From bfacc180c5acd368754ae9803426000f68a34c5b Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Thu, 12 Jan 2017 15:59:13 +0100 Subject: [PATCH] don't allow to purge keys. offer distrut instead --- .../crypto/axolotl/AxolotlService.java | 6 ++++-- .../crypto/axolotl/FingerprintStatus.java | 14 ++++++------- .../crypto/axolotl/XmppAxolotlSession.java | 2 ++ .../siacs/conversations/ui/OmemoActivity.java | 20 ++++++++----------- src/main/res/menu/omemo_key_context.xml | 4 ++-- src/main/res/values/strings.xml | 5 ++--- 6 files changed, 25 insertions(+), 26 deletions(-) diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java index 65ac7b0a..99533afb 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/AxolotlService.java @@ -439,8 +439,10 @@ public class AxolotlService implements OnAdvancedStreamFeaturesLoaded { mXmppConnectionService.sendIqPacket(account, publish, null); } - public void purgeKey(final String fingerprint) { - axolotlStore.setFingerprintStatus(fingerprint.replaceAll("\\s", ""), FingerprintStatus.createCompromised()); + public void distrustFingerprint(final String fingerprint) { + final String fp = fingerprint.replaceAll("\\s", ""); + final FingerprintStatus fingerprintStatus = axolotlStore.getFingerprintStatus(fp); + axolotlStore.setFingerprintStatus(fp,fingerprintStatus.toUntrusted()); } public void publishOwnDeviceIdIfNeeded() { diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/FingerprintStatus.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/FingerprintStatus.java index 31b2264b..56f4a5d2 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/FingerprintStatus.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/FingerprintStatus.java @@ -126,13 +126,6 @@ public class FingerprintStatus implements Comparable { return trust; } - public static FingerprintStatus createCompromised() { - FingerprintStatus status = new FingerprintStatus(); - status.active = false; - status.trust = Trust.COMPROMISED; - return status; - } - public FingerprintStatus toVerified() { FingerprintStatus status = new FingerprintStatus(); status.active = active; @@ -140,6 +133,13 @@ public class FingerprintStatus implements Comparable { return status; } + public FingerprintStatus toUntrusted() { + FingerprintStatus status = new FingerprintStatus(); + status.active = active; + status.trust = Trust.UNTRUSTED; + return status; + } + public static FingerprintStatus createInactiveVerified() { final FingerprintStatus status = new FingerprintStatus(); status.trust = Trust.VERIFIED; diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java index 773b6857..938c19a4 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlSession.java @@ -118,6 +118,8 @@ public class XmppAxolotlSession implements Comparable { setTrust(status.toActive()); } } + } else { + Log.d(Config.LOGTAG,account.getJid().toBareJid()+" not encrypting omemo message from fingerprint "+getFingerprint()+" because it was marked as compromised"); } return plaintext; } diff --git a/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java b/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java index 8ce8c14d..7929e073 100644 --- a/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java +++ b/src/main/java/eu/siacs/conversations/ui/OmemoActivity.java @@ -24,8 +24,6 @@ import eu.siacs.conversations.R; import eu.siacs.conversations.crypto.axolotl.FingerprintStatus; import eu.siacs.conversations.crypto.axolotl.XmppAxolotlSession; import eu.siacs.conversations.entities.Account; -import eu.siacs.conversations.ui.TrustKeysActivity; -import eu.siacs.conversations.ui.XmppActivity; import eu.siacs.conversations.ui.widget.Switch; import eu.siacs.conversations.utils.CryptoHelper; import eu.siacs.conversations.utils.XmppUri; @@ -51,16 +49,17 @@ public abstract class OmemoActivity extends XmppActivity { && fingerprint instanceof String && fingerprintStatus instanceof FingerprintStatus) { getMenuInflater().inflate(R.menu.omemo_key_context, menu); - MenuItem purgeItem = menu.findItem(R.id.purge_omemo_key); + MenuItem distrust = menu.findItem(R.id.distrust_key); MenuItem verifyScan = menu.findItem(R.id.verify_scan); if (this instanceof TrustKeysActivity) { - purgeItem.setVisible(false); + distrust.setVisible(false); verifyScan.setVisible(false); } else { FingerprintStatus status = (FingerprintStatus) fingerprintStatus; if (!status.isActive() || status.isVerified()) { verifyScan.setVisible(false); } + distrust.setVisible(status.isVerified()); } this.mSelectedAccount = (Account) account; this.mSelectedFingerprint = (String) fingerprint; @@ -70,7 +69,7 @@ public abstract class OmemoActivity extends XmppActivity { @Override public boolean onContextItemSelected(MenuItem item) { switch (item.getItemId()) { - case R.id.purge_omemo_key: + case R.id.distrust_key: showPurgeKeyDialog(mSelectedAccount,mSelectedFingerprint); break; case R.id.copy_omemo_key: @@ -242,17 +241,14 @@ public abstract class OmemoActivity extends XmppActivity { public void showPurgeKeyDialog(final Account account, final String fingerprint) { AlertDialog.Builder builder = new AlertDialog.Builder(this); - builder.setTitle(getString(R.string.purge_key)); - builder.setIconAttribute(android.R.attr.alertDialogIcon); - builder.setMessage(getString(R.string.purge_key_desc_part1) - + "\n\n" + CryptoHelper.prettifyFingerprint(fingerprint.substring(2)) - + "\n\n" + getString(R.string.purge_key_desc_part2)); + builder.setTitle(R.string.distrust_omemo_key); + builder.setMessage(R.string.distrust_omemo_key_text); builder.setNegativeButton(getString(R.string.cancel), null); - builder.setPositiveButton(getString(R.string.purge_key), + builder.setPositiveButton(R.string.confirm, new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int which) { - account.getAxolotlService().purgeKey(fingerprint); + account.getAxolotlService().distrustFingerprint(fingerprint); refreshUi(); } }); diff --git a/src/main/res/menu/omemo_key_context.xml b/src/main/res/menu/omemo_key_context.xml index 1e825902..87c2edc7 100644 --- a/src/main/res/menu/omemo_key_context.xml +++ b/src/main/res/menu/omemo_key_context.xml @@ -5,8 +5,8 @@ android:title="@string/scan_qr_code" /> + android:id="@+id/distrust_key" + android:title="@string/distrust_omemo_key"/> diff --git a/src/main/res/values/strings.xml b/src/main/res/values/strings.xml index be3b262d..e38d6cd0 100644 --- a/src/main/res/values/strings.xml +++ b/src/main/res/values/strings.xml @@ -429,9 +429,6 @@ Wipe other devices from PEP Clear devices Are you sure you want to clear all other devices from the OMEMO announcement? The next time your devices connect, they will reannounce themselves, but they might not receive messages sent in the meantime. - Purge key - Are you sure you want to purge this key? - It will irreversibly be considered compromised, and you can never build a session with it again. There are no usable keys available for this contact.\nFetching new keys from the server has been unsuccessful. Maybe there is something wrong with your contacts server. There are no usable keys available for this contact. If you have purged any of their keys, they need to generate new ones. Error @@ -725,4 +722,6 @@ Verify OMEMO keys Show inactive devices Hide inactive devices + Distrust device + Are you sure you want to remove the verification for this device?\nThis device and messages coming from that device will be marked as untrusted.