Sync PNI verification status to storage service.

2025-12-26 22:20:20 +00:00 · 2024-01-29 21:01:38 -05:00
parent 459607adae
commit 716afc98ac
11 changed files with 134 additions and 47 deletions
--- a/app/src/main/java/org/thoughtcrime/securesms/database/RecipientTable.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/database/RecipientTable.kt
@@ -33,6 +33,7 @@ import org.signal.core.util.requireLong
 import org.signal.core.util.requireNonNullString
 import org.signal.core.util.requireString
 import org.signal.core.util.select
+import org.signal.core.util.toInt
 import org.signal.core.util.update
 import org.signal.core.util.updateAll
 import org.signal.core.util.withinTransaction
@@ -183,6 +184,7 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
    const val REPORTING_TOKEN = "reporting_token"
    const val PHONE_NUMBER_SHARING = "phone_number_sharing"
    const val PHONE_NUMBER_DISCOVERABLE = "phone_number_discoverable"
+    const val PNI_SIGNATURE_VERIFIED = "pni_signature_verified"

    const val SEARCH_PROFILE_NAME = "search_signal_profile"
    const val SORT_NAME = "sort_name"
@@ -250,7 +252,8 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
        $NEEDS_PNI_SIGNATURE INTEGER DEFAULT 0,
        $REPORTING_TOKEN BLOB DEFAULT NULL,
        $PHONE_NUMBER_SHARING INTEGER DEFAULT ${PhoneNumberSharingState.UNKNOWN.id},
-        $PHONE_NUMBER_DISCOVERABLE INTEGER DEFAULT ${PhoneNumberDiscoverableState.UNKNOWN.id} 
+        $PHONE_NUMBER_DISCOVERABLE INTEGER DEFAULT ${PhoneNumberDiscoverableState.UNKNOWN.id},
+        $PNI_SIGNATURE_VERIFIED INTEGER DEFAULT 0
      )
      """

@@ -829,7 +832,7 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
    val recipientId: RecipientId
    if (id < 0) {
      Log.w(TAG, "[applyStorageSyncContactInsert] Failed to insert. Possibly merging.")
-      recipientId = getAndPossiblyMergePnpVerified(insert.aci.orNull(), insert.pni.orNull(), insert.number.orNull())
+      recipientId = getAndPossiblyMerge(aci = insert.aci.orNull(), pni = insert.pni.orNull(), e164 = insert.number.orNull(), pniVerified = insert.isPniSignatureVerified)
      db.update(TABLE_NAME, values, ID_WHERE, SqlUtil.buildArgs(recipientId))
    } else {
      recipientId = RecipientId.from(id)
@@ -867,7 +870,7 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
      var recipientId = getByColumn(STORAGE_SERVICE_ID, Base64.encodeWithPadding(update.old.id.raw)).get()

      Log.w(TAG, "[applyStorageSyncContactUpdate] Found user $recipientId. Possibly merging.")
-      recipientId = getAndPossiblyMergePnpVerified(update.new.aci.orElse(null), update.new.pni.orElse(null), update.new.number.orElse(null))
+      recipientId = getAndPossiblyMerge(aci = update.new.aci.orElse(null), pni = update.new.pni.orElse(null), e164 = update.new.number.orElse(null), pniVerified = update.new.isPniSignatureVerified)

      Log.w(TAG, "[applyStorageSyncContactUpdate] Merged into $recipientId")
      db.update(TABLE_NAME, values, ID_WHERE, SqlUtil.buildArgs(recipientId))
@@ -1113,6 +1116,7 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
      SYSTEM_NICKNAME,
      "$TABLE_NAME.$STORAGE_SERVICE_PROTO",
      "$TABLE_NAME.$UNREGISTERED_TIMESTAMP",
+      "$TABLE_NAME.$PNI_SIGNATURE_VERIFIED",
      "${GroupTable.TABLE_NAME}.${GroupTable.V2_MASTER_KEY}",
      "${ThreadTable.TABLE_NAME}.${ThreadTable.ARCHIVED}",
      "${ThreadTable.TABLE_NAME}.${ThreadTable.READ}",
@@ -2372,7 +2376,7 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
      }
    }

