Add some more slots and mac

This commit is contained in:
CH Chethan Reddy 2020-06-23 03:35:56 +05:30
parent 67367d0004
commit ce013e67a6
6 changed files with 172 additions and 47 deletions

View file

@ -240,7 +240,7 @@ ApplicationWindow {
Button { Button {
Layout.alignment: Qt.AlignRight Layout.alignment: Qt.AlignRight
text: "They match." text: "They match."
onClicked: { stack.replace(awaitingVerificationConfirmation); flow.acceptDevice(); } onClicked: { stack.replace(awaitingVerificationConfirmation); flow.sendVerificationMac(); }
} }
} }
} }
@ -379,7 +379,7 @@ ApplicationWindow {
Button { Button {
Layout.alignment: Qt.AlignRight Layout.alignment: Qt.AlignRight
text: "They match." text: "They match."
onClicked: { stack.replace(awaitingVerificationConfirmation); flow.acceptDevice(); } onClicked: { stack.replace(awaitingVerificationConfirmation); flow.sendVerificationMac(); }
} }
} }
} }

View file

@ -175,6 +175,8 @@ signals:
void recievedDeviceVerificationKey(const mtx::events::collections::DeviceEvents &message); void recievedDeviceVerificationKey(const mtx::events::collections::DeviceEvents &message);
void recievedDeviceVerificationMac(const mtx::events::collections::DeviceEvents &message); void recievedDeviceVerificationMac(const mtx::events::collections::DeviceEvents &message);
void recievedDeviceVerificationStart(const mtx::events::collections::DeviceEvents &message); void recievedDeviceVerificationStart(const mtx::events::collections::DeviceEvents &message);
void recievedDeviceVerificationReady(const mtx::events::collections::DeviceEvents &message);
void recievedDeviceVerificationDone(const mtx::events::collections::DeviceEvents &message);
private slots: private slots:
void showUnreadMessageNotification(int count); void showUnreadMessageNotification(int count);

