2020-10-18 03:02:14 +03:00
|
|
|
#include "Olm.h"
|
|
|
|
|
2020-06-09 19:36:41 +03:00
|
|
|
#include <QObject>
|
2020-10-27 19:45:28 +03:00
|
|
|
#include <nlohmann/json.hpp>
|
2019-12-14 19:08:36 +03:00
|
|
|
#include <variant>
|
2018-09-01 13:35:10 +03:00
|
|
|
|
2018-06-10 20:03:45 +03:00
|
|
|
#include "Cache.h"
|
2020-08-06 22:46:16 +03:00
|
|
|
#include "Cache_p.h"
|
2020-06-09 19:36:41 +03:00
|
|
|
#include "ChatPage.h"
|
2020-07-17 23:16:30 +03:00
|
|
|
#include "DeviceVerificationFlow.h"
|
2018-07-17 16:37:25 +03:00
|
|
|
#include "Logging.h"
|
2018-07-07 23:59:23 +03:00
|
|
|
#include "MatrixClient.h"
|
2020-10-18 01:52:35 +03:00
|
|
|
#include "UserSettingsPage.h"
|
2018-07-22 16:36:25 +03:00
|
|
|
#include "Utils.h"
|
2018-06-10 20:03:45 +03:00
|
|
|
|
2018-06-18 12:56:47 +03:00
|
|
|
static const std::string STORAGE_SECRET_KEY("secret");
|
2018-06-25 17:19:52 +03:00
|
|
|
constexpr auto MEGOLM_ALGO = "m.megolm.v1.aes-sha2";
|
2018-06-18 12:56:47 +03:00
|
|
|
|
2018-06-10 20:03:45 +03:00
|
|
|
namespace {
|
|
|
|
auto client_ = std::make_unique<mtx::crypto::OlmClient>();
|
|
|
|
}
|
|
|
|
|
|
|
|
namespace olm {
|
2020-10-27 19:45:28 +03:00
|
|
|
void
|
|
|
|
from_json(const nlohmann::json &obj, OlmMessage &msg)
|
|
|
|
{
|
|
|
|
if (obj.at("type") != "m.room.encrypted")
|
|
|
|
throw std::invalid_argument("invalid type for olm message");
|
|
|
|
|
|
|
|
if (obj.at("content").at("algorithm") != OLM_ALGO)
|
|
|
|
throw std::invalid_argument("invalid algorithm for olm message");
|
|
|
|
|
|
|
|
msg.sender = obj.at("sender");
|
|
|
|
msg.sender_key = obj.at("content").at("sender_key");
|
|
|
|
msg.ciphertext = obj.at("content")
|
|
|
|
.at("ciphertext")
|
|
|
|
.get<std::map<std::string, mtx::events::msg::OlmCipherContent>>();
|
|
|
|
}
|
2018-06-10 20:03:45 +03:00
|
|
|
|
|
|
|
mtx::crypto::OlmClient *
|
|
|
|
client()
|
|
|
|
{
|
|
|
|
return client_.get();
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2020-05-12 20:09:53 +03:00
|
|
|
handle_to_device_messages(const std::vector<mtx::events::collections::DeviceEvents> &msgs)
|
2018-06-10 20:03:45 +03:00
|
|
|
{
|
|
|
|
if (msgs.empty())
|
|
|
|
return;
|
2018-06-14 02:28:35 +03:00
|
|
|
nhlog::crypto()->info("received {} to_device messages", msgs.size());
|
2020-05-12 20:09:53 +03:00
|
|
|
nlohmann::json j_msg;
|
2018-06-10 20:03:45 +03:00
|
|
|
|
|
|
|
for (const auto &msg : msgs) {
|
2020-05-15 14:03:51 +03:00
|
|
|
j_msg = std::visit([](auto &e) { return json(e); }, std::move(msg));
|
2020-05-12 20:09:53 +03:00
|
|
|
if (j_msg.count("type") == 0) {
|
2018-06-27 21:24:25 +03:00
|
|
|
nhlog::crypto()->warn("received message with no type field: {}",
|
2020-05-12 20:09:53 +03:00
|
|
|
j_msg.dump(2));
|
2018-06-27 21:24:25 +03:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2020-05-12 20:09:53 +03:00
|
|
|
std::string msg_type = j_msg.at("type");
|
2018-06-27 21:24:25 +03:00
|
|
|
|
|
|
|
if (msg_type == to_string(mtx::events::EventType::RoomEncrypted)) {
|
|
|
|
try {
|
2020-10-20 14:46:05 +03:00
|
|
|
olm::OlmMessage olm_msg = j_msg;
|
2018-06-27 21:24:25 +03:00
|
|
|
handle_olm_message(std::move(olm_msg));
|
|
|
|
} catch (const nlohmann::json::exception &e) {
|
|
|
|
nhlog::crypto()->warn(
|
2020-05-12 20:09:53 +03:00
|
|
|
"parsing error for olm message: {} {}", e.what(), j_msg.dump(2));
|
2018-06-27 21:24:25 +03:00
|
|
|
} catch (const std::invalid_argument &e) {
|
2020-05-15 14:03:51 +03:00
|
|
|
nhlog::crypto()->warn("validation error for olm message: {} {}",
|
|
|
|
e.what(),
|
|
|
|
j_msg.dump(2));
|
2018-06-27 21:24:25 +03:00
|
|
|
}
|
|
|
|
|
2018-07-07 23:59:23 +03:00
|
|
|
} else if (msg_type == to_string(mtx::events::EventType::RoomKeyRequest)) {
|
2020-05-12 20:09:53 +03:00
|
|
|
nhlog::crypto()->warn("handling key request event: {}", j_msg.dump(2));
|
2018-07-07 23:59:23 +03:00
|
|
|
try {
|
2020-05-12 20:09:53 +03:00
|
|
|
mtx::events::DeviceEvent<mtx::events::msg::KeyRequest> req = j_msg;
|
|
|
|
if (req.content.action == mtx::events::msg::RequestAction::Request)
|
|
|
|
handle_key_request_message(req);
|
2018-07-07 23:59:23 +03:00
|
|
|
else
|
|
|
|
nhlog::crypto()->warn(
|
|
|
|
"ignore key request (unhandled action): {}",
|
2020-05-12 20:09:53 +03:00
|
|
|
req.content.request_id);
|
2018-07-07 23:59:23 +03:00
|
|
|
} catch (const nlohmann::json::exception &e) {
|
|
|
|
nhlog::crypto()->warn(
|
|
|
|
"parsing error for key_request message: {} {}",
|
|
|
|
e.what(),
|
2020-05-12 20:09:53 +03:00
|
|
|
j_msg.dump(2));
|
2018-07-07 23:59:23 +03:00
|
|
|
}
|
2020-06-09 19:36:41 +03:00
|
|
|
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationAccept)) {
|
2020-07-17 23:16:30 +03:00
|
|
|
auto message = std::get<
|
|
|
|
mtx::events::DeviceEvent<mtx::events::msg::KeyVerificationAccept>>(msg);
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationAccept(message.content);
|
2020-06-09 19:36:41 +03:00
|
|
|