-    val finalId: RecipientId = writePnpChangeSetToDisk(changeSet, pni)
+    val finalId: RecipientId = writePnpChangeSetToDisk(changeSet, pni, pniVerified)

    return ProcessPnpTupleResult(
      finalId = finalId,
@@ -2386,7 +2390,7 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
  }

  @VisibleForTesting
-  fun writePnpChangeSetToDisk(changeSet: PnpChangeSet, inputPni: PNI?): RecipientId {
+  fun writePnpChangeSetToDisk(changeSet: PnpChangeSet, inputPni: PNI?, pniVerified: Boolean): RecipientId {
    var hadThreadMerge = false
    for (operation in changeSet.operations) {
      @Exhaustive
@@ -2402,7 +2406,10 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
        is PnpOperation.RemovePni -> {
          writableDatabase
            .update(TABLE_NAME)
-            .values(PNI_COLUMN to null)
+            .values(
+              PNI_COLUMN to null,
+              PNI_SIGNATURE_VERIFIED to 0
+            )
            .where("$ID = ?", operation.recipientId)
            .run()
        }
@@ -2413,7 +2420,8 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
            .values(
              ACI_COLUMN to operation.aci.toString(),
              REGISTERED to RegisteredState.REGISTERED.id,
-              UNREGISTERED_TIMESTAMP to 0
+              UNREGISTERED_TIMESTAMP to 0,
+              PNI_SIGNATURE_VERIFIED to pniVerified.toInt()
            )
            .where("$ID = ?", operation.recipientId)
            .run()
@@ -2433,14 +2441,15 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
            .values(
              PNI_COLUMN to operation.pni.toString(),
              REGISTERED to RegisteredState.REGISTERED.id,
-              UNREGISTERED_TIMESTAMP to 0
+              UNREGISTERED_TIMESTAMP to 0,
+              PNI_SIGNATURE_VERIFIED to 0
            )
            .where("$ID = ?", operation.recipientId)
            .run()
        }

        is PnpOperation.Merge -> {
-          val mergeResult: MergeResult = merge(operation.primaryId, operation.secondaryId, inputPni)
+          val mergeResult: MergeResult = merge(operation.primaryId, operation.secondaryId, inputPni, pniVerified)
          hadThreadMerge = hadThreadMerge || mergeResult.neededThreadMerge
        }

@@ -2519,7 +2528,7 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
      }

      is PnpIdResolver.PnpInsert -> {
-        val id: Long = writableDatabase.insert(TABLE_NAME, null, buildContentValuesForNewUser(changeSet.id.e164, changeSet.id.pni, changeSet.id.aci))
+        val id: Long = writableDatabase.insert(TABLE_NAME, null, buildContentValuesForNewUser(changeSet.id.e164, changeSet.id.pni, changeSet.id.aci, pniVerified))
        RecipientId.from(id)
      }
    }
@@ -3843,7 +3852,7 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
   * Merges one ACI recipient with an E164 recipient. It is assumed that the E164 recipient does
   * *not* have an ACI.
   */
-  private fun merge(primaryId: RecipientId, secondaryId: RecipientId, newPni: PNI? = null): MergeResult {
+  private fun merge(primaryId: RecipientId, secondaryId: RecipientId, newPni: PNI? = null, pniVerified: Boolean): MergeResult {
    ensureInTransaction()
    val db = writableDatabase
    val primaryRecord = getRecord(primaryId)
@@ -3904,7 +3913,8 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
      SYSTEM_CONTACT_URI to secondaryRecord.systemContactUri,
      PROFILE_SHARING to (primaryRecord.profileSharing || secondaryRecord.profileSharing),
      CAPABILITIES to max(primaryRecord.capabilities.rawBits, secondaryRecord.capabilities.rawBits),
-      MENTION_SETTING to if (primaryRecord.mentionSetting != MentionSetting.ALWAYS_NOTIFY) primaryRecord.mentionSetting.id else secondaryRecord.mentionSetting.id
+      MENTION_SETTING to if (primaryRecord.mentionSetting != MentionSetting.ALWAYS_NOTIFY) primaryRecord.mentionSetting.id else secondaryRecord.mentionSetting.id,
+      PNI_SIGNATURE_VERIFIED to pniVerified.toInt()
    )

    if (primaryRecord.profileSharing || secondaryRecord.profileSharing) {
@@ -3929,13 +3939,14 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
    check(writableDatabase.inTransaction()) { "Must be in a transaction!" }
  }

-  private fun buildContentValuesForNewUser(e164: String?, pni: PNI?, aci: ACI?): ContentValues {
+  private fun buildContentValuesForNewUser(e164: String?, pni: PNI?, aci: ACI?, pniVerified: Boolean): ContentValues {
    check(e164 != null || pni != null || aci != null) { "Must provide some sort of identifier!" }

    val values = contentValuesOf(
      E164 to e164,
      ACI_COLUMN to aci?.toString(),
      PNI_COLUMN to pni?.toString(),
+      PNI_SIGNATURE_VERIFIED to pniVerified.toInt(),
      STORAGE_SERVICE_ID to Base64.encodeWithPadding(StorageSyncHelper.generateKey()),
      AVATAR_COLOR to AvatarColorHash.forAddress((aci ?: pni)?.toString(), e164).serialize()
    )
@@ -3971,6 +3982,7 @@ open class RecipientTable(context: Context, databaseHelper: SignalDatabase) : Da
      put(MUTE_UNTIL, contact.muteUntil)
      put(STORAGE_SERVICE_ID, Base64.encodeWithPadding(contact.id.raw))
      put(HIDDEN, contact.isHidden)
+      put(PNI_SIGNATURE_VERIFIED, contact.isPniSignatureVerified.toInt())

      if (contact.hasUnknownFields()) {
        put(STORAGE_SERVICE_PROTO, Base64.encodeWithPadding(Objects.requireNonNull(contact.serializeUnknownFields())))
--- a/app/src/main/java/org/thoughtcrime/securesms/database/RecipientTableCursorUtil.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/database/RecipientTableCursorUtil.kt
@@ -209,25 +209,16 @@ object RecipientTableCursorUtil {
  }

  fun getSyncExtras(cursor: Cursor): RecipientRecord.SyncExtras {
-    val storageProtoRaw = cursor.optionalString(RecipientTable.STORAGE_SERVICE_PROTO).orElse(null)
-    val storageProto = if (storageProtoRaw != null) Base64.decodeOrThrow(storageProtoRaw) else null
-    val archived = cursor.optionalBoolean(ThreadTable.ARCHIVED).orElse(false)
-    val forcedUnread = cursor.optionalInt(ThreadTable.READ).map { status: Int -> status == ThreadTable.ReadStatus.FORCED_UNREAD.serialize() }.orElse(false)
-    val groupMasterKey = cursor.optionalBlob(GroupTable.V2_MASTER_KEY).map { GroupUtil.requireMasterKey(it) }.orElse(null)
-    val identityKey = cursor.optionalString(RecipientTable.IDENTITY_KEY).map { Base64.decodeOrThrow(it) }.orElse(null)
-    val identityStatus = cursor.optionalInt(RecipientTable.IDENTITY_STATUS).map { VerifiedStatus.forState(it) }.orElse(VerifiedStatus.DEFAULT)
-    val unregisteredTimestamp = cursor.optionalLong(RecipientTable.UNREGISTERED_TIMESTAMP).orElse(0)
-    val systemNickname = cursor.optionalString(RecipientTable.SYSTEM_NICKNAME).orElse(null)
-
    return RecipientRecord.SyncExtras(
-      storageProto = storageProto,
-      groupMasterKey = groupMasterKey,
-      identityKey = identityKey,
-      identityStatus = identityStatus,
-      isArchived = archived,
-      isForcedUnread = forcedUnread,
-      unregisteredTimestamp = unregisteredTimestamp,
-      systemNickname = systemNickname
+      storageProto = cursor.optionalString(RecipientTable.STORAGE_SERVICE_PROTO).orElse(null)?.let { Base64.decodeOrThrow(it) },
+      groupMasterKey = cursor.optionalBlob(GroupTable.V2_MASTER_KEY).map { GroupUtil.requireMasterKey(it) }.orElse(null),
+      identityKey = cursor.optionalString(RecipientTable.IDENTITY_KEY).map { Base64.decodeOrThrow(it) }.orElse(null),
+      identityStatus = cursor.optionalInt(RecipientTable.IDENTITY_STATUS).map { VerifiedStatus.forState(it) }.orElse(VerifiedStatus.DEFAULT),
+      isArchived = cursor.optionalBoolean(ThreadTable.ARCHIVED).orElse(false),
+      isForcedUnread = cursor.optionalInt(ThreadTable.READ).map { status: Int -> status == ThreadTable.ReadStatus.FORCED_UNREAD.serialize() }.orElse(false),
+      unregisteredTimestamp = cursor.optionalLong(RecipientTable.UNREGISTERED_TIMESTAMP).orElse(0),
+      systemNickname = cursor.optionalString(RecipientTable.SYSTEM_NICKNAME).orElse(null),
+      pniSignatureVerified = cursor.optionalBoolean(RecipientTable.PNI_SIGNATURE_VERIFIED).orElse(false)
    )
  }

--- a/app/src/main/java/org/thoughtcrime/securesms/database/helpers/SignalDatabaseMigrations.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/database/helpers/SignalDatabaseMigrations.kt
@@ -75,6 +75,7 @@ import org.thoughtcrime.securesms.database.helpers.migration.V214_PhoneNumberSha
 import org.thoughtcrime.securesms.database.helpers.migration.V215_RemoveAttachmentUniqueId
 import org.thoughtcrime.securesms.database.helpers.migration.V216_PhoneNumberDiscoverable
 import org.thoughtcrime.securesms.database.helpers.migration.V217_MessageTableExtrasColumn
+import org.thoughtcrime.securesms.database.helpers.migration.V218_RecipientPniSignatureVerified

 /**
 * Contains all of the database migrations for [SignalDatabase]. Broken into a separate file for cleanliness.
@@ -152,10 +153,11 @@ object SignalDatabaseMigrations {
    214 to V214_PhoneNumberSharingColumn,
    215 to V215_RemoveAttachmentUniqueId,
    216 to V216_PhoneNumberDiscoverable,
-    217 to V217_MessageTableExtrasColumn
+    217 to V217_MessageTableExtrasColumn,
+    218 to V218_RecipientPniSignatureVerified
  )

-  const val DATABASE_VERSION = 217
+  const val DATABASE_VERSION = 218

  @JvmStatic
  fun migrate(context: Application, db: SQLiteDatabase, oldVersion: Int, newVersion: Int) {
--- a/app/src/main/java/org/thoughtcrime/securesms/database/helpers/migration/V218_RecipientPniSignatureVerified.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/database/helpers/migration/V218_RecipientPniSignatureVerified.kt
@@ -0,0 +1,19 @@
+/*
+ * Copyright 2024 Signal Messenger, LLC
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+package org.thoughtcrime.securesms.database.helpers.migration
+
+import android.app.Application
+import net.zetetic.database.sqlcipher.SQLiteDatabase
+
+/**
+ * Adds a pni_signature_verified column to the recipient table, letting us track whether the ACI/PNI association is verified and sync that to storage service.
+ */
+@Suppress("ClassName")
+object V218_RecipientPniSignatureVerified : SignalDatabaseMigration {
+  override fun migrate(context: Application, db: SQLiteDatabase, oldVersion: Int, newVersion: Int) {
+    db.execSQL("ALTER TABLE recipient ADD COLUMN pni_signature_verified INTEGER DEFAULT 0")
+  }
+}
--- a/app/src/main/java/org/thoughtcrime/securesms/database/model/RecipientRecord.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/database/model/RecipientRecord.kt
@@ -111,7 +111,8 @@ data class RecipientRecord(
    val isArchived: Boolean,
    val isForcedUnread: Boolean,
    val unregisteredTimestamp: Long,
-    val systemNickname: String?
+    val systemNickname: String?,
+    val pniSignatureVerified: Boolean
  )

