mirror of
https://github.com/SchildiChat/SchildiChat-android.git
synced 2024-11-22 01:15:54 +03:00
Fix QR code login support in rust
This commit is contained in:
Valere
parent
1b3be240b3
commit
3b9daec869
7 changed files with 89 additions and 16 deletions
|
|
@ -136,6 +136,13 @@ internal class SecretShareManager @Inject constructor(
|
||||||
.w("handleSecretRequest() : malformed request norequestingDeviceId ")
|
.w("handleSecretRequest() : malformed request norequestingDeviceId ")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (request.requestingDeviceId == credentials.deviceId) {
|
||||||
|
return Unit.also {
|
||||||
|
Timber.tag(loggerTag.value)
|
||||||
|
.v("handleSecretRequest() : Ignore request from self device")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
val device = cryptoStore.getUserDevice(credentials.userId, deviceId)
|
val device = cryptoStore.getUserDevice(credentials.userId, deviceId)
|
||||||
?: return Unit.also {
|
?: return Unit.also {
|
||||||
Timber.tag(loggerTag.value)
|
Timber.tag(loggerTag.value)
|
||||||
|
|
@ -254,6 +261,37 @@ internal class SecretShareManager @Inject constructor(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
suspend fun requestMissingSecrets() {
|
||||||
|
// quick implementation for backward compatibility with rust, will request all secrets to all own devices
|
||||||
|
val secretNames = listOf(MASTER_KEY_SSSS_NAME, SELF_SIGNING_KEY_SSSS_NAME, USER_SIGNING_KEY_SSSS_NAME, KEYBACKUP_SECRET_SSSS_NAME)
|
||||||
|
|
||||||
|
secretNames.forEach { secretName ->
|
||||||
|
val toDeviceContent = SecretShareRequest(
|
||||||
|
requestingDeviceId = credentials.deviceId,
|
||||||
|
secretName = secretName,
|
||||||
|
requestId = createUniqueTxnId()
|
||||||
|
)
|
||||||
|
|
||||||
|
val contentMap = MXUsersDevicesMap<Any>()
|
||||||
|
contentMap.setObject(credentials.userId, "*", toDeviceContent)
|
||||||
|
|
||||||
|
val params = SendToDeviceTask.Params(
|
||||||
|
eventType = EventType.REQUEST_SECRET,
|
||||||
|
contentMap = contentMap
|
||||||
|
)
|
||||||
|
try {
|
||||||
|
withContext(coroutineDispatchers.io) {
|
||||||
|
sendToDeviceTask.execute(params)
|
||||||
|
}
|
||||||
|
Timber.tag(loggerTag.value)
|
||||||
|
.d("Secret request sent for $secretName")
|
||||||
|
} catch (failure: Throwable) {
|
||||||
|
Timber.tag(loggerTag.value)
|
||||||
|
.w("Failed to request secret $secretName")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
suspend fun onSecretSendReceived(toDevice: Event, handleGossip: ((name: String, value: String) -> Boolean)) {
|
suspend fun onSecretSendReceived(toDevice: Event, handleGossip: ((name: String, value: String) -> Boolean)) {
|
||||||
Timber.tag(loggerTag.value)
|
Timber.tag(loggerTag.value)
|
||||||
.i("onSecretSend() from ${toDevice.senderId} : onSecretSendReceived ${toDevice.content?.get("sender_key")}")
|
.i("onSecretSend() from ${toDevice.senderId} : onSecretSendReceived ${toDevice.content?.get("sender_key")}")
|
||||||
|
|
|
||||||
|
|
@ -34,10 +34,6 @@ import org.matrix.android.sdk.api.rendezvous.model.SecureRendezvousChannelAlgori
|
||||||
import org.matrix.android.sdk.api.rendezvous.transports.SimpleHttpRendezvousTransport
|
import org.matrix.android.sdk.api.rendezvous.transports.SimpleHttpRendezvousTransport
|
||||||
import org.matrix.android.sdk.api.session.Session
|
import org.matrix.android.sdk.api.session.Session
|
||||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
|
import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
|
||||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
|
|
||||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
|
|
||||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
|
|
||||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
|
|
||||||
import org.matrix.android.sdk.api.util.MatrixJsonParser
|
import org.matrix.android.sdk.api.util.MatrixJsonParser
|
||||||
import timber.log.Timber
|
import timber.log.Timber
|
||||||
|
|
||||||
|
|
@ -225,12 +221,7 @@ class Rendezvous(
|
||||||
// request secrets from the verifying device
|
// request secrets from the verifying device
|
||||||
Timber.tag(TAG).i("Requesting secrets from $verifyingDeviceId")
|
Timber.tag(TAG).i("Requesting secrets from $verifyingDeviceId")
|
||||||
|
|
||||||
session.sharedSecretStorageService().let {
|
session.sharedSecretStorageService().requestMissingSecrets()
|
||||||
it.requestSecret(MASTER_KEY_SSSS_NAME, verifyingDeviceId)
|
|
||||||
it.requestSecret(SELF_SIGNING_KEY_SSSS_NAME, verifyingDeviceId)
|
|
||||||
it.requestSecret(USER_SIGNING_KEY_SSSS_NAME, verifyingDeviceId)
|
|
||||||
it.requestSecret(KEYBACKUP_SECRET_SSSS_NAME, verifyingDeviceId)
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
Timber.tag(TAG).i("Not doing verification")
|
Timber.tag(TAG).i("Not doing verification")
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -135,5 +135,11 @@ interface SharedSecretStorageService {
|
||||||
|
|
||||||
fun checkShouldBeAbleToAccessSecrets(secretNames: List<String>, keyId: String?): IntegrityResult
|
fun checkShouldBeAbleToAccessSecrets(secretNames: List<String>, keyId: String?): IntegrityResult
|
||||||
|
|
||||||
|
@Deprecated("Requesting custom secrets not yet support by rust stack, prefer requestMissingSecrets")
|
||||||
suspend fun requestSecret(name: String, myOtherDeviceId: String)
|
suspend fun requestSecret(name: String, myOtherDeviceId: String)
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Request the missing local secrets to other sessions.
|
||||||
|
*/
|
||||||
|
suspend fun requestMissingSecrets()
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -385,7 +385,12 @@ internal class DefaultSharedSecretStorageService @Inject constructor(
|
||||||
return IntegrityResult.Success(keyInfo.content.passphrase != null)
|
return IntegrityResult.Success(keyInfo.content.passphrase != null)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Deprecated("Requesting custom secrets not yet support by rust stack, prefer requestMissingSecrets")
|
||||||
override suspend fun requestSecret(name: String, myOtherDeviceId: String) {
|
override suspend fun requestSecret(name: String, myOtherDeviceId: String) {
|
||||||
secretShareManager.requestSecretTo(myOtherDeviceId, name)
|
secretShareManager.requestSecretTo(myOtherDeviceId, name)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
override suspend fun requestMissingSecrets() {
|
||||||
|
secretShareManager.requestMissingSecrets()
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -76,6 +76,7 @@ import org.matrix.rustcomponents.sdk.crypto.DeviceLists
|
||||||
import org.matrix.rustcomponents.sdk.crypto.EncryptionSettings
|
import org.matrix.rustcomponents.sdk.crypto.EncryptionSettings
|
||||||
import org.matrix.rustcomponents.sdk.crypto.KeyRequestPair
|
import org.matrix.rustcomponents.sdk.crypto.KeyRequestPair
|
||||||
import org.matrix.rustcomponents.sdk.crypto.KeysImportResult
|
import org.matrix.rustcomponents.sdk.crypto.KeysImportResult
|
||||||
|
import org.matrix.rustcomponents.sdk.crypto.LocalTrust
|
||||||
import org.matrix.rustcomponents.sdk.crypto.Logger
|
import org.matrix.rustcomponents.sdk.crypto.Logger
|
||||||
import org.matrix.rustcomponents.sdk.crypto.MegolmV1BackupKey
|
import org.matrix.rustcomponents.sdk.crypto.MegolmV1BackupKey
|
||||||
import org.matrix.rustcomponents.sdk.crypto.Request
|
import org.matrix.rustcomponents.sdk.crypto.Request
|
||||||
|
|
@ -869,6 +870,11 @@ internal class OlmMachine @Inject constructor(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
suspend fun requestMissingSecretsFromOtherSessions(): Boolean {
|
||||||
|
return withContext(coroutineDispatchers.io) {
|
||||||
|
inner.queryMissingSecretsFromOtherSessions()
|
||||||
|
}
|
||||||
|
}
|
||||||
@Throws(CryptoStoreException::class)
|
@Throws(CryptoStoreException::class)
|
||||||
suspend fun enableBackupV1(key: String, version: String) {
|
suspend fun enableBackupV1(key: String, version: String) {
|
||||||
return withContext(coroutineDispatchers.computation) {
|
return withContext(coroutineDispatchers.computation) {
|
||||||
|
