mirror of
https://github.com/Nheko-Reborn/nheko.git
synced 2024-10-30 17:40:47 +03:00
Add some more slots and mac
This commit is contained in:
parent
67367d0004
commit
ce013e67a6
6 changed files with 172 additions and 47 deletions
|
@ -240,7 +240,7 @@ ApplicationWindow {
|
|||
Button {
|
||||
Layout.alignment: Qt.AlignRight
|
||||
text: "They match."
|
||||
onClicked: { stack.replace(awaitingVerificationConfirmation); flow.acceptDevice(); }
|
||||
onClicked: { stack.replace(awaitingVerificationConfirmation); flow.sendVerificationMac(); }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -379,7 +379,7 @@ ApplicationWindow {
|
|||
Button {
|
||||
Layout.alignment: Qt.AlignRight
|
||||
text: "They match."
|
||||
onClicked: { stack.replace(awaitingVerificationConfirmation); flow.acceptDevice(); }
|
||||
onClicked: { stack.replace(awaitingVerificationConfirmation); flow.sendVerificationMac(); }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -175,6 +175,8 @@ signals:
|
|||
void recievedDeviceVerificationKey(const mtx::events::collections::DeviceEvents &message);
|
||||
void recievedDeviceVerificationMac(const mtx::events::collections::DeviceEvents &message);
|
||||
void recievedDeviceVerificationStart(const mtx::events::collections::DeviceEvents &message);
|
||||
void recievedDeviceVerificationReady(const mtx::events::collections::DeviceEvents &message);
|
||||
void recievedDeviceVerificationDone(const mtx::events::collections::DeviceEvents &message);
|
||||
|
||||
private slots:
|
||||
void showUnreadMessageNotification(int count);
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
#include "DeviceVerificationFlow.h"
|
||||
#include "ChatPage.h"
|
||||
#include "Logging.h"
|
||||
#include "Utils.h"
|
||||
|
||||
#include <QDateTime>
|
||||
#include <QDebug> // only for debugging
|
||||
#include <QTimer>
|
||||
#include <iostream> // only for debugging
|
||||
|
||||
static constexpr int TIMEOUT = 2 * 60 * 1000; // 2 minutes
|
||||
|
||||
|
@ -28,32 +27,27 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *)
|
|||
auto msg =
|
||||
std::get<mtx::events::DeviceEvent<msgs::KeyVerificationStart>>(message);
|
||||
if (msg.content.transaction_id == this->transaction_id) {
|
||||
if (std::find(msg.content.key_agreement_protocols.begin(),
|
||||
msg.content.key_agreement_protocols.end(),
|
||||
"curve25519-hkdf-sha256") !=
|
||||
msg.content.key_agreement_protocols.end() &&
|
||||
std::find(msg.content.hashes.begin(),
|
||||
msg.content.hashes.end(),
|
||||
"sha256") != msg.content.hashes.end() &&
|
||||
if ((std::find(msg.content.key_agreement_protocols.begin(),
|
||||
msg.content.key_agreement_protocols.end(),
|
||||
"curve25519-hkdf-sha256") !=
|
||||
msg.content.key_agreement_protocols.end()) &&
|
||||
(std::find(msg.content.hashes.begin(),
|
||||
msg.content.hashes.end(),
|
||||
"sha256") != msg.content.hashes.end()) &&
|
||||
(std::find(msg.content.message_authentication_codes.begin(),
|
||||
msg.content.message_authentication_codes.end(),
|
||||
"hmac-sha256") !=
|
||||
msg.content.message_authentication_codes.end() ||
|
||||
std::find(msg.content.message_authentication_codes.begin(),
|
||||
msg.content.message_authentication_codes.end(),
|
||||
"hkdf-hmac-sha256") !=
|
||||
msg.content.message_authentication_codes.end()) &&
|
||||
(std::find(msg.content.short_authentication_string.begin(),
|
||||
msg.content.short_authentication_string.end(),
|
||||
mtx::events::msg::SASMethods::Decimal) !=
|
||||
msg.content.short_authentication_string.end() ||
|
||||
std::find(msg.content.short_authentication_string.begin(),
|
||||
msg.content.short_authentication_string.end(),
|
||||
mtx::events::msg::SASMethods::Emoji) !=
|
||||
msg.content.short_authentication_string.end())) {
|
||||
this->sendVerificationKey(); // Not sure about this maybe
|
||||
// those optional methods
|
||||
this->canonical_json = nlohmann::json(msg);
|
||||
msg.content.message_authentication_codes.end()) &&
