mobile/element-android
mobile/element-android
1
0
Fork 0
mirror of https://github.com/element-hq/element-android synced 2024-10-04 15:21:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Introduce CryptoCrossSigningKeys container

Browse source
This commit is contained in:
Benoit Marty 2023-01-03 16:16:17 +01:00
parent 4c4ef0d73e
commit 02e7157206
5 changed files with 52 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/crosssigning/CryptoCrossSigningKeys.kt Normal file
View file

@ -0,0 +1,26 @@
/*
* Copyright 2023 The Matrix.org Foundation C.I.C.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.matrix.android.sdk.api.session.crypto.crosssigning
/**
* Container for the three cross signing keys: master, self signing and user signing.
*/
data class CryptoCrossSigningKeys(
val masterKey: CryptoCrossSigningKey?,
val selfSigningKey: CryptoCrossSigningKey?,
val userSigningKey: CryptoCrossSigningKey?,
)

7
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt
View file

@ -24,6 +24,7 @@ import org.matrix.android.sdk.api.MatrixPatterns
import org.matrix.android.sdk.api.auth.data.Credentials import org.matrix.android.sdk.api.auth.data.Credentials
import org.matrix.android.sdk.api.extensions.measureMetric import org.matrix.android.sdk.api.extensions.measureMetric
import org.matrix.android.sdk.api.metrics.DownloadDeviceKeysMetricsPlugin import org.matrix.android.sdk.api.metrics.DownloadDeviceKeysMetricsPlugin
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
@ -419,7 +420,11 @@ internal class DeviceListManager @Inject constructor(
val userSigningKey = response.userSigningKeys?.get(userId)?.toCryptoModel()?.also { val userSigningKey = response.userSigningKeys?.get(userId)?.toCryptoModel()?.also {
Timber.v("## CRYPTO | CrossSigning : Got keys for $userId : USK ${it.unpaddedBase64PublicKey}") Timber.v("## CRYPTO | CrossSigning : Got keys for $userId : USK ${it.unpaddedBase64PublicKey}")
} }
userDataToStore.userCrossSigningKeys[userId] = Triple(masterKey, selfSigningKey, userSigningKey) userDataToStore.userCrossSigningKeys[userId] = CryptoCrossSigningKeys(
masterKey = masterKey,
selfSigningKey = selfSigningKey,
userSigningKey = userSigningKey
)
} }
cryptoStore.storeUserDataToStore(userDataToStore) cryptoStore.storeUserDataToStore(userDataToStore)

5
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
View file

@ -23,6 +23,7 @@ import org.matrix.android.sdk.api.session.crypto.NewSessionListener
import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo
import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo
import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
@ -235,9 +236,7 @@ internal interface IMXCryptoStore {
fun storeUserCrossSigningKeys( fun storeUserCrossSigningKeys(
userId: String, userId: String,
masterKey: CryptoCrossSigningKey?, cryptoCrossSigningKeys: CryptoCrossSigningKeys
selfSigningKey: CryptoCrossSigningKey?,
userSigningKey: CryptoCrossSigningKey?
) )
/** /**

4
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/UserDataToStore.kt
View file

@ -16,10 +16,10 @@
package org.matrix.android.sdk.internal.crypto.store package org.matrix.android.sdk.internal.crypto.store
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
internal data class UserDataToStore( internal data class UserDataToStore(
val userDevices: MutableMap<String, Map<String, CryptoDeviceInfo>> = mutableMapOf(), val userDevices: MutableMap<String, Map<String, CryptoDeviceInfo>> = mutableMapOf(),
val userCrossSigningKeys: MutableMap<String, Triple<CryptoCrossSigningKey?, CryptoCrossSigningKey?, CryptoCrossSigningKey?>> = mutableMapOf(), val userCrossSigningKeys: MutableMap<String, CryptoCrossSigningKeys> = mutableMapOf(),
) )

