From 1cf67730a0880a520ae04bdf4ef61592daa9fe06 Mon Sep 17 00:00:00 2001 From: Kitsune Ral Date: Tue, 26 Sep 2017 20:57:28 +0900 Subject: Introduce EncryptionEvent class This allows to detect if a room has been encrypted (no room state, just an event as of yet). Closes #84. --- lib/events/encryptionevent.cpp | 5 +++++ lib/events/encryptionevent.h | 43 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 lib/events/encryptionevent.cpp create mode 100644 lib/events/encryptionevent.h (limited to 'lib') diff --git a/lib/events/encryptionevent.cpp b/lib/events/encryptionevent.cpp new file mode 100644 index 00000000..7b620bce --- /dev/null +++ b/lib/events/encryptionevent.cpp @@ -0,0 +1,5 @@ +// +// Created by rusakov on 26/09/2017. +// + +#include "encryptionevent.h" diff --git a/lib/events/encryptionevent.h b/lib/events/encryptionevent.h new file mode 100644 index 00000000..b44e0eeb --- /dev/null +++ b/lib/events/encryptionevent.h @@ -0,0 +1,43 @@ +/****************************************************************************** + * Copyright (C) 2017 Kitsune Ral + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#pragma once + +#include "roomevent.h" + +namespace QMatrixClient +{ + class EncryptionEvent : public RoomEvent + { + public: + DEFINE_EVENT_TYPEID("m.room.encryption", EncryptionEvent) + + explicit EncryptionEvent(const QJsonObject& obj) + : RoomEvent(typeId(), obj) + , _algorithm(contentJson()["algorithm"].toString()) + { } + + QString algorithm() const { return _algorithm; } + + private: + QString _algorithm; + }; + REGISTER_EVENT_TYPE(EncryptionEvent) + DEFINE_EVENTTYPE_ALIAS(Encryption, EncryptionEvent) +} // namespace QMatrixClient + -- cgit v1.2.3 From af623d68df8cec92277e9a40f18beac617b5d397 Mon Sep 17 00:00:00 2001 From: Alexey Andreyev Date: Fri, 24 May 2019 15:18:14 +0300 Subject: Add libQtOlm --- .gitmodules | 3 +++ CMakeLists.txt | 39 +++++++++++++++++++++++++++++++++------ cmake/QMatrixClientConfig.cmake | 3 +++ lib/libQtOlm | 1 + 4 files changed, 40 insertions(+), 6 deletions(-) create mode 160000 lib/libQtOlm (limited to 'lib') diff --git a/.gitmodules b/.gitmodules index e69de29b..23158cd2 100644 --- a/.gitmodules +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "lib/libQtOlm"] + path = lib/libQtOlm + url = git@gitlab.com:aa13q/libqtolm.git diff --git a/CMakeLists.txt b/CMakeLists.txt index 92d8a969..6b6cd0f3 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -11,7 +11,6 @@ if (NOT WIN32) endif(NOT WIN32) set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} ${CMAKE_CURRENT_SOURCE_DIR}/cmake) -include(cmake/FindOlm.cmake) # Find includes in corresponding build directories set(CMAKE_INCLUDE_CURRENT_DIR ON) @@ -53,8 +52,24 @@ endforeach () # upstream Qt 5.4 is required. find_package(Qt5 5.4.1 REQUIRED Network Gui Multimedia) get_filename_component(Qt5_Prefix "${Qt5_DIR}/../../../.." ABSOLUTE) -find_package(Olm REQUIRED) -get_filename_component(Olm_Prefix "${Olm_INCLUDE_DIRS}/.." ABSOLUTE) + +if ((NOT DEFINED USE_INTREE_LIBQOLM OR USE_INTREE_LIBQOLM) + AND EXISTS ${PROJECT_SOURCE_DIR}/lib/libQtOlm/lib/utils.h) + add_subdirectory(lib/libQtOlm EXCLUDE_FROM_ALL) + include_directories(lib/libQtOlm) + if (NOT DEFINED USE_INTREE_LIBQOLM) + set (USE_INTREE_LIBQOLM 1) + endif () +endif () +if (NOT USE_INTREE_LIBQOLM) + find_package(QtOlm 0.1.0 REQUIRED) + if (NOT QtOlm_FOUND) + message( WARNING "libQtOlm not found; configuration will most likely fail.") + message( WARNING "Make sure you have installed libQtOlm development files") + message( WARNING "as a package or checked out the library sources in lib/.") + message( WARNING "See also BUILDING.md") + endif () +endif () if (GTAD_PATH) get_filename_component(ABS_GTAD_PATH "${GTAD_PATH}" ABSOLUTE) @@ -78,7 +93,20 @@ if (MATRIX_DOC_PATH AND GTAD_PATH) message( STATUS "Generating API stubs enabled" ) message( STATUS " Using GTAD at ${ABS_GTAD_PATH}" ) message( STATUS " Using API files at ${ABS_API_DEF_PATH}" ) - message( STATUS "Using libolm at ${Olm_Prefix}" ) +endif () +find_package(Git) +if (USE_INTREE_LIBQOLM) + message( STATUS "Using in-tree libQtOlm") + if (GIT_FOUND) + execute_process(COMMAND + "${GIT_EXECUTABLE}" rev-parse -q HEAD + WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/lib/libQtOlm/lib + OUTPUT_VARIABLE LIB_GIT_SHA1 + OUTPUT_STRIP_TRAILING_WHITESPACE) + message( STATUS " Library git SHA1: ${LIB_GIT_SHA1}") + endif (GIT_FOUND) +else () + message( STATUS "Using libQtOlm ${QtOlm_VERSION} at ${QtOlm_DIR}") endif () message( STATUS "=============================================================================" ) message( STATUS ) @@ -168,9 +196,8 @@ set_property(TARGET QMatrixClient APPEND PROPERTY target_include_directories(QMatrixClient PUBLIC $ $ - "${Olm_INCLUDE_DIRS}" ) -target_link_libraries(QMatrixClient Qt5::Core Qt5::Network Qt5::Gui Qt5::Multimedia ${Olm_LIBRARIES}) +target_link_libraries(QMatrixClient QtOlm Qt5::Core Qt5::Network Qt5::Gui Qt5::Multimedia) add_executable(qmc-example ${example_SRCS}) target_link_libraries(qmc-example Qt5::Core QMatrixClient) diff --git a/cmake/QMatrixClientConfig.cmake b/cmake/QMatrixClientConfig.cmake index 900038a5..64180cca 100644 --- a/cmake/QMatrixClientConfig.cmake +++ b/cmake/QMatrixClientConfig.cmake @@ -1 +1,4 @@ +include(CMakeFindDependencyMacro) + +find_dependency(QtOlm) include("${CMAKE_CURRENT_LIST_DIR}/QMatrixClientTargets.cmake") diff --git a/lib/libQtOlm b/lib/libQtOlm new file mode 160000 index 00000000..37bebdc9 --- /dev/null +++ b/lib/libQtOlm @@ -0,0 +1 @@ +Subproject commit 37bebdc96aee620df44d211ef91b55b86d8cfbc7 -- cgit v1.2.3 From bb98bd26bdd72998e09553e1703d552d1d217f86 Mon Sep 17 00:00:00 2001 From: Alexey Andreyev Date: Sat, 25 May 2019 03:31:55 +0300 Subject: Add full EncryptionEvent to room logic. Issue #95 --- lib/events/encryptionevent.cpp | 48 ++++++++++++++++++++++++++++++++++++++++++ lib/events/encryptionevent.h | 47 +++++++++++++++++++++++++++++++++++------ lib/events/simplestateevents.h | 2 -- lib/room.cpp | 1 + libqmatrixclient.pri | 2 ++ 5 files changed, 91 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/lib/events/encryptionevent.cpp b/lib/events/encryptionevent.cpp index 7b620bce..b8e2b575 100644 --- a/lib/events/encryptionevent.cpp +++ b/lib/events/encryptionevent.cpp @@ -1,5 +1,53 @@ // // Created by rusakov on 26/09/2017. +// Contributed by andreev on 27/06/2019. // #include "encryptionevent.h" + +#include "converters.h" +#include "logging.h" + +#include + +static const std::array encryptionStrings = { { + QStringLiteral("m.megolm.v1.aes-sha2") +} }; + +namespace QMatrixClient { + template <> + struct JsonConverter + { + static EncryptionType load(const QJsonValue& jv) + { + const auto& encryptionString = jv.toString(); + for (auto it = encryptionStrings.begin(); + it != encryptionStrings.end(); ++it) + if (encryptionString == *it) + return EncryptionType(it - encryptionStrings.begin()); + + qCWarning(EVENTS) << "Unknown EncryptionType: " << encryptionString; + return EncryptionType::Undefined; + } + }; +} + +using namespace QMatrixClient; + +EncryptionEventContent::EncryptionEventContent(const QJsonObject& json) + : encryption(fromJson(json["algorithm"_ls])) + , algorithm(sanitized(json["algorithm"_ls].toString())) + , rotationPeriodMs(json["rotation_period_ms"_ls].toInt(604800000)) + , rotationPeriodMsgs(json["rotation_period_msgs"_ls].toInt(100)) +{ } + +void EncryptionEventContent::fillJson(QJsonObject* o) const +{ + Q_ASSERT(o); + Q_ASSERT_X(encryption != EncryptionType::Undefined, __FUNCTION__, + "The key 'algorithm' must be explicit in EncryptionEventContent"); + if (encryption != EncryptionType::Undefined) + o->insert(QStringLiteral("algorithm"), algorithm); + o->insert(QStringLiteral("rotation_period_ms"), rotationPeriodMs); + o->insert(QStringLiteral("rotation_period_msgs"), rotationPeriodMsgs); +} diff --git a/lib/events/encryptionevent.h b/lib/events/encryptionevent.h index b44e0eeb..6a4a1c67 100644 --- a/lib/events/encryptionevent.h +++ b/lib/events/encryptionevent.h @@ -18,25 +18,58 @@ #pragma once -#include "roomevent.h" +#include "stateevent.h" +#include "eventcontent.h" namespace QMatrixClient { - class EncryptionEvent : public RoomEvent + class EncryptionEventContent: public EventContent::Base { + public: + enum EncryptionType : size_t { MegolmV1AesSha2 = 0, + Undefined }; + + explicit EncryptionEventContent(EncryptionType et = Undefined) + : encryption(et) + { } + explicit EncryptionEventContent(const QJsonObject& json); + + EncryptionType encryption; + QString algorithm; + int rotationPeriodMs; + int rotationPeriodMsgs; + + protected: + void fillJson(QJsonObject* o) const override; + }; + + using EncryptionType = EncryptionEventContent::EncryptionType; + + class EncryptionEvent : public StateEvent + { + Q_GADGET public: DEFINE_EVENT_TYPEID("m.room.encryption", EncryptionEvent) - explicit EncryptionEvent(const QJsonObject& obj) - : RoomEvent(typeId(), obj) - , _algorithm(contentJson()["algorithm"].toString()) + using EncryptionType = EncryptionEventContent::EncryptionType; + + explicit EncryptionEvent(const QJsonObject& obj = {}) // TODO: apropriate default value + : StateEvent(typeId(), obj) { } + EncryptionEvent(EncryptionEventContent&& c) + : StateEvent(typeId(), matrixTypeId(), c) + { } + + EncryptionType encryption() const { return content().encryption; } - QString algorithm() const { return _algorithm; } + QString algorithm() const { return content().algorithm; } + int rotationPeriodMs() const { return content().rotationPeriodMs; } + int rotationPeriodMsgs() const { return content().rotationPeriodMsgs; } private: - QString _algorithm; + REGISTER_ENUM(EncryptionType) }; + REGISTER_EVENT_TYPE(EncryptionEvent) DEFINE_EVENTTYPE_ALIAS(Encryption, EncryptionEvent) } // namespace QMatrixClient diff --git a/lib/events/simplestateevents.h b/lib/events/simplestateevents.h index 2c23d9ca..81401532 100644 --- a/lib/events/simplestateevents.h +++ b/lib/events/simplestateevents.h @@ -86,7 +86,5 @@ namespace QMatrixClient DEFINE_EVENTTYPE_ALIAS(RoomCanonicalAlias, RoomCanonicalAliasEvent) DEFINE_SIMPLE_STATE_EVENT(RoomTopicEvent, "m.room.topic", QString, topic) DEFINE_EVENTTYPE_ALIAS(RoomTopic, RoomTopicEvent) - DEFINE_SIMPLE_STATE_EVENT(EncryptionEvent, "m.room.encryption", - QString, algorithm) DEFINE_EVENTTYPE_ALIAS(RoomEncryption, EncryptionEvent) } // namespace QMatrixClient diff --git a/lib/room.cpp b/lib/room.cpp index 2ce37acc..14e16850 100644 --- a/lib/room.cpp +++ b/lib/room.cpp @@ -31,6 +31,7 @@ #include "csapi/tags.h" #include "csapi/room_upgrades.h" #include "events/simplestateevents.h" +#include "events/encryptionevent.h" #include "events/roomcreateevent.h" #include "events/roomtombstoneevent.h" #include "events/roomavatarevent.h" diff --git a/libqmatrixclient.pri b/libqmatrixclient.pri index be568bd2..4387af29 100644 --- a/libqmatrixclient.pri +++ b/libqmatrixclient.pri @@ -38,6 +38,7 @@ HEADERS += \ $$SRCPATH/events/callinviteevent.h \ $$SRCPATH/events/accountdataevents.h \ $$SRCPATH/events/directchatevent.h \ + $$SRCPATH/events/encryptionevent.h \ $$SRCPATH/events/redactionevent.h \ $$SRCPATH/events/eventloader.h \ $$SRCPATH/jobs/requestdata.h \ @@ -81,6 +82,7 @@ SOURCES += \ $$SRCPATH/events/callinviteevent.cpp \ $$SRCPATH/events/receiptevent.cpp \ $$SRCPATH/events/directchatevent.cpp \ + $$SRCPATH/events/encryptionevent.cpp \ $$SRCPATH/jobs/requestdata.cpp \ $$SRCPATH/jobs/basejob.cpp \ $$SRCPATH/jobs/syncjob.cpp \ -- cgit v1.2.3 From 46a7350086e42ea3960fe54ef5c68b2207527899 Mon Sep 17 00:00:00 2001 From: Alexey Andreyev Date: Wed, 29 May 2019 02:22:06 +0300 Subject: Update libQtOlm --- lib/libQtOlm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/libQtOlm b/lib/libQtOlm index 37bebdc9..5bfc4241 160000 --- a/lib/libQtOlm +++ b/lib/libQtOlm @@ -1 +1 @@ -Subproject commit 37bebdc96aee620df44d211ef91b55b86d8cfbc7 +Subproject commit 5bfc42417d8ee741d2f5a723a2939c895734b92b -- cgit v1.2.3 From 69ba71cca36b4a90328d169c845195f39c041a3a Mon Sep 17 00:00:00 2001 From: Alexey Andreyev Date: Sat, 22 Jun 2019 19:57:18 +0300 Subject: Add EncryptionManager class. Add AccountSettings::encryptionAccountPickle logic. --- CMakeLists.txt | 1 + lib/connection.cpp | 10 ++++ lib/encryptionmanager.cpp | 117 ++++++++++++++++++++++++++++++++++++++++++++++ lib/encryptionmanager.h | 31 ++++++++++++ lib/settings.cpp | 22 ++++++++- lib/settings.h | 5 ++ libqmatrixclient.pri | 2 + 7 files changed, 187 insertions(+), 1 deletion(-) create mode 100644 lib/encryptionmanager.cpp create mode 100644 lib/encryptionmanager.h (limited to 'lib') diff --git a/CMakeLists.txt b/CMakeLists.txt index 6b6cd0f3..d3906ffb 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -125,6 +125,7 @@ set(libqmatrixclient_SRCS lib/networksettings.cpp lib/converters.cpp lib/util.cpp + lib/encryptionmanager.cpp lib/eventitem.cpp lib/events/event.cpp lib/events/roomevent.cpp diff --git a/lib/connection.cpp b/lib/connection.cpp index a7eae30f..d7c3d78f 100644 --- a/lib/connection.cpp +++ b/lib/connection.cpp @@ -23,6 +23,7 @@ #include "events/eventloader.h" #include "room.h" #include "settings.h" +#include "encryptionmanager.h" #include "csapi/login.h" #include "csapi/capabilities.h" #include "csapi/logout.h" @@ -101,6 +102,8 @@ class Connection::Private GetCapabilitiesJob* capabilitiesJob = nullptr; GetCapabilitiesJob::Capabilities capabilities; + QScopedPointer encryptionManager; + SyncJob* syncJob = nullptr; bool cacheState = true; @@ -235,6 +238,13 @@ void Connection::doConnectToServer(const QString& user, const QString& password, [this, loginJob] { d->connectWithToken(loginJob->userId(), loginJob->accessToken(), loginJob->deviceId()); + + AccountSettings accountSettings(loginJob->userId()); + d->encryptionManager.reset(new EncryptionManager(accountSettings.encryptionAccountPickle())); + + d->encryptionManager->uploadIdentityKeys(this); + d->encryptionManager->uploadOneTimeKeys(this); + }); connect(loginJob, &BaseJob::failure, this, [this, loginJob] { diff --git a/lib/encryptionmanager.cpp b/lib/encryptionmanager.cpp new file mode 100644 index 00000000..b40305ea --- /dev/null +++ b/lib/encryptionmanager.cpp @@ -0,0 +1,117 @@ +#include "encryptionmanager.h" + +#include +#include +#include +#include +#include // QtOlm + +#include "csapi/keys.h" +#include "connection.h" + +using namespace QMatrixClient; +using namespace QtOlm; +using std::move; + +static const auto ed25519Name = QStringLiteral("ed25519"); +static const auto Curve25519Name = QStringLiteral("curve25519"); +static const auto SignedCurve25519Name = QStringLiteral("signed_curve25519"); +static const auto OlmCurve25519AesSha256AlgoName = QStringLiteral("m.olm.curve25519-aes-sha256"); +static const auto MegolmV1AesShaAlgoName = QStringLiteral("m.megolm.v1.aes-sha"); + +class EncryptionManager::Private +{ + public: + explicit Private(const QByteArray& encryptionAccountPickle, float signedKeysProportion, float oneTimeKeyThreshold) + : olmAccount(new Account(encryptionAccountPickle)), // TODO: passphrase even with qtkeychain? + signedKeysProportion(move(signedKeysProportion)), + oneTimeKeyThreshold(move(oneTimeKeyThreshold)), + targetKeysNumber(olmAccount->maxOneTimeKeys()) // 2 // see note below + { + Q_ASSERT((0 <= signedKeysProportion) && (signedKeysProportion <= 1)); + Q_ASSERT((0 <= oneTimeKeyThreshold) && (oneTimeKeyThreshold <= 1)); + /* + * Note about targetKeysNumber: + * + * From: https://github.com/Zil0/matrix-python-sdk/ + * File: matrix_client/crypto/olm_device.py + * + * Try to maintain half the number of one-time keys libolm can hold uploaded + * on the HS. This is because some keys will be claimed by peers but not + * used instantly, and we want them to stay in libolm, until the limit is reached + * and it starts discarding keys, starting by the oldest. + */ + } + ~Private() + { + delete olmAccount; + } + + UploadKeysJob* uploadIdentityKeysJob = nullptr; + UploadKeysJob* uploadOneTimeKeysJob = nullptr; + + Account* olmAccount; + const QByteArray encryptionAccountPickle; + + float signedKeysProportion; + float oneTimeKeyThreshold; + int targetKeysNumber; + + void updateKeysToUpload(); + bool oneTimeKeyShouldUpload(); + + QHash oneTimeKeyCounts; + void setOneTimeKeyCounts(const QHash oneTimeKeyCountsNewValue) + { + oneTimeKeyCounts = oneTimeKeyCountsNewValue; + updateKeysToUpload(); + } + QHash oneTimeKeysToUploadCounts; + QHash targetOneTimeKeyCounts + { + {SignedCurve25519Name, qRound(signedKeysProportion * targetKeysNumber)}, + {Curve25519Name, qRound((1-signedKeysProportion) * targetKeysNumber)} + }; +}; + +EncryptionManager::EncryptionManager(const QByteArray &encryptionAccountPickle, float signedKeysProportion, float oneTimeKeyThreshold, + QObject* parent) + : QObject(parent), + d(std::make_unique(std::move(encryptionAccountPickle), std::move(signedKeysProportion), std::move(oneTimeKeyThreshold))) +{ + +} + +EncryptionManager::~EncryptionManager() = default; + +void EncryptionManager::uploadIdentityKeys(Connection* connection) +{ + // TODO +} + +void EncryptionManager::uploadOneTimeKeys(Connection* connection, bool forceUpdate) +{ + // TODO +} + +void EncryptionManager::Private::updateKeysToUpload() +{ + for (auto it = targetOneTimeKeyCounts.cbegin(); it != targetOneTimeKeyCounts.cend(); ++it) + { + int numKeys = oneTimeKeyCounts.value(it.key(), 0); + int numToCreate = qMax(it.value() - numKeys, 0); + oneTimeKeysToUploadCounts.insert(it.key(), numToCreate); + } +} + +bool EncryptionManager::Private::oneTimeKeyShouldUpload() +{ + if (oneTimeKeyCounts.empty()) + return true; + for (auto it = targetOneTimeKeyCounts.cbegin(); it != targetOneTimeKeyCounts.cend(); ++it) + { + if (oneTimeKeyCounts.value(it.key(), 0) < it.value() * oneTimeKeyThreshold) + return true; + } + return false; +} diff --git a/lib/encryptionmanager.h b/lib/encryptionmanager.h new file mode 100644 index 00000000..0bd05432 --- /dev/null +++ b/lib/encryptionmanager.h @@ -0,0 +1,31 @@ +#pragma once + +#include +#include +#include + +namespace QMatrixClient +{ + class Connection; + + class EncryptionManager: public QObject + { + Q_OBJECT + + public: + // TODO: store constats separately? + // TODO: 0.5 oneTimeKeyThreshold instead of 0.1? + explicit EncryptionManager(const QByteArray& encryptionAccountPickle, float signedKeysProportion = 1, float oneTimeKeyThreshold = float(0.1), + QObject* parent = nullptr); + ~EncryptionManager(); + + void uploadIdentityKeys(Connection* connection); + void uploadOneTimeKeys(Connection* connection, bool forceUpdate = false); + + private: + class Private; + std::unique_ptr d; + + }; + +} // namespace QMatrixClient diff --git a/lib/settings.cpp b/lib/settings.cpp index 124d7042..5f10299c 100644 --- a/lib/settings.cpp +++ b/lib/settings.cpp @@ -90,6 +90,7 @@ QMC_DEFINE_SETTING(AccountSettings, bool, keepLoggedIn, "keep_logged_in", false, static const auto HomeserverKey = QStringLiteral("homeserver"); static const auto AccessTokenKey = QStringLiteral("access_token"); +static const auto EncryptionAccountPickleKey = QStringLiteral("encryption_account_pickle"); QUrl AccountSettings::homeserver() const { @@ -114,7 +115,7 @@ QString AccountSettings::accessToken() const void AccountSettings::setAccessToken(const QString& accessToken) { qCWarning(MAIN) << "Saving access_token to QSettings is insecure." - " Developers, please save access_token separately."; + " Developers, do it manually or contribute to share QtKeychain logic to libQuotient."; setValue(AccessTokenKey, accessToken); } @@ -124,3 +125,22 @@ void AccountSettings::clearAccessToken() legacySettings.remove(QStringLiteral("device_id")); // Force the server to re-issue it remove(AccessTokenKey); } + +QByteArray AccountSettings::encryptionAccountPickle() +{ + QString passphrase = ""; // FIXME: add QtKeychain + return value("encryption_account_pickle", "").toByteArray(); +} + +void AccountSettings::setEncryptionAccountPickle(const QByteArray& encryptionAccountPickle) +{ + qCWarning(MAIN) << "Saving encryption_account_pickle to QSettings is insecure." + " Developers, do it manually or contribute to share QtKeychain logic to libQuotient."; + QString passphrase = ""; // FIXME: add QtKeychain + setValue("encryption_account_pickle", encryptionAccountPickle); +} + +void AccountSettings::clearEncryptionAccountPickle() +{ + remove(EncryptionAccountPickleKey); // TODO: Force to re-issue it? +} diff --git a/lib/settings.h b/lib/settings.h index 759bda35..61e5232a 100644 --- a/lib/settings.h +++ b/lib/settings.h @@ -131,6 +131,7 @@ void classname::setter(type newValue) \ QMC_DECLARE_SETTING(bool, keepLoggedIn, setKeepLoggedIn) /** \deprecated \sa setAccessToken */ Q_PROPERTY(QString accessToken READ accessToken WRITE setAccessToken) + Q_PROPERTY(QByteArray encryptionAccountPickle READ encryptionAccountPickle WRITE setEncryptionAccountPickle) public: template explicit AccountSettings(const QString& accountId, ArgTs... qsettingsArgs) @@ -148,5 +149,9 @@ void classname::setter(type newValue) \ * see QMatrixClient/Quaternion#181 */ void setAccessToken(const QString& accessToken); Q_INVOKABLE void clearAccessToken(); + + QByteArray encryptionAccountPickle(); + void setEncryptionAccountPickle(const QByteArray& encryptionAccountPickle); + Q_INVOKABLE void clearEncryptionAccountPickle(); }; } // namespace QMatrixClient diff --git a/libqmatrixclient.pri b/libqmatrixclient.pri index 4387af29..dfd45c04 100644 --- a/libqmatrixclient.pri +++ b/libqmatrixclient.pri @@ -13,6 +13,7 @@ INCLUDEPATH += $$SRCPATH HEADERS += \ $$SRCPATH/connectiondata.h \ $$SRCPATH/connection.h \ + $$SRCPATH/encryptionmanager.h \ $$SRCPATH/eventitem.h \ $$SRCPATH/room.h \ $$SRCPATH/user.h \ @@ -61,6 +62,7 @@ HEADERS += \ SOURCES += \ $$SRCPATH/connectiondata.cpp \ $$SRCPATH/connection.cpp \ + $$SRCPATH/encryptionmanager.cpp \ $$SRCPATH/eventitem.cpp \ $$SRCPATH/room.cpp \ $$SRCPATH/user.cpp \ -- cgit v1.2.3 From 79f6f33bbbd60eafe92b5187a3bf5fd8966f8bf5 Mon Sep 17 00:00:00 2001 From: Alexey Andreyev Date: Sat, 22 Jun 2019 19:57:18 +0300 Subject: Upload device public keys. Issue #87 --- lib/encryptionmanager.cpp | 48 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/encryptionmanager.cpp b/lib/encryptionmanager.cpp index b40305ea..80fdcebd 100644 --- a/lib/encryptionmanager.cpp +++ b/lib/encryptionmanager.cpp @@ -18,6 +18,7 @@ static const auto Curve25519Name = QStringLiteral("curve25519"); static const auto SignedCurve25519Name = QStringLiteral("signed_curve25519"); static const auto OlmCurve25519AesSha256AlgoName = QStringLiteral("m.olm.curve25519-aes-sha256"); static const auto MegolmV1AesShaAlgoName = QStringLiteral("m.megolm.v1.aes-sha"); +static const QStringList SupportedAlgorithms = { OlmCurve25519AesSha256AlgoName, MegolmV1AesShaAlgoName }; class EncryptionManager::Private { @@ -86,7 +87,52 @@ EncryptionManager::~EncryptionManager() = default; void EncryptionManager::uploadIdentityKeys(Connection* connection) { - // TODO + // https://matrix.org/docs/spec/client_server/latest#post-matrix-client-r0-keys-upload + DeviceKeys deviceKeys + { + /* + * The ID of the user the device belongs to. Must match the user ID used when logging in. + * The ID of the device these keys belong to. Must match the device ID used when logging in. + * The encryption algorithms supported by this device. + */ + connection->userId(), connection->deviceId(), SupportedAlgorithms, + /* + * Public identity keys. The names of the properties should be in the format :. + * The keys themselves should be encoded as specified by the key algorithm. + */ + { + { + Curve25519Name + QStringLiteral(":") + connection->deviceId(), + d->olmAccount->curve25519IdentityKey() + }, + { + ed25519Name + QStringLiteral(":") + connection->deviceId(), + d->olmAccount->ed25519IdentityKey() + } + }, + /* + * Signatures for the device key object. + * A map from user ID, to a map from : to the signature. + * The signature is calculated using the process called Signing JSON. + */ + { + { + connection->userId(), + { + { + ed25519Name + QStringLiteral(":") + connection->deviceId(), + d->olmAccount->sign(toJson(deviceKeys)) + } + } + } + } + }; + + connect(d->uploadIdentityKeysJob, &BaseJob::success, this, [this] { + d->setOneTimeKeyCounts(d->uploadIdentityKeysJob->oneTimeKeyCounts()); + qDebug() << QString("Uploaded identity keys."); + }); + d->uploadIdentityKeysJob = connection->callApi(deviceKeys); } void EncryptionManager::uploadOneTimeKeys(Connection* connection, bool forceUpdate) -- cgit v1.2.3 From e1bee9d71d88d6500d2c6124689a0e8685aeab90 Mon Sep 17 00:00:00 2001 From: Alexey Andreyev Date: Sat, 22 Jun 2019 19:57:18 +0300 Subject: Upload one-time keys. Issue #88 --- lib/encryptionmanager.cpp | 45 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/encryptionmanager.cpp b/lib/encryptionmanager.cpp index 80fdcebd..1e1fc669 100644 --- a/lib/encryptionmanager.cpp +++ b/lib/encryptionmanager.cpp @@ -137,7 +137,50 @@ void EncryptionManager::uploadIdentityKeys(Connection* connection) void EncryptionManager::uploadOneTimeKeys(Connection* connection, bool forceUpdate) { - // TODO + if (forceUpdate || d->oneTimeKeyCounts.isEmpty()) + { + auto job = connection->callApi(); + connect(job, &BaseJob::success, this, [job,this] { + d->setOneTimeKeyCounts(job->oneTimeKeyCounts()); + }); + + } + + int signedKeysToUploadCount = d->oneTimeKeysToUploadCounts.value(SignedCurve25519Name, 0); + int unsignedKeysToUploadCount = d->oneTimeKeysToUploadCounts.value(Curve25519Name, 0); + + d->olmAccount->generateOneTimeKeys(signedKeysToUploadCount + unsignedKeysToUploadCount); + + QHash oneTimeKeys = {}; + const auto& olmAccountCurve25519OneTimeKeys = d->olmAccount->curve25519OneTimeKeys(); + + int oneTimeKeysCounter = 0; + for (auto it = olmAccountCurve25519OneTimeKeys.cbegin(); it != olmAccountCurve25519OneTimeKeys.cend(); ++it) + { + QString keyId = it.key(); + QString keyType; + QVariant key; + if (oneTimeKeysCounter < signedKeysToUploadCount) + { + QJsonObject message + { + {QStringLiteral("key"), it.value().toString()} + }; + key = d->olmAccount->sign(message); + keyType = SignedCurve25519Name; + + } else { + key = it.value(); + keyType = Curve25519Name; + } + ++oneTimeKeysCounter; + oneTimeKeys.insert(QString("%1:%2").arg(keyType).arg(keyId), key); + } + + d->uploadOneTimeKeysJob = connection->callApi(none, oneTimeKeys); + d->olmAccount->markKeysAsPublished(); + qDebug() << QString("Uploaded new one-time keys: %1 signed, %2 unsigned.") + .arg(signedKeysToUploadCount).arg(unsignedKeysToUploadCount); } void EncryptionManager::Private::updateKeysToUpload() -- cgit v1.2.3 From b5f9e1bd20f985c18ec630fa496510018547b728 Mon Sep 17 00:00:00 2001 From: Alexey Andreyev Date: Wed, 26 Jun 2019 16:36:45 +0300 Subject: Change libQtOlm location. Fix .travis.yml and .appveyor.yml --- .appveyor.yml | 3 +++ .gitmodules | 6 +++--- .travis.yml | 10 +++------- 3rdparty/libQtOlm | 1 + CMakeLists.txt | 17 ++++++----------- cmake/FindOlm.cmake | 30 ------------------------------ lib/libQtOlm | 1 - 7 files changed, 16 insertions(+), 52 deletions(-) create mode 160000 3rdparty/libQtOlm delete mode 100644 cmake/FindOlm.cmake delete mode 160000 lib/libQtOlm (limited to 'lib') diff --git a/.appveyor.yml b/.appveyor.yml index 410ad12e..fb5903c1 100644 --- a/.appveyor.yml +++ b/.appveyor.yml @@ -26,6 +26,9 @@ init: before_build: - git submodule update --init --recursive +- cd 3rdparty/libQtOlm +- git clone https://gitlab.matrix.org/matrix-org/olm.git +- cd ../.. - if %MAKETOOL% == cmake cmake -G "NMake Makefiles JOM" -H. -Bbuild -DCMAKE_CXX_FLAGS="/EHsc /W3" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX="%DEPLOY_DIR%" build_script: diff --git a/.gitmodules b/.gitmodules index 23158cd2..eb4c1815 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,3 +1,3 @@ -[submodule "lib/libQtOlm"] - path = lib/libQtOlm - url = git@gitlab.com:aa13q/libqtolm.git +[submodule "3rdparty/libQtOlm"] + path = 3rdparty/libQtOlm + url = https://gitlab.com/b0/libqtolm.git diff --git a/.travis.yml b/.travis.yml index 72be46cb..859cabfc 100644 --- a/.travis.yml +++ b/.travis.yml @@ -32,13 +32,9 @@ before_install: - if [ "$TRAVIS_OS_NAME" = "linux" ]; then USE_NINJA="-GNinja"; VALGRIND="valgrind $VALGRIND_OPTIONS"; . /opt/qt57/bin/qt57-env.sh; fi install: -# olm -- if [ "$TRAVIS_OS_NAME" = "osx" ]; then brew update; else sudo apt-get update -qq; fi -- if [ "$TRAVIS_OS_NAME" = "osx" ]; then brew install qt5; export PATH="$PATH:/usr/local/opt/qt/bin"; else sudo apt-get install -y qt5-default; fi -- git clone https://matrix.org/git/olm.git && cd olm && make && sudo make install && cd .. -- mkdir build && cd build -- cmake .. -# matrix-doc and gtad +- pushd 3rdparty/libQtOlm +- git clone https://gitlab.matrix.org/matrix-org/olm.git +- popd - git clone https://github.com/QMatrixClient/matrix-doc.git - git clone --recursive https://github.com/KitsuneRal/gtad.git - pushd gtad diff --git a/3rdparty/libQtOlm b/3rdparty/libQtOlm new file mode 160000 index 00000000..f610197b --- /dev/null +++ b/3rdparty/libQtOlm @@ -0,0 +1 @@ +Subproject commit f610197ba38ef87bbab8bcff1053bda684a5994a diff --git a/CMakeLists.txt b/CMakeLists.txt index d3906ffb..19fbdcbe 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -10,11 +10,6 @@ if (NOT WIN32) include(GNUInstallDirs) endif(NOT WIN32) -set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} ${CMAKE_CURRENT_SOURCE_DIR}/cmake) - -# Find includes in corresponding build directories -set(CMAKE_INCLUDE_CURRENT_DIR ON) - # Instruct CMake to run moc automatically when needed. set(CMAKE_AUTOMOC ON) @@ -54,9 +49,9 @@ find_package(Qt5 5.4.1 REQUIRED Network Gui Multimedia) get_filename_component(Qt5_Prefix "${Qt5_DIR}/../../../.." ABSOLUTE) if ((NOT DEFINED USE_INTREE_LIBQOLM OR USE_INTREE_LIBQOLM) - AND EXISTS ${PROJECT_SOURCE_DIR}/lib/libQtOlm/lib/utils.h) - add_subdirectory(lib/libQtOlm EXCLUDE_FROM_ALL) - include_directories(lib/libQtOlm) + AND EXISTS ${PROJECT_SOURCE_DIR}/3rdparty/libQtOlm/lib/utils.h) + add_subdirectory(3rdparty/libQtOlm EXCLUDE_FROM_ALL) + include_directories(3rdparty/libQtOlm) if (NOT DEFINED USE_INTREE_LIBQOLM) set (USE_INTREE_LIBQOLM 1) endif () @@ -100,10 +95,10 @@ if (USE_INTREE_LIBQOLM) if (GIT_FOUND) execute_process(COMMAND "${GIT_EXECUTABLE}" rev-parse -q HEAD - WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/lib/libQtOlm/lib - OUTPUT_VARIABLE LIB_GIT_SHA1 + WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}/3rdparty/libQtOlm + OUTPUT_VARIABLE QTOLM_GIT_SHA1 OUTPUT_STRIP_TRAILING_WHITESPACE) - message( STATUS " Library git SHA1: ${LIB_GIT_SHA1}") + message( STATUS " Library git SHA1: ${QTOLM_GIT_SHA1}") endif (GIT_FOUND) else () message( STATUS "Using libQtOlm ${QtOlm_VERSION} at ${QtOlm_DIR}") diff --git a/cmake/FindOlm.cmake b/cmake/FindOlm.cmake deleted file mode 100644 index 3fea7b46..00000000 --- a/cmake/FindOlm.cmake +++ /dev/null @@ -1,30 +0,0 @@ -# - Try to find LibOlm - -# Uses the following variables to help find libolm: -# Olm_INCLUDE_DIR - include files -# Olm_LIBRARY_DIR - libraries -# Once done this will define -# Olm_FOUND - System has olm -# Olm_INCLUDE_DIRS - The olm include directories -# Olm_LIBRARIES - The libraries needed to use olm - -find_path(Olm_INCLUDE_DIRS NAMES - olm/olm.h - olm/inbound_group_session.h - olm/outbound_group_session.h - PATHS "${Olm_INCLUDE_DIR}" - DOC "Path to a directory with libolm header files" -) - -find_library(Olm_LIBRARIES NAMES olm - PATHS "${Olm_LIBRARY_DIR}" - DOC "Path to a directory with libolm libraries" -) - -include(FindPackageHandleStandardArgs) -# handle the QUIETLY and REQUIRED arguments and set OLM_FOUND to TRUE -# if all listed variables are TRUE -find_package_handle_standard_args(olm DEFAULT_MSG - Olm_LIBRARIES Olm_INCLUDE_DIRS) - -mark_as_advanced(Olm_INCLUDE_DIRS Olm_LIBRARIES) diff --git a/lib/libQtOlm b/lib/libQtOlm deleted file mode 160000 index 5bfc4241..00000000 --- a/lib/libQtOlm +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 5bfc42417d8ee741d2f5a723a2939c895734b92b -- cgit v1.2.3 From 4e521ae29a55deaab2ca9d62cddd3791015c6cfb Mon Sep 17 00:00:00 2001 From: Kitsune Ral Date: Sat, 6 Jul 2019 21:58:41 +0900 Subject: EncryptionEvent: Adjust upon merge from master --- lib/events/encryptionevent.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/events/encryptionevent.h b/lib/events/encryptionevent.h index 6a4a1c67..b9e108f0 100644 --- a/lib/events/encryptionevent.h +++ b/lib/events/encryptionevent.h @@ -56,8 +56,10 @@ namespace QMatrixClient explicit EncryptionEvent(const QJsonObject& obj = {}) // TODO: apropriate default value : StateEvent(typeId(), obj) { } - EncryptionEvent(EncryptionEventContent&& c) - : StateEvent(typeId(), matrixTypeId(), c) + template + EncryptionEvent(ArgTs&&... contentArgs) + : StateEvent(typeId(), matrixTypeId(), QString(), + std::forward(contentArgs)...) { } EncryptionType encryption() const { return content().encryption; } -- cgit v1.2.3