|
||||
((std::find(msg.content.short_authentication_string.begin(),
|
||||
msg.content.short_authentication_string.end(),
|
||||
mtx::events::msg::SASMethods::Decimal) !=
|
||||
msg.content.short_authentication_string.end()) ||
|
||||
(std::find(msg.content.short_authentication_string.begin(),
|
||||
msg.content.short_authentication_string.end(),
|
||||
mtx::events::msg::SASMethods::Emoji) !=
|
||||
msg.content.short_authentication_string.end()))) {
|
||||
this->acceptVerificationRequest();
|
||||
this->canonical_json = nlohmann::json(msg.content);
|
||||
} else {
|
||||
this->cancelVerification();
|
||||
}
|
||||
|
@ -67,12 +61,9 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *)
|
|||
auto msg =
|
||||
std::get<mtx::events::DeviceEvent<msgs::KeyVerificationAccept>>(message);
|
||||
if (msg.content.transaction_id == this->transaction_id) {
|
||||
if ((msg.content.method ==
|
||||
mtx::events::msg::VerificationMethods::SASv1) &&
|
||||
(msg.content.key_agreement_protocol == "curve25519-hkdf-sha256") &&
|
||||
if ((msg.content.key_agreement_protocol == "curve25519-hkdf-sha256") &&
|
||||
(msg.content.hash == "sha256") &&
|
||||
((msg.content.message_authentication_code == "hkdf-hmac-sha256") ||
|
||||
(msg.content.message_authentication_code == "hmac-sha256"))) {
|
||||
(msg.content.message_authentication_code == "hkdf-hmac-sha256")) {
|
||||
this->commitment = msg.content.commitment;
|
||||
if (std::find(msg.content.short_authentication_string.begin(),
|
||||
msg.content.short_authentication_string.end(),
|
||||
|
@ -136,8 +127,7 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *)
|
|||
} else {
|
||||
if (this->commitment ==
|
||||
mtx::crypto::bin2base64_unpadded(mtx::crypto::sha256(
|
||||
msg.content.key +
|
||||
this->canonical_json["content"].dump()))) {
|
||||
msg.content.key + this->canonical_json.dump()))) {
|
||||
emit this->verificationRequestAccepted(this->method);
|
||||
} else {
|
||||
this->cancelVerification();
|
||||
|
@ -152,7 +142,51 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *)
|
|||
auto msg =
|
||||
std::get<mtx::events::DeviceEvent<msgs::KeyVerificationMac>>(message);
|
||||
if (msg.content.transaction_id == this->transaction_id) {
|
||||
std::cout << "Recieved Event Mac" << std::endl;
|
||||
std::string info =
|
||||
"MATRIX_KEY_VERIFICATION_MAC" + this->toClient.to_string() +
|
||||
this->deviceId.toStdString() +
|
||||
http::client()->user_id().to_string() +
|
||||
http::client()->device_id() + this->transaction_id;
|
||||
|
||||
std::vector<std::string> key_list;
|
||||
std::string key_string;
|
||||
for (auto mac : msg.content.mac) {
|
||||
if (mac.second ==
|
||||
this->sas->calculate_mac(this->device_keys[mac.first],
|
||||
info + mac.first)) {
|
||||
key_string += mac.first;
|
||||
} else {
|
||||
this->cancelVerification();
|
||||
return;
|
||||
}
|
||||
}
|
||||
if (msg.content.keys ==
|
||||
this->sas->calculate_mac(key_string, info + "KEY_IDS")) {
|
||||
this->sendVerificationDone();
|
||||
} else {
|
||||
this->cancelVerification();
|
||||
}
|
||||
}
|
||||
});
|
||||
connect(ChatPage::instance(),
|
||||
&ChatPage::recievedDeviceVerificationReady,
|
||||
this,
|
||||
[this](const mtx::events::collections::DeviceEvents &message) {
|
||||
auto msg =
|
||||
std::get<mtx::events::DeviceEvent<msgs::KeyVerificationReady>>(message);
|
||||
if (msg.content.transaction_id == this->transaction_id) {
|
||||
this->startVerificationRequest();
|
||||
}
|
||||
});
|
||||
connect(ChatPage::instance(),
|
||||
&ChatPage::recievedDeviceVerificationDone,
|
||||
this,
|
||||
[this](const mtx::events::collections::DeviceEvents &message) {
|
||||
auto msg =
|
||||
std::get<mtx::events::DeviceEvent<msgs::KeyVerificationDone>>(message);
|
||||
if (msg.content.transaction_id == this->transaction_id) {
|
||||
this->startVerificationRequest();
|
||||
emit this->deviceVerified();
|
||||
}
|
||||
});
|
||||
timeout->start(TIMEOUT);
|
||||
|
