From 074e46b2d9d63c09e23c5b6723d1c9eb7dc7c6bf Mon Sep 17 00:00:00 2001 From: Moxie Marlinspike Date: Fri, 23 Jun 2017 13:57:38 -0700 Subject: [PATCH] Enable verification syncing // FREEBIE --- build.gradle | 6 +- .../securesms/database/IdentityDatabase.java | 11 ++- .../jobs/MultiDeviceContactUpdateJob.java | 46 ++++++++-- .../jobs/MultiDeviceVerifiedUpdateJob.java | 86 ++++-------------- .../securesms/jobs/PushDecryptJob.java | 10 +-- .../securesms/jobs/RetrieveProfileJob.java | 24 +---- .../securesms/util/IdentityUtil.java | 89 ++++++++++++------- 7 files changed, 128 insertions(+), 144 deletions(-) diff --git a/build.gradle b/build.gradle index ba98482773..e8248448f9 100644 --- a/build.gradle +++ b/build.gradle @@ -61,7 +61,7 @@ dependencies { compile 'org.whispersystems:jobmanager:1.0.2' compile 'org.whispersystems:libpastelog:1.0.7' - compile 'org.whispersystems:signal-service-android:2.5.12' + compile 'org.whispersystems:signal-service-android:2.5.13' compile 'org.whispersystems:webrtc-android:M59-S1' compile "me.leolin:ShortcutBadger:1.1.16" @@ -135,7 +135,7 @@ dependencyVerification { 'com.google.android.exoplayer:exoplayer:955085aa611a8f7cf6c61b88ae03d1a392f4ad94c9bfbc153f3dedb9ffb14718', 'org.whispersystems:jobmanager:506f679fc2fcf7bb6d10f00f41d6f6ea0abf75c70dc95b913398661ad538a181', 'org.whispersystems:libpastelog:bb331d9a98240fc139101128ba836c1edec3c40e000597cdbb29ebf4cbf34d88', - 'org.whispersystems:signal-service-android:dd60243b3775041fe974b319cbfd8842e565d5f29b6b4e8df9972594a79282c7', + 'org.whispersystems:signal-service-android:5f078143d8a9ef3187e104827473cf73d502a5f6bd032144e06a23ef1e4c3364', 'org.whispersystems:webrtc-android:de647643afbbea45a26a4f24db75aa10bc8de45426e8eb0d9d563cc10af4f582', 'me.leolin:ShortcutBadger:e3cb3e7625892129b0c92dd5e4bc649faffdd526d5af26d9c45ee31ff8851774', 'se.emilsjolander:stickylistheaders:a08ca948aa6b220f09d82f16bbbac395f6b78897e9eeac6a9f0b0ba755928eeb', @@ -169,7 +169,7 @@ dependencyVerification { 'com.google.android.gms:play-services-base:0ca636a8fc9a5af45e607cdcd61783bf5d561cbbb0f862021ce69606eee5ad49', 'com.google.android.gms:play-services-basement:95dd882c5ffba15b9a99de3fefb05d3a01946623af67454ca00055d222f85a8d', 'com.google.android.gms:play-services-iid:54e919f9957b8b7820da7ee9b83471d00d0cac1cf08ddea8b5b41aea80bb1a70', - 'org.whispersystems:signal-service-java:3e4c0cbdbbd4acfb1e83122560800e3132b84103f3a957edaafe368adf2bf655', + 'org.whispersystems:signal-service-java:9589ed4a8b50657d1fb4a2d91b2a7c0ef63ff26c878871584558260581eb5b5c', 'org.whispersystems:signal-protocol-android:b05cd9570d2e262afeb6610b70f473a936c54dd23a7c967d76e8f288766731fd', 'com.nineoldandroids:library:68025a14e3e7673d6ad2f95e4b46d78d7d068343aa99256b686fe59de1b3163a', 'javax.inject:javax.inject:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff', diff --git a/src/org/thoughtcrime/securesms/database/IdentityDatabase.java b/src/org/thoughtcrime/securesms/database/IdentityDatabase.java index e477e0ac0f..13b2293aa9 100644 --- a/src/org/thoughtcrime/securesms/database/IdentityDatabase.java +++ b/src/org/thoughtcrime/securesms/database/IdentityDatabase.java @@ -142,9 +142,14 @@ public class IdentityDatabase extends Database { ContentValues contentValues = new ContentValues(1); contentValues.put(VERIFIED, verifiedStatus.toInt()); - database.update(TABLE_NAME, contentValues, RECIPIENT + " = ? AND " + IDENTITY_KEY + " = ?", - new String[] {String.valueOf(recipientId), - Base64.encodeBytes(identityKey.serialize())}); + int updated = database.update(TABLE_NAME, contentValues, RECIPIENT + " = ? AND " + IDENTITY_KEY + " = ?", + new String[] {String.valueOf(recipientId), + Base64.encodeBytes(identityKey.serialize())}); + + if (updated > 0) { + Optional record = getIdentity(recipientId); + if (record.isPresent()) EventBus.getDefault().post(record.get()); + } } private IdentityRecord getIdentityRecord(@NonNull Cursor cursor) throws IOException, InvalidKeyException { diff --git a/src/org/thoughtcrime/securesms/jobs/MultiDeviceContactUpdateJob.java b/src/org/thoughtcrime/securesms/jobs/MultiDeviceContactUpdateJob.java index 652ec00dd9..8ee0bb751f 100644 --- a/src/org/thoughtcrime/securesms/jobs/MultiDeviceContactUpdateJob.java +++ b/src/org/thoughtcrime/securesms/jobs/MultiDeviceContactUpdateJob.java @@ -13,6 +13,8 @@ import android.util.Log; import org.thoughtcrime.securesms.contacts.ContactAccessor; import org.thoughtcrime.securesms.contacts.ContactAccessor.ContactData; import org.thoughtcrime.securesms.crypto.MasterSecret; +import org.thoughtcrime.securesms.database.DatabaseFactory; +import org.thoughtcrime.securesms.database.IdentityDatabase; import org.thoughtcrime.securesms.dependencies.InjectableType; import org.thoughtcrime.securesms.dependencies.SignalCommunicationModule.SignalMessageSenderFactory; import org.thoughtcrime.securesms.jobs.requirements.MasterSecretRequirement; @@ -23,6 +25,7 @@ import org.thoughtcrime.securesms.util.TextSecurePreferences; import org.thoughtcrime.securesms.util.Util; import org.whispersystems.jobqueue.JobParameters; import org.whispersystems.jobqueue.requirements.NetworkRequirement; +import org.whispersystems.libsignal.IdentityKey; import org.whispersystems.libsignal.util.guava.Optional; import org.whispersystems.signalservice.api.SignalServiceMessageSender; import org.whispersystems.signalservice.api.crypto.UntrustedIdentityException; @@ -32,6 +35,7 @@ import org.whispersystems.signalservice.api.messages.multidevice.ContactsMessage import org.whispersystems.signalservice.api.messages.multidevice.DeviceContact; import org.whispersystems.signalservice.api.messages.multidevice.DeviceContactsOutputStream; import org.whispersystems.signalservice.api.messages.multidevice.SignalServiceSyncMessage; +import org.whispersystems.signalservice.api.messages.multidevice.VerifiedMessage; import org.whispersystems.signalservice.api.push.exceptions.PushNetworkException; import org.whispersystems.signalservice.api.util.InvalidNumberException; @@ -89,13 +93,16 @@ public class MultiDeviceContactUpdateJob extends MasterSecretJob implements Inje File contactDataFile = createTempFile("multidevice-contact-update"); try { - DeviceContactsOutputStream out = new DeviceContactsOutputStream(new FileOutputStream(contactDataFile)); - Recipient recipient = RecipientFactory.getRecipientForId(context, recipientId, false); + DeviceContactsOutputStream out = new DeviceContactsOutputStream(new FileOutputStream(contactDataFile)); + Recipient recipient = RecipientFactory.getRecipientForId(context, recipientId, false); + Optional identityRecord = DatabaseFactory.getIdentityDatabase(context).getIdentity(recipientId); + Optional verifiedMessage = getVerifiedMessage(recipient, identityRecord); out.write(new DeviceContact(Util.canonicalizeNumber(context, recipient.getNumber()), Optional.fromNullable(recipient.getName()), getAvatar(recipient.getContactUri()), - Optional.fromNullable(recipient.getColor().serialize()))); + Optional.fromNullable(recipient.getColor().serialize()), + verifiedMessage)); out.close(); sendUpdate(messageSender, contactDataFile, false); @@ -118,12 +125,15 @@ public class MultiDeviceContactUpdateJob extends MasterSecretJob implements Inje Collection contacts = ContactAccessor.getInstance().getContactsWithPush(context); for (ContactData contactData : contacts) { - Uri contactUri = Uri.withAppendedPath(ContactsContract.Contacts.CONTENT_URI, String.valueOf(contactData.id)); - String number = Util.canonicalizeNumber(context, contactData.numbers.get(0).number); - Optional name = Optional.fromNullable(contactData.name); - Optional color = getColor(number); - - out.write(new DeviceContact(number, name, getAvatar(contactUri), color)); + Uri contactUri = Uri.withAppendedPath(ContactsContract.Contacts.CONTENT_URI, String.valueOf(contactData.id)); + String number = Util.canonicalizeNumber(context, contactData.numbers.get(0).number); + Recipient recipient = RecipientFactory.getRecipientsFromString(context, number, true).getPrimaryRecipient(); + Optional identity = DatabaseFactory.getIdentityDatabase(context).getIdentity(recipient.getRecipientId()); + Optional verified = getVerifiedMessage(recipient, identity); + Optional name = Optional.fromNullable(contactData.name); + Optional color = getColor(number); + + out.write(new DeviceContact(number, name, getAvatar(contactUri), color, verified)); } out.close(); @@ -232,6 +242,24 @@ public class MultiDeviceContactUpdateJob extends MasterSecretJob implements Inje } } + private Optional getVerifiedMessage(Recipient recipient, Optional identity) throws InvalidNumberException { + if (!identity.isPresent()) return Optional.absent(); + + String destination = Util.canonicalizeNumber(context, recipient.getNumber()); + IdentityKey identityKey = identity.get().getIdentityKey(); + + VerifiedMessage.VerifiedState state; + + switch (identity.get().getVerifiedStatus()) { + case VERIFIED: state = VerifiedMessage.VerifiedState.VERIFIED; break; + case UNVERIFIED: state = VerifiedMessage.VerifiedState.UNVERIFIED; break; + case DEFAULT: state = VerifiedMessage.VerifiedState.DEFAULT; break; + default: throw new AssertionError("Unknown state: " + identity.get().getVerifiedStatus()); + } + + return Optional.of(new VerifiedMessage(destination, identityKey, state, System.currentTimeMillis())); + } + private File createTempFile(String prefix) throws IOException { File file = File.createTempFile(prefix, "tmp", context.getCacheDir()); file.deleteOnExit(); diff --git a/src/org/thoughtcrime/securesms/jobs/MultiDeviceVerifiedUpdateJob.java b/src/org/thoughtcrime/securesms/jobs/MultiDeviceVerifiedUpdateJob.java index 45d7ef5203..6dee591a93 100644 --- a/src/org/thoughtcrime/securesms/jobs/MultiDeviceVerifiedUpdateJob.java +++ b/src/org/thoughtcrime/securesms/jobs/MultiDeviceVerifiedUpdateJob.java @@ -2,17 +2,11 @@ package org.thoughtcrime.securesms.jobs; import android.content.Context; -import android.database.Cursor; import android.util.Log; -import org.thoughtcrime.securesms.database.DatabaseFactory; -import org.thoughtcrime.securesms.database.IdentityDatabase; -import org.thoughtcrime.securesms.database.IdentityDatabase.IdentityRecord; import org.thoughtcrime.securesms.database.IdentityDatabase.VerifiedStatus; import org.thoughtcrime.securesms.dependencies.InjectableType; import org.thoughtcrime.securesms.dependencies.SignalCommunicationModule; -import org.thoughtcrime.securesms.recipients.Recipient; -import org.thoughtcrime.securesms.recipients.RecipientFactory; import org.thoughtcrime.securesms.util.TextSecurePreferences; import org.thoughtcrime.securesms.util.Util; import org.whispersystems.jobqueue.JobParameters; @@ -27,8 +21,6 @@ import org.whispersystems.signalservice.api.push.exceptions.PushNetworkException import org.whispersystems.signalservice.api.util.InvalidNumberException; import java.io.IOException; -import java.util.LinkedList; -import java.util.List; import javax.inject.Inject; @@ -44,6 +36,7 @@ public class MultiDeviceVerifiedUpdateJob extends ContextJob