crypto: Update to the latest Ruma changes.
parent
a58ace70a7
commit
d9fbc18777
|
@ -15,9 +15,8 @@ instant = { version = "0.1.6", features = ["wasm-bindgen", "now"] }
|
||||||
js_int = "0.1.8"
|
js_int = "0.1.8"
|
||||||
|
|
||||||
[dependencies.ruma]
|
[dependencies.ruma]
|
||||||
git = "https://github.com/ruma/ruma"
|
path = "/home/poljar/werk/priv/ruma/ruma"
|
||||||
features = ["client-api"]
|
features = ["client-api"]
|
||||||
rev = "e047c647ddcb368e7eb1e05ae8823a9494273457"
|
|
||||||
|
|
||||||
[target.'cfg(not(target_arch = "wasm32"))'.dependencies]
|
[target.'cfg(not(target_arch = "wasm32"))'.dependencies]
|
||||||
uuid = { version = "0.8.1", features = ["v4"] }
|
uuid = { version = "0.8.1", features = ["v4"] }
|
||||||
|
|
|
@ -18,9 +18,7 @@ use dashmap::DashMap;
|
||||||
|
|
||||||
use matrix_sdk_common::{
|
use matrix_sdk_common::{
|
||||||
api::r0::to_device::send_event_to_device::Request as ToDeviceRequest,
|
api::r0::to_device::send_event_to_device::Request as ToDeviceRequest,
|
||||||
events::{
|
events::{AnyToDeviceEvent, AnyToDeviceEventContent},
|
||||||
key::verification::start::StartEventContent, AnyToDeviceEvent, AnyToDeviceEventContent,
|
|
||||||
},
|
|
||||||
identifiers::{DeviceId, UserId},
|
identifiers::{DeviceId, UserId},
|
||||||
locks::RwLock,
|
locks::RwLock,
|
||||||
};
|
};
|
||||||
|
@ -87,23 +85,22 @@ impl VerificationMachine {
|
||||||
) -> Result<(), CryptoStoreError> {
|
) -> Result<(), CryptoStoreError> {
|
||||||
match event {
|
match event {
|
||||||
AnyToDeviceEvent::KeyVerificationStart(e) => {
|
AnyToDeviceEvent::KeyVerificationStart(e) => {
|
||||||
if let StartEventContent::MSasV1(content) = &e.content {
|
|
||||||
if let Some(d) = self
|
if let Some(d) = self
|
||||||
.store
|
.store
|
||||||
.read()
|
.read()
|
||||||
.await
|
.await
|
||||||
.get_device(&e.sender, &content.from_device)
|
.get_device(&e.sender, &e.content.from_device)
|
||||||
.await?
|
.await?
|
||||||
{
|
{
|
||||||
match Sas::from_start_event(self.account.clone(), d, e) {
|
match Sas::from_start_event(self.account.clone(), d, e) {
|
||||||
Ok(s) => {
|
Ok(s) => {
|
||||||
self.verifications.insert(content.transaction_id.clone(), s);
|
self.verifications
|
||||||
|
.insert(e.content.transaction_id.clone(), s);
|
||||||
}
|
}
|
||||||
Err(c) => self.queue_up_content(&e.sender, &content.from_device, c),
|
Err(c) => self.queue_up_content(&e.sender, &e.content.from_device, c),
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
}
|
|
||||||
AnyToDeviceEvent::KeyVerificationCancel(e) => {
|
AnyToDeviceEvent::KeyVerificationCancel(e) => {
|
||||||
self.verifications.remove(&e.content.transaction_id);
|
self.verifications.remove(&e.content.transaction_id);
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,11 +23,11 @@ use matrix_sdk_common::{
|
||||||
api::r0::to_device::send_event_to_device::Request as ToDeviceRequest,
|
api::r0::to_device::send_event_to_device::Request as ToDeviceRequest,
|
||||||
events::{
|
events::{
|
||||||
key::verification::{
|
key::verification::{
|
||||||
accept::AcceptEventContent,
|
accept::{AcceptEventContent, AcceptMethod, MSasV1Content as AcceptV1Content},
|
