import org.whispersystems.libsignal.ecc.ECKeyPair;
import org.whispersystems.libsignal.ecc.ECPublicKey;
import org.whispersystems.libsignal.state.PreKeyRecord;
-import org.whispersystems.libsignal.state.SignalProtocolStore;
import org.whispersystems.libsignal.state.SignedPreKeyRecord;
import org.whispersystems.libsignal.util.KeyHelper;
import org.whispersystems.libsignal.util.Medium;
import org.whispersystems.signalservice.api.crypto.UntrustedIdentityException;
import org.whispersystems.signalservice.api.messages.*;
import org.whispersystems.signalservice.api.messages.multidevice.*;
+import org.whispersystems.signalservice.api.push.ContactTokenDetails;
import org.whispersystems.signalservice.api.push.SignalServiceAddress;
import org.whispersystems.signalservice.api.push.TrustStore;
-import org.whispersystems.signalservice.api.push.exceptions.AuthorizationFailedException;
-import org.whispersystems.signalservice.api.push.exceptions.EncapsulatedExceptions;
+import org.whispersystems.signalservice.api.push.exceptions.*;
import org.whispersystems.signalservice.api.util.InvalidNumberException;
import org.whispersystems.signalservice.api.util.PhoneNumberFormatter;
import org.whispersystems.signalservice.internal.push.SignalServiceProtos;
import java.nio.channels.FileChannel;
import java.nio.channels.FileLock;
import java.nio.file.Files;
+import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
+import java.nio.file.attribute.PosixFilePermission;
+import java.nio.file.attribute.PosixFilePermissions;
import java.util.*;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
+import static java.nio.file.attribute.PosixFilePermission.*;
+
class Manager implements Signal {
private final static String URL = "https://textsecure-service.whispersystems.org";
private final static TrustStore TRUST_STORE = new WhisperTrustStore();
private boolean registered = false;
- private SignalProtocolStore signalProtocolStore;
+ private JsonSignalProtocolStore signalProtocolStore;
private SignalServiceAccountManager accountManager;
private JsonGroupStore groupStore;
private JsonContactsStore contactStore;
}
public String getFileName() {
- new File(dataPath).mkdirs();
return dataPath + "/" + username;
}
+ private static void createPrivateDirectories(String path) throws IOException {
+ final Path file = new File(path).toPath();
+ try {
+ Set<PosixFilePermission> perms = EnumSet.of(OWNER_READ, OWNER_WRITE, OWNER_EXECUTE);
+ Files.createDirectories(file, PosixFilePermissions.asFileAttribute(perms));
+ } catch (UnsupportedOperationException e) {
+ Files.createDirectories(file);
+ }
+ }
+
+ private static void createPrivateFile(String path) throws IOException {
+ final Path file = new File(path).toPath();
+ try {
+ Set<PosixFilePermission> perms = EnumSet.of(OWNER_READ, OWNER_WRITE);
+ Files.createFile(file, PosixFilePermissions.asFileAttribute(perms));
+ } catch (UnsupportedOperationException e) {
+ Files.createFile(file);
+ }
+ }
+
public boolean userExists() {
if (username == null) {
return false;
if (fileChannel != null)
return;
+ createPrivateDirectories(dataPath);
+ if (!new File(getFileName()).exists()) {
+ createPrivateFile(getFileName());
+ }
fileChannel = new RandomAccessFile(new File(getFileName()), "rw").getChannel();
lock = fileChannel.tryLock();
if (lock == null) {
File attachmentFile = getAttachmentFile(g.getAvatarId());
if (!avatarFile.exists() && attachmentFile.exists()) {
try {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
Files.copy(attachmentFile.toPath(), avatarFile.toPath(), StandardCopyOption.REPLACE_EXISTING);
} catch (Exception e) {
// Ignore
return registered;
}
- public void register(boolean voiceVerication) throws IOException {
+ public void register(boolean voiceVerification) throws IOException {
