2 Copyright (C) 2015-2021 AsamK and contributors
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation, either version 3 of the License, or
7 (at your option) any later version.
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 package org
.asamk
.signal
.manager
;
19 import org
.asamk
.signal
.manager
.actions
.HandleAction
;
20 import org
.asamk
.signal
.manager
.api
.Device
;
21 import org
.asamk
.signal
.manager
.api
.Group
;
22 import org
.asamk
.signal
.manager
.api
.Identity
;
23 import org
.asamk
.signal
.manager
.api
.Message
;
24 import org
.asamk
.signal
.manager
.api
.RecipientIdentifier
;
25 import org
.asamk
.signal
.manager
.api
.SendGroupMessageResults
;
26 import org
.asamk
.signal
.manager
.api
.SendMessageResults
;
27 import org
.asamk
.signal
.manager
.api
.TypingAction
;
28 import org
.asamk
.signal
.manager
.config
.ServiceConfig
;
29 import org
.asamk
.signal
.manager
.config
.ServiceEnvironmentConfig
;
30 import org
.asamk
.signal
.manager
.groups
.GroupId
;
31 import org
.asamk
.signal
.manager
.groups
.GroupInviteLinkUrl
;
32 import org
.asamk
.signal
.manager
.groups
.GroupLinkState
;
33 import org
.asamk
.signal
.manager
.groups
.GroupNotFoundException
;
34 import org
.asamk
.signal
.manager
.groups
.GroupPermission
;
35 import org
.asamk
.signal
.manager
.groups
.GroupSendingNotAllowedException
;
36 import org
.asamk
.signal
.manager
.groups
.LastGroupAdminException
;
37 import org
.asamk
.signal
.manager
.groups
.NotAGroupMemberException
;
38 import org
.asamk
.signal
.manager
.helper
.AttachmentHelper
;
39 import org
.asamk
.signal
.manager
.helper
.ContactHelper
;
40 import org
.asamk
.signal
.manager
.helper
.GroupHelper
;
41 import org
.asamk
.signal
.manager
.helper
.GroupV2Helper
;
42 import org
.asamk
.signal
.manager
.helper
.IncomingMessageHandler
;
43 import org
.asamk
.signal
.manager
.helper
.PinHelper
;
44 import org
.asamk
.signal
.manager
.helper
.PreKeyHelper
;
45 import org
.asamk
.signal
.manager
.helper
.ProfileHelper
;
46 import org
.asamk
.signal
.manager
.helper
.SendHelper
;
47 import org
.asamk
.signal
.manager
.helper
.StorageHelper
;
48 import org
.asamk
.signal
.manager
.helper
.SyncHelper
;
49 import org
.asamk
.signal
.manager
.helper
.UnidentifiedAccessHelper
;
50 import org
.asamk
.signal
.manager
.jobs
.Context
;
51 import org
.asamk
.signal
.manager
.storage
.SignalAccount
;
52 import org
.asamk
.signal
.manager
.storage
.groups
.GroupInfo
;
53 import org
.asamk
.signal
.manager
.storage
.identities
.IdentityInfo
;
54 import org
.asamk
.signal
.manager
.storage
.messageCache
.CachedMessage
;
55 import org
.asamk
.signal
.manager
.storage
.recipients
.Contact
;
56 import org
.asamk
.signal
.manager
.storage
.recipients
.Profile
;
57 import org
.asamk
.signal
.manager
.storage
.recipients
.RecipientAddress
;
58 import org
.asamk
.signal
.manager
.storage
.recipients
.RecipientId
;
59 import org
.asamk
.signal
.manager
.storage
.stickers
.Sticker
;
60 import org
.asamk
.signal
.manager
.storage
.stickers
.StickerPackId
;
61 import org
.asamk
.signal
.manager
.util
.KeyUtils
;
62 import org
.asamk
.signal
.manager
.util
.StickerUtils
;
63 import org
.asamk
.signal
.manager
.util
.Utils
;
64 import org
.slf4j
.Logger
;
65 import org
.slf4j
.LoggerFactory
;
66 import org
.whispersystems
.libsignal
.IdentityKey
;
67 import org
.whispersystems
.libsignal
.InvalidKeyException
;
68 import org
.whispersystems
.libsignal
.ecc
.ECPublicKey
;
69 import org
.whispersystems
.libsignal
.fingerprint
.Fingerprint
;
70 import org
.whispersystems
.libsignal
.fingerprint
.FingerprintParsingException
;
71 import org
.whispersystems
.libsignal
.fingerprint
.FingerprintVersionMismatchException
;
72 import org
.whispersystems
.libsignal
.util
.Pair
;
73 import org
.whispersystems
.libsignal
.util
.guava
.Optional
;
74 import org
.whispersystems
.signalservice
.api
.SignalSessionLock
;
75 import org
.whispersystems
.signalservice
.api
.groupsv2
.GroupLinkNotActiveException
;
76 import org
.whispersystems
.signalservice
.api
.messages
.SendMessageResult
;
77 import org
.whispersystems
.signalservice
.api
.messages
.SignalServiceAttachmentRemoteId
;
78 import org
.whispersystems
.signalservice
.api
.messages
.SignalServiceDataMessage
;
79 import org
.whispersystems
.signalservice
.api
.messages
.SignalServiceEnvelope
;
80 import org
.whispersystems
.signalservice
.api
.messages
.SignalServiceReceiptMessage
;
81 import org
.whispersystems
.signalservice
.api
.messages
.SignalServiceTypingMessage
;
82 import org
.whispersystems
.signalservice
.api
.push
.SignalServiceAddress
;
83 import org
.whispersystems
.signalservice
.api
.push
.exceptions
.UnregisteredUserException
;
84 import org
.whispersystems
.signalservice
.api
.util
.DeviceNameUtil
;
85 import org
.whispersystems
.signalservice
.api
.util
.InvalidNumberException
;
86 import org
.whispersystems
.signalservice
.api
.util
.PhoneNumberFormatter
;
87 import org
.whispersystems
.signalservice
.api
.websocket
.WebSocketUnavailableException
;
88 import org
.whispersystems
.signalservice
.internal
.contacts
.crypto
.Quote
;
89 import org
.whispersystems
.signalservice
.internal
.contacts
.crypto
.UnauthenticatedQuoteException
;
90 import org
.whispersystems
.signalservice
.internal
.contacts
.crypto
.UnauthenticatedResponseException
;
91 import org
.whispersystems
.signalservice
.internal
.util
.DynamicCredentialsProvider
;
92 import org
.whispersystems
.signalservice
.internal
.util
.Hex
;
93 import org
.whispersystems
.signalservice
.internal
.util
.Util
;
