From 3ba38eafa8ff0a53937fafebc0f8754944d57601 Mon Sep 17 00:00:00 2001 From: Stefan <79058696+StefanKropp@users.noreply.github.com> Date: Sat, 17 Apr 2021 13:28:54 +0200 Subject: [PATCH] OMEMO - trust mode (#1506) Add OMEMO trust mode capabilities. * ToFu / first usage * blind trust * manual --- src/command/cmd_ac.c | 15 +++++++++++++++ src/command/cmd_defs.c | 5 +++++ src/command/cmd_funcs.c | 31 +++++++++++++++++++++++++++++++ src/command/cmd_funcs.h | 1 + src/config/preferences.c | 5 +++++ src/config/preferences.h | 1 + src/omemo/omemo.c | 36 ++++++++++++++++++++++++++++++++++++ 7 files changed, 94 insertions(+) diff --git a/src/command/cmd_ac.c b/src/command/cmd_ac.c index 26c9d948..a4d70598 100644 --- a/src/command/cmd_ac.c +++ b/src/command/cmd_ac.c @@ -193,6 +193,7 @@ static Autocomplete otr_sendfile_ac; static Autocomplete omemo_ac; static Autocomplete omemo_log_ac; static Autocomplete omemo_policy_ac; +static Autocomplete omemo_trustmode_ac; #endif static Autocomplete connect_property_ac; static Autocomplete tls_property_ac; @@ -682,6 +683,7 @@ cmd_ac_init(void) autocomplete_add(omemo_ac, "fingerprint"); autocomplete_add(omemo_ac, "clear_device_list"); autocomplete_add(omemo_ac, "policy"); + autocomplete_add(omemo_ac, "trustmode"); autocomplete_add(omemo_ac, "char"); omemo_log_ac = autocomplete_new(); @@ -693,6 +695,12 @@ cmd_ac_init(void) autocomplete_add(omemo_policy_ac, "manual"); autocomplete_add(omemo_policy_ac, "automatic"); autocomplete_add(omemo_policy_ac, "always"); + + // Autocomplete OMEMO trustmode + omemo_trustmode_ac = autocomplete_new(); + autocomplete_add(omemo_trustmode_ac, "manual"); + autocomplete_add(omemo_trustmode_ac, "firstusage"); + autocomplete_add(omemo_trustmode_ac, "blind"); #endif connect_property_ac = autocomplete_new(); @@ -1295,6 +1303,7 @@ cmd_ac_reset(ProfWin* window) autocomplete_reset(omemo_ac); autocomplete_reset(omemo_log_ac); autocomplete_reset(omemo_policy_ac); + autocomplete_reset(omemo_trustmode_ac); #endif autocomplete_reset(connect_property_ac); autocomplete_reset(tls_property_ac); @@ -1453,6 +1462,7 @@ cmd_ac_uninit(void) autocomplete_free(omemo_ac); autocomplete_free(omemo_log_ac); autocomplete_free(omemo_policy_ac); + autocomplete_free(omemo_trustmode_ac); #endif autocomplete_free(connect_property_ac); autocomplete_free(tls_property_ac); @@ -2519,6 +2529,11 @@ _omemo_autocomplete(ProfWin* window, const char* const input, gboolean previous) return found; } + found = autocomplete_param_with_ac(input, "/omemo trustmode", omemo_trustmode_ac, TRUE, previous); + if (found) { + return found; + } + jabber_conn_status_t conn_status = connection_get_status(); if (conn_status == JABBER_CONNECTED) { diff --git a/src/command/cmd_defs.c b/src/command/cmd_defs.c index 239467a1..93e12077 100644 --- a/src/command/cmd_defs.c +++ b/src/command/cmd_defs.c @@ -2292,6 +2292,7 @@ static struct cmd_t command_defs[] = { { "log", cmd_omemo_log }, { "start", cmd_omemo_start }, { "end", cmd_omemo_end }, + { "trustmode", cmd_omemo_trust_mode }, { "trust", cmd_omemo_trust }, { "untrust", cmd_omemo_untrust }, { "fingerprint", cmd_omemo_fingerprint }, @@ -2310,6 +2311,7 @@ static struct cmd_t command_defs[] = { "/omemo end", "/omemo fingerprint []", "/omemo char ", + "/omemo trustmode manual|firstusage|blind", "/omemo