import org.whispersystems.libsignal.ecc.ECKeyPair;
import org.whispersystems.libsignal.ecc.ECPublicKey;
import org.whispersystems.libsignal.state.PreKeyRecord;
-import org.whispersystems.libsignal.state.SignalProtocolStore;
import org.whispersystems.libsignal.state.SignedPreKeyRecord;
import org.whispersystems.libsignal.util.KeyHelper;
import org.whispersystems.libsignal.util.Medium;
import java.nio.channels.FileChannel;
import java.nio.channels.FileLock;
import java.nio.file.Files;
+import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
+import java.nio.file.attribute.PosixFilePermission;
+import java.nio.file.attribute.PosixFilePermissions;
import java.util.*;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
+import static java.nio.file.attribute.PosixFilePermission.*;
+
class Manager implements Signal {
private final static String URL = "https://textsecure-service.whispersystems.org";
private final static TrustStore TRUST_STORE = new WhisperTrustStore();
private boolean registered = false;
- private SignalProtocolStore signalProtocolStore;
+ private JsonSignalProtocolStore signalProtocolStore;
private SignalServiceAccountManager accountManager;
private JsonGroupStore groupStore;
private JsonContactsStore contactStore;
}
public String getFileName() {
- new File(dataPath).mkdirs();
return dataPath + "/" + username;
}
+ private static void createPrivateDirectories(String path) throws IOException {
+ final Path file = new File(path).toPath();
+ try {
+ Set<PosixFilePermission> perms = EnumSet.of(OWNER_READ, OWNER_WRITE, OWNER_EXECUTE);
+ Files.createDirectories(file, PosixFilePermissions.asFileAttribute(perms));
+ } catch (UnsupportedOperationException e) {
+ Files.createDirectories(file);
+ }
+ }
+
+ private static void createPrivateFile(String path) throws IOException {
+ final Path file = new File(path).toPath();
+ try {
+ Set<PosixFilePermission> perms = EnumSet.of(OWNER_READ, OWNER_WRITE);
+ Files.createFile(file, PosixFilePermissions.asFileAttribute(perms));
+ } catch (UnsupportedOperationException e) {
+ Files.createFile(file);
+ }
+ }
+
public boolean userExists() {
if (username == null) {
return false;
if (fileChannel != null)
return;
+ createPrivateDirectories(dataPath);
+ if (!new File(getFileName()).exists()) {
+ createPrivateFile(getFileName());
+ }
fileChannel = new RandomAccessFile(new File(getFileName()), "rw").getChannel();
lock = fileChannel.tryLock();
if (lock == null) {
File attachmentFile = getAttachmentFile(g.getAvatarId());
if (!avatarFile.exists() && attachmentFile.exists()) {
try {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
Files.copy(attachmentFile.toPath(), avatarFile.toPath(), StandardCopyOption.REPLACE_EXISTING);
} catch (Exception e) {
// Ignore
InputStream attachmentStream = new FileInputStream(attachmentFile);
final long attachmentSize = attachmentFile.length();
String mime = Files.probeContentType(attachmentFile.toPath());
+ if (mime == null) {
+ mime = "application/octet-stream";
+ }
return new SignalServiceAttachmentStream(attachmentStream, mime, attachmentSize, null);
}
File aFile = getGroupAvatarFile(g.groupId);
if (avatarFile != null) {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
Files.copy(Paths.get(avatarFile), aFile.toPath(), StandardCopyOption.REPLACE_EXISTING);
}
if (aFile.exists()) {
throws IOException, UntrustedIdentityException {
SignalServiceMessageSender messageSender = new SignalServiceMessageSender(URL, TRUST_STORE, username, password,
deviceId, signalProtocolStore, USER_AGENT, Optional.<SignalServiceMessageSender.EventListener>absent());
- messageSender.sendMessage(message);
+ try {
+ messageSender.sendMessage(message);
+ } catch (UntrustedIdentityException e) {
+ signalProtocolStore.saveIdentity(e.getE164Number(), e.getIdentityKey(), TrustLevel.UNTRUSTED);
+ throw e;
+ }
}
private void sendMessage(SignalServiceDataMessage message, Collection<String> recipients)
