aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlexey Rusakov <Kitsune-Ral@users.sf.net>2022-09-12 18:56:54 +0200
committerAlexey Rusakov <Kitsune-Ral@users.sf.net>2022-09-12 18:56:54 +0200
commitf4009215b500dbae4a10d1a86bb059272e47d0cb (patch)
tree3b0b2e9559133082f1658efd0ded5b6d54562c51
parente003251fa57589fcdaa28b99157a845415a25370 (diff)
downloadlibquotient-f4009215b500dbae4a10d1a86bb059272e47d0cb.tar.gz
libquotient-f4009215b500dbae4a10d1a86bb059272e47d0cb.zip
Only trust verification keys if the user verified the SAS
-rw-r--r--lib/keyverificationsession.cpp15
-rw-r--r--lib/keyverificationsession.h3
2 files changed, 17 insertions, 1 deletions
diff --git a/lib/keyverificationsession.cpp b/lib/keyverificationsession.cpp
index c6b62a83..541ca49b 100644
--- a/lib/keyverificationsession.cpp
+++ b/lib/keyverificationsession.cpp
@@ -249,6 +249,10 @@ void KeyVerificationSession::sendMac()
mac),
m_encrypted);
setState (macReceived ? DONE : WAITINGFORMAC);
+ m_verified = true;
+ if (!m_pendingEdKeyId.isEmpty()) {
+ trustKeys();
+ }
}
void KeyVerificationSession::sendDone()
@@ -387,7 +391,16 @@ void KeyVerificationSession::handleMac(const KeyVerificationMacEvent& event)
return;
}
- m_connection->database()->setSessionVerified(edKeyId);
+ m_pendingEdKeyId = edKeyId;
+
+ if (m_verified) {
+ trustKeys();
+ }
+}
+
+void KeyVerificationSession::trustKeys()
+{
+ m_connection->database()->setSessionVerified(m_pendingEdKeyId);
emit m_connection->sessionVerified(m_remoteUserId, m_remoteDeviceId);
macReceived = true;
diff --git a/lib/keyverificationsession.h b/lib/keyverificationsession.h
index aa0295cb..075ea1e2 100644
--- a/lib/keyverificationsession.h
+++ b/lib/keyverificationsession.h
@@ -125,6 +125,8 @@ private:
bool macReceived = false;
bool m_encrypted;
QStringList m_remoteSupportedMethods;
+ bool m_verified = false;
+ QString m_pendingEdKeyId{};
void handleReady(const KeyVerificationReadyEvent& event);
void handleStart(const KeyVerificationStartEvent& event);
@@ -138,6 +140,7 @@ private:
void setError(Error error);
static QString errorToString(Error error);
static Error stringToError(const QString& error);
+ void trustKeys();
QByteArray macInfo(bool verifying, const QString& key = "KEY_IDS"_ls);
QString calculateMac(const QString& input, bool verifying, const QString& keyId= "KEY_IDS"_ls);