]> nmode's Git Repositories - signal-cli/blob - lib/src/main/java/org/asamk/signal/manager/helper/IncomingMessageHandler.java
git.nmode.ca / signal-cli / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Includ pni signatures if necessary
[signal-cli] / lib / src / main / java / org / asamk / signal / manager / helper / IncomingMessageHandler.java
1 package org.asamk.signal.manager.helper;
2
3 import org.asamk.signal.manager.Manager;
4 import org.asamk.signal.manager.actions.HandleAction;
5 import org.asamk.signal.manager.actions.RefreshPreKeysAction;
6 import org.asamk.signal.manager.actions.RenewSessionAction;
7 import org.asamk.signal.manager.actions.ResendMessageAction;
8 import org.asamk.signal.manager.actions.RetrieveProfileAction;
9 import org.asamk.signal.manager.actions.SendGroupInfoAction;
10 import org.asamk.signal.manager.actions.SendGroupInfoRequestAction;
11 import org.asamk.signal.manager.actions.SendProfileKeyAction;
12 import org.asamk.signal.manager.actions.SendReceiptAction;
13 import org.asamk.signal.manager.actions.SendRetryMessageRequestAction;
14 import org.asamk.signal.manager.actions.SendSyncBlockedListAction;
15 import org.asamk.signal.manager.actions.SendSyncConfigurationAction;
16 import org.asamk.signal.manager.actions.SendSyncContactsAction;
17 import org.asamk.signal.manager.actions.SendSyncGroupsAction;
18 import org.asamk.signal.manager.actions.SendSyncKeysAction;
19 import org.asamk.signal.manager.actions.SyncStorageDataAction;
20 import org.asamk.signal.manager.actions.UpdateAccountAttributesAction;
21 import org.asamk.signal.manager.api.GroupId;
22 import org.asamk.signal.manager.api.GroupNotFoundException;
23 import org.asamk.signal.manager.api.MessageEnvelope;
24 import org.asamk.signal.manager.api.Pair;
25 import org.asamk.signal.manager.api.Profile;
26 import org.asamk.signal.manager.api.ReceiveConfig;
27 import org.asamk.signal.manager.api.StickerPackId;
28 import org.asamk.signal.manager.api.TrustLevel;
29 import org.asamk.signal.manager.api.UntrustedIdentityException;
30 import org.asamk.signal.manager.groups.GroupUtils;
31 import org.asamk.signal.manager.internal.SignalDependencies;
32 import org.asamk.signal.manager.jobs.RetrieveStickerPackJob;
33 import org.asamk.signal.manager.storage.SignalAccount;
34 import org.asamk.signal.manager.storage.groups.GroupInfoV1;
35 import org.asamk.signal.manager.storage.recipients.RecipientId;
36 import org.asamk.signal.manager.storage.stickers.StickerPack;
37 import org.signal.libsignal.metadata.ProtocolInvalidKeyException;
38 import org.signal.libsignal.metadata.ProtocolInvalidKeyIdException;
39 import org.signal.libsignal.metadata.ProtocolInvalidMessageException;
40 import org.signal.libsignal.metadata.ProtocolNoSessionException;
41 import org.signal.libsignal.metadata.ProtocolUntrustedIdentityException;
42 import org.signal.libsignal.metadata.SelfSendException;
43 import org.signal.libsignal.protocol.InvalidMessageException;
44 import org.signal.libsignal.protocol.groups.GroupSessionBuilder;
45 import org.signal.libsignal.protocol.message.DecryptionErrorMessage;
46 import org.signal.libsignal.zkgroup.InvalidInputException;
47 import org.signal.libsignal.zkgroup.profiles.ProfileKey;
48 import org.slf4j.Logger;
49 import org.slf4j.LoggerFactory;
50 import org.whispersystems.signalservice.api.InvalidMessageStructureException;
51 import org.whispersystems.signalservice.api.crypto.SignalGroupSessionBuilder;
52 import org.whispersystems.signalservice.api.crypto.SignalServiceCipherResult;
53 import org.whispersystems.signalservice.api.messages.EnvelopeContentValidator;
54 import org.whispersystems.signalservice.api.messages.SignalServiceContent;
55 import org.whispersystems.signalservice.api.messages.SignalServiceDataMessage;
56 import org.whispersystems.signalservice.api.messages.SignalServiceEnvelope;
57 import org.whispersystems.signalservice.api.messages.SignalServiceGroup;
58 import org.whispersystems.signalservice.api.messages.SignalServiceGroupContext;
59 import org.whispersystems.signalservice.api.messages.SignalServiceGroupV2;
60 import org.whispersystems.signalservice.api.messages.SignalServicePniSignatureMessage;
61 import org.whispersystems.signalservice.api.messages.SignalServiceReceiptMessage;
62 import org.whispersystems.signalservice.api.messages.SignalServiceStoryMessage;
63 import org.whispersystems.signalservice.api.messages.multidevice.SignalServiceSyncMessage;
64 import org.whispersystems.signalservice.api.messages.multidevice.StickerPackOperationMessage;
65 import org.whispersystems.signalservice.api.push.ServiceId;
66 import org.whispersystems.signalservice.api.push.ServiceId.ACI;
67 import org.whispersystems.signalservice.api.push.SignalServiceAddress;
68 import org.whispersystems.signalservice.internal.push.Envelope;
69 import org.whispersystems.signalservice.internal.push.UnsupportedDataMessageException;
70
71 import java.util.ArrayList;
72 import java.util.List;
