From f4009215b500dbae4a10d1a86bb059272e47d0cb Mon Sep 17 00:00:00 2001 From: Alexey Rusakov Date: Mon, 12 Sep 2022 18:56:54 +0200 Subject: Only trust verification keys if the user verified the SAS --- lib/keyverificationsession.cpp | 15 ++++++++++++++- lib/keyverificationsession.h | 3 +++ 2 files changed, 17 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/keyverificationsession.cpp b/lib/keyverificationsession.cpp index c6b62a83..541ca49b 100644 --- a/lib/keyverificationsession.cpp +++ b/lib/keyverificationsession.cpp @@ -249,6 +249,10 @@ void KeyVerificationSession::sendMac() mac), m_encrypted); setState (macReceived ? DONE : WAITINGFORMAC); + m_verified = true; + if (!m_pendingEdKeyId.isEmpty()) { + trustKeys(); + } } void KeyVerificationSession::sendDone() @@ -387,7 +391,16 @@ void KeyVerificationSession::handleMac(const KeyVerificationMacEvent& event) return; } - m_connection->database()->setSessionVerified(edKeyId); + m_pendingEdKeyId = edKeyId; + + if (m_verified) { + trustKeys(); + } +} + +void KeyVerificationSession::trustKeys() +{ + m_connection->database()->setSessionVerified(m_pendingEdKeyId); emit m_connection->sessionVerified(m_remoteUserId, m_remoteDeviceId); macReceived = true; diff --git a/lib/keyverificationsession.h b/lib/keyverificationsession.h index aa0295cb..075ea1e2 100644 --- a/lib/keyverificationsession.h +++ b/lib/keyverificationsession.h @@ -125,6 +125,8 @@ private: bool macReceived = false; bool m_encrypted; QStringList m_remoteSupportedMethods; + bool m_verified = false; + QString m_pendingEdKeyId{}; void handleReady(const KeyVerificationReadyEvent& event); void handleStart(const KeyVerificationStartEvent& event); @@ -138,6 +140,7 @@ private: void setError(Error error); static QString errorToString(Error error); static Error stringToError(const QString& error); + void trustKeys(); QByteArray macInfo(bool verifying, const QString& key = "KEY_IDS"_ls); QString calculateMac(const QString& input, bool verifying, const QString& keyId= "KEY_IDS"_ls); -- cgit v1.2.3