871 return updateGroupV1((GroupInfoV1) group, name, members, avatarFile);
872 }
873
874 private Pair<Long, List<SendMessageResult>> updateGroupV1(
875 final GroupInfoV1 gv1, final String name, final Set<RecipientId> members, final File avatarFile
876 ) throws IOException, AttachmentInvalidException {
877 updateGroupV1Details(gv1, name, members, avatarFile);
878 var messageBuilder = getGroupUpdateMessageBuilder(gv1);
879
880 account.getGroupStore().updateGroup(gv1);
881
882 return sendMessage(messageBuilder, gv1.getMembersIncludingPendingWithout(account.getSelfRecipientId()));
883 }
884
885 private void updateGroupV1Details(
886 final GroupInfoV1 g, final String name, final Collection<RecipientId> members, final File avatarFile
887 ) throws IOException {
888 if (name != null) {
889 g.name = name;
890 }
891
892 if (members != null) {
893 final var newMemberAddresses = members.stream()
894 .filter(member -> !g.isMember(member))
895 .map(this::resolveSignalServiceAddress)
896 .collect(Collectors.toList());
897 final var newE164Members = new HashSet<String>();
898 for (var member : newMemberAddresses) {
899 if (!member.getNumber().isPresent()) {
900 continue;
901 }
902 newE164Members.add(member.getNumber().get());
903 }
904
905 final var registeredUsers = getRegisteredUsers(newE164Members);
906 if (registeredUsers.size() != newE164Members.size()) {
907 // Some of the new members are not registered on Signal
908 newE164Members.removeAll(registeredUsers.keySet());
909 throw new IOException("Failed to add members "
910 + String.join(", ", newE164Members)
911 + " to group: Not registered on Signal");
912 }
913
914 g.addMembers(members);
915 }
916
917 if (avatarFile != null) {
918 avatarStore.storeGroupAvatar(g.getGroupId(),
919 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
920 }
921 }
922
923 private Pair<Long, List<SendMessageResult>> updateGroupV2(
924 final GroupInfoV2 group,
925 final String name,
926 final String description,
927 final Set<RecipientId> members,
928 final Set<RecipientId> removeMembers,
929 final Set<RecipientId> admins,
930 final Set<RecipientId> removeAdmins,
931 final File avatarFile
932 ) throws IOException {
933 Pair<Long, List<SendMessageResult>> result = null;
934 if (group.isPendingMember(account.getSelfRecipientId())) {
935 var groupGroupChangePair = groupV2Helper.acceptInvite(group);
936 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
937 }
938
939 if (members != null) {
940 final var newMembers = new HashSet<>(members);
941 newMembers.removeAll(group.getMembers());
942 if (newMembers.size() > 0) {
943 var groupGroupChangePair = groupV2Helper.addMembers(group, newMembers);
944 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
945 }
946 }
947
948 if (removeMembers != null) {
949 var existingRemoveMembers = new HashSet<>(removeMembers);
950 existingRemoveMembers.retainAll(group.getMembers());
951 existingRemoveMembers.remove(getSelfRecipientId());// self can be removed with sendQuitGroupMessage
952 if (existingRemoveMembers.size() > 0) {
953 var groupGroupChangePair = groupV2Helper.removeMembers(group, existingRemoveMembers);
954 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
955 }
956
957 var pendingRemoveMembers = new HashSet<>(removeMembers);
958 pendingRemoveMembers.retainAll(group.getPendingMembers());
959 if (pendingRemoveMembers.size() > 0) {
960 var groupGroupChangePair = groupV2Helper.revokeInvitedMembers(group, pendingRemoveMembers);
961 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
962 }
963 }
964
965 if (admins != null) {
966 final var newAdmins = new HashSet<>(admins);
967 newAdmins.retainAll(group.getMembers());
968 newAdmins.removeAll(group.getAdminMembers());
969 if (newAdmins.size() > 0) {
970 for (var admin : newAdmins) {
971 var groupGroupChangePair = groupV2Helper.setMemberAdmin(group, admin, true);
972 result = sendUpdateGroupV2Message(group,
973 groupGroupChangePair.first(),
974 groupGroupChangePair.second());
975 }
976 }
977 }
978
979 if (removeAdmins != null) {
980 final var existingRemoveAdmins = new HashSet<>(removeAdmins);
981 existingRemoveAdmins.retainAll(group.getAdminMembers());
982 if (existingRemoveAdmins.size() > 0) {
983 for (var admin : existingRemoveAdmins) {
984 var groupGroupChangePair = groupV2Helper.setMemberAdmin(group, admin, false);
985 result = sendUpdateGroupV2Message(group,
986 groupGroupChangePair.first(),
987 groupGroupChangePair.second());
988 }
989 }
990 }
991
992 if (result == null || name != null || description != null || avatarFile != null) {
993 var groupGroupChangePair = groupV2Helper.updateGroup(group, name, description, avatarFile);
994 if (avatarFile != null) {
995 avatarStore.storeGroupAvatar(group.getGroupId(),
996 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
997 }
998 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
999 }
1000
1001 return result;
1002 }
1003
1004 public Pair<GroupId, List<SendMessageResult>> joinGroup(
1005 GroupInviteLinkUrl inviteLinkUrl
1006 ) throws IOException, GroupLinkNotActiveException {
1007 final var groupJoinInfo = groupV2Helper.getDecryptedGroupJoinInfo(inviteLinkUrl.getGroupMasterKey(),
1008 inviteLinkUrl.getPassword());
1009 final var groupChange = groupV2Helper.joinGroup(inviteLinkUrl.getGroupMasterKey(),
1010 inviteLinkUrl.getPassword(),
1011 groupJoinInfo);
1012 final var group = getOrMigrateGroup(inviteLinkUrl.getGroupMasterKey(),
1013 groupJoinInfo.getRevision() + 1,
1014 groupChange.toByteArray());
1015
1016 if (group.getGroup() == null) {
1017 // Only requested member, can't send update to group members
1018 return new Pair<>(group.getGroupId(), List.of());
1019 }
1020
1021 final var result = sendUpdateGroupV2Message(group, group.getGroup(), groupChange);
1022
1023 return new Pair<>(group.getGroupId(), result.second());
1024 }
1025
1026 private Pair<Long, List<SendMessageResult>> sendUpdateGroupV2Message(
1027 GroupInfoV2 group, DecryptedGroup newDecryptedGroup, GroupChange groupChange
1028 ) throws IOException {
1029 final var selfRecipientId = account.getSelfRecipientId();
1030 final var members = group.getMembersIncludingPendingWithout(selfRecipientId);
1031 group.setGroup(newDecryptedGroup, this::resolveRecipient);
1032 members.addAll(group.getMembersIncludingPendingWithout(selfRecipientId));
1033
1034 final var messageBuilder = getGroupUpdateMessageBuilder(group, groupChange.toByteArray());
1035 account.getGroupStore().updateGroup(group);
1036 return sendMessage(messageBuilder, members);
1037 }
1038
1039 private static int currentTimeDays() {
1040 return (int) TimeUnit.MILLISECONDS.toDays(System.currentTimeMillis());
1041 }
1042
1043 private GroupsV2AuthorizationString getGroupAuthForToday(
1044 final GroupSecretParams groupSecretParams
1045 ) throws IOException {
1046 final var today = currentTimeDays();
1047 // Returns credentials for the next 7 days
1048 final var credentials = groupsV2Api.getCredentials(today);
1049 // TODO cache credentials until they expire
1050 var authCredentialResponse = credentials.get(today);
1051 try {
1052 return groupsV2Api.getGroupsV2AuthorizationString(account.getUuid(),
1053 today,
1054 groupSecretParams,
1055 authCredentialResponse);
1056 } catch (VerificationFailedException e) {
1057 throw new IOException(e);
1058 }
1059 }
1060
1061 Pair<Long, List<SendMessageResult>> sendGroupInfoMessage(
1062 GroupIdV1 groupId, SignalServiceAddress recipient
1063 ) throws IOException, NotAGroupMemberException, GroupNotFoundException, AttachmentInvalidException {
1064 GroupInfoV1 g;
1065 var group = getGroupForSending(groupId);
1066 if (!(group instanceof GroupInfoV1)) {
1067 throw new RuntimeException("Received an invalid group request for a v2 group!");
1068 }
1069 g = (GroupInfoV1) group;
1070
1071 final var recipientId = resolveRecipient(recipient);
1072 if (!g.isMember(recipientId)) {
1073 throw new NotAGroupMemberException(groupId, g.name);
1074 }
1075
1076 var messageBuilder = getGroupUpdateMessageBuilder(g);
1077
1078 // Send group message only to the recipient who requested it
1079 return sendMessage(messageBuilder, Set.of(recipientId));
1080 }
1081
1082 private SignalServiceDataMessage.Builder getGroupUpdateMessageBuilder(GroupInfoV1 g) throws AttachmentInvalidException {
1083 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.UPDATE)
1084 .withId(g.getGroupId().serialize())
1085 .withName(g.name)
1086 .withMembers(g.getMembers()
1087 .stream()
1088 .map(this::resolveSignalServiceAddress)
1089 .collect(Collectors.toList()));
1090
1091 try {
1092 final var attachment = createGroupAvatarAttachment(g.getGroupId());
1093 if (attachment.isPresent()) {
1094 group.withAvatar(attachment.get());
1095 }
1096 } catch (IOException e) {
1097 throw new AttachmentInvalidException(g.getGroupId().toBase64(), e);
1098 }
1099