73 import java.util.Optional;
74 import java.util.stream.Collectors;
75
76 public final class IncomingMessageHandler {
77
78 private static final Logger logger = LoggerFactory.getLogger(IncomingMessageHandler.class);
79
80 private final SignalAccount account;
81 private final SignalDependencies dependencies;
82 private final Context context;
83
84 public IncomingMessageHandler(final Context context) {
85 this.account = context.getAccount();
86 this.dependencies = context.getDependencies();
87 this.context = context;
88 }
89
90 public Pair<List<HandleAction>, Exception> handleRetryEnvelope(
91 final SignalServiceEnvelope envelope,
92 final ReceiveConfig receiveConfig,
93 final Manager.ReceiveMessageHandler handler
94 ) {
95 final List<HandleAction> actions = new ArrayList<>();
96 if (envelope.isPreKeySignalMessage()) {
97 actions.add(RefreshPreKeysAction.create());
98 }
99
100 SignalServiceContent content = null;
101 if (!envelope.isReceipt()) {
102 account.getIdentityKeyStore().setRetryingDecryption(true);
103 try {
104 final var cipherResult = dependencies.getCipher()
105 .decrypt(envelope.getProto(), envelope.getServerDeliveredTimestamp());
106 content = validate(envelope.getProto(), cipherResult, envelope.getServerDeliveredTimestamp());
107 if (content == null) {
108 return new Pair<>(List.of(), null);
109 }
110 } catch (ProtocolUntrustedIdentityException e) {
111 final var recipientId = account.getRecipientResolver().resolveRecipient(e.getSender());
112 final var exception = new UntrustedIdentityException(account.getRecipientAddressResolver()
113 .resolveRecipientAddress(recipientId)
114 .toApiRecipientAddress(), e.getSenderDevice());
115 return new Pair<>(List.of(), exception);
116 } catch (Exception e) {
117 return new Pair<>(List.of(), e);
118 } finally {
119 account.getIdentityKeyStore().setRetryingDecryption(false);
120 }
121 }
122 actions.addAll(checkAndHandleMessage(envelope, content, receiveConfig, handler, null));
123 return new Pair<>(actions, null);
124 }
125
126 public Pair<List<HandleAction>, Exception> handleEnvelope(
127 final SignalServiceEnvelope envelope,
128 final ReceiveConfig receiveConfig,
129 final Manager.ReceiveMessageHandler handler
130 ) {
131 final var actions = new ArrayList<HandleAction>();
132 SignalServiceContent content = null;
133 Exception exception = null;
134 envelope.getSourceServiceId().map(ServiceId::parseOrNull)
135 // Store uuid if we don't have it already
136 // uuid in envelope is sent by server
137 .ifPresent(serviceId -> account.getRecipientResolver().resolveRecipient(serviceId));
138 if (!envelope.isReceipt()) {
139 try {
140 final var cipherResult = dependencies.getCipher()
141 .decrypt(envelope.getProto(), envelope.getServerDeliveredTimestamp());
142 content = validate(envelope.getProto(), cipherResult, envelope.getServerDeliveredTimestamp());
143 if (content == null) {
144 return new Pair<>(List.of(), null);
145 }
146 } catch (ProtocolUntrustedIdentityException e) {
147 final var recipientId = account.getRecipientResolver().resolveRecipient(e.getSender());
148 actions.add(new RetrieveProfileAction(recipientId));
149 exception = new UntrustedIdentityException(account.getRecipientAddressResolver()
150 .resolveRecipientAddress(recipientId)
151 .toApiRecipientAddress(), e.getSenderDevice());
152 } catch (ProtocolInvalidKeyIdException | ProtocolInvalidKeyException | ProtocolNoSessionException |
153 ProtocolInvalidMessageException e) {
154 logger.debug("Failed to decrypt incoming message", e);
155 final var sender = account.getRecipientResolver().resolveRecipient(e.getSender());
156 if (context.getContactHelper().isContactBlocked(sender)) {
157 logger.debug("Received invalid message from blocked contact, ignoring.");
158 } else {
159 final var senderProfile = context.getProfileHelper().getRecipientProfile(sender);
160 final var selfProfile = context.getProfileHelper().getSelfProfile();
161 var serviceId = ServiceId.parseOrNull(e.getSender());
162 if (serviceId == null) {
163 // Workaround for libsignal-client issue #492
164 serviceId = account.getRecipientAddressResolver()
165 .resolveRecipientAddress(sender)
166 .serviceId()
167 .orElse(null);
168 }
169 if (serviceId != null) {
170 final var isSelf = sender.equals(account.getSelfRecipientId())
171 && e.getSenderDevice() == account.getDeviceId();
172 final var isSenderSenderKeyCapable = senderProfile != null && senderProfile.getCapabilities()
173 .contains(Profile.Capability.senderKey);
174 final var isSelfSenderKeyCapable = selfProfile != null && selfProfile.getCapabilities()
175 .contains(Profile.Capability.senderKey);
176 final var destination = getDestination(envelope).serviceId();
177 if (!isSelf && isSenderSenderKeyCapable && isSelfSenderKeyCapable) {
178 logger.debug("Received invalid message, requesting message resend.");
179 actions.add(new SendRetryMessageRequestAction(sender, serviceId, e, envelope, destination));
180 } else {
