mirror of
https://github.com/element-hq/element-android
synced 2024-11-23 01:45:36 +03:00
Extract common crypto interface for all flavors
This commit is contained in:
parent
8f69e411d7
commit
3bf5c0cc1b
18 changed files with 582 additions and 181 deletions
|
@ -59,6 +59,7 @@ import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.StoreRoomSessionD
|
|||
import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.StoreRoomSessionsDataTask
|
||||
import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.StoreSessionsDataTask
|
||||
import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.UpdateKeysBackupVersionTask
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCommonCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.RealmCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.RealmCryptoStoreMigration
|
||||
|
@ -254,6 +255,9 @@ internal abstract class CryptoModule {
|
|||
@Binds
|
||||
abstract fun bindCryptoStore(store: RealmCryptoStore): IMXCryptoStore
|
||||
|
||||
@Binds
|
||||
abstract fun bindCommonCryptoStore(store: RealmCryptoStore): IMXCommonCryptoStore
|
||||
|
||||
@Binds
|
||||
abstract fun bindSendEventTask(task: DefaultSendEventTask): SendEventTask
|
||||
|
||||
|
|
|
@ -506,10 +506,7 @@ internal class DefaultCryptoService @Inject constructor(
|
|||
null
|
||||
} else {
|
||||
withContext(coroutineDispatchers.io) {
|
||||
cryptoStore.deviceWithIdentityKey(senderKey).takeIf {
|
||||
// check that the claimed user id matches
|
||||
it?.userId == userId
|
||||
}
|
||||
cryptoStore.deviceWithIdentityKey(userId, senderKey)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -28,20 +28,16 @@ import org.matrix.android.sdk.api.session.crypto.crosssigning.UserIdentity
|
|||
import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
|
||||
import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.model.CryptoRoomInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
|
||||
import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
|
||||
import org.matrix.android.sdk.api.session.crypto.model.TrailType
|
||||
import org.matrix.android.sdk.api.session.events.model.Event
|
||||
import org.matrix.android.sdk.api.session.events.model.content.EncryptionEventContent
|
||||
import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
|
||||
import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
|
||||
import org.matrix.android.sdk.api.util.Optional
|
||||
import org.matrix.android.sdk.internal.crypto.model.MXInboundMegolmSessionWrapper
|
||||
import org.matrix.android.sdk.internal.crypto.model.OlmSessionWrapper
|
||||
import org.matrix.android.sdk.internal.crypto.model.OutboundGroupSessionWrapper
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.CryptoStoreAggregator
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.KeysBackupDataEntity
|
||||
import org.matrix.olm.OlmAccount
|
||||
import org.matrix.olm.OlmOutboundGroupSession
|
||||
|
@ -49,7 +45,7 @@ import org.matrix.olm.OlmOutboundGroupSession
|
|||
/**
|
||||
* The crypto data store.
|
||||
*/
|
||||
internal interface IMXCryptoStore {
|
||||
internal interface IMXCryptoStore : IMXCommonCryptoStore {
|
||||
|
||||
/**
|
||||
* @return the device id
|
||||
|
@ -78,21 +74,6 @@ internal interface IMXCryptoStore {
|
|||
*/
|
||||
fun getInboundGroupSessions(roomId: String): List<MXInboundMegolmSessionWrapper>
|
||||
|
||||
/**
|
||||
* @return true to unilaterally blacklist all unverified devices.
|
||||
*/
|
||||
fun getGlobalBlacklistUnverifiedDevices(): Boolean
|
||||
|
||||
/**
|
||||
* Set the global override for whether the client should ever send encrypted
|
||||
* messages to unverified devices.
|
||||
* If false, it can still be overridden per-room.
|
||||
* If true, it overrides the per-room settings.
|
||||
*
|
||||
* @param block true to unilaterally blacklist all
|
||||
*/
|
||||
fun setGlobalBlacklistUnverifiedDevices(block: Boolean)
|
||||
|
||||
/**
|
||||
* Enable or disable key gossiping.
|
||||
* Default is true.
|
||||
|
@ -123,28 +104,6 @@ internal interface IMXCryptoStore {
|
|||
*/
|
||||
fun getRoomsListBlacklistUnverifiedDevices(): List<String>
|
||||
|
||||
/**
|
||||
* A live status regarding sharing keys for unverified devices in this room.
|
||||
*
|
||||
* @return Live status
|
||||
*/
|
||||
fun getLiveBlockUnverifiedDevices(roomId: String): LiveData<Boolean>
|
||||
|
||||
/**
|
||||
* Tell if unverified devices should be blacklisted when sending keys.
|
||||
*
|
||||
* @return true if should not send keys to unverified devices
|
||||
*/
|
||||
fun getBlockUnverifiedDevices(roomId: String): Boolean
|
||||
|
||||
/**
|
||||
* Define if encryption keys should be sent to unverified devices in this room.
|
||||
*
|
||||
* @param roomId the roomId
|
||||
* @param block if true will not send keys to unverified devices
|
||||
*/
|
||||
fun blockUnverifiedDevicesInRoom(roomId: String, block: Boolean)
|
||||
|
||||
/**
|
||||
* Get the current keys backup version.
|
||||
*/
|
||||
|
@ -186,16 +145,6 @@ internal interface IMXCryptoStore {
|
|||
*/
|
||||
fun deleteStore()
|
||||
|
||||
/**
|
||||
* open any existing crypto store.
|
||||
*/
|
||||
fun open()
|
||||
|
||||
/**
|
||||
* Close the store.
|
||||
*/
|
||||
fun close()
|
||||
|
||||
/**
|
||||
* Store the device id.
|
||||
*
|
||||
|
@ -262,14 +211,6 @@ internal interface IMXCryptoStore {
|
|||
|
||||
fun getLiveDeviceWithId(deviceId: String): LiveData<Optional<CryptoDeviceInfo>>
|
||||
|
||||
fun getMyDevicesInfo(): List<DeviceInfo>
|
||||
|
||||
fun getLiveMyDevicesInfo(): LiveData<List<DeviceInfo>>
|
||||
|
||||
fun getLiveMyDevicesInfo(deviceId: String): LiveData<Optional<DeviceInfo>>
|
||||
|
||||
fun saveMyDevicesInfo(info: List<DeviceInfo>)
|
||||
|
||||
/**
|
||||
* Store the crypto algorithm for a room.
|
||||
*
|
||||
|
@ -278,47 +219,8 @@ internal interface IMXCryptoStore {
|
|||
*/
|
||||
fun storeRoomAlgorithm(roomId: String, algorithm: String?)
|
||||
|
||||
/**
|
||||
* Provides the algorithm used in a dedicated room.
|
||||
*
|
||||
* @param roomId the room id
|
||||
* @return the algorithm, null is the room is not encrypted
|
||||
*/
|
||||
fun getRoomAlgorithm(roomId: String): String?
|
||||
|
||||
fun getRoomCryptoInfo(roomId: String): CryptoRoomInfo?
|
||||
fun setAlgorithmInfo(roomId: String, encryption: EncryptionEventContent?)
|
||||
|
||||
/**
|
||||
* This is a bit different than isRoomEncrypted.
|
||||
* A room is encrypted when there is a m.room.encryption state event in the room (malformed/invalid or not).
