]> nmode's Git Repositories - signal-cli/blob - lib/src/main/java/org/asamk/signal/manager/Manager.java
git.nmode.ca / signal-cli / blob
? search:


f9d86ce6686d23c885fca6453aad2348769f2a28
[signal-cli] / lib / src / main / java / org / asamk / signal / manager / Manager.java
1 /*
2 Copyright (C) 2015-2021 AsamK and contributors
3
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation, either version 3 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>.
16 */
17 package org.asamk.signal.manager;
18
19 import org.asamk.signal.manager.config.ServiceConfig;
20 import org.asamk.signal.manager.config.ServiceEnvironment;
21 import org.asamk.signal.manager.config.ServiceEnvironmentConfig;
22 import org.asamk.signal.manager.groups.GroupId;
23 import org.asamk.signal.manager.groups.GroupIdV1;
24 import org.asamk.signal.manager.groups.GroupInviteLinkUrl;
25 import org.asamk.signal.manager.groups.GroupNotFoundException;
26 import org.asamk.signal.manager.groups.GroupUtils;
27 import org.asamk.signal.manager.groups.NotAGroupMemberException;
28 import org.asamk.signal.manager.helper.GroupHelper;
29 import org.asamk.signal.manager.helper.PinHelper;
30 import org.asamk.signal.manager.helper.ProfileHelper;
31 import org.asamk.signal.manager.helper.UnidentifiedAccessHelper;
32 import org.asamk.signal.manager.storage.SignalAccount;
33 import org.asamk.signal.manager.storage.groups.GroupInfo;
34 import org.asamk.signal.manager.storage.groups.GroupInfoV1;
35 import org.asamk.signal.manager.storage.groups.GroupInfoV2;
36 import org.asamk.signal.manager.storage.identities.IdentityInfo;
37 import org.asamk.signal.manager.storage.messageCache.CachedMessage;
38 import org.asamk.signal.manager.storage.recipients.Contact;
39 import org.asamk.signal.manager.storage.recipients.Profile;
40 import org.asamk.signal.manager.storage.recipients.RecipientId;
41 import org.asamk.signal.manager.storage.stickers.Sticker;
42 import org.asamk.signal.manager.storage.stickers.StickerPackId;
43 import org.asamk.signal.manager.util.AttachmentUtils;
44 import org.asamk.signal.manager.util.IOUtils;
45 import org.asamk.signal.manager.util.KeyUtils;
46 import org.asamk.signal.manager.util.ProfileUtils;
47 import org.asamk.signal.manager.util.StickerUtils;
48 import org.asamk.signal.manager.util.Utils;
49 import org.signal.libsignal.metadata.InvalidMetadataMessageException;
50 import org.signal.libsignal.metadata.InvalidMetadataVersionException;
51 import org.signal.libsignal.metadata.ProtocolDuplicateMessageException;
52 import org.signal.libsignal.metadata.ProtocolInvalidKeyException;
53 import org.signal.libsignal.metadata.ProtocolInvalidKeyIdException;
54 import org.signal.libsignal.metadata.ProtocolInvalidMessageException;
55 import org.signal.libsignal.metadata.ProtocolInvalidVersionException;
56 import org.signal.libsignal.metadata.ProtocolLegacyMessageException;
57 import org.signal.libsignal.metadata.ProtocolNoSessionException;
58 import org.signal.libsignal.metadata.ProtocolUntrustedIdentityException;
59 import org.signal.libsignal.metadata.SelfSendException;
60 import org.signal.libsignal.metadata.certificate.CertificateValidator;
61 import org.signal.storageservice.protos.groups.GroupChange;
62 import org.signal.storageservice.protos.groups.local.DecryptedGroup;
63 import org.signal.zkgroup.InvalidInputException;
64 import org.signal.zkgroup.VerificationFailedException;
65 import org.signal.zkgroup.groups.GroupMasterKey;
66 import org.signal.zkgroup.groups.GroupSecretParams;
67 import org.signal.zkgroup.profiles.ClientZkProfileOperations;
68 import org.signal.zkgroup.profiles.ProfileKey;
69 import org.signal.zkgroup.profiles.ProfileKeyCredential;
70 import org.slf4j.Logger;
71 import org.slf4j.LoggerFactory;
72 import org.whispersystems.libsignal.IdentityKey;
73 import org.whispersystems.libsignal.IdentityKeyPair;
74 import org.whispersystems.libsignal.InvalidKeyException;
75 import org.whispersystems.libsignal.InvalidMessageException;
76 import org.whispersystems.libsignal.ecc.ECPublicKey;
77 import org.whispersystems.libsignal.state.PreKeyRecord;
78 import org.whispersystems.libsignal.state.SignedPreKeyRecord;
79 import org.whispersystems.libsignal.util.Pair;
80 import org.whispersystems.libsignal.util.guava.Optional;
81 import org.whispersystems.signalservice.api.SignalServiceAccountManager;
82 import org.whispersystems.signalservice.api.SignalServiceMessagePipe;
83 import org.whispersystems.signalservice.api.SignalServiceMessageReceiver;
84 import org.whispersystems.signalservice.api.SignalServiceMessageSender;
85 import org.whispersystems.signalservice.api.crypto.SignalServiceCipher;
86 import org.whispersystems.signalservice.api.crypto.UntrustedIdentityException;
87 import org.whispersystems.signalservice.api.groupsv2.ClientZkOperations;
88 import org.whispersystems.signalservice.api.groupsv2.GroupLinkNotActiveException;
89 import org.whispersystems.signalservice.api.groupsv2.GroupsV2Api;
90 import org.whispersystems.signalservice.api.groupsv2.GroupsV2AuthorizationString;
91 import org.whispersystems.signalservice.api.groupsv2.GroupsV2Operations;
92 import org.whispersystems.signalservice.api.messages.SendMessageResult;
93 import org.whispersystems.signalservice.api.messages.SignalServiceAttachment;
94 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentPointer;
95 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentRemoteId;
96 import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentStream;
97 import org.whispersystems.signalservice.api.messages.SignalServiceContent;
98 import org.whispersystems.signalservice.api.messages.SignalServiceDataMessage;
99 import org.whispersystems.signalservice.api.messages.SignalServiceEnvelope;
100 import org.whispersystems.signalservice.api.messages.SignalServiceGroup;
101 import org.whispersystems.signalservice.api.messages.SignalServiceGroupV2;
102 import org.whispersystems.signalservice.api.messages.SignalServiceReceiptMessage;
103 import org.whispersystems.signalservice.api.messages.multidevice.BlockedListMessage;
104 import org.whispersystems.signalservice.api.messages.multidevice.ContactsMessage;
105 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContact;
106 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContactsInputStream;
107 import org.whispersystems.signalservice.api.messages.multidevice.DeviceContactsOutputStream;
108 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroup;
109 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroupsInputStream;
110 import org.whispersystems.signalservice.api.messages.multidevice.DeviceGroupsOutputStream;
111 import org.whispersystems.signalservice.api.messages.multidevice.DeviceInfo;
112 import org.whispersystems.signalservice.api.messages.multidevice.RequestMessage;
113 import org.whispersystems.signalservice.api.messages.multidevice.SentTranscriptMessage;
114 import org.whispersystems.signalservice.api.messages.multidevice.SignalServiceSyncMessage;
115 import org.whispersystems.signalservice.api.messages.multidevice.StickerPackOperationMessage;
116 import org.whispersystems.signalservice.api.messages.multidevice.VerifiedMessage;
117 import org.whispersystems.signalservice.api.profiles.ProfileAndCredential;
118 import org.whispersystems.signalservice.api.profiles.SignalServiceProfile;
119 import org.whispersystems.signalservice.api.push.SignalServiceAddress;
120 import org.whispersystems.signalservice.api.push.exceptions.MissingConfigurationException;
121 import org.whispersystems.signalservice.api.push.exceptions.UnregisteredUserException;
122 import org.whispersystems.signalservice.api.util.InvalidNumberException;
123 import org.whispersystems.signalservice.api.util.PhoneNumberFormatter;
124 import org.whispersystems.signalservice.api.util.SleepTimer;
125 import org.whispersystems.signalservice.api.util.UptimeSleepTimer;
126 import org.whispersystems.signalservice.api.util.UuidUtil;
127 import org.whispersystems.signalservice.internal.contacts.crypto.Quote;
128 import org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedQuoteException;
129 import org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedResponseException;
130 import org.whispersystems.signalservice.internal.push.SignalServiceProtos;
131 import org.whispersystems.signalservice.internal.push.UnsupportedDataMessageException;
132 import org.whispersystems.signalservice.internal.util.DynamicCredentialsProvider;
133 import org.whispersystems.signalservice.internal.util.Hex;
134 import org.whispersystems.signalservice.internal.util.Util;
135
136 import java.io.Closeable;
137 import java.io.File;
138 import java.io.FileInputStream;
139 import java.io.FileOutputStream;
140 import java.io.IOException;
141 import java.io.InputStream;
142 import java.io.OutputStream;
143 import java.net.URI;
144 import java.net.URISyntaxException;
145 import java.net.URLEncoder;
146 import java.nio.charset.StandardCharsets;
147 import java.nio.file.Files;
148 import java.security.SignatureException;
149 import java.util.ArrayList;
150 import java.util.Arrays;
151 import java.util.Base64;
152 import java.util.Collection;
153 import java.util.Date;
154 import java.util.HashSet;
155 import java.util.List;
156 import java.util.Map;
157 import java.util.Set;
158 import java.util.UUID;
159 import java.util.concurrent.ExecutorService;
160 import java.util.concurrent.Executors;
161 import java.util.concurrent.TimeUnit;
162 import java.util.concurrent.TimeoutException;
163 import java.util.function.Function;
164 import java.util.stream.Collectors;
165
166 import static org.asamk.signal.manager.config.ServiceConfig.capabilities;
167
168 public class Manager implements Closeable {
169
170 private final static Logger logger = LoggerFactory.getLogger(Manager.class);
171
172 private final CertificateValidator certificateValidator;
173
174 private final ServiceEnvironmentConfig serviceEnvironmentConfig;
175 private final String userAgent;
176
177 private SignalAccount account;
178 private final SignalServiceAccountManager accountManager;
179 private final GroupsV2Api groupsV2Api;
180 private final GroupsV2Operations groupsV2Operations;
181 private final SignalServiceMessageReceiver messageReceiver;
182 private final ClientZkProfileOperations clientZkProfileOperations;
183
184 private final ExecutorService executor = Executors.newCachedThreadPool();
185
186 private SignalServiceMessagePipe messagePipe = null;
187 private SignalServiceMessagePipe unidentifiedMessagePipe = null;
188
189 private final UnidentifiedAccessHelper unidentifiedAccessHelper;
190 private final ProfileHelper profileHelper;
191 private final GroupHelper groupHelper;
192 private final PinHelper pinHelper;
193 private final AvatarStore avatarStore;
194 private final AttachmentStore attachmentStore;
195
196 Manager(
197 SignalAccount account,
198 PathConfig pathConfig,
199 ServiceEnvironmentConfig serviceEnvironmentConfig,
200 String userAgent
201 ) {
202 this.account = account;
203 this.serviceEnvironmentConfig = serviceEnvironmentConfig;
204 this.certificateValidator = new CertificateValidator(serviceEnvironmentConfig.getUnidentifiedSenderTrustRoot());
205 this.userAgent = userAgent;
206 this.groupsV2Operations = capabilities.isGv2() ? new GroupsV2Operations(ClientZkOperations.create(
207 serviceEnvironmentConfig.getSignalServiceConfiguration())) : null;
208 final SleepTimer timer = new UptimeSleepTimer();
209 this.accountManager = new SignalServiceAccountManager(serviceEnvironmentConfig.getSignalServiceConfiguration(),
210 new DynamicCredentialsProvider(account.getUuid(),
211 account.getUsername(),
212 account.getPassword(),
213 account.getDeviceId()),
214 userAgent,
215 groupsV2Operations,
216 ServiceConfig.AUTOMATIC_NETWORK_RETRY,
217 timer);
218 this.groupsV2Api = accountManager.getGroupsV2Api();
219 final var keyBackupService = accountManager.getKeyBackupService(ServiceConfig.getIasKeyStore(),
220 serviceEnvironmentConfig.getKeyBackupConfig().getEnclaveName(),
221 serviceEnvironmentConfig.getKeyBackupConfig().getServiceId(),
222 serviceEnvironmentConfig.getKeyBackupConfig().getMrenclave(),
223 10);
224
225 this.pinHelper = new PinHelper(keyBackupService);
226 this.clientZkProfileOperations = capabilities.isGv2()
