char
/
matrix-rust-sdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

crypto: Collect common verification stuff into a VerificationStore

master
Damir Jelić 2021-08-04 11:07:28 +02:00
parent e401c87246
commit 7d851a10b5
6 changed files with 145 additions and 128 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
matrix_sdk_crypto/src/identities/device.rs
View File

@ -232,7 +232,7 @@ impl Device {
&self,
content: AnyToDeviceEventContent,
) -> OlmResult<(Session, EncryptedToDeviceEventContent)> {
self.inner.encrypt(&*self.verification_machine.store, content).await
self.inner.encrypt(self.verification_machine.store.inner(), content).await
}
/// Encrypt the given inbound group session as a forwarded room key for this

30
matrix_sdk_crypto/src/verification/machine.rs
View File

@ -34,7 +34,7 @@ use super::{
event_enums::{AnyEvent, AnyVerificationContent, OutgoingContent},
requests::VerificationRequest,
sas::Sas,
FlowId, Verification, VerificationResult,
FlowId, Verification, VerificationResult, VerificationStore,
};
use crate::{
olm::PrivateCrossSigningIdentity,
@ -46,9 +46,8 @@ use crate::{
#[derive(Clone, Debug)]
pub struct VerificationMachine {
account: ReadOnlyAccount,
private_identity: Arc<Mutex<PrivateCrossSigningIdentity>>,
pub(crate) store: Arc<dyn CryptoStore>,
pub(crate) store: VerificationStore,
verifications: VerificationCache,
requests: Arc<DashMap<UserId, DashMap<String, VerificationRequest>>>,
}
@ -60,20 +59,19 @@ impl VerificationMachine {
store: Arc<dyn CryptoStore>,
) -> Self {
Self {
account,
private_identity: identity,
store,
store: VerificationStore { account, inner: store },
verifications: VerificationCache::new(),
requests: DashMap::new().into(),
}
}
pub(crate) fn own_user_id(&self) -> &UserId {
self.account.user_id()
self.store.account.user_id()
}
pub(crate) fn own_device_id(&self) -> &DeviceId {
self.account.device_id()
self.store.account.device_id()
}
pub(crate) async fn request_to_device_verification(
@ -86,7 +84,6 @@ impl VerificationMachine {
let verification = VerificationRequest::new(
self.verifications.clone(),
self.account.clone(),
self.private_identity.lock().await.clone(),
self.store.clone(),
flow_id,
@ -113,7 +110,6 @@ impl VerificationMachine {
let request = VerificationRequest::new(
self.verifications.clone(),
self.account.clone(),
self.private_identity.lock().await.clone(),
self.store.clone(),
flow_id,
@ -135,7 +131,6 @@ impl VerificationMachine {
let private_identity = self.private_identity.lock().await.clone();
let (sas, content) = Sas::start(
self.account.clone(),
private_identity,
device.clone(),
self.store.clone(),
@ -260,7 +255,7 @@ impl VerificationMachine {
content,
))) = request.clone().try_into()
{
let event = ToDeviceEvent { content, sender: self.account.user_id().to_owned() };
let event = ToDeviceEvent { content, sender: self.own_user_id().to_owned() };
events.push(AnyToDeviceEvent::KeyVerificationCancel(event).into());
}
@ -324,8 +319,8 @@ impl VerificationMachine {
};
let event_sent_from_us = |event: &AnyEvent<'_>, from_device: &DeviceId| {
if event.sender() == self.account.user_id() {
from_device == self.account.device_id() || event.is_room_event()
if event.sender() == self.store.account.user_id() {
from_device == self.store.account.device_id() || event.is_room_event()
} else {
false
}
@ -345,7 +340,6 @@ impl VerificationMachine {
if !event_sent_from_us(&event, r.from_device()) {
