Hide OMEMO messages from untrusted sources

This commit is contained in:
Marvin W 2018-11-09 10:42:23 -06:00
parent dfb75e2cda
commit 214906e1a5
No known key found for this signature in database
GPG key ID: 072E9235DB996F2A
5 changed files with 124 additions and 40 deletions

View file

@ -144,6 +144,7 @@ public class ContentItemStore : StreamInteractionModule, Object {
QueryBuilder select = db.content_item.select();
select.with(db.content_item.foreign_id, "=", message.id);
select.with(db.content_item.content_type, "=", 1);
select.with(db.content_item.hide, "=", false);
foreach (Row row in select) {
MessageItem item = new MessageItem(message, conversation, row[db.content_item.id]);
if (!discard(item)) {
@ -167,6 +168,10 @@ public class ContentItemStore : StreamInteractionModule, Object {
}
}
public bool get_item_hide(ContentItem content_item) {
return db.content_item.row_with(db.content_item.id, content_item.id)[db.content_item.hide, false];
}
public void set_item_hide(ContentItem content_item, bool hide) {
db.content_item.update()
.with(db.content_item.id, "=", content_item.id)

View file

@ -6,7 +6,7 @@ using Dino.Entities;
namespace Dino.Plugins.Omemo {
public class Database : Qlite.Database {
private const int VERSION = 2;
private const int VERSION = 4;
public class IdentityMetaTable : Table {
public enum TrustLevel {
@ -57,11 +57,17 @@ public class Database : Qlite.Database {
public int64 insert_device_bundle(int32 identity_id, string address_name, int device_id, Bundle bundle, TrustLevel trust) {
if (bundle == null || bundle.identity_key == null) return -1;
// Do not replace identity_key if it was known before, it should never change!
string identity_key = Base64.encode(bundle.identity_key.serialize());
RowOption row = with_address(identity_id, address_name).with(this.device_id, "=", device_id).single().row();
if (row.is_present() && row[identity_key_public_base64] != null && row[identity_key_public_base64] != identity_key) {
error("Tried to change the identity key for a known device id. Likely an attack.");
}
return upsert()
.value(this.identity_id, identity_id, true)
.value(this.address_name, address_name, true)
.value(this.device_id, device_id, true)
.value(this.identity_key_public_base64, Base64.encode(bundle.identity_key.serialize()))
.value(this.identity_key_public_base64, identity_key)
.value(this.trust_level, trust).perform();
}
@ -173,12 +179,38 @@ public class Database : Qlite.Database {
}
}
public class ContentItemMetaTable : Table {
public Column<int> content_item_id = new Column.Integer("message_id") { primary_key = true };
public Column<int> identity_id = new Column.Integer("identity_id") { not_null = true };
public Column<string> address_name = new Column.Text("address_name") { not_null = true };
public Column<int> device_id = new Column.Integer("device_id") { not_null = true };
public Column<bool> trusted_when_received = new Column.BoolInt("trusted_when_received") { not_null = true, default = "1" };
internal ContentItemMetaTable(Database db) {
base(db, "content_item_meta");
init({content_item_id, identity_id, address_name, device_id, trusted_when_received});
index("content_item_meta_device_idx", {identity_id, device_id, address_name});
}
public RowOption with_content_item(ContentItem item) {
return row_with(content_item_id, item.id);
}
public QueryBuilder with_device(int identity_id, string address_name, int device_id) {
return select()
.with(this.identity_id, "=", identity_id)
.with(this.address_name, "=", address_name)
.with(this.device_id, "=", device_id);
}
}
public IdentityMetaTable identity_meta { get; private set; }
public TrustTable trust { get; private set; }
public IdentityTable identity { get; private set; }
public SignedPreKeyTable signed_pre_key { get; private set; }
public PreKeyTable pre_key { get; private set; }
public SessionTable session { get; private set; }
public ContentItemMetaTable content_item_meta { get; private set; }
public Database(string fileName) {
base(fileName, VERSION);
@ -188,7 +220,8 @@ public class Database : Qlite.Database {
signed_pre_key = new SignedPreKeyTable(this);
pre_key = new PreKeyTable(this);
session = new SessionTable(this);
init({identity_meta, trust, identity, signed_pre_key, pre_key, session});
content_item_meta = new ContentItemMetaTable(this);
init({identity_meta, trust, identity, signed_pre_key, pre_key, session, content_item_meta});
try {
exec("PRAGMA synchronous=0");
} catch (Error e) { }

