X-Git-Url: https://git.nmode.ca/signal-cli/blobdiff_plain/0dc6b1327e1da6f5707d199f2c35eb18bee9e864..4ff28458ffac5e6e7e5a40d17e1f65786f2b0b0e:/src/main/java/org/asamk/signal/manager/Manager.java diff --git a/src/main/java/org/asamk/signal/manager/Manager.java b/src/main/java/org/asamk/signal/manager/Manager.java index 3a587257..99b0d82a 100644 --- a/src/main/java/org/asamk/signal/manager/Manager.java +++ b/src/main/java/org/asamk/signal/manager/Manager.java @@ -16,10 +16,14 @@ */ package org.asamk.signal.manager; +import com.fasterxml.jackson.databind.ObjectMapper; + import org.asamk.Signal; import org.asamk.signal.AttachmentInvalidException; import org.asamk.signal.GroupNotFoundException; +import org.asamk.signal.JsonStickerPack; import org.asamk.signal.NotAGroupMemberException; +import org.asamk.signal.StickerPackInvalidException; import org.asamk.signal.TrustLevel; import org.asamk.signal.UserAlreadyExists; import org.asamk.signal.storage.SignalAccount; @@ -41,7 +45,9 @@ import org.signal.libsignal.metadata.ProtocolLegacyMessageException; import org.signal.libsignal.metadata.ProtocolNoSessionException; import org.signal.libsignal.metadata.ProtocolUntrustedIdentityException; import org.signal.libsignal.metadata.SelfSendException; +import org.signal.libsignal.metadata.certificate.InvalidCertificateException; import org.signal.zkgroup.InvalidInputException; +import org.signal.zkgroup.VerificationFailedException; import org.signal.zkgroup.profiles.ProfileKey; import org.whispersystems.libsignal.IdentityKey; import org.whispersystems.libsignal.IdentityKeyPair; @@ -61,6 +67,8 @@ import org.whispersystems.signalservice.api.SignalServiceAccountManager; import org.whispersystems.signalservice.api.SignalServiceMessagePipe; import org.whispersystems.signalservice.api.SignalServiceMessageReceiver; import org.whispersystems.signalservice.api.SignalServiceMessageSender; +import org.whispersystems.signalservice.api.crypto.InvalidCiphertextException; +import org.whispersystems.signalservice.api.crypto.ProfileCipher; import org.whispersystems.signalservice.api.crypto.SignalServiceCipher; import org.whispersystems.signalservice.api.crypto.UnidentifiedAccess; import org.whispersystems.signalservice.api.crypto.UnidentifiedAccessPair; @@ -73,6 +81,8 @@ import org.whispersystems.signalservice.api.messages.SignalServiceContent; import org.whispersystems.signalservice.api.messages.SignalServiceDataMessage; import org.whispersystems.signalservice.api.messages.SignalServiceEnvelope; import org.whispersystems.signalservice.api.messages.SignalServiceGroup; +import org.whispersystems.signalservice.api.messages.SignalServiceStickerManifestUpload; +import org.whispersystems.signalservice.api.messages.SignalServiceStickerManifestUpload.StickerInfo; import org.whispersystems.signalservice.api.messages.multidevice.BlockedListMessage; import org.whispersystems.signalservice.api.messages.multidevice.ContactsMessage; import org.whispersystems.signalservice.api.messages.multidevice.DeviceContact; @@ -99,6 +109,7 @@ import org.whispersystems.signalservice.api.util.StreamDetails; import org.whispersystems.signalservice.api.util.UptimeSleepTimer; import org.whispersystems.signalservice.internal.push.SignalServiceProtos; import org.whispersystems.signalservice.internal.push.UnsupportedDataMessageException; +import org.whispersystems.signalservice.internal.util.Hex; import org.whispersystems.util.Base64; import java.io.File; @@ -109,6 +120,8 @@ import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.net.URI; +import java.net.URISyntaxException; +import java.net.URLEncoder; import java.nio.file.Files; import java.nio.file.Paths; import java.nio.file.StandardCopyOption; @@ -126,6 +139,8 @@ import java.util.Objects; import java.util.Set; import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeoutException; +import java.util.zip.ZipEntry; +import java.util.zip.ZipFile; public class Manager implements Signal { @@ -260,9 +275,9 @@ public class Manager implements Signal { accountManager = getSignalServiceAccountManager(); if (voiceVerification) { - accountManager.requestVoiceVerificationCode(Locale.getDefault(), Optional.absent(), Optional.absent()); + accountManager.requestVoiceVerificationCode(Locale.getDefault(), Optional.absent(), Optional.absent()); } else { - accountManager.requestSmsVerificationCode(false, Optional.absent(), Optional.absent()); + accountManager.requestSmsVerificationCode(false, Optional.absent(), Optional.absent()); } account.setRegistered(false); @@ -291,7 +306,7 @@ public class Manager implements Signal { // When setting an empty GCM id, the Signal-Server also sets the fetchesMessages property to false. // If this is the master device, other users can't send messages to this number anymore. // If this is a linked device, other users can still send messages, but this device doesn't receive them anymore. - accountManager.setGcmId(Optional.absent()); + accountManager.setGcmId(Optional.absent()); account.setRegistered(false); account.save(); @@ -443,7 +458,26 @@ public class Manager implements Signal { private SignalServiceMessageSender getMessageSender() { return new SignalServiceMessageSender(BaseConfig.serviceConfiguration, null, username, account.getPassword(), - account.getDeviceId(), account.getSignalProtocolStore(), BaseConfig.USER_AGENT, account.isMultiDevice(), Optional.fromNullable(messagePipe), Optional.fromNullable(unidentifiedMessagePipe), Optional.absent()); + account.getDeviceId(), account.getSignalProtocolStore(), BaseConfig.USER_AGENT, account.isMultiDevice(), Optional.fromNullable(messagePipe), Optional.fromNullable(unidentifiedMessagePipe), Optional.absent()); + } + + private SignalServiceProfile getRecipientProfile(SignalServiceAddress address, Optional unidentifiedAccess) throws IOException { + SignalServiceMessagePipe pipe = unidentifiedMessagePipe != null && unidentifiedAccess.isPresent() ? unidentifiedMessagePipe + : messagePipe; + + if (pipe != null) { + try { + return pipe.getProfile(address, Optional.absent(), unidentifiedAccess, SignalServiceProfile.RequestType.PROFILE).getProfile(); + } catch (IOException ignored) { + } + } + + SignalServiceMessageReceiver receiver = getMessageReceiver(); + try { + return receiver.retrieveProfile(address, Optional.absent(), unidentifiedAccess, SignalServiceProfile.RequestType.PROFILE).getProfile(); + } catch (VerificationFailedException e) { + throw new AssertionError(e); + } } private Optional createGroupAvatarAttachment(byte[] groupId) throws IOException { @@ -834,6 +868,111 @@ public class Manager implements Signal { account.getThreadStore().updateThread(thread); } + /** + * Upload the sticker pack from path. + * + * @param path Path can be a path to a manifest.json file or to a zip file that contains a manifest.json file + * @return if successful, returns the URL to install the sticker pack in the signal app + */ + public String uploadStickerPack(String path) throws IOException, StickerPackInvalidException { + SignalServiceStickerManifestUpload manifest = getSignalServiceStickerManifestUpload(path); + + SignalServiceMessageSender messageSender = getMessageSender(); + + byte[] packKey = KeyUtils.createStickerUploadKey(); + String packId = messageSender.uploadStickerManifest(manifest, packKey); + + try { + return new URI("https", "signal.art", "/addstickers/", "pack_id=" + URLEncoder.encode(packId, "utf-8") + "&pack_key=" + URLEncoder.encode(Hex.toStringCondensed(packKey), "utf-8")) + .toString(); + } catch (URISyntaxException e) { + throw new AssertionError(e); + } + } + + private SignalServiceStickerManifestUpload getSignalServiceStickerManifestUpload(final String path) throws IOException, StickerPackInvalidException { + ZipFile zip = null; + String rootPath = null; + + final File file = new File(path); + if (file.getName().endsWith(".zip")) { + zip = new ZipFile(file); + } else if (file.getName().equals("manifest.json")) { + rootPath = file.getParent(); + } else { + throw new StickerPackInvalidException("Could not find manifest.json"); + } + + JsonStickerPack pack = parseStickerPack(rootPath, zip); + + if (pack.stickers == null) { + throw new StickerPackInvalidException("Must set a 'stickers' field."); + } + + if (pack.stickers.isEmpty()) { + throw new StickerPackInvalidException("Must include stickers."); + } + + List stickers = new ArrayList<>(pack.stickers.size()); + for (JsonStickerPack.JsonSticker sticker : pack.stickers) { + if (sticker.file == null) { + throw new StickerPackInvalidException("Must set a 'file' field on each sticker."); + } + + Pair data; + try { + data = getInputStreamAndLength(rootPath, zip, sticker.file); + } catch (IOException ignored) { + throw new StickerPackInvalidException("Could not find find " + sticker.file); + } + + StickerInfo stickerInfo = new StickerInfo(data.first(), data.second(), Optional.fromNullable(sticker.emoji).or("")); + stickers.add(stickerInfo); + } + + StickerInfo cover = null; + if (pack.cover != null) { + if (pack.cover.file == null) { + throw new StickerPackInvalidException("Must