2021-03-05 00:35:15 +01:00
|
|
|
// SPDX-FileCopyrightText: 2021 Nheko Contributors
|
|
|
|
|
//
|
|
|
|
|
// SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
|
|
2019-12-14 23:39:02 +01:00
|
|
|
#pragma once
|
|
|
|
|
|
2021-05-07 12:19:46 +02:00
|
|
|
#include <QObject>
|
|
|
|
|
|
2019-12-14 23:39:02 +01:00
|
|
|
#include <map>
|
|
|
|
|
#include <mutex>
|
2021-05-07 17:01:03 +02:00
|
|
|
#include <set>
|
2019-12-14 23:39:02 +01:00
|
|
|
|
2021-05-07 12:19:46 +02:00
|
|
|
#include <mtx/events/encrypted.hpp>
|
2020-10-27 17:45:28 +01:00
|
|
|
#include <mtx/responses/crypto.hpp>
|
|
|
|
|
#include <mtxclient/crypto/objects.hpp>
|
2019-12-14 23:39:02 +01:00
|
|
|
|
2021-05-07 12:19:46 +02:00
|
|
|
namespace crypto {
|
|
|
|
|
Q_NAMESPACE
|
|
|
|
|
//! How much a participant is trusted.
|
|
|
|
|
enum Trust
|
|
|
|
|
{
|
|
|
|
|
Unverified, //! Device unverified or master key changed.
|
|
|
|
|
TOFU, //! Device is signed by the sender, but the user is not verified, but they never
|
|
|
|
|
//! changed the master key.
|
|
|
|
|
Verified, //! User was verified and has crosssigned this device or device is verified.
|
|
|
|
|
};
|
|
|
|
|
Q_ENUM_NS(Trust)
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-17 01:27:37 +02:00
|
|
|
struct DeviceKeysToMsgIndex
|
2020-11-30 00:26:27 +01:00
|
|
|
{
|
2021-07-17 01:27:37 +02:00
|
|
|
// map from device key to message_index
|
|
|
|
|
// Using the device id is safe because we check for reuse on device list updates
|
|
|
|
|
// Using the device id makes our logic much easier to read.
|
|
|
|
|
std::map<std::string, uint64_t> deviceids;
|
2020-11-30 00:26:27 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct SharedWithUsers
|
|
|
|
|
{
|
|
|
|
|
// userid to keys
|
2021-07-17 01:27:37 +02:00
|
|
|
std::map<std::string, DeviceKeysToMsgIndex> keys;
|
2020-11-30 00:26:27 +01:00
|
|
|
};
|
|
|
|
|
|
2019-12-14 23:39:02 +01:00
|
|
|
// Extra information associated with an outbound megolm session.
|
2021-07-17 01:27:37 +02:00
|
|
|
struct GroupSessionData
|
2019-12-14 23:39:02 +01:00
|
|
|
{
|
|
|
|
|
uint64_t message_index = 0;
|
2021-03-15 16:24:01 +01:00
|
|
|
uint64_t timestamp = 0;
|
2020-11-30 00:26:27 +01:00
|
|
|
|
2021-07-17 01:27:37 +02:00
|
|
|
std::string sender_claimed_ed25519_key;
|
|
|
|
|
std::vector<std::string> forwarding_curve25519_key_chain;
|
|
|
|
|
|
2021-08-07 23:54:35 +02:00
|
|
|
//! map from index to event_id to check for replay attacks
|
|
|
|
|
std::map<uint32_t, std::string> indices;
|
|
|
|
|
|
2020-11-30 00:26:27 +01:00
|
|
|
// who has access to this session.
|
|
|
|
|
// Rotate, when a user leaves the room and share, when a user gets added.
|
2021-07-17 01:27:37 +02:00
|
|
|
SharedWithUsers currently;
|
2019-12-14 23:39:02 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
void
|
2021-07-17 01:27:37 +02:00
|
|
|
to_json(nlohmann::json &obj, const GroupSessionData &msg);
|
2019-12-14 23:39:02 +01:00
|
|
|
void
|
2021-07-17 01:27:37 +02:00
|
|
|
from_json(const nlohmann::json &obj, GroupSessionData &msg);
|
2019-12-14 23:39:02 +01:00
|
|
|
|
|
|
|
|
struct OutboundGroupSessionDataRef
|
|
|
|
|
{
|
2020-11-27 04:56:44 +01:00
|
|
|
mtx::crypto::OutboundGroupSessionPtr session;
|
2021-07-17 01:27:37 +02:00
|
|
|
GroupSessionData data;
|
2019-12-14 23:39:02 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct DevicePublicKeys
|
|
|
|
|
{
|
|
|
|
|
std::string ed25519;
|
|
|
|
|
std::string curve25519;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
to_json(nlohmann::json &obj, const DevicePublicKeys &msg);
|
|
|
|
|
void
|
|
|
|
|
from_json(const nlohmann::json &obj, DevicePublicKeys &msg);
|
|
|
|
|
|
|
|
|
|
//! Represents a unique megolm session identifier.
|
|
|
|
|
struct MegolmSessionIndex
|
|
|
|
|
{
|
|
|
|
|
//! The room in which this session exists.
|
|
|
|
|
std::string room_id;
|
|
|
|
|
//! The session_id of the megolm session.
|
|
|
|
|
std::string session_id;
|
|
|
|
|
//! The curve25519 public key of the sender.
