bd0ac703a0
crypto: Initial logic for session unwedging.
2020-10-09 15:39:35 +02:00
6d2e9cfc02
crypto: Share the users_for_key_claim map between modules.
2020-10-09 11:36:31 +02:00
473e49252e
crytpo: Get the session from the list of sessions in a safe manner.
2020-10-08 15:56:17 +02:00
d96c9f85a1
crypto: Add doces for the get_missing_sessions method.
2020-10-08 14:50:35 +02:00
279ce0bba0
crypto: Split out the Olm session handling logic into a separate module.
2020-10-08 14:41:34 +02:00
da5ef42719
crypto: Log when we invalidate a group session.
2020-10-08 14:03:01 +02:00
723fdeaa06
crypto: Fix a clippy warning.
2020-10-08 12:59:10 +02:00
19d513e3c0
crypto: Simplify and test the group session invalidation logic.
2020-10-08 12:40:42 +02:00
23ac00c8ec
crypto: Initial support for group session invalidation.
2020-10-08 11:16:02 +02:00
4019ebf121
crypto: Fix some clippy warnings.
2020-10-07 17:56:29 +02:00
9a838abd67
crypto: Log when we're not serving a key request because of a missing session.
2020-10-07 14:22:13 +02:00
17d23eb9e5
matrix-sdk: Add automatic key claiming support.
2020-10-07 14:07:47 +02:00
8ea0035cd0
crypto: Add the automatic key claim users to the key claim request.
2020-10-07 14:02:50 +02:00
06b9c71dbc
crypto: Refactor out the key share wait queue.
2020-10-07 12:42:39 +02:00
6a8ac62a51
crypto: Remove an unwrap.
2020-10-07 11:57:46 +02:00
1e894269c8
crypto: Correctly handle the key share without a session and test it.
2020-10-07 11:57:09 +02:00
e5f0f64405
crypto: Initial scaffolding for key shares for devices that are missing a session.
2020-10-06 16:38:42 +02:00
e3d24f5c31
crypto: Fix some clippy warnings.
2020-10-01 16:45:13 +02:00
02c765f903
crypto: Don't mark outbound group sessions automatically as shared.
2020-10-01 16:31:24 +02:00
fc6ff2c78a
crytpo: Remove an unneeded map/clone.
2020-10-01 12:46:09 +02:00
1d8f01ef11
crypto: Remove the third Device variant.
2020-10-01 12:15:13 +02:00
c8ca93c924
crytpo: Let the verification machine hold on to a raw CryptoStore.
...
This will later be useful when our higher level store wrapper holds on
to a verification machine to return higher level Device objects.
2020-10-01 11:17:27 +02:00
d644af7be9
crypto: Remove an unneeded clone.
2020-10-01 09:56:22 +02:00
ff2079da91
crypto: Move the group session handling logic into separate module.
2020-09-30 15:43:25 +02:00
646f18ae18
crypto: Remove an unused import.
2020-09-29 17:53:11 +02:00
2b8d4a21a4
crypto: Connect the key request handling to the main state machine.
2020-09-29 17:40:06 +02:00
78badd9af8
crypto: Use the correct event type when sending out forwarded room keys.
2020-09-29 17:36:56 +02:00
58aef51770
crypto: Remove an unneeded mutable borrow.
2020-09-29 14:44:18 +02:00
8fe1eda169
crypto: Test the full key share flow.
2020-09-29 14:18:03 +02:00
84066d4a76
crypto: Split out the Account into a read only portion and one with effects.
2020-09-29 12:03:41 +02:00
e1c220e2f7
crypto: Test a key share cycle.
2020-09-29 10:24:54 +02:00
798656dac5
crypto: Allow the key request machine to access the outbound group sessions.
2020-09-29 10:09:47 +02:00
721c459577
crypto: Collapse an if tree.
2020-09-28 15:07:57 +02:00
23173c4a1e
crypto: Test our key sharing decision logic.
2020-09-28 14:51:57 +02:00
4a8c5ebab0
crypto: Return an enum that describes why we won't serve a key share request.
