Commit Graph

453 Commits (5c608ed474f7066998e5d40cc6b5074e628d805f)

Author SHA1 Message Date
Damir Jelić c5bece2d58 crypto: Zeroize and remove the session key copies for forwarded room keys. 2020-09-24 11:18:01 +02:00
Damir Jelić 4662ca2e32 crypto: Refactor the one-time key count update logic. 2020-09-24 11:16:15 +02:00
Damir Jelić 5a86b067e4 crypto: Add tests for the identity manager. 2020-09-23 15:45:25 +02:00
Damir Jelić 7c3e751d6e Merge branch 'crypto-improvements' into master 2020-09-23 11:07:49 +02:00
Damir Jelić 95e906e0dc crypto: Save the account if the one-time key count updates. 2020-09-18 20:50:32 +02:00
Damir Jelić 2e3d30d7b4 crypto: Move the identity/device management logic into a separate struct. 2020-09-18 20:50:32 +02:00
Damir Jelić 5b0457dad0 crypto: Remember the users that received the outbound group session. 2020-09-18 18:55:17 +02:00
Damir Jelić a183584541 crypto: Test that we correctly check the hash when decrypting attachments. 2020-09-18 17:49:44 +02:00
Damir Jelić 562bb5aee3 crypto: Remove some dead key requests code for now. 2020-09-18 17:26:56 +02:00
Damir Jelić dea3e4adf4 crypto: Document when a key export may panic. 2020-09-18 14:04:39 +02:00
Damir Jelić 5d5d5bb141 crypto: Hook up the key requesting to the main state machine. 2020-09-18 13:50:13 +02:00
Damir Jelić c58cf71be1 crypto: Send out key request cancellations once we receive a key. 2020-09-18 13:49:46 +02:00
Damir Jelić af4b00195b crypto: Implement the key/value store for the sqlite store. 2020-09-18 13:42:51 +02:00
Damir Jelić 300b03bd9e crypto: Add more test for the outgoing key requests. 2020-09-17 17:13:42 +02:00
Damir Jelić a5b195efc7 crypto: Initial tests for the key requests state machine. 2020-09-17 16:55:33 +02:00
Damir Jelić 692f9baa0e crypto: Add logic to handle outgoing key requests. 2020-09-17 16:09:08 +02:00
Damir Jelić 6b24d91ed9 crypto: Add an initial version of our key request state machine. 2020-09-17 14:16:43 +02:00
Damir Jelić 24ce4881c7 crypto: Add a method to save/load arbitrary objects from a CryptoStore.
This actually adds trait methods that save/load strings from the
CryptoStore. We add a wrapper for the CryptoStore since we can't mix
trait objects and generics, so we add generic methods to save/load
anything that implements Serialize/Deserialize.
2020-09-16 16:03:19 +02:00
Damir Jelić 849934b180 crypto: Use a constant for the attachment encryption version. 2020-09-16 12:39:23 +02:00
Damir Jelić ae894e0ff6 crypto: Finish up the attachment encryption.
This adds docs and proper error handling to the attachment encryption.
Zeroing out the key buffers is added as well.
2020-09-16 12:05:44 +02:00
Damir Jelić 890e6cbc73 crypto: Turn an unwrap into a except. 2020-09-15 17:18:31 +02:00
Damir Jelić 3573614640 crypto: Add some TODOs for the key query handling. 2020-09-15 12:13:35 +02:00
Damir Jelić a60f60bd7d Merge branch 'master' into encrypted_attachments 2020-09-15 12:04:37 +02:00
Damir Jelić b628e6286a crypto: Remove an unused import. 2020-09-14 20:27:30 +02:00
Jonas Platte fb47abcc17
Update ruma 2020-09-14 20:26:52 +02:00
Damir Jelić 2d6882c495 crypto: Use a Read implementation for the attachment encryption as well. 2020-09-14 20:06:44 +02:00
Damir Jelić 51f3d90224 crypto: Move the file encryption modules under a submodule. 2020-09-14 17:14:18 +02:00
Damir Jelić 1a140ecc2f crypto: Initial support for attachment encryption. 2020-09-14 16:38:52 +02:00
Damir Jelić ffd2843b0a matrix-sdk: Expose the import/export keys methods. 2020-09-11 16:34:39 +02:00
Damir Jelić 618a58ba34 crypto: Add error handling to the key exports. 2020-09-10 17:02:36 +02:00
Damir Jelić 8af18a4df7 crypto: Test the EncryptionSettings conversion. 2020-09-10 16:21:23 +02:00
Damir Jelić 7790c3db8f crypto: Fix a bunch of clippy warnings. 2020-09-10 16:07:28 +02:00
Damir Jelić e3f4c1849c crypto: Finish up the key export feature. 2020-09-10 15:54:41 +02:00
Damir Jelić 848156213b crypto: Add a PartialEq derive for the exported key struct. 2020-09-10 15:51:39 +02:00
Damir Jelić 23e953d9cf crypto: Hide some methods that shouldn't be public. 2020-09-10 15:49:34 +02:00
Damir Jelić 464e181f66 crypto: Add a method to get all group sessions from the store. 2020-09-10 14:59:20 +02:00
Damir Jelić 7bd0e4975b crypto: Store the forwarding chains for group sessions. 2020-09-09 17:27:10 +02:00
Damir Jelić 127d4c225b crypto: Change the crypto store so we can save multiple group sessions at once. 2020-09-09 16:34:18 +02:00
Damir Jelić 9617d9aac9 crypto: Test the import/export of group sessions. 2020-09-09 16:10:16 +02:00
Damir Jelić e828828ace crypto: Document the exported key -> forwarded room key conversion methods. 2020-09-09 15:11:25 +02:00
Damir Jelić 3e9b0a8e7f crypto: Correctly store the ed25519 key map for inbound group sessions. 2020-09-09 15:03:19 +02:00
Damir Jelić aff1e1d0a8 crypto: Add key export methods for inbound group sessions. 2020-09-09 12:47:28 +02:00
Damir Jelić 98f69aed41 crypto: Remove some duplicated types after the group session split. 2020-09-09 11:52:10 +02:00
Damir Jelić acfd0cdb07 crypto: Split out the group session module into multiple files. 2020-09-09 11:07:49 +02:00
Damir Jelić fc60593801 crypto: Remove some unused into implementation. 2020-09-08 17:34:34 +02:00
Damir Jelić 14226c0778 crypto: Refactor some tests. 2020-09-08 16:17:17 +02:00
Damir Jelić 70ffc43ce0 crypto: Store the trust state of our own identities as well. 2020-09-08 16:07:37 +02:00
Damir Jelić 9810a2f630 crypto: Finish up the cross signing storing for the sqlite store. 2020-09-08 15:24:23 +02:00
Damir Jelić d35cf56dc8 crypto: Disable the real life key export test since it take a lot of time. 2020-09-07 16:59:30 +02:00
Damir Jelić 083cebe735 crypto: Initial WIP user identity storing logic. 2020-09-07 16:57:58 +02:00
Damir Jelić faaf3f7a29 crypto: Identities add some methods to get the keys/signatures of the keys. 2020-09-07 16:57:17 +02:00
Damir Jelić f57447527d crypto: Initial logic for encrypting key exports. 2020-09-04 17:59:56 +02:00
Damir Jelić 8dbc7c38e5 crypto: Correctly split the 2 keys in the key export logic. 2020-09-04 16:34:19 +02:00
Damir Jelić 5a069a8721 Merge branch 'master' into key_export 2020-09-04 14:48:56 +02:00
Damir Jelić 89efcee337 crypto: Move the signature verification method under an Utility struct. 2020-09-04 13:18:31 +02:00
Damir Jelić 22daf0d81e Merge branch 'to-device-txn-uuid' into crypto-improvements 2020-09-04 12:54:40 +02:00
Damir Jelić 53fec7a87e crypto: Don't ignore store errors when fetching the identities. 2020-09-04 12:44:03 +02:00
Damir Jelić adf8905d9f crypto: Rename the memory stores into caches and reorder the store module. 2020-09-04 12:42:40 +02:00
Damir Jelić 7b3dfe2f27 crypto: Move the device and user identities under one module. 2020-09-04 10:51:46 +02:00
Jonas Platte 73c104cac1
Replace IncomingToDeviceRequest with customized request type 2020-09-03 20:02:55 +02:00
Damir Jelić d86c05efb3 crypto: Add a fixme to the sqlite store since it's not storing forwarding chains. 2020-09-02 15:08:24 +02:00
Damir Jelić 8b5bb7d8c5 crypto: Remove the deserialize implementations for our user identity.
Deriving Serialize/Deserialize for an AtomicBool doesn't seem to be
implemented under WASM. So remove the derives for now.
2020-09-02 13:54:04 +02:00
Damir Jelić 2195da1cd8 crypto: Fix some docs. 2020-09-02 12:28:18 +02:00
Damir Jelić 65843f89dc crypto: Simplify the signature loading in the sqlite cryptostore. 2020-09-02 12:24:46 +02:00
Damir Jelić 8b56546565 crypto: Remove an unwrap from the sqlite cryptostore. 2020-09-02 12:17:38 +02:00
Damir Jelić 8c4acf54e0 crypto: Reorder the errors so unpickling now returns the timestamp error. 2020-09-02 12:11:06 +02:00
Damir Jelić c652762255 crypto: Allow user identities to be seralized/deserialized. 2020-09-02 11:54:04 +02:00
Damir Jelić 4bab678e46 crypto: Allow most of the ReadOnlyDevice to be serialized. 2020-09-02 11:49:49 +02:00
Damir Jelić 81b127b6e7 crypto: Modify all the pickling logic so we return serializeable structs. 2020-09-02 11:45:35 +02:00
Damir Jelić 269cfc3d34 crypto: Add a pickled account struct making account storing easier. 2020-09-02 09:37:10 +02:00
Damir Jelić 987d87cd5d crypto: Use the correct async-trait macro for the CryptoStores. 2020-09-01 17:41:30 +02:00
Damir Jelić 0de4a21320 crypto: Expose some missing structs that are needed to implement a cryptostore. 2020-09-01 17:39:51 +02:00
Damir Jelić a2bfa08e09 crypto: Initial decryption method for key exports. 2020-08-26 19:14:24 +02:00
Damir Jelić 39628a308b matrix-sdk: Allow any event content to be sent out with room_send(). 2020-08-26 15:41:27 +02:00
Damir Jelić 6760f81498 matrix-sdk: Update Ruma. 2020-08-26 13:40:38 +02:00
Damir Jelić 95c8708995 crypto: Document and rename the mark_requests_as_sent() method. 2020-08-24 14:49:57 +02:00
Damir Jelić 8d39821a1f crypto: Remove some unused imports from the top level module. 2020-08-24 14:34:22 +02:00
Damir Jelić 2bcbf1eca4 Merge branch 'power-ev-overflow' into master 2020-08-24 14:27:02 +02:00
Damir Jelić 298c260c5f crypto: Document the outgoing request types. 2020-08-23 17:03:04 +02:00
Devin Ragotzy 72614e4252 matrix_sdk_crypto: Appease clippy 2020-08-22 08:00:32 -04:00
Damir Jelić edea5e1c51 crypto: Fix a clippy warning. 2020-08-21 16:46:28 +02:00
Damir Jelić b3941ca254 crypto: Verify user identities when we're the first one to confirm as well. 2020-08-21 16:39:15 +02:00
Damir Jelić c3c6428717 crypto: Remove some clippy warnings. 2020-08-21 16:31:02 +02:00
Damir Jelić de90da4adc crypto: Make the verification machine compatible with how we queue up requests. 2020-08-21 16:26:34 +02:00
Damir Jelić 002531349e crypto: Decluter the main doc page a bit. 2020-08-21 15:06:54 +02:00
Damir Jelić e38bfc64f4 crypto: Streamline the key claiming so we use the new mark request as sent method. 2020-08-21 14:40:49 +02:00
Damir Jelić 93e1967119 crypto: Initial refactor to switch to the outgoing_requests queue. 2020-08-21 13:35:01 +02:00
Damir Jelić aee40977a3 crypto: Clamp the rotation period ms so users can't wedge E2E.
Users may set a very small rotation period this might mean that a
session might expire by the time it's shared ending up in a loop where
we constantly need to share a group session yet never manage to send a
message.