let request = VerificationRequest::from_request(
self.verifications.clone(),
self.account.clone(),
self.private_identity.lock().await.clone(),
self.store.clone(),
event.sender(),
@ -423,7 +417,6 @@ impl VerificationMachine {
flow_id,
c,
self.store.clone(),
self.account.clone(),
private_identity,
device,
identity,
@ -519,10 +512,11 @@ mod test {
use super::{Sas, VerificationMachine};
use crate::{
olm::PrivateCrossSigningIdentity,
store::{CryptoStore, MemoryStore},
store::MemoryStore,
verification::{
event_enums::{AcceptContent, KeyContent, MacContent, OutgoingContent},
test::wrap_any_to_device_content,
VerificationStore,
},
ReadOnlyAccount, ReadOnlyDevice,
};
@ -555,11 +549,11 @@ mod test {
store.save_devices(vec![bob_device]).await;
bob_store.save_devices(vec![alice_device.clone()]).await;
let bob_store: Arc<dyn CryptoStore> = Arc::new(bob_store);
let bob_store = VerificationStore { account: bob, inner: Arc::new(bob_store) };
let identity = Arc::new(Mutex::new(PrivateCrossSigningIdentity::empty(alice_id())));
let machine = VerificationMachine::new(alice, identity, Arc::new(store));
let (bob_sas, start_content) = Sas::start(
bob,
PrivateCrossSigningIdentity::empty(bob_id()),
alice_device,
bob_store,

56
matrix_sdk_crypto/src/verification/mod.rs
View File

@ -19,10 +19,11 @@ mod qrcode;
mod requests;
mod sas;
use std::sync::Arc;
use std::{collections::HashMap, sync::Arc};
use event_enums::OutgoingContent;
pub use machine::VerificationMachine;
use matrix_sdk_common::locks::Mutex;
pub use qrcode::QrVerification;
pub use requests::VerificationRequest;
use ruma::{
@ -35,7 +36,7 @@ use ruma::{
},
AnyMessageEventContent, AnyToDeviceEventContent,
},
DeviceId, EventId, RoomId, UserId,
DeviceId, DeviceIdBox, EventId, RoomId, UserId,
};
pub use sas::{AcceptSettings, Sas};
use tracing::{error, info, trace, warn};
@ -43,11 +44,58 @@ use tracing::{error, info, trace, warn};
use crate::{
error::SignatureError,
gossiping::{GossipMachine, GossipRequest},
olm::PrivateCrossSigningIdentity,
olm::{PrivateCrossSigningIdentity, ReadOnlyAccount, Session},
store::{Changes, CryptoStore},
CryptoStoreError, LocalTrust, ReadOnlyDevice, ReadOnlyUserIdentities,
};
#[derive(Clone, Debug)]
pub(crate) struct VerificationStore {
pub account: ReadOnlyAccount,
inner: Arc<dyn CryptoStore>,
}
impl VerificationStore {
pub async fn get_device(
&self,
user_id: &UserId,
device_id: &DeviceId,
) -> Result<Option<ReadOnlyDevice>, CryptoStoreError> {
Ok(self.inner.get_device(user_id, device_id).await?.filter(|d| {
!(d.user_id() == self.account.user_id() && d.device_id() == self.account.device_id())
}))
}
pub async fn get_user_identity(
&self,
user_id: &UserId,
) -> Result<Option<ReadOnlyUserIdentities>, CryptoStoreError> {
self.inner.get_user_identity(user_id).await
}
pub async fn save_changes(&self, changes: Changes) -> Result<(), CryptoStoreError> {
self.inner.save_changes(changes).await
}
pub async fn get_user_devices(
&self,
user_id: &UserId,
) -> Result<HashMap<DeviceIdBox, ReadOnlyDevice>, CryptoStoreError> {
self.inner.get_user_devices(user_id).await
}
pub async fn get_sessions(
&self,
sender_key: &str,
) -> Result<Option<Arc<Mutex<Vec<Session>>>>, CryptoStoreError> {
self.inner.get_sessions(sender_key).await
}
pub fn inner(&self) -> &dyn CryptoStore {
&*self.inner
}
}
/// An enum over the different verification types the SDK supports.
#[derive(Clone, Debug)]
pub enum Verification {
@ -308,7 +356,7 @@ pub enum VerificationResult {
#[derive(Clone, Debug)]
pub struct IdentitiesBeingVerified {
private_identity: PrivateCrossSigningIdentity,
store: Arc<dyn CryptoStore>,
store: VerificationStore,
device_being_verified: ReadOnlyDevice,
identity_being_verified: Option<ReadOnlyUserIdentities>,
}

77
matrix_sdk_crypto/src/verification/qrcode.rs
View File

@ -42,12 +42,11 @@ use super::{
event_enums::{CancelContent, DoneContent, OutgoingContent, OwnedStartContent, StartContent},
requests::RequestHandle,
CancelInfo, Cancelled, Done, FlowId, IdentitiesBeingVerified, VerificationResult,
VerificationStore,
};
use crate::{
olm::{PrivateCrossSigningIdentity, ReadOnlyAccount},
store::CryptoStore,
CryptoStoreError, OutgoingVerificationRequest, ReadOnlyDevice, ReadOnlyUserIdentities,
RoomMessageRequest, ToDeviceRequest,
olm::PrivateCrossSigningIdentity, CryptoStoreError, OutgoingVerificationRequest,
ReadOnlyDevice, ReadOnlyUserIdentities, RoomMessageRequest, ToDeviceRequest,
};
const SECRET_SIZE: usize = 16;
@ -81,7 +80,7 @@ pub enum ScanError {
#[derive(Clone)]
pub struct QrVerification {
flow_id: FlowId,
store: Arc<dyn CryptoStore>,
store: VerificationStore,
inner: Arc<QrVerificationData>,
state: Arc<Mutex<InnerState>>,
identities: IdentitiesBeingVerified,
@ -430,7 +429,7 @@ impl QrVerification {
}
pub(crate) fn new_self(
store: Arc<dyn CryptoStore>,
store: VerificationStore,
flow_id: FlowId,
own_master_key: String,
other_device_key: String,
@ -452,8 +451,7 @@ impl QrVerification {
}
pub(crate) fn new_self_no_master(
account: ReadOnlyAccount,
store: Arc<dyn CryptoStore>,
store: VerificationStore,
flow_id: FlowId,
own_master_key: String,
identities: IdentitiesBeingVerified,
@ -464,7 +462,7 @@ impl QrVerification {
let inner: QrVerificationData = SelfVerificationNoMasterKey::new(
flow_id.as_str().to_owned(),
account.identity_keys().ed25519().to_string(),
store.account.identity_keys().ed25519().to_string(),
own_master_key,
secret,
)
@ -474,7 +472,7 @@ impl QrVerification {
}
pub(crate) fn new_cross(
store: Arc<dyn CryptoStore>,
store: VerificationStore,
flow_id: FlowId,
own_master_key: String,
other_master_key: String,
@ -498,8 +496,7 @@ impl QrVerification {
#[allow(clippy::too_many_arguments)]
pub(crate) async fn from_scan(
store: Arc<dyn CryptoStore>,
own_account: ReadOnlyAccount,
store: VerificationStore,
private_identity: PrivateCrossSigningIdentity,
other_user_id: UserId,
other_device_id: DeviceIdBox,
@ -516,8 +513,8 @@ impl QrVerification {
}
let own_identity =
store.get_user_identity(own_account.user_id()).await?.ok_or_else(|| {
ScanError::MissingCrossSigningIdentity(own_account.user_id().to_owned())
store.get_user_identity(store.account.user_id()).await?.ok_or_else(|| {
ScanError::MissingCrossSigningIdentity(store.account.user_id().to_owned())
})?;
let other_identity = store
.get_user_identity(&other_user_id)
@ -543,33 +540,23 @@ impl QrVerification {
}
};
let identities = match qr_code {
let (device_being_verified, identity_being_verified) = match qr_code {
QrVerificationData::Verification(_) => {
check_master_key(qr_code.first_key(), &other_identity)?;
check_master_key(qr_code.second_key(), &own_identity)?;
IdentitiesBeingVerified {
private_identity,
store: store.clone(),
device_being_verified: other_device,
identity_being_verified: Some(other_identity),
}
(other_device, Some(other_identity))
}
QrVerificationData::SelfVerification(_) => {
check_master_key(qr_code.first_key(), &other_identity)?;
if qr_code.second_key() != own_account.identity_keys().ed25519() {
if qr_code.second_key() != store.account.identity_keys().ed25519() {
return Err(ScanError::KeyMismatch {
expected: own_account.identity_keys().ed25519().to_owned(),
expected: store.account.identity_keys().ed25519().to_owned(),
found: qr_code.second_key().to_owned(),
});
}
IdentitiesBeingVerified {
private_identity,
store: store.clone(),
device_being_verified: other_device,
identity_being_verified: Some(other_identity),
}
(other_device, Some(other_identity))
}
QrVerificationData::SelfVerificationNoMasterKey(_) => {
let device_key =
@ -583,23 +570,26 @@ impl QrVerification {
});
}
check_master_key(qr_code.second_key(), &other_identity)?;
IdentitiesBeingVerified {
private_identity,
store: store.clone(),
device_being_verified: other_device,
identity_being_verified: None,
}
(other_device, Some(other_identity))
}
};
let identities = IdentitiesBeingVerified {
private_identity,
store: store.clone(),
device_being_verified,
identity_being_verified,
};
let secret = qr_code.secret().to_owned();
let own_device_id = store.account.device_id().to_owned();
Ok(Self {
store,
flow_id,
inner: qr_code.into(),
state: Mutex::new(InnerState::Reciprocated(QrState {
state: Reciprocated { secret, own_device_id: own_account.device_id().to_owned() },
state: Reciprocated { secret, own_device_id },
}))
.into(),
identities,
@ -609,7 +599,7 @@ impl QrVerification {
}
fn new_helper(
store: Arc<dyn CryptoStore>,
store: VerificationStore,
flow_id: FlowId,
inner: QrVerificationData,
identities: IdentitiesBeingVerified,
@ -808,7 +798,7 @@ mod test {
store::{Changes, CryptoStore, MemoryStore},
verification::{
event_enums::{DoneContent, OutgoingContent, StartContent},
FlowId, IdentitiesBeingVerified,
FlowId, IdentitiesBeingVerified, VerificationStore,
},
QrVerification, ReadOnlyDevice,
};
@ -828,8 +818,10 @@ mod test {
#[async_test]
async fn test_verification_creation() {
let store = memory_store();
let account = ReadOnlyAccount::new(&user_id(), &device_id());
let store = VerificationStore { account: account.clone(), inner: store };
let private_identity = PrivateCrossSigningIdentity::new(user_id()).await;
let flow_id = FlowId::ToDevice("test_transaction".to_owned());
@ -847,7 +839,6 @@ mod test {
};
let verification = QrVerification::new_self_no_master(
account,
store.clone(),
flow_id.clone(),
master_key.clone(),
@ -898,6 +889,8 @@ mod test {
let alice_account = ReadOnlyAccount::new(&user_id(), &device_id());
let store = memory_store();
let store = VerificationStore { account: alice_account.clone(), inner: store };
let bob_account = ReadOnlyAccount::new(alice_account.user_id(), "BOBDEVICE".into());
let private_identity = PrivateCrossSigningIdentity::new(user_id()).await;
@ -924,7 +917,6 @@ mod test {
};
let alice_verification = QrVerification::new_self_no_master(
alice_account.clone(),
store,
flow_id.clone(),
master_key.clone(),
@ -935,6 +927,8 @@ mod test {
let bob_store = memory_store();
let bob_store = VerificationStore { account: bob_account.clone(), inner: bob_store };
let mut changes = Changes::default();
changes.identities.new.push(identity.into());
changes.devices.new.push(alice_device.clone());
@ -945,7 +939,6 @@ mod test {
let bob_verification = QrVerification::from_scan(
bob_store,
bob_account,
private_identity,
alice_account.user_id().to_owned(),
alice_account.device_id().to_owned(),

65
matrix_sdk_crypto/src/verification/requests.rs
View File

@ -42,11 +42,10 @@ use super::{
CancelContent, DoneContent, OutgoingContent, ReadyContent, RequestContent, StartContent,
},
qrcode::{QrVerification, ScanError},
CancelInfo, Cancelled, FlowId, IdentitiesBeingVerified,
CancelInfo, Cancelled, FlowId, IdentitiesBeingVerified, VerificationStore,
};
use crate::{
olm::{PrivateCrossSigningIdentity, ReadOnlyAccount},
store::CryptoStore,
CryptoStoreError, OutgoingVerificationRequest, ReadOnlyDevice, ReadOnlyUserIdentities,
RoomMessageRequest, Sas, ToDeviceRequest,
};
@ -107,16 +106,15 @@ impl VerificationRequest {
#[allow(clippy::too_many_arguments)]
pub(crate) fn new(
cache: VerificationCache,
account: ReadOnlyAccount,
private_cross_signing_identity: PrivateCrossSigningIdentity,
store: Arc<dyn CryptoStore>,
store: VerificationStore,
flow_id: FlowId,
other_user: &UserId,
recipient_devices: Vec<DeviceIdBox>,
methods: Option<Vec<VerificationMethod>>,
) -> Self {
let account = store.account.clone();
let inner = Mutex::new(InnerRequest::Created(RequestState::new(
account.clone(),
private_cross_signing_identity,
cache.clone(),
store,
@ -327,7 +325,6 @@ impl VerificationRequest {
if let InnerRequest::Ready(r) = &*state {
let qr_verification = QrVerification::from_scan(
r.store.clone(),
r.account.clone(),
r.private_cross_signing_identity.clone(),
r.other_user_id.clone(),
r.state.other_device_id.clone(),
@ -348,17 +345,17 @@ impl VerificationRequest {
pub(crate) fn from_request(
cache: VerificationCache,
account: ReadOnlyAccount,
private_cross_signing_identity: PrivateCrossSigningIdentity,
store: Arc<dyn CryptoStore>,
store: VerificationStore,
sender: &UserId,
flow_id: FlowId,
content: &RequestContent,
) -> Self {
let account = store.account.clone();
Self {
verification_cache: cache.clone(),
inner: Arc::new(Mutex::new(InnerRequest::Requested(RequestState::from_request_event(
account.clone(),
private_cross_signing_identity,
cache,
store,
@ -621,7 +618,6 @@ impl VerificationRequest {
.clone()
.start_sas(
s.store.clone(),
s.account.clone(),
s.private_cross_signing_identity.clone(),
self.we_started,
self.inner.clone().into(),
@ -742,10 +738,9 @@ impl InnerRequest {
#[derive(Clone, Debug)]
struct RequestState<S: Clone> {
account: ReadOnlyAccount,
private_cross_signing_identity: PrivateCrossSigningIdentity,
verification_cache: VerificationCache,
store: Arc<dyn CryptoStore>,
store: VerificationStore,
flow_id: Arc<FlowId>,
/// The id of the user which is participating in this verification request.
@ -758,7 +753,6 @@ struct RequestState<S: Clone> {
impl<S: Clone> RequestState<S> {
fn into_done(self, _: &DoneContent) -> RequestState<Done> {
RequestState::<Done> {
account: self.account,
private_cross_signing_identity: self.private_cross_signing_identity,
verification_cache: self.verification_cache,
store: self.store,
@ -774,7 +768,6 @@ impl<S: Clone> RequestState<S> {
cancel_code: &CancelCode,
) -> RequestState<Cancelled> {
RequestState::<Cancelled> {
account: self.account,
private_cross_signing_identity: self.private_cross_signing_identity,
verification_cache: self.verification_cache,
store: self.store,
@ -787,10 +780,9 @@ impl<S: Clone> RequestState<S> {
impl RequestState<Created> {
fn new(
account: ReadOnlyAccount,
private_identity: PrivateCrossSigningIdentity,
cache: VerificationCache,
store: Arc<dyn CryptoStore>,
store: VerificationStore,
other_user_id: &UserId,
flow_id: &FlowId,
methods: Option<Vec<VerificationMethod>>,
@ -798,7 +790,6 @@ impl RequestState<Created> {
let our_methods = methods.unwrap_or_else(|| SUPPORTED_METHODS.to_vec());
Self {
account,
other_user_id: other_user_id.to_owned(),
private_cross_signing_identity: private_identity,
state: Created { our_methods },
@ -811,7 +802,6 @@ impl RequestState<Created> {
fn into_ready(self, _sender: &UserId, content: &ReadyContent) -> RequestState<Ready> {
// TODO check the flow id, and that the methods match what we suggested.
RequestState {
account: self.account,
flow_id: self.flow_id,
verification_cache: self.verification_cache,
private_cross_signing_identity: self.private_cross_signing_identity,
@ -843,17 +833,15 @@ struct Requested {
impl RequestState<Requested> {
fn from_request_event(
account: ReadOnlyAccount,
private_identity: PrivateCrossSigningIdentity,
cache: VerificationCache,
store: Arc<dyn CryptoStore>,
store: VerificationStore,
sender: &UserId,
flow_id: &FlowId,
content: &RequestContent,
) -> RequestState<Requested> {
// TODO only create this if we support the methods
RequestState {
account,
private_cross_signing_identity: private_identity,
store,
verification_cache: cache,
@ -868,7 +856,6 @@ impl RequestState<Requested> {
fn into_passive(self, content: &ReadyContent) -> RequestState<Passive> {
RequestState {
account: self.account,
flow_id: self.flow_id,
verification_cache: self.verification_cache,
private_cross_signing_identity: self.private_cross_signing_identity,
@ -880,7 +867,6 @@ impl RequestState<Requested> {
fn accept(self, methods: Vec<VerificationMethod>) -> (RequestState<Ready>, OutgoingContent) {
let state = RequestState {
account: self.account.clone(),
store: self.store,
verification_cache: self.verification_cache,
private_cross_signing_identity: self.private_cross_signing_identity,
@ -896,7 +882,7 @@ impl RequestState<Requested> {
let content = match self.flow_id.as_ref() {
FlowId::ToDevice(i) => {
AnyToDeviceEventContent::KeyVerificationReady(ReadyToDeviceEventContent::new(
self.account.device_id().to_owned(),
state.store.account.device_id().to_owned(),
methods,
i.to_owned(),
))
@ -905,7 +891,7 @@ impl RequestState<Requested> {
FlowId::InRoom(r, e) => (
r.to_owned(),
AnyMessageEventContent::KeyVerificationReady(ReadyEventContent::new(
self.account.device_id().to_owned(),
state.store.account.device_id().to_owned(),
methods,
Relation::new(e.to_owned()),
)),
@ -942,7 +928,6 @@ impl RequestState<Ready> {
(&*self.flow_id).to_owned(),
content,
self.store.clone(),
self.account.clone(),
self.private_cross_signing_identity.clone(),
other_device,
other_identity,
@ -1013,7 +998,6 @@ impl RequestState<Ready> {
}
} else {
Some(QrVerification::new_self_no_master(
self.account.clone(),
self.store.clone(),
self.flow_id.as_ref().to_owned(),
master_key.to_owned(),
@ -1174,8 +1158,7 @@ impl RequestState<Ready> {
async fn start_sas(
self,
store: Arc<dyn CryptoStore>,
account: ReadOnlyAccount,
store: VerificationStore,
private_identity: PrivateCrossSigningIdentity,
we_started: bool,
request_handle: RequestHandle,
@ -1204,7 +1187,6 @@ impl RequestState<Ready> {
Ok(Some(match self.flow_id.as_ref() {
FlowId::ToDevice(t) => {
let (sas, content) = Sas::start(
account,
private_identity,
device,
store,
@ -1219,7 +1201,6 @@ impl RequestState<Ready> {
let (sas, content) = Sas::start_in_room(
e.to_owned(),
r.to_owned(),
account,
private_identity,
device,
store,
@ -1256,7 +1237,7 @@ mod test {
verification::{
cache::VerificationCache,
event_enums::{OutgoingContent, ReadyContent, RequestContent, StartContent},
FlowId,
FlowId, VerificationStore,
},
ReadOnlyDevice,
};
@ -1286,10 +1267,14 @@ mod test {
let alice_store: Box<dyn CryptoStore> = Box::new(MemoryStore::new());
let alice_identity = PrivateCrossSigningIdentity::empty(alice_id());
let alice_store = VerificationStore { account: alice.clone(), inner: alice_store.into() };
let bob = ReadOnlyAccount::new(&bob_id(), &bob_device_id());
let bob_store: Box<dyn CryptoStore> = Box::new(MemoryStore::new());
let bob_identity = PrivateCrossSigningIdentity::empty(alice_id());
let bob_store = VerificationStore { account: bob.clone(), inner: bob_store.into() };
let content =
VerificationRequest::request(bob.user_id(), bob.device_id(), &alice_id(), None);
@ -1297,9 +1282,8 @@ mod test {
let bob_request = VerificationRequest::new(
VerificationCache::new(),
bob,
bob_identity,
bob_store.into(),
bob_store,
flow_id.clone(),
&alice_id(),
vec![],
@ -1308,7 +1292,6 @@ mod test {
let alice_request = VerificationRequest::from_request(
VerificationCache::new(),
alice,
alice_identity,
alice_store.into(),
&bob_id(),
@ -1336,11 +1319,15 @@ mod test {
let alice_store: Box<dyn CryptoStore> = Box::new(MemoryStore::new());
let alice_identity = PrivateCrossSigningIdentity::empty(alice_id());
let alice_store = VerificationStore { account: alice.clone(), inner: alice_store.into() };
let bob = ReadOnlyAccount::new(&bob_id(), &bob_device_id());
let bob_device = ReadOnlyDevice::from_account(&bob).await;
let bob_store: Box<dyn CryptoStore> = Box::new(MemoryStore::new());
let bob_identity = PrivateCrossSigningIdentity::empty(alice_id());
let bob_store = VerificationStore { account: bob.clone(), inner: bob_store.into() };
let mut changes = Changes::default();
changes.devices.new.push(bob_device.clone());
alice_store.save_changes(changes).await.unwrap();
@ -1355,7 +1342,6 @@ mod test {
let bob_request = VerificationRequest::new(
VerificationCache::new(),
bob,
bob_identity,
bob_store.into(),
flow_id.clone(),
@ -1366,7 +1352,6 @@ mod test {
let alice_request = VerificationRequest::from_request(
VerificationCache::new(),
alice,
alice_identity,
alice_store.into(),
&bob_id(),
@ -1403,6 +1388,8 @@ mod test {
let alice_store: Box<dyn CryptoStore> = Box::new(MemoryStore::new());
let alice_identity = PrivateCrossSigningIdentity::empty(alice_id());
let alice_store = VerificationStore { account: alice.clone(), inner: alice_store.into() };
let bob = ReadOnlyAccount::new(&bob_id(), &bob_device_id());
let bob_device = ReadOnlyDevice::from_account(&bob).await;
let bob_store: Box<dyn CryptoStore> = Box::new(MemoryStore::new());
@ -1416,11 +1403,12 @@ mod test {
changes.devices.new.push(alice_device.clone());
bob_store.save_changes(changes).await.unwrap();
let bob_store = VerificationStore { account: bob.clone(), inner: bob_store.into() };
let flow_id = FlowId::from("TEST_FLOW_ID".to_owned());
let bob_request = VerificationRequest::new(
VerificationCache::new(),
bob,
bob_identity,
bob_store.into(),
flow_id,
@ -1436,7 +1424,6 @@ mod test {
let alice_request = VerificationRequest::from_request(
VerificationCache::new(),
alice,
alice_identity,
alice_store.into(),
&bob_id(),

43
matrix_sdk_crypto/src/verification/sas/mod.rs
View File

@ -35,13 +35,13 @@ use tracing::trace;
use super::{
event_enums::{AnyVerificationContent, OutgoingContent, OwnedAcceptContent, StartContent},
requests::RequestHandle,
CancelInfo, FlowId, IdentitiesBeingVerified, VerificationResult,
CancelInfo, FlowId, IdentitiesBeingVerified, VerificationResult, VerificationStore,
};
use crate::{
identities::{ReadOnlyDevice, ReadOnlyUserIdentities},
olm::PrivateCrossSigningIdentity,
requests::{OutgoingVerificationRequest, RoomMessageRequest},
store::{CryptoStore, CryptoStoreError},
store::CryptoStoreError,
ReadOnlyAccount, ToDeviceRequest,
};
@ -146,16 +146,17 @@ impl Sas {
#[allow(clippy::too_many_arguments)]
fn start_helper(
inner_sas: InnerSas,
account: ReadOnlyAccount,
private_identity: PrivateCrossSigningIdentity,
other_device: ReadOnlyDevice,
store: Arc<dyn CryptoStore>,
store: VerificationStore,
other_identity: Option<ReadOnlyUserIdentities>,
we_started: bool,
request_handle: Option<RequestHandle>,
) -> Sas {
let flow_id = inner_sas.verification_flow_id();
let account = store.account.clone();
let identities = IdentitiesBeingVerified {
private_identity,
store: store.clone(),
@ -185,17 +186,16 @@ impl Sas {
/// sent out through the server to the other device.