|
|
|
|
|
std::string sender_key;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
to_json(nlohmann::json &obj, const MegolmSessionIndex &msg);
|
|
|
|
|
void
|
|
|
|
|
from_json(const nlohmann::json &obj, MegolmSessionIndex &msg);
|
|
|
|
|
|
2020-10-20 13:46:05 +02:00
|
|
|
struct StoredOlmSession
|
|
|
|
|
{
|
|
|
|
|
std::uint64_t last_message_ts = 0;
|
|
|
|
|
std::string pickled_session;
|
|
|
|
|
};
|
|
|
|
|
void
|
|
|
|
|
to_json(nlohmann::json &obj, const StoredOlmSession &msg);
|
|
|
|
|
void
|
|
|
|
|
from_json(const nlohmann::json &obj, StoredOlmSession &msg);
|
|
|
|
|
|
2020-10-07 23:03:14 +02:00
|
|
|
//! Verification status of a single user
|
|
|
|
|
struct VerificationStatus
|
|
|
|
|
{
|
|
|
|
|
//! True, if the users master key is verified
|
2021-05-07 12:19:46 +02:00
|
|
|
crypto::Trust user_verified = crypto::Trust::Unverified;
|
2020-10-07 23:03:14 +02:00
|
|
|
//! List of all devices marked as verified
|
2021-08-13 23:13:09 +02:00
|
|
|
std::set<std::string> verified_devices;
|
2021-05-07 12:19:46 +02:00
|
|
|
//! Map from sender key/curve25519 to trust status
|
|
|
|
|
std::map<std::string, crypto::Trust> verified_device_keys;
|
2021-08-13 23:13:09 +02:00
|
|
|
//! Count of unverified devices
|
|
|
|
|
int unverified_device_count = 0;
|
2021-08-14 02:41:34 +02:00
|
|
|
// if the keys are not in cache
|
|
|
|
|
bool no_keys = false;
|
2020-10-07 23:03:14 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
//! In memory cache of verification status
|
|
|
|
|
struct VerificationStorage
|
|
|
|
|
{
|
|
|
|
|
//! mapping of user to verification status
|
|
|
|
|
std::map<std::string, VerificationStatus> status;
|
|
|
|
|
std::mutex verification_storage_mtx;
|
|
|
|
|
};
|
|
|
|
|
|
2020-07-06 18:02:21 +02:00
|
|
|
// this will store the keys of the user with whom a encrypted room is shared with
|
2020-10-02 01:14:42 +02:00
|
|
|
struct UserKeyCache
|
2020-06-28 17:31:34 +02:00
|
|
|
{
|
2020-10-02 01:14:42 +02:00
|
|
|
//! Device id to device keys
|
|
|
|
|
std::map<std::string, mtx::crypto::DeviceKeys> device_keys;
|
2021-05-07 17:01:03 +02:00
|
|
|
//! cross signing keys
|
2020-10-02 01:14:42 +02:00
|
|
|
mtx::crypto::CrossSigningKeys master_keys, user_signing_keys, self_signing_keys;
|
|
|
|
|
//! Sync token when nheko last fetched the keys
|
|
|
|
|
std::string updated_at;
|
|
|
|
|
//! Sync token when the keys last changed. updated != last_changed means they are outdated.
|
|
|
|
|
std::string last_changed;
|
2021-05-07 17:01:03 +02:00
|
|
|
//! if the master key has ever changed
|
|
|
|
|
bool master_key_changed = false;
|
|
|
|
|
//! Device keys that were already used at least once
|
|
|
|
|
std::set<std::string> seen_device_keys;
|
2021-07-17 01:27:37 +02:00
|
|
|
//! Device ids that were already used at least once
|
|
|
|
|
std::set<std::string> seen_device_ids;
|
2020-06-28 17:31:34 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
void
|
2020-10-02 01:14:42 +02:00
|
|
|
to_json(nlohmann::json &j, const UserKeyCache &info);
|
2020-06-28 17:31:34 +02:00
|
|
|
void
|
2020-10-02 01:14:42 +02:00
|
|
|
from_json(const nlohmann::json &j, UserKeyCache &info);
|
2020-06-28 17:31:34 +02:00
|
|
|
|
2020-07-06 18:02:21 +02:00
|
|
|
// the reason these are stored in a seperate cache rather than storing it in the user cache is
|
2020-10-02 01:14:42 +02:00
|
|
|
// UserKeyCache stores only keys of users with which encrypted room is shared
|
|
|
|
|
struct VerificationCache
|
2020-06-28 17:31:34 +02:00
|
|
|
{
|
|
|
|
|
//! list of verified device_ids with device-verification
|
2021-08-13 23:13:09 +02:00
|
|
|
std::set<std::string> device_verified;
|
2020-07-06 18:02:21 +02:00
|
|
|
//! list of devices the user blocks
|
2021-08-13 23:13:09 +02:00
|
|
|
std::set<std::string> device_blocked;
|
2020-06-28 17:31:34 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
void
|
2020-10-02 01:14:42 +02:00
|
|
|
to_json(nlohmann::json &j, const VerificationCache &info);
|
2020-06-28 17:31:34 +02:00
|
|
|
void
|
2020-10-02 01:14:42 +02:00
|
|
|
from_json(const nlohmann::json &j, VerificationCache &info);
|
