diff options
author | Christian S <kriztan@users.noreply.github.com> | 2015-11-01 10:21:59 +0100 |
---|---|---|
committer | Christian S <kriztan@users.noreply.github.com> | 2015-11-01 10:21:59 +0100 |
commit | 06b218c1a62cf8eaf71546541921812025a392fc (patch) | |
tree | 0e95f9b07d2e03da7eebc5335b927084fab2dfff /src/main/java/eu/siacs | |
parent | 1e50c4c55c583612b4e1796024f87c83803c55c3 (diff) | |
parent | fb9ba0a734c4b854918f1c58940977c6037a6afa (diff) |
Merge pull request #47 from siacs/master
copy commits
Diffstat (limited to 'src/main/java/eu/siacs')
8 files changed, 69 insertions, 18 deletions
diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java index 4a895bb81..2aaadab71 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java @@ -311,6 +311,8 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded { expiredDevices.removeAll(deviceIds); setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.TRUSTED, XmppAxolotlSession.Trust.INACTIVE_TRUSTED); + setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.TRUSTED_X509, + XmppAxolotlSession.Trust.INACTIVE_TRUSTED_X509); setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.UNDECIDED, XmppAxolotlSession.Trust.INACTIVE_UNDECIDED); setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.UNTRUSTED, @@ -318,6 +320,8 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded { Set<Integer> newDevices = new HashSet<>(deviceIds); setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_TRUSTED, XmppAxolotlSession.Trust.TRUSTED); + setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_TRUSTED_X509, + XmppAxolotlSession.Trust.TRUSTED_X509); setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_UNDECIDED, XmppAxolotlSession.Trust.UNDECIDED); setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_UNTRUSTED, @@ -592,7 +596,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded { try { mXmppConnectionService.getMemorizingTrustManager().getNonInteractive().checkClientTrusted(verification.first, "RSA"); Log.d(Config.LOGTAG, "verified session with x.509 signature. fingerprint was: "+session.getFingerprint()); - setFingerprintTrust(session.getFingerprint(), XmppAxolotlSession.Trust.TRUSTED); + setFingerprintTrust(session.getFingerprint(), XmppAxolotlSession.Trust.TRUSTED_X509); fetchStatusMap.put(address, FetchStatus.SUCCESS_VERIFIED); finishBuildingSessionsFromPEP(address); return; @@ -774,6 +778,22 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded { return newSessions; } + public boolean trustedSessionVerified(final Conversation conversation) { + Set<XmppAxolotlSession> sessions = findSessionsforContact(conversation.getContact()); + sessions.addAll(findOwnSessions()); + boolean verified = false; + for(XmppAxolotlSession session : sessions) { + if (session.getTrust().trusted()) { + if (session.getTrust() == XmppAxolotlSession.Trust.TRUSTED_X509) { + verified = true; + } else { + return false; + } + } + } + return verified; + } + public boolean hasPendingKeyFetches(Account account, Contact contact) { AxolotlAddress ownAddress = new AxolotlAddress(account.getJid().toBareJid().toString(), 0); AxolotlAddress foreignAddress = new AxolotlAddress(contact.getJid().toBareJid().toString(), 0); diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java index d582db40c..c452acfd4 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java @@ -40,7 +40,9 @@ public class XmppAxolotlSession { COMPROMISED(3), INACTIVE_TRUSTED(4), INACTIVE_UNDECIDED(5), - INACTIVE_UNTRUSTED(6); + INACTIVE_UNTRUSTED(6), + TRUSTED_X509(7), + INACTIVE_TRUSTED_X509(8); private static final Map<Integer, Trust> trustsByValue = new HashMap<>(); @@ -74,6 +76,10 @@ public class XmppAxolotlSession { return "Inactive (Undecided)" + getCode(); case INACTIVE_UNTRUSTED: return "Inactive (Untrusted)" + getCode(); + case TRUSTED_X509: + return "Trusted (X509) " + getCode(); + case INACTIVE_TRUSTED_X509: + return "Inactive (Trusted (X509)) " + getCode(); case UNTRUSTED: default: return "Untrusted " + getCode(); @@ -87,6 +93,14 @@ public class XmppAxolotlSession { public static Trust fromCode(int code) { return trustsByValue.get(code); } + + public boolean trusted() { + return this == TRUSTED_X509 || this == TRUSTED; + } + + public boolean trustedInactive() { + return this == INACTIVE_TRUSTED_X509 || this == INACTIVE_TRUSTED; + } } public XmppAxolotlSession(Account account, SQLiteAxolotlStore store, AxolotlAddress remoteAddress, String fingerprint) { @@ -144,6 +158,8 @@ public class XmppAxolotlSession { case UNDECIDED: case UNTRUSTED: case TRUSTED: + case INACTIVE_TRUSTED_X509: + case TRUSTED_X509: try { try { PreKeyWhisperMessage message = new PreKeyWhisperMessage(encryptedKey); @@ -169,8 +185,12 @@ public class XmppAxolotlSession { Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error decrypting axolotl header, " + e.getClass().getName() + ": " + e.getMessage()); } - if (plaintext != null && trust == Trust.INACTIVE_TRUSTED) { - setTrust(Trust.TRUSTED); + if (plaintext != null) { + if (trust == Trust.INACTIVE_TRUSTED) { + setTrust(Trust.TRUSTED); + } else if (trust == Trust.INACTIVE_TRUSTED_X509) { + setTrust(Trust.TRUSTED_X509); + } } break; @@ -186,7 +206,7 @@ public class XmppAxolotlSession { @Nullable public byte[] processSending(@NonNull byte[] outgoingMessage) { Trust trust = getTrust(); - if (trust == Trust.TRUSTED) { + if (trust.trusted()) { CiphertextMessage ciphertextMessage = cipher.encrypt(outgoingMessage); return ciphertextMessage.serialize(); } else { diff --git a/src/main/java/eu/siacs/conversations/entities/Message.java b/src/main/java/eu/siacs/conversations/entities/Message.java index 36cc0842f..808bb1b65 100644 --- a/src/main/java/eu/siacs/conversations/entities/Message.java +++ b/src/main/java/eu/siacs/conversations/entities/Message.java @@ -716,8 +716,8 @@ public class Message extends AbstractEntity { } public boolean isTrusted() { - return conversation.getAccount().getAxolotlService().getFingerprintTrust(axolotlFingerprint) - == XmppAxolotlSession.Trust.TRUSTED; + XmppAxolotlSession.Trust t = conversation.getAccount().getAxolotlService().getFingerprintTrust(axolotlFingerprint); + return t != null && t.trusted(); } private int getPreviousEncryption() { diff --git a/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java b/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java index 707237a11..fdbfe4fee 100644 --- a/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java +++ b/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java @@ -962,12 +962,13 @@ public class DatabaseBackend extends SQLiteOpenHelper { String[] args = { account.getUuid(), name, - String.valueOf(XmppAxolotlSession.Trust.TRUSTED.getCode()) + String.valueOf(XmppAxolotlSession.Trust.TRUSTED.getCode()), + String.valueOf(XmppAxolotlSession.Trust.TRUSTED_X509.getCode()) }; return DatabaseUtils.queryNumEntries(db, SQLiteAxolotlStore.IDENTITIES_TABLENAME, SQLiteAxolotlStore.ACCOUNT + " = ?" + " AND " + SQLiteAxolotlStore.NAME + " = ?" - + " AND " + SQLiteAxolotlStore.TRUSTED + " = ?", + + " AND (" + SQLiteAxolotlStore.TRUSTED + " = ? OR "+SQLiteAxolotlStore.TRUSTED+ " = ?)", args ); } diff --git a/src/main/java/eu/siacs/conversations/ui/ConversationFragment.java b/src/main/java/eu/siacs/conversations/ui/ConversationFragment.java index fd3426ca7..9904f3e12 100644 --- a/src/main/java/eu/siacs/conversations/ui/ConversationFragment.java +++ b/src/main/java/eu/siacs/conversations/ui/ConversationFragment.java @@ -46,6 +46,7 @@ import java.util.concurrent.ConcurrentLinkedQueue; import eu.siacs.conversations.Config; import eu.siacs.conversations.R; import eu.siacs.conversations.crypto.PgpEngine; +import eu.siacs.conversations.crypto.axolotl.AxolotlService; import eu.siacs.conversations.entities.Account; import eu.siacs.conversations.entities.Contact; import eu.siacs.conversations.entities.Conversation; @@ -363,7 +364,12 @@ public class ConversationFragment extends Fragment implements EditMessage.Keyboa mEditMessage.setHint(getString(R.string.send_otr_message)); break; case