crypto: Connect the private identity to the verification machine.

master
Damir Jelić 2020-10-22 18:04:29 +02:00
parent 7de002b128
commit 5fd004bae5
6 changed files with 60 additions and 24 deletions

View File

@ -378,6 +378,7 @@ pub(crate) mod test {
use matrix_sdk_common::{
api::r0::keys::get_keys::Response as KeyQueryResponse,
identifiers::{room_id, user_id, DeviceIdBox, RoomId, UserId},
locks::Mutex,
};
use matrix_sdk_test::async_test;
@ -387,7 +388,7 @@ pub(crate) mod test {
use crate::{
identities::IdentityManager,
machine::test::response_from_file,
olm::{Account, ReadOnlyAccount},
olm::{Account, PrivateCrossSigningIdentity, ReadOnlyAccount},
session_manager::GroupSessionManager,
store::{CryptoStore, MemoryStore, Store},
verification::VerificationMachine,
@ -410,10 +411,11 @@ pub(crate) mod test {
}
fn manager() -> IdentityManager {
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(user_id())));
let user_id = Arc::new(user_id());
let account = ReadOnlyAccount::new(&user_id, &device_id());
let store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(MemoryStore::new()));
let verification = VerificationMachine::new(account.clone(), store);
let verification = VerificationMachine::new(account.clone(), identity, store);
let store = Store::new(
user_id.clone(),
Arc::new(Box::new(MemoryStore::new())),

View File

@ -684,13 +684,13 @@ pub(crate) mod test {
manager::test::{other_key_query, own_key_query},
Device, ReadOnlyDevice,
},
olm::ReadOnlyAccount,
olm::{PrivateCrossSigningIdentity, ReadOnlyAccount},
store::MemoryStore,
verification::VerificationMachine,
};
use matrix_sdk_common::{
api::r0::keys::get_keys::Response as KeyQueryResponse, identifiers::user_id,
api::r0::keys::get_keys::Response as KeyQueryResponse, identifiers::user_id, locks::Mutex,
};
use super::{OwnUserIdentity, UserIdentities, UserIdentity};
@ -752,8 +752,12 @@ pub(crate) mod test {
assert!(identity.is_device_signed(&first).is_err());
assert!(identity.is_device_signed(&second).is_ok());
let private_identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(
second.user_id().clone(),
)));
let verification_machine = VerificationMachine::new(
ReadOnlyAccount::new(second.user_id(), second.device_id()),
private_identity,
Arc::new(Box::new(MemoryStore::new())),
);

View File

@ -674,13 +674,14 @@ mod test {
AnyToDeviceEvent, ToDeviceEvent,
},
identifiers::{room_id, user_id, DeviceIdBox, RoomId, UserId},
locks::Mutex,
};
use matrix_sdk_test::async_test;
use std::{convert::TryInto, sync::Arc};
use crate::{
identities::{LocalTrust, ReadOnlyDevice},
olm::{Account, ReadOnlyAccount},
olm::{Account, PrivateCrossSigningIdentity, ReadOnlyAccount},
store::{CryptoStore, MemoryStore, Store},
verification::VerificationMachine,
};
@ -719,7 +720,8 @@ mod test {
let user_id = Arc::new(bob_id());
let account = ReadOnlyAccount::new(&user_id, &alice_device_id());
let store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(MemoryStore::new()));
let verification = VerificationMachine::new(account, store.clone());
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(bob_id())));
let verification = VerificationMachine::new(account, identity, store.clone());
let store = Store::new(user_id.clone(), store, verification);
KeyRequestMachine::new(
@ -736,7 +738,8 @@ mod test {
let account = ReadOnlyAccount::new(&user_id, &alice_device_id());
let device = ReadOnlyDevice::from_account(&account).await;
let store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(MemoryStore::new()));
let verification = VerificationMachine::new(account, store.clone());
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id())));
let verification = VerificationMachine::new(account, identity, store.clone());
let store = Store::new(user_id.clone(), store, verification);
store.save_devices(&[device]).await.unwrap();