@ -205,6 +239,34 @@ DeviceVerificationFlow::setUserId(QString userID)
|
|||
{
|
||||
this->userId = userID;
|
||||
this->toClient = mtx::identifiers::parse<mtx::identifiers::User>(userID.toStdString());
|
||||
|
||||
mtx::responses::QueryKeys res;
|
||||
mtx::requests::QueryKeys req;
|
||||
req.device_keys[userID.toStdString()] = {};
|
||||
http::client()->query_keys(
|
||||
req,
|
||||
[user_id = userID.toStdString(), this](const mtx::responses::QueryKeys &res,
|
||||
mtx::http::RequestErr err) {
|
||||
if (err) {
|
||||
nhlog::net()->warn("failed to query device keys: {},{}",
|
||||
err->matrix_error.errcode,
|
||||
static_cast<int>(err->status_code));
|
||||
return;
|
||||
}
|
||||
|
||||
for (auto x : res.device_keys) {
|
||||
for (auto y : x.second) {
|
||||
auto z = y.second;
|
||||
if (z.user_id == user_id &&
|
||||
z.device_id == this->deviceId.toStdString()) {
|
||||
for (auto a : z.keys) {
|
||||
// TODO: Verify Signatures
|
||||
this->device_keys[a.first] = a.second;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -248,9 +310,6 @@ DeviceVerificationFlow::acceptVerificationRequest()
|
|||
|
||||
body[this->toClient][this->deviceId.toStdString()] = req;
|
||||
|
||||
std::cout << "Accepting the Verification" << std::endl;
|
||||
std::cout << json(body) << std::endl;
|
||||
|
||||
http::client()
|
||||
->send_to_device<mtx::events::msg::KeyVerificationAccept,
|
||||
mtx::events::EventType::KeyVerificationAccept>(
|
||||
|
@ -261,6 +320,50 @@ DeviceVerificationFlow::acceptVerificationRequest()
|
|||
static_cast<int>(err->status_code));
|
||||
});
|
||||
}
|
||||
//! responds verification request
|
||||
void
|
||||
DeviceVerificationFlow::sendVerificationReady()
|
||||
{
|
||||
mtx::requests::ToDeviceMessages<mtx::events::msg::KeyVerificationReady> body;
|
||||
mtx::events::msg::KeyVerificationReady req;
|
||||
|
||||
req.from_device = http::client()->device_id();
|
||||
req.transaction_id = this->transaction_id;
|
||||
req.methods = {mtx::events::msg::VerificationMethods::SASv1};
|
||||
|
||||
body[this->toClient][this->deviceId.toStdString()] = req;
|
||||
|
||||
http::client()
|
||||
->send_to_device<mtx::events::msg::KeyVerificationReady,
|
||||
mtx::events::EventType::KeyVerificationReady>(
|
||||
this->transaction_id, body, [](mtx::http::RequestErr err) {
|
||||
if (err)
|
||||
nhlog::net()->warn("failed to send verification ready: {} {}",
|
||||
err->matrix_error.error,
|
||||
static_cast<int>(err->status_code));
|
||||
});
|
||||
}
|
||||
//! accepts a verification
|
||||
void
|
||||
DeviceVerificationFlow::sendVerificationDone()
|
||||
{
|
||||
mtx::requests::ToDeviceMessages<mtx::events::msg::KeyVerificationDone> body;
|
||||
mtx::events::msg::KeyVerificationDone req;
|
||||
|
||||
req.transaction_id = this->transaction_id;
|
||||
|
||||
body[this->toClient][this->deviceId.toStdString()] = req;
|
||||
|
||||
http::client()
|
||||
->send_to_device<mtx::events::msg::KeyVerificationDone,
|
||||
mtx::events::EventType::KeyVerificationDone>(
|
||||
this->transaction_id, body, [](mtx::http::RequestErr err) {
|
||||
if (err)
|
||||
nhlog::net()->warn("failed to send verification done: {} {}",
|
||||
err->matrix_error.error,
|
||||
static_cast<int>(err->status_code));
|
||||
});
|
||||
}
|
||||
//! starts the verification flow
|
||||
void
|
||||
DeviceVerificationFlow::startVerificationRequest()
|
||||
|
@ -373,9 +476,25 @@ DeviceVerificationFlow::sendVerificationMac()
|
|||
mtx::requests::ToDeviceMessages<mtx::events::msg::KeyVerificationMac> body;
|
||||
mtx::events::msg::KeyVerificationMac req;
|
||||
|
||||
std::string info = "MATRIX_KEY_VERIFICATION_MAC" + http::client()->user_id().to_string() +
|
||||
http::client()->device_id() + this->toClient.to_string() +
|
||||
this->deviceId.toStdString() + this->transaction_id;
|
||||
|
||||
req.transaction_id = this->transaction_id;
|
||||
// req.mac = "";
|
||||
req.keys = "";
|
||||
//! this vector stores the type of the key and the key
