diff options
author | lovetox <philipp@hoerist.com> | 2020-06-24 22:08:50 +0300 |
---|---|---|
committer | lovetox <philipp@hoerist.com> | 2020-06-29 23:27:40 +0300 |
commit | 7db0e407ff950ae938b9ea0844925fa10302b874 (patch) | |
tree | 4cfea15dde052fdee966e66bd1a31d6a2461018b | |
parent | 03523dc423abf64b76d58d245bf1680f48a0ca0d (diff) |
[omemo] Add Blind Trust Before Verification
Fixes #310
-rw-r--r-- | omemo/backend/liteaxolotlstore.py | 34 | ||||
-rw-r--r-- | omemo/backend/util.py | 1 | ||||
-rw-r--r-- | omemo/gtk/config.py | 8 | ||||
-rw-r--r-- | omemo/gtk/config.ui | 74 | ||||
-rw-r--r-- | omemo/gtk/key.py | 24 | ||||
-rw-r--r-- | omemo/plugin.py | 5 |
6 files changed, 133 insertions, 13 deletions
diff --git a/omemo/backend/liteaxolotlstore.py b/omemo/backend/liteaxolotlstore.py index d6c5494..94291ee 100644 --- a/omemo/backend/liteaxolotlstore.py +++ b/omemo/backend/liteaxolotlstore.py @@ -30,6 +30,8 @@ from axolotl.identitykeypair import IdentityKeyPair from axolotl.util.medium import Medium from axolotl.util.keyhelper import KeyHelper +from gajim.common import app + from omemo.backend.util import Trust from omemo.backend.util import IdentityKeyExtended from omemo.backend.util import DEFAULT_PREKEY_AMOUNT @@ -76,6 +78,12 @@ class LiteAxolotlStore(AxolotlStore): self._generate_axolotl_keys() @staticmethod + def _is_blind_trust_enabled(): + plugin = app.plugin_manager.get_active_plugin('omemo') + print(plugin.config['BLIND_TRUST']) + return plugin.config['BLIND_TRUST'] + + @staticmethod def _namedtuple_factory(cursor, row): fields = [] for col in cursor.description: @@ -596,12 +604,15 @@ class LiteAxolotlStore(AxolotlStore): self._con.commit() def saveIdentity(self, recipientId, identityKey): - query = '''INSERT INTO identities (recipient_id, public_key, trust) - VALUES(?, ?, ?)''' + query = '''INSERT INTO identities (recipient_id, public_key, trust, shown) + VALUES(?, ?, ?, ?)''' if not self.containsIdentity(recipientId, identityKey): + trust = self.getDefaultTrust(recipientId) + print('TRUST', trust) self._con.execute(query, (recipientId, identityKey.getPublicKey().serialize(), - Trust.UNDECIDED)) + trust, + 1 if trust == Trust.BLIND else 0)) self._con.commit() def containsIdentity(self, recipientId, identityKey): @@ -662,10 +673,21 @@ class LiteAxolotlStore(AxolotlStore): undecided = set(undecided) - set(inactive) return bool(undecided) + def getDefaultTrust(self, jid): + if not self._is_blind_trust_enabled(): + return Trust.UNDECIDED + + query = '''SELECT * FROM identities + WHERE recipient_id = ? AND trust IN (0, 1)''' + result = self._con.execute(query, (jid,)).fetchone() + if result is None: + return Trust.BLIND + return Trust.UNDECIDED + def getTrustedFingerprints(self, jid): query = '''SELECT public_key as "public_key [pk]" FROM identities - WHERE recipient_id = ? AND trust = ?''' - result = self._con.execute(query, (jid, Trust.VERIFIED)).fetchall() + WHERE recipient_id = ? AND trust IN(1, 3)''' + result = self._con.execute(query, (jid,)).fetchall() return [row.public_key for row in result] def getNewFingerprints(self, jid): @@ -694,7 +716,7 @@ class LiteAxolotlStore(AxolotlStore): return False identity_key = record.getSessionState().getRemoteIdentityKey() return self.getTrustForIdentity( - recipient_id, identity_key) == Trust.VERIFIED + recipient_id, identity_key) in (Trust.VERIFIED, Trust.BLIND) def getIdentityLastSeen(self, recipient_id, identity_key): identity_key = identity_key.getPublicKey().serialize() diff --git a/omemo/backend/util.py b/omemo/backend/util.py index f63801c..93a3317 100644 --- a/omemo/backend/util.py +++ b/omemo/backend/util.py @@ -32,6 +32,7 @@ class Trust(IntEnum): UNTRUSTED = 0 VERIFIED = 1 UNDECIDED = 2 + BLIND = 3 def get_fingerprint(identity_key, formatted=False): diff --git a/omemo/gtk/config.py b/omemo/gtk/config.py index ca61071..63d28d4 100644 --- a/omemo/gtk/config.py +++ b/omemo/gtk/config.py @@ -58,6 +58,7 @@ class OMEMOConfigDialog(GajimPluginConfigDialog): self.update_account_store() self.update_account_combobox() self.update_disabled_account_view() + self.update_settings() def is_in_accountstore(self, account): for row in self._ui.account_store: @@ -127,6 +128,9 @@ class OMEMOConfigDialog(GajimPluginConfigDialog): def refresh_button_clicked_cb(self, button, *args): self.update_context_list() + def _on_blind_trust(self, button): + self.plugin.config['BLIND_TRUST'] = button.get_active() + def update_context_list(self): self._ui.deviceid_store.clear() @@ -158,3 +162,7 @@ class OMEMOConfigDialog(GajimPluginConfigDialog): # Set Device ID List for item in omemo.backend.get_devices(own_jid): self._ui.deviceid_store.append([item]) + + def update_settings(self): + self._ui.blind_trust_checkbutton.set_active( + self.plugin.config['BLIND_TRUST'])
