Merge branch 'crypto-improvements' into new-state-store

master
Damir Jelić 2020-12-04 13:50:39 +01:00
commit 1733808221
13 changed files with 145 additions and 106 deletions

View File

@ -2064,6 +2064,10 @@ impl Client {
/// * `passphrase` - The passphrase that should be used to decrypt the /// * `passphrase` - The passphrase that should be used to decrypt the
/// exported room keys. /// exported room keys.
/// ///
/// Returns a tuple of numbers that represent the number of sessions that
/// were imported and the total number of sessions that were found in the
/// key export.
///
/// # Panics /// # Panics
/// ///
/// This method will panic if it isn't run on a Tokio runtime. /// This method will panic if it isn't run on a Tokio runtime.
@ -2093,7 +2097,7 @@ impl Client {
feature = "docs", feature = "docs",
doc(cfg(all(encryption, not(target_arch = "wasm32")))) doc(cfg(all(encryption, not(target_arch = "wasm32"))))
)] )]
pub async fn import_keys(&self, path: PathBuf, passphrase: &str) -> Result<usize> { pub async fn import_keys(&self, path: PathBuf, passphrase: &str) -> Result<(usize, usize)> {
let olm = self let olm = self
.base_client .base_client
.olm_machine() .olm_machine()

View File

@ -20,7 +20,7 @@ js_int = "0.1.9"
[dependencies.ruma] [dependencies.ruma]
version = "0.0.1" version = "0.0.1"
git = "https://github.com/ruma/ruma" path = "/home/poljar/werk/priv/ruma/ruma"
rev = "48d1c9747561686e1c5627405780f6de01ee17b1" rev = "48d1c9747561686e1c5627405780f6de01ee17b1"
features = ["client-api", "unstable-pre-spec"] features = ["client-api", "unstable-pre-spec"]

View File

@ -7,7 +7,9 @@ pub use ruma::{
error::{FromHttpRequestError, FromHttpResponseError, IntoHttpError, ServerError}, error::{FromHttpRequestError, FromHttpResponseError, IntoHttpError, ServerError},
AuthScheme, EndpointError, OutgoingRequest, AuthScheme, EndpointError, OutgoingRequest,
}, },
directory, encryption, events, identifiers, presence, push, thirdparty, Outgoing, Raw, directory, encryption, events, identifiers, presence, push,
serde::Raw,
thirdparty, Outgoing,
}; };
pub use uuid; pub use uuid;

View File

@ -314,7 +314,7 @@ mod test {
let decrypted = decrypt_key_export(Cursor::new(encrypted), "1234").unwrap(); let decrypted = decrypt_key_export(Cursor::new(encrypted), "1234").unwrap();
assert_eq!(export, decrypted); assert_eq!(export, decrypted);
assert_eq!(machine.import_keys(decrypted).await.unwrap(), 0); assert_eq!(machine.import_keys(decrypted).await.unwrap(), (0, 1));
} }
#[test] #[test]

View File

@ -27,8 +27,8 @@ use matrix_sdk_common::{
api::r0::keys::SignedKey, api::r0::keys::SignedKey,
encryption::DeviceKeys, encryption::DeviceKeys,
events::{ events::{
forwarded_room_key::ForwardedRoomKeyEventContent, room::encrypted::EncryptedEventContent, forwarded_room_key::ForwardedRoomKeyToDeviceEventContent,
EventType, room::encrypted::EncryptedEventContent, EventType,
}, },
identifiers::{ identifiers::{
DeviceId, DeviceIdBox, DeviceKeyAlgorithm, DeviceKeyId, EventEncryptionAlgorithm, UserId, DeviceId, DeviceIdBox, DeviceKeyAlgorithm, DeviceKeyId, EventEncryptionAlgorithm, UserId,
@ -158,7 +158,7 @@ impl Device {
) -> OlmResult<(Session, EncryptedEventContent)> { ) -> OlmResult<(Session, EncryptedEventContent)> {
let export = session.export().await; let export = session.export().await;
let content: ForwardedRoomKeyEventContent = if let Ok(c) = export.try_into() { let content: ForwardedRoomKeyToDeviceEventContent = if let Ok(c) = export.try_into() {
c c
} else { } else {
// TODO remove this panic. // TODO remove this panic.

View File

@ -30,8 +30,8 @@ use tracing::{error, info, trace, warn};
use matrix_sdk_common::{ use matrix_sdk_common::{
api::r0::to_device::DeviceIdOrAllDevices, api::r0::to_device::DeviceIdOrAllDevices,
events::{ events::{
forwarded_room_key::ForwardedRoomKeyEventContent, forwarded_room_key::ForwardedRoomKeyToDeviceEventContent,
room_key_request::{Action, RequestedKeyInfo, RoomKeyRequestEventContent}, room_key_request::{Action, RequestedKeyInfo, RoomKeyRequestToDeviceEventContent},
AnyToDeviceEvent, EventType, ToDeviceEvent, AnyToDeviceEvent, EventType, ToDeviceEvent,
}, },
identifiers::{DeviceId, DeviceIdBox, EventEncryptionAlgorithm, RoomId, UserId}, identifiers::{DeviceId, DeviceIdBox, EventEncryptionAlgorithm, RoomId, UserId},
@ -67,8 +67,9 @@ pub enum KeyshareDecision {
/// device that requested the key doesn't share an Olm session with us. /// device that requested the key doesn't share an Olm session with us.
#[derive(Debug, Clone)] #[derive(Debug, Clone)]
struct WaitQueue { struct WaitQueue {
requests_waiting_for_session: requests_waiting_for_session: Arc<
Arc<DashMap<(UserId, DeviceIdBox, String), ToDeviceEvent<RoomKeyRequestEventContent>>>, DashMap<(UserId, DeviceIdBox, String), ToDeviceEvent<RoomKeyRequestToDeviceEventContent>>,
>,
requests_ids_waiting: Arc<DashMap<(UserId, DeviceIdBox), DashSet<String>>>, requests_ids_waiting: Arc<DashMap<(UserId, DeviceIdBox), DashSet<String>>>,
} }
@ -85,7 +86,7 @@ impl WaitQueue {
self.requests_ids_waiting.is_empty() && self.requests_waiting_for_session.is_empty() self.requests_ids_waiting.is_empty() && self.requests_waiting_for_session.is_empty()
} }
fn insert(&self, device: &Device, event: &ToDeviceEvent<RoomKeyRequestEventContent>) { fn insert(&self, device: &Device, event: &ToDeviceEvent<RoomKeyRequestToDeviceEventContent>) {
let key = ( let key = (
device.user_id().to_owned(), device.user_id().to_owned(),
device.device_id().into(), device.device_id().into(),
@ -106,7 +107,7 @@ impl WaitQueue {
device_id: &DeviceId, device_id: &DeviceId,
) -> Vec<( ) -> Vec<(
(UserId, DeviceIdBox, String), (UserId, DeviceIdBox, String),
ToDeviceEvent<RoomKeyRequestEventContent>, ToDeviceEvent<RoomKeyRequestToDeviceEventContent>,
)> { )> {
self.requests_ids_waiting self.requests_ids_waiting
.remove(&(user_id.to_owned(), device_id.into())) .remove(&(user_id.to_owned(), device_id.into()))
@ -130,8 +131,9 @@ pub(crate) struct KeyRequestMachine {
store: Store, store: Store,
outbound_group_sessions: Arc<DashMap<RoomId, OutboundGroupSession>>, outbound_group_sessions: Arc<DashMap<RoomId, OutboundGroupSession>>,
outgoing_to_device_requests: Arc<DashMap<Uuid, OutgoingRequest>>, outgoing_to_device_requests: Arc<DashMap<Uuid, OutgoingRequest>>,
incoming_key_requests: incoming_key_requests: Arc<
Arc<DashMap<(UserId, DeviceIdBox, String), ToDeviceEvent<RoomKeyRequestEventContent>>>, DashMap<(UserId, DeviceIdBox, String), ToDeviceEvent<RoomKeyRequestToDeviceEventContent>>,
>,
wait_queue: WaitQueue, wait_queue: WaitQueue,
users_for_key_claim: Arc<DashMap<UserId, DashSet<DeviceIdBox>>>, users_for_key_claim: Arc<DashMap<UserId, DashSet<DeviceIdBox>>>,
} }
@ -156,7 +158,7 @@ impl Encode for RequestedKeyInfo {
} }
} }
impl Encode for ForwardedRoomKeyEventContent { impl Encode for ForwardedRoomKeyToDeviceEventContent {
fn encode(&self) -> String { fn encode(&self) -> String {
format!( format!(
"{}|{}|{}|{}", "{}|{}|{}|{}",
@ -168,7 +170,7 @@ impl Encode for ForwardedRoomKeyEventContent {
fn wrap_key_request_content( fn wrap_key_request_content(
recipient: UserId, recipient: UserId,
id: Uuid, id: Uuid,
content: &RoomKeyRequestEventContent, content: &RoomKeyRequestToDeviceEventContent,
) -> Result<OutgoingRequest, serde_json::Error> { ) -> Result<OutgoingRequest, serde_json::Error> {
