From 5fd004bae56a20e353ba7a84b3f69c546df16c45 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Damir=20Jeli=C4=87?= Date: Thu, 22 Oct 2020 18:04:29 +0200 Subject: [PATCH] crypto: Connect the private identity to the verification machine. --- matrix_sdk_crypto/src/identities/manager.rs | 6 ++-- matrix_sdk_crypto/src/identities/user.rs | 8 +++-- matrix_sdk_crypto/src/key_request.rs | 9 +++-- matrix_sdk_crypto/src/machine.rs | 34 +++++++++++++------ .../src/session_manager/sessions.rs | 9 +++-- matrix_sdk_crypto/src/verification/machine.rs | 18 ++++++++-- 6 files changed, 60 insertions(+), 24 deletions(-) diff --git a/matrix_sdk_crypto/src/identities/manager.rs b/matrix_sdk_crypto/src/identities/manager.rs index d91ffa2c..993dd5a4 100644 --- a/matrix_sdk_crypto/src/identities/manager.rs +++ b/matrix_sdk_crypto/src/identities/manager.rs @@ -378,6 +378,7 @@ pub(crate) mod test { use matrix_sdk_common::{ api::r0::keys::get_keys::Response as KeyQueryResponse, identifiers::{room_id, user_id, DeviceIdBox, RoomId, UserId}, + locks::Mutex, }; use matrix_sdk_test::async_test; @@ -387,7 +388,7 @@ pub(crate) mod test { use crate::{ identities::IdentityManager, machine::test::response_from_file, - olm::{Account, ReadOnlyAccount}, + olm::{Account, PrivateCrossSigningIdentity, ReadOnlyAccount}, session_manager::GroupSessionManager, store::{CryptoStore, MemoryStore, Store}, verification::VerificationMachine, @@ -410,10 +411,11 @@ pub(crate) mod test { } fn manager() -> IdentityManager { + let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(user_id()))); let user_id = Arc::new(user_id()); let account = ReadOnlyAccount::new(&user_id, &device_id()); let store: Arc> = Arc::new(Box::new(MemoryStore::new())); - let verification = VerificationMachine::new(account.clone(), store); + let verification = VerificationMachine::new(account.clone(), identity, store); let store = Store::new( user_id.clone(), Arc::new(Box::new(MemoryStore::new())), diff --git a/matrix_sdk_crypto/src/identities/user.rs b/matrix_sdk_crypto/src/identities/user.rs index 83055ab2..70026de0 100644 --- a/matrix_sdk_crypto/src/identities/user.rs +++ b/matrix_sdk_crypto/src/identities/user.rs @@ -684,13 +684,13 @@ pub(crate) mod test { manager::test::{other_key_query, own_key_query}, Device, ReadOnlyDevice, }, - olm::ReadOnlyAccount, + olm::{PrivateCrossSigningIdentity, ReadOnlyAccount}, store::MemoryStore, verification::VerificationMachine, }; use matrix_sdk_common::{ - api::r0::keys::get_keys::Response as KeyQueryResponse, identifiers::user_id, + api::r0::keys::get_keys::Response as KeyQueryResponse, identifiers::user_id, locks::Mutex, }; use super::{OwnUserIdentity, UserIdentities, UserIdentity}; @@ -752,8 +752,12 @@ pub(crate) mod test { assert!(identity.is_device_signed(&first).is_err()); assert!(identity.is_device_signed(&second).is_ok()); + let private_identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty( + second.user_id().clone(), + ))); let verification_machine = VerificationMachine::new( ReadOnlyAccount::new(second.user_id(), second.device_id()), + private_identity, Arc::new(Box::new(MemoryStore::new())), ); diff --git a/matrix_sdk_crypto/src/key_request.rs b/matrix_sdk_crypto/src/key_request.rs index 3a4d26cf..ba98f62e 100644 --- a/matrix_sdk_crypto/src/key_request.rs +++ b/matrix_sdk_crypto/src/key_request.rs @@ -674,13 +674,14 @@ mod test { AnyToDeviceEvent, ToDeviceEvent, }, identifiers::{room_id, user_id, DeviceIdBox, RoomId, UserId}, + locks::Mutex, }; use matrix_sdk_test::async_test; use std::{convert::TryInto, sync::Arc}; use crate::{ identities::{LocalTrust, ReadOnlyDevice}, - olm::{Account, ReadOnlyAccount}, + olm::{Account, PrivateCrossSigningIdentity, ReadOnlyAccount}, store::{CryptoStore, MemoryStore, Store}, verification::VerificationMachine, }; @@ -719,7 +720,8 @@ mod test { let user_id = Arc::new(bob_id()); let account = ReadOnlyAccount::new(&user_id, &alice_device_id()); let store: Arc> = Arc::new(Box::new(MemoryStore::new())); - let verification = VerificationMachine::new(account, store.clone()); + let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(bob_id()))); + let verification = VerificationMachine::new(account, identity, store.clone()); let store = Store::new(user_id.clone(), store, verification); KeyRequestMachine::new( @@ -736,7 +738,8 @@ mod test { let account = ReadOnlyAccount::new(&user_id, &alice_device_id()); let device = ReadOnlyDevice::from_account(&account).await; let store: Arc> = Arc::new(Box::new(MemoryStore::new())); - let verification = VerificationMachine::new(account, store.clone()); + let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id()))); + let verification = VerificationMachine::new(account, identity, store.clone()); let store = Store::new(user_id.clone(), store, verification); store.save_devices(&[device]).await.unwrap(); diff --git a/matrix_sdk_crypto/src/machine.rs b/matrix_sdk_crypto/src/machine.rs index 0db52888..ba381ee8 100644 --- a/matrix_sdk_crypto/src/machine.rs +++ b/matrix_sdk_crypto/src/machine.rs @@ -140,9 +140,11 @@ impl OlmMachine { user_identity: PrivateCrossSigningIdentity, ) -> Self { let user_id = Arc::new(user_id.clone()); + let user_identity = Arc::new(Mutex::new(user_identity)); let store = Arc::new(store); - let verification_machine = VerificationMachine::new(account.clone(), store.clone()); + let verification_machine = + VerificationMachine::new(account.clone(), user_identity.clone(), store.clone()); let store = Store::new(user_id.clone(), store, verification_machine.clone()); let device_id: Arc = Arc::new(device_id); let outbound_group_sessions = Arc::new(DashMap::new()); @@ -185,7 +187,7 @@ impl OlmMachine { verification_machine, key_request_machine, identity_manager, - user_identity: Arc::new(Mutex::new(user_identity)), + user_identity, } } @@ -224,8 +226,16 @@ impl OlmMachine { } }; - // TODO load the identity like we load an account. - let identity = PrivateCrossSigningIdentity::empty(user_id.clone()); + let identity = match store.load_identity().await? { + Some(i) => { + debug!("Restored the cross signing identity"); + i + } + None => { + debug!("Creating an empty cross signing identity stub"); + PrivateCrossSigningIdentity::empty(user_id.clone()) + } + }; Ok(OlmMachine::new_helper( &user_id, device_id, store, account, identity, @@ -344,8 +354,9 @@ impl OlmMachine { /// Mark the cross signing identity as shared. async fn receive_cross_signing_upload_response(&self) -> StoreResult<()> { self.user_identity.lock().await.mark_as_shared(); - // TOOD save the identity. - Ok(()) + self.store + .save_identity((&*self.user_identity.lock().await).clone()) + .await } /// Create a new cross signing identity and get the upload request to push @@ -356,11 +367,12 @@ impl OlmMachine { /// devices. /// /// Uploading these keys will require user interactive auth. - pub async fn bootstrap_cross_signing(&self) -> UploadSigningKeysRequest { - let mut lock = self.user_identity.lock().await; - *lock = PrivateCrossSigningIdentity::new(self.user_id().to_owned()).await; - // TODO save the identity. - lock.as_upload_request().await + pub async fn bootstrap_cross_signing(&self) -> StoreResult { + // TODO should we save the request until we get a response? + let mut identity = self.user_identity.lock().await; + *identity = PrivateCrossSigningIdentity::new(self.user_id().to_owned()).await; + self.store.save_identity(identity.clone()).await?; + Ok(identity.as_upload_request().await) } /// Should device or one-time keys be uploaded