||||||
cancel::{CancelCode, CancelEventContent},
|
cancel::{CancelCode, CancelEventContent},
|
||||||
key::KeyEventContent,
|
key::KeyEventContent,
|
||||||
mac::MacEventContent,
|
mac::MacEventContent,
|
||||||
start::{MSasV1Content, MSasV1ContentOptions, StartEventContent},
|
start::{MSasV1Content, MSasV1ContentInit, StartEventContent, StartMethod},
|
||||||
HashAlgorithm, KeyAgreementProtocol, MessageAuthenticationCode,
|
HashAlgorithm, KeyAgreementProtocol, MessageAuthenticationCode,
|
||||||
ShortAuthenticationString, VerificationMethod,
|
ShortAuthenticationString, VerificationMethod,
|
||||||
},
|
},
|
||||||
|
@ -438,10 +438,10 @@ struct AcceptedProtocols {
|
||||||
short_auth_string: Vec<ShortAuthenticationString>,
|
short_auth_string: Vec<ShortAuthenticationString>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl From<AcceptEventContent> for AcceptedProtocols {
|
impl From<AcceptV1Content> for AcceptedProtocols {
|
||||||
fn from(content: AcceptEventContent) -> Self {
|
fn from(content: AcceptV1Content) -> Self {
|
||||||
Self {
|
Self {
|
||||||
method: content.method,
|
method: VerificationMethod::MSasV1,
|
||||||
hash: content.hash,
|
hash: content.hash,
|
||||||
key_agreement_protocol: content.key_agreement_protocol,
|
key_agreement_protocol: content.key_agreement_protocol,
|
||||||
message_auth_code: content.message_authentication_code,
|
message_auth_code: content.message_authentication_code,
|
||||||
|
@ -450,6 +450,21 @@ impl From<AcceptEventContent> for AcceptedProtocols {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
impl Default for AcceptedProtocols {
|
||||||
|
fn default() -> Self {
|
||||||
|
AcceptedProtocols {
|
||||||
|
method: VerificationMethod::MSasV1,
|
||||||
|
hash: HashAlgorithm::Sha256,
|
||||||
|
key_agreement_protocol: KeyAgreementProtocol::Curve25519HkdfSha256,
|
||||||
|
message_auth_code: MessageAuthenticationCode::HkdfHmacSha256,
|
||||||
|
short_auth_string: vec![
|
||||||
|
ShortAuthenticationString::Decimal,
|
||||||
|
ShortAuthenticationString::Emoji,
|
||||||
|
],
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/// A type level state machine modeling the Sas flow.
|
/// A type level state machine modeling the Sas flow.
|
||||||
///
|
///
|
||||||
/// This is the generic struc holding common data between the different states
|
/// This is the generic struc holding common data between the different states
|
||||||
|
@ -482,7 +497,7 @@ impl<S: Clone + std::fmt::Debug> std::fmt::Debug for SasState<S> {
|
||||||
/// The initial SAS state.
|
/// The initial SAS state.
|
||||||
#[derive(Clone, Debug)]
|
#[derive(Clone, Debug)]
|
||||||
struct Created {
|
struct Created {
|
||||||
protocol_definitions: MSasV1ContentOptions,
|
protocol_definitions: MSasV1ContentInit,
|
||||||
}
|
}
|
||||||
|
|
||||||
/// The initial SAS state if the other side started the SAS verification.
|
/// The initial SAS state if the other side started the SAS verification.
|
||||||
|
@ -586,7 +601,6 @@ impl SasState<Created> {
|
||||||
/// * `other_device` - The other device which we are going to verify.
|
/// * `other_device` - The other device which we are going to verify.
|
||||||
fn new(account: Account, other_device: Device) -> SasState<Created> {
|
fn new(account: Account, other_device: Device) -> SasState<Created> {
|
||||||
let verification_flow_id = Uuid::new_v4().to_string();
|
let verification_flow_id = Uuid::new_v4().to_string();
|
||||||
let from_device: Box<DeviceId> = account.device_id().into();
|
|
||||||
|
|
||||||
SasState {
|
SasState {
|
||||||
inner: Arc::new(Mutex::new(OlmSas::new())),
|
inner: Arc::new(Mutex::new(OlmSas::new())),
|
||||||
|
@ -597,9 +611,7 @@ impl SasState<Created> {
|
||||||
verification_flow_id: Arc::new(verification_flow_id.clone()),
|
verification_flow_id: Arc::new(verification_flow_id.clone()),
|
||||||
|
|
||||||
state: Arc::new(Created {
|
state: Arc::new(Created {
|
||||||
protocol_definitions: MSasV1ContentOptions {
|
protocol_definitions: MSasV1ContentInit {
|
||||||
transaction_id: verification_flow_id,
|
|
||||||
from_device,
|
|
||||||
short_authentication_string: Sas::STRINGS.to_vec(),
|
short_authentication_string: Sas::STRINGS.to_vec(),
|
||||||
key_agreement_protocols: Sas::KEY_AGREEMENT_PROTOCOLS.to_vec(),
|
key_agreement_protocols: Sas::KEY_AGREEMENT_PROTOCOLS.to_vec(),
|
||||||
message_authentication_codes: Sas::MACS.to_vec(),
|
message_authentication_codes: Sas::MACS.to_vec(),
|
||||||
|
@ -613,10 +625,14 @@ impl SasState<Created> {
|
||||||
///
|
///
|
||||||
/// The content needs to be sent to the other device.
|
/// The content needs to be sent to the other device.
|
||||||
fn as_content(&self) -> StartEventContent {
|
fn as_content(&self) -> StartEventContent {
|
||||||
StartEventContent::MSasV1(
|
StartEventContent {
|
||||||
|
transaction_id: self.verification_flow_id.to_string(),
|
||||||
|
from_device: self.device_id().into(),
|
||||||
|
method: StartMethod::MSasV1(
|
||||||
MSasV1Content::new(self.state.protocol_definitions.clone())
|
MSasV1Content::new(self.state.protocol_definitions.clone())
|
||||||
.expect("Invalid initial protocol definitions."),
|
.expect("Invalid initial protocol definitions."),
|
||||||
)
|
),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Receive a m.key.verification.accept event, changing the state into
|
/// Receive a m.key.verification.accept event, changing the state into
|
||||||
|
@ -633,16 +649,14 @@ impl SasState<Created> {
|
||||||
self.check_sender_and_txid(&event.sender, &event.content.transaction_id)
|
self.check_sender_and_txid(&event.sender, &event.content.transaction_id)
|
||||||
.map_err(|c| self.clone().cancel(c))?;
|
.map_err(|c| self.clone().cancel(c))?;
|
||||||
|
|
||||||
let content = &event.content;
|
if let AcceptMethod::MSasV1(content) = &event.content.method {
|
||||||
if !Sas::KEY_AGREEMENT_PROTOCOLS.contains(&event.content.key_agreement_protocol)
|
if !Sas::KEY_AGREEMENT_PROTOCOLS.contains(&content.key_agreement_protocol)
|
||||||
|| !Sas::HASHES.contains(&event.content.hash)
|
|| !Sas::HASHES.contains(&content.hash)
|
||||||
|| !Sas::MACS.contains(&event.content.message_authentication_code)
|
|| !Sas::MACS.contains(&content.message_authentication_code)
|
||||||
|| (!event
|
|| (!content
|
||||||
.content
|
|
||||||
.short_authentication_string
|
.short_authentication_string
|
||||||
.contains(&ShortAuthenticationString::Emoji)
|
.contains(&ShortAuthenticationString::Emoji)
|
||||||
&& !event
|
&& !content
|
||||||
.content
|
|
||||||
.short_authentication_string
|
.short_authentication_string
|
||||||
.contains(&ShortAuthenticationString::Decimal))
|
.contains(&ShortAuthenticationString::Decimal))
|
||||||
{
|
{
|
||||||
|
@ -662,6 +676,9 @@ impl SasState<Created> {
|
||||||
}),
|
}),
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
Err(self.cancel(CancelCode::UnknownMethod))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -684,7 +701,7 @@ impl SasState<Started> {
|
||||||
other_device: Device,
|
other_device: Device,
|
||||||
event: &ToDeviceEvent<StartEventContent>,
|
event: &ToDeviceEvent<StartEventContent>,
|
||||||
) -> Result<SasState<Started>, SasState<Canceled>> {
|
) -> Result<SasState<Started>, SasState<Canceled>> {
|
||||||
if let StartEventContent::MSasV1(content) = &event.content {
|
if let StartMethod::MSasV1(content) = &event.content.method {
|
||||||
let sas = OlmSas::new();
|
let sas = OlmSas::new();
|
||||||
let utility = OlmUtility::new();
|
let utility = OlmUtility::new();
|
||||||
|
|
||||||
|
@ -700,7 +717,7 @@ impl SasState<Started> {
|
||||||
other_device,
|
other_device,
|
||||||
},
|
},
|
||||||
|
|
||||||
verification_flow_id: Arc::new(content.transaction_id.clone()),
|
verification_flow_id: Arc::new(event.content.transaction_id.clone()),
|
||||||
|
|
||||||
state: Arc::new(Started {
|
state: Arc::new(Started {
|
||||||
protocol_definitions: content.clone(),
|
protocol_definitions: content.clone(),
|
||||||
|
@ -735,10 +752,7 @@ impl SasState<Started> {
|
||||||
other_device,
|
other_device,
|
||||||
},
|
},
|
||||||
|
|
||||||
// TODO we can't get to the transaction id currently since it's
|
verification_flow_id: Arc::new(event.content.transaction_id.clone()),
|
||||||
// behind the content specific enum.
|
|
||||||
verification_flow_id: Arc::new("".to_owned()),
|
|
||||||
|
|
||||||
state: Arc::new(Canceled::new(CancelCode::UnknownMethod)),
|
state: Arc::new(Canceled::new(CancelCode::UnknownMethod)),
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
@ -752,18 +766,21 @@ impl SasState<Started> {
|
||||||
/// been started because of a
|
/// been started because of a
|
||||||
/// m.key.verification.request -> m.key.verification.ready flow.
|
/// m.key.verification.request -> m.key.verification.ready flow.
|
||||||
fn as_content(&self) -> AcceptEventContent {
|
fn as_content(&self) -> AcceptEventContent {
|
||||||
|
let accepted_protocols = AcceptedProtocols::default();
|
||||||
|
|
||||||
AcceptEventContent {
|
AcceptEventContent {
|
||||||
method: VerificationMethod::MSasV1,
|
|
||||||
transaction_id: self.verification_flow_id.to_string(),
|
transaction_id: self.verification_flow_id.to_string(),
|
||||||
|
method: AcceptMethod::MSasV1(AcceptV1Content {
|
||||||
commitment: self.state.commitment.clone(),
|
commitment: self.state.commitment.clone(),
|
||||||
hash: HashAlgorithm::Sha256,
|
hash: accepted_protocols.hash,
|
||||||
key_agreement_protocol: KeyAgreementProtocol::Curve25519HkdfSha256,
|
key_agreement_protocol: accepted_protocols.key_agreement_protocol,
|
||||||
message_authentication_code: MessageAuthenticationCode::HkdfHmacSha256,
|
message_authentication_code: accepted_protocols.message_auth_code,
|
||||||
short_authentication_string: self
|
short_authentication_string: self
|
||||||
.state
|
.state
|
||||||
.protocol_definitions
|
.protocol_definitions
|
||||||
.short_authentication_string
|
.short_authentication_string
|
||||||
.clone(),
|
.clone(),
|
||||||
|
}),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -782,7 +799,8 @@ impl SasState<Started> {
|
||||||
self.check_sender_and_txid(&event.sender, &event.content.transaction_id)
|
self.check_sender_and_txid(&event.sender, &event.content.transaction_id)
|
||||||
.map_err(|c| self.clone().cancel(c))?;
|
.map_err(|c| self.clone().cancel(c))?;
|
||||||
|
|
||||||
let accepted_protocols: AcceptedProtocols = self.as_content().into();
|
let accepted_protocols = AcceptedProtocols::default();
|
||||||
|
|
||||||
self.inner
|
self.inner
|
||||||
.lock()
|
.lock()
|
||||||
.unwrap()
|
.unwrap()
|
||||||
|
|
Loading…
Reference in New Issue