|
||||
* But the crypto layer has additional guaranty to ensure that encryption would never been reverted.
|
||||
* It's defensive coding out of precaution (if ever state is reset).
|
||||
*/
|
||||
fun roomWasOnceEncrypted(roomId: String): Boolean
|
||||
|
||||
fun shouldEncryptForInvitedMembers(roomId: String): Boolean
|
||||
|
||||
/**
|
||||
* Sets a boolean flag that will determine whether or not this device should encrypt Events for
|
||||
* invited members.
|
||||
*
|
||||
* @param roomId the room id
|
||||
* @param shouldEncryptForInvitedMembers The boolean flag
|
||||
*/
|
||||
fun setShouldEncryptForInvitedMembers(roomId: String, shouldEncryptForInvitedMembers: Boolean)
|
||||
|
||||
fun shouldShareHistory(roomId: String): Boolean
|
||||
|
||||
/**
|
||||
* Sets a boolean flag that will determine whether or not room history (existing inbound sessions)
|
||||
* will be shared to new user invites.
|
||||
*
|
||||
* @param roomId the room id
|
||||
* @param shouldShareHistory The boolean flag
|
||||
*/
|
||||
fun setShouldShareHistory(roomId: String, shouldShareHistory: Boolean)
|
||||
|
||||
/**
|
||||
* Store a session between the logged-in user and another device.
|
||||
*
|
||||
|
@ -361,15 +263,6 @@ internal interface IMXCryptoStore {
|
|||
*/
|
||||
fun storeInboundGroupSessions(sessions: List<MXInboundMegolmSessionWrapper>)
|
||||
|
||||
/**
|
||||
* Retrieve an inbound group session.
|
||||
*
|
||||
* @param sessionId the session identifier.
|
||||
* @param senderKey the base64-encoded curve25519 key of the sender.
|
||||
* @return an inbound group session.
|
||||
*/
|
||||
fun getInboundGroupSession(sessionId: String, senderKey: String): MXInboundMegolmSessionWrapper?
|
||||
|
||||
/**
|
||||
* Retrieve an inbound group session, filtering shared history.
|
||||
*
|
||||
|
@ -552,7 +445,6 @@ internal interface IMXCryptoStore {
|
|||
// fun getCrossSigningPrivateKeysFlow(): Flow<Optional<PrivateKeysInfo>>
|
||||
|
||||
fun getGlobalCryptoConfig(): GlobalCryptoConfig
|
||||
fun getLiveGlobalCryptoConfig(): LiveData<GlobalCryptoConfig>
|
||||
|
||||
fun saveBackupRecoveryKey(recoveryKey: String?, version: String?)
|
||||
fun getKeyBackupRecoveryKeyInfo(): SavedKeyBackupKeyInfo?
|
||||
|
@ -597,14 +489,8 @@ internal interface IMXCryptoStore {
|
|||
|
||||
fun setDeviceKeysUploaded(uploaded: Boolean)
|
||||
fun areDeviceKeysUploaded(): Boolean
|
||||
fun tidyUpDataBase()
|
||||
fun getOutgoingRoomKeyRequests(inStates: Set<OutgoingRoomKeyRequestState>): List<OutgoingKeyRequest>
|
||||
|
||||
/**
|
||||
* Store a bunch of data collected during a sync response treatment. @See [CryptoStoreAggregator].
|
||||
*/
|
||||
fun storeData(cryptoStoreAggregator: CryptoStoreAggregator)
|
||||
|
||||
/**
|
||||
* Store a bunch of data related to the users. @See [UserDataToStore].
|
||||
*/
|
|
@ -280,6 +280,19 @@ internal class RealmCryptoStore @Inject constructor(
|
|||
}
|
||||
}
|
||||
|
||||
override fun deviceWithIdentityKey(userId: String, identityKey: String): CryptoDeviceInfo? {
|
||||
return doWithRealm(realmConfiguration) { realm ->
|
||||
realm.where<DeviceInfoEntity>()
|
||||
.equalTo(DeviceInfoEntityFields.USER_ID, userId)
|
||||
.contains(DeviceInfoEntityFields.KEYS_MAP_JSON, identityKey)
|
||||
.findAll()
|
||||
.mapNotNull { CryptoMapper.mapToModel(it) }
|
||||
.firstOrNull {
|
||||
it.identityKey() == identityKey
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
override fun storeUserDevices(userId: String, devices: Map<String, CryptoDeviceInfo>?) {
|
||||
doRealmTransaction("storeUserDevices", realmConfiguration) { realm ->
|
||||
storeUserDevices(realm, userId, devices)
|
|
@ -17,11 +17,11 @@
|
|||
package org.matrix.android.sdk.internal.crypto
|
||||
|
||||
import org.matrix.android.sdk.api.crypto.MXCryptoConfig
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCommonCryptoStore
|
||||
import javax.inject.Inject
|
||||
|
||||
internal class ShouldEncryptForInvitedMembersUseCase @Inject constructor(private val cryptoConfig: MXCryptoConfig,
|
||||
private val cryptoStore: IMXCryptoStore) {
|
||||
private val cryptoStore: IMXCommonCryptoStore) {
|
||||
|
||||
operator fun invoke(roomId: String): Boolean {
|
||||
return cryptoConfig.enableEncryptionForInvitedMembers && cryptoStore.shouldEncryptForInvitedMembers(roomId)
|
||||
|
|
|
@ -0,0 +1,156 @@
|
|||
/*
|
||||
* Copyright 2023 The Matrix.org Foundation C.I.C.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.matrix.android.sdk.internal.crypto.store
|
||||
|
||||
import androidx.lifecycle.LiveData
|
||||
import org.matrix.android.sdk.api.session.crypto.GlobalCryptoConfig
|
||||
import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.model.CryptoRoomInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
|
||||
import org.matrix.android.sdk.api.session.events.model.content.EncryptionEventContent
|
||||
import org.matrix.android.sdk.api.util.Optional
|
||||
import org.matrix.android.sdk.internal.crypto.model.MXInboundMegolmSessionWrapper
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.CryptoStoreAggregator
|
||||
|
||||
/**
|
||||
* As a temporary measure rust and kotlin flavor are still using realm to store some crypto
|
||||
* related information. In the near future rust flavor will complitly stop using realm, as soon
|
||||
* as the missing bits are store in rust side (like room encryption settings, ..)
|
||||
* This interface defines what's now used by both flavors.
|
||||
* The actual implementation are moved in each flavors
|
||||
*/
|
||||
interface IMXCommonCryptoStore {
|
||||
|
||||
/**
|
||||
* Provides the algorithm used in a dedicated room.
|
||||
*
|
||||
* @param roomId the room id
|
||||
* @return the algorithm, null is the room is not encrypted
|
||||
*/
|
||||
fun getRoomAlgorithm(roomId: String): String?
|
||||
|
||||
fun getRoomCryptoInfo(roomId: String): CryptoRoomInfo?
|
||||
|
||||
fun setAlgorithmInfo(roomId: String, encryption: EncryptionEventContent?)
