From c8f0792997689dfa727d069bf6b647c367b0105d Mon Sep 17 00:00:00 2001 From: Valere Date: Mon, 1 Aug 2022 10:41:56 +0200 Subject: [PATCH] warn on cross signing reset --- changelog.d/6702.bugfix | 1 + .../crypto/crosssigning/MXCrossSigningInfo.kt | 3 +- .../crypto/model/UserVerificationLevel.kt | 28 +++++++++ .../DefaultCrossSigningService.kt | 6 +- .../crypto/crosssigning/UpdateTrustWorker.kt | 61 +++++++++++++------ .../crypto/store/db/RealmCryptoStore.kt | 3 +- .../store/db/RealmCryptoStoreMigration.kt | 4 +- .../store/db/migration/MigrateCryptoTo019.kt | 59 ++++++++++++++++++ .../store/db/model/CrossSigningInfoEntity.kt | 1 + .../epoxy/profiles/BaseProfileMatrixItem.kt | 6 +- .../app/core/ui/views/ShieldImageView.kt | 30 +++++++++ .../RoomMemberProfileFragment.kt | 20 +++--- .../members/RoomMemberListController.kt | 2 +- .../members/RoomMemberListViewModel.kt | 22 +++++-- .../members/RoomMemberListViewState.kt | 4 +- .../people/SpacePeopleListController.kt | 2 +- 16 files changed, 208 insertions(+), 44 deletions(-) create mode 100644 changelog.d/6702.bugfix create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/UserVerificationLevel.kt create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo019.kt diff --git a/changelog.d/6702.bugfix b/changelog.d/6702.bugfix new file mode 100644 index 0000000000..d8028c7bc8 --- /dev/null +++ b/changelog.d/6702.bugfix @@ -0,0 +1 @@ +Add Warning shield when a user previously verified rotated his cross signing keys diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/crosssigning/MXCrossSigningInfo.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/crosssigning/MXCrossSigningInfo.kt index 9604decd62..30a2cfd719 100644 --- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/crosssigning/MXCrossSigningInfo.kt +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/crosssigning/MXCrossSigningInfo.kt @@ -18,7 +18,8 @@ package org.matrix.android.sdk.api.session.crypto.crosssigning data class MXCrossSigningInfo( val userId: String, - val crossSigningKeys: List + val crossSigningKeys: List, + val wasTrustedOnce: Boolean ) { fun isTrusted(): Boolean = masterKey()?.trustLevel?.isVerified() == true && diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/UserVerificationLevel.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/UserVerificationLevel.kt new file mode 100644 index 0000000000..e3c7057b6b --- /dev/null +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/UserVerificationLevel.kt @@ -0,0 +1,28 @@ +/* + * Copyright 2022 The Matrix.org Foundation C.I.C. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.matrix.android.sdk.api.session.crypto.model + +enum class UserVerificationLevel { + + VERIFIED_ALL_DEVICES_TRUSTED, + + VERIFIED_WITH_DEVICES_UNTRUSTED, + + UNVERIFIED_BUT_WAS_PREVIOUSLY, + + WAS_NEVER_VERIFIED, +} diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt index d405bdce27..e512ea503b 100644 --- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt @@ -167,7 +167,11 @@ internal class DefaultCrossSigningService @Inject constructor( } override fun onSuccess(data: InitializeCrossSigningTask.Result) { - val crossSigningInfo = MXCrossSigningInfo(userId, listOf(data.masterKeyInfo, data.userKeyInfo, data.selfSignedKeyInfo)) + val crossSigningInfo = MXCrossSigningInfo( + userId, + listOf(data.masterKeyInfo, data.userKeyInfo, data.selfSignedKeyInfo), + true + ) cryptoStore.setMyCrossSigningInfo(crossSigningInfo) setUserKeysAsTrusted(userId, true) cryptoStore.storePrivateKeysInfo(data.masterKeyPK, data.userKeyPK, data.selfSigningKeyPK) diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/UpdateTrustWorker.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/UpdateTrustWorker.kt index 6d845ec59e..bde68a726d 100644 --- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/UpdateTrustWorker.kt +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/UpdateTrustWorker.kt @@ -259,21 +259,27 @@ internal class UpdateTrustWorker(context: Context, params: WorkerParameters, ses cryptoRealm.where(CrossSigningInfoEntity::class.java) .equalTo(CrossSigningInfoEntityFields.USER_ID, userId) .findFirst() - ?.crossSigningKeys - ?.forEach { info -> - // optimization to avoid trigger updates when there is no change.. - if (info.trustLevelEntity?.isVerified() != verified) { - Timber.d("## CrossSigning - Trust change for $userId : $verified") - val level = info.trustLevelEntity - if (level == null) { - info.trustLevelEntity = cryptoRealm.createObject(TrustLevelEntity::class.java).also { - it.locallyVerified = verified - it.crossSignedVerified = verified + ?.let { userKeyInfo -> + userKeyInfo + .crossSigningKeys + .forEach { key -> + // optimization to avoid trigger updates when there is no change.. + if (key.trustLevelEntity?.isVerified() != verified) { + Timber.d("## CrossSigning - Trust change for $userId : $verified") + val level = key.trustLevelEntity + if (level == null) { + key.trustLevelEntity = cryptoRealm.createObject(TrustLevelEntity::class.java).also { + it.locallyVerified = verified + it.crossSignedVerified = verified + } + } else { + level.locallyVerified = verified + level.crossSignedVerified = verified + } + } } - } else { - level.locallyVerified = verified - level.crossSignedVerified = verified - } + if (verified) { + userKeyInfo.wasUserVerifiedOnce = true } } } @@ -299,8 +305,18 @@ internal class UpdateTrustWorker(context: Context, params: WorkerParameters, ses getCrossSigningInfo(cryptoRealm, userId)?.isTrusted() == true } + val resetTrust = listToCheck + .filter { userId -> + val crossSigningInfo = getCrossSigningInfo(cryptoRealm, userId) + crossSigningInfo?.isTrusted() != true && crossSigningInfo?.wasTrustedOnce == true + } + return if (allTrustedUserIds.isEmpty()) { - RoomEncryptionTrustLevel.Default + if (resetTrust.isEmpty()) { + RoomEncryptionTrustLevel.Default + } else { + RoomEncryptionTrustLevel.Warning + } } else { // If one of the verified user as an untrusted device -> warning // If all devices of all verified users are trusted -> green @@ -327,11 +343,15 @@ internal class UpdateTrustWorker(context: Context, params: WorkerParameters, ses if (hasWarning) { RoomEncryptionTrustLevel.Warning } else { - if (listToCheck.size == allTrustedUserIds.size) { - // all users are trusted and all devices are verified - RoomEncryptionTrustLevel.Trusted + if (resetTrust.isEmpty()) { + if (listToCheck.size == allTrustedUserIds.size) { + // all users are trusted and all devices are verified + RoomEncryptionTrustLevel.Trusted + } else { + RoomEncryptionTrustLevel.Default + } } else { - RoomEncryptionTrustLevel.Default + RoomEncryptionTrustLevel.Warning } } } @@ -344,7 +364,8 @@ internal class UpdateTrustWorker(context: Context, params: WorkerParameters, ses userId = userId, crossSigningKeys = xsignInfo.crossSigningKeys.mapNotNull { crossSigningKeysMapper.map(userId, it) - } + }, + wasTrustedOnce = xsignInfo.wasUserVerifiedOnce ) } diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt index 3b8fa4cacd..6a2ef3bde1 100644 --- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt @@ -1611,7 +1611,8 @@ internal class RealmCryptoStore @Inject constructor( userId = userId, crossSigningKeys = xsignInfo.crossSigningKeys.mapNotNull { crossSigningKeysMapper.map(userId, it) - } + }, + wasTrustedOnce = xsignInfo.wasUserVerifiedOnce ) } diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreMigration.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreMigration.kt index 426d50a54f..de2b74308d 100644 --- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreMigration.kt +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreMigration.kt @@ -35,6 +35,7 @@ import org.matrix.android.sdk.internal.crypto.store.db.migration.MigrateCryptoTo import org.matrix.android.sdk.internal.crypto.store.db.migration.MigrateCryptoTo016 import org.matrix.android.sdk.internal.crypto.store.db.migration.MigrateCryptoTo017 import org.matrix.android.sdk.internal.crypto.store.db.migration.MigrateCryptoTo018 +import org.matrix.android.sdk.internal.crypto.store.db.migration.MigrateCryptoTo019 import org.matrix.android.sdk.internal.util.database.MatrixRealmMigration import org.matrix.android.sdk.internal.util.time.Clock import javax.inject.Inject @@ -49,7 +50,7 @@ internal class RealmCryptoStoreMigration @Inject constructor( private val clock: Clock, ) : MatrixRealmMigration( dbName = "Crypto", - schemaVersion = 18L, + schemaVersion = 19L, ) { /** * Forces all RealmCryptoStoreMigration instances to be equal. @@ -77,5 +78,6 @@ internal class RealmCryptoStoreMigration @Inject constructor( if (oldVersion < 16) MigrateCryptoTo016(realm).perform() if (oldVersion < 17) MigrateCryptoTo017(realm).perform() if (oldVersion < 18) MigrateCryptoTo018(realm).perform() + if (oldVersion < 19) MigrateCryptoTo019(realm).perform() } } diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo019.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo019.kt new file mode 100644 index 0000000000..9d2eb60a60 --- /dev/null +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo019.kt @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2022 The Matrix.org Foundation C.I.C. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.matrix.android.sdk.internal.crypto.store.db.migration + +import io.realm.DynamicRealm +import io.realm.DynamicRealmObject +import org.matrix.android.sdk.api.session.crypto.crosssigning.KeyUsage +import org.matrix.android.sdk.internal.crypto.store.db.model.CrossSigningInfoEntityFields +import org.matrix.android.sdk.internal.crypto.store.db.model.KeyInfoEntityFields +import org.matrix.android.sdk.internal.crypto.store.db.model.TrustLevelEntityFields +import org.matrix.android.sdk.internal.util.database.RealmMigrator + +/** + * This migration is adding support for trusted flags on megolm sessions. + * We can't really assert the trust of existing keys, so for the sake of simplicity we are going to + * mark existing keys as safe. + * This migration can take long depending on the account + */ +internal class MigrateCryptoTo019(realm: DynamicRealm) : RealmMigrator(realm, 18) { + + override fun doMigrate(realm: DynamicRealm) { + realm.schema.get("CrossSigningInfoEntity") + ?.addField(CrossSigningInfoEntityFields.WAS_USER_VERIFIED_ONCE, Boolean::class.java) + ?.transform { dynamicObject -> + + val knowKeys = dynamicObject.getList(CrossSigningInfoEntityFields.CROSS_SIGNING_KEYS.`$`) + val msk = knowKeys.firstOrNull { + it.getList(KeyInfoEntityFields.USAGES.`$`, String::class.java).orEmpty().contains(KeyUsage.MASTER.value) + } + val ssk = knowKeys.firstOrNull { + it.getList(KeyInfoEntityFields.USAGES.`$`, String::class.java).orEmpty().contains(KeyUsage.SELF_SIGNING.value) + } + val isTrusted = isDynamicKeyInfoTrusted(msk?.get(KeyInfoEntityFields.TRUST_LEVEL_ENTITY.`$`)) && + isDynamicKeyInfoTrusted(ssk?.get(KeyInfoEntityFields.TRUST_LEVEL_ENTITY.`$`)) + + dynamicObject.setBoolean(CrossSigningInfoEntityFields.WAS_USER_VERIFIED_ONCE, isTrusted) + } + } + + private fun isDynamicKeyInfoTrusted(keyInfo: DynamicRealmObject?): Boolean { + if (keyInfo == null) return false + return !keyInfo.isNull(TrustLevelEntityFields.CROSS_SIGNED_VERIFIED) && keyInfo.getBoolean(TrustLevelEntityFields.CROSS_SIGNED_VERIFIED) && + !keyInfo.isNull(TrustLevelEntityFields.LOCALLY_VERIFIED) && keyInfo.getBoolean(TrustLevelEntityFields.LOCALLY_VERIFIED) + } +} diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CrossSigningInfoEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CrossSigningInfoEntity.kt index 5aba9bb9ba..033b7662c5 100644 --- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CrossSigningInfoEntity.kt +++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CrossSigningInfoEntity.kt @@ -25,6 +25,7 @@ import org.matrix.android.sdk.internal.extensions.clearWith internal open class CrossSigningInfoEntity( @PrimaryKey var userId: String? = null, + var wasUserVerifiedOnce: Boolean = false, var crossSigningKeys: RealmList = RealmList() ) : RealmObject() { diff --git a/vector/src/main/java/im/vector/app/core/epoxy/profiles/BaseProfileMatrixItem.kt b/vector/src/main/java/im/vector/app/core/epoxy/profiles/BaseProfileMatrixItem.kt index 9c5ad49339..ef22aba624 100644 --- a/vector/src/main/java/im/vector/app/core/epoxy/profiles/BaseProfileMatrixItem.kt +++ b/vector/src/main/java/im/vector/app/core/epoxy/profiles/BaseProfileMatrixItem.kt @@ -26,7 +26,7 @@ import im.vector.app.core.epoxy.onClick import im.vector.app.core.extensions.setTextOrHide import im.vector.app.features.displayname.getBestName import im.vector.app.features.home.AvatarRenderer -import org.matrix.android.sdk.api.session.crypto.model.RoomEncryptionTrustLevel +import org.matrix.android.sdk.api.session.crypto.model.UserVerificationLevel import org.matrix.android.sdk.api.util.MatrixItem abstract class BaseProfileMatrixItem(@LayoutRes layoutId: Int) : VectorEpoxyModel(layoutId) { @@ -35,7 +35,7 @@ abstract class BaseProfileMatrixItem(@LayoutRes la @EpoxyAttribute var editable: Boolean = true @EpoxyAttribute - var userEncryptionTrustLevel: RoomEncryptionTrustLevel? = null + var userVerificationLevel: UserVerificationLevel? = null @EpoxyAttribute(EpoxyAttribute.Option.DoNotHash) var clickListener: ClickListener? = null @@ -53,6 +53,6 @@ abstract class BaseProfileMatrixItem(@LayoutRes la holder.subtitleView.setTextOrHide(matrixId) holder.editableView.isVisible = editable avatarRenderer.render(matrixItem, holder.avatarImageView) - holder.avatarDecorationImageView.render(userEncryptionTrustLevel) + holder.avatarDecorationImageView.renderUser(userVerificationLevel) } } diff --git a/vector/src/main/java/im/vector/app/core/ui/views/ShieldImageView.kt b/vector/src/main/java/im/vector/app/core/ui/views/ShieldImageView.kt index 4642fb8525..1990859668 100644 --- a/vector/src/main/java/im/vector/app/core/ui/views/ShieldImageView.kt +++ b/vector/src/main/java/im/vector/app/core/ui/views/ShieldImageView.kt @@ -24,6 +24,7 @@ import androidx.core.view.isVisible import im.vector.app.R import im.vector.app.features.home.room.detail.timeline.item.E2EDecoration import org.matrix.android.sdk.api.session.crypto.model.RoomEncryptionTrustLevel +import org.matrix.android.sdk.api.session.crypto.model.UserVerificationLevel class ShieldImageView @JvmOverloads constructor( context: Context, @@ -102,6 +103,35 @@ class ShieldImageView @JvmOverloads constructor( } } } + + fun renderUser(userVerificationLevel: UserVerificationLevel?, borderLess: Boolean = false) { + isVisible = userVerificationLevel != null + when (userVerificationLevel) { + UserVerificationLevel.VERIFIED_ALL_DEVICES_TRUSTED -> { + contentDescription = context.getString(R.string.a11y_trust_level_trusted) + setImageResource( + if (borderLess) R.drawable.ic_shield_trusted_no_border + else R.drawable.ic_shield_trusted + ) + } + UserVerificationLevel.UNVERIFIED_BUT_WAS_PREVIOUSLY, + UserVerificationLevel.VERIFIED_WITH_DEVICES_UNTRUSTED -> { + contentDescription = context.getString(R.string.a11y_trust_level_warning) + setImageResource( + if (borderLess) R.drawable.ic_shield_warning_no_border + else R.drawable.ic_shield_warning + ) + } + UserVerificationLevel.WAS_NEVER_VERIFIED -> { + contentDescription = context.getString(R.string.a11y_trust_level_default) + setImageResource( + if (borderLess) R.drawable.ic_shield_black_no_border + else R.drawable.ic_shield_black + ) + } + null -> Unit + } + } } @DrawableRes diff --git a/vector/src/main/java/im/vector/app/features/roommemberprofile/RoomMemberProfileFragment.kt b/vector/src/main/java/im/vector/app/features/roommemberprofile/RoomMemberProfileFragment.kt index 2894cd4621..65d28a5ceb 100644 --- a/vector/src/main/java/im/vector/app/features/roommemberprofile/RoomMemberProfileFragment.kt +++ b/vector/src/main/java/im/vector/app/features/roommemberprofile/RoomMemberProfileFragment.kt @@ -59,7 +59,7 @@ import im.vector.app.features.home.room.detail.timeline.helper.MatrixItemColorPr import im.vector.app.features.roommemberprofile.devices.DeviceListBottomSheet import im.vector.app.features.roommemberprofile.powerlevel.EditPowerLevelDialogs import kotlinx.parcelize.Parcelize -import org.matrix.android.sdk.api.session.crypto.model.RoomEncryptionTrustLevel +import org.matrix.android.sdk.api.session.crypto.model.UserVerificationLevel import org.matrix.android.sdk.api.session.room.powerlevels.Role import org.matrix.android.sdk.api.util.MatrixItem import javax.inject.Inject @@ -235,23 +235,27 @@ class RoomMemberProfileFragment : if (state.userMXCrossSigningInfo.isTrusted()) { // User is trusted if (state.allDevicesAreCrossSignedTrusted) { - RoomEncryptionTrustLevel.Trusted + UserVerificationLevel.VERIFIED_ALL_DEVICES_TRUSTED } else { - RoomEncryptionTrustLevel.Warning + UserVerificationLevel.VERIFIED_WITH_DEVICES_UNTRUSTED } } else { - RoomEncryptionTrustLevel.Default + if (state.userMXCrossSigningInfo.wasTrustedOnce) { + UserVerificationLevel.UNVERIFIED_BUT_WAS_PREVIOUSLY + } else { + UserVerificationLevel.WAS_NEVER_VERIFIED + } } } else { // Legacy if (state.allDevicesAreTrusted) { - RoomEncryptionTrustLevel.Trusted + UserVerificationLevel.VERIFIED_ALL_DEVICES_TRUSTED } else { - RoomEncryptionTrustLevel.Warning + UserVerificationLevel.VERIFIED_WITH_DEVICES_UNTRUSTED } } - headerViews.memberProfileDecorationImageView.render(trustLevel) - views.matrixProfileDecorationToolbarAvatarImageView.render(trustLevel) + headerViews.memberProfileDecorationImageView.renderUser(trustLevel) + views.matrixProfileDecorationToolbarAvatarImageView.renderUser(trustLevel) } else { headerViews.memberProfileDecorationImageView.isVisible = false } diff --git a/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListController.kt b/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListController.kt index 8f310a6a89..9adfeb2a0e 100644 --- a/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListController.kt +++ b/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListController.kt @@ -129,7 +129,7 @@ class RoomMemberListController @Inject constructor( id(roomMember.userId) matrixItem(roomMember.toMatrixItem()) avatarRenderer(host.avatarRenderer) - userEncryptionTrustLevel(data.trustLevelMap.invoke()?.get(roomMember.userId)) + userVerificationLevel(data.trustLevelMap.invoke()?.get(roomMember.userId)) clickListener { host.callback?.onRoomMemberClicked(roomMember) } diff --git a/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListViewModel.kt b/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListViewModel.kt index 915ce51d91..31b6430361 100644 --- a/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListViewModel.kt +++ b/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListViewModel.kt @@ -37,7 +37,7 @@ import kotlinx.coroutines.launch import org.matrix.android.sdk.api.extensions.orFalse import org.matrix.android.sdk.api.query.QueryStringValue import org.matrix.android.sdk.api.session.Session -import org.matrix.android.sdk.api.session.crypto.model.RoomEncryptionTrustLevel +import org.matrix.android.sdk.api.session.crypto.model.UserVerificationLevel import org.matrix.android.sdk.api.session.events.model.EventType import org.matrix.android.sdk.api.session.events.model.toModel import org.matrix.android.sdk.api.session.getRoom @@ -119,10 +119,22 @@ class RoomMemberListViewModel @AssistedInject constructor( val allDeviceTrusted = it.value.fold(it.value.isNotEmpty()) { prev, next -> prev && next.trustLevel?.isCrossSigningVerified().orFalse() } - if (session.cryptoService().crossSigningService().getUserCrossSigningKeys(it.key)?.isTrusted().orFalse()) { - if (allDeviceTrusted) RoomEncryptionTrustLevel.Trusted else RoomEncryptionTrustLevel.Warning - } else { - RoomEncryptionTrustLevel.Default + val mxCrossSigningInfo = session.cryptoService().crossSigningService().getUserCrossSigningKeys(it.key) + when { + mxCrossSigningInfo == null -> { + UserVerificationLevel.WAS_NEVER_VERIFIED + } + mxCrossSigningInfo.isTrusted() -> { + if (allDeviceTrusted) UserVerificationLevel.VERIFIED_ALL_DEVICES_TRUSTED + else UserVerificationLevel.VERIFIED_WITH_DEVICES_UNTRUSTED + } + else -> { + if (mxCrossSigningInfo.wasTrustedOnce) { + UserVerificationLevel.UNVERIFIED_BUT_WAS_PREVIOUSLY + } else { + UserVerificationLevel.WAS_NEVER_VERIFIED + } + } } } } diff --git a/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListViewState.kt b/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListViewState.kt index 3cea47e60d..7861970c28 100644 --- a/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListViewState.kt +++ b/vector/src/main/java/im/vector/app/features/roomprofile/members/RoomMemberListViewState.kt @@ -23,7 +23,7 @@ import com.airbnb.mvrx.Uninitialized import im.vector.app.R import im.vector.app.core.platform.GenericIdArgs import im.vector.app.features.roomprofile.RoomProfileArgs -import org.matrix.android.sdk.api.session.crypto.model.RoomEncryptionTrustLevel +import org.matrix.android.sdk.api.session.crypto.model.UserVerificationLevel import org.matrix.android.sdk.api.session.events.model.Event import org.matrix.android.sdk.api.session.room.model.RoomMemberSummary import org.matrix.android.sdk.api.session.room.model.RoomSummary @@ -36,7 +36,7 @@ data class RoomMemberListViewState( val ignoredUserIds: List = emptyList(), val filter: String = "", val threePidInvites: Async> = Uninitialized, - val trustLevelMap: Async> = Uninitialized, + val trustLevelMap: Async> = Uninitialized, val actionsPermissions: ActionPermissions = ActionPermissions() ) : MavericksState { diff --git a/vector/src/main/java/im/vector/app/features/spaces/people/SpacePeopleListController.kt b/vector/src/main/java/im/vector/app/features/spaces/people/SpacePeopleListController.kt index 5e6efcc816..3b74b4b38b 100644 --- a/vector/src/main/java/im/vector/app/features/spaces/people/SpacePeopleListController.kt +++ b/vector/src/main/java/im/vector/app/features/spaces/people/SpacePeopleListController.kt @@ -77,7 +77,7 @@ class SpacePeopleListController @Inject constructor( id(roomMember.userId) matrixItem(roomMember.toMatrixItem()) avatarRenderer(host.avatarRenderer) - userEncryptionTrustLevel(data.trustLevelMap.invoke()?.get(roomMember.userId)) + userVerificationLevel(data.trustLevelMap.invoke()?.get(roomMember.userId)) .apply { val pl = host.toPowerLevelLabel(memberEntry.first) if (memberEntry.first == RoomMemberListCategories.INVITE) {