View File

@ -140,9 +140,11 @@ impl OlmMachine {
user_identity: PrivateCrossSigningIdentity,
) -> Self {
let user_id = Arc::new(user_id.clone());
let user_identity = Arc::new(Mutex::new(user_identity));
let store = Arc::new(store);
let verification_machine = VerificationMachine::new(account.clone(), store.clone());
let verification_machine =
VerificationMachine::new(account.clone(), user_identity.clone(), store.clone());
let store = Store::new(user_id.clone(), store, verification_machine.clone());
let device_id: Arc<DeviceIdBox> = Arc::new(device_id);
let outbound_group_sessions = Arc::new(DashMap::new());
@ -185,7 +187,7 @@ impl OlmMachine {
verification_machine,
key_request_machine,
identity_manager,
user_identity: Arc::new(Mutex::new(user_identity)),
user_identity,
}
}
@ -224,8 +226,16 @@ impl OlmMachine {
}
};
// TODO load the identity like we load an account.
let identity = PrivateCrossSigningIdentity::empty(user_id.clone());
let identity = match store.load_identity().await? {
Some(i) => {
debug!("Restored the cross signing identity");
i
}
None => {
debug!("Creating an empty cross signing identity stub");
PrivateCrossSigningIdentity::empty(user_id.clone())
}
};
Ok(OlmMachine::new_helper(
&user_id, device_id, store, account, identity,
@ -344,8 +354,9 @@ impl OlmMachine {
/// Mark the cross signing identity as shared.
async fn receive_cross_signing_upload_response(&self) -> StoreResult<()> {
self.user_identity.lock().await.mark_as_shared();
// TOOD save the identity.
Ok(())
self.store
.save_identity((&*self.user_identity.lock().await).clone())
.await
}
/// Create a new cross signing identity and get the upload request to push
@ -356,11 +367,12 @@ impl OlmMachine {
/// devices.
///
/// Uploading these keys will require user interactive auth.
pub async fn bootstrap_cross_signing(&self) -> UploadSigningKeysRequest {
let mut lock = self.user_identity.lock().await;
*lock = PrivateCrossSigningIdentity::new(self.user_id().to_owned()).await;
// TODO save the identity.
lock.as_upload_request().await
pub async fn bootstrap_cross_signing(&self) -> StoreResult<UploadSigningKeysRequest> {
// TODO should we save the request until we get a response?
let mut identity = self.user_identity.lock().await;
*identity = PrivateCrossSigningIdentity::new(self.user_id().to_owned()).await;
self.store.save_identity(identity.clone()).await?;
Ok(identity.as_upload_request().await)
}
/// Should device or one-time keys be uploaded to the server.

View File

@ -311,6 +311,7 @@ impl SessionManager {
#[cfg(test)]
mod test {
use dashmap::DashMap;
use matrix_sdk_common::locks::Mutex;
use std::{collections::BTreeMap, sync::Arc};
use matrix_sdk_common::{
@ -324,7 +325,7 @@ mod test {
use crate::{
identities::ReadOnlyDevice,
key_request::KeyRequestMachine,
olm::{Account, ReadOnlyAccount},
olm::{Account, PrivateCrossSigningIdentity, ReadOnlyAccount},
store::{CryptoStore, MemoryStore, Store},
verification::VerificationMachine,
};
@ -350,8 +351,10 @@ mod test {
let account = ReadOnlyAccount::new(&user_id, &device_id);
let store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(MemoryStore::new()));
store.save_account(account.clone()).await.unwrap();
let verification = VerificationMachine::new(account.clone(), store.clone());
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(
user_id.clone(),
)));
let verification = VerificationMachine::new(account.clone(), identity, store.clone());
let user_id = Arc::new(user_id);
let device_id = Arc::new(device_id);

View File

@ -16,6 +16,7 @@ use std::sync::Arc;
use dashmap::DashMap;
use matrix_sdk_common::locks::Mutex;
use tracing::{trace, warn};
use matrix_sdk_common::{
@ -26,6 +27,7 @@ use matrix_sdk_common::{
use super::sas::{content_to_request, Sas};
use crate::{
olm::PrivateCrossSigningIdentity,
requests::{OutgoingRequest, ToDeviceRequest},
store::{CryptoStore, CryptoStoreError},
ReadOnlyAccount, ReadOnlyDevice,
@ -34,15 +36,21 @@ use crate::{
#[derive(Clone, Debug)]
pub struct VerificationMachine {
account: ReadOnlyAccount,
user_identity: Arc<Mutex<PrivateCrossSigningIdentity>>,
pub(crate) store: Arc<Box<dyn CryptoStore>>,
verifications: Arc<DashMap<String, Sas>>,
outgoing_to_device_messages: Arc<DashMap<Uuid, OutgoingRequest>>,
}
impl VerificationMachine {
pub(crate) fn new(account: ReadOnlyAccount, store: Arc<Box<dyn CryptoStore>>) -> Self {
pub(crate) fn new(
account: ReadOnlyAccount,
identity: Arc<Mutex<PrivateCrossSigningIdentity>>,
store: Arc<Box<dyn CryptoStore>>,
) -> Self {
Self {
account,
user_identity: identity,
store,
verifications: Arc::new(DashMap::new()),
outgoing_to_device_messages: Arc::new(DashMap::new()),
@ -224,10 +232,12 @@ mod test {
use matrix_sdk_common::{
events::AnyToDeviceEventContent,
identifiers::{DeviceId, UserId},
locks::Mutex,
};
use super::{Sas, VerificationMachine};
use crate::{
olm::PrivateCrossSigningIdentity,
requests::OutgoingRequests,
store::{CryptoStore, MemoryStore},
verification::test::{get_content_from_request, wrap_any_to_device_content},
@ -263,7 +273,8 @@ mod test {
bob_store.save_devices(vec![alice_device.clone()]).await;
let bob_store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(bob_store));
let machine = VerificationMachine::new(alice, Arc::new(Box::new(store)));
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id())));
let machine = VerificationMachine::new(alice, identity, Arc::new(Box::new(store)));
let (bob_sas, start_content) = Sas::start(bob, alice_device, bob_store, None);
machine
.receive_event(&mut wrap_any_to_device_content(
@ -279,8 +290,9 @@ mod test {
#[test]
fn create() {
let alice = ReadOnlyAccount::new(&alice_id(), &alice_device_id());
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id())));
let store = MemoryStore::new();
let _ = VerificationMachine::new(alice, Arc::new(Box::new(store)));
let _ = VerificationMachine::new(alice, identity, Arc::new(Box::new(store)));
}
#[tokio::test]