Use constant for sas verification mac

This commit is contained in:
Nicolas Werner 2024-01-14 03:55:22 +01:00
parent 575d4afee6
commit c130e4cf06
No known key found for this signature in database
GPG Key ID: C8D75E610773F2D9

View File

@ -20,6 +20,8 @@
static constexpr int TIMEOUT = 2 * 60 * 1000; // 2 minutes static constexpr int TIMEOUT = 2 * 60 * 1000; // 2 minutes
static constexpr std::string_view mac_method_alg_v1 = "hkdf-hmac-sha256";
static mtx::events::msg::KeyVerificationMac static mtx::events::msg::KeyVerificationMac
key_verification_mac(mtx::crypto::SAS *sas, key_verification_mac(mtx::crypto::SAS *sas,
mtx::identifiers::User sender, mtx::identifiers::User sender,
@ -121,7 +123,7 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *,
} }
if ((msg.key_agreement_protocol == "curve25519-hkdf-sha256") && if ((msg.key_agreement_protocol == "curve25519-hkdf-sha256") &&
(msg.hash == "sha256") && (msg.hash == "sha256") &&
(msg.message_authentication_code == "hkdf-hmac-sha256")) { (msg.message_authentication_code == mac_method_alg_v1)) {
this->commitment = msg.commitment; this->commitment = msg.commitment;
if (std::find(msg.short_authentication_string.begin(), if (std::find(msg.short_authentication_string.begin(),
msg.short_authentication_string.end(), msg.short_authentication_string.end(),
@ -572,22 +574,15 @@ DeviceVerificationFlow::handleStartMessage(const mtx::events::msg::KeyVerificati
return; return;
} }
if ((std::find(msg.key_agreement_protocols.begin(), // TODO(Nico): Replace with contains once we use C++23
msg.key_agreement_protocols.end(), if (std::ranges::count(msg.key_agreement_protocols, "curve25519-hkdf-sha256") &&
"curve25519-hkdf-sha256") != msg.key_agreement_protocols.end()) && std::ranges::count(msg.hashes, "sha256") &&
(std::find(msg.hashes.begin(), msg.hashes.end(), "sha256") != msg.hashes.end()) && std::ranges::count(msg.message_authentication_codes, mac_method_alg_v1)) {
(std::find(msg.message_authentication_codes.begin(), if (std::ranges::count(msg.short_authentication_string,
msg.message_authentication_codes.end(), mtx::events::msg::SASMethods::Emoji)) {
"hkdf-hmac-sha256") != msg.message_authentication_codes.end())) {
if (std::find(msg.short_authentication_string.begin(),
msg.short_authentication_string.end(),
mtx::events::msg::SASMethods::Emoji) !=
msg.short_authentication_string.end()) {
this->method = mtx::events::msg::SASMethods::Emoji; this->method = mtx::events::msg::SASMethods::Emoji;
} else if (std::find(msg.short_authentication_string.begin(), } else if (std::ranges::count(msg.short_authentication_string,
msg.short_authentication_string.end(), mtx::events::msg::SASMethods::Decimal)) {
mtx::events::msg::SASMethods::Decimal) !=
msg.short_authentication_string.end()) {
this->method = mtx::events::msg::SASMethods::Decimal; this->method = mtx::events::msg::SASMethods::Decimal;
} else { } else {
this->cancelVerification(DeviceVerificationFlow::Error::UnknownMethod); this->cancelVerification(DeviceVerificationFlow::Error::UnknownMethod);
@ -633,7 +628,7 @@ DeviceVerificationFlow::acceptVerificationRequest()
req.method = mtx::events::msg::VerificationMethods::SASv1; req.method = mtx::events::msg::VerificationMethods::SASv1;
req.key_agreement_protocol = "curve25519-hkdf-sha256"; req.key_agreement_protocol = "curve25519-hkdf-sha256";
req.hash = "sha256"; req.hash = "sha256";
req.message_authentication_code = "hkdf-hmac-sha256"; req.message_authentication_code = mac_method_alg_v1;
if (this->method == mtx::events::msg::SASMethods::Emoji) if (this->method == mtx::events::msg::SASMethods::Emoji)
req.short_authentication_string = {mtx::events::msg::SASMethods::Emoji}; req.short_authentication_string = {mtx::events::msg::SASMethods::Emoji};
else if (this->method == mtx::events::msg::SASMethods::Decimal) else if (this->method == mtx::events::msg::SASMethods::Decimal)
@ -678,7 +673,7 @@ DeviceVerificationFlow::startVerificationRequest()
req.method = mtx::events::msg::VerificationMethods::SASv1; req.method = mtx::events::msg::VerificationMethods::SASv1;
req.key_agreement_protocols = {"curve25519-hkdf-sha256"}; req.key_agreement_protocols = {"curve25519-hkdf-sha256"};
req.hashes = {"sha256"}; req.hashes = {"sha256"};
req.message_authentication_codes = {"hkdf-hmac-sha256"}; req.message_authentication_codes = {std::string(mac_method_alg_v1)};
req.short_authentication_string = {mtx::events::msg::SASMethods::Decimal, req.short_authentication_string = {mtx::events::msg::SASMethods::Decimal,
mtx::events::msg::SASMethods::Emoji}; mtx::events::msg::SASMethods::Emoji};