|
@ -934,4 +940,11 @@ internal class OlmMachine @Inject constructor(
|
||||||
inner.verifyBackup(serializedAuthData)
|
inner.verifyBackup(serializedAuthData)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Throws(CryptoStoreException::class)
|
||||||
|
suspend fun setDeviceLocalTrust(userId: String, deviceId: String, trusted: Boolean) {
|
||||||
|
withContext(coroutineDispatchers.io) {
|
||||||
|
inner.setLocalTrust(userId, deviceId, if (trusted) LocalTrust.VERIFIED else LocalTrust.UNSET)
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -31,6 +31,7 @@ import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
|
||||||
import org.matrix.android.sdk.api.auth.UserInteractiveAuthInterceptor
|
import org.matrix.android.sdk.api.auth.UserInteractiveAuthInterceptor
|
||||||
import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
|
import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
|
||||||
import org.matrix.android.sdk.api.crypto.MXCryptoConfig
|
import org.matrix.android.sdk.api.crypto.MXCryptoConfig
|
||||||
|
import org.matrix.android.sdk.api.extensions.orFalse
|
||||||
import org.matrix.android.sdk.api.extensions.tryOrNull
|
import org.matrix.android.sdk.api.extensions.tryOrNull
|
||||||
import org.matrix.android.sdk.api.listeners.ProgressListener
|
import org.matrix.android.sdk.api.listeners.ProgressListener
|
||||||
import org.matrix.android.sdk.api.logger.LoggerTag
|
import org.matrix.android.sdk.api.logger.LoggerTag
|
||||||
|
|
@ -536,7 +537,8 @@ internal class RustCryptoService @Inject constructor(
|
||||||
}
|
}
|
||||||
|
|
||||||
override suspend fun setDeviceVerification(trustLevel: DeviceTrustLevel, userId: String, deviceId: String) {
|
override suspend fun setDeviceVerification(trustLevel: DeviceTrustLevel, userId: String, deviceId: String) {
|
||||||
TODO("Not yet implemented")
|
Timber.w("Rust stack only support API to set local trust")
|
||||||
|
olmMachine.setDeviceLocalTrust(userId, deviceId, trustLevel.isLocallyVerified().orFalse())
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -16,15 +16,33 @@
|
||||||
|
|
||||||
package org.matrix.android.sdk.internal.crypto
|
package org.matrix.android.sdk.internal.crypto
|
||||||
|
|
||||||
import org.matrix.android.sdk.BuildConfig
|
import org.matrix.android.sdk.api.session.events.model.EventType
|
||||||
|
import org.matrix.android.sdk.internal.crypto.network.OutgoingRequestsProcessor
|
||||||
|
import org.matrix.rustcomponents.sdk.crypto.Request
|
||||||
import timber.log.Timber
|
import timber.log.Timber
|
||||||
import javax.inject.Inject
|
import javax.inject.Inject
|
||||||
|
import javax.inject.Provider
|
||||||
|
|
||||||
internal class SecretShareManager @Inject constructor() {
|
internal class SecretShareManager @Inject constructor(
|
||||||
|
private val olmMachine: Provider<OlmMachine>,
|
||||||
|
private val outgoingRequestsProcessor: OutgoingRequestsProcessor) {
|
||||||
|
|
||||||
suspend fun requestSecretTo(deviceId: String, secretName: String) {
|
suspend fun requestSecretTo(deviceId: String, secretName: String) {
|
||||||
// nop in rust?
|
Timber.v("SecretShareManager requesting $deviceId, $secretName")
|
||||||
if (BuildConfig.DEBUG) TODO("requestSecretTo Not implemented in Rust")
|
if (this.olmMachine.get().requestMissingSecretsFromOtherSessions()) {
|
||||||
Timber.e("SecretShareManager Not supported in rust $deviceId, $secretName")
|
// immediately send the requests
|
||||||
|
outgoingRequestsProcessor.processOutgoingRequests(this.olmMachine.get()) {
|
||||||
|
it is Request.ToDevice && it.eventType == EventType.REQUEST_SECRET
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
suspend fun requestMissingSecrets() {
|
||||||
|
this.olmMachine.get().requestMissingSecretsFromOtherSessions()
|
||||||
|
|
||||||
|
// immediately send the requests
|
||||||
|
outgoingRequestsProcessor.processOutgoingRequests(this.olmMachine.get()) {
|
||||||
|
it is Request.ToDevice && it.eventType == EventType.REQUEST_SECRET
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue