Skip to content

Commit

Permalink
chore(mls): unify MLSClientIdentity models (WPB-9774) (#2818) (#2900)
Browse files Browse the repository at this point in the history
* chore: refactor identity models

* fix tests

* user correct clientId and Handle in MLSClientIdentity object

* clean mapping object checker

* fix formatting and remove one line un-used code

---------

Co-authored-by: Vitor Hugo Schwaab <[email protected]>

(cherry picked from commit 8f000c0)
  • Loading branch information
mchenani authored Jul 25, 2024
1 parent 1ef12c2 commit 5b59861
Show file tree
Hide file tree
Showing 26 changed files with 477 additions and 459 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
package com.wire.kalium.cryptography

import com.wire.crypto.BufferedDecryptedMessage
import com.wire.crypto.Ciphersuite
import com.wire.crypto.ConversationConfiguration
import com.wire.crypto.CoreCrypto
import com.wire.crypto.CustomConfiguration
Expand All @@ -28,7 +29,6 @@ import com.wire.crypto.MlsCredentialType
import com.wire.crypto.MlsGroupInfoEncryptionType
import com.wire.crypto.MlsRatchetTreeType
import com.wire.crypto.MlsWirePolicy
import com.wire.crypto.Ciphersuite
import io.ktor.util.decodeBase64Bytes
import io.ktor.util.encodeBase64
import kotlin.time.Duration
Expand Down Expand Up @@ -332,18 +332,26 @@ class MLSClientImpl(
return clientId?.let {
WireIdentity(
CryptoQualifiedClientId.fromEncodedString(value.clientId)!!,
value.x509Identity?.handle,
value.x509Identity?.displayName,
value.x509Identity?.domain,
value.x509Identity?.certificate,
toDeviceStatus(value.status),
value.thumbprint,
value.x509Identity?.serialNumber,
value.x509Identity?.notAfter?.toLong()
toCredentialType(value.credentialType),
value.x509Identity?.let {
toX509Identity(it)
}
)
}
}

fun toX509Identity(value: com.wire.crypto.X509Identity) = WireIdentity.X509Identity(
handle = WireIdentity.Handle.fromString(value.handle, value.domain),
displayName = value.displayName,
domain = value.domain,
certificate = value.certificate,
serialNumber = value.serialNumber,
notBefore = value.notBefore.toLong(),
notAfter = value.notAfter.toLong()
)

fun toDeviceStatus(value: com.wire.crypto.DeviceStatus) = when (value) {
com.wire.crypto.DeviceStatus.VALID -> CryptoCertificateStatus.VALID
com.wire.crypto.DeviceStatus.EXPIRED -> CryptoCertificateStatus.EXPIRED
Expand Down Expand Up @@ -403,6 +411,11 @@ class MLSClientImpl(
CredentialType.X509 -> MlsCredentialType.X509
}

fun toCredentialType(value: MlsCredentialType) = when (value) {
MlsCredentialType.BASIC -> CredentialType.Basic
MlsCredentialType.X509 -> CredentialType.X509
}

fun toCrlRegistration(value: com.wire.crypto.CrlRegistration) = CrlRegistration(
value.dirty,
value.expiration
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -78,54 +78,19 @@ data class CryptoQualifiedClientId(

data class WireIdentity(
val clientId: CryptoQualifiedClientId,
val certificate: Certificate?,
val status: CryptoCertificateStatus,
val thumbprint: String,
val credentialType: CredentialType,
val x509Identity: X509Identity?
) {
companion object {
@Suppress("LongParameterList")
operator fun invoke(
clientId: CryptoQualifiedClientId,
handle: String?,
displayName: String?,
domain: String?,
certificate: String?,
status: CryptoCertificateStatus,
thumbprint: String?,
serialNumber: String?,
endTimestampSeconds: Long?
): WireIdentity {
@Suppress("ComplexCondition")
val certificateData = if (handle == null || displayName == null || domain == null || certificate == null
|| thumbprint == null || serialNumber == null || endTimestampSeconds == null
) {
null
} else {
Certificate(
Handle.fromString(handle, domain),
displayName,
domain,
certificate,
thumbprint,
serialNumber,
endTimestampSeconds
)
}
return WireIdentity(
clientId = clientId,
certificate = certificateData,
status = status
)
}
}

data class Certificate(
data class X509Identity(
val handle: Handle,
val displayName: String,
val domain: String,
val certificate: String,
val thumbprint: String,
val serialNumber: String,
val endTimestampSeconds: Long
val notBefore: Long,
val notAfter: Long
)

// WireIdentity handle format is "{scheme}%40{username}@{domain}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,12 @@

package com.wire.kalium.logic.data.id

import kotlinx.serialization.SerialName
import kotlinx.serialization.Serializable
import kotlin.jvm.JvmInline

@JvmInline
value class PlainId(val value: String)
@Serializable
value class PlainId(@SerialName("value") val value: String)

typealias TeamId = PlainId
Original file line number Diff line number Diff line change
Expand Up @@ -60,9 +60,10 @@ value class SubconversationId(val value: String) {
fun toLogString() = value.obfuscateId()
}

@Serializable
data class QualifiedClientID(
val clientId: ClientId,
val userId: UserId
@SerialName("clientId") val clientId: ClientId,
@SerialName("userId") val userId: UserId
)

typealias MessageId = String
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,17 +33,5 @@ fun com.wire.kalium.cryptography.DecryptedMessageBundle.toModel(groupID: GroupID
)
},
commitDelay,
identity?.let { identity ->
identity.certificate?.let { certificate ->
E2EIdentity(
identity.clientId,
certificate.handle.handle,
certificate.displayName,
certificate.domain,
certificate.certificate,
identity.status,
certificate.thumbprint
)
}
}
identity
)
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@
package com.wire.kalium.logic.data.conversation

import com.wire.kalium.cryptography.CommitBundle
import com.wire.kalium.cryptography.CryptoCertificateStatus
import com.wire.kalium.cryptography.CryptoQualifiedClientId
import com.wire.kalium.cryptography.E2EIClient
import com.wire.kalium.cryptography.MLSClient
Expand Down Expand Up @@ -99,17 +98,7 @@ data class DecryptedMessageBundle(
val groupID: GroupID,
val applicationMessage: ApplicationMessage?,
val commitDelay: Long?,
val identity: E2EIdentity?
)

data class E2EIdentity(
val clientId: CryptoQualifiedClientId,
val handle: String,
val displayName: String,
val domain: String,
val certificate: String,
val status: CryptoCertificateStatus,
val thumbprint: String
val identity: WireIdentity?
)

@Suppress("TooManyFunctions", "LongParameterList")
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -101,8 +101,6 @@ import com.wire.kalium.logic.data.user.type.DomainUserTypeMapper
import com.wire.kalium.logic.data.user.type.DomainUserTypeMapperImpl
import com.wire.kalium.logic.data.user.type.UserEntityTypeMapper
import com.wire.kalium.logic.data.user.type.UserEntityTypeMapperImpl
import com.wire.kalium.logic.feature.e2ei.CertificateStatusMapper
import com.wire.kalium.logic.feature.e2ei.CertificateStatusMapperImpl

@Suppress("TooManyFunctions")
internal object MapperProvider {
Expand Down Expand Up @@ -180,5 +178,4 @@ internal object MapperProvider {
fun serviceMapper(): ServiceMapper = ServiceMapper()
fun legalHoldStatusMapper(): LegalHoldStatusMapper = LegalHoldStatusMapperImpl
fun acmeMapper(): AcmeMapper = AcmeMapperImpl()
fun certificateStatusMapper(): CertificateStatusMapper = CertificateStatusMapperImpl()
}
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,8 @@ enum class CertificateStatus {
EXPIRED,
VALID
}

enum class UserVerificationStatus {
Verified,
NotVerified
}

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -17,40 +17,89 @@
*/
package com.wire.kalium.logic.feature.e2ei

import com.wire.kalium.cryptography.CredentialType
import com.wire.kalium.cryptography.CryptoCertificateStatus
import com.wire.kalium.cryptography.WireIdentity
import com.wire.kalium.logic.di.MapperProvider
import com.wire.kalium.logic.data.id.QualifiedClientID
import com.wire.kalium.logic.data.id.toModel
import kotlinx.datetime.Instant
import kotlinx.serialization.SerialName
import kotlinx.serialization.Serializable

