Decrypt all incoming OMEMO msg

Trust all key as long as it's for reading. This code isn't multithread safe.
2024-11-03 19:37:16 -05:00 · 2019-06-07 23:44:26 +02:00 · 2019-06-07 23:44:26 +02:00 · 2604786cb6
commit 2604786cb6
parent 7c119aa9bf
3 changed files with 23 additions and 1 deletions
--- a/src/omemo/omemo.c
+++ b/src/omemo/omemo.c
@ -724,6 +724,8 @@ omemo_on_message_send(ProfWin *win, const char *const message, gboolean request_

    GList *device_ids_iter;

+    omemo_ctx.identity_key_store.recv = false;
+
    GList *recipients_iter;
    for (recipients_iter = recipients; recipients_iter != NULL; recipients_iter = recipients_iter->next) {
        GList *recipient_device_id = NULL;
@ -888,6 +890,8 @@ omemo_on_message_recv(const char *const from_jid, uint32_t sid,
        goto out;
    }

+    omemo_ctx.identity_key_store.recv = true;
+
    if (key->prekey) {
        log_debug("OMEMO: decrypting message with prekey");
        pre_key_signal_message *message;
@ -923,6 +927,9 @@ omemo_on_message_recv(const char *const from_jid, uint32_t sid,
        }
    }

+    omemo_ctx.identity_key_store.recv = false;
+    *trusted = omemo_ctx.identity_key_store.trusted_msg;
+
    session_cipher_free(cipher);
    if (res != 0) {
        log_error("OMEMO: cannot decrypt message key");
--- a/src/omemo/store.c
+++ b/src/omemo/store.c
@ -362,6 +362,11 @@ save_identity(const signal_protocol_address *address, uint8_t *key_data,
 {
    identity_key_store_t *identity_key_store = (identity_key_store_t *)user_data;

+    if (identity_key_store->recv && !identity_key_store->trusted_msg) {
+        /* Do not trust identity automatically */
+        return SG_SUCCESS;
+    }
+
    signal_buffer *buffer = signal_buffer_create(key_data, key_len);

    GHashTable *trusted = g_hash_table_lookup(identity_key_store->trusted, strdup(address->name));
@ -390,9 +395,18 @@ is_trusted_identity(const signal_protocol_address *address, uint8_t *key_data,
    int ret;
    identity_key_store_t *identity_key_store = (identity_key_store_t *)user_data;

+    if (identity_key_store->recv) {
+        return true;
+    }
+
    GHashTable *trusted = g_hash_table_lookup(identity_key_store->trusted, address->name);
    if (!trusted) {
-        return 0;
+        if (identity_key_store->recv) {
+            identity_key_store->trusted_msg = false;
+            return 1;
+        } else {
+            return 0;
+        }
    }

    signal_buffer *buffer = signal_buffer_create(key_data, key_len);
--- a/src/omemo/store.h
+++ b/src/omemo/store.h
@ -48,6 +48,7 @@ typedef struct {
   signal_buffer *private;
   uint32_t registration_id;
   GHashTable *trusted;
+   bool recv;
 } identity_key_store_t;

 GHashTable * session_store_new(void);