From 02e7157206404ea07c2544ac6e590c30ae201f98 Mon Sep 17 00:00:00 2001 From: Benoit Marty Date: Tue, 3 Jan 2023 16:16:17 +0100 Subject: [PATCH] Introduce CryptoCrossSigningKeys container --- .../crosssigning/CryptoCrossSigningKeys.kt | 26 ++++++++++++++ .../sdk/internal/crypto/DeviceListManager.kt | 7 +++- .../internal/crypto/store/IMXCryptoStore.kt | 5 ++- .../internal/crypto/store/UserDataToStore.kt | 4 +-- .../crypto/store/db/RealmCryptoStore.kt | 36 +++++++++---------- 5 files changed, 52 insertions(+), 26 deletions(-) create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/crosssigning/CryptoCrossSigningKeys.kt diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/crosssigning/CryptoCrossSigningKeys.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/crosssigning/CryptoCrossSigningKeys.kt new file mode 100644 index 0000000000..e0a422b54b --- /dev/null +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/crosssigning/CryptoCrossSigningKeys.kt @@ -0,0 +1,26 @@ +/* + * Copyright 2023 The Matrix.org Foundation C.I.C. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.matrix.android.sdk.api.session.crypto.crosssigning + +/** + * Container for the three cross signing keys: master, self signing and user signing. + */ +data class CryptoCrossSigningKeys( + val masterKey: CryptoCrossSigningKey?, + val selfSigningKey: CryptoCrossSigningKey?, + val userSigningKey: CryptoCrossSigningKey?, +) diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt index f6e08ce9f7..8ced0864d0 100755 --- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt @@ -24,6 +24,7 @@ import org.matrix.android.sdk.api.MatrixPatterns import org.matrix.android.sdk.api.auth.data.Credentials import org.matrix.android.sdk.api.extensions.measureMetric import org.matrix.android.sdk.api.metrics.DownloadDeviceKeysMetricsPlugin +import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap @@ -419,7 +420,11 @@ internal class DeviceListManager @Inject constructor( val userSigningKey = response.userSigningKeys?.get(userId)?.toCryptoModel()?.also { Timber.v("## CRYPTO | CrossSigning : Got keys for $userId : USK ${it.unpaddedBase64PublicKey}") } - userDataToStore.userCrossSigningKeys[userId] = Triple(masterKey, selfSigningKey, userSigningKey) + userDataToStore.userCrossSigningKeys[userId] = CryptoCrossSigningKeys( + masterKey = masterKey, + selfSigningKey = selfSigningKey, + userSigningKey = userSigningKey + ) } cryptoStore.storeUserDataToStore(userDataToStore) diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt index 92a92ab36a..1a7f4a5320 100644 --- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt @@ -23,6 +23,7 @@ import org.matrix.android.sdk.api.session.crypto.NewSessionListener import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey +import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo @@ -235,9 +236,7 @@ internal interface IMXCryptoStore { fun storeUserCrossSigningKeys( userId: String, - masterKey: CryptoCrossSigningKey?, - selfSigningKey: CryptoCrossSigningKey?, - userSigningKey: CryptoCrossSigningKey? + cryptoCrossSigningKeys: CryptoCrossSigningKeys ) /** diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/UserDataToStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/UserDataToStore.kt index 05afc75e5a..d4b8308650 100644 --- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/UserDataToStore.kt +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/UserDataToStore.kt @@ -16,10 +16,10 @@ package org.matrix.android.sdk.internal.crypto.store -import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey +import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo internal data class UserDataToStore( val userDevices: MutableMap> = mutableMapOf(), - val userCrossSigningKeys: MutableMap> = mutableMapOf(), + val userCrossSigningKeys: MutableMap = mutableMapOf(), ) diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt index 83ff960d53..06ae2c00b1 100644 --- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt @@ -33,7 +33,7 @@ import org.matrix.android.sdk.api.session.crypto.GlobalCryptoConfig import org.matrix.android.sdk.api.session.crypto.NewSessionListener import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState -import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey +import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo @@ -332,25 +332,21 @@ internal class RealmCryptoStore @Inject constructor( override fun storeUserCrossSigningKeys( userId: String, - masterKey: CryptoCrossSigningKey?, - selfSigningKey: CryptoCrossSigningKey?, - userSigningKey: CryptoCrossSigningKey? + cryptoCrossSigningKeys: CryptoCrossSigningKeys, ) { doRealmTransaction("storeUserCrossSigningKeys", realmConfiguration) { realm -> - storeUserCrossSigningKeys(realm, userId, masterKey, selfSigningKey, userSigningKey) + storeUserCrossSigningKeys(realm, userId, cryptoCrossSigningKeys) } } private fun storeUserCrossSigningKeys( realm: Realm, userId: String, - masterKey: CryptoCrossSigningKey?, - selfSigningKey: CryptoCrossSigningKey?, - userSigningKey: CryptoCrossSigningKey? + keys: CryptoCrossSigningKeys, ) { UserEntity.getOrCreate(realm, userId) .let { userEntity -> - if (masterKey == null || selfSigningKey == null) { + if (keys.masterKey == null || keys.selfSigningKey == null) { // The user has disabled cross signing? userEntity.crossSigningInfoEntity?.deleteOnCascade() userEntity.crossSigningInfoEntity = null @@ -359,11 +355,11 @@ internal class RealmCryptoStore @Inject constructor( CrossSigningInfoEntity.getOrCreate(realm, userId).let { signingInfo -> // What should we do if we detect a change of the keys? val existingMaster = signingInfo.getMasterKey() - if (existingMaster != null && existingMaster.publicKeyBase64 == masterKey.unpaddedBase64PublicKey) { - crossSigningKeysMapper.update(existingMaster, masterKey) + if (existingMaster != null && existingMaster.publicKeyBase64 == keys.masterKey.unpaddedBase64PublicKey) { + crossSigningKeysMapper.update(existingMaster, keys.masterKey) } else { Timber.d("## CrossSigning MSK change for $userId") - val keyEntity = crossSigningKeysMapper.map(masterKey) + val keyEntity = crossSigningKeysMapper.map(keys.masterKey) signingInfo.setMasterKey(keyEntity) if (userId == this.userId) { shouldResetMyDevicesLocalTrust = true @@ -378,11 +374,11 @@ internal class RealmCryptoStore @Inject constructor( } val existingSelfSigned = signingInfo.getSelfSignedKey() - if (existingSelfSigned != null && existingSelfSigned.publicKeyBase64 == selfSigningKey.unpaddedBase64PublicKey) { - crossSigningKeysMapper.update(existingSelfSigned, selfSigningKey) + if (existingSelfSigned != null && existingSelfSigned.publicKeyBase64 == keys.selfSigningKey.unpaddedBase64PublicKey) { + crossSigningKeysMapper.update(existingSelfSigned, keys.selfSigningKey) } else { Timber.d("## CrossSigning SSK change for $userId") - val keyEntity = crossSigningKeysMapper.map(selfSigningKey) + val keyEntity = crossSigningKeysMapper.map(keys.selfSigningKey) signingInfo.setSelfSignedKey(keyEntity) if (userId == this.userId) { shouldResetMyDevicesLocalTrust = true @@ -394,13 +390,13 @@ internal class RealmCryptoStore @Inject constructor( } // Only for me - if (userSigningKey != null) { + if (keys.userSigningKey != null) { val existingUSK = signingInfo.getUserSigningKey() - if (existingUSK != null && existingUSK.publicKeyBase64 == userSigningKey.unpaddedBase64PublicKey) { - crossSigningKeysMapper.update(existingUSK, userSigningKey) + if (existingUSK != null && existingUSK.publicKeyBase64 == keys.userSigningKey.unpaddedBase64PublicKey) { + crossSigningKeysMapper.update(existingUSK, keys.userSigningKey) } else { Timber.d("## CrossSigning USK change for $userId") - val keyEntity = crossSigningKeysMapper.map(userSigningKey) + val keyEntity = crossSigningKeysMapper.map(keys.userSigningKey) signingInfo.setUserSignedKey(keyEntity) if (userId == this.userId) { shouldResetMyDevicesLocalTrust = true @@ -1862,7 +1858,7 @@ internal class RealmCryptoStore @Inject constructor( storeUserDevices(realm, it.key, it.value) } userDataToStore.userCrossSigningKeys.forEach { - storeUserCrossSigningKeys(realm, it.key, it.value.first, it.value.second, it.value.third) + storeUserCrossSigningKeys(realm, it.key, it.value) } } }