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationRequest)) {
|
2020-07-17 23:16:30 +03:00
|
|
|
auto message = std::get<
|
|
|
|
mtx::events::DeviceEvent<mtx::events::msg::KeyVerificationRequest>>(msg);
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationRequest(message.content,
|
2020-07-17 23:16:30 +03:00
|
|
|
message.sender);
|
2020-06-09 19:36:41 +03:00
|
|
|
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationCancel)) {
|
2020-07-17 23:16:30 +03:00
|
|
|
auto message = std::get<
|
|
|
|
mtx::events::DeviceEvent<mtx::events::msg::KeyVerificationCancel>>(msg);
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationCancel(message.content);
|
2020-06-09 19:36:41 +03:00
|
|
|
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationKey)) {
|
2020-07-17 23:16:30 +03:00
|
|
|
auto message =
|
|
|
|
std::get<mtx::events::DeviceEvent<mtx::events::msg::KeyVerificationKey>>(
|
|
|
|
msg);
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationKey(message.content);
|
2020-06-09 19:36:41 +03:00
|
|
|
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationMac)) {
|
2020-07-17 23:16:30 +03:00
|
|
|
auto message =
|
|
|
|
std::get<mtx::events::DeviceEvent<mtx::events::msg::KeyVerificationMac>>(
|
|
|
|
msg);
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationMac(message.content);
|
2020-06-09 19:36:41 +03:00
|
|
|
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationStart)) {
|
2020-07-17 23:16:30 +03:00
|
|
|
auto message = std::get<
|
|
|
|
mtx::events::DeviceEvent<mtx::events::msg::KeyVerificationStart>>(msg);
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationStart(message.content,
|
2020-07-17 23:16:30 +03:00
|
|
|
message.sender);
|
2020-06-23 01:05:56 +03:00
|
|
|
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationReady)) {
|
2020-07-17 23:16:30 +03:00
|
|
|
auto message = std::get<
|
|
|
|
mtx::events::DeviceEvent<mtx::events::msg::KeyVerificationReady>>(msg);
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationReady(message.content);
|
2020-06-23 01:05:56 +03:00
|
|
|
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationDone)) {
|
2020-07-17 23:16:30 +03:00
|
|
|
auto message =
|
|
|
|
std::get<mtx::events::DeviceEvent<mtx::events::msg::KeyVerificationDone>>(
|
|
|
|
msg);
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationDone(message.content);
|
2018-06-27 21:24:25 +03:00
|
|
|
} else {
|
2020-05-12 20:09:53 +03:00
|
|
|
nhlog::crypto()->warn("unhandled event: {}", j_msg.dump(2));
|
2018-06-10 20:03:45 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
handle_olm_message(const OlmMessage &msg)
|
|
|
|
{
|
2018-06-14 02:28:35 +03:00
|
|
|
nhlog::crypto()->info("sender : {}", msg.sender);
|
|
|
|
nhlog::crypto()->info("sender_key: {}", msg.sender_key);
|
2018-06-10 20:03:45 +03:00
|
|
|
|
|
|
|
const auto my_key = olm::client()->identity_keys().curve25519;
|
|
|
|
|
|
|
|
for (const auto &cipher : msg.ciphertext) {
|
|
|
|
// We skip messages not meant for the current device.
|
|
|
|
if (cipher.first != my_key)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
const auto type = cipher.second.type;
|
2018-06-14 02:28:35 +03:00
|
|
|
nhlog::crypto()->info("type: {}", type == 0 ? "OLM_PRE_KEY" : "OLM_MESSAGE");
|
2018-06-10 20:03:45 +03:00
|
|
|
|
2018-06-15 01:35:31 +03:00
|
|
|
auto payload = try_olm_decryption(msg.sender_key, cipher.second);
|
|
|
|
|
2020-10-02 14:46:32 +03:00
|
|
|
if (payload.is_null()) {
|
|
|
|
// Check for PRE_KEY message
|
|
|
|
if (cipher.second.type == 0) {
|
|
|
|
payload = handle_pre_key_olm_message(
|
|
|
|
msg.sender, msg.sender_key, cipher.second);
|
|
|
|
} else {
|
|
|
|
nhlog::crypto()->error("Undecryptable olm message!");
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-09-03 06:59:32 +03:00
|
|
|
if (!payload.is_null()) {
|
|
|
|
std::string msg_type = payload["type"];
|
|
|
|
|
|
|
|
if (msg_type == to_string(mtx::events::EventType::KeyVerificationAccept)) {
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationAccept(
|
2020-09-03 06:59:32 +03:00
|
|
|
payload["content"]);
|
|
|
|
return;
|
|
|
|
} else if (msg_type ==
|
|
|
|
to_string(mtx::events::EventType::KeyVerificationRequest)) {
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationRequest(
|
2020-09-03 06:59:32 +03:00
|
|
|
payload["content"], payload["sender"]);
|
|
|
|
return;
|
|
|
|
} else if (msg_type ==
|
|
|
|
to_string(mtx::events::EventType::KeyVerificationCancel)) {
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationCancel(
|
2020-09-03 06:59:32 +03:00
|
|
|
payload["content"]);
|
|
|
|
return;
|
|
|
|
} else if (msg_type ==
|
|
|
|
to_string(mtx::events::EventType::KeyVerificationKey)) {
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationKey(
|
2020-09-03 06:59:32 +03:00
|
|
|
payload["content"]);
|
|
|
|
return;
|
|
|
|
} else if (msg_type ==
|
|
|
|
to_string(mtx::events::EventType::KeyVerificationMac)) {
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationMac(
|
2020-09-03 06:59:32 +03:00
|
|
|
payload["content"]);
|
|
|
|
return;
|
|
|
|
} else if (msg_type ==
|
|
|
|
to_string(mtx::events::EventType::KeyVerificationStart)) {
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationStart(
|
2020-09-03 06:59:32 +03:00
|
|
|
payload["content"], payload["sender"]);
|
|
|
|
return;
|
|
|
|
} else if (msg_type ==
|
|
|
|
to_string(mtx::events::EventType::KeyVerificationReady)) {
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationReady(
|
2020-09-03 06:59:32 +03:00
|
|
|
payload["content"]);
|
|
|
|
return;
|
|
|
|
} else if (msg_type ==
|
|
|
|
to_string(mtx::events::EventType::KeyVerificationDone)) {
|
2020-10-05 23:12:10 +03:00
|
|
|
ChatPage::instance()->receivedDeviceVerificationDone(
|
2020-09-03 06:59:32 +03:00
|
|
|
payload["content"]);
|
|
|
|
return;
|
2020-10-02 14:46:32 +03:00
|
|
|
} else if (msg_type == to_string(mtx::events::EventType::RoomKey)) {
|
|
|
|
mtx::events::DeviceEvent<mtx::events::msg::RoomKey> roomKey =
|
|
|
|
payload;
|
|
|
|
create_inbound_megolm_session(roomKey, msg.sender_key);
|
|
|
|
return;
|
|
|
|
} else if (msg_type ==
|
|
|
|
to_string(mtx::events::EventType::ForwardedRoomKey)) {
|
|
|
|
mtx::events::DeviceEvent<mtx::events::msg::ForwardedRoomKey>
|
|
|
|
roomKey = payload;
|
|
|
|
import_inbound_megolm_session(roomKey);
|
|
|
|
return;
|
2020-09-03 06:59:32 +03:00
|
|
|
}
|
|
|
|
}
|
2018-06-10 20:03:45 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-10-02 14:46:32 +03:00
|
|
|
nlohmann::json
|
2018-06-10 20:03:45 +03:00
|
|
|
handle_pre_key_olm_message(const std::string &sender,
|
|
|
|
const std::string &sender_key,
|
2018-06-27 21:24:25 +03:00
|
|
|
const mtx::events::msg::OlmCipherContent &content)
|
2018-06-10 20:03:45 +03:00
|
|
|
{
|
2018-06-14 02:28:35 +03:00
|
|
|
nhlog::crypto()->info("opening olm session with {}", sender);
|
2018-06-10 20:03:45 +03:00
|
|
|
|
2018-09-15 00:40:16 +03:00
|
|
|
mtx::crypto::OlmSessionPtr inbound_session = nullptr;
|
2018-06-10 20:03:45 +03:00
|
|
|
try {
|
2018-06-18 12:29:24 +03:00
|
|
|
inbound_session =
|
|
|
|
olm::client()->create_inbound_session_from(sender_key, content.body);
|
2018-06-15 01:35:31 +03:00
|
|
|
|
|
|
|
// We also remove the one time key used to establish that
|
|
|
|
// session so we'll have to update our copy of the account object.
|
2019-12-15 04:56:04 +03:00
|
|
|
cache::saveOlmAccount(olm::client()->save("secret"));
|
2018-09-15 00:40:16 +03:00
|
|
|
} catch (const mtx::crypto::olm_exception &e) {
|
2018-06-14 02:28:35 +03:00
|
|
|
nhlog::crypto()->critical(
|
2018-06-10 20:03:45 +03:00
|
|
|
"failed to create inbound session with {}: {}", sender, e.what());
|
2020-10-02 14:46:32 +03:00
|
|
|
return {};
|
2018-06-10 20:03:45 +03:00
|
|
|
}
|
|
|
|
|
2018-09-15 00:40:16 +03:00
|
|
|
if (!mtx::crypto::matches_inbound_session_from(
|
|
|
|
inbound_session.get(), sender_key, content.body)) {
|
2018-06-14 02:28:35 +03:00
|
|
|
nhlog::crypto()->warn("inbound olm session doesn't match sender's key ({})",
|
|
|
|
sender);
|
2020-10-02 14:46:32 +03:00
|
|
|
return {};
|
2018-06-10 20:03:45 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
mtx::crypto::BinaryBuf output;
|
|
|
|
try {
|
2018-06-15 01:35:31 +03:00
|
|
|
output =
|
|
|
|
olm::client()->decrypt_message(inbound_session.get(), content.type, content.body);
|
2018-09-15 00:40:16 +03:00
|
|
|
} catch (const mtx::crypto::olm_exception &e) {
|
2018-06-14 02:28:35 +03:00
|
|
|
nhlog::crypto()->critical(
|
2018-06-10 20:03:45 +03:00
|
|
|
"failed to decrypt olm message {}: {}", content.body, e.what());
|
2020-10-02 14:46:32 +03:00
|
|
|
return {};
|
2018-06-10 20:03:45 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
auto plaintext = json::parse(std::string((char *)output.data(), output.size()));
|
2018-09-30 14:33:54 +03:00
|
|
|
nhlog::crypto()->debug("decrypted message: \n {}", plaintext.dump(2));
|
2018-06-10 20:03:45 +03:00
|
|
|
|
|
|
|
try {
|
2020-10-20 22:35:49 +03:00
|
|
|
nhlog::crypto()->debug("New olm session: {}",
|
|
|
|
mtx::crypto::session_id(inbound_session.get()));
|
2020-10-20 14:46:05 +03:00
|
|
|
cache::saveOlmSession(
|
|
|
|
sender_key, std::move(inbound_session), QDateTime::currentMSecsSinceEpoch());
|
2018-06-15 01:35:31 +03:00
|
|
|
} catch (const lmdb::error &e) {
|
|
|
|
nhlog::db()->warn(
|
|
|
|
"failed to save inbound olm session from {}: {}", sender, e.what());
|
2018-06-10 20:03:45 +03:00
|
|
|
}
|
|
|
|
|
2020-10-02 14:46:32 +03:00
|
|
|
return plaintext;
|
2018-06-10 20:03:45 +03:00
|
|
|
}
|
|
|
|
|
2018-06-13 12:28:00 +03:00
|
|
|
mtx::events::msg::Encrypted
|
2020-01-13 14:37:02 +03:00
|
|
|
encrypt_group_message(const std::string &room_id, const std::string &device_id, nlohmann::json body)
|
2018-06-13 12:28:00 +03:00
|
|
|
{
|
|
|
|
using namespace mtx::events;
|
|
|
|
|
2020-01-13 14:37:02 +03:00
|
|
|
// relations shouldn't be encrypted...
|
2020-05-04 14:14:54 +03:00
|
|
|
mtx::common::ReplyRelatesTo relation;
|
2020-08-30 14:02:28 +03:00
|
|
|
mtx::common::RelatesTo r_relation;
|
2020-08-18 08:59:02 +03:00
|
|
|
|
2020-06-20 20:26:54 +03:00
|
|
|
if (body["content"].contains("m.relates_to") &&
|
|
|
|
body["content"]["m.relates_to"].contains("m.in_reply_to")) {
|
2020-01-13 14:37:02 +03:00
|
|
|
relation = body["content"]["m.relates_to"];
|
|
|
|
body["content"].erase("m.relates_to");
|
2020-08-18 08:59:02 +03:00
|
|
|
} else if (body["content"]["m.relates_to"].contains("event_id")) {
|
|
|
|
r_relation = body["content"]["m.relates_to"];
|
|
|
|
body["content"].erase("m.relates_to");
|
2020-01-13 14:37:02 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
// Always check before for existence.
|
2019-12-15 04:56:04 +03:00
|
|
|
auto res = cache::getOutboundMegolmSession(room_id);
|
2020-01-13 14:37:02 +03:00
|
|
|
auto payload = olm::client()->encrypt_group_message(res.session, body.dump());
|
2018-06-13 12:28:00 +03:00
|
|
|
|
|
|
|
// Prepare the m.room.encrypted event.
|
|
|
|
msg::Encrypted data;
|
2020-08-18 08:59:02 +03:00
|
|
|
data.ciphertext = std::string((char *)payload.data(), payload.size());
|
|
|
|
data.sender_key = olm::client()->identity_keys().curve25519;
|
|
|
|
data.session_id = res.data.session_id;
|
|
|
|
data.device_id = device_id;
|
|
|
|
data.algorithm = MEGOLM_ALGO;
|
|
|
|
data.relates_to = relation;
|
|
|
|
data.r_relates_to = r_relation;
|
2018-06-13 12:28:00 +03:00
|
|
|
|
|
|
|
auto message_index = olm_outbound_group_session_message_index(res.session);
|
2020-04-23 02:52:30 +03:00
|
|
|
nhlog::crypto()->debug("next message_index {}", message_index);
|
2018-06-13 12:28:00 +03:00
|
|
|
|
|
|
|
// We need to re-pickle the session after we send a message to save the new message_index.
|
2019-12-15 04:56:04 +03:00
|
|
|
cache::updateOutboundMegolmSession(room_id, message_index);
|
2018-06-13 12:28:00 +03:00
|
|
|
|
|
|
|
return data;
|
|
|
|
}
|
|
|
|
|
2018-07-14 16:27:51 +03:00
|
|
|
nlohmann::json
|
2018-06-27 21:24:25 +03:00
|
|
|
try_olm_decryption(const std::string &sender_key, const mtx::events::msg::OlmCipherContent &msg)
|
2018-06-15 01:35:31 +03:00
|
|
|
{
|
2019-12-15 04:56:04 +03:00
|
|
|
auto session_ids = cache::getOlmSessions(sender_key);
|
2018-06-15 01:35:31 +03:00
|
|
|
|
2018-06-18 12:29:24 +03:00
|
|
|
nhlog::crypto()->info("attempt to decrypt message with {} known session_ids",
|
|
|
|
session_ids.size());
|
|
|
|
|
2018-06-15 01:35:31 +03:00
|
|
|
for (const auto &id : session_ids) {
|
2019-12-15 04:56:04 +03:00
|
|
|
auto session = cache::getOlmSession(sender_key, id);
|
2018-06-15 01:35:31 +03:00
|
|
|
|
|
|
|
if (!session)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
mtx::crypto::BinaryBuf text;
|
|
|
|
|
|
|
|
try {
|
|
|
|
text = olm::client()->decrypt_message(session->get(), msg.type, msg.body);
|
2020-10-20 22:35:49 +03:00
|
|
|
nhlog::crypto()->debug("Updated olm session: {}",
|
|
|
|
mtx::crypto::session_id(session->get()));
|
2020-10-20 14:46:05 +03:00
|
|
|
cache::saveOlmSession(
|
|
|
|
id, std::move(session.value()), QDateTime::currentMSecsSinceEpoch());
|
2018-09-15 00:40:16 +03:00
|
|
|
} catch (const mtx::crypto::olm_exception &e) {
|
2018-09-30 14:33:54 +03:00
|
|
|
nhlog::crypto()->debug("failed to decrypt olm message ({}, {}) with {}: {}",
|
|
|
|
msg.type,
|
|
|
|
sender_key,
|
|
|
|
id,
|
|
|
|
e.what());
|
2018-06-15 01:35:31 +03:00
|
|
|
continue;
|
|
|
|
} catch (const lmdb::error &e) {
|
|
|
|
nhlog::crypto()->critical("failed to save session: {}", e.what());
|
|
|
|
return {};
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
2020-10-02 14:46:32 +03:00
|
|
|
return json::parse(std::string_view((char *)text.data(), text.size()));
|
2018-06-15 01:35:31 +03:00
|
|
|
} catch (const json::exception &e) {
|
2020-10-02 14:46:32 +03:00
|
|
|
nhlog::crypto()->critical(
|
|
|
|
"failed to parse the decrypted session msg: {} {}",
|
|
|
|
e.what(),
|
|
|
|
std::string_view((char *)text.data(), text.size()));
|
2018-06-15 01:35:31 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return {};
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2020-10-02 14:46:32 +03:00
|
|
|
create_inbound_megolm_session(const mtx::events::DeviceEvent<mtx::events::msg::RoomKey> &roomKey,
|
|
|
|
const std::string &sender_key)
|
2018-06-15 01:35:31 +03:00
|
|
|
{
|
2020-10-02 14:46:32 +03:00
|
|
|
MegolmSessionIndex index;
|
|
|
|
index.room_id = roomKey.content.room_id;
|
|
|
|
index.session_id = roomKey.content.session_id;
|
|
|
|
index.sender_key = sender_key;
|
2018-06-15 01:35:31 +03:00
|
|
|
|
|
|
|
try {
|
2020-10-02 14:46:32 +03:00
|
|
|
auto megolm_session =
|
|
|
|
olm::client()->init_inbound_group_session(roomKey.content.session_key);
|
|
|
|
cache::saveInboundMegolmSession(index, std::move(megolm_session));
|
|
|
|
} catch (const lmdb::error &e) {
|
|
|
|
nhlog::crypto()->critical("failed to save inbound megolm session: {}", e.what());
|
|
|
|
return;
|
|
|
|
} catch (const mtx::crypto::olm_exception &e) {
|
|
|
|
nhlog::crypto()->critical("failed to create inbound megolm session: {}", e.what());
|
2018-06-15 01:35:31 +03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-10-02 14:46:32 +03:00
|
|
|
nhlog::crypto()->info(
|
|
|
|
"established inbound megolm session ({}, {})", roomKey.content.room_id, roomKey.sender);
|
2020-10-23 17:09:56 +03:00
|
|
|
|
|
|
|
ChatPage::instance()->receivedSessionKey(index.room_id, index.session_id);
|
2020-10-02 14:46:32 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
import_inbound_megolm_session(
|
|
|
|
const mtx::events::DeviceEvent<mtx::events::msg::ForwardedRoomKey> &roomKey)
|
|
|
|
{
|
2018-06-15 01:35:31 +03:00
|
|
|
MegolmSessionIndex index;
|
2020-10-02 14:46:32 +03:00
|
|
|
index.room_id = roomKey.content.room_id;
|
|
|
|
index.session_id = roomKey.content.session_id;
|
|
|
|
index.sender_key = roomKey.content.sender_key;
|
2018-06-15 01:35:31 +03:00
|
|
|
|
|
|
|
try {
|
2020-10-02 14:46:32 +03:00
|
|
|
auto megolm_session =
|
|
|
|
olm::client()->import_inbound_group_session(roomKey.content.session_key);
|
2019-12-15 04:56:04 +03:00
|
|
|
cache::saveInboundMegolmSession(index, std::move(megolm_session));
|
2018-06-15 01:35:31 +03:00
|
|
|
} catch (const lmdb::error &e) {
|
|
|
|
nhlog::crypto()->critical("failed to save inbound megolm session: {}", e.what());
|
|
|
|
return;
|
2018-09-15 00:40:16 +03:00
|
|
|
} catch (const mtx::crypto::olm_exception &e) {
|
2020-10-02 14:46:32 +03:00
|
|
|
nhlog::crypto()->critical("failed to import inbound megolm session: {}", e.what());
|
2018-06-15 01:35:31 +03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-10-02 14:46:32 +03:00
|
|
|
nhlog::crypto()->info(
|
|
|
|
"established inbound megolm session ({}, {})", roomKey.content.room_id, roomKey.sender);
|
2020-10-20 20:46:37 +03:00
|
|
|
|
|
|
|
ChatPage::instance()->receivedSessionKey(index.room_id, index.session_id);
|
2018-06-15 01:35:31 +03:00
|
|
|
}
|
|
|
|
|
2018-06-18 12:56:47 +03:00
|
|
|
void
|
|
|
|
mark_keys_as_published()
|
|
|
|
{
|
|
|
|
olm::client()->mark_keys_as_published();
|
2019-12-15 04:56:04 +03:00
|
|
|
cache::saveOlmAccount(olm::client()->save(STORAGE_SECRET_KEY));
|
2018-06-18 12:56:47 +03:00
|
|
|
}
|
|
|
|
|
2018-07-07 23:59:23 +03:00
|
|
|
void
|
2020-10-20 20:46:37 +03:00
|
|
|
send_key_request_for(mtx::events::EncryptedEvent<mtx::events::msg::Encrypted> e,
|
|
|
|
const std::string &request_id,
|
|
|
|
bool cancel)
|
2018-07-07 23:59:23 +03:00
|
|
|
{
|
|
|
|
using namespace mtx::events;
|
|
|
|
|
2020-10-20 20:46:37 +03:00
|
|
|
nhlog::crypto()->debug("sending key request: sender_key {}, session_id {}",
|
|
|
|
e.content.sender_key,
|
|
|
|
e.content.session_id);
|
2018-07-07 23:59:23 +03:00
|
|
|
|
2020-08-06 23:18:52 +03:00
|
|
|
mtx::events::msg::KeyRequest request;
|
2020-10-27 19:45:28 +03:00
|
|
|
request.action = !cancel ? mtx::events::msg::RequestAction::Request
|
|
|
|
: mtx::events::msg::RequestAction::Cancellation;
|
2020-08-06 23:18:52 +03:00
|
|
|
request.algorithm = MEGOLM_ALGO;
|
2020-10-20 20:46:37 +03:00
|
|
|
request.room_id = e.room_id;
|
2020-08-06 23:18:52 +03:00
|
|
|
request.sender_key = e.content.sender_key;
|
|
|
|
request.session_id = e.content.session_id;
|
2020-10-20 20:46:37 +03:00
|
|
|
request.request_id = request_id;
|
2020-08-06 23:18:52 +03:00
|
|
|
request.requesting_device_id = http::client()->device_id();
|
|
|
|
|
|
|
|
nhlog::crypto()->debug("m.room_key_request: {}", json(request).dump(2));
|
|
|
|
|
|
|
|
std::map<mtx::identifiers::User, std::map<std::string, decltype(request)>> body;
|
|
|
|
body[mtx::identifiers::parse<mtx::identifiers::User>(e.sender)][e.content.device_id] =
|
|
|
|
request;
|
|
|
|
body[http::client()->user_id()]["*"] = request;
|
|
|
|
|
|
|
|
http::client()->send_to_device(
|
|
|
|
http::client()->generate_txn_id(), body, [e](mtx::http::RequestErr err) {
|
|
|
|
if (err) {
|
|
|
|
nhlog::net()->warn("failed to send "
|
|
|
|
"send_to_device "
|
|
|
|
"message: {}",
|
|
|
|
err->matrix_error.error);
|
|
|
|
}
|
|
|
|
|
|
|
|
nhlog::net()->info("m.room_key_request sent to {}:{} and your own devices",
|
|
|
|
e.sender,
|
|
|
|
e.content.device_id);
|
|
|
|
});
|
2018-07-07 23:59:23 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2020-05-12 20:09:53 +03:00
|
|
|
handle_key_request_message(const mtx::events::DeviceEvent<mtx::events::msg::KeyRequest> &req)
|
2018-07-07 23:59:23 +03:00
|
|
|
{
|
2020-05-12 20:09:53 +03:00
|
|
|
if (req.content.algorithm != MEGOLM_ALGO) {
|
2018-09-30 14:33:54 +03:00
|
|
|
nhlog::crypto()->debug("ignoring key request {} with invalid algorithm: {}",
|
2020-05-12 20:09:53 +03:00
|
|
|
req.content.request_id,
|
|
|
|
req.content.algorithm);
|
2018-07-07 23:59:23 +03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check if we were the sender of the session being requested.
|
2020-05-12 20:09:53 +03:00
|
|
|
if (req.content.sender_key != olm::client()->identity_keys().curve25519) {
|
2018-09-30 14:33:54 +03:00
|
|
|
nhlog::crypto()->debug("ignoring key request {} because we were not the sender: "
|
|
|
|
"\nrequested({}) ours({})",
|
2020-05-12 20:09:53 +03:00
|
|
|
req.content.request_id,
|
|
|
|
req.content.sender_key,
|
2018-09-30 14:33:54 +03:00
|
|
|
olm::client()->identity_keys().curve25519);
|
2018-07-07 23:59:23 +03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check if we have the keys for the requested session.
|
2020-05-12 20:09:53 +03:00
|
|
|
if (!cache::outboundMegolmSessionExists(req.content.room_id)) {
|
2020-05-15 14:03:51 +03:00
|
|
|
nhlog::crypto()->warn("requested session not found in room: {}",
|
|
|
|
req.content.room_id);
|
2020-05-17 16:34:47 +03:00
|
|
|
|
2018-07-07 23:59:23 +03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check that the requested session_id and the one we have saved match.
|
2020-10-17 01:12:26 +03:00
|
|
|
MegolmSessionIndex index{};
|
|
|
|
index.room_id = req.content.room_id;
|
|
|
|
index.session_id = req.content.session_id;
|
|
|
|
index.sender_key = olm::client()->identity_keys().curve25519;
|
|
|
|
|
|
|
|
const auto session = cache::getInboundMegolmSession(index);
|
|
|
|
if (!session) {
|
|
|
|
nhlog::crypto()->warn("No session with id {} in db", req.content.session_id);
|
2018-07-07 23:59:23 +03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-05-12 20:09:53 +03:00
|
|
|
if (!cache::isRoomMember(req.sender, req.content.room_id)) {
|
2018-07-21 21:40:11 +03:00
|
|
|
nhlog::crypto()->warn(
|
|
|
|
"user {} that requested the session key is not member of the room {}",
|
|
|
|
req.sender,
|
2020-05-12 20:09:53 +03:00
|
|
|
req.content.room_id);
|
2018-07-21 21:40:11 +03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-10-18 01:52:35 +03:00
|
|
|
// check if device is verified
|
|
|
|
auto verificationStatus = cache::verificationStatus(req.sender);
|
|
|
|
bool verifiedDevice = false;
|
|
|
|
if (verificationStatus &&
|
|
|
|
ChatPage::instance()->userSettings()->shareKeysWithTrustedUsers()) {
|
|
|
|
for (const auto &dev : verificationStatus->verified_devices) {
|
|
|
|
if (dev == req.content.requesting_device_id) {
|
|
|
|
verifiedDevice = true;
|
2020-10-18 03:02:14 +03:00
|
|
|
nhlog::crypto()->debug("Verified device: {}", dev);
|
2020-10-18 01:52:35 +03:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!utils::respondsToKeyRequests(req.content.room_id) && !verifiedDevice) {
|
2020-05-15 14:03:51 +03:00
|
|
|
nhlog::crypto()->debug("ignoring all key requests for room {}",
|
|
|
|
req.content.room_id);
|
2018-07-22 16:36:25 +03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-10-17 01:12:26 +03:00
|
|
|
auto session_key = mtx::crypto::export_session(session);
|
2018-07-07 23:59:23 +03:00
|
|
|
//
|
|
|
|
// Prepare the m.room_key event.
|
|
|
|
//
|
2020-10-18 03:02:14 +03:00
|
|
|
mtx::events::msg::ForwardedRoomKey forward_key{};
|
|
|
|
forward_key.algorithm = MEGOLM_ALGO;
|
|
|
|
forward_key.room_id = index.room_id;
|
|
|
|
forward_key.session_id = index.session_id;
|
|
|
|
forward_key.session_key = session_key;
|
|
|
|
forward_key.sender_key = index.sender_key;
|
|
|
|
|
|
|
|
// TODO(Nico): Figure out if this is correct
|
|
|
|
forward_key.sender_claimed_ed25519_key = olm::client()->identity_keys().ed25519;
|
|
|
|
forward_key.forwarding_curve25519_key_chain = {};
|
|
|
|
|
|
|
|
send_megolm_key_to_device(req.sender, req.content.requesting_device_id, forward_key);
|
2018-07-07 23:59:23 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
send_megolm_key_to_device(const std::string &user_id,
|
|
|
|
const std::string &device_id,
|
2020-10-18 03:02:14 +03:00
|
|
|
const mtx::events::msg::ForwardedRoomKey &payload)
|
2018-07-07 23:59:23 +03:00
|
|
|
{
|
2020-10-20 19:10:09 +03:00
|
|
|
mtx::events::DeviceEvent<mtx::events::msg::ForwardedRoomKey> room_key;
|
|
|
|
room_key.content = payload;
|
|
|
|
room_key.type = mtx::events::EventType::ForwardedRoomKey;
|
2018-07-07 23:59:23 +03:00
|
|
|
|
2020-10-20 19:10:09 +03:00
|
|
|
std::map<std::string, std::vector<std::string>> targets;
|
|
|
|
targets[user_id] = {device_id};
|
|
|
|
send_encrypted_to_device_messages(targets, room_key);
|
2018-07-07 23:59:23 +03:00
|
|
|
}
|
|
|
|
|
2020-08-06 22:46:16 +03:00
|
|
|
DecryptionResult
|
|
|
|
decryptEvent(const MegolmSessionIndex &index,
|
|
|
|
const mtx::events::EncryptedEvent<mtx::events::msg::Encrypted> &event)
|
|
|
|
{
|
|
|
|
try {
|
|
|
|
if (!cache::client()->inboundMegolmSessionExists(index)) {
|
|
|
|
return {DecryptionErrorCode::MissingSession, std::nullopt, std::nullopt};
|
|
|
|
}
|
|
|
|
} catch (const lmdb::error &e) {
|
|
|
|
return {DecryptionErrorCode::DbError, e.what(), std::nullopt};
|
|
|
|
}
|
|
|
|
|
|
|
|
// TODO: Lookup index,event_id,origin_server_ts tuple for replay attack errors
|
|
|
|
// TODO: Verify sender_key
|
|
|
|
|
|
|
|
std::string msg_str;
|
|
|
|
try {
|
|
|
|
auto session = cache::client()->getInboundMegolmSession(index);
|
|
|
|
auto res = olm::client()->decrypt_group_message(session, event.content.ciphertext);
|
|
|
|
msg_str = std::string((char *)res.data.data(), res.data.size());
|
|
|
|
} catch (const lmdb::error &e) {
|
|
|
|
return {DecryptionErrorCode::DbError, e.what(), std::nullopt};
|
|
|
|
} catch (const mtx::crypto::olm_exception &e) {
|
|
|
|
return {DecryptionErrorCode::DecryptionFailed, e.what(), std::nullopt};
|
|
|
|
}
|
|
|
|
|
|
|
|
// Add missing fields for the event.
|
|
|
|
json body = json::parse(msg_str);
|
|
|
|
body["event_id"] = event.event_id;
|
|
|
|
body["sender"] = event.sender;
|
|
|
|
body["origin_server_ts"] = event.origin_server_ts;
|
|
|
|
body["unsigned"] = event.unsigned_data;
|
|
|
|
|
|
|
|
// relations are unencrypted in content...
|
|
|
|
if (json old_ev = event; old_ev["content"].count("m.relates_to") != 0)
|
|
|
|
body["content"]["m.relates_to"] = old_ev["content"]["m.relates_to"];
|
|
|
|
|
|
|
|
mtx::events::collections::TimelineEvent te;
|
|
|
|
try {
|
|
|
|
mtx::events::collections::from_json(body, te);
|
|
|
|
} catch (std::exception &e) {
|
|
|
|
return {DecryptionErrorCode::ParsingFailed, e.what(), std::nullopt};
|
|
|
|
}
|
|
|
|
|
|
|
|
return {std::nullopt, std::nullopt, std::move(te.data)};
|
|
|
|
}
|
2020-10-20 14:46:05 +03:00
|
|
|
|
2020-10-20 19:10:09 +03:00
|
|
|
//! Send encrypted to device messages, targets is a map from userid to device ids or {} for all
|
|
|
|
//! devices
|
2020-10-20 14:46:05 +03:00
|
|
|
void
|
|
|
|
send_encrypted_to_device_messages(const std::map<std::string, std::vector<std::string>> targets,
|
2020-10-20 19:10:09 +03:00
|
|
|
const mtx::events::collections::DeviceEvents &event,
|
|
|
|
bool force_new_session)
|
2020-10-20 14:46:05 +03:00
|
|
|
{
|
2020-10-20 19:10:09 +03:00
|
|
|
nlohmann::json ev_json = std::visit([](const auto &e) { return json(e); }, event);
|
|
|
|
|
|
|
|
std::map<std::string, std::vector<std::string>> keysToQuery;
|
|
|
|
mtx::requests::ClaimKeys claims;
|
|
|
|
std::map<mtx::identifiers::User, std::map<std::string, mtx::events::msg::OlmEncrypted>>
|
|
|
|
messages;
|
|
|
|
std::map<std::string, std::map<std::string, DevicePublicKeys>> pks;
|
|
|
|
|
|
|
|
for (const auto &[user, devices] : targets) {
|
|
|
|
auto deviceKeys = cache::client()->userKeys(user);
|
|
|
|
|
|
|
|
// no keys for user, query them
|
|
|
|
if (!deviceKeys) {
|
|
|
|
keysToQuery[user] = devices;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
auto deviceTargets = devices;
|
|
|
|
if (devices.empty()) {
|
|
|
|
deviceTargets.clear();
|
|
|
|
for (const auto &[device, keys] : deviceKeys->device_keys) {
|
|
|
|
(void)keys;
|
|
|
|
deviceTargets.push_back(device);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for (const auto &device : deviceTargets) {
|
|
|
|
if (!deviceKeys->device_keys.count(device)) {
|
|
|
|
keysToQuery[user] = {};
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
auto d = deviceKeys->device_keys.at(device);
|
|
|
|
|
|
|
|
auto session =
|
|
|
|
cache::getLatestOlmSession(d.keys.at("curve25519:" + device));
|
|
|
|
if (!session || force_new_session) {
|
|
|
|
claims.one_time_keys[user][device] = mtx::crypto::SIGNED_CURVE25519;
|
|
|
|
pks[user][device].ed25519 = d.keys.at("ed25519:" + device);
|
|
|
|
pks[user][device].curve25519 = d.keys.at("curve25519:" + device);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
messages[mtx::identifiers::parse<mtx::identifiers::User>(user)][device] =
|
|
|
|
olm::client()
|
|
|
|
->create_olm_encrypted_content(session->get(),
|
|
|
|
ev_json,
|
|
|
|
UserId(user),
|
|
|
|
d.keys.at("ed25519:" + device),
|
|
|
|
d.keys.at("curve25519:" + device))
|
|
|
|
.get<mtx::events::msg::OlmEncrypted>();
|
|
|
|
|
|
|
|
try {
|
2020-10-20 22:35:49 +03:00
|
|
|
nhlog::crypto()->debug("Updated olm session: {}",
|
|
|
|
mtx::crypto::session_id(session->get()));
|
2020-10-20 19:10:09 +03:00
|
|
|
cache::saveOlmSession(d.keys.at("curve25519:" + device),
|
|
|
|
std::move(*session),
|
|
|
|
QDateTime::currentMSecsSinceEpoch());
|
|
|
|
} catch (const lmdb::error &e) {
|
|
|
|
nhlog::db()->critical("failed to save outbound olm session: {}",
|
|
|
|
e.what());
|
|
|
|
} catch (const mtx::crypto::olm_exception &e) {
|
|
|
|
nhlog::crypto()->critical(
|
|
|
|
"failed to pickle outbound olm session: {}", e.what());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!messages.empty())
|
|
|
|
http::client()->send_to_device<mtx::events::msg::OlmEncrypted>(
|
|
|
|
http::client()->generate_txn_id(), messages, [](mtx::http::RequestErr err) {
|
|
|
|
if (err) {
|
|
|
|
nhlog::net()->warn("failed to send "
|
|
|
|
"send_to_device "
|
|
|
|
"message: {}",
|
|
|
|
err->matrix_error.error);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
auto BindPks = [ev_json](decltype(pks) pks_temp) {
|
|
|
|
return [pks = pks_temp, ev_json](const mtx::responses::ClaimKeys &res,
|
|
|
|
mtx::http::RequestErr) {
|
|
|
|
std::map<mtx::identifiers::User,
|
|
|
|
std::map<std::string, mtx::events::msg::OlmEncrypted>>
|
|
|
|
messages;
|
|
|
|
for (const auto &[user_id, retrieved_devices] : res.one_time_keys) {
|
|
|
|
nhlog::net()->debug("claimed keys for {}", user_id);
|
|
|
|
if (retrieved_devices.size() == 0) {
|
|
|
|
nhlog::net()->debug(
|
|
|
|
"no one-time keys found for user_id: {}", user_id);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
for (const auto &rd : retrieved_devices) {
|
|
|
|
const auto device_id = rd.first;
|
|
|
|
|
|
|
|
nhlog::net()->debug(
|