96 import java
.io
.IOException
;
98 import java
.net
.URISyntaxException
;
99 import java
.net
.URLEncoder
;
100 import java
.nio
.charset
.StandardCharsets
;
101 import java
.security
.SignatureException
;
102 import java
.util
.Arrays
;
103 import java
.util
.Collection
;
104 import java
.util
.Date
;
105 import java
.util
.HashMap
;
106 import java
.util
.HashSet
;
107 import java
.util
.List
;
108 import java
.util
.Map
;
109 import java
.util
.Set
;
110 import java
.util
.UUID
;
111 import java
.util
.concurrent
.ExecutorService
;
112 import java
.util
.concurrent
.Executors
;
113 import java
.util
.concurrent
.TimeUnit
;
114 import java
.util
.concurrent
.TimeoutException
;
115 import java
.util
.concurrent
.locks
.ReentrantLock
;
116 import java
.util
.function
.Function
;
117 import java
.util
.stream
.Collectors
;
119 import static org
.asamk
.signal
.manager
.config
.ServiceConfig
.capabilities
;
121 public class ManagerImpl
implements Manager
{
123 private final static Logger logger
= LoggerFactory
.getLogger(ManagerImpl
.class);
125 private final ServiceEnvironmentConfig serviceEnvironmentConfig
;
126 private final SignalDependencies dependencies
;
128 private SignalAccount account
;
130 private final ExecutorService executor
= Executors
.newCachedThreadPool();
132 private final ProfileHelper profileHelper
;
133 private final PinHelper pinHelper
;
134 private final StorageHelper storageHelper
;
135 private final SendHelper sendHelper
;
136 private final SyncHelper syncHelper
;
137 private final AttachmentHelper attachmentHelper
;
138 private final GroupHelper groupHelper
;
139 private final ContactHelper contactHelper
;
140 private final IncomingMessageHandler incomingMessageHandler
;
141 private final PreKeyHelper preKeyHelper
;
143 private final Context context
;
144 private boolean hasCaughtUpWithOldMessages
= false;
147 SignalAccount account
,
148 PathConfig pathConfig
,
149 ServiceEnvironmentConfig serviceEnvironmentConfig
,
152 this.account
= account
;
153 this.serviceEnvironmentConfig
= serviceEnvironmentConfig
;
155 final var credentialsProvider
= new DynamicCredentialsProvider(account
.getUuid(),
156 account
.getUsername(),
157 account
.getPassword(),
158 account
.getDeviceId());
159 final var sessionLock
= new SignalSessionLock() {
160 private final ReentrantLock LEGACY_LOCK
= new ReentrantLock();
163 public Lock
acquire() {
165 return LEGACY_LOCK
::unlock
;
168 this.dependencies
= new SignalDependencies(serviceEnvironmentConfig
,
171 account
.getSignalProtocolStore(),
174 final var avatarStore
= new AvatarStore(pathConfig
.getAvatarsPath());
175 final var attachmentStore
= new AttachmentStore(pathConfig
.getAttachmentsPath());
176 final var stickerPackStore
= new StickerPackStore(pathConfig
.getStickerPacksPath());
178 this.attachmentHelper
= new AttachmentHelper(dependencies
, attachmentStore
);
179 this.pinHelper
= new PinHelper(dependencies
.getKeyBackupService());
180 final var unidentifiedAccessHelper
= new UnidentifiedAccessHelper(account
::getProfileKey
,
181 account
.getProfileStore()::getProfileKey
,
182 this::getRecipientProfile
,
183 this::getSenderCertificate
);
184 this.profileHelper
= new ProfileHelper(account
,
187 account
.getProfileStore()::getProfileKey
,
188 unidentifiedAccessHelper
::getAccessFor
,
189 this::resolveSignalServiceAddress
);
190 final GroupV2Helper groupV2Helper
= new GroupV2Helper(profileHelper
::getRecipientProfileKeyCredential
,
191 this::getRecipientProfile
,
192 account
::getSelfRecipientId
,
193 dependencies
.getGroupsV2Operations(),
194 dependencies
.getGroupsV2Api(),
195 this::resolveSignalServiceAddress
);
196 this.sendHelper
= new SendHelper(account
,
198 unidentifiedAccessHelper
,
199 this::resolveSignalServiceAddress
,
200 account
.getRecipientStore(),
201 this::handleIdentityFailure
,
203 this::refreshRegisteredUser
);
204 this.groupHelper
= new GroupHelper(account
,
210 this::resolveSignalServiceAddress
,
211 account
.getRecipientStore());
212 this.storageHelper
= new StorageHelper(account
, dependencies
, groupHelper
);
213 this.contactHelper
= new ContactHelper(account
);
214 this.syncHelper
= new SyncHelper(account
,
219 this::resolveSignalServiceAddress
);
220 preKeyHelper
= new PreKeyHelper(account
, dependencies
);
222 this.context
= new Context(account
,
231 var jobExecutor
= new JobExecutor(context
);
233 this.incomingMessageHandler
= new IncomingMessageHandler(account
,
235 account
.getRecipientStore(),
236 this::resolveSignalServiceAddress
,
241 this::getRecipientProfile
,
246 public String
getSelfNumber() {
247 return account
.getUsername();
251 public void checkAccountState() throws IOException
{
252 if (account
.getLastReceiveTimestamp() == 0) {
253 logger
.info("The Signal protocol expects that incoming messages are regularly received.");
255 var diffInMilliseconds
= System
.currentTimeMillis() - account
.getLastReceiveTimestamp();
256 long days
= TimeUnit
.DAYS
.convert(diffInMilliseconds
, TimeUnit
.MILLISECONDS
);
259 "Messages have been last received {} days ago. The Signal protocol expects that incoming messages are regularly received.",
263 preKeyHelper
.refreshPreKeysIfNecessary();
264 if (account
.getUuid() == null) {
265 account
.setUuid(dependencies
.getAccountManager().getOwnUuid());
267 updateAccountAttributes(null);
271 * This is used for checking a set of phone numbers for registration on Signal
273 * @param numbers The set of phone number in question
274 * @return A map of numbers to canonicalized number and uuid. If a number is not registered the uuid is null.
