Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: Fetch immediately-available sender data when we receive a room key #3590

Merged
merged 29 commits into from
Jul 16, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
5d3f9ed
crypto: Calculate sender data for incoming sessions
andybalaam Jun 14, 2024
a8566fc
Merge branch 'main' into andybalaam/sender_data_from_to_device
andybalaam Jul 10, 2024
e66f443
fixup: rename msk to master_key
andybalaam Jul 10, 2024
e41fe94
fixup: Don't panic if our identity is not our own - just give up instead
andybalaam Jul 10, 2024
36192f9
fixup: Fix references to arguments in doc
andybalaam Jul 10, 2024
4f34e0c
fixup: formatting
andybalaam Jul 10, 2024
50e4acf
fixup: surface store errors
andybalaam Jul 10, 2024
b154b87
fixup: Set up for tests using a real MemoryStore instead of a fake
andybalaam Jul 12, 2024
41d024b
fixup: Remove generics from SenderDataFinder
andybalaam Jul 12, 2024
5a604d7
fixup: remove unnecessary clone
andybalaam Jul 12, 2024
b8cb11e
fixup: Fix doc link
andybalaam Jul 12, 2024
df5b352
fixup: Forget user_id since Store already knows it
andybalaam Jul 12, 2024
d74561c
fixup: Take a Store directly in SenderDataFinder
andybalaam Jul 12, 2024
93ba085
fixup: Calculate SenderData inside share_room_key
andybalaam Jul 12, 2024
ee78722
fixup: Include a flow chart explaining SenderDataFinder
andybalaam Jul 12, 2024
a400042
fixup: Remove excess let binding
andybalaam Jul 12, 2024
2aa87ef
Merge branch 'main' into andybalaam/sender_data_from_to_device
andybalaam Jul 12, 2024
5168210
fixup: Adapt to renames
andybalaam Jul 12, 2024
4fef0a6
fixup: Allow creating Devices in Store, and pass around devices in Se…
andybalaam Jul 15, 2024
831d99d
fixup: rename create_device to wrap_device_data
andybalaam Jul 15, 2024
fb773ae
fixup: Remove github links and align doc comments with flowchart
andybalaam Jul 15, 2024
8f1a4b1
fixup: Use methods on Device instead of rolling our own
andybalaam Jul 15, 2024
c35b4ec
fixup: remove unnecessary async
andybalaam Jul 15, 2024
a798e84
fixup: Remove more unneeded asyncs
andybalaam Jul 15, 2024
22f9365
fixup: Remove references to 'device info' to avoid creating a new term
andybalaam Jul 16, 2024
aaf8b27
fixup: Stop assuming device_owner_identity exists
andybalaam Jul 16, 2024
20d834c
fixup: Add missing error handling for invalid devices
andybalaam Jul 16, 2024
78aab43
fixup: Clippy fix
andybalaam Jul 16, 2024
d496196
fixup: Remove extra checking for unsigned devices and treat them simi…
andybalaam Jul 16, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion crates/matrix-sdk-crypto/src/gossiping/machine.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1218,6 +1218,8 @@ mod tests {
create_sessions: bool,
algorithm: EventEncryptionAlgorithm,
) -> (GossipMachine, OutboundGroupSession, GossipMachine) {
use crate::olm::SenderData;

let alice_machine = get_machine_test_helper().await;
let alice_device = ReadOnlyDevice::from_account(
&alice_machine.inner.store.cache().await.unwrap().account().await.unwrap(),
Expand Down Expand Up @@ -1270,7 +1272,7 @@ mod tests {
.inner
.store
.static_account()
.create_group_session_pair(room_id(), settings)
.create_group_session_pair(room_id(), settings, SenderData::unknown())
.await
.unwrap();

Expand Down
40 changes: 34 additions & 6 deletions crates/matrix-sdk-crypto/src/machine.rs
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,8 @@ use crate::{
identities::{user::UserIdentities, Device, IdentityManager, UserDevices},
olm::{
Account, CrossSigningStatus, EncryptionSettings, IdentityKeys, InboundGroupSession,
OlmDecryptionInfo, PrivateCrossSigningIdentity, SenderData, SessionType, StaticAccountData,
OlmDecryptionInfo, PrivateCrossSigningIdentity, SenderData, SenderDataFinder, SessionType,
StaticAccountData,
},
requests::{IncomingResponse, OutgoingRequest, UploadSigningKeysRequest},
session_manager::{GroupSessionManager, SessionManager},
Expand Down Expand Up @@ -816,7 +817,7 @@ impl OlmMachine {
event: &DecryptedRoomKeyEvent,
content: &MegolmV1AesSha2Content,
) -> OlmResult<Option<InboundGroupSession>> {
let sender_data = SenderData::unknown();
let sender_data = SenderDataFinder::find_using_event(self, sender_key, event).await?;

let session = InboundGroupSession::new(
sender_key,
Expand Down Expand Up @@ -900,7 +901,11 @@ impl OlmMachine {
let (_, session) = self
.inner
.group_session_manager
.create_outbound_group_session(room_id, EncryptionSettings::default())
.create_outbound_group_session(
room_id,
EncryptionSettings::default(),
SenderData::unknown(),
)
.await?;

self.store().save_inbound_group_sessions(&[session]).await?;
Expand All @@ -917,7 +922,11 @@ impl OlmMachine {
let (_, session) = self
.inner
.group_session_manager
.create_outbound_group_session(room_id, EncryptionSettings::default())
.create_outbound_group_session(
room_id,
EncryptionSettings::default(),
SenderData::unknown(),
)
.await?;

