Mercurial > libervia-backend
comparison sat/memory/encryption.py @ 3231:e756e0eb1be4
core (memory/encryption): automatic start encryption if peer send encrypted message:
If peer sends encrypted message and we have no encryption activated, we automatically
start encryption to avoid sending plain text message when answering.
markAsEncrypted now needs the encryption algorithm namespace as mandatory argument.
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Mon, 23 Mar 2020 17:52:18 +0100 |
| parents | cc3fea71c365 |
| children | c161ff21ca7c |
comparison
equal
deleted
inserted
replaced
| 3230:109d94c62b95 | 3231:e756e0eb1be4 |
|---|---|
| 440 def setEncryptionFlag(self, mess_data): | 440 def setEncryptionFlag(self, mess_data): |
| 441 """Set "encryption" key in mess_data if session with destinee is encrypted""" | 441 """Set "encryption" key in mess_data if session with destinee is encrypted""" |
| 442 to_jid = mess_data['to'] | 442 to_jid = mess_data['to'] |
| 443 encryption = self._sessions.get(to_jid.userhostJID()) | 443 encryption = self._sessions.get(to_jid.userhostJID()) |
| 444 if encryption is not None: | 444 if encryption is not None: |
| 445 if mess_data["type"] == "groupchat" and encryption['plugin'].directed: | 445 plugin = encryption['plugin'] |
| 446 if mess_data["type"] == "groupchat" and plugin.directed: | |
| 446 raise exceptions.InternalError( | 447 raise exceptions.InternalError( |
| 447 f"encryption flag must not be set for groupchat if encryption algorithm " | 448 f"encryption flag must not be set for groupchat if encryption algorithm " |
| 448 f"({encryption['plugin'].name}) is directed!") | 449 f"({encryption['plugin'].name}) is directed!") |
| 449 mess_data[C.MESS_KEY_ENCRYPTION] = encryption | 450 mess_data[C.MESS_KEY_ENCRYPTION] = encryption |
| 450 self.markAsEncrypted(mess_data) | 451 self.markAsEncrypted(mess_data, plugin.namespace) |
| 451 | 452 |
| 452 ## Misc ## | 453 ## Misc ## |
| 453 | 454 |
| 454 def markAsEncrypted(self, mess_data): | 455 def markAsEncrypted(self, mess_data, namespace): |
| 455 """Helper method to mark a message as having been e2e encrypted. | 456 """Helper method to mark a message as having been e2e encrypted. |
| 456 | 457 |
| 457 This should be used in the post_treat workflow of messageReceived trigger of | 458 This should be used in the post_treat workflow of messageReceived trigger of |
| 458 the plugin | 459 the plugin |
| 459 @param mess_data(dict): message data as used in post treat workflow | 460 @param mess_data(dict): message data as used in post treat workflow |
| 461 @param namespace(str): namespace of the algorithm used for encrypting the message | |
| 460 """ | 462 """ |
| 461 mess_data['extra'][C.MESS_KEY_ENCRYPTED] = True | 463 mess_data['extra'][C.MESS_KEY_ENCRYPTED] = True |
| 464 from_bare_jid = mess_data['from'].userhostJID() | |
| 465 if from_bare_jid != self.client.jid.userhostJID(): | |
| 466 session = self.getSession(from_bare_jid) | |
| 467 if session is None: | |
| 468 # if we are currently unencrypted, we start a session automatically | |
| 469 # to avoid sending unencrypted messages in an encrypted context | |
| 470 log.info(_( | |
| 471 "Starting e2e session with {peer_jid} as we receive encrypted " | |
| 472 "messages") | |
| 473 .format(peer_jid=from_bare_jid) | |
| 474 ) | |
| 475 defer.ensureDeferred(self.start(from_bare_jid, namespace)) | |
| 476 | |
| 462 return mess_data | 477 return mess_data |
| 463 | 478 |
| 464 def isEncryptionRequested(self, mess_data, namespace=None): | 479 def isEncryptionRequested(self, mess_data, namespace=None): |
| 465 """Helper method to check if encryption is requested in an outgoind message | 480 """Helper method to check if encryption is requested in an outgoind message |
| 466 | 481 |