mirrors/SchildiChat-android
1
0
Fork 0
mirror of https://github.com/SchildiChat/SchildiChat-android.git synced 2024-12-28 03:48:37 +03:00
Code Issues Projects Releases Packages Wiki Activity

Cleaning + fix copyright

Browse source
This commit is contained in:
Valere 2021-11-19 15:27:47 +01:00
parent c01998ddd3
commit a5c500cccd
6 changed files with 4 additions and 1200 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OlmMachineProvider.kt
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2021 New Vector Ltd * Copyright 2021 The Matrix.org Foundation C.I.C.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RequestSender.kt
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2021 New Vector Ltd * Copyright 2021 The Matrix.org Foundation C.I.C.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

807
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt
View file

@ -1,807 +0,0 @@
// /*
// * Copyright 2020 The Matrix.org Foundation C.I.C.
// *
// * Licensed under the Apache License, Version 2.0 (the "License");
// * you may not use this file except in compliance with the License.
// * You may obtain a copy of the License at
// *
// * http://www.apache.org/licenses/LICENSE-2.0
// *
// * Unless required by applicable law or agreed to in writing, software
// * distributed under the License is distributed on an "AS IS" BASIS,
// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// * See the License for the specific language governing permissions and
// * limitations under the License.
// */
//
// package org.matrix.android.sdk.internal.crypto.crosssigning
//
// import androidx.lifecycle.LiveData
// import androidx.work.BackoffPolicy
// import androidx.work.ExistingWorkPolicy
// import kotlinx.coroutines.CoroutineScope
// import kotlinx.coroutines.launch
// import org.matrix.android.sdk.api.MatrixCallback
// import org.matrix.android.sdk.api.auth.UserInteractiveAuthInterceptor
// import org.matrix.android.sdk.api.extensions.orFalse
// import org.matrix.android.sdk.api.session.crypto.crosssigning.CrossSigningService
// import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo
// import org.matrix.android.sdk.api.util.Optional
// import org.matrix.android.sdk.internal.crypto.DeviceListManager
// import org.matrix.android.sdk.internal.crypto.model.CryptoDeviceInfo
// import org.matrix.android.sdk.internal.crypto.model.rest.UploadSignatureQueryBuilder
// import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
// import org.matrix.android.sdk.internal.crypto.store.PrivateKeysInfo
// import org.matrix.android.sdk.internal.crypto.tasks.InitializeCrossSigningTask
// import org.matrix.android.sdk.internal.crypto.tasks.UploadSignaturesTask
// import org.matrix.android.sdk.internal.di.SessionId
// import org.matrix.android.sdk.internal.di.UserId
// import org.matrix.android.sdk.internal.di.WorkManagerProvider
// import org.matrix.android.sdk.internal.session.SessionScope
// import org.matrix.android.sdk.internal.task.TaskExecutor
// import org.matrix.android.sdk.internal.task.TaskThread
// import org.matrix.android.sdk.internal.task.configureWith
// import org.matrix.android.sdk.internal.util.JsonCanonicalizer
// import org.matrix.android.sdk.internal.util.MatrixCoroutineDispatchers
// import org.matrix.android.sdk.internal.util.logLimit
// import org.matrix.android.sdk.internal.worker.WorkerParamsFactory
// import org.matrix.olm.OlmPkSigning
// import org.matrix.olm.OlmUtility
// import timber.log.Timber
// import java.util.concurrent.TimeUnit
// import javax.inject.Inject
//
// @SessionScope
// internal class DefaultCrossSigningService @Inject constructor(
// @UserId private val userId: String,
// @SessionId private val sessionId: String,
// private val cryptoStore: IMXCryptoStore,
// private val deviceListManager: DeviceListManager,
// private val initializeCrossSigningTask: InitializeCrossSigningTask,
// private val uploadSignaturesTask: UploadSignaturesTask,
// private val taskExecutor: TaskExecutor,
// private val coroutineDispatchers: MatrixCoroutineDispatchers,
// private val cryptoCoroutineScope: CoroutineScope,
// private val workManagerProvider: WorkManagerProvider,
// private val updateTrustWorkerDataRepository: UpdateTrustWorkerDataRepository
// ) : CrossSigningService,
// DeviceListManager.UserDevicesUpdateListener {
//
// private var olmUtility: OlmUtility? = null
//
// private var masterPkSigning: OlmPkSigning? = null
// private var userPkSigning: OlmPkSigning? = null
// private var selfSigningPkSigning: OlmPkSigning? = null
//
// init {
// try {
// olmUtility = OlmUtility()
//
// // Try to get stored keys if they exist
// cryptoStore.getMyCrossSigningInfo()?.let { mxCrossSigningInfo ->
// Timber.i("## CrossSigning - Found Existing self signed keys")
// Timber.i("## CrossSigning - Checking if private keys are known")
//
// cryptoStore.getCrossSigningPrivateKeys()?.let { privateKeysInfo ->
// privateKeysInfo.master
// ?.fromBase64()
// ?.let { privateKeySeed ->
// val pkSigning = OlmPkSigning()
// if (pkSigning.initWithSeed(privateKeySeed) == mxCrossSigningInfo.masterKey()?.unpaddedBase64PublicKey) {
// masterPkSigning = pkSigning
// Timber.i("## CrossSigning - Loading master key success")
// } else {
// Timber.w("## CrossSigning - Public master key does not match the private key")
// pkSigning.releaseSigning()
// // TODO untrust?
// }
// }
// privateKeysInfo.user
// ?.fromBase64()
// ?.let { privateKeySeed ->
// val pkSigning = OlmPkSigning()
// if (pkSigning.initWithSeed(privateKeySeed) == mxCrossSigningInfo.userKey()?.unpaddedBase64PublicKey) {
// userPkSigning = pkSigning
// Timber.i("## CrossSigning - Loading User Signing key success")
// } else {
// Timber.w("## CrossSigning - Public User key does not match the private key")
// pkSigning.releaseSigning()
// // TODO untrust?
// }
// }
// privateKeysInfo.selfSigned
// ?.fromBase64()
// ?.let { privateKeySeed ->
// val pkSigning = OlmPkSigning()
// if (pkSigning.initWithSeed(privateKeySeed) == mxCrossSigningInfo.selfSigningKey()?.unpaddedBase64PublicKey) {
// selfSigningPkSigning = pkSigning
// Timber.i("## CrossSigning - Loading Self Signing key success")
// } else {
// Timber.w("## CrossSigning - Public Self Signing key does not match the private key")
// pkSigning.releaseSigning()
// // TODO untrust?
// }
// }
// }
//
// // Recover local trust in case private key are there?