275 * @throws IOException if its unable to get the contacts to check if they're registered
278 public Map
<String
, Pair
<String
, UUID
>> areUsersRegistered(Set
<String
> numbers
) throws IOException
{
279 Map
<String
, String
> canonicalizedNumbers
= numbers
.stream().collect(Collectors
.toMap(n
-> n
, n
-> {
281 return PhoneNumberFormatter
.formatNumber(n
, account
.getUsername());
282 } catch (InvalidNumberException e
) {
287 // Note "registeredUsers" has no optionals. It only gives us info on users who are registered
288 var registeredUsers
= getRegisteredUsers(canonicalizedNumbers
.values()
290 .filter(s
-> !s
.isEmpty())
291 .collect(Collectors
.toSet()));
293 return numbers
.stream().collect(Collectors
.toMap(n
-> n
, n
-> {
294 final var number
= canonicalizedNumbers
.get(n
);
295 final var uuid
= registeredUsers
.get(number
);
296 return new Pair
<>(number
.isEmpty() ?
null : number
, uuid
);
301 public void updateAccountAttributes(String deviceName
) throws IOException
{
302 final String encryptedDeviceName
;
303 if (deviceName
== null) {
304 encryptedDeviceName
= account
.getEncryptedDeviceName();
306 final var privateKey
= account
.getIdentityKeyPair().getPrivateKey();
307 encryptedDeviceName
= DeviceNameUtil
.encryptDeviceName(deviceName
, privateKey
);
308 account
.setEncryptedDeviceName(encryptedDeviceName
);
310 dependencies
.getAccountManager()
311 .setAccountAttributes(encryptedDeviceName
,
313 account
.getLocalRegistrationId(),
316 account
.getPinMasterKey() == null ?
null : account
.getPinMasterKey().deriveRegistrationLock(),
317 account
.getSelfUnidentifiedAccessKey(),
318 account
.isUnrestrictedUnidentifiedAccess(),
320 account
.isDiscoverableByPhoneNumber());
324 * @param givenName if null, the previous givenName will be kept
325 * @param familyName if null, the previous familyName will be kept
326 * @param about if null, the previous about text will be kept
327 * @param aboutEmoji if null, the previous about emoji will be kept
328 * @param avatar if avatar is null the image from the local avatar store is used (if present),
331 public void setProfile(
332 String givenName
, final String familyName
, String about
, String aboutEmoji
, Optional
<File
> avatar
333 ) throws IOException
{
334 profileHelper
.setProfile(givenName
, familyName
, about
, aboutEmoji
, avatar
);
335 syncHelper
.sendSyncFetchProfileMessage();
339 public void unregister() throws IOException
{
340 // When setting an empty GCM id, the Signal-Server also sets the fetchesMessages property to false.
341 // If this is the master device, other users can't send messages to this number anymore.
342 // If this is a linked device, other users can still send messages, but this device doesn't receive them anymore.
343 dependencies
.getAccountManager().setGcmId(Optional
.absent());
345 account
.setRegistered(false);
349 public void deleteAccount() throws IOException
{
351 pinHelper
.removeRegistrationLockPin();
352 } catch (UnauthenticatedResponseException e
) {
353 logger
.warn("Failed to remove registration lock pin");
355 account
.setRegistrationLockPin(null, null);
357 dependencies
.getAccountManager().deleteAccount();
359 account
.setRegistered(false);
363 public void submitRateLimitRecaptchaChallenge(String challenge
, String captcha
) throws IOException
{
364 dependencies
.getAccountManager().submitRateLimitRecaptchaChallenge(challenge
, captcha
);
368 public List
<Device
> getLinkedDevices() throws IOException
{
369 var devices
= dependencies
.getAccountManager().getDevices();
370 account
.setMultiDevice(devices
.size() > 1);
371 var identityKey
= account
.getIdentityKeyPair().getPrivateKey();
372 return devices
.stream().map(d
-> {
373 String deviceName
= d
.getName();
374 if (deviceName
!= null) {
376 deviceName
= DeviceNameUtil
.decryptDeviceName(deviceName
, identityKey
);
377 } catch (IOException e
) {
378 logger
.debug("Failed to decrypt device name, maybe plain text?", e
);
381 return new Device(d
.getId(),
385 d
.getId() == account
.getDeviceId());
386 }).collect(Collectors
.toList());
390 public void removeLinkedDevices(int deviceId
) throws IOException
{
391 dependencies
.getAccountManager().removeDevice(deviceId
);
392 var devices
= dependencies
.getAccountManager().getDevices();
393 account
.setMultiDevice(devices
.size() > 1);
397 public void addDeviceLink(URI linkUri
) throws IOException
, InvalidKeyException
{
398 var info
= DeviceLinkInfo
.parseDeviceLinkUri(linkUri
);
400 addDevice(info
.deviceIdentifier
, info
.deviceKey
);
403 private void addDevice(String deviceIdentifier
, ECPublicKey deviceKey
) throws IOException
, InvalidKeyException
{
404 var identityKeyPair
= account
.getIdentityKeyPair();
405 var verificationCode
= dependencies
.getAccountManager().getNewDeviceVerificationCode();
407 dependencies
.getAccountManager()
408 .addDevice(deviceIdentifier
,
411 Optional
.of(account
.getProfileKey().serialize()),
413 account
.setMultiDevice(true);
417 public void setRegistrationLockPin(Optional
<String
> pin
) throws IOException
, UnauthenticatedResponseException
{
418 if (!account
.isMasterDevice()) {
419 throw new RuntimeException("Only master device can set a PIN");
421 if (pin
.isPresent()) {
422 final var masterKey
= account
.getPinMasterKey() != null
423 ? account
.getPinMasterKey()
424 : KeyUtils
.createMasterKey();
426 pinHelper
.setRegistrationLockPin(pin
.get(), masterKey
);
428 account
.setRegistrationLockPin(pin
.get(), masterKey
);
431 pinHelper
