import org.whispersystems.libsignal.ecc.ECKeyPair;
import org.whispersystems.libsignal.ecc.ECPublicKey;
import org.whispersystems.libsignal.state.PreKeyRecord;
-import org.whispersystems.libsignal.state.SignalProtocolStore;
import org.whispersystems.libsignal.state.SignedPreKeyRecord;
import org.whispersystems.libsignal.util.KeyHelper;
import org.whispersystems.libsignal.util.Medium;
import org.whispersystems.signalservice.api.crypto.UntrustedIdentityException;
import org.whispersystems.signalservice.api.messages.*;
import org.whispersystems.signalservice.api.messages.multidevice.*;
+import org.whispersystems.signalservice.api.push.ContactTokenDetails;
import org.whispersystems.signalservice.api.push.SignalServiceAddress;
import org.whispersystems.signalservice.api.push.TrustStore;
import org.whispersystems.signalservice.api.push.exceptions.*;
import java.nio.channels.FileChannel;
import java.nio.channels.FileLock;
import java.nio.file.Files;
+import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
+import java.nio.file.attribute.PosixFilePermission;
+import java.nio.file.attribute.PosixFilePermissions;
import java.util.*;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
+import static java.nio.file.attribute.PosixFilePermission.*;
+
class Manager implements Signal {
private final static String URL = "https://textsecure-service.whispersystems.org";
private final static TrustStore TRUST_STORE = new WhisperTrustStore();
private boolean registered = false;
- private SignalProtocolStore signalProtocolStore;
+ private JsonSignalProtocolStore signalProtocolStore;
private SignalServiceAccountManager accountManager;
private JsonGroupStore groupStore;
private JsonContactsStore contactStore;
}
public String getFileName() {
- new File(dataPath).mkdirs();
return dataPath + "/" + username;
}
+ private static void createPrivateDirectories(String path) throws IOException {
+ final Path file = new File(path).toPath();
+ try {
+ Set<PosixFilePermission> perms = EnumSet.of(OWNER_READ, OWNER_WRITE, OWNER_EXECUTE);
+ Files.createDirectories(file, PosixFilePermissions.asFileAttribute(perms));
+ } catch (UnsupportedOperationException e) {
+ Files.createDirectories(file);
+ }
+ }
+
+ private static void createPrivateFile(String path) throws IOException {
+ final Path file = new File(path).toPath();
+ try {
+ Set<PosixFilePermission> perms = EnumSet.of(OWNER_READ, OWNER_WRITE);
+ Files.createFile(file, PosixFilePermissions.asFileAttribute(perms));
+ } catch (UnsupportedOperationException e) {
+ Files.createFile(file);
+ }
+ }
+
public boolean userExists() {
if (username == null) {
return false;
if (fileChannel != null)
return;
+ createPrivateDirectories(dataPath);
+ if (!new File(getFileName()).exists()) {
+ createPrivateFile(getFileName());
+ }
fileChannel = new RandomAccessFile(new File(getFileName()), "rw").getChannel();
lock = fileChannel.tryLock();
if (lock == null) {
File attachmentFile = getAttachmentFile(g.getAvatarId());
if (!avatarFile.exists() && attachmentFile.exists()) {
try {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
Files.copy(attachmentFile.toPath(), avatarFile.toPath(), StandardCopyOption.REPLACE_EXISTING);
} catch (Exception e) {
// Ignore
return Optional.of(createAttachment(file));
}
+ private GroupInfo getGroupForSending(byte[] groupId) throws GroupNotFoundException, NotAGroupMemberException {
+ GroupInfo g = groupStore.getGroup(groupId);
+ if (g == null) {
+ throw new GroupNotFoundException(groupId);
+ }
+ for (String member : g.members) {
+ if (member.equals(this.username)) {
+ return g;
+ }
+ }
+ throw new NotAGroupMemberException(groupId, g.name);
