Skip to content

GitLab

Commit 7783864f authored by Philipp Hörist's avatar Philipp Hörist
Browse files

[omemo] Save trust of message to database

parent 19e3ab9b
Hide whitespace changes
Inline Side-by-side
Showing with 35 additions and 48 deletions
omemo/backend/liteaxolotlstore.py
View file @ 7783864f
......@@ -532,7 +532,7 @@ class LiteAxolotlStore(AxolotlStore):
def getTrustedFingerprints(self, jid):
query = '''SELECT public_key as "public_key [pk]" FROM identities
WHERE recipient_id = ? AND trust = ?'''
result = self._con.execute(query, (jid, Trust.TRUSTED)).fetchall()
result = self._con.execute(query, (jid, Trust.VERIFIED)).fetchall()
return [row.public_key for row in result]
def getNewFingerprints(self, jid):
......@@ -560,7 +560,7 @@ class LiteAxolotlStore(AxolotlStore):
return False
identity_key = record.getSessionState().getRemoteIdentityKey()
return self.getTrustForIdentity(
recipient_id, identity_key) == Trust.TRUSTED
recipient_id, identity_key) == Trust.VERIFIED
def isUntrustedIdentity(self, recipient_id, identity_key):
return self.getTrustForIdentity(
......
omemo/backend/state.py
View file @ 7783864f
......@@ -40,6 +40,7 @@ from omemo.backend.devices import DeviceManager
from omemo.backend.devices import NoDevicesFound
from omemo.backend.liteaxolotlstore import LiteAxolotlStore
from omemo.backend.util import get_fingerprint
from omemo.backend.util import Trust
from omemo.backend.util import DEFAULT_PREKEY_AMOUNT
from omemo.backend.util import MIN_PREKEY_AMOUNT
from omemo.backend.util import SPK_CYCLE_TIME
......@@ -129,16 +130,12 @@ class OmemoState(DeviceManager):
try:
if prekey:
key, fingerprint = self._process_pre_key_message(
key, fingerprint, trust = self._process_pre_key_message(
jid, omemo_message.sid, encrypted_key)
else:
key, fingerprint = self._process_message(
key, fingerprint, trust = self._process_message(
jid, omemo_message.sid, encrypted_key)
except SenderNotTrusted:
self._log.info('Sender not trusted, ignore message')
raise
except DuplicateMessageException:
self._log.info('Received duplicated message')
raise DuplicateMessage
......@@ -153,7 +150,7 @@ class OmemoState(DeviceManager):
result = aes_decrypt(key, omemo_message.iv, omemo_message.payload)
self._log.debug("Decrypted Message => %s", result)
return result, fingerprint
return result, fingerprint, trust
def _get_whisper_message(self, jid, device, key):
cipher = self._get_session_cipher(jid, device)
......@@ -253,8 +250,8 @@ class OmemoState(DeviceManager):
'without PreKey => %s' % jid)
identity_key = pre_key_message.getIdentityKey()
if self._storage.isUntrustedIdentity(jid, identity_key):
raise SenderNotTrusted
trust = self._storage.getTrustForIdentity(jid, identity_key)
trust = Trust(trust) if trust is not None else Trust.UNDECIDED
session_cipher = self._get_session_cipher(jid, device)
......@@ -266,7 +263,7 @@ class OmemoState(DeviceManager):
self.xmpp_con.set_bundle()
self.add_device(jid, device)
return key, fingerprint
return key, fingerprint, trust
def _process_message(self, jid, device, key):
message = WhisperMessage(serialized=key)
......@@ -278,15 +275,15 @@ class OmemoState(DeviceManager):
session_record = self._storage.loadSession(jid, device)
identity_key = session_record.getSessionState().getRemoteIdentityKey()
if self._storage.isUntrustedIdentity(jid, identity_key):
raise SenderNotTrusted
trust = self._storage.getTrustForIdentity(jid, identity_key)
trust = Trust(trust) if trust is not None else Trust.UNDECIDED
fingerprint = get_fingerprint(identity_key)
self._storage.setIdentityLastSeen(jid, identity_key)
self.add_device(jid, device)
return key, fingerprint
return key, fingerprint, trust
def _check_pre_key_count(self):
# Check if enough PreKeys are available
......@@ -350,7 +347,3 @@ class InvalidMessage(Exception):
class DuplicateMessage(Exception):
pass
class SenderNotTrusted(Exception):
pass
omemo/backend/util.py
View file @ 7783864f
......@@ -30,7 +30,7 @@ UNACKNOWLEDGED_COUNT = 300
class Trust(IntEnum):
UNTRUSTED = 0
TRUSTED = 1
VERIFIED = 1
UNDECIDED = 2
......
omemo/gtk/key.py
View file @ 7783864f
......@@ -19,20 +19,19 @@ import time
import locale
import logging
import tempfile