set a 'file' field on the cover."); + } + + Pair data; + try { + data = getInputStreamAndLength(rootPath, zip, pack.cover.file); + } catch (IOException ignored) { + throw new StickerPackInvalidException("Could not find find " + pack.cover.file); + } + + cover = new StickerInfo(data.first(), data.second(), Optional.fromNullable(pack.cover.emoji).or("")); + } + + return new SignalServiceStickerManifestUpload( + pack.title, + pack.author, + cover, + stickers); + } + + private static JsonStickerPack parseStickerPack(String rootPath, ZipFile zip) throws IOException, StickerPackInvalidException { + InputStream inputStream; + if (zip != null) { + inputStream = zip.getInputStream(zip.getEntry("manifest.json")); + } else { + inputStream = new FileInputStream((new File(rootPath, "manifest.json"))); + } + return new ObjectMapper().readValue(inputStream, JsonStickerPack.class); + } + + private static Pair getInputStreamAndLength(final String rootPath, final ZipFile zip, final String subfile) throws IOException { + if (zip != null) { + final ZipEntry entry = zip.getEntry(subfile); + return new Pair<>(zip.getInputStream(entry), entry.getSize()); + } else { + final File file = new File(rootPath, subfile); + return new Pair<>(new FileInputStream(file), file.length()); + } + } + private void requestSyncGroups() throws IOException { SignalServiceProtos.SyncMessage.Request r = SignalServiceProtos.SyncMessage.Request.newBuilder().setType(SignalServiceProtos.SyncMessage.Request.Type.GROUPS).build(); SignalServiceSyncMessage message = SignalServiceSyncMessage.forRequest(new RequestMessage(r)); @@ -874,31 +1013,98 @@ public class Manager implements Signal { } } + private byte[] getSenderCertificate() throws IOException { + byte[] certificate = accountManager.getSenderCertificate(); + // TODO cache for a day + return certificate; + } + private byte[] getSelfUnidentifiedAccessKey() { return UnidentifiedAccess.deriveAccessKeyFrom(account.getProfileKey()); } - private byte[] getTargetUnidentifiedAccessKey(SignalServiceAddress recipient) { - // TODO implement - return null; + private static SignalProfile decryptProfile(SignalServiceProfile encryptedProfile, ProfileKey profileKey) throws IOException { + ProfileCipher profileCipher = new ProfileCipher(profileKey); + try { + return new SignalProfile( + encryptedProfile.getIdentityKey(), + encryptedProfile.getName() == null ? null : new String(profileCipher.decryptName(Base64.decode(encryptedProfile.getName()))), + encryptedProfile.getAvatar(), + encryptedProfile.getUnidentifiedAccess() == null || !profileCipher.verifyUnidentifiedAccess(Base64.decode(encryptedProfile.getUnidentifiedAccess())) ? null : encryptedProfile.getUnidentifiedAccess(), + encryptedProfile.isUnrestrictedUnidentifiedAccess() + ); + } catch (InvalidCiphertextException e) { + return null; + } + } + + private byte[] getTargetUnidentifiedAccessKey(SignalServiceAddress recipient) throws IOException { + ContactInfo contact = account.getContactStore().getContact(recipient.getNumber().get()); + if (contact == null || contact.profileKey == null) { + return null; + } + ProfileKey theirProfileKey; + try { + theirProfileKey = new ProfileKey(Base64.decode(contact.profileKey)); + } catch (InvalidInputException e) { + throw new AssertionError(e); + } + SignalProfile targetProfile = decryptProfile(getRecipientProfile(recipient, Optional.absent()), theirProfileKey); + + if (targetProfile == null || targetProfile.getUnidentifiedAccess() == null) { + return null; + } + + if (targetProfile.isUnrestrictedUnidentifiedAccess()) { + return KeyUtils.createUnrestrictedUnidentifiedAccess(); + } + + return UnidentifiedAccess.deriveAccessKeyFrom(theirProfileKey); } - private Optional getAccessForSync() { - // TODO implement - return Optional.absent(); + private Optional getAccessForSync() throws IOException { + byte[] selfUnidentifiedAccessKey = getSelfUnidentifiedAccessKey(); + byte[] selfUnidentifiedAccessCertificate = getSenderCertificate(); + + if (selfUnidentifiedAccessKey == null || selfUnidentifiedAccessCertificate == null) { + return Optional.absent(); + } + + try { + return Optional.of(new UnidentifiedAccessPair( + new UnidentifiedAccess(selfUnidentifiedAccessKey, selfUnidentifiedAccessCertificate), + new UnidentifiedAccess(selfUnidentifiedAccessKey, selfUnidentifiedAccessCertificate) + )); + } catch (InvalidCertificateException e) { + return Optional.absent(); + } } - private List> getAccessFor(Collection recipients) { + private List> getAccessFor(Collection recipients) throws