+ }
+
@Override
public void sendGroupMessage(String messageText, List<String> attachments,
byte[] groupId)
}
SignalServiceDataMessage message = messageBuilder.build();
- GroupInfo g = groupStore.getGroup(groupId);
- if (g == null) {
- throw new GroupNotFoundException(groupId);
- }
+ final GroupInfo g = getGroupForSending(groupId);
// Don't send group message to ourself
final List<String> membersSend = new ArrayList<>(g.members);
.asGroupMessage(group)
.build();
- final GroupInfo g = groupStore.getGroup(groupId);
- if (g == null) {
- throw new GroupNotFoundException(groupId);
- }
+ final GroupInfo g = getGroupForSending(groupId);
g.members.remove(this.username);
groupStore.updateGroup(g);
sendMessage(message, g.members);
}
+ private static String join(CharSequence separator, Iterable<? extends CharSequence> list) {
+ StringBuilder buf = new StringBuilder();
+ for (CharSequence str : list) {
+ if (buf.length() > 0) {
+ buf.append(separator);
+ }
+ buf.append(str);
+ }
+
+ return buf.toString();
+ }
+
public byte[] sendUpdateGroupMessage(byte[] groupId, String name, Collection<String> members, String avatarFile) throws IOException, EncapsulatedExceptions, GroupNotFoundException, AttachmentInvalidException {
GroupInfo g;
if (groupId == null) {
g = new GroupInfo(Util.getSecretBytes(16));
g.members.add(username);
} else {
- g = groupStore.getGroup(groupId);
- if (g == null) {
- throw new GroupNotFoundException(groupId);
- }
+ g = getGroupForSending(groupId);
}
if (name != null) {
}
if (members != null) {
+ Set<String> newMembers = new HashSet<>();
for (String member : members) {
try {
- g.members.add(canonicalizeNumber(member));
+ member = canonicalizeNumber(member);
} catch (InvalidNumberException e) {
System.err.println("Failed to add member \"" + member + "\" to group: " + e.getMessage());
System.err.println("Aborting…");
System.exit(1);
}
+ if (g.members.contains(member)) {
+ continue;
+ }
+ newMembers.add(member);
+ g.members.add(member);
+ }
+ final List<ContactTokenDetails> contacts = accountManager.getContacts(newMembers);
+ if (contacts.size() != newMembers.size()) {
+ // Some of the new members are not registered on Signal
+ for (ContactTokenDetails contact : contacts) {
+ newMembers.remove(contact.getNumber());
+ }
+ System.err.println("Failed to add members " + join(", ", newMembers) + " to group: Not registered on Signal");
+ System.err.println("Aborting…");
+ System.exit(1);
}
}
File aFile = getGroupAvatarFile(g.groupId);
if (avatarFile != null) {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
Files.copy(Paths.get(avatarFile), aFile.toPath(), StandardCopyOption.REPLACE_EXISTING);
}
if (aFile.exists()) {
throws IOException, UntrustedIdentityException {
SignalServiceMessageSender messageSender = new SignalServiceMessageSender(URL, TRUST_STORE, username, password,
deviceId, signalProtocolStore, USER_AGENT, Optional.<SignalServiceMessageSender.EventListener>absent());
- messageSender.sendMessage(message);
+ try {
+ messageSender.sendMessage(message);
+ } catch (UntrustedIdentityException e) {
+ signalProtocolStore.saveIdentity(e.getE164Number(), e.getIdentityKey(), TrustLevel.UNTRUSTED);
+ throw e;
+ }
}
private void sendMessage(SignalServiceDataMessage message, Collection<String> recipients)
deviceId, signalProtocolStore, USER_AGENT, Optional.<SignalServiceMessageSender.EventListener>absent());
if (message.getGroupInfo().isPresent()) {
- messageSender.sendMessage(new ArrayList<>(recipientsTS), message);
+ try {
+ messageSender.sendMessage(new ArrayList<>(recipientsTS), message);
+ } catch (EncapsulatedExceptions encapsulatedExceptions) {
