crypto: Connect the private identity to the verification machine.
This commit is contained in:
parent
7de002b128
commit
5fd004bae5
6 changed files with 60 additions and 24 deletions
|
@ -378,6 +378,7 @@ pub(crate) mod test {
|
|||
use matrix_sdk_common::{
|
||||
api::r0::keys::get_keys::Response as KeyQueryResponse,
|
||||
identifiers::{room_id, user_id, DeviceIdBox, RoomId, UserId},
|
||||
locks::Mutex,
|
||||
};
|
||||
|
||||
use matrix_sdk_test::async_test;
|
||||
|
@ -387,7 +388,7 @@ pub(crate) mod test {
|
|||
use crate::{
|
||||
identities::IdentityManager,
|
||||
machine::test::response_from_file,
|
||||
olm::{Account, ReadOnlyAccount},
|
||||
olm::{Account, PrivateCrossSigningIdentity, ReadOnlyAccount},
|
||||
session_manager::GroupSessionManager,
|
||||
store::{CryptoStore, MemoryStore, Store},
|
||||
verification::VerificationMachine,
|
||||
|
@ -410,10 +411,11 @@ pub(crate) mod test {
|
|||
}
|
||||
|
||||
fn manager() -> IdentityManager {
|
||||
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(user_id())));
|
||||
let user_id = Arc::new(user_id());
|
||||
let account = ReadOnlyAccount::new(&user_id, &device_id());
|
||||
let store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(MemoryStore::new()));
|
||||
let verification = VerificationMachine::new(account.clone(), store);
|
||||
let verification = VerificationMachine::new(account.clone(), identity, store);
|
||||
let store = Store::new(
|
||||
user_id.clone(),
|
||||
Arc::new(Box::new(MemoryStore::new())),
|
||||
|
|
|
@ -684,13 +684,13 @@ pub(crate) mod test {
|
|||
manager::test::{other_key_query, own_key_query},
|
||||
Device, ReadOnlyDevice,
|
||||
},
|
||||
olm::ReadOnlyAccount,
|
||||
olm::{PrivateCrossSigningIdentity, ReadOnlyAccount},
|
||||
store::MemoryStore,
|
||||
verification::VerificationMachine,
|
||||
};
|
||||
|
||||
use matrix_sdk_common::{
|
||||
api::r0::keys::get_keys::Response as KeyQueryResponse, identifiers::user_id,
|
||||
api::r0::keys::get_keys::Response as KeyQueryResponse, identifiers::user_id, locks::Mutex,
|
||||
};
|
||||
|
||||
use super::{OwnUserIdentity, UserIdentities, UserIdentity};
|
||||
|
@ -752,8 +752,12 @@ pub(crate) mod test {
|
|||
assert!(identity.is_device_signed(&first).is_err());
|
||||
assert!(identity.is_device_signed(&second).is_ok());
|
||||
|
||||
let private_identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(
|
||||
second.user_id().clone(),
|
||||
)));
|
||||
let verification_machine = VerificationMachine::new(
|
||||
ReadOnlyAccount::new(second.user_id(), second.device_id()),
|
||||
private_identity,
|
||||
Arc::new(Box::new(MemoryStore::new())),
|
||||
);
|
||||
|
||||
|
|
|
@ -674,13 +674,14 @@ mod test {
|
|||
AnyToDeviceEvent, ToDeviceEvent,
|
||||
},
|
||||
identifiers::{room_id, user_id, DeviceIdBox, RoomId, UserId},
|
||||
locks::Mutex,
|
||||
};
|
||||
use matrix_sdk_test::async_test;
|
||||
use std::{convert::TryInto, sync::Arc};
|
||||
|
||||
use crate::{
|
||||
identities::{LocalTrust, ReadOnlyDevice},
|
||||
olm::{Account, ReadOnlyAccount},
|
||||
olm::{Account, PrivateCrossSigningIdentity, ReadOnlyAccount},
|
||||
store::{CryptoStore, MemoryStore, Store},
|
||||
verification::VerificationMachine,
|
||||
};
|
||||
|
@ -719,7 +720,8 @@ mod test {
|
|||
let user_id = Arc::new(bob_id());
|
||||
let account = ReadOnlyAccount::new(&user_id, &alice_device_id());
|
||||
let store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(MemoryStore::new()));
|
||||
let verification = VerificationMachine::new(account, store.clone());
|
||||
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(bob_id())));
|
||||
let verification = VerificationMachine::new(account, identity, store.clone());
|
||||
