crypto: Add the private identity to the Sas object.

master
Damir Jelić 2020-10-27 14:21:22 +01:00
parent 2077ea0ddf
commit 30a78bb1d6
2 changed files with 36 additions and 11 deletions

View File

@ -36,7 +36,7 @@ use crate::{
#[derive(Clone, Debug)] #[derive(Clone, Debug)]
pub struct VerificationMachine { pub struct VerificationMachine {
account: ReadOnlyAccount, account: ReadOnlyAccount,
user_identity: Arc<Mutex<PrivateCrossSigningIdentity>>, private_identity: Arc<Mutex<PrivateCrossSigningIdentity>>,
pub(crate) store: Arc<Box<dyn CryptoStore>>, pub(crate) store: Arc<Box<dyn CryptoStore>>,
verifications: Arc<DashMap<String, Sas>>, verifications: Arc<DashMap<String, Sas>>,
outgoing_to_device_messages: Arc<DashMap<Uuid, OutgoingRequest>>, outgoing_to_device_messages: Arc<DashMap<Uuid, OutgoingRequest>>,
@ -50,7 +50,7 @@ impl VerificationMachine {
) -> Self { ) -> Self {
Self { Self {
account, account,
user_identity: identity, private_identity: identity,
store, store,
verifications: Arc::new(DashMap::new()), verifications: Arc::new(DashMap::new()),
outgoing_to_device_messages: Arc::new(DashMap::new()), outgoing_to_device_messages: Arc::new(DashMap::new()),
@ -62,9 +62,11 @@ impl VerificationMachine {
device: ReadOnlyDevice, device: ReadOnlyDevice,
) -> Result<(Sas, ToDeviceRequest), CryptoStoreError> { ) -> Result<(Sas, ToDeviceRequest), CryptoStoreError> {
let identity = self.store.get_user_identity(device.user_id()).await?; let identity = self.store.get_user_identity(device.user_id()).await?;
let private_identity = self.private_identity.lock().await.clone();
let (sas, content) = Sas::start( let (sas, content) = Sas::start(
self.account.clone(), self.account.clone(),
private_identity,
device.clone(), device.clone(),
self.store.clone(), self.store.clone(),
identity, identity,
@ -158,8 +160,10 @@ impl VerificationMachine {
.get_device(&e.sender, &e.content.from_device) .get_device(&e.sender, &e.content.from_device)
.await? .await?
{ {
let private_identity = self.private_identity.lock().await.clone();
match Sas::from_start_event( match Sas::from_start_event(
self.account.clone(), self.account.clone(),
private_identity,
d, d,
self.store.clone(), self.store.clone(),
e, e,
@ -275,7 +279,13 @@ mod test {
let bob_store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(bob_store)); let bob_store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(bob_store));
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id()))); let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id())));
let machine = VerificationMachine::new(alice, identity, Arc::new(Box::new(store))); let machine = VerificationMachine::new(alice, identity, Arc::new(Box::new(store)));
let (bob_sas, start_content) = Sas::start(bob, alice_device, bob_store, None); let (bob_sas, start_content) = Sas::start(
bob,
PrivateCrossSigningIdentity::empty(bob_id()),
alice_device,
bob_store,
None,
);
machine machine
.receive_event(&mut wrap_any_to_device_content( .receive_event(&mut wrap_any_to_device_content(
bob_sas.user_id(), bob_sas.user_id(),

