mirror of
https://github.com/vector-im/element-android
synced 2024-07-05 17:08:42 +00:00
Introduce CryptoCrossSigningKeys container
This commit is contained in:
Benoit Marty
parent
4c4ef0d73e
commit
02e7157206
|
|
@ -0,0 +1,26 @@
|
|||
/*
|
||||
* Copyright 2023 The Matrix.org Foundation C.I.C.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.matrix.android.sdk.api.session.crypto.crosssigning
|
||||
|
||||
/**
|
||||
* Container for the three cross signing keys: master, self signing and user signing.
|
||||
*/
|
||||
data class CryptoCrossSigningKeys(
|
||||
val masterKey: CryptoCrossSigningKey?,
|
||||
val selfSigningKey: CryptoCrossSigningKey?,
|
||||
val userSigningKey: CryptoCrossSigningKey?,
|
||||
)
|
||||
|
|
@ -24,6 +24,7 @@ import org.matrix.android.sdk.api.MatrixPatterns
|
|||
import org.matrix.android.sdk.api.auth.data.Credentials
|
||||
import org.matrix.android.sdk.api.extensions.measureMetric
|
||||
import org.matrix.android.sdk.api.metrics.DownloadDeviceKeysMetricsPlugin
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
|
||||
import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
|
||||
|
|
@ -419,7 +420,11 @@ internal class DeviceListManager @Inject constructor(
|
|||
val userSigningKey = response.userSigningKeys?.get(userId)?.toCryptoModel()?.also {
|
||||
Timber.v("## CRYPTO | CrossSigning : Got keys for $userId : USK ${it.unpaddedBase64PublicKey}")
|
||||
}
|
||||
userDataToStore.userCrossSigningKeys[userId] = Triple(masterKey, selfSigningKey, userSigningKey)
|
||||
userDataToStore.userCrossSigningKeys[userId] = CryptoCrossSigningKeys(
|
||||
masterKey = masterKey,
|
||||
selfSigningKey = selfSigningKey,
|
||||
userSigningKey = userSigningKey
|
||||
)
|
||||
}
|
||||
|
||||
cryptoStore.storeUserDataToStore(userDataToStore)
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ import org.matrix.android.sdk.api.session.crypto.NewSessionListener
|
|||
import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
|
||||
import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
|
||||
|
|
@ -235,9 +236,7 @@ internal interface IMXCryptoStore {
|
|||
|
||||
fun storeUserCrossSigningKeys(
|
||||
userId: String,
|
||||
masterKey: CryptoCrossSigningKey?,
|
||||
selfSigningKey: CryptoCrossSigningKey?,
|
||||
userSigningKey: CryptoCrossSigningKey?
|
||||
cryptoCrossSigningKeys: CryptoCrossSigningKeys
|
||||
)
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -16,10 +16,10 @@
|
|||
|
||||
package org.matrix.android.sdk.internal.crypto.store
|
||||
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
|
||||
import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
|
||||
|
||||
internal data class UserDataToStore(
|
||||
val userDevices: MutableMap<String, Map<String, CryptoDeviceInfo>> = mutableMapOf(),
|
||||
val userCrossSigningKeys: MutableMap<String, Triple<CryptoCrossSigningKey?, CryptoCrossSigningKey?, CryptoCrossSigningKey?>> = mutableMapOf(),
|
||||
val userCrossSigningKeys: MutableMap<String, CryptoCrossSigningKeys> = mutableMapOf(),
|
||||
)
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ import org.matrix.android.sdk.api.session.crypto.GlobalCryptoConfig
|
|||
import org.matrix.android.sdk.api.session.crypto.NewSessionListener
|
||||
import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
|
||||
import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo
|
||||
import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
|
||||
|
|
@ -332,25 +332,21 @@ internal class RealmCryptoStore @Inject constructor(
|
|||
|
||||
override fun storeUserCrossSigningKeys(
|
||||
userId: String,
|
||||
masterKey: CryptoCrossSigningKey?,
|
||||
selfSigningKey: CryptoCrossSigningKey?,
|
||||
userSigningKey: CryptoCrossSigningKey?
|
||||
cryptoCrossSigningKeys: CryptoCrossSigningKeys,
|
||||
) {
|
||||
doRealmTransaction("storeUserCrossSigningKeys", realmConfiguration) { realm ->
|
||||
storeUserCrossSigningKeys(realm, userId, masterKey, selfSigningKey, userSigningKey)
|
||||
storeUserCrossSigningKeys(realm, userId, cryptoCrossSigningKeys)
|
||||
}
|
||||
}
|
||||
|
||||
private fun storeUserCrossSigningKeys(
|
||||
realm: Realm,
|
||||
userId: String,
|
||||
masterKey: CryptoCrossSigningKey?,
|
||||
selfSigningKey: CryptoCrossSigningKey?,
|
||||
userSigningKey: CryptoCrossSigningKey?
