X-Git-Url: https://git.nmode.ca/signal-cli/blobdiff_plain/98dee97cc69b49c0c3b75bb8691ae7ccc266e4d2..17608ce5220142b979f777cbd1512416043f52bb:/src/main/java/org/asamk/signal/manager/helper/GroupHelper.java diff --git a/src/main/java/org/asamk/signal/manager/helper/GroupHelper.java b/src/main/java/org/asamk/signal/manager/helper/GroupHelper.java index 334cacd8..1f7e69e3 100644 --- a/src/main/java/org/asamk/signal/manager/helper/GroupHelper.java +++ b/src/main/java/org/asamk/signal/manager/helper/GroupHelper.java @@ -2,24 +2,38 @@ package org.asamk.signal.manager.helper; import com.google.protobuf.InvalidProtocolBufferException; +import org.asamk.signal.storage.groups.GroupInfoV2; +import org.asamk.signal.util.IOUtils; import org.signal.storageservice.protos.groups.GroupChange; import org.signal.storageservice.protos.groups.Member; import org.signal.storageservice.protos.groups.local.DecryptedGroup; import org.signal.storageservice.protos.groups.local.DecryptedGroupChange; +import org.signal.storageservice.protos.groups.local.DecryptedPendingMember; +import org.signal.zkgroup.InvalidInputException; import org.signal.zkgroup.VerificationFailedException; import org.signal.zkgroup.groups.GroupMasterKey; import org.signal.zkgroup.groups.GroupSecretParams; +import org.signal.zkgroup.groups.UuidCiphertext; import org.signal.zkgroup.profiles.ProfileKeyCredential; +import org.whispersystems.libsignal.util.Pair; import org.whispersystems.libsignal.util.guava.Optional; import org.whispersystems.signalservice.api.groupsv2.DecryptedGroupUtil; import org.whispersystems.signalservice.api.groupsv2.GroupCandidate; +import org.whispersystems.signalservice.api.groupsv2.GroupsV2Api; +import org.whispersystems.signalservice.api.groupsv2.GroupsV2AuthorizationString; import org.whispersystems.signalservice.api.groupsv2.GroupsV2Operations; import org.whispersystems.signalservice.api.groupsv2.InvalidGroupStateException; import org.whispersystems.signalservice.api.groupsv2.NotAbleToApplyGroupV2ChangeException; import org.whispersystems.signalservice.api.push.SignalServiceAddress; +import org.whispersystems.signalservice.api.util.UuidUtil; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; import java.util.Collection; +import java.util.List; import java.util.Set; +import java.util.UUID; import java.util.stream.Collectors; public class GroupHelper { @@ -32,19 +46,69 @@ public class GroupHelper { private final GroupsV2Operations groupsV2Operations; + private final GroupsV2Api groupsV2Api; + + private final GroupAuthorizationProvider groupAuthorizationProvider; + public GroupHelper( final ProfileKeyCredentialProvider profileKeyCredentialProvider, final ProfileProvider profileProvider, final SelfAddressProvider selfAddressProvider, - final GroupsV2Operations groupsV2Operations + final GroupsV2Operations groupsV2Operations, + final GroupsV2Api groupsV2Api, + final GroupAuthorizationProvider groupAuthorizationProvider ) { this.profileKeyCredentialProvider = profileKeyCredentialProvider; this.profileProvider = profileProvider; this.selfAddressProvider = selfAddressProvider; this.groupsV2Operations = groupsV2Operations; + this.groupsV2Api = groupsV2Api; + this.groupAuthorizationProvider = groupAuthorizationProvider; } - public GroupsV2Operations.NewGroup createGroupV2( + public GroupInfoV2 createGroupV2( + String name, Collection members, String avatarFile + ) throws IOException { + final byte[] avatarBytes = readAvatarBytes(avatarFile); + final GroupsV2Operations.NewGroup newGroup = buildNewGroupV2(name, members, avatarBytes); + if (newGroup == null) { + return null; + } + + final GroupSecretParams groupSecretParams = newGroup.getGroupSecretParams(); + + final GroupsV2AuthorizationString groupAuthForToday; + final DecryptedGroup decryptedGroup; + try { + groupAuthForToday = groupAuthorizationProvider.getAuthorizationForToday(groupSecretParams); + groupsV2Api.putNewGroup(newGroup, groupAuthForToday); + decryptedGroup = groupsV2Api.getGroup(groupSecretParams, groupAuthForToday); + } catch (IOException | VerificationFailedException | InvalidGroupStateException e) { + System.err.println("Failed to create V2 group: " + e.getMessage()); + return null; + } + if (decryptedGroup == null) { + System.err.println("Failed to create V2 group!"); + return