@Serializable
data class E2eiCertificate(
@SerialName("userHandle")
var userHandle: String,
@SerialName("status")
val status: CertificateStatus,
@SerialName("serialNumber")
val serialNumber: String,
@SerialName("certificateDetail")
val certificateDetail: String,
@SerialName("thumbprint")
val thumbprint: String,
@SerialName("endAt")
val endAt: Instant
data class MLSClientIdentity(
@SerialName("clientId") val clientId: QualifiedClientID,
@SerialName("e2eiStatus") val e2eiStatus: MLSClientE2EIStatus,
@SerialName("thumbprint") val thumbprint: String,
@SerialName("credentialType") val credentialType: MLSCredentialsType,
@SerialName("x509Identity") val x509Identity: X509Identity?
) {
companion object {
private val certificateStatusMapper = MapperProvider.certificateStatusMapper()

fun fromWireIdentity(identity: WireIdentity): E2eiCertificate? =
identity.certificate?.let {
E2eiCertificate(
userHandle = it.handle.handle,
status = certificateStatusMapper.toCertificateStatus(identity.status),
fun fromWireIdentity(identity: WireIdentity): MLSClientIdentity = MLSClientIdentity(
clientId = identity.clientId.toModel(),
e2eiStatus = MLSClientE2EIStatus.fromCryptoStatus(identity),
thumbprint = identity.thumbprint,
credentialType = MLSCredentialsType.fromCrypto(identity.credentialType),
x509Identity = identity.x509Identity?.let {
X509Identity(
handle = Handle.fromWireIdentity(it.handle),
displayName = it.displayName,
domain = it.domain,
serialNumber = it.serialNumber,
certificateDetail = it.certificate,
thumbprint = it.thumbprint,
endAt = Instant.fromEpochSeconds(it.endTimestampSeconds)
certificate = it.certificate,
notBefore = Instant.fromEpochSeconds(it.notBefore),
notAfter = Instant.fromEpochSeconds(it.notAfter)
)
}
)
}
}

@Serializable
data class X509Identity(
@SerialName("handle") val handle: Handle,
@SerialName("displayName") val displayName: String,
@SerialName("domain") val domain: String,
@SerialName("serialNumber") val serialNumber: String,
@SerialName("certificateDetail") val certificate: String,
@SerialName("notBefore") val notBefore: Instant,
@SerialName("notAfter") val notAfter: Instant
)

@Serializable
data class Handle(
@SerialName("scheme") val scheme: String,
@SerialName("handle") val handle: String,
@SerialName("domain") val domain: String
) {
companion object {
fun fromWireIdentity(handle: WireIdentity.Handle) =
Handle(handle.scheme, handle.handle, handle.domain)
}
}

enum class MLSClientE2EIStatus {
REVOKED, EXPIRED, VALID, NOT_ACTIVATED;

companion object {
fun fromCryptoStatus(identity: WireIdentity) =
if (identity.credentialType == CredentialType.Basic || identity.x509Identity == null)
NOT_ACTIVATED
else when (identity.status) {
CryptoCertificateStatus.REVOKED -> REVOKED
CryptoCertificateStatus.EXPIRED -> EXPIRED
CryptoCertificateStatus.VALID -> VALID
}
}
}

enum class MLSCredentialsType {
X509, BASIC;

companion object {
fun fromCrypto(value: CredentialType) = when (value) {
CredentialType.Basic -> BASIC
CredentialType.X509 -> X509
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
package com.wire.kalium.logic.feature.e2ei.usecase

import com.benasher44.uuid.uuid4
import com.wire.kalium.cryptography.CredentialType
import com.wire.kalium.cryptography.CryptoCertificateStatus
import com.wire.kalium.cryptography.WireIdentity
import com.wire.kalium.logger.KaliumLogger
Expand Down Expand Up @@ -115,9 +116,10 @@ internal class FetchMLSVerificationStatusUseCaseImpl(
val persistedMemberInfo = dbData.members[userId]
val isUserVerified = wireIdentity.firstOrNull {
it.status != CryptoCertificateStatus.VALID ||
it.certificate == null ||
it.certificate?.displayName != persistedMemberInfo?.name ||
it.certificate?.handle?.handle != persistedMemberInfo?.handle
it.credentialType != CredentialType.X509 ||
it.x509Identity == null ||
it.x509Identity?.displayName != persistedMemberInfo?.name ||
it.x509Identity?.handle?.handle != persistedMemberInfo?.handle
} == null
if (!isUserVerified) {
newStatus = VerificationStatus.NOT_VERIFIED
Expand Down
Loading

0 comments on commit 5b59861

Please sign in to comment.