char
/
matrix-rust-sdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

crypto: Update to the latest Ruma changes.

master
Damir Jelić 2020-07-30 15:48:13 +02:00
parent a58ace70a7
commit d9fbc18777
3 changed files with 91 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
matrix_sdk_common/Cargo.toml
View File

@ -15,9 +15,8 @@ instant = { version = "0.1.6", features = ["wasm-bindgen", "now"] }
js_int = "0.1.8" js_int = "0.1.8"
[dependencies.ruma] [dependencies.ruma]
git = "https://github.com/ruma/ruma" path = "/home/poljar/werk/priv/ruma/ruma"
features = ["client-api"] features = ["client-api"]
rev = "e047c647ddcb368e7eb1e05ae8823a9494273457"
[target.'cfg(not(target_arch = "wasm32"))'.dependencies] [target.'cfg(not(target_arch = "wasm32"))'.dependencies]
uuid = { version = "0.8.1", features = ["v4"] } uuid = { version = "0.8.1", features = ["v4"] }

33
matrix_sdk_crypto/src/verification/machine.rs
View File

@ -18,9 +18,7 @@ use dashmap::DashMap;
use matrix_sdk_common::{ use matrix_sdk_common::{
api::r0::to_device::send_event_to_device::Request as ToDeviceRequest, api::r0::to_device::send_event_to_device::Request as ToDeviceRequest,
events::{ events::{AnyToDeviceEvent, AnyToDeviceEventContent},
key::verification::start::StartEventContent, AnyToDeviceEvent, AnyToDeviceEventContent,
},
identifiers::{DeviceId, UserId}, identifiers::{DeviceId, UserId},
locks::RwLock, locks::RwLock,
}; };
@ -87,22 +85,21 @@ impl VerificationMachine {
) -> Result<(), CryptoStoreError> { ) -> Result<(), CryptoStoreError> {
match event { match event {
AnyToDeviceEvent::KeyVerificationStart(e) => { AnyToDeviceEvent::KeyVerificationStart(e) => {
if let StartEventContent::MSasV1(content) = &e.content { if let Some(d) = self
if let Some(d) = self .store
.store .read()
.read() .await
.await .get_device(&e.sender, &e.content.from_device)
.get_device(&e.sender, &content.from_device) .await?
.await? {
{ match Sas::from_start_event(self.account.clone(), d, e) {
match Sas::from_start_event(self.account.clone(), d, e) { Ok(s) => {
Ok(s) => { self.verifications
self.verifications.insert(content.transaction_id.clone(), s); .insert(e.content.transaction_id.clone(), s);
}
Err(c) => self.queue_up_content(&e.sender, &content.from_device, c),
} }
}; Err(c) => self.queue_up_content(&e.sender, &e.content.from_device, c),
} }
};
} }
AnyToDeviceEvent::KeyVerificationCancel(e) => { AnyToDeviceEvent::KeyVerificationCancel(e) => {
self.verifications.remove(&e.content.transaction_id); self.verifications.remove(&e.content.transaction_id);

132
matrix_sdk_crypto/src/verification/sas.rs
View File

@ -23,11 +23,11 @@ use matrix_sdk_common::{
api::r0::to_device::send_event_to_device::Request as ToDeviceRequest, api::r0::to_device::send_event_to_device::Request as ToDeviceRequest,
events::{ events::{
key::verification::{ key::verification::{
accept::AcceptEventContent, accept::{AcceptEventContent, AcceptMethod, MSasV1Content as AcceptV1Content},
cancel::{CancelCode, CancelEventContent}, cancel::{CancelCode, CancelEventContent},
key::KeyEventContent, key::KeyEventContent,
mac::MacEventContent, mac::MacEventContent,
start::{MSasV1Content, MSasV1ContentOptions, StartEventContent}, start::{MSasV1Content, MSasV1ContentInit, StartEventContent, StartMethod},
HashAlgorithm, KeyAgreementProtocol, MessageAuthenticationCode, HashAlgorithm, KeyAgreementProtocol, MessageAuthenticationCode,
ShortAuthenticationString, VerificationMethod, ShortAuthenticationString, VerificationMethod,
}, },
@ -438,10 +438,10 @@ struct AcceptedProtocols {
short_auth_string: Vec<ShortAuthenticationString>, short_auth_string: Vec<ShortAuthenticationString>,
} }
impl From<AcceptEventContent> for AcceptedProtocols { impl From<AcceptV1Content> for AcceptedProtocols {
fn from(content: AcceptEventContent) -> Self { fn from(content: AcceptV1Content) -> Self {
Self { Self {
method: content.method, method: VerificationMethod::MSasV1,
hash: content.hash, hash: content.hash,
key_agreement_protocol: content.key_agreement_protocol, key_agreement_protocol: content.key_agreement_protocol,
message_auth_code: content.message_authentication_code, message_auth_code: content.message_authentication_code,
@ -450,6 +450,21 @@ impl From<AcceptEventContent> for AcceptedProtocols {
} }
} }
impl Default for AcceptedProtocols {
fn default() -> Self {
AcceptedProtocols {
method: VerificationMethod::MSasV1,
hash: HashAlgorithm::Sha256,
key_agreement_protocol: KeyAgreementProtocol::Curve25519HkdfSha256,
message_auth_code: MessageAuthenticationCode::HkdfHmacSha256,
short_auth_string: vec![
ShortAuthenticationString::Decimal,
ShortAuthenticationString::Emoji,
],
}
}
}
/// A type level state machine modeling the Sas flow. /// A type level state machine modeling the Sas flow.
/// ///
/// This is the generic struc holding common data between the different states /// This is the generic struc holding common data between the different states
@ -482,7 +497,7 @@ impl<S: Clone + std::fmt::Debug> std::fmt::Debug for SasState<S> {
/// The initial SAS state. /// The initial SAS state.
#[derive(Clone, Debug)] #[derive(Clone, Debug)]
struct Created { struct Created {
protocol_definitions: MSasV1ContentOptions, protocol_definitions: MSasV1ContentInit,
} }
/// The initial SAS state if the other side started the SAS verification. /// The initial SAS state if the other side started the SAS verification.
@ -586,7 +601,6 @@ impl SasState<Created> {
/// * `other_device` - The other device which we are going to verify. /// * `other_device` - The other device which we are going to verify.
fn new(account: Account, other_device: Device) -> SasState<Created> { fn new(account: Account, other_device: Device) -> SasState<Created> {
let verification_flow_id = Uuid::new_v4().to_string(); let verification_flow_id = Uuid::new_v4().to_string();
let from_device: Box<DeviceId> = account.device_id().into();
SasState { SasState {
inner: Arc::new(Mutex::new(OlmSas::new())), inner: Arc::new(Mutex::new(OlmSas::new())),
@ -597,9 +611,7 @@ impl SasState<Created> {
verification_flow_id: Arc::new(verification_flow_id.clone()), verification_flow_id: Arc::new(verification_flow_id.clone()),
state: Arc::new(Created { state: Arc::new(Created {
protocol_definitions: MSasV1ContentOptions { protocol_definitions: MSasV1ContentInit {
transaction_id: verification_flow_id,
from_device,
short_authentication_string: Sas::STRINGS.to_vec(), short_authentication_string: Sas::STRINGS.to_vec(),
key_agreement_protocols: Sas::KEY_AGREEMENT_PROTOCOLS.to_vec(), key_agreement_protocols: Sas::KEY_AGREEMENT_PROTOCOLS.to_vec(),
message_authentication_codes: Sas::MACS.to_vec(), message_authentication_codes: Sas::MACS.to_vec(),
@ -613,10 +625,14 @@ impl SasState<Created> {
/// ///
/// The content needs to be sent to the other device. /// The content needs to be sent to the other device.
fn as_content(&self) -> StartEventContent { fn as_content(&self) -> StartEventContent {
StartEventContent::MSasV1( StartEventContent {
MSasV1Content::new(self.state.protocol_definitions.clone()) transaction_id: self.verification_flow_id.to_string(),
.expect("Invalid initial protocol definitions."), from_device: self.device_id().into(),
) method: StartMethod::MSasV1(
MSasV1Content::new(self.state.protocol_definitions.clone())
.expect("Invalid initial protocol definitions."),
),
}
} }
/// Receive a m.key.verification.accept event, changing the state into /// Receive a m.key.verification.accept event, changing the state into
@ -633,34 +649,35 @@ impl SasState<Created> {
self.check_sender_and_txid(&event.sender, &event.content.transaction_id) self.check_sender_and_txid(&event.sender, &event.content.transaction_id)
.map_err(|c| self.clone().cancel(c))?; .map_err(|c| self.clone().cancel(c))?;
let content = &event.content; if let AcceptMethod::MSasV1(content) = &event.content.method {
if !Sas::KEY_AGREEMENT_PROTOCOLS.contains(&event.content.key_agreement_protocol) if !Sas::KEY_AGREEMENT_PROTOCOLS.contains(&content.key_agreement_protocol)
|| !Sas::HASHES.contains(&event.content.hash) || !Sas::HASHES.contains(&content.hash)
|| !Sas::MACS.contains(&event.content.message_authentication_code) || !Sas::MACS.contains(&content.message_authentication_code)
|| (!event || (!content
.content
.short_authentication_string
.contains(&ShortAuthenticationString::Emoji)
&& !event
.content
.short_authentication_string .short_authentication_string
.contains(&ShortAuthenticationString::Decimal)) .contains(&ShortAuthenticationString::Emoji)
{ && !content
Err(self.cancel(CancelCode::UnknownMethod)) .short_authentication_string
} else { .contains(&ShortAuthenticationString::Decimal))
let json_start_content = cjson::to_string(&self.as_content()) {
.expect("Can't deserialize start event content"); Err(self.cancel(CancelCode::UnknownMethod))
} else {
let json_start_content = cjson::to_string(&self.as_content())
.expect("Can't deserialize start event content");
Ok(SasState { Ok(SasState {
inner: self.inner, inner: self.inner,
ids: self.ids, ids: self.ids,
verification_flow_id: self.verification_flow_id, verification_flow_id: self.verification_flow_id,
state: Arc::new(Accepted { state: Arc::new(Accepted {
json_start_content, json_start_content,
commitment: content.commitment.clone(), commitment: content.commitment.clone(),
accepted_protocols: Arc::new(content.clone().into()), accepted_protocols: Arc::new(content.clone().into()),
}), }),
}) })
}
} else {
Err(self.cancel(CancelCode::UnknownMethod))
} }
} }
} }
@ -684,7 +701,7 @@ impl SasState<Started> {
other_device: Device, other_device: Device,
event: &ToDeviceEvent<StartEventContent>, event: &ToDeviceEvent<StartEventContent>,
) -> Result<SasState<Started>, SasState<Canceled>> { ) -> Result<SasState<Started>, SasState<Canceled>> {
if let StartEventContent::MSasV1(content) = &event.content { if let StartMethod::MSasV1(content) = &event.content.method {
let sas = OlmSas::new(); let sas = OlmSas::new();
let utility = OlmUtility::new(); let utility = OlmUtility::new();
@ -700,7 +717,7 @@ impl SasState<Started> {
other_device, other_device,
}, },
verification_flow_id: Arc::new(content.transaction_id.clone()), verification_flow_id: Arc::new(event.content.transaction_id.clone()),
state: Arc::new(Started { state: Arc::new(Started {
protocol_definitions: content.clone(), protocol_definitions: content.clone(),
@ -735,10 +752,7 @@ impl SasState<Started> {
other_device, other_device,
}, },
// TODO we can't get to the transaction id currently since it's verification_flow_id: Arc::new(event.content.transaction_id.clone()),
// behind the content specific enum.
verification_flow_id: Arc::new("".to_owned()),
state: Arc::new(Canceled::new(CancelCode::UnknownMethod)), state: Arc::new(Canceled::new(CancelCode::UnknownMethod)),
}) })
} }
@ -752,18 +766,21 @@ impl SasState<Started> {
/// been started because of a /// been started because of a
/// m.key.verification.request -> m.key.verification.ready flow. /// m.key.verification.request -> m.key.verification.ready flow.
fn as_content(&self) -> AcceptEventContent { fn as_content(&self) -> AcceptEventContent {
let accepted_protocols = AcceptedProtocols::default();
AcceptEventContent { AcceptEventContent {
method: VerificationMethod::MSasV1,
transaction_id: self.verification_flow_id.to_string(), transaction_id: self.verification_flow_id.to_string(),
commitment: self.state.commitment.clone(), method: AcceptMethod::MSasV1(AcceptV1Content {
hash: HashAlgorithm::Sha256, commitment: self.state.commitment.clone(),
key_agreement_protocol: KeyAgreementProtocol::Curve25519HkdfSha256, hash: accepted_protocols.hash,
message_authentication_code: MessageAuthenticationCode::HkdfHmacSha256, key_agreement_protocol: accepted_protocols.key_agreement_protocol,
short_authentication_string: self message_authentication_code: accepted_protocols.message_auth_code,
.state short_authentication_string: self
.protocol_definitions .state
.short_authentication_string .protocol_definitions
.clone(), .short_authentication_string
.clone(),
}),
} }
} }
@ -782,7 +799,8 @@ impl SasState<Started> {
self.check_sender_and_txid(&event.sender, &event.content.transaction_id) self.check_sender_and_txid(&event.sender, &event.content.transaction_id)
.map_err(|c| self.clone().cancel(c))?; .map_err(|c| self.clone().cancel(c))?;
let accepted_protocols: AcceptedProtocols = self.as_content().into(); let accepted_protocols = AcceptedProtocols::default();
self.inner self.inner
.lock() .lock()
.unwrap() .unwrap()