let mut messages = BTreeMap::new(); let mut messages = BTreeMap::new();
@ -224,7 +226,10 @@ impl KeyRequestMachine {
} }
/// Receive a room key request event. /// Receive a room key request event.
pub fn receive_incoming_key_request(&self, event: &ToDeviceEvent<RoomKeyRequestEventContent>) { pub fn receive_incoming_key_request(
&self,
event: &ToDeviceEvent<RoomKeyRequestToDeviceEventContent>,
) {
let sender = event.sender.clone(); let sender = event.sender.clone();
let device_id = event.content.requesting_device_id.clone(); let device_id = event.content.requesting_device_id.clone();
let request_id = event.content.request_id.clone(); let request_id = event.content.request_id.clone();
@ -255,7 +260,7 @@ impl KeyRequestMachine {
fn handle_key_share_without_session( fn handle_key_share_without_session(
&self, &self,
device: Device, device: Device,
event: &ToDeviceEvent<RoomKeyRequestEventContent>, event: &ToDeviceEvent<RoomKeyRequestToDeviceEventContent>,
) { ) {
self.users_for_key_claim self.users_for_key_claim
.entry(device.user_id().to_owned()) .entry(device.user_id().to_owned())
@ -295,7 +300,7 @@ impl KeyRequestMachine {
/// Handle a single incoming key request. /// Handle a single incoming key request.
async fn handle_key_request( async fn handle_key_request(
&self, &self,
event: &ToDeviceEvent<RoomKeyRequestEventContent>, event: &ToDeviceEvent<RoomKeyRequestToDeviceEventContent>,
) -> OlmResult<Option<Session>> { ) -> OlmResult<Option<Session>> {
let key_info = match &event.content.action { let key_info = match &event.content.action {
Action::Request => { Action::Request => {
@ -505,7 +510,7 @@ impl KeyRequestMachine {
let id = Uuid::new_v4(); let id = Uuid::new_v4();
let content = RoomKeyRequestEventContent { let content = RoomKeyRequestToDeviceEventContent {
action: Action::Request, action: Action::Request,
request_id: id.to_string(), request_id: id.to_string(),
requesting_device_id: (&*self.device_id).clone(), requesting_device_id: (&*self.device_id).clone(),
@ -546,7 +551,7 @@ impl KeyRequestMachine {
/// Get an outgoing key info that matches the forwarded room key content. /// Get an outgoing key info that matches the forwarded room key content.
async fn get_key_info( async fn get_key_info(
&self, &self,
content: &ForwardedRoomKeyEventContent, content: &ForwardedRoomKeyToDeviceEventContent,
) -> Result<Option<OugoingKeyInfo>, CryptoStoreError> { ) -> Result<Option<OugoingKeyInfo>, CryptoStoreError> {
let id: Option<Uuid> = self.store.get_object(&content.encode()).await?; let id: Option<Uuid> = self.store.get_object(&content.encode()).await?;
@ -597,7 +602,7 @@ impl KeyRequestMachine {
// can delete it in one transaction. // can delete it in one transaction.
self.delete_key_info(&key_info).await?; self.delete_key_info(&key_info).await?;
let content = RoomKeyRequestEventContent { let content = RoomKeyRequestToDeviceEventContent {
action: Action::CancelRequest, action: Action::CancelRequest,
request_id: key_info.request_id.to_string(), request_id: key_info.request_id.to_string(),
requesting_device_id: (&*self.device_id).clone(), requesting_device_id: (&*self.device_id).clone(),
@ -617,7 +622,7 @@ impl KeyRequestMachine {
pub async fn receive_forwarded_room_key( pub async fn receive_forwarded_room_key(
&self, &self,
sender_key: &str, sender_key: &str,
event: &mut ToDeviceEvent<ForwardedRoomKeyEventContent>, event: &mut ToDeviceEvent<ForwardedRoomKeyToDeviceEventContent>,
) -> Result<(Option<Raw<AnyToDeviceEvent>>, Option<InboundGroupSession>), CryptoStoreError> ) -> Result<(Option<Raw<AnyToDeviceEvent>>, Option<InboundGroupSession>), CryptoStoreError>
{ {
let key_info = self.get_key_info(&event.content).await?; let key_info = self.get_key_info(&event.content).await?;
@ -637,8 +642,8 @@ impl KeyRequestMachine {