1100 return SignalServiceDataMessage.newBuilder()
1101 .asGroupMessage(group.build())
1102 .withExpiration(g.getMessageExpirationTime());
1103 }
1104
1105 private SignalServiceDataMessage.Builder getGroupUpdateMessageBuilder(GroupInfoV2 g, byte[] signedGroupChange) {
1106 var group = SignalServiceGroupV2.newBuilder(g.getMasterKey())
1107 .withRevision(g.getGroup().getRevision())
1108 .withSignedGroupChange(signedGroupChange);
1109 return SignalServiceDataMessage.newBuilder()
1110 .asGroupMessage(group.build())
1111 .withExpiration(g.getMessageExpirationTime());
1112 }
1113
1114 Pair<Long, List<SendMessageResult>> sendGroupInfoRequest(
1115 GroupIdV1 groupId, SignalServiceAddress recipient
1116 ) throws IOException {
1117 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.REQUEST_INFO).withId(groupId.serialize());
1118
1119 var messageBuilder = SignalServiceDataMessage.newBuilder().asGroupMessage(group.build());
1120
1121 // Send group info request message to the recipient who sent us a message with this groupId
1122 return sendMessage(messageBuilder, Set.of(resolveRecipient(recipient)));
1123 }
1124
1125 void sendReceipt(
1126 SignalServiceAddress remoteAddress, long messageId
1127 ) throws IOException, UntrustedIdentityException {
1128 var receiptMessage = new SignalServiceReceiptMessage(SignalServiceReceiptMessage.Type.DELIVERY,
1129 List.of(messageId),
1130 System.currentTimeMillis());
1131
1132 createMessageSender().sendReceipt(remoteAddress,
1133 unidentifiedAccessHelper.getAccessFor(resolveRecipient(remoteAddress)),
1134 receiptMessage);
1135 }
1136
1137 public Pair<Long, List<SendMessageResult>> sendMessage(
1138 String messageText, List<String> attachments, List<String> recipients
1139 ) throws IOException, AttachmentInvalidException, InvalidNumberException {
1140 final var messageBuilder = SignalServiceDataMessage.newBuilder().withBody(messageText);
1141 if (attachments != null) {
1142 var attachmentStreams = AttachmentUtils.getSignalServiceAttachments(attachments);
1143
1144 // Upload attachments here, so we only upload once even for multiple recipients
1145 var messageSender = createMessageSender();
1146 var attachmentPointers = new ArrayList<SignalServiceAttachment>(attachmentStreams.size());
1147 for (var attachment : attachmentStreams) {
1148 if (attachment.isStream()) {
1149 attachmentPointers.add(messageSender.uploadAttachment(attachment.asStream()));
1150 } else if (attachment.isPointer()) {
1151 attachmentPointers.add(attachment.asPointer());
1152 }
1153 }
1154
1155 messageBuilder.withAttachments(attachmentPointers);
1156 }
1157 return sendMessage(messageBuilder, getSignalServiceAddresses(recipients));
1158 }
1159
1160 public Pair<Long, SendMessageResult> sendSelfMessage(
1161 String messageText, List<String> attachments
1162 ) throws IOException, AttachmentInvalidException {
1163 final var messageBuilder = SignalServiceDataMessage.newBuilder().withBody(messageText);
1164 if (attachments != null) {
1165 messageBuilder.withAttachments(AttachmentUtils.getSignalServiceAttachments(attachments));
1166 }
1167 return sendSelfMessage(messageBuilder);
1168 }
1169
1170 public Pair<Long, List<SendMessageResult>> sendRemoteDeleteMessage(
1171 long targetSentTimestamp, List<String> recipients
1172 ) throws IOException, InvalidNumberException {
1173 var delete = new SignalServiceDataMessage.RemoteDelete(targetSentTimestamp);
1174 final var messageBuilder = SignalServiceDataMessage.newBuilder().withRemoteDelete(delete);
1175 return sendMessage(messageBuilder, getSignalServiceAddresses(recipients));
1176 }
1177
1178 public Pair<Long, List<SendMessageResult>> sendGroupRemoteDeleteMessage(
1179 long targetSentTimestamp, GroupId groupId
1180 ) throws IOException, NotAGroupMemberException, GroupNotFoundException {
1181 var delete = new SignalServiceDataMessage.RemoteDelete(targetSentTimestamp);
1182 final var messageBuilder = SignalServiceDataMessage.newBuilder().withRemoteDelete(delete);
1183 return sendGroupMessage(messageBuilder, groupId);
1184 }
1185
1186 public Pair<Long, List<SendMessageResult>> sendMessageReaction(
1187 String emoji, boolean remove, String targetAuthor, long targetSentTimestamp, List<String> recipients
1188 ) throws IOException, InvalidNumberException {
1189 var targetAuthorRecipientId = canonicalizeAndResolveRecipient(targetAuthor);
1190 var reaction = new SignalServiceDataMessage.Reaction(emoji,
1191 remove,
1192 resolveSignalServiceAddress(targetAuthorRecipientId),
1193 targetSentTimestamp);
1194 final var messageBuilder = SignalServiceDataMessage.newBuilder().withReaction(reaction);
1195 return sendMessage(messageBuilder, getSignalServiceAddresses(recipients));
1196 }
1197
1198 public Pair<Long, List<SendMessageResult>> sendEndSessionMessage(List<String> recipients) throws IOException, InvalidNumberException {
1199 var messageBuilder = SignalServiceDataMessage.newBuilder().asEndSessionMessage();
1200
1201 final var signalServiceAddresses = getSignalServiceAddresses(recipients);
1202 try {
1203 return sendMessage(messageBuilder, signalServiceAddresses);
1204 } catch (Exception e) {
1205 for (var address : signalServiceAddresses) {
1206 handleEndSession(address);
1207 }
1208 throw e;
1209 }
1210 }
1211
1212 void renewSession(RecipientId recipientId) throws IOException {
1213 account.getSessionStore().archiveSessions(recipientId);
1214 if (!recipientId.equals(getSelfRecipientId())) {
1215 sendNullMessage(recipientId);
1216 }
1217 }
1218
1219 public String getContactName(String number) throws InvalidNumberException {
1220 var contact = account.getContactStore().getContact(canonicalizeAndResolveRecipient(number));
1221 return contact == null || contact.getName() == null ? "" : contact.getName();
1222 }
1223
1224 public void setContactName(String number, String name) throws InvalidNumberException, NotMasterDeviceException {
1225 if (!account.isMasterDevice()) {
1226 throw new NotMasterDeviceException();
1227 }
1228 final var recipientId = canonicalizeAndResolveRecipient(number);
1229 var contact = account.getContactStore().getContact(recipientId);
1230 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1231 account.getContactStore().storeContact(recipientId, builder.withName(name).build());
1232 }
1233
1234 public void setContactBlocked(
1235 String number, boolean blocked
1236 ) throws InvalidNumberException, NotMasterDeviceException {
1237 if (!account.isMasterDevice()) {
1238 throw new NotMasterDeviceException();
1239 }
1240 setContactBlocked(canonicalizeAndResolveRecipient(number), blocked);
1241 }
1242
1243 private void setContactBlocked(RecipientId recipientId, boolean blocked) {
1244 var contact = account.getContactStore().getContact(recipientId);
1245 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1246 account.getContactStore().storeContact(recipientId, builder.withBlocked(blocked).build());
1247 }
1248
1249 public void setGroupBlocked(final GroupId groupId, final boolean blocked) throws GroupNotFoundException {
1250 var group = getGroup(groupId);
1251 if (group == null) {
1252 throw new GroupNotFoundException(groupId);
1253 }
1254
1255 group.setBlocked(blocked);
1256 account.getGroupStore().updateGroup(group);
1257 }
1258
1259 private void setExpirationTimer(RecipientId recipientId, int messageExpirationTimer) {
1260 var contact = account.getContactStore().getContact(recipientId);
1261 if (contact != null && contact.getMessageExpirationTime() == messageExpirationTimer) {
1262 return;
1263 }
1264 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1265 account.getContactStore()
1266 .storeContact(recipientId, builder.withMessageExpirationTime(messageExpirationTimer).build());
1267 }
1268
1269 private void sendExpirationTimerUpdate(RecipientId recipientId) throws IOException {
1270 final var messageBuilder = SignalServiceDataMessage.newBuilder().asExpirationUpdate();
1271 sendMessage(messageBuilder, Set.of(recipientId));
1272 }
1273
1274 /**
1275 * Change the expiration timer for a contact
1276 */
1277 public void setExpirationTimer(
1278 String number, int messageExpirationTimer
1279 ) throws IOException, InvalidNumberException {
1280 var recipientId = canonicalizeAndResolveRecipient(number);
1281 setExpirationTimer(recipientId, messageExpirationTimer);
1282 sendExpirationTimerUpdate(recipientId);
1283 }
1284
1285 /**
1286 * Change the expiration timer for a group
1287 */
1288 public void setExpirationTimer(GroupId groupId, int messageExpirationTimer) {
1289 var g = getGroup(groupId);
1290 if (g instanceof GroupInfoV1) {
1291 var groupInfoV1 = (GroupInfoV1) g;
1292 groupInfoV1.messageExpirationTime = messageExpirationTimer;
1293 account.getGroupStore().updateGroup(groupInfoV1);
1294 } else {
1295 throw new RuntimeException("TODO Not implemented!");
1296 }
1297 }
1298
1299 /**
1300 * Upload the sticker pack from path.
1301 *
1302 * @param path Path can be a path to a manifest.json file or to a zip file that contains a manifest.json file
1303 * @return if successful, returns the URL to install the sticker pack in the signal app
1304 */
1305 public String uploadStickerPack(File path) throws IOException, StickerPackInvalidException {
1306 var manifest = StickerUtils.getSignalServiceStickerManifestUpload(path);
1307
1308 var messageSender = createMessageSender();
1309
1310 var packKey = KeyUtils.createStickerUploadKey();
1311 var packId = messageSender.uploadStickerManifest(manifest, packKey);
1312
1313 var sticker = new Sticker(StickerPackId.deserialize(Hex.fromStringCondensed(packId)), packKey);
1314 account.getStickerStore().updateSticker(sticker);
1315
1316 try {
1317 return new URI("https",
1318 "signal.art",
1319 "/addstickers/",
1320 "pack_id=" + URLEncoder.encode(packId, StandardCharsets.UTF_8) + "&pack_key=" + URLEncoder.encode(
1321 Hex.toStringCondensed(packKey),
1322 StandardCharsets.UTF_8)).toString();
1323 } catch (URISyntaxException e) {
1324 throw new AssertionError(e);
1325 }
1326 }
1327
1328 public void requestAllSyncData() throws IOException {
1329 requestSyncGroups();
1330 requestSyncContacts();
1331 requestSyncBlocked();
1332 requestSyncConfiguration();
1333 requestSyncKeys();
1334 }
1335
1336 private void requestSyncGroups() throws IOException {
1337 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1338 .setType(SignalServiceProtos.SyncMessage.Request.Type.GROUPS)
1339 .build();
1340 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1341 try {
1342 sendSyncMessage(message);
1343 } catch (UntrustedIdentityException e) {
1344 throw new AssertionError(e);
1345 }
1346 }
1347
1348 private void requestSyncContacts() throws IOException {
1349 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1350 .setType(SignalServiceProtos.SyncMessage.Request.Type.CONTACTS)
1351 .build();
1352 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1353 try {
1354 sendSyncMessage(message);
1355 } catch (UntrustedIdentityException e) {
1356 throw new AssertionError(e);
1357 }
1358 }
1359
1360 private void requestSyncBlocked() throws IOException {
1361 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1362 .setType(SignalServiceProtos.SyncMessage.Request.Type.BLOCKED)
1363 .build();
1364 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1365 try {
1366 sendSyncMessage(message);
1367 } catch (UntrustedIdentityException e) {
1368 throw new AssertionError(e);
1369 }
1370 }
1371
1372 private void requestSyncConfiguration() throws IOException {
1373 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1374 .setType(SignalServiceProtos.SyncMessage.Request.Type.CONFIGURATION)
1375 .build();
1376 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1377 try {
1378 sendSyncMessage(message);
1379 } catch (UntrustedIdentityException e) {
1380 throw new AssertionError(e);
1381 }
1382 }
1383
1384 private void requestSyncKeys() throws IOException {
1385 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1386 .setType(SignalServiceProtos.SyncMessage.Request.Type.KEYS)
1387 .build();
1388 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1389 try {
1390 sendSyncMessage(message);
1391 } catch (UntrustedIdentityException e) {
1392 throw new AssertionError(e);
1393 }
1394 }
1395
1396 private byte[] getSenderCertificate() {
1397 byte[] certificate;
1398 try {
1399 if (account.isPhoneNumberShared()) {
1400 certificate = accountManager.getSenderCertificate();
1401 } else {
1402 certificate = accountManager.getSenderCertificateForPhoneNumberPrivacy();
1403 }
1404 } catch (IOException e) {
1405 logger.warn("Failed to get sender certificate, ignoring: {}", e.getMessage());
1406 return null;
1407 }
1408 // TODO cache for a day
1409 return certificate;
1410 }
1411
1412 private void sendSyncMessage(SignalServiceSyncMessage message) throws IOException, UntrustedIdentityException {
1413 var messageSender = createMessageSender();
1414 messageSender.sendMessage(message, unidentifiedAccessHelper.getAccessForSync());
1415 }
1416
1417 private Set<RecipientId> getSignalServiceAddresses(Collection<String> numbers) throws InvalidNumberException {
1418 final var signalServiceAddresses = new HashSet<SignalServiceAddress>(numbers.size());
1419 final var addressesMissingUuid = new HashSet<SignalServiceAddress>();
1420
1421 for (var number : numbers) {
1422 final var resolvedAddress = resolveSignalServiceAddress(canonicalizeAndResolveRecipient(number));
1423 if (resolvedAddress.getUuid().isPresent()) {
1424 signalServiceAddresses.add(resolvedAddress);
1425 } else {
1426 addressesMissingUuid.add(resolvedAddress);
1427 }
1428 }
1429
1430 final var numbersMissingUuid = addressesMissingUuid.stream()
1431 .map(a -> a.getNumber().get())
1432 .collect(Collectors.toSet());
1433 Map<String, UUID> registeredUsers;
1434 try {
1435 registeredUsers = getRegisteredUsers(numbersMissingUuid);
1436 } catch (IOException e) {
1437 logger.warn("Failed to resolve uuids from server, ignoring: {}", e.getMessage());
1438 registeredUsers = Map.of();
1439 }
1440
1441 for (var address : addressesMissingUuid) {
1442 final var number = address.getNumber().get();
1443 if (registeredUsers.containsKey(number)) {
1444 final var newAddress = resolveSignalServiceAddress(resolveRecipientTrusted(new SignalServiceAddress(
1445 registeredUsers.get(number),
1446 number)));
1447 signalServiceAddresses.add(newAddress);
1448 } else {
1449 signalServiceAddresses.add(address);
1450 }
1451 }
1452
1453 return signalServiceAddresses.stream().map(this::resolveRecipient).collect(Collectors.toSet());
1454 }
1455
1456 private RecipientId refreshRegisteredUser(RecipientId recipientId) throws IOException {
1457 final var address = resolveSignalServiceAddress(recipientId);
1458 if (!address.getNumber().isPresent()) {
1459 return recipientId;
1460 }
1461 final var number = address.getNumber().get();
1462 final var uuidMap = getRegisteredUsers(Set.of(number));
1463 return resolveRecipientTrusted(new SignalServiceAddress(uuidMap.getOrDefault(number, null), number));
1464 }
1465
1466 private Map<String, UUID> getRegisteredUsers(final Set<String> numbers) throws IOException {
1467 try {
1468 return accountManager.getRegisteredUsers(ServiceConfig.getIasKeyStore(),
1469 numbers,
1470 serviceEnvironmentConfig.getCdsMrenclave());
1471 } catch (Quote.InvalidQuoteFormatException | UnauthenticatedQuoteException | SignatureException | UnauthenticatedResponseException | InvalidKeyException e) {
1472 throw new IOException(e);
1473 }
1474 }
1475
1476 private Pair<Long, List<SendMessageResult>> sendMessage(
1477 SignalServiceDataMessage.Builder messageBuilder, Set<RecipientId> recipientIds
1478 ) throws IOException {
1479 final var timestamp = System.currentTimeMillis();
1480 messageBuilder.withTimestamp(timestamp);
1481 getOrCreateMessagePipe();
1482 getOrCreateUnidentifiedMessagePipe();
1483 SignalServiceDataMessage message = null;
1484 try {
1485 message = messageBuilder.build();
1486 if (message.getGroupContext().isPresent()) {
1487 try {
1488 var messageSender = createMessageSender();
1489 final var isRecipientUpdate = false;
1490 final var recipientIdList = new ArrayList<>(recipientIds);
1491 final var addresses = recipientIdList.stream()
1492 .map(this::resolveSignalServiceAddress)
1493 .collect(Collectors.toList());
1494 var result = messageSender.sendMessage(addresses,
1495 unidentifiedAccessHelper.getAccessFor(recipientIdList),
1496 isRecipientUpdate,
1497 message);
1498
1499 for (var r : result) {
1500 if (r.getIdentityFailure() != null) {
1501 final var recipientId = resolveRecipient(r.getAddress());
1502 final var newIdentity = account.getIdentityKeyStore()
1503 .saveIdentity(recipientId, r.getIdentityFailure().getIdentityKey(), new Date());
1504 if (newIdentity) {
1505 account.getSessionStore().archiveSessions(recipientId);
1506 }
1507 }
1508 }
1509
1510 return new Pair<>(timestamp, result);
1511 } catch (UntrustedIdentityException e) {
1512 return new Pair<>(timestamp, List.of());
1513 }
1514 } else {
1515 // Send to all individually, so sync messages are sent correctly
1516 messageBuilder.withProfileKey(account.getProfileKey().serialize());
1517 var results = new ArrayList<SendMessageResult>(recipientIds.size());
1518 for (var recipientId : recipientIds) {
1519 final var contact = account.getContactStore().getContact(recipientId);
1520 final var expirationTime = contact != null ? contact.getMessageExpirationTime() : 0;
1521 messageBuilder.withExpiration(expirationTime);
1522 message = messageBuilder.build();
1523 results.add(sendMessage(recipientId, message));
1524 }
1525 return new Pair<>(timestamp, results);
1526 }
1527 } finally {
1528 if (message != null && message.isEndSession()) {
1529 for (var recipient : recipientIds) {
1530 handleEndSession(recipient);
1531 }
1532 }
1533 }
1534 }
1535
1536 private Pair<Long, SendMessageResult> sendSelfMessage(
1537 SignalServiceDataMessage.Builder messageBuilder
1538 ) throws IOException {
1539 final var timestamp = System.currentTimeMillis();
1540 messageBuilder.withTimestamp(timestamp);
