Merge pull request #47 from siacs/master

copy commits

8 files changed, 69 insertions, 18 deletions

diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
index 4a895bb81..2aaadab71 100644
--- a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
+++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
@@ -311,6 +311,8 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
 		expiredDevices.removeAll(deviceIds);
 		setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.TRUSTED,
 				XmppAxolotlSession.Trust.INACTIVE_TRUSTED);
+		setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.TRUSTED_X509,
+				XmppAxolotlSession.Trust.INACTIVE_TRUSTED_X509);
 		setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.UNDECIDED,
 				XmppAxolotlSession.Trust.INACTIVE_UNDECIDED);
 		setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.UNTRUSTED,
@@ -318,6 +320,8 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
 		Set<Integer> newDevices = new HashSet<>(deviceIds);
 		setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_TRUSTED,
 				XmppAxolotlSession.Trust.TRUSTED);
+		setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_TRUSTED_X509,
+				XmppAxolotlSession.Trust.TRUSTED_X509);
 		setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_UNDECIDED,
 				XmppAxolotlSession.Trust.UNDECIDED);
 		setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_UNTRUSTED,
@@ -592,7 +596,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
 								try {
 									mXmppConnectionService.getMemorizingTrustManager().getNonInteractive().checkClientTrusted(verification.first, "RSA");
 									Log.d(Config.LOGTAG, "verified session with x.509 signature. fingerprint was: "+session.getFingerprint());
-									setFingerprintTrust(session.getFingerprint(), XmppAxolotlSession.Trust.TRUSTED);
+									setFingerprintTrust(session.getFingerprint(), XmppAxolotlSession.Trust.TRUSTED_X509);
 									fetchStatusMap.put(address, FetchStatus.SUCCESS_VERIFIED);
 									finishBuildingSessionsFromPEP(address);
 									return;
@@ -774,6 +778,22 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
 		return newSessions;
 	}
 
+	public boolean trustedSessionVerified(final Conversation conversation) {
+		Set<XmppAxolotlSession> sessions = findSessionsforContact(conversation.getContact());
+		sessions.addAll(findOwnSessions());
+		boolean verified = false;
+		for(XmppAxolotlSession session : sessions) {
+			if (session.getTrust().trusted()) {
+				if (session.getTrust() == XmppAxolotlSession.Trust.TRUSTED_X509) {
+					verified = true;
+				} else {
+					return false;
+				}
+			}
+		}
+		return verified;
+	}
+
 	public boolean hasPendingKeyFetches(Account account, Contact contact) {
 		AxolotlAddress ownAddress = new AxolotlAddress(account.getJid().toBareJid().toString(), 0);
 		AxolotlAddress foreignAddress = new AxolotlAddress(contact.getJid().toBareJid().toString(), 0);
diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java
index d582db40c..c452acfd4 100644
--- a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java
+++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java
@@ -40,7 +40,9 @@ public class XmppAxolotlSession {
 		COMPROMISED(3),
 		INACTIVE_TRUSTED(4),
 		INACTIVE_UNDECIDED(5),
-		INACTIVE_UNTRUSTED(6);
+		INACTIVE_UNTRUSTED(6),
+		TRUSTED_X509(7),
+		INACTIVE_TRUSTED_X509(8);
 
 		private static final Map<Integer, Trust> trustsByValue = new HashMap<>();
 
@@ -74,6 +76,10 @@ public class XmppAxolotlSession {
 					return "Inactive (Undecided)" + getCode();
 				case INACTIVE_UNTRUSTED:
 					return "Inactive (Untrusted)" + getCode();
+				case TRUSTED_X509:
+					return "Trusted (X509) " + getCode();
+				case INACTIVE_TRUSTED_X509:
+					return "Inactive (Trusted (X509)) " + getCode();
 				case UNTRUSTED:
 				default:
 					return "Untrusted " + getCode();
@@ -87,6 +93,14 @@ public class XmppAxolotlSession {
 		public static Trust fromCode(int code) {
 			return trustsByValue.get(code);
 		}
+
+		public boolean trusted() {
+			return this == TRUSTED_X509 || this == TRUSTED;
+		}
+
+		public boolean trustedInactive() {
+			return this == INACTIVE_TRUSTED_X509 || this == INACTIVE_TRUSTED;
+		}
 	}
 
 	public XmppAxolotlSession(Account account, SQLiteAxolotlStore store, AxolotlAddress remoteAddress, String fingerprint) {
@@ -144,6 +158,8 @@ public class XmppAxolotlSession {
 			case UNDECIDED:
 			case UNTRUSTED:
 			case TRUSTED:
+			case INACTIVE_TRUSTED_X509:
+			case TRUSTED_X509:
 				try {
 					try {
 						PreKeyWhisperMessage message = new PreKeyWhisperMessage(encryptedKey);
@@ -169,8 +185,12 @@ public class XmppAxolotlSession {
 					Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error decrypting axolotl header, " + e.getClass().getName() + ": " + e.getMessage());
 				}
 
-				if (plaintext != null && trust == Trust.INACTIVE_TRUSTED) {
-					setTrust(Trust.TRUSTED);
+				if (plaintext != null) {
+					if (trust == Trust.INACTIVE_TRUSTED) {
+						setTrust(Trust.TRUSTED);
+					} else if (trust == Trust.INACTIVE_TRUSTED_X509) {
+						setTrust(Trust.TRUSTED_X509);
+					}
 				}
 
 				break;
@@ -186,7 +206,7 @@ public class XmppAxolotlSession {
 	@Nullable
 	public byte[] processSending(@NonNull byte[] outgoingMessage) {
 		Trust trust = getTrust();
-		if (trust == Trust.TRUSTED) {
+		if (trust.trusted()) {
 			CiphertextMessage ciphertextMessage = cipher.encrypt(outgoingMessage);
 			return ciphertextMessage.serialize();
 		} else {
diff --git a/src/main/java/eu/siacs/conversations/entities/Message.java b/src/main/java/eu/siacs/conversations/entities/Message.java
index 36cc0842f..808bb1b65 100644
--- a/src/main/java/eu/siacs/conversations/entities/Message.java
+++ b/src/main/java/eu/siacs/conversations/entities/Message.java
@@ -716,8 +716,8 @@ public class Message extends AbstractEntity {
 	}
 
 	public boolean isTrusted() {
-		return conversation.getAccount().getAxolotlService().getFingerprintTrust(axolotlFingerprint)
-				== XmppAxolotlSession.Trust.TRUSTED;
+		XmppAxolotlSession.Trust t = conversation.getAccount().getAxolotlService().getFingerprintTrust(axolotlFingerprint);
+		return t != null && t.trusted();
 	}
 
 	private  int getPreviousEncryption() {
diff --git a/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java b/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java
index 707237a11..fdbfe4fee 100644
--- a/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java
+++ b/src/main/java/eu/siacs/conversations/persistance/DatabaseBackend.java
@@ -962,12 +962,13 @@ public class DatabaseBackend extends SQLiteOpenHelper {
 		String[] args = {
 				account.getUuid(),
 				name,
-				String.valueOf(XmppAxolotlSession.Trust.TRUSTED.getCode())
+				String.valueOf(XmppAxolotlSession.Trust.TRUSTED.getCode()),
+				String.valueOf(XmppAxolotlSession.Trust.TRUSTED_X509.getCode())
 		};
 		return DatabaseUtils.queryNumEntries(db, SQLiteAxolotlStore.IDENTITIES_TABLENAME,
 				SQLiteAxolotlStore.ACCOUNT + " = ?"
 				+ " AND " + SQLiteAxolotlStore.NAME + " = ?"
-				+ " AND " + SQLiteAxolotlStore.TRUSTED + " = ?",
+				+ " AND (" + SQLiteAxolotlStore.TRUSTED + " = ? OR "+SQLiteAxolotlStore.TRUSTED+ " = ?)",
 				args
 		);
 	}
diff --git a/src/main/java/eu/siacs/conversations/ui/ConversationFragment.java b/src/main/java/eu/siacs/conversations/ui/ConversationFragment.java
index fd3426ca7..9904f3e12 100644
--- a/src/main/java/eu/siacs/conversations/ui/ConversationFragment.java
+++ b/src/main/java/eu/siacs/conversations/ui/ConversationFragment.java
@@ -46,6 +46,7 @@ import java.util.concurrent.ConcurrentLinkedQueue;
 import eu.siacs.conversations.Config;
 import eu.siacs.conversations.R;
 import eu.siacs.conversations.crypto.PgpEngine;
+import eu.siacs.conversations.crypto.axolotl.AxolotlService;
 import eu.siacs.conversations.entities.Account;
 import eu.siacs.conversations.entities.Contact;
 import eu.siacs.conversations.entities.Conversation;
@@ -363,7 +364,12 @@ public class ConversationFragment extends Fragment implements EditMessage.Keyboa
 					mEditMessage.setHint(getString(R.string.send_otr_message));
 					break;
 				case Message.ENCRYPTION_AXOLOTL:
-					mEditMessage.setHint(getString(R.string.send_omemo_message));
+					AxolotlService axolotlService = conversation.getAccount().getAxolotlService();
+					if (axolotlService.trustedSessionVerified(conversation)) {
+						mEditMessage.setHint(getString(R.string.send_omemo_x509_message));
+					} else {
+						mEditMessage.setHint(getString(R.string.send_omemo_message));
+					}
 					break;
 				case Message.ENCRYPTION_PGP:
 					mEditMessage.setHint(getString(R.string.send_pgp_message));
diff --git a/src/main/java/eu/siacs/conversations/ui/XmppActivity.java b/src/main/java/eu/siacs/conversations/ui/XmppActivity.java
index 9dae18157..ebd3b7d38 100644
--- a/src/main/java/eu/siacs/conversations/ui/XmppActivity.java
+++ b/src/main/java/eu/siacs/conversations/ui/XmppActivity.java
@@ -677,12 +677,16 @@ public abstract class XmppActivity extends Activity {
 				return true;
 			}
 		});
-
+		boolean x509 = trust == XmppAxolotlSession.Trust.TRUSTED_X509 || trust == XmppAxolotlSession.Trust.INACTIVE_TRUSTED_X509;
 		switch (trust) {
 			case UNTRUSTED:
 			case TRUSTED:
-				trustToggle.setChecked(trust == XmppAxolotlSession.Trust.TRUSTED, false);
-				trustToggle.setEnabled(true);
+			case TRUSTED_X509:
+				trustToggle.setChecked(trust.trusted(), false);
+				trustToggle.setEnabled(trust != XmppAxolotlSession.Trust.TRUSTED_X509);
+				if (trust == XmppAxolotlSession.Trust.TRUSTED_X509) {
+					trustToggle.setOnClickListener(null);
+				}
 				key.setTextColor(getPrimaryTextColor());
 				keyType.setTextColor(getSecondaryTextColor());
 				break;
@@ -701,6 +705,7 @@ public abstract class XmppActivity extends Activity {
 				keyType.setTextColor(getTertiaryTextColor());
 				break;
 			case INACTIVE_TRUSTED:
+			case INACTIVE_TRUSTED_X509:
 				trustToggle.setOnClickListener(null);
 				trustToggle.setChecked(true, false);
 				trustToggle.setEnabled(false);
@@ -710,15 +715,15 @@ public abstract class XmppActivity extends Activity {
 		}
 
