feat(crypto): Add support for verification violation warnings
This commit is contained in:
parent
21e751e50f
commit
bb46dcb262
|
@ -221,7 +221,7 @@ dependencies {
|
|||
|
||||
implementation libs.google.phonenumber
|
||||
|
||||
implementation("org.matrix.rustcomponents:crypto-android:0.4.3")
|
||||
implementation("org.matrix.rustcomponents:crypto-android:0.5.0")
|
||||
// api project(":library:rustCrypto")
|
||||
|
||||
testImplementation libs.tests.junit
|
||||
|
|
|
@ -24,7 +24,6 @@ import org.junit.Assert.assertNotNull
|
|||
import org.junit.Assert.assertNull
|
||||
import org.junit.Assert.assertTrue
|
||||
import org.junit.Assert.fail
|
||||
import org.junit.Assume
|
||||
import org.junit.FixMethodOrder
|
||||
import org.junit.Test
|
||||
import org.junit.runner.RunWith
|
||||
|
@ -202,9 +201,6 @@ class XSigningTest : InstrumentedTest {
|
|||
val aliceSession = cryptoTestData.firstSession
|
||||
val bobSession = cryptoTestData.secondSession
|
||||
|
||||
// Remove when https://github.com/matrix-org/matrix-rust-sdk/issues/1129
|
||||
Assume.assumeTrue("Not yet supported by rust", aliceSession.cryptoService().name() != "rust-sdk")
|
||||
|
||||
val aliceAuthParams = UserPasswordAuth(
|
||||
user = aliceSession.myUserId,
|
||||
password = TestConstants.PASSWORD
|
||||
|
|
|
@ -29,7 +29,10 @@ internal class ComputeShieldForGroupUseCase @Inject constructor(
|
|||
val myIdentity = olmMachine.getIdentity(myUserId)
|
||||
val allTrustedUserIds = userIds
|
||||
.filter { userId ->
|
||||
olmMachine.getIdentity(userId)?.verified() == true
|
||||
val identity = olmMachine.getIdentity(userId)?.toMxCrossSigningInfo()
|
||||
identity?.isTrusted() == true ||
|
||||
// Always take into account users that was previously verified but are not anymore
|
||||
identity?.wasTrustedOnce == true
|
||||
}
|
||||
|
||||
return if (allTrustedUserIds.isEmpty()) {
|
||||
|
|
|
@ -66,7 +66,8 @@ internal class GetUserIdentityUseCase @Inject constructor(
|
|||
innerMachine = innerMachine,
|
||||
requestSender = requestSender,
|
||||
coroutineDispatchers = coroutineDispatchers,
|
||||
verificationRequestFactory = verificationRequestFactory
|
||||
verificationRequestFactory = verificationRequestFactory,
|
||||
hasVerificationViolation = identity.hasVerificationViolation
|
||||
)
|
||||
}
|
||||
is InnerUserIdentity.Own -> {
|
||||
|
@ -89,7 +90,8 @@ internal class GetUserIdentityUseCase @Inject constructor(
|
|||
innerMachine = innerMachine,
|
||||
requestSender = requestSender,
|
||||
coroutineDispatchers = coroutineDispatchers,
|
||||
verificationRequestFactory = verificationRequestFactory
|
||||
verificationRequestFactory = verificationRequestFactory,
|
||||
hasVerificationViolation = identity.hasVerificationViolation
|
||||
)
|
||||
}
|
||||
null -> null
|
||||
|
|
|
@ -84,7 +84,9 @@ import org.matrix.rustcomponents.sdk.crypto.ShieldState
|
|||
import org.matrix.rustcomponents.sdk.crypto.SignatureVerification
|
||||
import org.matrix.rustcomponents.sdk.crypto.setLogger
|
||||
import timber.log.Timber
|
||||
import uniffi.matrix_sdk_crypto.DecryptionSettings
|
||||
import uniffi.matrix_sdk_crypto.LocalTrust
|
||||
import uniffi.matrix_sdk_crypto.TrustRequirement
|
||||
import java.io.File
|
||||
import java.nio.charset.Charset
|
||||
import javax.inject.Inject
|
||||
|
@ -450,7 +452,12 @@ internal class OlmMachine @Inject constructor(
|
|||
}
|
||||
|
||||
val serializedEvent = adapter.toJson(event)
|
||||
val decrypted = inner.decryptRoomEvent(serializedEvent, event.roomId, false, false)
|
||||
val decrypted = inner.decryptRoomEvent(
|
||||
serializedEvent, event.roomId,
|
||||
handleVerificationEvents = false,
|
||||
strictShields = false,
|
||||
decryptionSettings = DecryptionSettings(TrustRequirement.UNTRUSTED)
|
||||
)
|
||||
|
||||
val deserializationAdapter =
|
||||
moshi.adapter<JsonDict>(Map::class.java)
|
||||
|
|
|
@ -58,7 +58,7 @@ internal class RustCrossSigningService @Inject constructor(
|
|||
* Checks that my trusted user key has signed the other user UserKey
|
||||
*/
|
||||
override suspend fun checkUserTrust(otherUserId: String): UserTrustResult {
|
||||
val identity = olmMachine.getIdentity(olmMachine.userId())
|
||||
val identity = olmMachine.getIdentity(otherUserId)
|
||||
|
||||
// While UserTrustResult has many different states, they are by the callers
|
||||
// converted to a boolean value immediately, thus we don't need to support
|
||||
|
|
|
@ -85,6 +85,7 @@ internal class OwnUserIdentity(
|
|||
private val requestSender: RequestSender,
|
||||
private val coroutineDispatchers: MatrixCoroutineDispatchers,
|
||||
private val verificationRequestFactory: VerificationRequest.Factory,
|
||||
private val hasVerificationViolation: Boolean
|
||||
) : UserIdentities() {
|
||||
/**
|
||||
* Our own user id.
|
||||
|
@ -157,8 +158,7 @@ internal class OwnUserIdentity(
|
|||
userSigningKey.trustLevel = trustLevel
|
||||
|
||||
val crossSigningKeys = listOf(masterKey, selfSigningKey, userSigningKey)
|
||||
// TODO https://github.com/matrix-org/matrix-rust-sdk/issues/1129
|
||||
return MXCrossSigningInfo(userId, crossSigningKeys, false)
|
||||
return MXCrossSigningInfo(userId, crossSigningKeys, hasVerificationViolation)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -175,6 +175,7 @@ internal class UserIdentity(
|
|||
private val requestSender: RequestSender,
|
||||
private val coroutineDispatchers: MatrixCoroutineDispatchers,
|
||||
private val verificationRequestFactory: VerificationRequest.Factory,
|
||||
private val hasVerificationViolation: Boolean
|
||||
) : UserIdentities() {
|
||||
/**
|
||||
* The unique ID of the user that this identity belongs to.
|
||||
|
@ -256,8 +257,7 @@ internal class UserIdentity(
|
|||
masterKey.also { it.trustLevel = trustLevel },
|
||||
selfSigningKey.also { it.trustLevel = trustLevel },
|
||||
),
|
||||
// TODO https://github.com/matrix-org/matrix-rust-sdk/issues/1129
|
||||
wasTrustedOnce = false
|
||||
wasTrustedOnce = hasVerificationViolation
|
||||
)
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue