Sync the PNI identity used in sent transcripts.

2026-04-21 09:20:19 +01:00 · 2024-03-06 15:25:28 -05:00
parent b4ced5278e
commit 891c130e12
4 changed files with 67 additions and 5 deletions
--- a/app/src/main/java/org/thoughtcrime/securesms/messages/MessageDecryptor.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/messages/MessageDecryptor.kt
@@ -395,7 +395,7 @@ object MessageDecryptor {
    val aciAddress = SignalProtocolAddress(aci.toString(), deviceId)
    val pniAddress = SignalProtocolAddress(pni.toString(), deviceId)
    val aciIdentity = protocolStore.getAciStore().getIdentity(aciAddress)
-    val pniIdentity = protocolStore.getAciStore().getIdentity(pniAddress)
+    var pniIdentity = protocolStore.getAciStore().getIdentity(pniAddress)

    if (aciIdentity == null) {
      Log.w(TAG, "${logPrefix(envelope, aci)}[validatePniSignature] No identity found for ACI address $aciAddress")
@@ -404,7 +404,18 @@ object MessageDecryptor {

    if (pniIdentity == null) {
      Log.w(TAG, "${logPrefix(envelope, aci)}[validatePniSignature] No identity found for PNI address $pniAddress")
-      return
+      if (deviceId != SignalServiceAddress.DEFAULT_DEVICE_ID) {
+        pniIdentity = protocolStore.getAciStore().getIdentity(SignalProtocolAddress(pni.toString(), SignalServiceAddress.DEFAULT_DEVICE_ID))
+
+        if (pniIdentity != null) {
+          Log.w(TAG, "${logPrefix(envelope, aci)}[validatePniSignature] Found PNI identity when looking up device 1. Using that.")
+        } else {
+          Log.w(TAG, "${logPrefix(envelope, aci)}[validatePniSignature] No PNI identity when looking up device 1 either.")
+          return
+        }
+      } else {
+        return
+      }
    }

    if (pniIdentity.verifyAlternateIdentity(aciIdentity, pniSignatureMessage.signature!!.toByteArray())) {
--- a/app/src/main/java/org/thoughtcrime/securesms/messages/SyncMessageProcessor.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/messages/SyncMessageProcessor.kt
@@ -6,6 +6,9 @@ import com.mobilecoin.lib.exceptions.SerializationException
 import okio.ByteString
 import org.signal.core.util.Hex
 import org.signal.core.util.orNull
+import org.signal.libsignal.protocol.IdentityKey
+import org.signal.libsignal.protocol.InvalidKeyException
+import org.signal.libsignal.protocol.SignalProtocolAddress
 import org.signal.libsignal.protocol.util.Pair
 import org.signal.ringrtc.CallException
 import org.signal.ringrtc.CallLinkRootKey
@@ -96,6 +99,7 @@ import org.whispersystems.signalservice.api.messages.SignalServiceAttachmentPoin
 import org.whispersystems.signalservice.api.push.DistributionId
 import org.whispersystems.signalservice.api.push.ServiceId
 import org.whispersystems.signalservice.api.push.ServiceId.ACI
+import org.whispersystems.signalservice.api.push.ServiceId.PNI
 import org.whispersystems.signalservice.api.push.SignalServiceAddress
 import org.whispersystems.signalservice.api.storage.StorageKey
 import org.whispersystems.signalservice.internal.push.Content
@@ -169,6 +173,8 @@ object SyncMessageProcessor {
    log(envelope.timestamp!!, "Processing sent transcript for message with ID ${sent.timestamp!!}")

    try {
+      handlePniIdentityKeys(envelope, sent)
+
      if (sent.storyMessage != null || sent.storyMessageRecipients.isNotEmpty()) {
        handleSynchronizeSentStoryMessage(envelope, sent)
        return
@@ -246,6 +252,34 @@ object SyncMessageProcessor {
    }
  }

+  private fun handlePniIdentityKeys(envelope: Envelope, sent: Sent) {
+    for (status in sent.unidentifiedStatus) {
+      if (status.destinationIdentityKey == null) {
+        continue
+      }
+
+      val pni = PNI.parsePrefixedOrNull(status.destinationServiceId)
+      if (pni == null) {
+        continue
+      }
+
+      val address = SignalProtocolAddress(pni.toString(), SignalServiceAddress.DEFAULT_DEVICE_ID)
+
+      if (ApplicationDependencies.getProtocolStore().aci().identities().getIdentity(address) != null) {
+        log(envelope.timestamp!!, "Ignoring identity on sent transcript for $pni because we already have one.")
+        continue
+      }
+
+      try {
+        log(envelope.timestamp!!, "Saving identity from sent transcript for $pni")
+        val identityKey = IdentityKey(status.destinationIdentityKey!!.toByteArray())
+        ApplicationDependencies.getProtocolStore().aci().identities().saveIdentity(address, identityKey)
+      } catch (e: InvalidKeyException) {
+        warn(envelope.timestamp!!, "Failed to deserialize identity key for $pni")
+      }
+    }
+  }
+
  private fun getSyncMessageDestination(message: Sent): Recipient {
    return if (message.message.hasGroupContext) {
      Recipient.externalPossiblyMigratedGroup(GroupId.v2(message.message!!.groupV2!!.groupMasterKey))