]> nmode's Git Repositories - signal-cli/blob - lib/src/main/java/org/asamk/signal/manager/Manager.java
git.nmode.ca / signal-cli / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Trust an identity with its scannable safety numbers from the other device
[signal-cli] / lib / src / main / java / org / asamk / signal / manager / Manager.java
1 /*
2 Copyright (C) 2015-2021 AsamK and contributors
3
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation, either version 3 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>.
16 */
17 package org.asamk.signal.manager;
18
19 import org.asamk.signal.manager.api.Device;
20 import org.asamk.signal.manager.api.TypingAction;
21 import org.asamk.signal.manager.config.ServiceConfig;
22 import org.asamk.signal.manager.config.ServiceEnvironment;
23 import org.asamk.signal.manager.config.ServiceEnvironmentConfig;
24 import org.asamk.signal.manager.groups.GroupId;
25 import org.asamk.signal.manager.groups.GroupIdV1;
26 import org.asamk.signal.manager.groups.GroupInviteLinkUrl;
27 import org.asamk.signal.manager.groups.GroupLinkState;
28 import org.asamk.signal.manager.groups.GroupNotFoundException;
29 import org.asamk.signal.manager.groups.GroupPermission;
30 import org.asamk.signal.manager.groups.GroupUtils;
31 import org.asamk.signal.manager.groups.LastGroupAdminException;
32 import org.asamk.signal.manager.groups.NotAGroupMemberException;
33 import org.asamk.signal.manager.helper.GroupV2Helper;
34 import org.asamk.signal.manager.helper.PinHelper;
35 import org.asamk.signal.manager.helper.ProfileHelper;
36 import org.asamk.signal.manager.helper.SendHelper;
37 import org.asamk.signal.manager.helper.UnidentifiedAccessHelper;
38 import org.asamk.signal.manager.jobs.Context;
39 import org.asamk.signal.manager.jobs.Job;
40 import org.asamk.signal.manager.jobs.RetrieveStickerPackJob;
41 import org.asamk.signal.manager.storage.SignalAccount;
42 import org.asamk.signal.manager.storage.groups.GroupInfo;
43 import org.asamk.signal.manager.storage.groups.GroupInfoV1;
44 import org.asamk.signal.manager.storage.groups.GroupInfoV2;
45 import org.asamk.signal.manager.storage.identities.IdentityInfo;
46 import org.asamk.signal.manager.storage.messageCache.CachedMessage;
47 import org.asamk.signal.manager.storage.recipients.Contact;
48 import org.asamk.signal.manager.storage.recipients.Profile;
49 import org.asamk.signal.manager.storage.recipients.RecipientId;
50 import org.asamk.signal.manager.storage.stickers.Sticker;
51 import org.asamk.signal.manager.storage.stickers.StickerPackId;
52 import org.asamk.signal.manager.util.AttachmentUtils;
53 import org.asamk.signal.manager.util.IOUtils;
54 import org.asamk.signal.manager.util.KeyUtils;
55 import org.asamk.signal.manager.util.ProfileUtils;
56 import org.asamk.signal.manager.util.StickerUtils;
57 import org.asamk.signal.manager.util.Utils;
58 import org.signal.libsignal.metadata.InvalidMetadataMessageException;
59 import org.signal.libsignal.metadata.InvalidMetadataVersionException;
60 import org.signal.libsignal.metadata.ProtocolDuplicateMessageException;
61 import org.signal.libsignal.metadata.ProtocolInvalidKeyException;
62 import org.signal.libsignal.metadata.ProtocolInvalidKeyIdException;
63 import org.signal.libsignal.metadata.ProtocolInvalidMessageException;
64 import org.signal.libsignal.metadata.ProtocolInvalidVersionException;
65 import org.signal.libsignal.metadata.ProtocolLegacyMessageException;
66 import org.signal.libsignal.metadata.ProtocolNoSessionException;
67 import org.signal.libsignal.metadata.ProtocolUntrustedIdentityException;
68 import org.signal.libsignal.metadata.SelfSendException;
69 import org.signal.storageservice.protos.groups.GroupChange;
70 import org.signal.storageservice.protos.groups.local.DecryptedGroup;
71 import org.signal.zkgroup.InvalidInputException;
72 import org.signal.zkgroup.VerificationFailedException;
73 import org.signal.zkgroup.groups.GroupMasterKey;
74 import org.signal.zkgroup.groups.GroupSecretParams;
75 import org.signal.zkgroup.profiles.ProfileKey;
76 import org.signal.zkgroup.profiles.ProfileKeyCredential;
77 import org.slf4j.Logger;
78 import org.slf4j.LoggerFactory;
79 import org.whispersystems.libsignal.IdentityKey;
80 import org.whispersystems.libsignal.IdentityKeyPair;
81 import org.whispersystems.libsignal.InvalidKeyException;
82 import org.whispersystems.libsignal.InvalidMessageException;
83 import org.whispersystems.libsignal.ecc.ECPublicKey;
84 import org.whispersystems.libsignal.fingerprint.Fingerprint;
85 import org.whispersystems.libsignal.fingerprint.FingerprintParsingException;
86 import org.whispersystems.libsignal.fingerprint.FingerprintVersionMismatchException;
87 import org.whispersystems.libsignal.state.PreKeyRecord;
88 import org.whispersystems.libsignal.state.SignedPreKeyRecord;
89 import org.whispersystems.libsignal.util.Pair;
90 import org.whispersystems.libsignal.util.guava.Optional;
91 import org.whispersystems.signalservice.api.InvalidMessageStructureException;
92 import org.whispersystems.signalservice.api.SignalSessionLock;
93 import org.whispersystems.signalservice.api.crypto.UntrustedIdentityException;
94 import org.whispersystems.signalservice.api.groupsv2.GroupLinkNotActiveException;
95 import org.whispersystems.signalservice.api.groupsv2.GroupsV2AuthorizationString;
96 import org.whispersystems.signalservice.api.messages.SendMessageResult;
97 import org.whispersystems.signalservice.api.messages.SignalServiceAttachment;
98 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentPointer;
99 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentRemoteId;
100 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentStream;
101 import org.whispersystems.signalservice.api.messages.SignalServiceContent;
102 import org.whispersystems.signalservice.api.messages.SignalServiceDataMessage;
103 import org.whispersystems.signalservice.api.messages.SignalServiceEnvelope;
104 import org.whispersystems.signalservice.api.messages.SignalServiceGroup;
105 import org.whispersystems.signalservice.api.messages.SignalServiceGroupV2;
106 import org.whispersystems.signalservice.api.messages.SignalServiceReceiptMessage;
107 import org.whispersystems.signalservice.api.messages.SignalServiceTypingMessage;
108 import org.whispersystems.signalservice.api.messages.multidevice.BlockedListMessage;
109 import org.whispersystems.signalservice.api.messages.multidevice.ContactsMessage;
110 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContact;
111 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContactsInputStream;
112 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContactsOutputStream;
113 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroup;
114 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroupsInputStream;
115 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroupsOutputStream;
116 import org.whispersystems.signalservice.api.messages.multidevice.RequestMessage;
117 import org.whispersystems.signalservice.api.messages.multidevice.SignalServiceSyncMessage;
118 import org.whispersystems.signalservice.api.messages.multidevice.StickerPackOperationMessage;
119 import org.whispersystems.signalservice.api.messages.multidevice.VerifiedMessage;
120 import org.whispersystems.signalservice.api.profiles.ProfileAndCredential;
121 import org.whispersystems.signalservice.api.profiles.SignalServiceProfile;
122 import org.whispersystems.signalservice.api.push.SignalServiceAddress;
123 import org.whispersystems.signalservice.api.push.exceptions.ConflictException;
124 import org.whispersystems.signalservice.api.push.exceptions.MissingConfigurationException;
125 import org.whispersystems.signalservice.api.util.DeviceNameUtil;
126 import org.whispersystems.signalservice.api.util.InvalidNumberException;
127 import org.whispersystems.signalservice.api.util.PhoneNumberFormatter;
128 import org.whispersystems.signalservice.api.util.UuidUtil;
129 import org.whispersystems.signalservice.api.websocket.WebSocketUnavailableException;
130 import org.whispersystems.signalservice.internal.contacts.crypto.Quote;
131 import org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedQuoteException;
132 import org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedResponseException;
133 import org.whispersystems.signalservice.internal.push.SignalServiceProtos;
134 import org.whispersystems.signalservice.internal.push.UnsupportedDataMessageException;
135 import org.whispersystems.signalservice.internal.util.DynamicCredentialsProvider;
136 import org.whispersystems.signalservice.internal.util.Hex;
137 import org.whispersystems.signalservice.internal.util.Util;
138
139 import java.io.Closeable;
140 import java.io.File;
141 import java.io.FileInputStream;
142 import java.io.FileOutputStream;
143 import java.io.IOException;
144 import java.io.InputStream;
145 import java.io.OutputStream;
146 import java.net.URI;
147 import java.net.URISyntaxException;
148 import java.net.URLEncoder;
149 import java.nio.charset.StandardCharsets;
150 import java.nio.file.Files;
151 import java.security.SignatureException;
152 import java.util.ArrayList;
153 import java.util.Arrays;
154 import java.util.Base64;
155 import java.util.Collection;
156 import java.util.Date;
157 import java.util.HashSet;
158 import java.util.List;
159 import java.util.Map;
160 import java.util.Set;
161 import java.util.UUID;
162 import java.util.concurrent.ExecutorService;
163 import java.util.concurrent.Executors;
164 import java.util.concurrent.TimeUnit;
165 import java.util.concurrent.TimeoutException;
166 import java.util.concurrent.locks.ReentrantLock;
167 import java.util.function.Function;
168 import java.util.stream.Collectors;
169
170 import static org.asamk.signal.manager.config.ServiceConfig.capabilities;
171
172 public class Manager implements Closeable {
173
174 private final static Logger logger = LoggerFactory.getLogger(Manager.class);
175
176 private final ServiceEnvironmentConfig serviceEnvironmentConfig;
177 private final SignalDependencies dependencies;
178
179 private SignalAccount account;
180
181 private final ExecutorService executor = Executors.newCachedThreadPool();
182
183 private final ProfileHelper profileHelper;
184 private final GroupV2Helper groupV2Helper;
185 private final PinHelper pinHelper;
186 private final SendHelper sendHelper;
187
188 private final AvatarStore avatarStore;
189 private final AttachmentStore attachmentStore;
190 private final StickerPackStore stickerPackStore;
191 private final SignalSessionLock sessionLock = new SignalSessionLock() {
192 private final ReentrantLock LEGACY_LOCK = new ReentrantLock();
193
194 @Override
195 public Lock acquire() {
196 LEGACY_LOCK.lock();
197 return LEGACY_LOCK::unlock;
198 }
199 };
200
201 Manager(
202 SignalAccount account,
203 PathConfig pathConfig,
204 ServiceEnvironmentConfig serviceEnvironmentConfig,
205 String userAgent
206 ) {
207 this.account = account;
208 this.serviceEnvironmentConfig = serviceEnvironmentConfig;
209
210 final var credentialsProvider = new DynamicCredentialsProvider(account.getUuid(),
211 account.getUsername(),
212 account.getPassword(),
213 account.getDeviceId());
214 this.dependencies = new SignalDependencies(account.getSelfAddress(),
215 serviceEnvironmentConfig,
216 userAgent,
217 credentialsProvider,
218 account.getSignalProtocolStore(),
219 executor,
220 sessionLock);
221 this.pinHelper = new PinHelper(dependencies.getKeyBackupService());
222
223 final var unidentifiedAccessHelper = new UnidentifiedAccessHelper(account::getProfileKey,
224 account.getProfileStore()::getProfileKey,
225 this::getRecipientProfile,
226 this::getSenderCertificate);
227 this.profileHelper = new ProfileHelper(account.getProfileStore()::getProfileKey,
228 unidentifiedAccessHelper::getAccessFor,
229 dependencies::getProfileService,
230 dependencies::getMessageReceiver,
231 this::resolveSignalServiceAddress);
232 this.groupV2Helper = new GroupV2Helper(this::getRecipientProfileKeyCredential,
233 this::getRecipientProfile,
234 account::getSelfRecipientId,
235 dependencies.getGroupsV2Operations(),
236 dependencies.getGroupsV2Api(),
237 this::getGroupAuthForToday,
238 this::resolveSignalServiceAddress);
239 this.avatarStore = new AvatarStore(pathConfig.getAvatarsPath());
240 this.attachmentStore = new AttachmentStore(pathConfig.getAttachmentsPath());
241 this.stickerPackStore = new StickerPackStore(pathConfig.getStickerPacksPath());
242 this.sendHelper = new SendHelper(account,
243 dependencies,
244 unidentifiedAccessHelper,
245 this::resolveSignalServiceAddress,
246 this::resolveRecipient,
247 this::handleIdentityFailure,
248 this::getGroup,
249 this::refreshRegisteredUser);
250 }
251
252 public String getUsername() {
253 return account.getUsername();
254 }
255
256 public SignalServiceAddress getSelfAddress() {
257 return account.getSelfAddress();
258 }
259
260 public RecipientId getSelfRecipientId() {
261 return account.getSelfRecipientId();
262 }
263
264 private IdentityKeyPair getIdentityKeyPair() {
265 return account.getIdentityKeyPair();
266 }
267
268 public int getDeviceId() {
269 return account.getDeviceId();
270 }
271
272 public static Manager init(
273 String username, File settingsPath, ServiceEnvironment serviceEnvironment, String userAgent
274 ) throws IOException, NotRegisteredException {
275 var pathConfig = PathConfig.createDefault(settingsPath);
276
277 if (!SignalAccount.userExists(pathConfig.getDataPath(), username)) {
278 throw new NotRegisteredException();
279 }
280
281 var account = SignalAccount.load(pathConfig.getDataPath(), username, true);
282
283 if (!account.isRegistered()) {
284 throw new NotRegisteredException();
285 }
286
287 final var serviceEnvironmentConfig = ServiceConfig.getServiceEnvironmentConfig(serviceEnvironment, userAgent);
288
289 return new Manager(account, pathConfig, serviceEnvironmentConfig, userAgent);
290 }
291
292 public static List<String> getAllLocalUsernames(File settingsPath) {
293 var pathConfig = PathConfig.createDefault(settingsPath);
294 final var dataPath = pathConfig.getDataPath();
295 final var files = dataPath.listFiles();
296
297 if (files == null) {
298 return List.of();
299 }
300
301 return Arrays.stream(files)
302 .filter(File::isFile)
303 .map(File::getName)
304 .filter(file -> PhoneNumberFormatter.isValidNumber(file, null))
305 .collect(Collectors.toList());
306 }
307
308 public void checkAccountState() throws IOException {
309 if (account.getLastReceiveTimestamp() == 0) {
310 logger.warn("The Signal protocol expects that incoming messages are regularly received.");
311 } else {
312 var diffInMilliseconds = System.currentTimeMillis() - account.getLastReceiveTimestamp();
313 long days = TimeUnit.DAYS.convert(diffInMilliseconds, TimeUnit.MILLISECONDS);
314 if (days > 7) {
315 logger.warn(
316 "Messages have been last received {} days ago. The Signal protocol expects that incoming messages are regularly received.",
317 days);
318 }
319 }
320 if (dependencies.getAccountManager().getPreKeysCount() < ServiceConfig.PREKEY_MINIMUM_COUNT) {
321 refreshPreKeys();
322 }
323 if (account.getUuid() == null) {
324 account.setUuid(dependencies.getAccountManager().getOwnUuid());
325 }
326 updateAccountAttributes();
327 }
328
329 /**
330 * This is used for checking a set of phone numbers for registration on Signal
331 *
332 * @param numbers The set of phone number in question
333 * @return A map of numbers to canonicalized number and uuid. If a number is not registered the uuid is null.