password = Util.getSecret(18);
accountManager = new SignalServiceAccountManager(URL, TRUST_STORE, username, password, USER_AGENT);
- if (voiceVerication)
+ if (voiceVerification)
accountManager.requestVoiceVerificationCode();
else
accountManager.requestSmsVerificationCode();
InputStream attachmentStream = new FileInputStream(attachmentFile);
final long attachmentSize = attachmentFile.length();
String mime = Files.probeContentType(attachmentFile.toPath());
+ if (mime == null) {
+ mime = "application/octet-stream";
+ }
return new SignalServiceAttachmentStream(attachmentStream, mime, attachmentSize, null);
}
return Optional.of(createAttachment(file));
}
+ private GroupInfo getGroupForSending(byte[] groupId) throws GroupNotFoundException, NotAGroupMemberException {
+ GroupInfo g = groupStore.getGroup(groupId);
+ if (g == null) {
+ throw new GroupNotFoundException(groupId);
+ }
+ for (String member : g.members) {
+ if (member.equals(this.username)) {
+ return g;
+ }
+ }
+ throw new NotAGroupMemberException(groupId, g.name);
+ }
+
@Override
public void sendGroupMessage(String messageText, List<String> attachments,
byte[] groupId)
- throws IOException, EncapsulatedExceptions, GroupNotFoundException, AttachmentInvalidException, UntrustedIdentityException {
+ throws IOException, EncapsulatedExceptions, GroupNotFoundException, AttachmentInvalidException {
final SignalServiceDataMessage.Builder messageBuilder = SignalServiceDataMessage.newBuilder().withBody(messageText);
if (attachments != null) {
messageBuilder.withAttachments(getSignalServiceAttachments(attachments));
}
SignalServiceDataMessage message = messageBuilder.build();
- GroupInfo g = groupStore.getGroup(groupId);
- if (g == null) {
- throw new GroupNotFoundException(groupId);
- }
+ final GroupInfo g = getGroupForSending(groupId);
// Don't send group message to ourself
final List<String> membersSend = new ArrayList<>(g.members);
sendMessage(message, membersSend);
}
- public void sendQuitGroupMessage(byte[] groupId) throws GroupNotFoundException, IOException, EncapsulatedExceptions, UntrustedIdentityException {
+ public void sendQuitGroupMessage(byte[] groupId) throws GroupNotFoundException, IOException, EncapsulatedExceptions {
SignalServiceGroup group = SignalServiceGroup.newBuilder(SignalServiceGroup.Type.QUIT)
.withId(groupId)
.build();
.asGroupMessage(group)
.build();
- final GroupInfo g = groupStore.getGroup(groupId);
- if (g == null) {
- throw new GroupNotFoundException(groupId);
- }
+ final GroupInfo g = getGroupForSending(groupId);
g.members.remove(this.username);
groupStore.updateGroup(g);
sendMessage(message, g.members);
}
- public byte[] sendUpdateGroupMessage(byte[] groupId, String name, Collection<String> members, String avatarFile) throws IOException, EncapsulatedExceptions, GroupNotFoundException, AttachmentInvalidException, UntrustedIdentityException {
+ private static String join(CharSequence separator, Iterable<? extends CharSequence> list) {
+ StringBuilder buf = new StringBuilder();
+ for (CharSequence str : list) {
+ if (buf.length() > 0) {
+ buf.append(separator);
+ }
+ buf.append(str);
+ }
+
+ return buf.toString();
+ }
+
+ public byte[] sendUpdateGroupMessage(byte[] groupId, String name, Collection<String> members, String avatarFile) throws IOException, EncapsulatedExceptions, GroupNotFoundException, AttachmentInvalidException {
GroupInfo g;
if (groupId == null) {
// Create new group
g = new GroupInfo(Util.getSecretBytes(16));
g.members.add(username);
} else {
- g = groupStore.getGroup(groupId);
- if (g == null) {
- throw new GroupNotFoundException(groupId);
- }
+ g = getGroupForSending(groupId);
}
if (name != null) {
}
if (members != null) {
+ Set<String> newMembers = new HashSet<>();
for (String member : members) {