View File

@ -34,6 +34,7 @@ use matrix_sdk_common::{
use crate::{ use crate::{
identities::{LocalTrust, ReadOnlyDevice, UserIdentities}, identities::{LocalTrust, ReadOnlyDevice, UserIdentities},
olm::PrivateCrossSigningIdentity,
store::{Changes, CryptoStore, CryptoStoreError, DeviceChanges}, store::{Changes, CryptoStore, CryptoStoreError, DeviceChanges},
ReadOnlyAccount, ToDeviceRequest, ReadOnlyAccount, ToDeviceRequest,
}; };
@ -49,6 +50,7 @@ pub struct Sas {
inner: Arc<Mutex<InnerSas>>, inner: Arc<Mutex<InnerSas>>,
store: Arc<Box<dyn CryptoStore>>, store: Arc<Box<dyn CryptoStore>>,
account: ReadOnlyAccount, account: ReadOnlyAccount,
private_identity: PrivateCrossSigningIdentity,
other_device: ReadOnlyDevice, other_device: ReadOnlyDevice,
other_identity: Option<UserIdentities>, other_identity: Option<UserIdentities>,
flow_id: Arc<String>, flow_id: Arc<String>,
@ -103,6 +105,7 @@ impl Sas {
/// sent out through the server to the other device. /// sent out through the server to the other device.
pub(crate) fn start( pub(crate) fn start(
account: ReadOnlyAccount, account: ReadOnlyAccount,
private_identity: PrivateCrossSigningIdentity,
other_device: ReadOnlyDevice, other_device: ReadOnlyDevice,
store: Arc<Box<dyn CryptoStore>>, store: Arc<Box<dyn CryptoStore>>,
other_identity: Option<UserIdentities>, other_identity: Option<UserIdentities>,
@ -117,6 +120,7 @@ impl Sas {
let sas = Sas { let sas = Sas {
inner: Arc::new(Mutex::new(inner)), inner: Arc::new(Mutex::new(inner)),
account, account,
private_identity,
store, store,
other_device, other_device,
flow_id, flow_id,
@ -138,6 +142,7 @@ impl Sas {
/// the other side. /// the other side.
pub(crate) fn from_start_event( pub(crate) fn from_start_event(
account: ReadOnlyAccount, account: ReadOnlyAccount,
private_identity: PrivateCrossSigningIdentity,
other_device: ReadOnlyDevice, other_device: ReadOnlyDevice,
store: Arc<Box<dyn CryptoStore>>, store: Arc<Box<dyn CryptoStore>>,
event: &ToDeviceEvent<StartEventContent>, event: &ToDeviceEvent<StartEventContent>,
@ -154,6 +159,7 @@ impl Sas {
Ok(Sas { Ok(Sas {
inner: Arc::new(Mutex::new(inner)), inner: Arc::new(Mutex::new(inner)),
account, account,
private_identity,
other_device, other_device,
other_identity, other_identity,
store, store,
@ -260,9 +266,6 @@ impl Sas {
if let UserIdentities::Own(i) = &identity { if let UserIdentities::Own(i) = &identity {
i.mark_as_verified(); i.mark_as_verified();
} }
// TODO if we have the private part of the user signing
// key we should sign and upload a signature for this
// identity.
Ok(Some(identity)) Ok(Some(identity))
} else { } else {
@ -315,9 +318,6 @@ impl Sas {
); );
device.set_trust_state(LocalTrust::Verified); device.set_trust_state(LocalTrust::Verified);
// TODO if this is a device from our own user and we have
// the private part of the self signing key, we should sign
// the device and upload the signature.
Ok(Some(device)) Ok(Some(device))
} else { } else {
@ -685,6 +685,7 @@ mod test {
}; };
use crate::{ use crate::{
olm::PrivateCrossSigningIdentity,
store::{CryptoStore, MemoryStore}, store::{CryptoStore, MemoryStore},
verification::test::{get_content_from_request, wrap_any_to_device_content}, verification::test::{get_content_from_request, wrap_any_to_device_content},
ReadOnlyAccount, ReadOnlyDevice, ReadOnlyAccount, ReadOnlyDevice,
@ -814,10 +815,24 @@ mod test {
let bob_store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(bob_store)); let bob_store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(bob_store));
let (alice, content) = Sas::start(alice, bob_device, alice_store, None); let (alice, content) = Sas::start(
alice,
PrivateCrossSigningIdentity::empty(alice_id()),
bob_device,
alice_store,
None,
);
let event = wrap_to_device_event(alice.user_id(), content); let event = wrap_to_device_event(alice.user_id(), content);
let bob = Sas::from_start_event(bob, alice_device, bob_store, &event, None).unwrap(); let bob = Sas::from_start_event(
bob,
PrivateCrossSigningIdentity::empty(bob_id()),
alice_device,
bob_store,
&event,
None,
)
.unwrap();
let mut event = wrap_any_to_device_content( let mut event = wrap_any_to_device_content(
bob.user_id(), bob.user_id(),
get_content_from_request(&bob.accept().unwrap()), get_content_from_request(&bob.accept().unwrap()),