crypto.go 8.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279
  1. // mautrix-whatsapp - A Matrix-WhatsApp puppeting bridge.
  2. // Copyright (C) 2020 Tulir Asokan
  3. //
  4. // This program is free software: you can redistribute it and/or modify
  5. // it under the terms of the GNU Affero General Public License as published by
  6. // the Free Software Foundation, either version 3 of the License, or
  7. // (at your option) any later version.
  8. //
  9. // This program is distributed in the hope that it will be useful,
  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. // GNU Affero General Public License for more details.
  13. //
  14. // You should have received a copy of the GNU Affero General Public License
  15. // along with this program. If not, see <https://www.gnu.org/licenses/>.
  16. // +build cgo,!nocrypto
  17. package main
  18. import (
  19. "crypto/hmac"
  20. "crypto/sha512"
  21. "encoding/hex"
  22. "fmt"
  23. "time"
  24. "github.com/pkg/errors"
  25. "maunium.net/go/maulogger/v2"
  26. "maunium.net/go/mautrix"
  27. "maunium.net/go/mautrix/crypto"
  28. "maunium.net/go/mautrix/event"
  29. "maunium.net/go/mautrix/id"
  30. "maunium.net/go/mautrix-whatsapp/database"
  31. )
  32. var levelTrace = maulogger.Level{
  33. Name: "Trace",
  34. Severity: -10,
  35. Color: -1,
  36. }
  37. type CryptoHelper struct {
  38. bridge *Bridge
  39. client *mautrix.Client
  40. mach *crypto.OlmMachine
  41. store *database.SQLCryptoStore
  42. log maulogger.Logger
  43. baseLog maulogger.Logger
  44. }
  45. func NewCryptoHelper(bridge *Bridge) Crypto {
  46. if !bridge.Config.Bridge.Encryption.Allow {
  47. bridge.Log.Debugln("Bridge built with end-to-bridge encryption, but disabled in config")
  48. return nil
  49. } else if bridge.Config.Bridge.LoginSharedSecret == "" {
  50. bridge.Log.Warnln("End-to-bridge encryption enabled, but login_shared_secret not set")
  51. return nil
  52. }
  53. baseLog := bridge.Log.Sub("Crypto")
  54. return &CryptoHelper{
  55. bridge: bridge,
  56. log: baseLog.Sub("Helper"),
  57. baseLog: baseLog,
  58. }
  59. }
  60. func (helper *CryptoHelper) Init() error {
  61. helper.log.Debugln("Initializing end-to-bridge encryption...")
  62. helper.store = database.NewSQLCryptoStore(helper.bridge.DB, helper.bridge.AS.BotMXID(),
  63. fmt.Sprintf("@%s:%s", helper.bridge.Config.Bridge.FormatUsername("%"), helper.bridge.AS.HomeserverDomain))
  64. var err error
  65. helper.client, err = helper.loginBot()
  66. if err != nil {
  67. return err
  68. }
  69. helper.log.Debugln("Logged in as bridge bot with device ID", helper.client.DeviceID)
  70. logger := &cryptoLogger{helper.baseLog}
  71. stateStore := &cryptoStateStore{helper.bridge}
  72. helper.mach = crypto.NewOlmMachine(helper.client, logger, helper.store, stateStore)
  73. helper.mach.AllowKeyShare = helper.allowKeyShare
  74. helper.client.Logger = logger.int.Sub("Bot")
  75. helper.client.Syncer = &cryptoSyncer{helper.mach}
  76. helper.client.Store = &cryptoClientStore{helper.store}
  77. return helper.mach.Load()
  78. }
  79. func (helper *CryptoHelper) allowKeyShare(device *crypto.DeviceIdentity, info event.RequestedKeyInfo) *crypto.KeyShareRejection {
  80. cfg := helper.bridge.Config.Bridge.Encryption.KeySharing
  81. if !cfg.Allow {
  82. return &crypto.KeyShareRejectNoResponse
  83. } else if device.Trust == crypto.TrustStateBlacklisted {