 		if (showTag) {
-			keyType.setText(getString(R.string.omemo_fingerprint));
+			keyType.setText(getString(x509 ? R.string.omemo_fingerprint_x509 : R.string.omemo_fingerprint));
 		} else {
 			keyType.setVisibility(View.GONE);
 		}
 		if (highlight) {
 			keyType.setTextColor(getResources().getColor(R.color.accent));
-			keyType.setText(getString(R.string.omemo_fingerprint_selected_message));
+			keyType.setText(getString(x509 ? R.string.omemo_fingerprint_x509_selected_message : R.string.omemo_fingerprint_selected_message));
 		} else {
-			keyType.setText(getString(R.string.omemo_fingerprint));
+			keyType.setText(getString(x509 ? R.string.omemo_fingerprint_x509 : R.string.omemo_fingerprint));
 		}
 
 		key.setText(CryptoHelper.prettifyFingerprint(fingerprint));
diff --git a/src/main/java/eu/siacs/conversations/ui/adapter/MessageAdapter.java b/src/main/java/eu/siacs/conversations/ui/adapter/MessageAdapter.java
index 039efe3c5..10fa3c18f 100644
--- a/src/main/java/eu/siacs/conversations/ui/adapter/MessageAdapter.java
+++ b/src/main/java/eu/siacs/conversations/ui/adapter/MessageAdapter.java
@@ -187,7 +187,7 @@ public class MessageAdapter extends ArrayAdapter<Message> {
 						.getAccount().getAxolotlService().getFingerprintTrust(
 								message.getAxolotlFingerprint());
 
-				if(trust == null || trust != XmppAxolotlSession.Trust.TRUSTED) {
+				if(trust == null || (!trust.trusted() && !trust.trustedInactive())) {
 					viewHolder.indicator.setColorFilter(activity.getWarningTextColor());
 					viewHolder.indicator.setAlpha(1.0f);
 				} else {
diff --git a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
index 04c0f625e..7092aca10 100644
--- a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
+++ b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
@@ -1170,7 +1170,6 @@ public class XmppConnection implements Runnable {
 					}
 					Log.d(Config.LOGTAG,account.getJid().toBareJid()+": closing stream");
 					tagWriter.writeTag(Tag.end("stream:stream"));
-					socket.close();
 				} catch (final IOException e) {
 					Log.d(Config.LOGTAG,account.getJid().toBareJid()+": io exception during disconnect ("+e.getMessage()+")");
 				} catch (final InterruptedException e) {