Ok(session)
Expand Down Expand Up @@ -1016,7 +1025,26 @@ impl OlmMachine {
users: impl Iterator<Item = &UserId>,
encryption_settings: impl Into<EncryptionSettings>,
) -> OlmResult<Vec<Arc<ToDeviceRequest>>> {
self.inner.group_session_manager.share_room_key(room_id, users, encryption_settings).await
// Use our own device info to populate the SenderData that validates the
andybalaam marked this conversation as resolved.
Show resolved Hide resolved
// InboundGroupSession that we create as a pair to the OutboundGroupSession we
// are sending out.
let account = self.store().static_account();
let device = self.store().get_device(account.user_id(), account.device_id()).await;
let own_sender_data = match device {
Ok(Some(device)) => {
SenderDataFinder::find_using_device_keys(self, device.as_device_keys().clone())
.await?
}
_ => {
error!("Unable to find our own device!");
SenderData::unknown()
}
};

self.inner
.group_session_manager
.share_room_key(room_id, users, encryption_settings, own_sender_data)
.await
}

/// Receive an unencrypted verification event.
Expand Down Expand Up @@ -4169,7 +4197,7 @@ pub(crate) mod tests {
let (outbound, mut inbound) = alice
.store()
.static_account()
.create_group_session_pair(room_id, Default::default())
.create_group_session_pair(room_id, Default::default(), SenderData::unknown())
.await
.unwrap();

Expand Down
13 changes: 9 additions & 4 deletions crates/matrix-sdk-crypto/src/olm/account.rs
Original file line number Diff line number Diff line change
Expand Up @@ -198,6 +198,7 @@ impl StaticAccountData {
&self,
room_id: &RoomId,
settings: EncryptionSettings,
own_sender_data: SenderData,
) -> Result<(OutboundGroupSession, InboundGroupSession), MegolmSessionCreationError> {
trace!(?room_id, algorithm = settings.algorithm.as_str(), "Creating a new room key");

Expand All @@ -221,7 +222,7 @@ impl StaticAccountData {
signing_key,
room_id,
&outbound.session_key().await,
SenderData::unknown(),
own_sender_data,
algorithm,
Some(visibility),
)?;
Expand All @@ -237,9 +238,13 @@ impl StaticAccountData {
&self,
room_id: &RoomId,
) -> (OutboundGroupSession, InboundGroupSession) {
self.create_group_session_pair(room_id, EncryptionSettings::default())
.await
.expect("Can't create default group session pair")
self.create_group_session_pair(
room_id,
EncryptionSettings::default(),
SenderData::unknown(),
)
.await
.expect("Can't create default group session pair")
}

/// Get the key ID of our Ed25519 signing key.
Expand Down
2 changes: 2 additions & 0 deletions crates/matrix-sdk-crypto/src/olm/group_sessions/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,15 @@ use serde::{Deserialize, Serialize};
mod inbound;
mod outbound;
mod sender_data;
mod sender_data_finder;

pub use inbound::{InboundGroupSession, PickledInboundGroupSession};
pub(crate) use outbound::ShareState;
pub use outbound::{
EncryptionSettings, OutboundGroupSession, PickledOutboundGroupSession, ShareInfo,
};
pub use sender_data::{SenderData, SenderDataRetryDetails};
pub(crate) use sender_data_finder::SenderDataFinder;
use thiserror::Error;
pub use vodozemac::megolm::{ExportedSessionKey, SessionKey};
use vodozemac::{megolm::SessionKeyDecodeError, Curve25519PublicKey};
Expand Down
11 changes: 9 additions & 2 deletions crates/matrix-sdk-crypto/src/olm/group_sessions/outbound.rs
Original file line number Diff line number Diff line change
Expand Up @@ -811,7 +811,10 @@ mod tests {
user_id, SecondsSinceUnixEpoch,
};

use crate::{olm::OutboundGroupSession, Account, EncryptionSettings, MegolmError};
use crate::{
olm::{OutboundGroupSession, SenderData},
Account, EncryptionSettings, MegolmError,
};

const TWO_HOURS: Duration = Duration::from_secs(60 * 60 * 2);

Expand Down Expand Up @@ -999,7 +1002,11 @@ mod tests {
Account::with_device_id(user_id!("@alice:example.org"), device_id!("DEVICEID"))
.static_data;
let (session, _) = account
.create_group_session_pair(room_id!("!test_room:example.org"), settings)
.create_group_session_pair(
room_id!("!test_room:example.org"),
settings,
SenderData::unknown(),
)
.await
.unwrap();
session
Expand Down
Loading
Loading