// setUserKeysAsTrusted(userId, checkUserTrust(userId).isVerified())
// }
// } catch (e: Throwable) {
// // Mmm this kind of a big issue
// Timber.e(e, "Failed to initialize Cross Signing")
// }
//
// deviceListManager.addListener(this)
// }
//
// fun release() {
// olmUtility?.releaseUtility()
// listOf(masterPkSigning, userPkSigning, selfSigningPkSigning).forEach { it?.releaseSigning() }
// deviceListManager.removeListener(this)
// }
//
// protected fun finalize() {
// release()
// }
//
// /**
// * - Make 3 key pairs (MSK, USK, SSK)
// * - Save the private keys with proper security
// * - Sign the keys and upload them
// * - Sign the current device with SSK and sign MSK with device key (migration) and upload signatures
// */
// override fun initializeCrossSigning(uiaInterceptor: UserInteractiveAuthInterceptor?, callback: MatrixCallback<Unit>) {
// Timber.d("## CrossSigning initializeCrossSigning")
//
// val params = InitializeCrossSigningTask.Params(
// interactiveAuthInterceptor = uiaInterceptor
// )
// initializeCrossSigningTask.configureWith(params) {
// this.callbackThread = TaskThread.CRYPTO
// this.callback = object : MatrixCallback<InitializeCrossSigningTask.Result> {
// override fun onFailure(failure: Throwable) {
// Timber.e(failure, "Error in initializeCrossSigning()")
// callback.onFailure(failure)
// }
//
// override fun onSuccess(data: InitializeCrossSigningTask.Result) {
// val crossSigningInfo = MXCrossSigningInfo(userId, listOf(data.masterKeyInfo, data.userKeyInfo, data.selfSignedKeyInfo))
// cryptoStore.setMyCrossSigningInfo(crossSigningInfo)
// setUserKeysAsTrusted(userId, true)
// cryptoStore.storePrivateKeysInfo(data.masterKeyPK, data.userKeyPK, data.selfSigningKeyPK)
// masterPkSigning = OlmPkSigning().apply { initWithSeed(data.masterKeyPK.fromBase64()) }
// userPkSigning = OlmPkSigning().apply { initWithSeed(data.userKeyPK.fromBase64()) }
// selfSigningPkSigning = OlmPkSigning().apply { initWithSeed(data.selfSigningKeyPK.fromBase64()) }
//
// callback.onSuccess(Unit)
// }
// }
// }.executeBy(taskExecutor)
// }
//
// override fun onSecretMSKGossip(mskPrivateKey: String) {
// Timber.i("## CrossSigning - onSecretSSKGossip")
// val mxCrossSigningInfo = getMyCrossSigningKeys() ?: return Unit.also {
// Timber.e("## CrossSigning - onSecretMSKGossip() received secret but public key is not known")
// }
//
// mskPrivateKey.fromBase64()
// .let { privateKeySeed ->
// val pkSigning = OlmPkSigning()
// try {
// if (pkSigning.initWithSeed(privateKeySeed) == mxCrossSigningInfo.masterKey()?.unpaddedBase64PublicKey) {
// masterPkSigning?.releaseSigning()
// masterPkSigning = pkSigning
// Timber.i("## CrossSigning - Loading MSK success")
// cryptoStore.storeMSKPrivateKey(mskPrivateKey)
// return
// } else {
// Timber.e("## CrossSigning - onSecretMSKGossip() private key do not match public key")
// pkSigning.releaseSigning()
// }
// } catch (failure: Throwable) {
// Timber.e("## CrossSigning - onSecretMSKGossip() ${failure.localizedMessage}")
// pkSigning.releaseSigning()
// }
// }
// }
//
// override fun onSecretSSKGossip(sskPrivateKey: String) {
// Timber.i("## CrossSigning - onSecretSSKGossip")
// val mxCrossSigningInfo = getMyCrossSigningKeys() ?: return Unit.also {
// Timber.e("## CrossSigning - onSecretSSKGossip() received secret but public key is not known")
// }
//
// sskPrivateKey.fromBase64()
// .let { privateKeySeed ->
// val pkSigning = OlmPkSigning()
// try {
// if (pkSigning.initWithSeed(privateKeySeed) == mxCrossSigningInfo.selfSigningKey()?.unpaddedBase64PublicKey) {
// selfSigningPkSigning?.releaseSigning()
// selfSigningPkSigning = pkSigning
// Timber.i("## CrossSigning - Loading SSK success")
// cryptoStore.storeSSKPrivateKey(sskPrivateKey)
// return
// } else {
// Timber.e("## CrossSigning - onSecretSSKGossip() private key do not match public key")
// pkSigning.releaseSigning()
// }
// } catch (failure: Throwable) {
// Timber.e("## CrossSigning - onSecretSSKGossip() ${failure.localizedMessage}")
// pkSigning.releaseSigning()
// }
// }
// }
//
// override fun onSecretUSKGossip(uskPrivateKey: String) {
// Timber.i("## CrossSigning - onSecretUSKGossip")
// val mxCrossSigningInfo = getMyCrossSigningKeys() ?: return Unit.also {
// Timber.e("## CrossSigning - onSecretUSKGossip() received secret but public key is not knwow ")
// }
//
// uskPrivateKey.fromBase64()
// .let { privateKeySeed ->
// val pkSigning = OlmPkSigning()
// try {
// if (pkSigning.initWithSeed(privateKeySeed) == mxCrossSigningInfo.userKey()?.unpaddedBase64PublicKey) {
// userPkSigning?.releaseSigning()
// userPkSigning = pkSigning
// Timber.i("## CrossSigning - Loading USK success")
// cryptoStore.storeUSKPrivateKey(uskPrivateKey)
// return
// } else {
// Timber.e("## CrossSigning - onSecretUSKGossip() private key do not match public key")
// pkSigning.releaseSigning()
// }
// } catch (failure: Throwable) {
// pkSigning.releaseSigning()
// }
// }
// }
//
// override fun checkTrustFromPrivateKeys(masterKeyPrivateKey: String?,
// uskKeyPrivateKey: String?,
// sskPrivateKey: String?
