add vendoring

2022-11-16 12:08:51 +02:00
parent 14751cbf3a
commit c1d33fe3cb
1104 changed files with 759066 additions and 0 deletions
--- a/vendor/maunium.net/go/mautrix/crypto/verification_in_room.go
+++ b/vendor/maunium.net/go/mautrix/crypto/verification_in_room.go
@@ -0,0 +1,332 @@
+// Copyright (c) 2020 Nikos Filippakis
+//
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+package crypto
+
+import (
+	"encoding/json"
+	"errors"
+	"time"
+
+	"maunium.net/go/mautrix/crypto/canonicaljson"
+	"maunium.net/go/mautrix/crypto/olm"
+	"maunium.net/go/mautrix/event"
+	"maunium.net/go/mautrix/id"
+)
+
+var (
+	ErrNoVerificationFromDevice = errors.New("from_device field is empty")
+	ErrNoVerificationMethods    = errors.New("verification method list is empty")
+	ErrNoRelatesTo              = errors.New("missing m.relates_to info")
+)
+
+// ProcessInRoomVerification is a callback that is to be called when a client receives a message
+// related to in-room verification.
+//
+// Currently this is not automatically called, so you must add the listener yourself.
+// Note that in-room verification events are wrapped in m.room.encrypted, but this expects the decrypted events.
+func (mach *OlmMachine) ProcessInRoomVerification(evt *event.Event) error {
+	if evt.Sender == mach.Client.UserID {
+		// nothing to do if the message is our own
+		return nil
+	}
+	if relatable, ok := evt.Content.Parsed.(event.Relatable); !ok || relatable.OptionalGetRelatesTo() == nil {
+		return ErrNoRelatesTo
+	}
+
+	switch content := evt.Content.Parsed.(type) {
+	case *event.MessageEventContent:
+		if content.MsgType == event.MsgVerificationRequest {
+			if content.FromDevice == "" {
+				return ErrNoVerificationFromDevice
+			}
+			if content.Methods == nil {
+				return ErrNoVerificationMethods
+			}
+
+			newContent := &event.VerificationRequestEventContent{
+				FromDevice:    content.FromDevice,
+				Methods:       content.Methods,
+				Timestamp:     evt.Timestamp,
+				TransactionID: evt.ID.String(),
+			}
+			mach.handleVerificationRequest(evt.Sender, newContent, evt.ID.String(), evt.RoomID)
+		}
+	case *event.VerificationStartEventContent:
+		mach.handleVerificationStart(evt.Sender, content, content.RelatesTo.EventID.String(), 10*time.Minute, evt.RoomID)
+	case *event.VerificationReadyEventContent:
+		mach.handleInRoomVerificationReady(evt.Sender, evt.RoomID, content, content.RelatesTo.EventID.String())
+	case *event.VerificationAcceptEventContent:
+		mach.handleVerificationAccept(evt.Sender, content, content.RelatesTo.EventID.String())
+	case *event.VerificationKeyEventContent:
+		mach.handleVerificationKey(evt.Sender, content, content.RelatesTo.EventID.String())
+	case *event.VerificationMacEventContent:
+		mach.handleVerificationMAC(evt.Sender, content, content.RelatesTo.EventID.String())
+	case *event.VerificationCancelEventContent:
+		mach.handleVerificationCancel(evt.Sender, content, content.RelatesTo.EventID.String())
+	}
+	return nil
+}
+
+// SendInRoomSASVerificationCancel is used to manually send an in-room SAS cancel message process with the given reason and cancellation code.
+func (mach *OlmMachine) SendInRoomSASVerificationCancel(roomID id.RoomID, userID id.UserID, transactionID string, reason string, code event.VerificationCancelCode) error {
+	content := &event.VerificationCancelEventContent{
+		RelatesTo: &event.RelatesTo{Type: event.RelReference, EventID: id.EventID(transactionID)},
+		Reason:    reason,
+		Code:      code,
+		To:        userID,
+	}
+
+	encrypted, err := mach.EncryptMegolmEvent(roomID, event.InRoomVerificationCancel, content)
+	if err != nil {
+		return err
+	}
+	_, err = mach.Client.SendMessageEvent(roomID, event.EventEncrypted, encrypted)
+	return err
+}
+
+// SendInRoomSASVerificationRequest is used to manually send an in-room SAS verification request message to another user.