334 * @throws IOException if its unable to get the contacts to check if they're registered
335 */
336 public Map<String, Pair<String, UUID>> areUsersRegistered(Set<String> numbers) throws IOException {
337 Map<String, String> canonicalizedNumbers = numbers.stream().collect(Collectors.toMap(n -> n, n -> {
338 try {
339 return canonicalizePhoneNumber(n);
340 } catch (InvalidNumberException e) {
341 return "";
342 }
343 }));
344
345 // Note "contactDetails" has no optionals. It only gives us info on users who are registered
346 var contactDetails = getRegisteredUsers(canonicalizedNumbers.values()
347 .stream()
348 .filter(s -> !s.isEmpty())
349 .collect(Collectors.toSet()));
350
351 // Store numbers as recipients so we have the number/uuid association
352 contactDetails.forEach((number, uuid) -> resolveRecipientTrusted(new SignalServiceAddress(uuid, number)));
353
354 return numbers.stream().collect(Collectors.toMap(n -> n, n -> {
355 final var number = canonicalizedNumbers.get(n);
356 final var uuid = contactDetails.get(number);
357 return new Pair<>(number.isEmpty() ? null : number, uuid);
358 }));
359 }
360
361 public void updateAccountAttributes() throws IOException {
362 dependencies.getAccountManager()
363 .setAccountAttributes(account.getEncryptedDeviceName(),
364 null,
365 account.getLocalRegistrationId(),
366 true,
367 // set legacy pin only if no KBS master key is set
368 account.getPinMasterKey() == null ? account.getRegistrationLockPin() : null,
369 account.getPinMasterKey() == null ? null : account.getPinMasterKey().deriveRegistrationLock(),
370 account.getSelfUnidentifiedAccessKey(),
371 account.isUnrestrictedUnidentifiedAccess(),
372 capabilities,
373 account.isDiscoverableByPhoneNumber());
374 }
375
376 /**
377 * @param givenName if null, the previous givenName will be kept
378 * @param familyName if null, the previous familyName will be kept
379 * @param about if null, the previous about text will be kept
380 * @param aboutEmoji if null, the previous about emoji will be kept
381 * @param avatar if avatar is null the image from the local avatar store is used (if present),
382 */
383 public void setProfile(
384 String givenName, final String familyName, String about, String aboutEmoji, Optional<File> avatar
385 ) throws IOException {
386 var profile = getRecipientProfile(account.getSelfRecipientId());
387 var builder = profile == null ? Profile.newBuilder() : Profile.newBuilder(profile);
388 if (givenName != null) {
389 builder.withGivenName(givenName);
390 }
391 if (familyName != null) {
392 builder.withFamilyName(familyName);
393 }
394 if (about != null) {
395 builder.withAbout(about);
396 }
397 if (aboutEmoji != null) {
398 builder.withAboutEmoji(aboutEmoji);
399 }
400 var newProfile = builder.build();
401
402 try (final var streamDetails = avatar == null
403 ? avatarStore.retrieveProfileAvatar(getSelfAddress())
404 : avatar.isPresent() ? Utils.createStreamDetailsFromFile(avatar.get()) : null) {
405 dependencies.getAccountManager()
406 .setVersionedProfile(account.getUuid(),
407 account.getProfileKey(),
408 newProfile.getInternalServiceName(),
409 newProfile.getAbout() == null ? "" : newProfile.getAbout(),
410 newProfile.getAboutEmoji() == null ? "" : newProfile.getAboutEmoji(),
411 Optional.absent(),
412 streamDetails);
413 }
414
415 if (avatar != null) {
416 if (avatar.isPresent()) {
417 avatarStore.storeProfileAvatar(getSelfAddress(),
418 outputStream -> IOUtils.copyFileToStream(avatar.get(), outputStream));
419 } else {
420 avatarStore.deleteProfileAvatar(getSelfAddress());
421 }
422 }
423 account.getProfileStore().storeProfile(account.getSelfRecipientId(), newProfile);
424
425 sendHelper.sendSyncMessage(SignalServiceSyncMessage.forFetchLatest(SignalServiceSyncMessage.FetchType.LOCAL_PROFILE));
426 }
427
428 public void unregister() throws IOException {
429 // When setting an empty GCM id, the Signal-Server also sets the fetchesMessages property to false.
430 // If this is the master device, other users can't send messages to this number anymore.
431 // If this is a linked device, other users can still send messages, but this device doesn't receive them anymore.
432 dependencies.getAccountManager().setGcmId(Optional.absent());
433
434 account.setRegistered(false);
435 }
436
437 public void deleteAccount() throws IOException {
438 dependencies.getAccountManager().deleteAccount();
439
440 account.setRegistered(false);
441 }
442
443 public List<Device> getLinkedDevices() throws IOException {
444 var devices = dependencies.getAccountManager().getDevices();
445 account.setMultiDevice(devices.size() > 1);
446 var identityKey = account.getIdentityKeyPair().getPrivateKey();
447 return devices.stream().map(d -> {
448 String deviceName = d.getName();
449 if (deviceName != null) {
450 try {
451 deviceName = DeviceNameUtil.decryptDeviceName(deviceName, identityKey);
452 } catch (IOException e) {
453 logger.debug("Failed to decrypt device name, maybe plain text?", e);
454 }
455 }
456 return new Device(d.getId(), deviceName, d.getCreated(), d.getLastSeen());
457 }).collect(Collectors.toList());
458 }
459
460 public void removeLinkedDevices(int deviceId) throws IOException {
461 dependencies.getAccountManager().removeDevice(deviceId);
462 var devices = dependencies.getAccountManager().getDevices();
463 account.setMultiDevice(devices.size() > 1);
464 }
465
466 public void addDeviceLink(URI linkUri) throws IOException, InvalidKeyException {
467 var info = DeviceLinkInfo.parseDeviceLinkUri(linkUri);
468
469 addDevice(info.deviceIdentifier, info.deviceKey);
470 }
471
472 private void addDevice(String deviceIdentifier, ECPublicKey deviceKey) throws IOException, InvalidKeyException {
473 var identityKeyPair = getIdentityKeyPair();
474 var verificationCode = dependencies.getAccountManager().getNewDeviceVerificationCode();
475
476 dependencies.getAccountManager()
477 .addDevice(deviceIdentifier,
478 deviceKey,
479 identityKeyPair,
480 Optional.of(account.getProfileKey().serialize()),
481 verificationCode);
482 account.setMultiDevice(true);
483 }
484
485 public void setRegistrationLockPin(Optional<String> pin) throws IOException, UnauthenticatedResponseException {
486 if (!account.isMasterDevice()) {
487 throw new RuntimeException("Only master device can set a PIN");
488 }
489 if (pin.isPresent()) {
490 final var masterKey = account.getPinMasterKey() != null
491 ? account.getPinMasterKey()
492 : KeyUtils.createMasterKey();
493
494 pinHelper.setRegistrationLockPin(pin.get(), masterKey);
495
496 account.setRegistrationLockPin(pin.get(), masterKey);
497 } else {
498 // Remove KBS Pin
499 pinHelper.removeRegistrationLockPin();
500
501 account.setRegistrationLockPin(null, null);
502 }
503 }
504
505 void refreshPreKeys() throws IOException {
506 var oneTimePreKeys = generatePreKeys();
507 final var identityKeyPair = getIdentityKeyPair();
508 var signedPreKeyRecord = generateSignedPreKey(identityKeyPair);
509
510 dependencies.getAccountManager().setPreKeys(identityKeyPair.getPublicKey(), signedPreKeyRecord, oneTimePreKeys);
511 }
512
513 private List<PreKeyRecord> generatePreKeys() {
514 final var offset = account.getPreKeyIdOffset();
515
516 var records = KeyUtils.generatePreKeyRecords(offset, ServiceConfig.PREKEY_BATCH_SIZE);
517 account.addPreKeys(records);
518
519 return records;
520 }
521
522 private SignedPreKeyRecord generateSignedPreKey(IdentityKeyPair identityKeyPair) {
523 final var signedPreKeyId = account.getNextSignedPreKeyId();
524
525 var record = KeyUtils.generateSignedPreKeyRecord(identityKeyPair, signedPreKeyId);
526 account.addSignedPreKey(record);
527
528 return record;
529 }
530
531 public Profile getRecipientProfile(
532 RecipientId recipientId
533 ) {
534 return getRecipientProfile(recipientId, false);
535 }
536
537 private final Set<RecipientId> pendingProfileRequest = new HashSet<>();
538
539 Profile getRecipientProfile(
540 RecipientId recipientId, boolean force
541 ) {
542 var profile = account.getProfileStore().getProfile(recipientId);
543
544 var now = System.currentTimeMillis();
545 // Profiles are cached for 24h before retrieving them again, unless forced
546 if (!force && profile != null && now - profile.getLastUpdateTimestamp() < 24 * 60 * 60 * 1000) {
547 return profile;
548 }
549
550 synchronized (pendingProfileRequest) {
551 if (pendingProfileRequest.contains(recipientId)) {
552 return profile;
553 }
554 pendingProfileRequest.add(recipientId);
555 }
556 final SignalServiceProfile encryptedProfile;
557 try {
558 encryptedProfile = retrieveEncryptedProfile(recipientId);
559 } finally {
560 synchronized (pendingProfileRequest) {
561 pendingProfileRequest.remove(recipientId);
562 }
563 }
564 if (encryptedProfile == null) {
565 return null;
566 }
567
568 profile = decryptProfileIfKeyKnown(recipientId, encryptedProfile);
569 account.getProfileStore().storeProfile(recipientId, profile);
570
571 return profile;
572 }
573
574 private Profile decryptProfileIfKeyKnown(
575 final RecipientId recipientId, final SignalServiceProfile encryptedProfile
576 ) {
577 var profileKey = account.getProfileStore().getProfileKey(recipientId);
578 if (profileKey == null) {
579 return new Profile(System.currentTimeMillis(),
580 null,
581 null,
582 null,
583 null,
584 ProfileUtils.getUnidentifiedAccessMode(encryptedProfile, null),
585 ProfileUtils.getCapabilities(encryptedProfile));
586 }
587
588 return decryptProfileAndDownloadAvatar(recipientId, profileKey, encryptedProfile);
589 }
590
591 private SignalServiceProfile retrieveEncryptedProfile(RecipientId recipientId) {
592 try {
593 return retrieveProfileAndCredential(recipientId, SignalServiceProfile.RequestType.PROFILE).getProfile();
594 } catch (IOException e) {
595 logger.warn("Failed to retrieve profile, ignoring: {}", e.getMessage());
596 return null;
597 }
598 }
599
600 private ProfileAndCredential retrieveProfileAndCredential(
601 final RecipientId recipientId, final SignalServiceProfile.RequestType requestType
602 ) throws IOException {
603 final var profileAndCredential = profileHelper.retrieveProfileSync(recipientId, requestType);
604 final var profile = profileAndCredential.getProfile();
605
606 try {
607 var newIdentity = account.getIdentityKeyStore()
608 .saveIdentity(recipientId,
609 new IdentityKey(Base64.getDecoder().decode(profile.getIdentityKey())),
610 new Date());
611
612 if (newIdentity) {
613 account.getSessionStore().archiveSessions(recipientId);
614 }
615 } catch (InvalidKeyException ignored) {
616 logger.warn("Got invalid identity key in profile for {}",
617 resolveSignalServiceAddress(recipientId).getIdentifier());
618 }
619 return profileAndCredential;
620 }
621
622 private ProfileKeyCredential getRecipientProfileKeyCredential(RecipientId recipientId) {
623 var profileKeyCredential = account.getProfileStore().getProfileKeyCredential(recipientId);
624 if (profileKeyCredential != null) {
625 return profileKeyCredential;
626 }
627
628 ProfileAndCredential profileAndCredential;
629 try {
630 profileAndCredential = retrieveProfileAndCredential(recipientId,
631 SignalServiceProfile.RequestType.PROFILE_AND_CREDENTIAL);
632 } catch (IOException e) {
633 logger.warn("Failed to retrieve profile key credential, ignoring: {}", e.getMessage());
634 return null;
635 }
636
637 profileKeyCredential = profileAndCredential.getProfileKeyCredential().orNull();
638 account.getProfileStore().storeProfileKeyCredential(recipientId, profileKeyCredential);
639
640 var profileKey = account.getProfileStore().getProfileKey(recipientId);
641 if (profileKey != null) {
642 final var profile = decryptProfileAndDownloadAvatar(recipientId,
643 profileKey,
644 profileAndCredential.getProfile());
645 account.getProfileStore().storeProfile(recipientId, profile);
646 }
647
648 return profileKeyCredential;
649 }
650
651 private Profile decryptProfileAndDownloadAvatar(
652 final RecipientId recipientId, final ProfileKey profileKey, final SignalServiceProfile encryptedProfile
653 ) {
654 if (encryptedProfile.getAvatar() != null) {
655 downloadProfileAvatar(resolveSignalServiceAddress(recipientId), encryptedProfile.getAvatar(), profileKey);
656 }
657
658 return ProfileUtils.decryptProfile(profileKey, encryptedProfile);
659 }
660
661 private Optional<SignalServiceAttachmentStream> createGroupAvatarAttachment(GroupId groupId) throws IOException {
662 final var streamDetails = avatarStore.retrieveGroupAvatar(groupId);
663 if (streamDetails == null) {
664 return Optional.absent();
665 }
666
667 return Optional.of(AttachmentUtils.createAttachment(streamDetails, Optional.absent()));
668 }
669
670 private Optional<SignalServiceAttachmentStream> createContactAvatarAttachment(SignalServiceAddress address) throws IOException {
671 final var streamDetails = avatarStore.retrieveContactAvatar(address);
672 if (streamDetails == null) {
673 return Optional.absent();
674 }
675
676 return Optional.of(AttachmentUtils.createAttachment(streamDetails, Optional.absent()));
677 }
678
679 private GroupInfo getGroupForUpdating(GroupId groupId) throws GroupNotFoundException, NotAGroupMemberException {
680 var g = getGroup(groupId);
681 if (g == null) {
682 throw new GroupNotFoundException(groupId);
683 }
684 if (!g.isMember(account.getSelfRecipientId()) && !g.isPendingMember(account.getSelfRecipientId())) {
685 throw new NotAGroupMemberException(groupId, g.getTitle());
686 }
687 return g;
688 }
689
690 public List<GroupInfo> getGroups() {
691 return account.getGroupStore().getGroups();
692 }
693
694 public Pair<Long, List<SendMessageResult>> sendGroupMessage(
695 String messageText, List<String> attachments, GroupId groupId
696 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, NotAGroupMemberException {
697 final var messageBuilder = createMessageBuilder().withBody(messageText);
698 if (attachments != null) {
699 messageBuilder.withAttachments(AttachmentUtils.getSignalServiceAttachments(attachments));
