narayana/conversations-classic
3
2
Fork 0
Code Issues 3 Pull requests 2 Actions Packages Projects Releases 4 Wiki Activity

explicitly mark verified omemo keys in UI

Browse source
This commit is contained in:
Daniel Gultsch 2015-10-31 10:57:57 +01:00
parent b9de159e97
commit bca29cf7fd
7 changed files with 48 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
View file

@ -311,6 +311,8 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
expiredDevices.removeAll(deviceIds); expiredDevices.removeAll(deviceIds);
setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.TRUSTED, setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.TRUSTED,
XmppAxolotlSession.Trust.INACTIVE_TRUSTED); XmppAxolotlSession.Trust.INACTIVE_TRUSTED);
setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.TRUSTED_X509,
XmppAxolotlSession.Trust.INACTIVE_TRUSTED_X509);
setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.UNDECIDED, setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.UNDECIDED,
XmppAxolotlSession.Trust.INACTIVE_UNDECIDED); XmppAxolotlSession.Trust.INACTIVE_UNDECIDED);
setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.UNTRUSTED, setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.UNTRUSTED,
@ -318,6 +320,8 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
Set<Integer> newDevices = new HashSet<>(deviceIds); Set<Integer> newDevices = new HashSet<>(deviceIds);
setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_TRUSTED, setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_TRUSTED,
XmppAxolotlSession.Trust.TRUSTED); XmppAxolotlSession.Trust.TRUSTED);
setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_TRUSTED_X509,
XmppAxolotlSession.Trust.TRUSTED_X509);
setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_UNDECIDED, setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_UNDECIDED,
XmppAxolotlSession.Trust.UNDECIDED); XmppAxolotlSession.Trust.UNDECIDED);
setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_UNTRUSTED, setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_UNTRUSTED,
@ -592,7 +596,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
try { try {
mXmppConnectionService.getMemorizingTrustManager().getNonInteractive().checkClientTrusted(verification.first, "RSA"); mXmppConnectionService.getMemorizingTrustManager().getNonInteractive().checkClientTrusted(verification.first, "RSA");
Log.d(Config.LOGTAG, "verified session with x.509 signature. fingerprint was: "+session.getFingerprint()); Log.d(Config.LOGTAG, "verified session with x.509 signature. fingerprint was: "+session.getFingerprint());
setFingerprintTrust(session.getFingerprint(), XmppAxolotlSession.Trust.TRUSTED); setFingerprintTrust(session.getFingerprint(), XmppAxolotlSession.Trust.TRUSTED_X509);
fetchStatusMap.put(address, FetchStatus.SUCCESS_VERIFIED); fetchStatusMap.put(address, FetchStatus.SUCCESS_VERIFIED);
finishBuildingSessionsFromPEP(address); finishBuildingSessionsFromPEP(address);
return; return;

28
src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java
View file

@ -40,7 +40,9 @@ public class XmppAxolotlSession {
COMPROMISED(3), COMPROMISED(3),
INACTIVE_TRUSTED(4), INACTIVE_TRUSTED(4),
INACTIVE_UNDECIDED(5), INACTIVE_UNDECIDED(5),
INACTIVE_UNTRUSTED(6); INACTIVE_UNTRUSTED(6),
TRUSTED_X509(7),
INACTIVE_TRUSTED_X509(8);
private static final Map<Integer, Trust> trustsByValue = new HashMap<>(); private static final Map<Integer, Trust> trustsByValue = new HashMap<>();
@ -74,6 +76,10 @@ public class XmppAxolotlSession {
return "Inactive (Undecided)" + getCode(); return "Inactive (Undecided)" + getCode();
case INACTIVE_UNTRUSTED: case INACTIVE_UNTRUSTED:
return "Inactive (Untrusted)" + getCode(); return "Inactive (Untrusted)" + getCode();
case TRUSTED_X509:
return "Trusted (X509) " + getCode();
case INACTIVE_TRUSTED_X509:
return "Inactive (Trusted (X509)) " + getCode();
case UNTRUSTED: case UNTRUSTED:
default: default:
return "Untrusted " + getCode(); return "Untrusted " + getCode();
@ -87,6 +93,14 @@ public class XmppAxolotlSession {
public static Trust fromCode(int code) { public static Trust fromCode(int code) {
return trustsByValue.get(code); return trustsByValue.get(code);
} }
public boolean trusted() {
return this == TRUSTED_X509 || this == TRUSTED;
}
public boolean trustedInactive() {
return this == INACTIVE_TRUSTED_X509 || this == INACTIVE_TRUSTED;
}
} }
public XmppAxolotlSession(Account account, SQLiteAxolotlStore store, AxolotlAddress remoteAddress, String fingerprint) { public XmppAxolotlSession(Account account, SQLiteAxolotlStore store, AxolotlAddress remoteAddress, String fingerprint) {
@ -144,6 +158,8 @@ public class XmppAxolotlSession {
case UNDECIDED: case UNDECIDED:
case UNTRUSTED: case UNTRUSTED:
case TRUSTED: case TRUSTED:
case INACTIVE_TRUSTED_X509:
case TRUSTED_X509:
try { try {
try { try {
PreKeyWhisperMessage message = new PreKeyWhisperMessage(encryptedKey); PreKeyWhisperMessage message = new PreKeyWhisperMessage(encryptedKey);
@ -169,8 +185,12 @@ public class XmppAxolotlSession {
Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error decrypting axolotl header, " + e.getClass().getName() + ": " + e.getMessage()); Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error decrypting axolotl header, " + e.getClass().getName() + ": " + e.getMessage());
} }
if (plaintext != null && trust == Trust.INACTIVE_TRUSTED) { if (plaintext != null) {
setTrust(Trust.TRUSTED); if (trust == Trust.INACTIVE_TRUSTED) {
setTrust(Trust.TRUSTED);
} else if (trust == Trust.INACTIVE_TRUSTED_X509) {
setTrust(Trust.TRUSTED_X509);
}
} }
break; break;
@ -186,7 +206,7 @@ public class XmppAxolotlSession {
@Nullable @Nullable
public byte[] processSending(@NonNull byte[] outgoingMessage) { public byte[] processSending(@NonNull byte[] outgoingMessage) {
Trust trust = getTrust(); Trust trust = getTrust();
if (trust == Trust.TRUSTED) { if (trust.trusted()) {
CiphertextMessage ciphertextMessage = cipher.encrypt(outgoingMessage); CiphertextMessage ciphertextMessage = cipher.encrypt(outgoingMessage);
return ciphertextMessage.serialize(); return ciphertextMessage.serialize();
} else { } else {

4
src/main/java/eu/siacs/conversations/entities/Message.java
View file

@ -716,8 +716,8 @@ public class Message extends AbstractEntity {
} }
public boolean isTrusted() { public boolean isTrusted() {
return conversation.getAccount().getAxolotlService().getFingerprintTrust(axolotlFingerprint) XmppAxolotlSession.Trust t = conversation.getAccount().getAxolotlService().getFingerprintTrust(axolotlFingerprint);
== XmppAxolotlSession.Trust.TRUSTED; return t != null && t.trusted();
} }
private int getPreviousEncryption() { private int getPreviousEncryption() {

5
src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java
View file

@ -962,12 +962,13 @@ public class DatabaseBackend extends SQLiteOpenHelper {
String[] args = { String[] args = {
account.getUuid(), account.getUuid(),
name, name,
String.valueOf(XmppAxolotlSession.Trust.TRUSTED.getCode()) String.valueOf(XmppAxolotlSession.Trust.TRUSTED.getCode()),
String.valueOf(XmppAxolotlSession.Trust.TRUSTED_X509.getCode())
}; };
return DatabaseUtils.queryNumEntries(db, SQLiteAxolotlStore.IDENTITIES_TABLENAME, return DatabaseUtils.queryNumEntries(db, SQLiteAxolotlStore.IDENTITIES_TABLENAME,
SQLiteAxolotlStore.ACCOUNT + " = ?" SQLiteAxolotlStore.ACCOUNT + " = ?"
+ " AND " + SQLiteAxolotlStore.NAME + " = ?" + " AND " + SQLiteAxolotlStore.NAME + " = ?"
+ " AND " + SQLiteAxolotlStore.TRUSTED + " = ?", + " AND (" + SQLiteAxolotlStore.TRUSTED + " = ? OR "+SQLiteAxolotlStore.TRUSTED+ " = ?)",
args args
); );
} }

