mirror of
https://github.com/signalapp/Signal-Android.git
synced 2026-02-22 18:55:12 +00:00
Add provisioning support for PNP.
This commit is contained in:
@@ -21,6 +21,7 @@ import androidx.core.content.ContextCompat;
|
||||
|
||||
import org.signal.core.util.ThreadUtil;
|
||||
import org.signal.core.util.logging.Log;
|
||||
import org.signal.zkgroup.profiles.ProfileKey;
|
||||
import org.thoughtcrime.securesms.crypto.IdentityKeyUtil;
|
||||
import org.thoughtcrime.securesms.crypto.ProfileKeyUtil;
|
||||
import org.thoughtcrime.securesms.dependencies.ApplicationDependencies;
|
||||
@@ -187,12 +188,13 @@ public class DeviceActivity extends PassphraseRequiredActivity
|
||||
return BAD_CODE;
|
||||
}
|
||||
|
||||
ECPublicKey publicKey = Curve.decodePoint(Base64.decode(publicKeyEncoded), 0);
|
||||
IdentityKeyPair identityKeyPair = SignalStore.account().getAciIdentityKey();
|
||||
Optional<byte[]> profileKey = Optional.of(ProfileKeyUtil.getProfileKey(getContext()));
|
||||
ECPublicKey publicKey = Curve.decodePoint(Base64.decode(publicKeyEncoded), 0);
|
||||
IdentityKeyPair aciIdentityKeyPair = SignalStore.account().getAciIdentityKey();
|
||||
IdentityKeyPair pniIdentityKeyPair = SignalStore.account().getPniIdentityKey();
|
||||
ProfileKey profileKey = ProfileKeyUtil.getSelfProfileKey();
|
||||
|
||||
TextSecurePreferences.setMultiDevice(DeviceActivity.this, true);
|
||||
accountManager.addDevice(ephemeralId, publicKey, identityKeyPair, profileKey, verificationCode);
|
||||
accountManager.addDevice(ephemeralId, publicKey, aciIdentityKeyPair, pniIdentityKeyPair, profileKey, verificationCode);
|
||||
|
||||
return SUCCESS;
|
||||
} catch (NotFoundException e) {
|
||||
|
||||
@@ -22,18 +22,6 @@ public final class ProfileKeyUtil {
|
||||
private ProfileKeyUtil() {
|
||||
}
|
||||
|
||||
/** @deprecated Use strongly typed {@link org.signal.zkgroup.profiles.ProfileKey}
|
||||
* from {@link #getSelfProfileKey()}
|
||||
* or {@code getSelfProfileKey().serialize()} if you need the bytes. */
|
||||
@Deprecated
|
||||
public static @NonNull byte[] getProfileKey(@NonNull Context context) {
|
||||
byte[] profileKey = Recipient.self().getProfileKey();
|
||||
if (profileKey == null) {
|
||||
throw new AssertionError();
|
||||
}
|
||||
return profileKey;
|
||||
}
|
||||
|
||||
public static synchronized @NonNull ProfileKey getSelfProfileKey() {
|
||||
try {
|
||||
return new ProfileKey(Recipient.self().getProfileKey());
|
||||
|
||||
@@ -2604,7 +2604,7 @@ open class RecipientDatabase(context: Context, databaseHelper: SignalDatabase) :
|
||||
}
|
||||
|
||||
// Sessions
|
||||
val localAci: ACI = Recipient.self().aci.get()
|
||||
val localAci: ACI = SignalStore.account().aci!!