227 ? ClientZkOperations.create(serviceEnvironmentConfig.getSignalServiceConfiguration())
228 .getProfileOperations()
229 : null;
230 this.messageReceiver = new SignalServiceMessageReceiver(serviceEnvironmentConfig.getSignalServiceConfiguration(),
231 account.getUuid(),
232 account.getUsername(),
233 account.getPassword(),
234 account.getDeviceId(),
235 userAgent,
236 null,
237 timer,
238 clientZkProfileOperations,
239 ServiceConfig.AUTOMATIC_NETWORK_RETRY);
240
241 this.unidentifiedAccessHelper = new UnidentifiedAccessHelper(account::getProfileKey,
242 account.getProfileStore()::getProfileKey,
243 this::getRecipientProfile,
244 this::getSenderCertificate);
245 this.profileHelper = new ProfileHelper(account.getProfileStore()::getProfileKey,
246 unidentifiedAccessHelper::getAccessFor,
247 unidentified -> unidentified ? getOrCreateUnidentifiedMessagePipe() : getOrCreateMessagePipe(),
248 () -> messageReceiver,
249 this::resolveSignalServiceAddress);
250 this.groupHelper = new GroupHelper(this::getRecipientProfileKeyCredential,
251 this::getRecipientProfile,
252 account::getSelfRecipientId,
253 groupsV2Operations,
254 groupsV2Api,
255 this::getGroupAuthForToday,
256 this::resolveSignalServiceAddress);
257 this.avatarStore = new AvatarStore(pathConfig.getAvatarsPath());
258 this.attachmentStore = new AttachmentStore(pathConfig.getAttachmentsPath());
259 }
260
261 public String getUsername() {
262 return account.getUsername();
263 }
264
265 public SignalServiceAddress getSelfAddress() {
266 return account.getSelfAddress();
267 }
268
269 public RecipientId getSelfRecipientId() {
270 return account.getSelfRecipientId();
271 }
272
273 private IdentityKeyPair getIdentityKeyPair() {
274 return account.getIdentityKeyPair();
275 }
276
277 public int getDeviceId() {
278 return account.getDeviceId();
279 }
280
281 public static Manager init(
282 String username, File settingsPath, ServiceEnvironment serviceEnvironment, String userAgent
283 ) throws IOException, NotRegisteredException {
284 var pathConfig = PathConfig.createDefault(settingsPath);
285
286 if (!SignalAccount.userExists(pathConfig.getDataPath(), username)) {
287 throw new NotRegisteredException();
288 }
289
290 var account = SignalAccount.load(pathConfig.getDataPath(), username);
291
292 if (!account.isRegistered()) {
293 throw new NotRegisteredException();
294 }
295
296 final var serviceEnvironmentConfig = ServiceConfig.getServiceEnvironmentConfig(serviceEnvironment, userAgent);
297
298 return new Manager(account, pathConfig, serviceEnvironmentConfig, userAgent);
299 }
300
301 public static List<String> getAllLocalUsernames(File settingsPath) {
302 var pathConfig = PathConfig.createDefault(settingsPath);
303 final var dataPath = pathConfig.getDataPath();
304 final var files = dataPath.listFiles();
305
306 if (files == null) {
307 return List.of();
308 }
309
310 return Arrays.stream(files)
311 .filter(File::isFile)
312 .map(File::getName)
313 .filter(file -> PhoneNumberFormatter.isValidNumber(file, null))
314 .collect(Collectors.toList());
315 }
316
317 public void checkAccountState() throws IOException {
318 if (accountManager.getPreKeysCount() < ServiceConfig.PREKEY_MINIMUM_COUNT) {
319 refreshPreKeys();
320 }
321 if (account.getUuid() == null) {
322 account.setUuid(accountManager.getOwnUuid());
323 }
324 updateAccountAttributes();
325 }
326
327 /**
328 * This is used for checking a set of phone numbers for registration on Signal
329 *
330 * @param numbers The set of phone number in question
331 * @return A map of numbers to booleans. True if registered, false otherwise. Should never be null
332 * @throws IOException if its unable to get the contacts to check if they're registered
333 */
334 public Map<String, Boolean> areUsersRegistered(Set<String> numbers) throws IOException {
335 // Note "contactDetails" has no optionals. It only gives us info on users who are registered
336 var contactDetails = getRegisteredUsers(numbers);
337
338 var registeredUsers = contactDetails.keySet();
339
340 return numbers.stream().collect(Collectors.toMap(x -> x, registeredUsers::contains));
341 }
342
343 public void updateAccountAttributes() throws IOException {
344 accountManager.setAccountAttributes(null,
345 account.getLocalRegistrationId(),
346 true,
347 // set legacy pin only if no KBS master key is set
348 account.getPinMasterKey() == null ? account.getRegistrationLockPin() : null,
349 account.getPinMasterKey() == null ? null : account.getPinMasterKey().deriveRegistrationLock(),
350 account.getSelfUnidentifiedAccessKey(),
351 account.isUnrestrictedUnidentifiedAccess(),
352 capabilities,
353 account.isDiscoverableByPhoneNumber());
354 }
355
356 /**
357 * @param name if null, the previous name will be kept
358 * @param about if null, the previous about text will be kept
359 * @param aboutEmoji if null, the previous about emoji will be kept
360 * @param avatar if avatar is null the image from the local avatar store is used (if present),
361 * if it's Optional.absent(), the avatar will be removed
362 */
363 public void setProfile(String name, String about, String aboutEmoji, Optional<File> avatar) throws IOException {
364 var profile = getRecipientProfile(account.getSelfRecipientId());
365 var builder = profile == null ? Profile.newBuilder() : Profile.newBuilder(profile);
366 if (name != null) {
367 builder.withGivenName(name);
368 builder.withFamilyName(null);
369 }
370 if (about != null) {
371 builder.withAbout(about);
372 }
373 if (aboutEmoji != null) {
374 builder.withAboutEmoji(aboutEmoji);
375 }
376 var newProfile = builder.build();
377
378 try (final var streamDetails = avatar == null
379 ? avatarStore.retrieveProfileAvatar(getSelfAddress())
380 : avatar.isPresent() ? Utils.createStreamDetailsFromFile(avatar.get()) : null) {
381 accountManager.setVersionedProfile(account.getUuid(),
382 account.getProfileKey(),
383 newProfile.getInternalServiceName(),
384 newProfile.getAbout() == null ? "" : newProfile.getAbout(),
385 newProfile.getAboutEmoji() == null ? "" : newProfile.getAboutEmoji(),
386 streamDetails);
387 }
388
389 if (avatar != null) {
390 if (avatar.isPresent()) {
391 avatarStore.storeProfileAvatar(getSelfAddress(),
392 outputStream -> IOUtils.copyFileToStream(avatar.get(), outputStream));
393 } else {
394 avatarStore.deleteProfileAvatar(getSelfAddress());
395 }
396 }
397 account.getProfileStore().storeProfile(account.getSelfRecipientId(), newProfile);
398
399 try {
400 sendSyncMessage(SignalServiceSyncMessage.forFetchLatest(SignalServiceSyncMessage.FetchType.LOCAL_PROFILE));
401 } catch (UntrustedIdentityException ignored) {
402 }
403 }
404
405 public void unregister() throws IOException {
406 // When setting an empty GCM id, the Signal-Server also sets the fetchesMessages property to false.
407 // If this is the master device, other users can't send messages to this number anymore.
408 // If this is a linked device, other users can still send messages, but this device doesn't receive them anymore.
409 accountManager.setGcmId(Optional.absent());
410
411 account.setRegistered(false);
412 }
413
414 public void deleteAccount() throws IOException {
415 accountManager.deleteAccount();
416
417 account.setRegistered(false);
418 }
419
420 public List<DeviceInfo> getLinkedDevices() throws IOException {
421 var devices = accountManager.getDevices();
422 account.setMultiDevice(devices.size() > 1);
423 return devices;
424 }
425
426 public void removeLinkedDevices(int deviceId) throws IOException {
427 accountManager.removeDevice(deviceId);
428 var devices = accountManager.getDevices();
429 account.setMultiDevice(devices.size() > 1);
430 }
431
432 public void addDeviceLink(URI linkUri) throws IOException, InvalidKeyException {
433 var info = DeviceLinkInfo.parseDeviceLinkUri(linkUri);
434
435 addDevice(info.deviceIdentifier, info.deviceKey);
436 }
437
438 private void addDevice(String deviceIdentifier, ECPublicKey deviceKey) throws IOException, InvalidKeyException {
439 var identityKeyPair = getIdentityKeyPair();
440 var verificationCode = accountManager.getNewDeviceVerificationCode();
441
442 accountManager.addDevice(deviceIdentifier,
443 deviceKey,
444 identityKeyPair,
445 Optional.of(account.getProfileKey().serialize()),
446 verificationCode);
447 account.setMultiDevice(true);
448 }
449
450 public void setRegistrationLockPin(Optional<String> pin) throws IOException, UnauthenticatedResponseException {
451 if (!account.isMasterDevice()) {
452 throw new RuntimeException("Only master device can set a PIN");
453 }
454 if (pin.isPresent()) {
455 final var masterKey = account.getPinMasterKey() != null
456 ? account.getPinMasterKey()
457 : KeyUtils.createMasterKey();
458
459 pinHelper.setRegistrationLockPin(pin.get(), masterKey);
460
461 account.setRegistrationLockPin(pin.get(), masterKey);
462 } else {
463 // Remove legacy registration lock
464 accountManager.removeRegistrationLockV1();
465
466 // Remove KBS Pin
467 pinHelper.removeRegistrationLockPin();
468
469 account.setRegistrationLockPin(null, null);
470 }
471 }
472
473 void refreshPreKeys() throws IOException {
474 var oneTimePreKeys = generatePreKeys();
475 final var identityKeyPair = getIdentityKeyPair();
476 var signedPreKeyRecord = generateSignedPreKey(identityKeyPair);
477
478 accountManager.setPreKeys(identityKeyPair.getPublicKey(), signedPreKeyRecord, oneTimePreKeys);
479 }
480
481 private List<PreKeyRecord> generatePreKeys() {
482 final var offset = account.getPreKeyIdOffset();
483
484 var records = KeyUtils.generatePreKeyRecords(offset, ServiceConfig.PREKEY_BATCH_SIZE);
485 account.addPreKeys(records);
486
487 return records;
488 }
489
490 private SignedPreKeyRecord generateSignedPreKey(IdentityKeyPair identityKeyPair) {
491 final var signedPreKeyId = account.getNextSignedPreKeyId();
492
493 var record = KeyUtils.generateSignedPreKeyRecord(identityKeyPair, signedPreKeyId);
494 account.addSignedPreKey(record);
495
496 return record;
497 }
498
499 private SignalServiceMessagePipe getOrCreateMessagePipe() {
500 if (messagePipe == null) {
501 messagePipe = messageReceiver.createMessagePipe();
502 }
503 return messagePipe;
504 }
505
506 private SignalServiceMessagePipe getOrCreateUnidentifiedMessagePipe() {
507 if (unidentifiedMessagePipe == null) {
508 unidentifiedMessagePipe = messageReceiver.createUnidentifiedMessagePipe();
509 }
510 return unidentifiedMessagePipe;
511 }
512
513 private SignalServiceMessageSender createMessageSender() {
514 return new SignalServiceMessageSender(serviceEnvironmentConfig.getSignalServiceConfiguration(),
515 account.getUuid(),
516 account.getUsername(),
517 account.getPassword(),
518 account.getDeviceId(),
519 account.getSignalProtocolStore(),
520 userAgent,
521 account.isMultiDevice(),
522 Optional.fromNullable(messagePipe),
523 Optional.fromNullable(unidentifiedMessagePipe),
524 Optional.absent(),
525 clientZkProfileOperations,
526 executor,
527 ServiceConfig.MAX_ENVELOPE_SIZE,
528 ServiceConfig.AUTOMATIC_NETWORK_RETRY);
529 }
530
531 public Profile getRecipientProfile(
532 SignalServiceAddress address
533 ) {
534 return getRecipientProfile(resolveRecipient(address), false);
535 }
536
537 public Profile getRecipientProfile(
538 RecipientId recipientId
539 ) {
540 return getRecipientProfile(recipientId, false);
541 }
542
543 private final Set<RecipientId> pendingProfileRequest = new HashSet<>();
544
545 Profile getRecipientProfile(
546 RecipientId recipientId, boolean force
547 ) {
548 var profileKey = account.getProfileStore().getProfileKey(recipientId);
549 if (profileKey == null) {
550 if (force) {
551 // retrieve profile to get identity key
552 retrieveEncryptedProfile(recipientId);
553 }
554 return null;
555 }
556 var profile = account.getProfileStore().getProfile(recipientId);
557
558 var now = new Date().getTime();
559 // Profiles are cached for 24h before retrieving them again, unless forced
560 if (!force && profile != null && now - profile.getLastUpdateTimestamp() < 24 * 60 * 60 * 1000) {
561 return profile;
562 }
563
564 synchronized (pendingProfileRequest) {
565 if (pendingProfileRequest.contains(recipientId)) {
566 return profile;
567 }
568 pendingProfileRequest.add(recipientId);
569 }
570 final SignalServiceProfile encryptedProfile;