181 logger.debug("Received invalid message, queuing renew session action.");
182 actions.add(new RenewSessionAction(sender, serviceId, destination));
183 }
184 } else {
185 logger.debug("Received invalid message from invalid sender: {}", e.getSender());
186 }
187 }
188 exception = e;
189 } catch (SelfSendException e) {
190 logger.debug("Dropping unidentified message from self.");
191 return new Pair<>(List.of(), null);
192 } catch (Exception e) {
193 logger.debug("Failed to handle incoming message", e);
194 exception = e;
195 }
196 }
197
198 actions.addAll(checkAndHandleMessage(envelope, content, receiveConfig, handler, exception));
199 return new Pair<>(actions, exception);
200 }
201
202 private SignalServiceContent validate(
203 Envelope envelope, SignalServiceCipherResult cipherResult, long serverDeliveredTimestamp
204 ) throws ProtocolInvalidKeyException, ProtocolInvalidMessageException, UnsupportedDataMessageException, InvalidMessageStructureException {
205 final var content = cipherResult.getContent();
206 final var envelopeMetadata = cipherResult.getMetadata();
207 final var validationResult = EnvelopeContentValidator.INSTANCE.validate(envelope, content);
208
209 if (validationResult instanceof EnvelopeContentValidator.Result.Invalid v) {
210 logger.warn("Invalid content! {}", v.getReason(), v.getThrowable());
211 return null;
212 }
213
214 if (validationResult instanceof EnvelopeContentValidator.Result.UnsupportedDataMessage v) {
215 logger.warn("Unsupported DataMessage! Our version: {}, their version: {}",
216 v.getOurVersion(),
217 v.getTheirVersion());
218 return null;
219 }
220
221 return SignalServiceContent.Companion.createFrom(account.getNumber(),
222 envelope,
223 envelopeMetadata,
224 content,
225 serverDeliveredTimestamp);
226 }
227
228 private List<HandleAction> checkAndHandleMessage(
229 final SignalServiceEnvelope envelope,
230 final SignalServiceContent content,
231 final ReceiveConfig receiveConfig,
232 final Manager.ReceiveMessageHandler handler,
233 final Exception exception
234 ) {
235 if (content != null) {
236 // Store uuid if we don't have it already
237 // address/uuid is validated by unidentified sender certificate
238
239 boolean handledPniSignature = false;
240 if (content.getPniSignatureMessage().isPresent()) {
241 final var message = content.getPniSignatureMessage().get();
242 final var senderAddress = getSenderAddress(envelope, content);
243 if (senderAddress != null) {
244 handledPniSignature = handlePniSignatureMessage(message, senderAddress);
245 }
246 }
247 if (!handledPniSignature) {
248 account.getRecipientTrustedResolver().resolveRecipientTrusted(content.getSender());
249 }
250 }
251 if (envelope.isReceipt()) {
252 final var senderDeviceAddress = getSender(envelope, content);
253 final var sender = senderDeviceAddress.serviceId();
254 final var senderDeviceId = senderDeviceAddress.deviceId();
255 account.getMessageSendLogStore().deleteEntryForRecipient(envelope.getTimestamp(), sender, senderDeviceId);
256 }
257
258 var notAllowedToSendToGroup = isNotAllowedToSendToGroup(envelope, content);
259 final var groupContext = getGroupContext(content);
260 if (groupContext != null && groupContext.getGroupV2().isPresent()) {
261 handleGroupV2Context(groupContext.getGroupV2().get());
262 }
263 // Check again in case the user just joined the group
264 notAllowedToSendToGroup = notAllowedToSendToGroup && isNotAllowedToSendToGroup(envelope, content);
265
266 if (isMessageBlocked(envelope, content)) {
267 logger.info("Ignoring a message from blocked user/group: {}", envelope.getTimestamp());
268 return List.of();
269 } else if (notAllowedToSendToGroup) {
270 final var senderAddress = getSenderAddress(envelope, content);
271 logger.info("Ignoring a group message from an unauthorized sender (no member or admin): {} {}",
272 senderAddress == null ? null : senderAddress.getIdentifier(),
273 envelope.getTimestamp());
274 return List.of();
275 } else {
276 List<HandleAction> actions;
277 if (content != null) {
278 actions = handleMessage(envelope, content, receiveConfig);
279 } else {
280 actions = List.of();
281 }
282 handler.handleMessage(MessageEnvelope.from(envelope,
283 content,
284 account.getRecipientResolver(),
285 account.getRecipientAddressResolver(),
286 context.getAttachmentHelper()::getAttachmentFile,
287 exception), exception);
288 return actions;
289 }
290 }
291
292 public List<HandleAction> handleMessage(
293 SignalServiceEnvelope envelope, SignalServiceContent content, ReceiveConfig receiveConfig
294 ) {
295 var actions = new ArrayList<HandleAction>();
296 final var senderDeviceAddress = getSender(envelope, content);
297 final var sender = senderDeviceAddress.recipientId();
298 final var senderServiceId = senderDeviceAddress.serviceId();
299 final var senderDeviceId = senderDeviceAddress.deviceId();
300 final var destination = getDestination(envelope);
301
302 if (account.getPni().equals(destination.serviceId)) {
