From 5e2a4fb058b30218fdea3b0f4eabb78842fea5bc Mon Sep 17 00:00:00 2001
From: Greyson Parrelli <greyson@signal.org>
Date: Thu, 5 Dec 2019 12:07:10 -0500
Subject: [PATCH] Put safeguards around Recipient creation in the
 IdentityStore.

---
 .../storage/TextSecureIdentityKeyStore.java   | 42 ++++++++++++-------
 .../securesms/database/RecipientDatabase.java |  2 -
 .../{SqliteUtilTest.java => SqlUtilTest.java} |  2 +-
 3 files changed, 29 insertions(+), 17 deletions(-)
 rename test/unitTest/java/org/thoughtcrime/securesms/database/{SqliteUtilTest.java => SqlUtilTest.java} (99%)

diff --git a/src/org/thoughtcrime/securesms/crypto/storage/TextSecureIdentityKeyStore.java b/src/org/thoughtcrime/securesms/crypto/storage/TextSecureIdentityKeyStore.java
index 4eb51a8d85..7b10949ed3 100644
--- a/src/org/thoughtcrime/securesms/crypto/storage/TextSecureIdentityKeyStore.java
+++ b/src/org/thoughtcrime/securesms/crypto/storage/TextSecureIdentityKeyStore.java
@@ -92,30 +92,44 @@ public class TextSecureIdentityKeyStore implements IdentityKeyStore {
   @Override
   public boolean isTrustedIdentity(SignalProtocolAddress address, IdentityKey identityKey, Direction direction) {
     synchronized (LOCK) {
-      IdentityDatabase identityDatabase = DatabaseFactory.getIdentityDatabase(context);
-      RecipientId      ourRecipientId   = Recipient.self().getId();
-      RecipientId      theirRecipientId = Recipient.external(context, address.getName()).getId();
+      if (DatabaseFactory.getRecipientDatabase(context).containsPhoneOrUuid(address.getName())) {
+        IdentityDatabase identityDatabase = DatabaseFactory.getIdentityDatabase(context);
+        RecipientId      ourRecipientId   = Recipient.self().getId();
+        RecipientId      theirRecipientId = Recipient.external(context, address.getName()).getId();
 
-      if (ourRecipientId.equals(theirRecipientId)) {
-        return identityKey.equals(IdentityKeyUtil.getIdentityKey(context));
-      }
+        if (ourRecipientId.equals(theirRecipientId)) {
+          return identityKey.equals(IdentityKeyUtil.getIdentityKey(context));
+        }
 
-      switch (direction) {
-        case SENDING:   return isTrustedForSending(identityKey, identityDatabase.getIdentity(theirRecipientId));
-        case RECEIVING: return true;
-        default:        throw new AssertionError("Unknown direction: " + direction);
+        switch (direction) {
+          case SENDING:   return isTrustedForSending(identityKey, identityDatabase.getIdentity(theirRecipientId));
+          case RECEIVING: return true;
+          default:        throw new AssertionError("Unknown direction: " + direction);
+        }
+      } else {
+        Log.w(TAG, "Tried to check if identity is trusted for " + address.getName() + ", but no matching recipient existed!");
+        switch (direction) {
+          case SENDING:   return false;
+          case RECEIVING: return true;
+          default:        throw new AssertionError("Unknown direction: " + direction);
+        }
       }
     }
   }
 
   @Override
   public IdentityKey getIdentity(SignalProtocolAddress address) {
-    RecipientId              recipientId = Recipient.external(context, address.getName()).getId();
-    Optional<IdentityRecord> record      = DatabaseFactory.getIdentityDatabase(context).getIdentity(recipientId);
+    if (DatabaseFactory.getRecipientDatabase(context).containsPhoneOrUuid(address.getName())) {
+      RecipientId              recipientId = Recipient.external(context, address.getName()).getId();
+      Optional<IdentityRecord> record      = DatabaseFactory.getIdentityDatabase(context).getIdentity(recipientId);
 
-    if (record.isPresent()) {
-      return record.get().getIdentityKey();
+      if (record.isPresent()) {
+        return record.get().getIdentityKey();
+      } else {
+        return null;
+      }
     } else {
+      Log.w(TAG, "Tried to get identity for " + address.getName() + ", but no matching recipient existed!");
       return null;
     }
   }
diff --git a/src/org/thoughtcrime/securesms/database/RecipientDatabase.java b/src/org/thoughtcrime/securesms/database/RecipientDatabase.java
index eed2535793..74f75de83f 100644
--- a/src/org/thoughtcrime/securesms/database/RecipientDatabase.java
+++ b/src/org/thoughtcrime/securesms/database/RecipientDatabase.java
@@ -8,7 +8,6 @@ import android.text.TextUtils;
 
 import androidx.annotation.NonNull;
 import androidx.annotation.Nullable;
-import androidx.annotation.VisibleForTesting;
 
 import com.annimon.stream.Stream;
 import com.google.android.gms.common.util.ArrayUtils;
@@ -39,7 +38,6 @@ import org.whispersystems.signalservice.api.storage.SignalContactRecord;
 
 import java.io.Closeable;
 import java.io.IOException;
-import java.lang.reflect.Array;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashMap;
diff --git a/test/unitTest/java/org/thoughtcrime/securesms/database/SqliteUtilTest.java b/test/unitTest/java/org/thoughtcrime/securesms/database/SqlUtilTest.java
similarity index 99%
rename from test/unitTest/java/org/thoughtcrime/securesms/database/SqliteUtilTest.java
rename to test/unitTest/java/org/thoughtcrime/securesms/database/SqlUtilTest.java
index 7e144b8d7d..80abdea7a3 100644
--- a/test/unitTest/java/org/thoughtcrime/securesms/database/SqliteUtilTest.java
+++ b/test/unitTest/java/org/thoughtcrime/securesms/database/SqlUtilTest.java
@@ -15,7 +15,7 @@ import static org.junit.Assert.assertEquals;
 
 @RunWith(RobolectricTestRunner.class)
 @Config(manifest = Config.NONE, application = Application.class)
-public class SqliteUtilTest {
+public class SqlUtilTest {
 
   @Test
   public void buildTrueUpdateQuery_simple() {