From bca29cf7fd6fcf7438f39d81833cda18a94eefd9 Mon Sep 17 00:00:00 2001
From: Daniel Gultsch <daniel@gultsch.de>
Date: Sat, 31 Oct 2015 10:57:57 +0100
Subject: explicitly mark verified omemo keys in UI

---
 .../crypto/axolotl/AxolotlService.java             |  6 ++++-
 .../crypto/axolotl/XmppAxolotlSession.java         | 28 ++++++++++++++++++----
 2 files changed, 29 insertions(+), 5 deletions(-)

(limited to 'src/main/java/eu/siacs/conversations/crypto')

diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
index 4a895bb8..8cda3c12 100644
--- a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
+++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java
@@ -311,6 +311,8 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
 		expiredDevices.removeAll(deviceIds);
 		setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.TRUSTED,
 				XmppAxolotlSession.Trust.INACTIVE_TRUSTED);
+		setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.TRUSTED_X509,
+				XmppAxolotlSession.Trust.INACTIVE_TRUSTED_X509);
 		setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.UNDECIDED,
 				XmppAxolotlSession.Trust.INACTIVE_UNDECIDED);
 		setTrustOnSessions(jid, expiredDevices, XmppAxolotlSession.Trust.UNTRUSTED,
@@ -318,6 +320,8 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
 		Set<Integer> newDevices = new HashSet<>(deviceIds);
 		setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_TRUSTED,
 				XmppAxolotlSession.Trust.TRUSTED);
+		setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_TRUSTED_X509,
+				XmppAxolotlSession.Trust.TRUSTED_X509);
 		setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_UNDECIDED,
 				XmppAxolotlSession.Trust.UNDECIDED);
 		setTrustOnSessions(jid, newDevices, XmppAxolotlSession.Trust.INACTIVE_UNTRUSTED,
@@ -592,7 +596,7 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded {
 								try {
 									mXmppConnectionService.getMemorizingTrustManager().getNonInteractive().checkClientTrusted(verification.first, "RSA");
 									Log.d(Config.LOGTAG, "verified session with x.509 signature. fingerprint was: "+session.getFingerprint());
-									setFingerprintTrust(session.getFingerprint(), XmppAxolotlSession.Trust.TRUSTED);
+									setFingerprintTrust(session.getFingerprint(), XmppAxolotlSession.Trust.TRUSTED_X509);
 									fetchStatusMap.put(address, FetchStatus.SUCCESS_VERIFIED);
 									finishBuildingSessionsFromPEP(address);
 									return;
diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java
index d582db40..c452acfd 100644
--- a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java
+++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java
@@ -40,7 +40,9 @@ public class XmppAxolotlSession {
 		COMPROMISED(3),
 		INACTIVE_TRUSTED(4),
 		INACTIVE_UNDECIDED(5),
-		INACTIVE_UNTRUSTED(6);
+		INACTIVE_UNTRUSTED(6),
+		TRUSTED_X509(7),
+		INACTIVE_TRUSTED_X509(8);
 
 		private static final Map<Integer, Trust> trustsByValue = new HashMap<>();
 
@@ -74,6 +76,10 @@ public class XmppAxolotlSession {
 					return "Inactive (Undecided)" + getCode();
 				case INACTIVE_UNTRUSTED:
 					return "Inactive (Untrusted)" + getCode();
+				case TRUSTED_X509:
+					return "Trusted (X509) " + getCode();
+				case INACTIVE_TRUSTED_X509:
+					return "Inactive (Trusted (X509)) " + getCode();
 				case UNTRUSTED:
 				default:
 					return "Untrusted " + getCode();
@@ -87,6 +93,14 @@ public class XmppAxolotlSession {
 		public static Trust fromCode(int code) {
 			return trustsByValue.get(code);
 		}
+
+		public boolean trusted() {
+			return this == TRUSTED_X509 || this == TRUSTED;
+		}
+
+		public boolean trustedInactive() {
+			return this == INACTIVE_TRUSTED_X509 || this == INACTIVE_TRUSTED;
+		}
 	}
 
 	public XmppAxolotlSession(Account account, SQLiteAxolotlStore store, AxolotlAddress remoteAddress, String fingerprint) {
@@ -144,6 +158,8 @@ public class XmppAxolotlSession {
 			case UNDECIDED:
 			case UNTRUSTED:
 			case TRUSTED:
+			case INACTIVE_TRUSTED_X509:
+			case TRUSTED_X509:
 				try {
 					try {
 						PreKeyWhisperMessage message = new PreKeyWhisperMessage(encryptedKey);
@@ -169,8 +185,12 @@ public class XmppAxolotlSession {
 					Log.w(Config.LOGTAG, AxolotlService.getLogprefix(account) + "Error decrypting axolotl header, " + e.getClass().getName() + ": " + e.getMessage());
 				}
 
-				if (plaintext != null && trust == Trust.INACTIVE_TRUSTED) {
-					setTrust(Trust.TRUSTED);
+				if (plaintext != null) {
+					if (trust == Trust.INACTIVE_TRUSTED) {
+						setTrust(Trust.TRUSTED);
+					} else if (trust == Trust.INACTIVE_TRUSTED_X509) {
+						setTrust(Trust.TRUSTED_X509);
+					}
 				}
 
 				break;
@@ -186,7 +206,7 @@ public class XmppAxolotlSession {
 	@Nullable
 	public byte[] processSending(@NonNull byte[] outgoingMessage) {
 		Trust trust = getTrust();
-		if (trust == Trust.TRUSTED) {
+		if (trust.trusted()) {
 			CiphertextMessage ciphertextMessage = cipher.encrypt(outgoingMessage);
 			return ciphertextMessage.serialize();
 		} else {
-- 
cgit v1.2.3