  data class Capabilities(
--- a/app/src/main/java/org/thoughtcrime/securesms/storage/ContactRecordProcessor.java
+++ b/app/src/main/java/org/thoughtcrime/securesms/storage/ContactRecordProcessor.java
@@ -216,8 +216,9 @@ public class ContactRecordProcessor extends DefaultStorageRecordProcessor<Signal
    String               systemGivenName       = SignalStore.account().isPrimaryDevice() ? local.getSystemGivenName().orElse("") : remote.getSystemGivenName().orElse("");
    String               systemFamilyName      = SignalStore.account().isPrimaryDevice() ? local.getSystemFamilyName().orElse("") : remote.getSystemFamilyName().orElse("");
    String               systemNickname        = remote.getSystemNickname().orElse("");
-    boolean              matchesRemote         = doParamsMatch(remote, unknownFields, aci, pni, e164, profileGivenName, profileFamilyName, systemGivenName, systemFamilyName, systemNickname, profileKey, username, identityState, identityKey, blocked, profileSharing, archived, forcedUnread, muteUntil, hideStory, unregisteredTimestamp, hidden);
-    boolean              matchesLocal          = doParamsMatch(local, unknownFields, aci, pni, e164, profileGivenName, profileFamilyName, systemGivenName, systemFamilyName, systemNickname, profileKey, username, identityState, identityKey, blocked, profileSharing, archived, forcedUnread, muteUntil, hideStory, unregisteredTimestamp, hidden);
+    boolean              pniSignatureVerified  = remote.isPniSignatureVerified() || local.isPniSignatureVerified();
+    boolean              matchesRemote         = doParamsMatch(remote, unknownFields, aci, pni, e164, profileGivenName, profileFamilyName, systemGivenName, systemFamilyName, systemNickname, profileKey, username, identityState, identityKey, blocked, profileSharing, archived, forcedUnread, muteUntil, hideStory, unregisteredTimestamp, hidden, pniSignatureVerified);
+    boolean              matchesLocal          = doParamsMatch(local, unknownFields, aci, pni, e164, profileGivenName, profileFamilyName, systemGivenName, systemFamilyName, systemNickname, profileKey, username, identityState, identityKey, blocked, profileSharing, archived, forcedUnread, muteUntil, hideStory, unregisteredTimestamp, hidden, pniSignatureVerified);

    if (matchesRemote) {
      return remote;
@@ -244,6 +245,7 @@ public class ContactRecordProcessor extends DefaultStorageRecordProcessor<Signal
                                    .setHideStory(hideStory)
                                    .setUnregisteredTimestamp(unregisteredTimestamp)
                                    .setHidden(hidden)
+                                    .setPniSignatureVerified(pniSignatureVerified)
                                    .build();
    }
  }
@@ -295,7 +297,8 @@ public class ContactRecordProcessor extends DefaultStorageRecordProcessor<Signal
                                       long muteUntil,
                                       boolean hideStory,
                                       long unregisteredTimestamp,
-                                       boolean hidden)
+                                       boolean hidden,
+                                       boolean pniSignatureVerified)
  {
    return Arrays.equals(contact.serializeUnknownFields(), unknownFields) &&
           Objects.equals(contact.getAci().orElse(null), aci) &&
@@ -317,6 +320,7 @@ public class ContactRecordProcessor extends DefaultStorageRecordProcessor<Signal
           contact.getMuteUntil() == muteUntil &&
           contact.shouldHideStory() == hideStory &&
           contact.getUnregisteredTimestamp() == unregisteredTimestamp &&
-           contact.isHidden() == hidden;
+           contact.isHidden() == hidden &&
+           contact.isPniSignatureVerified() == pniSignatureVerified;
  }
 }
--- a/app/src/main/java/org/thoughtcrime/securesms/storage/StorageSyncModels.java
+++ b/app/src/main/java/org/thoughtcrime/securesms/storage/StorageSyncModels.java
@@ -155,6 +155,7 @@ public final class StorageSyncModels {
                                  .setUnregisteredTimestamp(recipient.getSyncExtras().getUnregisteredTimestamp())
                                  .setHidden(recipient.getHiddenState() != Recipient.HiddenState.NOT_HIDDEN)
                                  .setUsername(recipient.getUsername())
+                                  .setPniSignatureVerified(recipient.getSyncExtras().getPniSignatureVerified())
                                  .build();
  }