303 account.getRecipientStore().markNeedsPniSignature(destination.recipientId, true);
304 } else if (account.getAci().equals(destination.serviceId)) {
305 account.getRecipientStore().markNeedsPniSignature(destination.recipientId, false);
306 }
307
308 if (content.getReceiptMessage().isPresent()) {
309 final var message = content.getReceiptMessage().get();
310 if (message.isDeliveryReceipt()) {
311 account.getMessageSendLogStore()
312 .deleteEntriesForRecipient(message.getTimestamps(), senderServiceId, senderDeviceId);
313 }
314 }
315
316 if (content.getSenderKeyDistributionMessage().isPresent()) {
317 final var message = content.getSenderKeyDistributionMessage().get();
318 final var protocolAddress = senderServiceId.toProtocolAddress(senderDeviceId);
319 logger.debug("Received a sender key distribution message for distributionId {} from {}",
320 message.getDistributionId(),
321 protocolAddress);
322 new SignalGroupSessionBuilder(dependencies.getSessionLock(),
323 new GroupSessionBuilder(account.getSenderKeyStore())).process(protocolAddress, message);
324 }
325
326 if (content.getDecryptionErrorMessage().isPresent()) {
327 var message = content.getDecryptionErrorMessage().get();
328 logger.debug("Received a decryption error message from {}.{} (resend request for {})",
329 sender,
330 senderDeviceId,
331 message.getTimestamp());
332 if (message.getDeviceId() == account.getDeviceId()) {
333 handleDecryptionErrorMessage(actions,
334 sender,
335 senderServiceId,
336 senderDeviceId,
337 message,
338 destination.serviceId());
339 } else {
340 logger.debug("Request is for another one of our devices");
341 }
342 }
343
344 if (content.getDataMessage().isPresent() || content.getEditMessage().isPresent()) {
345 var message = content.getDataMessage().isPresent()
346 ? content.getDataMessage().get()
347 : content.getEditMessage().get().getDataMessage();
348
349 if (content.isNeedsReceipt()) {
350 actions.add(new SendReceiptAction(sender,
351 SignalServiceReceiptMessage.Type.DELIVERY,
352 message.getTimestamp()));
353 } else {
354 // Message wasn't sent as unidentified sender message
355 final var contact = context.getAccount().getContactStore().getContact(sender);
356 if (account.isPrimaryDevice()
357 && contact != null
358 && !contact.isBlocked()
359 && contact.isProfileSharingEnabled()) {
360 actions.add(UpdateAccountAttributesAction.create());
361 actions.add(new SendProfileKeyAction(sender));
362 }
363 }
364 if (receiveConfig.sendReadReceipts()) {
365 actions.add(new SendReceiptAction(sender,
366 SignalServiceReceiptMessage.Type.READ,
367 message.getTimestamp()));
368 }
369
370 actions.addAll(handleSignalServiceDataMessage(message,
371 false,
372 senderDeviceAddress,
373 destination,
374 receiveConfig.ignoreAttachments()));
375 }
376
377 if (content.getStoryMessage().isPresent()) {
378 final var message = content.getStoryMessage().get();
379 actions.addAll(handleSignalServiceStoryMessage(message, sender, receiveConfig.ignoreAttachments()));
380 }
381
382 if (content.getSyncMessage().isPresent()) {
383 var syncMessage = content.getSyncMessage().get();
384 actions.addAll(handleSyncMessage(envelope,
385 syncMessage,
386 senderDeviceAddress,
387 receiveConfig.ignoreAttachments()));
388 }
389
390 return actions;
391 }
392
393 private boolean handlePniSignatureMessage(
394 final SignalServicePniSignatureMessage message, final SignalServiceAddress senderAddress
395 ) {
396 final var aci = senderAddress.getServiceId();
397 final var aciIdentity = account.getIdentityKeyStore().getIdentityInfo(aci);
398 final var pni = message.getPni();
399 final var pniIdentity = account.getIdentityKeyStore().getIdentityInfo(pni);
400
401 if (aciIdentity == null || pniIdentity == null || aci.equals(pni)) {
402 return false;
403 }
404
405 final var verified = pniIdentity.getIdentityKey()
406 .verifyAlternateIdentity(aciIdentity.getIdentityKey(), message.getSignature());
407
408 if (!verified) {
409 logger.debug("Invalid PNI signature of ACI {} with PNI {}", aci, pni);
410 return false;
411 }
412
413 logger.debug("Verified association of ACI {} with PNI {}", aci, pni);
414 account.getRecipientTrustedResolver()
415 .resolveRecipientTrusted(Optional.of(ACI.from(aci.getRawUuid())),
416 Optional.of(pni),
417 senderAddress.getNumber());
418 return true;
419 }
420
421 private void handleDecryptionErrorMessage(
422 final List<HandleAction> actions,
423 final RecipientId sender,
424 final ServiceId senderServiceId,
425 final int senderDeviceId,
426 final DecryptionErrorMessage message,
427 final ServiceId destination
428 ) {
429 final var logEntries = account.getMessageSendLogStore()
430 .findMessages(senderServiceId,
431 senderDeviceId,
432 message.getTimestamp(),
433 message.getRatchetKey().isEmpty());
434
435 for (final var logEntry : logEntries) {
436 actions.add(new ResendMessageAction(sender, message.getTimestamp(), logEntry));
437 }
438
439 if (message.getRatchetKey().isPresent()) {
440 final var sessionStore = account.getAccountData(destination).getSessionStore();
