From ee00241515703dce9964838c0b8619b3a463a450 Mon Sep 17 00:00:00 2001 From: Mikunj Date: Tue, 26 Nov 2019 15:34:58 +1100 Subject: [PATCH] Rotate profile key on every new upload. Only fetch profile if avatar if profile key changed. --- .../securesms/CreateProfileActivity.java | 21 ++++++++++++------- .../securesms/crypto/ProfileKeyUtil.java | 17 +++++++++++++++ .../securesms/jobs/PushDecryptJob.java | 11 +++------- 3 files changed, 34 insertions(+), 15 deletions(-) diff --git a/src/org/thoughtcrime/securesms/CreateProfileActivity.java b/src/org/thoughtcrime/securesms/CreateProfileActivity.java index de46dcfdd4..cf3a2c3482 100644 --- a/src/org/thoughtcrime/securesms/CreateProfileActivity.java +++ b/src/org/thoughtcrime/securesms/CreateProfileActivity.java @@ -39,6 +39,7 @@ import org.thoughtcrime.securesms.crypto.ProfileKeyUtil; import org.thoughtcrime.securesms.database.Address; import org.thoughtcrime.securesms.database.DatabaseFactory; import org.thoughtcrime.securesms.dependencies.InjectableType; +import org.thoughtcrime.securesms.jobs.MultiDeviceProfileKeyUpdateJob; import org.thoughtcrime.securesms.logging.Log; import org.thoughtcrime.securesms.mms.GlideApp; import org.thoughtcrime.securesms.permissions.Permissions; @@ -382,7 +383,6 @@ public class CreateProfileActivity extends BaseActionBarActivity implements Inje @Override protected Boolean doInBackground(Void... params) { Context context = CreateProfileActivity.this; - byte[] profileKey = ProfileKeyUtil.getProfileKey(CreateProfileActivity.this); Analytics.Companion.getShared().track("Display Name Updated"); @@ -401,9 +401,9 @@ public class CreateProfileActivity extends BaseActionBarActivity implements Inje // accountManager.setProfileAvatar(profileKey, avatar); // ======== - //TODO: there is no need to upload the avatar again if there is no change - AvatarHelper.setAvatar(CreateProfileActivity.this, Address.fromSerialized(TextSecurePreferences.getLocalNumber(context)), avatarBytes); - TextSecurePreferences.setProfileAvatarId(CreateProfileActivity.this, new SecureRandom().nextInt()); + // Try upload photo with a new profile key + String newProfileKey = ProfileKeyUtil.generateEncodedProfileKey(context); + byte[] profileKey = ProfileKeyUtil.getProfileKeyFromEncodedString(newProfileKey); //Loki - Upload the profile photo here if (avatar != null) { @@ -411,16 +411,23 @@ public class CreateProfileActivity extends BaseActionBarActivity implements Inje LokiStorageAPI storageAPI = LokiStorageAPI.shared; LokiDotNetAPI.UploadResult result = storageAPI.uploadProfilePhoto(storageAPI.getServer(), profileKey, avatar); Log.d("Loki", "Profile photo uploaded, the url is " + result.getUrl()); - TextSecurePreferences.setProfileAvatarUrl(CreateProfileActivity.this, result.getUrl()); + TextSecurePreferences.setProfileAvatarUrl(context, result.getUrl()); } else { - TextSecurePreferences.setProfileAvatarUrl(CreateProfileActivity.this, null); + TextSecurePreferences.setProfileAvatarUrl(context, null); } + + AvatarHelper.setAvatar(context, Address.fromSerialized(TextSecurePreferences.getLocalNumber(context)), avatarBytes); + TextSecurePreferences.setProfileAvatarId(context, new SecureRandom().nextInt()); + + // Upload was successful with this new profile key, we should set it so the other users know to re-fetch profiles + ProfileKeyUtil.setEncodedProfileKey(context, newProfileKey); + // TODO: Update profile key in public chats here } catch (Exception e) { Log.d("Loki", "Failed to upload profile photo: " + e); return false; } - // ApplicationContext.getInstance(context).getJobManager().add(new MultiDeviceProfileKeyUpdateJob()); + ApplicationContext.getInstance(context).getJobManager().add(new MultiDeviceProfileKeyUpdateJob()); return true; } diff --git a/src/org/thoughtcrime/securesms/crypto/ProfileKeyUtil.java b/src/org/thoughtcrime/securesms/crypto/ProfileKeyUtil.java index 319d2b6a89..ae88a2141a 100644 --- a/src/org/thoughtcrime/securesms/crypto/ProfileKeyUtil.java +++ b/src/org/thoughtcrime/securesms/crypto/ProfileKeyUtil.java @@ -3,6 +3,7 @@ package org.thoughtcrime.securesms.crypto; import android.content.Context; import android.support.annotation.NonNull; +import android.support.annotation.Nullable; import org.thoughtcrime.securesms.util.Base64; import org.thoughtcrime.securesms.util.TextSecurePreferences; @@ -31,8 +32,24 @@ public class ProfileKeyUtil { } } + public static synchronized @NonNull byte[] getProfileKeyFromEncodedString(String encodedProfileKey) { + try { + return Base64.decode(encodedProfileKey); + } catch (IOException e) { + throw new AssertionError(e); + } + } + public static synchronized @NonNull byte[] rotateProfileKey(@NonNull Context context) { TextSecurePreferences.setProfileKey(context, null); return getProfileKey(context); } + + public static synchronized @NonNull String generateEncodedProfileKey(@NonNull Context context) { + return Util.getSecret(32); + } + + public static synchronized void setEncodedProfileKey(@NonNull Context context, @Nullable String key) { + TextSecurePreferences.setProfileKey(context, key); + } } diff --git a/src/org/thoughtcrime/securesms/jobs/PushDecryptJob.java b/src/org/thoughtcrime/securesms/jobs/PushDecryptJob.java index 499b116472..b1c8affe52 100644 --- a/src/org/thoughtcrime/securesms/jobs/PushDecryptJob.java +++ b/src/org/thoughtcrime/securesms/jobs/PushDecryptJob.java @@ -317,11 +317,6 @@ public class PushDecryptJob extends BaseJob implements InjectableType { }); } - // Loki - Store profile avatar - if (content.senderProfileAvatarUrl.isPresent()) { - handleProfileAvatar(content, content.senderProfileAvatarUrl.get()); - } - if (content.getPairingAuthorisation().isPresent()) { handlePairingMessage(content.getPairingAuthorisation().get(), envelope, content); } else if (content.getDataMessage().isPresent()) { @@ -1417,13 +1412,13 @@ public class PushDecryptJob extends BaseJob implements InjectableType { @NonNull SignalServiceDataMessage message) { RecipientDatabase database = DatabaseFactory.getRecipientDatabase(context); - Address sourceAddress = Address.fromSerialized(content.getSender()); - Recipient recipient = Recipient.from(context, sourceAddress, false); + Recipient recipient = getPrimaryDeviceRecipient(content.getSender()); if (recipient.getProfileKey() == null || !MessageDigest.isEqual(recipient.getProfileKey(), message.getProfileKey().get())) { database.setProfileKey(recipient, message.getProfileKey().get()); database.setUnidentifiedAccessMode(recipient, RecipientDatabase.UnidentifiedAccessMode.UNKNOWN); - ApplicationContext.getInstance(context).getJobManager().add(new RetrieveProfileJob(recipient)); + String url = content.senderProfileAvatarUrl.or(""); + ApplicationContext.getInstance(context).getJobManager().add(new RetrieveProfileAvatarJob(recipient, url)); } }