Message.ENCRYPTION_AXOLOTL: - mEditMessage.setHint(getString(R.string.send_omemo_message)); + AxolotlService axolotlService = conversation.getAccount().getAxolotlService(); + if (axolotlService.trustedSessionVerified(conversation)) { + mEditMessage.setHint(getString(R.string.send_omemo_x509_message)); + } else { + mEditMessage.setHint(getString(R.string.send_omemo_message)); + } break; case Message.ENCRYPTION_PGP: mEditMessage.setHint(getString(R.string.send_pgp_message)); diff --git a/src/main/java/eu/siacs/conversations/ui/XmppActivity.java b/src/main/java/eu/siacs/conversations/ui/XmppActivity.java index 9dae18157..ebd3b7d38 100644 --- a/src/main/java/eu/siacs/conversations/ui/XmppActivity.java +++ b/src/main/java/eu/siacs/conversations/ui/XmppActivity.java @@ -677,12 +677,16 @@ public abstract class XmppActivity extends Activity { return true; } }); - + boolean x509 = trust == XmppAxolotlSession.Trust.TRUSTED_X509 || trust == XmppAxolotlSession.Trust.INACTIVE_TRUSTED_X509; switch (trust) { case UNTRUSTED: case TRUSTED: - trustToggle.setChecked(trust == XmppAxolotlSession.Trust.TRUSTED, false); - trustToggle.setEnabled(true); + case TRUSTED_X509: + trustToggle.setChecked(trust.trusted(), false); + trustToggle.setEnabled(trust != XmppAxolotlSession.Trust.TRUSTED_X509); + if (trust == XmppAxolotlSession.Trust.TRUSTED_X509) { + trustToggle.setOnClickListener(null); + } key.setTextColor(getPrimaryTextColor()); keyType.setTextColor(getSecondaryTextColor()); break; @@ -701,6 +705,7 @@ public abstract class XmppActivity extends Activity { keyType.setTextColor(getTertiaryTextColor()); break; case INACTIVE_TRUSTED: + case INACTIVE_TRUSTED_X509: trustToggle.setOnClickListener(null); trustToggle.setChecked(true, false); trustToggle.setEnabled(false); @@ -710,15 +715,15 @@ public abstract class XmppActivity extends Activity { } if (showTag) { - keyType.setText(getString(R.string.omemo_fingerprint)); + keyType.setText(getString(x509 ? R.string.omemo_fingerprint_x509 : R.string.omemo_fingerprint)); } else { keyType.setVisibility(View.GONE); } if (highlight) { keyType.setTextColor(getResources().getColor(R.color.accent)); - keyType.setText(getString(R.string.omemo_fingerprint_selected_message)); + keyType.setText(getString(x509 ? R.string.omemo_fingerprint_x509_selected_message : R.string.omemo_fingerprint_selected_message)); } else { - keyType.setText(getString(R.string.omemo_fingerprint)); + keyType.setText(getString(x509 ? R.string.omemo_fingerprint_x509 : R.string.omemo_fingerprint)); } key.setText(CryptoHelper.prettifyFingerprint(fingerprint)); diff --git a/src/main/java/eu/siacs/conversations/ui/adapter/MessageAdapter.java b/src/main/java/eu/siacs/conversations/ui/adapter/MessageAdapter.java index 039efe3c5..10fa3c18f 100644 --- a/src/main/java/eu/siacs/conversations/ui/adapter/MessageAdapter.java +++ b/src/main/java/eu/siacs/conversations/ui/adapter/MessageAdapter.java @@ -187,7 +187,7 @@ public class MessageAdapter extends ArrayAdapter<Message> { .getAccount().getAxolotlService().getFingerprintTrust( message.getAxolotlFingerprint()); - if(trust == null || trust != XmppAxolotlSession.Trust.TRUSTED) { + if(trust == null || (!trust.trusted() && !trust.trustedInactive())) { viewHolder.indicator.setColorFilter(activity.getWarningTextColor()); viewHolder.indicator.setAlpha(1.0f); } else { diff --git a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java index 04c0f625e..7092aca10 100644 --- a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java +++ b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java @@ -1170,7 +1170,6 @@ public class XmppConnection implements Runnable { } Log.d(Config.LOGTAG,account.getJid().toBareJid()+": closing stream"); tagWriter.writeTag(Tag.end("stream:stream")); - socket.close(); } catch (final IOException e) { Log.d(Config.LOGTAG,account.getJid().toBareJid()+": io exception during disconnect ("+e.getMessage()+")"); } catch (final InterruptedException e) { |