Skip to content

Commit

Permalink
Updating keys of outdated encrypted users
Browse files Browse the repository at this point in the history
  • Loading branch information
Chethan2k1 committed Jul 7, 2020
1 parent fcbff88 commit eb80360
Show file tree
Hide file tree
Showing 7 changed files with 89 additions and 32 deletions.
56 changes: 46 additions & 10 deletions src/Cache.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,10 @@

#include "Cache.h"
#include "Cache_p.h"
#include "ChatPage.h"
#include "EventAccessors.h"
#include "Logging.h"
#include "MatrixClient.h"
#include "Utils.h"

//! Should be changed when a breaking change occurs in the cache format.
Expand Down Expand Up @@ -954,6 +956,8 @@ Cache::saveState(const mtx::responses::Sync &res)

savePresence(txn, res.presence);

updateUserCache(res.device_lists);

removeLeftRooms(txn, res.rooms.leave);

txn.commit();
Expand Down Expand Up @@ -2318,17 +2322,13 @@ Cache::statusMessage(const std::string &user_id)
void
to_json(json &j, const UserCache &info)
{
j["is_user_verified"] = info.is_user_verified;
j["cross_verified"] = info.cross_verified;
j["keys"] = info.keys;
j["keys"] = info.keys;
}

void
from_json(const json &j, UserCache &info)
{
info.is_user_verified = j.at("is_user_verified");
info.cross_verified = j.at("cross_verified").get<std::vector<std::string>>();
info.keys = j.at("keys").get<mtx::responses::QueryKeys>();
info.keys = j.at("keys").get<mtx::responses::QueryKeys>();
}

std::optional<UserCache>
Expand Down Expand Up @@ -2365,6 +2365,32 @@ Cache::setUserCache(const std::string &user_id, const UserCache &body)
return res;
}

void
Cache::updateUserCache(const mtx::responses::DeviceLists body)
{
for (auto user_id : body.changed) {
mtx::requests::QueryKeys req;
req.device_keys[user_id] = {};

http::client()->query_keys(
req,
[user_id, this](const mtx::responses::QueryKeys res, mtx::http::RequestErr err) {
if (err) {
nhlog::net()->warn("failed to query device keys: {},{}",
err->matrix_error.errcode,
static_cast<int>(err->status_code));
return;
}

setUserCache(user_id, UserCache{std::move(res)});
});
}

for (std::string user_id : body.left) {
deleteUserCache(user_id);
}
}

int
Cache::deleteUserCache(const std::string &user_id)
{
Expand All @@ -2380,15 +2406,19 @@ Cache::deleteUserCache(const std::string &user_id)
void
to_json(json &j, const DeviceVerifiedCache &info)
{
j["device_verified"] = info.device_verified;
j["device_blocked"] = info.device_blocked;
j["is_user_verified"] = info.is_user_verified;
j["cross_verified"] = info.cross_verified;
j["device_verified"] = info.device_verified;
j["device_blocked"] = info.device_blocked;
}

void
from_json(const json &j, DeviceVerifiedCache &info)
{
info.device_verified = j.at("device_verified").get<std::vector<std::string>>();
info.device_blocked = j.at("device_blocked").get<std::vector<std::string>>();
info.is_user_verified = j.at("is_user_verified");
info.cross_verified = j.at("cross_verified").get<std::vector<std::string>>();
info.device_verified = j.at("device_verified").get<std::vector<std::string>>();
info.device_blocked = j.at("device_blocked").get<std::vector<std::string>>();
}

std::optional<DeviceVerifiedCache>
Expand Down Expand Up @@ -2611,6 +2641,12 @@ getUserCache(const std::string &user_id)
return instance_->getUserCache(user_id);
}

void
updateUserCache(const mtx::responses::DeviceLists body)
{
instance_->updateUserCache(body);
}

int
setUserCache(const std::string &user_id, const UserCache &body)
{
Expand Down
3 changes: 3 additions & 0 deletions src/Cache.h
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,9 @@ statusMessage(const std::string &user_id);
std::optional<UserCache>
getUserCache(const std::string &user_id);

void
updateUserCache(const mtx::responses::DeviceLists body);

int
setUserCache(const std::string &user_id, const UserCache &body);

Expand Down
29 changes: 25 additions & 4 deletions src/CacheCryptoStructs.h
Original file line number Diff line number Diff line change
Expand Up @@ -66,26 +66,47 @@ struct OlmSessionStorage
std::mutex group_inbound_mtx;
};

// this will store the keys of the user with whom a encrypted room is shared with
struct UserCache
{
//! this stores if the user is verified (with cross-signing)
bool is_user_verified = false;
//! list of verified device_ids with cross-signing
std::vector<std::string> cross_verified;
//! map of public key key_ids and their public_key
mtx::responses::QueryKeys keys;

UserCache(mtx::responses::QueryKeys res)
: keys(res)
{}
UserCache() {}
};

void
to_json(nlohmann::json &j, const UserCache &info);
void
from_json(const nlohmann::json &j, UserCache &info);

// the reason these are stored in a seperate cache rather than storing it in the user cache is
// UserCache stores only keys of users with which encrypted room is shared
struct DeviceVerifiedCache
{
//! list of verified device_ids with device-verification
std::vector<std::string> device_verified;
//! list of verified device_ids with cross-signing
std::vector<std::string> cross_verified;
//! list of devices the user blocks
std::vector<std::string> device_blocked;
//! this stores if the user is verified (with cross-signing)
bool is_user_verified = false;

DeviceVerifiedCache(std::vector<std::string> device_verified_,
std::vector<std::string> cross_verified_,
std::vector<std::string> device_blocked_,
bool is_user_verified_ = false)
: device_verified(device_verified_)
, cross_verified(cross_verified_)
, device_blocked(device_blocked_)
, is_user_verified(is_user_verified_)
{}

DeviceVerifiedCache() {}
};

void
Expand Down
5 changes: 3 additions & 2 deletions src/Cache_p.h
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ class Cache : public QObject

// user cache stores user keys
std::optional<UserCache> getUserCache(const std::string &user_id);
void updateUserCache(const mtx::responses::DeviceLists body);
int setUserCache(const std::string &user_id, const UserCache &body);
int deleteUserCache(const std::string &user_id);

Expand Down Expand Up @@ -454,12 +455,12 @@ class Cache : public QObject

lmdb::dbi getUserCacheDb(lmdb::txn &txn)
{
return lmdb::dbi::open(txn, std::string("user_cache").c_str(), MDB_CREATE);
return lmdb::dbi::open(txn, "user_cache", MDB_CREATE);
}

lmdb::dbi getDeviceVerifiedDb(lmdb::txn &txn)
{
return lmdb::dbi::open(txn, std::string("verified").c_str(), MDB_CREATE);
return lmdb::dbi::open(txn, "verified", MDB_CREATE);
}

//! Retrieves or creates the database that stores the open OLM sessions between our device
Expand Down
8 changes: 4 additions & 4 deletions src/DeviceVerificationFlow.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -477,7 +477,7 @@ DeviceVerificationFlow::cancelVerification(DeviceVerificationFlow::Error error_c
} else {
cache::setVerifiedCache(
this->userId.toStdString(),
DeviceVerifiedCache{{}, {this->deviceId.toStdString()}});
DeviceVerifiedCache{{}, {}, {this->deviceId.toStdString()}});
}
this->deleteLater();
});
Expand Down Expand Up @@ -564,8 +564,9 @@ DeviceVerificationFlow::acceptDevice()
}
cache::setVerifiedCache(this->userId.toStdString(), verified_cache.value());
} else {
cache::setVerifiedCache(this->userId.toStdString(),
DeviceVerifiedCache{{this->deviceId.toStdString()}, {}});
cache::setVerifiedCache(
this->userId.toStdString(),
DeviceVerifiedCache{{this->deviceId.toStdString()}, {}, {}});
}

emit deviceVerified();
Expand Down Expand Up @@ -616,5 +617,4 @@ DeviceVerificationFlow::unverify()
}

emit refreshProfile();
this->deleteLater();
}
17 changes: 7 additions & 10 deletions src/ui/UserProfile.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -77,8 +77,7 @@ UserProfile::avatarUrl()
void
UserProfile::callback_fn(const mtx::responses::QueryKeys &res,
mtx::http::RequestErr err,
std::string user_id,
std::optional<std::vector<std::string>> cross_verified)
std::string user_id)
{
if (err) {
nhlog::net()->warn("failed to query device keys: {},{}",
Expand All @@ -101,16 +100,15 @@ UserProfile::callback_fn(const mtx::responses::QueryKeys &res,

// TODO: Verify signatures and ignore those that don't pass.
verification::Status verified = verification::Status::UNVERIFIED;
if (cross_verified.has_value()) {
if (std::find(cross_verified->begin(), cross_verified->end(), d.first) !=
cross_verified->end())
if (device_verified.has_value()) {
if (std::find(device_verified->cross_verified.begin(),
device_verified->cross_verified.end(),
d.first) != device_verified->cross_verified.end())
verified = verification::Status::VERIFIED;
} else if (device_verified.has_value()) {
if (std::find(device_verified->device_verified.begin(),
device_verified->device_verified.end(),
d.first) != device_verified->device_verified.end())
verified = verification::Status::VERIFIED;
} else if (device_verified.has_value()) {
if (std::find(device_verified->device_blocked.begin(),
device_verified->device_blocked.end(),
d.first) != device_verified->device_blocked.end())
Expand Down Expand Up @@ -138,16 +136,15 @@ UserProfile::fetchDeviceList(const QString &userID)
auto user_cache = cache::getUserCache(userID.toStdString());

if (user_cache.has_value()) {
this->callback_fn(
user_cache->keys, {}, userID.toStdString(), user_cache->cross_verified);
this->callback_fn(user_cache->keys, {}, userID.toStdString());
} else {
mtx::requests::QueryKeys req;
req.device_keys[userID.toStdString()] = {};
http::client()->query_keys(
req,
[user_id = userID.toStdString(), this](const mtx::responses::QueryKeys &res,
mtx::http::RequestErr err) {
this->callback_fn(res, err, user_id, {});
this->callback_fn(res, err, user_id);
});
}
}
Expand Down
3 changes: 1 addition & 2 deletions src/ui/UserProfile.h
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,5 @@ class UserProfile : public QObject

void callback_fn(const mtx::responses::QueryKeys &res,
mtx::http::RequestErr err,
std::string user_id,
std::optional<std::vector<std::string>> cross_verified);
std::string user_id);
};

0 comments on commit eb80360

Please sign in to comment.