gajim-plugins: Not allow to send msg if Fingerprint is untrusted

Sat, 16 Jul 2016 12:23:37 -0700 

changeset 59bea73d63d2 in /home/hg/repos/gajim-plugins

author: lovetox <[email protected]>
branches: 
details:gajim-plugins?cmd=changeset;node=59bea73d63d2
description: Not allow to send msg if Fingerprint is untrusted

        Only if at least one Fingerprint is trusted a message goes out
        otherwise a error message is printed

        cleaned up SQL querys

        removed unnecessary return statements

diffstat:

 omemo/__init__.py                   |  13 ++++++++++
 omemo/omemo/liteidentitykeystore.py |  45 ++++++++++++++++++++++++------------
 omemo/omemo/state.py                |  22 +++++------------
 3 files changed, 50 insertions(+), 30 deletions(-)

diffs (187 lines):

diff -r 5343cfa6cf9c -r 59bea73d63d2 omemo/__init__.py
--- a/omemo/__init__.py Thu Jun 09 17:23:44 2016 +0200
+++ b/omemo/__init__.py Fri Jun 10 03:05:35 2016 +0200
@@ -551,6 +551,19 @@
         to_jid = gajim.get_jid_without_resource(full_jid)
         if not state.encryption.is_active(to_jid):
             return False
+
+        if not state.store.identityKeyStore.getTrustedFingerprints(to_jid):
+            try:
+                msg = "To send an encrypted message, you have to " \
+                      "first trust the fingerprint of your contact!"
+                if self.ui_list[account][to_jid]:
+                    self.ui_list[account][to_jid]. \
+                        chat_control.print_conversation_line(msg, 'status', 
'', None)
+            except:
+                log.debug('No Ui present for ' + to_jid +
+                          ', Ui Warning not shown')
+            return True
+
         try:
             msg_dict = state.create_msg(
                 gajim.get_jid_from_account(account), to_jid, plaintext)
diff -r 5343cfa6cf9c -r 59bea73d63d2 omemo/omemo/liteidentitykeystore.py
--- a/omemo/omemo/liteidentitykeystore.py       Thu Jun 09 17:23:44 2016 +0200
+++ b/omemo/omemo/liteidentitykeystore.py       Fri Jun 10 03:05:35 2016 +0200
@@ -23,6 +23,8 @@
 from axolotl.state.identitykeystore import IdentityKeyStore
 
 UNDECIDED = 2
+TRUSTED = 1
+UNTRUSTED = 0
 
 
 class LiteIdentityKeyStore(IdentityKeyStore):
@@ -69,7 +71,8 @@
         self.dbConn.commit()
 
     def saveIdentity(self, recipientId, identityKey):
-        q = "INSERT INTO identities (recipient_id, public_key, trust) 
VALUES(?, ?, ?)"
+        q = "INSERT INTO identities (recipient_id, public_key, trust) " \
+            "VALUES(?, ?, ?)"
         c = self.dbConn.cursor()
 
         if not self.getIdentity(recipientId, identityKey):
@@ -79,7 +82,8 @@
             self.dbConn.commit()
 
     def getIdentity(self, recipientId, identityKey):
-        q = "SELECT * FROM identities WHERE recipient_id = ? AND public_key = 
?"
+        q = "SELECT * FROM identities WHERE recipient_id = ? " \
+            "AND public_key = ?"
         c = self.dbConn.cursor()
 
         c.execute(q, (recipientId, identityKey.getPublicKey().serialize()))
@@ -91,7 +95,7 @@
         return True
 
     def getAllFingerprints(self):
-        q = "SELECT _id, recipient_id, public_key, trust FROM identities " + \
+        q = "SELECT _id, recipient_id, public_key, trust FROM identities " \
             "WHERE recipient_id != -1 ORDER BY recipient_id ASC"
         c = self.dbConn.cursor()
 
@@ -101,35 +105,46 @@
         return result
 
     def getFingerprints(self, jid):
-        q = "SELECT _id, recipient_id, public_key, trust FROM identities " + \
-            "WHERE recipient_id = '" + jid + "' ORDER BY trust ASC"
+        q = "SELECT _id, recipient_id, public_key, trust FROM identities " \
+            "WHERE recipient_id =? ORDER BY trust ASC"
         c = self.dbConn.cursor()
 
         result = []
-        for row in c.execute(q):
+        c.execute(q, (jid,))
+        rows = c.fetchall()
+        for row in rows:
             result.append((row[0], row[1], row[2], row[3]))
         return result
 
