[omemo] Save trust of message to database
This commit is contained in:
Philipp Hörist
@@ -532,7 +532,7 @@ class LiteAxolotlStore(AxolotlStore):
|
||||
def getTrustedFingerprints(self, jid):
|
||||
query = '''SELECT public_key as "public_key [pk]" FROM identities
|
||||
WHERE recipient_id = ? AND trust = ?'''
|
||||
result = self._con.execute(query, (jid, Trust.TRUSTED)).fetchall()
|
||||
result = self._con.execute(query, (jid, Trust.VERIFIED)).fetchall()
|
||||
return [row.public_key for row in result]
|
||||
|
||||
def getNewFingerprints(self, jid):
|
||||
@@ -560,7 +560,7 @@ class LiteAxolotlStore(AxolotlStore):
|
||||
return False
|
||||
identity_key = record.getSessionState().getRemoteIdentityKey()
|
||||
return self.getTrustForIdentity(
|
||||
recipient_id, identity_key) == Trust.TRUSTED
|
||||
recipient_id, identity_key) == Trust.VERIFIED
|
||||
|
||||
def isUntrustedIdentity(self, recipient_id, identity_key):
|
||||
return self.getTrustForIdentity(
|
||||
|
||||
@@ -40,6 +40,7 @@ from omemo.backend.devices import DeviceManager
|
||||
from omemo.backend.devices import NoDevicesFound
|
||||
from omemo.backend.liteaxolotlstore import LiteAxolotlStore
|
||||
from omemo.backend.util import get_fingerprint
|
||||
from omemo.backend.util import Trust
|
||||
from omemo.backend.util import DEFAULT_PREKEY_AMOUNT
|
||||
from omemo.backend.util import MIN_PREKEY_AMOUNT
|
||||
from omemo.backend.util import SPK_CYCLE_TIME
|
||||
@@ -129,16 +130,12 @@ class OmemoState(DeviceManager):
|
||||
|
||||
try:
|
||||
if prekey:
|
||||
key, fingerprint = self._process_pre_key_message(
|
||||
key, fingerprint, trust = self._process_pre_key_message(
|
||||
jid, omemo_message.sid, encrypted_key)
|
||||
else:
|
||||
key, fingerprint = self._process_message(
|
||||
key, fingerprint, trust = self._process_message(
|
||||
jid, omemo_message.sid, encrypted_key)
|
||||
|
||||
except SenderNotTrusted:
|
||||
self._log.info('Sender not trusted, ignore message')
|
||||
raise
|
||||
|
||||
except DuplicateMessageException:
|
||||
self._log.info('Received duplicated message')
|
||||
raise DuplicateMessage
|
||||
@@ -153,7 +150,7 @@ class OmemoState(DeviceManager):
|
||||
|
||||
result = aes_decrypt(key, omemo_message.iv, omemo_message.payload)
|
||||
self._log.debug("Decrypted Message => %s", result)
|
||||
return result, fingerprint
|
||||
return result, fingerprint, trust
|
||||
|
||||
def _get_whisper_message(self, jid, device, key):
|
||||
cipher = self._get_session_cipher(jid, device)
|
||||
@@ -253,8 +250,8 @@ class OmemoState(DeviceManager):
|
||||
'without PreKey => %s' % jid)
|
||||
|
||||
identity_key = pre_key_message.getIdentityKey()
|
||||
if self._storage.isUntrustedIdentity(jid, identity_key):
|
||||
raise SenderNotTrusted
|
||||
trust = self._storage.getTrustForIdentity(jid, identity_key)
|
||||
trust = Trust(trust) if trust is not None else Trust.UNDECIDED
|
||||
|
||||
session_cipher = self._get_session_cipher(jid, device)
|
||||
|
||||
@@ -266,7 +263,7 @@ class OmemoState(DeviceManager):
|
||||
|
||||
self.xmpp_con.set_bundle()
|
||||
self.add_device(jid, device)
|
||||
return key, fingerprint
|
||||
return key, fingerprint, trust
|
||||
|
||||
