// SPDX-FileCopyrightText: 2021 Carl Schwan // // SPDX-License-Identifier: LGPL-2.1-or-later #pragma once #include "csapi/keys.h" #include "e2ee/e2ee.h" #include "e2ee/qolmerrors.h" #include "e2ee/qolmmessage.h" #include "e2ee/qolmsession.h" #include struct OlmAccount; namespace Quotient { class QOlmSession; class Connection; using QOlmSessionPtr = std::unique_ptr; //! An olm account manages all cryptographic keys used on a device. //! \code{.cpp} //! const auto olmAccount = new QOlmAccount(this); //! \endcode class QOlmAccount : public QObject { Q_OBJECT public: QOlmAccount(const QString &userId, const QString &deviceId, QObject *parent = nullptr); ~QOlmAccount(); //! Creates a new instance of OlmAccount. During the instantiation //! the Ed25519 fingerprint key pair and the Curve25519 identity key //! pair are generated. For more information see here. //! This needs to be called before any other action or use unpickle() instead. void createNewAccount(); //! Deserialises from encrypted Base64 that was previously obtained by pickling a `QOlmAccount`. //! This needs to be called before any other action or use createNewAccount() instead. void unpickle(QByteArray &pickled, const PicklingMode &mode); //! Serialises an OlmAccount to encrypted Base64. std::variant pickle(const PicklingMode &mode); //! Returns the account's public identity keys already formatted as JSON IdentityKeys identityKeys() const; //! Returns the signature of the supplied message. QByteArray sign(const QByteArray &message) const; QByteArray sign(const QJsonObject& message) const; //! Sign identity keys. QByteArray signIdentityKeys() const; //! Maximum number of one time keys that this OlmAccount can //! currently hold. size_t maxNumberOfOneTimeKeys() const; //! Generates the supplied number of one time keys. size_t generateOneTimeKeys(size_t numberOfKeys) const; //! Gets the OlmAccount's one time keys formatted as JSON. OneTimeKeys oneTimeKeys() const; //! Sign all one time keys. QMap signOneTimeKeys(const OneTimeKeys &keys) const; //! Sign one time key. QByteArray signOneTimeKey(const QString &key) const; SignedOneTimeKey signedOneTimeKey(const QByteArray &key, const QString &signature) const; UploadKeysJob *createUploadKeyRequest(const OneTimeKeys &oneTimeKeys); DeviceKeys deviceKeys() const; //! Remove the one time key used to create the supplied session. [[nodiscard]] std::optional removeOneTimeKeys(const QOlmSessionPtr &session) const; //! Creates an inbound session for sending/receiving messages from a received 'prekey' message. //! //! \param message An Olm pre-key message that was encrypted for this account. std::variant createInboundSession(const QOlmMessage &preKeyMessage); //! Creates an inbound session for sending/receiving messages from a received 'prekey' message. //! //! \param theirIdentityKey - The identity key of the Olm account that //! encrypted this Olm message. std::variant createInboundSessionFrom(const QByteArray &theirIdentityKey, const QOlmMessage &preKeyMessage); //! Creates an outbound session for sending messages to a specific /// identity and one time key. std::variant createOutboundSession(const QByteArray &theirIdentityKey, const QByteArray &theirOneTimeKey); void markKeysAsPublished(); // HACK do not use directly QOlmAccount(OlmAccount *account); OlmAccount *data(); Q_SIGNALS: void needsSave() const; private: OlmAccount *m_account = nullptr; // owning QString m_userId; QString m_deviceId; }; bool verifyIdentitySignature(const DeviceKeys &deviceKeys, const QString &deviceId, const QString &userId); //! checks if the signature is signed by the signing_key bool ed25519VerifySignature(const QString &signingKey, const QJsonObject &obj, const QString &signature); } // namespace Quotient d='n47' href='#n47'>47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140