441 if (sessionStore.isCurrentRatchetKey(senderServiceId, senderDeviceId, message.getRatchetKey().get())) {
442 if (logEntries.isEmpty()) {
443 logger.debug("Renewing the session with sender");
444 actions.add(new RenewSessionAction(sender, senderServiceId, destination));
445 } else {
446 logger.trace("Archiving the session with sender, a resend message has already been queued");
447 sessionStore.archiveSessions(senderServiceId);
448 }
449 }
450 return;
451 }
452
453 var found = false;
454 for (final var logEntry : logEntries) {
455 if (logEntry.groupId().isEmpty()) {
456 continue;
457 }
458 final var group = account.getGroupStore().getGroup(logEntry.groupId().get());
459 if (group == null) {
460 continue;
461 }
462 found = true;
463 logger.trace("Deleting shared sender key with {} ({}): {}",
464 sender,
465 senderDeviceId,
466 group.getDistributionId());
467 account.getSenderKeyStore().deleteSharedWith(senderServiceId, senderDeviceId, group.getDistributionId());
468 }
469 if (!found) {
470 logger.debug("Reset all shared sender keys with this recipient, no related message found in send log");
471 account.getSenderKeyStore().deleteSharedWith(senderServiceId);
472 }
473 }
474
475 private List<HandleAction> handleSyncMessage(
476 final SignalServiceEnvelope envelope,
477 final SignalServiceSyncMessage syncMessage,
478 final DeviceAddress sender,
479 final boolean ignoreAttachments
480 ) {
481 var actions = new ArrayList<HandleAction>();
482 account.setMultiDevice(true);
483 if (syncMessage.getSent().isPresent()) {
484 var message = syncMessage.getSent().get();
485 final var destination = message.getDestination().orElse(null);
486 if (message.getDataMessage().isPresent()) {
487 actions.addAll(handleSignalServiceDataMessage(message.getDataMessage().get(),
488 true,
489 sender,
490 destination == null
491 ? null
492 : new DeviceAddress(account.getRecipientResolver().resolveRecipient(destination),
493 destination.getServiceId(),
494 0),
495 ignoreAttachments));
496 }
497 if (message.getStoryMessage().isPresent()) {
498 actions.addAll(handleSignalServiceStoryMessage(message.getStoryMessage().get(),
499 sender.recipientId(),
500 ignoreAttachments));
501 }
502 }
503 if (syncMessage.getRequest().isPresent() && account.isPrimaryDevice()) {
504 var rm = syncMessage.getRequest().get();
505 if (rm.isContactsRequest()) {
506 actions.add(SendSyncContactsAction.create());
507 }
508 if (rm.isGroupsRequest()) {
509 actions.add(SendSyncGroupsAction.create());
510 }
511 if (rm.isBlockedListRequest()) {
512 actions.add(SendSyncBlockedListAction.create());
513 }
514 if (rm.isKeysRequest()) {
515 actions.add(SendSyncKeysAction.create());
516 }
517 if (rm.isConfigurationRequest()) {
518 actions.add(SendSyncConfigurationAction.create());
519 }
520 actions.add(SyncStorageDataAction.create());
521 }
522 if (syncMessage.getGroups().isPresent()) {
523 try {
524 final var groupsMessage = syncMessage.getGroups().get();
525 context.getAttachmentHelper()
526 .retrieveAttachment(groupsMessage, context.getSyncHelper()::handleSyncDeviceGroups);
527 } catch (Exception e) {
528 logger.warn("Failed to handle received sync groups, ignoring: {}", e.getMessage());
529 }
530 }
531 if (syncMessage.getBlockedList().isPresent()) {
532 final var blockedListMessage = syncMessage.getBlockedList().get();
533 for (var address : blockedListMessage.getAddresses()) {
534 context.getContactHelper()
535 .setContactBlocked(account.getRecipientResolver().resolveRecipient(address), true);
536 }
537 for (var groupId : blockedListMessage.getGroupIds()
538 .stream()
539 .map(GroupId::unknownVersion)
540 .collect(Collectors.toSet())) {
541 try {
542 context.getGroupHelper().setGroupBlocked(groupId, true);
543 } catch (GroupNotFoundException e) {
544 logger.warn("BlockedListMessage contained groupID that was not found in GroupStore: {}",
545 groupId.toBase64());
546 }
547 }
548 }
549 if (syncMessage.getContacts().isPresent()) {
550 try {
551 final var contactsMessage = syncMessage.getContacts().get();
552 context.getAttachmentHelper()
553 .retrieveAttachment(contactsMessage.getContactsStream(),
554 context.getSyncHelper()::handleSyncDeviceContacts);
555 } catch (Exception e) {
556 logger.warn("Failed to handle received sync contacts, ignoring: {}", e.getMessage());
557 }
558 }
559 if (syncMessage.getVerified().isPresent()) {
560 final var verifiedMessage = syncMessage.getVerified().get();
561 account.getIdentityKeyStore()
562 .setIdentityTrustLevel(verifiedMessage.getDestination().getServiceId(),
563 verifiedMessage.getIdentityKey(),
564 TrustLevel.fromVerifiedState(verifiedMessage.getVerified()));
565 }
566 if (syncMessage.getStickerPackOperations().isPresent()) {
567 final var stickerPackOperationMessages = syncMessage.getStickerPackOperations().get();
568 for (var m : stickerPackOperationMessages) {
569 if (m.getPackId().isEmpty()) {
570 continue;
571 }