|
||||
|
||||
fun roomWasOnceEncrypted(roomId: String): Boolean
|
||||
|
||||
fun saveMyDevicesInfo(info: List<DeviceInfo>)
|
||||
|
||||
// questionable that it's stored in crypto store
|
||||
fun getMyDevicesInfo(): List<DeviceInfo>
|
||||
|
||||
// questionable that it's stored in crypto store
|
||||
fun getLiveMyDevicesInfo(): LiveData<List<DeviceInfo>>
|
||||
|
||||
// questionable that it's stored in crypto store
|
||||
fun getLiveMyDevicesInfo(deviceId: String): LiveData<Optional<DeviceInfo>>
|
||||
|
||||
/**
|
||||
* open any existing crypto store.
|
||||
*/
|
||||
fun open()
|
||||
fun tidyUpDataBase()
|
||||
|
||||
/**
|
||||
* Close the store.
|
||||
*/
|
||||
fun close()
|
||||
|
||||
/*
|
||||
* Store a bunch of data collected during a sync response treatment. @See [CryptoStoreAggregator].
|
||||
*/
|
||||
fun storeData(cryptoStoreAggregator: CryptoStoreAggregator)
|
||||
|
||||
fun shouldEncryptForInvitedMembers(roomId: String): Boolean
|
||||
|
||||
/**
|
||||
* Sets a boolean flag that will determine whether or not room history (existing inbound sessions)
|
||||
* will be shared to new user invites.
|
||||
*
|
||||
* @param roomId the room id
|
||||
* @param shouldShareHistory The boolean flag
|
||||
*/
|
||||
fun setShouldShareHistory(roomId: String, shouldShareHistory: Boolean)
|
||||
|
||||
/**
|
||||
* Sets a boolean flag that will determine whether or not this device should encrypt Events for
|
||||
* invited members.
|
||||
*
|
||||
* @param roomId the room id
|
||||
* @param shouldEncryptForInvitedMembers The boolean flag
|
||||
*/
|
||||
fun setShouldEncryptForInvitedMembers(roomId: String, shouldEncryptForInvitedMembers: Boolean)
|
||||
|
||||
/**
|
||||
* Define if encryption keys should be sent to unverified devices in this room.
|
||||
*
|
||||
* @param roomId the roomId
|
||||
* @param block if true will not send keys to unverified devices
|
||||
*/
|
||||
fun blockUnverifiedDevicesInRoom(roomId: String, block: Boolean)
|
||||
|
||||
/**
|
||||
* Set the global override for whether the client should ever send encrypted
|
||||
* messages to unverified devices.
|
||||
* If false, it can still be overridden per-room.
|
||||
* If true, it overrides the per-room settings.
|
||||
*
|
||||
* @param block true to unilaterally blacklist all
|
||||
*/
|
||||
fun setGlobalBlacklistUnverifiedDevices(block: Boolean)
|
||||
|
||||
fun getLiveGlobalCryptoConfig(): LiveData<GlobalCryptoConfig>
|
||||
|
||||
/**
|
||||
* @return true to unilaterally blacklist all unverified devices.
|
||||
*/
|
||||
fun getGlobalBlacklistUnverifiedDevices(): Boolean
|
||||
|
||||
/**
|
||||
* A live status regarding sharing keys for unverified devices in this room.
|
||||
*
|
||||
* @return Live status
|
||||
*/
|
||||
fun getLiveBlockUnverifiedDevices(roomId: String): LiveData<Boolean>
|
||||
|
||||
/**
|
||||
* Tell if unverified devices should be blacklisted when sending keys.
|
||||
*
|
||||
* @return true if should not send keys to unverified devices
|
||||
*/
|
||||
fun getBlockUnverifiedDevices(roomId: String): Boolean
|
||||
|
||||
/**
|
||||
* Retrieve a device by its identity key.
|
||||
*
|
||||
* @param userId the device owner
|
||||
* @param identityKey the device identity key (`MXDeviceInfo.identityKey`)
|
||||
* @return the device or null if not found
|
||||
*/
|
||||
fun deviceWithIdentityKey(userId: String, identityKey: String): CryptoDeviceInfo?
|
||||
|
||||
/**
|
||||
* Retrieve an inbound group session.
|
||||
* Used in rust for lazy migration
|
||||
*
|
||||
* @param sessionId the session identifier.
|
||||
* @param senderKey the base64-encoded curve25519 key of the sender.
|
||||
* @return an inbound group session.
|
||||
*/
|
||||
fun getInboundGroupSession(sessionId: String, senderKey: String): MXInboundMegolmSessionWrapper?
|
||||
}
|
|
@ -26,11 +26,11 @@ import org.matrix.android.sdk.api.session.events.model.toModel
|
|||
import org.matrix.android.sdk.api.session.events.model.toValidDecryptedEvent
|
||||
import org.matrix.android.sdk.api.session.room.model.message.MessageContent
|
||||
import org.matrix.android.sdk.api.session.room.model.message.MessagePollContent
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCommonCryptoStore
|
||||
import timber.log.Timber
|
||||
import javax.inject.Inject
|
||||
|
||||
internal class EventEditValidator @Inject constructor(val cryptoStore: IMXCryptoStore) {
|
||||
internal class EventEditValidator @Inject constructor(val cryptoStore: IMXCommonCryptoStore) {
|
||||
|
||||
sealed class EditValidity {
|
||||
object Valid : EditValidity()
|
||||
|
@ -80,25 +80,21 @@ internal class EventEditValidator @Inject constructor(val cryptoStore: IMXCrypto
|
|||
val replaceDecrypted = replaceEvent.toValidDecryptedEvent()
|
||||
?: return EditValidity.Unknown // UTD can't decide
|
||||
|
||||
val originalCryptoSenderId = cryptoStore.deviceWithIdentityKey(originalDecrypted.cryptoSenderKey)?.userId
|
||||
val editCryptoSenderId = cryptoStore.deviceWithIdentityKey(replaceDecrypted.cryptoSenderKey)?.userId
|
||||
if (originalEvent.senderId != replaceEvent.senderId) {
|
||||
return EditValidity.Invalid("original event and replacement event must have the same sender")
|
||||
}
|
||||
|
||||
val originalSendingDevice = originalEvent.senderId?.let { cryptoStore.deviceWithIdentityKey(it, originalDecrypted.cryptoSenderKey) }
|
||||
val editSendingDevice = originalEvent.senderId?.let { cryptoStore.deviceWithIdentityKey(it, replaceDecrypted.cryptoSenderKey) }
|
||||
|
||||
if (originalDecrypted.getRelationContent()?.type == RelationType.REPLACE) {
|
||||
return EditValidity.Invalid("The original event must not, itself, have a rel_type of m.replace ")
|
||||
}
|
||||
|
||||
if (originalCryptoSenderId == null || editCryptoSenderId == null) {
|
||||
if (originalSendingDevice == null || editSendingDevice == null) {
|
||||
// mm what can we do? we don't know if it's cryptographically from same user?
|
||||
// let valid and UI should display send by deleted device warning?
|
||||
val bestEffortOriginal = originalCryptoSenderId ?: originalEvent.senderId
|
||||
val bestEffortEdit = editCryptoSenderId ?: replaceEvent.senderId
|
||||
if (bestEffortOriginal != bestEffortEdit) {
|
||||
return EditValidity.Invalid("original event and replacement event must have the same sender")
|
||||
}
|
||||
} else {
|
||||
if (originalCryptoSenderId != editCryptoSenderId) {
|
||||
return EditValidity.Invalid("Crypto: original event and replacement event must have the same sender")
|
||||
}
|
||||
// maybe it's a deleted device or a not yet downloaded one?