700 }
701
702 return sendHelper.sendAsGroupMessage(messageBuilder, groupId);
703 }
704
705 public Pair<Long, List<SendMessageResult>> sendGroupMessageReaction(
706 String emoji, boolean remove, String targetAuthor, long targetSentTimestamp, GroupId groupId
707 ) throws IOException, InvalidNumberException, NotAGroupMemberException, GroupNotFoundException {
708 var targetAuthorRecipientId = canonicalizeAndResolveRecipient(targetAuthor);
709 var reaction = new SignalServiceDataMessage.Reaction(emoji,
710 remove,
711 resolveSignalServiceAddress(targetAuthorRecipientId),
712 targetSentTimestamp);
713 final var messageBuilder = createMessageBuilder().withReaction(reaction);
714
715 return sendHelper.sendAsGroupMessage(messageBuilder, groupId);
716 }
717
718 public Pair<Long, List<SendMessageResult>> sendQuitGroupMessage(
719 GroupId groupId, Set<String> groupAdmins
720 ) throws GroupNotFoundException, IOException, NotAGroupMemberException, InvalidNumberException, LastGroupAdminException {
721 var group = getGroupForUpdating(groupId);
722 if (group instanceof GroupInfoV1) {
723 return quitGroupV1((GroupInfoV1) group);
724 }
725
726 final var newAdmins = getRecipientIds(groupAdmins);
727 try {
728 return quitGroupV2((GroupInfoV2) group, newAdmins);
729 } catch (ConflictException e) {
730 // Detected conflicting update, refreshing group and trying again
731 group = getGroup(groupId, true);
732 return quitGroupV2((GroupInfoV2) group, newAdmins);
733 }
734 }
735
736 private Pair<Long, List<SendMessageResult>> quitGroupV1(final GroupInfoV1 groupInfoV1) throws IOException {
737 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.QUIT)
738 .withId(groupInfoV1.getGroupId().serialize())
739 .build();
740
741 var messageBuilder = createMessageBuilder().asGroupMessage(group);
742 groupInfoV1.removeMember(account.getSelfRecipientId());
743 account.getGroupStore().updateGroup(groupInfoV1);
744 return sendHelper.sendGroupMessage(messageBuilder.build(),
745 groupInfoV1.getMembersIncludingPendingWithout(account.getSelfRecipientId()));
746 }
747
748 private Pair<Long, List<SendMessageResult>> quitGroupV2(
749 final GroupInfoV2 groupInfoV2, final Set<RecipientId> newAdmins
750 ) throws LastGroupAdminException, IOException {
751 final var currentAdmins = groupInfoV2.getAdminMembers();
752 newAdmins.removeAll(currentAdmins);
753 newAdmins.retainAll(groupInfoV2.getMembers());
754 if (currentAdmins.contains(getSelfRecipientId())
755 && currentAdmins.size() == 1
756 && groupInfoV2.getMembers().size() > 1
757 && newAdmins.size() == 0) {
758 // Last admin can't leave the group, unless she's also the last member
759 throw new LastGroupAdminException(groupInfoV2.getGroupId(), groupInfoV2.getTitle());
760 }
761 final var groupGroupChangePair = groupV2Helper.leaveGroup(groupInfoV2, newAdmins);
762 groupInfoV2.setGroup(groupGroupChangePair.first(), this::resolveRecipient);
763 var messageBuilder = getGroupUpdateMessageBuilder(groupInfoV2, groupGroupChangePair.second().toByteArray());
764 account.getGroupStore().updateGroup(groupInfoV2);
765 return sendHelper.sendGroupMessage(messageBuilder.build(),
766 groupInfoV2.getMembersIncludingPendingWithout(account.getSelfRecipientId()));
767 }
768
769 public void deleteGroup(GroupId groupId) throws IOException {
770 account.getGroupStore().deleteGroup(groupId);
771 avatarStore.deleteGroupAvatar(groupId);
772 }
773
774 public Pair<GroupId, List<SendMessageResult>> createGroup(
775 String name, List<String> members, File avatarFile
776 ) throws IOException, AttachmentInvalidException, InvalidNumberException {
777 return createGroup(name, members == null ? null : getRecipientIds(members), avatarFile);
778 }
779
780 private Pair<GroupId, List<SendMessageResult>> createGroup(
781 String name, Set<RecipientId> members, File avatarFile
782 ) throws IOException, AttachmentInvalidException {
783 final var selfRecipientId = account.getSelfRecipientId();
784 if (members != null && members.contains(selfRecipientId)) {
785 members = new HashSet<>(members);
786 members.remove(selfRecipientId);
787 }
788
789 var gv2Pair = groupV2Helper.createGroup(name == null ? "" : name,
790 members == null ? Set.of() : members,
791 avatarFile);
792
793 SignalServiceDataMessage.Builder messageBuilder;
794 if (gv2Pair == null) {
795 // Failed to create v2 group, creating v1 group instead
796 var gv1 = new GroupInfoV1(GroupIdV1.createRandom());
797 gv1.addMembers(List.of(selfRecipientId));
798 final var result = updateGroupV1(gv1, name, members, avatarFile);
799 return new Pair<>(gv1.getGroupId(), result.second());
800 }
801
802 final var gv2 = gv2Pair.first();
803 final var decryptedGroup = gv2Pair.second();
804
805 gv2.setGroup(decryptedGroup, this::resolveRecipient);
806 if (avatarFile != null) {
807 avatarStore.storeGroupAvatar(gv2.getGroupId(),
808 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
809 }
810 messageBuilder = getGroupUpdateMessageBuilder(gv2, null);
811 account.getGroupStore().updateGroup(gv2);
812
813 final var result = sendHelper.sendGroupMessage(messageBuilder.build(),
814 gv2.getMembersIncludingPendingWithout(selfRecipientId));
815 return new Pair<>(gv2.getGroupId(), result.second());
816 }
817
818 public Pair<Long, List<SendMessageResult>> updateGroup(
819 GroupId groupId,
820 String name,
821 String description,
822 List<String> members,
823 List<String> removeMembers,
824 List<String> admins,
825 List<String> removeAdmins,
826 boolean resetGroupLink,
827 GroupLinkState groupLinkState,
828 GroupPermission addMemberPermission,
829 GroupPermission editDetailsPermission,
830 File avatarFile,
831 Integer expirationTimer,
832 Boolean isAnnouncementGroup
833 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, InvalidNumberException, NotAGroupMemberException {
834 return updateGroup(groupId,
835 name,
836 description,
837 members == null ? null : getRecipientIds(members),
838 removeMembers == null ? null : getRecipientIds(removeMembers),
839 admins == null ? null : getRecipientIds(admins),
840 removeAdmins == null ? null : getRecipientIds(removeAdmins),
841 resetGroupLink,
842 groupLinkState,
843 addMemberPermission,
844 editDetailsPermission,
845 avatarFile,
846 expirationTimer,
847 isAnnouncementGroup);
848 }
849
850 private Pair<Long, List<SendMessageResult>> updateGroup(
851 final GroupId groupId,
852 final String name,
853 final String description,
854 final Set<RecipientId> members,
855 final Set<RecipientId> removeMembers,
856 final Set<RecipientId> admins,
857 final Set<RecipientId> removeAdmins,
858 final boolean resetGroupLink,
859 final GroupLinkState groupLinkState,
860 final GroupPermission addMemberPermission,
861 final GroupPermission editDetailsPermission,
862 final File avatarFile,
863 final Integer expirationTimer,
864 final Boolean isAnnouncementGroup
865 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, NotAGroupMemberException {
866 var group = getGroupForUpdating(groupId);
867
868 if (group instanceof GroupInfoV2) {
869 try {
870 return updateGroupV2((GroupInfoV2) group,
871 name,
872 description,
873 members,
874 removeMembers,
875 admins,
876 removeAdmins,
877 resetGroupLink,
878 groupLinkState,
879 addMemberPermission,
880 editDetailsPermission,
881 avatarFile,
882 expirationTimer,
883 isAnnouncementGroup);
884 } catch (ConflictException e) {
885 // Detected conflicting update, refreshing group and trying again
886 group = getGroup(groupId, true);
887 return updateGroupV2((GroupInfoV2) group,
888 name,
889 description,
890 members,
891 removeMembers,
892 admins,
893 removeAdmins,
894 resetGroupLink,
895 groupLinkState,
896 addMemberPermission,
897 editDetailsPermission,
898 avatarFile,
899 expirationTimer,
900 isAnnouncementGroup);
901 }
902 }
903
904 final var gv1 = (GroupInfoV1) group;
905 final var result = updateGroupV1(gv1, name, members, avatarFile);
906 if (expirationTimer != null) {
907 setExpirationTimer(gv1, expirationTimer);
908 }
909 return result;
910 }
911
912 private Pair<Long, List<SendMessageResult>> updateGroupV1(
913 final GroupInfoV1 gv1, final String name, final Set<RecipientId> members, final File avatarFile
914 ) throws IOException, AttachmentInvalidException {
915 updateGroupV1Details(gv1, name, members, avatarFile);
916 var messageBuilder = getGroupUpdateMessageBuilder(gv1);
917
918 account.getGroupStore().updateGroup(gv1);
919
920 return sendHelper.sendGroupMessage(messageBuilder.build(),
921 gv1.getMembersIncludingPendingWithout(account.getSelfRecipientId()));
922 }
923
924 private void updateGroupV1Details(
925 final GroupInfoV1 g, final String name, final Collection<RecipientId> members, final File avatarFile
926 ) throws IOException {
927 if (name != null) {
928 g.name = name;
929 }
930
931 if (members != null) {
932 final var newMemberAddresses = members.stream()
933 .filter(member -> !g.isMember(member))
934 .map(this::resolveSignalServiceAddress)
935 .collect(Collectors.toList());
936 final var newE164Members = new HashSet<String>();
937 for (var member : newMemberAddresses) {
938 if (!member.getNumber().isPresent()) {
939 continue;
940 }
941 newE164Members.add(member.getNumber().get());
942 }
943
944 final var registeredUsers = getRegisteredUsers(newE164Members);
945 if (registeredUsers.size() != newE164Members.size()) {
946 // Some of the new members are not registered on Signal
947 newE164Members.removeAll(registeredUsers.keySet());
948 throw new IOException("Failed to add members "
949 + String.join(", ", newE164Members)
950 + " to group: Not registered on Signal");
951 }
952
953 g.addMembers(members);
954 }
955
956 if (avatarFile != null) {
957 avatarStore.storeGroupAvatar(g.getGroupId(),
958 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
959 }
960 }
961
962 private Pair<Long, List<SendMessageResult>> updateGroupV2(
963 final GroupInfoV2 group,
964 final String name,
965 final String description,
966 final Set<RecipientId> members,
967 final Set<RecipientId> removeMembers,
968 final Set<RecipientId> admins,
969 final Set<RecipientId> removeAdmins,
970 final boolean resetGroupLink,
971 final GroupLinkState groupLinkState,
972 final GroupPermission addMemberPermission,
973 final GroupPermission editDetailsPermission,
974 final File avatarFile,
975 final Integer expirationTimer,
976 final Boolean isAnnouncementGroup
977 ) throws IOException {
978 Pair<Long, List<SendMessageResult>> result = null;
979 if (group.isPendingMember(account.getSelfRecipientId())) {
980 var groupGroupChangePair = groupV2Helper.acceptInvite(group);
981 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
982 }
983
984 if (members != null) {
985 final var newMembers = new HashSet<>(members);
986 newMembers.removeAll(group.getMembers());
987 if (newMembers.size() > 0) {
988 var groupGroupChangePair = groupV2Helper.addMembers(group, newMembers);
989 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
990 }
991 }
992
993 if (removeMembers != null) {
994 var existingRemoveMembers = new HashSet<>(removeMembers);
995 existingRemoveMembers.retainAll(group.getMembers());
996 existingRemoveMembers.remove(getSelfRecipientId());// self can be removed with sendQuitGroupMessage
997 if (existingRemoveMembers.size() > 0) {
998 var groupGroupChangePair = groupV2Helper.removeMembers(group, existingRemoveMembers);
999 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
1000 }
1001
1002 var pendingRemoveMembers = new HashSet<>(removeMembers);
1003 pendingRemoveMembers.retainAll(group.getPendingMembers());
1004 if (pendingRemoveMembers.size() > 0) {
1005 var groupGroupChangePair = groupV2Helper.revokeInvitedMembers(group, pendingRemoveMembers);
1006 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
1007 }
1008 }
1009
1010 if (admins != null) {
1011 final var newAdmins = new HashSet<>(admins);
1012 newAdmins.retainAll(group.getMembers());
1013 newAdmins.removeAll(group.getAdminMembers());
1014 if (newAdmins.size() > 0) {
1015 for (var admin : newAdmins) {
1016 var groupGroupChangePair = groupV2Helper.setMemberAdmin(group, admin, true);
1017 result = sendUpdateGroupV2Message(group,
1018 groupGroupChangePair.first(),
1019 groupGroupChangePair.second());
1020 }
1021 }
1022 }
1023
1024 if (removeAdmins != null) {
1025 final var existingRemoveAdmins = new HashSet<>(removeAdmins);
1026 existingRemoveAdmins.retainAll(group.getAdminMembers());
1027 if (existingRemoveAdmins.size() > 0) {
1028 for (var admin : existingRemoveAdmins) {
1029 var groupGroupChangePair = groupV2Helper.setMemberAdmin(group, admin, false);
1030 result = sendUpdateGroupV2Message(group,
1031 groupGroupChangePair.first(),
1032 groupGroupChangePair.second());
1033 }
1034 }
1035 }
1036
1037 if (resetGroupLink) {
1038 var groupGroupChangePair = groupV2Helper.resetGroupLinkPassword(group);
1039 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
1040 }
1041
1042 if (groupLinkState != null) {
1043 var groupGroupChangePair = groupV2Helper.setGroupLinkState(group, groupLinkState);
1044 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
1045 }
1046
1047 if (addMemberPermission != null) {
1048 var groupGroupChangePair = groupV2Helper.setAddMemberPermission(group, addMemberPermission);
1049 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
1050 }
1051
1052 if (editDetailsPermission != null) {
1053 var groupGroupChangePair = groupV2Helper.setEditDetailsPermission(group, editDetailsPermission);
1054 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
1055 }
1056
1057 if (expirationTimer != null) {
1058 var groupGroupChangePair = groupV2Helper.setMessageExpirationTimer(group, expirationTimer);
1059 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
1060 }
1061
1062 if (isAnnouncementGroup != null) {
1063 var groupGroupChangePair = groupV2Helper.setIsAnnouncementGroup(group, isAnnouncementGroup);
1064 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
1065 }
1066