571 try {
572 encryptedProfile = retrieveEncryptedProfile(recipientId);
573 } finally {
574 synchronized (pendingProfileRequest) {
575 pendingProfileRequest.remove(recipientId);
576 }
577 }
578 if (encryptedProfile == null) {
579 return null;
580 }
581
582 profile = decryptProfileAndDownloadAvatar(recipientId, profileKey, encryptedProfile);
583 account.getProfileStore().storeProfile(recipientId, profile);
584
585 return profile;
586 }
587
588 private SignalServiceProfile retrieveEncryptedProfile(RecipientId recipientId) {
589 try {
590 return retrieveProfileAndCredential(recipientId, SignalServiceProfile.RequestType.PROFILE).getProfile();
591 } catch (IOException e) {
592 logger.warn("Failed to retrieve profile, ignoring: {}", e.getMessage());
593 return null;
594 }
595 }
596
597 private ProfileAndCredential retrieveProfileAndCredential(
598 final RecipientId recipientId, final SignalServiceProfile.RequestType requestType
599 ) throws IOException {
600 final var profileAndCredential = profileHelper.retrieveProfileSync(recipientId, requestType);
601 final var profile = profileAndCredential.getProfile();
602
603 try {
604 var newIdentity = account.getIdentityKeyStore()
605 .saveIdentity(recipientId,
606 new IdentityKey(Base64.getDecoder().decode(profile.getIdentityKey())),
607 new Date());
608
609 if (newIdentity) {
610 account.getSessionStore().archiveSessions(recipientId);
611 }
612 } catch (InvalidKeyException ignored) {
613 logger.warn("Got invalid identity key in profile for {}",
614 resolveSignalServiceAddress(recipientId).getLegacyIdentifier());
615 }
616 return profileAndCredential;
617 }
618
619 private ProfileKeyCredential getRecipientProfileKeyCredential(RecipientId recipientId) {
620 var profileKeyCredential = account.getProfileStore().getProfileKeyCredential(recipientId);
621 if (profileKeyCredential != null) {
622 return profileKeyCredential;
623 }
624
625 ProfileAndCredential profileAndCredential;
626 try {
627 profileAndCredential = retrieveProfileAndCredential(recipientId,
628 SignalServiceProfile.RequestType.PROFILE_AND_CREDENTIAL);
629 } catch (IOException e) {
630 logger.warn("Failed to retrieve profile key credential, ignoring: {}", e.getMessage());
631 return null;
632 }
633
634 profileKeyCredential = profileAndCredential.getProfileKeyCredential().orNull();
635 account.getProfileStore().storeProfileKeyCredential(recipientId, profileKeyCredential);
636
637 var profileKey = account.getProfileStore().getProfileKey(recipientId);
638 if (profileKey != null) {
639 final var profile = decryptProfileAndDownloadAvatar(recipientId,
640 profileKey,
641 profileAndCredential.getProfile());
642 account.getProfileStore().storeProfile(recipientId, profile);
643 }
644
645 return profileKeyCredential;
646 }
647
648 private Profile decryptProfileAndDownloadAvatar(
649 final RecipientId recipientId, final ProfileKey profileKey, final SignalServiceProfile encryptedProfile
650 ) {
651 if (encryptedProfile.getAvatar() != null) {
652 downloadProfileAvatar(resolveSignalServiceAddress(recipientId), encryptedProfile.getAvatar(), profileKey);
653 }
654
655 return ProfileUtils.decryptProfile(profileKey, encryptedProfile);
656 }
657
658 private Optional<SignalServiceAttachmentStream> createGroupAvatarAttachment(GroupId groupId) throws IOException {
659 final var streamDetails = avatarStore.retrieveGroupAvatar(groupId);
660 if (streamDetails == null) {
661 return Optional.absent();
662 }
663
664 return Optional.of(AttachmentUtils.createAttachment(streamDetails, Optional.absent()));
665 }
666
667 private Optional<SignalServiceAttachmentStream> createContactAvatarAttachment(SignalServiceAddress address) throws IOException {
668 final var streamDetails = avatarStore.retrieveContactAvatar(address);
669 if (streamDetails == null) {
670 return Optional.absent();
671 }
672
673 return Optional.of(AttachmentUtils.createAttachment(streamDetails, Optional.absent()));
674 }
675
676 private GroupInfo getGroupForSending(GroupId groupId) throws GroupNotFoundException, NotAGroupMemberException {
677 var g = getGroup(groupId);
678 if (g == null) {
679 throw new GroupNotFoundException(groupId);
680 }
681 if (!g.isMember(account.getSelfRecipientId())) {
682 throw new NotAGroupMemberException(groupId, g.getTitle());
683 }
684 return g;
685 }
686
687 private GroupInfo getGroupForUpdating(GroupId groupId) throws GroupNotFoundException, NotAGroupMemberException {
688 var g = getGroup(groupId);
689 if (g == null) {
690 throw new GroupNotFoundException(groupId);
691 }
692 if (!g.isMember(account.getSelfRecipientId()) && !g.isPendingMember(account.getSelfRecipientId())) {
693 throw new NotAGroupMemberException(groupId, g.getTitle());
694 }
695 return g;
696 }
697
698 public List<GroupInfo> getGroups() {
699 return account.getGroupStore().getGroups();
700 }
701
702 public Pair<Long, List<SendMessageResult>> sendGroupMessage(
703 String messageText, List<String> attachments, GroupId groupId
704 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, NotAGroupMemberException {
705 final var messageBuilder = SignalServiceDataMessage.newBuilder().withBody(messageText);
706 if (attachments != null) {
707 messageBuilder.withAttachments(AttachmentUtils.getSignalServiceAttachments(attachments));
708 }
709
710 return sendGroupMessage(messageBuilder, groupId);
711 }
712
713 public Pair<Long, List<SendMessageResult>> sendGroupMessageReaction(
714 String emoji, boolean remove, String targetAuthor, long targetSentTimestamp, GroupId groupId
715 ) throws IOException, InvalidNumberException, NotAGroupMemberException, GroupNotFoundException {
716 var reaction = new SignalServiceDataMessage.Reaction(emoji,
717 remove,
718 canonicalizeAndResolveSignalServiceAddress(targetAuthor),
719 targetSentTimestamp);
720 final var messageBuilder = SignalServiceDataMessage.newBuilder().withReaction(reaction);
721
722 return sendGroupMessage(messageBuilder, groupId);
723 }
724
725 public Pair<Long, List<SendMessageResult>> sendGroupMessage(
726 SignalServiceDataMessage.Builder messageBuilder, GroupId groupId
727 ) throws IOException, GroupNotFoundException, NotAGroupMemberException {
728 final var g = getGroupForSending(groupId);
729
730 GroupUtils.setGroupContext(messageBuilder, g);
731 messageBuilder.withExpiration(g.getMessageExpirationTime());
732
733 return sendMessage(messageBuilder, g.getMembersWithout(account.getSelfRecipientId()));
734 }
735
736 public Pair<Long, List<SendMessageResult>> sendQuitGroupMessage(GroupId groupId) throws GroupNotFoundException, IOException, NotAGroupMemberException {
737 SignalServiceDataMessage.Builder messageBuilder;
738
739 final var g = getGroupForUpdating(groupId);
740 if (g instanceof GroupInfoV1) {
741 var groupInfoV1 = (GroupInfoV1) g;
742 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.QUIT).withId(groupId.serialize()).build();
743 messageBuilder = SignalServiceDataMessage.newBuilder().asGroupMessage(group);
744 groupInfoV1.removeMember(account.getSelfRecipientId());
745 account.getGroupStore().updateGroup(groupInfoV1);
746 } else {
747 final var groupInfoV2 = (GroupInfoV2) g;
748 final var groupGroupChangePair = groupHelper.leaveGroup(groupInfoV2);
749 groupInfoV2.setGroup(groupGroupChangePair.first(), this::resolveRecipient);
750 messageBuilder = getGroupUpdateMessageBuilder(groupInfoV2, groupGroupChangePair.second().toByteArray());
751 account.getGroupStore().updateGroup(groupInfoV2);
752 }
753
754 return sendMessage(messageBuilder, g.getMembersWithout(account.getSelfRecipientId()));
755 }
756
757 public Pair<GroupId, List<SendMessageResult>> updateGroup(
758 GroupId groupId, String name, List<String> members, File avatarFile
759 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, InvalidNumberException, NotAGroupMemberException {
760 return sendUpdateGroupMessage(groupId,
761 name,
762 members == null ? null : getSignalServiceAddresses(members),
763 avatarFile);
764 }
765
766 private Pair<GroupId, List<SendMessageResult>> sendUpdateGroupMessage(
767 GroupId groupId, String name, Set<RecipientId> members, File avatarFile
768 ) throws IOException, GroupNotFoundException, AttachmentInvalidException, NotAGroupMemberException {
769 GroupInfo g;
770 SignalServiceDataMessage.Builder messageBuilder;
771 if (groupId == null) {
772 // Create new group
773 var gv2Pair = groupHelper.createGroupV2(name == null ? "" : name,
774 members == null ? Set.of() : members,
775 avatarFile);
776 if (gv2Pair == null) {
777 var gv1 = new GroupInfoV1(GroupIdV1.createRandom());
778 gv1.addMembers(List.of(account.getSelfRecipientId()));
779 updateGroupV1(gv1, name, members, avatarFile);
780 messageBuilder = getGroupUpdateMessageBuilder(gv1);
781 g = gv1;
782 } else {
783 final var gv2 = gv2Pair.first();
784 final var decryptedGroup = gv2Pair.second();
785
786 gv2.setGroup(decryptedGroup, this::resolveRecipient);
787 if (avatarFile != null) {
788 avatarStore.storeGroupAvatar(gv2.getGroupId(),
789 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
790 }
791 messageBuilder = getGroupUpdateMessageBuilder(gv2, null);
792 g = gv2;
793 }
794 } else {
795 var group = getGroupForUpdating(groupId);
796 if (group instanceof GroupInfoV2) {
797 final var groupInfoV2 = (GroupInfoV2) group;
798
799 Pair<Long, List<SendMessageResult>> result = null;
800 if (groupInfoV2.isPendingMember(account.getSelfRecipientId())) {
801 var groupGroupChangePair = groupHelper.acceptInvite(groupInfoV2);
802 result = sendUpdateGroupMessage(groupInfoV2,
803 groupGroupChangePair.first(),
804 groupGroupChangePair.second());
805 }
806
807 if (members != null) {
808 final var newMembers = new HashSet<>(members);
809 newMembers.removeAll(group.getMembers());
810 if (newMembers.size() > 0) {
811 var groupGroupChangePair = groupHelper.updateGroupV2(groupInfoV2, newMembers);
812 result = sendUpdateGroupMessage(groupInfoV2,
813 groupGroupChangePair.first(),
814 groupGroupChangePair.second());
815 }
816 }
817 if (result == null || name != null || avatarFile != null) {
818 var groupGroupChangePair = groupHelper.updateGroupV2(groupInfoV2, name, avatarFile);
819 if (avatarFile != null) {
820 avatarStore.storeGroupAvatar(groupInfoV2.getGroupId(),
821 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
822 }
823 result = sendUpdateGroupMessage(groupInfoV2,
824 groupGroupChangePair.first(),
825 groupGroupChangePair.second());
826 }
827
828 return new Pair<>(group.getGroupId(), result.second());
829 } else {
830 var gv1 = (GroupInfoV1) group;
831 updateGroupV1(gv1, name, members, avatarFile);
832 messageBuilder = getGroupUpdateMessageBuilder(gv1);
833 g = gv1;
834 }
835 }
836
837 account.getGroupStore().updateGroup(g);
838
839 final var result = sendMessage(messageBuilder,
840 g.getMembersIncludingPendingWithout(account.getSelfRecipientId()));
841 return new Pair<>(g.getGroupId(), result.second());
842 }
843
844 private void updateGroupV1(
845 final GroupInfoV1 g, final String name, final Collection<RecipientId> members, final File avatarFile
846 ) throws IOException {
847 if (name != null) {
848 g.name = name;
849 }
850
851 if (members != null) {
852 final var newMemberAddresses = members.stream()
853 .filter(member -> !g.isMember(member))
854 .map(this::resolveSignalServiceAddress)
855 .collect(Collectors.toList());
856 final var newE164Members = new HashSet<String>();
857 for (var member : newMemberAddresses) {
858 if (!member.getNumber().isPresent()) {
859 continue;
860 }
861 newE164Members.add(member.getNumber().get());
862 }
863
864 final var registeredUsers = getRegisteredUsers(newE164Members);
865 if (registeredUsers.size() != newE164Members.size()) {
866 // Some of the new members are not registered on Signal
867 newE164Members.removeAll(registeredUsers.keySet());
868 throw new IOException("Failed to add members "
869 + String.join(", ", newE164Members)
870 + " to group: Not registered on Signal");
871 }
872
873 g.addMembers(members);
874 }
875
876 if (avatarFile != null) {
877 avatarStore.storeGroupAvatar(g.getGroupId(),
878 outputStream -> IOUtils.copyFileToStream(avatarFile, outputStream));
879 }
880 }
881
882 public Pair<GroupId, List<SendMessageResult>> joinGroup(
883 GroupInviteLinkUrl inviteLinkUrl
884 ) throws IOException, GroupLinkNotActiveException {