.removeRegistrationLockPin();
433 account
.setRegistrationLockPin(null, null);
437 void refreshPreKeys() throws IOException
{
438 preKeyHelper
.refreshPreKeys();
442 public Profile
getRecipientProfile(RecipientIdentifier
.Single recipient
) throws UnregisteredUserException
{
443 return profileHelper
.getRecipientProfile(resolveRecipient(recipient
));
446 private Profile
getRecipientProfile(RecipientId recipientId
) {
447 return profileHelper
.getRecipientProfile(recipientId
);
451 public List
<Group
> getGroups() {
452 return account
.getGroupStore().getGroups().stream().map(this::toGroup
).collect(Collectors
.toList());
455 private Group
toGroup(final GroupInfo groupInfo
) {
456 if (groupInfo
== null) {
460 return new Group(groupInfo
.getGroupId(),
461 groupInfo
.getTitle(),
462 groupInfo
.getDescription(),
463 groupInfo
.getGroupInviteLink(),
464 groupInfo
.getMembers()
466 .map(account
.getRecipientStore()::resolveRecipientAddress
)
467 .collect(Collectors
.toSet()),
468 groupInfo
.getPendingMembers()
470 .map(account
.getRecipientStore()::resolveRecipientAddress
)
471 .collect(Collectors
.toSet()),
472 groupInfo
.getRequestingMembers()
474 .map(account
.getRecipientStore()::resolveRecipientAddress
)
475 .collect(Collectors
.toSet()),
476 groupInfo
.getAdminMembers()
478 .map(account
.getRecipientStore()::resolveRecipientAddress
)
479 .collect(Collectors
.toSet()),
480 groupInfo
.isBlocked(),
481 groupInfo
.getMessageExpirationTime(),
482 groupInfo
.isAnnouncementGroup(),
483 groupInfo
.isMember(account
.getSelfRecipientId()));
487 public SendGroupMessageResults
quitGroup(
488 GroupId groupId
, Set
<RecipientIdentifier
.Single
> groupAdmins
489 ) throws GroupNotFoundException
, IOException
, NotAGroupMemberException
, LastGroupAdminException
{
490 final var newAdmins
= resolveRecipients(groupAdmins
);
491 return groupHelper
.quitGroup(groupId
, newAdmins
);
495 public void deleteGroup(GroupId groupId
) throws IOException
{
496 groupHelper
.deleteGroup(groupId
);
500 public Pair
<GroupId
, SendGroupMessageResults
> createGroup(
501 String name
, Set
<RecipientIdentifier
.Single
> members
, File avatarFile
502 ) throws IOException
, AttachmentInvalidException
{
503 return groupHelper
.createGroup(name
, members
== null ?
null : resolveRecipients(members
), avatarFile
);
507 public SendGroupMessageResults
updateGroup(
511 Set
<RecipientIdentifier
.Single
> members
,
512 Set
<RecipientIdentifier
.Single
> removeMembers
,
513 Set
<RecipientIdentifier
.Single
> admins
,
514 Set
<RecipientIdentifier
.Single
> removeAdmins
,
515 boolean resetGroupLink
,
516 GroupLinkState groupLinkState
,
517 GroupPermission addMemberPermission
,
518 GroupPermission editDetailsPermission
,
520 Integer expirationTimer
,
521 Boolean isAnnouncementGroup
522 ) throws IOException
, GroupNotFoundException
, AttachmentInvalidException
, NotAGroupMemberException
, GroupSendingNotAllowedException
{
523 return groupHelper
.updateGroup(groupId
,
526 members
== null ?
null : resolveRecipients(members
),
527 removeMembers
== null ?
null : resolveRecipients(removeMembers
),
528 admins
== null ?
null : resolveRecipients(admins
),
529 removeAdmins
== null ?
null : resolveRecipients(removeAdmins
),
533 editDetailsPermission
,
536 isAnnouncementGroup
);
540 public Pair
<GroupId
, SendGroupMessageResults
> joinGroup(
541 GroupInviteLinkUrl inviteLinkUrl
542 ) throws IOException
, GroupLinkNotActiveException
{
543 return groupHelper
.joinGroup(inviteLinkUrl
);
546 private SendMessageResults
sendMessage(
547 SignalServiceDataMessage
.Builder messageBuilder
, Set
<RecipientIdentifier
> recipients
548 ) throws IOException
, NotAGroupMemberException
, GroupNotFoundException
, GroupSendingNotAllowedException
{
549 var results
= new HashMap
<RecipientIdentifier
, List
<SendMessageResult
>>();
550 long timestamp
= System
.currentTimeMillis();
551 messageBuilder
.withTimestamp(timestamp
);
552 for (final var recipient
: recipients
) {
553 if (recipient
instanceof RecipientIdentifier
.Single
) {
554 final var recipientId
= resolveRecipient((RecipientIdentifier
.Single
) recipient
);
555 final var result
= sendHelper
.sendMessage(messageBuilder
, recipientId
);
556 results
.put(recipient
, List
.of(result
));
557 } else if (recipient
instanceof RecipientIdentifier
.NoteToSelf
) {
558 final var result
= sendHelper
.sendSelfMessage(messageBuilder
);
559 results
.put(recipient
, List
.of(result
));
560 } else if (recipient
instanceof RecipientIdentifier
.Group
) {
561 final var groupId
= ((RecipientIdentifier
.Group
) recipient
).groupId
;
562 final var result
= sendHelper
.sendAsGroupMessage(messageBuilder
, groupId
);
563 results
.put(recipient
, result
);
566 return new SendMessageResults(timestamp
, results
);
569 private void sendTypingMessage(
570 SignalServiceTypingMessage
.Action action
, Set
<RecipientIdentifier
> recipients
571 ) throws IOException
, UntrustedIdentityException
, NotAGroupMemberException
, GroupNotFoundException
, GroupSendingNotAllowedException
{
572 final var timestamp
= System
.currentTimeMillis();
573 for (var recipient
: recipients
) {
574 if (recipient
instanceof RecipientIdentifier
.Single
) {
575 final var message
= new SignalServiceTypingMessage(action
, timestamp
, Optional
.absent());
576 final var recipientId
= resolveRecipient((RecipientIdentifier
.Single
) recipient
);
577 sendHelper
.sendTypingMessage(message
, recipientId
);
578 } else if (recipient
instanceof RecipientIdentifier
.Group
) {
579 final var groupId
= ((RecipientIdentifier
.Group
) recipient
).groupId
;
580 final var message
= new SignalServiceTypingMessage(action
, timestamp
, Optional
.of(groupId
.serialize()));
581 sendHelper
.sendGroupTypingMessage(message
, groupId
);
587 public void sendTypingMessage(
588 TypingAction action
, Set
<RecipientIdentifier
> recipients
589 ) throws IOException
, UntrustedIdentityException
, NotAGroupMemberException
, GroupNotFoundException
, GroupSendingNotAllowedException
{
590 sendTypingMessage(action
.toSignalService(), recipients
);
594 public void sendReadReceipt(
595 RecipientIdentifier
.Single sender
, List
<Long
> messageIds
596 ) throws IOException
, UntrustedIdentityException
{
597 var receiptMessage
= new SignalServiceReceiptMessage(SignalServiceReceiptMessage
.Type
.READ
,
599 System
.currentTimeMillis());
601 sendHelper
.sendReceiptMessage(receiptMessage
, resolveRecipient(sender
));
605 public void sendViewedReceipt(
606 RecipientIdentifier
.Single sender
, List
<Long
> messageIds
607 ) throws IOException
, UntrustedIdentityException
{
608 var receiptMessage
= new SignalServiceReceiptMessage(SignalServiceReceiptMessage
.Type
.VIEWED
,
610 System
.currentTimeMillis());
612 sendHelper
.sendReceiptMessage(receiptMessage
, resolveRecipient(sender
));
616 public SendMessageResults
sendMessage(
617 Message message
, Set
<RecipientIdentifier
> recipients
618 ) throws IOException
, AttachmentInvalidException
, NotAGroupMemberException
, GroupNotFoundException
, GroupSendingNotAllowedException
{
619 final var messageBuilder
= SignalServiceDataMessage
.newBuilder();
620 applyMessage(messageBuilder
, message
);
621 return sendMessage(messageBuilder
, recipients
);
624 private void applyMessage(
625 final SignalServiceDataMessage
.Builder messageBuilder
, final Message message
626 ) throws AttachmentInvalidException
, IOException
{
627 messageBuilder
.withBody(message
.getMessageText());
628 final var attachments
= message
.getAttachments();
629 if (attachments
!= null) {
630 messageBuilder
.withAttachments(attachmentHelper
.uploadAttachments(attachments
));
635 public SendMessageResults
sendRemoteDeleteMessage(
636 long targetSentTimestamp
, Set
<RecipientIdentifier
> recipients
637 ) throws IOException
, NotAGroupMemberException
, GroupNotFoundException
, GroupSendingNotAllowedException
{
638 var delete
= new SignalServiceDataMessage
.RemoteDelete(targetSentTimestamp
);
639 final var messageBuilder
= SignalServiceDataMessage
.newBuilder().withRemoteDelete(delete
);
640 return sendMessage(messageBuilder
, recipients
);
644 public SendMessageResults
sendMessageReaction(
647 RecipientIdentifier
.Single targetAuthor
,
648 long targetSentTimestamp
,
649 Set
<RecipientIdentifier
> recipients
650 ) throws IOException
, NotAGroupMemberException
, GroupNotFoundException
, GroupSendingNotAllowedException
{
651 var targetAuthorRecipientId
= resolveRecipient(targetAuthor
);
652 var reaction
= new SignalServiceDataMessage
.Reaction(emoji
,
654 resolveSignalServiceAddress(targetAuthorRecipientId
),
655 targetSentTimestamp
);
656 final var messageBuilder
= SignalServiceDataMessage
.newBuilder().withReaction(reaction
);
657 return sendMessage(messageBuilder
, recipients
);
661 public SendMessageResults
sendEndSessionMessage(Set
<RecipientIdentifier
.Single
> recipients
) throws IOException
{
662 var messageBuilder
= SignalServiceDataMessage
.newBuilder().asEndSessionMessage();
665 return sendMessage(messageBuilder
,
666 recipients
.stream().map(RecipientIdentifier
.class::cast
).collect(Collectors
.toSet()));
667 } catch (GroupNotFoundException
| NotAGroupMemberException
| GroupSendingNotAllowedException e
) {
668 throw new AssertionError(e
);
670 for (var recipient
: recipients
) {
671 final var recipientId
= resolveRecipient(recipient
);
672 account
.getSessionStore().deleteAllSessions(recipientId
);
678 public void setContactName(
679 RecipientIdentifier
.Single recipient
, String name
680 ) throws NotMasterDeviceException
, UnregisteredUserException
{
681 if (!account
.isMasterDevice()) {
682 throw new NotMasterDeviceException();
684 contactHelper
.setContactName(resolveRecipient(recipient
), name
);
688 public void setContactBlocked(
689 RecipientIdentifier
.Single recipient
, boolean blocked
690 ) throws NotMasterDeviceException
, IOException
{
691 if (!account
.isMasterDevice()) {
692 throw new NotMasterDeviceException();
694 contactHelper
.setContactBlocked(resolveRecipient(recipient
), blocked
);
695 // TODO cycle our profile key
696 syncHelper
.sendBlockedList();
700 public void setGroupBlocked(
701 final GroupId groupId
, final boolean blocked
702 ) throws GroupNotFoundException
, IOException
{
703 groupHelper
.setGroupBlocked(groupId
, blocked
);
704 // TODO cycle our profile key
705 syncHelper
.sendBlockedList();
709 * Change the expiration timer for a contact
712 public void setExpirationTimer(
713 RecipientIdentifier
.Single recipient
, int messageExpirationTimer
714 ) throws IOException
{
715 var recipientId
= resolveRecipient(recipient
);
716 contactHelper
.setExpirationTimer(recipientId
, messageExpirationTimer
);
717 final var messageBuilder
= SignalServiceDataMessage
.newBuilder().asExpirationUpdate();
719 sendMessage(messageBuilder
, Set
.of(recipient
));
720 } catch (NotAGroupMemberException
| GroupNotFoundException
| GroupSendingNotAllowedException e
) {
721 throw new AssertionError(e
);
726 * Upload the sticker pack from path.
728 * @param path Path can be a path to a manifest.json file or to a zip file that contains a manifest.json file
729 * @return if successful, returns the URL to install the sticker pack in the signal app
732 public URI
uploadStickerPack(File path
) throws IOException
, StickerPackInvalidException
{
733 var manifest
= StickerUtils
.getSignalServiceStickerManifestUpload(path
);
735 var messageSender
= dependencies
.getMessageSender();
737 var packKey
= KeyUtils
.createStickerUploadKey();
738 var packIdString
= messageSender
.uploadStickerManifest(manifest
, packKey
);
739 var packId
= StickerPackId
.deserialize(Hex
.fromStringCondensed(packIdString
));
741 var sticker
= new Sticker(packId
, packKey
);
742 account
.getStickerStore().updateSticker(sticker
);
745 return new URI("https",
749 + URLEncoder
.encode(Hex
.toStringCondensed(packId
.serialize()), StandardCharsets
.UTF_8
)
751 + URLEncoder
.encode(Hex
.toStringCondensed(packKey
), StandardCharsets
.UTF_8
));
752 } catch (URISyntaxException e
) {
753 throw new AssertionError(e
);
758 public void requestAllSyncData() throws IOException
{
759 syncHelper
.requestAllSyncData();
760 retrieveRemoteStorage();
763 void retrieveRemoteStorage() throws IOException
{
764 if (account
.getStorageKey() != null) {
765 storageHelper
.readDataFromStorage();
769 private byte[] getSenderCertificate() {
772 if (account
.isPhoneNumberShared()) {
773 certificate
= dependencies
.getAccountManager().getSenderCertificate();
775 certificate
= dependencies
.getAccountManager().getSenderCertificateForPhoneNumberPrivacy();
777 } catch (IOException e
) {
778 logger
.warn("Failed to get sender certificate, ignoring: {}", e
.getMessage());
781 // TODO cache for a day
785 private RecipientId
refreshRegisteredUser(RecipientId recipientId
) throws IOException
{
786 final var address
= resolveSignalServiceAddress(recipientId
);
787 if (!address
.getNumber().isPresent()) {
790 final var number
= address
.getNumber().get();
791 final var uuid
= getRegisteredUser(number
);
792 return resolveRecipientTrusted(new SignalServiceAddress(uuid
, number
));
795 private UUID
getRegisteredUser(final String number
) throws IOException
{
796 final Map
<String
, UUID
> uuidMap
;
798 uuidMap
= getRegisteredUsers(Set
.of(number
));
799 } catch (NumberFormatException e
) {
800 throw new UnregisteredUserException(number
, e
);
802 final var uuid
= uuidMap
.get(number
);
804 throw new UnregisteredUserException(number
, null);
809 private Map
<String
, UUID
> getRegisteredUsers(final Set
<String
> numbers
) throws IOException
{
810 final Map
<String
, UUID
> registeredUsers
;
812 registeredUsers
= dependencies
.getAccountManager()
813 .getRegisteredUsers(ServiceConfig
.getIasKeyStore(),
815 serviceEnvironmentConfig
.getCdsMrenclave());
816 } catch (Quote
.InvalidQuoteFormatException
| UnauthenticatedQuoteException
| SignatureException
| UnauthenticatedResponseException
| InvalidKeyException e
) {
817 throw new IOException(e
);
820 // Store numbers as recipients so we have the number/uuid association
821 registeredUsers
.forEach((number
, uuid
) -> resolveRecipientTrusted(new SignalServiceAddress(uuid
, number
)));
823 return registeredUsers
;
826 private void retryFailedReceivedMessages(ReceiveMessageHandler handler
, boolean ignoreAttachments
) {
827 Set
<HandleAction
> queuedActions
= new HashSet
<>();
828 for (var cachedMessage
: account
.getMessageCache().getCachedMessages()) {
829 var actions
= retryFailedReceivedMessage(handler
, ignoreAttachments
, cachedMessage
);
830 if (actions
!= null) {
831 queuedActions
.addAll(actions
);
834 handleQueuedActions(queuedActions
);
837 private List
<HandleAction
> retryFailedReceivedMessage(
838 final ReceiveMessageHandler handler
, final boolean ignoreAttachments
, final CachedMessage cachedMessage
840 var envelope
= cachedMessage
.loadEnvelope();
841 if (envelope
== null) {
842 cachedMessage
.delete();
846 final var result
= incomingMessageHandler
.handleRetryEnvelope(envelope
, ignoreAttachments
, handler
);
847 final var actions
= result
.first();
848 final var exception
= result
.second();
850 if (exception
instanceof UntrustedIdentityException
) {
851 if (System
.currentTimeMillis() - envelope
.getServerDeliveredTimestamp() > 1000L * 60 * 60 * 24 * 30) {
852 // Envelope is more than a month old, cleaning up.
853 cachedMessage
.delete();
856 if (!envelope
.hasSourceUuid()) {
857 final var identifier
= ((UntrustedIdentityException
) exception
).getSender();
858 final var recipientId
= account
.getRecipientStore().resolveRecipient(identifier
);
860 account
.getMessageCache().replaceSender(cachedMessage
, recipientId
);
861 } catch (IOException ioException
) {
862 logger
.warn("Failed to move cached message to recipient folder: {}", ioException
.getMessage());
868 // If successful and for all other errors that are not recoverable, delete the cached message
869 cachedMessage
.delete();
874 public void receiveMessages(
877 boolean returnOnTimeout
,
878 boolean ignoreAttachments
,
879 ReceiveMessageHandler handler
880 ) throws IOException
{
881 retryFailedReceivedMessages(handler
, ignoreAttachments
);
883 Set
<HandleAction
> queuedActions
= new HashSet
<>();
885 final var signalWebSocket
= dependencies
.getSignalWebSocket();
886 signalWebSocket
.connect();
888 hasCaughtUpWithOldMessages
= false;
890 while (!Thread
.interrupted()) {
891 SignalServiceEnvelope envelope
;
892 final CachedMessage
[] cachedMessage
= {null};
893 account
.setLastReceiveTimestamp(System
.currentTimeMillis());
894 logger
.debug("Checking for new message from server");
896 var result
= signalWebSocket
.readOrEmpty(unit
.toMillis(timeout
), envelope1
-> {
897 final var recipientId
= envelope1
.hasSourceUuid()
898 ?