implements Injectab private final String destination; private final byte[] identityKey; private final VerifiedStatus verifiedStatus; + private final long timestamp; public MultiDeviceVerifiedUpdateJob(Context context, String destination, IdentityKey identityKey, VerifiedStatus verifiedStatus) { super(context, JobParameters.newBuilder() @@ -55,71 +48,30 @@ public class MultiDeviceVerifiedUpdateJob extends ContextJob implements Injectab this.destination = destination; this.identityKey = identityKey.serialize(); this.verifiedStatus = verifiedStatus; + this.timestamp = System.currentTimeMillis(); } - public MultiDeviceVerifiedUpdateJob(Context context) { - super(context, JobParameters.newBuilder() - .withRequirement(new NetworkRequirement(context)) - .withPersistence() - .withGroupId("__MULTI_DEVICE_VERIFIED_UPDATE__") - .create()); - this.destination = null; - this.identityKey = null; - this.verifiedStatus = null; - } - - @Override public void onRun() throws IOException, UntrustedIdentityException { -// try { -// if (!TextSecurePreferences.isMultiDevice(context)) { -// Log.w(TAG, "Not multi device..."); -// return; -// } -// -// if (destination != null) sendSpecificUpdate(destination, identityKey, verifiedStatus); -// else sendFullUpdate(); -// -// } catch (InvalidNumberException | InvalidKeyException e) { -// throw new IOException(e); -// } - } - - private void sendSpecificUpdate(String destination, byte[] identityKey, VerifiedStatus verifiedStatus) - throws IOException, UntrustedIdentityException, InvalidNumberException, InvalidKeyException - { - String canonicalDestination = Util.canonicalizeNumber(context, destination); - VerifiedMessage.VerifiedState verifiedState = getVerifiedState(verifiedStatus); - SignalServiceMessageSender messageSender = messageSenderFactory.create(); - VerifiedMessage verifiedMessage = new VerifiedMessage(canonicalDestination, new IdentityKey(identityKey, 0), verifiedState); - - messageSender.sendMessage(SignalServiceSyncMessage.forVerified(verifiedMessage)); - } - - private void sendFullUpdate() throws IOException, UntrustedIdentityException, InvalidNumberException { - IdentityDatabase identityDatabase = DatabaseFactory.getIdentityDatabase(context); - IdentityDatabase.IdentityReader reader = identityDatabase.readerFor(identityDatabase.getIdentities()); - List verifiedMessages = new LinkedList<>(); - try { - IdentityRecord identityRecord; - - while (reader != null && (identityRecord = reader.getNext()) != null) { - if (identityRecord.getVerifiedStatus() != VerifiedStatus.DEFAULT) { - Recipient recipient = RecipientFactory.getRecipientForId(context, identityRecord.getRecipientId(), true); - String destination = Util.canonicalizeNumber(context, recipient.getNumber()); - VerifiedMessage.VerifiedState verifiedState = getVerifiedState(identityRecord.getVerifiedStatus()); + if (!TextSecurePreferences.isMultiDevice(context)) { + Log.w(TAG, "Not multi device..."); + return; + } - verifiedMessages.add(new VerifiedMessage(destination, identityRecord.getIdentityKey(), verifiedState)); - } + if (destination == null) { + Log.w(TAG, "No destination..."); + return; } - } finally { - if (reader != null) reader.close(); - } - if (!verifiedMessages.isEmpty()) { - SignalServiceMessageSender messageSender = messageSenderFactory.create(); - messageSender.sendMessage(SignalServiceSyncMessage.forVerified(verifiedMessages)); + String canonicalDestination = Util.canonicalizeNumber(context, destination); + VerifiedMessage.VerifiedState verifiedState = getVerifiedState(verifiedStatus); + SignalServiceMessageSender messageSender = messageSenderFactory.create(); + VerifiedMessage verifiedMessage = new