Skip to content

Commit

Permalink
Introduce CryptoCrossSigningKeys container
Browse files Browse the repository at this point in the history
  • Loading branch information
bmarty committed Jan 3, 2023
1 parent 4c4ef0d commit 02e7157
Show file tree
Hide file tree
Showing 5 changed files with 52 additions and 26 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
/*
* Copyright 2023 The Matrix.org Foundation C.I.C.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.matrix.android.sdk.api.session.crypto.crosssigning

/**
* Container for the three cross signing keys: master, self signing and user signing.
*/
data class CryptoCrossSigningKeys(
val masterKey: CryptoCrossSigningKey?,
val selfSigningKey: CryptoCrossSigningKey?,
val userSigningKey: CryptoCrossSigningKey?,
)
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ import org.matrix.android.sdk.api.MatrixPatterns
import org.matrix.android.sdk.api.auth.data.Credentials
import org.matrix.android.sdk.api.extensions.measureMetric
import org.matrix.android.sdk.api.metrics.DownloadDeviceKeysMetricsPlugin
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
Expand Down Expand Up @@ -419,7 +420,11 @@ internal class DeviceListManager @Inject constructor(
val userSigningKey = response.userSigningKeys?.get(userId)?.toCryptoModel()?.also {
Timber.v("## CRYPTO | CrossSigning : Got keys for $userId : USK ${it.unpaddedBase64PublicKey}")
}
userDataToStore.userCrossSigningKeys[userId] = Triple(masterKey, selfSigningKey, userSigningKey)
userDataToStore.userCrossSigningKeys[userId] = CryptoCrossSigningKeys(
masterKey = masterKey,
selfSigningKey = selfSigningKey,
userSigningKey = userSigningKey
)
}

cryptoStore.storeUserDataToStore(userDataToStore)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ import org.matrix.android.sdk.api.session.crypto.NewSessionListener
import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo
import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo
import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
Expand Down Expand Up @@ -235,9 +236,7 @@ internal interface IMXCryptoStore {

fun storeUserCrossSigningKeys(
userId: String,
masterKey: CryptoCrossSigningKey?,
selfSigningKey: CryptoCrossSigningKey?,
userSigningKey: CryptoCrossSigningKey?
cryptoCrossSigningKeys: CryptoCrossSigningKeys
)

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,10 @@

package org.matrix.android.sdk.internal.crypto.store

import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo

internal data class UserDataToStore(
val userDevices: MutableMap<String, Map<String, CryptoDeviceInfo>> = mutableMapOf(),
val userCrossSigningKeys: MutableMap<String, Triple<CryptoCrossSigningKey?, CryptoCrossSigningKey?, CryptoCrossSigningKey?>> = mutableMapOf(),
val userCrossSigningKeys: MutableMap<String, CryptoCrossSigningKeys> = mutableMapOf(),
)
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ import org.matrix.android.sdk.api.session.crypto.GlobalCryptoConfig
import org.matrix.android.sdk.api.session.crypto.NewSessionListener
import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey
import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKeys
import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo
import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo
import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
Expand Down Expand Up @@ -332,25 +332,21 @@ internal class RealmCryptoStore @Inject constructor(

override fun storeUserCrossSigningKeys(
userId: String,
masterKey: CryptoCrossSigningKey?,
selfSigningKey: CryptoCrossSigningKey?,
userSigningKey: CryptoCrossSigningKey?
cryptoCrossSigningKeys: CryptoCrossSigningKeys,
) {
doRealmTransaction("storeUserCrossSigningKeys", realmConfiguration) { realm ->
storeUserCrossSigningKeys(realm, userId, masterKey, selfSigningKey, userSigningKey)
storeUserCrossSigningKeys(realm, userId, cryptoCrossSigningKeys)
}
}

