]> nmode's Git Repositories - signal-cli/blob - lib/src/main/java/org/asamk/signal/manager/Manager.java
git.nmode.ca / signal-cli / blob
? search:


8d480044436f888ab26b102c88048d64c1af7bac
[signal-cli] / lib / src / main / java / org / asamk / signal / manager / Manager.java
1 /*
2 Copyright (C) 2015-2021 AsamK and contributors
3
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation, either version 3 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>.
16 */
17 package org.asamk.signal.manager;
18
19 import org.asamk.signal.manager.api.Device;
20 import org.asamk.signal.manager.config.ServiceConfig;
21 import org.asamk.signal.manager.config.ServiceEnvironment;
22 import org.asamk.signal.manager.config.ServiceEnvironmentConfig;
23 import org.asamk.signal.manager.groups.GroupId;
24 import org.asamk.signal.manager.groups.GroupIdV1;
25 import org.asamk.signal.manager.groups.GroupInviteLinkUrl;
26 import org.asamk.signal.manager.groups.GroupNotFoundException;
27 import org.asamk.signal.manager.groups.GroupUtils;
28 import org.asamk.signal.manager.groups.NotAGroupMemberException;
29 import org.asamk.signal.manager.helper.GroupHelper;
30 import org.asamk.signal.manager.helper.PinHelper;
31 import org.asamk.signal.manager.helper.ProfileHelper;
32 import org.asamk.signal.manager.helper.UnidentifiedAccessHelper;
33 import org.asamk.signal.manager.storage.SignalAccount;
34 import org.asamk.signal.manager.storage.groups.GroupInfo;
35 import org.asamk.signal.manager.storage.groups.GroupInfoV1;
36 import org.asamk.signal.manager.storage.groups.GroupInfoV2;
37 import org.asamk.signal.manager.storage.identities.IdentityInfo;
38 import org.asamk.signal.manager.storage.messageCache.CachedMessage;
39 import org.asamk.signal.manager.storage.recipients.Contact;
40 import org.asamk.signal.manager.storage.recipients.Profile;
41 import org.asamk.signal.manager.storage.recipients.RecipientId;
42 import org.asamk.signal.manager.storage.stickers.Sticker;
43 import org.asamk.signal.manager.storage.stickers.StickerPackId;
44 import org.asamk.signal.manager.util.AttachmentUtils;
45 import org.asamk.signal.manager.util.IOUtils;
46 import org.asamk.signal.manager.util.KeyUtils;
47 import org.asamk.signal.manager.util.ProfileUtils;
48 import org.asamk.signal.manager.util.StickerUtils;
49 import org.asamk.signal.manager.util.Utils;
50 import org.signal.libsignal.metadata.InvalidMetadataMessageException;
51 import org.signal.libsignal.metadata.InvalidMetadataVersionException;
52 import org.signal.libsignal.metadata.ProtocolDuplicateMessageException;
53 import org.signal.libsignal.metadata.ProtocolInvalidKeyException;
54 import org.signal.libsignal.metadata.ProtocolInvalidKeyIdException;
55 import org.signal.libsignal.metadata.ProtocolInvalidMessageException;
56 import org.signal.libsignal.metadata.ProtocolInvalidVersionException;
57 import org.signal.libsignal.metadata.ProtocolLegacyMessageException;
58 import org.signal.libsignal.metadata.ProtocolNoSessionException;
59 import org.signal.libsignal.metadata.ProtocolUntrustedIdentityException;
60 import org.signal.libsignal.metadata.SelfSendException;
61 import org.signal.libsignal.metadata.certificate.CertificateValidator;
62 import org.signal.storageservice.protos.groups.GroupChange;
63 import org.signal.storageservice.protos.groups.local.DecryptedGroup;
64 import org.signal.zkgroup.InvalidInputException;
65 import org.signal.zkgroup.VerificationFailedException;
66 import org.signal.zkgroup.groups.GroupMasterKey;
67 import org.signal.zkgroup.groups.GroupSecretParams;
68 import org.signal.zkgroup.profiles.ClientZkProfileOperations;
69 import org.signal.zkgroup.profiles.ProfileKey;
70 import org.signal.zkgroup.profiles.ProfileKeyCredential;
71 import org.slf4j.Logger;
72 import org.slf4j.LoggerFactory;
73 import org.whispersystems.libsignal.IdentityKey;
74 import org.whispersystems.libsignal.IdentityKeyPair;
75 import org.whispersystems.libsignal.InvalidKeyException;
76 import org.whispersystems.libsignal.InvalidMessageException;
77 import org.whispersystems.libsignal.ecc.ECPublicKey;
78 import org.whispersystems.libsignal.state.PreKeyRecord;
79 import org.whispersystems.libsignal.state.SignedPreKeyRecord;
80 import org.whispersystems.libsignal.util.Pair;
81 import org.whispersystems.libsignal.util.guava.Optional;
82 import org.whispersystems.signalservice.api.SignalServiceAccountManager;
83 import org.whispersystems.signalservice.api.SignalServiceMessagePipe;
84 import org.whispersystems.signalservice.api.SignalServiceMessageReceiver;
85 import org.whispersystems.signalservice.api.SignalServiceMessageSender;
86 import org.whispersystems.signalservice.api.crypto.SignalServiceCipher;
87 import org.whispersystems.signalservice.api.crypto.UntrustedIdentityException;
88 import org.whispersystems.signalservice.api.groupsv2.ClientZkOperations;
89 import org.whispersystems.signalservice.api.groupsv2.GroupLinkNotActiveException;
90 import org.whispersystems.signalservice.api.groupsv2.GroupsV2Api;
91 import org.whispersystems.signalservice.api.groupsv2.GroupsV2AuthorizationString;
92 import org.whispersystems.signalservice.api.groupsv2.GroupsV2Operations;
93 import org.whispersystems.signalservice.api.messages.SendMessageResult;
94 import org.whispersystems.signalservice.api.messages.SignalServiceAttachment;
95 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentPointer;
96 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentRemoteId;
97 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentStream;
98 import org.whispersystems.signalservice.api.messages.SignalServiceContent;
99 import org.whispersystems.signalservice.api.messages.SignalServiceDataMessage;
100 import org.whispersystems.signalservice.api.messages.SignalServiceEnvelope;
101 import org.whispersystems.signalservice.api.messages.SignalServiceGroup;
102 import org.whispersystems.signalservice.api.messages.SignalServiceGroupV2;
103 import org.whispersystems.signalservice.api.messages.SignalServiceReceiptMessage;
104 import org.whispersystems.signalservice.api.messages.multidevice.BlockedListMessage;
105 import org.whispersystems.signalservice.api.messages.multidevice.ContactsMessage;
106 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContact;
107 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContactsInputStream;
108 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContactsOutputStream;
109 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroup;
110 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroupsInputStream;
111 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroupsOutputStream;
112 import org.whispersystems.signalservice.api.messages.multidevice.RequestMessage;
113 import org.whispersystems.signalservice.api.messages.multidevice.SentTranscriptMessage;
114 import org.whispersystems.signalservice.api.messages.multidevice.SignalServiceSyncMessage;
115 import org.whispersystems.signalservice.api.messages.multidevice.StickerPackOperationMessage;
116 import org.whispersystems.signalservice.api.messages.multidevice.VerifiedMessage;
117 import org.whispersystems.signalservice.api.profiles.ProfileAndCredential;
118 import org.whispersystems.signalservice.api.profiles.SignalServiceProfile;
119 import org.whispersystems.signalservice.api.push.SignalServiceAddress;
120 import org.whispersystems.signalservice.api.push.exceptions.MissingConfigurationException;
121 import org.whispersystems.signalservice.api.push.exceptions.UnregisteredUserException;
122 import org.whispersystems.signalservice.api.util.DeviceNameUtil;
123 import org.whispersystems.signalservice.api.util.InvalidNumberException;
124 import org.whispersystems.signalservice.api.util.PhoneNumberFormatter;
125 import org.whispersystems.signalservice.api.util.SleepTimer;
126 import org.whispersystems.signalservice.api.util.UptimeSleepTimer;
127 import org.whispersystems.signalservice.api.util.UuidUtil;
128 import org.whispersystems.signalservice.internal.contacts.crypto.Quote;
129 import org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedQuoteException;
130 import org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedResponseException;
131 import org.whispersystems.signalservice.internal.push.SignalServiceProtos;
132 import org.whispersystems.signalservice.internal.push.UnsupportedDataMessageException;
133 import org.whispersystems.signalservice.internal.util.DynamicCredentialsProvider;
134 import org.whispersystems.signalservice.internal.util.Hex;
135 import org.whispersystems.signalservice.internal.util.Util;
136
137 import java.io.Closeable;
138 import java.io.File;
139 import java.io.FileInputStream;
140 import java.io.FileOutputStream;
141 import java.io.IOException;
142 import java.io.InputStream;
143 import java.io.OutputStream;
144 import java.net.URI;
145 import java.net.URISyntaxException;
146 import java.net.URLEncoder;
147 import java.nio.charset.StandardCharsets;
148 import java.nio.file.Files;
149 import java.security.SignatureException;
150 import java.util.ArrayList;
151 import java.util.Arrays;
152 import java.util.Base64;
153 import java.util.Collection;
154 import java.util.Date;
155 import java.util.HashSet;
156 import java.util.List;
157 import java.util.Map;
158 import java.util.Set;
159 import java.util.UUID;
160 import java.util.concurrent.ExecutorService;
161 import java.util.concurrent.Executors;
162 import java.util.concurrent.TimeUnit;
163 import java.util.concurrent.TimeoutException;
164 import java.util.function.Function;
165 import java.util.stream.Collectors;
166
167 import static org.asamk.signal.manager.config.ServiceConfig.capabilities;
168
169 public class Manager implements Closeable {
170
171 private final static Logger logger = LoggerFactory.getLogger(Manager.class);
172
173 private final CertificateValidator certificateValidator;
174
175 private final ServiceEnvironmentConfig serviceEnvironmentConfig;
176 private final String userAgent;
177
178 private SignalAccount account;
179 private final SignalServiceAccountManager accountManager;
180 private final GroupsV2Api groupsV2Api;
181 private final GroupsV2Operations groupsV2Operations;
182 private final SignalServiceMessageReceiver messageReceiver;
183 private final ClientZkProfileOperations clientZkProfileOperations;
184
185 private final ExecutorService executor = Executors.newCachedThreadPool();
186
187 private SignalServiceMessagePipe messagePipe = null;
188 private SignalServiceMessagePipe unidentifiedMessagePipe = null;
189
190 private final UnidentifiedAccessHelper unidentifiedAccessHelper;
191 private final ProfileHelper profileHelper;
192 private final GroupHelper groupHelper;
193 private final PinHelper pinHelper;
194 private final AvatarStore avatarStore;
195 private final AttachmentStore attachmentStore;
196
197 Manager(
198 SignalAccount account,
199 PathConfig pathConfig,
200 ServiceEnvironmentConfig serviceEnvironmentConfig,
201 String userAgent
202 ) {
203 this.account = account;
204 this.serviceEnvironmentConfig = serviceEnvironmentConfig;
205 this.certificateValidator = new CertificateValidator(serviceEnvironmentConfig.getUnidentifiedSenderTrustRoot());
206 this.userAgent = userAgent;
207 this.groupsV2Operations = capabilities.isGv2() ? new GroupsV2Operations(ClientZkOperations.create(
208 serviceEnvironmentConfig.getSignalServiceConfiguration())) : null;
209 final SleepTimer timer = new UptimeSleepTimer();
210 this.accountManager = new SignalServiceAccountManager(serviceEnvironmentConfig.getSignalServiceConfiguration(),
211 new DynamicCredentialsProvider(account.getUuid(),
212 account.getUsername(),
213 account.getPassword(),
214 account.getDeviceId()),
215 userAgent,
216 groupsV2Operations,
217 ServiceConfig.AUTOMATIC_NETWORK_RETRY,
218 timer);
219 this.groupsV2Api = accountManager.getGroupsV2Api();
220 final var keyBackupService = accountManager.getKeyBackupService(ServiceConfig.getIasKeyStore(),
221 serviceEnvironmentConfig.getKeyBackupConfig().getEnclaveName(),
222 serviceEnvironmentConfig.getKeyBackupConfig().getServiceId(),
223 serviceEnvironmentConfig.getKeyBackupConfig().getMrenclave(),
224 10);
225
226 this.pinHelper = new PinHelper(keyBackupService);
227 this.clientZkProfileOperations = capabilities.isGv2()
228 ? ClientZkOperations.create(serviceEnvironmentConfig.getSignalServiceConfiguration())
229 .getProfileOperations()
230 : null;