2020-09-28 14:12:08 +02:00
e29508938b
crypto: More work on the incoming key request handling.
2020-09-28 13:32:30 +02:00
a357536ade
crypto: Initial scaffolding for incoming key share handling.
2020-09-28 09:27:16 +02:00
f3be27921c
crypto: Move the device trust state logic into the read only device.
2020-09-24 12:45:23 +02:00
42c4cf2a30
crypto: Test the outgoing requests method instead of accessing the field.
2020-09-24 12:00:22 +02:00
c5bece2d58
crypto: Zeroize and remove the session key copies for forwarded room keys.
2020-09-24 11:18:01 +02:00
4662ca2e32
crypto: Refactor the one-time key count update logic.
2020-09-24 11:16:15 +02:00
5a86b067e4
crypto: Add tests for the identity manager.
2020-09-23 15:45:25 +02:00
7c3e751d6e
Merge branch 'crypto-improvements' into master
2020-09-23 11:07:49 +02:00
95e906e0dc
crypto: Save the account if the one-time key count updates.
2020-09-18 20:50:32 +02:00
2e3d30d7b4
crypto: Move the identity/device management logic into a separate struct.
2020-09-18 20:50:32 +02:00
5b0457dad0
crypto: Remember the users that received the outbound group session.
2020-09-18 18:55:17 +02:00
a183584541
crypto: Test that we correctly check the hash when decrypting attachments.
2020-09-18 17:49:44 +02:00
562bb5aee3
crypto: Remove some dead key requests code for now.
2020-09-18 17:26:56 +02:00
dea3e4adf4
crypto: Document when a key export may panic.
2020-09-18 14:04:39 +02:00
5d5d5bb141
crypto: Hook up the key requesting to the main state machine.
2020-09-18 13:50:13 +02:00
c58cf71be1
crypto: Send out key request cancellations once we receive a key.
2020-09-18 13:49:46 +02:00
af4b00195b
crypto: Implement the key/value store for the sqlite store.
2020-09-18 13:42:51 +02:00
300b03bd9e
crypto: Add more test for the outgoing key requests.
2020-09-17 17:13:42 +02:00
a5b195efc7
crypto: Initial tests for the key requests state machine.
2020-09-17 16:55:33 +02:00
692f9baa0e
crypto: Add logic to handle outgoing key requests.
2020-09-17 16:09:08 +02:00
6b24d91ed9
crypto: Add an initial version of our key request state machine.
2020-09-17 14:16:43 +02:00
24ce4881c7
crypto: Add a method to save/load arbitrary objects from a CryptoStore.
...
This actually adds trait methods that save/load strings from the
CryptoStore. We add a wrapper for the CryptoStore since we can't mix
trait objects and generics, so we add generic methods to save/load
anything that implements Serialize/Deserialize.
2020-09-16 16:03:19 +02:00
849934b180
crypto: Use a constant for the attachment encryption version.
2020-09-16 12:39:23 +02:00
ae894e0ff6
crypto: Finish up the attachment encryption.
...
This adds docs and proper error handling to the attachment encryption.
Zeroing out the key buffers is added as well.
2020-09-16 12:05:44 +02:00
890e6cbc73
crypto: Turn an unwrap into a except.
2020-09-15 17:18:31 +02:00
3573614640
crypto: Add some TODOs for the key query handling.
2020-09-15 12:13:35 +02:00
a60f60bd7d
Merge branch 'master' into encrypted_attachments
2020-09-15 12:04:37 +02:00
b628e6286a
crypto: Remove an unused import.
2020-09-14 20:27:30 +02:00
fb47abcc17
Update ruma
2020-09-14 20:26:52 +02:00
2d6882c495
crypto: Use a Read implementation for the attachment encryption as well.
2020-09-14 20:06:44 +02:00
51f3d90224
crypto: Move the file encryption modules under a submodule.
2020-09-14 17:14:18 +02:00
1a140ecc2f
crypto: Initial support for attachment encryption.
2020-09-14 16:38:52 +02:00
ffd2843b0a
matrix-sdk: Expose the import/export keys methods.
2020-09-11 16:34:39 +02:00
618a58ba34
crypto: Add error handling to the key exports.
2020-09-10 17:02:36 +02:00
8af18a4df7
crypto: Test the EncryptionSettings conversion.
2020-09-10 16:21:23 +02:00
7790c3db8f
crypto: Fix a bunch of clippy warnings.
2020-09-10 16:07:28 +02:00
e3f4c1849c
crypto: Finish up the key export feature.
2020-09-10 15:54:41 +02:00
848156213b
crypto: Add a PartialEq derive for the exported key struct.
2020-09-10 15:51:39 +02:00
23e953d9cf
crypto: Hide some methods that shouldn't be public.
2020-09-10 15:49:34 +02:00
464e181f66
crypto: Add a method to get all group sessions from the store.
2020-09-10 14:59:20 +02:00
7bd0e4975b
crypto: Store the forwarding chains for group sessions.
2020-09-09 17:27:10 +02:00
127d4c225b
crypto: Change the crypto store so we can save multiple group sessions at once.
2020-09-09 16:34:18 +02:00
9617d9aac9
crypto: Test the import/export of group sessions.
2020-09-09 16:10:16 +02:00
e828828ace
crypto: Document the exported key -> forwarded room key conversion methods.
2020-09-09 15:11:25 +02:00
3e9b0a8e7f
crypto: Correctly store the ed25519 key map for inbound group sessions.
2020-09-09 15:03:19 +02:00
aff1e1d0a8
crypto: Add key export methods for inbound group sessions.
2020-09-09 12:47:28 +02:00
98f69aed41
crypto: Remove some duplicated types after the group session split.
2020-09-09 11:52:10 +02:00
acfd0cdb07
crypto: Split out the group session module into multiple files.
2020-09-09 11:07:49 +02:00
fc60593801
crypto: Remove some unused into implementation.
2020-09-08 17:34:34 +02:00
14226c0778
crypto: Refactor some tests.
2020-09-08 16:17:17 +02:00
70ffc43ce0
crypto: Store the trust state of our own identities as well.
2020-09-08 16:07:37 +02:00
9810a2f630
crypto: Finish up the cross signing storing for the sqlite store.
2020-09-08 15:24:23 +02:00
d35cf56dc8
crypto: Disable the real life key export test since it take a lot of time.
2020-09-07 16:59:30 +02:00
083cebe735
crypto: Initial WIP user identity storing logic.
2020-09-07 16:57:58 +02:00
faaf3f7a29
crypto: Identities add some methods to get the keys/signatures of the keys.
2020-09-07 16:57:17 +02:00
f57447527d
crypto: Initial logic for encrypting key exports.
2020-09-04 17:59:56 +02:00
8dbc7c38e5
crypto: Correctly split the 2 keys in the key export logic.
2020-09-04 16:34:19 +02:00
5a069a8721
Merge branch 'master' into key_export
2020-09-04 14:48:56 +02:00
89efcee337
crypto: Move the signature verification method under an Utility struct.
2020-09-04 13:18:31 +02:00
22daf0d81e
Merge branch 'to-device-txn-uuid' into crypto-improvements
2020-09-04 12:54:40 +02:00
53fec7a87e
crypto: Don't ignore store errors when fetching the identities.
2020-09-04 12:44:03 +02:00
adf8905d9f
crypto: Rename the memory stores into caches and reorder the store module.
2020-09-04 12:42:40 +02:00
7b3dfe2f27
crypto: Move the device and user identities under one module.
2020-09-04 10:51:46 +02:00
73c104cac1
Replace IncomingToDeviceRequest with customized request type
2020-09-03 20:02:55 +02:00
d86c05efb3
crypto: Add a fixme to the sqlite store since it's not storing forwarding chains.
2020-09-02 15:08:24 +02:00
8b5bb7d8c5
crypto: Remove the deserialize implementations for our user identity.
...
Deriving Serialize/Deserialize for an AtomicBool doesn't seem to be
implemented under WASM. So remove the derives for now.
2020-09-02 13:54:04 +02:00
2195da1cd8
crypto: Fix some docs.
2020-09-02 12:28:18 +02:00
65843f89dc
crypto: Simplify the signature loading in the sqlite cryptostore.
2020-09-02 12:24:46 +02:00
8b56546565
crypto: Remove an unwrap from the sqlite cryptostore.
2020-09-02 12:17:38 +02:00
8c4acf54e0
crypto: Reorder the errors so unpickling now returns the timestamp error.
2020-09-02 12:11:06 +02:00
c652762255
crypto: Allow user identities to be seralized/deserialized.
2020-09-02 11:54:04 +02:00
4bab678e46
crypto: Allow most of the ReadOnlyDevice to be serialized.
2020-09-02 11:49:49 +02:00
81b127b6e7
crypto: Modify all the pickling logic so we return serializeable structs.
2020-09-02 11:45:35 +02:00
269cfc3d34
crypto: Add a pickled account struct making account storing easier.
2020-09-02 09:37:10 +02:00
987d87cd5d
crypto: Use the correct async-trait macro for the CryptoStores.
2020-09-01 17:41:30 +02:00
0de4a21320
crypto: Expose some missing structs that are needed to implement a cryptostore.
2020-09-01 17:39:51 +02:00
a2bfa08e09
crypto: Initial decryption method for key exports.
2020-08-26 19:14:24 +02:00
39628a308b
matrix-sdk: Allow any event content to be sent out with room_send().
2020-08-26 15:41:27 +02:00
6760f81498
matrix-sdk: Update Ruma.
2020-08-26 13:40:38 +02:00
95c8708995
crypto: Document and rename the mark_requests_as_sent() method.
2020-08-24 14:49:57 +02:00
8d39821a1f
crypto: Remove some unused imports from the top level module.
2020-08-24 14:34:22 +02:00
2bcbf1eca4
Merge branch 'power-ev-overflow' into master
2020-08-24 14:27:02 +02:00
298c260c5f
crypto: Document the outgoing request types.
2020-08-23 17:03:04 +02:00
72614e4252
matrix_sdk_crypto: Appease clippy
2020-08-22 08:00:32 -04:00
edea5e1c51
crypto: Fix a clippy warning.
2020-08-21 16:46:28 +02:00
b3941ca254
crypto: Verify user identities when we're the first one to confirm as well.
2020-08-21 16:39:15 +02:00
c3c6428717
crypto: Remove some clippy warnings.
2020-08-21 16:31:02 +02:00
de90da4adc
crypto: Make the verification machine compatible with how we queue up requests.
2020-08-21 16:26:34 +02:00
002531349e
crypto: Decluter the main doc page a bit.
2020-08-21 15:06:54 +02:00
e38bfc64f4
crypto: Streamline the key claiming so we use the new mark request as sent method.
2020-08-21 14:40:49 +02:00
93e1967119
crypto: Initial refactor to switch to the outgoing_requests queue.
2020-08-21 13:35:01 +02:00
aee40977a3
crypto: Clamp the rotation period ms so users can't wedge E2E.
...
Users may set a very small rotation period this might mean that a
session might expire by the time it's shared ending up in a loop where
we constantly need to share a group session yet never manage to send a
message.
2020-08-21 12:50:16 +02:00
ce93869915
crypto: Return an Option instead of an empty result for the key uploads.
2020-08-21 09:50:01 +02:00
202c20feda
crypto: Rename the method to set the local trust of a device.
2020-08-20 18:01:34 +02:00
c307690c2e
crypto: Fix a clippy warning and some spelling.
2020-08-20 16:06:06 +02:00
552a12eeed
crypto: More docs for the user identities.
2020-08-20 15:52:40 +02:00
c2ad298963
crypto: Check that the user ids match for the cross signing keys.
2020-08-20 15:40:49 +02:00
d908d0f817
crypto: Don't allow user identities to verify devices of other users.