def _process_message(self, jid, device, key):
|
||||
message = WhisperMessage(serialized=key)
|
||||
@@ -278,15 +275,15 @@ class OmemoState(DeviceManager):
|
||||
session_record = self._storage.loadSession(jid, device)
|
||||
identity_key = session_record.getSessionState().getRemoteIdentityKey()
|
||||
|
||||
if self._storage.isUntrustedIdentity(jid, identity_key):
|
||||
raise SenderNotTrusted
|
||||
trust = self._storage.getTrustForIdentity(jid, identity_key)
|
||||
trust = Trust(trust) if trust is not None else Trust.UNDECIDED
|
||||
|
||||
fingerprint = get_fingerprint(identity_key)
|
||||
self._storage.setIdentityLastSeen(jid, identity_key)
|
||||
|
||||
self.add_device(jid, device)
|
||||
|
||||
return key, fingerprint
|
||||
return key, fingerprint, trust
|
||||
|
||||
def _check_pre_key_count(self):
|
||||
# Check if enough PreKeys are available
|
||||
@@ -350,7 +347,3 @@ class InvalidMessage(Exception):
|
||||
|
||||
class DuplicateMessage(Exception):
|
||||
pass
|
||||
|
||||
|
||||
class SenderNotTrusted(Exception):
|
||||
pass
|
||||
|
||||
@@ -30,7 +30,7 @@ UNACKNOWLEDGED_COUNT = 300
|
||||
|
||||
class Trust(IntEnum):
|
||||
UNTRUSTED = 0
|
||||
TRUSTED = 1
|
||||
VERIFIED = 1
|
||||
UNDECIDED = 2
|
||||
|
||||
|
||||
|
||||
@@ -19,12 +19,11 @@ import time
|
||||
import locale
|
||||
import logging
|
||||
import tempfile
|
||||
|
||||
from gi.repository import Gtk
|
||||
from gi.repository import GdkPixbuf
|
||||
from distutils.version import LooseVersion as V
|
||||
|
||||
from pkg_resources import get_distribution
|
||||
from distutils.version import LooseVersion as V
|
||||
from gi.repository import Gtk
|
||||
from gi.repository import GdkPixbuf
|
||||
|
||||
from gajim.common import app
|
||||
from gajim.plugins.plugins_i18n import _
|
||||
@@ -32,7 +31,7 @@ from gajim.plugins.helpers import get_builder
|
||||
|
||||
from omemo.gtk.util import DialogButton, ButtonAction
|
||||
from omemo.gtk.util import NewConfirmationDialog
|
||||
from omemo.gtk.util import Trust
|
||||
from omemo.backend.util import Trust
|
||||
from omemo.backend.util import IdentityKeyExtended
|
||||
from omemo.backend.util import get_fingerprint
|
||||
|
||||
@@ -40,15 +39,15 @@ log = logging.getLogger('gajim.p.omemo')
|
||||
|
||||
|
||||
TRUST_DATA = {
|
||||
Trust.NOT_TRUSTED: ('dialog-error-symbolic',
|
||||
_('Not Trusted'),
|
||||
'error-color'),
|
||||
Trust.UNKNOWN: ('security-low-symbolic',
|
||||
_('Not Decided'),
|
||||
'warning-color'),
|
||||
Trust.UNTRUSTED: ('dialog-error-symbolic',
|
||||
_('Untrusted'),
|
||||
'error-color'),
|
||||
Trust.UNDECIDED: ('security-low-symbolic',
|
||||
_('Not Decided'),
|
||||
'warning-color'),
|
||||
Trust.VERIFIED: ('security-high-symbolic',
|
||||
_('Trusted'),
|
||||
'success-color')
|
||||
_('Verified'),
|
||||
'encrypted-color')
|
||||
}
|
||||
|
||||
|
||||
@@ -358,7 +357,7 @@ class TrustPopver(Gtk.Popover):
|
||||
self._listbox.set_selection_mode(Gtk.SelectionMode.NONE)
|
||||
if row.trust != Trust.VERIFIED:
|
||||
self._listbox.add(VerifiedOption())
|
||||
if row.trust != Trust.NOT_TRUSTED:
|
||||
if row.trust != Trust.UNTRUSTED:
|
||||
self._listbox.add(NotTrustedOption())
|
||||
