feat(crypto): Add support for verification violation warnings

This commit is contained in:
Valere 2024-10-31 18:17:37 +01:00
parent 21e751e50f
commit bb46dcb262
7 changed files with 22 additions and 14 deletions

View File

@ -221,7 +221,7 @@ dependencies {
implementation libs.google.phonenumber
implementation("org.matrix.rustcomponents:crypto-android:0.4.3")
implementation("org.matrix.rustcomponents:crypto-android:0.5.0")
// api project(":library:rustCrypto")
testImplementation libs.tests.junit

View File

@ -24,7 +24,6 @@ import org.junit.Assert.assertNotNull
import org.junit.Assert.assertNull
import org.junit.Assert.assertTrue
import org.junit.Assert.fail
import org.junit.Assume
import org.junit.FixMethodOrder
import org.junit.Test
import org.junit.runner.RunWith
@ -202,9 +201,6 @@ class XSigningTest : InstrumentedTest {
val aliceSession = cryptoTestData.firstSession
val bobSession = cryptoTestData.secondSession
// Remove when https://github.com/matrix-org/matrix-rust-sdk/issues/1129
Assume.assumeTrue("Not yet supported by rust", aliceSession.cryptoService().name() != "rust-sdk")
val aliceAuthParams = UserPasswordAuth(
user = aliceSession.myUserId,
password = TestConstants.PASSWORD

View File

@ -29,7 +29,10 @@ internal class ComputeShieldForGroupUseCase @Inject constructor(
val myIdentity = olmMachine.getIdentity(myUserId)
val allTrustedUserIds = userIds
.filter { userId ->
olmMachine.getIdentity(userId)?.verified() == true
val identity = olmMachine.getIdentity(userId)?.toMxCrossSigningInfo()
identity?.isTrusted() == true ||
// Always take into account users that was previously verified but are not anymore
identity?.wasTrustedOnce == true
}
return if (allTrustedUserIds.isEmpty()) {

View File

@ -66,7 +66,8 @@ internal class GetUserIdentityUseCase @Inject constructor(
innerMachine = innerMachine,
requestSender = requestSender,
coroutineDispatchers = coroutineDispatchers,
verificationRequestFactory = verificationRequestFactory
verificationRequestFactory = verificationRequestFactory,
hasVerificationViolation = identity.hasVerificationViolation
)
}
is InnerUserIdentity.Own -> {
@ -89,7 +90,8 @@ internal class GetUserIdentityUseCase @Inject constructor(
innerMachine = innerMachine,
requestSender = requestSender,
coroutineDispatchers = coroutineDispatchers,
verificationRequestFactory = verificationRequestFactory
verificationRequestFactory = verificationRequestFactory,
hasVerificationViolation = identity.hasVerificationViolation
)
}
null -> null

View File

@ -84,7 +84,9 @@ import org.matrix.rustcomponents.sdk.crypto.ShieldState
import org.matrix.rustcomponents.sdk.crypto.SignatureVerification
import org.matrix.rustcomponents.sdk.crypto.setLogger
import timber.log.Timber
import uniffi.matrix_sdk_crypto.DecryptionSettings
import uniffi.matrix_sdk_crypto.LocalTrust
import uniffi.matrix_sdk_crypto.TrustRequirement
import java.io.File
import java.nio.charset.Charset
import javax.inject.Inject
@ -450,7 +452,12 @@ internal class OlmMachine @Inject constructor(
}
val serializedEvent = adapter.toJson(event)
val decrypted = inner.decryptRoomEvent(serializedEvent, event.roomId, false, false)
val decrypted = inner.decryptRoomEvent(
serializedEvent, event.roomId,
handleVerificationEvents = false,
strictShields = false,
decryptionSettings = DecryptionSettings(TrustRequirement.UNTRUSTED)
)
val deserializationAdapter =
moshi.adapter<JsonDict>(Map::class.java)

View File

@ -58,7 +58,7 @@ internal class RustCrossSigningService @Inject constructor(
* Checks that my trusted user key has signed the other user UserKey
*/
override suspend fun checkUserTrust(otherUserId: String): UserTrustResult {
val identity = olmMachine.getIdentity(olmMachine.userId())
val identity = olmMachine.getIdentity(otherUserId)
// While UserTrustResult has many different states, they are by the callers
// converted to a boolean value immediately, thus we don't need to support

View File

@ -85,6 +85,7 @@ internal class OwnUserIdentity(
private val requestSender: RequestSender,
private val coroutineDispatchers: MatrixCoroutineDispatchers,
private val verificationRequestFactory: VerificationRequest.Factory,
private val hasVerificationViolation: Boolean
) : UserIdentities() {
/**
* Our own user id.
@ -157,8 +158,7 @@ internal class OwnUserIdentity(
userSigningKey.trustLevel = trustLevel
val crossSigningKeys = listOf(masterKey, selfSigningKey, userSigningKey)
// TODO https://github.com/matrix-org/matrix-rust-sdk/issues/1129
return MXCrossSigningInfo(userId, crossSigningKeys, false)
return MXCrossSigningInfo(userId, crossSigningKeys, hasVerificationViolation)
}
}
@ -175,6 +175,7 @@ internal class UserIdentity(
private val requestSender: RequestSender,
private val coroutineDispatchers: MatrixCoroutineDispatchers,
private val verificationRequestFactory: VerificationRequest.Factory,
private val hasVerificationViolation: Boolean
) : UserIdentities() {
/**
* The unique ID of the user that this identity belongs to.
@ -256,8 +257,7 @@ internal class UserIdentity(
masterKey.also { it.trustLevel = trustLevel },
selfSigningKey.also { it.trustLevel = trustLevel },
),
// TODO https://github.com/matrix-org/matrix-rust-sdk/issues/1129
wasTrustedOnce = false
wasTrustedOnce = hasVerificationViolation
)
}
}