private fun storeUserCrossSigningKeys(
realm: Realm,
userId: String,
masterKey: CryptoCrossSigningKey?,
selfSigningKey: CryptoCrossSigningKey?,
userSigningKey: CryptoCrossSigningKey?
keys: CryptoCrossSigningKeys,
) {
UserEntity.getOrCreate(realm, userId)
.let { userEntity ->
if (masterKey == null || selfSigningKey == null) {
if (keys.masterKey == null || keys.selfSigningKey == null) {
// The user has disabled cross signing?
userEntity.crossSigningInfoEntity?.deleteOnCascade()
userEntity.crossSigningInfoEntity = null
Expand All @@ -359,11 +355,11 @@ internal class RealmCryptoStore @Inject constructor(
CrossSigningInfoEntity.getOrCreate(realm, userId).let { signingInfo ->
// What should we do if we detect a change of the keys?
val existingMaster = signingInfo.getMasterKey()
if (existingMaster != null && existingMaster.publicKeyBase64 == masterKey.unpaddedBase64PublicKey) {
crossSigningKeysMapper.update(existingMaster, masterKey)
if (existingMaster != null && existingMaster.publicKeyBase64 == keys.masterKey.unpaddedBase64PublicKey) {
crossSigningKeysMapper.update(existingMaster, keys.masterKey)
} else {
Timber.d("## CrossSigning MSK change for $userId")
val keyEntity = crossSigningKeysMapper.map(masterKey)
val keyEntity = crossSigningKeysMapper.map(keys.masterKey)
signingInfo.setMasterKey(keyEntity)
if (userId == this.userId) {
shouldResetMyDevicesLocalTrust = true
Expand All @@ -378,11 +374,11 @@ internal class RealmCryptoStore @Inject constructor(
}

val existingSelfSigned = signingInfo.getSelfSignedKey()
if (existingSelfSigned != null && existingSelfSigned.publicKeyBase64 == selfSigningKey.unpaddedBase64PublicKey) {
crossSigningKeysMapper.update(existingSelfSigned, selfSigningKey)
if (existingSelfSigned != null && existingSelfSigned.publicKeyBase64 == keys.selfSigningKey.unpaddedBase64PublicKey) {
crossSigningKeysMapper.update(existingSelfSigned, keys.selfSigningKey)
} else {
Timber.d("## CrossSigning SSK change for $userId")
val keyEntity = crossSigningKeysMapper.map(selfSigningKey)
val keyEntity = crossSigningKeysMapper.map(keys.selfSigningKey)
signingInfo.setSelfSignedKey(keyEntity)
if (userId == this.userId) {
shouldResetMyDevicesLocalTrust = true
Expand All @@ -394,13 +390,13 @@ internal class RealmCryptoStore @Inject constructor(
}

// Only for me
if (userSigningKey != null) {
if (keys.userSigningKey != null) {
val existingUSK = signingInfo.getUserSigningKey()
if (existingUSK != null && existingUSK.publicKeyBase64 == userSigningKey.unpaddedBase64PublicKey) {
crossSigningKeysMapper.update(existingUSK, userSigningKey)
if (existingUSK != null && existingUSK.publicKeyBase64 == keys.userSigningKey.unpaddedBase64PublicKey) {
crossSigningKeysMapper.update(existingUSK, keys.userSigningKey)
} else {
Timber.d("## CrossSigning USK change for $userId")
val keyEntity = crossSigningKeysMapper.map(userSigningKey)
val keyEntity = crossSigningKeysMapper.map(keys.userSigningKey)
signingInfo.setUserSignedKey(keyEntity)
if (userId == this.userId) {
shouldResetMyDevicesLocalTrust = true
Expand Down Expand Up @@ -1862,7 +1858,7 @@ internal class RealmCryptoStore @Inject constructor(
storeUserDevices(realm, it.key, it.value)
}
userDataToStore.userCrossSigningKeys.forEach {
storeUserCrossSigningKeys(realm, it.key, it.value.first, it.value.second, it.value.third)
storeUserCrossSigningKeys(realm, it.key, it.value)
}
}
}
Expand Down

0 comments on commit 02e7157

Please sign in to comment.