|
||||
return EditValidity.Unknown
|
||||
}
|
||||
|
||||
if (originalDecrypted.type != replaceDecrypted.type) {
|
||||
|
|
|
@ -49,7 +49,7 @@ import org.matrix.android.sdk.api.util.CancelableBag
|
|||
import org.matrix.android.sdk.api.util.JsonDict
|
||||
import org.matrix.android.sdk.api.util.NoOpCancellable
|
||||
import org.matrix.android.sdk.api.util.TextContent
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCommonCryptoStore
|
||||
import org.matrix.android.sdk.internal.di.SessionId
|
||||
import org.matrix.android.sdk.internal.di.WorkManagerProvider
|
||||
import org.matrix.android.sdk.internal.session.content.UploadContentWorker
|
||||
|
@ -69,7 +69,7 @@ internal class DefaultSendService @AssistedInject constructor(
|
|||
private val workManagerProvider: WorkManagerProvider,
|
||||
@SessionId private val sessionId: String,
|
||||
private val localEchoEventFactory: LocalEchoEventFactory,
|
||||
private val cryptoStore: IMXCryptoStore,
|
||||
private val cryptoStore: IMXCommonCryptoStore,
|
||||
private val taskExecutor: TaskExecutor,
|
||||
private val localEchoRepository: LocalEchoRepository,
|
||||
private val eventSenderProcessor: EventSenderProcessor,
|
||||
|
|
|
@ -28,7 +28,7 @@ import org.matrix.android.sdk.api.failure.isLimitExceededError
|
|||
import org.matrix.android.sdk.api.session.Session
|
||||
import org.matrix.android.sdk.api.session.events.model.Event
|
||||
import org.matrix.android.sdk.api.util.Cancelable
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCommonCryptoStore
|
||||
import org.matrix.android.sdk.internal.session.SessionScope
|
||||
import org.matrix.android.sdk.internal.task.CoroutineSequencer
|
||||
import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
|
||||
|
@ -54,7 +54,7 @@ private const val MAX_RETRY_COUNT = 3
|
|||
*/
|
||||
@SessionScope
|
||||
internal class EventSenderProcessorCoroutine @Inject constructor(
|
||||
private val cryptoStore: IMXCryptoStore,
|
||||
private val cryptoStore: IMXCommonCryptoStore,
|
||||
private val sessionParams: SessionParams,
|
||||
private val queuedTaskFactory: QueuedTaskFactory,
|
||||
private val taskExecutor: TaskExecutor,
|
||||
|
|
|
@ -58,8 +58,8 @@ import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.StoreRoomSessionD
|
|||
import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.StoreRoomSessionsDataTask
|
||||
import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.StoreSessionsDataTask
|
||||
import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.UpdateKeysBackupVersionTask
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.RealmCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCommonCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.RustCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.RealmCryptoStoreMigration
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.RealmCryptoStoreModule
|
||||
import org.matrix.android.sdk.internal.crypto.tasks.ClaimOneTimeKeysForUsersDeviceTask
|
||||
|
@ -246,7 +246,7 @@ internal abstract class CryptoModule {
|
|||
abstract fun bindVerificationService(service: RustVerificationService): VerificationService
|
||||
|
||||
@Binds
|
||||
abstract fun bindCryptoStore(store: RealmCryptoStore): IMXCryptoStore
|
||||
abstract fun bindCryptoStore(store: RustCryptoStore): IMXCommonCryptoStore
|
||||
|
||||
@Binds
|
||||
abstract fun bindSendEventTask(task: DefaultSendEventTask): SendEventTask
|
||||
|
|
|
@ -54,6 +54,7 @@ import org.matrix.android.sdk.api.util.toOptional
|
|||
import org.matrix.android.sdk.internal.coroutines.builder.safeInvokeOnClose
|
||||
import org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.DefaultKeysAlgorithmAndData
|
||||
import org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.KeysAlgorithmAndData
|
||||
import org.matrix.android.sdk.internal.crypto.model.MXInboundMegolmSessionWrapper
|
||||
import org.matrix.android.sdk.internal.crypto.network.RequestSender
|
||||
import org.matrix.android.sdk.internal.crypto.verification.SasVerification
|
||||
import org.matrix.android.sdk.internal.crypto.verification.VerificationRequest
|
||||
|
@ -312,10 +313,10 @@ internal class OlmMachine @Inject constructor(
|
|||
/**
|
||||
* Used for lazy migration of inboundGroupSession from EA to ER
|
||||
*/
|
||||
suspend fun importRoomKey(inbound: InboundGroupSessionHolder): Result<Unit> {
|
||||
suspend fun importRoomKey(inbound: MXInboundMegolmSessionWrapper): Result<Unit> {
|
||||
Timber.v("Migration:: Tentative lazy migration")
|
||||
return withContext(coroutineDispatchers.io) {
|
||||
val export = inbound.wrapper.exportKeys()
|
||||
val export = inbound.exportKeys()
|
||||
?: return@withContext Result.failure(Exception("Failed to export key"))
|
||||
val result = importDecryptedKeys(listOf(export), null).also {
|
||||
Timber.v("Migration:: Tentative lazy migration result: ${it.totalNumberOfKeys}")
|
||||
|
|
|
@ -28,7 +28,7 @@ import org.matrix.android.sdk.api.logger.LoggerTag
|
|||
import org.matrix.android.sdk.api.session.crypto.MXCryptoError
|
||||
import org.matrix.android.sdk.internal.crypto.keysbackup.RustKeyBackupService
|
||||
import org.matrix.android.sdk.internal.crypto.network.RequestSender
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCommonCryptoStore
|
||||
import org.matrix.android.sdk.internal.session.SessionScope
|
||||
import org.matrix.android.sdk.internal.session.room.membership.LoadRoomMembersTask
|
||||
import org.matrix.rustcomponents.sdk.crypto.EncryptionSettings
|
||||
|
@ -47,7 +47,7 @@ private val loggerTag = LoggerTag("PrepareToEncryptUseCase", LoggerTag.CRYPTO)
|
|||
internal class PrepareToEncryptUseCase @Inject constructor(
|
||||
private val olmMachine: OlmMachine,
|
||||
private val coroutineDispatchers: MatrixCoroutineDispatchers,
|
||||
private val cryptoStore: IMXCryptoStore,
|
||||
private val cryptoStore: IMXCommonCryptoStore,
|
||||
private val getRoomUserIds: GetRoomUserIdsUseCase,
|
||||
private val requestSender: RequestSender,
|
||||
private val loadRoomMembersTask: LoadRoomMembersTask,
|
||||
|
|
|
@ -17,7 +17,6 @@
|
|||
package org.matrix.android.sdk.internal.crypto
|
||||
|
||||
import android.content.Context
|
||||
import androidx.annotation.VisibleForTesting
|
||||
import androidx.lifecycle.LiveData
|
||||
import androidx.lifecycle.map
|
||||
import androidx.paging.PagedList
|
||||
|
@ -76,7 +75,7 @@ import org.matrix.android.sdk.internal.crypto.keysbackup.RustKeyBackupService
|
|||
import org.matrix.android.sdk.internal.crypto.model.SessionInfo
|
||||
import org.matrix.android.sdk.internal.crypto.network.OutgoingRequestsProcessor
|
||||
import org.matrix.android.sdk.internal.crypto.repository.WarnOnUnknownDeviceRepository
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCommonCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.CryptoStoreAggregator
|
||||
import org.matrix.android.sdk.internal.crypto.tasks.DeleteDeviceTask
|
||||
import org.matrix.android.sdk.internal.crypto.tasks.GetDeviceInfoTask
|
||||
|
@ -111,7 +110,7 @@ internal class RustCryptoService @Inject constructor(
|
|||
@UserId private val myUserId: String,
|
||||
@DeviceId private val deviceId: String,
|
||||
// the crypto store
|
||||
private val cryptoStore: IMXCryptoStore,
|
||||
private val cryptoStore: IMXCommonCryptoStore,
|
||||
// Set of parameters used to configure/customize the end-to-end crypto.