885 return sendJoinGroupMessage(inviteLinkUrl);
886 }
887
888 private Pair<GroupId, List<SendMessageResult>> sendJoinGroupMessage(
889 GroupInviteLinkUrl inviteLinkUrl
890 ) throws IOException, GroupLinkNotActiveException {
891 final var groupJoinInfo = groupHelper.getDecryptedGroupJoinInfo(inviteLinkUrl.getGroupMasterKey(),
892 inviteLinkUrl.getPassword());
893 final var groupChange = groupHelper.joinGroup(inviteLinkUrl.getGroupMasterKey(),
894 inviteLinkUrl.getPassword(),
895 groupJoinInfo);
896 final var group = getOrMigrateGroup(inviteLinkUrl.getGroupMasterKey(),
897 groupJoinInfo.getRevision() + 1,
898 groupChange.toByteArray());
899
900 if (group.getGroup() == null) {
901 // Only requested member, can't send update to group members
902 return new Pair<>(group.getGroupId(), List.of());
903 }
904
905 final var result = sendUpdateGroupMessage(group, group.getGroup(), groupChange);
906
907 return new Pair<>(group.getGroupId(), result.second());
908 }
909
910 private static int currentTimeDays() {
911 return (int) TimeUnit.MILLISECONDS.toDays(System.currentTimeMillis());
912 }
913
914 private GroupsV2AuthorizationString getGroupAuthForToday(
915 final GroupSecretParams groupSecretParams
916 ) throws IOException {
917 final var today = currentTimeDays();
918 // Returns credentials for the next 7 days
919 final var credentials = groupsV2Api.getCredentials(today);
920 // TODO cache credentials until they expire
921 var authCredentialResponse = credentials.get(today);
922 try {
923 return groupsV2Api.getGroupsV2AuthorizationString(account.getUuid(),
924 today,
925 groupSecretParams,
926 authCredentialResponse);
927 } catch (VerificationFailedException e) {
928 throw new IOException(e);
929 }
930 }
931
932 private Pair<Long, List<SendMessageResult>> sendUpdateGroupMessage(
933 GroupInfoV2 group, DecryptedGroup newDecryptedGroup, GroupChange groupChange
934 ) throws IOException {
935 group.setGroup(newDecryptedGroup, this::resolveRecipient);
936 final var messageBuilder = getGroupUpdateMessageBuilder(group, groupChange.toByteArray());
937 account.getGroupStore().updateGroup(group);
938 return sendMessage(messageBuilder, group.getMembersIncludingPendingWithout(account.getSelfRecipientId()));
939 }
940
941 Pair<Long, List<SendMessageResult>> sendGroupInfoMessage(
942 GroupIdV1 groupId, SignalServiceAddress recipient
943 ) throws IOException, NotAGroupMemberException, GroupNotFoundException, AttachmentInvalidException {
944 GroupInfoV1 g;
945 var group = getGroupForSending(groupId);
946 if (!(group instanceof GroupInfoV1)) {
947 throw new RuntimeException("Received an invalid group request for a v2 group!");
948 }
949 g = (GroupInfoV1) group;
950
951 if (!g.isMember(resolveRecipient(recipient))) {
952 throw new NotAGroupMemberException(groupId, g.name);
953 }
954
955 var messageBuilder = getGroupUpdateMessageBuilder(g);
956
957 // Send group message only to the recipient who requested it
958 return sendMessage(messageBuilder, Set.of(resolveRecipient(recipient)));
959 }
960
961 private SignalServiceDataMessage.Builder getGroupUpdateMessageBuilder(GroupInfoV1 g) throws AttachmentInvalidException {
962 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.UPDATE)
963 .withId(g.getGroupId().serialize())
964 .withName(g.name)
965 .withMembers(g.getMembers()
966 .stream()
967 .map(this::resolveSignalServiceAddress)
968 .collect(Collectors.toList()));
969
970 try {
971 final var attachment = createGroupAvatarAttachment(g.getGroupId());
972 if (attachment.isPresent()) {
973 group.withAvatar(attachment.get());
974 }
975 } catch (IOException e) {
976 throw new AttachmentInvalidException(g.getGroupId().toBase64(), e);
977 }
978
979 return SignalServiceDataMessage.newBuilder()
980 .asGroupMessage(group.build())
981 .withExpiration(g.getMessageExpirationTime());
982 }
983
984 private SignalServiceDataMessage.Builder getGroupUpdateMessageBuilder(GroupInfoV2 g, byte[] signedGroupChange) {
985 var group = SignalServiceGroupV2.newBuilder(g.getMasterKey())
986 .withRevision(g.getGroup().getRevision())
987 .withSignedGroupChange(signedGroupChange);
988 return SignalServiceDataMessage.newBuilder()
989 .asGroupMessage(group.build())
990 .withExpiration(g.getMessageExpirationTime());
991 }
992
993 Pair<Long, List<SendMessageResult>> sendGroupInfoRequest(
994 GroupIdV1 groupId, SignalServiceAddress recipient
995 ) throws IOException {
996 var group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.REQUEST_INFO).withId(groupId.serialize());
997
998 var messageBuilder = SignalServiceDataMessage.newBuilder().asGroupMessage(group.build());
999
1000 // Send group info request message to the recipient who sent us a message with this groupId
1001 return sendMessage(messageBuilder, Set.of(resolveRecipient(recipient)));
1002 }
1003
1004 void sendReceipt(
1005 SignalServiceAddress remoteAddress, long messageId
1006 ) throws IOException, UntrustedIdentityException {
1007 var receiptMessage = new SignalServiceReceiptMessage(SignalServiceReceiptMessage.Type.DELIVERY,
1008 List.of(messageId),
1009 System.currentTimeMillis());
1010
1011 createMessageSender().sendReceipt(remoteAddress,
1012 unidentifiedAccessHelper.getAccessFor(resolveRecipient(remoteAddress)),
1013 receiptMessage);
1014 }
1015
1016 public Pair<Long, List<SendMessageResult>> sendMessage(
1017 String messageText, List<String> attachments, List<String> recipients
1018 ) throws IOException, AttachmentInvalidException, InvalidNumberException {
1019 final var messageBuilder = SignalServiceDataMessage.newBuilder().withBody(messageText);
1020 if (attachments != null) {
1021 var attachmentStreams = AttachmentUtils.getSignalServiceAttachments(attachments);
1022
1023 // Upload attachments here, so we only upload once even for multiple recipients
1024 var messageSender = createMessageSender();
1025 var attachmentPointers = new ArrayList<SignalServiceAttachment>(attachmentStreams.size());
1026 for (var attachment : attachmentStreams) {
1027 if (attachment.isStream()) {
1028 attachmentPointers.add(messageSender.uploadAttachment(attachment.asStream()));
1029 } else if (attachment.isPointer()) {
1030 attachmentPointers.add(attachment.asPointer());
1031 }
1032 }
1033
1034 messageBuilder.withAttachments(attachmentPointers);
1035 }
1036 return sendMessage(messageBuilder, getSignalServiceAddresses(recipients));
1037 }
1038
1039 public Pair<Long, SendMessageResult> sendSelfMessage(
1040 String messageText, List<String> attachments
1041 ) throws IOException, AttachmentInvalidException {
1042 final var messageBuilder = SignalServiceDataMessage.newBuilder().withBody(messageText);
1043 if (attachments != null) {
1044 messageBuilder.withAttachments(AttachmentUtils.getSignalServiceAttachments(attachments));
1045 }
1046 return sendSelfMessage(messageBuilder);
1047 }
1048
1049 public Pair<Long, List<SendMessageResult>> sendRemoteDeleteMessage(
1050 long targetSentTimestamp, List<String> recipients
1051 ) throws IOException, InvalidNumberException {
1052 var delete = new SignalServiceDataMessage.RemoteDelete(targetSentTimestamp);
1053 final var messageBuilder = SignalServiceDataMessage.newBuilder().withRemoteDelete(delete);
1054 return sendMessage(messageBuilder, getSignalServiceAddresses(recipients));
1055 }
1056
1057 public Pair<Long, List<SendMessageResult>> sendGroupRemoteDeleteMessage(
1058 long targetSentTimestamp, GroupId groupId
1059 ) throws IOException, NotAGroupMemberException, GroupNotFoundException {
1060 var delete = new SignalServiceDataMessage.RemoteDelete(targetSentTimestamp);
1061 final var messageBuilder = SignalServiceDataMessage.newBuilder().withRemoteDelete(delete);
1062 return sendGroupMessage(messageBuilder, groupId);
1063 }
1064
1065 public Pair<Long, List<SendMessageResult>> sendMessageReaction(
1066 String emoji, boolean remove, String targetAuthor, long targetSentTimestamp, List<String> recipients
1067 ) throws IOException, InvalidNumberException {
1068 var reaction = new SignalServiceDataMessage.Reaction(emoji,
1069 remove,
1070 canonicalizeAndResolveSignalServiceAddress(targetAuthor),
1071 targetSentTimestamp);
1072 final var messageBuilder = SignalServiceDataMessage.newBuilder().withReaction(reaction);
1073 return sendMessage(messageBuilder, getSignalServiceAddresses(recipients));
1074 }
1075
1076 public Pair<Long, List<SendMessageResult>> sendEndSessionMessage(List<String> recipients) throws IOException, InvalidNumberException {
1077 var messageBuilder = SignalServiceDataMessage.newBuilder().asEndSessionMessage();
1078
1079 final var signalServiceAddresses = getSignalServiceAddresses(recipients);
1080 try {
1081 return sendMessage(messageBuilder, signalServiceAddresses);
1082 } catch (Exception e) {
1083 for (var address : signalServiceAddresses) {
1084 handleEndSession(address);
1085 }
1086 throw e;
1087 }
1088 }
1089
1090 public String getContactName(String number) throws InvalidNumberException {
1091 var contact = account.getContactStore().getContact(canonicalizeAndResolveRecipient(number));
1092 return contact == null || contact.getName() == null ? "" : contact.getName();
1093 }
1094
1095 public void setContactName(String number, String name) throws InvalidNumberException, NotMasterDeviceException {
1096 if (!account.isMasterDevice()) {
1097 throw new NotMasterDeviceException();
1098 }
1099 final var recipientId = canonicalizeAndResolveRecipient(number);
1100 var contact = account.getContactStore().getContact(recipientId);
1101 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1102 account.getContactStore().storeContact(recipientId, builder.withName(name).build());
1103 }
1104
1105 public void setContactBlocked(
1106 String number, boolean blocked
1107 ) throws InvalidNumberException, NotMasterDeviceException {
1108 if (!account.isMasterDevice()) {
1109 throw new NotMasterDeviceException();
1110 }
1111 setContactBlocked(canonicalizeAndResolveRecipient(number), blocked);
1112 }
1113
1114 private void setContactBlocked(RecipientId recipientId, boolean blocked) {
1115 var contact = account.getContactStore().getContact(recipientId);
1116 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1117 account.getContactStore().storeContact(recipientId, builder.withBlocked(blocked).build());
1118 }
1119
1120 public void setGroupBlocked(final GroupId groupId, final boolean blocked) throws GroupNotFoundException {
1121 var group = getGroup(groupId);
1122 if (group == null) {
1123 throw new GroupNotFoundException(groupId);
1124 }
1125
1126 group.setBlocked(blocked);
1127 account.getGroupStore().updateGroup(group);
1128 }
1129
1130 private void setExpirationTimer(RecipientId recipientId, int messageExpirationTimer) {
1131 var contact = account.getContactStore().getContact(recipientId);
1132 if (contact != null && contact.getMessageExpirationTime() == messageExpirationTimer) {
1133 return;
1134 }
1135 final var builder = contact == null ? Contact.newBuilder() : Contact.newBuilder(contact);
1136 account.getContactStore()
1137 .storeContact(recipientId, builder.withMessageExpirationTime(messageExpirationTimer).build());
1138 }
1139
1140 private void sendExpirationTimerUpdate(RecipientId recipientId) throws IOException {
1141 final var messageBuilder = SignalServiceDataMessage.newBuilder().asExpirationUpdate();
1142 sendMessage(messageBuilder, Set.of(recipientId));
1143 }
1144
1145 /**
1146 * Change the expiration timer for a contact
1147 */
1148 public void setExpirationTimer(
1149 String number, int messageExpirationTimer
1150 ) throws IOException, InvalidNumberException {
1151 var recipientId = canonicalizeAndResolveRecipient(number);
1152 setExpirationTimer(recipientId, messageExpirationTimer);
1153 sendExpirationTimerUpdate(recipientId);
1154 }
1155
1156 /**
1157 * Change the expiration timer for a group
1158 */
1159 public void setExpirationTimer(GroupId groupId, int messageExpirationTimer) {
1160 var g = getGroup(groupId);
1161 if (g instanceof GroupInfoV1) {
1162 var groupInfoV1 = (GroupInfoV1) g;
1163 groupInfoV1.messageExpirationTime = messageExpirationTimer;
1164 account.getGroupStore().updateGroup(groupInfoV1);
1165 } else {
1166 throw new RuntimeException("TODO Not implemented!");
1167 }
1168 }
1169
1170 /**
1171 * Upload the sticker pack from path.