let store = Store::new(user_id.clone(), store, verification);
|
||||
|
||||
KeyRequestMachine::new(
|
||||
|
@ -736,7 +738,8 @@ mod test {
|
|||
let account = ReadOnlyAccount::new(&user_id, &alice_device_id());
|
||||
let device = ReadOnlyDevice::from_account(&account).await;
|
||||
let store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(MemoryStore::new()));
|
||||
let verification = VerificationMachine::new(account, store.clone());
|
||||
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id())));
|
||||
let verification = VerificationMachine::new(account, identity, store.clone());
|
||||
let store = Store::new(user_id.clone(), store, verification);
|
||||
store.save_devices(&[device]).await.unwrap();
|
||||
|
||||
|
|
|
@ -140,9 +140,11 @@ impl OlmMachine {
|
|||
user_identity: PrivateCrossSigningIdentity,
|
||||
) -> Self {
|
||||
let user_id = Arc::new(user_id.clone());
|
||||
let user_identity = Arc::new(Mutex::new(user_identity));
|
||||
|
||||
let store = Arc::new(store);
|
||||
let verification_machine = VerificationMachine::new(account.clone(), store.clone());
|
||||
let verification_machine =
|
||||
VerificationMachine::new(account.clone(), user_identity.clone(), store.clone());
|
||||
let store = Store::new(user_id.clone(), store, verification_machine.clone());
|
||||
let device_id: Arc<DeviceIdBox> = Arc::new(device_id);
|
||||
let outbound_group_sessions = Arc::new(DashMap::new());
|
||||
|
@ -185,7 +187,7 @@ impl OlmMachine {
|
|||
verification_machine,
|
||||
key_request_machine,
|
||||
identity_manager,
|
||||
user_identity: Arc::new(Mutex::new(user_identity)),
|
||||
user_identity,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -224,8 +226,16 @@ impl OlmMachine {
|
|||
}
|
||||
};
|
||||
|
||||
// TODO load the identity like we load an account.
|
||||
let identity = PrivateCrossSigningIdentity::empty(user_id.clone());
|
||||
let identity = match store.load_identity().await? {
|
||||
Some(i) => {
|
||||
debug!("Restored the cross signing identity");
|
||||
i
|
||||
}
|
||||
None => {
|
||||
debug!("Creating an empty cross signing identity stub");
|
||||
PrivateCrossSigningIdentity::empty(user_id.clone())
|
||||
}
|
||||
};
|
||||
|
||||
Ok(OlmMachine::new_helper(
|
||||
&user_id, device_id, store, account, identity,
|
||||
|
@ -344,8 +354,9 @@ impl OlmMachine {
|
|||
/// Mark the cross signing identity as shared.
|
||||
async fn receive_cross_signing_upload_response(&self) -> StoreResult<()> {
|
||||
self.user_identity.lock().await.mark_as_shared();
|
||||
// TOOD save the identity.
|
||||
Ok(())
|
||||
self.store
|
||||
.save_identity((&*self.user_identity.lock().await).clone())
|
||||
.await
|
||||
}
|
||||
|
||||
/// Create a new cross signing identity and get the upload request to push
|
||||
|
@ -356,11 +367,12 @@ impl OlmMachine {
|
|||
/// devices.
|
||||
///
|
||||
/// Uploading these keys will require user interactive auth.
|
||||
pub async fn bootstrap_cross_signing(&self) -> UploadSigningKeysRequest {
|
||||
let mut lock = self.user_identity.lock().await;
|
||||
*lock = PrivateCrossSigningIdentity::new(self.user_id().to_owned()).await;
|
||||
// TODO save the identity.
|
||||
lock.as_upload_request().await
|
||||
pub async fn bootstrap_cross_signing(&self) -> StoreResult<UploadSigningKeysRequest> {
|
||||
// TODO should we save the request until we get a response?
|
||||
let mut identity = self.user_identity.lock().await;
|
||||
*identity = PrivateCrossSigningIdentity::new(self.user_id().to_owned()).await;
|
||||
self.store.save_identity(identity.clone()).await?;
|
||||
Ok(identity.as_upload_request().await)
|
||||
}
|
||||
|
||||
/// Should device or one-time keys be uploaded to the server.
