Signal/Android
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Android.git synced 2026-04-02 00:17:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Improve handling of validating unpopulated profile field.

Browse Source
This commit is contained in:
Greyson Parrelli
2026-03-30 16:38:48 -04:00
committed by Alex Hart
parent 172e3d129e
commit 080fa88bfb
1 changed files with 17 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
lib/libsignal-service/src/main/java/org/whispersystems/signalservice/api/profiles/ProfileApi.kt
View File

@@ -115,7 +115,7 @@ class ProfileApi(
* - 404: Recipient is not a registered Signal user * - 404: Recipient is not a registered Signal user
* - 429: Rate-limited * - 429: Rate-limited
*/ */
fun getVersionedProfileAndCredential(aci: ServiceId.ACI, profileKey: ProfileKey, sealedSenderAccess: SealedSenderAccess?): NetworkResult<Pair<SignalServiceProfile, ExpiringProfileKeyCredential>> { fun getVersionedProfileAndCredential(aci: ServiceId.ACI, profileKey: ProfileKey, sealedSenderAccess: SealedSenderAccess?): NetworkResult<Pair<SignalServiceProfile, ExpiringProfileKeyCredential?>> {
val profileVersion = profileKey.getProfileKeyVersion(aci.libSignalAci).serialize() val profileVersion = profileKey.getProfileKeyVersion(aci.libSignalAci).serialize()
val profileRequestContext = clientZkProfileOperations.createProfileKeyCredentialRequestContext(SecureRandom(), aci.libSignalAci, profileKey) val profileRequestContext = clientZkProfileOperations.createProfileKeyCredentialRequestContext(SecureRandom(), aci.libSignalAci, profileKey)
val serializedProfileRequest = Hex.toStringCondensed(profileRequestContext.request.serialize()) val serializedProfileRequest = Hex.toStringCondensed(profileRequestContext.request.serialize())
@@ -186,23 +186,28 @@ class ProfileApi(
private class ProfileAndCredentialResponseConverter( private class ProfileAndCredentialResponseConverter(
private val clientZkProfileOperations: ClientZkProfileOperations, private val clientZkProfileOperations: ClientZkProfileOperations,
private val requestContext: ProfileKeyCredentialRequestContext private val requestContext: ProfileKeyCredentialRequestContext
) : NetworkResult.WebSocketResponseConverter<Pair<SignalServiceProfile, ExpiringProfileKeyCredential>> { ) : NetworkResult.WebSocketResponseConverter<Pair<SignalServiceProfile, ExpiringProfileKeyCredential?>> {
override fun convert(response: WebsocketResponse): NetworkResult<Pair<SignalServiceProfile, ExpiringProfileKeyCredential>> { override fun convert(response: WebsocketResponse): NetworkResult<Pair<SignalServiceProfile, ExpiringProfileKeyCredential?>> {
if (response.status != 200) { if (response.status != 200) {
return response.toStatusCodeError() return response.toStatusCodeError()
} }
return try { return response
response .toSuccess(SignalServiceProfile::class)
.toSuccess(SignalServiceProfile::class) .map {
.map { if (it.expiringProfileKeyCredentialResponse != null) {
val credential = clientZkProfileOperations.receiveExpiringProfileKeyCredential(requestContext, it.expiringProfileKeyCredentialResponse) try {
it to credential val credential = clientZkProfileOperations.receiveExpiringProfileKeyCredential(requestContext, it.expiringProfileKeyCredentialResponse)
it to credential
} catch (_: VerificationFailedException) {
Log.w(TAG, "Failed to verify profile key credential! Ignoring it.")
it to null
}
} else {
it to null
} }
} catch (e: VerificationFailedException) { }
NetworkResult.ApplicationError(e)
}
} }
} }
} }