2020-08-20 15:17:19 +02:00
9edc876160
crypto: Check that the master key and subkeys have the same user id.
2020-08-20 15:14:58 +02:00
398edbbe0c
crypto: Reset the verification state of our identity if the master keys change.
2020-08-20 15:13:55 +02:00
89b56b5af8
crypto: Don't expose the btree map of the master key dirrectly.
...
This implements PartialEq for the master key so we can check if they
have changed when doing SAS.
2020-08-20 15:06:49 +02:00
a57f63d614
crypto: Document the user identities.
2020-08-20 14:44:16 +02:00
74dd0a00d3
crypto: Simplify the default hashmaps in the memory stores.
2020-08-20 12:23:18 +02:00
b97e3d7bae
crypto: Fix a clippy warning.
2020-08-20 10:49:14 +02:00
c3eb4d8106
crypto: Simplify some more function definitions.
2020-08-20 10:36:58 +02:00
ea49a35b43
crypto: Simplify the function signature of share_group_session.
2020-08-20 10:25:05 +02:00
a99e47c310
crypto: Shorten some log lines.
2020-08-20 10:23:16 +02:00
69fbe65ac4
crypto: Add some docs for the cross signing keys handling method.
2020-08-20 10:21:00 +02:00
aaa15c768c
crypto: Simplify the Olm message map construction.
2020-08-20 10:19:55 +02:00
58185e08e8
crypto: Move the olm_encrypt() method into the higher level Device.
2020-08-20 10:18:36 +02:00
1bd15b9fdd
crypto: Remove some unneeded clones.
2020-08-19 18:04:06 +02:00
23126c4e48
crypto: Disable the sqlite store test if the feature is disabled.
2020-08-19 17:55:28 +02:00
6f5352b9a9
crypto: Test the signature checking of user identities.
2020-08-19 17:52:38 +02:00
eb16737d3b
crypto: Add some comments about the order of signature checks.
2020-08-19 15:35:34 +02:00
56309ae12c
matrix-sdk: Bump the versions of our deps.
2020-08-19 14:52:11 +02:00
7f23cbbeb5
crypto: Add a TODO about cross signing signatures.
2020-08-19 14:49:40 +02:00
3153a81cd2
crypto: Add support to check the cross signing verification state of a device.
2020-08-19 14:47:22 +02:00
c3e593d998
crypto: The device identity can be our own, so store the identity enum instead.
2020-08-19 14:43:49 +02:00
c2a386b889
crypto: Fix a clippy warning.
2020-08-19 14:40:04 +02:00
317a141e07
crypto: If our own identity passed a SAS flow, mark it as verified.
2020-08-19 14:34:18 +02:00
3990e50ca6
crypto: Store the verified identities in the SAS states.
2020-08-19 14:28:16 +02:00
90ea0229f2
crypto: Rename TrustState to LocalTrust since.
...
We might still trust the device event if our local trust isn't set, so
rename the enum to better reflect that meaning.
2020-08-19 11:20:08 +02:00
a42af5da69
crypto: Let the device hold on to identities.
...
This makes it possible to check the verification state of the device
directly.
2020-08-19 10:58:14 +02:00
f63a01a85b
crypto: Remove a stale TODO.
2020-08-18 15:36:04 +02:00
27e1fb9a35
crypto: Pass the user identity to the SAS object when a start event is received.
2020-08-18 15:25:00 +02:00
c21517c61e
crypto: Store the changed user identities.
2020-08-18 15:23:37 +02:00
f626f2b24e
crypto: Add some logging for the user identity update logic.
2020-08-18 15:22:30 +02:00
37a7f69e03
crypto: Implement storage for the user identities in the memory store.
2020-08-18 15:13:56 +02:00
38cf771f1f
crypto: Pass the identity further through the SAS layer and try to verify it.
2020-08-18 14:24:27 +02:00
6d0b73cb3d
crypto: Pass the user identity to the SAS object when doing verifications.
2020-08-18 13:37:02 +02:00
f96437a242
crypto: Initial scaffolding for handling user identities in key queries.