try {
- g.members.add(canonicalizeNumber(member));
+ member = canonicalizeNumber(member);
} catch (InvalidNumberException e) {
System.err.println("Failed to add member \"" + member + "\" to group: " + e.getMessage());
System.err.println("Aborting…");
System.exit(1);
}
+ if (g.members.contains(member)) {
+ continue;
+ }
+ newMembers.add(member);
+ g.members.add(member);
+ }
+ final List<ContactTokenDetails> contacts = accountManager.getContacts(newMembers);
+ if (contacts.size() != newMembers.size()) {
+ // Some of the new members are not registered on Signal
+ for (ContactTokenDetails contact : contacts) {
+ newMembers.remove(contact.getNumber());
+ }
+ System.err.println("Failed to add members " + join(", ", newMembers) + " to group: Not registered on Signal");
+ System.err.println("Aborting…");
+ System.exit(1);
}
}
File aFile = getGroupAvatarFile(g.groupId);
if (avatarFile != null) {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
Files.copy(Paths.get(avatarFile), aFile.toPath(), StandardCopyOption.REPLACE_EXISTING);
}
if (aFile.exists()) {
@Override
public void sendMessage(String message, List<String> attachments, String recipient)
- throws EncapsulatedExceptions, AttachmentInvalidException, IOException, UntrustedIdentityException {
+ throws EncapsulatedExceptions, AttachmentInvalidException, IOException {
List<String> recipients = new ArrayList<>(1);
recipients.add(recipient);
sendMessage(message, attachments, recipients);
@Override
public void sendMessage(String messageText, List<String> attachments,
List<String> recipients)
- throws IOException, EncapsulatedExceptions, AttachmentInvalidException, UntrustedIdentityException {
+ throws IOException, EncapsulatedExceptions, AttachmentInvalidException {
final SignalServiceDataMessage.Builder messageBuilder = SignalServiceDataMessage.newBuilder().withBody(messageText);
if (attachments != null) {
messageBuilder.withAttachments(getSignalServiceAttachments(attachments));
}
@Override
- public void sendEndSessionMessage(List<String> recipients) throws IOException, EncapsulatedExceptions, UntrustedIdentityException {
+ public void sendEndSessionMessage(List<String> recipients) throws IOException, EncapsulatedExceptions {
SignalServiceDataMessage message = SignalServiceDataMessage.newBuilder()
.asEndSessionMessage()
.build();
SignalServiceSyncMessage message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
try {
sendMessage(message);
- } catch (EncapsulatedExceptions encapsulatedExceptions) {
- encapsulatedExceptions.printStackTrace();
} catch (UntrustedIdentityException e) {
e.printStackTrace();
}
SignalServiceSyncMessage message = SignalServiceSyncMessage.forRequest(new RequestMessage(r));
try {
sendMessage(message);
- } catch (EncapsulatedExceptions encapsulatedExceptions) {
- encapsulatedExceptions.printStackTrace();
} catch (UntrustedIdentityException e) {
e.printStackTrace();
}
}
private void sendMessage(SignalServiceSyncMessage message)
- throws IOException, EncapsulatedExceptions, UntrustedIdentityException {
+ throws IOException, UntrustedIdentityException {
SignalServiceMessageSender messageSender = new SignalServiceMessageSender(URL, TRUST_STORE, username, password,
deviceId, signalProtocolStore, USER_AGENT, Optional.<SignalServiceMessageSender.EventListener>absent());
- messageSender.sendMessage(message);
+ try {
+ messageSender.sendMessage(message);
+ } catch (UntrustedIdentityException e) {
+ signalProtocolStore.saveIdentity(e.getE164Number(), e.getIdentityKey(), TrustLevel.UNTRUSTED);
+ throw e;
+ }
}
private void sendMessage(SignalServiceDataMessage message, Collection<String> recipients)
- throws IOException, EncapsulatedExceptions, UntrustedIdentityException {
+ throws EncapsulatedExceptions, IOException {