|
||||
private val mxCryptoConfig: MXCryptoConfig,
|
||||
// Actions
|
||||
|
@ -903,13 +902,6 @@ internal class RustCryptoService @Inject constructor(
|
|||
// TODO("Not yet implemented")
|
||||
}
|
||||
|
||||
/* ==========================================================================================
|
||||
* For test only
|
||||
* ========================================================================================== */
|
||||
|
||||
@VisibleForTesting
|
||||
val cryptoStoreForTesting = cryptoStore
|
||||
|
||||
companion object {
|
||||
const val CRYPTO_MIN_FORCE_SESSION_PERIOD_MILLIS = 3_600_000 // one hour
|
||||
}
|
||||
|
|
|
@ -24,6 +24,7 @@ import kotlinx.coroutines.CoroutineScope
|
|||
import kotlinx.coroutines.SupervisorJob
|
||||
import kotlinx.coroutines.launch
|
||||
import org.matrix.android.sdk.api.auth.UserInteractiveAuthInterceptor
|
||||
import org.matrix.android.sdk.api.extensions.tryOrNull
|
||||
import org.matrix.android.sdk.api.failure.Failure
|
||||
import org.matrix.android.sdk.api.failure.MatrixError
|
||||
import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysBackupLastVersionResult
|
||||
|
@ -36,7 +37,6 @@ import org.matrix.android.sdk.api.session.events.model.Event
|
|||
import org.matrix.android.sdk.api.session.events.model.EventType
|
||||
import org.matrix.android.sdk.api.session.uia.UiaResult
|
||||
import org.matrix.android.sdk.internal.auth.registration.handleUIA
|
||||
import org.matrix.android.sdk.internal.crypto.InboundGroupSessionStore
|
||||
import org.matrix.android.sdk.internal.crypto.OlmMachine
|
||||
import org.matrix.android.sdk.internal.crypto.PerSessionBackupQueryRateLimiter
|
||||
import org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.BackupKeysResult
|
||||
|
@ -59,6 +59,7 @@ import org.matrix.android.sdk.internal.crypto.model.rest.KeysUploadBody
|
|||
import org.matrix.android.sdk.internal.crypto.model.rest.KeysUploadResponse
|
||||
import org.matrix.android.sdk.internal.crypto.model.rest.RestKeyInfo
|
||||
import org.matrix.android.sdk.internal.crypto.model.rest.SignatureUploadResponse
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCommonCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.tasks.ClaimOneTimeKeysForUsersDeviceTask
|
||||
import org.matrix.android.sdk.internal.crypto.tasks.DefaultSendVerificationMessageTask
|
||||
import org.matrix.android.sdk.internal.crypto.tasks.DownloadKeysForUsersTask
|
||||
|
@ -102,7 +103,7 @@ internal class RequestSender @Inject constructor(
|
|||
private val moshi: Moshi,
|
||||
cryptoCoroutineScope: CoroutineScope,
|
||||
private val rateLimiter: PerSessionBackupQueryRateLimiter,
|
||||
private val inboundGroupSessionStore: InboundGroupSessionStore,
|
||||
private val cryptoStore: IMXCommonCryptoStore,
|
||||
private val localEchoRepository: LocalEchoRepository,
|
||||
private val olmMachine: Lazy<OlmMachine>,
|
||||
) {
|
||||
|
@ -266,7 +267,9 @@ internal class RequestSender @Inject constructor(
|
|||
val senderKey = requestBody?.get("sender_key") as? String
|
||||
if (roomId != null && sessionId != null) {
|
||||
// try to perform a lazy migration from legacy store
|
||||
val legacy = inboundGroupSessionStore.getInboundGroupSession(sessionId, senderKey.orEmpty())
|
||||
val legacy = tryOrNull("Failed to access legacy crypto store") {
|
||||
cryptoStore.getInboundGroupSession(sessionId, senderKey.orEmpty())
|
||||
}
|
||||
if (legacy == null || olmMachine.get().importRoomKey(legacy).isFailure) {
|
||||
rateLimiter.tryFromBackupIfPossible(sessionId, roomId)
|
||||
}
|
||||
|
|
|
@ -0,0 +1,351 @@
|
|||
/*
|
||||
* Copyright 2023 The Matrix.org Foundation C.I.C.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.matrix.android.sdk.internal.crypto.store
|
||||
|
||||
import androidx.lifecycle.LiveData
|
||||
import androidx.lifecycle.Transformations
|
||||
import com.zhuinden.monarchy.Monarchy
|
||||
import io.realm.Realm
|
||||
import io.realm.RealmConfiguration
|
||||
import io.realm.kotlin.where
|
||||
import kotlinx.coroutines.runBlocking
|
||||
import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
|
||||
import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
|
||||
import org.matrix.android.sdk.api.extensions.tryOrNull
|
||||
import org.matrix.android.sdk.api.logger.LoggerTag
|
||||
import org.matrix.android.sdk.api.session.crypto.GlobalCryptoConfig
|
||||
import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.model.CryptoRoomInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
|
||||
import org.matrix.android.sdk.api.session.events.model.content.EncryptionEventContent
|
||||
import org.matrix.android.sdk.api.util.Optional
|
||||
import org.matrix.android.sdk.api.util.toOptional
|
||||
import org.matrix.android.sdk.internal.crypto.OlmMachine
|
||||
import org.matrix.android.sdk.internal.crypto.model.MXInboundMegolmSessionWrapper
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.CryptoStoreAggregator
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.doRealmTransaction
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.doRealmTransactionAsync
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.doWithRealm
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.mapper.CryptoRoomInfoMapper
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.mapper.MyDeviceLastSeenInfoEntityMapper
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.AuditTrailEntity
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.AuditTrailEntityFields
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoMetadataEntity
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoRoomEntity
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoRoomEntityFields
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.MyDeviceLastSeenInfoEntity
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.MyDeviceLastSeenInfoEntityFields
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.OlmInboundGroupSessionEntity
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.OlmInboundGroupSessionEntityFields
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingKeyRequestEntity
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingKeyRequestEntityFields
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.model.createPrimaryKey
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.query.getById
|
||||
import org.matrix.android.sdk.internal.crypto.store.db.query.getOrCreate
|
||||
import org.matrix.android.sdk.internal.di.CryptoDatabase
|
||||
import org.matrix.android.sdk.internal.session.SessionScope
|
||||
import org.matrix.android.sdk.internal.util.time.Clock
|
||||
import timber.log.Timber
|
||||
import java.util.concurrent.Executors
|
||||
import java.util.concurrent.TimeUnit
|
||||
import javax.inject.Inject
|
||||
|
||||
private val loggerTag = LoggerTag("RealmCryptoStore", LoggerTag.CRYPTO)
|
||||
|
||||
/**
|
||||
* In the transition phase, the rust SDK is still using parts to the realm crypto store,
|
||||
* this should be removed after full migration
|
||||
*/
|
||||
@SessionScope
|
||||
internal class RustCryptoStore @Inject constructor(
|
||||
@CryptoDatabase private val realmConfiguration: RealmConfiguration,
|
||||
private val clock: Clock,
|
||||
private val myDeviceLastSeenInfoEntityMapper: MyDeviceLastSeenInfoEntityMapper,
|
||||
private val olmMachine: dagger.Lazy<OlmMachine>,
|
||||
private val matrixCoroutineDispatchers: MatrixCoroutineDispatchers,
|
||||
) : IMXCommonCryptoStore {
|
||||
|
||||
/**
|
||||
* Retrieve a device by its identity key.