2020-08-18 12:50:03 +02:00
6db7eb0694
crypto: Add a method to directly verify a device.
2020-08-17 17:36:07 +02:00
84c0311d80
crypto: Rename the UserDevicesWrap struct.
2020-08-17 17:12:39 +02:00
de097d3ca0
crypto: Rename UserDevices to ReadOnlyUserDevices.
2020-08-17 17:01:38 +02:00
0f26e7e3bc
crypto: Fix the doc for the read-only device.
2020-08-17 16:40:37 +02:00
91db502cfe
crypto: Rename DeviceWrap to Device.
2020-08-17 16:36:50 +02:00
43aea6e482
crypto: Rename Device to ReadOnlyDevice.
2020-08-17 16:17:28 +02:00
fd8377bce2
crypto: Add device wrappers so that the verification can be started with a device.
2020-08-17 15:36:45 +02:00
16a115d27e
Merge branch 'up-ruma' into master
2020-08-17 11:17:02 +02:00
8167f5e9de
crypto: Simplify the function signature of the share group session method.
2020-08-16 16:25:48 +02:00
5876c89858
crypto: The mark_user_as_changed method doesn't need to be public.
2020-08-15 15:51:04 +02:00
5040be042f
Update ruma
2020-08-15 15:17:27 +02:00
09f009ebd7
matrix-sdk: Bump our deps.
2020-08-14 17:11:54 +02:00
664d8c239c
crypto: Don't share group sessions with blacklisted devices.
2020-08-14 16:20:49 +02:00
97ad060d4b
crypto: Test that we can create other users identities.
2020-08-14 16:18:18 +02:00
f4de3580b6
crypto: Expose the device/identity verification methods through the identities.
2020-08-14 15:32:44 +02:00
0fc5134563
crypto: Add methods to check if a cross signing key signed a device.
2020-08-14 15:06:24 +02:00
b0de9d1809
crypto: Allow some test methods to be dead code since macOS can't use them.
2020-08-14 15:04:59 +02:00
75fa7e97f9
crypto: Remove some unneeded clones.
2020-08-14 14:29:53 +02:00
d21e8213b5
crypto: Don't panic if the key id can't be parsed.
2020-08-14 14:25:51 +02:00
181c2a92de
crypto: Initial scaffolding for the public cross signing keys.
2020-08-14 14:10:29 +02:00
08d76f2ff4
crypto: Pass the device key id to the verify signature method.
2020-08-14 14:08:53 +02:00
5b758b8344
crypto: Don't allow dead code in the SAS layer anymore.
2020-08-14 11:09:50 +02:00
499f2796ba
crypto: Add some logging to the MAC calculation for SAS.
2020-08-14 10:57:17 +02:00
df0444faa5
crypto: Test the full SAS flow from the Olm machine.
2020-08-13 16:46:11 +02:00
b4c1b26f96
crytpo: Store the SAS object in the machine if we're starting it.
2020-08-13 16:45:12 +02:00
0245782cf4
crypto: Better grammar for a panic message.
2020-08-13 15:59:17 +02:00
87d0102663
crypto: Test the Olm machine with the default store.
2020-08-13 15:57:31 +02:00
6ee8b07cfe
crypto: Test that session expiration works correctly.
2020-08-13 15:03:28 +02:00
344631b4ee
crypto: Respect the encryption settings of a room when creating sessions.
2020-08-13 14:41:59 +02:00
9b8e11aab9
crypto: Fix the docs for our features.
2020-08-13 11:06:26 +02:00
a0abffd026
crypto: Fix the link to the share group session method.
2020-08-13 11:04:37 +02:00
36ca784690
crypto: Expose a method to get all devices of an user.
2020-08-12 17:16:27 +02:00
18e597aa79
crypto: More doc fixes.
2020-08-12 15:14:16 +02:00
407f9a3da8
matrix-sdk: Make sure to not send out multiple group share requests at once.
2020-08-12 15:12:51 +02:00
Damir Jelić
Jonas Platte
Devin Ragotzy