1541 getOrCreateMessagePipe();
1542 getOrCreateUnidentifiedMessagePipe();
1543 final var recipientId = account.getSelfRecipientId();
1544
1545 final var contact = account.getContactStore().getContact(recipientId);
1546 final var expirationTime = contact != null ? contact.getMessageExpirationTime() : 0;
1547 messageBuilder.withExpiration(expirationTime);
1548
1549 var message = messageBuilder.build();
1550 final var result = sendSelfMessage(message);
1551 return new Pair<>(timestamp, result);
1552 }
1553
1554 private SendMessageResult sendSelfMessage(SignalServiceDataMessage message) throws IOException {
1555 var messageSender = createMessageSender();
1556
1557 var recipientId = account.getSelfRecipientId();
1558
1559 final var unidentifiedAccess = unidentifiedAccessHelper.getAccessFor(recipientId);
1560 var recipient = resolveSignalServiceAddress(recipientId);
1561 var transcript = new SentTranscriptMessage(Optional.of(recipient),
1562 message.getTimestamp(),
1563 message,
1564 message.getExpiresInSeconds(),
1565 Map.of(recipient, unidentifiedAccess.isPresent()),
1566 false);
1567 var syncMessage = SignalServiceSyncMessage.forSentTranscript(transcript);
1568
1569 try {
1570 var startTime = System.currentTimeMillis();
1571 messageSender.sendMessage(syncMessage, unidentifiedAccess);
1572 return SendMessageResult.success(recipient,
1573 unidentifiedAccess.isPresent(),
1574 false,
1575 System.currentTimeMillis() - startTime);
1576 } catch (UntrustedIdentityException e) {
1577 return SendMessageResult.identityFailure(recipient, e.getIdentityKey());
1578 }
1579 }
1580
1581 private SendMessageResult sendMessage(
1582 RecipientId recipientId, SignalServiceDataMessage message
1583 ) throws IOException {
1584 var messageSender = createMessageSender();
1585
1586 final var address = resolveSignalServiceAddress(recipientId);
1587 try {
1588 try {
1589 return messageSender.sendMessage(address, unidentifiedAccessHelper.getAccessFor(recipientId), message);
1590 } catch (UnregisteredUserException e) {
1591 final var newRecipientId = refreshRegisteredUser(recipientId);
1592 return messageSender.sendMessage(resolveSignalServiceAddress(newRecipientId),
1593 unidentifiedAccessHelper.getAccessFor(newRecipientId),
1594 message);
1595 }
1596 } catch (UntrustedIdentityException e) {
1597 return SendMessageResult.identityFailure(address, e.getIdentityKey());
1598 }
1599 }
1600
1601 private SendMessageResult sendNullMessage(RecipientId recipientId) throws IOException {
1602 var messageSender = createMessageSender();
1603
1604 final var address = resolveSignalServiceAddress(recipientId);
1605 try {
1606 try {
1607 return messageSender.sendNullMessage(address, unidentifiedAccessHelper.getAccessFor(recipientId));
1608 } catch (UnregisteredUserException e) {
1609 final var newRecipientId = refreshRegisteredUser(recipientId);
1610 final var newAddress = resolveSignalServiceAddress(newRecipientId);
1611 return messageSender.sendNullMessage(newAddress, unidentifiedAccessHelper.getAccessFor(newRecipientId));
1612 }
1613 } catch (UntrustedIdentityException e) {
1614 return SendMessageResult.identityFailure(address, e.getIdentityKey());
1615 }
1616 }
1617
1618 private SignalServiceContent decryptMessage(SignalServiceEnvelope envelope) throws InvalidMetadataMessageException, ProtocolInvalidMessageException, ProtocolDuplicateMessageException, ProtocolLegacyMessageException, ProtocolInvalidKeyIdException, InvalidMetadataVersionException, ProtocolInvalidVersionException, ProtocolNoSessionException, ProtocolInvalidKeyException, SelfSendException, UnsupportedDataMessageException, ProtocolUntrustedIdentityException {
1619 var cipher = new SignalServiceCipher(account.getSelfAddress(),
1620 account.getSignalProtocolStore(),
1621 sessionLock,
1622 certificateValidator);
1623 return cipher.decrypt(envelope);
1624 }
1625
1626 private void handleEndSession(RecipientId recipientId) {
1627 account.getSessionStore().deleteAllSessions(recipientId);
1628 }
1629
1630 private List<HandleAction> handleSignalServiceDataMessage(
1631 SignalServiceDataMessage message,
1632 boolean isSync,
1633 SignalServiceAddress source,
1634 SignalServiceAddress destination,
1635 boolean ignoreAttachments
1636 ) {
1637 var actions = new ArrayList<HandleAction>();
1638 if (message.getGroupContext().isPresent()) {
1639 if (message.getGroupContext().get().getGroupV1().isPresent()) {
1640 var groupInfo = message.getGroupContext().get().getGroupV1().get();
1641 var groupId = GroupId.v1(groupInfo.getGroupId());
1642 var group = getGroup(groupId);
1643 if (group == null || group instanceof GroupInfoV1) {
1644 var groupV1 = (GroupInfoV1) group;
1645 switch (groupInfo.getType()) {
1646 case UPDATE: {
1647 if (groupV1 == null) {
1648 groupV1 = new GroupInfoV1(groupId);
1649 }
1650
1651 if (groupInfo.getAvatar().isPresent()) {
1652 var avatar = groupInfo.getAvatar().get();
1653 downloadGroupAvatar(avatar, groupV1.getGroupId());
1654 }
1655
1656 if (groupInfo.getName().isPresent()) {
1657 groupV1.name = groupInfo.getName().get();
1658 }
1659
1660 if (groupInfo.getMembers().isPresent()) {
1661 groupV1.addMembers(groupInfo.getMembers()
1662 .get()
1663 .stream()
1664 .map(this::resolveRecipient)
1665 .collect(Collectors.toSet()));
1666 }
1667
1668 account.getGroupStore().updateGroup(groupV1);
1669 break;
1670 }
1671 case DELIVER:
1672 if (groupV1 == null && !isSync) {
1673 actions.add(new SendGroupInfoRequestAction(source, groupId));
1674 }
1675 break;
1676 case QUIT: {
1677 if (groupV1 != null) {
1678 groupV1.removeMember(resolveRecipient(source));
1679 account.getGroupStore().updateGroup(groupV1);
1680 }
1681 break;
1682 }
1683 case REQUEST_INFO:
1684 if (groupV1 != null && !isSync) {
1685 actions.add(new SendGroupInfoAction(source, groupV1.getGroupId()));
1686 }
1687 break;
1688 }
1689 } else {
1690 // Received a group v1 message for a v2 group
1691 }
1692 }
1693 if (message.getGroupContext().get().getGroupV2().isPresent()) {
1694 final var groupContext = message.getGroupContext().get().getGroupV2().get();
1695 final var groupMasterKey = groupContext.getMasterKey();
1696
1697 getOrMigrateGroup(groupMasterKey,
1698 groupContext.getRevision(),
1699 groupContext.hasSignedGroupChange() ? groupContext.getSignedGroupChange() : null);
1700 }
1701 }
1702
1703 final var conversationPartnerAddress = isSync ? destination : source;
1704 if (conversationPartnerAddress != null && message.isEndSession()) {
1705 handleEndSession(resolveRecipient(conversationPartnerAddress));
1706 }
1707 if (message.isExpirationUpdate() || message.getBody().isPresent()) {
1708 if (message.getGroupContext().isPresent()) {
1709 if (message.getGroupContext().get().getGroupV1().isPresent()) {
1710 var groupInfo = message.getGroupContext().get().getGroupV1().get();
1711 var group = account.getGroupStore().getOrCreateGroupV1(GroupId.v1(groupInfo.getGroupId()));
1712 if (group != null) {
1713 if (group.messageExpirationTime != message.getExpiresInSeconds()) {
1714 group.messageExpirationTime = message.getExpiresInSeconds();
1715 account.getGroupStore().updateGroup(group);
1716 }
1717 }
1718 } else if (message.getGroupContext().get().getGroupV2().isPresent()) {
1719 // disappearing message timer already stored in the DecryptedGroup
1720 }
1721 } else if (conversationPartnerAddress != null) {
1722 setExpirationTimer(resolveRecipient(conversationPartnerAddress), message.getExpiresInSeconds());
1723 }
1724 }
1725 if (!ignoreAttachments) {
1726 if (message.getAttachments().isPresent()) {
1727 for (var attachment : message.getAttachments().get()) {
1728 downloadAttachment(attachment);
1729 }
1730 }
1731 if (message.getSharedContacts().isPresent()) {
1732 for (var contact : message.getSharedContacts().get()) {
1733 if (contact.getAvatar().isPresent()) {
1734 downloadAttachment(contact.getAvatar().get().getAttachment());
1735 }
1736 }
1737 }
1738 }
1739 if (message.getProfileKey().isPresent() && message.getProfileKey().get().length == 32) {
1740 final ProfileKey profileKey;
1741 try {
1742 profileKey = new ProfileKey(message.getProfileKey().get());
1743 } catch (InvalidInputException e) {
1744 throw new AssertionError(e);
1745 }
1746 if (source.matches(account.getSelfAddress())) {
1747 this.account.setProfileKey(profileKey);
1748 }
1749 this.account.getProfileStore().storeProfileKey(resolveRecipient(source), profileKey);
1750 }
1751 if (message.getPreviews().isPresent()) {
1752 final var previews = message.getPreviews().get();
1753 for (var preview : previews) {
1754 if (preview.getImage().isPresent()) {
1755 downloadAttachment(preview.getImage().get());
1756 }
1757 }
1758 }
1759 if (message.getQuote().isPresent()) {
1760 final var quote = message.getQuote().get();
1761
1762 for (var quotedAttachment : quote.getAttachments()) {
1763 final var thumbnail = quotedAttachment.getThumbnail();
1764 if (thumbnail != null) {
1765 downloadAttachment(thumbnail);
1766 }
1767 }
1768 }
1769 if (message.getSticker().isPresent()) {
1770 final var messageSticker = message.getSticker().get();
1771 final var stickerPackId = StickerPackId.deserialize(messageSticker.getPackId());
1772 var sticker = account.getStickerStore().getSticker(stickerPackId);
1773 if (sticker == null) {
1774 sticker = new Sticker(stickerPackId, messageSticker.getPackKey());
1775 account.getStickerStore().updateSticker(sticker);
1776 }
1777 }
1778 return actions;
1779 }
1780
1781 private GroupInfoV2 getOrMigrateGroup(
1782 final GroupMasterKey groupMasterKey, final int revision, final byte[] signedGroupChange
1783 ) {
1784 final var groupSecretParams = GroupSecretParams.deriveFromMasterKey(groupMasterKey);
1785
1786 var groupId = GroupUtils.getGroupIdV2(groupSecretParams);
1787 var groupInfo = getGroup(groupId);
1788 final GroupInfoV2 groupInfoV2;
1789 if (groupInfo instanceof GroupInfoV1) {
1790 // Received a v2 group message for a v1 group, we need to locally migrate the group
1791 account.getGroupStore().deleteGroupV1(((GroupInfoV1) groupInfo).getGroupId());
1792 groupInfoV2 = new GroupInfoV2(groupId, groupMasterKey);
1793 logger.info("Locally migrated group {} to group v2, id: {}",
1794 groupInfo.getGroupId().toBase64(),
1795 groupInfoV2.getGroupId().toBase64());
1796 } else if (groupInfo instanceof GroupInfoV2) {
1797 groupInfoV2 = (GroupInfoV2) groupInfo;
1798 } else {
1799 groupInfoV2 = new GroupInfoV2(groupId, groupMasterKey);
1800 }
1801
1802 if (groupInfoV2.getGroup() == null || groupInfoV2.getGroup().getRevision() < revision) {
1803 DecryptedGroup group = null;
1804 if (signedGroupChange != null
1805 && groupInfoV2.getGroup() != null
1806 && groupInfoV2.getGroup().getRevision() + 1 == revision) {
1807 group = groupV2Helper.getUpdatedDecryptedGroup(groupInfoV2.getGroup(),
1808 signedGroupChange,
1809 groupMasterKey);
1810 }
1811 if (group == null) {
1812 group = groupV2Helper.getDecryptedGroup(groupSecretParams);
1813 }
1814 if (group != null) {
1815 storeProfileKeysFromMembers(group);
1816 final var avatar = group.getAvatar();
1817 if (avatar != null && !avatar.isEmpty()) {
1818 downloadGroupAvatar(groupId, groupSecretParams, avatar);
1819 }
1820 }
1821 groupInfoV2.setGroup(group, this::resolveRecipient);
1822 account.getGroupStore().updateGroup(groupInfoV2);
1823 }
1824
1825 return groupInfoV2;
1826 }
1827
1828 private void storeProfileKeysFromMembers(final DecryptedGroup group) {
1829 for (var member : group.getMembersList()) {
1830 final var uuid = UuidUtil.parseOrThrow(member.getUuid().toByteArray());
1831 final var recipientId = account.getRecipientStore().resolveRecipient(uuid);
1832 try {
1833 account.getProfileStore()
1834 .storeProfileKey(recipientId, new ProfileKey(member.getProfileKey().toByteArray()));
1835 } catch (InvalidInputException ignored) {
1836 }
1837 }
1838 }
1839
1840 private void retryFailedReceivedMessages(ReceiveMessageHandler handler, boolean ignoreAttachments) {
1841 Set<HandleAction> queuedActions = new HashSet<>();
1842 for (var cachedMessage : account.getMessageCache().getCachedMessages()) {
1843 var actions = retryFailedReceivedMessage(handler, ignoreAttachments, cachedMessage);
1844 if (actions != null) {
1845 queuedActions.addAll(actions);
1846 }
1847 }
1848 for (var action : queuedActions) {
1849 try {
1850 action.execute(this);
1851 } catch (Throwable e) {
1852 logger.warn("Message action failed.", e);
1853 }
1854 }
1855 }
1856
1857 private List<HandleAction> retryFailedReceivedMessage(
1858 final ReceiveMessageHandler handler, final boolean ignoreAttachments, final CachedMessage cachedMessage
1859 ) {
1860 var envelope = cachedMessage.loadEnvelope();
1861 if (envelope == null) {
1862 return null;
1863 }
1864 SignalServiceContent content = null;
1865 List<HandleAction> actions = null;
1866 if (!envelope.isReceipt()) {
1867 try {
1868 content = decryptMessage(envelope);
1869 } catch (ProtocolUntrustedIdentityException e) {
1870 if (!envelope.hasSource()) {
1871 final var identifier = e.getSender();
1872 final var recipientId = resolveRecipient(identifier);
1873 try {
1874 account.getMessageCache().replaceSender(cachedMessage, recipientId);
1875 } catch (IOException ioException) {
1876 logger.warn("Failed to move cached message to recipient folder: {}", ioException.getMessage());
1877 }
1878 }
1879 return null;
1880 } catch (Exception er) {
1881 // All other errors are not recoverable, so delete the cached message
1882 cachedMessage.delete();
1883 return null;
1884 }
1885 actions = handleMessage(envelope, content, ignoreAttachments);
1886 }
1887 handler.handleMessage(envelope, content, null);
1888 cachedMessage.delete();
1889 return actions;
1890 }
1891
1892 public void receiveMessages(
1893 long timeout,
1894 TimeUnit unit,
1895 boolean returnOnTimeout,
1896 boolean ignoreAttachments,
1897 ReceiveMessageHandler handler
1898 ) throws IOException {
1899 retryFailedReceivedMessages(handler, ignoreAttachments);
1900
1901 Set<HandleAction> queuedActions = null;
1902
1903 final var messagePipe = getOrCreateMessagePipe();
1904
1905 var hasCaughtUpWithOldMessages = false;
1906
1907 while (true) {
1908 SignalServiceEnvelope envelope;
1909 SignalServiceContent content = null;
1910 Exception exception = null;
1911 final CachedMessage[] cachedMessage = {null};
1912 try {
1913 var result = messagePipe.readOrEmpty(timeout, unit, envelope1 -> {
1914 final var recipientId = envelope1.hasSource()
1915 ? resolveRecipient(envelope1.getSourceIdentifier())
1916 : null;
1917 // store message on disk, before acknowledging receipt to the server
1918 cachedMessage[0] = account.getMessageCache().cacheMessage(envelope1, recipientId);
1919 });
1920 if (result.isPresent()) {
1921 envelope = result.get();
1922 } else {
1923 // Received indicator that server queue is empty
1924 hasCaughtUpWithOldMessages = true;
1925
1926 if (queuedActions != null) {
1927 for (var action : queuedActions) {
1928 try {
1929 action.execute(this);
1930 } catch (Throwable e) {
1931 logger.warn("Message action failed.", e);
1932 }
1933 }
1934 queuedActions.clear();
1935 queuedActions = null;
1936 }
1937
1938 // Continue to wait another timeout for new messages
1939 continue;
1940 }
1941 } catch (TimeoutException e) {
1942 if (returnOnTimeout) return;
1943 continue;
1944 }
1945
1946 if (envelope.hasSource()) {
1947 // Store uuid if we don't have it already
1948 // address/uuid in envelope is sent by server
1949 resolveRecipientTrusted(envelope.getSourceAddress());
1950 }
1951 final var notAGroupMember = isNotAGroupMember(envelope, content);
1952 if (!envelope.isReceipt()) {
1953 try {
1954 content = decryptMessage(envelope);
1955 } catch (Exception e) {
1956 exception = e;
1957 }
1958 if (!envelope.hasSource() && content != null) {
1959 // Store uuid if we don't have it already
1960 // address/uuid is validated by unidentified sender certificate
1961 resolveRecipientTrusted(content.getSender());
1962 }
1963 var actions = handleMessage(envelope, content, ignoreAttachments);
1964 if (exception instanceof ProtocolInvalidMessageException) {
1965 final var sender = resolveRecipient(((ProtocolInvalidMessageException) exception).getSender());
1966 logger.debug("Received invalid message, queuing renew session action.");
1967 actions.add(new RenewSessionAction(sender));
1968 }
1969 if (hasCaughtUpWithOldMessages) {
1970 for (var action : actions) {
1971 try {
1972 action.execute(this);
1973 } catch (Throwable e) {
1974 logger.warn("Message action failed.", e);
1975 }
1976 }
1977 } else {
1978 if (queuedActions == null) {
1979 queuedActions = new HashSet<>();
1980 }
1981 queuedActions.addAll(actions);
1982 }
1983 }
1984 if (isMessageBlocked(envelope, content)) {
1985 logger.info("Ignoring a message from blocked user/group: {}", envelope.getTimestamp());
1986 } else if (notAGroupMember) {
1987 logger.info("Ignoring a message from a non group member: {}", envelope.getTimestamp());
1988 } else {
1989 handler.handleMessage(envelope, content, exception);
1990 }
1991 if (cachedMessage[0] != null) {
1992 if (exception instanceof ProtocolUntrustedIdentityException) {
1993 final var identifier = ((ProtocolUntrustedIdentityException) exception).getSender();
1994 final var recipientId = resolveRecipient(identifier);
1995 queuedActions.add(new RetrieveProfileAction(recipientId));
1996 if (!envelope.hasSource()) {
1997 try {
1998 cachedMessage[0] = account.getMessageCache().replaceSender(cachedMessage[0], recipientId);
1999 } catch (IOException ioException) {
2000 logger.warn("Failed to move cached message to recipient folder: {}",
2001 ioException.getMessage());
2002 }
2003 }
2004 } else {
2005 cachedMessage[0].delete();
2006 }
2007 }
2008 }
2009 }
2010
2011 private boolean isMessageBlocked(
2012 SignalServiceEnvelope envelope, SignalServiceContent content
2013 ) {
2014 SignalServiceAddress source;
2015 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
2016 source = envelope.getSourceAddress();
2017 } else if (content != null) {
2018 source = content.getSender();
2019 } else {
2020 return false;
2021 }
2022 final var recipientId = resolveRecipient(source);
2023 if (isContactBlocked(recipientId)) {
2024 return true;
2025 }
2026
2027 if (content != null && content.getDataMessage().isPresent()) {
2028 var message = content.getDataMessage().get();
2029 if (message.getGroupContext().isPresent()) {
2030 var groupId = GroupUtils.getGroupId(message.getGroupContext().get());
2031 var group = getGroup(groupId);
2032 if (group != null && group.isBlocked()) {
2033 return true;
2034 }
2035 }
2036 }
2037 return false;
2038 }
2039
2040 public boolean isContactBlocked(final String identifier) throws InvalidNumberException {
2041 final var recipientId = canonicalizeAndResolveRecipient(identifier);
2042 return isContactBlocked(recipientId);
2043 }
2044
2045 private boolean isContactBlocked(final RecipientId recipientId) {
2046 var sourceContact = account.getContactStore().getContact(recipientId);
2047 return sourceContact != null && sourceContact.isBlocked();
2048 }
2049
2050 private boolean isNotAGroupMember(
2051 SignalServiceEnvelope envelope, SignalServiceContent content
2052 ) {
2053 SignalServiceAddress source;
2054 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
2055 source = envelope.getSourceAddress();
2056 } else if (content != null) {
2057 source = content.getSender();
2058 } else {
2059 return false;
2060 }
2061
2062 if (content != null && content.getDataMessage().isPresent()) {
2063 var message = content.getDataMessage().get();
2064 if (message.getGroupContext().isPresent()) {
2065 if (message.getGroupContext().get().getGroupV1().isPresent()) {
2066 var groupInfo = message.getGroupContext().get().getGroupV1().get();
2067 if (groupInfo.getType() == SignalServiceGroup.Type.QUIT) {
2068 return false;
2069 }
2070 }
2071 var groupId = GroupUtils.getGroupId(message.getGroupContext().get());
2072 var group = getGroup(groupId);
2073 if (group != null && !group.isMember(resolveRecipient(source))) {
2074 return true;
2075 }
2076 }
2077 }
2078 return false;
2079 }
2080
2081 private List<HandleAction> handleMessage(
2082 SignalServiceEnvelope envelope, SignalServiceContent content, boolean ignoreAttachments
2083 ) {
2084 var actions = new ArrayList<HandleAction>();
2085 if (content != null) {
2086 final SignalServiceAddress sender;
2087 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
2088 sender = envelope.getSourceAddress();
2089 } else {
2090 sender = content.getSender();
2091 }
2092
2093 if (content.getDataMessage().isPresent()) {
2094 var message = content.getDataMessage().get();
2095
2096 if (content.isNeedsReceipt()) {
2097 actions.add(new SendReceiptAction(sender, message.getTimestamp()));
2098 }
2099
2100 actions.addAll(handleSignalServiceDataMessage(message,
2101 false,
2102 sender,
2103 account.getSelfAddress(),
2104 ignoreAttachments));
2105 }
2106 if (content.getSyncMessage().isPresent()) {
2107 account.setMultiDevice(true);
2108 var syncMessage = content.getSyncMessage().get();
2109 if (syncMessage.getSent().isPresent()) {
2110 var message = syncMessage.getSent().get();
2111 final var destination = message.getDestination().orNull();
2112 actions.addAll(handleSignalServiceDataMessage(message.getMessage(),
2113 true,
2114 sender,
2115 destination,
2116 ignoreAttachments));
2117 }
2118 if (syncMessage.getRequest().isPresent() && account.isMasterDevice()) {
2119 var rm = syncMessage.getRequest().get();
2120 if (rm.isContactsRequest()) {
2121 actions.add(SendSyncContactsAction.create());
2122 }
2123 if (rm.isGroupsRequest()) {
2124 actions.add(SendSyncGroupsAction.create());
2125 }
2126 if (rm.isBlockedListRequest()) {
2127 actions.add(SendSyncBlockedListAction.create());
2128 }
2129 // TODO Handle rm.isConfigurationRequest(); rm.isKeysRequest();
2130 }
2131 if (syncMessage.getGroups().isPresent()) {
2132 File tmpFile = null;
2133 try {
2134 tmpFile = IOUtils.createTempFile();
2135 final var groupsMessage = syncMessage.getGroups().get();
2136 try (var attachmentAsStream = retrieveAttachmentAsStream(groupsMessage.asPointer(), tmpFile)) {
2137 var s = new DeviceGroupsInputStream(attachmentAsStream);
2138 DeviceGroup g;
2139 while ((g = s.read()) != null) {
2140 var syncGroup = account.getGroupStore().getOrCreateGroupV1(GroupId.v1(g.getId()));
2141 if (syncGroup != null) {
2142 if (g.getName().isPresent()) {
2143 syncGroup.name = g.getName().get();
2144 }
2145 syncGroup.addMembers(g.getMembers()
2146 .stream()
2147 .map(this::resolveRecipient)
2148 .collect(Collectors.toSet()));
2149 if (!g.isActive()) {
2150 syncGroup.removeMember(account.getSelfRecipientId());
2151 } else {
2152 // Add ourself to the member set as it's marked as active
2153 syncGroup.addMembers(List.of(account.getSelfRecipientId()));
2154 }
2155 syncGroup.blocked = g.isBlocked();
2156 if (g.getColor().isPresent()) {
2157 syncGroup.color = g.getColor().get();
2158 }
2159
2160 if (g.getAvatar().isPresent()) {
2161 downloadGroupAvatar(g.getAvatar().get(), syncGroup.getGroupId());
2162 }
2163 syncGroup.archived = g.isArchived();
2164 account.getGroupStore().updateGroup(syncGroup);
2165 }
2166 }
2167 }
2168 } catch (Exception e) {
2169 logger.warn("Failed to handle received sync groups “{}”, ignoring: {}",
2170 tmpFile,
2171 e.getMessage());
2172 } finally {
2173 if (tmpFile != null) {
2174 try {
2175 Files.delete(tmpFile.toPath());
2176 } catch (IOException e) {
2177 logger.warn("Failed to delete received groups temp file “{}”, ignoring: {}",
2178 tmpFile,
2179 e.getMessage());
2180 }
2181 }
2182 }
2183 }
2184 if (syncMessage.getBlockedList().isPresent()) {
2185 final var blockedListMessage = syncMessage.getBlockedList().get();
2186 for (var address : blockedListMessage.getAddresses()) {
2187 setContactBlocked(resolveRecipient(address), true);
2188 }
2189 for (var groupId : blockedListMessage.getGroupIds()
2190 .stream()
2191 .map(GroupId::unknownVersion)
2192 .collect(Collectors.toSet())) {
2193 try {
2194 setGroupBlocked(groupId, true);
2195 } catch (GroupNotFoundException e) {
2196 logger.warn("BlockedListMessage contained groupID that was not found in GroupStore: {}",
2197 groupId.toBase64());
2198 }
2199 }
2200 }
2201 if (syncMessage.getContacts().isPresent()) {
2202 File tmpFile = null;
2203 try {
2204 tmpFile = IOUtils.createTempFile();
2205 final var contactsMessage = syncMessage.getContacts().get();
2206 try (var attachmentAsStream = retrieveAttachmentAsStream(contactsMessage.getContactsStream()
2207 .asPointer(), tmpFile)) {
2208 var s = new DeviceContactsInputStream(attachmentAsStream);
2209 DeviceContact c;
2210 while ((c = s.read()) != null) {
2211 if (c.getAddress().matches(account.getSelfAddress()) && c.getProfileKey().isPresent()) {
2212 account.setProfileKey(c.getProfileKey().get());
2213 }
2214 final var recipientId = resolveRecipientTrusted(c.getAddress());
2215 var contact = account.getContactStore().getContact(recipientId);
2216 final var builder = contact == null
2217 ? Contact.newBuilder()
2218 : Contact.newBuilder(contact);
2219 if (c.getName().isPresent()) {
2220 builder.withName(c.getName().get());
2221 }
2222 if (c.getColor().isPresent()) {
2223 builder.withColor(c.getColor().get());
2224 }
2225 if (c.getProfileKey().isPresent()) {
2226 account.getProfileStore().storeProfileKey(recipientId, c.getProfileKey().get());
2227 }
2228 if (c.getVerified().isPresent()) {
2229 final var verifiedMessage = c.getVerified().get();
2230 account.getIdentityKeyStore()
2231 .setIdentityTrustLevel(resolveRecipientTrusted(verifiedMessage.getDestination()),
2232 verifiedMessage.getIdentityKey(),
2233 TrustLevel.fromVerifiedState(verifiedMessage.getVerified()));
2234 }
2235 if (c.getExpirationTimer().isPresent()) {
2236 builder.withMessageExpirationTime(c.getExpirationTimer().get());
2237 }
2238 builder.withBlocked(c.isBlocked());
2239 builder.withArchived(c.isArchived());
2240 account.getContactStore().storeContact(recipientId, builder.build());
2241
2242 if (c.getAvatar().isPresent()) {
2243 downloadContactAvatar(c.getAvatar().get(), c.getAddress());
2244 }
2245 }
2246 }
2247 } catch (Exception e) {
2248 logger.warn("Failed to handle received sync contacts “{}”, ignoring: {}",
2249 tmpFile,
2250 e.getMessage());
2251 } finally {
2252 if (tmpFile != null) {
2253 try {
2254 Files.delete(tmpFile.toPath());
2255 } catch (IOException e) {
2256 logger.warn("Failed to delete received contacts temp file “{}”, ignoring: {}",
2257 tmpFile,
2258 e.getMessage());
2259 }
2260 }
2261 }
2262 }
2263 if (syncMessage.getVerified().isPresent()) {
2264 final var verifiedMessage = syncMessage.getVerified().get();
2265 account.getIdentityKeyStore()
2266 .setIdentityTrustLevel(resolveRecipientTrusted(verifiedMessage.getDestination()),
2267 verifiedMessage.getIdentityKey(),
2268 TrustLevel.fromVerifiedState(verifiedMessage.getVerified()));
2269 }
2270 if (syncMessage.getStickerPackOperations().isPresent()) {
2271 final var stickerPackOperationMessages = syncMessage.getStickerPackOperations().get();
2272 for (var m : stickerPackOperationMessages) {
2273 if (!m.getPackId().isPresent()) {
2274 continue;
2275 }
2276 final var stickerPackId = StickerPackId.deserialize(m.getPackId().get());
2277 var sticker = account.getStickerStore().getSticker(stickerPackId);
2278 if (sticker == null) {
2279 if (!m.getPackKey().isPresent()) {
2280 continue;
2281 }
2282 sticker = new Sticker(stickerPackId, m.getPackKey().get());
2283 }
2284 sticker.setInstalled(!m.getType().isPresent()
2285 || m.getType().get() == StickerPackOperationMessage.Type.INSTALL);
2286 account.getStickerStore().updateSticker(sticker);
2287 }
2288 }
2289 if (syncMessage.getFetchType().isPresent()) {
2290 switch (syncMessage.getFetchType().get()) {
2291 case LOCAL_PROFILE:
2292 getRecipientProfile(account.getSelfRecipientId(), true);
2293 case STORAGE_MANIFEST:
2294 // TODO
2295 }
2296 }
2297 if (syncMessage.getKeys().isPresent()) {
2298 final var keysMessage = syncMessage.getKeys().get();
2299 if (keysMessage.getStorageService().isPresent()) {
2300 final var storageKey = keysMessage.getStorageService().get();
2301 account.setStorageKey(storageKey);
2302 }
2303 }
2304 if (syncMessage.getConfiguration().isPresent()) {
2305 // TODO
2306 }
2307 }
2308 }
2309 return actions;
2310 }
2311
2312 private void downloadContactAvatar(SignalServiceAttachment avatar, SignalServiceAddress address) {
2313 try {
2314 avatarStore.storeContactAvatar(address, outputStream -> retrieveAttachment(avatar, outputStream));
2315 } catch (IOException e) {
2316 logger.warn("Failed to download avatar for contact {}, ignoring: {}", address, e.getMessage());
2317 }
2318 }
2319
2320 private void downloadGroupAvatar(SignalServiceAttachment avatar, GroupId groupId) {
2321 try {
2322 avatarStore.storeGroupAvatar(groupId, outputStream -> retrieveAttachment(avatar, outputStream));
2323 } catch (IOException e) {
2324 logger.warn("Failed to download avatar for group {}, ignoring: {}", groupId.toBase64(), e.getMessage());
2325 }
2326 }
2327
2328 private void downloadGroupAvatar(GroupId groupId, GroupSecretParams groupSecretParams, String cdnKey) {
2329 try {
2330 avatarStore.storeGroupAvatar(groupId,
2331 outputStream -> retrieveGroupV2Avatar(groupSecretParams, cdnKey, outputStream));
2332 } catch (IOException e) {
2333 logger.warn("Failed to download avatar for group {}, ignoring: {}", groupId.toBase64(), e.getMessage());
2334 }
2335 }
2336
2337 private void downloadProfileAvatar(
2338 SignalServiceAddress address, String avatarPath, ProfileKey profileKey
2339 ) {
2340 try {
2341 avatarStore.storeProfileAvatar(address,
2342 outputStream -> retrieveProfileAvatar(avatarPath, profileKey, outputStream));
2343 } catch (Throwable e) {
2344 logger.warn("Failed to download profile avatar, ignoring: {}", e.getMessage());
2345 }
2346 }
2347
2348 public File getAttachmentFile(SignalServiceAttachmentRemoteId attachmentId) {
2349 return attachmentStore.getAttachmentFile(attachmentId);
2350 }
2351
2352 private void downloadAttachment(final SignalServiceAttachment attachment) {
2353 if (!attachment.isPointer()) {
2354 logger.warn("Invalid state, can't store an attachment stream.");
2355 }
2356
2357 var pointer = attachment.asPointer();
2358 if (pointer.getPreview().isPresent()) {
2359 final var preview = pointer.getPreview().get();
2360 try {
2361 attachmentStore.storeAttachmentPreview(pointer.getRemoteId(),
2362 outputStream -> outputStream.write(preview, 0, preview.length));
2363 } catch (IOException e) {
2364 logger.warn("Failed to download attachment preview, ignoring: {}", e.getMessage());
2365 }
2366 }
2367
2368 try {
2369 attachmentStore.storeAttachment(pointer.getRemoteId(),
2370 outputStream -> retrieveAttachmentPointer(pointer, outputStream));
2371 } catch (IOException e) {
2372 logger.warn("Failed to download attachment ({}), ignoring: {}", pointer.getRemoteId(), e.getMessage());
2373 }
2374 }
2375
2376 private void retrieveGroupV2Avatar(
2377 GroupSecretParams groupSecretParams, String cdnKey, OutputStream outputStream
2378 ) throws IOException {
2379 var groupOperations = groupsV2Operations.forGroup(groupSecretParams);
2380
2381 var tmpFile = IOUtils.createTempFile();
2382 try (InputStream input = messageReceiver.retrieveGroupsV2ProfileAvatar(cdnKey,
2383 tmpFile,
2384 ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE)) {
2385 var encryptedData = IOUtils.readFully(input);
2386
2387 var decryptedData = groupOperations.decryptAvatar(encryptedData);
2388 outputStream.write(decryptedData);
2389 } finally {
2390 try {
2391 Files.delete(tmpFile.toPath());
2392 } catch (IOException e) {
2393 logger.warn("Failed to delete received group avatar temp file “{}”, ignoring: {}",
2394 tmpFile,
2395 e.getMessage());
2396 }
2397 }
2398 }
2399
2400 private void retrieveProfileAvatar(
2401 String avatarPath, ProfileKey profileKey, OutputStream outputStream
2402 ) throws IOException {
2403 var tmpFile = IOUtils.createTempFile();
2404 try (var input = messageReceiver.retrieveProfileAvatar(avatarPath,
2405 tmpFile,
2406 profileKey,
2407 ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE)) {
2408 // Use larger buffer size to prevent AssertionError: Need: 12272 but only have: 8192 ...
2409 IOUtils.copyStream(input, outputStream, (int) ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE);
2410 } finally {
2411 try {
2412 Files.delete(tmpFile.toPath());
2413 } catch (IOException e) {
2414 logger.warn("Failed to delete received profile avatar temp file “{}”, ignoring: {}",
2415 tmpFile,
2416 e.getMessage());
2417 }
2418 }
2419 }
2420
2421 private void retrieveAttachment(
2422 final SignalServiceAttachment attachment, final OutputStream outputStream
2423 ) throws IOException {
2424 if (attachment.isPointer()) {
2425 var pointer = attachment.asPointer();
2426 retrieveAttachmentPointer(pointer, outputStream);
2427 } else {
2428 var stream = attachment.asStream();
2429 IOUtils.copyStream(stream.getInputStream(), outputStream);
2430 }
2431 }
2432
2433 private void retrieveAttachmentPointer(
2434 SignalServiceAttachmentPointer pointer, OutputStream outputStream
2435 ) throws IOException {
2436 var tmpFile = IOUtils.createTempFile();
2437 try (var input = retrieveAttachmentAsStream(pointer, tmpFile)) {
2438 IOUtils.copyStream(input, outputStream);
2439 } catch (MissingConfigurationException | InvalidMessageException e) {
2440 throw new IOException(e);
2441 } finally {
2442 try {
2443 Files.delete(tmpFile.toPath());
2444 } catch (IOException e) {
2445 logger.warn("Failed to delete received attachment temp file “{}”, ignoring: {}",
2446 tmpFile,
2447 e.getMessage());
2448 }
2449 }
2450 }
2451
2452 private InputStream retrieveAttachmentAsStream(
2453 SignalServiceAttachmentPointer pointer, File tmpFile
2454 ) throws IOException, InvalidMessageException, MissingConfigurationException {
2455 return messageReceiver.retrieveAttachment(pointer, tmpFile, ServiceConfig.MAX_ATTACHMENT_SIZE);
2456 }
2457
2458 void sendGroups() throws IOException, UntrustedIdentityException {
2459 var groupsFile = IOUtils.createTempFile();
2460
2461 try {
2462 try (OutputStream fos = new FileOutputStream(groupsFile)) {
2463 var out = new DeviceGroupsOutputStream(fos);
2464 for (var record : getGroups()) {
2465 if (record instanceof GroupInfoV1) {
2466 var groupInfo = (GroupInfoV1) record;
2467 out.write(new DeviceGroup(groupInfo.getGroupId().serialize(),
2468 Optional.fromNullable(groupInfo.name),
2469 groupInfo.getMembers()
2470 .stream()
2471 .map(this::resolveSignalServiceAddress)
2472 .collect(Collectors.toList()),
2473 createGroupAvatarAttachment(groupInfo.getGroupId()),
2474 groupInfo.isMember(account.getSelfRecipientId()),
2475 Optional.of(groupInfo.messageExpirationTime),
2476 Optional.fromNullable(groupInfo.color),
2477 groupInfo.blocked,
2478 Optional.absent(),
2479 groupInfo.archived));
2480 }
2481 }
2482 }
2483
2484 if (groupsFile.exists() && groupsFile.length() > 0) {
2485 try (var groupsFileStream = new FileInputStream(groupsFile)) {
2486 var attachmentStream = SignalServiceAttachment.newStreamBuilder()
2487 .withStream(groupsFileStream)
2488 .withContentType("application/octet-stream")
2489 .withLength(groupsFile.length())
2490 .build();
2491
2492 sendSyncMessage(SignalServiceSyncMessage.forGroups(attachmentStream));
2493 }
2494 }
2495 } finally {
2496 try {
2497 Files.delete(groupsFile.toPath());
2498 } catch (IOException e) {
2499 logger.warn("Failed to delete groups temp file “{}”, ignoring: {}", groupsFile, e.getMessage());
2500 }
2501 }
2502 }
2503
2504 public void sendContacts() throws IOException, UntrustedIdentityException {
2505 var contactsFile = IOUtils.createTempFile();
2506
2507 try {
2508 try (OutputStream fos = new FileOutputStream(contactsFile)) {
2509 var out = new DeviceContactsOutputStream(fos);
2510 for (var contactPair : account.getContactStore().getContacts()) {
2511 final var recipientId = contactPair.first();
2512 final var contact = contactPair.second();
2513 final var address = resolveSignalServiceAddress(recipientId);
2514
2515 var currentIdentity = account.getIdentityKeyStore().getIdentity(recipientId);
2516 VerifiedMessage verifiedMessage = null;
2517 if (currentIdentity != null) {
2518 verifiedMessage = new VerifiedMessage(address,
2519 currentIdentity.getIdentityKey(),
2520 currentIdentity.getTrustLevel().toVerifiedState(),
2521 currentIdentity.getDateAdded().getTime());
2522 }
2523
2524 var profileKey = account.getProfileStore().getProfileKey(recipientId);
2525 out.write(new DeviceContact(address,
2526 Optional.fromNullable(contact.getName()),
2527 createContactAvatarAttachment(address),
2528 Optional.fromNullable(contact.getColor()),
2529 Optional.fromNullable(verifiedMessage),
2530 Optional.fromNullable(profileKey),
2531 contact.isBlocked(),
2532 Optional.of(contact.getMessageExpirationTime()),
2533 Optional.absent(),
2534 contact.isArchived()));
2535 }
2536
2537 if (account.getProfileKey() != null) {
2538 // Send our own profile key as well
2539 out.write(new DeviceContact(account.getSelfAddress(),
2540 Optional.absent(),
2541 Optional.absent(),
2542 Optional.absent(),
2543 Optional.absent(),
2544 Optional.of(account.getProfileKey()),
2545 false,
2546 Optional.absent(),
2547 Optional.absent(),
2548 false));
2549 }
2550 }
2551
2552 if (contactsFile.exists() && contactsFile.length() > 0) {
2553 try (var contactsFileStream = new FileInputStream(contactsFile)) {
2554 var attachmentStream = SignalServiceAttachment.newStreamBuilder()
2555 .withStream(contactsFileStream)
2556 .withContentType("application/octet-stream")
2557 .withLength(contactsFile.length())
2558 .build();
2559
2560 sendSyncMessage(SignalServiceSyncMessage.forContacts(new ContactsMessage(attachmentStream, true)));
2561 }
2562 }
2563 } finally {
2564 try {
2565 Files.delete(contactsFile.toPath());
2566 } catch (IOException e) {
2567 logger.warn("Failed to delete contacts temp file “{}”, ignoring: {}", contactsFile, e.getMessage());
2568 }
2569 }
2570 }
2571
2572 void sendBlockedList() throws IOException, UntrustedIdentityException {
2573 var addresses = new ArrayList<SignalServiceAddress>();
2574 for (var record : account.getContactStore().getContacts()) {
2575 if (record.second().isBlocked()) {
2576 addresses.add(resolveSignalServiceAddress(record.first()));
2577 }
2578 }
2579 var groupIds = new ArrayList<byte[]>();
2580 for (var record : getGroups()) {
2581 if (record.isBlocked()) {
2582 groupIds.add(record.getGroupId().serialize());
2583 }
2584 }
2585 sendSyncMessage(SignalServiceSyncMessage.forBlocked(new BlockedListMessage(addresses, groupIds)));
2586 }
2587
2588 private void sendVerifiedMessage(
2589 SignalServiceAddress destination, IdentityKey identityKey, TrustLevel trustLevel
2590 ) throws IOException, UntrustedIdentityException {
2591 var verifiedMessage = new VerifiedMessage(destination,
2592 identityKey,
2593 trustLevel.toVerifiedState(),
2594 System.currentTimeMillis());
2595 sendSyncMessage(SignalServiceSyncMessage.forVerified(verifiedMessage));
2596 }
2597
2598 public List<Pair<RecipientId, Contact>> getContacts() {
2599 return account.getContactStore().getContacts();
2600 }
2601
2602 public String getContactOrProfileName(String number) throws InvalidNumberException {
2603 final var recipientId = canonicalizeAndResolveRecipient(number);
2604 final var recipient = account.getRecipientStore().getRecipient(recipientId);
2605 if (recipient == null) {
2606 return null;
2607 }
2608
2609 if (recipient.getContact() != null && !Util.isEmpty(recipient.getContact().getName())) {
2610 return recipient.getContact().getName();
2611 }
2612
2613 if (recipient.getProfile() != null && recipient.getProfile() != null) {
2614 return recipient.getProfile().getDisplayName();
2615 }
2616
2617 return null;
2618 }
2619
2620 public GroupInfo getGroup(GroupId groupId) {
2621 final var group = account.getGroupStore().getGroup(groupId);
2622 if (group instanceof GroupInfoV2 && ((GroupInfoV2) group).getGroup() == null) {
2623 final var groupSecretParams = GroupSecretParams.deriveFromMasterKey(((GroupInfoV2) group).getMasterKey());
2624 ((GroupInfoV2) group).setGroup(groupV2Helper.getDecryptedGroup(groupSecretParams), this::resolveRecipient);
2625 account.getGroupStore().updateGroup(group);
2626 }
2627 return group;
2628 }
2629
2630 public List<IdentityInfo> getIdentities() {
2631 return account.getIdentityKeyStore().getIdentities();
2632 }
2633
2634 public List<IdentityInfo> getIdentities(String number) throws InvalidNumberException {
2635 final var identity = account.getIdentityKeyStore().getIdentity(canonicalizeAndResolveRecipient(number));
2636 return identity == null ? List.of() : List.of(identity);
2637 }
2638
2639 /**
2640 * Trust this the identity with this fingerprint
2641 *
2642 * @param name username of the identity
2643 * @param fingerprint Fingerprint
2644 */
2645 public boolean trustIdentityVerified(String name, byte[] fingerprint) throws InvalidNumberException {
2646 var recipientId = canonicalizeAndResolveRecipient(name);
2647 return trustIdentity(recipientId,
2648 identityKey -> Arrays.equals(identityKey.serialize(), fingerprint),
2649 TrustLevel.TRUSTED_VERIFIED);
2650 }
2651
2652 /**
2653 * Trust this the identity with this safety number
2654 *
2655 * @param name username of the identity
2656 * @param safetyNumber Safety number
2657 */
2658 public boolean trustIdentityVerifiedSafetyNumber(String name, String safetyNumber) throws InvalidNumberException {
2659 var recipientId = canonicalizeAndResolveRecipient(name);
2660 var address = account.getRecipientStore().resolveServiceAddress(recipientId);
2661 return trustIdentity(recipientId,
2662 identityKey -> safetyNumber.equals(computeSafetyNumber(address, identityKey)),
2663 TrustLevel.TRUSTED_VERIFIED);
2664 }
2665
2666 /**
2667 * Trust all keys of this identity without verification
2668 *
2669 * @param name username of the identity
2670 */
2671 public boolean trustIdentityAllKeys(String name) throws InvalidNumberException {
2672 var recipientId = canonicalizeAndResolveRecipient(name);
2673 return trustIdentity(recipientId, identityKey -> true, TrustLevel.TRUSTED_UNVERIFIED);
2674 }
2675
2676 private boolean trustIdentity(
2677 RecipientId recipientId, Function<IdentityKey, Boolean> verifier, TrustLevel trustLevel
2678 ) {
2679 var identity = account.getIdentityKeyStore().getIdentity(recipientId);
2680 if (identity == null) {
2681 return false;
2682 }
2683
2684 if (!verifier.apply(identity.getIdentityKey())) {
2685 return false;
2686 }
2687
2688 account.getIdentityKeyStore().setIdentityTrustLevel(recipientId, identity.getIdentityKey(), trustLevel);
2689 try {
2690 var address = account.getRecipientStore().resolveServiceAddress(recipientId);
2691 sendVerifiedMessage(address, identity.getIdentityKey(), trustLevel);
2692 } catch (IOException | UntrustedIdentityException e) {
2693 logger.warn("Failed to send verification sync message: {}", e.getMessage());
2694 }
2695
2696 return true;
2697 }
2698
2699 public String computeSafetyNumber(
2700 SignalServiceAddress theirAddress, IdentityKey theirIdentityKey
2701 ) {
2702 return Utils.computeSafetyNumber(ServiceConfig.capabilities.isUuid(),
2703 account.getSelfAddress(),
2704 getIdentityKeyPair().getPublicKey(),
2705 theirAddress,
2706 theirIdentityKey);
2707 }
2708
2709 @Deprecated
2710 public SignalServiceAddress resolveSignalServiceAddress(String identifier) {
2711 var address = Utils.getSignalServiceAddressFromIdentifier(identifier);
2712
2713 return resolveSignalServiceAddress(address);
2714 }
2715
2716 @Deprecated
2717 public SignalServiceAddress resolveSignalServiceAddress(SignalServiceAddress address) {
2718 if (address.matches(account.getSelfAddress())) {
2719 return account.getSelfAddress();
2720 }
2721
2722 return account.getRecipientStore().resolveServiceAddress(address);
2723 }
2724
2725 public SignalServiceAddress resolveSignalServiceAddress(RecipientId recipientId) {
2726 return account.getRecipientStore().resolveServiceAddress(recipientId);
2727 }
2728
2729 public RecipientId canonicalizeAndResolveRecipient(String identifier) throws InvalidNumberException {
2730 var canonicalizedNumber = UuidUtil.isUuid(identifier)
2731 ? identifier
2732 : PhoneNumberFormatter.formatNumber(identifier, account.getUsername());
2733
2734 return resolveRecipient(canonicalizedNumber);
2735 }
2736
2737 private RecipientId resolveRecipient(final String identifier) {
2738 var address = Utils.getSignalServiceAddressFromIdentifier(identifier);
2739
2740 return resolveRecipient(address);
2741 }
2742
2743 public RecipientId resolveRecipient(SignalServiceAddress address) {
2744 return account.getRecipientStore().resolveRecipient(address);
2745 }
2746
2747 private RecipientId resolveRecipientTrusted(SignalServiceAddress address) {
2748 return account.getRecipientStore().resolveRecipientTrusted(address);
2749 }
2750
2751 @Override
2752 public void close() throws IOException {
2753 close(true);
2754 }
2755
2756 void close(boolean closeAccount) throws IOException {
2757 executor.shutdown();
2758
2759 if (messagePipe != null) {
2760 messagePipe.shutdown();
2761 messagePipe = null;
2762 }
2763
2764 if (unidentifiedMessagePipe != null) {
2765 unidentifiedMessagePipe.shutdown();
2766 unidentifiedMessagePipe = null;
2767 }
2768
2769 if (closeAccount && account != null) {
2770 account.close();
2771 }
2772 account = null;
2773 }
2774
2775 public interface ReceiveMessageHandler {
2776
2777 void handleMessage(SignalServiceEnvelope envelope, SignalServiceContent decryptedContent, Throwable e);
2778 }
2779 }
[GitHub/AsamK] signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Codeberg
GitHub
GitLab
SourceHut