Request secrets after verification

This commit is contained in:
Nicolas Werner 2020-12-17 03:16:06 +01:00
parent 9413f5b8e5
commit 9d2177afe2
2 changed files with 61 additions and 52 deletions

View file

@ -761,6 +761,14 @@ DeviceVerificationFlow::acceptDevice()
cache::markDeviceVerified(this->toClient.to_string(), this->deviceId.toStdString()); cache::markDeviceVerified(this->toClient.to_string(), this->deviceId.toStdString());
this->sendVerificationDone(); this->sendVerificationDone();
setState(Success); setState(Success);
// Request secrets. We should probably check somehow, if a device knowns about the
// secrets.
if (utils::localUser().toStdString() == this->toClient.to_string() &&
(!cache::secret(mtx::secret_storage::secrets::cross_signing_self_signing) ||
!cache::secret(mtx::secret_storage::secrets::cross_signing_user_signing))) {
olm::request_cross_signing_keys();
}
} }
} }

View file

@ -50,6 +50,54 @@ client()
return client_.get(); return client_.get();
} }
static void
handle_secret_request(const mtx::events::DeviceEvent<mtx::events::msg::SecretRequest> *e,
const std::string &sender)
{
using namespace mtx::events;
if (e->content.action != mtx::events::msg::RequestAction::Request)
return;
auto local_user = http::client()->user_id();
if (sender != local_user.to_string())
return;
auto verificationStatus = cache::verificationStatus(local_user.to_string());
if (!verificationStatus)
return;
auto deviceKeys = cache::userKeys(local_user.to_string());
if (!deviceKeys)
return;
if (std::find(verificationStatus->verified_devices.begin(),
verificationStatus->verified_devices.end(),
e->content.requesting_device_id) ==
verificationStatus->verified_devices.end())
return;
// this is a verified device
mtx::events::DeviceEvent<mtx::events::msg::SecretSend> secretSend;
secretSend.type = EventType::SecretSend;
secretSend.content.request_id = e->content.request_id;
auto secret = cache::client()->secret(e->content.name);
if (!secret)
return;
secretSend.content.secret = secret.value();
send_encrypted_to_device_messages(
{{local_user.to_string(), {{e->content.requesting_device_id}}}}, secretSend);
nhlog::net()->info("Sent secret '{}' to ({},{})",
e->content.name,
local_user.to_string(),
e->content.requesting_device_id);
}
void void
handle_to_device_messages(const std::vector<mtx::events::collections::DeviceEvents> &msgs) handle_to_device_messages(const std::vector<mtx::events::collections::DeviceEvents> &msgs)
{ {
@ -134,6 +182,10 @@ handle_to_device_messages(const std::vector<mtx::events::collections::DeviceEven
std::get<mtx::events::DeviceEvent<mtx::events::msg::KeyVerificationDone>>( std::get<mtx::events::DeviceEvent<mtx::events::msg::KeyVerificationDone>>(
msg); msg);
ChatPage::instance()->receivedDeviceVerificationDone(message.content); ChatPage::instance()->receivedDeviceVerificationDone(message.content);
} else if (auto e =
std::get_if<mtx::events::DeviceEvent<mtx::events::msg::SecretRequest>>(
&msg)) {
handle_secret_request(e, e->sender);
} else { } else {
nhlog::crypto()->warn("unhandled event: {}", j_msg.dump(2)); nhlog::crypto()->warn("unhandled event: {}", j_msg.dump(2));
} }
@ -296,58 +348,7 @@ handle_olm_message(const OlmMessage &msg)
} else if (auto e = } else if (auto e =
std::get_if<DeviceEvent<msg::SecretRequest>>(&device_event)) { std::get_if<DeviceEvent<msg::SecretRequest>>(&device_event)) {
if (e->content.action != mtx::events::msg::RequestAction::Request) handle_secret_request(e, msg.sender);
continue;
auto local_user = http::client()->user_id();
if (msg.sender != local_user.to_string())
continue;
auto verificationStatus =
cache::verificationStatus(local_user.to_string());
if (!verificationStatus)
continue;
auto deviceKeys = cache::userKeys(local_user.to_string());
if (!deviceKeys)
continue;
for (auto &[dev, key] : deviceKeys->device_keys) {
if (key.keys["curve25519:" + dev] == msg.sender_key) {
if (std::find(
verificationStatus->verified_devices.begin(),
verificationStatus->verified_devices.end(),
dev) ==
verificationStatus->verified_devices.end())
break;
// this is a verified device
mtx::events::DeviceEvent<
mtx::events::msg::SecretSend>
secretSend;
secretSend.type = EventType::SecretSend;
secretSend.content.request_id =
e->content.request_id;
auto secret =
cache::client()->secret(e->content.name);
if (!secret)
break;
secretSend.content.secret = secret.value();
send_encrypted_to_device_messages(
{{local_user.to_string(), {{dev}}}}, secretSend);
nhlog::net()->info("Sent secret to ({},{})",
local_user.to_string(),
dev);
break;
}
}
} }
return; return;