resolveRecipient(envelope1
.getSourceAddress())
900 // store message on disk, before acknowledging receipt to the server
901 cachedMessage
[0] = account
.getMessageCache().cacheMessage(envelope1
, recipientId
);
903 if (result
.isPresent()) {
904 envelope
= result
.get();
905 logger
.debug("New message received from server");
907 logger
.debug("Received indicator that server queue is empty");
908 handleQueuedActions(queuedActions
);
909 queuedActions
.clear();
911 hasCaughtUpWithOldMessages
= true;
912 synchronized (this) {
916 // Continue to wait another timeout for new messages
919 } catch (AssertionError e
) {
920 if (e
.getCause() instanceof InterruptedException
) {
921 Thread
.currentThread().interrupt();
926 } catch (WebSocketUnavailableException e
) {
927 logger
.debug("Pipe unexpectedly unavailable, connecting");
928 signalWebSocket
.connect();
930 } catch (TimeoutException e
) {
931 if (returnOnTimeout
) return;
935 final var result
= incomingMessageHandler
.handleEnvelope(envelope
, ignoreAttachments
, handler
);
936 queuedActions
.addAll(result
.first());
937 final var exception
= result
.second();
939 if (hasCaughtUpWithOldMessages
) {
940 handleQueuedActions(queuedActions
);
942 if (cachedMessage
[0] != null) {
943 if (exception
instanceof UntrustedIdentityException
) {
944 final var address
= ((UntrustedIdentityException
) exception
).getSender();
945 final var recipientId
= resolveRecipient(address
);
946 if (!envelope
.hasSourceUuid()) {
948 cachedMessage
[0] = account
.getMessageCache().replaceSender(cachedMessage
[0], recipientId
);
949 } catch (IOException ioException
) {
950 logger
.warn("Failed to move cached message to recipient folder: {}",
951 ioException
.getMessage());
955 cachedMessage
[0].delete();
959 handleQueuedActions(queuedActions
);
963 public boolean hasCaughtUpWithOldMessages() {
964 return hasCaughtUpWithOldMessages
;
967 private void handleQueuedActions(final Collection
<HandleAction
> queuedActions
) {
968 var interrupted
= false;
969 for (var action
: queuedActions
) {
971 action
.execute(context
);
972 } catch (Throwable e
) {
973 if ((e
instanceof AssertionError
|| e
instanceof RuntimeException
)
974 && e
.getCause() instanceof InterruptedException
) {
978 logger
.warn("Message action failed.", e
);
982 Thread
.currentThread().interrupt();
987 public boolean isContactBlocked(final RecipientIdentifier
.Single recipient
) {
988 final RecipientId recipientId
;
990 recipientId
= resolveRecipient(recipient
);
991 } catch (UnregisteredUserException e
) {
994 return contactHelper
.isContactBlocked(recipientId
);
998 public File
getAttachmentFile(SignalServiceAttachmentRemoteId attachmentId
) {
999 return attachmentHelper
.getAttachmentFile(attachmentId
);
1003 public void sendContacts() throws IOException
{
1004 syncHelper
.sendContacts();
1008 public List
<Pair
<RecipientAddress
, Contact
>> getContacts() {
1009 return account
.getContactStore()
1012 .map(p
-> new Pair
<>(account
.getRecipientStore().resolveRecipientAddress(p
.first()), p
.second()))
1013 .collect(Collectors
.toList());
1017 public String
getContactOrProfileName(RecipientIdentifier
.Single recipient
) {
1018 final RecipientId recipientId
;
1020 recipientId
= resolveRecipient(recipient
);
1021 } catch (UnregisteredUserException e
) {
1025 final var contact
= account
.getContactStore().getContact(recipientId
);
1026 if (contact
!= null && !Util
.isEmpty(contact
.getName())) {
1027 return contact
.getName();
1030 final var profile
= getRecipientProfile(recipientId
);
1031 if (profile
!= null) {
1032 return profile
.getDisplayName();
1039 public Group
getGroup(GroupId groupId
) {
1040 return toGroup(groupHelper
.getGroup(groupId
));
1043 public GroupInfo
getGroupInfo(GroupId groupId
) {
1044 return groupHelper
.getGroup(groupId
);
1048 public List
<Identity
> getIdentities() {
1049 return account
.getIdentityKeyStore()
1052 .map(this::toIdentity
)
1053 .collect(Collectors
.toList());
1056 private Identity
toIdentity(final IdentityInfo identityInfo
) {
1057 if (identityInfo
== null) {
1061 final var address
= account
.getRecipientStore().resolveRecipientAddress(identityInfo
.getRecipientId());
1062 return new Identity(address
,
1063 identityInfo
.getIdentityKey(),
1064 computeSafetyNumber(address
.toSignalServiceAddress(), identityInfo
.getIdentityKey()),
1065 computeSafetyNumberForScanning(address
.toSignalServiceAddress(), identityInfo
.getIdentityKey()),
1066 identityInfo
.getTrustLevel(),
1067 identityInfo
.getDateAdded());
1071 public List
<Identity
> getIdentities(RecipientIdentifier
.Single recipient
) {
1072 IdentityInfo identity
;
1074 identity
= account
.getIdentityKeyStore().getIdentity(resolveRecipient(recipient
));
1075 } catch (UnregisteredUserException e
) {
1078 return identity
== null ? List
.of() : List
.of(toIdentity(identity
));
1082 * Trust this the identity with this fingerprint
1084 * @param recipient username of the identity
1085 * @param fingerprint Fingerprint
1088 public boolean trustIdentityVerified(RecipientIdentifier
.Single recipient
, byte[] fingerprint
) {
1089 RecipientId recipientId
;
1091 recipientId
= resolveRecipient(recipient
);
1092 } catch (UnregisteredUserException e
) {
1095 return trustIdentity(recipientId
,
1096 identityKey
-> Arrays
.equals(identityKey
.serialize(), fingerprint
),
1097 TrustLevel
.TRUSTED_VERIFIED
);
1101 * Trust this the identity with this safety number
1103 * @param recipient username of the identity
1104 * @param safetyNumber Safety number
1107 public boolean trustIdentityVerifiedSafetyNumber(RecipientIdentifier
.Single recipient
, String safetyNumber
) {
1108 RecipientId recipientId
;
1110 recipientId
= resolveRecipient(recipient
);
1111 } catch (UnregisteredUserException e
) {
1114 var address
= resolveSignalServiceAddress(recipientId
);
1115 return trustIdentity(recipientId
,
1116 identityKey
