From 7783864f99d1dd45e345c346ed103bfbed471cd8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philipp=20H=C3=B6rist?= Date: Wed, 20 Mar 2019 12:45:10 +0100 Subject: [PATCH] [omemo] Save trust of message to database --- omemo/backend/liteaxolotlstore.py | 4 ++-- omemo/backend/state.py | 27 +++++++++------------- omemo/backend/util.py | 2 +- omemo/gtk/key.py | 37 +++++++++++++++---------------- omemo/gtk/util.py | 6 ----- omemo/modules/omemo.py | 9 ++++---- 6 files changed, 36 insertions(+), 49 deletions(-) diff --git a/omemo/backend/liteaxolotlstore.py b/omemo/backend/liteaxolotlstore.py index 50bd2b8..985aeb7 100644 --- a/omemo/backend/liteaxolotlstore.py +++ b/omemo/backend/liteaxolotlstore.py @@ -532,7 +532,7 @@ class LiteAxolotlStore(AxolotlStore): def getTrustedFingerprints(self, jid): query = '''SELECT public_key as "public_key [pk]" FROM identities WHERE recipient_id = ? AND trust = ?''' - result = self._con.execute(query, (jid, Trust.TRUSTED)).fetchall() + result = self._con.execute(query, (jid, Trust.VERIFIED)).fetchall() return [row.public_key for row in result] def getNewFingerprints(self, jid): @@ -560,7 +560,7 @@ class LiteAxolotlStore(AxolotlStore): return False identity_key = record.getSessionState().getRemoteIdentityKey() return self.getTrustForIdentity( - recipient_id, identity_key) == Trust.TRUSTED + recipient_id, identity_key) == Trust.VERIFIED def isUntrustedIdentity(self, recipient_id, identity_key): return self.getTrustForIdentity( diff --git a/omemo/backend/state.py b/omemo/backend/state.py index 612d0c9..e3a34c0 100644 --- a/omemo/backend/state.py +++ b/omemo/backend/state.py @@ -40,6 +40,7 @@ from omemo.backend.devices import DeviceManager from omemo.backend.devices import NoDevicesFound from omemo.backend.liteaxolotlstore import LiteAxolotlStore from omemo.backend.util import get_fingerprint +from omemo.backend.util import Trust from omemo.backend.util import DEFAULT_PREKEY_AMOUNT from omemo.backend.util import MIN_PREKEY_AMOUNT from omemo.backend.util import SPK_CYCLE_TIME @@ -129,16 +130,12 @@ class OmemoState(DeviceManager): try: if prekey: - key, fingerprint = self._process_pre_key_message( + key, fingerprint, trust = self._process_pre_key_message( jid, omemo_message.sid, encrypted_key) else: - key, fingerprint = self._process_message( + key, fingerprint, trust = self._process_message( jid, omemo_message.sid, encrypted_key) - except SenderNotTrusted: - self._log.info('Sender not trusted, ignore message') - raise - except DuplicateMessageException: self._log.info('Received duplicated message') raise DuplicateMessage @@ -153,7 +150,7 @@ class OmemoState(DeviceManager): result = aes_decrypt(key, omemo_message.iv, omemo_message.payload) self._log.debug("Decrypted Message => %s", result) - return result, fingerprint + return result, fingerprint, trust def _get_whisper_message(self, jid, device, key): cipher = self._get_session_cipher(jid, device) @@ -253,8 +250,8 @@ class OmemoState(DeviceManager): 'without PreKey => %s' % jid) identity_key = pre_key_message.getIdentityKey() - if self._storage.isUntrustedIdentity(jid, identity_key): - raise SenderNotTrusted + trust = self._storage.getTrustForIdentity(jid, identity_key) + trust = Trust(trust) if trust is not None else Trust.UNDECIDED session_cipher = self._get_session_cipher(jid, device) @@ -266,7 +263,7 @@ class OmemoState(DeviceManager): self.xmpp_con.set_bundle() self.add_device(jid, device) - return key, fingerprint + return key, fingerprint, trust def _process_message(self, jid, device, key): message = WhisperMessage(serialized=key) @@ -278,15 +275,15 @@ class OmemoState(DeviceManager): session_record = self._storage.loadSession(jid, device) identity_key = session_record.getSessionState().getRemoteIdentityKey() - if self._storage.isUntrustedIdentity(jid, identity_key): - raise SenderNotTrusted + trust = self._storage.getTrustForIdentity(jid, identity_key) + trust = Trust(trust) if trust is not None else Trust.UNDECIDED fingerprint = get_fingerprint(identity_key) self._storage.setIdentityLastSeen(jid, identity_key) self.add_device(jid, device) - return key, fingerprint + return key, fingerprint, trust def _check_pre_key_count(self): # Check if enough PreKeys are available @@ -350,7 +347,3 @@ class InvalidMessage(Exception): class DuplicateMessage(Exception): pass - - -class SenderNotTrusted(Exception): - pass diff --git a/omemo/backend/util.py b/omemo/backend/util.py index 8fd008b..f63801c 100644 --- a/omemo/backend/util.py +++ b/omemo/backend/util.py @@ -30,7 +30,7 @@ UNACKNOWLEDGED_COUNT = 300 class Trust(IntEnum): UNTRUSTED = 0 - TRUSTED = 1 + VERIFIED = 1 UNDECIDED = 2 diff --git a/omemo/gtk/key.py b/omemo/gtk/key.py index 2b6959e..2d5e58a 100644 --- a/omemo/gtk/key.py +++ b/omemo/gtk/key.py @@ -19,12 +19,11 @@ import time import locale import logging import tempfile - -from gi.repository import Gtk -from gi.repository import GdkPixbuf +from distutils.version import LooseVersion as V from pkg_resources import get_distribution -from distutils.version import LooseVersion as V +from gi.repository import Gtk +from gi.repository import GdkPixbuf from gajim.common import app from gajim.plugins.plugins_i18n import _ @@ -32,7 +31,7 @@ from gajim.plugins.helpers import get_builder from omemo.gtk.util import DialogButton, ButtonAction from omemo.gtk.util import NewConfirmationDialog -from omemo.gtk.util import Trust +from omemo.backend.util import Trust from omemo.backend.util import IdentityKeyExtended from omemo.backend.util import get_fingerprint @@ -40,15 +39,15 @@ log = logging.getLogger('gajim.p.omemo') TRUST_DATA = { - Trust.NOT_TRUSTED: ('dialog-error-symbolic', - _('Not Trusted'), - 'error-color'), - Trust.UNKNOWN: ('security-low-symbolic', - _('Not Decided'), - 'warning-color'), + Trust.UNTRUSTED: ('dialog-error-symbolic', + _('Untrusted'), + 'error-color'), + Trust.UNDECIDED: ('security-low-symbolic', + _('Not Decided'), + 'warning-color'), Trust.VERIFIED: ('security-high-symbolic', - _('Trusted'), - 'success-color') + _('Verified'), + 'encrypted-color') } @@ -358,7 +357,7 @@ class TrustPopver(Gtk.Popover): self._listbox.set_selection_mode(Gtk.SelectionMode.NONE) if row.trust != Trust.VERIFIED: self._listbox.add(VerifiedOption()) - if row.trust != Trust.NOT_TRUSTED: + if row.trust != Trust.UNTRUSTED: self._listbox.add(NotTrustedOption()) self._listbox.add(DeleteOption()) self.add(self._listbox) @@ -380,7 +379,7 @@ class TrustPopver(Gtk.Popover): self._listbox.foreach(self._listbox.remove) if self._row.trust != Trust.VERIFIED: self._listbox.add(VerifiedOption()) - if self._row.trust != Trust.NOT_TRUSTED: + if self._row.trust != Trust.UNTRUSTED: self._listbox.add(NotTrustedOption()) self._listbox.add(DeleteOption()) @@ -406,8 +405,8 @@ class VerifiedOption(MenuOption): type_ = Trust.VERIFIED icon = 'security-high-symbolic' - label = _('Trusted') - color = 'success-color' + label = _('Verified') + color = 'encrypted-color' def __init__(self): MenuOption.__init__(self) @@ -415,9 +414,9 @@ class VerifiedOption(MenuOption): class NotTrustedOption(MenuOption): - type_ = Trust.NOT_TRUSTED + type_ = Trust.UNTRUSTED icon = 'dialog-error-symbolic' - label = _('Not Trusted') + label = _('Untrusted') color = 'error-color' def __init__(self): diff --git a/omemo/gtk/util.py b/omemo/gtk/util.py index e32168b..44ff2cf 100644 --- a/omemo/gtk/util.py +++ b/omemo/gtk/util.py @@ -30,12 +30,6 @@ class ButtonAction(Enum): SUGGESTED = 'suggested-action' -class Trust(IntEnum): - NOT_TRUSTED = 0 - VERIFIED = 1 - UNKNOWN = 2 - - class NewConfirmationDialog(Gtk.MessageDialog): def __init__(self, text, sec_text, buttons, transient_for=None): Gtk.MessageDialog.__init__(self, diff --git a/omemo/modules/omemo.py b/omemo/modules/omemo.py index 1355071..ab77353 100644 --- a/omemo/modules/omemo.py +++ b/omemo/modules/omemo.py @@ -35,6 +35,7 @@ from gajim.common import helpers from gajim.common import configpaths from gajim.common.nec import NetworkEvent from gajim.common.const import EncryptionData +from gajim.common.const import Trust as GajimTrust from gajim.common.modules.base import BaseModule from gajim.common.modules.util import event_node @@ -46,7 +47,6 @@ from omemo.backend.state import SelfMessage from omemo.backend.state import MessageNotForDevice from omemo.backend.state import DecryptionFailed from omemo.backend.state import DuplicateMessage -from omemo.backend.state import SenderNotTrusted from omemo.modules.util import prepare_stanza @@ -218,9 +218,9 @@ class OMEMO(BaseModule): self._log.info('Message received from: %s', from_jid) try: - plaintext, fingerprint = self.backend.decrypt_message( + plaintext, fingerprint, trust = self.backend.decrypt_message( properties.omemo, from_jid) - except (KeyExchangeMessage, DuplicateMessage, SenderNotTrusted): + except (KeyExchangeMessage, DuplicateMessage): raise NodeProcessed except SelfMessage: @@ -241,7 +241,8 @@ class OMEMO(BaseModule): prepare_stanza(stanza, plaintext) self._debug_print_stanza(stanza) properties.encrypted = EncryptionData({'name': ENCRYPTION_NAME, - 'fingerprint': fingerprint}) + 'fingerprint': fingerprint, + 'trust': GajimTrust[trust.name]}) def _process_muc_message(self, properties): room_jid = properties.jid.getBare()