diff options
author | Kitsune Ral <Kitsune-Ral@users.sf.net> | 2019-07-08 20:00:16 +0900 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-07-08 20:00:16 +0900 |
commit | f8eb9db4c4c13d6db65d23393fdcda2ac020bb3e (patch) | |
tree | 1376bbc77d3aea285214d62241beb06f2c2672c6 /lib/encryptionmanager.cpp | |
parent | f0c1269bf592f5ba1ccde3b667e6737fe75a335d (diff) | |
parent | 8c49ac34c94b53f74c23f67ce3a2720673ab2fac (diff) | |
download | libquotient-f8eb9db4c4c13d6db65d23393fdcda2ac020bb3e.tar.gz libquotient-f8eb9db4c4c13d6db65d23393fdcda2ac020bb3e.zip |
Merge pull request #332 from quotient-im/aa13q-e2ee-pickle
E2EE: add new account and identity keys generation logic
Diffstat (limited to 'lib/encryptionmanager.cpp')
-rw-r--r-- | lib/encryptionmanager.cpp | 67 |
1 files changed, 42 insertions, 25 deletions
diff --git a/lib/encryptionmanager.cpp b/lib/encryptionmanager.cpp index 1e1fc669..c2e244fc 100644 --- a/lib/encryptionmanager.cpp +++ b/lib/encryptionmanager.cpp @@ -24,13 +24,17 @@ class EncryptionManager::Private { public: explicit Private(const QByteArray& encryptionAccountPickle, float signedKeysProportion, float oneTimeKeyThreshold) - : olmAccount(new Account(encryptionAccountPickle)), // TODO: passphrase even with qtkeychain? - signedKeysProportion(move(signedKeysProportion)), - oneTimeKeyThreshold(move(oneTimeKeyThreshold)), - targetKeysNumber(olmAccount->maxOneTimeKeys()) // 2 // see note below + : signedKeysProportion(move(signedKeysProportion)), + oneTimeKeyThreshold(move(oneTimeKeyThreshold)) { Q_ASSERT((0 <= signedKeysProportion) && (signedKeysProportion <= 1)); Q_ASSERT((0 <= oneTimeKeyThreshold) && (oneTimeKeyThreshold <= 1)); + if (encryptionAccountPickle.isEmpty()) + { + olmAccount.reset(new Account()); + } else { + olmAccount.reset(new Account(encryptionAccountPickle)); // TODO: passphrase even with qtkeychain? + } /* * Note about targetKeysNumber: * @@ -42,17 +46,19 @@ class EncryptionManager::Private * used instantly, and we want them to stay in libolm, until the limit is reached * and it starts discarding keys, starting by the oldest. */ + targetKeysNumber = olmAccount->maxOneTimeKeys(); // 2 // see note below + targetOneTimeKeyCounts = + { + {SignedCurve25519Name, qRound(signedKeysProportion * targetKeysNumber)}, + {Curve25519Name, qRound((1-signedKeysProportion) * targetKeysNumber)} + }; } - ~Private() - { - delete olmAccount; - } + ~Private() = default; UploadKeysJob* uploadIdentityKeysJob = nullptr; UploadKeysJob* uploadOneTimeKeysJob = nullptr; - Account* olmAccount; - const QByteArray encryptionAccountPickle; + QScopedPointer<Account> olmAccount; float signedKeysProportion; float oneTimeKeyThreshold; @@ -68,11 +74,7 @@ class EncryptionManager::Private updateKeysToUpload(); } QHash<QString, int> oneTimeKeysToUploadCounts; - QHash<QString, int> targetOneTimeKeyCounts - { - {SignedCurve25519Name, qRound(signedKeysProportion * targetKeysNumber)}, - {Curve25519Name, qRound((1-signedKeysProportion) * targetKeysNumber)} - }; + QHash<QString, int> targetOneTimeKeyCounts; }; EncryptionManager::EncryptionManager(const QByteArray &encryptionAccountPickle, float signedKeysProportion, float oneTimeKeyThreshold, @@ -110,19 +112,29 @@ void EncryptionManager::uploadIdentityKeys(Connection* connection) d->olmAccount->ed25519IdentityKey() } }, - /* - * Signatures for the device key object. - * A map from user ID, to a map from <algorithm>:<device_id> to the signature. - * The signature is calculated using the process called Signing JSON. - */ + /* signatures should be provided after the unsigned deviceKeys generation */ + {} + }; + + QJsonObject deviceKeysJsonObject = toJson(deviceKeys); + /* additionally removing signatures key, + * since we could not initialize deviceKeys + * without an empty signatures value: + */ + deviceKeysJsonObject.remove(QStringLiteral("signatures")); + /* + * Signatures for the device key object. + * A map from user ID, to a map from <algorithm>:<device_id> to the signature. + * The signature is calculated using the process called Signing JSON. + */ + deviceKeys.signatures = + { { + connection->userId(), { - connection->userId(), { - { - ed25519Name + QStringLiteral(":") + connection->deviceId(), - d->olmAccount->sign(toJson(deviceKeys)) - } + ed25519Name + QStringLiteral(":") + connection->deviceId(), + d->olmAccount->sign(deviceKeysJsonObject) } } } @@ -183,6 +195,11 @@ void EncryptionManager::uploadOneTimeKeys(Connection* connection, bool forceUpda .arg(signedKeysToUploadCount).arg(unsignedKeysToUploadCount); } +QByteArray EncryptionManager::olmAccountPickle() +{ + return d->olmAccount->pickle(); // TODO: passphrase even with qtkeychain? +} + void EncryptionManager::Private::updateKeysToUpload() { for (auto it = targetOneTimeKeyCounts.cbegin(); it != targetOneTimeKeyCounts.cend(); ++it) |