|
||||
*
|
||||
* @param identityKey the device identity key (`MXDeviceInfo.identityKey`)
|
||||
* @return the device or null if not found
|
||||
*/
|
||||
override fun deviceWithIdentityKey(userId: String, identityKey: String): CryptoDeviceInfo? {
|
||||
// XXX make this suspendable?
|
||||
val knownDevices = runBlocking(matrixCoroutineDispatchers.io) {
|
||||
olmMachine.get().getUserDevices(userId)
|
||||
}
|
||||
return knownDevices
|
||||
.map { it.toCryptoDeviceInfo() }
|
||||
.firstOrNull {
|
||||
it.identityKey() == identityKey
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Needed for lazy migration of sessions from the legacy store
|
||||
*/
|
||||
override fun getInboundGroupSession(sessionId: String, senderKey: String): MXInboundMegolmSessionWrapper? {
|
||||
val key = OlmInboundGroupSessionEntity.createPrimaryKey(sessionId, senderKey)
|
||||
|
||||
return doWithRealm(realmConfiguration) { realm ->
|
||||
realm.where<OlmInboundGroupSessionEntity>()
|
||||
.equalTo(OlmInboundGroupSessionEntityFields.PRIMARY_KEY, key)
|
||||
.findFirst()
|
||||
?.toModel()
|
||||
}
|
||||
}
|
||||
|
||||
// ================================================
|
||||
// Things that should be migrated to another store than realm
|
||||
// ================================================
|
||||
|
||||
private val monarchyWriteAsyncExecutor = Executors.newSingleThreadExecutor()
|
||||
|
||||
private val monarchy = Monarchy.Builder()
|
||||
.setRealmConfiguration(realmConfiguration)
|
||||
.setWriteAsyncExecutor(monarchyWriteAsyncExecutor)
|
||||
.build()
|
||||
|
||||
override fun open() {
|
||||
// nop
|
||||
}
|
||||
|
||||
override fun tidyUpDataBase() {
|
||||
// These entities are not used in rust actually, but as they are not yet cleaned up, this will do it with time
|
||||
val prevWeekTs = clock.epochMillis() - 7 * 24 * 60 * 60 * 1_000
|
||||
doRealmTransaction("tidyUpDataBase", realmConfiguration) { realm ->
|
||||
|
||||
// Clean the old ones?
|
||||
realm.where<OutgoingKeyRequestEntity>()
|
||||
.lessThan(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, prevWeekTs)
|
||||
.findAll()
|
||||
.also { Timber.i("## Crypto Clean up ${it.size} OutgoingKeyRequestEntity") }
|
||||
.deleteAllFromRealm()
|
||||
|
||||
// Only keep one month history
|
||||
|
||||
val prevMonthTs = clock.epochMillis() - 4 * 7 * 24 * 60 * 60 * 1_000L
|
||||
realm.where<AuditTrailEntity>()
|
||||
.lessThan(AuditTrailEntityFields.AGE_LOCAL_TS, prevMonthTs)
|
||||
.findAll()
|
||||
.also { Timber.i("## Crypto Clean up ${it.size} AuditTrailEntity") }
|
||||
.deleteAllFromRealm()
|
||||
|
||||
// Can we do something for WithHeldSessionEntity?
|
||||
}
|
||||
}
|
||||
|
||||
override fun close() {
|
||||
val tasks = monarchyWriteAsyncExecutor.shutdownNow()
|
||||
Timber.w("Closing RealmCryptoStore, ${tasks.size} async task(s) cancelled")
|
||||
tryOrNull("Interrupted") {
|
||||
// Wait 1 minute max
|
||||
monarchyWriteAsyncExecutor.awaitTermination(1, TimeUnit.MINUTES)
|
||||
}
|
||||
}
|
||||
|
||||
override fun getRoomAlgorithm(roomId: String): String? {
|
||||
return doWithRealm(realmConfiguration) {
|
||||
CryptoRoomEntity.getById(it, roomId)?.algorithm
|
||||
}
|
||||
}
|
||||
|
||||
override fun getRoomCryptoInfo(roomId: String): CryptoRoomInfo? {
|
||||
return doWithRealm(realmConfiguration) { realm ->
|
||||
CryptoRoomEntity.getById(realm, roomId)?.let {
|
||||
CryptoRoomInfoMapper.map(it)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* This is a bit different than isRoomEncrypted.
|
||||
* A room is encrypted when there is a m.room.encryption state event in the room (malformed/invalid or not).
|
||||
* But the crypto layer has additional guaranty to ensure that encryption would never been reverted.
|
||||
* It's defensive coding out of precaution (if ever state is reset).