VerifiedMessage(canonicalDestination, new IdentityKey(identityKey, 0), verifiedState, timestamp); + + messageSender.sendMessage(SignalServiceSyncMessage.forVerified(verifiedMessage)); + } catch (InvalidNumberException | InvalidKeyException e) { + throw new IOException(e); } } @@ -127,8 +79,8 @@ public class MultiDeviceVerifiedUpdateJob extends ContextJob implements Injectab VerifiedMessage.VerifiedState verifiedState; switch (status) { - case DEFAULT: verifiedState = VerifiedMessage.VerifiedState.DEFAULT; break; - case VERIFIED: verifiedState = VerifiedMessage.VerifiedState.VERIFIED; break; + case DEFAULT: verifiedState = VerifiedMessage.VerifiedState.DEFAULT; break; + case VERIFIED: verifiedState = VerifiedMessage.VerifiedState.VERIFIED; break; case UNVERIFIED: verifiedState = VerifiedMessage.VerifiedState.UNVERIFIED; break; default: throw new AssertionError("Unknown status: " + verifiedStatus); } diff --git a/src/org/thoughtcrime/securesms/jobs/PushDecryptJob.java b/src/org/thoughtcrime/securesms/jobs/PushDecryptJob.java index 9f6db7e0c6..0aac763dea 100644 --- a/src/org/thoughtcrime/securesms/jobs/PushDecryptJob.java +++ b/src/org/thoughtcrime/securesms/jobs/PushDecryptJob.java @@ -392,11 +392,9 @@ public class PushDecryptJob extends ContextJob { } private void handleSynchronizeVerifiedMessage(@NonNull MasterSecretUnion masterSecret, - @NonNull List verifiedMessages) + @NonNull VerifiedMessage verifiedMessage) { -// for (VerifiedMessage verifiedMessage : verifiedMessages) { -// IdentityUtil.processVerifiedMessage(context, masterSecret, verifiedMessage); -// } + IdentityUtil.processVerifiedMessage(context, masterSecret, verifiedMessage); } private void handleSynchronizeSentMessage(@NonNull MasterSecretUnion masterSecret, @@ -440,10 +438,6 @@ public class PushDecryptJob extends ContextJob { ApplicationContext.getInstance(context) .getJobManager() .add(new MultiDeviceContactUpdateJob(getContext())); - - ApplicationContext.getInstance(context) - .getJobManager() - .add(new MultiDeviceVerifiedUpdateJob(getContext())); } if (message.isGroupsRequest()) { diff --git a/src/org/thoughtcrime/securesms/jobs/RetrieveProfileJob.java b/src/org/thoughtcrime/securesms/jobs/RetrieveProfileJob.java index f8eaa46871..285aeadeef 100644 --- a/src/org/thoughtcrime/securesms/jobs/RetrieveProfileJob.java +++ b/src/org/thoughtcrime/securesms/jobs/RetrieveProfileJob.java @@ -6,8 +6,6 @@ import android.support.annotation.NonNull; import android.text.TextUtils; import android.util.Log; -import org.thoughtcrime.securesms.crypto.storage.TextSecureIdentityKeyStore; -import org.thoughtcrime.securesms.crypto.storage.TextSecureSessionStore; import org.thoughtcrime.securesms.database.DatabaseFactory; import org.thoughtcrime.securesms.dependencies.InjectableType; import org.thoughtcrime.securesms.recipients.Recipient; @@ -16,14 +14,11 @@ import org.thoughtcrime.securesms.recipients.Recipients; import org.thoughtcrime.securesms.service.MessageRetrievalService; import org.thoughtcrime.securesms.util.Base64; import org.thoughtcrime.securesms.util.GroupUtil; +import org.thoughtcrime.securesms.util.IdentityUtil; import org.thoughtcrime.securesms.util.Util; import org.whispersystems.jobqueue.JobParameters; import org.whispersystems.libsignal.IdentityKey; import org.whispersystems.libsignal.InvalidKeyException; -import org.whispersystems.libsignal.SignalProtocolAddress; -import org.whispersystems.libsignal.state.IdentityKeyStore; -import org.whispersystems.libsignal.state.SessionRecord; -import org.whispersystems.libsignal.state.SessionStore; import org.whispersystems.signalservice.api.SignalServiceMessagePipe; import