mirror of
https://github.com/SchildiChat/SchildiChat-android.git
synced 2024-11-24 02:15:46 +03:00
feat(crypto): Add support for verification violation warnings
This commit is contained in:
parent
21e751e50f
commit
bb46dcb262
7 changed files with 22 additions and 14 deletions
|
@ -221,7 +221,7 @@ dependencies {
|
||||||
|
|
||||||
implementation libs.google.phonenumber
|
implementation libs.google.phonenumber
|
||||||
|
|
||||||
implementation("org.matrix.rustcomponents:crypto-android:0.4.3")
|
implementation("org.matrix.rustcomponents:crypto-android:0.5.0")
|
||||||
// api project(":library:rustCrypto")
|
// api project(":library:rustCrypto")
|
||||||
|
|
||||||
testImplementation libs.tests.junit
|
testImplementation libs.tests.junit
|
||||||
|
|
|
@ -24,7 +24,6 @@ import org.junit.Assert.assertNotNull
|
||||||
import org.junit.Assert.assertNull
|
import org.junit.Assert.assertNull
|
||||||
import org.junit.Assert.assertTrue
|
import org.junit.Assert.assertTrue
|
||||||
import org.junit.Assert.fail
|
import org.junit.Assert.fail
|
||||||
import org.junit.Assume
|
|
||||||
import org.junit.FixMethodOrder
|
import org.junit.FixMethodOrder
|
||||||
import org.junit.Test
|
import org.junit.Test
|
||||||
import org.junit.runner.RunWith
|
import org.junit.runner.RunWith
|
||||||
|
@ -202,9 +201,6 @@ class XSigningTest : InstrumentedTest {
|
||||||
val aliceSession = cryptoTestData.firstSession
|
val aliceSession = cryptoTestData.firstSession
|
||||||
val bobSession = cryptoTestData.secondSession
|
val bobSession = cryptoTestData.secondSession
|
||||||
|
|
||||||
// Remove when https://github.com/matrix-org/matrix-rust-sdk/issues/1129
|
|
||||||
Assume.assumeTrue("Not yet supported by rust", aliceSession.cryptoService().name() != "rust-sdk")
|
|
||||||
|
|
||||||
val aliceAuthParams = UserPasswordAuth(
|
val aliceAuthParams = UserPasswordAuth(
|
||||||
user = aliceSession.myUserId,
|
user = aliceSession.myUserId,
|
||||||
password = TestConstants.PASSWORD
|
password = TestConstants.PASSWORD
|
||||||
|
|
|
@ -29,7 +29,10 @@ internal class ComputeShieldForGroupUseCase @Inject constructor(
|
||||||
val myIdentity = olmMachine.getIdentity(myUserId)
|
val myIdentity = olmMachine.getIdentity(myUserId)
|
||||||
val allTrustedUserIds = userIds
|
val allTrustedUserIds = userIds
|
||||||
.filter { userId ->
|
.filter { userId ->
|
||||||
olmMachine.getIdentity(userId)?.verified() == true
|
val identity = olmMachine.getIdentity(userId)?.toMxCrossSigningInfo()
|
||||||
|
identity?.isTrusted() == true ||
|
||||||
|
// Always take into account users that was previously verified but are not anymore
|
||||||
|
identity?.wasTrustedOnce == true
|
||||||
}
|
}
|
||||||
|
|
||||||
return if (allTrustedUserIds.isEmpty()) {
|
return if (allTrustedUserIds.isEmpty()) {
|
||||||
|
|
|
@ -66,7 +66,8 @@ internal class GetUserIdentityUseCase @Inject constructor(
|
||||||
innerMachine = innerMachine,
|
innerMachine = innerMachine,
|
||||||
requestSender = requestSender,
|
requestSender = requestSender,
|
||||||
coroutineDispatchers = coroutineDispatchers,
|
coroutineDispatchers = coroutineDispatchers,
|
||||||
verificationRequestFactory = verificationRequestFactory
|
verificationRequestFactory = verificationRequestFactory,
|
||||||
|
hasVerificationViolation = identity.hasVerificationViolation
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
is InnerUserIdentity.Own -> {
|
is InnerUserIdentity.Own -> {
|
||||||
|
@ -89,7 +90,8 @@ internal class GetUserIdentityUseCase @Inject constructor(
|
||||||
innerMachine = innerMachine,
|
innerMachine = innerMachine,
|
||||||
requestSender = requestSender,
|
requestSender = requestSender,
|
||||||
coroutineDispatchers = coroutineDispatchers,
|
coroutineDispatchers = coroutineDispatchers,
|
||||||
verificationRequestFactory = verificationRequestFactory
|
verificationRequestFactory = verificationRequestFactory,
|
||||||
|
hasVerificationViolation = identity.hasVerificationViolation
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
null -> null
|
null -> null
|
||||||
|
|
|
@ -84,7 +84,9 @@ import org.matrix.rustcomponents.sdk.crypto.ShieldState
|
||||||
import org.matrix.rustcomponents.sdk.crypto.SignatureVerification
|
import org.matrix.rustcomponents.sdk.crypto.SignatureVerification
|
||||||
import org.matrix.rustcomponents.sdk.crypto.setLogger
|
import org.matrix.rustcomponents.sdk.crypto.setLogger
|
||||||
import timber.log.Timber
|
import timber.log.Timber
|
||||||
|
import uniffi.matrix_sdk_crypto.DecryptionSettings
|
||||||
import uniffi.matrix_sdk_crypto.LocalTrust
|
import uniffi.matrix_sdk_crypto.LocalTrust
|
||||||
|
import uniffi.matrix_sdk_crypto.TrustRequirement
|
||||||
import java.io.File
|
import java.io.File
|
||||||
import java.nio.charset.Charset
|
import java.nio.charset.Charset
|
||||||
import javax.inject.Inject
|
import javax.inject.Inject
|
||||||
|
@ -450,7 +452,12 @@ internal class OlmMachine @Inject constructor(
|
||||||
}
|
}
|
||||||
|
|
||||||
val serializedEvent = adapter.toJson(event)
|
val serializedEvent = adapter.toJson(event)
|
||||||
val decrypted = inner.decryptRoomEvent(serializedEvent, event.roomId, false, false)
|
val decrypted = inner.decryptRoomEvent(
|
||||||
|
serializedEvent, event.roomId,
|
||||||
|
handleVerificationEvents = false,
|
||||||
|
strictShields = false,
|
||||||
|
decryptionSettings = DecryptionSettings(TrustRequirement.UNTRUSTED)
|
||||||
|
)
|
||||||
|
|
||||||
val deserializationAdapter =
|
val deserializationAdapter =
|
||||||
moshi.adapter<JsonDict>(Map::class.java)
|
moshi.adapter<JsonDict>(Map::class.java)
|
||||||
|
|
|
@ -58,7 +58,7 @@ internal class RustCrossSigningService @Inject constructor(
|
||||||
* Checks that my trusted user key has signed the other user UserKey
|
* Checks that my trusted user key has signed the other user UserKey
|
||||||
*/
|
*/
|
||||||
override suspend fun checkUserTrust(otherUserId: String): UserTrustResult {
|
override suspend fun checkUserTrust(otherUserId: String): UserTrustResult {
|
||||||
val identity = olmMachine.getIdentity(olmMachine.userId())
|
val identity = olmMachine.getIdentity(otherUserId)
|
||||||
|
|
||||||
// While UserTrustResult has many different states, they are by the callers
|
// While UserTrustResult has many different states, they are by the callers
|
||||||
// converted to a boolean value immediately, thus we don't need to support
|
// converted to a boolean value immediately, thus we don't need to support
|
||||||
|
|
|
@ -85,6 +85,7 @@ internal class OwnUserIdentity(
|
||||||
private val requestSender: RequestSender,
|
private val requestSender: RequestSender,
|
||||||
private val coroutineDispatchers: MatrixCoroutineDispatchers,
|
private val coroutineDispatchers: MatrixCoroutineDispatchers,
|
||||||
private val verificationRequestFactory: VerificationRequest.Factory,
|
private val verificationRequestFactory: VerificationRequest.Factory,
|
||||||
|
private val hasVerificationViolation: Boolean
|
||||||
) : UserIdentities() {
|
) : UserIdentities() {
|
||||||
/**
|
/**
|
||||||
* Our own user id.
|
* Our own user id.
|
||||||
|
@ -157,8 +158,7 @@ internal class OwnUserIdentity(
|
||||||
userSigningKey.trustLevel = trustLevel
|
userSigningKey.trustLevel = trustLevel
|
||||||
|
|
||||||
val crossSigningKeys = listOf(masterKey, selfSigningKey, userSigningKey)
|
val crossSigningKeys = listOf(masterKey, selfSigningKey, userSigningKey)
|
||||||
// TODO https://github.com/matrix-org/matrix-rust-sdk/issues/1129
|
return MXCrossSigningInfo(userId, crossSigningKeys, hasVerificationViolation)
|
||||||
return MXCrossSigningInfo(userId, crossSigningKeys, false)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -175,6 +175,7 @@ internal class UserIdentity(
|
||||||
private val requestSender: RequestSender,
|
private val requestSender: RequestSender,
|
||||||
private val coroutineDispatchers: MatrixCoroutineDispatchers,
|
private val coroutineDispatchers: MatrixCoroutineDispatchers,
|
||||||
private val verificationRequestFactory: VerificationRequest.Factory,
|
private val verificationRequestFactory: VerificationRequest.Factory,
|
||||||
|
private val hasVerificationViolation: Boolean
|
||||||
) : UserIdentities() {
|
) : UserIdentities() {
|
||||||
/**
|
/**
|
||||||
* The unique ID of the user that this identity belongs to.
|
* The unique ID of the user that this identity belongs to.
|
||||||
|
@ -256,8 +257,7 @@ internal class UserIdentity(
|
||||||
masterKey.also { it.trustLevel = trustLevel },
|
masterKey.also { it.trustLevel = trustLevel },
|
||||||
selfSigningKey.also { it.trustLevel = trustLevel },
|
selfSigningKey.also { it.trustLevel = trustLevel },
|
||||||
),
|
),
|
||||||
// TODO https://github.com/matrix-org/matrix-rust-sdk/issues/1129
|
wasTrustedOnce = hasVerificationViolation
|
||||||
wasTrustedOnce = false
|
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue