Store last resort kyber pre key from PniChangeNumber message

2025-08-29 10:30:38 +00:00 · 2023-07-01 14:06:35 +02:00 · 2023-07-01 14:06:35 +02:00 · ffeae1a95a
commit ffeae1a95a
parent e57e5b090e
3 changed files with 24 additions and 11 deletions
--- a/lib/src/main/java/org/asamk/signal/manager/helper/AccountHelper.java
+++ b/lib/src/main/java/org/asamk/signal/manager/helper/AccountHelper.java
@ -14,6 +14,7 @@ import org.asamk.signal.manager.util.NumberVerificationUtils;
 import org.asamk.signal.manager.util.Utils;
 import org.signal.libsignal.protocol.IdentityKeyPair;
 import org.signal.libsignal.protocol.InvalidKeyException;
+import org.signal.libsignal.protocol.state.KyberPreKeyRecord;
 import org.signal.libsignal.protocol.state.SignedPreKeyRecord;
 import org.signal.libsignal.usernames.BaseUsernameException;
 import org.signal.libsignal.usernames.Username;
@ -120,20 +121,21 @@ public class AccountHelper {
        // TODO check and update remote storage
        context.getUnidentifiedAccessHelper().rotateSenderCertificates();
        dependencies.resetAfterAddressChange();
+        context.getGroupV2Helper().clearAuthCredentialCache();
        context.getAccountFileUpdater().updateAccountIdentifiers(account.getNumber(), account.getAci());
    }

    public void setPni(
            final PNI updatedPni,
            final IdentityKeyPair pniIdentityKeyPair,
+            final String number,
+            final int localPniRegistrationId,
            final SignedPreKeyRecord pniSignedPreKey,
-            final int localPniRegistrationId
+            final KyberPreKeyRecord lastResortKyberPreKey
    ) throws IOException {
-        account.setPni(updatedPni, pniIdentityKeyPair, pniSignedPreKey, localPniRegistrationId);
+        updateSelfIdentifiers(number != null ? number : account.getNumber(), account.getAci(), updatedPni);
+        account.setNewPniIdentity(pniIdentityKeyPair, pniSignedPreKey, lastResortKyberPreKey, localPniRegistrationId);
        context.getPreKeyHelper().refreshPreKeysIfNecessary(ServiceIdType.PNI);
-        if (account.getPni() == null || !account.getPni().equals(updatedPni)) {
-            context.getGroupV2Helper().clearAuthCredentialCache();
-        }
    }

    public void startChangeNumber(
--- a/lib/src/main/java/org/asamk/signal/manager/helper/IncomingMessageHandler.java
+++ b/lib/src/main/java/org/asamk/signal/manager/helper/IncomingMessageHandler.java
@ -44,6 +44,7 @@ import org.signal.libsignal.protocol.IdentityKeyPair;
 import org.signal.libsignal.protocol.InvalidMessageException;
 import org.signal.libsignal.protocol.groups.GroupSessionBuilder;
 import org.signal.libsignal.protocol.message.DecryptionErrorMessage;
+import org.signal.libsignal.protocol.state.KyberPreKeyRecord;
 import org.signal.libsignal.protocol.state.SignedPreKeyRecord;
 import org.signal.libsignal.zkgroup.InvalidInputException;
 import org.signal.libsignal.zkgroup.profiles.ProfileKey;
@ -646,8 +647,13 @@ public final class IncomingMessageHandler {
                    context.getAccountHelper()
                            .setPni(updatedPni,
                                    new IdentityKeyPair(pniChangeNumber.getIdentityKeyPair().toByteArray()),
+                                    pniChangeNumber.hasNewE164() ? pniChangeNumber.getNewE164() : null,
+                                    pniChangeNumber.getRegistrationId(),
                                    new SignedPreKeyRecord(pniChangeNumber.getSignedPreKey().toByteArray()),
-                                    pniChangeNumber.getRegistrationId());
+                                    pniChangeNumber.hasLastResortKyberPreKey()
+                                            ? new KyberPreKeyRecord(pniChangeNumber.getLastResortKyberPreKey()
+                                            .toByteArray())
+                                            : null);
                } catch (Exception e) {
                    logger.warn("Failed to handle change number message", e);
                }
--- a/lib/src/main/java/org/asamk/signal/manager/storage/SignalAccount.java
+++ b/lib/src/main/java/org/asamk/signal/manager/storage/SignalAccount.java
@ -1379,17 +1379,22 @@ public class SignalAccount implements Closeable {
        save();
    }

-    public void setPni(
-            final PNI updatedPni,
+    public void setNewPniIdentity(
            final IdentityKeyPair pniIdentityKeyPair,
            final SignedPreKeyRecord pniSignedPreKey,
+            final KyberPreKeyRecord lastResortKyberPreKey,
            final int localPniRegistrationId
    ) {
-        setPni(updatedPni);
-
        setPniIdentityKeyPair(pniIdentityKeyPair);
-        addSignedPreKey(ServiceIdType.PNI, pniSignedPreKey);
        setLocalPniRegistrationId(localPniRegistrationId);
+
+        final var preKeyMetadata = getAccountData(ServiceIdType.PNI).getPreKeyMetadata();
+        preKeyMetadata.nextSignedPreKeyId = pniSignedPreKey.getId();
+        addSignedPreKey(ServiceIdType.PNI, pniSignedPreKey);
+        if (lastResortKyberPreKey != null) {
+            preKeyMetadata.kyberPreKeyIdOffset = lastResortKyberPreKey.getId();
+            addLastResortKyberPreKey(ServiceIdType.PNI, lastResortKyberPreKey);
+        }
    }

    public SignalServiceAddress getSelfAddress() {