2020-08-21 12:50:16 +02:00
Damir Jelić ce93869915 crypto: Return an Option instead of an empty result for the key uploads. 2020-08-21 09:50:01 +02:00
Damir Jelić 202c20feda crypto: Rename the method to set the local trust of a device. 2020-08-20 18:01:34 +02:00
Damir Jelić c307690c2e crypto: Fix a clippy warning and some spelling. 2020-08-20 16:06:06 +02:00
Damir Jelić 552a12eeed crypto: More docs for the user identities. 2020-08-20 15:52:40 +02:00
Damir Jelić c2ad298963 crypto: Check that the user ids match for the cross signing keys. 2020-08-20 15:40:49 +02:00
Damir Jelić d908d0f817 crypto: Don't allow user identities to verify devices of other users. 2020-08-20 15:17:19 +02:00
Damir Jelić 9edc876160 crypto: Check that the master key and subkeys have the same user id. 2020-08-20 15:14:58 +02:00
Damir Jelić 398edbbe0c crypto: Reset the verification state of our identity if the master keys change. 2020-08-20 15:13:55 +02:00
Damir Jelić 89b56b5af8 crypto: Don't expose the btree map of the master key dirrectly.
This implements PartialEq for the master key so we can check if they
have changed when doing SAS.
2020-08-20 15:06:49 +02:00
Damir Jelić a57f63d614 crypto: Document the user identities. 2020-08-20 14:44:16 +02:00
Damir Jelić 74dd0a00d3 crypto: Simplify the default hashmaps in the memory stores. 2020-08-20 12:23:18 +02:00
Damir Jelić b97e3d7bae crypto: Fix a clippy warning. 2020-08-20 10:49:14 +02:00
Damir Jelić c3eb4d8106 crypto: Simplify some more function definitions. 2020-08-20 10:36:58 +02:00
Damir Jelić ea49a35b43 crypto: Simplify the function signature of share_group_session. 2020-08-20 10:25:05 +02:00
Damir Jelić a99e47c310 crypto: Shorten some log lines. 2020-08-20 10:23:16 +02:00
Damir Jelić 69fbe65ac4 crypto: Add some docs for the cross signing keys handling method. 2020-08-20 10:21:00 +02:00
Damir Jelić aaa15c768c crypto: Simplify the Olm message map construction. 2020-08-20 10:19:55 +02:00
Damir Jelić 58185e08e8 crypto: Move the olm_encrypt() method into the higher level Device. 2020-08-20 10:18:36 +02:00
Damir Jelić 1bd15b9fdd crypto: Remove some unneeded clones. 2020-08-19 18:04:06 +02:00
Damir Jelić 23126c4e48 crypto: Disable the sqlite store test if the feature is disabled. 2020-08-19 17:55:28 +02:00
Damir Jelić 6f5352b9a9 crypto: Test the signature checking of user identities. 2020-08-19 17:52:38 +02:00
Damir Jelić eb16737d3b crypto: Add some comments about the order of signature checks. 2020-08-19 15:35:34 +02:00
Damir Jelić 56309ae12c matrix-sdk: Bump the versions of our deps. 2020-08-19 14:52:11 +02:00
Damir Jelić 7f23cbbeb5 crypto: Add a TODO about cross signing signatures. 2020-08-19 14:49:40 +02:00
Damir Jelić 3153a81cd2 crypto: Add support to check the cross signing verification state of a device. 2020-08-19 14:47:22 +02:00
Damir Jelić c3e593d998 crypto: The device identity can be our own, so store the identity enum instead. 2020-08-19 14:43:49 +02:00
Damir Jelić c2a386b889 crypto: Fix a clippy warning. 2020-08-19 14:40:04 +02:00
Damir Jelić 317a141e07 crypto: If our own identity passed a SAS flow, mark it as verified. 2020-08-19 14:34:18 +02:00
Damir Jelić 3990e50ca6 crypto: Store the verified identities in the SAS states. 2020-08-19 14:28:16 +02:00
Damir Jelić 90ea0229f2 crypto: Rename TrustState to LocalTrust since.
We might still trust the device event if our local trust isn't set, so
rename the enum to better reflect that meaning.
2020-08-19 11:20:08 +02:00
Damir Jelić a42af5da69 crypto: Let the device hold on to identities.
This makes it possible to check the verification state of the device
directly.