1172 *
1173 * @param path Path can be a path to a manifest.json file or to a zip file that contains a manifest.json file
1174 * @return if successful, returns the URL to install the sticker pack in the signal app
1175 */
1176 public String uploadStickerPack(File path) throws IOException, StickerPackInvalidException {
1177 var manifest = StickerUtils.getSignalServiceStickerManifestUpload(path);
1178
1179 var messageSender = createMessageSender();
1180
1181 var packKey = KeyUtils.createStickerUploadKey();
1182 var packId = messageSender.uploadStickerManifest(manifest, packKey);
1183
1184 var sticker = new Sticker(StickerPackId.deserialize(Hex.fromStringCondensed(packId)), packKey);
1185 account.getStickerStore().updateSticker(sticker);
1186
1187 try {
1188 return new URI("https",
1189 "signal.art",
1190 "/addstickers/",
1191 "pack_id=" + URLEncoder.encode(packId, StandardCharsets.UTF_8) + "&pack_key=" + URLEncoder.encode(
1192 Hex.toStringCondensed(packKey),
1193 StandardCharsets.UTF_8)).toString();
1194 } catch (URISyntaxException e) {
1195 throw new AssertionError(e);
1196 }
1197 }
1198
1199 public void requestAllSyncData() throws IOException {
1200 requestSyncGroups();
1201 requestSyncContacts();
1202 requestSyncBlocked();
1203 requestSyncConfiguration();
1204 requestSyncKeys();
1205 }
1206
1207 private void requestSyncGroups() throws IOException {
1208 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1209 .setType(SignalServiceProtos.SyncMessage.Request.Type.GROUPS)
1210 .build();
1211 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1212 try {
1213 sendSyncMessage(message);
1214 } catch (UntrustedIdentityException e) {
1215 throw new AssertionError(e);
1216 }
1217 }
1218
1219 private void requestSyncContacts() throws IOException {
1220 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1221 .setType(SignalServiceProtos.SyncMessage.Request.Type.CONTACTS)
1222 .build();
1223 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1224 try {
1225 sendSyncMessage(message);
1226 } catch (UntrustedIdentityException e) {
1227 throw new AssertionError(e);
1228 }
1229 }
1230
1231 private void requestSyncBlocked() throws IOException {
1232 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1233 .setType(SignalServiceProtos.SyncMessage.Request.Type.BLOCKED)
1234 .build();
1235 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1236 try {
1237 sendSyncMessage(message);
1238 } catch (UntrustedIdentityException e) {
1239 throw new AssertionError(e);
1240 }
1241 }
1242
1243 private void requestSyncConfiguration() throws IOException {
1244 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1245 .setType(SignalServiceProtos.SyncMessage.Request.Type.CONFIGURATION)
1246 .build();
1247 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1248 try {
1249 sendSyncMessage(message);
1250 } catch (UntrustedIdentityException e) {
1251 throw new AssertionError(e);
1252 }
1253 }
1254
1255 private void requestSyncKeys() throws IOException {
1256 var r = SignalServiceProtos.SyncMessage.Request.newBuilder()
1257 .setType(SignalServiceProtos.SyncMessage.Request.Type.KEYS)
1258 .build();
1259 var message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
1260 try {
1261 sendSyncMessage(message);
1262 } catch (UntrustedIdentityException e) {
1263 throw new AssertionError(e);
1264 }
1265 }
1266
1267 private byte[] getSenderCertificate() {
1268 // TODO support UUID capable sender certificates
1269 // byte[] certificate = accountManager.getSenderCertificateForPhoneNumberPrivacy();
1270 byte[] certificate;
1271 try {
1272 certificate = accountManager.getSenderCertificate();
1273 } catch (IOException e) {
1274 logger.warn("Failed to get sender certificate, ignoring: {}", e.getMessage());
1275 return null;
1276 }
1277 // TODO cache for a day
1278 return certificate;
1279 }
1280
1281 private void sendSyncMessage(SignalServiceSyncMessage message) throws IOException, UntrustedIdentityException {
1282 var messageSender = createMessageSender();
1283 messageSender.sendMessage(message, unidentifiedAccessHelper.getAccessForSync());
1284 }
1285
1286 private Set<RecipientId> getSignalServiceAddresses(Collection<String> numbers) throws InvalidNumberException {
1287 final var signalServiceAddresses = new HashSet<SignalServiceAddress>(numbers.size());
1288 final var addressesMissingUuid = new HashSet<SignalServiceAddress>();
1289
1290 for (var number : numbers) {
1291 final var resolvedAddress = canonicalizeAndResolveSignalServiceAddress(number);
1292 if (resolvedAddress.getUuid().isPresent()) {
1293 signalServiceAddresses.add(resolvedAddress);
1294 } else {
1295 addressesMissingUuid.add(resolvedAddress);
1296 }
1297 }
1298
1299 final var numbersMissingUuid = addressesMissingUuid.stream()
1300 .map(a -> a.getNumber().get())
1301 .collect(Collectors.toSet());
1302 Map<String, UUID> registeredUsers;
1303 try {
1304 registeredUsers = getRegisteredUsers(numbersMissingUuid);
1305 } catch (IOException e) {
1306 logger.warn("Failed to resolve uuids from server, ignoring: {}", e.getMessage());
1307 registeredUsers = Map.of();
1308 }
1309
1310 for (var address : addressesMissingUuid) {
1311 final var number = address.getNumber().get();
1312 if (registeredUsers.containsKey(number)) {
1313 final var newAddress = resolveSignalServiceAddress(resolveRecipientTrusted(new SignalServiceAddress(
1314 registeredUsers.get(number),
1315 number)));
1316 signalServiceAddresses.add(newAddress);
1317 } else {
1318 signalServiceAddresses.add(address);
1319 }
1320 }
1321
1322 return signalServiceAddresses.stream().map(this::resolveRecipient).collect(Collectors.toSet());
1323 }
1324
1325 private RecipientId refreshRegisteredUser(RecipientId recipientId) throws IOException {
1326 final var address = resolveSignalServiceAddress(recipientId);
1327 if (!address.getNumber().isPresent()) {
1328 return recipientId;
1329 }
1330 final var number = address.getNumber().get();
1331 final var uuidMap = getRegisteredUsers(Set.of(number));
1332 return resolveRecipientTrusted(new SignalServiceAddress(uuidMap.getOrDefault(number, null), number));
1333 }
1334
1335 private Map<String, UUID> getRegisteredUsers(final Set<String> numbers) throws IOException {
1336 try {
1337 return accountManager.getRegisteredUsers(ServiceConfig.getIasKeyStore(),
1338 numbers,
1339 serviceEnvironmentConfig.getCdsMrenclave());
1340 } catch (Quote.InvalidQuoteFormatException | UnauthenticatedQuoteException | SignatureException | UnauthenticatedResponseException | InvalidKeyException e) {
1341 throw new IOException(e);
1342 }
1343 }
1344
1345 private Pair<Long, List<SendMessageResult>> sendMessage(
1346 SignalServiceDataMessage.Builder messageBuilder, Set<RecipientId> recipientIds
1347 ) throws IOException {
1348 final var timestamp = System.currentTimeMillis();
1349 messageBuilder.withTimestamp(timestamp);
1350 getOrCreateMessagePipe();
1351 getOrCreateUnidentifiedMessagePipe();
1352 SignalServiceDataMessage message = null;
1353 try {
1354 message = messageBuilder.build();
1355 if (message.getGroupContext().isPresent()) {
1356 try {
1357 var messageSender = createMessageSender();
1358 final var isRecipientUpdate = false;
1359 final var recipientIdList = new ArrayList<>(recipientIds);
1360 final var addresses = recipientIdList.stream()
1361 .map(this::resolveSignalServiceAddress)
1362 .collect(Collectors.toList());
1363 var result = messageSender.sendMessage(addresses,
1364 unidentifiedAccessHelper.getAccessFor(recipientIdList),
1365 isRecipientUpdate,
1366 message);
1367
1368 for (var r : result) {
1369 if (r.getIdentityFailure() != null) {
1370 final var recipientId = resolveRecipient(r.getAddress());
1371 final var newIdentity = account.getIdentityKeyStore()
1372 .saveIdentity(recipientId, r.getIdentityFailure().getIdentityKey(), new Date());
1373 if (newIdentity) {
1374 account.getSessionStore().archiveSessions(recipientId);
1375 }
1376 }
1377 }
1378
1379 return new Pair<>(timestamp, result);
1380 } catch (UntrustedIdentityException e) {
1381 return new Pair<>(timestamp, List.of());
1382 }
1383 } else {
1384 // Send to all individually, so sync messages are sent correctly
1385 messageBuilder.withProfileKey(account.getProfileKey().serialize());
1386 var results = new ArrayList<SendMessageResult>(recipientIds.size());
1387 for (var recipientId : recipientIds) {
1388 final var contact = account.getContactStore().getContact(recipientId);
1389 final var expirationTime = contact != null ? contact.getMessageExpirationTime() : 0;
1390 messageBuilder.withExpiration(expirationTime);
1391 message = messageBuilder.build();
1392 results.add(sendMessage(resolveSignalServiceAddress(recipientId), message));
1393 }
1394 return new Pair<>(timestamp, results);
1395 }
1396 } finally {
1397 if (message != null && message.isEndSession()) {
1398 for (var recipient : recipientIds) {
1399 handleEndSession(recipient);
1400 }
1401 }
1402 }
1403 }
1404
1405 private Pair<Long, SendMessageResult> sendSelfMessage(
1406 SignalServiceDataMessage.Builder messageBuilder
1407 ) throws IOException {
1408 final var timestamp = System.currentTimeMillis();
1409 messageBuilder.withTimestamp(timestamp);
1410 getOrCreateMessagePipe();
1411 getOrCreateUnidentifiedMessagePipe();
1412 final var recipientId = account.getSelfRecipientId();
1413
1414 final var contact = account.getContactStore().getContact(recipientId);
1415 final var expirationTime = contact != null ? contact.getMessageExpirationTime() : 0;
1416 messageBuilder.withExpiration(expirationTime);
1417
1418 var message = messageBuilder.build();
1419 final var result = sendSelfMessage(message);
1420 return new Pair<>(timestamp, result);
1421 }
1422
1423 private SendMessageResult sendSelfMessage(SignalServiceDataMessage message) throws IOException {
1424 var messageSender = createMessageSender();
1425
1426 var recipient = account.getSelfAddress();
1427
1428 final var unidentifiedAccess = unidentifiedAccessHelper.getAccessFor(resolveRecipient(recipient));
1429 var transcript = new SentTranscriptMessage(Optional.of(recipient),
1430 message.getTimestamp(),
1431 message,
1432 message.getExpiresInSeconds(),
1433 Map.of(recipient, unidentifiedAccess.isPresent()),
1434 false);
1435 var syncMessage = SignalServiceSyncMessage.forSentTranscript(transcript);
1436
1437 try {
1438 var startTime = System.currentTimeMillis();
1439 messageSender.sendMessage(syncMessage, unidentifiedAccess);
1440 return SendMessageResult.success(recipient,
1441 unidentifiedAccess.isPresent(),
1442 false,
1443 System.currentTimeMillis() - startTime);
1444 } catch (UntrustedIdentityException e) {
1445 return SendMessageResult.identityFailure(recipient, e.getIdentityKey());
1446 }
1447 }
1448
1449 private SendMessageResult sendMessage(
1450 SignalServiceAddress address, SignalServiceDataMessage message
1451 ) throws IOException {
1452 var messageSender = createMessageSender();
1453
1454 final var recipientId = resolveRecipient(address);
1455 try {
1456 try {
1457 return messageSender.sendMessage(address, unidentifiedAccessHelper.getAccessFor(recipientId), message);
1458 } catch (UnregisteredUserException e) {
1459 final var newRecipientId = refreshRegisteredUser(recipientId);
1460 return messageSender.sendMessage(resolveSignalServiceAddress(newRecipientId),
1461 unidentifiedAccessHelper.getAccessFor(newRecipientId),
1462 message);
1463 }
1464 } catch (UntrustedIdentityException e) {
1465 return SendMessageResult.identityFailure(address, e.getIdentityKey());
1466 }
1467 }
1468
1469 private SignalServiceContent decryptMessage(SignalServiceEnvelope envelope) throws InvalidMetadataMessageException, ProtocolInvalidMessageException, ProtocolDuplicateMessageException, ProtocolLegacyMessageException, ProtocolInvalidKeyIdException, InvalidMetadataVersionException, ProtocolInvalidVersionException, ProtocolNoSessionException, ProtocolInvalidKeyException, SelfSendException, UnsupportedDataMessageException, org.whispersystems.libsignal.UntrustedIdentityException {
1470 var cipher = new SignalServiceCipher(account.getSelfAddress(),
1471 account.getSignalProtocolStore(),
1472 certificateValidator);
1473 try {
1474 return cipher.decrypt(envelope);
1475 } catch (ProtocolUntrustedIdentityException e) {
1476 if (e.getCause() instanceof org.whispersystems.libsignal.UntrustedIdentityException) {
1477 throw (org.whispersystems.libsignal.UntrustedIdentityException) e.getCause();
1478 }
1479 throw new AssertionError(e);
1480 }
1481 }
1482
1483 private void handleEndSession(RecipientId recipientId) {
1484 account.getSessionStore().deleteAllSessions(recipientId);
1485 }
1486
1487 private List<HandleAction> handleSignalServiceDataMessage(
1488 SignalServiceDataMessage message,
1489 boolean isSync,
1490 SignalServiceAddress source,
1491 SignalServiceAddress destination,
1492 boolean ignoreAttachments
1493 ) {
1494 var actions = new ArrayList<HandleAction>();
1495 if (message.getGroupContext().isPresent()) {
1496 if (message.getGroupContext().get().getGroupV1().isPresent()) {
1497 var groupInfo = message.getGroupContext().get().getGroupV1().get();
1498 var groupId = GroupId.v1(groupInfo.getGroupId());
1499 var group = getGroup(groupId);
1500 if (group == null || group instanceof GroupInfoV1) {
1501 var groupV1 = (GroupInfoV1) group;
1502 switch (groupInfo.getType()) {
1503 case UPDATE: {
1504 if (groupV1 == null) {
1505 groupV1 = new GroupInfoV1(groupId);
1506 }
1507
1508 if (groupInfo.getAvatar().isPresent()) {
1509 var avatar = groupInfo.getAvatar().get();
1510 downloadGroupAvatar(avatar, groupV1.getGroupId());
1511 }
1512
1513 if (groupInfo.getName().isPresent()) {
1514 groupV1.name = groupInfo.getName().get();
1515 }
1516
1517 if (groupInfo.getMembers().isPresent()) {
1518 groupV1.addMembers(groupInfo.getMembers()
1519 .get()
1520 .stream()
1521 .map(this::resolveRecipient)
1522 .collect(Collectors.toSet()));
1523 }
1524
1525 account.getGroupStore().updateGroup(groupV1);
1526 break;
1527 }
1528 case DELIVER:
1529 if (groupV1 == null && !isSync) {
1530 actions.add(new SendGroupInfoRequestAction(source, groupId));
1531 }
1532 break;
1533 case QUIT: {
1534 if (groupV1 != null) {
1535 groupV1.removeMember(resolveRecipient(source));
1536 account.getGroupStore().updateGroup(groupV1);
1537 }
1538 break;
1539 }
1540 case REQUEST_INFO:
1541 if (groupV1 != null && !isSync) {
1542 actions.add(new SendGroupInfoAction(source, groupV1.getGroupId()));
1543 }
1544 break;
1545 }
1546 } else {
1547 // Received a group v1 message for a v2 group
1548 }
1549 }
1550 if (message.getGroupContext().get().getGroupV2().isPresent()) {
1551 final var groupContext = message.getGroupContext().get().getGroupV2().get();
1552 final var groupMasterKey = groupContext.getMasterKey();
1553
1554 getOrMigrateGroup(groupMasterKey,
1555 groupContext.getRevision(),
1556 groupContext.hasSignedGroupChange() ? groupContext.getSignedGroupChange() : null);
1557 }
1558 }
1559
1560 final var conversationPartnerAddress = isSync ? destination : source;
1561 if (conversationPartnerAddress != null && message.isEndSession()) {
1562 handleEndSession(resolveRecipient(conversationPartnerAddress));
1563 }
1564 if (message.isExpirationUpdate() || message.getBody().isPresent()) {
1565 if (message.getGroupContext().isPresent()) {
1566 if (message.getGroupContext().get().getGroupV1().isPresent()) {
1567 var groupInfo = message.getGroupContext().get().getGroupV1().get();
1568 var group = account.getGroupStore().getOrCreateGroupV1(GroupId.v1(groupInfo.getGroupId()));
1569 if (group != null) {
1570 if (group.messageExpirationTime != message.getExpiresInSeconds()) {
1571 group.messageExpirationTime = message.getExpiresInSeconds();
1572 account.getGroupStore().updateGroup(group);
1573 }
1574 }
1575 } else if (message.getGroupContext().get().getGroupV2().isPresent()) {
1576 // disappearing message timer already stored in the DecryptedGroup
1577 }
1578 } else if (conversationPartnerAddress != null) {
1579 setExpirationTimer(resolveRecipient(conversationPartnerAddress), message.getExpiresInSeconds());
1580 }
1581 }
1582 if (!ignoreAttachments) {
1583 if (message.getAttachments().isPresent()) {
1584 for (var attachment : message.getAttachments().get()) {
1585 downloadAttachment(attachment);
1586 }
1587 }
1588 if (message.getSharedContacts().isPresent()) {
1589 for (var contact : message.getSharedContacts().get()) {
1590 if (contact.getAvatar().isPresent()) {
1591 downloadAttachment(contact.getAvatar().get().getAttachment());
1592 }
1593 }
1594 }
1595 }
1596 if (message.getProfileKey().isPresent() && message.getProfileKey().get().length == 32) {
1597 final ProfileKey profileKey;
1598 try {
1599 profileKey = new ProfileKey(message.getProfileKey().get());
1600 } catch (InvalidInputException e) {
1601 throw new AssertionError(e);
1602 }
1603 if (source.matches(account.getSelfAddress())) {
1604 this.account.setProfileKey(profileKey);
1605 }
1606 this.account.getProfileStore().storeProfileKey(resolveRecipient(source), profileKey);
1607 }
1608 if (message.getPreviews().isPresent()) {
1609 final var previews = message.getPreviews().get();
1610 for (var preview : previews) {
1611 if (preview.getImage().isPresent()) {
1612 downloadAttachment(preview.getImage().get());
1613 }
1614 }
1615 }
1616 if (message.getQuote().isPresent()) {
1617 final var quote = message.getQuote().get();
1618
1619 for (var quotedAttachment : quote.getAttachments()) {
1620 final var thumbnail = quotedAttachment.getThumbnail();
1621 if (thumbnail != null) {
1622 downloadAttachment(thumbnail);
1623 }
1624 }
1625 }
1626 if (message.getSticker().isPresent()) {
1627 final var messageSticker = message.getSticker().get();
1628 final var stickerPackId = StickerPackId.deserialize(messageSticker.getPackId());
1629 var sticker = account.getStickerStore().getSticker(stickerPackId);
1630 if (sticker == null) {
1631 sticker = new Sticker(stickerPackId, messageSticker.getPackKey());
1632 account.getStickerStore().updateSticker(sticker);
1633 }
1634 }
1635 return actions;
1636 }
1637
1638 private GroupInfoV2 getOrMigrateGroup(
1639 final GroupMasterKey groupMasterKey, final int revision, final byte[] signedGroupChange
1640 ) {
1641 final var groupSecretParams = GroupSecretParams.deriveFromMasterKey(groupMasterKey);
1642
1643 var groupId = GroupUtils.getGroupIdV2(groupSecretParams);
1644 var groupInfo = getGroup(groupId);
1645 final GroupInfoV2 groupInfoV2;
1646 if (groupInfo instanceof GroupInfoV1) {
1647 // Received a v2 group message for a v1 group, we need to locally migrate the group
1648 account.getGroupStore().deleteGroupV1(((GroupInfoV1) groupInfo).getGroupId());
1649 groupInfoV2 = new GroupInfoV2(groupId, groupMasterKey);
1650 logger.info("Locally migrated group {} to group v2, id: {}",
1651 groupInfo.getGroupId().toBase64(),
1652 groupInfoV2.getGroupId().toBase64());
1653 } else if (groupInfo instanceof GroupInfoV2) {
1654 groupInfoV2 = (GroupInfoV2) groupInfo;
1655 } else {
1656 groupInfoV2 = new GroupInfoV2(groupId, groupMasterKey);
1657 }
1658
1659 if (groupInfoV2.getGroup() == null || groupInfoV2.getGroup().getRevision() < revision) {
1660 DecryptedGroup group = null;
1661 if (signedGroupChange != null
1662 && groupInfoV2.getGroup() != null
1663 && groupInfoV2.getGroup().getRevision() + 1 == revision) {
1664 group = groupHelper.getUpdatedDecryptedGroup(groupInfoV2.getGroup(), signedGroupChange, groupMasterKey);
1665 }
1666 if (group == null) {
1667 group = groupHelper.getDecryptedGroup(groupSecretParams);
1668 }
1669 if (group != null) {
1670 storeProfileKeysFromMembers(group);
1671 final var avatar = group.getAvatar();
1672 if (avatar != null && !avatar.isEmpty()) {
1673 downloadGroupAvatar(groupId, groupSecretParams, avatar);
1674 }
1675 }
1676 groupInfoV2.setGroup(group, this::resolveRecipient);
1677 account.getGroupStore().updateGroup(groupInfoV2);
1678 }
1679
1680 return groupInfoV2;
1681 }
1682
1683 private void storeProfileKeysFromMembers(final DecryptedGroup group) {
1684 for (var member : group.getMembersList()) {
1685 final var address = resolveRecipient(new SignalServiceAddress(UuidUtil.parseOrThrow(member.getUuid()
1686 .toByteArray()), null));
1687 try {
1688 account.getProfileStore()
1689 .storeProfileKey(address, new ProfileKey(member.getProfileKey().toByteArray()));
1690 } catch (InvalidInputException ignored) {
1691 }
1692 }
1693 }
1694
1695 private void retryFailedReceivedMessages(ReceiveMessageHandler handler, boolean ignoreAttachments) {
1696 Set<HandleAction> queuedActions = new HashSet<>();
1697 for (var cachedMessage : account.getMessageCache().getCachedMessages()) {
1698 var actions = retryFailedReceivedMessage(handler, ignoreAttachments, cachedMessage);
1699 if (actions != null) {
1700 queuedActions.addAll(actions);
1701 }
1702 }
1703 for (var action : queuedActions) {
1704 try {
1705 action.execute(this);
1706 } catch (Throwable e) {
1707 logger.warn("Message action failed.", e);
1708 }
1709 }
1710 }
1711
1712 private List<HandleAction> retryFailedReceivedMessage(
1713 final ReceiveMessageHandler handler, final boolean ignoreAttachments, final CachedMessage cachedMessage
1714 ) {
1715 var envelope = cachedMessage.loadEnvelope();
1716 if (envelope == null) {
1717 return null;
1718 }
1719 SignalServiceContent content = null;
1720 List<HandleAction> actions = null;
1721 if (!envelope.isReceipt()) {
1722 try {
1723 content = decryptMessage(envelope);
1724 } catch (org.whispersystems.libsignal.UntrustedIdentityException e) {
1725 if (!envelope.hasSource()) {
1726 final var recipientId = resolveRecipient(((org.whispersystems.libsignal.UntrustedIdentityException) e)
1727 .getName());
1728 try {
1729 account.getMessageCache().replaceSender(cachedMessage, recipientId);
1730 } catch (IOException ioException) {
1731 logger.warn("Failed to move cached message to recipient folder: {}", ioException.getMessage());
1732 }
1733 }
1734 return null;
1735 } catch (Exception er) {
1736 // All other errors are not recoverable, so delete the cached message
1737 cachedMessage.delete();
1738 return null;
1739 }
1740 actions = handleMessage(envelope, content, ignoreAttachments);
1741 }
1742 handler.handleMessage(envelope, content, null);
1743 cachedMessage.delete();
1744 return actions;
1745 }
1746
1747 public void receiveMessages(
1748 long timeout,
1749 TimeUnit unit,
1750 boolean returnOnTimeout,
1751 boolean ignoreAttachments,
1752 ReceiveMessageHandler handler
1753 ) throws IOException {
1754 retryFailedReceivedMessages(handler, ignoreAttachments);
1755
1756 Set<HandleAction> queuedActions = null;
1757
1758 final var messagePipe = getOrCreateMessagePipe();
1759
1760 var hasCaughtUpWithOldMessages = false;
1761
1762 while (true) {
1763 SignalServiceEnvelope envelope;
1764 SignalServiceContent content = null;
1765 Exception exception = null;
1766 final CachedMessage[] cachedMessage = {null};
1767 try {
1768 var result = messagePipe.readOrEmpty(timeout, unit, envelope1 -> {
1769 final var recipientId = envelope1.hasSource()
1770 ? resolveRecipient(envelope1.getSourceIdentifier())
1771 : null;
1772 // store message on disk, before acknowledging receipt to the server
1773 cachedMessage[0] = account.getMessageCache().cacheMessage(envelope1, recipientId);
1774 });
1775 if (result.isPresent()) {
1776 envelope = result.get();
1777 } else {
1778 // Received indicator that server queue is empty
1779 hasCaughtUpWithOldMessages = true;
1780
1781 if (queuedActions != null) {
1782 for (var action : queuedActions) {
1783 try {
1784 action.execute(this);
1785 } catch (Throwable e) {
1786 logger.warn("Message action failed.", e);
1787 }
1788 }
1789 queuedActions.clear();
1790 queuedActions = null;
1791 }
1792
1793 // Continue to wait another timeout for new messages
1794 continue;
1795 }
1796 } catch (TimeoutException e) {
1797 if (returnOnTimeout) return;
1798 continue;
1799 }
1800
1801 if (envelope.hasSource()) {
1802 // Store uuid if we don't have it already
1803 resolveRecipientTrusted(envelope.getSourceAddress());
1804 }
1805 final var notAGroupMember = isNotAGroupMember(envelope, content);
1806 if (!envelope.isReceipt()) {
1807 try {
1808 content = decryptMessage(envelope);
1809 } catch (Exception e) {
1810 exception = e;
1811 }
1812 var actions = handleMessage(envelope, content, ignoreAttachments);
1813 if (hasCaughtUpWithOldMessages) {
1814 for (var action : actions) {
1815 try {
1816 action.execute(this);
1817 } catch (Throwable e) {
1818 logger.warn("Message action failed.", e);
1819 }
1820 }
1821 } else {
1822 if (queuedActions == null) {
1823 queuedActions = new HashSet<>();
1824 }
1825 queuedActions.addAll(actions);
1826 }
1827 }
1828 if (isMessageBlocked(envelope, content)) {
1829 logger.info("Ignoring a message from blocked user/group: {}", envelope.getTimestamp());
1830 } else if (notAGroupMember) {
1831 logger.info("Ignoring a message from a non group member: {}", envelope.getTimestamp());
1832 } else {
1833 handler.handleMessage(envelope, content, exception);
1834 }
1835 if (cachedMessage[0] != null) {
1836 if (exception instanceof org.whispersystems.libsignal.UntrustedIdentityException) {
1837 final var recipientId = resolveRecipient(((org.whispersystems.libsignal.UntrustedIdentityException) exception)
1838 .getName());
1839 queuedActions.add(new RetrieveProfileAction(recipientId));
1840 if (!envelope.hasSource()) {
1841 try {
1842 cachedMessage[0] = account.getMessageCache().replaceSender(cachedMessage[0], recipientId);
1843 } catch (IOException ioException) {
1844 logger.warn("Failed to move cached message to recipient folder: {}",
1845 ioException.getMessage());
1846 }
1847 }
1848 } else {
1849 cachedMessage[0].delete();
1850 }
1851 }
1852 }
1853 }
1854
1855 private boolean isMessageBlocked(
1856 SignalServiceEnvelope envelope, SignalServiceContent content
1857 ) {
1858 SignalServiceAddress source;
1859 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
1860 source = envelope.getSourceAddress();
1861 } else if (content != null) {
1862 source = content.getSender();
1863 } else {
1864 return false;
1865 }
1866 final var recipientId = resolveRecipient(source);
1867 if (isContactBlocked(recipientId)) {
1868 return true;
1869 }
1870
1871 if (content != null && content.getDataMessage().isPresent()) {
1872 var message = content.getDataMessage().get();
1873 if (message.getGroupContext().isPresent()) {
1874 var groupId = GroupUtils.getGroupId(message.getGroupContext().get());
1875 var group = getGroup(groupId);
1876 if (group != null && group.isBlocked()) {
1877 return true;
1878 }
1879 }
1880 }
1881 return false;
1882 }
1883
1884 public boolean isContactBlocked(final String identifier) throws InvalidNumberException {
1885 final var recipientId = canonicalizeAndResolveRecipient(identifier);
1886 return isContactBlocked(recipientId);
1887 }
1888