231 this.messageReceiver = new SignalServiceMessageReceiver(serviceEnvironmentConfig.getSignalServiceConfiguration(),
232 account.getUuid(),
233 account.getUsername(),
234 account.getPassword(),
235 account.getDeviceId(),
236 userAgent,
237 null,
238 timer,
239 clientZkProfileOperations,
240 ServiceConfig.AUTOMATIC_NETWORK_RETRY);
241
242 this.unidentifiedAccessHelper = new UnidentifiedAccessHelper(account::getProfileKey,
243 account.getProfileStore()::getProfileKey,
244 this::getRecipientProfile,
245 this::getSenderCertificate);
246 this.profileHelper = new ProfileHelper(account.getProfileStore()::getProfileKey,
247 unidentifiedAccessHelper::getAccessFor,
248 unidentified -> unidentified ? getOrCreateUnidentifiedMessagePipe() : getOrCreateMessagePipe(),
249 () -> messageReceiver,
250 this::resolveSignalServiceAddress);
251 this.groupHelper = new GroupHelper(this::getRecipientProfileKeyCredential,
252 this::getRecipientProfile,
253 account::getSelfRecipientId,
254 groupsV2Operations,
255 groupsV2Api,
256 this::getGroupAuthForToday,
257 this::resolveSignalServiceAddress);
258 this.avatarStore = new AvatarStore(pathConfig.getAvatarsPath());
259 this.attachmentStore = new AttachmentStore(pathConfig.getAttachmentsPath());
260 }
261
262 public String getUsername() {
263 return account.getUsername();
264 }
265
266 public SignalServiceAddress getSelfAddress() {
267 return account.getSelfAddress();
268 }
269
270 public RecipientId getSelfRecipientId() {
271 return account.getSelfRecipientId();
272 }
273
274 private IdentityKeyPair getIdentityKeyPair() {
275 return account.getIdentityKeyPair();
276 }
277
278 public int getDeviceId() {
279 return account.getDeviceId();
280 }
281
282 public static Manager init(
283 String username, File settingsPath, ServiceEnvironment serviceEnvironment, String userAgent
284 ) throws IOException, NotRegisteredException {
285 var pathConfig = PathConfig.createDefault(settingsPath);
286
287 if (!SignalAccount.userExists(pathConfig.getDataPath(), username)) {
288 throw new NotRegisteredException();
289 }
290
291 var account = SignalAccount.load(pathConfig.getDataPath(), username, true);
292
293 if (!account.isRegistered()) {
294 throw new NotRegisteredException();
295 }
296
297 final var serviceEnvironmentConfig = ServiceConfig.getServiceEnvironmentConfig(serviceEnvironment, userAgent);
298
299 return new Manager(account, pathConfig, serviceEnvironmentConfig, userAgent);
300 }
301
302 public static List<String> getAllLocalUsernames(File settingsPath) {
303 var pathConfig = PathConfig.createDefault(settingsPath);
304 final var dataPath = pathConfig.getDataPath();
305 final var files = dataPath.listFiles();
306
307 if (files == null) {
308 return List.of();
309 }
310
311 return Arrays.stream(files)
312 .filter(File::isFile)
313 .map(File::getName)
314 .filter(file -> PhoneNumberFormatter.isValidNumber(file, null))
315 .collect(Collectors.toList());
316 }
317
318 public void checkAccountState() throws IOException {
319 if (accountManager.getPreKeysCount() < ServiceConfig.PREKEY_MINIMUM_COUNT) {
320 refreshPreKeys();
321 }
322 if (account.getUuid() == null) {
323 account.setUuid(accountManager.getOwnUuid());
324 }
325 updateAccountAttributes();
326 }
327
328 /**
329 * This is used for checking a set of phone numbers for registration on Signal
330 *
331 * @param numbers The set of phone number in question
332 * @return A map of numbers to booleans. True if registered, false otherwise. Should never be null
333 * @throws IOException if its unable to get the contacts to check if they're registered
334 */
335 public Map<String, Boolean> areUsersRegistered(Set<String> numbers) throws IOException {
336 // Note "contactDetails" has no optionals. It only gives us info on users who are registered
337 var contactDetails = getRegisteredUsers(numbers);
338
339 var registeredUsers = contactDetails.keySet();
340
341 return numbers.stream().collect(Collectors.toMap(x -> x, registeredUsers::contains));
342 }
343
344 public void updateAccountAttributes() throws IOException {
345 accountManager.setAccountAttributes(account.getEncryptedDeviceName(),
346 null,
347 account.getLocalRegistrationId(),
348 true,
349 // set legacy pin only if no KBS master key is set
350 account.getPinMasterKey() == null ? account.getRegistrationLockPin() : null,
351 account.getPinMasterKey() == null ? null : account.getPinMasterKey().deriveRegistrationLock(),
352 account.getSelfUnidentifiedAccessKey(),
353 account.isUnrestrictedUnidentifiedAccess(),
354 capabilities,
355 account.isDiscoverableByPhoneNumber());
356 }
357
358 /**
359 * @param givenName if null, the previous givenName will be kept
360 * @param familyName if null, the previous familyName will be kept
361 * @param about if null, the previous about text will be kept
362 * @param aboutEmoji if null, the previous about emoji will be kept
363 * @param avatar if avatar is null the image from the local avatar store is used (if present),
364 */
365 public void setProfile(
366 String givenName, final String familyName, String about, String aboutEmoji, Optional<File> avatar
367 ) throws IOException {
368 var profile = getRecipientProfile(account.getSelfRecipientId());
369 var builder = profile == null ? Profile.newBuilder() : Profile.newBuilder(profile);
370 if (givenName != null) {
371 builder.withGivenName(givenName);
372 }
373 if (familyName != null) {
374 builder.withFamilyName(familyName);
375 }
376 if (about != null) {
377 builder.withAbout(about);
378 }
379 if (aboutEmoji != null) {
380 builder.withAboutEmoji(aboutEmoji);
381 }
382 var newProfile = builder.build();
383
384 try (final var streamDetails = avatar == null
385 ? avatarStore.retrieveProfileAvatar(getSelfAddress())
386 : avatar.isPresent() ? Utils.createStreamDetailsFromFile(avatar.get()) : null) {
387 accountManager.setVersionedProfile(account.getUuid(),
388 account.getProfileKey(),
389 newProfile.getInternalServiceName(),
390 newProfile.getAbout() == null ? "" : newProfile.getAbout(),
391 newProfile.getAboutEmoji() == null ? "" : newProfile.getAboutEmoji(),
392 streamDetails);
393 }
394
395 if (avatar != null) {
396 if (avatar.isPresent()) {
397 avatarStore.storeProfileAvatar(getSelfAddress(),
398 outputStream -> IOUtils.copyFileToStream(avatar.get(), outputStream));
399 } else {
400 avatarStore.deleteProfileAvatar(getSelfAddress());
401 }
402 }
403 account.getProfileStore().storeProfile(account.getSelfRecipientId(), newProfile);
404
405 try {
406 sendSyncMessage(SignalServiceSyncMessage.forFetchLatest(SignalServiceSyncMessage.FetchType.LOCAL_PROFILE));
407 } catch (UntrustedIdentityException ignored) {
408 }
409 }
410
411 public void unregister() throws IOException {
412 // When setting an empty GCM id, the Signal-Server also sets the fetchesMessages property to false.
413 // If this is the master device, other users can't send messages to this number anymore.
414 // If this is a linked device, other users can still send messages, but this device doesn't receive them anymore.
415 accountManager.setGcmId(Optional.absent());
416
417 account.setRegistered(false);
418 }
419
420 public void deleteAccount() throws IOException {
421 accountManager.deleteAccount();
422
423 account.setRegistered(false);
424 }
425
426 public List<Device> getLinkedDevices() throws IOException {
427 var devices = accountManager.getDevices();
428 account.setMultiDevice(devices.size() > 1);
429 var identityKey = account.getIdentityKeyPair().getPrivateKey();
430 return devices.stream().map(d -> {
431 String deviceName = d.getName();
432 if (deviceName != null) {
433 try {
434 deviceName = DeviceNameUtil.decryptDeviceName(deviceName, identityKey);
435 } catch (IOException e) {
436 logger.debug("Failed to decrypt device name, maybe plain text?", e);
437 }
438 }
439 return new Device(d.getId(), deviceName, d.getCreated(), d.getLastSeen());
440 }).collect(Collectors.toList());
441 }
442
443 public void removeLinkedDevices(int deviceId) throws IOException {
444 accountManager.removeDevice(deviceId);
445 var devices = accountManager.getDevices();
446 account.setMultiDevice(devices.size() > 1);
447 }
448
449 public void addDeviceLink(URI linkUri) throws IOException, InvalidKeyException {
450 var info = DeviceLinkInfo.parseDeviceLinkUri(linkUri);
451
452 addDevice(info.deviceIdentifier, info.deviceKey);
453 }
454
455 private void addDevice(String deviceIdentifier, ECPublicKey deviceKey) throws IOException, InvalidKeyException {
456 var identityKeyPair = getIdentityKeyPair();
457 var verificationCode = accountManager.getNewDeviceVerificationCode();
458
459 accountManager.addDevice(deviceIdentifier,
460 deviceKey,
461 identityKeyPair,
462 Optional.of(account.getProfileKey().serialize()),
463 verificationCode);
464 account.setMultiDevice(true);
465 }
466
467 public void setRegistrationLockPin(Optional<String> pin) throws IOException, UnauthenticatedResponseException {
468 if (!account.isMasterDevice()) {
469 throw new RuntimeException("Only master device can set a PIN");
470 }
471 if (pin.isPresent()) {
472 final var masterKey = account.getPinMasterKey() != null
473 ? account.getPinMasterKey()
474 : KeyUtils.createMasterKey();
475
476 pinHelper.setRegistrationLockPin(pin.get(), masterKey);
477
478 account.setRegistrationLockPin(pin.get(), masterKey);
479 } else {
480 // Remove legacy registration lock
481 accountManager.removeRegistrationLockV1();
482
483 // Remove KBS Pin
484 pinHelper.removeRegistrationLockPin();
485
486 account.setRegistrationLockPin(null, null);
487 }
488 }
489
490 void refreshPreKeys() throws IOException {
491 var oneTimePreKeys = generatePreKeys();
492 final var identityKeyPair = getIdentityKeyPair();
493 var signedPreKeyRecord = generateSignedPreKey(identityKeyPair);
494
495 accountManager.setPreKeys(identityKeyPair.getPublicKey(), signedPreKeyRecord, oneTimePreKeys);
496 }
497
498 private List<PreKeyRecord> generatePreKeys() {
499 final var offset = account.getPreKeyIdOffset();
500
501 var records = KeyUtils.generatePreKeyRecords(offset, ServiceConfig.PREKEY_BATCH_SIZE);
502 account.addPreKeys(records);
503
504 return records;
505 }
506
507 private SignedPreKeyRecord generateSignedPreKey(IdentityKeyPair identityKeyPair) {
508 final var signedPreKeyId = account.getNextSignedPreKeyId();
509
510 var record = KeyUtils.generateSignedPreKeyRecord(identityKeyPair, signedPreKeyId);
511 account.addSignedPreKey(record);
512
513 return record;
514 }
515
516 private SignalServiceMessagePipe getOrCreateMessagePipe() {
517 if (messagePipe == null) {
518 messagePipe = messageReceiver.createMessagePipe();
519 }
520 return messagePipe;
521 }
522
523 private SignalServiceMessagePipe getOrCreateUnidentifiedMessagePipe() {
524 if (unidentifiedMessagePipe == null) {
525 unidentifiedMessagePipe = messageReceiver.createUnidentifiedMessagePipe();
526 }
527 return unidentifiedMessagePipe;
528 }
529
530 private SignalServiceMessageSender createMessageSender() {
531 return new SignalServiceMessageSender(serviceEnvironmentConfig.getSignalServiceConfiguration(),
532 account.getUuid(),
533 account.getUsername(),
534 account.getPassword(),
535 account.getDeviceId(),
536 account.getSignalProtocolStore(),
537 userAgent,
538 account.isMultiDevice(),
539 Optional.fromNullable(messagePipe),
540 Optional.fromNullable(unidentifiedMessagePipe),
541 Optional.absent(),
542 clientZkProfileOperations,
543 executor,
544 ServiceConfig.MAX_ENVELOPE_SIZE,
545 ServiceConfig.AUTOMATIC_NETWORK_RETRY);
546 }
547
548 public Profile getRecipientProfile(
549 RecipientId recipientId
550 ) {
551 return getRecipientProfile(recipientId, false);
552 }
553
554 private final Set<RecipientId> pendingProfileRequest = new HashSet<>();
555
556 Profile getRecipientProfile(
557 RecipientId recipientId, boolean force
558 ) {
559 var profileKey = account.getProfileStore().getProfileKey(recipientId);
560 if (profileKey == null) {
561 if (force) {
562 // retrieve profile to get identity key
563 retrieveEncryptedProfile(recipientId);
564 }
565 return null;
566 }
567 var profile = account.getProfileStore().getProfile(recipientId);
568
569 var now = new Date().getTime();
570 // Profiles are cached for 24h before retrieving them again, unless forced
571 if (!force && profile != null && now - profile.getLastUpdateTimestamp() < 24 * 60 * 60 * 1000) {
572 return profile;
573 }
574
575 synchronized (pendingProfileRequest) {
576 if (pendingProfileRequest.contains(recipientId)) {
577 return profile;
578 }
