aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java/de/pixart/messenger/crypto/axolotl
diff options
context:
space:
mode:
authorChristian Schneppe <christian@pix-art.de>2016-11-24 21:42:35 +0100
committerChristian Schneppe <christian@pix-art.de>2016-11-24 21:42:35 +0100
commitfefae63f1dceef88c42a2c80ce7265419095316f (patch)
tree304098147b44995538ff9ca6cb7d46c6825254ed /src/main/java/de/pixart/messenger/crypto/axolotl
parent02ff5375371d5178c6e0bb099d2a962488c1ef4a (diff)
introduced blind trust before verification mode
read more about the concept on https://gultsch.de/trust.html
Diffstat (limited to 'src/main/java/de/pixart/messenger/crypto/axolotl')
-rw-r--r--src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java23
-rw-r--r--src/main/java/de/pixart/messenger/crypto/axolotl/FingerprintStatus.java8
-rw-r--r--src/main/java/de/pixart/messenger/crypto/axolotl/SQLiteAxolotlStore.java7
3 files changed, 35 insertions, 3 deletions
diff --git a/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java b/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java
index 8a38ce20d..7ecdcb355 100644
--- a/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java
+++ b/src/main/java/de/pixart/messenger/crypto/axolotl/AxolotlService.java
@@ -111,6 +111,15 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
axolotlStore.preVerifyFingerprint(account, account.getJid().toBareJid().toPreppedString(), fingerprint);
}
+ public boolean hasVerifiedKeys(String name) {
+ for(XmppAxolotlSession session : this.sessions.getAll(new AxolotlAddress(name,0)).values()) {
+ if (session.getTrust().isVerified()) {
+ return true;
+ }
+ }
+ return false;
+ }
+
private static class AxolotlAddressMap<T> {
protected Map<String, Map<Integer, T>> map;
protected final Object MAP_LOCK = new Object();
@@ -225,6 +234,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
SUCCESS,
SUCCESS_VERIFIED,
TIMEOUT,
+ SUCCESS_TRUSTED,
ERROR
}
@@ -775,6 +785,8 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
report = FetchStatus.SUCCESS;
} else if (own.containsValue(FetchStatus.SUCCESS_VERIFIED) || remote.containsValue(FetchStatus.SUCCESS_VERIFIED)) {
report = FetchStatus.SUCCESS_VERIFIED;
+ } else if (own.containsValue(FetchStatus.SUCCESS_TRUSTED) || remote.containsValue(FetchStatus.SUCCESS_TRUSTED)) {
+ report = FetchStatus.SUCCESS_TRUSTED;
} else if (own.containsValue(FetchStatus.ERROR) || remote.containsValue(FetchStatus.ERROR)) {
report = FetchStatus.ERROR;
}
@@ -832,8 +844,15 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
verifySessionWithPEP(session);
} else {
FingerprintStatus status = getFingerprintTrust(bundle.getIdentityKey().getFingerprint().replaceAll("\\s", ""));
- boolean verified = status != null && status.isVerified();
- fetchStatusMap.put(address, verified ? FetchStatus.SUCCESS_VERIFIED : FetchStatus.SUCCESS);
+ FetchStatus fetchStatus;
+ if (status != null && status.isVerified()) {
+ fetchStatus = FetchStatus.SUCCESS_VERIFIED;
+ } else if (status != null && status.isTrusted()) {
+ fetchStatus = FetchStatus.SUCCESS_TRUSTED;
+ } else {
+ fetchStatus = FetchStatus.SUCCESS;
+ }
+ fetchStatusMap.put(address, fetchStatus);
finishBuildingSessionsFromPEP(address);
}
} catch (UntrustedIdentityException | InvalidKeyException e) {
diff --git a/src/main/java/de/pixart/messenger/crypto/axolotl/FingerprintStatus.java b/src/main/java/de/pixart/messenger/crypto/axolotl/FingerprintStatus.java
index 0614b759f..c38847be5 100644
--- a/src/main/java/de/pixart/messenger/crypto/axolotl/FingerprintStatus.java
+++ b/src/main/java/de/pixart/messenger/crypto/axolotl/FingerprintStatus.java
@@ -63,6 +63,14 @@ public class FingerprintStatus implements Comparable<FingerprintStatus> {
return status;
}
+ public static FingerprintStatus createActiveTrusted() {
+ final FingerprintStatus status = new FingerprintStatus();
+ status.trust = Trust.TRUSTED;
+ status.active = true;
+ status.lastActivation = System.currentTimeMillis();
+ return status;
+ }
+
public static FingerprintStatus createActiveVerified(boolean x509) {
final FingerprintStatus status = new FingerprintStatus();
status.trust = x509 ? Trust.VERIFIED_X509 : Trust.VERIFIED;
diff --git a/src/main/java/de/pixart/messenger/crypto/axolotl/SQLiteAxolotlStore.java b/src/main/java/de/pixart/messenger/crypto/axolotl/SQLiteAxolotlStore.java
index 0d246795d..ed944b45a 100644
--- a/src/main/java/de/pixart/messenger/crypto/axolotl/SQLiteAxolotlStore.java
+++ b/src/main/java/de/pixart/messenger/crypto/axolotl/SQLiteAxolotlStore.java
@@ -191,7 +191,12 @@ public class SQLiteAxolotlStore implements AxolotlStore {
String fingerprint = identityKey.getFingerprint().replaceAll("\\s", "");
FingerprintStatus status = getFingerprintStatus(fingerprint);
if (status == null) {
- status = FingerprintStatus.createActiveUndecided(); //default for new keys
+ if (mXmppConnectionService.blindTrustBeforeVerification() && !account.getAxolotlService().hasVerifiedKeys(name)) {
+ Log.d(Config.LOGTAG,account.getJid().toBareJid()+": blindly trusted "+fingerprint+" of "+name);
+ status = FingerprintStatus.createActiveTrusted();
+ } else {
+ status = FingerprintStatus.createActiveUndecided();
+ }
} else {
status = status.toActive();
}