1889 private boolean isContactBlocked(final RecipientId recipientId) {
1890 var sourceContact = account.getContactStore().getContact(recipientId);
1891 return sourceContact != null && sourceContact.isBlocked();
1892 }
1893
1894 private boolean isNotAGroupMember(
1895 SignalServiceEnvelope envelope, SignalServiceContent content
1896 ) {
1897 SignalServiceAddress source;
1898 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
1899 source = envelope.getSourceAddress();
1900 } else if (content != null) {
1901 source = content.getSender();
1902 } else {
1903 return false;
1904 }
1905
1906 if (content != null && content.getDataMessage().isPresent()) {
1907 var message = content.getDataMessage().get();
1908 if (message.getGroupContext().isPresent()) {
1909 if (message.getGroupContext().get().getGroupV1().isPresent()) {
1910 var groupInfo = message.getGroupContext().get().getGroupV1().get();
1911 if (groupInfo.getType() == SignalServiceGroup.Type.QUIT) {
1912 return false;
1913 }
1914 }
1915 var groupId = GroupUtils.getGroupId(message.getGroupContext().get());
1916 var group = getGroup(groupId);
1917 if (group != null && !group.isMember(resolveRecipient(source))) {
1918 return true;
1919 }
1920 }
1921 }
1922 return false;
1923 }
1924
1925 private List<HandleAction> handleMessage(
1926 SignalServiceEnvelope envelope, SignalServiceContent content, boolean ignoreAttachments
1927 ) {
1928 var actions = new ArrayList<HandleAction>();
1929 if (content != null) {
1930 final SignalServiceAddress sender;
1931 if (!envelope.isUnidentifiedSender() && envelope.hasSource()) {
1932 sender = envelope.getSourceAddress();
1933 } else {
1934 sender = content.getSender();
1935 }
1936
1937 if (content.getDataMessage().isPresent()) {
1938 var message = content.getDataMessage().get();
1939
1940 if (content.isNeedsReceipt()) {
1941 actions.add(new SendReceiptAction(sender, message.getTimestamp()));
1942 }
1943
1944 actions.addAll(handleSignalServiceDataMessage(message,
1945 false,
1946 sender,
1947 account.getSelfAddress(),
1948 ignoreAttachments));
1949 }
1950 if (content.getSyncMessage().isPresent()) {
1951 account.setMultiDevice(true);
1952 var syncMessage = content.getSyncMessage().get();
1953 if (syncMessage.getSent().isPresent()) {
1954 var message = syncMessage.getSent().get();
1955 final var destination = message.getDestination().orNull();
1956 actions.addAll(handleSignalServiceDataMessage(message.getMessage(),
1957 true,
1958 sender,
1959 destination,
1960 ignoreAttachments));
1961 }
1962 if (syncMessage.getRequest().isPresent() && account.isMasterDevice()) {
1963 var rm = syncMessage.getRequest().get();
1964 if (rm.isContactsRequest()) {
1965 actions.add(SendSyncContactsAction.create());
1966 }
1967 if (rm.isGroupsRequest()) {
1968 actions.add(SendSyncGroupsAction.create());
1969 }
1970 if (rm.isBlockedListRequest()) {
1971 actions.add(SendSyncBlockedListAction.create());
1972 }
1973 // TODO Handle rm.isConfigurationRequest(); rm.isKeysRequest();
1974 }
1975 if (syncMessage.getGroups().isPresent()) {
1976 File tmpFile = null;
1977 try {
1978 tmpFile = IOUtils.createTempFile();
1979 final var groupsMessage = syncMessage.getGroups().get();
1980 try (var attachmentAsStream = retrieveAttachmentAsStream(groupsMessage.asPointer(), tmpFile)) {
1981 var s = new DeviceGroupsInputStream(attachmentAsStream);
1982 DeviceGroup g;
1983 while ((g = s.read()) != null) {
1984 var syncGroup = account.getGroupStore().getOrCreateGroupV1(GroupId.v1(g.getId()));
1985 if (syncGroup != null) {
1986 if (g.getName().isPresent()) {
1987 syncGroup.name = g.getName().get();
1988 }
1989 syncGroup.addMembers(g.getMembers()
1990 .stream()
1991 .map(this::resolveRecipient)
1992 .collect(Collectors.toSet()));
1993 if (!g.isActive()) {
1994 syncGroup.removeMember(account.getSelfRecipientId());
1995 } else {
1996 // Add ourself to the member set as it's marked as active
1997 syncGroup.addMembers(List.of(account.getSelfRecipientId()));
1998 }
1999 syncGroup.blocked = g.isBlocked();
2000 if (g.getColor().isPresent()) {
2001 syncGroup.color = g.getColor().get();
2002 }
2003
2004 if (g.getAvatar().isPresent()) {
2005 downloadGroupAvatar(g.getAvatar().get(), syncGroup.getGroupId());
2006 }
2007 syncGroup.archived = g.isArchived();
2008 account.getGroupStore().updateGroup(syncGroup);
2009 }
2010 }
2011 }
2012 } catch (Exception e) {
2013 logger.warn("Failed to handle received sync groups “{}”, ignoring: {}",
2014 tmpFile,
2015 e.getMessage());
2016 } finally {
2017 if (tmpFile != null) {
2018 try {
2019 Files.delete(tmpFile.toPath());
2020 } catch (IOException e) {
2021 logger.warn("Failed to delete received groups temp file “{}”, ignoring: {}",
2022 tmpFile,
2023 e.getMessage());
2024 }
2025 }
2026 }
2027 }
2028 if (syncMessage.getBlockedList().isPresent()) {
2029 final var blockedListMessage = syncMessage.getBlockedList().get();
2030 for (var address : blockedListMessage.getAddresses()) {
2031 setContactBlocked(resolveRecipient(address), true);
2032 }
2033 for (var groupId : blockedListMessage.getGroupIds()
2034 .stream()
2035 .map(GroupId::unknownVersion)
2036 .collect(Collectors.toSet())) {
2037 try {
2038 setGroupBlocked(groupId, true);
2039 } catch (GroupNotFoundException e) {
2040 logger.warn("BlockedListMessage contained groupID that was not found in GroupStore: {}",
2041 groupId.toBase64());
2042 }
2043 }
2044 }
2045 if (syncMessage.getContacts().isPresent()) {
2046 File tmpFile = null;
2047 try {
2048 tmpFile = IOUtils.createTempFile();
2049 final var contactsMessage = syncMessage.getContacts().get();
2050 try (var attachmentAsStream = retrieveAttachmentAsStream(contactsMessage.getContactsStream()
2051 .asPointer(), tmpFile)) {
2052 var s = new DeviceContactsInputStream(attachmentAsStream);
2053 DeviceContact c;
2054 while ((c = s.read()) != null) {
2055 if (c.getAddress().matches(account.getSelfAddress()) && c.getProfileKey().isPresent()) {
2056 account.setProfileKey(c.getProfileKey().get());
2057 }
2058 final var recipientId = resolveRecipientTrusted(c.getAddress());
2059 var contact = account.getContactStore().getContact(recipientId);
2060 final var builder = contact == null
2061 ? Contact.newBuilder()
2062 : Contact.newBuilder(contact);
2063 if (c.getName().isPresent()) {
2064 builder.withName(c.getName().get());
2065 }
2066 if (c.getColor().isPresent()) {
2067 builder.withColor(c.getColor().get());
2068 }
2069 if (c.getProfileKey().isPresent()) {
2070 account.getProfileStore().storeProfileKey(recipientId, c.getProfileKey().get());
2071 }
2072 if (c.getVerified().isPresent()) {
2073 final var verifiedMessage = c.getVerified().get();
2074 account.getIdentityKeyStore()
2075 .setIdentityTrustLevel(resolveRecipientTrusted(verifiedMessage.getDestination()),
2076 verifiedMessage.getIdentityKey(),
2077 TrustLevel.fromVerifiedState(verifiedMessage.getVerified()));
2078 }
2079 if (c.getExpirationTimer().isPresent()) {
2080 builder.withMessageExpirationTime(c.getExpirationTimer().get());
2081 }
2082 builder.withBlocked(c.isBlocked());
2083 builder.withArchived(c.isArchived());
2084 account.getContactStore().storeContact(recipientId, builder.build());
2085
2086 if (c.getAvatar().isPresent()) {
2087 downloadContactAvatar(c.getAvatar().get(), c.getAddress());
2088 }
2089 }
2090 }
2091 } catch (Exception e) {
2092 logger.warn("Failed to handle received sync contacts “{}”, ignoring: {}",
2093 tmpFile,
2094 e.getMessage());
2095 } finally {
2096 if (tmpFile != null) {
2097 try {
2098 Files.delete(tmpFile.toPath());
2099 } catch (IOException e) {
2100 logger.warn("Failed to delete received contacts temp file “{}”, ignoring: {}",
2101 tmpFile,
2102 e.getMessage());
2103 }
2104 }
2105 }
2106 }
2107 if (syncMessage.getVerified().isPresent()) {
2108 final var verifiedMessage = syncMessage.getVerified().get();
2109 account.getIdentityKeyStore()
2110 .setIdentityTrustLevel(resolveRecipientTrusted(verifiedMessage.getDestination()),
2111 verifiedMessage.getIdentityKey(),
2112 TrustLevel.fromVerifiedState(verifiedMessage.getVerified()));
2113 }
2114 if (syncMessage.getStickerPackOperations().isPresent()) {
2115 final var stickerPackOperationMessages = syncMessage.getStickerPackOperations().get();
2116 for (var m : stickerPackOperationMessages) {
2117 if (!m.getPackId().isPresent()) {
2118 continue;
2119 }
2120 final var stickerPackId = StickerPackId.deserialize(m.getPackId().get());
2121 var sticker = account.getStickerStore().getSticker(stickerPackId);
2122 if (sticker == null) {
2123 if (!m.getPackKey().isPresent()) {
2124 continue;
2125 }
2126 sticker = new Sticker(stickerPackId, m.getPackKey().get());
2127 }
2128 sticker.setInstalled(!m.getType().isPresent()
2129 || m.getType().get() == StickerPackOperationMessage.Type.INSTALL);
2130 account.getStickerStore().updateSticker(sticker);
2131 }
2132 }
2133 if (syncMessage.getFetchType().isPresent()) {
2134 switch (syncMessage.getFetchType().get()) {
2135 case LOCAL_PROFILE:
2136 getRecipientProfile(account.getSelfRecipientId(), true);
2137 case STORAGE_MANIFEST:
2138 // TODO
2139 }
2140 }
2141 if (syncMessage.getKeys().isPresent()) {
2142 final var keysMessage = syncMessage.getKeys().get();
2143 if (keysMessage.getStorageService().isPresent()) {
2144 final var storageKey = keysMessage.getStorageService().get();
2145 account.setStorageKey(storageKey);
2146 }
2147 }
2148 if (syncMessage.getConfiguration().isPresent()) {
2149 // TODO
2150 }
2151 }
2152 }
2153 return actions;
2154 }
2155
2156 private void downloadContactAvatar(SignalServiceAttachment avatar, SignalServiceAddress address) {
2157 try {
2158 avatarStore.storeContactAvatar(address, outputStream -> retrieveAttachment(avatar, outputStream));
2159 } catch (IOException e) {
2160 logger.warn("Failed to download avatar for contact {}, ignoring: {}", address, e.getMessage());
2161 }
2162 }
2163
2164 private void downloadGroupAvatar(SignalServiceAttachment avatar, GroupId groupId) {
2165 try {
2166 avatarStore.storeGroupAvatar(groupId, outputStream -> retrieveAttachment(avatar, outputStream));
2167 } catch (IOException e) {
2168 logger.warn("Failed to download avatar for group {}, ignoring: {}", groupId.toBase64(), e.getMessage());
2169 }
2170 }
2171
2172 private void downloadGroupAvatar(GroupId groupId, GroupSecretParams groupSecretParams, String cdnKey) {
2173 try {
2174 avatarStore.storeGroupAvatar(groupId,
2175 outputStream -> retrieveGroupV2Avatar(groupSecretParams, cdnKey, outputStream));
2176 } catch (IOException e) {
2177 logger.warn("Failed to download avatar for group {}, ignoring: {}", groupId.toBase64(), e.getMessage());
2178 }
2179 }
2180
2181 private void downloadProfileAvatar(
2182 SignalServiceAddress address, String avatarPath, ProfileKey profileKey
2183 ) {
2184 try {
2185 avatarStore.storeProfileAvatar(address,
2186 outputStream -> retrieveProfileAvatar(avatarPath, profileKey, outputStream));
2187 } catch (Throwable e) {
2188 logger.warn("Failed to download profile avatar, ignoring: {}", e.getMessage());
2189 }
2190 }
2191
2192 public File getAttachmentFile(SignalServiceAttachmentRemoteId attachmentId) {
2193 return attachmentStore.getAttachmentFile(attachmentId);
2194 }
2195
2196 private void downloadAttachment(final SignalServiceAttachment attachment) {
2197 if (!attachment.isPointer()) {
2198 logger.warn("Invalid state, can't store an attachment stream.");
2199 }
2200
2201 var pointer = attachment.asPointer();
2202 if (pointer.getPreview().isPresent()) {
2203 final var preview = pointer.getPreview().get();
2204 try {
2205 attachmentStore.storeAttachmentPreview(pointer.getRemoteId(),
2206 outputStream -> outputStream.write(preview, 0, preview.length));
2207 } catch (IOException e) {
2208 logger.warn("Failed to download attachment preview, ignoring: {}", e.getMessage());
2209 }
2210 }
2211
2212 try {
2213 attachmentStore.storeAttachment(pointer.getRemoteId(),
2214 outputStream -> retrieveAttachmentPointer(pointer, outputStream));
2215 } catch (IOException e) {
2216 logger.warn("Failed to download attachment ({}), ignoring: {}", pointer.getRemoteId(), e.getMessage());
2217 }
2218 }
2219
2220 private void retrieveGroupV2Avatar(
2221 GroupSecretParams groupSecretParams, String cdnKey, OutputStream outputStream
2222 ) throws IOException {
2223 var groupOperations = groupsV2Operations.forGroup(groupSecretParams);
2224
2225 var tmpFile = IOUtils.createTempFile();
2226 try (InputStream input = messageReceiver.retrieveGroupsV2ProfileAvatar(cdnKey,
2227 tmpFile,
2228 ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE)) {
2229 var encryptedData = IOUtils.readFully(input);
2230
2231 var decryptedData = groupOperations.decryptAvatar(encryptedData);
2232 outputStream.write(decryptedData);
2233 } finally {
2234 try {
2235 Files.delete(tmpFile.toPath());
2236 } catch (IOException e) {
2237 logger.warn("Failed to delete received group avatar temp file “{}”, ignoring: {}",
2238 tmpFile,
2239 e.getMessage());
2240 }
2241 }
2242 }
2243
2244 private void retrieveProfileAvatar(
2245 String avatarPath, ProfileKey profileKey, OutputStream outputStream
2246 ) throws IOException {
2247 var tmpFile = IOUtils.createTempFile();
2248 try (var input = messageReceiver.retrieveProfileAvatar(avatarPath,
2249 tmpFile,
2250 profileKey,
2251 ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE)) {
2252 // Use larger buffer size to prevent AssertionError: Need: 12272 but only have: 8192 ...