36
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
View file

@ -33,7 +33,7 @@ import org.matrix.android.sdk.api.session.crypto.GlobalCryptoConfig
import org.matrix.android.sdk.api.session.crypto.NewSessionListener import org.matrix.android.sdk.api.session.crypto.NewSessionListener
import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo
import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo
import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
@ -332,25 +332,21 @@ internal class RealmCryptoStore @Inject constructor(
override fun storeUserCrossSigningKeys( override fun storeUserCrossSigningKeys(
userId: String, userId: String,
masterKey: CryptoCrossSigningKey?, cryptoCrossSigningKeys: CryptoCrossSigningKeys,
selfSigningKey: CryptoCrossSigningKey?,
userSigningKey: CryptoCrossSigningKey?
) { ) {
doRealmTransaction("storeUserCrossSigningKeys", realmConfiguration) { realm -> doRealmTransaction("storeUserCrossSigningKeys", realmConfiguration) { realm ->
storeUserCrossSigningKeys(realm, userId, masterKey, selfSigningKey, userSigningKey) storeUserCrossSigningKeys(realm, userId, cryptoCrossSigningKeys)
} }
} }
private fun storeUserCrossSigningKeys( private fun storeUserCrossSigningKeys(
realm: Realm, realm: Realm,
userId: String, userId: String,
masterKey: CryptoCrossSigningKey?, keys: CryptoCrossSigningKeys,
selfSigningKey: CryptoCrossSigningKey?,
userSigningKey: CryptoCrossSigningKey?
) { ) {
UserEntity.getOrCreate(realm, userId) UserEntity.getOrCreate(realm, userId)
.let { userEntity -> .let { userEntity ->
if (masterKey == null || selfSigningKey == null) { if (keys.masterKey == null || keys.selfSigningKey == null) {
// The user has disabled cross signing? // The user has disabled cross signing?
userEntity.crossSigningInfoEntity?.deleteOnCascade() userEntity.crossSigningInfoEntity?.deleteOnCascade()
userEntity.crossSigningInfoEntity = null userEntity.crossSigningInfoEntity = null
@ -359,11 +355,11 @@ internal class RealmCryptoStore @Inject constructor(
CrossSigningInfoEntity.getOrCreate(realm, userId).let { signingInfo -> CrossSigningInfoEntity.getOrCreate(realm, userId).let { signingInfo ->
// What should we do if we detect a change of the keys? // What should we do if we detect a change of the keys?
val existingMaster = signingInfo.getMasterKey() val existingMaster = signingInfo.getMasterKey()
if (existingMaster != null && existingMaster.publicKeyBase64 == masterKey.unpaddedBase64PublicKey) { if (existingMaster != null && existingMaster.publicKeyBase64 == keys.masterKey.unpaddedBase64PublicKey) {
crossSigningKeysMapper.update(existingMaster, masterKey) crossSigningKeysMapper.update(existingMaster, keys.masterKey)
} else { } else {
Timber.d("## CrossSigning MSK change for $userId") Timber.d("## CrossSigning MSK change for $userId")
val keyEntity = crossSigningKeysMapper.map(masterKey) val keyEntity = crossSigningKeysMapper.map(keys.masterKey)
signingInfo.setMasterKey(keyEntity) signingInfo.setMasterKey(keyEntity)
if (userId == this.userId) { if (userId == this.userId) {
shouldResetMyDevicesLocalTrust = true shouldResetMyDevicesLocalTrust = true
@ -378,11 +374,11 @@ internal class RealmCryptoStore @Inject constructor(
} }
val existingSelfSigned = signingInfo.getSelfSignedKey() val existingSelfSigned = signingInfo.getSelfSignedKey()
if (existingSelfSigned != null && existingSelfSigned.publicKeyBase64 == selfSigningKey.unpaddedBase64PublicKey) { if (existingSelfSigned != null && existingSelfSigned.publicKeyBase64 == keys.selfSigningKey.unpaddedBase64PublicKey) {
crossSigningKeysMapper.update(existingSelfSigned, selfSigningKey) crossSigningKeysMapper.update(existingSelfSigned, keys.selfSigningKey)
} else { } else {
Timber.d("## CrossSigning SSK change for $userId") Timber.d("## CrossSigning SSK change for $userId")
val keyEntity = crossSigningKeysMapper.map(selfSigningKey) val keyEntity = crossSigningKeysMapper.map(keys.selfSigningKey)
signingInfo.setSelfSignedKey(keyEntity) signingInfo.setSelfSignedKey(keyEntity)
if (userId == this.userId) { if (userId == this.userId) {
shouldResetMyDevicesLocalTrust = true shouldResetMyDevicesLocalTrust = true
@ -394,13 +390,13 @@ internal class RealmCryptoStore @Inject constructor(
} }
// Only for me // Only for me
if (userSigningKey != null) { if (keys.userSigningKey != null) {
val existingUSK = signingInfo.getUserSigningKey() val existingUSK = signingInfo.getUserSigningKey()
if (existingUSK != null && existingUSK.publicKeyBase64 == userSigningKey.unpaddedBase64PublicKey) { if (existingUSK != null && existingUSK.publicKeyBase64 == keys.userSigningKey.unpaddedBase64PublicKey) {
crossSigningKeysMapper.update(existingUSK, userSigningKey) crossSigningKeysMapper.update(existingUSK, keys.userSigningKey)
} else { } else {
Timber.d("## CrossSigning USK change for $userId") Timber.d("## CrossSigning USK change for $userId")
val keyEntity = crossSigningKeysMapper.map(userSigningKey) val keyEntity = crossSigningKeysMapper.map(keys.userSigningKey)
signingInfo.setUserSignedKey(keyEntity) signingInfo.setUserSignedKey(keyEntity)
if (userId == this.userId) { if (userId == this.userId) {
shouldResetMyDevicesLocalTrust = true shouldResetMyDevicesLocalTrust = true
@ -1862,7 +1858,7 @@ internal class RealmCryptoStore @Inject constructor(
storeUserDevices(realm, it.key, it.value) storeUserDevices(realm, it.key, it.value)
} }
userDataToStore.userCrossSigningKeys.forEach { userDataToStore.userCrossSigningKeys.forEach {
storeUserCrossSigningKeys(realm, it.key, it.value.first, it.value.second, it.value.third) storeUserCrossSigningKeys(realm, it.key, it.value)
} }
} }
} }