from distutils.version import LooseVersion as V
from pkg_resources import get_distribution
from gi.repository import Gtk
from gi.repository import GdkPixbuf
from pkg_resources import get_distribution
from distutils.version import LooseVersion as V
from gajim.common import app
from gajim.plugins.plugins_i18n import _
from gajim.plugins.helpers import get_builder
from omemo.gtk.util import DialogButton, ButtonAction
from omemo.gtk.util import NewConfirmationDialog
from omemo.gtk.util import Trust
from omemo.backend.util import Trust
from omemo.backend.util import IdentityKeyExtended
from omemo.backend.util import get_fingerprint
......@@ -40,15 +39,15 @@ log = logging.getLogger('gajim.p.omemo')
TRUST_DATA = {
Trust.NOT_TRUSTED: ('dialog-error-symbolic',
_('Not Trusted'),
'error-color'),
Trust.UNKNOWN: ('security-low-symbolic',
_('Not Decided'),
'warning-color'),
Trust.UNTRUSTED: ('dialog-error-symbolic',
_('Untrusted'),
'error-color'),
Trust.UNDECIDED: ('security-low-symbolic',
_('Not Decided'),
'warning-color'),
Trust.VERIFIED: ('security-high-symbolic',
_('Trusted'),
'success-color')
_('Verified'),
'encrypted-color')
}
......@@ -358,7 +357,7 @@ class TrustPopver(Gtk.Popover):
self._listbox.set_selection_mode(Gtk.SelectionMode.NONE)
if row.trust != Trust.VERIFIED:
self._listbox.add(VerifiedOption())
if row.trust != Trust.NOT_TRUSTED:
if row.trust != Trust.UNTRUSTED:
self._listbox.add(NotTrustedOption())
self._listbox.add(DeleteOption())
self.add(self._listbox)
......@@ -380,7 +379,7 @@ class TrustPopver(Gtk.Popover):
self._listbox.foreach(self._listbox.remove)
if self._row.trust != Trust.VERIFIED:
self._listbox.add(VerifiedOption())
if self._row.trust != Trust.NOT_TRUSTED:
if self._row.trust != Trust.UNTRUSTED:
self._listbox.add(NotTrustedOption())
self._listbox.add(DeleteOption())
......@@ -406,8 +405,8 @@ class VerifiedOption(MenuOption):
type_ = Trust.VERIFIED
icon = 'security-high-symbolic'
label = _('Trusted')
color = 'success-color'
label = _('Verified')
color = 'encrypted-color'
def __init__(self):
MenuOption.__init__(self)
......@@ -415,9 +414,9 @@ class VerifiedOption(MenuOption):
class NotTrustedOption(MenuOption):
type_ = Trust.NOT_TRUSTED
type_ = Trust.UNTRUSTED
icon = 'dialog-error-symbolic'
label = _('Not Trusted')
label = _('Untrusted')
color = 'error-color'
def __init__(self):
......
omemo/gtk/util.py
View file @ 7783864f
......@@ -30,12 +30,6 @@ class ButtonAction(Enum):
SUGGESTED = 'suggested-action'
class Trust(IntEnum):
NOT_TRUSTED = 0
VERIFIED = 1
UNKNOWN = 2
class NewConfirmationDialog(Gtk.MessageDialog):
def __init__(self, text, sec_text, buttons, transient_for=None):
Gtk.MessageDialog.__init__(self,
......
omemo/modules/omemo.py
View file @ 7783864f
......@@ -35,6 +35,7 @@ from gajim.common import helpers
from gajim.common import configpaths
from gajim.common.nec import NetworkEvent
from gajim.common.const import EncryptionData
from gajim.common.const import Trust as GajimTrust
from gajim.common.modules.base import BaseModule
from gajim.common.modules.util import event_node
......@@ -46,7 +47,6 @@ from omemo.backend.state import SelfMessage
from omemo.backend.state import MessageNotForDevice
from omemo.backend.state import DecryptionFailed
from omemo.backend.state import DuplicateMessage
from omemo.backend.state import SenderNotTrusted
from omemo.modules.util import prepare_stanza
......@@ -218,9 +218,9 @@ class OMEMO(BaseModule):
self._log.info('Message received from: %s', from_jid)
try:
plaintext, fingerprint = self.backend.decrypt_message(
plaintext, fingerprint, trust = self.backend.decrypt_message(
properties.omemo, from_jid)
except (KeyExchangeMessage, DuplicateMessage, SenderNotTrusted):
except (KeyExchangeMessage, DuplicateMessage):
raise NodeProcessed
except SelfMessage:
......@@ -241,7 +241,8 @@ class OMEMO(BaseModule):
prepare_stanza(stanza, plaintext)
self._debug_print_stanza(stanza)
properties.encrypted = EncryptionData({'name': ENCRYPTION_NAME,
'fingerprint': fingerprint})
'fingerprint': fingerprint,
'trust': GajimTrust[trust.name]})
def _process_muc_message(self, properties):
room_jid = properties.jid.getBare()
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment