From 09d7d8c02722c4d1d9e2439c065ccf11c6f61930 Mon Sep 17 00:00:00 2001
From: Michael Kirk <michael.code@endoftheworl.de>
Date: Thu, 25 May 2017 10:39:13 -0700
Subject: [PATCH] Given a recipient id, returns any unconfirmed identity

// FREEBIE
---
 .../TSStorageManager+IdentityKeyStore.h       | 11 +++++++++
 .../TSStorageManager+IdentityKeyStore.m       | 23 +++++++++++++++++++
 2 files changed, 34 insertions(+)

diff --git a/src/Storage/AxolotlStore/TSStorageManager+IdentityKeyStore.h b/src/Storage/AxolotlStore/TSStorageManager+IdentityKeyStore.h
index 2733aeca7..841d7997a 100644
--- a/src/Storage/AxolotlStore/TSStorageManager+IdentityKeyStore.h
+++ b/src/Storage/AxolotlStore/TSStorageManager+IdentityKeyStore.h
@@ -7,6 +7,8 @@
 
 NS_ASSUME_NONNULL_BEGIN
 
+@class OWSRecipientIdentity;
+
 extern NSString *const TSStorageManagerTrustedKeysCollection;
 
 @interface TSStorageManager (IdentityKeyStore) <IdentityKeyStore>
@@ -29,6 +31,15 @@ extern NSString *const TSStorageManagerTrustedKeysCollection;
     approvedForBlockingUse:(BOOL)approvedForBlockingUse
  approvedForNonBlockingUse:(BOOL)approvedForNonBlockingUse;
 
+/**
+ * Check if a recipient identity corresponds to an untrusted identity
+ *
+ * @param   recipientId unique stable identifier for the recipient, e.g. e164 phone number
+ * @returns nil if the identity doesn't exist or if it's trusted
+ *          else returns the untrusted identity
+ */
+- (nullable OWSRecipientIdentity *)unconfirmedIdentityThatShouldBlockSendingForRecipientId:(NSString *)recipientId;
+
 - (void)generateNewIdentityKey;
 - (nullable NSData *)identityKeyForRecipientId:(NSString *)recipientId;
 - (void)removeIdentityKeyForRecipient:(NSString *)receipientId;
diff --git a/src/Storage/AxolotlStore/TSStorageManager+IdentityKeyStore.m b/src/Storage/AxolotlStore/TSStorageManager+IdentityKeyStore.m
index bca39d526..dbf6000e9 100644
--- a/src/Storage/AxolotlStore/TSStorageManager+IdentityKeyStore.m
+++ b/src/Storage/AxolotlStore/TSStorageManager+IdentityKeyStore.m
@@ -175,6 +175,29 @@ const NSTimeInterval kIdentityKeyStoreNonBlockingSecondsThreshold = 5.0;
     }
 }
 
+- (nullable OWSRecipientIdentity *)unconfirmedIdentityThatShouldBlockSendingForRecipientId:(NSString *)recipientId;
+{
+    OWSAssert(recipientId != nil);
+
+    @synchronized([[self class] sharedIdentityKeyLock])
+    {
+        OWSRecipientIdentity *currentIdentity = [OWSRecipientIdentity fetchObjectWithUniqueID:recipientId];
+        if (currentIdentity == nil) {
+            // No preexisting key, Trust On First Use
+            return nil;
+        }
+
+        if ([self isTrustedIdentityKey:currentIdentity.identityKey
+                           recipientId:currentIdentity.recipientId
+                             direction:TSMessageDirectionOutgoing]) {
+            return nil;
+        }
+
+        // identity not yet trusted for sending
+        return currentIdentity;
+    }
+}
+
 - (BOOL)isTrustedKey:(NSData *)identityKey forSendingToIdentity:(nullable OWSRecipientIdentity *)recipientIdentity
 {
     OWSAssert(identityKey != nil);