|
||||
|
|
|
@ -311,6 +311,7 @@ impl SessionManager {
|
|||
#[cfg(test)]
|
||||
mod test {
|
||||
use dashmap::DashMap;
|
||||
use matrix_sdk_common::locks::Mutex;
|
||||
use std::{collections::BTreeMap, sync::Arc};
|
||||
|
||||
use matrix_sdk_common::{
|
||||
|
@ -324,7 +325,7 @@ mod test {
|
|||
use crate::{
|
||||
identities::ReadOnlyDevice,
|
||||
key_request::KeyRequestMachine,
|
||||
olm::{Account, ReadOnlyAccount},
|
||||
olm::{Account, PrivateCrossSigningIdentity, ReadOnlyAccount},
|
||||
store::{CryptoStore, MemoryStore, Store},
|
||||
verification::VerificationMachine,
|
||||
};
|
||||
|
@ -350,8 +351,10 @@ mod test {
|
|||
let account = ReadOnlyAccount::new(&user_id, &device_id);
|
||||
let store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(MemoryStore::new()));
|
||||
store.save_account(account.clone()).await.unwrap();
|
||||
|
||||
let verification = VerificationMachine::new(account.clone(), store.clone());
|
||||
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(
|
||||
user_id.clone(),
|
||||
)));
|
||||
let verification = VerificationMachine::new(account.clone(), identity, store.clone());
|
||||
|
||||
let user_id = Arc::new(user_id);
|
||||
let device_id = Arc::new(device_id);
|
||||
|
|
|
@ -16,6 +16,7 @@ use std::sync::Arc;
|
|||
|
||||
use dashmap::DashMap;
|
||||
|
||||
use matrix_sdk_common::locks::Mutex;
|
||||
use tracing::{trace, warn};
|
||||
|
||||
use matrix_sdk_common::{
|
||||
|
@ -26,6 +27,7 @@ use matrix_sdk_common::{
|
|||
|
||||
use super::sas::{content_to_request, Sas};
|
||||
use crate::{
|
||||
olm::PrivateCrossSigningIdentity,
|
||||
requests::{OutgoingRequest, ToDeviceRequest},
|
||||
store::{CryptoStore, CryptoStoreError},
|
||||
ReadOnlyAccount, ReadOnlyDevice,
|
||||
|
@ -34,15 +36,21 @@ use crate::{
|
|||
#[derive(Clone, Debug)]
|
||||
pub struct VerificationMachine {
|
||||
account: ReadOnlyAccount,
|
||||
user_identity: Arc<Mutex<PrivateCrossSigningIdentity>>,
|
||||
pub(crate) store: Arc<Box<dyn CryptoStore>>,
|
||||
verifications: Arc<DashMap<String, Sas>>,
|
||||
outgoing_to_device_messages: Arc<DashMap<Uuid, OutgoingRequest>>,
|
||||
}
|
||||
|
||||
impl VerificationMachine {
|
||||
pub(crate) fn new(account: ReadOnlyAccount, store: Arc<Box<dyn CryptoStore>>) -> Self {
|
||||
pub(crate) fn new(
|
||||
account: ReadOnlyAccount,
|
||||
identity: Arc<Mutex<PrivateCrossSigningIdentity>>,
|
||||
store: Arc<Box<dyn CryptoStore>>,
|
||||
) -> Self {
|
||||
Self {
|
||||
account,
|
||||
user_identity: identity,
|
||||
store,
|
||||
verifications: Arc::new(DashMap::new()),
|
||||
outgoing_to_device_messages: Arc::new(DashMap::new()),
|
||||
|
@ -224,10 +232,12 @@ mod test {
|
|||
use matrix_sdk_common::{
|
||||
events::AnyToDeviceEventContent,
|
||||
identifiers::{DeviceId, UserId},
|
||||
locks::Mutex,
|
||||
};
|
||||
|
||||
use super::{Sas, VerificationMachine};
|
||||
use crate::{
|
||||
olm::PrivateCrossSigningIdentity,
|
||||
requests::OutgoingRequests,
|
||||
store::{CryptoStore, MemoryStore},
|
||||
verification::test::{get_content_from_request, wrap_any_to_device_content},
|
||||
|
@ -263,7 +273,8 @@ mod test {
|
|||
bob_store.save_devices(vec![alice_device.clone()]).await;
|
||||
|
||||
let bob_store: Arc<Box<dyn CryptoStore>> = Arc::new(Box::new(bob_store));
|
||||
let machine = VerificationMachine::new(alice, Arc::new(Box::new(store)));
|
||||
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id())));
|
||||
let machine = VerificationMachine::new(alice, identity, Arc::new(Box::new(store)));
|
||||
let (bob_sas, start_content) = Sas::start(bob, alice_device, bob_store, None);
|
||||
machine
|
||||
.receive_event(&mut wrap_any_to_device_content(
|
||||
|
@ -279,8 +290,9 @@ mod test {
|
|||
#[test]
|
||||
fn create() {
|
||||
let alice = ReadOnlyAccount::new(&alice_id(), &alice_device_id());
|
||||
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id())));
|
||||
let store = MemoryStore::new();
|
||||
let _ = VerificationMachine::new(alice, Arc::new(Box::new(store)));
|
||||
let _ = VerificationMachine::new(alice, identity, Arc::new(Box::new(store)));
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
|
|
Loading…
Reference in a new issue