diff options
| author | Nicolas Werner <nicolas.werner@hotmail.de> | 2020-12-17 03:16:06 +0100 |
|---|---|---|
| committer | Nicolas Werner <nicolas.werner@hotmail.de> | 2020-12-17 03:16:06 +0100 |
| commit | 9d2177afe24401821aae6df925b8ca09fa0765d8 (patch) | |
| tree | d1239cec72b5fb8219b7777b446a43fcc765cc43 | |
| parent | Upload cross-signing signatures after verification (diff) | |
| download | nheko-9d2177afe24401821aae6df925b8ca09fa0765d8.tar.xz | |
Request secrets after verification
| -rw-r--r-- | src/DeviceVerificationFlow.cpp | 8 | ||||
| -rw-r--r-- | src/Olm.cpp | 105 |
2 files changed, 61 insertions, 52 deletions
diff --git a/src/DeviceVerificationFlow.cpp b/src/DeviceVerificationFlow.cpp index 1ffb8b3e..f692629e 100644 --- a/src/DeviceVerificationFlow.cpp +++ b/src/DeviceVerificationFlow.cpp @@ -761,6 +761,14 @@ DeviceVerificationFlow::acceptDevice() cache::markDeviceVerified(this->toClient.to_string(), this->deviceId.toStdString()); this->sendVerificationDone(); setState(Success); + + // Request secrets. We should probably check somehow, if a device knowns about the + // secrets. + if (utils::localUser().toStdString() == this->toClient.to_string() && + (!cache::secret(mtx::secret_storage::secrets::cross_signing_self_signing) || + !cache::secret(mtx::secret_storage::secrets::cross_signing_user_signing))) { + olm::request_cross_signing_keys(); + } } } diff --git a/src/Olm.cpp b/src/Olm.cpp index 9dd4705e..82a61fba 100644 --- a/src/Olm.cpp +++ b/src/Olm.cpp @@ -50,6 +50,54 @@ client() return client_.get(); } +static void +handle_secret_request(const mtx::events::DeviceEvent<mtx::events::msg::SecretRequest> *e, + const std::string &sender) +{ + using namespace mtx::events; + + if (e->content.action != mtx::events::msg::RequestAction::Request) + return; + + auto local_user = http::client()->user_id(); + + if (sender != local_user.to_string()) + return; + + auto verificationStatus = cache::verificationStatus(local_user.to_string()); + + if (!verificationStatus) + return; + + auto deviceKeys = cache::userKeys(local_user.to_string()); + if (!deviceKeys) + return; + + if (std::find(verificationStatus->verified_devices.begin(), + verificationStatus->verified_devices.end(), + e->content.requesting_device_id) == + verificationStatus->verified_devices.end()) + return; + + // this is a verified device + mtx::events::DeviceEvent<mtx::events::msg::SecretSend> secretSend; + secretSend.type = EventType::SecretSend; + secretSend.content.request_id = e->content.request_id; + + auto secret = cache::client()->secret(e->content.name); + if (!secret) + return; + secretSend.content.secret = secret.value(); + + send_encrypted_to_device_messages( + {{local_user.to_string(), {{e->content.requesting_device_id}}}}, secretSend); + + nhlog::net()->info("Sent secret '{}' to ({},{})", + e->content.name, + local_user.to_string(), + e->content.requesting_device_id); +} + void handle_to_device_messages(const std::vector<mtx::events::collections::DeviceEvents> &msgs) { @@ -134,6 +182,10 @@ handle_to_device_messages(const std::vector<mtx::events::collections::DeviceEven std::get<mtx::events::DeviceEvent<mtx::events::msg::KeyVerificationDone>>( msg); ChatPage::instance()->receivedDeviceVerificationDone(message.content); + } else if (auto e = + std::get_if<mtx::events::DeviceEvent<mtx::events::msg::SecretRequest>>( + &msg)) { + handle_secret_request(e, e->sender); } else { nhlog::crypto()->warn("unhandled event: {}", j_msg.dump(2)); } @@ -296,58 +348,7 @@ handle_olm_message(const OlmMessage &msg) } else if (auto e = std::get_if<DeviceEvent<msg::SecretRequest>>(&device_event)) { - if (e->content.action != mtx::events::msg::RequestAction::Request) - continue; - - auto local_user = http::client()->user_id(); - - if (msg.sender != local_user.to_string()) - continue; - - auto verificationStatus = - cache::verificationStatus(local_user.to_string()); - - if (!verificationStatus) - continue; - - auto deviceKeys = cache::userKeys(local_user.to_string()); - if (!deviceKeys) - continue; - - for (auto &[dev, key] : deviceKeys->device_keys) { - if (key.keys["curve25519:" + dev] == msg.sender_key) { - if (std::find( - verificationStatus->verified_devices.begin(), - verificationStatus->verified_devices.end(), - dev) == - verificationStatus->verified_devices.end()) - break; - - // this is a verified device - mtx::events::DeviceEvent< - mtx::events::msg::SecretSend> - secretSend; - secretSend.type = EventType::SecretSend; - secretSend.content.request_id = - e->content.request_id; - - auto secret = - cache::client()->secret(e->content.name); - if (!secret) - break; - - secretSend.content.secret = secret.value(); - - send_encrypted_to_device_messages( - {{local_user.to_string(), {{dev}}}}, secretSend); - - nhlog::net()->info("Sent secret to ({},{})", - local_user.to_string(), - dev); - - break; - } - } + handle_secret_request(e, msg.sender); } return; |