policy manual|automatic|always", "/omemo clear_device_list") CMD_DESC( @@ -2322,6 +2324,9 @@ static struct cmd_t command_defs[] = { { "log redact", "Log OMEMO encrypted messages, but replace the contents with [redacted]. This is the default." }, { "fingerprint []", "Show contact fingerprints, or current recipient if omitted." }, { "char ", "Set the character to be displayed next to OMEMO encrypted messages." }, + { "trustmode manual", "Set the global OMEMO trust mode to manual, OMEMO keys has to be trusted manually." }, + { "trustmode firstusage", "Set the global OMEMO trust mode to ToFu, first OMEMO keys trusted automatically." }, + { "trustmode blind", "Set the global OMEMO trust mode to blind, ALL OMEMO keys trusted automatically." }, { "policy manual", "Set the global OMEMO policy to manual, OMEMO sessions must be started manually." }, { "policy automatic", "Set the global OMEMO policy to opportunistic, an OMEMO session will be attempted upon starting a conversation." }, { "policy always", "Set the global OMEMO policy to always, an error will be displayed if an OMEMO session cannot be initiated upon starting a conversation." }, diff --git a/src/command/cmd_funcs.c b/src/command/cmd_funcs.c index 9d8fec50..351f7b98 100644 --- a/src/command/cmd_funcs.c +++ b/src/command/cmd_funcs.c @@ -8474,6 +8474,37 @@ cmd_omemo_start(ProfWin* window, const char* const command, gchar** args) #endif } +gboolean +cmd_omemo_trust_mode(ProfWin* window, const char* const command, gchar** args) +{ +#ifdef HAVE_OMEMO + + if (!args[1]) { + cons_show("Current trust mode is %s", prefs_get_string(PREF_OMEMO_TRUST_MODE)); + return TRUE; + } + + if (g_strcmp0(args[1], "manual") == 0) { + cons_show("Current trust mode is %s - setting to %s", prefs_get_string(PREF_OMEMO_TRUST_MODE), args[1]); + cons_show("You need to trust all OMEMO fingerprints manually"); + } else if (g_strcmp0(args[1], "firstusage") == 0) { + cons_show("Current trust mode is %s - setting to %s", prefs_get_string(PREF_OMEMO_TRUST_MODE), args[1]); + cons_show("The first seen OMEMO fingerprints will be trusted automatically - new keys must be trusted manually"); + } else if (g_strcmp0(args[1], "blind") == 0) { + cons_show("Current trust mode is %s - setting to %s", prefs_get_string(PREF_OMEMO_TRUST_MODE), args[1]); + cons_show("ALL OMEMO fingerprints will be trusted automatically"); + } else { + cons_bad_cmd_usage(command); + return TRUE; + } + prefs_set_string(PREF_OMEMO_TRUST_MODE, args[1]); + +#else + cons_show("This version of Profanity has not been built with OMEMO support enabled"); +#endif + return TRUE; +} + gboolean cmd_omemo_char(ProfWin* window, const char* const command, gchar** args) { diff --git a/src/command/cmd_funcs.h b/src/command/cmd_funcs.h index a2c5f8f3..0785963b 100644 --- a/src/command/cmd_funcs.h +++ b/src/command/cmd_funcs.h @@ -222,6 +222,7 @@ gboolean cmd_omemo_end(ProfWin* window, const char* const command, gchar** args) gboolean cmd_omemo_fingerprint(ProfWin* window, const char* const command, gchar** args); gboolean cmd_omemo_trust(ProfWin* window, const char* const command, gchar** args); gboolean cmd_omemo_untrust(ProfWin* window, const char* const command, gchar** args); +gboolean cmd_omemo_trust_mode(ProfWin* window, const char* const command, gchar** args); gboolean cmd_omemo_policy(ProfWin* window, const char* const command, gchar** args); gboolean cmd_omemo_clear_device_list(ProfWin* window, const char* const command, gchar** args); diff --git a/src/config/preferences.c b/src/config/preferences.c index a11a5d42..f4c86b2d 100644 --- a/src/config/preferences.c +++ b/src/config/preferences.c @@ -1930,6 +1930,7 @@ _get_group(preference_t pref) return PREF_GROUP_PLUGINS; case PREF_OMEMO_LOG: case PREF_OMEMO_POLICY: + case PREF_OMEMO_TRUST_MODE: return PREF_GROUP_OMEMO; default: return NULL; @@ -2178,6 +2179,8 @@ _get_key(preference_t pref) return "log"; case PREF_OMEMO_POLICY: return "policy"; + case PREF_OMEMO_TRUST_MODE: + return "trustmode"; case PREF_CORRECTION_ALLOW: return "correction.allow"; case PREF_AVATAR_CMD: @@ -2323,6 +2326,8 @@ _get_default_string(preference_t pref) return "redact"; case PREF_OMEMO_POLICY: return "automatic"; + case PREF_OMEMO_TRUST_MODE: + return "manual"; case PREF_COLOR_NICK: return "false"; case PREF_AVATAR_CMD: diff --git a/src/config/preferences.h b/src/config/preferences.h index 4e254917..d58cf8b1 100644 --- a/src/config/preferences.h +++ b/src/config/preferences.h @@ -166,6 +166,7 @@ typedef enum { PREF_STATUSBAR_ROOM, PREF_OMEMO_LOG, PREF_OMEMO_POLICY, + PREF_OMEMO_TRUST_MODE, PREF_OCCUPANTS_WRAP, PREF_CORRECTION_ALLOW, PREF_AVATAR_CMD, diff --git a/src/omemo/omemo.c b/src/omemo/omemo.c index 495842bf..8c7a1276 100644 --- a/src/omemo/omemo.c +++ b/src/omemo/omemo.c @@ -542,6 +542,34 @@ omemo_set_device_list(const char* const from, GList* device_list) } } + // OMEMO trustmode ToFu + if (g_strcmp0(prefs_get_string(PREF_OMEMO_TRUST_MODE), "firstusage") == 0) { + log_info("[OMEMO] Checking firstusage state for %s", jid->barejid); + GHashTable* trusted = g_hash_table_lookup(omemo_ctx.identity_key_store.trusted, jid->barejid); + if (trusted) { + if (g_hash_table_size(trusted) > 0) { + log_info("[OMEMO] Found trusted device for %s - skip firstusage", jid->barejid); + return; + } + } else { + if (device_list) { + cons_show("OMEMO: No trusted devices found for %s", jid->barejid); + GList* device_id; + for (device_id = device_list; device_id != NULL; device_id = device_id->next) { + GHashTable* known_identities = g_hash_table_lookup(omemo_ctx.known_devices, jid->barejid); + if (known_identities) { + GList* fp = NULL; + for (fp = g_hash_table_get_keys(known_identities); fp != NULL; fp = fp->next) { + if (device_id->data == g_hash_table_lookup(known_identities, fp->data)) { + cons_show("OMEMO: Adding firstusage trust for %s device %d - Fingerprint %s", jid->barejid, device_id->data, omemo_format_fingerprint(fp->data)); + omemo_trust(jid->barejid, omemo_format_fingerprint(fp->data)); + } + } + } + } + } + } + } jid_destroy(jid); } @@ -622,6 +650,14 @@ omemo_start_device_session(const char* const jid, uint32_t device_id, gboolean trusted = is_trusted_identity(&address, (uint8_t*)identity_key_raw, identity_key_len, &omemo_ctx.identity_key_store); + if ((g_strcmp0(prefs_get_string(PREF_OMEMO_TRUST_MODE), "blind") == 0) && !trusted) { + char* fp = _omemo_fingerprint(identity_key, TRUE); + cons_show("Blind trust for %s device %d (%s)", jid, device_id, fp); + omemo_trust(jid, fp); + free(fp); + trusted = TRUE; + } + if (!trusted) { goto out; }