\ No newline at end of file diff --git a/omemo/gtk/config.ui b/omemo/gtk/config.ui index 05e88f0..d5f991e 100644 --- a/omemo/gtk/config.ui +++ b/omemo/gtk/config.ui @@ -522,6 +522,80 @@ It is advised to go online with all of your actively used devices after clearing <property name="tab_fill">False</property> </packing> </child> + <child> + <object class="GtkGrid"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <property name="margin_left">18</property> + <property name="margin_right">18</property> + <property name="margin_top">18</property> + <property name="margin_bottom">18</property> + <child> + <object class="GtkFrame"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <property name="label_xalign">0</property> + <property name="shadow_type">none</property> + <child> + <object class="GtkAlignment"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <property name="top_padding">12</property> + <property name="left_padding">12</property> + <child> + <object class="GtkGrid"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <child> + <object class="GtkCheckButton" id="blind_trust_checkbutton"> + <property name="label" translatable="yes">Blind Trust Before Verification</property> + <property name="visible">True</property> + <property name="can_focus">True</property> + <property name="receives_default">False</property> + <property name="draw_indicator">True</property> + <signal name="toggled" handler="_on_blind_trust" swapped="no"/> + </object> + <packing> + <property name="left_attach">0</property> + <property name="top_attach">0</property> + </packing> + </child> + </object> + </child> + </object> + </child> + <child type="label"> + <object class="GtkLabel"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <property name="label" translatable="yes">General</property> + <attributes> + <attribute name="weight" value="bold"/> + </attributes> + </object> + </child> + </object> + <packing> + <property name="left_attach">0</property> + <property name="top_attach">0</property> + </packing> + </child> + </object> + <packing> + <property name="position">3</property> + </packing> + </child> + <child type="tab"> + <object class="GtkLabel"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <property name="label" translatable="yes">Settings</property> + </object> + <packing> + <property name="position">3</property> + <property name="tab_fill">False</property> + </packing> + </child> </object> <object class="GtkListStore" id="fingerprint_store"> <columns> diff --git a/omemo/gtk/key.py b/omemo/gtk/key.py index c8b2dd4..9caee66 100644 --- a/omemo/gtk/key.py +++ b/omemo/gtk/key.py @@ -47,7 +47,10 @@ TRUST_DATA = { 'warning-color'), Trust.VERIFIED: ('security-high-symbolic', _('Verified'), - 'encrypted-color') + 'encrypted-color'), + Trust.BLIND: ('security-medium-symbolic', + _('Blind Trust'), + 'encrypted-color') } @@ -352,11 +355,7 @@ class TrustPopver(Gtk.Popover): self._row = row self._listbox = Gtk.ListBox() self._listbox.set_selection_mode(Gtk.SelectionMode.NONE) - if row.trust != Trust.VERIFIED: - self._listbox.add(VerifiedOption()) - if row.trust != Trust.UNTRUSTED: - self._listbox.add(NotTrustedOption()) - self._listbox.add(DeleteOption()) + self.update() self.add(self._listbox) self._listbox.show_all() self._listbox.connect('row-activated', self._activated) @@ -376,6 +375,8 @@ class TrustPopver(Gtk.Popover): self._listbox.foreach(self._listbox.remove) if self._row.trust != Trust.VERIFIED: self._listbox.add(VerifiedOption()) + if self._row.trust != Trust.BLIND: + self._listbox.add(BlindOption()) if self._row.trust != Trust.UNTRUSTED: self._listbox.add(NotTrustedOption()) self._listbox.add(DeleteOption()) @@ -398,6 +399,17 @@ class MenuOption(Gtk.ListBoxRow): self.show_all() +class BlindOption(MenuOption): + + type_ = Trust.BLIND + icon = 'security-medium-symbolic' + label = _('Blind Trust') + color = 'encrypted-color' + + def __init__(self): + MenuOption.__init__(self) + + class VerifiedOption(MenuOption): type_ = Trust.VERIFIED diff --git a/omemo/plugin.py b/omemo/plugin.py index 4043304..4456648 100644 --- a/omemo/plugin.py +++ b/omemo/plugin.py @@ -114,7 +114,10 @@ class OmemoPlugin(GajimPlugin): self.disabled_accounts = [] self._windows = {} - self.config_default_values = {'DISABLED_ACCOUNTS': ([], ''), } + self.config_default_values = { + 'DISABLED_ACCOUNTS': ([], ''), + 'BLIND_TRUST': (True, '') + } for account in self.config['DISABLED_ACCOUNTS']: self.disabled_accounts.append(account) |