to the server. diff --git a/matrix_sdk_crypto/src/session_manager/sessions.rs b/matrix_sdk_crypto/src/session_manager/sessions.rs index c86c09ac..29af3b6f 100644 --- a/matrix_sdk_crypto/src/session_manager/sessions.rs +++ b/matrix_sdk_crypto/src/session_manager/sessions.rs @@ -311,6 +311,7 @@ impl SessionManager { #[cfg(test)] mod test { use dashmap::DashMap; + use matrix_sdk_common::locks::Mutex; use std::{collections::BTreeMap, sync::Arc}; use matrix_sdk_common::{ @@ -324,7 +325,7 @@ mod test { use crate::{ identities::ReadOnlyDevice, key_request::KeyRequestMachine, - olm::{Account, ReadOnlyAccount}, + olm::{Account, PrivateCrossSigningIdentity, ReadOnlyAccount}, store::{CryptoStore, MemoryStore, Store}, verification::VerificationMachine, }; @@ -350,8 +351,10 @@ mod test { let account = ReadOnlyAccount::new(&user_id, &device_id); let store: Arc> = Arc::new(Box::new(MemoryStore::new())); store.save_account(account.clone()).await.unwrap(); - - let verification = VerificationMachine::new(account.clone(), store.clone()); + let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty( + user_id.clone(), + ))); + let verification = VerificationMachine::new(account.clone(), identity, store.clone()); let user_id = Arc::new(user_id); let device_id = Arc::new(device_id); diff --git a/matrix_sdk_crypto/src/verification/machine.rs b/matrix_sdk_crypto/src/verification/machine.rs index 71e3cb19..ba098ddc 100644 --- a/matrix_sdk_crypto/src/verification/machine.rs +++ b/matrix_sdk_crypto/src/verification/machine.rs @@ -16,6 +16,7 @@ use std::sync::Arc; use dashmap::DashMap; +use matrix_sdk_common::locks::Mutex; use tracing::{trace, warn}; use matrix_sdk_common::{ @@ -26,6 +27,7 @@ use matrix_sdk_common::{ use super::sas::{content_to_request, Sas}; use crate::{ + olm::PrivateCrossSigningIdentity, requests::{OutgoingRequest, ToDeviceRequest}, store::{CryptoStore, CryptoStoreError}, ReadOnlyAccount, ReadOnlyDevice, @@ -34,15 +36,21 @@ use crate::{ #[derive(Clone, Debug)] pub struct VerificationMachine { account: ReadOnlyAccount, + user_identity: Arc>, pub(crate) store: Arc>, verifications: Arc>, outgoing_to_device_messages: Arc>, } impl VerificationMachine { - pub(crate) fn new(account: ReadOnlyAccount, store: Arc>) -> Self { + pub(crate) fn new( + account: ReadOnlyAccount, + identity: Arc>, + store: Arc>, + ) -> Self { Self { account, + user_identity: identity, store, verifications: Arc::new(DashMap::new()), outgoing_to_device_messages: Arc::new(DashMap::new()), @@ -224,10 +232,12 @@ mod test { use matrix_sdk_common::{ events::AnyToDeviceEventContent, identifiers::{DeviceId, UserId}, + locks::Mutex, }; use super::{Sas, VerificationMachine}; use crate::{ + olm::PrivateCrossSigningIdentity, requests::OutgoingRequests, store::{CryptoStore, MemoryStore}, verification::test::{get_content_from_request, wrap_any_to_device_content}, @@ -263,7 +273,8 @@ mod test { bob_store.save_devices(vec![alice_device.clone()]).await; let bob_store: Arc> = Arc::new(Box::new(bob_store)); - let machine = VerificationMachine::new(alice, Arc::new(Box::new(store))); + let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id()))); + let machine = VerificationMachine::new(alice, identity, Arc::new(Box::new(store))); let (bob_sas, start_content) = Sas::start(bob, alice_device, bob_store, None); machine .receive_event(&mut wrap_any_to_device_content( @@ -279,8 +290,9 @@ mod test { #[test] fn create() { let alice = ReadOnlyAccount::new(&alice_id(), &alice_device_id()); + let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id()))); let store = MemoryStore::new(); - let _ = VerificationMachine::new(alice, Arc::new(Box::new(store))); + let _ = VerificationMachine::new(alice, identity, Arc::new(Box::new(store))); } #[tokio::test]