From effe99a4c0006cf159ab7342cc27b13c2d1cf2e6 Mon Sep 17 00:00:00 2001 From: Melvin Keskin Date: Fri, 17 Sep 2021 01:38:29 +0200 Subject: AtmManager: Use security policies --- src/client/QXmppAtmManager.cpp | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'src/client/QXmppAtmManager.cpp') diff --git a/src/client/QXmppAtmManager.cpp b/src/client/QXmppAtmManager.cpp index df3b1350..fb14aec0 100644 --- a/src/client/QXmppAtmManager.cpp +++ b/src/client/QXmppAtmManager.cpp @@ -52,6 +52,13 @@ using namespace QXmpp::Private; /// QXmppTrustStorage *trustStorage = new QXmppTrustMemoryStorage; /// \endcode /// +/// You can set a security policy used by ATM via the trust manager. +/// Is is recommended to apply TOAKAFA for good security and usability when +/// using \xep{0384, OMEMO Encryption}: +/// \code +/// trustStorage->setSecurityPolicy("urn:xmpp:omemo:1", QXmppTrustStorage::Toakafa); +/// \endcode +/// /// Afterwards, this manager must be added with the storage: /// \code /// QXmppAtmManager *manager = new QXmppAtmManager(trustStorage); @@ -402,13 +409,20 @@ QFuture QXmppAtmManager::authenticate(const QString &encryption, const QMu } else { auto future = m_trustStorage->setTrustLevel(encryption, keyIds, QXmppTrustStorage::Authenticated); await(future, this, [=]() { - auto future = distrustAutomaticallyTrustedKeys(encryption, keyIds.uniqueKeys()); - await(future, this, [=]() { + if (m_trustStorage->securityPolicy(encryption) == QXmppTrustStorage::Toakafa) { + auto future = distrustAutomaticallyTrustedKeys(encryption, keyIds.uniqueKeys()); + await(future, this, [=]() { + auto future = makePostponedTrustDecisions(encryption, keyIds.values()); + await(future, this, [=]() { + interface->reportFinished(); + }); + }); + } else { auto future = makePostponedTrustDecisions(encryption, keyIds.values()); await(future, this, [=]() { interface->reportFinished(); }); - }); + } }); } -- cgit v1.2.3