|
||||
std::vector<std::pair<std::string, std::string>> key_list;
|
||||
key_list.push_back(make_pair("ed25519", olm::client()->identity_keys().ed25519));
|
||||
std::sort(key_list.begin(), key_list.end());
|
||||
for (auto x : key_list) {
|
||||
req.mac.insert(
|
||||
std::make_pair(x.first + ":" + http::client()->device_id(),
|
||||
this->sas->calculate_mac(
|
||||
x.second, info + x.first + ":" + http::client()->device_id())));
|
||||
req.keys += x.first + ":" + http::client()->device_id() + ",";
|
||||
}
|
||||
|
||||
req.keys =
|
||||
this->sas->calculate_mac(req.keys.substr(0, req.keys.size() - 1), info + "KEY_IDS");
|
||||
|
||||
body[this->toClient][deviceId.toStdString()] = req;
|
||||
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
#include "Olm.h"
|
||||
|
||||
#include "mtx/responses/crypto.hpp"
|
||||
#include <MatrixClient.h>
|
||||
#include <QObject>
|
||||
|
||||
|
@ -46,6 +47,10 @@ public:
|
|||
public slots:
|
||||
//! sends a verification request
|
||||
void sendVerificationRequest();
|
||||
//! accepts a verification request
|
||||
void sendVerificationReady();
|
||||
//! completes the verification flow();
|
||||
void sendVerificationDone();
|
||||
//! accepts a verification
|
||||
void acceptVerificationRequest();
|
||||
//! starts the verification flow
|
||||
|
@ -78,4 +83,5 @@ private:
|
|||
std::string commitment;
|
||||
mtx::identifiers::User toClient;
|
||||
std::vector<int> sasList;
|
||||
std::map<std::string, std::string> device_keys;
|
||||
};
|
||||
|
|
11
src/Olm.cpp
11
src/Olm.cpp
|
@ -9,7 +9,6 @@
|
|||
#include "MatrixClient.h"
|
||||
#include "Utils.h"
|
||||
#include <DeviceVerificationFlow.h>
|
||||
#include <iostream> // only for debugging
|
||||
|
||||
static const std::string STORAGE_SECRET_KEY("secret");
|
||||
constexpr auto MEGOLM_ALGO = "m.megolm.v1.aes-sha2";
|
||||
|
@ -79,22 +78,20 @@ handle_to_device_messages(const std::vector<mtx::events::collections::DeviceEven
|
|||
}
|
||||
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationAccept)) {
|
||||
ChatPage::instance()->recievedDeviceVerificationAccept(msg);
|
||||
std::cout << j_msg.dump(2) << std::endl;
|
||||
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationRequest)) {
|
||||
ChatPage::instance()->recievedDeviceVerificationRequest(msg);
|
||||
std::cout << j_msg.dump(2) << std::endl;
|
||||
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationCancel)) {
|
||||
ChatPage::instance()->recievedDeviceVerificationCancel(msg);
|
||||
std::cout << j_msg.dump(2) << std::endl;
|
||||
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationKey)) {
|
||||
ChatPage::instance()->recievedDeviceVerificationKey(msg);
|
||||
std::cout << j_msg.dump(2) << std::endl;
|
||||
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationMac)) {
|
||||
ChatPage::instance()->recievedDeviceVerificationMac(msg);
|
||||
std::cout << j_msg.dump(2) << std::endl;
|
||||
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationStart)) {
|
||||
ChatPage::instance()->recievedDeviceVerificationStart(msg);
|
||||
std::cout << j_msg.dump(2) << std::endl;
|
||||
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationReady)) {
|
||||
ChatPage::instance()->recievedDeviceVerificationReady(msg);
|
||||
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationDone)) {
|
||||
ChatPage::instance()->recievedDeviceVerificationDone(msg);
|
||||
} else {
|
||||
nhlog::crypto()->warn("unhandled event: {}", j_msg.dump(2));
|
||||
}
|
||||
|
|
|
@ -183,6 +183,7 @@ TimelineViewManager::TimelineViewManager(QSharedPointer<UserSettings> userSettin
|
|||
msg.content.methods.end(),
|
||||
mtx::events::msg::VerificationMethods::SASv1) !=
|
||||
msg.content.methods.end()) {
|
||||
flow->sendVerificationReady();
|
||||
emit newDeviceVerificationRequest(
|
||||
std::move(flow),
|
||||
QString::fromStdString(msg.content.transaction_id),
|
||||
|
|
Loading…
Reference in a new issue