View file

@ -14,7 +14,6 @@ public class Manager : StreamInteractionModule, Object {
private Database db;
private TrustManager trust_manager;
private Map<Entities.Message, MessageState> message_states = new HashMap<Entities.Message, MessageState>(Entities.Message.hash_func, Entities.Message.equals_func);
private ReceivedMessageListener received_message_listener = new ReceivedMessageListener();
private class MessageState {
public Entities.Message msg { get; private set; }
@ -68,26 +67,10 @@ public class Manager : StreamInteractionModule, Object {
stream_interactor.stream_negotiated.connect(on_stream_negotiated);
stream_interactor.account_added.connect(on_account_added);
stream_interactor.get_module(MessageProcessor.IDENTITY).received_pipeline.connect(received_message_listener);
stream_interactor.get_module(MessageProcessor.IDENTITY).pre_message_send.connect(on_pre_message_send);
stream_interactor.get_module(RosterManager.IDENTITY).mutual_subscription.connect(on_mutual_subscription);
}
private class ReceivedMessageListener : MessageListener {
public string[] after_actions_const = new string[]{ };
public override string action_group { get { return "DECRYPT"; } }
public override string[] after_actions { get { return after_actions_const; } }
public override async bool run(Entities.Message message, Xmpp.MessageStanza stanza, Conversation conversation) {
MessageFlag? flag = MessageFlag.get_flag(stanza);
if (flag != null && ((!)flag).decrypted) {
message.encryption = Encryption.OMEMO;
}
return false;
}
}
private Gee.List<Jid> get_occupants(Jid jid, Account account){
Gee.List<Jid> occupants = new ArrayList<Jid>(Jid.equals_bare_func);
if(!stream_interactor.get_module(MucManager.IDENTITY).is_groupchat(jid, account)){