// ): UserTrustResult {
// val mxCrossSigningInfo = getMyCrossSigningKeys() ?: return UserTrustResult.CrossSigningNotConfigured(userId)
//
// var masterKeyIsTrusted = false
// var userKeyIsTrusted = false
// var selfSignedKeyIsTrusted = false
//
// masterKeyPrivateKey?.fromBase64()
// ?.let { privateKeySeed ->
// val pkSigning = OlmPkSigning()
// try {
// if (pkSigning.initWithSeed(privateKeySeed) == mxCrossSigningInfo.masterKey()?.unpaddedBase64PublicKey) {
// masterPkSigning?.releaseSigning()
// masterPkSigning = pkSigning
// masterKeyIsTrusted = true
// Timber.i("## CrossSigning - Loading master key success")
// } else {
// pkSigning.releaseSigning()
// }
// } catch (failure: Throwable) {
// pkSigning.releaseSigning()
// }
// }
//
// uskKeyPrivateKey?.fromBase64()
// ?.let { privateKeySeed ->
// val pkSigning = OlmPkSigning()
// try {
// if (pkSigning.initWithSeed(privateKeySeed) == mxCrossSigningInfo.userKey()?.unpaddedBase64PublicKey) {
// userPkSigning?.releaseSigning()
// userPkSigning = pkSigning
// userKeyIsTrusted = true
// Timber.i("## CrossSigning - Loading master key success")
// } else {
// pkSigning.releaseSigning()
// }
// } catch (failure: Throwable) {
// pkSigning.releaseSigning()
// }
// }
//
// sskPrivateKey?.fromBase64()
// ?.let { privateKeySeed ->
// val pkSigning = OlmPkSigning()
// try {
// if (pkSigning.initWithSeed(privateKeySeed) == mxCrossSigningInfo.selfSigningKey()?.unpaddedBase64PublicKey) {
// selfSigningPkSigning?.releaseSigning()
// selfSigningPkSigning = pkSigning
// selfSignedKeyIsTrusted = true
// Timber.i("## CrossSigning - Loading master key success")
// } else {
// pkSigning.releaseSigning()
// }
// } catch (failure: Throwable) {
// pkSigning.releaseSigning()
// }
// }
//
// if (!masterKeyIsTrusted || !userKeyIsTrusted || !selfSignedKeyIsTrusted) {
// return UserTrustResult.KeysNotTrusted(mxCrossSigningInfo)
// } else {
// cryptoStore.markMyMasterKeyAsLocallyTrusted(true)
// val checkSelfTrust = checkSelfTrust()
// if (checkSelfTrust.isVerified()) {
// cryptoStore.storePrivateKeysInfo(masterKeyPrivateKey, uskKeyPrivateKey, sskPrivateKey)
// setUserKeysAsTrusted(userId, true)
// }
// return checkSelfTrust
// }
// }
//
// /**
// *
// * ┏━━━━━━━━┓ ┏━━━━━━━━┓
// * ┃ ALICE ┃ ┃ BOB ┃
// * ┗━━━━━━━━┛ ┗━━━━━━━━┛
// * MSK ┌────────────▶ MSK
// * │
// * │ │
// * │ SSK │
// * │ │
// * │ │
// * └──▶ USK ────────────┘
// */
// override fun isUserTrusted(otherUserId: String): Boolean {
// return cryptoStore.getCrossSigningInfo(userId)?.isTrusted() == true
// }
//
// override fun isCrossSigningVerified(): Boolean {
// return checkSelfTrust().isVerified()
// }
//
// /**
// * Will not force a download of the key, but will verify signatures trust chain
// */
// override fun checkUserTrust(otherUserId: String): UserTrustResult {
// Timber.v("## CrossSigning checkUserTrust for $otherUserId")
// if (otherUserId == userId) {
// return checkSelfTrust()
// }
// // I trust a user if I trust his master key
// // I can trust the master key if it is signed by my user key
// // TODO what if the master key is signed by a device key that i have verified
//
// // First let's get my user key
// val myCrossSigningInfo = cryptoStore.getCrossSigningInfo(userId)
//
// checkOtherMSKTrusted(myCrossSigningInfo, cryptoStore.getCrossSigningInfo(otherUserId))
//
// return UserTrustResult.Success
// }
//
// fun checkOtherMSKTrusted(myCrossSigningInfo: MXCrossSigningInfo?, otherInfo: MXCrossSigningInfo?): UserTrustResult {
// val myUserKey = myCrossSigningInfo?.userKey()
// ?: return UserTrustResult.CrossSigningNotConfigured(userId)
//
// if (!myCrossSigningInfo.isTrusted()) {
// return UserTrustResult.KeysNotTrusted(myCrossSigningInfo)
// }
//
// // Let's get the other user master key
// val otherMasterKey = otherInfo?.masterKey()
// ?: return UserTrustResult.UnknownCrossSignatureInfo(otherInfo?.userId ?: "")
//
// val masterKeySignaturesMadeByMyUserKey = otherMasterKey.signatures
// ?.get(userId) // Signatures made by me
// ?.get("ed25519:${myUserKey.unpaddedBase64PublicKey}")
//
// if (masterKeySignaturesMadeByMyUserKey.isNullOrBlank()) {
// Timber.d("## CrossSigning checkUserTrust false for ${otherInfo.userId}, not signed by my UserSigningKey")
// return UserTrustResult.KeyNotSigned(otherMasterKey)
// }
//
// // Check that Alice USK signature of Bob MSK is valid
// try {
// olmUtility!!.verifyEd25519Signature(masterKeySignaturesMadeByMyUserKey, myUserKey.unpaddedBase64PublicKey, otherMasterKey.canonicalSignable())
// } catch (failure: Throwable) {
// return UserTrustResult.InvalidSignature(myUserKey, masterKeySignaturesMadeByMyUserKey)
// }
//
// return UserTrustResult.Success
// }
//
// private fun checkSelfTrust(): UserTrustResult {
// // Special case when it's me,
// // I have to check that MSK -> USK -> SSK
// // and that MSK is trusted (i know the private key, or is signed by a trusted device)
// val myCrossSigningInfo = cryptoStore.getCrossSigningInfo(userId)
//
// return checkSelfTrust(myCrossSigningInfo, cryptoStore.getUserDeviceList(userId))
// }
//
// fun checkSelfTrust(myCrossSigningInfo: MXCrossSigningInfo?, myDevices: List<CryptoDeviceInfo>?): UserTrustResult {
// // Special case when it's me,
// // I have to check that MSK -> USK -> SSK
// // and that MSK is trusted (i know the private key, or is signed by a trusted device)
// // val myCrossSigningInfo = cryptoStore.getCrossSigningInfo(userId)
//
// val myMasterKey = myCrossSigningInfo?.masterKey()
// ?: return UserTrustResult.CrossSigningNotConfigured(userId)
//
// // Is the master key trusted
// // 1) check if I know the private key
// val masterPrivateKey = cryptoStore.getCrossSigningPrivateKeys()
// ?.master
// ?.fromBase64()
//
// var isMaterKeyTrusted = false
// if (myMasterKey.trustLevel?.locallyVerified == true) {
// isMaterKeyTrusted = true
// } else if (masterPrivateKey != null) {
// // Check if private match public
// var olmPkSigning: OlmPkSigning? = null
// try {
// olmPkSigning = OlmPkSigning()
// val expectedPK = olmPkSigning.initWithSeed(masterPrivateKey)
// isMaterKeyTrusted = myMasterKey.unpaddedBase64PublicKey == expectedPK
// } catch (failure: Throwable) {
// Timber.e(failure)
// }
// olmPkSigning?.releaseSigning()
// } else {
// // Maybe it's signed by a locally trusted device?