1067 if (name != null || description != null || avatarFile != null) {
1068 var groupGroupChangePair = groupV2Helper.updateGroup(group, name, description, avatarFile);
1069 if (avatarFile != null) {
1070 avatarStore.storeGroupAvatar(group.getGroupId(),
1071 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
1072 }
1073 result = sendUpdateGroupV2Message(group, groupGroupChangePair.first(), groupGroupChangePair.second());
1074 }
1075
1076 return result;
1077 }
1078
1079 public Pair<GroupId, List<SendMessageResult>> joinGroup(
1080 GroupInviteLinkUrl inviteLinkUrl
1081 ) throws IOException, GroupLinkNotActiveException {
1082 final var groupJoinInfo = groupV2Helper.getDecryptedGroupJoinInfo(inviteLinkUrl.getGroupMasterKey(),
1083 inviteLinkUrl.getPassword());
1084 final var groupChange = groupV2Helper.joinGroup(inviteLinkUrl.getGroupMasterKey(),
1085 inviteLinkUrl.getPassword(),
1086 groupJoinInfo);
1087 final var group = getOrMigrateGroup(inviteLinkUrl.getGroupMasterKey(),
1088 groupJoinInfo.getRevision() + 1,
1089 groupChange.toByteArray());
1090
1091 if (group.getGroup() == null) {
1092 // Only requested member, can't send update to group members
1093 return new Pair<>(group.getGroupId(), List.of());
1094 }
1095
1096 final var result = sendUpdateGroupV2Message(group, group.getGroup(), groupChange);
1097
1098 return new Pair<>(group.getGroupId(), result.second());
1099 }
1100
1101 private Pair<Long, List<SendMessageResult>> sendUpdateGroupV2Message(
1102 GroupInfoV2 group, DecryptedGroup newDecryptedGroup, GroupChange groupChange
1103 ) throws IOException {
1104 final var selfRecipientId = account.getSelfRecipientId();
1105 final var members = group.getMembersIncludingPendingWithout(selfRecipientId);
1106 group.setGroup(newDecryptedGroup, this::resolveRecipient);
1107 members.addAll(group.getMembersIncludingPendingWithout(selfRecipientId));
1108
1109 final var messageBuilder = getGroupUpdateMessageBuilder(group, groupChange.toByteArray());
1110 account.getGroupStore().updateGroup(group);
1111 return sendHelper.sendGroupMessage(messageBuilder.build(), members);
1112 }
1113
1114 private static int currentTimeDays() {
1115 return (int) TimeUnit.MILLISECONDS.toDays(System.currentTimeMillis());
1116 }
1117
1118 private GroupsV2AuthorizationString getGroupAuthForToday(
1119 final GroupSecretParams groupSecretParams
1120 ) throws IOException {
1121 final var today = currentTimeDays();
1122 // Returns credentials for the next 7 days
1123 final var credentials = dependencies.getGroupsV2Api().getCredentials(today);
1124 // TODO cache credentials until they expire
1125 var authCredentialResponse = credentials.get(today);
1126 try {
1127 return dependencies.getGroupsV2Api()
1128 .getGroupsV2AuthorizationString(account.getUuid(),
1129 today,
1130 groupSecretParams,
1131 authCredentialResponse);
1132 } catch (VerificationFailedException e) {
1133 throw new IOException(e);
1134 }
1135 }
1136
1137 Pair<Long, List<SendMessageResult>> sendGroupInfoMessage(
1138 GroupIdV1 groupId, SignalServiceAddress recipient
1139 ) throws IOException, NotAGroupMemberException, GroupNotFoundException, AttachmentInvalidException {
1140 GroupInfoV1 g;
1141 var group = getGroupForUpdating(groupId);
1142 if (!(group instanceof GroupInfoV1)) {
1143 throw new IOException("Received an invalid group request for a v2 group!");
1144 }
1145 g = (GroupInfoV1) group;
1146
1147 final var recipientId = resolveRecipient(recipient);
1148 if (!g.isMember(recipientId)) {
1149 throw new NotAGroupMemberException(groupId, g.name);
1150 }
1151
1152 var messageBuilder = getGroupUpdateMessageBuilder(g);
1153
1154 // Send group message only to the recipient who requested it
1155 return sendHelper.sendGroupMessage(messageBuilder.build(), Set.of(recipientId));
1156 }
1157
1158 private SignalServiceDataMessage.Builder getGroupUpdateMessageBuilder(GroupInfoV1 g) throws AttachmentInvalidException {
1159 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.UPDATE)
1160 .withId(g.getGroupId().serialize())
1161 .withName(g.name)
1162 .withMembers(g.getMembers()
1163 .stream()
1164 .map(this::resolveSignalServiceAddress)
1165 .collect(Collectors.toList()));
1166
1167 try {
1168 final var attachment = createGroupAvatarAttachment(g.getGroupId());
1169 if (attachment.isPresent()) {
1170 group.withAvatar(attachment.get());
1171 }
1172 } catch (IOException e) {
1173 throw new AttachmentInvalidException(g.getGroupId().toBase64(), e);
1174 }
1175
1176 return createMessageBuilder().asGroupMessage(group.build()).withExpiration(g.getMessageExpirationTime());
1177 }
1178
1179 private SignalServiceDataMessage.Builder getGroupUpdateMessageBuilder(GroupInfoV2 g, byte[] signedGroupChange) {
1180 var group = SignalServiceGroupV2.newBuilder(g.getMasterKey())
1181 .withRevision(g.getGroup().getRevision())
1182 .withSignedGroupChange(signedGroupChange);
1183 return createMessageBuilder().asGroupMessage(group.build()).withExpiration(g.getMessageExpirationTime());
1184 }
1185
1186 Pair<Long, List<SendMessageResult>> sendGroupInfoRequest(
1187 GroupIdV1 groupId, SignalServiceAddress recipient
1188 ) throws IOException {
1189 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.REQUEST_INFO).withId(groupId.serialize());
1190
1191 var messageBuilder = createMessageBuilder().asGroupMessage(group.build());
1192
1193 // Send group info request message to the recipient who sent us a message with this groupId
1194 return sendHelper.sendGroupMessage(messageBuilder.build(), Set.of(resolveRecipient(recipient)));
1195 }
1196
1197 public void sendReadReceipt(
1198 String sender, List<Long> messageIds
1199 ) throws IOException, UntrustedIdentityException, InvalidNumberException {
1200 var receiptMessage = new SignalServiceReceiptMessage(SignalServiceReceiptMessage.Type.READ,
1201 messageIds,
1202 System.currentTimeMillis());
1203
1204 sendHelper.sendReceiptMessage(receiptMessage, canonicalizeAndResolveRecipient(sender));
1205 }
1206
1207 public void sendViewedReceipt(
1208 String sender, List<Long> messageIds
1209 ) throws IOException, UntrustedIdentityException, InvalidNumberException {
1210 var receiptMessage = new SignalServiceReceiptMessage(SignalServiceReceiptMessage.Type.VIEWED,
1211 messageIds,
1212 System.currentTimeMillis());
1213
1214 sendHelper.sendReceiptMessage(receiptMessage, canonicalizeAndResolveRecipient(sender));
1215 }
1216
1217 void sendDeliveryReceipt(
1218 SignalServiceAddress remoteAddress, List<Long> messageIds
1219 ) throws IOException, UntrustedIdentityException {
1220 var receiptMessage = new SignalServiceReceiptMessage(SignalServiceReceiptMessage.Type.DELIVERY,
1221 messageIds,
1222 System.currentTimeMillis());
1223
1224 sendHelper.sendReceiptMessage(receiptMessage, resolveRecipient(remoteAddress));
1225 }
1226
1227 public Pair<Long, List<SendMessageResult>> sendMessage(
1228 String messageText, List<String> attachments, List<String> recipients
1229 ) throws IOException, AttachmentInvalidException, InvalidNumberException {
1230 final var messageBuilder = createMessageBuilder().withBody(messageText);
1231 if (attachments != null) {
1232 var attachmentStreams = AttachmentUtils.getSignalServiceAttachments(attachments);
1233
1234 // Upload attachments here, so we only upload once even for multiple recipients
1235 var messageSender = dependencies.getMessageSender();
1236 var attachmentPointers = new ArrayList<SignalServiceAttachment>(attachmentStreams.size());
1237 for (var attachment : attachmentStreams) {
1238 if (attachment.isStream()) {
1239 attachmentPointers.add(messageSender.uploadAttachment(attachment.asStream()));
1240 } else if (attachment.isPointer()) {
1241 attachmentPointers.add(attachment.asPointer());
1242 }
1243 }
1244
1245 messageBuilder.withAttachments(attachmentPointers);
1246 }
1247 return sendHelper.sendMessage(messageBuilder, getRecipientIds(recipients));
1248 }
1249
1250 public Pair<Long, SendMessageResult> sendSelfMessage(
1251 String messageText, List<String> attachments
1252 ) throws IOException, AttachmentInvalidException {
1253 final var messageBuilder = createMessageBuilder().withBody(messageText);
1254 if (attachments != null) {
1255 messageBuilder.withAttachments(AttachmentUtils.getSignalServiceAttachments(attachments));
1256 }
1257 return sendHelper.sendSelfMessage(messageBuilder);
1258 }
1259
1260 public Pair<Long, List<SendMessageResult>> sendRemoteDeleteMessage(
1261 long targetSentTimestamp, List<String> recipients
1262 ) throws IOException, InvalidNumberException {
1263 var delete = new SignalServiceDataMessage.RemoteDelete(targetSentTimestamp);
1264 final var messageBuilder = createMessageBuilder().withRemoteDelete(delete);
1265 return sendHelper.sendMessage(messageBuilder, getRecipientIds(recipients));
1266 }
1267
1268 public Pair<Long, List<SendMessageResult>> sendGroupRemoteDeleteMessage(
1269 long targetSentTimestamp, GroupId groupId
1270 ) throws IOException, NotAGroupMemberException, GroupNotFoundException {
1271 var delete = new SignalServiceDataMessage.RemoteDelete(targetSentTimestamp);
1272 final var messageBuilder = createMessageBuilder().withRemoteDelete(delete);
1273 return sendHelper.sendAsGroupMessage(messageBuilder, groupId);
1274 }
1275
1276 public Pair<Long, List<SendMessageResult>> sendMessageReaction(
1277 String emoji, boolean remove, String targetAuthor, long targetSentTimestamp, List<String> recipients
1278 ) throws IOException, InvalidNumberException {
1279 var targetAuthorRecipientId = canonicalizeAndResolveRecipient(targetAuthor);
1280 var reaction = new SignalServiceDataMessage.Reaction(emoji,
1281 remove,
1282 resolveSignalServiceAddress(targetAuthorRecipientId),
1283 targetSentTimestamp);
1284 final var messageBuilder = createMessageBuilder().withReaction(reaction);
1285 return sendHelper.sendMessage(messageBuilder, getRecipientIds(recipients));
1286 }
1287
1288 public Pair<Long, List<SendMessageResult>> sendEndSessionMessage(List<String> recipients) throws IOException, InvalidNumberException {
1289 var messageBuilder = createMessageBuilder().asEndSessionMessage();
1290
1291 final var recipientIds = getRecipientIds(recipients);
1292 try {
1293 return sendHelper.sendMessage(messageBuilder, recipientIds);
1294 } finally {
1295 for (var recipientId : recipientIds) {
1296 handleEndSession(recipientId);
1297 }
1298 }
1299 }
1300
1301 void renewSession(RecipientId recipientId) throws IOException {
1302 account.getSessionStore().archiveSessions(recipientId);
1303 if (!recipientId.equals(getSelfRecipientId())) {
1304 sendHelper.sendNullMessage(recipientId);
1305 }
1306 }
1307
1308 public void setContactName(String number, String name) throws InvalidNumberException, NotMasterDeviceException {
1309 if (!account.isMasterDevice()) {
1310 throw new NotMasterDeviceException();
1311 }
1312 final var recipientId = canonicalizeAndResolveRecipient(number);
1313 var contact = account.getContactStore().getContact(recipientId);
1314 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1315 account.getContactStore().storeContact(recipientId, builder.withName(name).build());
1316 }
1317
1318 public void setContactBlocked(
1319 String number, boolean blocked
1320 ) throws InvalidNumberException, NotMasterDeviceException {
1321 if (!account.isMasterDevice()) {
1322 throw new NotMasterDeviceException();
1323 }
1324 setContactBlocked(canonicalizeAndResolveRecipient(number), blocked);
1325 }
1326
1327 private void setContactBlocked(RecipientId recipientId, boolean blocked) {
1328 var contact = account.getContactStore().getContact(recipientId);
1329 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1330 account.getContactStore().storeContact(recipientId, builder.withBlocked(blocked).build());
1331 }
1332
1333 public void setGroupBlocked(final GroupId groupId, final boolean blocked) throws GroupNotFoundException {
1334 var group = getGroup(groupId);
1335 if (group == null) {
1336 throw new GroupNotFoundException(groupId);
1337 }
1338
1339 group.setBlocked(blocked);
1340 account.getGroupStore().updateGroup(group);
1341 }
1342
1343 private void setExpirationTimer(RecipientId recipientId, int messageExpirationTimer) {
1344 var contact = account.getContactStore().getContact(recipientId);
1345 if (contact != null && contact.getMessageExpirationTime() == messageExpirationTimer) {
1346 return;
1347 }
1348 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1349 account.getContactStore()
1350 .storeContact(recipientId, builder.withMessageExpirationTime(messageExpirationTimer).build());
1351 }
1352
1353 private void sendExpirationTimerUpdate(RecipientId recipientId) throws IOException {
1354 final var messageBuilder = createMessageBuilder().asExpirationUpdate();
1355 sendHelper.sendMessage(messageBuilder, Set.of(recipientId));
1356 }
1357
1358 /**
1359 * Change the expiration timer for a contact
1360 */
1361 public void setExpirationTimer(
1362 String number, int messageExpirationTimer
1363 ) throws IOException, InvalidNumberException {
1364 var recipientId = canonicalizeAndResolveRecipient(number);
1365 setExpirationTimer(recipientId, messageExpirationTimer);
1366 sendExpirationTimerUpdate(recipientId);
1367 }
1368
1369 /**
1370 * Change the expiration timer for a group
1371 */
1372 private void setExpirationTimer(
1373 GroupInfoV1 groupInfoV1, int messageExpirationTimer
1374 ) throws NotAGroupMemberException, GroupNotFoundException, IOException {
1375 groupInfoV1.messageExpirationTime = messageExpirationTimer;
1376 account.getGroupStore().updateGroup(groupInfoV1);
1377 sendExpirationTimerUpdate(groupInfoV1.getGroupId());
1378 }
1379
1380 private void sendExpirationTimerUpdate(GroupIdV1 groupId) throws IOException, NotAGroupMemberException, GroupNotFoundException {
1381 final var messageBuilder = createMessageBuilder().asExpirationUpdate();
1382 sendHelper.sendAsGroupMessage(messageBuilder, groupId);
1383 }
1384
1385 /**
1386 * Upload the sticker pack from path.