  84. return &crypto.KeyShareRejectBlacklisted
  85. } else if device.Trust == crypto.TrustStateVerified || !cfg.RequireVerification {
  86. portal := helper.bridge.GetPortalByMXID(info.RoomID)
  87. if portal == nil {
  88. helper.log.Debugfln("Rejecting key request for %s from %s/%s: room is not a portal", info.SessionID, device.UserID, device.DeviceID)
  89. return &crypto.KeyShareRejection{Code: event.RoomKeyWithheldUnavailable, Reason: "Requested room is not a portal room"}
  90. }
  91. user := helper.bridge.GetUserByMXID(device.UserID)
  92. if !user.IsInPortal(portal.Key) {
  93. helper.log.Debugfln("Rejecting key request for %s from %s/%s: user is not in portal", info.SessionID, device.UserID, device.DeviceID)
  94. return &crypto.KeyShareRejection{Code: event.RoomKeyWithheldUnauthorized, Reason: "You're not in that portal"}
  95. }
  96. helper.log.Debugfln("Accepting key request for %s from %s/%s", info.SessionID, device.UserID, device.DeviceID)
  97. return nil
  98. } else {
  99. return &crypto.KeyShareRejectUnverified
  100. }
  101. }
  102. func (helper *CryptoHelper) loginBot() (*mautrix.Client, error) {
  103. deviceID := helper.store.FindDeviceID()
  104. if len(deviceID) > 0 {
  105. helper.log.Debugln("Found existing device ID for bot in database:", deviceID)
  106. }
  107. mac := hmac.New(sha512.New, []byte(helper.bridge.Config.Bridge.LoginSharedSecret))
  108. mac.Write([]byte(helper.bridge.AS.BotMXID()))
  109. client, err := mautrix.NewClient(helper.bridge.AS.HomeserverURL, "", "")
  110. if err != nil {
  111. return nil, err
  112. }
  113. resp, err := client.Login(&mautrix.ReqLogin{
  114. Type: "m.login.password",
  115. Identifier: mautrix.UserIdentifier{Type: "m.id.user", User: string(helper.bridge.AS.BotMXID())},
  116. Password: hex.EncodeToString(mac.Sum(nil)),
  117. DeviceID: deviceID,
  118. InitialDeviceDisplayName: "WhatsApp Bridge",
  119. StoreCredentials: true,
  120. })
  121. if err != nil {
  122. return nil, err
  123. }
  124. if len(deviceID) == 0 {
  125. helper.store.DeviceID = resp.DeviceID
  126. }
  127. return client, nil
  128. }
  129. func (helper *CryptoHelper) Start() {
  130. helper.log.Debugln("Starting syncer for receiving to-device messages")
  131. err := helper.client.Sync()
  132. if err != nil {
  133. helper.log.Errorln("Fatal error syncing:", err)
  134. }
  135. }
  136. func (helper *CryptoHelper) Stop() {
  137. helper.client.StopSync()
  138. }
  139. func (helper *CryptoHelper) Decrypt(evt *event.Event) (*event.Event, error) {
  140. return helper.mach.DecryptMegolmEvent(evt)
  141. }
  142. func (helper *CryptoHelper) Encrypt(roomID id.RoomID, evtType event.Type, content event.Content) (*event.EncryptedEventContent, error) {
  143. encrypted, err := helper.mach.EncryptMegolmEvent(roomID, evtType, &content)
  144. if err != nil {
  145. if err != crypto.SessionExpired && err != crypto.SessionNotShared && err != crypto.NoGroupSession {
  146. return nil, err
  147. }
  148. helper.log.Debugfln("Got %v while encrypting event for %s, sharing group session and trying again...", err, roomID)
  149. users, err := helper.store.GetRoomMembers(roomID)
  150. if err != nil {
  151. return nil, errors.Wrap(err, "failed to get room member list")
  152. }
  153. err = helper.mach.ShareGroupSession(roomID, users)
  154. if err != nil {
  155. return nil, errors.Wrap(err, "failed to share group session")
  156. }
  157. encrypted, err = helper.mach.EncryptMegolmEvent(roomID, evtType, &content)
  158. if err != nil {
  159. return nil, errors.Wrap(err, "failed to encrypt event after re-sharing group session")
  160. }
  161. }
  162. return encrypted, nil
  163. }
  164. func (helper *CryptoHelper) HandleMemberEvent(evt *event.Event) {
  165. helper.mach.HandleMemberEvent(evt)
  166. }
  167. type cryptoSyncer struct {
  168. *crypto.OlmMachine
  169. }
  170. func (syncer *cryptoSyncer) ProcessResponse(resp *mautrix.RespSync, since string) error {
  171. syncer.ProcessSyncResponse(resp, since)
  172. return nil
  173. }
  174. func (syncer *cryptoSyncer) OnFailedSync(_ *mautrix.RespSync, err error) (time.Duration, error) {
  175. syncer.Log.Error("Error /syncing, waiting 10 seconds: %v", err)
  176. return 10 * time.Second, nil
  177. }
  178. func (syncer *cryptoSyncer) GetFilterJSON(_ id.UserID) *mautrix.Filter {
  179. everything := []event.Type{{Type: "*"}}
  180. return &mautrix.Filter{
  181. Presence: mautrix.FilterPart{NotTypes: everything},
  182. AccountData: mautrix.FilterPart{NotTypes: everything},
  183. Room: mautrix.RoomFilter{
  184. IncludeLeave: false,
  185. Ephemeral: mautrix.FilterPart{NotTypes: everything},
  186. AccountData: mautrix.FilterPart{NotTypes: everything},
  187. State: mautrix.FilterPart{NotTypes: everything},
  188. Timeline: mautrix.FilterPart{NotTypes: everything},
  189. },
  190. }
  191. }
  192. type cryptoLogger struct {
  193. int maulogger.Logger
  194. }
  195. func (c *cryptoLogger) Error(message string, args ...interface{}) {
  196. c.int.Errorfln(message, args...)
  197. }
  198. func (c *cryptoLogger) Warn(message string, args ...interface{}) {
  199. c.int.Warnfln(message, args...)
  200. }
  201. func (c *cryptoLogger) Debug(message string, args ...interface{}) {
  202. c.int.Debugfln(message, args...)
  203. }
  204. func (c *cryptoLogger) Trace(message string, args ...interface{}) {
  205. c.int.Logfln(levelTrace, message, args...)
  206. }
  207. type cryptoClientStore struct {
  208. int *database.SQLCryptoStore
  209. }
  210. func (c cryptoClientStore) SaveFilterID(_ id.UserID, _ string) {}
  211. func (c cryptoClientStore) LoadFilterID(_ id.UserID) string { return "" }
  212. func (c cryptoClientStore) SaveRoom(_ *mautrix.Room) {}
  213. func (c cryptoClientStore) LoadRoom(_ id.RoomID) *mautrix.Room { return nil }
  214. func (c cryptoClientStore) SaveNextBatch(_ id.UserID, nextBatchToken string) {
  215. c.int.PutNextBatch(nextBatchToken)
  216. }
  217. func (c cryptoClientStore) LoadNextBatch(_ id.UserID) string {
  218. return c.int.GetNextBatch()
  219. }
  220. var _ mautrix.Storer = (*cryptoClientStore)(nil)
  221. type cryptoStateStore struct {
  222. bridge *Bridge
  223. }
  224. var _ crypto.StateStore = (*cryptoStateStore)(nil)
  225. func (c *cryptoStateStore) IsEncrypted(id id.RoomID) bool {
  226. portal := c.bridge.GetPortalByMXID(id)
  227. if portal != nil {
  228. return portal.Encrypted
  229. }
  230. return false
  231. }
  232. func (c *cryptoStateStore) FindSharedRooms(id id.UserID) []id.RoomID {
  233. return c.bridge.StateStore.FindSharedRooms(id)
  234. }
  235. func (c *cryptoStateStore) GetEncryptionEvent(id.RoomID) *event.EncryptionEventContent {
  236. // TODO implement
  237. return nil
  238. }