-    def getUndecidedFingerprints(self, jid):
-        q = "SELECT trust FROM identities " + \
-            "WHERE recipient_id = '" + jid + "' AND trust = '2'"
+    def getTrustedFingerprints(self, jid):
+        q = "SELECT _id FROM identities WHERE recipient_id = ? AND trust = ?"
         c = self.dbConn.cursor()
 
         result = []
-        c.execute(q)
-        result = c.fetchone()
+        c.execute(q, (jid, TRUSTED))
+        result = c.fetchall()
+
+        return result
+
+    def getUndecidedFingerprints(self, jid):
+        q = "SELECT trust FROM identities WHERE recipient_id = ? AND trust = ?"
+        c = self.dbConn.cursor()
+
+        result = []
+        c.execute(q, (jid, UNDECIDED))
+        result = c.fetchall()
 
         return result
 
     def setTrust(self, _id, trust):
-        q = "UPDATE identities SET trust = '" + str(trust) + "'" + \
-            "WHERE _id = '" + str(_id) + "'"
+        q = "UPDATE identities SET trust = ? WHERE _id = ?"
         c = self.dbConn.cursor()
-        c.execute(q)
+        c.execute(q, (trust, _id))
         self.dbConn.commit()
 
     def getTrust(self, recipientId, identityKey):
-        q = "SELECT trust FROM identities WHERE recipient_id = ? AND 
public_key = ?"
+        q = "SELECT trust FROM identities WHERE recipient_id = ? " \
+            "AND public_key = ?"
         c = self.dbConn.cursor()
 
         c.execute(q, (recipientId, identityKey.getPublicKey().serialize()))
diff -r 5343cfa6cf9c -r 59bea73d63d2 omemo/omemo/state.py
--- a/omemo/omemo/state.py      Thu Jun 09 17:23:44 2016 +0200
+++ b/omemo/omemo/state.py      Fri Jun 10 03:05:35 2016 +0200
@@ -185,9 +185,6 @@
                 log.error('sender_jid => ' + str(sender_jid) +
                           ' sid => ' + str(sid))
                 return
-            except (Exception) as e:
-                log.error('Exception: ' + str(e.args))
-                return
 
         except (DuplicateMessageException):
             log.error('Duplicate message found ' + e.message)
@@ -195,10 +192,6 @@
                       ' sid => ' + str(sid))
             return
 
-        except (Exception) as e:
-            log.error('Exception: ' + str(e.args))
-            return
-
         result = unicode(aes_decrypt(key, iv, payload))
 
         if self.own_jid == sender_jid:
@@ -226,12 +219,6 @@
             log.warn('No session ciphers for ' + jid)
             return
 
-        my_other_devices = set(self.own_devices) - set({self.own_device_id})
-        # Encrypt the message key with for each of our own devices
-        for dev in my_other_devices:
-            cipher = self.get_session_cipher(from_jid, dev)
-            encrypted_keys[dev] = cipher.encrypt(key).serialize()
-
         # Encrypt the message key with for each of receivers devices
         for rid, cipher in session_ciphers.items():
             try:
@@ -249,6 +236,12 @@
             log.error(log_msg)
             raise NoValidSessions(log_msg)
 
+        my_other_devices = set(self.own_devices) - set({self.own_device_id})
+        # Encrypt the message key with for each of our own devices
+        for dev in my_other_devices:
+            cipher = self.get_session_cipher(from_jid, dev)
+            encrypted_keys[dev] = cipher.encrypt(key).serialize()
+
         payload = aes_encrypt(key, iv, plaintext)
 
         result = {'sid': self.own_device_id,
@@ -348,7 +341,7 @@
             return key
         else:
             raise Exception("Received PreKeyWhisperMessage from Untrusted 
Fingerprint!")
-            return
+
 
     def handleWhisperMessage(self, recipient_id, device_id, key):
         whisperMessage = WhisperMessage(serialized=key)
@@ -360,4 +353,3 @@
             return key
         else:
             raise Exception("Received WhisperMessage from Untrusted 
Fingerprint!")
-            return
_______________________________________________
Commits mailing list
[email protected]
https://lists.gajim.org/cgi-bin/listinfo/commits

Reply via email to