// If we have a previous session, check if we have a better version // If we have a previous session, check if we have a better version
// and store the new one if so. // and store the new one if so.
let session = if let Some(old_session) = old_session { let session = if let Some(old_session) = old_session {
let first_old_index = old_session.first_known_index().await; let first_old_index = old_session.first_known_index();
let first_index = session.first_known_index().await; let first_index = session.first_known_index();
if first_old_index > first_index { if first_old_index > first_index {
self.mark_as_done(info).await?; self.mark_as_done(info).await?;
@ -672,9 +677,9 @@ mod test {
use matrix_sdk_common::{ use matrix_sdk_common::{
api::r0::to_device::DeviceIdOrAllDevices, api::r0::to_device::DeviceIdOrAllDevices,
events::{ events::{
forwarded_room_key::ForwardedRoomKeyEventContent, forwarded_room_key::ForwardedRoomKeyToDeviceEventContent,
room::encrypted::EncryptedEventContent, room_key_request::RoomKeyRequestEventContent, room::encrypted::EncryptedEventContent,
AnyToDeviceEvent, ToDeviceEvent, room_key_request::RoomKeyRequestToDeviceEventContent, AnyToDeviceEvent, ToDeviceEvent,
}, },
identifiers::{room_id, user_id, DeviceIdBox, RoomId, UserId}, identifiers::{room_id, user_id, DeviceIdBox, RoomId, UserId},
locks::Mutex, locks::Mutex,
@ -829,7 +834,7 @@ mod test {
let export = session.export_at_index(10).await.unwrap(); let export = session.export_at_index(10).await.unwrap();
let content: ForwardedRoomKeyEventContent = export.try_into().unwrap(); let content: ForwardedRoomKeyToDeviceEventContent = export.try_into().unwrap();
let mut event = ToDeviceEvent { let mut event = ToDeviceEvent {
sender: alice_id(), sender: alice_id(),
@ -855,7 +860,7 @@ mod test {
.unwrap(); .unwrap();
let first_session = first_session.unwrap(); let first_session = first_session.unwrap();
assert_eq!(first_session.first_known_index().await, 10); assert_eq!(first_session.first_known_index(), 10);
machine machine
.store .store
@ -886,7 +891,7 @@ mod test {
let export = session.export_at_index(15).await.unwrap(); let export = session.export_at_index(15).await.unwrap();
let content: ForwardedRoomKeyEventContent = export.try_into().unwrap(); let content: ForwardedRoomKeyToDeviceEventContent = export.try_into().unwrap();
let mut event = ToDeviceEvent { let mut event = ToDeviceEvent {
sender: alice_id(), sender: alice_id(),
@ -902,7 +907,7 @@ mod test {
let export = session.export_at_index(0).await.unwrap(); let export = session.export_at_index(0).await.unwrap();
let content: ForwardedRoomKeyEventContent = export.try_into().unwrap(); let content: ForwardedRoomKeyToDeviceEventContent = export.try_into().unwrap();
let mut event = ToDeviceEvent { let mut event = ToDeviceEvent {
sender: alice_id(), sender: alice_id(),
@ -914,7 +919,7 @@ mod test {
.await .await
.unwrap(); .unwrap();
assert_eq!(second_session.unwrap().first_known_index().await, 0); assert_eq!(second_session.unwrap().first_known_index(), 0);
} }
#[async_test] #[async_test]
@ -1073,7 +1078,8 @@ mod test {
.unwrap() .unwrap()
.get(&DeviceIdOrAllDevices::AllDevices) .get(&DeviceIdOrAllDevices::AllDevices)
.unwrap(); .unwrap();
let content: RoomKeyRequestEventContent = serde_json::from_str(content.get()).unwrap(); let content: RoomKeyRequestToDeviceEventContent =
serde_json::from_str(content.get()).unwrap();
drop(request); drop(request);
alice_machine alice_machine
@ -1241,7 +1247,8 @@ mod test {
.unwrap() .unwrap()
.get(&DeviceIdOrAllDevices::AllDevices) .get(&DeviceIdOrAllDevices::AllDevices)
.unwrap(); .unwrap();
let content: RoomKeyRequestEventContent = serde_json::from_str(content.get()).unwrap(); let content: RoomKeyRequestToDeviceEventContent =
serde_json::from_str(content.get()).unwrap();
drop(request); drop(request);
alice_machine alice_machine