+ for (UntrustedIdentityException e : encapsulatedExceptions.getUntrustedIdentityExceptions()) {
+ signalProtocolStore.saveIdentity(e.getE164Number(), e.getIdentityKey(), TrustLevel.UNTRUSTED);
+ }
+ }
} else {
// Send to all individually, so sync messages are sent correctly
List<UntrustedIdentityException> untrustedIdentities = new LinkedList<>();
try {
messageSender.sendMessage(address, message);
} catch (UntrustedIdentityException e) {
+ signalProtocolStore.saveIdentity(e.getE164Number(), e.getIdentityKey(), TrustLevel.UNTRUSTED);
untrustedIdentities.add(e);
} catch (UnregisteredUserException e) {
unregisteredUsers.add(e);
SignalServiceCipher cipher = new SignalServiceCipher(new SignalServiceAddress(username), signalProtocolStore);
try {
return cipher.decrypt(envelope);
+ } catch (org.whispersystems.libsignal.UntrustedIdentityException e) {
+ // TODO temporarily store message, until user has accepted the key
+ signalProtocolStore.saveIdentity(e.getName(), e.getUntrustedIdentity(), TrustLevel.UNTRUSTED);
+ throw e;
} catch (Exception e) {
throw e;
}
}
private File retrieveContactAvatarAttachment(SignalServiceAttachment attachment, String number) throws IOException, InvalidMessageException {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
if (attachment.isPointer()) {
SignalServiceAttachmentPointer pointer = attachment.asPointer();
return retrieveAttachment(pointer, getContactAvatarFile(number), false);
}
private File retrieveGroupAvatarAttachment(SignalServiceAttachment attachment, byte[] groupId) throws IOException, InvalidMessageException {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
if (attachment.isPointer()) {
SignalServiceAttachmentPointer pointer = attachment.asPointer();
return retrieveAttachment(pointer, getGroupAvatarFile(groupId), false);
}
private File retrieveAttachment(SignalServiceAttachmentPointer pointer) throws IOException, InvalidMessageException {
- new File(attachmentsPath).mkdirs();
+ createPrivateDirectories(attachmentsPath);
return retrieveAttachment(pointer, getAttachmentFile(pointer.getId()), true);
}
public GroupInfo getGroup(byte[] groupId) {
return groupStore.getGroup(groupId);
}
+
+ public Map<String, List<JsonIdentityKeyStore.Identity>> getIdentities() {
+ return signalProtocolStore.getIdentities();
+ }
+
+ public List<JsonIdentityKeyStore.Identity> getIdentities(String number) {
+ return signalProtocolStore.getIdentities(number);
+ }
+
+ /**
+ * Trust this the identity with this fingerprint
+ *
+ * @param name username of the identity
+ * @param fingerprint Fingerprint
+ */
+ public boolean trustIdentityVerified(String name, byte[] fingerprint) {
+ List<JsonIdentityKeyStore.Identity> ids = signalProtocolStore.getIdentities(name);
+ if (ids == null) {
+ return false;
+ }
+ for (JsonIdentityKeyStore.Identity id : ids) {
+ if (!Arrays.equals(id.identityKey.serialize(), fingerprint)) {
+ continue;
+ }
+
+ signalProtocolStore.saveIdentity(name, id.identityKey, TrustLevel.TRUSTED_VERIFIED);
+ save();
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * Trust all keys of this identity without verification
+ *
+ * @param name username of the identity
+ */
+ public boolean trustIdentityAllKeys(String name) {
+ List<JsonIdentityKeyStore.Identity> ids = signalProtocolStore.getIdentities(name);
+ if (ids == null) {
+ return false;
+ }
+ for (JsonIdentityKeyStore.Identity id : ids) {
+ if (id.trustLevel == TrustLevel.UNTRUSTED) {
+ signalProtocolStore.saveIdentity(name, id.identityKey, TrustLevel.TRUSTED_UNVERIFIED);
+ }
+ }
+ save();
+ return true;
+ }
}
git.nmode.ca / signal-cli / blobdiff