|
||||
keys: CryptoCrossSigningKeys,
|
||||
) {
|
||||
UserEntity.getOrCreate(realm, userId)
|
||||
.let { userEntity ->
|
||||
if (masterKey == null || selfSigningKey == null) {
|
||||
if (keys.masterKey == null || keys.selfSigningKey == null) {
|
||||
// The user has disabled cross signing?
|
||||
userEntity.crossSigningInfoEntity?.deleteOnCascade()
|
||||
userEntity.crossSigningInfoEntity = null
|
||||
|
|
@ -359,11 +355,11 @@ internal class RealmCryptoStore @Inject constructor(
|
|||
CrossSigningInfoEntity.getOrCreate(realm, userId).let { signingInfo ->
|
||||
// What should we do if we detect a change of the keys?
|
||||
val existingMaster = signingInfo.getMasterKey()
|
||||
if (existingMaster != null && existingMaster.publicKeyBase64 == masterKey.unpaddedBase64PublicKey) {
|
||||
crossSigningKeysMapper.update(existingMaster, masterKey)
|
||||
if (existingMaster != null && existingMaster.publicKeyBase64 == keys.masterKey.unpaddedBase64PublicKey) {
|
||||
crossSigningKeysMapper.update(existingMaster, keys.masterKey)
|
||||
} else {
|
||||
Timber.d("## CrossSigning MSK change for $userId")
|
||||
val keyEntity = crossSigningKeysMapper.map(masterKey)
|
||||
val keyEntity = crossSigningKeysMapper.map(keys.masterKey)
|
||||
signingInfo.setMasterKey(keyEntity)
|
||||
if (userId == this.userId) {
|
||||
shouldResetMyDevicesLocalTrust = true
|
||||
|
|
@ -378,11 +374,11 @@ internal class RealmCryptoStore @Inject constructor(
|
|||
}
|
||||
|
||||
val existingSelfSigned = signingInfo.getSelfSignedKey()
|
||||
if (existingSelfSigned != null && existingSelfSigned.publicKeyBase64 == selfSigningKey.unpaddedBase64PublicKey) {
|
||||
crossSigningKeysMapper.update(existingSelfSigned, selfSigningKey)
|
||||
if (existingSelfSigned != null && existingSelfSigned.publicKeyBase64 == keys.selfSigningKey.unpaddedBase64PublicKey) {
|
||||
crossSigningKeysMapper.update(existingSelfSigned, keys.selfSigningKey)
|
||||
} else {
|
||||
Timber.d("## CrossSigning SSK change for $userId")
|
||||
val keyEntity = crossSigningKeysMapper.map(selfSigningKey)
|
||||
val keyEntity = crossSigningKeysMapper.map(keys.selfSigningKey)
|
||||
signingInfo.setSelfSignedKey(keyEntity)
|
||||
if (userId == this.userId) {
|
||||
shouldResetMyDevicesLocalTrust = true
|
||||
|
|
@ -394,13 +390,13 @@ internal class RealmCryptoStore @Inject constructor(
|
|||
}
|
||||
|
||||
// Only for me
|
||||
if (userSigningKey != null) {
|
||||
if (keys.userSigningKey != null) {
|
||||
val existingUSK = signingInfo.getUserSigningKey()
|
||||
if (existingUSK != null && existingUSK.publicKeyBase64 == userSigningKey.unpaddedBase64PublicKey) {
|
||||
crossSigningKeysMapper.update(existingUSK, userSigningKey)
|
||||
if (existingUSK != null && existingUSK.publicKeyBase64 == keys.userSigningKey.unpaddedBase64PublicKey) {
|
||||
crossSigningKeysMapper.update(existingUSK, keys.userSigningKey)
|
||||
} else {
|
||||
Timber.d("## CrossSigning USK change for $userId")
|
||||
val keyEntity = crossSigningKeysMapper.map(userSigningKey)
|
||||
val keyEntity = crossSigningKeysMapper.map(keys.userSigningKey)
|
||||
signingInfo.setUserSignedKey(keyEntity)
|
||||
if (userId == this.userId) {
|
||||
shouldResetMyDevicesLocalTrust = true
|
||||
|
|
@ -1862,7 +1858,7 @@ internal class RealmCryptoStore @Inject constructor(
|
|||
storeUserDevices(realm, it.key, it.value)
|
||||
}
|
||||
userDataToStore.userCrossSigningKeys.forEach {
|
||||
storeUserCrossSigningKeys(realm, it.key, it.value.first, it.value.second, it.value.third)
|
||||
storeUserCrossSigningKeys(realm, it.key, it.value)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user