// myMasterKey.signatures?.get(userId)?.forEach { (key, value) ->
// val potentialDeviceId = key.removePrefix("ed25519:")
// val potentialDevice = myDevices?.firstOrNull { it.deviceId == potentialDeviceId } // cryptoStore.getUserDevice(userId, potentialDeviceId)
// if (potentialDevice != null && potentialDevice.isVerified) {
// // Check signature validity?
// try {
// olmUtility?.verifyEd25519Signature(value, potentialDevice.fingerprint(), myMasterKey.canonicalSignable())
// isMaterKeyTrusted = true
// return@forEach
// } catch (failure: Throwable) {
// // log
// Timber.w(failure, "Signature not valid?")
// }
// }
// }
// }
//
// if (!isMaterKeyTrusted) {
// return UserTrustResult.KeysNotTrusted(myCrossSigningInfo)
// }
//
// val myUserKey = myCrossSigningInfo.userKey()
// ?: return UserTrustResult.CrossSigningNotConfigured(userId)
//
// val userKeySignaturesMadeByMyMasterKey = myUserKey.signatures
// ?.get(userId) // Signatures made by me
// ?.get("ed25519:${myMasterKey.unpaddedBase64PublicKey}")
//
// if (userKeySignaturesMadeByMyMasterKey.isNullOrBlank()) {
// Timber.d("## CrossSigning checkUserTrust false for $userId, USK not signed by MSK")
// return UserTrustResult.KeyNotSigned(myUserKey)
// }
//
// // Check that Alice USK signature of Alice MSK is valid
// try {
// olmUtility!!.verifyEd25519Signature(userKeySignaturesMadeByMyMasterKey, myMasterKey.unpaddedBase64PublicKey, myUserKey.canonicalSignable())
// } catch (failure: Throwable) {
// return UserTrustResult.InvalidSignature(myUserKey, userKeySignaturesMadeByMyMasterKey)
// }
//
// val mySSKey = myCrossSigningInfo.selfSigningKey()
// ?: return UserTrustResult.CrossSigningNotConfigured(userId)
//
// val ssKeySignaturesMadeByMyMasterKey = mySSKey.signatures
// ?.get(userId) // Signatures made by me
// ?.get("ed25519:${myMasterKey.unpaddedBase64PublicKey}")
//
// if (ssKeySignaturesMadeByMyMasterKey.isNullOrBlank()) {
// Timber.d("## CrossSigning checkUserTrust false for $userId, SSK not signed by MSK")
// return UserTrustResult.KeyNotSigned(mySSKey)
// }
//
// // Check that Alice USK signature of Alice MSK is valid
// try {
// olmUtility!!.verifyEd25519Signature(ssKeySignaturesMadeByMyMasterKey, myMasterKey.unpaddedBase64PublicKey, mySSKey.canonicalSignable())
// } catch (failure: Throwable) {
// return UserTrustResult.InvalidSignature(mySSKey, ssKeySignaturesMadeByMyMasterKey)
// }
//
// return UserTrustResult.Success
// }
//
// override fun getUserCrossSigningKeys(otherUserId: String): MXCrossSigningInfo? {
// return cryptoStore.getCrossSigningInfo(otherUserId)
// }
//
// override fun getLiveCrossSigningKeys(userId: String): LiveData<Optional<MXCrossSigningInfo>> {
// return cryptoStore.getLiveCrossSigningInfo(userId)
// }
//
// override fun getMyCrossSigningKeys(): MXCrossSigningInfo? {
// return cryptoStore.getMyCrossSigningInfo()
// }
//
// override fun getCrossSigningPrivateKeys(): PrivateKeysInfo? {
// return cryptoStore.getCrossSigningPrivateKeys()
// }
//
// override fun getLiveCrossSigningPrivateKeys(): LiveData<Optional<PrivateKeysInfo>> {
// return cryptoStore.getLiveCrossSigningPrivateKeys()
// }
//
// override fun canCrossSign(): Boolean {
// return checkSelfTrust().isVerified() && cryptoStore.getCrossSigningPrivateKeys()?.selfSigned != null
// && cryptoStore.getCrossSigningPrivateKeys()?.user != null
// }
//
// override fun allPrivateKeysKnown(): Boolean {
// return checkSelfTrust().isVerified()
// && cryptoStore.getCrossSigningPrivateKeys()?.allKnown().orFalse()
// }
//
// override fun trustUser(otherUserId: String, callback: MatrixCallback<Unit>) {
// cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
// Timber.d("## CrossSigning - Mark user $userId as trusted ")
// // We should have this user keys
// val otherMasterKeys = getUserCrossSigningKeys(otherUserId)?.masterKey()
// if (otherMasterKeys == null) {
// callback.onFailure(Throwable("## CrossSigning - Other master signing key is not known"))
// return@launch
// }
// val myKeys = getUserCrossSigningKeys(userId)
// if (myKeys == null) {
// callback.onFailure(Throwable("## CrossSigning - CrossSigning is not setup for this account"))
// return@launch
// }
// val userPubKey = myKeys.userKey()?.unpaddedBase64PublicKey
// if (userPubKey == null || userPkSigning == null) {
// callback.onFailure(Throwable("## CrossSigning - Cannot sign from this account, privateKeyUnknown $userPubKey"))
// return@launch
// }
//
// // Sign the other MasterKey with our UserSigning key
// val newSignature = JsonCanonicalizer.getCanonicalJson(Map::class.java,
// otherMasterKeys.signalableJSONDictionary()).let { userPkSigning?.sign(it) }
//
// if (newSignature == null) {
// // race??
// callback.onFailure(Throwable("## CrossSigning - Failed to sign"))
// return@launch
// }
//
// cryptoStore.setUserKeysAsTrusted(otherUserId, true)
// // TODO update local copy with new signature directly here? kind of local echo of trust?
//
// Timber.d("## CrossSigning - Upload signature of $userId MSK signed by USK")
// val uploadQuery = UploadSignatureQueryBuilder()
// .withSigningKeyInfo(otherMasterKeys.copyForSignature(userId, userPubKey, newSignature))
// .build()
// uploadSignaturesTask.configureWith(UploadSignaturesTask.Params(uploadQuery)) {
// this.executionThread = TaskThread.CRYPTO
// this.callback = callback
// }.executeBy(taskExecutor)
// }
// }
//
// override fun markMyMasterKeyAsTrusted() {
// cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
// cryptoStore.markMyMasterKeyAsLocallyTrusted(true)
// checkSelfTrust()
// // re-verify all trusts
// onUsersDeviceUpdate(listOf(userId))
// }
// }
//
// override fun trustDevice(deviceId: String, callback: MatrixCallback<Unit>) {
// cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
// // This device should be yours
// val device = cryptoStore.getUserDevice(userId, deviceId)
// if (device == null) {
// callback.onFailure(IllegalArgumentException("This device [$deviceId] is not known, or not yours"))
// return@launch
// }
//
// val myKeys = getUserCrossSigningKeys(userId)
// if (myKeys == null) {
// callback.onFailure(Throwable("CrossSigning is not setup for this account"))
// return@launch
// }
//
// val ssPubKey = myKeys.selfSigningKey()?.unpaddedBase64PublicKey
// if (ssPubKey == null || selfSigningPkSigning == null) {
// callback.onFailure(Throwable("Cannot sign from this account, public and/or privateKey Unknown $ssPubKey"))
// return@launch
// }
//
// // Sign with self signing
// val newSignature = selfSigningPkSigning?.sign(device.canonicalSignable())
//
// if (newSignature == null) {
// // race??
