changeset 7ea4d380f524 in /home/hg/repos/gajim-plugins
author: lovetox <[email protected]>
branches:
details:gajim-plugins?cmd=changeset;node=7ea4d380f524
description: Trust is checked before Message is sent & small other fixes
diffstat:
omemo/omemo/liteidentitykeystore.py | 9 +++++++
omemo/omemo/state.py | 17 +++++++++++++-
omemo/ui.py | 43 ++++++++++++++++++++++++++----------
3 files changed, 56 insertions(+), 13 deletions(-)
diffs (141 lines):
diff -r 49a335d2e7f7 -r 7ea4d380f524 omemo/omemo/liteidentitykeystore.py
--- a/omemo/omemo/liteidentitykeystore.py Sat Jun 04 14:00:09 2016 +0200
+++ b/omemo/omemo/liteidentitykeystore.py Sat Jun 04 16:19:18 2016 +0200
@@ -116,3 +116,12 @@
c = self.dbConn.cursor()
c.execute(q)
self.dbConn.commit()
+
+ def getTrust(self, recipientId, identityKey):
+ q = "SELECT trust FROM identities WHERE recipient_id = ? AND
public_key = ?"
+ c = self.dbConn.cursor()
+
+ c.execute(q, (recipientId, identityKey.getPublicKey().serialize()))
+ result = c.fetchone()
+
+ return result[0] if result else None
diff -r 49a335d2e7f7 -r 7ea4d380f524 omemo/omemo/state.py
--- a/omemo/omemo/state.py Sat Jun 04 14:00:09 2016 +0200
+++ b/omemo/omemo/state.py Sat Jun 04 16:19:18 2016 +0200
@@ -209,6 +209,7 @@
def create_msg(self, from_jid, jid, plaintext):
key = get_random_bytes(16)
iv = get_random_bytes(16)
+ trust = {None: "Not Set", 0: False, 1: True, 2: "Undecided"}
encrypted_keys = {}
devices_list = self.device_list_for(jid)
@@ -232,7 +233,11 @@
# Encrypt the message key with for each of receivers devices
for rid, cipher in session_ciphers.items():
try:
- encrypted_keys[rid] = cipher.encrypt(key).serialize()
+ if trust[self.isTrusted(cipher)] is True:
+ encrypted_keys[rid] = cipher.encrypt(key).serialize()
+ else:
+ log.warn('Skipped Device because Trust is: ' +
+ str(trust[self.isTrusted(cipher)]))
except:
log.warn('Failed to find key for device ' + str(
rid))
@@ -254,6 +259,16 @@
log.debug(result)
return result
+ def isTrusted(self, cipher):
+ self.cipher = cipher
+ self.state = self.cipher.sessionStore. \
+ loadSession(self.cipher.recipientId, self.cipher.deviceId). \
+ getSessionState()
+ self.key = self.state.getRemoteIdentityKey()
+ self.trust = self.store.identityKeyStore. \
+ getTrust(self.cipher.recipientId, self.key)
+ return self.trust
+
def device_list_for(self, jid):
""" Return a list of known device ids for the specified jid.
diff -r 49a335d2e7f7 -r 7ea4d380f524 omemo/ui.py
--- a/omemo/ui.py Sat Jun 04 14:00:09 2016 +0200
+++ b/omemo/ui.py Sat Jun 04 16:19:18 2016 +0200
@@ -169,15 +169,15 @@
for path in paths:
it = mod.get_iter(path)
_id, user, fpr = mod.get(it, 0, 1, 3)
-
+ fpr = fpr[31:-12]
dlg = gtk.Dialog('Confirm trusting fingerprint', self,
gtk.DIALOG_MODAL | gtk.DIALOG_DESTROY_WITH_PARENT,
(gtk.STOCK_YES, gtk.RESPONSE_YES,
gtk.STOCK_NO, gtk.RESPONSE_NO))
l = gtk.Label()
l.set_markup('Are you sure you want to trust the following '
- 'fingerprint for the contact %s on the account %s?'
- '\n\n%s' % (user, account, fpr))
+ 'fingerprint for the contact <b>%s</b> on the account
<b>%s</b>?'
+ '\n\n<tt>%s</tt>' % (user, account, fpr))
l.set_line_wrap(True)
dlg.vbox.pack_start(l)
dlg.show_all()
@@ -199,15 +199,15 @@
for path in paths:
it = mod.get_iter(path)
_id, user, fpr = mod.get(it, 0, 1, 3)
-
+ fpr = fpr[31:-12]
dlg = gtk.Dialog('Confirm trusting fingerprint', self,
gtk.DIALOG_MODAL | gtk.DIALOG_DESTROY_WITH_PARENT,
(gtk.STOCK_YES, gtk.RESPONSE_YES,
gtk.STOCK_NO, gtk.RESPONSE_NO))
l = gtk.Label()
l.set_markup('Are you sure you want to NOT trust the following '
- 'fingerprint for the contact %s on the account %s?'
- '\n\n%s' % (user, account, fpr))
+ 'fingerprint for the contact <b>%s</b> on the account
<b>%s</b>?'
+ '\n\n<tt>%s</tt>' % (user, account, fpr))
l.set_line_wrap(True)
dlg.vbox.pack_start(l)
dlg.show_all()
@@ -259,17 +259,36 @@
ownfpr = binascii.hexlify(state.store.getIdentityKeyPair()
.getPublicKey().serialize())
+ ownfpr = self.human_hash(ownfpr[2:])
self.B.get_object('fingerprint_label').set_markup('<tt>%s</tt>'
- % ownfpr[2:])
+ % ownfpr)
fprDB = state.store.identityKeyStore.getAllFingerprints()
for item in fprDB:
- _id = item[0]
- jid = item[1]
- fpr = binascii.hexlify(item[2])
- self.fpr_model.append((_id, jid, trust[item[3]],
- '<tt>%s</tt>' % fpr[2:]))
+ _id, jid, fpr, tr = item
+ fpr = binascii.hexlify(fpr)
+ fpr = self.human_hash(fpr[2:])
+ if trust[tr] is False:
+ self.fpr_model.append((_id, jid, trust[tr],
+ '<tt><span
foreground="#FF0040">%s</span></tt>' % fpr))
+ elif trust[tr] is True:
+ self.fpr_model.append((_id, jid, trust[tr],
+ '<tt><span
foreground="#2EFE2E">%s</span></tt>' % fpr))
+ elif trust[tr] == "Not Set":
+ self.fpr_model.append((_id, jid, trust[tr],
+ '<tt><span
foreground="#FF0040">%s</span></tt>' % fpr))
+ elif trust[tr] == "Undecided":
+ self.fpr_model.append((_id, jid, trust[tr],
+ '<tt><span
foreground="#FF8000">%s</span></tt>' % fpr))
+ def human_hash(self, fpr):
+ fpr = fpr.upper()
+ fplen = len(fpr)
+ wordsize = fplen // 8
+ buf = ''
+ for w in range(0, fplen, wordsize):
+ buf += '{0} '.format(fpr[w:w + wordsize])
+ return buf.rstrip()
class FingerprintWindow(gtk.Dialog):
def __init__(self, plugin, contact, parent=None):
_______________________________________________
Commits mailing list
[email protected]
https://lists.gajim.org/cgi-bin/listinfo/commits