+ Set<SignalServiceAddress> recipientsTS = new HashSet<>(recipients.size());
+ for (String recipient : recipients) {
+ try {
+ recipientsTS.add(getPushAddress(recipient));
+ } catch (InvalidNumberException e) {
+ System.err.println("Failed to add recipient \"" + recipient + "\": " + e.getMessage());
+ System.err.println("Aborting sending.");
+ save();
+ return;
+ }
+ }
+
try {
SignalServiceMessageSender messageSender = new SignalServiceMessageSender(URL, TRUST_STORE, username, password,
deviceId, signalProtocolStore, USER_AGENT, Optional.<SignalServiceMessageSender.EventListener>absent());
- Set<SignalServiceAddress> recipientsTS = new HashSet<>(recipients.size());
- for (String recipient : recipients) {
+ if (message.getGroupInfo().isPresent()) {
try {
- recipientsTS.add(getPushAddress(recipient));
- } catch (InvalidNumberException e) {
- System.err.println("Failed to add recipient \"" + recipient + "\": " + e.getMessage());
- System.err.println("Aborting sending.");
- save();
- return;
+ messageSender.sendMessage(new ArrayList<>(recipientsTS), message);
+ } catch (EncapsulatedExceptions encapsulatedExceptions) {
+ for (UntrustedIdentityException e : encapsulatedExceptions.getUntrustedIdentityExceptions()) {
+ signalProtocolStore.saveIdentity(e.getE164Number(), e.getIdentityKey(), TrustLevel.UNTRUSTED);
+ }
}
- }
-
- if (message.getGroupInfo().isPresent()) {
- messageSender.sendMessage(new ArrayList<>(recipientsTS), message);
} else {
// Send to all individually, so sync messages are sent correctly
+ List<UntrustedIdentityException> untrustedIdentities = new LinkedList<>();
+ List<UnregisteredUserException> unregisteredUsers = new LinkedList<>();
+ List<NetworkFailureException> networkExceptions = new LinkedList<>();
for (SignalServiceAddress address : recipientsTS) {
- messageSender.sendMessage(address, message);
+ try {
+ messageSender.sendMessage(address, message);
+ } catch (UntrustedIdentityException e) {
+ signalProtocolStore.saveIdentity(e.getE164Number(), e.getIdentityKey(), TrustLevel.UNTRUSTED);
+ untrustedIdentities.add(e);
+ } catch (UnregisteredUserException e) {
+ unregisteredUsers.add(e);
+ } catch (PushNetworkException e) {
+ networkExceptions.add(new NetworkFailureException(address.getNumber(), e));
+ }
+ }
+ if (!untrustedIdentities.isEmpty() || !unregisteredUsers.isEmpty() || !networkExceptions.isEmpty()) {
+ throw new EncapsulatedExceptions(untrustedIdentities, unregisteredUsers, networkExceptions);
}
}
-
+ } finally {
if (message.isEndSession()) {
for (SignalServiceAddress recipient : recipientsTS) {
handleEndSession(recipient.getNumber());
}
}
- } finally {
save();
}
}
- private SignalServiceContent decryptMessage(SignalServiceEnvelope envelope) {
+ private SignalServiceContent decryptMessage(SignalServiceEnvelope envelope) throws NoSessionException, LegacyMessageException, InvalidVersionException, InvalidMessageException, DuplicateMessageException, InvalidKeyException, InvalidKeyIdException, org.whispersystems.libsignal.UntrustedIdentityException {
SignalServiceCipher cipher = new SignalServiceCipher(new SignalServiceAddress(username), signalProtocolStore);
try {
return cipher.decrypt(envelope);
+ } catch (org.whispersystems.libsignal.UntrustedIdentityException e) {
+ // TODO temporarily store message, until user has accepted the key
+ signalProtocolStore.saveIdentity(e.getName(), e.getUntrustedIdentity(), TrustLevel.UNTRUSTED);
+ throw e;
} catch (Exception e) {
- // TODO handle all exceptions
- e.printStackTrace();
- return null;
+ throw e;
}
}
try {
envelope = messagePipe.read(timeoutSeconds, TimeUnit.SECONDS);
if (!envelope.isReceipt()) {
- content = decryptMessage(envelope);
+ Exception exception;
+ try {
+ content = decryptMessage(envelope);
+ } catch (Exception e) {
