From bfacc180c5acd368754ae9803426000f68a34c5b Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Thu, 12 Jan 2017 15:59:13 +0100 Subject: [PATCH] don't allow to purge keys. offer distrut instead --- .../crypto/axolotl/AxolotlService.java | 6 ++++-- .../crypto/axolotl/FingerprintStatus.java | 10 +++++----- .../crypto/axolotl/XmppAxolotlSession.java | 2 ++ .../siacs/conversations/ui/OmemoActivity.java | 20 ++++++++----------- src/main/res/menu/omemo_key_context.xml | 4 ++-- src/main/res/values/strings.xml | 5 ++--- 6 files changed, 23 insertions(+), 24 deletions(-) diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java index 65ac7b0a2f3aef2316015d3fedc397df0d04dca7..99533afbc870d606abf57d0bb3fa66d7811af625 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java @@ -439,8 +439,10 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded { mXmppConnectionService.sendIqPacket(account, publish, null); } - public void purgeKey(final String fingerprint) { - axolotlStore.setFingerprintStatus(fingerprint.replaceAll("\\s", ""), FingerprintStatus.createCompromised()); + public void distrustFingerprint(final String fingerprint) { + final String fp = fingerprint.replaceAll("\\s", ""); + final FingerprintStatus fingerprintStatus = axolotlStore.getFingerprintStatus(fp); + axolotlStore.setFingerprintStatus(fp,fingerprintStatus.toUntrusted()); } public void publishOwnDeviceIdIfNeeded() { diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/FingerprintStatus.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/FingerprintStatus.java index 31b2264b6047d5ccc291b10b31edfcfa64856078..56f4a5d2d4e7aff3244f11532c9a006ab42caf24 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/FingerprintStatus.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/FingerprintStatus.java @@ -126,17 +126,17 @@ public class FingerprintStatus implements Comparable { return trust; } - public static FingerprintStatus createCompromised() { + public FingerprintStatus toVerified() { FingerprintStatus status = new FingerprintStatus(); - status.active = false; - status.trust = Trust.COMPROMISED; + status.active = active; + status.trust = Trust.VERIFIED; return status; } - public FingerprintStatus toVerified() { + public FingerprintStatus toUntrusted() { FingerprintStatus status = new FingerprintStatus(); status.active = active; - status.trust = Trust.VERIFIED; + status.trust = Trust.UNTRUSTED; return status; } diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java index 773b68579174e7feb88b15c76a3b8171c5ae6ea2..938c19a496cfe045efed6dfc944caa9b95836394 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java @@ -118,6 +118,8 @@ public class XmppAxolotlSession implements Comparable { setTrust(status.toActive()); } } + } else { + Log.d(Config.LOGTAG,account.getJid().toBareJid()+" not encrypting omemo message from fingerprint "+getFingerprint()+" because it was marked as compromised"); } return plaintext; } diff --git a/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java b/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java index 8ce8c14d876d883ca6113d7cdda6748bb859be5a..7929e073cbeb9ea410b5b1c84baa5c7f049d4472 100644 --- a/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java +++ b/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java @@ -24,8 +24,6 @@ import eu.siacs.conversations.R; import eu.siacs.conversations.crypto.axolotl.FingerprintStatus; import eu.siacs.conversations.crypto.axolotl.XmppAxolotlSession; import eu.siacs.conversations.entities.Account; -import eu.siacs.conversations.ui.TrustKeysActivity; -import eu.siacs.conversations.ui.XmppActivity; import eu.siacs.conversations.ui.widget.Switch; import eu.siacs.conversations.utils.CryptoHelper; import eu.siacs.conversations.utils.XmppUri; @@ -51,16 +49,17 @@ public abstract class OmemoActivity extends XmppActivity { && fingerprint instanceof String && fingerprintStatus instanceof FingerprintStatus) { getMenuInflater().inflate(R.menu.omemo_key_context, menu); - MenuItem purgeItem = menu.findItem(R.id.purge_omemo_key); + MenuItem distrust = menu.findItem(R.id.distrust_key); MenuItem verifyScan = menu.findItem(R.id.verify_scan); if (this instanceof TrustKeysActivity) { - purgeItem.setVisible(false); + distrust.setVisible(false); verifyScan.setVisible(false); } else { FingerprintStatus status = (FingerprintStatus) fingerprintStatus; if (!status.isActive() || status.isVerified()) { verifyScan.setVisible(false); } + distrust.setVisible(status.isVerified()); } this.mSelectedAccount = (Account) account; this.mSelectedFingerprint = (String) fingerprint; @@ -70,7 +69,7 @@ public abstract class OmemoActivity extends XmppActivity { @Override public boolean onContextItemSelected(MenuItem item) { switch (item.getItemId()) { - case R.id.purge_omemo_key: + case R.id.distrust_key: showPurgeKeyDialog(mSelectedAccount,mSelectedFingerprint); break; case R.id.copy_omemo_key: @@ -242,17 +241,14 @@ public abstract class OmemoActivity extends XmppActivity { public void showPurgeKeyDialog(final Account account, final String fingerprint) { AlertDialog.Builder builder = new AlertDialog.Builder(this); - builder.setTitle(getString(R.string.purge_key)); - builder.setIconAttribute(android.R.attr.alertDialogIcon); - builder.setMessage(getString(R.string.purge_key_desc_part1) - + "\n\n" + CryptoHelper.prettifyFingerprint(fingerprint.substring(2)) - + "\n\n" + getString(R.string.purge_key_desc_part2)); + builder.setTitle(R.string.distrust_omemo_key); + builder.setMessage(R.string.distrust_omemo_key_text); builder.setNegativeButton(getString(R.string.cancel), null); - builder.setPositiveButton(getString(R.string.purge_key), + builder.setPositiveButton(R.string.confirm, new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int which) { - account.getAxolotlService().purgeKey(fingerprint); + account.getAxolotlService().distrustFingerprint(fingerprint); refreshUi(); } }); diff --git a/src/main/res/menu/omemo_key_context.xml b/src/main/res/menu/omemo_key_context.xml index 1e8259029847d4dd2c8624b7aa14c55b47dce5e7..87c2edc70c3f985f0422bf291738e87dfa2e46df 100644 --- a/src/main/res/menu/omemo_key_context.xml +++ b/src/main/res/menu/omemo_key_context.xml @@ -5,8 +5,8 @@ android:title="@string/scan_qr_code" /> + android:id="@+id/distrust_key" + android:title="@string/distrust_omemo_key"/> diff --git a/src/main/res/values/strings.xml b/src/main/res/values/strings.xml index be3b262df098afd862013d174d2b633cc901089b..e38d6cd026d34b54578c6c0b23093824719e22d2 100644 --- a/src/main/res/values/strings.xml +++ b/src/main/res/values/strings.xml @@ -429,9 +429,6 @@ Wipe other devices from PEP Clear devices Are you sure you want to clear all other devices from the OMEMO announcement? The next time your devices connect, they will reannounce themselves, but they might not receive messages sent in the meantime. - Purge key - Are you sure you want to purge this key? - It will irreversibly be considered compromised, and you can never build a session with it again. There are no usable keys available for this contact.\nFetching new keys from the server has been unsuccessful. Maybe there is something wrong with your contacts server. There are no usable keys available for this contact. If you have purged any of their keys, they need to generate new ones. Error @@ -725,4 +722,6 @@ Verify OMEMO keys Show inactive devices Hide inactive devices + Distrust device + Are you sure you want to remove the verification for this device?\nThis device and messages coming from that device will be marked as untrusted.