+func (mach *OlmMachine) SendInRoomSASVerificationRequest(roomID id.RoomID, toUserID id.UserID, methods []VerificationMethod) (string, error) {
+	content := &event.MessageEventContent{
+		MsgType:    event.MsgVerificationRequest,
+		FromDevice: mach.Client.DeviceID,
+		Methods:    []event.VerificationMethod{event.VerificationMethodSAS},
+		To:         toUserID,
+	}
+
+	encrypted, err := mach.EncryptMegolmEvent(roomID, event.EventMessage, content)
+	if err != nil {
+		return "", err
+	}
+	resp, err := mach.Client.SendMessageEvent(roomID, event.EventEncrypted, encrypted)
+	if err != nil {
+		return "", err
+	}
+	return resp.EventID.String(), nil
+}
+
+// SendInRoomSASVerificationReady is used to manually send an in-room SAS verification ready message to another user.
+func (mach *OlmMachine) SendInRoomSASVerificationReady(roomID id.RoomID, transactionID string) error {
+	content := &event.VerificationReadyEventContent{
+		FromDevice: mach.Client.DeviceID,
+		Methods:    []event.VerificationMethod{event.VerificationMethodSAS},
+		RelatesTo:  &event.RelatesTo{Type: event.RelReference, EventID: id.EventID(transactionID)},
+	}
+
+	encrypted, err := mach.EncryptMegolmEvent(roomID, event.InRoomVerificationReady, content)
+	if err != nil {
+		return err
+	}
+	_, err = mach.Client.SendMessageEvent(roomID, event.EventEncrypted, encrypted)
+	return err
+}
+
+// SendInRoomSASVerificationStart is used to manually send the in-room SAS verification start message to another user.
+func (mach *OlmMachine) SendInRoomSASVerificationStart(roomID id.RoomID, toUserID id.UserID, transactionID string, methods []VerificationMethod) (*event.VerificationStartEventContent, error) {
+	sasMethods := make([]event.SASMethod, len(methods))
+	for i, method := range methods {
+		sasMethods[i] = method.Type()
+	}
+	content := &event.VerificationStartEventContent{
+		FromDevice:                 mach.Client.DeviceID,
+		RelatesTo:                  &event.RelatesTo{Type: event.RelReference, EventID: id.EventID(transactionID)},
+		Method:                     event.VerificationMethodSAS,
+		KeyAgreementProtocols:      []event.KeyAgreementProtocol{event.KeyAgreementCurve25519HKDFSHA256},
+		Hashes:                     []event.VerificationHashMethod{event.VerificationHashSHA256},
+		MessageAuthenticationCodes: []event.MACMethod{event.HKDFHMACSHA256},
+		ShortAuthenticationString:  sasMethods,
+		To:                         toUserID,
+	}
+
+	encrypted, err := mach.EncryptMegolmEvent(roomID, event.InRoomVerificationStart, content)
+	if err != nil {
+		return nil, err
+	}
+	_, err = mach.Client.SendMessageEvent(roomID, event.EventEncrypted, encrypted)
+	return content, err
+}
+
+// SendInRoomSASVerificationAccept is used to manually send an accept for an in-room SAS verification process from a received m.key.verification.start event.