1387 *
1388 * @param path Path can be a path to a manifest.json file or to a zip file that contains a manifest.json file
1389 * @return if successful, returns the URL to install the sticker pack in the signal app
1390 */
1391 public String uploadStickerPack(File path) throws IOException, StickerPackInvalidException {
1392 var manifest = StickerUtils.getSignalServiceStickerManifestUpload(path);
1393
1394 var messageSender = dependencies.getMessageSender();
1395
1396 var packKey = KeyUtils.createStickerUploadKey();
1397 var packIdString = messageSender.uploadStickerManifest(manifest, packKey);
1398 var packId = StickerPackId.deserialize(Hex.fromStringCondensed(packIdString));
1399
1400 var sticker = new Sticker(packId, packKey);
1401 account.getStickerStore().updateSticker(sticker);
1402
1403 try {
1404 return new URI("https",
1405 "signal.art",
1406 "/addstickers/",
1407 "pack_id="
1408 + URLEncoder.encode(Hex.toStringCondensed(packId.serialize()), StandardCharsets.UTF_8)
1409 + "&pack_key="
1410 + URLEncoder.encode(Hex.toStringCondensed(packKey), StandardCharsets.UTF_8)).toString();
1411 } catch (URISyntaxException e) {
1412 throw new AssertionError(e);
1413 }
1414 }
1415
1416 public void requestAllSyncData() throws IOException {
1417 requestSyncGroups();
1418 requestSyncContacts();
1419 requestSyncBlocked();
1420 requestSyncConfiguration();
1421 requestSyncKeys();
1422 }
1423
1424 private void requestSyncGroups() throws IOException {
1425 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1426 .setType(SignalServiceProtos.SyncMessage.Request.Type.GROUPS)
1427 .build();
1428 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1429 sendHelper.sendSyncMessage(message);
1430 }
1431
1432 private void requestSyncContacts() throws IOException {
1433 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1434 .setType(SignalServiceProtos.SyncMessage.Request.Type.CONTACTS)
1435 .build();
1436 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1437 sendHelper.sendSyncMessage(message);
1438 }
1439
1440 private void requestSyncBlocked() throws IOException {
1441 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1442 .setType(SignalServiceProtos.SyncMessage.Request.Type.BLOCKED)
1443 .build();
1444 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1445 sendHelper.sendSyncMessage(message);
1446 }
1447
1448 private void requestSyncConfiguration() throws IOException {
1449 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1450 .setType(SignalServiceProtos.SyncMessage.Request.Type.CONFIGURATION)
1451 .build();
1452 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1453 sendHelper.sendSyncMessage(message);
1454 }
1455
1456 private void requestSyncKeys() throws IOException {
1457 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1458 .setType(SignalServiceProtos.SyncMessage.Request.Type.KEYS)
1459 .build();
1460 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1461 sendHelper.sendSyncMessage(message);
1462 }
1463
1464 private byte[] getSenderCertificate() {
1465 byte[] certificate;
1466 try {
1467 if (account.isPhoneNumberShared()) {
1468 certificate = dependencies.getAccountManager().getSenderCertificate();
1469 } else {
1470 certificate = dependencies.getAccountManager().getSenderCertificateForPhoneNumberPrivacy();
1471 }
1472 } catch (IOException e) {
1473 logger.warn("Failed to get sender certificate, ignoring: {}", e.getMessage());
1474 return null;
1475 }
1476 // TODO cache for a day
1477 return certificate;
1478 }
1479
1480 private Set<RecipientId> getRecipientIds(Collection<String> numbers) throws InvalidNumberException {
1481 final var signalServiceAddresses = new HashSet<SignalServiceAddress>(numbers.size());
1482 final var addressesMissingUuid = new HashSet<SignalServiceAddress>();
1483
1484 for (var number : numbers) {
1485 final var resolvedAddress = resolveSignalServiceAddress(canonicalizeAndResolveRecipient(number));
1486 if (resolvedAddress.getUuid().isPresent()) {
1487 signalServiceAddresses.add(resolvedAddress);
1488 } else {
1489 addressesMissingUuid.add(resolvedAddress);
1490 }
1491 }
1492
1493 final var numbersMissingUuid = addressesMissingUuid.stream()
1494 .map(a -> a.getNumber().get())
1495 .collect(Collectors.toSet());
1496 Map<String, UUID> registeredUsers;
1497 try {
1498 registeredUsers = getRegisteredUsers(numbersMissingUuid);
1499 } catch (IOException e) {
1500 logger.warn("Failed to resolve uuids from server, ignoring: {}", e.getMessage());
1501 registeredUsers = Map.of();
1502 }
1503
1504 for (var address : addressesMissingUuid) {
1505 final var number = address.getNumber().get();
1506 if (registeredUsers.containsKey(number)) {
1507 final var newAddress = resolveSignalServiceAddress(resolveRecipientTrusted(new SignalServiceAddress(
1508 registeredUsers.get(number),
1509 number)));
1510 signalServiceAddresses.add(newAddress);
1511 } else {
1512 signalServiceAddresses.add(address);
1513 }
1514 }
1515
1516 return signalServiceAddresses.stream().map(this::resolveRecipient).collect(Collectors.toSet());
1517 }
1518
1519 private RecipientId refreshRegisteredUser(RecipientId recipientId) throws IOException {
1520 final var address = resolveSignalServiceAddress(recipientId);
1521 if (!address.getNumber().isPresent()) {
1522 return recipientId;
1523 }
1524 final var number = address.getNumber().get();
1525 final var uuidMap = getRegisteredUsers(Set.of(number));
1526 return resolveRecipientTrusted(new SignalServiceAddress(uuidMap.getOrDefault(number, null), number));
1527 }
1528
1529 private Map<String, UUID> getRegisteredUsers(final Set<String> numbers) throws IOException {
1530 try {
1531 return dependencies.getAccountManager()
1532 .getRegisteredUsers(ServiceConfig.getIasKeyStore(),
1533 numbers,
1534 serviceEnvironmentConfig.getCdsMrenclave());
1535 } catch (Quote.InvalidQuoteFormatException | UnauthenticatedQuoteException | SignatureException | UnauthenticatedResponseException | InvalidKeyException e) {
1536 throw new IOException(e);
1537 }
1538 }
1539
1540 public void sendTypingMessage(
1541 TypingAction action, Set<String> recipients
1542 ) throws IOException, UntrustedIdentityException, InvalidNumberException {
1543 final var timestamp = System.currentTimeMillis();
1544 var message = new SignalServiceTypingMessage(action.toSignalService(), timestamp, Optional.absent());
1545 sendHelper.sendTypingMessage(message, getRecipientIds(recipients));
1546 }
1547
1548 public void sendGroupTypingMessage(
1549 TypingAction action, GroupId groupId
1550 ) throws IOException, NotAGroupMemberException, GroupNotFoundException {
1551 final var timestamp = System.currentTimeMillis();
1552 final var message = new SignalServiceTypingMessage(action.toSignalService(),
1553 timestamp,
1554 Optional.of(groupId.serialize()));
1555 sendHelper.sendGroupTypingMessage(message, groupId);
1556 }
1557
1558 private SignalServiceDataMessage.Builder createMessageBuilder() {
1559 final var timestamp = System.currentTimeMillis();
1560
1561 var messageBuilder = SignalServiceDataMessage.newBuilder();
1562 messageBuilder.withTimestamp(timestamp);
1563 return messageBuilder;
1564 }
1565
1566 private SignalServiceContent decryptMessage(SignalServiceEnvelope envelope) throws InvalidMetadataMessageException, ProtocolInvalidMessageException, ProtocolDuplicateMessageException, ProtocolLegacyMessageException, ProtocolInvalidKeyIdException, InvalidMetadataVersionException, ProtocolInvalidVersionException, ProtocolNoSessionException, ProtocolInvalidKeyException, SelfSendException, UnsupportedDataMessageException, ProtocolUntrustedIdentityException, InvalidMessageStructureException {
1567 return dependencies.getCipher().decrypt(envelope);
1568 }
1569
1570 private void handleEndSession(RecipientId recipientId) {
1571 account.getSessionStore().deleteAllSessions(recipientId);
1572 }
1573
1574 private List<HandleAction> handleSignalServiceDataMessage(
1575 SignalServiceDataMessage message,
1576 boolean isSync,
1577 SignalServiceAddress source,
1578 SignalServiceAddress destination,
1579 boolean ignoreAttachments
1580 ) {
1581 var actions = new ArrayList<HandleAction>();
1582 if (message.getGroupContext().isPresent()) {
1583 if (message.getGroupContext().get().getGroupV1().isPresent()) {
1584 var groupInfo = message.getGroupContext().get().getGroupV1().get();
1585 var groupId = GroupId.v1(groupInfo.getGroupId());
1586 var group = getGroup(groupId);
1587 if (group == null || group instanceof GroupInfoV1) {
1588 var groupV1 = (GroupInfoV1) group;
1589 switch (groupInfo.getType()) {
1590 case UPDATE: {
1591 if (groupV1 == null) {
1592 groupV1 = new GroupInfoV1(groupId);
1593 }
1594
1595 if (groupInfo.getAvatar().isPresent()) {
1596 var avatar = groupInfo.getAvatar().get();
1597 downloadGroupAvatar(avatar, groupV1.getGroupId());
1598 }
1599
1600 if (groupInfo.getName().isPresent()) {
1601 groupV1.name = groupInfo.getName().get();
1602 }
1603
1604 if (groupInfo.getMembers().isPresent()) {
1605 groupV1.addMembers(groupInfo.getMembers()
1606 .get()
1607 .stream()
1608 .map(this::resolveRecipient)
1609 .collect(Collectors.toSet()));
1610 }
1611
1612 account.getGroupStore().updateGroup(groupV1);
1613 break;
1614 }
1615 case DELIVER:
1616 if (groupV1 == null && !isSync) {
1617 actions.add(new SendGroupInfoRequestAction(source, groupId));
1618 }
1619 break;
1620 case QUIT: {
1621 if (groupV1 != null) {
1622 groupV1.removeMember(resolveRecipient(source));
1623 account.getGroupStore().updateGroup(groupV1);
1624 }
1625 break;
1626 }
1627 case REQUEST_INFO:
1628 if (groupV1 != null && !isSync) {
1629 actions.add(new SendGroupInfoAction(source, groupV1.getGroupId()));
1630 }
1631 break;
1632 }
1633 } else {
1634 // Received a group v1 message for a v2 group
1635 }
1636 }
1637 if (message.getGroupContext().get().getGroupV2().isPresent()) {
1638 final var groupContext = message.getGroupContext().get().getGroupV2().get();
1639 final var groupMasterKey = groupContext.getMasterKey();
1640
1641 getOrMigrateGroup(groupMasterKey,
1642 groupContext.getRevision(),
1643 groupContext.hasSignedGroupChange() ? groupContext.getSignedGroupChange() : null);
1644 }
1645 }
1646
1647 final var conversationPartnerAddress = isSync ? destination : source;
1648 if (conversationPartnerAddress != null && message.isEndSession()) {
1649 handleEndSession(resolveRecipient(conversationPartnerAddress));
1650 }
1651 if (message.isExpirationUpdate() || message.getBody().isPresent()) {
1652 if (message.getGroupContext().isPresent()) {
1653 if (message.getGroupContext().get().getGroupV1().isPresent()) {
1654 var groupInfo = message.getGroupContext().get().getGroupV1().get();
1655 var group = account.getGroupStore().getOrCreateGroupV1(GroupId.v1(groupInfo.getGroupId()));
1656 if (group != null) {
1657 if (group.messageExpirationTime != message.getExpiresInSeconds()) {
1658 group.messageExpirationTime = message.getExpiresInSeconds();
1659 account.getGroupStore().updateGroup(group);
1660 }
1661 }
1662 } else if (message.getGroupContext().get().getGroupV2().isPresent()) {
1663 // disappearing message timer already stored in the DecryptedGroup
1664 }
1665 } else if (conversationPartnerAddress != null) {
1666 setExpirationTimer(resolveRecipient(conversationPartnerAddress), message.getExpiresInSeconds());
1667 }
1668 }
1669 if (!ignoreAttachments) {
1670 if (message.getAttachments().isPresent()) {
1671 for (var attachment : message.getAttachments().get()) {
1672 downloadAttachment(attachment);
1673 }
1674 }
1675 if (message.getSharedContacts().isPresent()) {
1676 for (var contact : message.getSharedContacts().get()) {
1677 if (contact.getAvatar().isPresent()) {
1678 downloadAttachment(contact.getAvatar().get().getAttachment());
1679 }
1680 }
1681 }
1682 }
1683 if (message.getProfileKey().isPresent() && message.getProfileKey().get().length == 32) {
1684 final ProfileKey profileKey;
1685 try {
1686 profileKey = new ProfileKey(message.getProfileKey().get());
1687 } catch (InvalidInputException e) {
1688 throw new AssertionError(e);
1689 }
1690 if (source.matches(account.getSelfAddress())) {
1691 this.account.setProfileKey(profileKey);
1692 }
1693 this.account.getProfileStore().storeProfileKey(resolveRecipient(source), profileKey);
1694 }
1695 if (message.getPreviews().isPresent()) {
1696 final var previews = message.getPreviews().get();
1697 for (var preview : previews) {
1698 if (preview.getImage().isPresent()) {
1699 downloadAttachment(preview.getImage().get());
1700 }
1701 }
1702 }
1703 if (message.getQuote().isPresent()) {
1704 final var quote = message.getQuote().get();
1705
1706 for (var quotedAttachment : quote.getAttachments()) {
1707 final var thumbnail = quotedAttachment.getThumbnail();
1708 if (thumbnail != null) {
1709 downloadAttachment(thumbnail);
1710 }
1711 }
1712 }
1713 if (message.getSticker().isPresent()) {
1714 final var messageSticker = message.getSticker().get();
1715 final var stickerPackId = StickerPackId.deserialize(messageSticker.getPackId());
1716 var sticker = account.getStickerStore().getSticker(stickerPackId);
1717 if (sticker == null) {
1718 sticker = new Sticker(stickerPackId, messageSticker.getPackKey());
1719 account.getStickerStore().updateSticker(sticker);
1720 }
1721 enqueueJob(new RetrieveStickerPackJob(stickerPackId, messageSticker.getPackKey()));
1722 }
1723 return actions;
1724 }
1725
1726 private GroupInfoV2 getOrMigrateGroup(
1727 final GroupMasterKey groupMasterKey, final int revision, final byte[] signedGroupChange
1728 ) {
1729 final var groupSecretParams = GroupSecretParams.deriveFromMasterKey(groupMasterKey);
1730
1731 var groupId = GroupUtils.getGroupIdV2(groupSecretParams);
1732 var groupInfo = getGroup(groupId);
1733 final GroupInfoV2 groupInfoV2;
1734 if (groupInfo instanceof GroupInfoV1) {
1735 // Received a v2 group message for a v1 group, we need to locally migrate the group
1736 account.getGroupStore().deleteGroupV1(((GroupInfoV1) groupInfo).getGroupId());
1737 groupInfoV2 = new GroupInfoV2(groupId, groupMasterKey);
1738 logger.info("Locally migrated group {} to group v2, id: {}",
1739 groupInfo.getGroupId().toBase64(),
1740 groupInfoV2.getGroupId().toBase64());
1741 } else if (groupInfo instanceof GroupInfoV2) {
1742 groupInfoV2 = (GroupInfoV2) groupInfo;
1743 } else {
1744 groupInfoV2 = new GroupInfoV2(groupId, groupMasterKey);
1745 }
1746
1747 if (groupInfoV2.getGroup() == null || groupInfoV2.getGroup().getRevision() < revision) {
1748 DecryptedGroup group = null;
1749 if (signedGroupChange != null
1750 && groupInfoV2.getGroup() != null
1751 && groupInfoV2.getGroup().getRevision() + 1 == revision) {
1752 group = groupV2Helper.getUpdatedDecryptedGroup(groupInfoV2.getGroup(),
1753 signedGroupChange,
1754 groupMasterKey);
1755 }
1756 if (group == null) {
1757 group = groupV2Helper.getDecryptedGroup(groupSecretParams);
1758 }
1759 if (group != null) {
1760 storeProfileKeysFromMembers(group);
1761 final var avatar = group.getAvatar();
1762 if (avatar != null && !avatar.isEmpty()) {
1763 downloadGroupAvatar(groupId, groupSecretParams, avatar);
1764 }
1765 }
1766 groupInfoV2.setGroup(group, this::resolveRecipient);
1767 account.getGroupStore().updateGroup(groupInfoV2);
1768 }
1769
1770 return groupInfoV2;
1771 }
1772
1773 private void storeProfileKeysFromMembers(final DecryptedGroup group) {
1774 for (var member : group.getMembersList()) {
1775 final var uuid = UuidUtil.parseOrThrow(member.getUuid().toByteArray());
1776 final var recipientId = account.getRecipientStore().resolveRecipient(uuid);
1777 try {
1778 account.getProfileStore()
1779 .storeProfileKey(recipientId, new ProfileKey(member.getProfileKey().toByteArray()));
1780 } catch (InvalidInputException ignored) {
1781 }
1782 }
1783 }
1784
1785 private void retryFailedReceivedMessages(ReceiveMessageHandler handler, boolean ignoreAttachments) {
1786 Set<HandleAction> queuedActions = new HashSet<>();
1787 for (var cachedMessage : account.getMessageCache().getCachedMessages()) {
1788 var actions = retryFailedReceivedMessage(handler, ignoreAttachments, cachedMessage);
1789 if (actions != null) {
1790 queuedActions.addAll(actions);
1791 }
1792 }
1793 for (var action : queuedActions) {
1794 try {
1795 action.execute(this);
1796 } catch (Throwable e) {
1797 if (e instanceof AssertionError && e.getCause() instanceof InterruptedException) {
1798 Thread.currentThread().interrupt();
1799 }
1800 logger.warn("Message action failed.", e);
1801 }
1802 }
1803 }
1804
1805 private List<HandleAction> retryFailedReceivedMessage(
1806 final ReceiveMessageHandler handler, final boolean ignoreAttachments, final CachedMessage cachedMessage
1807 ) {
1808 var envelope = cachedMessage.loadEnvelope();
1809 if (envelope == null) {
1810 return null;
1811 }
1812 SignalServiceContent content = null;
1813 List<HandleAction> actions = null;
1814 if (!envelope.isReceipt()) {
1815 try {
1816 content = decryptMessage(envelope);
1817 } catch (ProtocolUntrustedIdentityException e) {
1818 if (!envelope.hasSource()) {
1819 final var identifier = e.getSender();
1820 final var recipientId = resolveRecipient(identifier);
1821 try {
1822 account.getMessageCache().replaceSender(cachedMessage, recipientId);
1823 } catch (IOException ioException) {
1824 logger.warn("Failed to move cached message to recipient folder: {}", ioException.getMessage());
1825 }
1826 }
1827 return null;
1828 } catch (Exception er) {
1829 // All other errors are not recoverable, so delete the cached message
1830 cachedMessage.delete();
1831 return null;
1832 }
1833 actions = handleMessage(envelope, content, ignoreAttachments);
1834 }
1835 handler.handleMessage(envelope, content, null);
1836 cachedMessage.delete();
1837 return actions;
1838 }
1839
1840 public void receiveMessages(
1841 long timeout,
1842 TimeUnit unit,
1843 boolean returnOnTimeout,
1844 boolean ignoreAttachments,
1845 ReceiveMessageHandler handler
1846 ) throws IOException, InterruptedException {
1847 retryFailedReceivedMessages(handler, ignoreAttachments);
1848
1849 Set<HandleAction> queuedActions = new HashSet<>();
1850
1851 final var signalWebSocket = dependencies.getSignalWebSocket();
1852 signalWebSocket.connect();
1853
1854 var hasCaughtUpWithOldMessages = false;
1855
1856 while (!Thread.interrupted()) {
1857 SignalServiceEnvelope envelope;
1858 SignalServiceContent content = null;
1859 Exception exception = null;
1860 final CachedMessage[] cachedMessage = {null};
1861 account.setLastReceiveTimestamp(System.currentTimeMillis());
1862 logger.debug("Checking for new message from server");
1863 try {
1864 var result = signalWebSocket.readOrEmpty(unit.toMillis(timeout), envelope1 -> {
1865 final var recipientId = envelope1.hasSource()
1866 ? resolveRecipient(envelope1.getSourceIdentifier())
1867 : null;
1868 // store message on disk, before acknowledging receipt to the server
1869 cachedMessage[0] = account.getMessageCache().cacheMessage(envelope1, recipientId);
1870 });
1871 logger.debug("New message received from server");
1872 if (result.isPresent()) {
1873 envelope = result.get();
1874 } else {
1875 // Received indicator that server queue is empty
1876 hasCaughtUpWithOldMessages = true;
1877
1878 for (var action : queuedActions) {
1879 try {
1880 action.execute(this);
1881 } catch (Throwable e) {
1882 if (e instanceof AssertionError && e.getCause() instanceof InterruptedException) {
1883 Thread.currentThread().interrupt();
1884 }
1885 logger.warn("Message action failed.", e);
1886 }
1887 }
1888 queuedActions.clear();
1889
1890 // Continue to wait another timeout for new messages
1891 continue;
1892 }
1893 } catch (AssertionError e) {
1894 if (e.getCause() instanceof InterruptedException) {
1895 throw (InterruptedException) e.getCause();
1896 } else {
1897 throw e;
1898 }
1899 } catch (WebSocketUnavailableException e) {
1900 logger.debug("Pipe unexpectedly unavailable, connecting");
1901 signalWebSocket.connect();
1902 continue;
1903 } catch (TimeoutException e) {
1904 if (returnOnTimeout) return;
1905 continue;
1906 }
1907
1908 if (envelope.hasSource()) {
1909 // Store uuid if we don't have it already
1910 // address/uuid in envelope is sent by server
1911 resolveRecipientTrusted(envelope.getSourceAddress());
1912 }
1913 if (!envelope.isReceipt()) {
1914 try {
1915 content = decryptMessage(envelope);
1916 } catch (Exception e) {
1917 exception = e;
1918 }
1919 if (!envelope.hasSource() && content != null) {
1920 // Store uuid if we don't have it already
1921 // address/uuid is validated by unidentified sender certificate
1922 resolveRecipientTrusted(content.getSender());
1923 }
1924 var actions = handleMessage(envelope, content, ignoreAttachments);
1925 if (exception instanceof ProtocolInvalidMessageException) {
1926 final var sender = resolveRecipient(((ProtocolInvalidMessageException) exception).getSender());
1927 logger.debug("Received invalid message, queuing renew session action.");
1928 actions.add(new RenewSessionAction(sender));
1929 }
1930 if (hasCaughtUpWithOldMessages) {
1931 for (var action : actions) {
1932 try {
1933 action.execute(this);
1934 } catch (Throwable e) {
1935 if (e instanceof AssertionError && e.getCause() instanceof InterruptedException) {
1936 Thread.currentThread().interrupt();
1937 }
1938 logger.warn("Message action failed.", e);
1939 }
1940 }
1941 } else {
1942 queuedActions.addAll(actions);
1943 }
1944 }
1945 final var notAllowedToSendToGroup = isNotAllowedToSendToGroup(envelope, content);
1946 if (isMessageBlocked(envelope, content)) {
1947 logger.info("Ignoring a message from blocked user/group: {}", envelope.getTimestamp());
1948 } else if (notAllowedToSendToGroup) {
1949 logger.info("Ignoring a group message from an unauthorized sender (no member or admin): {} {}",
1950 (envelope.hasSource() ? envelope.getSourceAddress() : content.getSender()).getIdentifier(),
1951 envelope.getTimestamp());
1952 } else {
1953 handler.handleMessage(envelope, content, exception);
1954 }
1955 if (cachedMessage[0] != null) {
1956 if (exception instanceof ProtocolUntrustedIdentityException) {
1957 final var identifier = ((ProtocolUntrustedIdentityException) exception).getSender();
1958 final var recipientId = resolveRecipient(identifier);
1959 queuedActions.add(new RetrieveProfileAction(recipientId));
1960 if (!envelope.hasSource()) {
1961 try {
1962 cachedMessage[0] = account.getMessageCache().replaceSender(cachedMessage[0], recipientId);
1963 } catch (IOException ioException) {
1964 logger.warn("Failed to move cached message to recipient folder: {}",
1965 ioException.getMessage());
1966 }
1967 }
1968 } else {
1969 cachedMessage[0].delete();
1970 }
1971 }
1972 }
1973 }
1974
1975 private boolean isMessageBlocked(
1976 SignalServiceEnvelope envelope, SignalServiceContent content
1977 ) {
1978 SignalServiceAddress source;
1979 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
1980 source = envelope.getSourceAddress();
1981 } else if (content != null) {
1982 source = content.getSender();
1983 } else {
1984 return false;
1985 }
1986 final var recipientId = resolveRecipient(source);
1987 if (isContactBlocked(recipientId)) {
1988 return true;
1989 }
1990
1991 if (content != null && content.getDataMessage().isPresent()) {
1992 var message = content.getDataMessage().get();
1993 if (message.getGroupContext().isPresent()) {
1994 var groupId = GroupUtils.getGroupId(message.getGroupContext().get());
1995 var group = getGroup(groupId);
1996 if (group != null && group.isBlocked()) {
1997 return true;
1998 }
1999 }
2000 }
2001 return false;
2002 }
2003
2004 public boolean isContactBlocked(final String identifier) throws InvalidNumberException {
2005 final var recipientId = canonicalizeAndResolveRecipient(identifier);
2006 return isContactBlocked(recipientId);
2007 }
2008
2009 private boolean isContactBlocked(final RecipientId recipientId) {
2010 var sourceContact = account.getContactStore().getContact(recipientId);
2011 return sourceContact != null && sourceContact.isBlocked();
2012 }
2013
2014 private boolean isNotAllowedToSendToGroup(
2015 SignalServiceEnvelope envelope, SignalServiceContent content
2016 ) {
2017 SignalServiceAddress source;
2018 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
2019 source = envelope.getSourceAddress();
2020 } else if (content != null) {
2021 source = content.getSender();
2022 } else {
2023 return false;
2024 }
2025
2026 if (content == null || !content.getDataMessage().isPresent()) {
2027 return false;
2028 }
2029
2030 var message = content.getDataMessage().get();
2031 if (!message.getGroupContext().isPresent()) {
2032 return false;
2033 }
2034
2035 if (message.getGroupContext().get().getGroupV1().isPresent()) {
2036 var groupInfo = message.getGroupContext().get().getGroupV1().get();
2037 if (groupInfo.getType() == SignalServiceGroup.Type.QUIT) {
2038 return false;
2039 }
2040 }
2041
2042 var groupId = GroupUtils.getGroupId(message.getGroupContext().get());
2043 var group = getGroup(groupId);
2044 if (group == null) {
2045 return false;
2046 }
2047
2048 final var recipientId = resolveRecipient(source);
2049 return !group.isMember(recipientId) || (
2050 group.isAnnouncementGroup() && !group.isAdmin(recipientId)
2051 );
2052 }
2053
2054 private List<HandleAction> handleMessage(
2055 SignalServiceEnvelope envelope, SignalServiceContent content, boolean ignoreAttachments
2056 ) {
2057 var actions = new ArrayList<HandleAction>();
2058 if (content != null) {