572 final var stickerPackId = StickerPackId.deserialize(m.getPackId().get());
573 final var stickerPackKey = m.getPackKey().orElse(null);
574 final var installed = m.getType().isEmpty()
575 || m.getType().get() == StickerPackOperationMessage.Type.INSTALL;
576
577 final var sticker = context.getStickerHelper()
578 .addOrUpdateStickerPack(stickerPackId, stickerPackKey, installed);
579
580 if (sticker != null && installed) {
581 context.getJobExecutor().enqueueJob(new RetrieveStickerPackJob(stickerPackId, sticker.packKey()));
582 }
583 }
584 }
585 if (syncMessage.getFetchType().isPresent()) {
586 switch (syncMessage.getFetchType().get()) {
587 case LOCAL_PROFILE -> actions.add(new RetrieveProfileAction(account.getSelfRecipientId()));
588 case STORAGE_MANIFEST -> actions.add(SyncStorageDataAction.create());
589 }
590 }
591 if (syncMessage.getKeys().isPresent()) {
592 final var keysMessage = syncMessage.getKeys().get();
593 if (keysMessage.getStorageService().isPresent()) {
594 final var storageKey = keysMessage.getStorageService().get();
595 account.setStorageKey(storageKey);
596 actions.add(SyncStorageDataAction.create());
597 }
598 if (keysMessage.getMaster().isPresent()) {
599 final var masterKey = keysMessage.getMaster().get();
600 account.setMasterKey(masterKey);
601 actions.add(SyncStorageDataAction.create());
602 }
603 }
604 if (syncMessage.getConfiguration().isPresent()) {
605 final var configurationMessage = syncMessage.getConfiguration().get();
606 final var configurationStore = account.getConfigurationStore();
607 if (configurationMessage.getReadReceipts().isPresent()) {
608 configurationStore.setReadReceipts(configurationMessage.getReadReceipts().get());
609 }
610 if (configurationMessage.getLinkPreviews().isPresent()) {
611 configurationStore.setLinkPreviews(configurationMessage.getLinkPreviews().get());
612 }
613 if (configurationMessage.getTypingIndicators().isPresent()) {
614 configurationStore.setTypingIndicators(configurationMessage.getTypingIndicators().get());
615 }
616 if (configurationMessage.getUnidentifiedDeliveryIndicators().isPresent()) {
617 configurationStore.setUnidentifiedDeliveryIndicators(configurationMessage.getUnidentifiedDeliveryIndicators()
618 .get());
619 }
620 }
621 if (syncMessage.getPniChangeNumber().isPresent()) {
622 final var pniChangeNumber = syncMessage.getPniChangeNumber().get();
623 logger.debug("Received PNI change number sync message, applying.");
624 final var updatedPniString = envelope.getUpdatedPni();
625 if (updatedPniString != null && !updatedPniString.isEmpty()) {
626 final var updatedPni = ServiceId.PNI.parseOrThrow(updatedPniString);
627 context.getAccountHelper().handlePniChangeNumberMessage(pniChangeNumber, updatedPni);
628 }
629 }
630 return actions;
631 }
632
633 private SignalServiceGroupContext getGroupContext(SignalServiceContent content) {
634 if (content == null) {
635 return null;
636 }
637
638 if (content.getDataMessage().isPresent()) {
639 var message = content.getDataMessage().get();
640 if (message.getGroupContext().isPresent()) {
641 return message.getGroupContext().get();
642 }
643 }
644
645 if (content.getStoryMessage().isPresent()) {
646 var message = content.getStoryMessage().get();
647 if (message.getGroupContext().isPresent()) {
648 try {
649 return SignalServiceGroupContext.create(null, message.getGroupContext().get());
650 } catch (InvalidMessageException e) {
651 throw new AssertionError(e);
652 }
653 }
654 }
655
656 return null;
657 }
658
659 private boolean isMessageBlocked(SignalServiceEnvelope envelope, SignalServiceContent content) {
660 SignalServiceAddress source = getSenderAddress(envelope, content);
661 if (source == null) {
662 return false;
663 }
664 final var recipientId = account.getRecipientResolver().resolveRecipient(source);
665 if (context.getContactHelper().isContactBlocked(recipientId)) {
666 return true;
667 }
668
669 final var groupContext = getGroupContext(content);
670 if (groupContext != null) {
671 var groupId = GroupUtils.getGroupId(groupContext);
672 return context.getGroupHelper().isGroupBlocked(groupId);
673 }
674
675 return false;
676 }
677
678 private boolean isNotAllowedToSendToGroup(SignalServiceEnvelope envelope, SignalServiceContent content) {
679 SignalServiceAddress source = getSenderAddress(envelope, content);
680 if (source == null) {
681 return false;
682 }
683
684 final var groupContext = getGroupContext(content);
685 if (groupContext == null) {
686 return false;
687 }
688
689 if (groupContext.getGroupV1().isPresent()) {
690 var groupInfo = groupContext.getGroupV1().get();
691 if (groupInfo.getType() == SignalServiceGroup.Type.QUIT) {
692 return false;
693 }
694 }
695
696 var groupId = GroupUtils.getGroupId(groupContext);
697 var group = context.getGroupHelper().getGroup(groupId);
698 if (group == null) {
699 return false;
700 }
701
702 final var message = content.getDataMessage().orElse(null);
703
704 final var recipientId = account.getRecipientResolver().resolveRecipient(source);