null; + } + + final byte[] groupId = groupSecretParams.getPublicParams().getGroupIdentifier().serialize(); + final GroupMasterKey masterKey = groupSecretParams.getMasterKey(); + GroupInfoV2 g = new GroupInfoV2(groupId, masterKey); + g.setGroup(decryptedGroup); + + return g; + } + + private byte[] readAvatarBytes(final String avatarFile) throws IOException { + final byte[] avatarBytes; + try (InputStream avatar = avatarFile == null ? null : new FileInputStream(avatarFile)) { + avatarBytes = avatar == null ? null : IOUtils.readFully(avatar); + } + return avatarBytes; + } + + private GroupsV2Operations.NewGroup buildNewGroupV2( String name, Collection members, byte[] avatar ) { final ProfileKeyCredential profileKeyCredential = profileKeyCredentialProvider.getProfileKeyCredential( @@ -54,40 +118,177 @@ public class GroupHelper { return null; } + if (!areMembersValid(members)) return null; + + GroupCandidate self = new GroupCandidate(selfAddressProvider.getSelfAddress().getUuid().orNull(), + Optional.fromNullable(profileKeyCredential)); + Set candidates = members.stream() + .map(member -> new GroupCandidate(member.getUuid().get(), + Optional.fromNullable(profileKeyCredentialProvider.getProfileKeyCredential(member)))) + .collect(Collectors.toSet()); + + final GroupSecretParams groupSecretParams = GroupSecretParams.generate(); + return groupsV2Operations.createNewGroup(groupSecretParams, + name, + Optional.fromNullable(avatar), + self, + candidates, + Member.Role.DEFAULT, + 0); + } + + private boolean areMembersValid(final Collection members) { final int noUuidCapability = members.stream() .filter(address -> !address.getUuid().isPresent()) .collect(Collectors.toUnmodifiableSet()) .size(); if (noUuidCapability > 0) { System.err.println("Cannot create a V2 group as " + noUuidCapability + " members don't have a UUID."); - return null; + return false; } final int noGv2Capability = members.stream() .map(profileProvider::getProfile) - .filter(profile -> !profile.getCapabilities().gv2) + .filter(profile -> profile != null && !profile.getCapabilities().gv2) .collect(Collectors.toUnmodifiableSet()) .size(); if (noGv2Capability > 0) { System.err.println("Cannot create a V2 group as " + noGv2Capability + " members don't support Groups V2."); - return null; + return false; } - GroupCandidate self = new GroupCandidate(selfAddressProvider.getSelfAddress().getUuid().orNull(), - Optional.fromNullable(profileKeyCredential)); - Set candidates = members.stream() + return true; + } + + public Pair updateGroupV2( + GroupInfoV2 groupInfoV2, String name, String avatarFile + ) throws IOException { + final GroupSecretParams groupSecretParams = GroupSecretParams.deriveFromMasterKey(groupInfoV2.getMasterKey()); + GroupsV2Operations.GroupOperations groupOperations = groupsV2Operations.forGroup(groupSecretParams); + + GroupChange.Actions.Builder change = name != null + ? groupOperations.createModifyGroupTitle(name) + : GroupChange.Actions.newBuilder(); + + if (avatarFile != null) { + final byte[] avatarBytes = readAvatarBytes(avatarFile); + String avatarCdnKey = groupsV2Api.uploadAvatar(avatarBytes, + groupSecretParams, + groupAuthorizationProvider.getAuthorizationForToday(groupSecretParams)); + change.setModifyAvatar(GroupChange.Actions.ModifyAvatarAction.newBuilder().setAvatar(avatarCdnKey)); + } + + final Optional uuid = this.selfAddressProvider.getSelfAddress().getUuid(); + if (uuid.isPresent()) { + change.setSourceUuid(UuidUtil.toByteString(uuid.get())); + } + + return commitChange(groupInfoV2, change); + } + + public Pair updateGroupV2( + GroupInfoV2 groupInfoV2, Set newMembers + ) throws IOException { + final GroupSecretParams groupSecretParams = GroupSecretParams.deriveFromMasterKey(groupInfoV2.getMasterKey()); + GroupsV2Operations.GroupOperations groupOperations = groupsV2Operations.forGroup(groupSecretParams); + + if (!areMembersValid(newMembers)) return null; + + Set candidates = newMembers.stream() .map(member -> new GroupCandidate(member.getUuid().get(), Optional.fromNullable(profileKeyCredentialProvider.getProfileKeyCredential(member)))) .collect(Collectors.toSet()); - final GroupSecretParams groupSecretParams = GroupSecretParams.generate(); - return groupsV2Operations.createNewGroup(groupSecretParams, - name, - Optional.fromNullable(avatar), - self, - candidates, - Member.Role.DEFAULT, - 0); + final GroupChange.Actions.Builder change = groupOperations.createModifyGroupMembershipChange(candidates, + selfAddressProvider.getSelfAddress().getUuid().get()); + + final Optional uuid = this.selfAddressProvider.getSelfAddress().getUuid(); + if (uuid.isPresent()) { + change.setSourceUuid(UuidUtil.toByteString(uuid.get())); + } + + return commitChange(groupInfoV2, change); + } + + public Pair leaveGroup(GroupInfoV2 groupInfoV2) throws IOException { + List pendingMembersList = groupInfoV2.getGroup().getPendingMembersList(); + final UUID selfUuid = selfAddressProvider.getSelfAddress().getUuid().get(); + Optional selfPendingMember = DecryptedGroupUtil.findPendingByUuid(pendingMembersList, + selfUuid); + + if (selfPendingMember.isPresent()) { + return revokeInvites(groupInfoV2, Set.of(selfPendingMember.get())); + } else { + return ejectMembers(groupInfoV2, Set.of(selfUuid)); + } + } + + public Pair acceptInvite(GroupInfoV2 groupInfoV2) throws IOException { + final GroupSecretParams groupSecretParams = GroupSecretParams.deriveFromMasterKey(groupInfoV2.getMasterKey()); + final GroupsV2Operations.GroupOperations groupOperations = groupsV2Operations.forGroup(groupSecretParams); + + final SignalServiceAddress selfAddress = this.selfAddressProvider.getSelfAddress(); + final ProfileKeyCredential profileKeyCredential = profileKeyCredentialProvider.getProfileKeyCredential( + selfAddress); + if (profileKeyCredential == null) { + throw new IOException("Cannot join a V2 group as self does not have a versioned profile"); + } + + final GroupChange.Actions.Builder change = groupOperations.createAcceptInviteChange(profileKeyCredential); + + final Optional uuid = selfAddress.getUuid(); + if (uuid.isPresent()) { + change.setSourceUuid(UuidUtil.toByteString(uuid.get())); + } + + return commitChange(groupInfoV2, change); + } + + public Pair revokeInvites( + GroupInfoV2 groupInfoV2, Set pendingMembers + ) throws IOException { + final GroupSecretParams groupSecretParams = GroupSecretParams.deriveFromMasterKey(groupInfoV2.getMasterKey()); + final GroupsV2Operations.GroupOperations groupOperations = groupsV2Operations.forGroup(groupSecretParams); + final Set uuidCipherTexts = pendingMembers.stream().map(member -> { + try { + return new UuidCiphertext(member.getUuidCipherText().toByteArray()); + } catch (InvalidInputException e) { + throw new AssertionError(e); + } + }).collect(Collectors.toSet()); + return commitChange(groupInfoV2, groupOperations.createRemoveInvitationChange(uuidCipherTexts)); + } + + public Pair ejectMembers(GroupInfoV2 groupInfoV2, Set uuids) throws IOException { + final GroupSecretParams groupSecretParams = GroupSecretParams.deriveFromMasterKey(groupInfoV2.getMasterKey()); + final GroupsV2Operations.GroupOperations groupOperations = groupsV2Operations.forGroup(groupSecretParams); + return commitChange(groupInfoV2, groupOperations.createRemoveMembersChange(uuids)); + } + + private Pair commitChange( + GroupInfoV2 groupInfoV2, GroupChange.Actions.Builder change + ) throws IOException { + final GroupSecretParams groupSecretParams = GroupSecretParams.deriveFromMasterKey(groupInfoV2.getMasterKey()); + final GroupsV2Operations.GroupOperations groupOperations = groupsV2Operations.forGroup(groupSecretParams); + final DecryptedGroup previousGroupState = groupInfoV2.getGroup(); + final int nextRevision = previousGroupState.getRevision() + 1; + final GroupChange.Actions changeActions = change.setRevision(nextRevision).build(); + final DecryptedGroupChange decryptedChange; + final DecryptedGroup decryptedGroupState; + + try { + decryptedChange = groupOperations.decryptChange(changeActions, + selfAddressProvider.getSelfAddress().getUuid().get()); + decryptedGroupState = DecryptedGroupUtil.apply(previousGroupState, decryptedChange); + } catch (VerificationFailedException | InvalidGroupStateException | NotAbleToApplyGroupV2ChangeException e) { + throw new IOException(e); + } + + GroupChange signedGroupChange = groupsV2Api.patchGroup(change.build(), + groupAuthorizationProvider.getAuthorizationForToday(groupSecretParams), + Optional.absent()); + + return new Pair<>(decryptedGroupState, signedGroupChange); } public DecryptedGroup getUpdatedDecryptedGroup(