579 pendingProfileRequest.add(recipientId);
580 }
581 final SignalServiceProfile encryptedProfile;
582 try {
583 encryptedProfile = retrieveEncryptedProfile(recipientId);
584 } finally {
585 synchronized (pendingProfileRequest) {
586 pendingProfileRequest.remove(recipientId);
587 }
588 }
589 if (encryptedProfile == null) {
590 return null;
591 }
592
593 profile = decryptProfileAndDownloadAvatar(recipientId, profileKey, encryptedProfile);
594 account.getProfileStore().storeProfile(recipientId, profile);
595
596 return profile;
597 }
598
599 private SignalServiceProfile retrieveEncryptedProfile(RecipientId recipientId) {
600 try {
601 return retrieveProfileAndCredential(recipientId, SignalServiceProfile.RequestType.PROFILE).getProfile();
602 } catch (IOException e) {
603 logger.warn("Failed to retrieve profile, ignoring: {}", e.getMessage());
604 return null;
605 }
606 }
607
608 private ProfileAndCredential retrieveProfileAndCredential(
609 final RecipientId recipientId, final SignalServiceProfile.RequestType requestType
610 ) throws IOException {
611 final var profileAndCredential = profileHelper.retrieveProfileSync(recipientId, requestType);
612 final var profile = profileAndCredential.getProfile();
613
614 try {
615 var newIdentity = account.getIdentityKeyStore()
616 .saveIdentity(recipientId,
617 new IdentityKey(Base64.getDecoder().decode(profile.getIdentityKey())),
618 new Date());
619
620 if (newIdentity) {
621 account.getSessionStore().archiveSessions(recipientId);
622 }
623 } catch (InvalidKeyException ignored) {
624 logger.warn("Got invalid identity key in profile for {}",
625 resolveSignalServiceAddress(recipientId).getLegacyIdentifier());
626 }
627 return profileAndCredential;
628 }
629
630 private ProfileKeyCredential getRecipientProfileKeyCredential(RecipientId recipientId) {
631 var profileKeyCredential = account.getProfileStore().getProfileKeyCredential(recipientId);
632 if (profileKeyCredential != null) {
633 return profileKeyCredential;
634 }
635
636 ProfileAndCredential profileAndCredential;
637 try {
638 profileAndCredential = retrieveProfileAndCredential(recipientId,
639 SignalServiceProfile.RequestType.PROFILE_AND_CREDENTIAL);
640 } catch (IOException e) {
641 logger.warn("Failed to retrieve profile key credential, ignoring: {}", e.getMessage());
642 return null;
643 }
644
645 profileKeyCredential = profileAndCredential.getProfileKeyCredential().orNull();
646 account.getProfileStore().storeProfileKeyCredential(recipientId, profileKeyCredential);
647
648 var profileKey = account.getProfileStore().getProfileKey(recipientId);
649 if (profileKey != null) {
650 final var profile = decryptProfileAndDownloadAvatar(recipientId,
651 profileKey,
652 profileAndCredential.getProfile());
653 account.getProfileStore().storeProfile(recipientId, profile);
654 }
655
656 return profileKeyCredential;
657 }
658
659 private Profile decryptProfileAndDownloadAvatar(
660 final RecipientId recipientId, final ProfileKey profileKey, final SignalServiceProfile encryptedProfile
661 ) {
662 if (encryptedProfile.getAvatar() != null) {
663 downloadProfileAvatar(resolveSignalServiceAddress(recipientId), encryptedProfile.getAvatar(), profileKey);
664 }
665
666 return ProfileUtils.decryptProfile(profileKey, encryptedProfile);
667 }
668
669 private Optional<SignalServiceAttachmentStream> createGroupAvatarAttachment(GroupId groupId) throws IOException {
670 final var streamDetails = avatarStore.retrieveGroupAvatar(groupId);
671 if (streamDetails == null) {
672 return Optional.absent();
673 }
674
675 return Optional.of(AttachmentUtils.createAttachment(streamDetails, Optional.absent()));
676 }
677
678 private Optional<SignalServiceAttachmentStream> createContactAvatarAttachment(SignalServiceAddress address) throws IOException {
679 final var streamDetails = avatarStore.retrieveContactAvatar(address);
680 if (streamDetails == null) {
681 return Optional.absent();
682 }
683
684 return Optional.of(AttachmentUtils.createAttachment(streamDetails, Optional.absent()));
685 }
686
687 private GroupInfo getGroupForSending(GroupId groupId) throws GroupNotFoundException, NotAGroupMemberException {
688 var g = getGroup(groupId);
689 if (g == null) {
690 throw new GroupNotFoundException(groupId);
691 }
692 if (!g.isMember(account.getSelfRecipientId())) {
693 throw new NotAGroupMemberException(groupId, g.getTitle());
694 }
695 return g;
696 }
697
698 private GroupInfo getGroupForUpdating(GroupId groupId) throws GroupNotFoundException, NotAGroupMemberException {
699 var g = getGroup(groupId);
700 if (g == null) {
701 throw new GroupNotFoundException(groupId);
702 }
703 if (!g.isMember(account.getSelfRecipientId()) && !g.isPendingMember(account.getSelfRecipientId())) {
704 throw new NotAGroupMemberException(groupId, g.getTitle());
705 }
706 return g;
707 }
708
709 public List<GroupInfo> getGroups() {
710 return account.getGroupStore().getGroups();
711 }
712
713 public Pair<Long, List<SendMessageResult>> sendGroupMessage(
714 String messageText, List<String> attachments, GroupId groupId
715 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, NotAGroupMemberException {
716 final var messageBuilder = SignalServiceDataMessage.newBuilder().withBody(messageText);
717 if (attachments != null) {
718 messageBuilder.withAttachments(AttachmentUtils.getSignalServiceAttachments(attachments));
719 }
720
721 return sendGroupMessage(messageBuilder, groupId);
722 }
723
724 public Pair<Long, List<SendMessageResult>> sendGroupMessageReaction(
725 String emoji, boolean remove, String targetAuthor, long targetSentTimestamp, GroupId groupId
726 ) throws IOException, InvalidNumberException, NotAGroupMemberException, GroupNotFoundException {
727 var targetAuthorRecipientId = canonicalizeAndResolveRecipient(targetAuthor);
728 var reaction = new SignalServiceDataMessage.Reaction(emoji,
729 remove,
730 resolveSignalServiceAddress(targetAuthorRecipientId),
731 targetSentTimestamp);
732 final var messageBuilder = SignalServiceDataMessage.newBuilder().withReaction(reaction);
733
734 return sendGroupMessage(messageBuilder, groupId);
735 }
736
737 public Pair<Long, List<SendMessageResult>> sendGroupMessage(
738 SignalServiceDataMessage.Builder messageBuilder, GroupId groupId
739 ) throws IOException, GroupNotFoundException, NotAGroupMemberException {
740 final var g = getGroupForSending(groupId);
741
742 GroupUtils.setGroupContext(messageBuilder, g);
743 messageBuilder.withExpiration(g.getMessageExpirationTime());
744
745 return sendMessage(messageBuilder, g.getMembersWithout(account.getSelfRecipientId()));
746 }
747
748 public Pair<Long, List<SendMessageResult>> sendQuitGroupMessage(GroupId groupId) throws GroupNotFoundException, IOException, NotAGroupMemberException {
749 SignalServiceDataMessage.Builder messageBuilder;
750
751 final var g = getGroupForUpdating(groupId);
752 if (g instanceof GroupInfoV1) {
753 var groupInfoV1 = (GroupInfoV1) g;
754 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.QUIT).withId(groupId.serialize()).build();
755 messageBuilder = SignalServiceDataMessage.newBuilder().asGroupMessage(group);
756 groupInfoV1.removeMember(account.getSelfRecipientId());
757 account.getGroupStore().updateGroup(groupInfoV1);
758 } else {
759 final var groupInfoV2 = (GroupInfoV2) g;
760 final var groupGroupChangePair = groupHelper.leaveGroup(groupInfoV2);
761 groupInfoV2.setGroup(groupGroupChangePair.first(), this::resolveRecipient);
762 messageBuilder = getGroupUpdateMessageBuilder(groupInfoV2, groupGroupChangePair.second().toByteArray());
763 account.getGroupStore().updateGroup(groupInfoV2);
764 }
765
766 return sendMessage(messageBuilder, g.getMembersWithout(account.getSelfRecipientId()));
767 }
768
769 public Pair<GroupId, List<SendMessageResult>> updateGroup(
770 GroupId groupId, String name, List<String> members, File avatarFile
771 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, InvalidNumberException, NotAGroupMemberException {
772 return sendUpdateGroupMessage(groupId,
773 name,
774 members == null ? null : getSignalServiceAddresses(members),
775 avatarFile);
776 }
777
778 private Pair<GroupId, List<SendMessageResult>> sendUpdateGroupMessage(
779 GroupId groupId, String name, Set<RecipientId> members, File avatarFile
780 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, NotAGroupMemberException {
781 GroupInfo g;
782 SignalServiceDataMessage.Builder messageBuilder;
783 if (groupId == null) {
784 // Create new group
785 var gv2Pair = groupHelper.createGroupV2(name == null ? "" : name,
786 members == null ? Set.of() : members,
787 avatarFile);
788 if (gv2Pair == null) {
789 var gv1 = new GroupInfoV1(GroupIdV1.createRandom());
790 gv1.addMembers(List.of(account.getSelfRecipientId()));
791 updateGroupV1(gv1, name, members, avatarFile);
792 messageBuilder = getGroupUpdateMessageBuilder(gv1);
793 g = gv1;
794 } else {
795 final var gv2 = gv2Pair.first();
796 final var decryptedGroup = gv2Pair.second();
797
798 gv2.setGroup(decryptedGroup, this::resolveRecipient);
799 if (avatarFile != null) {
800 avatarStore.storeGroupAvatar(gv2.getGroupId(),
801 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
802 }
803 messageBuilder = getGroupUpdateMessageBuilder(gv2, null);
804 g = gv2;
805 }
806 } else {
807 var group = getGroupForUpdating(groupId);
808 if (group instanceof GroupInfoV2) {
809 final var groupInfoV2 = (GroupInfoV2) group;
810
811 Pair<Long, List<SendMessageResult>> result = null;
812 if (groupInfoV2.isPendingMember(account.getSelfRecipientId())) {
813 var groupGroupChangePair = groupHelper.acceptInvite(groupInfoV2);
814 result = sendUpdateGroupMessage(groupInfoV2,
815 groupGroupChangePair.first(),
816 groupGroupChangePair.second());
817 }
818
819 if (members != null) {
820 final var newMembers = new HashSet<>(members);
821 newMembers.removeAll(group.getMembers());
822 if (newMembers.size() > 0) {
823 var groupGroupChangePair = groupHelper.updateGroupV2(groupInfoV2, newMembers);
824 result = sendUpdateGroupMessage(groupInfoV2,
825 groupGroupChangePair.first(),
826 groupGroupChangePair.second());
827 }
828 }
829 if (result == null || name != null || avatarFile != null) {
830 var groupGroupChangePair = groupHelper.updateGroupV2(groupInfoV2, name, avatarFile);
831 if (avatarFile != null) {
832 avatarStore.storeGroupAvatar(groupInfoV2.getGroupId(),
833 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
834 }
835 result = sendUpdateGroupMessage(groupInfoV2,
836 groupGroupChangePair.first(),
837 groupGroupChangePair.second());
838 }
839
840 return new Pair<>(group.getGroupId(), result.second());
841 } else {
842 var gv1 = (GroupInfoV1) group;
843 updateGroupV1(gv1, name, members, avatarFile);
844 messageBuilder = getGroupUpdateMessageBuilder(gv1);
845 g = gv1;
846 }
847 }
848
849 account.getGroupStore().updateGroup(g);
850
851 final var result = sendMessage(messageBuilder,
852 g.getMembersIncludingPendingWithout(account.getSelfRecipientId()));
853 return new Pair<>(g.getGroupId(), result.second());
854 }
855
856 private void updateGroupV1(
857 final GroupInfoV1 g, final String name, final Collection<RecipientId> members, final File avatarFile
858 ) throws IOException {
859 if (name != null) {
860 g.name = name;
861 }
862
863 if (members != null) {
864 final var newMemberAddresses = members.stream()
865 .filter(member -> !g.isMember(member))
866 .map(this::resolveSignalServiceAddress)
867 .collect(Collectors.toList());
868 final var newE164Members = new HashSet<String>();
869 for (var member : newMemberAddresses) {
870 if (!member.getNumber().isPresent()) {
871 continue;
872 }
873 newE164Members.add(member.getNumber().get());
874 }
875
876 final var registeredUsers = getRegisteredUsers(newE164Members);
877 if (registeredUsers.size() != newE164Members.size()) {
878 // Some of the new members are not registered on Signal
879 newE164Members.removeAll(registeredUsers.keySet());
880 throw new IOException("Failed to add members "
881 + String.join(", ", newE164Members)
882 + " to group: Not registered on Signal");
883 }
884
885 g.addMembers(members);
886 }
887
888 if (avatarFile != null) {
889 avatarStore.storeGroupAvatar(g.getGroupId(),
890 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
891 }
892 }
893
894 public Pair<GroupId, List<SendMessageResult>> joinGroup(
895 GroupInviteLinkUrl inviteLinkUrl
896 ) throws IOException, GroupLinkNotActiveException {
897 return sendJoinGroupMessage(inviteLinkUrl);
898 }
899