org.whispersystems.signalservice.api.SignalServiceMessageReceiver; import org.whispersystems.signalservice.api.push.SignalServiceAddress; @@ -34,8 +29,6 @@ import java.io.IOException; import javax.inject.Inject; -import static org.whispersystems.libsignal.SessionCipher.SESSION_LOCK; - public class RetrieveProfileJob extends ContextJob implements InjectableType { private static final String TAG = RetrieveProfileJob.class.getSimpleName(); @@ -98,20 +91,7 @@ public class RetrieveProfileJob extends ContextJob implements InjectableType { return; } - synchronized (SESSION_LOCK) { - IdentityKeyStore identityKeyStore = new TextSecureIdentityKeyStore(context); - SessionStore sessionStore = new TextSecureSessionStore(context); - SignalProtocolAddress address = new SignalProtocolAddress(number, 1); - - if (identityKeyStore.saveIdentity(address, identityKey)) { - if (sessionStore.containsSession(address)) { - SessionRecord sessionRecord = sessionStore.loadSession(address); - sessionRecord.archiveCurrentState(); - - sessionStore.storeSession(address, sessionRecord); - } - } - } + IdentityUtil.saveIdentity(context, number, identityKey); } private void handleGroupRecipient(Recipient group) diff --git a/src/org/thoughtcrime/securesms/util/IdentityUtil.java b/src/org/thoughtcrime/securesms/util/IdentityUtil.java index 69f8863f9c..214e8e6b34 100644 --- a/src/org/thoughtcrime/securesms/util/IdentityUtil.java +++ b/src/org/thoughtcrime/securesms/util/IdentityUtil.java @@ -10,6 +10,8 @@ import android.util.Log; import org.thoughtcrime.securesms.R; import org.thoughtcrime.securesms.crypto.MasterSecretUnion; +import org.thoughtcrime.securesms.crypto.storage.TextSecureIdentityKeyStore; +import org.thoughtcrime.securesms.crypto.storage.TextSecureSessionStore; import org.thoughtcrime.securesms.database.DatabaseFactory; import org.thoughtcrime.securesms.database.GroupDatabase; import org.thoughtcrime.securesms.database.IdentityDatabase; @@ -29,6 +31,11 @@ import org.thoughtcrime.securesms.sms.OutgoingIdentityVerifiedMessage; import org.thoughtcrime.securesms.sms.OutgoingTextMessage; import org.thoughtcrime.securesms.util.concurrent.ListenableFuture; import org.thoughtcrime.securesms.util.concurrent.SettableFuture; +import org.whispersystems.libsignal.IdentityKey; +import org.whispersystems.libsignal.SignalProtocolAddress; +import org.whispersystems.libsignal.state.IdentityKeyStore; +import org.whispersystems.libsignal.state.SessionRecord; +import org.whispersystems.libsignal.state.SessionStore; import org.whispersystems.libsignal.util.guava.Optional; import org.whispersystems.signalservice.api.messages.SignalServiceGroup; import org.whispersystems.signalservice.api.messages.multidevice.VerifiedMessage; @@ -126,38 +133,6 @@ public class IdentityUtil { } } - public static void processVerifiedMessage(Context context, MasterSecretUnion masterSecret, VerifiedMessage verifiedMessage) { - synchronized (SESSION_LOCK) { - IdentityDatabase identityDatabase = DatabaseFactory.getIdentityDatabase(context); - Recipient recipient = RecipientFactory.getRecipientsFromString(context, verifiedMessage.getDestination(), true).getPrimaryRecipient(); - Optional identityRecord = identityDatabase.getIdentity(recipient.getRecipientId()); - - if (!identityRecord.isPresent() && verifiedMessage.getVerified() == VerifiedMessage.VerifiedState.DEFAULT) { - Log.w(TAG, "No existing record for default status"); - return; - } - - if (identityRecord.isPresent() && - identityRecord.get().getIdentityKey().equals(verifiedMessage.getIdentityKey()) && - identityRecord.get().getVerifiedStatus() != IdentityDatabase.VerifiedStatus.DEFAULT && - verifiedMessage.getVerified() == VerifiedMessage.VerifiedState.DEFAULT) - { - identityDatabase.setVerified(recipient.getRecipientId(), identityRecord.get().getIdentityKey(), IdentityDatabase.VerifiedStatus.DEFAULT); - markIdentityVerified(context, masterSecret, recipient, false, true); - } - - if (verifiedMessage.getVerified() == VerifiedMessage.VerifiedState.VERIFIED && - (!identityRecord.isPresent() || - (identityRecord.isPresent() && !identityRecord.get().getIdentityKey().equals(verifiedMessage.getIdentityKey())) || - (identityRecord.isPresent() && identityRecord.get().getVerifiedStatus() != IdentityDatabase.VerifiedStatus.VERIFIED))) - { - identityDatabase.saveIdentity(recipient.getRecipientId(), verifiedMessage.getIdentityKey(), - IdentityDatabase.VerifiedStatus.VERIFIED, false, System.currentTimeMillis(), true); - markIdentityVerified(context, masterSecret, recipient, true, true); - } - } - } - public static void markIdentityUpdate(Context context, Recipient recipient) { long time = System.currentTimeMillis(); SmsDatabase smsDatabase = DatabaseFactory.getSmsDatabase(context); @@ -193,6 +168,56 @@ public class IdentityUtil { } } + public static void saveIdentity(Context context, String number, IdentityKey identityKey) { + synchronized (SESSION_LOCK) { + IdentityKeyStore identityKeyStore = new TextSecureIdentityKeyStore(context); + SessionStore sessionStore = new TextSecureSessionStore(context); + SignalProtocolAddress address = new SignalProtocolAddress(number, 1); + + if (identityKeyStore.saveIdentity(address, identityKey)) { + if (sessionStore.containsSession(address)) { + SessionRecord sessionRecord = sessionStore.loadSession(address); + sessionRecord.archiveCurrentState(); + + sessionStore.storeSession(address, sessionRecord); + } + } + } + } + + public static void processVerifiedMessage(Context context, MasterSecretUnion masterSecret, VerifiedMessage verifiedMessage) { + synchronized (SESSION_LOCK) { + IdentityDatabase identityDatabase = DatabaseFactory.getIdentityDatabase(context); + Recipient recipient = RecipientFactory.getRecipientsFromString(context, verifiedMessage.getDestination(), true).getPrimaryRecipient(); + Optional identityRecord = identityDatabase.getIdentity(recipient.getRecipientId()); + + if (!identityRecord.isPresent() && verifiedMessage.getVerified() == VerifiedMessage.VerifiedState.DEFAULT) { + Log.w(TAG, "No existing record for default status"); + return; + } + + if (verifiedMessage.getVerified() == VerifiedMessage.VerifiedState.DEFAULT && + identityRecord.isPresent() && + identityRecord.get().getIdentityKey().equals(verifiedMessage.getIdentityKey()) && + identityRecord.get().getVerifiedStatus() != IdentityDatabase.VerifiedStatus.DEFAULT) + { + identityDatabase.setVerified(recipient.getRecipientId(), identityRecord.get().getIdentityKey(), IdentityDatabase.VerifiedStatus.DEFAULT); + markIdentityVerified(context, masterSecret, recipient, false, true); + } + + if (verifiedMessage.getVerified() == VerifiedMessage.VerifiedState.VERIFIED && + (!identityRecord.isPresent() || + (identityRecord.isPresent() && !identityRecord.get().getIdentityKey().equals(verifiedMessage.getIdentityKey())) || + (identityRecord.isPresent() && identityRecord.get().getVerifiedStatus() != IdentityDatabase.VerifiedStatus.VERIFIED))) + { + saveIdentity(context, verifiedMessage.getDestination(), verifiedMessage.getIdentityKey()); + identityDatabase.setVerified(recipient.getRecipientId(), verifiedMessage.getIdentityKey(), IdentityDatabase.VerifiedStatus.VERIFIED); + markIdentityVerified(context, masterSecret, recipient, true, true); + } + } + } + + public static @Nullable String getUnverifiedBannerDescription(@NonNull Context context, @NonNull List unverified) {