+func (mach *OlmMachine) SendInRoomSASVerificationAccept(roomID id.RoomID, fromUser id.UserID, startEvent *event.VerificationStartEventContent, transactionID string, publicKey []byte, methods []VerificationMethod) error {
+	if startEvent.Method != event.VerificationMethodSAS {
+		reason := "Unknown verification method: " + string(startEvent.Method)
+		if err := mach.SendInRoomSASVerificationCancel(roomID, fromUser, transactionID, reason, event.VerificationCancelUnknownMethod); err != nil {
+			return err
+		}
+		return ErrUnknownVerificationMethod
+	}
+	payload, err := json.Marshal(startEvent)
+	if err != nil {
+		return err
+	}
+	canonical, err := canonicaljson.CanonicalJSON(payload)
+	if err != nil {
+		return err
+	}
+	hash := olm.NewUtility().Sha256(string(publicKey) + string(canonical))
+	sasMethods := make([]event.SASMethod, len(methods))
+	for i, method := range methods {
+		sasMethods[i] = method.Type()
+	}
+	content := &event.VerificationAcceptEventContent{
+		RelatesTo:                 &event.RelatesTo{Type: event.RelReference, EventID: id.EventID(transactionID)},
+		Method:                    event.VerificationMethodSAS,
+		KeyAgreementProtocol:      event.KeyAgreementCurve25519HKDFSHA256,
+		Hash:                      event.VerificationHashSHA256,
+		MessageAuthenticationCode: event.HKDFHMACSHA256,
+		ShortAuthenticationString: sasMethods,
+		Commitment:                hash,
+		To:                        fromUser,
+	}
+
+	encrypted, err := mach.EncryptMegolmEvent(roomID, event.InRoomVerificationAccept, content)
+	if err != nil {
+		return err
+	}
+	_, err = mach.Client.SendMessageEvent(roomID, event.EventEncrypted, encrypted)
+	return err
+}
+
+// SendInRoomSASVerificationKey sends the ephemeral public key for a device to the partner device for an in-room verification.
+func (mach *OlmMachine) SendInRoomSASVerificationKey(roomID id.RoomID, userID id.UserID, transactionID string, key string) error {
+	content := &event.VerificationKeyEventContent{
+		RelatesTo: &event.RelatesTo{Type: event.RelReference, EventID: id.EventID(transactionID)},
+		Key:       key,
+		To:        userID,
+	}
+
+	encrypted, err := mach.EncryptMegolmEvent(roomID, event.InRoomVerificationKey, content)
+	if err != nil {
+		return err
+	}
+	_, err = mach.Client.SendMessageEvent(roomID, event.EventEncrypted, encrypted)
+	return err
+}
+
+// SendInRoomSASVerificationMAC sends the MAC of a device's key to the partner device for an in-room verification.
+func (mach *OlmMachine) SendInRoomSASVerificationMAC(roomID id.RoomID, userID id.UserID, deviceID id.DeviceID, transactionID string, sas *olm.SAS) error {
+	keyID := id.NewKeyID(id.KeyAlgorithmEd25519, mach.Client.DeviceID.String())
+
+	signingKey := mach.account.SigningKey()
+	keyIDsMap := map[id.KeyID]string{keyID: ""}
+	macMap := make(map[id.KeyID]string)
+
+	if mach.CrossSigningKeys != nil {
+		masterKey := mach.CrossSigningKeys.MasterKey.PublicKey
+		masterKeyID := id.NewKeyID(id.KeyAlgorithmEd25519, masterKey.String())
+		// add master key ID to key map
+		keyIDsMap[masterKeyID] = ""
+		masterKeyMAC, _, err := mach.getPKAndKeysMAC(sas, mach.Client.UserID, mach.Client.DeviceID,
+			userID, deviceID, transactionID, masterKey, masterKeyID, keyIDsMap)
+		if err != nil {
+			mach.Log.Error("Error generating master key MAC: %v", err)
+		} else {
+			mach.Log.Debug("Generated master key `%v` MAC: %v", masterKey, masterKeyMAC)
+			macMap[masterKeyID] = masterKeyMAC
+		}
+	}
+
+	pubKeyMac, keysMac, err := mach.getPKAndKeysMAC(sas, mach.Client.UserID, mach.Client.DeviceID, userID, deviceID, transactionID, signingKey, keyID, keyIDsMap)
+	if err != nil {
+		return err
+	}
+	mach.Log.Debug("MAC of key %s is: %s", signingKey, pubKeyMac)
+	mach.Log.Debug("MAC of key ID(s) %s is: %s", keyID, keysMac)
+	macMap[keyID] = pubKeyMac
+
+	content := &event.VerificationMacEventContent{
+		RelatesTo: &event.RelatesTo{Type: event.RelReference, EventID: id.EventID(transactionID)},
+		Keys:      keysMac,
+		Mac:       macMap,
+		To:        userID,
+	}
+
+	encrypted, err := mach.EncryptMegolmEvent(roomID, event.InRoomVerificationMAC, content)
+	if err != nil {
+		return err
+	}
+	_, err = mach.Client.SendMessageEvent(roomID, event.EventEncrypted, encrypted)
+	return err
+}
+
+// NewInRoomSASVerificationWith starts the in-room SAS verification process with another user in the given room.