+ exception = e;
+ // TODO pass exception to handler instead
+ e.printStackTrace();
+ }
if (content != null) {
if (content.getDataMessage().isPresent()) {
SignalServiceDataMessage message = content.getDataMessage().get();
if (rm.isContactsRequest()) {
try {
sendContacts();
- } catch (EncapsulatedExceptions encapsulatedExceptions) {
- encapsulatedExceptions.printStackTrace();
} catch (UntrustedIdentityException e) {
e.printStackTrace();
}
if (rm.isGroupsRequest()) {
try {
sendGroups();
- } catch (EncapsulatedExceptions encapsulatedExceptions) {
- encapsulatedExceptions.printStackTrace();
} catch (UntrustedIdentityException e) {
e.printStackTrace();
}
}
private File retrieveContactAvatarAttachment(SignalServiceAttachment attachment, String number) throws IOException, InvalidMessageException {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
if (attachment.isPointer()) {
SignalServiceAttachmentPointer pointer = attachment.asPointer();
return retrieveAttachment(pointer, getContactAvatarFile(number), false);
}
private File retrieveGroupAvatarAttachment(SignalServiceAttachment attachment, byte[] groupId) throws IOException, InvalidMessageException {
- new File(avatarsPath).mkdirs();
+ createPrivateDirectories(avatarsPath);
if (attachment.isPointer()) {
SignalServiceAttachmentPointer pointer = attachment.asPointer();
return retrieveAttachment(pointer, getGroupAvatarFile(groupId), false);
}
private File retrieveAttachment(SignalServiceAttachmentPointer pointer) throws IOException, InvalidMessageException {
- new File(attachmentsPath).mkdirs();
+ createPrivateDirectories(attachmentsPath);
return retrieveAttachment(pointer, getAttachmentFile(pointer.getId()), true);
}
return false;
}
- private void sendGroups() throws IOException, EncapsulatedExceptions, UntrustedIdentityException {
+ private void sendGroups() throws IOException, UntrustedIdentityException {
File groupsFile = File.createTempFile("multidevice-group-update", ".tmp");
try {
}
}
- private void sendContacts() throws IOException, EncapsulatedExceptions, UntrustedIdentityException {
+ private void sendContacts() throws IOException, UntrustedIdentityException {
File contactsFile = File.createTempFile("multidevice-contact-update", ".tmp");
try {
public GroupInfo getGroup(byte[] groupId) {
return groupStore.getGroup(groupId);
}
+
+ public Map<String, List<JsonIdentityKeyStore.Identity>> getIdentities() {
+ return signalProtocolStore.getIdentities();
+ }
+
+ public List<JsonIdentityKeyStore.Identity> getIdentities(String number) {
+ return signalProtocolStore.getIdentities(number);
+ }
+
+ /**
+ * Trust this the identity with this fingerprint
+ *
+ * @param name username of the identity
+ * @param fingerprint Fingerprint
+ */
+ public boolean trustIdentityVerified(String name, byte[] fingerprint) {
+ List<JsonIdentityKeyStore.Identity> ids = signalProtocolStore.getIdentities(name);
+ if (ids == null) {
+ return false;
+ }
+ for (JsonIdentityKeyStore.Identity id : ids) {
+ if (!Arrays.equals(id.identityKey.serialize(), fingerprint)) {
+ continue;
+ }
+
+ signalProtocolStore.saveIdentity(name, id.identityKey, TrustLevel.TRUSTED_VERIFIED);
+ save();
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * Trust all keys of this identity without verification
+ *
+ * @param name username of the identity
+ */
+ public boolean trustIdentityAllKeys(String name) {
+ List<JsonIdentityKeyStore.Identity> ids = signalProtocolStore.getIdentities(name);
+ if (ids == null) {
+ return false;
+ }
+ for (JsonIdentityKeyStore.Identity id : ids) {
+ if (id.trustLevel == TrustLevel.UNTRUSTED) {
+ signalProtocolStore.saveIdentity(name, id.identityKey, TrustLevel.TRUSTED_UNVERIFIED);
+ }
+ }
+ save();
+ return true;
+ }
}
git.nmode.ca / signal-cli / blobdiff