IOException { List> result = new ArrayList<>(recipients.size()); for (SignalServiceAddress recipient : recipients) { - result.add(Optional.absent()); + result.add(getAccessFor(recipient)); } return result; } - private Optional getAccessFor(SignalServiceAddress recipient) { - // TODO implement - return Optional.absent(); + private Optional getAccessFor(SignalServiceAddress recipient) throws IOException { + byte[] recipientUnidentifiedAccessKey = getTargetUnidentifiedAccessKey(recipient); + byte[] selfUnidentifiedAccessKey = getSelfUnidentifiedAccessKey(); + byte[] selfUnidentifiedAccessCertificate = getSenderCertificate(); + + if (recipientUnidentifiedAccessKey == null || selfUnidentifiedAccessKey == null || selfUnidentifiedAccessCertificate == null) { + return Optional.absent(); + } + + try { + return Optional.of(new UnidentifiedAccessPair( + new UnidentifiedAccess(recipientUnidentifiedAccessKey, selfUnidentifiedAccessCertificate), + new UnidentifiedAccess(selfUnidentifiedAccessKey, selfUnidentifiedAccessCertificate) + )); + } catch (InvalidCertificateException e) { + return Optional.absent(); + } } private void sendSyncMessage(SignalServiceSyncMessage message) @@ -945,6 +1151,12 @@ public class Manager implements Signal { return Collections.emptyList(); } + if (messagePipe == null) { + messagePipe = getMessageReceiver().createMessagePipe(); + } + if (unidentifiedMessagePipe == null) { + unidentifiedMessagePipe = getMessageReceiver().createUnidentifiedMessagePipe(); + } SignalServiceDataMessage message = null; try { SignalServiceMessageSender messageSender = getMessageSender(); @@ -1140,6 +1352,7 @@ public class Manager implements Signal { contact.number = source; } contact.profileKey = Base64.encodeBytes(message.getProfileKey().get()); + account.getContactStore().updateContact(contact); } if (message.getPreviews().isPresent()) { final List previews = message.getPreviews().get(); @@ -1217,16 +1430,13 @@ public class Manager implements Signal { Exception exception = null; final long now = new Date().getTime(); try { - envelope = messagePipe.read(timeout, unit, new SignalServiceMessagePipe.MessagePipeCallback() { - @Override - public void onMessage(SignalServiceEnvelope envelope) { - // store message on disk, before acknowledging receipt to the server - try { - File cacheFile = getMessageCacheFile(envelope.getSourceE164().get(), now, envelope.getTimestamp()); - Utils.storeEnvelope(envelope, cacheFile); - } catch (IOException e) { - System.err.println("Failed to store encrypted message in disk cache, ignoring: " + e.getMessage()); - } + envelope = messagePipe.read(timeout, unit, envelope1 -> { + // store message on disk, before acknowledging receipt to the server + try { + File cacheFile = getMessageCacheFile(envelope1.getSourceE164().get(), now, envelope1.getTimestamp()); + Utils.storeEnvelope(envelope1, cacheFile); + } catch (IOException e) { + System.err.println("Failed to store encrypted message in disk cache, ignoring: " + e.getMessage()); } }); } catch (TimeoutException e) { @@ -1356,7 +1566,9 @@ public class Manager implements Signal { syncGroup.name = g.getName().get(); } syncGroup.addMembers(g.getMembers()); - syncGroup.active = g.isActive(); + if (!g.isActive()) { + syncGroup.members.remove(username); + } syncGroup.blocked = g.isBlocked(); if (g.getColor().isPresent()) { syncGroup.color = g.getColor().get(); @@ -1572,7 +1784,7 @@ public class Manager implements Signal { ThreadInfo info = account.getThreadStore().getThread(Base64.encodeBytes(record.groupId)); out.write(new DeviceGroup(record.groupId, Optional.fromNullable(record.name), new ArrayList<>(record.getMembers()), createGroupAvatarAttachment(record.groupId), - record.active, Optional.fromNullable(info != null ? info.messageExpirationTime : null), + record.members.contains(username), Optional.fromNullable(info != null ? info.messageExpirationTime : null), Optional.fromNullable(record.color), record.blocked, Optional.fromNullable(record.inboxPosition), record.archived)); } } @@ -1633,10 +1845,10 @@ public class Manager implements Signal { if (account.getProfileKey() != null) { // Send our own profile key as well out.write(new DeviceContact(account.getSelfAddress(), - Optional.absent(), Optional.absent(), - Optional.absent(), Optional.absent(), + Optional.absent(), Optional.absent(), + Optional.absent(), Optional.absent(), Optional.of(account.getProfileKey()), - false, Optional.absent(), Optional.absent(), false)); + false, Optional.absent(), Optional.absent(), false)); } }