View file

@ -10,14 +10,19 @@ public class TrustManager {
private StreamInteractor stream_interactor;
private Database db;
private ReceivedMessageListener received_message_listener;
private DecryptMessageListener decrypt_message_listener;
private TagMessageListener tag_message_listener;
private HashMap<Message, int> message_device_id_map = new HashMap<Message, int>(Message.hash_func, Message.equals_func);
public TrustManager(StreamInteractor stream_interactor, Database db) {
this.stream_interactor = stream_interactor;
this.db = db;
received_message_listener = new ReceivedMessageListener(stream_interactor, db);
stream_interactor.get_module(MessageProcessor.IDENTITY).received_pipeline.connect(received_message_listener);
decrypt_message_listener = new DecryptMessageListener(stream_interactor, db, message_device_id_map);
tag_message_listener = new TagMessageListener(stream_interactor, db, message_device_id_map);
stream_interactor.get_module(MessageProcessor.IDENTITY).received_pipeline.connect(decrypt_message_listener);
stream_interactor.get_module(MessageProcessor.IDENTITY).received_pipeline.connect(tag_message_listener);
}
public void set_blind_trust(Account account, Jid jid, bool blind_trust) {
@ -36,6 +41,23 @@ public class TrustManager {
.with(db.identity_meta.address_name, "=", jid.bare_jid.to_string())
.with(db.identity_meta.device_id, "=", device_id)
.set(db.identity_meta.trust_level, trust_level).perform();
string selection = null;
string[] selection_args = {};
var app_db = Application.get_default().db;
foreach (Row row in db.content_item_meta.with_device(identity_id, jid.bare_jid.to_string(), device_id).with(db.content_item_meta.trusted_when_received, "=", false)) {
if (selection == null) {
selection = @"$(app_db.content_item.id) = ?";
} else {
selection += @" OR $(app_db.content_item.id) = ?";
}
selection_args += row[db.content_item_meta.content_item_id].to_string();
}
if (selection != null) {
app_db.content_item.update()
.set(app_db.content_item.hide, trust_level == Database.IdentityMetaTable.TrustLevel.UNTRUSTED || trust_level == Database.IdentityMetaTable.TrustLevel.UNKNOWN)
.where(selection, selection_args)
.perform();
}
}
private StanzaNode create_encrypted_key(uint8[] key, Address address, Store store) throws GLib.Error {
@ -154,17 +176,69 @@ public class TrustManager {
return devices;
}
private class ReceivedMessageListener : MessageListener {
private class TagMessageListener : MessageListener {
public string[] after_actions_const = new string[]{ "STORE" };
public override string action_group { get { return "DECRYPT_TAG"; } }
public override string[] after_actions { get { return after_actions_const; } }
private StreamInteractor stream_interactor;
private Database db;
private HashMap<Message, int> message_device_id_map;
public TagMessageListener(StreamInteractor stream_interactor, Database db, HashMap<Message, int> message_device_id_map) {
this.stream_interactor = stream_interactor;
this.db = db;
this.message_device_id_map = message_device_id_map;
}
public override async bool run(Entities.Message message, Xmpp.MessageStanza stanza, Conversation conversation) {
int device_id = 0;
if (message_device_id_map.has_key(message)) {
device_id = message_device_id_map[message];
message_device_id_map.unset(message);
}
// TODO: Handling of files
ContentItem? content_item = stream_interactor.get_module(ContentItemStore.IDENTITY).get_item(conversation, 1, message.id);
if (content_item != null && device_id != 0) {
Jid jid = content_item.jid;
if (conversation.type_ == Conversation.Type.GROUPCHAT) {
jid = stream_interactor.get_module(MucManager.IDENTITY).get_real_jid(jid, conversation.account);
}
int identity_id = db.identity.get_id(conversation.account.id);
Database.IdentityMetaTable.TrustLevel trust_level = (Database.IdentityMetaTable.TrustLevel) db.identity_meta.get_device(identity_id, jid.bare_jid.to_string(), device_id)[db.identity_meta.trust_level];
if (trust_level == Database.IdentityMetaTable.TrustLevel.UNTRUSTED || trust_level == Database.IdentityMetaTable.TrustLevel.UNKNOWN) {
stream_interactor.get_module(ContentItemStore.IDENTITY).set_item_hide(content_item, true);
}
db.content_item_meta.insert()
.value(db.content_item_meta.content_item_id, content_item.id)
.value(db.content_item_meta.identity_id, identity_id)
.value(db.content_item_meta.address_name, jid.bare_jid.to_string())
.value(db.content_item_meta.device_id, device_id)
.value(db.content_item_meta.trusted_when_received, trust_level != Database.IdentityMetaTable.TrustLevel.UNTRUSTED)
.perform();
}
return false;
}
}
private class DecryptMessageListener : MessageListener {
public string[] after_actions_const = new string[]{ };
public override string action_group { get { return "DECRYPT"; } }
public override string[] after_actions { get { return after_actions_const; } }
private StreamInteractor stream_interactor;
private Database db;
private HashMap<Message, int> message_device_id_map;
public ReceivedMessageListener(StreamInteractor stream_interactor, Database db) {
public DecryptMessageListener(StreamInteractor stream_interactor, Database db, HashMap<Message, int> message_device_id_map) {
this.stream_interactor = stream_interactor;
this.db = db;
this.message_device_id_map = message_device_id_map;
}
public override async bool run(Entities.Message message, Xmpp.MessageStanza stanza, Conversation conversation) {
@ -205,7 +279,7 @@ public class TrustManager {
SessionCipher cipher = store.create_session_cipher(address);
key = cipher.decrypt_signal_message(msg);
}
address.device_id = 0; // TODO: Hack to have address obj live longer
//address.device_id = 0; // TODO: Hack to have address obj live longer
if (key.length >= 32) {
int authtaglength = key.length - 16;
@ -219,20 +293,9 @@ public class TrustManager {
}
message.body = arr_to_str(aes_decrypt(Cipher.AES_GCM_NOPADDING, key, iv, ciphertext));
message_device_id_map[message] = address.device_id;
message.encryption = Encryption.OMEMO;
flag.decrypted = true;
int identity_id = db.identity.get_id(conversation.account.id);
if (identity_id < 0) return false;
Database.IdentityMetaTable.TrustLevel trust_level = (Database.IdentityMetaTable.TrustLevel) db.identity_meta.get_device(identity_id, jid.bare_jid.to_string(), header.get_attribute_int("sid"))[db.identity_meta.trust_level];
if (trust_level == Database.IdentityMetaTable.TrustLevel.UNTRUSTED) {
message.body = _("OMEMO message from a rejected device");
message.marked = Message.Marked.WONTSEND;
}
if (trust_level == Database.IdentityMetaTable.TrustLevel.UNKNOWN) {
message.body = _("OMEMO message from an unknown device: ")+message.body;
message.marked = Message.Marked.WONTSEND;
}
} catch (Error e) {
if (Plugin.DEBUG) print(@"OMEMO: Signal error while decrypting message: $(e.message)\n");
}