-> safetyNumber
.equals(computeSafetyNumber(address
, identityKey
)),
1117 TrustLevel
.TRUSTED_VERIFIED
);
1121 * Trust this the identity with this scannable safety number
1123 * @param recipient username of the identity
1124 * @param safetyNumber Scannable safety number
1127 public boolean trustIdentityVerifiedSafetyNumber(RecipientIdentifier
.Single recipient
, byte[] safetyNumber
) {
1128 RecipientId recipientId
;
1130 recipientId
= resolveRecipient(recipient
);
1131 } catch (UnregisteredUserException e
) {
1134 var address
= resolveSignalServiceAddress(recipientId
);
1135 return trustIdentity(recipientId
, identityKey
-> {
1136 final var fingerprint
= computeSafetyNumberFingerprint(address
, identityKey
);
1138 return fingerprint
!= null && fingerprint
.getScannableFingerprint().compareTo(safetyNumber
);
1139 } catch (FingerprintVersionMismatchException
| FingerprintParsingException e
) {
1142 }, TrustLevel
.TRUSTED_VERIFIED
);
1146 * Trust all keys of this identity without verification
1148 * @param recipient username of the identity
1151 public boolean trustIdentityAllKeys(RecipientIdentifier
.Single recipient
) {
1152 RecipientId recipientId
;
1154 recipientId
= resolveRecipient(recipient
);
1155 } catch (UnregisteredUserException e
) {
1158 return trustIdentity(recipientId
, identityKey
-> true, TrustLevel
.TRUSTED_UNVERIFIED
);
1161 private boolean trustIdentity(
1162 RecipientId recipientId
, Function
<IdentityKey
, Boolean
> verifier
, TrustLevel trustLevel
1164 var identity
= account
.getIdentityKeyStore().getIdentity(recipientId
);
1165 if (identity
== null) {
1169 if (!verifier
.apply(identity
.getIdentityKey())) {
1173 account
.getIdentityKeyStore().setIdentityTrustLevel(recipientId
, identity
.getIdentityKey(), trustLevel
);
1175 var address
= resolveSignalServiceAddress(recipientId
);
1176 syncHelper
.sendVerifiedMessage(address
, identity
.getIdentityKey(), trustLevel
);
1177 } catch (IOException e
) {
1178 logger
.warn("Failed to send verification sync message: {}", e
.getMessage());
1184 private void handleIdentityFailure(
1185 final RecipientId recipientId
, final SendMessageResult
.IdentityFailure identityFailure
1187 final var identityKey
= identityFailure
.getIdentityKey();
1188 if (identityKey
!= null) {
1189 final var newIdentity
= account
.getIdentityKeyStore().saveIdentity(recipientId
, identityKey
, new Date());
1191 account
.getSessionStore().archiveSessions(recipientId
);
1194 // Retrieve profile to get the current identity key from the server
1195 profileHelper
.refreshRecipientProfile(recipientId
);
1200 public String
computeSafetyNumber(SignalServiceAddress theirAddress
, IdentityKey theirIdentityKey
) {
1201 final Fingerprint fingerprint
= computeSafetyNumberFingerprint(theirAddress
, theirIdentityKey
);
1202 return fingerprint
== null ?
null : fingerprint
.getDisplayableFingerprint().getDisplayText();
1205 private byte[] computeSafetyNumberForScanning(SignalServiceAddress theirAddress
, IdentityKey theirIdentityKey
) {
1206 final Fingerprint fingerprint
= computeSafetyNumberFingerprint(theirAddress
, theirIdentityKey
);
1207 return fingerprint
== null ?
null : fingerprint
.getScannableFingerprint().getSerialized();
1210 private Fingerprint
computeSafetyNumberFingerprint(
1211 final SignalServiceAddress theirAddress
, final IdentityKey theirIdentityKey
1213 return Utils
.computeSafetyNumber(capabilities
.isUuid(),
1214 account
.getSelfAddress(),
1215 account
.getIdentityKeyPair().getPublicKey(),
1221 public SignalServiceAddress
resolveSignalServiceAddress(SignalServiceAddress address
) {
1222 return resolveSignalServiceAddress(resolveRecipient(address
));
1225 private SignalServiceAddress
resolveSignalServiceAddress(RecipientId recipientId
) {
1226 final var address
= account
.getRecipientStore().resolveRecipientAddress(recipientId
);
1227 if (address
.getUuid().isPresent()) {
1228 return address
.toSignalServiceAddress();
1231 // Address in recipient store doesn't have a uuid, this shouldn't happen
1232 // Try to retrieve the uuid from the server
1233 final var number
= address
.getNumber().get();
1236 uuid
= getRegisteredUser(number
);
1237 } catch (IOException e
) {
1238 logger
.warn("Failed to get uuid for e164 number: {}", number
, e
);
1239 // Return SignalServiceAddress with unknown UUID
1240 return address
.toSignalServiceAddress();
1242 return resolveSignalServiceAddress(account
.getRecipientStore().resolveRecipient(uuid
));
1245 private Set
<RecipientId
> resolveRecipients(Collection
<RecipientIdentifier
.Single
> recipients
) throws UnregisteredUserException
{
1246 final var recipientIds
= new HashSet
<RecipientId
>(recipients
.size());
1247 for (var number
: recipients
) {
1248 final var recipientId
= resolveRecipient(number
);
1249 recipientIds
.add(recipientId
);
1251 return recipientIds
;
1254 private RecipientId
resolveRecipient(final RecipientIdentifier
.Single recipient
) throws UnregisteredUserException
{
1255 if (recipient
instanceof RecipientIdentifier
.Uuid
) {
1256 return account
.getRecipientStore().resolveRecipient(((RecipientIdentifier
.Uuid
) recipient
).uuid
);
1258 final var number
= ((RecipientIdentifier
.Number
) recipient
).number
;
1259 return account
.getRecipientStore().resolveRecipient(number
, () -> {
1261 return getRegisteredUser(number
);
1262 } catch (IOException e
) {
1269 private RecipientId
resolveRecipient(SignalServiceAddress address
) {
1270 return account
.getRecipientStore().resolveRecipient(address
);
1273 private RecipientId
resolveRecipientTrusted(SignalServiceAddress address
) {
1274 return account
.getRecipientStore().resolveRecipientTrusted(address
);
1278 public void close() throws IOException
{
1282 private void close(boolean closeAccount
) throws IOException
{
1283 executor
.shutdown();
1285 dependencies
.getSignalWebSocket().disconnect();
1287 if (closeAccount
&& account
!= null) {