#[allow(clippy::too_many_arguments)]
pub(crate) fn start(
account: ReadOnlyAccount,
private_identity: PrivateCrossSigningIdentity,
other_device: ReadOnlyDevice,
store: Arc<dyn CryptoStore>,
store: VerificationStore,
other_identity: Option<ReadOnlyUserIdentities>,
transaction_id: Option<String>,
we_started: bool,
request_handle: Option<RequestHandle>,
) -> (Sas, OutgoingContent) {
let (inner, content) = InnerSas::start(
account.clone(),
store.account.clone(),
other_device.clone(),
other_identity.clone(),
transaction_id,
@ -204,7 +204,6 @@ impl Sas {
(
Self::start_helper(
inner,
account,
private_identity,
other_device,
store,
@ -230,10 +229,9 @@ impl Sas {
pub(crate) fn start_in_room(
flow_id: EventId,
room_id: RoomId,
account: ReadOnlyAccount,
private_identity: PrivateCrossSigningIdentity,
other_device: ReadOnlyDevice,
store: Arc<dyn CryptoStore>,
store: VerificationStore,
other_identity: Option<ReadOnlyUserIdentities>,
we_started: bool,
request_handle: RequestHandle,
@ -241,7 +239,7 @@ impl Sas {
let (inner, content) = InnerSas::start_in_room(
flow_id,
room_id,
account.clone(),
store.account.clone(),
other_device.clone(),
other_identity.clone(),
);
@ -249,7 +247,6 @@ impl Sas {
(
Self::start_helper(
inner,
account,
private_identity,
other_device,
store,
@ -275,8 +272,7 @@ impl Sas {
pub(crate) fn from_start_event(
flow_id: FlowId,
content: &StartContent,
store: Arc<dyn CryptoStore>,
account: ReadOnlyAccount,
store: VerificationStore,
private_identity: PrivateCrossSigningIdentity,
other_device: ReadOnlyDevice,
other_identity: Option<ReadOnlyUserIdentities>,
@ -284,7 +280,7 @@ impl Sas {
we_started: bool,
) -> Result<Sas, OutgoingContent> {
let inner = InnerSas::from_start_event(
account.clone(),
store.account.clone(),
other_device.clone(),
flow_id,
content,
@ -294,7 +290,6 @@ impl Sas {
Ok(Self::start_helper(
inner,
account,
private_identity,
other_device,
store,
@ -562,9 +557,10 @@ mod test {
use super::Sas;
use crate::{
olm::PrivateCrossSigningIdentity,
store::{CryptoStore, MemoryStore},
verification::event_enums::{
AcceptContent, KeyContent, MacContent, OutgoingContent, StartContent,
store::MemoryStore,
verification::{
event_enums::{AcceptContent, KeyContent, MacContent, OutgoingContent, StartContent},
VerificationStore,
},
ReadOnlyAccount, ReadOnlyDevice,
};
@ -593,15 +589,15 @@ mod test {
let bob = ReadOnlyAccount::new(&bob_id(), &bob_device_id());
let bob_device = ReadOnlyDevice::from_account(&bob).await;
let alice_store: Arc<dyn CryptoStore> = Arc::new(MemoryStore::new());
let bob_store = MemoryStore::new();
let alice_store =
VerificationStore { account: alice.clone(), inner: Arc::new(MemoryStore::new()) };
let bob_store = MemoryStore::new();
bob_store.save_devices(vec![alice_device.clone()]).await;
let bob_store: Arc<dyn CryptoStore> = Arc::new(bob_store);
let bob_store = VerificationStore { account: bob.clone(), inner: Arc::new(bob_store) };
let (alice, content) = Sas::start(
alice,
PrivateCrossSigningIdentity::empty(alice_id()),
bob_device,
alice_store,
@ -618,7 +614,6 @@ mod test {
flow_id,
&content,
bob_store,
bob,
PrivateCrossSigningIdentity::empty(bob_id()),
alice_device,
None,