17
src/main/java/eu/siacs/conversations/ui/XmppActivity.java
View file

@ -674,12 +674,16 @@ public abstract class XmppActivity extends Activity {
return true; return true;
} }
}); });
boolean x509 = trust == XmppAxolotlSession.Trust.TRUSTED_X509 || trust == XmppAxolotlSession.Trust.INACTIVE_TRUSTED_X509;
switch (trust) { switch (trust) {
case UNTRUSTED: case UNTRUSTED:
case TRUSTED: case TRUSTED:
trustToggle.setChecked(trust == XmppAxolotlSession.Trust.TRUSTED, false); case TRUSTED_X509:
trustToggle.setEnabled(true); trustToggle.setChecked(trust.trusted(), false);
trustToggle.setEnabled(trust != XmppAxolotlSession.Trust.TRUSTED_X509);
if (trust == XmppAxolotlSession.Trust.TRUSTED_X509) {
trustToggle.setOnClickListener(null);
}
key.setTextColor(getPrimaryTextColor()); key.setTextColor(getPrimaryTextColor());
keyType.setTextColor(getSecondaryTextColor()); keyType.setTextColor(getSecondaryTextColor());
break; break;
@ -698,6 +702,7 @@ public abstract class XmppActivity extends Activity {
keyType.setTextColor(getTertiaryTextColor()); keyType.setTextColor(getTertiaryTextColor());
break; break;
case INACTIVE_TRUSTED: case INACTIVE_TRUSTED:
case INACTIVE_TRUSTED_X509:
trustToggle.setOnClickListener(null); trustToggle.setOnClickListener(null);
trustToggle.setChecked(true, false); trustToggle.setChecked(true, false);
trustToggle.setEnabled(false); trustToggle.setEnabled(false);
@ -707,15 +712,15 @@ public abstract class XmppActivity extends Activity {
} }
if (showTag) { if (showTag) {
keyType.setText(getString(R.string.omemo_fingerprint)); keyType.setText(getString(x509 ? R.string.omemo_fingerprint_x509 : R.string.omemo_fingerprint));
} else { } else {
keyType.setVisibility(View.GONE); keyType.setVisibility(View.GONE);
} }
if (highlight) { if (highlight) {
keyType.setTextColor(getResources().getColor(R.color.accent)); keyType.setTextColor(getResources().getColor(R.color.accent));
keyType.setText(getString(R.string.omemo_fingerprint_selected_message)); keyType.setText(getString(x509 ? R.string.omemo_fingerprint_x509_selected_message : R.string.omemo_fingerprint_selected_message));
} else { } else {
keyType.setText(getString(R.string.omemo_fingerprint)); keyType.setText(getString(x509 ? R.string.omemo_fingerprint_x509 : R.string.omemo_fingerprint));
} }
key.setText(CryptoHelper.prettifyFingerprint(fingerprint)); key.setText(CryptoHelper.prettifyFingerprint(fingerprint));

2
src/main/java/eu/siacs/conversations/ui/adapter/MessageAdapter.java
View file

@ -185,7 +185,7 @@ public class MessageAdapter extends ArrayAdapter<Message> {
.getAccount().getAxolotlService().getFingerprintTrust( .getAccount().getAxolotlService().getFingerprintTrust(
message.getAxolotlFingerprint()); message.getAxolotlFingerprint());
if(trust == null || trust != XmppAxolotlSession.Trust.TRUSTED) { if(trust == null || (!trust.trusted() && !trust.trustedInactive())) {
viewHolder.indicator.setColorFilter(activity.getWarningTextColor()); viewHolder.indicator.setColorFilter(activity.getWarningTextColor());
viewHolder.indicator.setAlpha(1.0f); viewHolder.indicator.setAlpha(1.0f);
} else { } else {

2
src/main/res/values/strings.xml
View file

@ -211,7 +211,9 @@
<string name="your_fingerprint">Your fingerprint</string> <string name="your_fingerprint">Your fingerprint</string>
<string name="otr_fingerprint">OTR fingerprint</string> <string name="otr_fingerprint">OTR fingerprint</string>
<string name="omemo_fingerprint">OMEMO fingerprint</string> <string name="omemo_fingerprint">OMEMO fingerprint</string>
<string name="omemo_fingerprint_x509">OMEMO fingerprint (X509 verified)</string>
<string name="omemo_fingerprint_selected_message">OMEMO fingerprint of message</string> <string name="omemo_fingerprint_selected_message">OMEMO fingerprint of message</string>
<string name="omemo_fingerprint_x509_selected_message">OMEMO fingerprint (X509 verified) of message</string>
<string name="this_device_omemo_fingerprint">Own OMEMO fingerprint</string> <string name="this_device_omemo_fingerprint">Own OMEMO fingerprint</string>
<string name="other_devices">Other devices</string> <string name="other_devices">Other devices</string>
<string name="trust_omemo_fingerprints">Trust OMEMO Fingerprints</string> <string name="trust_omemo_fingerprints">Trust OMEMO Fingerprints</string>