705 if (!group.isMember(recipientId) && !(
706 group.isPendingMember(recipientId) && message != null && message.isGroupV2Update()
707 )) {
708 return true;
709 }
710
711 if (group.isAnnouncementGroup() && !group.isAdmin(recipientId)) {
712 return message == null
713 || message.getBody().isPresent()
714 || message.getAttachments().isPresent()
715 || message.getQuote().isPresent()
716 || message.getPreviews().isPresent()
717 || message.getMentions().isPresent()
718 || message.getSticker().isPresent();
719 }
720 return false;
721 }
722
723 private List<HandleAction> handleSignalServiceDataMessage(
724 SignalServiceDataMessage message,
725 boolean isSync,
726 DeviceAddress source,
727 DeviceAddress destination,
728 boolean ignoreAttachments
729 ) {
730 var actions = new ArrayList<HandleAction>();
731 if (message.getGroupContext().isPresent()) {
732 final var groupContext = message.getGroupContext().get();
733 if (groupContext.getGroupV1().isPresent()) {
734 var groupInfo = groupContext.getGroupV1().get();
735 var groupId = GroupId.v1(groupInfo.getGroupId());
736 var group = context.getGroupHelper().getGroup(groupId);
737 if (group == null || group instanceof GroupInfoV1) {
738 var groupV1 = (GroupInfoV1) group;
739 switch (groupInfo.getType()) {
740 case UPDATE -> {
741 if (groupV1 == null) {
742 groupV1 = new GroupInfoV1(groupId);
743 }
744
745 if (groupInfo.getAvatar().isPresent()) {
746 var avatar = groupInfo.getAvatar().get();
747 context.getGroupHelper().downloadGroupAvatar(groupV1.getGroupId(), avatar);
748 }
749
750 if (groupInfo.getName().isPresent()) {
751 groupV1.name = groupInfo.getName().get();
752 }
753
754 if (groupInfo.getMembers().isPresent()) {
755 final var recipientResolver = account.getRecipientResolver();
756 groupV1.addMembers(groupInfo.getMembers()
757 .get()
758 .stream()
759 .map(recipientResolver::resolveRecipient)
760 .collect(Collectors.toSet()));
761 }
762
763 account.getGroupStore().updateGroup(groupV1);
764 }
765 case DELIVER -> {
766 if (groupV1 == null && !isSync) {
767 actions.add(new SendGroupInfoRequestAction(source.recipientId(), groupId));
768 }
769 }
770 case QUIT -> {
771 if (groupV1 != null) {
772 groupV1.removeMember(source.recipientId());
773 account.getGroupStore().updateGroup(groupV1);
774 }
775 }
776 case REQUEST_INFO -> {
777 if (groupV1 != null && !isSync) {
778 actions.add(new SendGroupInfoAction(source.recipientId(), groupV1.getGroupId()));
779 }
780 }
781 }
782 } else {
783 // Received a group v1 message for a v2 group
784 }
785 }
786 if (groupContext.getGroupV2().isPresent()) {
787 handleGroupV2Context(groupContext.getGroupV2().get());
788 }
789 }
790
791 final var selfAddress = isSync ? source : destination;
792 final var conversationPartnerAddress = isSync ? destination : source;
793 if (conversationPartnerAddress != null && message.isEndSession()) {
794 account.getAccountData(selfAddress.serviceId())
795 .getSessionStore()
796 .deleteAllSessions(conversationPartnerAddress.serviceId());
797 }
798 if (message.isExpirationUpdate() || message.getBody().isPresent()) {
799 if (message.getGroupContext().isPresent()) {
800 final var groupContext = message.getGroupContext().get();
801 if (groupContext.getGroupV1().isPresent()) {
802 var groupInfo = groupContext.getGroupV1().get();
803 var group = account.getGroupStore().getOrCreateGroupV1(GroupId.v1(groupInfo.getGroupId()));
804 if (group != null) {
805 if (group.messageExpirationTime != message.getExpiresInSeconds()) {
806 group.messageExpirationTime = message.getExpiresInSeconds();
807 account.getGroupStore().updateGroup(group);
808 }
809 }
810 } else if (groupContext.getGroupV2().isPresent()) {
811 // disappearing message timer already stored in the DecryptedGroup
812 }
813 } else if (conversationPartnerAddress != null) {
814 context.getContactHelper()
815 .setExpirationTimer(conversationPartnerAddress.recipientId(), message.getExpiresInSeconds());
816 }
817 }
818 if (!ignoreAttachments) {
819 if (message.getAttachments().isPresent()) {
820 for (var attachment : message.getAttachments().get()) {
821 context.getAttachmentHelper().downloadAttachment(attachment);
822 }
823 }
824 if (message.getSharedContacts().isPresent()) {
825 for (var contact : message.getSharedContacts().get()) {
826 if (contact.getAvatar().isPresent()) {
827 context.getAttachmentHelper().downloadAttachment(contact.getAvatar().get().getAttachment());
828 }
829 }
830 }
831 if (message.getPreviews().isPresent()) {
832 final var previews = message.getPreviews().get();
833 for (var preview : previews) {
834 if (preview.getImage().isPresent()) {
835 context.getAttachmentHelper().downloadAttachment(preview.getImage().get());
836 }
837 }
838 }
839 if (message.getQuote().isPresent()) {
840 final var quote = message.getQuote().get();
841
842 if (quote.getAttachments() != null) {
843 for (var quotedAttachment : quote.getAttachments()) {
844 final var thumbnail = quotedAttachment.getThumbnail();