2020-08-19 10:58:14 +02:00
Damir Jelić f63a01a85b crypto: Remove a stale TODO. 2020-08-18 15:36:04 +02:00
Damir Jelić 27e1fb9a35 crypto: Pass the user identity to the SAS object when a start event is received. 2020-08-18 15:25:00 +02:00
Damir Jelić c21517c61e crypto: Store the changed user identities. 2020-08-18 15:23:37 +02:00
Damir Jelić f626f2b24e crypto: Add some logging for the user identity update logic. 2020-08-18 15:22:30 +02:00
Damir Jelić 37a7f69e03 crypto: Implement storage for the user identities in the memory store. 2020-08-18 15:13:56 +02:00
Damir Jelić 38cf771f1f crypto: Pass the identity further through the SAS layer and try to verify it. 2020-08-18 14:24:27 +02:00
Damir Jelić 6d0b73cb3d crypto: Pass the user identity to the SAS object when doing verifications. 2020-08-18 13:37:02 +02:00
Damir Jelić f96437a242 crypto: Initial scaffolding for handling user identities in key queries. 2020-08-18 12:50:03 +02:00
Damir Jelić 6db7eb0694 crypto: Add a method to directly verify a device. 2020-08-17 17:36:07 +02:00
Damir Jelić 84c0311d80 crypto: Rename the UserDevicesWrap struct. 2020-08-17 17:12:39 +02:00
Damir Jelić de097d3ca0 crypto: Rename UserDevices to ReadOnlyUserDevices. 2020-08-17 17:01:38 +02:00
Damir Jelić 0f26e7e3bc crypto: Fix the doc for the read-only device. 2020-08-17 16:40:37 +02:00
Damir Jelić 91db502cfe crypto: Rename DeviceWrap to Device. 2020-08-17 16:36:50 +02:00
Damir Jelić 43aea6e482 crypto: Rename Device to ReadOnlyDevice. 2020-08-17 16:17:28 +02:00
Damir Jelić fd8377bce2 crypto: Add device wrappers so that the verification can be started with a device. 2020-08-17 15:36:45 +02:00
Damir Jelić 16a115d27e Merge branch 'up-ruma' into master 2020-08-17 11:17:02 +02:00
Damir Jelić 8167f5e9de crypto: Simplify the function signature of the share group session method. 2020-08-16 16:25:48 +02:00
Damir Jelić 5876c89858 crypto: The mark_user_as_changed method doesn't need to be public. 2020-08-15 15:51:04 +02:00
Jonas Platte 5040be042f
Update ruma 2020-08-15 15:17:27 +02:00
Damir Jelić 09f009ebd7 matrix-sdk: Bump our deps. 2020-08-14 17:11:54 +02:00
Damir Jelić 664d8c239c crypto: Don't share group sessions with blacklisted devices. 2020-08-14 16:20:49 +02:00
Damir Jelić 97ad060d4b crypto: Test that we can create other users identities. 2020-08-14 16:18:18 +02:00
Damir Jelić f4de3580b6 crypto: Expose the device/identity verification methods through the identities. 2020-08-14 15:32:44 +02:00
Damir Jelić 0fc5134563 crypto: Add methods to check if a cross signing key signed a device. 2020-08-14 15:06:24 +02:00
Damir Jelić b0de9d1809 crypto: Allow some test methods to be dead code since macOS can't use them. 2020-08-14 15:04:59 +02:00
Damir Jelić 75fa7e97f9 crypto: Remove some unneeded clones. 2020-08-14 14:29:53 +02:00
Damir Jelić d21e8213b5 crypto: Don't panic if the key id can't be parsed. 2020-08-14 14:25:51 +02:00
Damir Jelić 181c2a92de crypto: Initial scaffolding for the public cross signing keys. 2020-08-14 14:10:29 +02:00
Damir Jelić 08d76f2ff4 crypto: Pass the device key id to the verify signature method. 2020-08-14 14:08:53 +02:00
Damir Jelić 5b758b8344 crypto: Don't allow dead code in the SAS layer anymore. 2020-08-14 11:09:50 +02:00
Damir Jelić 499f2796ba crypto: Add some logging to the MAC calculation for SAS. 2020-08-14 10:57:17 +02:00