900 private Pair<GroupId, List<SendMessageResult>> sendJoinGroupMessage(
901 GroupInviteLinkUrl inviteLinkUrl
902 ) throws IOException, GroupLinkNotActiveException {
903 final var groupJoinInfo = groupHelper.getDecryptedGroupJoinInfo(inviteLinkUrl.getGroupMasterKey(),
904 inviteLinkUrl.getPassword());
905 final var groupChange = groupHelper.joinGroup(inviteLinkUrl.getGroupMasterKey(),
906 inviteLinkUrl.getPassword(),
907 groupJoinInfo);
908 final var group = getOrMigrateGroup(inviteLinkUrl.getGroupMasterKey(),
909 groupJoinInfo.getRevision() + 1,
910 groupChange.toByteArray());
911
912 if (group.getGroup() == null) {
913 // Only requested member, can't send update to group members
914 return new Pair<>(group.getGroupId(), List.of());
915 }
916
917 final var result = sendUpdateGroupMessage(group, group.getGroup(), groupChange);
918
919 return new Pair<>(group.getGroupId(), result.second());
920 }
921
922 private static int currentTimeDays() {
923 return (int) TimeUnit.MILLISECONDS.toDays(System.currentTimeMillis());
924 }
925
926 private GroupsV2AuthorizationString getGroupAuthForToday(
927 final GroupSecretParams groupSecretParams
928 ) throws IOException {
929 final var today = currentTimeDays();
930 // Returns credentials for the next 7 days
931 final var credentials = groupsV2Api.getCredentials(today);
932 // TODO cache credentials until they expire
933 var authCredentialResponse = credentials.get(today);
934 try {
935 return groupsV2Api.getGroupsV2AuthorizationString(account.getUuid(),
936 today,
937 groupSecretParams,
938 authCredentialResponse);
939 } catch (VerificationFailedException e) {
940 throw new IOException(e);
941 }
942 }
943
944 private Pair<Long, List<SendMessageResult>> sendUpdateGroupMessage(
945 GroupInfoV2 group, DecryptedGroup newDecryptedGroup, GroupChange groupChange
946 ) throws IOException {
947 group.setGroup(newDecryptedGroup, this::resolveRecipient);
948 final var messageBuilder = getGroupUpdateMessageBuilder(group, groupChange.toByteArray());
949 account.getGroupStore().updateGroup(group);
950 return sendMessage(messageBuilder, group.getMembersIncludingPendingWithout(account.getSelfRecipientId()));
951 }
952
953 Pair<Long, List<SendMessageResult>> sendGroupInfoMessage(
954 GroupIdV1 groupId, SignalServiceAddress recipient
955 ) throws IOException, NotAGroupMemberException, GroupNotFoundException, AttachmentInvalidException {
956 GroupInfoV1 g;
957 var group = getGroupForSending(groupId);
958 if (!(group instanceof GroupInfoV1)) {
959 throw new RuntimeException("Received an invalid group request for a v2 group!");
960 }
961 g = (GroupInfoV1) group;
962
963 final var recipientId = resolveRecipient(recipient);
964 if (!g.isMember(recipientId)) {
965 throw new NotAGroupMemberException(groupId, g.name);
966 }
967
968 var messageBuilder = getGroupUpdateMessageBuilder(g);
969
970 // Send group message only to the recipient who requested it
971 return sendMessage(messageBuilder, Set.of(recipientId));
972 }
973
974 private SignalServiceDataMessage.Builder getGroupUpdateMessageBuilder(GroupInfoV1 g) throws AttachmentInvalidException {
975 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.UPDATE)
976 .withId(g.getGroupId().serialize())
977 .withName(g.name)
978 .withMembers(g.getMembers()
979 .stream()
980 .map(this::resolveSignalServiceAddress)
981 .collect(Collectors.toList()));
982
983 try {
984 final var attachment = createGroupAvatarAttachment(g.getGroupId());
985 if (attachment.isPresent()) {
986 group.withAvatar(attachment.get());
987 }
988 } catch (IOException e) {
989 throw new AttachmentInvalidException(g.getGroupId().toBase64(), e);
990 }
991
992 return SignalServiceDataMessage.newBuilder()
993 .asGroupMessage(group.build())
994 .withExpiration(g.getMessageExpirationTime());
995 }
996
997 private SignalServiceDataMessage.Builder getGroupUpdateMessageBuilder(GroupInfoV2 g, byte[] signedGroupChange) {
998 var group = SignalServiceGroupV2.newBuilder(g.getMasterKey())
999 .withRevision(g.getGroup().getRevision())
1000 .withSignedGroupChange(signedGroupChange);
1001 return SignalServiceDataMessage.newBuilder()
1002 .asGroupMessage(group.build())
1003 .withExpiration(g.getMessageExpirationTime());
1004 }
1005
1006 Pair<Long, List<SendMessageResult>> sendGroupInfoRequest(
1007 GroupIdV1 groupId, SignalServiceAddress recipient
1008 ) throws IOException {
1009 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.REQUEST_INFO).withId(groupId.serialize());
1010
1011 var messageBuilder = SignalServiceDataMessage.newBuilder().asGroupMessage(group.build());
1012
1013 // Send group info request message to the recipient who sent us a message with this groupId
1014 return sendMessage(messageBuilder, Set.of(resolveRecipient(recipient)));
1015 }
1016
1017 void sendReceipt(
1018 SignalServiceAddress remoteAddress, long messageId
1019 ) throws IOException, UntrustedIdentityException {
1020 var receiptMessage = new SignalServiceReceiptMessage(SignalServiceReceiptMessage.Type.DELIVERY,
1021 List.of(messageId),
1022 System.currentTimeMillis());
1023
1024 createMessageSender().sendReceipt(remoteAddress,
1025 unidentifiedAccessHelper.getAccessFor(resolveRecipient(remoteAddress)),
1026 receiptMessage);
1027 }
1028
1029 public Pair<Long, List<SendMessageResult>> sendMessage(
1030 String messageText, List<String> attachments, List<String> recipients
1031 ) throws IOException, AttachmentInvalidException, InvalidNumberException {
1032 final var messageBuilder = SignalServiceDataMessage.newBuilder().withBody(messageText);
1033 if (attachments != null) {
1034 var attachmentStreams = AttachmentUtils.getSignalServiceAttachments(attachments);
1035
1036 // Upload attachments here, so we only upload once even for multiple recipients
1037 var messageSender = createMessageSender();
1038 var attachmentPointers = new ArrayList<SignalServiceAttachment>(attachmentStreams.size());
1039 for (var attachment : attachmentStreams) {
1040 if (attachment.isStream()) {
1041 attachmentPointers.add(messageSender.uploadAttachment(attachment.asStream()));
1042 } else if (attachment.isPointer()) {
1043 attachmentPointers.add(attachment.asPointer());
1044 }
1045 }
1046
1047 messageBuilder.withAttachments(attachmentPointers);
1048 }
1049 return sendMessage(messageBuilder, getSignalServiceAddresses(recipients));
1050 }
1051
1052 public Pair<Long, SendMessageResult> sendSelfMessage(
1053 String messageText, List<String> attachments
1054 ) throws IOException, AttachmentInvalidException {
1055 final var messageBuilder = SignalServiceDataMessage.newBuilder().withBody(messageText);
1056 if (attachments != null) {
1057 messageBuilder.withAttachments(AttachmentUtils.getSignalServiceAttachments(attachments));
1058 }
1059 return sendSelfMessage(messageBuilder);
1060 }
1061
1062 public Pair<Long, List<SendMessageResult>> sendRemoteDeleteMessage(
1063 long targetSentTimestamp, List<String> recipients
1064 ) throws IOException, InvalidNumberException {
1065 var delete = new SignalServiceDataMessage.RemoteDelete(targetSentTimestamp);
1066 final var messageBuilder = SignalServiceDataMessage.newBuilder().withRemoteDelete(delete);
1067 return sendMessage(messageBuilder, getSignalServiceAddresses(recipients));
1068 }
1069
1070 public Pair<Long, List<SendMessageResult>> sendGroupRemoteDeleteMessage(
1071 long targetSentTimestamp, GroupId groupId
1072 ) throws IOException, NotAGroupMemberException, GroupNotFoundException {
1073 var delete = new SignalServiceDataMessage.RemoteDelete(targetSentTimestamp);
1074 final var messageBuilder = SignalServiceDataMessage.newBuilder().withRemoteDelete(delete);
1075 return sendGroupMessage(messageBuilder, groupId);
1076 }
1077
1078 public Pair<Long, List<SendMessageResult>> sendMessageReaction(
1079 String emoji, boolean remove, String targetAuthor, long targetSentTimestamp, List<String> recipients
1080 ) throws IOException, InvalidNumberException {
1081 var targetAuthorRecipientId = canonicalizeAndResolveRecipient(targetAuthor);
1082 var reaction = new SignalServiceDataMessage.Reaction(emoji,
1083 remove,
1084 resolveSignalServiceAddress(targetAuthorRecipientId),
1085 targetSentTimestamp);
1086 final var messageBuilder = SignalServiceDataMessage.newBuilder().withReaction(reaction);
1087 return sendMessage(messageBuilder, getSignalServiceAddresses(recipients));
1088 }
1089
1090 public Pair<Long, List<SendMessageResult>> sendEndSessionMessage(List<String> recipients) throws IOException, InvalidNumberException {
1091 var messageBuilder = SignalServiceDataMessage.newBuilder().asEndSessionMessage();
1092
1093 final var signalServiceAddresses = getSignalServiceAddresses(recipients);
1094 try {
1095 return sendMessage(messageBuilder, signalServiceAddresses);
1096 } catch (Exception e) {
1097 for (var address : signalServiceAddresses) {
1098 handleEndSession(address);
1099 }
1100 throw e;
1101 }
1102 }
1103
1104 SendMessageResult renewSession(RecipientId recipientId) throws IOException {
1105 account.getSessionStore().archiveSessions(recipientId);
1106 return sendNullMessage(recipientId);
1107 }
1108
1109 public String getContactName(String number) throws InvalidNumberException {
1110 var contact = account.getContactStore().getContact(canonicalizeAndResolveRecipient(number));
1111 return contact == null || contact.getName() == null ? "" : contact.getName();
1112 }
1113
1114 public void setContactName(String number, String name) throws InvalidNumberException, NotMasterDeviceException {
1115 if (!account.isMasterDevice()) {
1116 throw new NotMasterDeviceException();
1117 }
1118 final var recipientId = canonicalizeAndResolveRecipient(number);
1119 var contact = account.getContactStore().getContact(recipientId);
1120 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1121 account.getContactStore().storeContact(recipientId, builder.withName(name).build());
1122 }
1123
1124 public void setContactBlocked(
1125 String number, boolean blocked
1126 ) throws InvalidNumberException, NotMasterDeviceException {
1127 if (!account.isMasterDevice()) {
1128 throw new NotMasterDeviceException();
1129 }
1130 setContactBlocked(canonicalizeAndResolveRecipient(number), blocked);
1131 }
1132
1133 private void setContactBlocked(RecipientId recipientId, boolean blocked) {
1134 var contact = account.getContactStore().getContact(recipientId);
1135 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1136 account.getContactStore().storeContact(recipientId, builder.withBlocked(blocked).build());
1137 }
1138
1139 public void setGroupBlocked(final GroupId groupId, final boolean blocked) throws GroupNotFoundException {
1140 var group = getGroup(groupId);
1141 if (group == null) {
1142 throw new GroupNotFoundException(groupId);
1143 }
1144
1145 group.setBlocked(blocked);
1146 account.getGroupStore().updateGroup(group);
1147 }
1148
1149 private void setExpirationTimer(RecipientId recipientId, int messageExpirationTimer) {
1150 var contact = account.getContactStore().getContact(recipientId);
1151 if (contact != null && contact.getMessageExpirationTime() == messageExpirationTimer) {
1152 return;
1153 }
1154 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1155 account.getContactStore()
1156 .storeContact(recipientId, builder.withMessageExpirationTime(messageExpirationTimer).build());
1157 }
1158
1159 private void sendExpirationTimerUpdate(RecipientId recipientId) throws IOException {
1160 final var messageBuilder = SignalServiceDataMessage.newBuilder().asExpirationUpdate();
1161 sendMessage(messageBuilder, Set.of(recipientId));
1162 }
1163
1164 /**
1165 * Change the expiration timer for a contact
1166 */
1167 public void setExpirationTimer(
1168 String number, int messageExpirationTimer
1169 ) throws IOException, InvalidNumberException {
1170 var recipientId = canonicalizeAndResolveRecipient(number);
1171 setExpirationTimer(recipientId, messageExpirationTimer);
1172 sendExpirationTimerUpdate(recipientId);
1173 }
1174
1175 /**
1176 * Change the expiration timer for a group
1177 */
1178 public void setExpirationTimer(GroupId groupId, int messageExpirationTimer) {
1179 var g = getGroup(groupId);
1180 if (g instanceof GroupInfoV1) {
1181 var groupInfoV1 = (GroupInfoV1) g;
1182 groupInfoV1.messageExpirationTime = messageExpirationTimer;
1183 account.getGroupStore().updateGroup(groupInfoV1);
1184 } else {
1185 throw new RuntimeException("TODO Not implemented!");
1186 }
1187 }
1188
1189 /**
1190 * Upload the sticker pack from path.