// callback.onFailure(Throwable("Failed to sign"))
// return@launch
// }
// val toUpload = device.copy(
// signatures = mapOf(
// userId
// to
// mapOf(
// "ed25519:$ssPubKey" to newSignature
// )
// )
// )
//
// val uploadQuery = UploadSignatureQueryBuilder()
// .withDeviceInfo(toUpload)
// .build()
// uploadSignaturesTask.configureWith(UploadSignaturesTask.Params(uploadQuery)) {
// this.executionThread = TaskThread.CRYPTO
// this.callback = callback
// }.executeBy(taskExecutor)
// }
// }
//
// override fun checkDeviceTrust(otherUserId: String, otherDeviceId: String, locallyTrusted: Boolean?): DeviceTrustResult {
// val otherDevice = cryptoStore.getUserDevice(otherUserId, otherDeviceId)
// ?: return DeviceTrustResult.UnknownDevice(otherDeviceId)
//
// val myKeys = getUserCrossSigningKeys(userId)
// ?: return legacyFallbackTrust(locallyTrusted, DeviceTrustResult.CrossSigningNotConfigured(userId))
//
// if (!myKeys.isTrusted()) return legacyFallbackTrust(locallyTrusted, DeviceTrustResult.KeysNotTrusted(myKeys))
//
// val otherKeys = getUserCrossSigningKeys(otherUserId)
// ?: return legacyFallbackTrust(locallyTrusted, DeviceTrustResult.CrossSigningNotConfigured(otherUserId))
//
// // TODO should we force verification ?
// if (!otherKeys.isTrusted()) return legacyFallbackTrust(locallyTrusted, DeviceTrustResult.KeysNotTrusted(otherKeys))
//
// // Check if the trust chain is valid
// /*
// * ┏━━━━━━━━┓ ┏━━━━━━━━┓
// * ┃ ALICE ┃ ┃ BOB ┃
// * ┗━━━━━━━━┛ ┗━━━━━━━━┛
// * MSK ┌────────────▶MSK
// * │
// * │ │ │
// * │ SSK │ └──▶ SSK ──────────────────┐
// * │ │ │
// * │ │ USK │
// * └──▶ USK ────────────┘ (not visible by │
// * Alice) │
// * ▼
// * ┌──────────────┐
// * │ BOB's Device │
// * └──────────────┘
// */
//
// val otherSSKSignature = otherDevice.signatures?.get(otherUserId)?.get("ed25519:${otherKeys.selfSigningKey()?.unpaddedBase64PublicKey}")
// ?: return legacyFallbackTrust(
// locallyTrusted,
// DeviceTrustResult.MissingDeviceSignature(otherDeviceId, otherKeys.selfSigningKey()
// ?.unpaddedBase64PublicKey
// ?: ""
// )
// )
//
// // Check bob's device is signed by bob's SSK
// try {
// olmUtility!!.verifyEd25519Signature(otherSSKSignature, otherKeys.selfSigningKey()?.unpaddedBase64PublicKey, otherDevice.canonicalSignable())
// } catch (e: Throwable) {
// return legacyFallbackTrust(locallyTrusted, DeviceTrustResult.InvalidDeviceSignature(otherDeviceId, otherSSKSignature, e))
// }
//
// return DeviceTrustResult.Success(DeviceTrustLevel(crossSigningVerified = true, locallyVerified = locallyTrusted))
// }
//
// fun checkDeviceTrust(myKeys: MXCrossSigningInfo?, otherKeys: MXCrossSigningInfo?, otherDevice: CryptoDeviceInfo): DeviceTrustResult {
// val locallyTrusted = otherDevice.trustLevel?.isLocallyVerified()
// myKeys ?: return legacyFallbackTrust(locallyTrusted, DeviceTrustResult.CrossSigningNotConfigured(userId))
//
// if (!myKeys.isTrusted()) return legacyFallbackTrust(locallyTrusted, DeviceTrustResult.KeysNotTrusted(myKeys))
//
// otherKeys ?: return legacyFallbackTrust(locallyTrusted, DeviceTrustResult.CrossSigningNotConfigured(otherDevice.userId))
//
// // TODO should we force verification ?
// if (!otherKeys.isTrusted()) return legacyFallbackTrust(locallyTrusted, DeviceTrustResult.KeysNotTrusted(otherKeys))
//
// // Check if the trust chain is valid
// /*
// * ┏━━━━━━━━┓ ┏━━━━━━━━┓
// * ┃ ALICE ┃ ┃ BOB ┃
// * ┗━━━━━━━━┛ ┗━━━━━━━━┛
// * MSK ┌────────────▶MSK
// * │
// * │ │ │
// * │ SSK │ └──▶ SSK ──────────────────┐
// * │ │ │
// * │ │ USK │
// * └──▶ USK ────────────┘ (not visible by │
// * Alice) │
// * ▼
// * ┌──────────────┐
// * │ BOB's Device │
// * └──────────────┘
// */
//
// val otherSSKSignature = otherDevice.signatures?.get(otherKeys.userId)?.get("ed25519:${otherKeys.selfSigningKey()?.unpaddedBase64PublicKey}")
// ?: return legacyFallbackTrust(
// locallyTrusted,
// DeviceTrustResult.MissingDeviceSignature(otherDevice.deviceId, otherKeys.selfSigningKey()
// ?.unpaddedBase64PublicKey
// ?: ""
// )
// )
//
// // Check bob's device is signed by bob's SSK
// try {
// olmUtility!!.verifyEd25519Signature(otherSSKSignature, otherKeys.selfSigningKey()?.unpaddedBase64PublicKey, otherDevice.canonicalSignable())
// } catch (e: Throwable) {
// return legacyFallbackTrust(locallyTrusted, DeviceTrustResult.InvalidDeviceSignature(otherDevice.deviceId, otherSSKSignature, e))
// }
//
// return DeviceTrustResult.Success(DeviceTrustLevel(crossSigningVerified = true, locallyVerified = locallyTrusted))
// }
//
// private fun legacyFallbackTrust(locallyTrusted: Boolean?, crossSignTrustFail: DeviceTrustResult): DeviceTrustResult {
// return if (locallyTrusted == true) {
// DeviceTrustResult.Success(DeviceTrustLevel(crossSigningVerified = false, locallyVerified = true))
// } else {
// crossSignTrustFail
// }
// }
//
// override fun onUsersDeviceUpdate(userIds: List<String>) {
// Timber.d("## CrossSigning - onUsersDeviceUpdate for users: ${userIds.logLimit()}")
// val workerParams = UpdateTrustWorker.Params(
// sessionId = sessionId,
// filename = updateTrustWorkerDataRepository.createParam(userIds)
// )
// val workerData = WorkerParamsFactory.toData(workerParams)
//
// val workRequest = workManagerProvider.matrixOneTimeWorkRequestBuilder<UpdateTrustWorker>()
// .setInputData(workerData)
// .setBackoffCriteria(BackoffPolicy.LINEAR, WorkManagerProvider.BACKOFF_DELAY_MILLIS, TimeUnit.MILLISECONDS)
// .build()
//
// workManagerProvider.workManager
// .beginUniqueWork("TRUST_UPDATE_QUEUE", ExistingWorkPolicy.APPEND_OR_REPLACE, workRequest)
// .enqueue()
// }
//
// private fun setUserKeysAsTrusted(otherUserId: String, trusted: Boolean) {
// val currentTrust = cryptoStore.getCrossSigningInfo(otherUserId)?.isTrusted()
// cryptoStore.setUserKeysAsTrusted(otherUserId, trusted)
// // If it's me, recheck trust of all users and devices?
// val users = ArrayList<String>()
// if (otherUserId == userId && currentTrust != trusted) {
// // reRequestAllPendingRoomKeyRequest()
// cryptoStore.updateUsersTrust {
// users.add(it)
// checkUserTrust(it).isVerified()
// }
//
// users.forEach {
// cryptoStore.getUserDeviceList(it)?.forEach { device ->
// val updatedTrust = checkDeviceTrust(it, device.deviceId, device.trustLevel?.isLocallyVerified() ?: false)
// Timber.v("## CrossSigning - update trust for device ${device.deviceId} of user $otherUserId , verified=$updatedTrust")
// cryptoStore.setDeviceTrust(it, device.deviceId, updatedTrust.isCrossSignedVerified(), updatedTrust.isLocallyVerified())
// }
// }
// }
// }
//
// // private fun reRequestAllPendingRoomKeyRequest() {
// // cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
// // Timber.d("## CrossSigning - reRequest pending outgoing room key requests")
// // cryptoStore.getOutgoingRoomKeyRequests().forEach {
// // it.requestBody?.let { requestBody ->
// // if (cryptoStore.getInboundGroupSession(requestBody.sessionId ?: "", requestBody.senderKey ?: "") == null) {
// // outgoingRoomKeyRequestManager.resendRoomKeyRequest(requestBody)
// // } else {
// // outgoingRoomKeyRequestManager.cancelRoomKeyRequest(requestBody)
// // }
// // }
// // }
// // }
// // }
// }

389
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/UpdateTrustWorker.kt
View file

@ -1,389 +0,0 @@
// /*
// * Copyright 2020 The Matrix.org Foundation C.I.C.
// *
// * Licensed under the Apache License, Version 2.0 (the "License");
// * you may not use this file except in compliance with the License.
// * You may obtain a copy of the License at
// *
// * http://www.apache.org/licenses/LICENSE-2.0
// *
// * Unless required by applicable law or agreed to in writing, software
// * distributed under the License is distributed on an "AS IS" BASIS,
// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// * See the License for the specific language governing permissions and
// * limitations under the License.
// */
//
// package org.matrix.android.sdk.internal.crypto.crosssigning
//
// import android.content.Context
// import androidx.work.WorkerParameters
// import com.squareup.moshi.JsonClass
// import io.realm.Realm
// import io.realm.RealmConfiguration
// import io.realm.kotlin.where
// import kotlinx.coroutines.runBlocking
// import org.matrix.android.sdk.api.crypto.RoomEncryptionTrustLevel
// import org.matrix.android.sdk.api.extensions.orFalse
// import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo
// import org.matrix.android.sdk.internal.crypto.OlmMachineProvider
// import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
// import org.matrix.android.sdk.internal.crypto.store.db.mapper.CrossSigningKeysMapper
// import org.matrix.android.sdk.internal.crypto.store.db.model.CrossSigningInfoEntity
// import org.matrix.android.sdk.internal.crypto.store.db.model.CrossSigningInfoEntityFields
// import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoMapper
// import org.matrix.android.sdk.internal.crypto.store.db.model.TrustLevelEntity
// import org.matrix.android.sdk.internal.crypto.store.db.model.UserEntity
// import org.matrix.android.sdk.internal.crypto.store.db.model.UserEntityFields
// import org.matrix.android.sdk.internal.database.awaitTransaction
// import org.matrix.android.sdk.internal.database.model.RoomMemberSummaryEntity
// import org.matrix.android.sdk.internal.database.model.RoomMemberSummaryEntityFields
// import org.matrix.android.sdk.internal.database.model.RoomSummaryEntity
// import org.matrix.android.sdk.internal.database.model.RoomSummaryEntityFields
// import org.matrix.android.sdk.internal.database.query.where
// import org.matrix.android.sdk.internal.di.CryptoDatabase
// import org.matrix.android.sdk.internal.di.SessionDatabase
// import org.matrix.android.sdk.internal.di.UserId
// import org.matrix.android.sdk.internal.session.SessionComponent
// import org.matrix.android.sdk.internal.session.room.membership.RoomMemberHelper
// import org.matrix.android.sdk.internal.util.logLimit
// import org.matrix.android.sdk.internal.worker.SessionSafeCoroutineWorker
// import org.matrix.android.sdk.internal.worker.SessionWorkerParams
// import timber.log.Timber
// import javax.inject.Inject
//
// @Deprecated("Now using olm machine")
// internal class UpdateTrustWorker(context: Context,
// params: WorkerParameters)
// : SessionSafeCoroutineWorker<UpdateTrustWorker.Params>(context, params, Params::class.java) {
//
// @JsonClass(generateAdapter = true)
// internal data class Params(
// override val sessionId: String,
// override val lastFailureMessage: String? = null,
// // Kept for compatibility, but not used anymore (can be used for pending Worker)
// val updatedUserIds: List<String>? = null,
// // Passing a long list of userId can break the Work Manager due to data size limitation.
// // so now we use a temporary file to store the data
// val filename: String? = null
// ) : SessionWorkerParams
//
// // @Inject lateinit var crossSigningService: RustCrossSigningService
// @Inject lateinit var olmMachineProvider: OlmMachineProvider//: RustCrossSigningService
//
// // It breaks the crypto store contract, but we need to batch things :/
// @CryptoDatabase
// @Inject lateinit var cryptoRealmConfiguration: RealmConfiguration
//
// @SessionDatabase
// @Inject lateinit var sessionRealmConfiguration: RealmConfiguration
//
// @UserId
// @Inject lateinit var myUserId: String
// @Inject lateinit var crossSigningKeysMapper: CrossSigningKeysMapper
// @Inject lateinit var updateTrustWorkerDataRepository: UpdateTrustWorkerDataRepository
//
// // @Inject lateinit var roomSummaryUpdater: RoomSummaryUpdater
// @Inject lateinit var cryptoStore: IMXCryptoStore
//
// override fun injectWith(injector: SessionComponent) {
// injector.inject(this)
// }
//
// override suspend fun doSafeWork(params: Params): Result {
// val userList = params.filename
// ?.let { updateTrustWorkerDataRepository.getParam(it) }
// ?.userIds
// ?: params.updatedUserIds.orEmpty()
//
// // List should not be empty, but let's avoid go further in case of empty list
// if (userList.isNotEmpty()) {
// // Unfortunately we don't have much info on what did exactly changed (is it the cross signing keys of that user,
// // or a new device?) So we check all again :/
// Timber.d("## CrossSigning - Updating trust for users: ${userList.logLimit()}")
// updateTrust(userList)
// }
//
// cleanup(params)
// return Result.success()
// }
//
// private suspend fun updateTrust(userListParam: List<String>) {
// var userList = userListParam
// var myCrossSigningInfo: MXCrossSigningInfo? = null
//
// // First we check that the users MSK are trusted by mine
// // After that we check the trust chain for each devices of each users
// awaitTransaction(cryptoRealmConfiguration) { cryptoRealm ->
// // By mapping here to model, this object is not live
// // I should update it if needed
// myCrossSigningInfo = getCrossSigningInfo(cryptoRealm, myUserId)
//
// var myTrustResult: UserTrustResult? = null
//
// if (userList.contains(myUserId)) {
// Timber.d("## CrossSigning - Clear all trust as a change on my user was detected")
// // i am in the list.. but i don't know exactly the delta of change :/
// // If it's my cross signing keys we should refresh all trust
// // do it anyway ?
// userList = cryptoRealm.where(CrossSigningInfoEntity::class.java)
// .findAll()
// .mapNotNull { it.userId }
//
// // check right now my keys and mark it as trusted as other trust depends on it
// // val myDevices = olmMachineProvider.olmMachine.getUserDevices(myUserId)
// // cryptoRealm.where<UserEntity>()
// // .equalTo(UserEntityFields.USER_ID, myUserId)
// // .findFirst()
// // ?.devices
// // ?.map { CryptoMapper.mapToModel(it) }
//
//
// val identity = olmMachineProvider.olmMachine.getIdentity(olmMachineProvider.olmMachine.userId())
// myTrustResult = if (identity?.verified() == true) {
// UserTrustResult.Success
// } else {
// if (identity?.toMxCrossSigningInfo() == null) {
// UserTrustResult.CrossSigningNotConfigured(olmMachineProvider.olmMachine.userId())
// } else {
// UserTrustResult.KeysNotTrusted(identity.toMxCrossSigningInfo())
// }
// }
//
// // crossSigningService.checkSelfTrust(myCrossSigningInfo, myDevices)
// updateCrossSigningKeysTrust(cryptoRealm, myUserId, myTrustResult.isVerified())
// // update model reference
// myCrossSigningInfo = getCrossSigningInfo(cryptoRealm, myUserId)
// }
//
// val otherInfos = userList.associateWith { userId ->
// getCrossSigningInfo(cryptoRealm, userId)
// }
//
// val trusts = otherInfos.mapValues { entry ->
// when (entry.key) {
// myUserId -> myTrustResult
// else -> {
// val userId = entry.value?.userId ?: ""
// val identity = olmMachineProvider.olmMachine.getIdentity(userId)
// if (identity?.verified() == true) {
// UserTrustResult.Success
// } else {
// if (identity?.toMxCrossSigningInfo() == null) {
// UserTrustResult.CrossSigningNotConfigured(userId)
// } else {
// UserTrustResult.KeysNotTrusted(identity.toMxCrossSigningInfo())
// }
// }
// }
// }
// }
//
// // TODO! if it's me and my keys has changed... I have to reset trust for everyone!
// // i have all the new trusts, update DB
// // trusts.forEach {
// // val verified = it.value?.isVerified() == true
// // updateCrossSigningKeysTrust(cryptoRealm, it.key, verified)
// // }
//
// // Ok so now we have to check device trust for all these users..
// Timber.v("## CrossSigning - Updating devices cross trust users: ${trusts.keys.logLimit()}")
// trusts.keys.forEach { userId ->
// val devicesEntities = olmMachineProvider.olmMachine.getUserDevices(userId)
// // cryptoRealm.where<UserEntity>()
// // .equalTo(UserEntityFields.USER_ID, userId)
// // .findFirst()
// // ?.devices
//
// val trustMap = devicesEntities.associateWith { device ->
// // val cryptoDevice = device.toCryptoDeviceInfo()
// // get up to date from DB has could have been updated
// // val otherInfo = getCrossSigningInfo(cryptoRealm, userId)
// // val deviceId = device.i deviceId ?: ""
// // val device = olmMachineProvider.olmMachine.getDevice(userId, deviceId)
// // if (device != null) {
// // TODO i don't quite understand the semantics here and there are no docs for
// // DeviceTrustResult, what do the different result types mean exactly,
// // do you return success only if the Device is cross signing verified?
// // what about the local trust if it isn't? why is the local trust passed as an argument here?
// DeviceTrustResult.Success(runBlocking { device.trustLevel() })
// // } else {
// // DeviceTrustResult.UnknownDevice(deviceId)
// // }
// // crossSigningService.checkDeviceTrust(myCrossSigningInfo, otherInfo, CryptoMapper.mapToModel(device))
// }
//
// // Update trust if needed
// // devicesEntities?.forEach { device ->
// // val crossSignedVerified = trustMap?.get(device)?.isCrossSignedVerified()
// // Timber.d("## CrossSigning - Trust for ${device.userId}|${device.deviceId} : cross verified: ${trustMap?.get(device)}")
// // if (device.trustLevelEntity?.crossSignedVerified != crossSignedVerified) {
// // Timber.d("## CrossSigning - Trust change detected for ${device.userId}|${device.deviceId} : cross verified: $crossSignedVerified")
// // // need to save
// // val trustEntity = device.trustLevelEntity
// // if (trustEntity == null) {
// // device.trustLevelEntity = cryptoRealm.createObject(TrustLevelEntity::class.java).also {
// // it.locallyVerified = false
// // it.crossSignedVerified = crossSignedVerified
// // }
// // } else {
// // trustEntity.crossSignedVerified = crossSignedVerified
// // }
// // }
// // }
// }
// }
//
// // So Cross Signing keys trust is updated, device trust is updated
// // We can now update room shields? in the session DB?