|
||||
*/
|
||||
override fun roomWasOnceEncrypted(roomId: String): Boolean {
|
||||
return doWithRealm(realmConfiguration) {
|
||||
CryptoRoomEntity.getById(it, roomId)?.wasEncryptedOnce ?: false
|
||||
}
|
||||
}
|
||||
|
||||
override fun setAlgorithmInfo(roomId: String, encryption: EncryptionEventContent?) {
|
||||
doRealmTransaction("setAlgorithmInfo", realmConfiguration) {
|
||||
CryptoRoomEntity.getOrCreate(it, roomId).let { entity ->
|
||||
entity.algorithm = encryption?.algorithm
|
||||
// store anyway the new algorithm, but mark the room
|
||||
// as having been encrypted once whatever, this can never
|
||||
// go back to false
|
||||
if (encryption?.algorithm == MXCRYPTO_ALGORITHM_MEGOLM) {
|
||||
entity.wasEncryptedOnce = true
|
||||
entity.rotationPeriodMs = encryption.rotationPeriodMs
|
||||
entity.rotationPeriodMsgs = encryption.rotationPeriodMsgs
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
override fun saveMyDevicesInfo(info: List<DeviceInfo>) {
|
||||
val entities = info.map { myDeviceLastSeenInfoEntityMapper.map(it) }
|
||||
doRealmTransactionAsync(realmConfiguration) { realm ->
|
||||
realm.where<MyDeviceLastSeenInfoEntity>().findAll().deleteAllFromRealm()
|
||||
entities.forEach {
|
||||
realm.insertOrUpdate(it)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
override fun getMyDevicesInfo(): List<DeviceInfo> {
|
||||
return monarchy.fetchAllCopiedSync {
|
||||
it.where<MyDeviceLastSeenInfoEntity>()
|
||||
}.map {
|
||||
DeviceInfo(
|
||||
deviceId = it.deviceId,
|
||||
lastSeenIp = it.lastSeenIp,
|
||||
lastSeenTs = it.lastSeenTs,
|
||||
displayName = it.displayName
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
override fun getLiveMyDevicesInfo(): LiveData<List<DeviceInfo>> {
|
||||
return monarchy.findAllMappedWithChanges(
|
||||
{ realm: Realm ->
|
||||
realm.where<MyDeviceLastSeenInfoEntity>()
|
||||
},
|
||||
{ entity -> myDeviceLastSeenInfoEntityMapper.map(entity) }
|
||||
)
|
||||
}
|
||||
|
||||
override fun getLiveMyDevicesInfo(deviceId: String): LiveData<Optional<DeviceInfo>> {
|
||||
val liveData = monarchy.findAllMappedWithChanges(
|
||||
{ realm: Realm ->
|
||||
realm.where<MyDeviceLastSeenInfoEntity>()
|
||||
.equalTo(MyDeviceLastSeenInfoEntityFields.DEVICE_ID, deviceId)
|
||||
},
|
||||
{ entity -> myDeviceLastSeenInfoEntityMapper.map(entity) }
|
||||
)
|
||||
|
||||
return Transformations.map(liveData) {
|
||||
it.firstOrNull().toOptional()
|
||||
}
|
||||
}
|
||||
|
||||
override fun storeData(cryptoStoreAggregator: CryptoStoreAggregator) {
|
||||
if (cryptoStoreAggregator.isEmpty()) {
|
||||
return
|
||||
}
|
||||
doRealmTransaction("storeData - CryptoStoreAggregator", realmConfiguration) { realm ->
|
||||
// setShouldShareHistory
|
||||
cryptoStoreAggregator.setShouldShareHistoryData.forEach {
|
||||
Timber.tag(loggerTag.value)
|
||||
.v("setShouldShareHistory for room ${it.key} is ${it.value}")
|
||||
CryptoRoomEntity.getOrCreate(realm, it.key).shouldShareHistory = it.value
|
||||
}
|
||||
// setShouldEncryptForInvitedMembers
|
||||
cryptoStoreAggregator.setShouldEncryptForInvitedMembersData.forEach {
|
||||
CryptoRoomEntity.getOrCreate(realm, it.key).shouldEncryptForInvitedMembers = it.value
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
override fun shouldEncryptForInvitedMembers(roomId: String): Boolean {
|
||||
return doWithRealm(realmConfiguration) {
|
||||
CryptoRoomEntity.getById(it, roomId)?.shouldEncryptForInvitedMembers
|
||||
}
|
||||
?: false
|
||||
}
|
||||
|
||||
override fun setShouldShareHistory(roomId: String, shouldShareHistory: Boolean) {
|
||||
Timber.tag(loggerTag.value)
|
||||
.v("setShouldShareHistory for room $roomId is $shouldShareHistory")
|
||||
doRealmTransaction("setShouldShareHistory", realmConfiguration) {
|
||||
CryptoRoomEntity.getOrCreate(it, roomId).shouldShareHistory = shouldShareHistory
|
||||
}
|
||||
}
|
||||
|
||||
override fun setShouldEncryptForInvitedMembers(roomId: String, shouldEncryptForInvitedMembers: Boolean) {
|
||||
doRealmTransaction("setShouldEncryptForInvitedMembers", realmConfiguration) {
|
||||
CryptoRoomEntity.getOrCreate(it, roomId).shouldEncryptForInvitedMembers = shouldEncryptForInvitedMembers
|
||||
}
|
||||
}
|
||||
|
||||
override fun blockUnverifiedDevicesInRoom(roomId: String, block: Boolean) {
|
||||
doRealmTransaction("blockUnverifiedDevicesInRoom", realmConfiguration) { realm ->
|
||||
CryptoRoomEntity.getById(realm, roomId)
|
||||
?.blacklistUnverifiedDevices = block
|
||||
}
|
||||
}
|
||||
|
||||
override fun setGlobalBlacklistUnverifiedDevices(block: Boolean) {
|
||||
doRealmTransaction("setGlobalBlacklistUnverifiedDevices", realmConfiguration) {
|
||||
it.where<CryptoMetadataEntity>().findFirst()?.globalBlacklistUnverifiedDevices = block
|
||||
}
|
||||
}
|
||||
|
||||
override fun getLiveGlobalCryptoConfig(): LiveData<GlobalCryptoConfig> {
|
||||
val liveData = monarchy.findAllMappedWithChanges(
|
||||
{ realm: Realm ->
|
||||
realm
|
||||
.where<CryptoMetadataEntity>()
|
||||
},
|
||||
{
|
||||
GlobalCryptoConfig(
|
||||
globalBlockUnverifiedDevices = it.globalBlacklistUnverifiedDevices,
|
||||
globalEnableKeyGossiping = it.globalEnableKeyGossiping,
|
||||
enableKeyForwardingOnInvite = it.enableKeyForwardingOnInvite
|
||||
)
|
||||
}
|
||||
)
|
||||
return Transformations.map(liveData) {
|
||||
it.firstOrNull() ?: GlobalCryptoConfig(false, false, false)
|
||||
}
|
||||
}
|
||||
|
||||
override fun getGlobalBlacklistUnverifiedDevices(): Boolean {
|
||||
return doWithRealm(realmConfiguration) {
|
||||
it.where<CryptoMetadataEntity>().findFirst()?.globalBlacklistUnverifiedDevices
|
||||
} ?: false
|
||||
}
|
||||
|
||||
override fun getLiveBlockUnverifiedDevices(roomId: String): LiveData<Boolean> {
|
||||
val liveData = monarchy.findAllMappedWithChanges(
|
||||
{ realm: Realm ->
|
||||
realm.where<CryptoRoomEntity>()
|
||||
.equalTo(CryptoRoomEntityFields.ROOM_ID, roomId)
|
||||
},
|
||||
{
|
||||
it.blacklistUnverifiedDevices
|
||||
}
|
||||
)
|
||||
return Transformations.map(liveData) {
|
||||
it.firstOrNull() ?: false
|
||||
}
|
||||
}
|
||||
|
||||
override fun getBlockUnverifiedDevices(roomId: String): Boolean {
|
||||
return doWithRealm(realmConfiguration) { realm ->
|
||||
realm.where<CryptoRoomEntity>()
|
||||
.equalTo(CryptoRoomEntityFields.ROOM_ID, roomId)
|
||||
.findFirst()
|
||||
?.blacklistUnverifiedDevices ?: false
|
||||
}
|
||||
}
|
||||
}
|
|