2059 final SignalServiceAddress sender;
2060 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
2061 sender = envelope.getSourceAddress();
2062 } else {
2063 sender = content.getSender();
2064 }
2065
2066 if (content.getDataMessage().isPresent()) {
2067 var message = content.getDataMessage().get();
2068
2069 if (content.isNeedsReceipt()) {
2070 actions.add(new SendReceiptAction(sender, message.getTimestamp()));
2071 }
2072
2073 actions.addAll(handleSignalServiceDataMessage(message,
2074 false,
2075 sender,
2076 account.getSelfAddress(),
2077 ignoreAttachments));
2078 }
2079 if (content.getSyncMessage().isPresent()) {
2080 account.setMultiDevice(true);
2081 var syncMessage = content.getSyncMessage().get();
2082 if (syncMessage.getSent().isPresent()) {
2083 var message = syncMessage.getSent().get();
2084 final var destination = message.getDestination().orNull();
2085 actions.addAll(handleSignalServiceDataMessage(message.getMessage(),
2086 true,
2087 sender,
2088 destination,
2089 ignoreAttachments));
2090 }
2091 if (syncMessage.getRequest().isPresent() && account.isMasterDevice()) {
2092 var rm = syncMessage.getRequest().get();
2093 if (rm.isContactsRequest()) {
2094 actions.add(SendSyncContactsAction.create());
2095 }
2096 if (rm.isGroupsRequest()) {
2097 actions.add(SendSyncGroupsAction.create());
2098 }
2099 if (rm.isBlockedListRequest()) {
2100 actions.add(SendSyncBlockedListAction.create());
2101 }
2102 // TODO Handle rm.isConfigurationRequest(); rm.isKeysRequest();
2103 }
2104 if (syncMessage.getGroups().isPresent()) {
2105 File tmpFile = null;
2106 try {
2107 tmpFile = IOUtils.createTempFile();
2108 final var groupsMessage = syncMessage.getGroups().get();
2109 try (var attachmentAsStream = retrieveAttachmentAsStream(groupsMessage.asPointer(), tmpFile)) {
2110 var s = new DeviceGroupsInputStream(attachmentAsStream);
2111 DeviceGroup g;
2112 while (true) {
2113 try {
2114 g = s.read();
2115 } catch (IOException e) {
2116 logger.warn("Sync groups contained invalid group, ignoring: {}", e.getMessage());
2117 continue;
2118 }
2119 if (g == null) {
2120 break;
2121 }
2122 var syncGroup = account.getGroupStore().getOrCreateGroupV1(GroupId.v1(g.getId()));
2123 if (syncGroup != null) {
2124 if (g.getName().isPresent()) {
2125 syncGroup.name = g.getName().get();
2126 }
2127 syncGroup.addMembers(g.getMembers()
2128 .stream()
2129 .map(this::resolveRecipient)
2130 .collect(Collectors.toSet()));
2131 if (!g.isActive()) {
2132 syncGroup.removeMember(account.getSelfRecipientId());
2133 } else {
2134 // Add ourself to the member set as it's marked as active
2135 syncGroup.addMembers(List.of(account.getSelfRecipientId()));
2136 }
2137 syncGroup.blocked = g.isBlocked();
2138 if (g.getColor().isPresent()) {
2139 syncGroup.color = g.getColor().get();
2140 }
2141
2142 if (g.getAvatar().isPresent()) {
2143 downloadGroupAvatar(g.getAvatar().get(), syncGroup.getGroupId());
2144 }
2145 syncGroup.archived = g.isArchived();
2146 account.getGroupStore().updateGroup(syncGroup);
2147 }
2148 }
2149 }
2150 } catch (Exception e) {
2151 logger.warn("Failed to handle received sync groups “{}”, ignoring: {}",
2152 tmpFile,
2153 e.getMessage());
2154 } finally {
2155 if (tmpFile != null) {
2156 try {
2157 Files.delete(tmpFile.toPath());
2158 } catch (IOException e) {
2159 logger.warn("Failed to delete received groups temp file “{}”, ignoring: {}",
2160 tmpFile,
2161 e.getMessage());
2162 }
2163 }
2164 }
2165 }
2166 if (syncMessage.getBlockedList().isPresent()) {
2167 final var blockedListMessage = syncMessage.getBlockedList().get();
2168 for (var address : blockedListMessage.getAddresses()) {
2169 setContactBlocked(resolveRecipient(address), true);
2170 }
2171 for (var groupId : blockedListMessage.getGroupIds()
2172 .stream()
2173 .map(GroupId::unknownVersion)
2174 .collect(Collectors.toSet())) {
2175 try {
2176 setGroupBlocked(groupId, true);
2177 } catch (GroupNotFoundException e) {
2178 logger.warn("BlockedListMessage contained groupID that was not found in GroupStore: {}",
2179 groupId.toBase64());
2180 }
2181 }
2182 }
2183 if (syncMessage.getContacts().isPresent()) {
2184 File tmpFile = null;
2185 try {
2186 tmpFile = IOUtils.createTempFile();
2187 final var contactsMessage = syncMessage.getContacts().get();
2188 try (var attachmentAsStream = retrieveAttachmentAsStream(contactsMessage.getContactsStream()
2189 .asPointer(), tmpFile)) {
2190 var s = new DeviceContactsInputStream(attachmentAsStream);
2191 DeviceContact c;
2192 while (true) {
2193 try {
2194 c = s.read();
2195 } catch (IOException e) {
2196 logger.warn("Sync contacts contained invalid contact, ignoring: {}",
2197 e.getMessage());
2198 continue;
2199 }
2200 if (c == null) {
2201 break;
2202 }
2203 if (c.getAddress().matches(account.getSelfAddress()) && c.getProfileKey().isPresent()) {
2204 account.setProfileKey(c.getProfileKey().get());
2205 }
2206 final var recipientId = resolveRecipientTrusted(c.getAddress());
2207 var contact = account.getContactStore().getContact(recipientId);
2208 final var builder = contact == null
2209 ? Contact.newBuilder()
2210 : Contact.newBuilder(contact);
2211 if (c.getName().isPresent()) {
2212 builder.withName(c.getName().get());
2213 }
2214 if (c.getColor().isPresent()) {
2215 builder.withColor(c.getColor().get());
2216 }
2217 if (c.getProfileKey().isPresent()) {
2218 account.getProfileStore().storeProfileKey(recipientId, c.getProfileKey().get());
2219 }
2220 if (c.getVerified().isPresent()) {
2221 final var verifiedMessage = c.getVerified().get();
2222 account.getIdentityKeyStore()
2223 .setIdentityTrustLevel(resolveRecipientTrusted(verifiedMessage.getDestination()),
2224 verifiedMessage.getIdentityKey(),
2225 TrustLevel.fromVerifiedState(verifiedMessage.getVerified()));
2226 }
2227 if (c.getExpirationTimer().isPresent()) {
2228 builder.withMessageExpirationTime(c.getExpirationTimer().get());
2229 }
2230 builder.withBlocked(c.isBlocked());
2231 builder.withArchived(c.isArchived());
2232 account.getContactStore().storeContact(recipientId, builder.build());
2233
2234 if (c.getAvatar().isPresent()) {
2235 downloadContactAvatar(c.getAvatar().get(), c.getAddress());
2236 }
2237 }
2238 }
2239 } catch (Exception e) {
2240 logger.warn("Failed to handle received sync contacts “{}”, ignoring: {}",
2241 tmpFile,
2242 e.getMessage());
2243 } finally {
2244 if (tmpFile != null) {
2245 try {
2246 Files.delete(tmpFile.toPath());
2247 } catch (IOException e) {
2248 logger.warn("Failed to delete received contacts temp file “{}”, ignoring: {}",
2249 tmpFile,
2250 e.getMessage());
2251 }
2252 }
2253 }
2254 }
2255 if (syncMessage.getVerified().isPresent()) {
2256 final var verifiedMessage = syncMessage.getVerified().get();
2257 account.getIdentityKeyStore()
2258 .setIdentityTrustLevel(resolveRecipientTrusted(verifiedMessage.getDestination()),
2259 verifiedMessage.getIdentityKey(),
2260 TrustLevel.fromVerifiedState(verifiedMessage.getVerified()));
2261 }
2262 if (syncMessage.getStickerPackOperations().isPresent()) {
2263 final var stickerPackOperationMessages = syncMessage.getStickerPackOperations().get();
2264 for (var m : stickerPackOperationMessages) {
2265 if (!m.getPackId().isPresent()) {
2266 continue;
2267 }
2268 final var stickerPackId = StickerPackId.deserialize(m.getPackId().get());
2269 final var installed = !m.getType().isPresent()
2270 || m.getType().get() == StickerPackOperationMessage.Type.INSTALL;
2271
2272 var sticker = account.getStickerStore().getSticker(stickerPackId);
2273 if (m.getPackKey().isPresent()) {
2274 if (sticker == null) {
2275 sticker = new Sticker(stickerPackId, m.getPackKey().get());
2276 }
2277 if (installed) {
2278 enqueueJob(new RetrieveStickerPackJob(stickerPackId, m.getPackKey().get()));
2279 }
2280 }
2281
2282 if (sticker != null) {
2283 sticker.setInstalled(installed);
2284 account.getStickerStore().updateSticker(sticker);
2285 }
2286 }
2287 }
2288 if (syncMessage.getFetchType().isPresent()) {
2289 switch (syncMessage.getFetchType().get()) {
2290 case LOCAL_PROFILE:
2291 getRecipientProfile(account.getSelfRecipientId(), true);
2292 case STORAGE_MANIFEST:
2293 // TODO
2294 }
2295 }
2296 if (syncMessage.getKeys().isPresent()) {
2297 final var keysMessage = syncMessage.getKeys().get();
2298 if (keysMessage.getStorageService().isPresent()) {
2299 final var storageKey = keysMessage.getStorageService().get();
2300 account.setStorageKey(storageKey);
2301 }
2302 }
2303 if (syncMessage.getConfiguration().isPresent()) {
2304 // TODO
2305 }
2306 }
2307 }
2308 return actions;
2309 }
2310
2311 private void downloadContactAvatar(SignalServiceAttachment avatar, SignalServiceAddress address) {
2312 try {
2313 avatarStore.storeContactAvatar(address, outputStream -> retrieveAttachment(avatar, outputStream));
2314 } catch (IOException e) {
2315 logger.warn("Failed to download avatar for contact {}, ignoring: {}", address, e.getMessage());
2316 }
2317 }
2318
2319 private void downloadGroupAvatar(SignalServiceAttachment avatar, GroupId groupId) {
2320 try {
2321 avatarStore.storeGroupAvatar(groupId, outputStream -> retrieveAttachment(avatar, outputStream));
2322 } catch (IOException e) {
2323 logger.warn("Failed to download avatar for group {}, ignoring: {}", groupId.toBase64(), e.getMessage());
2324 }
2325 }
2326
2327 private void downloadGroupAvatar(GroupId groupId, GroupSecretParams groupSecretParams, String cdnKey) {
2328 try {
2329 avatarStore.storeGroupAvatar(groupId,
2330 outputStream -> retrieveGroupV2Avatar(groupSecretParams, cdnKey, outputStream));
2331 } catch (IOException e) {
2332 logger.warn("Failed to download avatar for group {}, ignoring: {}", groupId.toBase64(), e.getMessage());
2333 }
2334 }
2335
2336 private void downloadProfileAvatar(
2337 SignalServiceAddress address, String avatarPath, ProfileKey profileKey
2338 ) {
2339 try {
2340 avatarStore.storeProfileAvatar(address,
2341 outputStream -> retrieveProfileAvatar(avatarPath, profileKey, outputStream));
2342 } catch (Throwable e) {
2343 if (e instanceof AssertionError && e.getCause() instanceof InterruptedException) {
2344 Thread.currentThread().interrupt();
2345 }
2346 logger.warn("Failed to download profile avatar, ignoring: {}", e.getMessage());
2347 }
2348 }
2349
2350 public File getAttachmentFile(SignalServiceAttachmentRemoteId attachmentId) {
2351 return attachmentStore.getAttachmentFile(attachmentId);
2352 }
2353
2354 private void downloadAttachment(final SignalServiceAttachment attachment) {
2355 if (!attachment.isPointer()) {
2356 logger.warn("Invalid state, can't store an attachment stream.");
2357 }
2358
2359 var pointer = attachment.asPointer();
2360 if (pointer.getPreview().isPresent()) {
2361 final var preview = pointer.getPreview().get();
2362 try {
2363 attachmentStore.storeAttachmentPreview(pointer.getRemoteId(),
2364 outputStream -> outputStream.write(preview, 0, preview.length));
2365 } catch (IOException e) {
2366 logger.warn("Failed to download attachment preview, ignoring: {}", e.getMessage());
2367 }
2368 }
2369
2370 try {
2371 attachmentStore.storeAttachment(pointer.getRemoteId(),
2372 outputStream -> retrieveAttachmentPointer(pointer, outputStream));
2373 } catch (IOException e) {
2374 logger.warn("Failed to download attachment ({}), ignoring: {}", pointer.getRemoteId(), e.getMessage());
2375 }
2376 }
2377
2378 private void retrieveGroupV2Avatar(
2379 GroupSecretParams groupSecretParams, String cdnKey, OutputStream outputStream
2380 ) throws IOException {
2381 var groupOperations = dependencies.getGroupsV2Operations().forGroup(groupSecretParams);
2382
2383 var tmpFile = IOUtils.createTempFile();
2384 try (InputStream input = dependencies.getMessageReceiver()
2385 .retrieveGroupsV2ProfileAvatar(cdnKey, tmpFile, ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE)) {
2386 var encryptedData = IOUtils.readFully(input);
2387
2388 var decryptedData = groupOperations.decryptAvatar(encryptedData);
2389 outputStream.write(decryptedData);
2390 } finally {
2391 try {
2392 Files.delete(tmpFile.toPath());
2393 } catch (IOException e) {
2394 logger.warn("Failed to delete received group avatar temp file “{}”, ignoring: {}",
2395 tmpFile,
2396 e.getMessage());
2397 }
2398 }
2399 }
2400
2401 private void retrieveProfileAvatar(
2402 String avatarPath, ProfileKey profileKey, OutputStream outputStream
2403 ) throws IOException {
2404 var tmpFile = IOUtils.createTempFile();
2405 try (var input = dependencies.getMessageReceiver()
2406 .retrieveProfileAvatar(avatarPath,
2407 tmpFile,
2408 profileKey,
2409 ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE)) {
2410 // Use larger buffer size to prevent AssertionError: Need: 12272 but only have: 8192 ...