|
|
|
"{} : \n {}", device_id, rd.second.dump(2));
|
|
|
|
|
|
|
|
if (rd.second.empty() ||
|
|
|
|
!rd.second.begin()->contains("key")) {
|
|
|
|
nhlog::net()->warn(
|
|
|
|
"Skipping device {} as it has no key.",
|
|
|
|
device_id);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
// TODO: Verify signatures
|
|
|
|
auto otk = rd.second.begin()->at("key");
|
|
|
|
|
|
|
|
auto id_key = pks.at(user_id).at(device_id).curve25519;
|
|
|
|
auto session =
|
|
|
|
olm::client()->create_outbound_session(id_key, otk);
|
|
|
|
|
|
|
|
messages[mtx::identifiers::parse<mtx::identifiers::User>(
|
|
|
|
user_id)][device_id] =
|
|
|
|
olm::client()
|
|
|
|
->create_olm_encrypted_content(
|
|
|
|
session.get(),
|
|
|
|
ev_json,
|
|
|
|
UserId(user_id),
|
|
|
|
pks.at(user_id).at(device_id).ed25519,
|
|
|
|
id_key)
|
|
|
|
.get<mtx::events::msg::OlmEncrypted>();
|
|
|
|
|
|
|
|
try {
|
2020-10-20 22:35:49 +03:00
|
|
|
nhlog::crypto()->debug(
|
|
|
|
"Updated olm session: {}",
|
|
|
|
mtx::crypto::session_id(session.get()));
|
2020-10-20 19:10:09 +03:00
|
|
|
cache::saveOlmSession(
|
|
|
|
id_key,
|
|
|
|
std::move(session),
|
|
|
|
QDateTime::currentMSecsSinceEpoch());
|
|
|
|
} catch (const lmdb::error &e) {
|
|
|
|
nhlog::db()->critical(
|
|
|
|
"failed to save outbound olm session: {}",
|
|
|
|
e.what());
|
|
|
|
} catch (const mtx::crypto::olm_exception &e) {
|
|
|
|
nhlog::crypto()->critical(
|
|
|
|
"failed to pickle outbound olm session: {}",
|
|
|
|
e.what());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
nhlog::net()->info("send_to_device: {}", user_id);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!messages.empty())
|
|
|
|
http::client()->send_to_device<mtx::events::msg::OlmEncrypted>(
|
|
|
|
http::client()->generate_txn_id(),
|
|
|
|
messages,
|
|
|
|
[](mtx::http::RequestErr err) {
|
|
|
|
if (err) {
|
|
|
|
nhlog::net()->warn("failed to send "
|
|
|
|
"send_to_device "
|
|
|
|
"message: {}",
|
|
|
|
err->matrix_error.error);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
http::client()->claim_keys(claims, BindPks(pks));
|
|
|
|
|
|
|
|
if (!keysToQuery.empty()) {
|
|
|
|
mtx::requests::QueryKeys req;
|
|
|
|
req.device_keys = keysToQuery;
|
|
|
|
http::client()->query_keys(
|
|
|
|
req,
|
|
|
|
[ev_json, BindPks](const mtx::responses::QueryKeys &res,
|
|
|
|
mtx::http::RequestErr err) {
|
|
|
|
if (err) {
|
|
|
|
nhlog::net()->warn("failed to query device keys: {} {}",
|
|
|
|
err->matrix_error.error,
|
|
|
|
static_cast<int>(err->status_code));
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
nhlog::net()->info("queried keys");
|
|
|
|
|
|
|
|
cache::client()->updateUserKeys(cache::nextBatchToken(), res);
|
|
|
|
|
|
|
|
mtx::requests::ClaimKeys claim_keys;
|
|
|
|
|
|
|
|
std::map<std::string, std::map<std::string, DevicePublicKeys>> deviceKeys;
|
|
|
|
|
|
|
|
for (const auto &user : res.device_keys) {
|
|
|
|
for (const auto &dev : user.second) {
|
|
|
|
const auto user_id = ::UserId(dev.second.user_id);
|
|
|
|
const auto device_id = DeviceId(dev.second.device_id);
|
|
|
|
|
|
|
|
if (user_id.get() ==
|
|
|
|
http::client()->user_id().to_string() &&
|
|
|
|
device_id.get() == http::client()->device_id())
|
|
|
|
continue;
|
|
|
|
|
|
|
|
const auto device_keys = dev.second.keys;
|
|
|
|
const auto curveKey = "curve25519:" + device_id.get();
|
|
|
|
const auto edKey = "ed25519:" + device_id.get();
|
|
|
|
|
|
|
|
if ((device_keys.find(curveKey) == device_keys.end()) ||
|
|
|
|
(device_keys.find(edKey) == device_keys.end())) {
|
|
|
|
nhlog::net()->debug(
|
|
|
|
"ignoring malformed keys for device {}",
|
|
|
|
device_id.get());
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
DevicePublicKeys pks;
|
|
|
|
pks.ed25519 = device_keys.at(edKey);
|
|
|
|
pks.curve25519 = device_keys.at(curveKey);
|
|
|
|
|
|
|
|
try {
|
|
|
|
if (!mtx::crypto::verify_identity_signature(
|
|
|
|
dev.second, device_id, user_id)) {
|
|
|
|
nhlog::crypto()->warn(
|
|
|
|
"failed to verify identity keys: {}",
|
|
|
|
json(dev.second).dump(2));
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
} catch (const json::exception &e) {
|
|
|
|
nhlog::crypto()->warn(
|
|
|
|
"failed to parse device key json: {}",
|
|
|
|
e.what());
|
|
|
|
continue;
|
|
|
|
} catch (const mtx::crypto::olm_exception &e) {
|
|
|
|
nhlog::crypto()->warn(
|
|
|
|
"failed to verify device key json: {}",
|
|
|
|
e.what());
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
deviceKeys[user_id].emplace(device_id, pks);
|
|
|
|
claim_keys.one_time_keys[user.first][device_id] =
|
|
|
|
mtx::crypto::SIGNED_CURVE25519;
|
|
|
|
|
|
|
|
nhlog::net()->info("{}", device_id.get());
|
|
|
|
nhlog::net()->info(" curve25519 {}", pks.curve25519);
|
|
|
|
nhlog::net()->info(" ed25519 {}", pks.ed25519);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
http::client()->claim_keys(claim_keys, BindPks(deviceKeys));
|
|
|
|
});
|
|
|
|
}
|
2020-10-20 14:46:05 +03:00
|
|
|
}
|
|
|
|
|
2018-06-10 20:03:45 +03:00
|
|
|
} // namespace olm
|