filippodb/SchildiChat-android
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Do not support SHOW or SCAN if cross-signing is not enabled

Browse Source
This commit is contained in:
Benoit Marty 2020-01-27 10:49:49 +01:00
parent fb5148fd43
commit 9e796067cc
4 changed files with 30 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
matrix-sdk-android/src/main/java/im/vector/matrix/android/api/session/crypto/crosssigning/CrossSigningService.kt
View File

@ -26,6 +26,8 @@ import im.vector.matrix.android.internal.crypto.model.rest.UserPasswordAuth
interface CrossSigningService { interface CrossSigningService {
fun isCrossSigningEnabled(): Boolean
fun isUserTrusted(otherUserId: String): Boolean fun isUserTrusted(otherUserId: String): Boolean
/** /**

25
matrix-sdk-android/src/main/java/im/vector/matrix/android/internal/crypto/crosssigning/DefaultCrossSigningService.kt
View File

@ -212,7 +212,7 @@ internal class DefaultCrossSigningService @Inject constructor(
this.constraints = TaskConstraints(true) this.constraints = TaskConstraints(true)
this.callback = object : MatrixCallback<Unit> { this.callback = object : MatrixCallback<Unit> {
override fun onSuccess(data: Unit) { override fun onSuccess(data: Unit) {
Timber.i("## CrossSigning - Keys succesfully uploaded") Timber.i("## CrossSigning - Keys successfully uploaded")
// Sign the current device with SSK // Sign the current device with SSK
val uploadSignatureQueryBuilder = UploadSignatureQueryBuilder() val uploadSignatureQueryBuilder = UploadSignatureQueryBuilder()
@ -248,7 +248,7 @@ internal class DefaultCrossSigningService @Inject constructor(
this.constraints = TaskConstraints(true) this.constraints = TaskConstraints(true)
this.callback = object : MatrixCallback<Unit> { this.callback = object : MatrixCallback<Unit> {
override fun onSuccess(data: Unit) { override fun onSuccess(data: Unit) {
Timber.i("## CrossSigning - signatures succesfuly uploaded") Timber.i("## CrossSigning - signatures successfully uploaded")
callback?.onSuccess(Unit) callback?.onSuccess(Unit)
} }
@ -293,23 +293,22 @@ internal class DefaultCrossSigningService @Inject constructor(
* *
* ALICE BOB * ALICE BOB
* *
* MSK MSK * MSK MSK
* *
* *
* SSK SSK * SSK
* *
* USK *
* USK (not visible by * USK
* Alice)
*
*
* BOB's Device
*
*/ */
override fun isUserTrusted(otherUserId: String): Boolean { override fun isUserTrusted(otherUserId: String): Boolean {
return cryptoStore.getCrossSigningInfo(userId)?.isTrusted() == true return cryptoStore.getCrossSigningInfo(userId)?.isTrusted() == true
} }
override fun isCrossSigningEnabled(): Boolean {
return checkSelfTrust().isVerified()
}
/** /**
* Will not force a download of the key, but will verify signatures trust chain * Will not force a download of the key, but will verify signatures trust chain
*/ */

19
matrix-sdk-android/src/main/java/im/vector/matrix/android/internal/crypto/verification/DefaultVerificationService.kt
View File

@ -601,7 +601,7 @@ internal class DefaultVerificationService @Inject constructor(
return return
} }
if (checkKeysAreDownloaded(event.senderId, readyReq.fromDevice ?: "") == null) { if (checkKeysAreDownloaded(event.senderId, readyReq.fromDevice ?: "") == null) {
Timber.e("## SAS Verification device ${readyReq.fromDevice} is not knwown") Timber.e("## SAS Verification device ${readyReq.fromDevice} is not known")
// TODO cancel? // TODO cancel?
return return
} }
@ -833,10 +833,19 @@ internal class DefaultVerificationService @Inject constructor(
otherUserId = otherUserId otherUserId = otherUserId
) )
// Add reciprocate method if application declares it can scan or show QR codes // We can SCAN or SHOW QR codes only if cross-signing is enabled
// Not sure if it ok to do that (?) val methodValues = if (crossSigningService.isCrossSigningEnabled()) {
val reciprocateMethod = methods.firstOrNull { it == VerificationMethod.QR_CODE_SCAN || it == VerificationMethod.QR_CODE_SHOW }?.let { listOf(VERIFICATION_METHOD_RECIPROCATE) }.orEmpty() // Add reciprocate method if application declares it can scan or show QR codes
val methodValues = (methods.map { it.toValue() } + reciprocateMethod).distinct() // Not sure if it ok to do that (?)
val reciprocateMethod = methods.firstOrNull { it == VerificationMethod.QR_CODE_SCAN || it == VerificationMethod.QR_CODE_SHOW }?.let { listOf(VERIFICATION_METHOD_RECIPROCATE) }.orEmpty()
methods.map { it.toValue() } + reciprocateMethod
} else {
// Filter out SCAN and SHOW qr code method
methods
.filter { it != VerificationMethod.QR_CODE_SHOW && it != VerificationMethod.QR_CODE_SCAN }
.map { it.toValue() }
}
.distinct()
transport.sendVerificationRequest(methodValues, localID, otherUserId, roomId) { syncedId, info -> transport.sendVerificationRequest(methodValues, localID, otherUserId, roomId) { syncedId, info ->
// We need to update with the syncedID // We need to update with the syncedID

2
matrix-sdk-android/src/main/java/im/vector/matrix/android/internal/crypto/verification/PendingVerificationRequest.kt
View File

@ -39,7 +39,9 @@ data class PendingVerificationRequest(
val cancelConclusion: CancelCode? = null, val cancelConclusion: CancelCode? = null,
val isSuccessful: Boolean = false, val isSuccessful: Boolean = false,
val handledByOtherSession: Boolean = false, val handledByOtherSession: Boolean = false,
// TODO Move to OutgoingQrCodeTransaction
val myGeneratedSecret: String? = null, val myGeneratedSecret: String? = null,
// TODO Move to OutgoingQrCodeTransaction
val qrCodeText: String? = null val qrCodeText: String? = null
) { ) {