2411 IOUtils.copyStream(input, outputStream, (int) ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE);
2412 } finally {
2413 try {
2414 Files.delete(tmpFile.toPath());
2415 } catch (IOException e) {
2416 logger.warn("Failed to delete received profile avatar temp file “{}”, ignoring: {}",
2417 tmpFile,
2418 e.getMessage());
2419 }
2420 }
2421 }
2422
2423 private void retrieveAttachment(
2424 final SignalServiceAttachment attachment, final OutputStream outputStream
2425 ) throws IOException {
2426 if (attachment.isPointer()) {
2427 var pointer = attachment.asPointer();
2428 retrieveAttachmentPointer(pointer, outputStream);
2429 } else {
2430 var stream = attachment.asStream();
2431 IOUtils.copyStream(stream.getInputStream(), outputStream);
2432 }
2433 }
2434
2435 private void retrieveAttachmentPointer(
2436 SignalServiceAttachmentPointer pointer, OutputStream outputStream
2437 ) throws IOException {
2438 var tmpFile = IOUtils.createTempFile();
2439 try (var input = retrieveAttachmentAsStream(pointer, tmpFile)) {
2440 IOUtils.copyStream(input, outputStream);
2441 } catch (MissingConfigurationException | InvalidMessageException e) {
2442 throw new IOException(e);
2443 } finally {
2444 try {
2445 Files.delete(tmpFile.toPath());
2446 } catch (IOException e) {
2447 logger.warn("Failed to delete received attachment temp file “{}”, ignoring: {}",
2448 tmpFile,
2449 e.getMessage());
2450 }
2451 }
2452 }
2453
2454 private InputStream retrieveAttachmentAsStream(
2455 SignalServiceAttachmentPointer pointer, File tmpFile
2456 ) throws IOException, InvalidMessageException, MissingConfigurationException {
2457 return dependencies.getMessageReceiver()
2458 .retrieveAttachment(pointer, tmpFile, ServiceConfig.MAX_ATTACHMENT_SIZE);
2459 }
2460
2461 void sendGroups() throws IOException {
2462 var groupsFile = IOUtils.createTempFile();
2463
2464 try {
2465 try (OutputStream fos = new FileOutputStream(groupsFile)) {
2466 var out = new DeviceGroupsOutputStream(fos);
2467 for (var record : getGroups()) {
2468 if (record instanceof GroupInfoV1) {
2469 var groupInfo = (GroupInfoV1) record;
2470 out.write(new DeviceGroup(groupInfo.getGroupId().serialize(),
2471 Optional.fromNullable(groupInfo.name),
2472 groupInfo.getMembers()
2473 .stream()
2474 .map(this::resolveSignalServiceAddress)
2475 .collect(Collectors.toList()),
2476 createGroupAvatarAttachment(groupInfo.getGroupId()),
2477 groupInfo.isMember(account.getSelfRecipientId()),
2478 Optional.of(groupInfo.messageExpirationTime),
2479 Optional.fromNullable(groupInfo.color),
2480 groupInfo.blocked,
2481 Optional.absent(),
2482 groupInfo.archived));
2483 }
2484 }
2485 }
2486
2487 if (groupsFile.exists() && groupsFile.length() > 0) {
2488 try (var groupsFileStream = new FileInputStream(groupsFile)) {
2489 var attachmentStream = SignalServiceAttachment.newStreamBuilder()
2490 .withStream(groupsFileStream)
2491 .withContentType("application/octet-stream")
2492 .withLength(groupsFile.length())
2493 .build();
2494
2495 sendHelper.sendSyncMessage(SignalServiceSyncMessage.forGroups(attachmentStream));
2496 }
2497 }
2498 } finally {
2499 try {
2500 Files.delete(groupsFile.toPath());
2501 } catch (IOException e) {
2502 logger.warn("Failed to delete groups temp file “{}”, ignoring: {}", groupsFile, e.getMessage());
2503 }
2504 }
2505 }
2506
2507 public void sendContacts() throws IOException {
2508 var contactsFile = IOUtils.createTempFile();
2509
2510 try {
2511 try (OutputStream fos = new FileOutputStream(contactsFile)) {
2512 var out = new DeviceContactsOutputStream(fos);
2513 for (var contactPair : account.getContactStore().getContacts()) {
2514 final var recipientId = contactPair.first();
2515 final var contact = contactPair.second();
2516 final var address = resolveSignalServiceAddress(recipientId);
2517
2518 var currentIdentity = account.getIdentityKeyStore().getIdentity(recipientId);
2519 VerifiedMessage verifiedMessage = null;
2520 if (currentIdentity != null) {
2521 verifiedMessage = new VerifiedMessage(address,
2522 currentIdentity.getIdentityKey(),
2523 currentIdentity.getTrustLevel().toVerifiedState(),
2524 currentIdentity.getDateAdded().getTime());
2525 }
2526
2527 var profileKey = account.getProfileStore().getProfileKey(recipientId);
2528 out.write(new DeviceContact(address,
2529 Optional.fromNullable(contact.getName()),
2530 createContactAvatarAttachment(address),
2531 Optional.fromNullable(contact.getColor()),
2532 Optional.fromNullable(verifiedMessage),
2533 Optional.fromNullable(profileKey),
2534 contact.isBlocked(),
2535 Optional.of(contact.getMessageExpirationTime()),
2536 Optional.absent(),
2537 contact.isArchived()));
2538 }
2539
2540 if (account.getProfileKey() != null) {
2541 // Send our own profile key as well
2542 out.write(new DeviceContact(account.getSelfAddress(),
2543 Optional.absent(),
2544 Optional.absent(),
2545 Optional.absent(),
2546 Optional.absent(),
2547 Optional.of(account.getProfileKey()),
2548 false,
2549 Optional.absent(),
2550 Optional.absent(),
2551 false));
2552 }
2553 }
2554
2555 if (contactsFile.exists() && contactsFile.length() > 0) {
2556 try (var contactsFileStream = new FileInputStream(contactsFile)) {
2557 var attachmentStream = SignalServiceAttachment.newStreamBuilder()
2558 .withStream(contactsFileStream)
2559 .withContentType("application/octet-stream")
2560 .withLength(contactsFile.length())
2561 .build();
2562
2563 sendHelper.sendSyncMessage(SignalServiceSyncMessage.forContacts(new ContactsMessage(attachmentStream,
2564 true)));
2565 }
2566 }
2567 } finally {
2568 try {
2569 Files.delete(contactsFile.toPath());
2570 } catch (IOException e) {
2571 logger.warn("Failed to delete contacts temp file “{}”, ignoring: {}", contactsFile, e.getMessage());
2572 }
2573 }
2574 }
2575
2576 void sendBlockedList() throws IOException {
2577 var addresses = new ArrayList<SignalServiceAddress>();
2578 for (var record : account.getContactStore().getContacts()) {
2579 if (record.second().isBlocked()) {
2580 addresses.add(resolveSignalServiceAddress(record.first()));
2581 }
2582 }
2583 var groupIds = new ArrayList<byte[]>();
2584 for (var record : getGroups()) {
2585 if (record.isBlocked()) {
2586 groupIds.add(record.getGroupId().serialize());
2587 }
2588 }
2589 sendHelper.sendSyncMessage(SignalServiceSyncMessage.forBlocked(new BlockedListMessage(addresses, groupIds)));
2590 }
2591
2592 private void sendVerifiedMessage(
2593 SignalServiceAddress destination, IdentityKey identityKey, TrustLevel trustLevel
2594 ) throws IOException {
2595 var verifiedMessage = new VerifiedMessage(destination,
2596 identityKey,
2597 trustLevel.toVerifiedState(),
2598 System.currentTimeMillis());
2599 sendHelper.sendSyncMessage(SignalServiceSyncMessage.forVerified(verifiedMessage));
2600 }
2601
2602 public List<Pair<RecipientId, Contact>> getContacts() {
2603 return account.getContactStore().getContacts();
2604 }
2605
2606 public String getContactOrProfileName(String number) throws InvalidNumberException {
2607 final var recipientId = canonicalizeAndResolveRecipient(number);
2608 final var recipient = account.getRecipientStore().getRecipient(recipientId);
2609 if (recipient == null) {
2610 return null;
2611 }
2612
2613 if (recipient.getContact() != null && !Util.isEmpty(recipient.getContact().getName())) {
2614 return recipient.getContact().getName();
2615 }
2616
2617 if (recipient.getProfile() != null && recipient.getProfile() != null) {
2618 return recipient.getProfile().getDisplayName();
2619 }
2620
2621 return null;
2622 }
2623
2624 public GroupInfo getGroup(GroupId groupId) {
2625 return getGroup(groupId, false);
2626 }
2627
2628 public GroupInfo getGroup(GroupId groupId, boolean forceUpdate) {
2629 final var group = account.getGroupStore().getGroup(groupId);
2630 if (group instanceof GroupInfoV2 && (forceUpdate || ((GroupInfoV2) group).getGroup() == null)) {
2631 final var groupSecretParams = GroupSecretParams.deriveFromMasterKey(((GroupInfoV2) group).getMasterKey());
2632 ((GroupInfoV2) group).setGroup(groupV2Helper.getDecryptedGroup(groupSecretParams), this::resolveRecipient);
2633 account.getGroupStore().updateGroup(group);
2634 }
2635 return group;
2636 }
2637
2638 public List<IdentityInfo> getIdentities() {
2639 return account.getIdentityKeyStore().getIdentities();
2640 }
2641
2642 public List<IdentityInfo> getIdentities(String number) throws InvalidNumberException {
2643 final var identity = account.getIdentityKeyStore().getIdentity(canonicalizeAndResolveRecipient(number));
2644 return identity == null ? List.of() : List.of(identity);
2645 }
2646
2647 /**
2648 * Trust this the identity with this fingerprint
2649 *
2650 * @param name username of the identity
2651 * @param fingerprint Fingerprint
2652 */
2653 public boolean trustIdentityVerified(String name, byte[] fingerprint) throws InvalidNumberException {
2654 var recipientId = canonicalizeAndResolveRecipient(name);
2655 return trustIdentity(recipientId,
2656 identityKey -> Arrays.equals(identityKey.serialize(), fingerprint),
2657 TrustLevel.TRUSTED_VERIFIED);
2658 }
2659
2660 /**
2661 * Trust this the identity with this safety number
2662 *
2663 * @param name username of the identity
2664 * @param safetyNumber Safety number
2665 */
2666 public boolean trustIdentityVerifiedSafetyNumber(String name, String safetyNumber) throws InvalidNumberException {
2667 var recipientId = canonicalizeAndResolveRecipient(name);
2668 var address = account.getRecipientStore().resolveServiceAddress(recipientId);
2669 return trustIdentity(recipientId,
2670 identityKey -> safetyNumber.equals(computeSafetyNumber(address, identityKey)),
2671 TrustLevel.TRUSTED_VERIFIED);
2672 }
2673
2674 /**
2675 * Trust this the identity with this scannable safety number
2676 *
2677 * @param name username of the identity
2678 * @param safetyNumber Scannable safety number
2679 */
2680 public boolean trustIdentityVerifiedSafetyNumber(String name, byte[] safetyNumber) throws InvalidNumberException {
2681 var recipientId = canonicalizeAndResolveRecipient(name);
2682 var address = account.getRecipientStore().resolveServiceAddress(recipientId);
2683 return trustIdentity(recipientId, identityKey -> {
2684 final var fingerprint = computeSafetyNumberFingerprint(address, identityKey);
2685 try {
2686 return fingerprint != null && fingerprint.getScannableFingerprint().compareTo(safetyNumber);
2687 } catch (FingerprintVersionMismatchException | FingerprintParsingException e) {
2688 return false;
2689 }
2690 }, TrustLevel.TRUSTED_VERIFIED);
2691 }
2692
2693 /**
2694 * Trust all keys of this identity without verification
2695 *
2696 * @param name username of the identity
2697 */
2698 public boolean trustIdentityAllKeys(String name) throws InvalidNumberException {
2699 var recipientId = canonicalizeAndResolveRecipient(name);
2700 return trustIdentity(recipientId, identityKey -> true, TrustLevel.TRUSTED_UNVERIFIED);
2701 }
2702
2703 private boolean trustIdentity(
2704 RecipientId recipientId, Function<IdentityKey, Boolean> verifier, TrustLevel trustLevel
2705 ) {
2706 var identity = account.getIdentityKeyStore().getIdentity(recipientId);
2707 if (identity == null) {
2708 return false;
2709 }
2710
2711 if (!verifier.apply(identity.getIdentityKey())) {
2712 return false;
2713 }
2714
2715 account.getIdentityKeyStore().setIdentityTrustLevel(recipientId, identity.getIdentityKey(), trustLevel);
2716 try {
2717 var address = account.getRecipientStore().resolveServiceAddress(recipientId);
2718 sendVerifiedMessage(address, identity.getIdentityKey(), trustLevel);
2719 } catch (IOException e) {
2720 logger.warn("Failed to send verification sync message: {}", e.getMessage());
2721 }
2722
2723 return true;
2724 }
2725
2726 private void handleIdentityFailure(
2727 final RecipientId recipientId, final SendMessageResult.IdentityFailure identityFailure
2728 ) {
2729 final var identityKey = identityFailure.getIdentityKey();
2730 if (identityKey != null) {
2731 final var newIdentity = account.getIdentityKeyStore().saveIdentity(recipientId, identityKey, new Date());
2732 if (newIdentity) {
2733 account.getSessionStore().archiveSessions(recipientId);
2734 }
2735 } else {
2736 // Retrieve profile to get the current identity key from the server
2737 retrieveEncryptedProfile(recipientId);
2738 }
2739 }
2740
2741 public String computeSafetyNumber(SignalServiceAddress theirAddress, IdentityKey theirIdentityKey) {
2742 final Fingerprint fingerprint = computeSafetyNumberFingerprint(theirAddress, theirIdentityKey);
2743 return fingerprint == null ? null : fingerprint.getDisplayableFingerprint().getDisplayText();
2744 }
2745
2746 public byte[] computeSafetyNumberForScanning(SignalServiceAddress theirAddress, IdentityKey theirIdentityKey) {
2747 final Fingerprint fingerprint = computeSafetyNumberFingerprint(theirAddress, theirIdentityKey);
2748 return fingerprint == null ? null : fingerprint.getScannableFingerprint().getSerialized();
2749 }
2750
2751 private Fingerprint computeSafetyNumberFingerprint(
2752 final SignalServiceAddress theirAddress, final IdentityKey theirIdentityKey
2753 ) {
2754 return Utils.computeSafetyNumber(capabilities.isUuid(),
2755 account.getSelfAddress(),
2756 getIdentityKeyPair().getPublicKey(),
2757 theirAddress,
2758 theirIdentityKey);
2759 }
2760
2761 @Deprecated
2762 public SignalServiceAddress resolveSignalServiceAddress(String identifier) {
2763 var address = Utils.getSignalServiceAddressFromIdentifier(identifier);
2764
2765 return resolveSignalServiceAddress(address);
2766 }
2767
2768 @Deprecated
2769 public SignalServiceAddress resolveSignalServiceAddress(SignalServiceAddress address) {
2770 if (address.matches(account.getSelfAddress())) {
2771 return account.getSelfAddress();
2772 }
2773
2774 return account.getRecipientStore().resolveServiceAddress(address);
2775 }
2776
2777 public SignalServiceAddress resolveSignalServiceAddress(RecipientId recipientId) {
2778 return account.getRecipientStore().resolveServiceAddress(recipientId);
2779 }
2780
2781 private RecipientId canonicalizeAndResolveRecipient(String identifier) throws InvalidNumberException {
2782 var canonicalizedNumber = UuidUtil.isUuid(identifier) ? identifier : canonicalizePhoneNumber(identifier);
2783
2784 return resolveRecipient(canonicalizedNumber);
2785 }
2786
2787 private String canonicalizePhoneNumber(final String number) throws InvalidNumberException {
2788 return PhoneNumberFormatter.formatNumber(number, account.getUsername());
2789 }
2790
2791 private RecipientId resolveRecipient(final String identifier) {
2792 var address = Utils.getSignalServiceAddressFromIdentifier(identifier);
2793
2794 return resolveRecipient(address);
2795 }
2796
2797 public RecipientId resolveRecipient(SignalServiceAddress address) {
2798 return account.getRecipientStore().resolveRecipient(address);
2799 }
2800
2801 private RecipientId resolveRecipientTrusted(SignalServiceAddress address) {
2802 return account.getRecipientStore().resolveRecipientTrusted(address);
2803 }
2804
2805 private void enqueueJob(Job job) {
2806 var context = new Context(account,
2807 dependencies.getAccountManager(),
2808 dependencies.getMessageReceiver(),
2809 stickerPackStore);
2810 job.run(context);
2811 }
2812
2813 @Override
2814 public void close() throws IOException {
2815 close(true);
2816 }
2817
2818 void close(boolean closeAccount) throws IOException {
2819 executor.shutdown();
2820
2821 dependencies.getSignalWebSocket().disconnect();
2822
2823 if (closeAccount && account != null) {
2824 account.close();
2825 }
2826 account = null;
2827 }
2828
2829 public interface ReceiveMessageHandler {
2830
2831 void handleMessage(SignalServiceEnvelope envelope, SignalServiceContent decryptedContent, Throwable e);
2832 }
2833 }
[GitHub/AsamK] signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Codeberg
GitHub
GitLab
SourceHut