1191 *
1192 * @param path Path can be a path to a manifest.json file or to a zip file that contains a manifest.json file
1193 * @return if successful, returns the URL to install the sticker pack in the signal app
1194 */
1195 public String uploadStickerPack(File path) throws IOException, StickerPackInvalidException {
1196 var manifest = StickerUtils.getSignalServiceStickerManifestUpload(path);
1197
1198 var messageSender = createMessageSender();
1199
1200 var packKey = KeyUtils.createStickerUploadKey();
1201 var packId = messageSender.uploadStickerManifest(manifest, packKey);
1202
1203 var sticker = new Sticker(StickerPackId.deserialize(Hex.fromStringCondensed(packId)), packKey);
1204 account.getStickerStore().updateSticker(sticker);
1205
1206 try {
1207 return new URI("https",
1208 "signal.art",
1209 "/addstickers/",
1210 "pack_id=" + URLEncoder.encode(packId, StandardCharsets.UTF_8) + "&pack_key=" + URLEncoder.encode(
1211 Hex.toStringCondensed(packKey),
1212 StandardCharsets.UTF_8)).toString();
1213 } catch (URISyntaxException e) {
1214 throw new AssertionError(e);
1215 }
1216 }
1217
1218 public void requestAllSyncData() throws IOException {
1219 requestSyncGroups();
1220 requestSyncContacts();
1221 requestSyncBlocked();
1222 requestSyncConfiguration();
1223 requestSyncKeys();
1224 }
1225
1226 private void requestSyncGroups() throws IOException {
1227 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1228 .setType(SignalServiceProtos.SyncMessage.Request.Type.GROUPS)
1229 .build();
1230 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1231 try {
1232 sendSyncMessage(message);
1233 } catch (UntrustedIdentityException e) {
1234 throw new AssertionError(e);
1235 }
1236 }
1237
1238 private void requestSyncContacts() throws IOException {
1239 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1240 .setType(SignalServiceProtos.SyncMessage.Request.Type.CONTACTS)
1241 .build();
1242 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1243 try {
1244 sendSyncMessage(message);
1245 } catch (UntrustedIdentityException e) {
1246 throw new AssertionError(e);
1247 }
1248 }
1249
1250 private void requestSyncBlocked() throws IOException {
1251 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1252 .setType(SignalServiceProtos.SyncMessage.Request.Type.BLOCKED)
1253 .build();
1254 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1255 try {
1256 sendSyncMessage(message);
1257 } catch (UntrustedIdentityException e) {
1258 throw new AssertionError(e);
1259 }
1260 }
1261
1262 private void requestSyncConfiguration() throws IOException {
1263 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1264 .setType(SignalServiceProtos.SyncMessage.Request.Type.CONFIGURATION)
1265 .build();
1266 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1267 try {
1268 sendSyncMessage(message);
1269 } catch (UntrustedIdentityException e) {
1270 throw new AssertionError(e);
1271 }
1272 }
1273
1274 private void requestSyncKeys() throws IOException {
1275 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1276 .setType(SignalServiceProtos.SyncMessage.Request.Type.KEYS)
1277 .build();
1278 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1279 try {
1280 sendSyncMessage(message);
1281 } catch (UntrustedIdentityException e) {
1282 throw new AssertionError(e);
1283 }
1284 }
1285
1286 private byte[] getSenderCertificate() {
1287 byte[] certificate;
1288 try {
1289 if (account.isPhoneNumberShared()) {
1290 certificate = accountManager.getSenderCertificate();
1291 } else {
1292 certificate = accountManager.getSenderCertificateForPhoneNumberPrivacy();
1293 }
1294 } catch (IOException e) {
1295 logger.warn("Failed to get sender certificate, ignoring: {}", e.getMessage());
1296 return null;
1297 }
1298 // TODO cache for a day
1299 return certificate;
1300 }
1301
1302 private void sendSyncMessage(SignalServiceSyncMessage message) throws IOException, UntrustedIdentityException {
1303 var messageSender = createMessageSender();
1304 messageSender.sendMessage(message, unidentifiedAccessHelper.getAccessForSync());
1305 }
1306
1307 private Set<RecipientId> getSignalServiceAddresses(Collection<String> numbers) throws InvalidNumberException {
1308 final var signalServiceAddresses = new HashSet<SignalServiceAddress>(numbers.size());
1309 final var addressesMissingUuid = new HashSet<SignalServiceAddress>();
1310
1311 for (var number : numbers) {
1312 final var resolvedAddress = resolveSignalServiceAddress(canonicalizeAndResolveRecipient(number));
1313 if (resolvedAddress.getUuid().isPresent()) {
1314 signalServiceAddresses.add(resolvedAddress);
1315 } else {
1316 addressesMissingUuid.add(resolvedAddress);
1317 }
1318 }
1319
1320 final var numbersMissingUuid = addressesMissingUuid.stream()
1321 .map(a -> a.getNumber().get())
1322 .collect(Collectors.toSet());
1323 Map<String, UUID> registeredUsers;
1324 try {
1325 registeredUsers = getRegisteredUsers(numbersMissingUuid);
1326 } catch (IOException e) {
1327 logger.warn("Failed to resolve uuids from server, ignoring: {}", e.getMessage());
1328 registeredUsers = Map.of();
1329 }
1330
1331 for (var address : addressesMissingUuid) {
1332 final var number = address.getNumber().get();
1333 if (registeredUsers.containsKey(number)) {
1334 final var newAddress = resolveSignalServiceAddress(resolveRecipientTrusted(new SignalServiceAddress(
1335 registeredUsers.get(number),
1336 number)));
1337 signalServiceAddresses.add(newAddress);
1338 } else {
1339 signalServiceAddresses.add(address);
1340 }
1341 }
1342
1343 return signalServiceAddresses.stream().map(this::resolveRecipient).collect(Collectors.toSet());
1344 }
1345
1346 private RecipientId refreshRegisteredUser(RecipientId recipientId) throws IOException {
1347 final var address = resolveSignalServiceAddress(recipientId);
1348 if (!address.getNumber().isPresent()) {
1349 return recipientId;
1350 }
1351 final var number = address.getNumber().get();
1352 final var uuidMap = getRegisteredUsers(Set.of(number));
1353 return resolveRecipientTrusted(new SignalServiceAddress(uuidMap.getOrDefault(number, null), number));
1354 }
1355
1356 private Map<String, UUID> getRegisteredUsers(final Set<String> numbers) throws IOException {
1357 try {
1358 return accountManager.getRegisteredUsers(ServiceConfig.getIasKeyStore(),
1359 numbers,
1360 serviceEnvironmentConfig.getCdsMrenclave());
1361 } catch (Quote.InvalidQuoteFormatException | UnauthenticatedQuoteException | SignatureException | UnauthenticatedResponseException | InvalidKeyException e) {
1362 throw new IOException(e);
1363 }
1364 }
1365
1366 private Pair<Long, List<SendMessageResult>> sendMessage(
1367 SignalServiceDataMessage.Builder messageBuilder, Set<RecipientId> recipientIds
1368 ) throws IOException {
1369 final var timestamp = System.currentTimeMillis();
1370 messageBuilder.withTimestamp(timestamp);
1371 getOrCreateMessagePipe();
1372 getOrCreateUnidentifiedMessagePipe();
1373 SignalServiceDataMessage message = null;
1374 try {
1375 message = messageBuilder.build();
1376 if (message.getGroupContext().isPresent()) {
1377 try {
1378 var messageSender = createMessageSender();
1379 final var isRecipientUpdate = false;
1380 final var recipientIdList = new ArrayList<>(recipientIds);
1381 final var addresses = recipientIdList.stream()
1382 .map(this::resolveSignalServiceAddress)
1383 .collect(Collectors.toList());
1384 var result = messageSender.sendMessage(addresses,
1385 unidentifiedAccessHelper.getAccessFor(recipientIdList),
1386 isRecipientUpdate,
1387 message);
1388
1389 for (var r : result) {
1390 if (r.getIdentityFailure() != null) {
1391 final var recipientId = resolveRecipient(r.getAddress());
1392 final var newIdentity = account.getIdentityKeyStore()
1393 .saveIdentity(recipientId, r.getIdentityFailure().getIdentityKey(), new Date());
1394 if (newIdentity) {
1395 account.getSessionStore().archiveSessions(recipientId);
1396 }
1397 }
1398 }
1399
1400 return new Pair<>(timestamp, result);
1401 } catch (UntrustedIdentityException e) {
1402 return new Pair<>(timestamp, List.of());
1403 }
1404 } else {
1405 // Send to all individually, so sync messages are sent correctly
1406 messageBuilder.withProfileKey(account.getProfileKey().serialize());
1407 var results = new ArrayList<SendMessageResult>(recipientIds.size());
1408 for (var recipientId : recipientIds) {
1409 final var contact = account.getContactStore().getContact(recipientId);
1410 final var expirationTime = contact != null ? contact.getMessageExpirationTime() : 0;
1411 messageBuilder.withExpiration(expirationTime);
1412 message = messageBuilder.build();
1413 results.add(sendMessage(recipientId, message));
1414 }
1415 return new Pair<>(timestamp, results);
1416 }
1417 } finally {
1418 if (message != null && message.isEndSession()) {
1419 for (var recipient : recipientIds) {
1420 handleEndSession(recipient);
1421 }
1422 }
1423 }
1424 }
1425
1426 private Pair<Long, SendMessageResult> sendSelfMessage(
1427 SignalServiceDataMessage.Builder messageBuilder
1428 ) throws IOException {
1429 final var timestamp = System.currentTimeMillis();
1430 messageBuilder.withTimestamp(timestamp);
1431 getOrCreateMessagePipe();
1432 getOrCreateUnidentifiedMessagePipe();
1433 final var recipientId = account.getSelfRecipientId();
1434
1435 final var contact = account.getContactStore().getContact(recipientId);
1436 final var expirationTime = contact != null ? contact.getMessageExpirationTime() : 0;
1437 messageBuilder.withExpiration(expirationTime);
1438
1439 var message = messageBuilder.build();
1440 final var result = sendSelfMessage(message);
1441 return new Pair<>(timestamp, result);
1442 }
1443
1444 private SendMessageResult sendSelfMessage(SignalServiceDataMessage message) throws IOException {
1445 var messageSender = createMessageSender();
1446
1447 var recipientId = account.getSelfRecipientId();
1448
1449 final var unidentifiedAccess = unidentifiedAccessHelper.getAccessFor(recipientId);
1450 var recipient = resolveSignalServiceAddress(recipientId);
1451 var transcript = new SentTranscriptMessage(Optional.of(recipient),
1452 message.getTimestamp(),
1453 message,
1454 message.getExpiresInSeconds(),
1455 Map.of(recipient, unidentifiedAccess.isPresent()),
1456 false);
1457 var syncMessage = SignalServiceSyncMessage.forSentTranscript(transcript);
1458
1459 try {
1460 var startTime = System.currentTimeMillis();
1461 messageSender.sendMessage(syncMessage, unidentifiedAccess);
1462 return SendMessageResult.success(recipient,
1463 unidentifiedAccess.isPresent(),
1464 false,
1465 System.currentTimeMillis() - startTime);
1466 } catch (UntrustedIdentityException e) {
1467 return SendMessageResult.identityFailure(recipient, e.getIdentityKey());
1468 }
1469 }
1470
1471 private SendMessageResult sendMessage(
1472 RecipientId recipientId, SignalServiceDataMessage message
1473 ) throws IOException {
1474 var messageSender = createMessageSender();
1475
1476 final var address = resolveSignalServiceAddress(recipientId);
1477 try {
1478 try {
1479 return messageSender.sendMessage(address, unidentifiedAccessHelper.getAccessFor(recipientId), message);
1480 } catch (UnregisteredUserException e) {
1481 final var newRecipientId = refreshRegisteredUser(recipientId);
1482 return messageSender.sendMessage(resolveSignalServiceAddress(newRecipientId),
1483 unidentifiedAccessHelper.getAccessFor(newRecipientId),
1484 message);
1485 }
1486 } catch (UntrustedIdentityException e) {
1487 return SendMessageResult.identityFailure(address, e.getIdentityKey());
1488 }
1489 }
1490
1491 private SendMessageResult sendNullMessage(RecipientId recipientId) throws IOException {
1492 var messageSender = createMessageSender();
1493
1494 final var address = resolveSignalServiceAddress(recipientId);
1495 try {
1496 try {
1497 return messageSender.sendNullMessage(address, unidentifiedAccessHelper.getAccessFor(recipientId));
1498 } catch (UnregisteredUserException e) {
1499 final var newRecipientId = refreshRegisteredUser(recipientId);
1500 final var newAddress = resolveSignalServiceAddress(newRecipientId);
1501 return messageSender.sendNullMessage(newAddress, unidentifiedAccessHelper.getAccessFor(newRecipientId));
1502 }
1503 } catch (UntrustedIdentityException e) {
1504 return SendMessageResult.identityFailure(address, e.getIdentityKey());
1505 }
1506 }
1507
1508 private SignalServiceContent decryptMessage(SignalServiceEnvelope envelope) throws InvalidMetadataMessageException, ProtocolInvalidMessageException, ProtocolDuplicateMessageException, ProtocolLegacyMessageException, ProtocolInvalidKeyIdException, InvalidMetadataVersionException, ProtocolInvalidVersionException, ProtocolNoSessionException, ProtocolInvalidKeyException, SelfSendException, UnsupportedDataMessageException, org.whispersystems.libsignal.UntrustedIdentityException {
1509 var cipher = new SignalServiceCipher(account.getSelfAddress(),
1510 account.getSignalProtocolStore(),
1511 certificateValidator);
1512 try {
1513 return cipher.decrypt(envelope);
1514 } catch (ProtocolUntrustedIdentityException e) {
1515 if (e.getCause() instanceof org.whispersystems.libsignal.UntrustedIdentityException) {
1516 throw (org.whispersystems.libsignal.UntrustedIdentityException) e.getCause();
1517 }
1518 throw new AssertionError(e);
1519 }
1520 }
1521
1522 private void handleEndSession(RecipientId recipientId) {
1523 account.getSessionStore().deleteAllSessions(recipientId);
1524 }
1525
1526 private List<HandleAction> handleSignalServiceDataMessage(
1527 SignalServiceDataMessage message,
1528 boolean isSync,
1529 SignalServiceAddress source,
1530 SignalServiceAddress destination,
1531 boolean ignoreAttachments
1532 ) {
1533 var actions = new ArrayList<HandleAction>();
1534 if (message.getGroupContext().isPresent()) {
1535 if (message.getGroupContext().get().getGroupV1().isPresent()) {
1536 var groupInfo = message.getGroupContext().get().getGroupV1().get();
