Mercurial > libervia-backend
annotate sat/plugins/plugin_xep_0380.py @ 3237:b0c57c9a4bd8
plugin XEP-0384: OMEMO trust policy:
OMEMO trust policy can now be specified. For now there are 2 policies:
- `manual`: each new device fingerprint must be explicitly trusted or not before the
device can be used, and the message sent
- `BTBV` (Blind Trust Before Verification): each new device fingerprint is automically
trusted, until user manually trust or not a device, in which case the behaviour becomes
the same as for `manual` for the entity. When using the Trust UI, user can put the
entity back to blind trust if they wish.
A message is send as feedback to user when a new device is/must be trusted, trying to
explain clearly what's happening to the user.
Devices which have been automically trusted are marked, so user can know which ones may
cause security issue.
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Fri, 27 Mar 2020 10:02:14 +0100 |
| parents | dcebc585c29f |
| children | be6d91572633 |
| rev | line source |
|---|---|
| 3028 | 1 #!/usr/bin/env python3 |
| 3137 | 2 |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
3 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
4 # SAT plugin for Explicit Message Encryption |
| 3136 | 5 # Copyright (C) 2009-2020 Jérôme Poisson (goffi@goffi.org) |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
6 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
7 # This program is free software: you can redistribute it and/or modify |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
8 # it under the terms of the GNU Affero General Public License as published by |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
9 # the Free Software Foundation, either version 3 of the License, or |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
10 # (at your option) any later version. |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
11 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
12 # This program is distributed in the hope that it will be useful, |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
15 # GNU Affero General Public License for more details. |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
16 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
17 # You should have received a copy of the GNU Affero General Public License |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
19 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
20 from sat.core.i18n import _, D_ |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
21 from sat.core.constants import Const as C |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
22 from sat.core.log import getLogger |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
23 from twisted.words.protocols.jabber import jid |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
24 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
25 log = getLogger(__name__) |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
26 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
27 PLUGIN_INFO = { |
| 3028 | 28 C.PI_NAME: "Explicit Message Encryption", |
| 29 C.PI_IMPORT_NAME: "XEP-0380", | |
| 30 C.PI_TYPE: "SEC", | |
| 31 C.PI_PROTOCOLS: ["XEP-0380"], | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
32 C.PI_DEPENDENCIES: [], |
| 3028 | 33 C.PI_MAIN: "XEP_0380", |
| 34 C.PI_HANDLER: "no", | |
| 35 C.PI_DESCRIPTION: _("""Implementation of Explicit Message Encryption"""), | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
36 } |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
37 |
| 3028 | 38 NS_EME = "urn:xmpp:eme:0" |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
39 KNOWN_NAMESPACES = { |
| 3028 | 40 "urn:xmpp:otr:0": "OTR", |
| 41 "jabber:x:encrypted": "Legacy OpenPGP", | |
| 42 "urn:xmpp:openpgp:0": "OpenPGP for XMPP", | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
43 } |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
44 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
45 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
46 class XEP_0380(object): |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
47 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
48 def __init__(self, host): |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
49 self.host = host |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
50 host.trigger.add("sendMessage", self._sendMessageTrigger) |
|
3172
dcebc585c29f
core: renamed "MessageReceived" trigger to "messageReceived" for consistency.
Goffi <goffi@goffi.org>
parents:
3137
diff
changeset
|
51 host.trigger.add("messageReceived", self._messageReceivedTrigger, priority=100) |
| 3028 | 52 host.registerNamespace("eme", NS_EME) |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
53 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
54 def _addEMEElement(self, mess_data, namespace, name): |
| 3028 | 55 message_elt = mess_data['xml'] |
| 56 encryption_elt = message_elt.addElement((NS_EME, 'encryption')) | |
| 57 encryption_elt['namespace'] = namespace | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
58 if name is not None: |
| 3028 | 59 encryption_elt['name'] = name |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
60 return mess_data |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
61 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
62 def _sendMessageTrigger(self, client, mess_data, __, post_xml_treatments): |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
63 encryption = mess_data.get(C.MESS_KEY_ENCRYPTION) |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
64 if encryption is not None: |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
65 namespace = encryption['plugin'].namespace |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
66 if namespace not in KNOWN_NAMESPACES: |
| 3028 | 67 name = encryption['plugin'].name |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
68 else: |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
69 name = None |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
70 post_xml_treatments.addCallback( |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
71 self._addEMEElement, namespace=namespace, name=name) |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
72 return True |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
73 |
|
3172
dcebc585c29f
core: renamed "MessageReceived" trigger to "messageReceived" for consistency.
Goffi <goffi@goffi.org>
parents:
3137
diff
changeset
|
74 def _messageReceivedTrigger(self, client, message_elt, post_treat): |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
75 try: |
| 3028 | 76 encryption_elt = next(message_elt.elements(NS_EME, 'encryption')) |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
77 except StopIteration: |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
78 return True |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
79 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
80 namespace = encryption_elt['namespace'] |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
81 if namespace in client.encryption.getNamespaces(): |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
82 # message is encrypted and we can decrypt it |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
83 return True |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
84 |
| 3028 | 85 name = KNOWN_NAMESPACES.get(namespace, encryption_elt.getAttribute("name")) |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
86 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
87 # at this point, message is encrypted but we know that we can't decrypt it, |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
88 # we need to notify the user |
| 3028 | 89 sender_s = message_elt['from'] |
| 90 to_jid = jid.JID(message_elt['from']) | |
| 91 algorithm = "{} [{}]".format(name, namespace) if name else namespace | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
92 log.warning( |
| 3028 | 93 _("Message from {sender} is encrypted with {algorithm} and we can't " |
| 94 "decrypt it.".format(sender=message_elt['from'], algorithm=algorithm))) | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
95 |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
96 user_msg = D_( |
| 3028 | 97 "User {sender} sent you an encrypted message (encrypted with {algorithm}), " |
| 98 "and we can't decrypt it.").format(sender=sender_s, algorithm=algorithm) | |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
99 |
|
2754
3bea6b5ae972
plugin XEP-0380, XEP-0384: use C.EXTRA_INFO_DECR_ERR as info sub-type when a message can't be decrypted.
Goffi <goffi@goffi.org>
parents:
2750
diff
changeset
|
100 extra = {C.MESS_EXTRA_INFO: C.EXTRA_INFO_DECR_ERR} |
|
2750
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
101 client.feedback(to_jid, user_msg, extra) |
|
ae495f27b316
plugin XEP-0380: Explicit Message Encryption implementation
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
102 return False |