@ -24,7 +24,7 @@ import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
|
|||
import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
|
||||
import org.matrix.android.sdk.api.session.events.model.Event
|
||||
import org.matrix.android.sdk.api.session.events.model.EventType
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
|
||||
import org.matrix.android.sdk.internal.crypto.store.IMXCommonCryptoStore
|
||||
|
||||
class EventEditValidatorTest {
|
||||
|
||||
|
@ -62,7 +62,7 @@ class EventEditValidatorTest {
|
|||
|
||||
@Test
|
||||
fun `edit should be valid`() {
|
||||
val mockCryptoStore = mockk<IMXCryptoStore>()
|
||||
val mockCryptoStore = mockk<IMXCommonCryptoStore>()
|
||||
val validator = EventEditValidator(mockCryptoStore)
|
||||
|
||||
validator
|
||||
|
@ -71,7 +71,7 @@ class EventEditValidatorTest {
|
|||
|
||||
@Test
|
||||
fun `original event and replacement event must have the same sender`() {
|
||||
val mockCryptoStore = mockk<IMXCryptoStore>()
|
||||
val mockCryptoStore = mockk<IMXCommonCryptoStore>()
|
||||
val validator = EventEditValidator(mockCryptoStore)
|
||||
|
||||
validator
|
||||
|
@ -83,7 +83,7 @@ class EventEditValidatorTest {
|
|||
|
||||
@Test
|
||||
fun `original event and replacement event must have the same room_id`() {
|
||||
val mockCryptoStore = mockk<IMXCryptoStore>()
|
||||
val mockCryptoStore = mockk<IMXCommonCryptoStore>()
|
||||
val validator = EventEditValidator(mockCryptoStore)
|
||||
|
||||
validator
|
||||
|
@ -101,7 +101,7 @@ class EventEditValidatorTest {
|
|||
|
||||
@Test
|
||||
fun `replacement and original events must not have a state_key property`() {
|
||||
val mockCryptoStore = mockk<IMXCryptoStore>()
|
||||
val mockCryptoStore = mockk<IMXCommonCryptoStore>()
|
||||
val validator = EventEditValidator(mockCryptoStore)
|
||||
|
||||
validator
|
||||
|
@ -119,8 +119,8 @@ class EventEditValidatorTest {
|
|||
|
||||
@Test
|
||||
fun `replacement event must have an new_content property`() {
|
||||
val mockCryptoStore = mockk<IMXCryptoStore> {
|
||||
every { deviceWithIdentityKey("R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
val mockCryptoStore = mockk<IMXCommonCryptoStore> {
|
||||
every { deviceWithIdentityKey("@alice:example.com", "R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
mockk<CryptoDeviceInfo> {
|
||||
every { userId } returns "@alice:example.com"
|
||||
}
|
||||
|
@ -157,8 +157,8 @@ class EventEditValidatorTest {
|
|||
|
||||
@Test
|
||||
fun `The original event must not itself have a rel_type of m_replace`() {
|
||||
val mockCryptoStore = mockk<IMXCryptoStore> {
|
||||
every { deviceWithIdentityKey("R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
val mockCryptoStore = mockk<IMXCommonCryptoStore> {
|
||||
every { deviceWithIdentityKey("@alice:example.com", "R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
mockk<CryptoDeviceInfo> {
|
||||
every { userId } returns "@alice:example.com"
|
||||
}
|
||||
|
@ -207,8 +207,8 @@ class EventEditValidatorTest {
|
|||
|
||||
@Test
|
||||
fun `valid e2ee edit`() {
|
||||
val mockCryptoStore = mockk<IMXCryptoStore> {
|
||||
every { deviceWithIdentityKey("R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
val mockCryptoStore = mockk<IMXCommonCryptoStore> {
|
||||
every { deviceWithIdentityKey("@alice:example.com", "R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
mockk<CryptoDeviceInfo> {
|
||||
every { userId } returns "@alice:example.com"
|
||||
}
|
||||
|
@ -224,8 +224,8 @@ class EventEditValidatorTest {
|
|||
|
||||
@Test
|
||||
fun `If the original event was encrypted, the replacement should be too`() {
|
||||
val mockCryptoStore = mockk<IMXCryptoStore> {
|
||||
every { deviceWithIdentityKey("R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
val mockCryptoStore = mockk<IMXCommonCryptoStore> {
|
||||
every { deviceWithIdentityKey("@alice:example.com", "R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
mockk<CryptoDeviceInfo> {
|
||||
every { userId } returns "@alice:example.com"
|
||||
}
|
||||
|
@ -241,12 +241,12 @@ class EventEditValidatorTest {
|
|||
|
||||
@Test
|
||||
fun `encrypted, original event and replacement event must have the same sender`() {
|
||||
val mockCryptoStore = mockk<IMXCryptoStore> {
|
||||
every { deviceWithIdentityKey("R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
val mockCryptoStore = mockk<IMXCommonCryptoStore> {
|
||||
every { deviceWithIdentityKey("@alice:example.com", "R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
mockk {
|
||||
every { userId } returns "@alice:example.com"
|
||||
}
|
||||
every { deviceWithIdentityKey("7V5e/2O93mf4GeW7Mtq4YWcRNpYS9NhQbdJMgdnIPUI") } returns
|
||||
every { deviceWithIdentityKey("@bob:example.com", "7V5e/2O93mf4GeW7Mtq4YWcRNpYS9NhQbdJMgdnIPUI") } returns
|
||||
mockk {
|
||||
every { userId } returns "@bob:example.com"
|
||||
}
|
||||
|
@ -256,7 +256,9 @@ class EventEditValidatorTest {
|
|||
validator
|
||||
.validateEdit(
|
||||
encryptedEvent,
|
||||
encryptedEditEvent.copy().apply {
|
||||
encryptedEditEvent.copy(
|
||||
senderId = "@bob:example.com"
|
||||
).apply {
|
||||
mxDecryptionResult = encryptedEditEvent.mxDecryptionResult!!.copy(
|
||||
senderKey = "7V5e/2O93mf4GeW7Mtq4YWcRNpYS9NhQbdJMgdnIPUI"
|
||||
)
|
||||
|
@ -269,12 +271,12 @@ class EventEditValidatorTest {
|
|||
|
||||
@Test
|
||||
fun `encrypted, sent fom a deleted device, original event and replacement event must have the same sender`() {
|
||||
val mockCryptoStore = mockk<IMXCryptoStore> {
|
||||
every { deviceWithIdentityKey("R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
val mockCryptoStore = mockk<IMXCommonCryptoStore> {
|
||||
every { deviceWithIdentityKey("@alice:example.com", "R0s/7Aindgg/RNWqUGJyJOXtCz5H7Gx7fInFuroq1xo") } returns
|
||||
mockk {
|
||||
every { userId } returns "@alice:example.com"
|
||||
}
|
||||
every { deviceWithIdentityKey("7V5e/2O93mf4GeW7Mtq4YWcRNpYS9NhQbdJMgdnIPUI") } returns
|
||||
every { deviceWithIdentityKey(any(), "7V5e/2O93mf4GeW7Mtq4YWcRNpYS9NhQbdJMgdnIPUI") } returns
|
||||
null
|
||||
}
|
||||
val validator = EventEditValidator(mockCryptoStore)
|
||||
|
@ -288,7 +290,7 @@ class EventEditValidatorTest {
|
|||
)
|
||||
}
|
||||
|
||||
) shouldBeInstanceOf EventEditValidator.EditValidity.Valid::class
|
||||
) shouldBeInstanceOf EventEditValidator.EditValidity.Unknown::class
|
||||
|
||||
validator
|
||||
.validateEdit(
|
||||
|
|
Loading…
Reference in a new issue