View file

@ -1,11 +1,10 @@
#include "DeviceVerificationFlow.h" #include "DeviceVerificationFlow.h"
#include "ChatPage.h" #include "ChatPage.h"
#include "Logging.h" #include "Logging.h"
#include "Utils.h"
#include <QDateTime> #include <QDateTime>
#include <QDebug> // only for debugging
#include <QTimer> #include <QTimer>
#include <iostream> // only for debugging
static constexpr int TIMEOUT = 2 * 60 * 1000; // 2 minutes static constexpr int TIMEOUT = 2 * 60 * 1000; // 2 minutes
@ -28,32 +27,27 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *)
auto msg = auto msg =
std::get<mtx::events::DeviceEvent<msgs::KeyVerificationStart>>(message); std::get<mtx::events::DeviceEvent<msgs::KeyVerificationStart>>(message);
if (msg.content.transaction_id == this->transaction_id) { if (msg.content.transaction_id == this->transaction_id) {
if (std::find(msg.content.key_agreement_protocols.begin(), if ((std::find(msg.content.key_agreement_protocols.begin(),
msg.content.key_agreement_protocols.end(), msg.content.key_agreement_protocols.end(),
"curve25519-hkdf-sha256") != "curve25519-hkdf-sha256") !=
msg.content.key_agreement_protocols.end() && msg.content.key_agreement_protocols.end()) &&
std::find(msg.content.hashes.begin(), (std::find(msg.content.hashes.begin(),
msg.content.hashes.end(), msg.content.hashes.end(),
"sha256") != msg.content.hashes.end() && "sha256") != msg.content.hashes.end()) &&
(std::find(msg.content.message_authentication_codes.begin(), (std::find(msg.content.message_authentication_codes.begin(),
msg.content.message_authentication_codes.end(), msg.content.message_authentication_codes.end(),
"hmac-sha256") != "hmac-sha256") !=
msg.content.message_authentication_codes.end() ||
std::find(msg.content.message_authentication_codes.begin(),
msg.content.message_authentication_codes.end(),
"hkdf-hmac-sha256") !=
msg.content.message_authentication_codes.end()) && msg.content.message_authentication_codes.end()) &&
(std::find(msg.content.short_authentication_string.begin(), ((std::find(msg.content.short_authentication_string.begin(),
msg.content.short_authentication_string.end(), msg.content.short_authentication_string.end(),
mtx::events::msg::SASMethods::Decimal) != mtx::events::msg::SASMethods::Decimal) !=
msg.content.short_authentication_string.end() || msg.content.short_authentication_string.end()) ||
std::find(msg.content.short_authentication_string.begin(), (std::find(msg.content.short_authentication_string.begin(),
msg.content.short_authentication_string.end(), msg.content.short_authentication_string.end(),
mtx::events::msg::SASMethods::Emoji) != mtx::events::msg::SASMethods::Emoji) !=
msg.content.short_authentication_string.end())) { msg.content.short_authentication_string.end()))) {
this->sendVerificationKey(); // Not sure about this maybe this->acceptVerificationRequest();
// those optional methods this->canonical_json = nlohmann::json(msg.content);
this->canonical_json = nlohmann::json(msg);
} else { } else {
this->cancelVerification(); this->cancelVerification();
} }
@ -67,12 +61,9 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *)
auto msg = auto msg =
std::get<mtx::events::DeviceEvent<msgs::KeyVerificationAccept>>(message); std::get<mtx::events::DeviceEvent<msgs::KeyVerificationAccept>>(message);
if (msg.content.transaction_id == this->transaction_id) { if (msg.content.transaction_id == this->transaction_id) {
if ((msg.content.method == if ((msg.content.key_agreement_protocol == "curve25519-hkdf-sha256") &&
mtx::events::msg::VerificationMethods::SASv1) &&
(msg.content.key_agreement_protocol == "curve25519-hkdf-sha256") &&
(msg.content.hash == "sha256") && (msg.content.hash == "sha256") &&
((msg.content.message_authentication_code == "hkdf-hmac-sha256") || (msg.content.message_authentication_code == "hkdf-hmac-sha256")) {
(msg.content.message_authentication_code == "hmac-sha256"))) {
this->commitment = msg.content.commitment; this->commitment = msg.content.commitment;
if (std::find(msg.content.short_authentication_string.begin(), if (std::find(msg.content.short_authentication_string.begin(),
msg.content.short_authentication_string.end(), msg.content.short_authentication_string.end(),
@ -136,8 +127,7 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *)
} else { } else {
if (this->commitment == if (this->commitment ==
mtx::crypto::bin2base64_unpadded(mtx::crypto::sha256( mtx::crypto::bin2base64_unpadded(mtx::crypto::sha256(
msg.content.key + msg.content.key + this->canonical_json.dump()))) {
this->canonical_json["content"].dump()))) {
emit this->verificationRequestAccepted(this->method); emit this->verificationRequestAccepted(this->method);
} else { } else {
this->cancelVerification(); this->cancelVerification();
@ -152,7 +142,51 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *)
auto msg = auto msg =
std::get<mtx::events::DeviceEvent<msgs::KeyVerificationMac>>(message); std::get<mtx::events::DeviceEvent<msgs::KeyVerificationMac>>(message);
if (msg.content.transaction_id == this->transaction_id) { if (msg.content.transaction_id == this->transaction_id) {
std::cout << "Recieved Event Mac" << std::endl; std::string info =
"MATRIX_KEY_VERIFICATION_MAC" + this->toClient.to_string() +
this->deviceId.toStdString() +
http::client()->user_id().to_string() +
http::client()->device_id() + this->transaction_id;
std::vector<std::string> key_list;
std::string key_string;
for (auto mac : msg.content.mac) {
if (mac.second ==
this->sas->calculate_mac(this->device_keys[mac.first],