deviceId, signalProtocolStore, USER_AGENT, Optional.<SignalServiceMessageSender.EventListener>absent());
if (message.getGroupInfo().isPresent()) {
- messageSender.sendMessage(new ArrayList<>(recipientsTS), message);
+ try {
+ messageSender.sendMessage(new ArrayList<>(recipientsTS), message);
+ } catch (EncapsulatedExceptions encapsulatedExceptions) {
+ for (UntrustedIdentityException e : encapsulatedExceptions.getUntrustedIdentityExceptions()) {
+ signalProtocolStore.saveIdentity(e.getE164Number(), e.getIdentityKey(), TrustLevel.UNTRUSTED);
+ }
+ }
} else {
// Send to all individually, so sync messages are sent correctly
List<UntrustedIdentityException> untrustedIdentities = new LinkedList<>();
try {
messageSender.sendMessage(address, message);
} catch (UntrustedIdentityException e) {
+ signalProtocolStore.saveIdentity(e.getE164Number(), e.getIdentityKey(), TrustLevel.UNTRUSTED);
untrustedIdentities.add(e);
} catch (UnregisteredUserException e) {
unregisteredUsers.add(e);
SignalServiceCipher cipher = new SignalServiceCipher(new SignalServiceAddress(username), signalProtocolStore);
try {
return cipher.decrypt(envelope);
+ } catch (org.whispersystems.libsignal.UntrustedIdentityException e) {
+ // TODO temporarily store message, until user has accepted the key
+ signalProtocolStore.saveIdentity(e.getName(), e.getUntrustedIdentity(), TrustLevel.UNTRUSTED);
+ throw e;
} catch (Exception e) {
throw e;
}
}
private File retrieveContactAvatarAttachment(SignalServiceAttachment attachment, String number) throws IOException, InvalidMessageException {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
if (attachment.isPointer()) {
SignalServiceAttachmentPointer pointer = attachment.asPointer();
return retrieveAttachment(pointer, getContactAvatarFile(number), false);
}
private File retrieveGroupAvatarAttachment(SignalServiceAttachment attachment, byte[] groupId) throws IOException, InvalidMessageException {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
if (attachment.isPointer()) {
SignalServiceAttachmentPointer pointer = attachment.asPointer();
return retrieveAttachment(pointer, getGroupAvatarFile(groupId), false);
}
private File retrieveAttachment(SignalServiceAttachmentPointer pointer) throws IOException, InvalidMessageException {
- new File(attachmentsPath).mkdirs();
+ createPrivateDirectories(attachmentsPath);
return retrieveAttachment(pointer, getAttachmentFile(pointer.getId()), true);
}
public GroupInfo getGroup(byte[] groupId) {
return groupStore.getGroup(groupId);
}
+
+ public Map<String, List<JsonIdentityKeyStore.Identity>> getIdentities() {
+ return signalProtocolStore.getIdentities();
+ }
+
+ public List<JsonIdentityKeyStore.Identity> getIdentities(String number) {
+ return signalProtocolStore.getIdentities(number);
+ }
+
+ /**
+ * Trust this the identity with this fingerprint
+ *
+ * @param name username of the identity
+ * @param fingerprint Fingerprint
+ */
+ public boolean trustIdentityVerified(String name, byte[] fingerprint) {
+ List<JsonIdentityKeyStore.Identity> ids = signalProtocolStore.getIdentities(name);
+ if (ids == null) {
+ return false;
+ }
+ for (JsonIdentityKeyStore.Identity id : ids) {
+ if (!Arrays.equals(id.identityKey.serialize(), fingerprint)) {
+ continue;
+ }
+
+ signalProtocolStore.saveIdentity(name, id.identityKey, TrustLevel.TRUSTED_VERIFIED);
+ save();
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * Trust all keys of this identity without verification
+ *
+ * @param name username of the identity
+ */
+ public boolean trustIdentityAllKeys(String name) {
+ List<JsonIdentityKeyStore.Identity> ids = signalProtocolStore.getIdentities(name);
+ if (ids == null) {
+ return false;
+ }
+ for (JsonIdentityKeyStore.Identity id : ids) {
+ if (id.trustLevel == TrustLevel.UNTRUSTED) {
+ signalProtocolStore.saveIdentity(name, id.identityKey, TrustLevel.TRUSTED_UNVERIFIED);
+ }
+ }
+ save();
+ return true;
+ }
}
git.nmode.ca / signal-cli / blobdiff
