aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Gultsch <daniel@gultsch.de>2015-12-08 17:15:08 +0100
committerDaniel Gultsch <daniel@gultsch.de>2015-12-08 17:15:08 +0100
commit1de74c2337a97c55180827ea8497f9efca12c24b (patch)
treececec8ccf1091427c6037498d053a03d5a72e0e3
parentb9fc7ebe24eca92ec4d17e057e2643ab83b169fd (diff)
also verify sessions in CBE mode that got created by key transport messages
-rw-r--r--src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java16
1 files changed, 14 insertions, 2 deletions
diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
index 2aaadab7..a3dc1357 100644
--- a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
+++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
@@ -924,7 +924,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
}
if (session.isFresh() && plaintextMessage != null) {
- sessions.put(session);
+ putFreshSession(session);
}
return plaintextMessage;
@@ -937,9 +937,21 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
keyTransportMessage = message.getParameters(session, getOwnDeviceId());
if (session.isFresh() && keyTransportMessage != null) {
- sessions.put(session);
+ putFreshSession(session);
}
return keyTransportMessage;
}
+
+ private void putFreshSession(XmppAxolotlSession session) {
+ sessions.put(session);
+ if (Config.X509_VERIFICATION) {
+ IdentityKey identityKey = axolotlStore.loadSession(session.getRemoteAddress()).getSessionState().getRemoteIdentityKey();
+ if (identityKey != null) {
+ verifySessionWithPEP(session, identityKey);
+ } else {
+ Log.e(Config.LOGTAG,account.getJid().toBareJid()+": identity key was empty after reloading for x509 verification");
+ }
+ }
+ }
}