info + mac.first)) {
key_string += mac.first;
} else {
this->cancelVerification();
return;
}
}
if (msg.content.keys ==
this->sas->calculate_mac(key_string, info + "KEY_IDS")) {
this->sendVerificationDone();
} else {
this->cancelVerification();
}
}
});
connect(ChatPage::instance(),
&ChatPage::recievedDeviceVerificationReady,
this,
[this](const mtx::events::collections::DeviceEvents &message) {
auto msg =
std::get<mtx::events::DeviceEvent<msgs::KeyVerificationReady>>(message);
if (msg.content.transaction_id == this->transaction_id) {
this->startVerificationRequest();
}
});
connect(ChatPage::instance(),
&ChatPage::recievedDeviceVerificationDone,
this,
[this](const mtx::events::collections::DeviceEvents &message) {
auto msg =
std::get<mtx::events::DeviceEvent<msgs::KeyVerificationDone>>(message);
if (msg.content.transaction_id == this->transaction_id) {
this->startVerificationRequest();
emit this->deviceVerified();
} }
}); });
timeout->start(TIMEOUT); timeout->start(TIMEOUT);
@ -205,6 +239,34 @@ DeviceVerificationFlow::setUserId(QString userID)
{ {
this->userId = userID; this->userId = userID;
this->toClient = mtx::identifiers::parse<mtx::identifiers::User>(userID.toStdString()); this->toClient = mtx::identifiers::parse<mtx::identifiers::User>(userID.toStdString());
mtx::responses::QueryKeys res;
mtx::requests::QueryKeys req;
req.device_keys[userID.toStdString()] = {};
http::client()->query_keys(
req,
[user_id = userID.toStdString(), this](const mtx::responses::QueryKeys &res,
mtx::http::RequestErr err) {
if (err) {
nhlog::net()->warn("failed to query device keys: {},{}",
err->matrix_error.errcode,
static_cast<int>(err->status_code));
return;
}
for (auto x : res.device_keys) {
for (auto y : x.second) {
auto z = y.second;
if (z.user_id == user_id &&
z.device_id == this->deviceId.toStdString()) {
for (auto a : z.keys) {
// TODO: Verify Signatures
this->device_keys[a.first] = a.second;
}
}
}
}
});
} }
void void
@ -248,9 +310,6 @@ DeviceVerificationFlow::acceptVerificationRequest()
body[this->toClient][this->deviceId.toStdString()] = req; body[this->toClient][this->deviceId.toStdString()] = req;
std::cout << "Accepting the Verification" << std::endl;
std::cout << json(body) << std::endl;
http::client() http::client()
->send_to_device<mtx::events::msg::KeyVerificationAccept, ->send_to_device<mtx::events::msg::KeyVerificationAccept,
mtx::events::EventType::KeyVerificationAccept>( mtx::events::EventType::KeyVerificationAccept>(
@ -261,6 +320,50 @@ DeviceVerificationFlow::acceptVerificationRequest()
static_cast<int>(err->status_code)); static_cast<int>(err->status_code));
}); });
} }
//! responds verification request
void
DeviceVerificationFlow::sendVerificationReady()
{
mtx::requests::ToDeviceMessages<mtx::events::msg::KeyVerificationReady> body;
mtx::events::msg::KeyVerificationReady req;
req.from_device = http::client()->device_id();
req.transaction_id = this->transaction_id;
req.methods = {mtx::events::msg::VerificationMethods::SASv1};
body[this->toClient][this->deviceId.toStdString()] = req;
http::client()
->send_to_device<mtx::events::msg::KeyVerificationReady,
mtx::events::EventType::KeyVerificationReady>(
this->transaction_id, body, [](mtx::http::RequestErr err) {
if (err)
nhlog::net()->warn("failed to send verification ready: {} {}",
err->matrix_error.error,
static_cast<int>(err->status_code));
});
}
//! accepts a verification
void
DeviceVerificationFlow::sendVerificationDone()
{
mtx::requests::ToDeviceMessages<mtx::events::msg::KeyVerificationDone> body;
mtx::events::msg::KeyVerificationDone req;
req.transaction_id = this->transaction_id;
body[this->toClient][this->deviceId.toStdString()] = req;
http::client()
->send_to_device<mtx::events::msg::KeyVerificationDone,
mtx::events::EventType::KeyVerificationDone>(
this->transaction_id, body, [](mtx::http::RequestErr err) {
if (err)
nhlog::net()->warn("failed to send verification done: {} {}",
err->matrix_error.error,
static_cast<int>(err->status_code));
});
}
//! starts the verification flow //! starts the verification flow
void void
DeviceVerificationFlow::startVerificationRequest() DeviceVerificationFlow::startVerificationRequest()
@ -373,9 +476,25 @@ DeviceVerificationFlow::sendVerificationMac()
mtx::requests::ToDeviceMessages<mtx::events::msg::KeyVerificationMac> body; mtx::requests::ToDeviceMessages<mtx::events::msg::KeyVerificationMac> body;
mtx::events::msg::KeyVerificationMac req; mtx::events::msg::KeyVerificationMac req;
std::string info = "MATRIX_KEY_VERIFICATION_MAC" + http::client()->user_id().to_string() +
http::client()->device_id() + this->toClient.to_string() +
this->deviceId.toStdString() + this->transaction_id;
req.transaction_id = this->transaction_id; req.transaction_id = this->transaction_id;
// req.mac = ""; //! this vector stores the type of the key and the key
req.keys = ""; std::vector<std::pair<std::string, std::string>> key_list;
key_list.push_back(make_pair("ed25519", olm::client()->identity_keys().ed25519));
std::sort(key_list.begin(), key_list.end());
for (auto x : key_list) {
req.mac.insert(
std::make_pair(x.first + ":" + http::client()->device_id(),
this->sas->calculate_mac(
x.second, info + x.first + ":" + http::client()->device_id())));
req.keys += x.first + ":" + http::client()->device_id() + ",";
}
req.keys =
this->sas->calculate_mac(req.keys.substr(0, req.keys.size() - 1), info + "KEY_IDS");
body[this->toClient][deviceId.toStdString()] = req; body[this->toClient][deviceId.toStdString()] = req;

View file

@ -2,6 +2,7 @@
#include "Olm.h" #include "Olm.h"
#include "mtx/responses/crypto.hpp"
#include <MatrixClient.h> #include <MatrixClient.h>
#include <QObject> #include <QObject>
@ -46,6 +47,10 @@ public:
public slots: public slots:
//! sends a verification request //! sends a verification request
void sendVerificationRequest(); void sendVerificationRequest();
//! accepts a verification request
void sendVerificationReady();
//! completes the verification flow();
void sendVerificationDone();
//! accepts a verification //! accepts a verification
void acceptVerificationRequest(); void acceptVerificationRequest();
//! starts the verification flow //! starts the verification flow
@ -78,4 +83,5 @@ private:
std::string commitment; std::string commitment;
mtx::identifiers::User toClient; mtx::identifiers::User toClient;
std::vector<int> sasList; std::vector<int> sasList;
std::map<std::string, std::string> device_keys;
}; };

View file

@ -9,7 +9,6 @@
#include "MatrixClient.h" #include "MatrixClient.h"
#include "Utils.h" #include "Utils.h"
#include <DeviceVerificationFlow.h> #include <DeviceVerificationFlow.h>
#include <iostream> // only for debugging
static const std::string STORAGE_SECRET_KEY("secret"); static const std::string STORAGE_SECRET_KEY("secret");
constexpr auto MEGOLM_ALGO = "m.megolm.v1.aes-sha2"; constexpr auto MEGOLM_ALGO = "m.megolm.v1.aes-sha2";
@ -79,22 +78,20 @@ handle_to_device_messages(const std::vector<mtx::events::collections::DeviceEven
} }
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationAccept)) { } else if (msg_type == to_string(mtx::events::EventType::KeyVerificationAccept)) {
ChatPage::instance()->recievedDeviceVerificationAccept(msg); ChatPage::instance()->recievedDeviceVerificationAccept(msg);
std::cout << j_msg.dump(2) << std::endl;
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationRequest)) { } else if (msg_type == to_string(mtx::events::EventType::KeyVerificationRequest)) {
ChatPage::instance()->recievedDeviceVerificationRequest(msg); ChatPage::instance()->recievedDeviceVerificationRequest(msg);
std::cout << j_msg.dump(2) << std::endl;
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationCancel)) { } else if (msg_type == to_string(mtx::events::EventType::KeyVerificationCancel)) {
ChatPage::instance()->recievedDeviceVerificationCancel(msg); ChatPage::instance()->recievedDeviceVerificationCancel(msg);
std::cout << j_msg.dump(2) << std::endl;
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationKey)) { } else if (msg_type == to_string(mtx::events::EventType::KeyVerificationKey)) {
ChatPage::instance()->recievedDeviceVerificationKey(msg); ChatPage::instance()->recievedDeviceVerificationKey(msg);
std::cout << j_msg.dump(2) << std::endl;
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationMac)) { } else if (msg_type == to_string(mtx::events::EventType::KeyVerificationMac)) {
ChatPage::instance()->recievedDeviceVerificationMac(msg); ChatPage::instance()->recievedDeviceVerificationMac(msg);
std::cout << j_msg.dump(2) << std::endl;
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationStart)) { } else if (msg_type == to_string(mtx::events::EventType::KeyVerificationStart)) {
ChatPage::instance()->recievedDeviceVerificationStart(msg); ChatPage::instance()->recievedDeviceVerificationStart(msg);
std::cout << j_msg.dump(2) << std::endl; } else if (msg_type == to_string(mtx::events::EventType::KeyVerificationReady)) {
ChatPage::instance()->recievedDeviceVerificationReady(msg);
} else if (msg_type == to_string(mtx::events::EventType::KeyVerificationDone)) {
ChatPage::instance()->recievedDeviceVerificationDone(msg);
} else { } else {
nhlog::crypto()->warn("unhandled event: {}", j_msg.dump(2)); nhlog::crypto()->warn("unhandled event: {}", j_msg.dump(2));
} }

View file

@ -183,6 +183,7 @@ TimelineViewManager::TimelineViewManager(QSharedPointer<UserSettings> userSettin
msg.content.methods.end(), msg.content.methods.end(),
mtx::events::msg::VerificationMethods::SASv1) != mtx::events::msg::VerificationMethods::SASv1) !=
msg.content.methods.end()) { msg.content.methods.end()) {
flow->sendVerificationReady();
emit newDeviceVerificationRequest( emit newDeviceVerificationRequest(
std::move(flow), std::move(flow),
QString::fromStdString(msg.content.transaction_id), QString::fromStdString(msg.content.transaction_id),