1537 var groupId = GroupId.v1(groupInfo.getGroupId());
1538 var group = getGroup(groupId);
1539 if (group == null || group instanceof GroupInfoV1) {
1540 var groupV1 = (GroupInfoV1) group;
1541 switch (groupInfo.getType()) {
1542 case UPDATE: {
1543 if (groupV1 == null) {
1544 groupV1 = new GroupInfoV1(groupId);
1545 }
1546
1547 if (groupInfo.getAvatar().isPresent()) {
1548 var avatar = groupInfo.getAvatar().get();
1549 downloadGroupAvatar(avatar, groupV1.getGroupId());
1550 }
1551
1552 if (groupInfo.getName().isPresent()) {
1553 groupV1.name = groupInfo.getName().get();
1554 }
1555
1556 if (groupInfo.getMembers().isPresent()) {
1557 groupV1.addMembers(groupInfo.getMembers()
1558 .get()
1559 .stream()
1560 .map(this::resolveRecipient)
1561 .collect(Collectors.toSet()));
1562 }
1563
1564 account.getGroupStore().updateGroup(groupV1);
1565 break;
1566 }
1567 case DELIVER:
1568 if (groupV1 == null && !isSync) {
1569 actions.add(new SendGroupInfoRequestAction(source, groupId));
1570 }
1571 break;
1572 case QUIT: {
1573 if (groupV1 != null) {
1574 groupV1.removeMember(resolveRecipient(source));
1575 account.getGroupStore().updateGroup(groupV1);
1576 }
1577 break;
1578 }
1579 case REQUEST_INFO:
1580 if (groupV1 != null && !isSync) {
1581 actions.add(new SendGroupInfoAction(source, groupV1.getGroupId()));
1582 }
1583 break;
1584 }
1585 } else {
1586 // Received a group v1 message for a v2 group
1587 }
1588 }
1589 if (message.getGroupContext().get().getGroupV2().isPresent()) {
1590 final var groupContext = message.getGroupContext().get().getGroupV2().get();
1591 final var groupMasterKey = groupContext.getMasterKey();
1592
1593 getOrMigrateGroup(groupMasterKey,
1594 groupContext.getRevision(),
1595 groupContext.hasSignedGroupChange() ? groupContext.getSignedGroupChange() : null);
1596 }
1597 }
1598
1599 final var conversationPartnerAddress = isSync ? destination : source;
1600 if (conversationPartnerAddress != null && message.isEndSession()) {
1601 handleEndSession(resolveRecipient(conversationPartnerAddress));
1602 }
1603 if (message.isExpirationUpdate() || message.getBody().isPresent()) {
1604 if (message.getGroupContext().isPresent()) {
1605 if (message.getGroupContext().get().getGroupV1().isPresent()) {
1606 var groupInfo = message.getGroupContext().get().getGroupV1().get();
1607 var group = account.getGroupStore().getOrCreateGroupV1(GroupId.v1(groupInfo.getGroupId()));
1608 if (group != null) {
1609 if (group.messageExpirationTime != message.getExpiresInSeconds()) {
1610 group.messageExpirationTime = message.getExpiresInSeconds();
1611 account.getGroupStore().updateGroup(group);
1612 }
1613 }
1614 } else if (message.getGroupContext().get().getGroupV2().isPresent()) {
1615 // disappearing message timer already stored in the DecryptedGroup
1616 }
1617 } else if (conversationPartnerAddress != null) {
1618 setExpirationTimer(resolveRecipient(conversationPartnerAddress), message.getExpiresInSeconds());
1619 }
1620 }
1621 if (!ignoreAttachments) {
1622 if (message.getAttachments().isPresent()) {
1623 for (var attachment : message.getAttachments().get()) {
1624 downloadAttachment(attachment);
1625 }
1626 }
1627 if (message.getSharedContacts().isPresent()) {
1628 for (var contact : message.getSharedContacts().get()) {
1629 if (contact.getAvatar().isPresent()) {
1630 downloadAttachment(contact.getAvatar().get().getAttachment());
1631 }
1632 }
1633 }
1634 }
1635 if (message.getProfileKey().isPresent() && message.getProfileKey().get().length == 32) {
1636 final ProfileKey profileKey;
1637 try {
1638 profileKey = new ProfileKey(message.getProfileKey().get());
1639 } catch (InvalidInputException e) {
1640 throw new AssertionError(e);
1641 }
1642 if (source.matches(account.getSelfAddress())) {
1643 this.account.setProfileKey(profileKey);
1644 }
1645 this.account.getProfileStore().storeProfileKey(resolveRecipient(source), profileKey);
1646 }
1647 if (message.getPreviews().isPresent()) {
1648 final var previews = message.getPreviews().get();
1649 for (var preview : previews) {
1650 if (preview.getImage().isPresent()) {
1651 downloadAttachment(preview.getImage().get());
1652 }
1653 }
1654 }
1655 if (message.getQuote().isPresent()) {
1656 final var quote = message.getQuote().get();
1657
1658 for (var quotedAttachment : quote.getAttachments()) {
1659 final var thumbnail = quotedAttachment.getThumbnail();
1660 if (thumbnail != null) {
1661 downloadAttachment(thumbnail);
1662 }
1663 }
1664 }
1665 if (message.getSticker().isPresent()) {
1666 final var messageSticker = message.getSticker().get();
1667 final var stickerPackId = StickerPackId.deserialize(messageSticker.getPackId());
1668 var sticker = account.getStickerStore().getSticker(stickerPackId);
1669 if (sticker == null) {
1670 sticker = new Sticker(stickerPackId, messageSticker.getPackKey());
1671 account.getStickerStore().updateSticker(sticker);
1672 }
1673 }
1674 return actions;
1675 }
1676
1677 private GroupInfoV2 getOrMigrateGroup(
1678 final GroupMasterKey groupMasterKey, final int revision, final byte[] signedGroupChange
1679 ) {
1680 final var groupSecretParams = GroupSecretParams.deriveFromMasterKey(groupMasterKey);
1681
1682 var groupId = GroupUtils.getGroupIdV2(groupSecretParams);
1683 var groupInfo = getGroup(groupId);
1684 final GroupInfoV2 groupInfoV2;
1685 if (groupInfo instanceof GroupInfoV1) {
1686 // Received a v2 group message for a v1 group, we need to locally migrate the group
1687 account.getGroupStore().deleteGroupV1(((GroupInfoV1) groupInfo).getGroupId());
1688 groupInfoV2 = new GroupInfoV2(groupId, groupMasterKey);
1689 logger.info("Locally migrated group {} to group v2, id: {}",
1690 groupInfo.getGroupId().toBase64(),
1691 groupInfoV2.getGroupId().toBase64());
1692 } else if (groupInfo instanceof GroupInfoV2) {
1693 groupInfoV2 = (GroupInfoV2) groupInfo;
1694 } else {
1695 groupInfoV2 = new GroupInfoV2(groupId, groupMasterKey);
1696 }
1697
1698 if (groupInfoV2.getGroup() == null || groupInfoV2.getGroup().getRevision() < revision) {
1699 DecryptedGroup group = null;
1700 if (signedGroupChange != null
1701 && groupInfoV2.getGroup() != null
1702 && groupInfoV2.getGroup().getRevision() + 1 == revision) {
1703 group = groupHelper.getUpdatedDecryptedGroup(groupInfoV2.getGroup(), signedGroupChange, groupMasterKey);
1704 }
1705 if (group == null) {
1706 group = groupHelper.getDecryptedGroup(groupSecretParams);
1707 }
1708 if (group != null) {
1709 storeProfileKeysFromMembers(group);
1710 final var avatar = group.getAvatar();
1711 if (avatar != null && !avatar.isEmpty()) {
1712 downloadGroupAvatar(groupId, groupSecretParams, avatar);
1713 }
1714 }
1715 groupInfoV2.setGroup(group, this::resolveRecipient);
1716 account.getGroupStore().updateGroup(groupInfoV2);
1717 }
1718
1719 return groupInfoV2;
1720 }
1721
1722 private void storeProfileKeysFromMembers(final DecryptedGroup group) {
1723 for (var member : group.getMembersList()) {
1724 final var uuid = UuidUtil.parseOrThrow(member.getUuid().toByteArray());
1725 final var recipientId = account.getRecipientStore().resolveRecipient(uuid);
1726 try {
1727 account.getProfileStore()
1728 .storeProfileKey(recipientId, new ProfileKey(member.getProfileKey().toByteArray()));
1729 } catch (InvalidInputException ignored) {
1730 }
1731 }
1732 }
1733
1734 private void retryFailedReceivedMessages(ReceiveMessageHandler handler, boolean ignoreAttachments) {
1735 Set<HandleAction> queuedActions = new HashSet<>();
1736 for (var cachedMessage : account.getMessageCache().getCachedMessages()) {
1737 var actions = retryFailedReceivedMessage(handler, ignoreAttachments, cachedMessage);
1738 if (actions != null) {
1739 queuedActions.addAll(actions);
1740 }
1741 }
1742 for (var action : queuedActions) {
1743 try {
1744 action.execute(this);
1745 } catch (Throwable e) {
1746 logger.warn("Message action failed.", e);
1747 }
1748 }
1749 }
1750
1751 private List<HandleAction> retryFailedReceivedMessage(
1752 final ReceiveMessageHandler handler, final boolean ignoreAttachments, final CachedMessage cachedMessage
1753 ) {
1754 var envelope = cachedMessage.loadEnvelope();
1755 if (envelope == null) {
1756 return null;
1757 }
1758 SignalServiceContent content = null;
1759 List<HandleAction> actions = null;
1760 if (!envelope.isReceipt()) {
1761 try {
1762 content = decryptMessage(envelope);
1763 } catch (org.whispersystems.libsignal.UntrustedIdentityException e) {
1764 if (!envelope.hasSource()) {
1765 final var identifier = ((org.whispersystems.libsignal.UntrustedIdentityException) e).getName();
1766 final var recipientId = resolveRecipient(identifier);
1767 try {
1768 account.getMessageCache().replaceSender(cachedMessage, recipientId);
1769 } catch (IOException ioException) {
1770 logger.warn("Failed to move cached message to recipient folder: {}", ioException.getMessage());
1771 }
1772 }
1773 return null;
1774 } catch (Exception er) {
1775 // All other errors are not recoverable, so delete the cached message
1776 cachedMessage.delete();
1777 return null;
1778 }
1779 actions = handleMessage(envelope, content, ignoreAttachments);
1780 }
1781 handler.handleMessage(envelope, content, null);
1782 cachedMessage.delete();
1783 return actions;
1784 }
1785
1786 public void receiveMessages(
1787 long timeout,
1788 TimeUnit unit,
1789 boolean returnOnTimeout,
1790 boolean ignoreAttachments,
1791 ReceiveMessageHandler handler
1792 ) throws IOException {
1793 retryFailedReceivedMessages(handler, ignoreAttachments);
1794
1795 Set<HandleAction> queuedActions = null;
1796
1797 final var messagePipe = getOrCreateMessagePipe();
1798
1799 var hasCaughtUpWithOldMessages = false;
1800
1801 while (true) {
1802 SignalServiceEnvelope envelope;
1803 SignalServiceContent content = null;
1804 Exception exception = null;
1805 final CachedMessage[] cachedMessage = {null};
1806 try {
1807 var result = messagePipe.readOrEmpty(timeout, unit, envelope1 -> {
1808 final var recipientId = envelope1.hasSource()
1809 ? resolveRecipient(envelope1.getSourceIdentifier())
1810 : null;
1811 // store message on disk, before acknowledging receipt to the server
1812 cachedMessage[0] = account.getMessageCache().cacheMessage(envelope1, recipientId);
1813 });
1814 if (result.isPresent()) {
1815 envelope = result.get();
1816 } else {
1817 // Received indicator that server queue is empty
1818 hasCaughtUpWithOldMessages = true;
1819
1820 if (queuedActions != null) {
1821 for (var action : queuedActions) {
1822 try {
1823 action.execute(this);
1824 } catch (Throwable e) {
1825 logger.warn("Message action failed.", e);
1826 }
1827 }
1828 queuedActions.clear();
1829 queuedActions = null;
1830 }
1831
1832 // Continue to wait another timeout for new messages
1833 continue;
1834 }
1835 } catch (TimeoutException e) {
1836 if (returnOnTimeout) return;
1837 continue;
1838 }
1839
1840 if (envelope.hasSource()) {
1841 // Store uuid if we don't have it already
1842 // address/uuid in envelope is sent by server
1843 resolveRecipientTrusted(envelope.getSourceAddress());
1844 }
1845 final var notAGroupMember = isNotAGroupMember(envelope, content);
1846 if (!envelope.isReceipt()) {
1847 try {
1848 content = decryptMessage(envelope);
1849 } catch (Exception e) {
1850 exception = e;
1851 }
1852 if (!envelope.hasSource() && content != null) {
1853 // Store uuid if we don't have it already
1854 // address/uuid is validated by unidentified sender certificate
1855 resolveRecipientTrusted(content.getSender());
1856 }
1857 var actions = handleMessage(envelope, content, ignoreAttachments);
1858 if (exception instanceof ProtocolInvalidMessageException) {
1859 final var sender = resolveRecipient(((ProtocolInvalidMessageException) exception).getSender());
1860 logger.debug("Received invalid message, queuing renew session action.");
1861 actions.add(new RenewSessionAction(sender));
1862 }
1863 if (hasCaughtUpWithOldMessages) {
1864 for (var action : actions) {
1865 try {
1866 action.execute(this);
1867 } catch (Throwable e) {
1868 logger.warn("Message action failed.", e);
1869 }
1870 }
1871 } else {
1872 if (queuedActions == null) {
1873 queuedActions = new HashSet<>();
1874 }
1875 queuedActions.addAll(actions);
1876 }
1877 }
1878 if (isMessageBlocked(envelope, content)) {
1879 logger.info("Ignoring a message from blocked user/group: {}", envelope.getTimestamp());
1880 } else if (notAGroupMember) {
1881 logger.info("Ignoring a message from a non group member: {}", envelope.getTimestamp());
1882 } else {
1883 handler.handleMessage(envelope, content, exception);
1884 }
1885 if (cachedMessage[0] != null) {
1886 if (exception instanceof org.whispersystems.libsignal.UntrustedIdentityException) {
1887 final var identifier = ((org.whispersystems.libsignal.UntrustedIdentityException) exception).getName();
1888 final var recipientId = resolveRecipient(identifier);
1889 queuedActions.add(new RetrieveProfileAction(recipientId));
1890 if (!envelope.hasSource()) {
1891 try {
1892 cachedMessage[0] = account.getMessageCache().replaceSender(cachedMessage[0], recipientId);
1893 } catch (IOException ioException) {
1894 logger.warn("Failed to move cached message to recipient folder: {}",
1895 ioException.getMessage());
1896 }
1897 }
1898 } else {
1899 cachedMessage[0].delete();
1900 }
1901 }
1902 }
1903 }
1904
1905 private boolean isMessageBlocked(
1906 SignalServiceEnvelope envelope, SignalServiceContent content
1907 ) {
1908 SignalServiceAddress source;
1909 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
1910 source = envelope.getSourceAddress();
1911 } else if (content != null) {
1912 source = content.getSender();
1913 } else {
1914 return false;
1915 }
1916 final var recipientId = resolveRecipient(source);
1917 if (isContactBlocked(recipientId)) {
1918 return true;
1919 }
1920
1921 if (content != null && content.getDataMessage().isPresent()) {
1922 var message = content.getDataMessage().get();
1923 if (message.getGroupContext().isPresent()) {
1924 var groupId = GroupUtils.getGroupId(message.getGroupContext().get());
1925 var group = getGroup(groupId);
1926 if (group != null && group.isBlocked()) {
1927 return true;
1928 }
1929 }
1930 }
1931 return false;
1932 }
1933
1934 public boolean isContactBlocked(final String identifier) throws InvalidNumberException {
1935 final var recipientId = canonicalizeAndResolveRecipient(identifier);
1936 return isContactBlocked(recipientId);
1937 }
1938
1939 private boolean isContactBlocked(final RecipientId recipientId) {
1940 var sourceContact = account.getContactStore().getContact(recipientId);
1941 return sourceContact != null && sourceContact.isBlocked();
1942 }
1943
1944 private boolean isNotAGroupMember(
1945 SignalServiceEnvelope envelope, SignalServiceContent content
1946 ) {
1947 SignalServiceAddress source;
1948 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
1949 source = envelope.getSourceAddress();
1950 } else if (content != null) {
1951 source = content.getSender();
1952 } else {
1953 return false;
1954 }
1955
1956 if (content != null && content.getDataMessage().isPresent()) {
1957 var message = content.getDataMessage().get();
1958 if (message.getGroupContext().isPresent()) {
1959 if (message.getGroupContext().get().getGroupV1().isPresent()) {
1960 var groupInfo = message.getGroupContext().get().getGroupV1().get();
1961 if (groupInfo.getType() == SignalServiceGroup.Type.QUIT) {
1962 return false;
1963 }
1964 }
1965 var groupId = GroupUtils.getGroupId(message.getGroupContext().get());
1966 var group = getGroup(groupId);
1967 if (group != null && !group.isMember(resolveRecipient(source))) {
1968 return true;
1969 }
1970 }
1971 }
1972 return false;
1973 }
1974
1975 private List<HandleAction> handleMessage(
1976 SignalServiceEnvelope envelope, SignalServiceContent content, boolean ignoreAttachments
1977 ) {
1978 var actions = new ArrayList<HandleAction>();
1979 if (content != null) {
1980 final SignalServiceAddress sender;
1981 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
1982 sender = envelope.getSourceAddress();
1983 } else {
1984 sender = content.getSender();
1985 }
1986
1987 if (content.getDataMessage().isPresent()) {
1988 var message = content.getDataMessage().get();
1989
1990 if (content.isNeedsReceipt()) {
1991 actions.add(new SendReceiptAction(sender, message.getTimestamp()));
1992 }
1993
1994 actions.addAll(handleSignalServiceDataMessage(message,
1995 false,
1996 sender,
1997 account.getSelfAddress(),
1998 ignoreAttachments));
1999 }
2000 if (content.getSyncMessage().isPresent()) {
2001 account.setMultiDevice(true);
2002 var syncMessage = content.getSyncMessage().get();
2003 if (syncMessage.getSent().isPresent()) {
2004 var message = syncMessage.getSent().get();
2005 final var destination = message.getDestination().orNull();
2006 actions.addAll(handleSignalServiceDataMessage(message.getMessage(),
2007 true,
2008 sender,
2009 destination,
2010 ignoreAttachments));
2011 }
2012 if (syncMessage.getRequest().isPresent() && account.isMasterDevice()) {
2013 var rm = syncMessage.getRequest().get();
2014 if (rm.isContactsRequest()) {
2015 actions.add(SendSyncContactsAction.create());
2016 }
2017 if (rm.isGroupsRequest()) {
2018 actions.add(SendSyncGroupsAction.create());
2019 }
2020 if (rm.isBlockedListRequest()) {
2021 actions.add(SendSyncBlockedListAction.create());
2022 }
2023 // TODO Handle rm.isConfigurationRequest(); rm.isKeysRequest();
2024 }
2025 if (syncMessage.getGroups().isPresent()) {
2026 File tmpFile = null;
2027 try {
2028 tmpFile = IOUtils.createTempFile();
2029 final var groupsMessage = syncMessage.getGroups().get();
2030 try (var attachmentAsStream = retrieveAttachmentAsStream(groupsMessage.asPointer(), tmpFile)) {
2031 var s = new DeviceGroupsInputStream(attachmentAsStream);
2032 DeviceGroup g;
2033 while ((g = s.read()) != null) {
2034 var syncGroup = account.getGroupStore().getOrCreateGroupV1(GroupId.v1(g.getId()));
2035 if (syncGroup != null) {
2036 if (g.getName().isPresent()) {
2037 syncGroup.name = g.getName().get();
2038 }
2039 syncGroup.addMembers(g.getMembers()
2040 .stream()
2041 .map(this::resolveRecipient)
2042 .collect(Collectors.toSet()));
2043 if (!g.isActive()) {
2044 syncGroup.removeMember(account.getSelfRecipientId());
2045 } else {
2046 // Add ourself to the member set as it's marked as active
2047 syncGroup.addMembers(List.of(account.getSelfRecipientId()));
2048 }
2049 syncGroup.blocked = g.isBlocked();
2050 if (g.getColor().isPresent()) {
2051 syncGroup.color = g.getColor().get();
2052 }
2053
2054 if (g.getAvatar().isPresent()) {
2055 downloadGroupAvatar(g.getAvatar().get(), syncGroup.getGroupId());
2056 }
2057 syncGroup.archived = g.isArchived();
2058 account.getGroupStore().updateGroup(syncGroup);
2059 }
2060 }
2061 }
2062 } catch (Exception e) {
2063 logger.warn("Failed to handle received sync groups “{}”, ignoring: {}",
2064 tmpFile,
2065 e.getMessage());
2066 } finally {
2067 if (tmpFile != null) {
2068 try {
2069 Files.delete(tmpFile.toPath());
2070 } catch (IOException e) {
2071 logger.warn("Failed to delete received groups temp file “{}”, ignoring: {}",
2072 tmpFile,
2073 e.getMessage());
2074 }
2075 }
2076 }
2077 }
2078 if (syncMessage.getBlockedList().isPresent()) {
2079 final var blockedListMessage = syncMessage.getBlockedList().get();
2080 for (var address : blockedListMessage.getAddresses()) {
2081 setContactBlocked(resolveRecipient(address), true);
2082 }
2083 for (var groupId : blockedListMessage.getGroupIds()
2084 .stream()
2085 .map(GroupId::unknownVersion)
2086 .collect(Collectors.toSet())) {
2087 try {
2088 setGroupBlocked(groupId, true);
2089 } catch (GroupNotFoundException e) {
2090 logger.warn("BlockedListMessage contained groupID that was not found in GroupStore: {}",
2091 groupId.toBase64());
2092 }
2093 }
2094 }
2095 if (syncMessage.getContacts().isPresent()) {
2096 File tmpFile = null;
2097 try {
2098 tmpFile = IOUtils.createTempFile();
2099 final var contactsMessage = syncMessage.getContacts().get();
2100 try (var attachmentAsStream = retrieveAttachmentAsStream(contactsMessage.getContactsStream()
2101 .asPointer(), tmpFile)) {
2102 var s = new DeviceContactsInputStream(attachmentAsStream);
2103 DeviceContact c;
2104 while ((c = s.read()) != null) {
2105 if (c.getAddress().matches(account.getSelfAddress()) && c.getProfileKey().isPresent()) {
2106 account.setProfileKey(c.getProfileKey().get());
2107 }
2108 final var recipientId = resolveRecipientTrusted(c.getAddress());
2109 var contact = account.getContactStore().getContact(recipientId);
2110 final var builder = contact == null
2111 ? Contact.newBuilder()
2112 : Contact.newBuilder(contact);
2113 if (c.getName().isPresent()) {
2114 builder.withName(c.getName().get());
2115 }
2116 if (c.getColor().isPresent()) {
2117 builder.withColor(c.getColor().get());
2118 }
2119 if (c.getProfileKey().isPresent()) {
2120 account.getProfileStore().storeProfileKey(recipientId, c.getProfileKey().get());
2121 }
2122 if (c.getVerified().isPresent()) {
2123 final var verifiedMessage = c.getVerified().get();
2124 account.getIdentityKeyStore()
2125 .setIdentityTrustLevel(resolveRecipientTrusted(verifiedMessage.getDestination()),
2126 verifiedMessage.getIdentityKey(),
2127 TrustLevel.fromVerifiedState(verifiedMessage.getVerified()));
2128 }
2129 if (c.getExpirationTimer().isPresent()) {
2130 builder.withMessageExpirationTime(c.getExpirationTimer().get());
2131 }
2132 builder.withBlocked(c.isBlocked());
2133 builder.withArchived(c.isArchived());
2134 account.getContactStore().storeContact(recipientId, builder.build());
2135
2136 if (c.getAvatar().isPresent()) {
2137 downloadContactAvatar(c.getAvatar().get(), c.getAddress());
2138 }
2139 }
2140 }
2141 } catch (Exception e) {
2142 logger.warn("Failed to handle received sync contacts “{}”, ignoring: {}",
2143 tmpFile,
2144 e.getMessage());
2145 } finally {
2146 if (tmpFile != null) {
2147 try {
2148 Files.delete(tmpFile.toPath());
2149 } catch (IOException e) {
2150 logger.warn("Failed to delete received contacts temp file “{}”, ignoring: {}",
2151 tmpFile,
2152 e.getMessage());
2153 }
2154 }
2155 }
2156 }
2157 if (syncMessage.getVerified().isPresent()) {
2158 final var verifiedMessage = syncMessage.getVerified().get();
2159 account.getIdentityKeyStore()
2160 .setIdentityTrustLevel(resolveRecipientTrusted(verifiedMessage.getDestination()),
2161 verifiedMessage.getIdentityKey(),
2162 TrustLevel.fromVerifiedState(verifiedMessage.getVerified()));
2163 }
2164 if (syncMessage.getStickerPackOperations().isPresent()) {
2165 final var stickerPackOperationMessages = syncMessage.getStickerPackOperations().get();
2166 for (var m : stickerPackOperationMessages) {
2167 if (!m.getPackId().isPresent()) {
2168 continue;
2169 }
2170 final var stickerPackId = StickerPackId.deserialize(m.getPackId().get());
2171 var sticker = account.getStickerStore().getSticker(stickerPackId);
2172 if (sticker == null) {
2173 if (!m.getPackKey().isPresent()) {
2174 continue;
2175 }
2176 sticker = new Sticker(stickerPackId, m.getPackKey().get());
2177 }
2178 sticker.setInstalled(!m.getType().isPresent()
2179 || m.getType().get() == StickerPackOperationMessage.Type.INSTALL);
2180 account.getStickerStore().updateSticker(sticker);
2181 }
2182 }
2183 if (syncMessage.getFetchType().isPresent()) {
2184 switch (syncMessage.getFetchType().get()) {
2185 case LOCAL_PROFILE:
2186 getRecipientProfile(account.getSelfRecipientId(), true);
2187 case STORAGE_MANIFEST:
2188 // TODO
2189 }
2190 }
2191 if (syncMessage.getKeys().isPresent()) {
2192 final var keysMessage = syncMessage.getKeys().get();
2193 if (keysMessage.getStorageService().isPresent()) {
2194 final var storageKey = keysMessage.getStorageService().get();
2195 account.setStorageKey(storageKey);
2196 }
2197 }
2198 if (syncMessage.getConfiguration().isPresent()) {
2199 // TODO
2200 }
2201 }
2202 }
2203 return actions;
2204 }
2205
2206 private void downloadContactAvatar(SignalServiceAttachment avatar, SignalServiceAddress address) {
2207 try {
2208 avatarStore.storeContactAvatar(address, outputStream -> retrieveAttachment(avatar, outputStream));
2209 } catch (IOException e) {
2210 logger.warn("Failed to download avatar for contact {}, ignoring: {}", address, e.getMessage());
2211 }
2212 }
2213
2214 private void downloadGroupAvatar(SignalServiceAttachment avatar, GroupId groupId) {
2215 try {
2216 avatarStore.storeGroupAvatar(groupId, outputStream -> retrieveAttachment(avatar, outputStream));
2217 } catch (IOException e) {
2218 logger.warn("Failed to download avatar for group {}, ignoring: {}", groupId.toBase64(), e.getMessage());
2219 }
2220 }
2221
2222 private void downloadGroupAvatar(GroupId groupId, GroupSecretParams groupSecretParams, String cdnKey) {
2223 try {
2224 avatarStore.storeGroupAvatar(groupId,
2225 outputStream -> retrieveGroupV2Avatar(groupSecretParams, cdnKey, outputStream));
2226 } catch (IOException e) {
2227 logger.warn("Failed to download avatar for group {}, ignoring: {}", groupId.toBase64(), e.getMessage());
2228 }
2229 }
2230
2231 private void downloadProfileAvatar(
2232 SignalServiceAddress address, String avatarPath, ProfileKey profileKey
2233 ) {
2234 try {
2235 avatarStore.storeProfileAvatar(address,
2236 outputStream -> retrieveProfileAvatar(avatarPath, profileKey, outputStream));
2237 } catch (Throwable e) {
2238 logger.warn("Failed to download profile avatar, ignoring: {}", e.getMessage());
2239 }
2240 }
2241
2242 public File getAttachmentFile(SignalServiceAttachmentRemoteId attachmentId) {
2243 return attachmentStore.getAttachmentFile(attachmentId);
2244 }
2245
2246 private void downloadAttachment(final SignalServiceAttachment attachment) {
2247 if (!attachment.isPointer()) {
2248 logger.warn("Invalid state, can't store an attachment stream.");
2249 }
2250
2251 var pointer = attachment.asPointer();
2252 if (pointer.getPreview().isPresent()) {
2253 final var preview = pointer.getPreview().get();
2254 try {
2255 attachmentStore.storeAttachmentPreview(pointer.getRemoteId(),
2256 outputStream -> outputStream.write(preview, 0, preview.length));
2257 } catch (IOException e) {
2258 logger.warn("Failed to download attachment preview, ignoring: {}", e.getMessage());
2259 }
2260 }
2261
2262 try {
2263 attachmentStore.storeAttachment(pointer.getRemoteId(),
2264 outputStream -> retrieveAttachmentPointer(pointer, outputStream));
2265 } catch (IOException e) {
2266 logger.warn("Failed to download attachment ({}), ignoring: {}", pointer.getRemoteId(), e.getMessage());
2267 }
2268 }
2269
2270 private void retrieveGroupV2Avatar(
2271 GroupSecretParams groupSecretParams, String cdnKey, OutputStream outputStream
2272 ) throws IOException {
2273 var groupOperations = groupsV2Operations.forGroup(groupSecretParams);
2274
2275 var tmpFile = IOUtils.createTempFile();
2276 try (InputStream input = messageReceiver.retrieveGroupsV2ProfileAvatar(cdnKey,
2277 tmpFile,
2278 ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE)) {
2279 var encryptedData = IOUtils.readFully(input);
2280
2281 var decryptedData = groupOperations.decryptAvatar(encryptedData);
2282 outputStream.write(decryptedData);
2283 } finally {
2284 try {
2285 Files.delete(tmpFile.toPath());
2286 } catch (IOException e) {
2287 logger.warn("Failed to delete received group avatar temp file “{}”, ignoring: {}",
2288 tmpFile,
2289 e.getMessage());
2290 }
2291 }
2292 }
2293
2294 private void retrieveProfileAvatar(
2295 String avatarPath, ProfileKey profileKey, OutputStream outputStream
2296 ) throws IOException {
2297 var tmpFile = IOUtils.createTempFile();
2298 try (var input = messageReceiver.retrieveProfileAvatar(avatarPath,
2299 tmpFile,
2300 profileKey,
2301 ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE)) {
2302 // Use larger buffer size to prevent AssertionError: Need: 12272 but only have: 8192 ...
2303 IOUtils.copyStream(input, outputStream, (int) ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE);
2304 } finally {
2305 try {
2306 Files.delete(tmpFile.toPath());
2307 } catch (IOException e) {
2308 logger.warn("Failed to delete received profile avatar temp file “{}”, ignoring: {}",
2309 tmpFile,
2310 e.getMessage());
2311 }
2312 }
2313 }
2314
2315 private void retrieveAttachment(
2316 final SignalServiceAttachment attachment, final OutputStream outputStream
2317 ) throws IOException {
2318 if (attachment.isPointer()) {
2319 var pointer = attachment.asPointer();
2320 retrieveAttachmentPointer(pointer, outputStream);
2321 } else {
2322 var stream = attachment.asStream();
2323 IOUtils.copyStream(stream.getInputStream(), outputStream);
2324 }
2325 }
2326
2327 private void retrieveAttachmentPointer(
2328 SignalServiceAttachmentPointer pointer, OutputStream outputStream
2329 ) throws IOException {
2330 var tmpFile = IOUtils.createTempFile();
2331 try (var input = retrieveAttachmentAsStream(pointer, tmpFile)) {
2332 IOUtils.copyStream(input, outputStream);
2333 } catch (MissingConfigurationException | InvalidMessageException e) {
2334 throw new IOException(e);
2335 } finally {
2336 try {
2337 Files.delete(tmpFile.toPath());
2338 } catch (IOException e) {
2339 logger.warn("Failed to delete received attachment temp file “{}”, ignoring: {}",
2340 tmpFile,
2341 e.getMessage());
2342 }
2343 }
2344 }
2345
2346 private InputStream retrieveAttachmentAsStream(
2347 SignalServiceAttachmentPointer pointer, File tmpFile
2348 ) throws IOException, InvalidMessageException, MissingConfigurationException {
2349 return messageReceiver.retrieveAttachment(pointer, tmpFile, ServiceConfig.MAX_ATTACHMENT_SIZE);
2350 }
2351
2352 void sendGroups() throws IOException, UntrustedIdentityException {
2353 var groupsFile = IOUtils.createTempFile();
2354
2355 try {
2356 try (OutputStream fos = new FileOutputStream(groupsFile)) {
2357 var out = new DeviceGroupsOutputStream(fos);
2358 for (var record : getGroups()) {
2359 if (record instanceof GroupInfoV1) {
2360 var groupInfo = (GroupInfoV1) record;
2361 out.write(new DeviceGroup(groupInfo.getGroupId().serialize(),
2362 Optional.fromNullable(groupInfo.name),
2363 groupInfo.getMembers()
2364 .stream()
2365 .map(this::resolveSignalServiceAddress)
2366 .collect(Collectors.toList()),
2367 createGroupAvatarAttachment(groupInfo.getGroupId()),
2368 groupInfo.isMember(account.getSelfRecipientId()),
2369 Optional.of(groupInfo.messageExpirationTime),
2370 Optional.fromNullable(groupInfo.color),
2371 groupInfo.blocked,
2372 Optional.absent(),
2373 groupInfo.archived));
2374 }
2375 }
2376 }
2377
2378 if (groupsFile.exists() && groupsFile.length() > 0) {
2379 try (var groupsFileStream = new FileInputStream(groupsFile)) {
2380 var attachmentStream = SignalServiceAttachment.newStreamBuilder()
2381 .withStream(groupsFileStream)
2382 .withContentType("application/octet-stream")
2383 .withLength(groupsFile.length())
2384 .build();
2385
2386 sendSyncMessage(SignalServiceSyncMessage.forGroups(attachmentStream));
2387 }
2388 }
2389 } finally {
2390 try {
2391 Files.delete(groupsFile.toPath());
2392 } catch (IOException e) {
2393 logger.warn("Failed to delete groups temp file “{}”, ignoring: {}", groupsFile, e.getMessage());
2394 }
2395 }
2396 }
2397
2398 public void sendContacts() throws IOException, UntrustedIdentityException {
2399 var contactsFile = IOUtils.createTempFile();
2400
2401 try {
2402 try (OutputStream fos = new FileOutputStream(contactsFile)) {
2403 var out = new DeviceContactsOutputStream(fos);
2404 for (var contactPair : account.getContactStore().getContacts()) {
2405 final var recipientId = contactPair.first();
2406 final var contact = contactPair.second();
2407 final var address = resolveSignalServiceAddress(recipientId);
2408
2409 var currentIdentity = account.getIdentityKeyStore().getIdentity(recipientId);
2410 VerifiedMessage verifiedMessage = null;
2411 if (currentIdentity != null) {
2412 verifiedMessage = new VerifiedMessage(address,
2413 currentIdentity.getIdentityKey(),
2414 currentIdentity.getTrustLevel().toVerifiedState(),
2415 currentIdentity.getDateAdded().getTime());
2416 }
2417
2418 var profileKey = account.getProfileStore().getProfileKey(recipientId);
2419 out.write(new DeviceContact(address,
2420 Optional.fromNullable(contact.getName()),
2421 createContactAvatarAttachment(address),
2422 Optional.fromNullable(contact.getColor()),
2423 Optional.fromNullable(verifiedMessage),
2424 Optional.fromNullable(profileKey),
2425 contact.isBlocked(),
2426 Optional.of(contact.getMessageExpirationTime()),
2427 Optional.absent(),
2428 contact.isArchived()));
2429 }
2430
2431 if (account.getProfileKey() != null) {
2432 // Send our own profile key as well
2433 out.write(new DeviceContact(account.getSelfAddress(),
2434 Optional.absent(),
2435 Optional.absent(),
2436 Optional.absent(),
2437 Optional.absent(),
2438 Optional.of(account.getProfileKey()),
2439 false,
2440 Optional.absent(),
2441 Optional.absent(),
2442 false));
2443 }
2444 }
2445
2446 if (contactsFile.exists() && contactsFile.length() > 0) {
2447 try (var contactsFileStream = new FileInputStream(contactsFile)) {
2448 var attachmentStream = SignalServiceAttachment.newStreamBuilder()
2449 .withStream(contactsFileStream)
2450 .withContentType("application/octet-stream")
2451 .withLength(contactsFile.length())
2452 .build();
2453
2454 sendSyncMessage(SignalServiceSyncMessage.forContacts(new ContactsMessage(attachmentStream, true)));
2455 }
2456 }
2457 } finally {
2458 try {
2459 Files.delete(contactsFile.toPath());
2460 } catch (IOException e) {
2461 logger.warn("Failed to delete contacts temp file “{}”, ignoring: {}", contactsFile, e.getMessage());
2462 }
2463 }
2464 }
2465
2466 void sendBlockedList() throws IOException, UntrustedIdentityException {
2467 var addresses = new ArrayList<SignalServiceAddress>();
2468 for (var record : account.getContactStore().getContacts()) {
2469 if (record.second().isBlocked()) {
2470 addresses.add(resolveSignalServiceAddress(record.first()));
2471 }
2472 }
2473 var groupIds = new ArrayList<byte[]>();
2474 for (var record : getGroups()) {
2475 if (record.isBlocked()) {
2476 groupIds.add(record.getGroupId().serialize());
2477 }
2478 }
2479 sendSyncMessage(SignalServiceSyncMessage.forBlocked(new BlockedListMessage(addresses, groupIds)));
2480 }
2481
2482 private void sendVerifiedMessage(
2483 SignalServiceAddress destination, IdentityKey identityKey, TrustLevel trustLevel
2484 ) throws IOException, UntrustedIdentityException {
2485 var verifiedMessage = new VerifiedMessage(destination,
2486 identityKey,
2487 trustLevel.toVerifiedState(),
2488 System.currentTimeMillis());
2489 sendSyncMessage(SignalServiceSyncMessage.forVerified(verifiedMessage));
2490 }
2491
2492 public List<Pair<RecipientId, Contact>> getContacts() {
2493 return account.getContactStore().getContacts();
2494 }
2495
2496 public String getContactOrProfileName(String number) throws InvalidNumberException {
2497 final var recipientId = canonicalizeAndResolveRecipient(number);
2498 final var recipient = account.getRecipientStore().getRecipient(recipientId);
2499 if (recipient == null) {
2500 return null;
2501 }
2502
2503 if (recipient.getContact() != null && !Util.isEmpty(recipient.getContact().getName())) {
2504 return recipient.getContact().getName();
2505 }
2506
2507 if (recipient.getProfile() != null && recipient.getProfile() != null) {
2508 return recipient.getProfile().getDisplayName();
2509 }
2510
2511 return null;
2512 }
2513
2514 public GroupInfo getGroup(GroupId groupId) {
2515 final var group = account.getGroupStore().getGroup(groupId);
2516 if (group instanceof GroupInfoV2 && ((GroupInfoV2) group).getGroup() == null) {
2517 final var groupSecretParams = GroupSecretParams.deriveFromMasterKey(((GroupInfoV2) group).getMasterKey());
2518 ((GroupInfoV2) group).setGroup(groupHelper.getDecryptedGroup(groupSecretParams), this::resolveRecipient);
2519 account.getGroupStore().updateGroup(group);
2520 }
2521 return group;
2522 }
2523
2524 public List<IdentityInfo> getIdentities() {
2525 return account.getIdentityKeyStore().getIdentities();
2526 }
2527
2528 public List<IdentityInfo> getIdentities(String number) throws InvalidNumberException {
2529 final var identity = account.getIdentityKeyStore().getIdentity(canonicalizeAndResolveRecipient(number));
2530 return identity == null ? List.of() : List.of(identity);
2531 }
2532
2533 /**
2534 * Trust this the identity with this fingerprint
2535 *
2536 * @param name username of the identity
2537 * @param fingerprint Fingerprint
2538 */
2539 public boolean trustIdentityVerified(String name, byte[] fingerprint) throws InvalidNumberException {
2540 var recipientId = canonicalizeAndResolveRecipient(name);
2541 return trustIdentity(recipientId,
2542 identityKey -> Arrays.equals(identityKey.serialize(), fingerprint),
2543 TrustLevel.TRUSTED_VERIFIED);
2544 }
2545
2546 /**
2547 * Trust this the identity with this safety number
2548 *
2549 * @param name username of the identity
2550 * @param safetyNumber Safety number
2551 */
2552 public boolean trustIdentityVerifiedSafetyNumber(String name, String safetyNumber) throws InvalidNumberException {
2553 var recipientId = canonicalizeAndResolveRecipient(name);
2554 var address = account.getRecipientStore().resolveServiceAddress(recipientId);
2555 return trustIdentity(recipientId,
2556 identityKey -> safetyNumber.equals(computeSafetyNumber(address, identityKey)),
2557 TrustLevel.TRUSTED_VERIFIED);
2558 }
2559
2560 /**
2561 * Trust all keys of this identity without verification
2562 *
2563 * @param name username of the identity
2564 */
2565 public boolean trustIdentityAllKeys(String name) throws InvalidNumberException {
2566 var recipientId = canonicalizeAndResolveRecipient(name);
2567 return trustIdentity(recipientId, identityKey -> true, TrustLevel.TRUSTED_UNVERIFIED);
2568 }
2569
2570 private boolean trustIdentity(
2571 RecipientId recipientId, Function<IdentityKey, Boolean> verifier, TrustLevel trustLevel
2572 ) {
2573 var identity = account.getIdentityKeyStore().getIdentity(recipientId);
2574 if (identity == null) {
2575 return false;
2576 }
2577
2578 if (!verifier.apply(identity.getIdentityKey())) {
2579 return false;
2580 }
2581
2582 account.getIdentityKeyStore().setIdentityTrustLevel(recipientId, identity.getIdentityKey(), trustLevel);
2583 try {
2584 var address = account.getRecipientStore().resolveServiceAddress(recipientId);
2585 sendVerifiedMessage(address, identity.getIdentityKey(), trustLevel);
2586 } catch (IOException | UntrustedIdentityException e) {
2587 logger.warn("Failed to send verification sync message: {}", e.getMessage());
2588 }
2589
2590 return true;
2591 }
2592
2593 public String computeSafetyNumber(
2594 SignalServiceAddress theirAddress, IdentityKey theirIdentityKey
2595 ) {
2596 return Utils.computeSafetyNumber(ServiceConfig.capabilities.isUuid(),
2597 account.getSelfAddress(),
2598 getIdentityKeyPair().getPublicKey(),
2599 theirAddress,
2600 theirIdentityKey);
2601 }
2602
2603 @Deprecated
2604 public SignalServiceAddress resolveSignalServiceAddress(String identifier) {
2605 var address = Utils.getSignalServiceAddressFromIdentifier(identifier);
2606
2607 return resolveSignalServiceAddress(address);
2608 }
2609
2610 @Deprecated
2611 public SignalServiceAddress resolveSignalServiceAddress(SignalServiceAddress address) {
2612 if (address.matches(account.getSelfAddress())) {
2613 return account.getSelfAddress();
2614 }
2615
2616 return account.getRecipientStore().resolveServiceAddress(address);
2617 }
2618
2619 public SignalServiceAddress resolveSignalServiceAddress(RecipientId recipientId) {
2620 return account.getRecipientStore().resolveServiceAddress(recipientId);
2621 }
2622
2623 public RecipientId canonicalizeAndResolveRecipient(String identifier) throws InvalidNumberException {
2624 var canonicalizedNumber = UuidUtil.isUuid(identifier)
2625 ? identifier
2626 : PhoneNumberFormatter.formatNumber(identifier, account.getUsername());
2627
2628 return resolveRecipient(canonicalizedNumber);
2629 }
2630
2631 private RecipientId resolveRecipient(final String identifier) {
2632 var address = Utils.getSignalServiceAddressFromIdentifier(identifier);
2633
2634 return resolveRecipient(address);
2635 }
2636
2637 public RecipientId resolveRecipient(SignalServiceAddress address) {
2638 return account.getRecipientStore().resolveRecipient(address);
2639 }
2640
2641 private RecipientId resolveRecipientTrusted(SignalServiceAddress address) {
2642 return account.getRecipientStore().resolveRecipientTrusted(address);
2643 }
2644
2645 @Override
2646 public void close() throws IOException {
2647 close(true);
2648 }
2649
2650 void close(boolean closeAccount) throws IOException {
2651 executor.shutdown();
2652
2653 if (messagePipe != null) {
2654 messagePipe.shutdown();
2655 messagePipe = null;
2656 }
2657
2658 if (unidentifiedMessagePipe != null) {
2659 unidentifiedMessagePipe.shutdown();
2660 unidentifiedMessagePipe = null;
2661 }
2662
2663 if (closeAccount && account != null) {
2664 account.close();
2665 }
2666 account = null;
2667 }
2668
2669 public interface ReceiveMessageHandler {
2670
2671 void handleMessage(SignalServiceEnvelope envelope, SignalServiceContent decryptedContent, Throwable e);
2672 }
2673 }
[GitHub/AsamK] signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Codeberg
GitHub
GitLab
SourceHut