2253 IOUtils.copyStream(input, outputStream, (int) ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE);
2254 } finally {
2255 try {
2256 Files.delete(tmpFile.toPath());
2257 } catch (IOException e) {
2258 logger.warn("Failed to delete received profile avatar temp file “{}”, ignoring: {}",
2259 tmpFile,
2260 e.getMessage());
2261 }
2262 }
2263 }
2264
2265 private void retrieveAttachment(
2266 final SignalServiceAttachment attachment, final OutputStream outputStream
2267 ) throws IOException {
2268 if (attachment.isPointer()) {
2269 var pointer = attachment.asPointer();
2270 retrieveAttachmentPointer(pointer, outputStream);
2271 } else {
2272 var stream = attachment.asStream();
2273 IOUtils.copyStream(stream.getInputStream(), outputStream);
2274 }
2275 }
2276
2277 private void retrieveAttachmentPointer(
2278 SignalServiceAttachmentPointer pointer, OutputStream outputStream
2279 ) throws IOException {
2280 var tmpFile = IOUtils.createTempFile();
2281 try (var input = retrieveAttachmentAsStream(pointer, tmpFile)) {
2282 IOUtils.copyStream(input, outputStream);
2283 } catch (MissingConfigurationException | InvalidMessageException e) {
2284 throw new IOException(e);
2285 } finally {
2286 try {
2287 Files.delete(tmpFile.toPath());
2288 } catch (IOException e) {
2289 logger.warn("Failed to delete received attachment temp file “{}”, ignoring: {}",
2290 tmpFile,
2291 e.getMessage());
2292 }
2293 }
2294 }
2295
2296 private InputStream retrieveAttachmentAsStream(
2297 SignalServiceAttachmentPointer pointer, File tmpFile
2298 ) throws IOException, InvalidMessageException, MissingConfigurationException {
2299 return messageReceiver.retrieveAttachment(pointer, tmpFile, ServiceConfig.MAX_ATTACHMENT_SIZE);
2300 }
2301
2302 void sendGroups() throws IOException, UntrustedIdentityException {
2303 var groupsFile = IOUtils.createTempFile();
2304
2305 try {
2306 try (OutputStream fos = new FileOutputStream(groupsFile)) {
2307 var out = new DeviceGroupsOutputStream(fos);
2308 for (var record : getGroups()) {
2309 if (record instanceof GroupInfoV1) {
2310 var groupInfo = (GroupInfoV1) record;
2311 out.write(new DeviceGroup(groupInfo.getGroupId().serialize(),
2312 Optional.fromNullable(groupInfo.name),
2313 groupInfo.getMembers()
2314 .stream()
2315 .map(this::resolveSignalServiceAddress)
2316 .collect(Collectors.toList()),
2317 createGroupAvatarAttachment(groupInfo.getGroupId()),
2318 groupInfo.isMember(account.getSelfRecipientId()),
2319 Optional.of(groupInfo.messageExpirationTime),
2320 Optional.fromNullable(groupInfo.color),
2321 groupInfo.blocked,
2322 Optional.absent(),
2323 groupInfo.archived));
2324 }
2325 }
2326 }
2327
2328 if (groupsFile.exists() && groupsFile.length() > 0) {
2329 try (var groupsFileStream = new FileInputStream(groupsFile)) {
2330 var attachmentStream = SignalServiceAttachment.newStreamBuilder()
2331 .withStream(groupsFileStream)
2332 .withContentType("application/octet-stream")
2333 .withLength(groupsFile.length())
2334 .build();
2335
2336 sendSyncMessage(SignalServiceSyncMessage.forGroups(attachmentStream));
2337 }
2338 }
2339 } finally {
2340 try {
2341 Files.delete(groupsFile.toPath());
2342 } catch (IOException e) {
2343 logger.warn("Failed to delete groups temp file “{}”, ignoring: {}", groupsFile, e.getMessage());
2344 }
2345 }
2346 }
2347
2348 public void sendContacts() throws IOException, UntrustedIdentityException {
2349 var contactsFile = IOUtils.createTempFile();
2350
2351 try {
2352 try (OutputStream fos = new FileOutputStream(contactsFile)) {
2353 var out = new DeviceContactsOutputStream(fos);
2354 for (var contactPair : account.getContactStore().getContacts()) {
2355 final var recipientId = contactPair.first();
2356 final var contact = contactPair.second();
2357 final var address = resolveSignalServiceAddress(recipientId);
2358
2359 var currentIdentity = account.getIdentityKeyStore().getIdentity(recipientId);
2360 VerifiedMessage verifiedMessage = null;
2361 if (currentIdentity != null) {
2362 verifiedMessage = new VerifiedMessage(address,
2363 currentIdentity.getIdentityKey(),
2364 currentIdentity.getTrustLevel().toVerifiedState(),
2365 currentIdentity.getDateAdded().getTime());
2366 }
2367
2368 var profileKey = account.getProfileStore().getProfileKey(recipientId);
2369 out.write(new DeviceContact(address,
2370 Optional.fromNullable(contact.getName()),
2371 createContactAvatarAttachment(address),
2372 Optional.fromNullable(contact.getColor()),
2373 Optional.fromNullable(verifiedMessage),
2374 Optional.fromNullable(profileKey),
2375 contact.isBlocked(),
2376 Optional.of(contact.getMessageExpirationTime()),
2377 Optional.absent(),
2378 contact.isArchived()));
2379 }
2380
2381 if (account.getProfileKey() != null) {
2382 // Send our own profile key as well
2383 out.write(new DeviceContact(account.getSelfAddress(),
2384 Optional.absent(),
2385 Optional.absent(),
2386 Optional.absent(),
2387 Optional.absent(),
2388 Optional.of(account.getProfileKey()),
2389 false,
2390 Optional.absent(),
2391 Optional.absent(),
2392 false));
2393 }
2394 }
2395
2396 if (contactsFile.exists() && contactsFile.length() > 0) {
2397 try (var contactsFileStream = new FileInputStream(contactsFile)) {
2398 var attachmentStream = SignalServiceAttachment.newStreamBuilder()
2399 .withStream(contactsFileStream)
2400 .withContentType("application/octet-stream")
2401 .withLength(contactsFile.length())
2402 .build();
2403
2404 sendSyncMessage(SignalServiceSyncMessage.forContacts(new ContactsMessage(attachmentStream, true)));
2405 }
2406 }
2407 } finally {
2408 try {
2409 Files.delete(contactsFile.toPath());
2410 } catch (IOException e) {
2411 logger.warn("Failed to delete contacts temp file “{}”, ignoring: {}", contactsFile, e.getMessage());
2412 }
2413 }
2414 }
2415
2416 void sendBlockedList() throws IOException, UntrustedIdentityException {
2417 var addresses = new ArrayList<SignalServiceAddress>();
2418 for (var record : account.getContactStore().getContacts()) {
2419 if (record.second().isBlocked()) {
2420 addresses.add(resolveSignalServiceAddress(record.first()));
2421 }
2422 }
2423 var groupIds = new ArrayList<byte[]>();
2424 for (var record : getGroups()) {
2425 if (record.isBlocked()) {
2426 groupIds.add(record.getGroupId().serialize());
2427 }
2428 }
2429 sendSyncMessage(SignalServiceSyncMessage.forBlocked(new BlockedListMessage(addresses, groupIds)));
2430 }
2431
2432 private void sendVerifiedMessage(
2433 SignalServiceAddress destination, IdentityKey identityKey, TrustLevel trustLevel
2434 ) throws IOException, UntrustedIdentityException {
2435 var verifiedMessage = new VerifiedMessage(destination,
2436 identityKey,
2437 trustLevel.toVerifiedState(),
2438 System.currentTimeMillis());
2439 sendSyncMessage(SignalServiceSyncMessage.forVerified(verifiedMessage));
2440 }
2441
2442 public List<Pair<RecipientId, Contact>> getContacts() {
2443 return account.getContactStore().getContacts();
2444 }
2445
2446 public String getContactOrProfileName(String number) throws InvalidNumberException {
2447 final var recipientId = canonicalizeAndResolveRecipient(number);
2448 final var recipient = account.getRecipientStore().getRecipient(recipientId);
2449 if (recipient == null) {
2450 return null;
2451 }
2452
2453 if (recipient.getContact() != null && !Util.isEmpty(recipient.getContact().getName())) {
2454 return recipient.getContact().getName();
2455 }
2456
2457 if (recipient.getProfile() != null && recipient.getProfile() != null) {
2458 return recipient.getProfile().getDisplayName();
2459 }
2460
2461 return null;
2462 }
2463
2464 public GroupInfo getGroup(GroupId groupId) {
2465 final var group = account.getGroupStore().getGroup(groupId);
2466 if (group instanceof GroupInfoV2 && ((GroupInfoV2) group).getGroup() == null) {
2467 final var groupSecretParams = GroupSecretParams.deriveFromMasterKey(((GroupInfoV2) group).getMasterKey());
2468 ((GroupInfoV2) group).setGroup(groupHelper.getDecryptedGroup(groupSecretParams), this::resolveRecipient);
2469 account.getGroupStore().updateGroup(group);
2470 }
2471 return group;
2472 }
2473
2474 public List<IdentityInfo> getIdentities() {
2475 return account.getIdentityKeyStore().getIdentities();
2476 }
2477
2478 public List<IdentityInfo> getIdentities(String number) throws InvalidNumberException {
2479 final var identity = account.getIdentityKeyStore().getIdentity(canonicalizeAndResolveRecipient(number));
2480 return identity == null ? List.of() : List.of(identity);
2481 }
2482
2483 /**
2484 * Trust this the identity with this fingerprint
2485 *
2486 * @param name username of the identity
2487 * @param fingerprint Fingerprint
2488 */
2489 public boolean trustIdentityVerified(String name, byte[] fingerprint) throws InvalidNumberException {
2490 var recipientId = canonicalizeAndResolveRecipient(name);
2491 return trustIdentity(recipientId,
2492 identityKey -> Arrays.equals(identityKey.serialize(), fingerprint),
2493 TrustLevel.TRUSTED_VERIFIED);
2494 }
2495
2496 /**
2497 * Trust this the identity with this safety number
2498 *
2499 * @param name username of the identity
2500 * @param safetyNumber Safety number
2501 */
2502 public boolean trustIdentityVerifiedSafetyNumber(String name, String safetyNumber) throws InvalidNumberException {
2503 var recipientId = canonicalizeAndResolveRecipient(name);
2504 var address = account.getRecipientStore().resolveServiceAddress(recipientId);
2505 return trustIdentity(recipientId,
2506 identityKey -> safetyNumber.equals(computeSafetyNumber(address, identityKey)),
2507 TrustLevel.TRUSTED_VERIFIED);
2508 }
2509
2510 /**
2511 * Trust all keys of this identity without verification
2512 *
2513 * @param name username of the identity
2514 */
2515 public boolean trustIdentityAllKeys(String name) throws InvalidNumberException {
2516 var recipientId = canonicalizeAndResolveRecipient(name);
2517 return trustIdentity(recipientId, identityKey -> true, TrustLevel.TRUSTED_UNVERIFIED);
2518 }
2519
2520 private boolean trustIdentity(
2521 RecipientId recipientId, Function<IdentityKey, Boolean> verifier, TrustLevel trustLevel
2522 ) {
2523 var identity = account.getIdentityKeyStore().getIdentity(recipientId);
2524 if (identity == null) {
2525 return false;
2526 }
2527
2528 if (!verifier.apply(identity.getIdentityKey())) {
2529 return false;
2530 }
2531
2532 account.getIdentityKeyStore().setIdentityTrustLevel(recipientId, identity.getIdentityKey(), trustLevel);
2533 try {
2534 var address = account.getRecipientStore().resolveServiceAddress(recipientId);
2535 sendVerifiedMessage(address, identity.getIdentityKey(), trustLevel);
2536 } catch (IOException | UntrustedIdentityException e) {
2537 logger.warn("Failed to send verification sync message: {}", e.getMessage());
2538 }
2539
2540 return true;
2541 }
2542
2543 public String computeSafetyNumber(
2544 SignalServiceAddress theirAddress, IdentityKey theirIdentityKey
2545 ) {
2546 return Utils.computeSafetyNumber(ServiceConfig.capabilities.isUuid(),
2547 account.getSelfAddress(),
2548 getIdentityKeyPair().getPublicKey(),
2549 theirAddress,
2550 theirIdentityKey);
2551 }
2552
2553 @Deprecated
2554 public SignalServiceAddress canonicalizeAndResolveSignalServiceAddress(String identifier) throws InvalidNumberException {
2555 var canonicalizedNumber = UuidUtil.isUuid(identifier)
2556 ? identifier
2557 : PhoneNumberFormatter.formatNumber(identifier, account.getUsername());
2558 return resolveSignalServiceAddress(canonicalizedNumber);
2559 }
2560
2561 @Deprecated
2562 public SignalServiceAddress resolveSignalServiceAddress(String identifier) {
2563 var address = Utils.getSignalServiceAddressFromIdentifier(identifier);
2564
2565 return resolveSignalServiceAddress(address);
2566 }
2567
2568 @Deprecated
2569 public SignalServiceAddress resolveSignalServiceAddress(SignalServiceAddress address) {
2570 if (address.matches(account.getSelfAddress())) {
2571 return account.getSelfAddress();
2572 }
2573
2574 return account.getRecipientStore().resolveServiceAddress(address);
2575 }
2576
2577 public SignalServiceAddress resolveSignalServiceAddress(RecipientId recipientId) {
2578 return account.getRecipientStore().resolveServiceAddress(recipientId);
2579 }
2580
2581 public RecipientId canonicalizeAndResolveRecipient(String identifier) throws InvalidNumberException {
2582 var canonicalizedNumber = UuidUtil.isUuid(identifier)
2583 ? identifier
2584 : PhoneNumberFormatter.formatNumber(identifier, account.getUsername());
2585
2586 return resolveRecipient(canonicalizedNumber);
2587 }
2588
2589 private RecipientId resolveRecipient(final String identifier) {
2590 var address = Utils.getSignalServiceAddressFromIdentifier(identifier);
2591
2592 return resolveRecipient(address);
2593 }
2594
2595 public RecipientId resolveRecipient(SignalServiceAddress address) {
2596 return account.getRecipientStore().resolveRecipient(address);
2597 }
2598
2599 private RecipientId resolveRecipientTrusted(SignalServiceAddress address) {
2600 return account.getRecipientStore().resolveRecipientTrusted(address);
2601 }
2602
2603 @Override
2604 public void close() throws IOException {
2605 close(true);
2606 }
2607
2608 void close(boolean closeAccount) throws IOException {
2609 executor.shutdown();
2610
2611 if (messagePipe != null) {
2612 messagePipe.shutdown();
2613 messagePipe = null;
2614 }
2615
2616 if (unidentifiedMessagePipe != null) {
2617 unidentifiedMessagePipe.shutdown();
2618 unidentifiedMessagePipe = null;
2619 }
2620
2621 if (closeAccount && account != null) {
2622 account.close();
2623 }
2624 account = null;
2625 }
2626
2627 public interface ReceiveMessageHandler {
2628
2629 void handleMessage(SignalServiceEnvelope envelope, SignalServiceContent decryptedContent, Throwable e);
2630 }
2631 }
[GitHub/AsamK] signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Codeberg
GitHub
GitLab
SourceHut