845 if (thumbnail != null) {
846 context.getAttachmentHelper().downloadAttachment(thumbnail);
847 }
848 }
849 }
850 }
851 }
852 if (message.getGiftBadge().isPresent()) {
853 handleIncomingGiftBadge(message.getGiftBadge().get());
854 }
855 if (message.getProfileKey().isPresent()) {
856 handleIncomingProfileKey(message.getProfileKey().get(), source.recipientId());
857 }
858 if (message.getSticker().isPresent()) {
859 final var messageSticker = message.getSticker().get();
860 final var stickerPackId = StickerPackId.deserialize(messageSticker.getPackId());
861 var sticker = account.getStickerStore().getStickerPack(stickerPackId);
862 if (sticker == null) {
863 sticker = new StickerPack(stickerPackId, messageSticker.getPackKey());
864 account.getStickerStore().addStickerPack(sticker);
865 }
866 context.getJobExecutor().enqueueJob(new RetrieveStickerPackJob(stickerPackId, messageSticker.getPackKey()));
867 }
868 return actions;
869 }
870
871 private void handleIncomingGiftBadge(final SignalServiceDataMessage.GiftBadge giftBadge) {
872 // TODO
873 }
874
875 private List<HandleAction> handleSignalServiceStoryMessage(
876 SignalServiceStoryMessage message, RecipientId source, boolean ignoreAttachments
877 ) {
878 var actions = new ArrayList<HandleAction>();
879 if (message.getGroupContext().isPresent()) {
880 handleGroupV2Context(message.getGroupContext().get());
881 }
882
883 if (!ignoreAttachments) {
884 if (message.getFileAttachment().isPresent()) {
885 context.getAttachmentHelper().downloadAttachment(message.getFileAttachment().get());
886 }
887 if (message.getTextAttachment().isPresent()) {
888 final var textAttachment = message.getTextAttachment().get();
889 if (textAttachment.getPreview().isPresent()) {
890 final var preview = textAttachment.getPreview().get();
891 if (preview.getImage().isPresent()) {
892 context.getAttachmentHelper().downloadAttachment(preview.getImage().get());
893 }
894 }
895 }
896 }
897
898 if (message.getProfileKey().isPresent()) {
899 handleIncomingProfileKey(message.getProfileKey().get(), source);
900 }
901
902 return actions;
903 }
904
905 private void handleGroupV2Context(final SignalServiceGroupV2 groupContext) {
906 final var groupMasterKey = groupContext.getMasterKey();
907
908 context.getGroupHelper()
909 .getOrMigrateGroup(groupMasterKey,
910 groupContext.getRevision(),
911 groupContext.hasSignedGroupChange() ? groupContext.getSignedGroupChange() : null);
912 }
913
914 private void handleIncomingProfileKey(final byte[] profileKeyBytes, final RecipientId source) {
915 if (profileKeyBytes.length != 32) {
916 logger.debug("Received invalid profile key of length {}", profileKeyBytes.length);
917 return;
918 }
919 final ProfileKey profileKey;
920 try {
921 profileKey = new ProfileKey(profileKeyBytes);
922 } catch (InvalidInputException e) {
923 throw new AssertionError(e);
924 }
925 if (account.getSelfRecipientId().equals(source)) {
926 this.account.setProfileKey(profileKey);
927 }
928 this.account.getProfileStore().storeProfileKey(source, profileKey);
929 }
930
931 private SignalServiceAddress getSenderAddress(SignalServiceEnvelope envelope, SignalServiceContent content) {
932 final var serviceId = envelope.getSourceServiceId().map(ServiceId::parseOrNull).orElse(null);
933 if (!envelope.isUnidentifiedSender() && serviceId != null) {
934 return new SignalServiceAddress(serviceId);
935 } else if (content != null) {
936 return content.getSender();
937 } else {
938 return null;
939 }
940 }
941
942 private DeviceAddress getSender(SignalServiceEnvelope envelope, SignalServiceContent content) {
943 final var serviceId = envelope.getSourceServiceId().map(ServiceId::parseOrNull).orElse(null);
944 if (!envelope.isUnidentifiedSender() && serviceId != null) {
945 return new DeviceAddress(account.getRecipientResolver().resolveRecipient(serviceId),
946 serviceId,
947 envelope.getSourceDevice());
948 } else {
949 return new DeviceAddress(account.getRecipientResolver().resolveRecipient(content.getSender()),
950 content.getSender().getServiceId(),
951 content.getSenderDevice());
952 }
953 }
954
955 private DeviceAddress getDestination(SignalServiceEnvelope envelope) {
956 if (!envelope.hasDestinationUuid()) {
957 return new DeviceAddress(account.getSelfRecipientId(), account.getAci(), account.getDeviceId());
958 }
959 final var addressOptional = SignalServiceAddress.fromRaw(envelope.getDestinationServiceId(), null);
960 if (addressOptional.isEmpty()) {
961 return new DeviceAddress(account.getSelfRecipientId(), account.getAci(), account.getDeviceId());
962 }
963 final var address = addressOptional.get();
964 return new DeviceAddress(account.getRecipientResolver().resolveRecipient(address),
965 address.getServiceId(),
966 account.getDeviceId());
967 }
968
969 private record DeviceAddress(RecipientId recipientId, ServiceId serviceId, int deviceId) {}
970 }
[GitHub/AsamK] signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Codeberg
GitHub
GitLab
SourceHut