Commit d036b0f6 authored by Philipp Hörist's avatar Philipp Hörist

[omemo] Move secret data into own table

parent cfaa259a
...@@ -29,7 +29,8 @@ class DeviceManager: ...@@ -29,7 +29,8 @@ class DeviceManager:
reg_id = self._storage.getLocalRegistrationId() reg_id = self._storage.getLocalRegistrationId()
if reg_id is None: if reg_id is None:
raise ValueError('No own device found') raise ValueError('No own device found')
self.__own_device = (reg_id % 2147483646) + 1
self.__own_device = reg_id
self.add_device(self._own_jid, self.__own_device) self.add_device(self._own_jid, self.__own_device)
self._log.info('Our device id: %s', self.__own_device) self._log.info('Our device id: %s', self.__own_device)
......
...@@ -95,7 +95,7 @@ class LiteAxolotlStore(AxolotlStore): ...@@ -95,7 +95,7 @@ class LiteAxolotlStore(AxolotlStore):
def _generate_axolotl_keys(self): def _generate_axolotl_keys(self):
identity_key_pair = KeyHelper.generateIdentityKeyPair() identity_key_pair = KeyHelper.generateIdentityKeyPair()
registration_id = KeyHelper.generateRegistrationId() registration_id = KeyHelper.getRandomSequence(max=2147483647)
pre_keys = KeyHelper.generatePreKeys(KeyHelper.getRandomSequence(), pre_keys = KeyHelper.generatePreKeys(KeyHelper.getRandomSequence(),
DEFAULT_PREKEY_AMOUNT) DEFAULT_PREKEY_AMOUNT)
self.storeLocalData(registration_id, identity_key_pair) self.storeLocalData(registration_id, identity_key_pair)
...@@ -115,9 +115,12 @@ class LiteAxolotlStore(AxolotlStore): ...@@ -115,9 +115,12 @@ class LiteAxolotlStore(AxolotlStore):
if self.user_version() == 0: if self.user_version() == 0:
create_tables = ''' create_tables = '''
CREATE TABLE IF NOT EXISTS secret (
device_id INTEGER, public_key BLOB, private_key BLOB);
CREATE TABLE IF NOT EXISTS identities ( CREATE TABLE IF NOT EXISTS identities (
_id INTEGER PRIMARY KEY AUTOINCREMENT, recipient_id TEXT, _id INTEGER PRIMARY KEY AUTOINCREMENT, recipient_id TEXT,
registration_id INTEGER, public_key BLOB, private_key BLOB, registration_id INTEGER, public_key BLOB,
timestamp INTEGER, trust INTEGER, timestamp INTEGER, trust INTEGER,
shown INTEGER DEFAULT 0); shown INTEGER DEFAULT 0);
...@@ -145,7 +148,7 @@ class LiteAxolotlStore(AxolotlStore): ...@@ -145,7 +148,7 @@ class LiteAxolotlStore(AxolotlStore):
create_db_sql = """ create_db_sql = """
BEGIN TRANSACTION; BEGIN TRANSACTION;
%s %s
PRAGMA user_version=5; PRAGMA user_version=6;
END TRANSACTION; END TRANSACTION;
""" % (create_tables) """ % (create_tables)
self._con.executescript(create_db_sql) self._con.executescript(create_db_sql)
...@@ -218,6 +221,26 @@ class LiteAxolotlStore(AxolotlStore): ...@@ -218,6 +221,26 @@ class LiteAxolotlStore(AxolotlStore):
END TRANSACTION; END TRANSACTION;
""" % (add_timestamp)) """ % (add_timestamp))
if self.user_version() < 6:
# Move secret data into own table
# We add +1 to registration id because we did that in other code in
# earlier versions. On this migration we correct this mistake now.
move = """
CREATE TABLE IF NOT EXISTS secret (
device_id INTEGER, public_key BLOB, private_key BLOB);
INSERT INTO secret (device_id, public_key, private_key)
SELECT registration_id + 1, public_key, private_key
FROM identities
WHERE recipient_id = -1;
"""
self._con.executescript(
""" BEGIN TRANSACTION;
%s
PRAGMA user_version=6;
END TRANSACTION;
""" % move)
def loadSignedPreKey(self, signedPreKeyId): def loadSignedPreKey(self, signedPreKeyId):
query = 'SELECT record FROM signed_prekeys WHERE prekey_id = ?' query = 'SELECT record FROM signed_prekeys WHERE prekey_id = ?'
result = self._con.execute(query, (signedPreKeyId, )).fetchone() result = self._con.execute(query, (signedPreKeyId, )).fetchone()
...@@ -416,25 +439,31 @@ class LiteAxolotlStore(AxolotlStore): ...@@ -416,25 +439,31 @@ class LiteAxolotlStore(AxolotlStore):
def getIdentityKeyPair(self): def getIdentityKeyPair(self):
query = '''SELECT public_key as "public_key [pk]", private_key query = '''SELECT public_key as "public_key [pk]", private_key
FROM identities WHERE recipient_id = -1''' FROM secret LIMIT 1'''
result = self._con.execute(query).fetchone() result = self._con.execute(query).fetchone()
return IdentityKeyPair(result.public_key, return IdentityKeyPair(result.public_key,
DjbECPrivateKey(result.private_key)) DjbECPrivateKey(result.private_key))
def getLocalRegistrationId(self): def getLocalRegistrationId(self):
query = 'SELECT registration_id FROM identities WHERE recipient_id = -1' query = 'SELECT device_id FROM secret LIMIT 1'
result = self._con.execute(query).fetchone() result = self._con.execute(query).fetchone()
return result.registration_id if result is not None else None return result.device_id if result is not None else None
def storeLocalData(self, registrationId, identityKeyPair): def storeLocalData(self, device_id, identityKeyPair):
query = '''INSERT INTO identities( query = 'SELECT * FROM secret'
recipient_id, registration_id, public_key, private_key) result = self._con.execute(query).fetchone()
VALUES(-1, ?, ?, ?)''' if result is not None:
self._log.error('Trying to save secret key into '
'non-empty secret table')
return
query = '''INSERT INTO secret(device_id, public_key, private_key)
VALUES(?, ?, ?)'''
public_key = identityKeyPair.getPublicKey().getPublicKey().serialize() public_key = identityKeyPair.getPublicKey().getPublicKey().serialize()
private_key = identityKeyPair.getPrivateKey().serialize() private_key = identityKeyPair.getPrivateKey().serialize()
self._con.execute(query, (registrationId, public_key, private_key)) self._con.execute(query, (device_id, public_key, private_key))
self._con.commit() self._con.commit()
def saveIdentity(self, recipientId, identityKey): def saveIdentity(self, recipientId, identityKey):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment