From 30a78bb1d66068f923fa848c2ecfc73cf880a62f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Damir=20Jeli=C4=87?= Date: Tue, 27 Oct 2020 14:21:22 +0100 Subject: [PATCH] crypto: Add the private identity to the Sas object. --- matrix_sdk_crypto/src/verification/machine.rs | 16 ++++++++-- matrix_sdk_crypto/src/verification/sas/mod.rs | 31 ++++++++++++++----- 2 files changed, 36 insertions(+), 11 deletions(-) diff --git a/matrix_sdk_crypto/src/verification/machine.rs b/matrix_sdk_crypto/src/verification/machine.rs index ba098ddc..d9725520 100644 --- a/matrix_sdk_crypto/src/verification/machine.rs +++ b/matrix_sdk_crypto/src/verification/machine.rs @@ -36,7 +36,7 @@ use crate::{ #[derive(Clone, Debug)] pub struct VerificationMachine { account: ReadOnlyAccount, - user_identity: Arc>, + private_identity: Arc>, pub(crate) store: Arc>, verifications: Arc>, outgoing_to_device_messages: Arc>, @@ -50,7 +50,7 @@ impl VerificationMachine { ) -> Self { Self { account, - user_identity: identity, + private_identity: identity, store, verifications: Arc::new(DashMap::new()), outgoing_to_device_messages: Arc::new(DashMap::new()), @@ -62,9 +62,11 @@ impl VerificationMachine { device: ReadOnlyDevice, ) -> Result<(Sas, ToDeviceRequest), CryptoStoreError> { let identity = self.store.get_user_identity(device.user_id()).await?; + let private_identity = self.private_identity.lock().await.clone(); let (sas, content) = Sas::start( self.account.clone(), + private_identity, device.clone(), self.store.clone(), identity, @@ -158,8 +160,10 @@ impl VerificationMachine { .get_device(&e.sender, &e.content.from_device) .await? { + let private_identity = self.private_identity.lock().await.clone(); match Sas::from_start_event( self.account.clone(), + private_identity, d, self.store.clone(), e, @@ -275,7 +279,13 @@ mod test { let bob_store: Arc> = Arc::new(Box::new(bob_store)); let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id()))); let machine = VerificationMachine::new(alice, identity, Arc::new(Box::new(store))); - let (bob_sas, start_content) = Sas::start(bob, alice_device, bob_store, None); + let (bob_sas, start_content) = Sas::start( + bob, + PrivateCrossSigningIdentity::empty(bob_id()), + alice_device, + bob_store, + None, + ); machine .receive_event(&mut wrap_any_to_device_content( bob_sas.user_id(), diff --git a/matrix_sdk_crypto/src/verification/sas/mod.rs b/matrix_sdk_crypto/src/verification/sas/mod.rs index 5c7d9be4..b978b780 100644 --- a/matrix_sdk_crypto/src/verification/sas/mod.rs +++ b/matrix_sdk_crypto/src/verification/sas/mod.rs @@ -34,6 +34,7 @@ use matrix_sdk_common::{ use crate::{ identities::{LocalTrust, ReadOnlyDevice, UserIdentities}, + olm::PrivateCrossSigningIdentity, store::{Changes, CryptoStore, CryptoStoreError, DeviceChanges}, ReadOnlyAccount, ToDeviceRequest, }; @@ -49,6 +50,7 @@ pub struct Sas { inner: Arc>, store: Arc>, account: ReadOnlyAccount, + private_identity: PrivateCrossSigningIdentity, other_device: ReadOnlyDevice, other_identity: Option, flow_id: Arc, @@ -103,6 +105,7 @@ impl Sas { /// sent out through the server to the other device. pub(crate) fn start( account: ReadOnlyAccount, + private_identity: PrivateCrossSigningIdentity, other_device: ReadOnlyDevice, store: Arc>, other_identity: Option, @@ -117,6 +120,7 @@ impl Sas { let sas = Sas { inner: Arc::new(Mutex::new(inner)), account, + private_identity, store, other_device, flow_id, @@ -138,6 +142,7 @@ impl Sas { /// the other side. pub(crate) fn from_start_event( account: ReadOnlyAccount, + private_identity: PrivateCrossSigningIdentity, other_device: ReadOnlyDevice, store: Arc>, event: &ToDeviceEvent, @@ -154,6 +159,7 @@ impl Sas { Ok(Sas { inner: Arc::new(Mutex::new(inner)), account, + private_identity, other_device, other_identity, store, @@ -260,9 +266,6 @@ impl Sas { if let UserIdentities::Own(i) = &identity { i.mark_as_verified(); } - // TODO if we have the private part of the user signing - // key we should sign and upload a signature for this - // identity. Ok(Some(identity)) } else { @@ -315,9 +318,6 @@ impl Sas { ); device.set_trust_state(LocalTrust::Verified); - // TODO if this is a device from our own user and we have - // the private part of the self signing key, we should sign - // the device and upload the signature. Ok(Some(device)) } else { @@ -685,6 +685,7 @@ mod test { }; use crate::{ + olm::PrivateCrossSigningIdentity, store::{CryptoStore, MemoryStore}, verification::test::{get_content_from_request, wrap_any_to_device_content}, ReadOnlyAccount, ReadOnlyDevice, @@ -814,10 +815,24 @@ mod test { let bob_store: Arc> = Arc::new(Box::new(bob_store)); - let (alice, content) = Sas::start(alice, bob_device, alice_store, None); + let (alice, content) = Sas::start( + alice, + PrivateCrossSigningIdentity::empty(alice_id()), + bob_device, + alice_store, + None, + ); let event = wrap_to_device_event(alice.user_id(), content); - let bob = Sas::from_start_event(bob, alice_device, bob_store, &event, None).unwrap(); + let bob = Sas::from_start_event( + bob, + PrivateCrossSigningIdentity::empty(bob_id()), + alice_device, + bob_store, + &event, + None, + ) + .unwrap(); let mut event = wrap_any_to_device_content( bob.user_id(), get_content_from_request(&bob.accept().unwrap()),