|
||||
val sessionDatabase = sessions
|
||||
val hasE164Session = sessionDatabase.getAllFor(localAci, e164Record.e164).isNotEmpty()
|
||||
val hasAciSession = sessionDatabase.getAllFor(localAci, aciRecord.aci.toString()).isNotEmpty()
|
||||
|
||||
@@ -32,6 +32,7 @@ class SessionDatabase(context: Context, databaseHelper: SignalDatabase) : Databa
|
||||
$DEVICE INTEGER NOT NULL,
|
||||
$RECORD BLOB NOT NULL,
|
||||
UNIQUE($ACCOUNT_ID, $ADDRESS, $DEVICE)
|
||||
)
|
||||
"""
|
||||
}
|
||||
|
||||
|
||||
@@ -370,6 +370,11 @@ public class ApplicationDependencyProvider implements ApplicationDependencies.Pr
|
||||
return SignalStore.account().getAci();
|
||||
}
|
||||
|
||||
@Override
|
||||
public PNI getPni() {
|
||||
return SignalStore.account().getPni();
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getE164() {
|
||||
return SignalStore.account().getE164();
|
||||
|
||||
@@ -112,6 +112,7 @@ public final class JobManagerFactories {
|
||||
put(MultiDeviceKeysUpdateJob.KEY, new MultiDeviceKeysUpdateJob.Factory());
|
||||
put(MultiDeviceMessageRequestResponseJob.KEY, new MultiDeviceMessageRequestResponseJob.Factory());
|
||||
put(MultiDeviceOutgoingPaymentSyncJob.KEY, new MultiDeviceOutgoingPaymentSyncJob.Factory());
|
||||
put(MultiDevicePniIdentityUpdateJob.KEY, new MultiDevicePniIdentityUpdateJob.Factory());
|
||||
put(MultiDeviceProfileContentUpdateJob.KEY, new MultiDeviceProfileContentUpdateJob.Factory());
|
||||
put(MultiDeviceProfileKeyUpdateJob.KEY, new MultiDeviceProfileKeyUpdateJob.Factory());
|
||||
put(MultiDeviceReadUpdateJob.KEY, new MultiDeviceReadUpdateJob.Factory());
|
||||
|
||||
@@ -0,0 +1,103 @@
|
||||
package org.thoughtcrime.securesms.jobs;
|
||||
|
||||
|
||||
import androidx.annotation.NonNull;
|
||||
|
||||
import com.google.protobuf.ByteString;
|
||||
|
||||
import org.signal.core.util.logging.Log;
|
||||
import org.thoughtcrime.securesms.crypto.UnidentifiedAccessUtil;
|
||||
import org.thoughtcrime.securesms.dependencies.ApplicationDependencies;
|
||||
import org.thoughtcrime.securesms.jobmanager.Data;
|
||||
import org.thoughtcrime.securesms.jobmanager.Job;
|
||||
import org.thoughtcrime.securesms.jobmanager.impl.NetworkConstraint;
|
||||
import org.thoughtcrime.securesms.keyvalue.SignalStore;
|
||||
import org.thoughtcrime.securesms.net.NotPushRegisteredException;
|
||||
import org.thoughtcrime.securesms.recipients.Recipient;
|
||||
import org.thoughtcrime.securesms.util.TextSecurePreferences;
|
||||
import org.whispersystems.libsignal.IdentityKeyPair;
|
||||
import org.whispersystems.signalservice.api.crypto.UntrustedIdentityException;
|
||||
import org.whispersystems.signalservice.api.messages.multidevice.SignalServiceSyncMessage;
|
||||
import org.whispersystems.signalservice.api.push.exceptions.PushNetworkException;
|
||||
import org.whispersystems.signalservice.api.push.exceptions.ServerRejectedException;
|
||||
import org.whispersystems.signalservice.internal.push.SignalServiceProtos.SyncMessage.PniIdentity;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
/**
|
||||
* As part of the PNI migration, linked devices will need to be told what their PNI identity key is. This job is sent either in response to a request from
|
||||
* a linked device or as part of a migration when we start using PNIs.
|
||||
*/
|
||||
public class MultiDevicePniIdentityUpdateJob extends BaseJob {
|
||||
|
||||
private static final String TAG = Log.tag(MultiDevicePniIdentityUpdateJob.class);
|
||||
|
||||
public static final String KEY = "MultiDevicePniIdentityUpdateJob";
|
||||
|
||||
public MultiDevicePniIdentityUpdateJob() {
|
||||
this(new Parameters.Builder()
|
||||
.setQueue("__MULTI_DEVICE_PNI_IDENTITY_UPDATE_JOB__")
|
||||
.setMaxInstancesForFactory(1)
|
||||
.addConstraint(NetworkConstraint.KEY)
|
||||
.setLifespan(TimeUnit.DAYS.toMillis(1))
|
||||
.setMaxAttempts(Parameters.UNLIMITED)
|
||||
.build());
|
||||
}
|
||||
|
||||
private MultiDevicePniIdentityUpdateJob(@NonNull Parameters parameters) {
|
||||
super(parameters);
|
||||
}
|
||||
|
||||
@Override
|
||||
public @NonNull Data serialize() {
|
||||
return Data.EMPTY;
|
||||
}
|
||||
|
||||
@Override
|
||||
public @NonNull String getFactoryKey() {
|
||||
return KEY;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void onRun() throws IOException, UntrustedIdentityException {
|
||||
if (!Recipient.self().isRegistered()) {
|
||||
throw new NotPushRegisteredException();
|
||||
}
|
||||
|
||||
if (!TextSecurePreferences.isMultiDevice(context)) {
|
||||
Log.i(TAG, "Not multi device, aborting...");
|
||||
return;
|
||||
}
|
||||
|
||||
if (SignalStore.account().isLinkedDevice()) {
|
||||
Log.i(TAG, "Not primary device, aborting...");
|
||||
return;
|
||||
}
|
||||
|
||||
IdentityKeyPair pniIdentityKeyPair = SignalStore.account().getPniIdentityKey();
|
||||
SignalServiceSyncMessage syncMessage = SignalServiceSyncMessage.forPniIdentity(PniIdentity.newBuilder()
|
||||
.setPublicKey(ByteString.copyFrom(pniIdentityKeyPair.getPublicKey().serialize()))
|
||||
.setPrivateKey(ByteString.copyFrom(pniIdentityKeyPair.getPrivateKey().serialize()))
|
||||
.build());
|
||||
|
||||
ApplicationDependencies.getSignalServiceMessageSender().sendSyncMessage(syncMessage, UnidentifiedAccessUtil.getAccessForSync(context));
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean onShouldRetry(@NonNull Exception e) {
|
||||
if (e instanceof ServerRejectedException) return false;
|
||||
return e instanceof PushNetworkException;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void onFailure() {
|
||||
}
|
||||
|
||||
public static final class Factory implements Job.Factory<MultiDevicePniIdentityUpdateJob> {
|
||||
@Override
|
||||
public @NonNull MultiDevicePniIdentityUpdateJob create(@NonNull Parameters parameters, @NonNull Data data) {
|
||||
return new MultiDevicePniIdentityUpdateJob(parameters);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -174,7 +174,7 @@ public abstract class PushSendJob extends SendJob {
|
||||
return Optional.absent();
|
||||
}
|
||||
|
||||
return Optional.of(ProfileKeyUtil.getProfileKey(context));
|
||||
return Optional.of(ProfileKeyUtil.getSelfProfileKey().serialize());
|
||||
}
|
||||
|
||||
protected SignalServiceAttachment getAttachmentFor(Attachment attachment) {
|
||||
|
||||
@@ -396,7 +396,7 @@ public class RetrieveProfileJob extends BaseJob {
|
||||
|
||||
IdentityKey identityKey = new IdentityKey(Base64.decode(identityKeyValue), 0);
|
||||
|
||||
if (!ApplicationDependencies.getProtocolStore().aci().identities().getIdentityRecord(recipient).isPresent()) {
|
||||
if (!ApplicationDependencies.getProtocolStore().aci().identities().getIdentityRecord(recipient.getId()).isPresent()) {
|
||||
Log.w(TAG, "Still first use for " + recipient.getId());
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -68,6 +68,7 @@ import org.thoughtcrime.securesms.jobs.MultiDeviceContactSyncJob;
|
||||
import org.thoughtcrime.securesms.jobs.MultiDeviceContactUpdateJob;
|
||||
import org.thoughtcrime.securesms.jobs.MultiDeviceGroupUpdateJob;
|
||||
import org.thoughtcrime.securesms.jobs.MultiDeviceKeysUpdateJob;
|
||||
import org.thoughtcrime.securesms.jobs.MultiDevicePniIdentityUpdateJob;
|
||||
import org.thoughtcrime.securesms.jobs.MultiDeviceStickerPackSyncJob;
|
||||
import org.thoughtcrime.securesms.jobs.NullMessageSendJob;
|
||||
import org.thoughtcrime.securesms.jobs.PaymentLedgerUpdateJob;
|
||||
@@ -1237,6 +1238,10 @@ public final class MessageContentProcessor {
|
||||
if (message.isKeysRequest()) {
|
||||
ApplicationDependencies.getJobManager().add(new MultiDeviceKeysUpdateJob());
|
||||
}
|
||||
|
||||
if (message.isPniIdentityRequest()) {
|
||||
ApplicationDependencies.getJobManager().add(new MultiDevicePniIdentityUpdateJob());
|
||||
}
|
||||
}
|
||||
|
||||
private void handleSynchronizeReadMessage(@NonNull List<ReadMessage> readMessages, long envelopeTimestamp, @NonNull Recipient senderRecipient)
|
||||
|
||||
@@ -13,6 +13,7 @@ import org.thoughtcrime.securesms.dependencies.ApplicationDependencies;
|
||||
import org.thoughtcrime.securesms.util.FeatureFlags;
|
||||
import org.whispersystems.signalservice.api.SignalServiceAccountManager;
|
||||
import org.whispersystems.signalservice.api.push.ACI;
|
||||
import org.whispersystems.signalservice.api.push.PNI;
|
||||
|
||||
public class AccountManagerFactory {
|
||||
|
||||
@@ -20,6 +21,7 @@ public class AccountManagerFactory {
|
||||
|
||||
public static @NonNull SignalServiceAccountManager createAuthenticated(@NonNull Context context,
|
||||
@NonNull ACI aci,
|
||||
@NonNull PNI pni,
|
||||
@NonNull String number,
|
||||
int deviceId,
|
||||
@NonNull String password)
|
||||
@@ -36,6 +38,7 @@ public class AccountManagerFactory {
|
||||
|
||||
return new SignalServiceAccountManager(ApplicationDependencies.getSignalServiceNetworkAccess().getConfiguration(number),
|
||||
aci,
|
||||
pni,
|
||||
number,
|
||||
deviceId,
|
||||
password,
|
||||
@@ -44,7 +47,7 @@ public class AccountManagerFactory {
|
||||
}
|
||||
|
||||
/**
|
||||
* Should only be used during registration when you haven't yet been assigned a UUID.
|
||||
* Should only be used during registration when you haven't yet been assigned an ACI.
|
||||
*/
|
||||
public static @NonNull SignalServiceAccountManager createUnauthenticated(@NonNull Context context,
|
||||
@NonNull String number,
|
||||
@@ -62,7 +65,7 @@ public class AccountManagerFactory {
|
||||
}
|
||||
|
||||
return new SignalServiceAccountManager(new SignalServiceNetworkAccess(context).getConfiguration(number),
|
||||
null, number, deviceId, password, BuildConfig.SIGNAL_AGENT, FeatureFlags.okHttpAutomaticRetry());
|
||||
null, null, number, deviceId, password, BuildConfig.SIGNAL_AGENT, FeatureFlags.okHttpAutomaticRetry());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -138,7 +138,7 @@ public final class RegistrationRepository {
|
||||
ApplicationDependencies.getProtocolStore().pni().sessions().archiveAllSessions();
|
||||
SenderKeyUtil.clearAllState(context);
|
||||
|
||||
SignalServiceAccountManager accountManager = AccountManagerFactory.createAuthenticated(context, aci, registrationData.getE164(), SignalServiceAddress.DEFAULT_DEVICE_ID, registrationData.getPassword());
|
||||
SignalServiceAccountManager accountManager = AccountManagerFactory.createAuthenticated(context, aci, pni, registrationData.getE164(), SignalServiceAddress.DEFAULT_DEVICE_ID, registrationData.getPassword());
|
||||
SignalServiceAccountDataStoreImpl aciProtocolStore = ApplicationDependencies.getProtocolStore().aci();
|
||||
SignalServiceAccountDataStoreImpl pniProtocolStore = ApplicationDependencies.getProtocolStore().pni();
|
||||
|
||||
|
||||
@@ -67,9 +67,9 @@ class SecondaryProvisioningCipher private constructor(private val secondaryIdent
|
||||
val provisioningMessage = ProvisioningProtos.ProvisionMessage.parseFrom(plaintext)
|
||||
|
||||
return ProvisionDecryptResult.Success(
|
||||
uuid = UuidUtil.parseOrThrow(provisioningMessage.uuid),
|
||||
uuid = UuidUtil.parseOrThrow(provisioningMessage.aci),
|
||||
e164 = provisioningMessage.number,
|
||||
identityKeyPair = IdentityKeyPair(IdentityKey(provisioningMessage.identityKeyPublic.toByteArray()), Curve.decodePrivatePoint(provisioningMessage.identityKeyPrivate.toByteArray())),
|
||||
identityKeyPair = IdentityKeyPair(IdentityKey(provisioningMessage.aciIdentityKeyPublic.toByteArray()), Curve.decodePrivatePoint(provisioningMessage.aciIdentityKeyPrivate.toByteArray())),
|
||||
profileKey = ProfileKey(provisioningMessage.profileKey.toByteArray()),
|
||||
areReadReceiptsEnabled = provisioningMessage.readReceipts,
|
||||
primaryUserAgent = provisioningMessage.userAgent,
|
||||
|
||||
Reference in New Issue
Block a user