+// It returns the generated transaction ID.
+func (mach *OlmMachine) NewInRoomSASVerificationWith(inRoomID id.RoomID, userID id.UserID, hooks VerificationHooks, timeout time.Duration) (string, error) {
+	return mach.newInRoomSASVerificationWithInner(inRoomID, &id.Device{UserID: userID}, hooks, "", timeout)
+}
+
+func (mach *OlmMachine) newInRoomSASVerificationWithInner(inRoomID id.RoomID, device *id.Device, hooks VerificationHooks, transactionID string, timeout time.Duration) (string, error) {
+	mach.Log.Debug("Starting new in-room verification transaction user %v", device.UserID)
+
+	request := transactionID == ""
+	if request {
+		var err error
+		// get new transaction ID from the request message event ID
+		transactionID, err = mach.SendInRoomSASVerificationRequest(inRoomID, device.UserID, hooks.VerificationMethods())
+		if err != nil {
+			return "", err
+		}
+	}
+	verState := &verificationState{
+		sas:                 olm.NewSAS(),
+		otherDevice:         device,
+		initiatedByUs:       true,
+		verificationStarted: false,
+		keyReceived:         false,
+		sasMatched:          make(chan bool, 1),
+		hooks:               hooks,
+		inRoomID:            inRoomID,
+	}
+	verState.lock.Lock()
+	defer verState.lock.Unlock()
+
+	if !request {
+		// start in-room verification
+		startEvent, err := mach.SendInRoomSASVerificationStart(inRoomID, device.UserID, transactionID, hooks.VerificationMethods())
+		if err != nil {
+			return "", err
+		}
+
+		payload, err := json.Marshal(startEvent)
+		if err != nil {
+			return "", err
+		}
+		canonical, err := canonicaljson.CanonicalJSON(payload)
+		if err != nil {
+			return "", err
+		}
+
+		verState.startEventCanonical = string(canonical)
+	}
+
+	mach.keyVerificationTransactionState.Store(device.UserID.String()+":"+transactionID, verState)
+
+	mach.timeoutAfter(verState, transactionID, timeout)
+
+	return transactionID, nil
+}
+
+func (mach *OlmMachine) handleInRoomVerificationReady(userID id.UserID, roomID id.RoomID, content *event.VerificationReadyEventContent, transactionID string) {
+	device, err := mach.GetOrFetchDevice(userID, content.FromDevice)
+	if err != nil {
+		mach.Log.Error("Error fetching device %v of user %v: %v", content.FromDevice, userID, err)
+		return
+	}
+
+	verState, err := mach.getTransactionState(transactionID, userID)
+	if err != nil {
+		mach.Log.Error("Error getting transaction state: %v", err)
+		return
+	}
+	//mach.keyVerificationTransactionState.Delete(userID.String() + ":" + transactionID)
+
+	if mach.Client.UserID < userID {
+		// up to us to send the start message
+		verState.lock.Lock()
+		mach.newInRoomSASVerificationWithInner(roomID, device, verState.hooks, transactionID, 10*time.Minute)
+		verState.lock.Unlock()
+	}
+}