self._listbox.add(DeleteOption())
|
||||
self.add(self._listbox)
|
||||
@@ -380,7 +379,7 @@ class TrustPopver(Gtk.Popover):
|
||||
self._listbox.foreach(self._listbox.remove)
|
||||
if self._row.trust != Trust.VERIFIED:
|
||||
self._listbox.add(VerifiedOption())
|
||||
if self._row.trust != Trust.NOT_TRUSTED:
|
||||
if self._row.trust != Trust.UNTRUSTED:
|
||||
self._listbox.add(NotTrustedOption())
|
||||
self._listbox.add(DeleteOption())
|
||||
|
||||
@@ -406,8 +405,8 @@ class VerifiedOption(MenuOption):
|
||||
|
||||
type_ = Trust.VERIFIED
|
||||
icon = 'security-high-symbolic'
|
||||
label = _('Trusted')
|
||||
color = 'success-color'
|
||||
label = _('Verified')
|
||||
color = 'encrypted-color'
|
||||
|
||||
def __init__(self):
|
||||
MenuOption.__init__(self)
|
||||
@@ -415,9 +414,9 @@ class VerifiedOption(MenuOption):
|
||||
|
||||
class NotTrustedOption(MenuOption):
|
||||
|
||||
type_ = Trust.NOT_TRUSTED
|
||||
type_ = Trust.UNTRUSTED
|
||||
icon = 'dialog-error-symbolic'
|
||||
label = _('Not Trusted')
|
||||
label = _('Untrusted')
|
||||
color = 'error-color'
|
||||
|
||||
def __init__(self):
|
||||
|
||||
@@ -30,12 +30,6 @@ class ButtonAction(Enum):
|
||||
SUGGESTED = 'suggested-action'
|
||||
|
||||
|
||||
class Trust(IntEnum):
|
||||
NOT_TRUSTED = 0
|
||||
VERIFIED = 1
|
||||
UNKNOWN = 2
|
||||
|
||||
|
||||
class NewConfirmationDialog(Gtk.MessageDialog):
|
||||
def __init__(self, text, sec_text, buttons, transient_for=None):
|
||||
Gtk.MessageDialog.__init__(self,
|
||||
|
||||
@@ -35,6 +35,7 @@ from gajim.common import helpers
|
||||
from gajim.common import configpaths
|
||||
from gajim.common.nec import NetworkEvent
|
||||
from gajim.common.const import EncryptionData
|
||||
from gajim.common.const import Trust as GajimTrust
|
||||
from gajim.common.modules.base import BaseModule
|
||||
from gajim.common.modules.util import event_node
|
||||
|
||||
@@ -46,7 +47,6 @@ from omemo.backend.state import SelfMessage
|
||||
from omemo.backend.state import MessageNotForDevice
|
||||
from omemo.backend.state import DecryptionFailed
|
||||
from omemo.backend.state import DuplicateMessage
|
||||
from omemo.backend.state import SenderNotTrusted
|
||||
from omemo.modules.util import prepare_stanza
|
||||
|
||||
|
||||
@@ -218,9 +218,9 @@ class OMEMO(BaseModule):
|
||||
self._log.info('Message received from: %s', from_jid)
|
||||
|
||||
try:
|
||||
plaintext, fingerprint = self.backend.decrypt_message(
|
||||
plaintext, fingerprint, trust = self.backend.decrypt_message(
|
||||
properties.omemo, from_jid)
|
||||
except (KeyExchangeMessage, DuplicateMessage, SenderNotTrusted):
|
||||
except (KeyExchangeMessage, DuplicateMessage):
|
||||
raise NodeProcessed
|
||||
|
||||
except SelfMessage:
|
||||
@@ -241,7 +241,8 @@ class OMEMO(BaseModule):
|
||||
prepare_stanza(stanza, plaintext)
|
||||
self._debug_print_stanza(stanza)
|
||||
properties.encrypted = EncryptionData({'name': ENCRYPTION_NAME,
|
||||
'fingerprint': fingerprint})
|
||||
'fingerprint': fingerprint,
|
||||
'trust': GajimTrust[trust.name]})
|
||||
|
||||
def _process_muc_message(self, properties):
|
||||
room_jid = properties.jid.getBare()
|
||||
|
||||
Reference in New Issue
Block a user