From 9d2177afe24401821aae6df925b8ca09fa0765d8 Mon Sep 17 00:00:00 2001 From: Nicolas Werner Date: Thu, 17 Dec 2020 03:16:06 +0100 Subject: [PATCH] Request secrets after verification --- src/DeviceVerificationFlow.cpp | 8 +++ src/Olm.cpp | 105 +++++++++++++++++---------------- 2 files changed, 61 insertions(+), 52 deletions(-) diff --git a/src/DeviceVerificationFlow.cpp b/src/DeviceVerificationFlow.cpp index 1ffb8b3e..f692629e 100644 --- a/src/DeviceVerificationFlow.cpp +++ b/src/DeviceVerificationFlow.cpp @@ -761,6 +761,14 @@ DeviceVerificationFlow::acceptDevice() cache::markDeviceVerified(this->toClient.to_string(), this->deviceId.toStdString()); this->sendVerificationDone(); setState(Success); + + // Request secrets. We should probably check somehow, if a device knowns about the + // secrets. + if (utils::localUser().toStdString() == this->toClient.to_string() && + (!cache::secret(mtx::secret_storage::secrets::cross_signing_self_signing) || + !cache::secret(mtx::secret_storage::secrets::cross_signing_user_signing))) { + olm::request_cross_signing_keys(); + } } } diff --git a/src/Olm.cpp b/src/Olm.cpp index 9dd4705e..82a61fba 100644 --- a/src/Olm.cpp +++ b/src/Olm.cpp @@ -50,6 +50,54 @@ client() return client_.get(); } +static void +handle_secret_request(const mtx::events::DeviceEvent *e, + const std::string &sender) +{ + using namespace mtx::events; + + if (e->content.action != mtx::events::msg::RequestAction::Request) + return; + + auto local_user = http::client()->user_id(); + + if (sender != local_user.to_string()) + return; + + auto verificationStatus = cache::verificationStatus(local_user.to_string()); + + if (!verificationStatus) + return; + + auto deviceKeys = cache::userKeys(local_user.to_string()); + if (!deviceKeys) + return; + + if (std::find(verificationStatus->verified_devices.begin(), + verificationStatus->verified_devices.end(), + e->content.requesting_device_id) == + verificationStatus->verified_devices.end()) + return; + + // this is a verified device + mtx::events::DeviceEvent secretSend; + secretSend.type = EventType::SecretSend; + secretSend.content.request_id = e->content.request_id; + + auto secret = cache::client()->secret(e->content.name); + if (!secret) + return; + secretSend.content.secret = secret.value(); + + send_encrypted_to_device_messages( + {{local_user.to_string(), {{e->content.requesting_device_id}}}}, secretSend); + + nhlog::net()->info("Sent secret '{}' to ({},{})", + e->content.name, + local_user.to_string(), + e->content.requesting_device_id); +} + void handle_to_device_messages(const std::vector &msgs) { @@ -134,6 +182,10 @@ handle_to_device_messages(const std::vector>( msg); ChatPage::instance()->receivedDeviceVerificationDone(message.content); + } else if (auto e = + std::get_if>( + &msg)) { + handle_secret_request(e, e->sender); } else { nhlog::crypto()->warn("unhandled event: {}", j_msg.dump(2)); } @@ -296,58 +348,7 @@ handle_olm_message(const OlmMessage &msg) } else if (auto e = std::get_if>(&device_event)) { - if (e->content.action != mtx::events::msg::RequestAction::Request) - continue; - - auto local_user = http::client()->user_id(); - - if (msg.sender != local_user.to_string()) - continue; - - auto verificationStatus = - cache::verificationStatus(local_user.to_string()); - - if (!verificationStatus) - continue; - - auto deviceKeys = cache::userKeys(local_user.to_string()); - if (!deviceKeys) - continue; - - for (auto &[dev, key] : deviceKeys->device_keys) { - if (key.keys["curve25519:" + dev] == msg.sender_key) { - if (std::find( - verificationStatus->verified_devices.begin(), - verificationStatus->verified_devices.end(), - dev) == - verificationStatus->verified_devices.end()) - break; - - // this is a verified device - mtx::events::DeviceEvent< - mtx::events::msg::SecretSend> - secretSend; - secretSend.type = EventType::SecretSend; - secretSend.content.request_id = - e->content.request_id; - - auto secret = - cache::client()->secret(e->content.name); - if (!secret) - break; - - secretSend.content.secret = secret.value(); - - send_encrypted_to_device_messages( - {{local_user.to_string(), {{dev}}}}, secretSend); - - nhlog::net()->info("Sent secret to ({},{})", - local_user.to_string(), - dev); - - break; - } - } + handle_secret_request(e, msg.sender); } return;