// updateTrustStep2(userList, myCrossSigningInfo)
// }
//
// private suspend fun updateTrustStep2(userList: List<String>, myCrossSigningInfo: MXCrossSigningInfo?) {
// Timber.d("## CrossSigning - Updating shields for impacted rooms...")
// awaitTransaction(sessionRealmConfiguration) { sessionRealm ->
// Realm.getInstance(cryptoRealmConfiguration).use { cryptoRealm ->
// sessionRealm.where(RoomMemberSummaryEntity::class.java)
// .`in`(RoomMemberSummaryEntityFields.USER_ID, userList.toTypedArray())
// .distinct(RoomMemberSummaryEntityFields.ROOM_ID)
// .findAll()
// .map { it.roomId }
// .also { Timber.d("## CrossSigning - ... impacted rooms ${it.logLimit()}") }
// .forEach { roomId ->
// RoomSummaryEntity.where(sessionRealm, roomId)
// .equalTo(RoomSummaryEntityFields.IS_ENCRYPTED, true)
// .findFirst()
// ?.let { roomSummary ->
// Timber.d("## CrossSigning - Check shield state for room $roomId")
// val allActiveRoomMembers = RoomMemberHelper(sessionRealm, roomId).getActiveRoomMemberIds()
// try {
// val updatedTrust = computeRoomShield(
// myCrossSigningInfo,
// cryptoRealm,
// allActiveRoomMembers,
// roomSummary
// )
// if (roomSummary.roomEncryptionTrustLevel != updatedTrust) {
// Timber.d("## CrossSigning - Shield change detected for $roomId -> $updatedTrust")
// roomSummary.roomEncryptionTrustLevel = updatedTrust
// }
// } catch (failure: Throwable) {
// Timber.e(failure)
// }
// }
// }
// }
// }
// }
//
// private suspend fun getCrossSigningInfo(cryptoRealm: Realm, userId: String): MXCrossSigningInfo? {
// return olmMachineProvider.olmMachine.getIdentity(userId)?.toMxCrossSigningInfo()
// // cryptoRealm.where(CrossSigningInfoEntity::class.java)
// // .equalTo(CrossSigningInfoEntityFields.USER_ID, userId)
// // .findFirst()
// // ?.let { mapCrossSigningInfoEntity(it) }
// }
//
// private fun cleanup(params: Params) {
// params.filename
// ?.let { updateTrustWorkerDataRepository.delete(it) }
// }
//
// private fun updateCrossSigningKeysTrust(cryptoRealm: Realm, userId: String, verified: Boolean) {
// cryptoRealm.where(CrossSigningInfoEntity::class.java)
// .equalTo(CrossSigningInfoEntityFields.USER_ID, userId)
// .findFirst()
// ?.crossSigningKeys
// ?.forEach { info ->
// // optimization to avoid trigger updates when there is no change..
// if (info.trustLevelEntity?.isVerified() != verified) {
// Timber.d("## CrossSigning - Trust change for $userId : $verified")
// val level = info.trustLevelEntity
// if (level == null) {
// info.trustLevelEntity = cryptoRealm.createObject(TrustLevelEntity::class.java).also {
// it.locallyVerified = verified
// it.crossSignedVerified = verified
// }
// } else {
// level.locallyVerified = verified
// level.crossSignedVerified = verified
// }
// }
// }
// }
//
// private suspend fun computeRoomShield(myCrossSigningInfo: MXCrossSigningInfo?,
// cryptoRealm: Realm,
// activeMemberUserIds: List<String>,
// roomSummaryEntity: RoomSummaryEntity): RoomEncryptionTrustLevel {
// Timber.d("## CrossSigning - computeRoomShield ${roomSummaryEntity.roomId} -> ${activeMemberUserIds.logLimit()}")
// // The set of “all users” depends on the type of room:
// // For regular / topic rooms which have more than 2 members (including yourself) are considered when decorating a room
// // For 1:1 and group DM rooms, all other users (i.e. excluding yourself) are considered when decorating a room
// val listToCheck = if (roomSummaryEntity.isDirect || activeMemberUserIds.size <= 2) {
// activeMemberUserIds.filter { it != myUserId }
// } else {
// activeMemberUserIds
// }
//
// val allTrustedUserIds = listToCheck
// .filter { userId ->
// getCrossSigningInfo(cryptoRealm, userId)?.isTrusted() == true
// }
// Timber.d("## CrossSigning - allTrustedIds ${allTrustedUserIds}")
//
// return if (allTrustedUserIds.isEmpty()) {
// RoomEncryptionTrustLevel.Default
// } else {
// // If one of the verified user as an untrusted device -> warning
// // If all devices of all verified users are trusted -> green
// // else -> black
// allTrustedUserIds
// .mapNotNull { userId ->
// // cryptoRealm.where<UserEntity>()
// // .equalTo(UserEntityFields.USER_ID, userId)
// // .findFirst()
// // ?.devices
// // ?.map { CryptoMapper.mapToModel(it) }
// olmMachineProvider.olmMachine.getUserDevices(userId)
// }
// .flatten()
// .let { allDevices ->
// Timber.v("## CrossSigning - computeRoomShield ${roomSummaryEntity.roomId} devices ${allDevices.map { "${it.toCryptoDeviceInfo().deviceId} trust ${it.toCryptoDeviceInfo().trustLevel}" }.logLimit()}")
//
// if (myCrossSigningInfo != null) {
// allDevices.any { !it.toCryptoDeviceInfo().trustLevel?.crossSigningVerified.orFalse() }
// } else {
// // Legacy method
// allDevices.any { !it.toCryptoDeviceInfo().isVerified }
// }
// }
// .let { hasWarning ->
// if (hasWarning) {
// RoomEncryptionTrustLevel.Warning
// } else {
// if (listToCheck.size == allTrustedUserIds.size) {
// // all users are trusted and all devices are verified
// RoomEncryptionTrustLevel.Trusted
// } else {
// RoomEncryptionTrustLevel.Default
// }
// }
// }
// }
// }
//
// private fun mapCrossSigningInfoEntity(xsignInfo: CrossSigningInfoEntity): MXCrossSigningInfo {
// val userId = xsignInfo.userId ?: ""
// return MXCrossSigningInfo(
// userId = userId,
// crossSigningKeys = xsignInfo.crossSigningKeys.mapNotNull {
// crossSigningKeysMapper.map(userId, it)
// }
// )
// }
//
// override fun buildErrorParams(params: Params, message: String): Params {
// return params.copy(lastFailureMessage = params.lastFailureMessage ?: message)
// }
// }

2
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/RustKeyBackupService.kt
View file

@ -1,5 +1,5 @@
/* /*
* Copyright 2020 The Matrix.org Foundation C.I.C. * Copyright 2021 The Matrix.org Foundation C.I.C.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/UpdateDispatcher.kt
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2021 New Vector Ltd * Copyright 2021 The Matrix.org Foundation C.I.C.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.