View File

@ -1012,7 +1012,9 @@ impl OlmMachine {
/// imported into our store. If we already have a better version of a key /// imported into our store. If we already have a better version of a key
/// the key will *not* be imported. /// the key will *not* be imported.
/// ///
/// Returns the number of sessions that were imported to the store. /// Returns a tuple of numbers that represent the number of sessions that
/// were imported and the total number of sessions that were found in the
/// key export.
/// ///
/// # Examples /// # Examples
/// ```no_run /// ```no_run
@ -1028,32 +1030,47 @@ impl OlmMachine {
/// machine.import_keys(exported_keys).await.unwrap(); /// machine.import_keys(exported_keys).await.unwrap();
/// # }); /// # });
/// ``` /// ```
pub async fn import_keys(&self, mut exported_keys: Vec<ExportedRoomKey>) -> StoreResult<usize> { pub async fn import_keys(
&self,
exported_keys: Vec<ExportedRoomKey>,
) -> StoreResult<(usize, usize)> {
struct ShallowSessions {
inner: BTreeMap<Arc<RoomId>, u32>,
}
impl ShallowSessions {
fn has_better_session(&self, session: &InboundGroupSession) -> bool {
self.inner
.get(&session.room_id)
.map(|existing| existing <= &session.first_known_index())
.unwrap_or(false)
}
}
let mut sessions = Vec::new(); let mut sessions = Vec::new();
for key in exported_keys.drain(..) { let existing_sessions = ShallowSessions {
inner: self
.store
.get_inbound_group_sessions()
.await?
.into_iter()
.map(|s| {
let index = s.first_known_index();
(s.room_id, index)
})
.collect(),
};
let total_sessions = exported_keys.len();
for key in exported_keys.into_iter() {
let session = InboundGroupSession::from_export(key)?; let session = InboundGroupSession::from_export(key)?;
// Only import the session if we didn't have this session or if it's // Only import the session if we didn't have this session or if it's
// a better version of the same session, that is the first known // a better version of the same session, that is the first known
// index is lower. // index is lower.
// TODO load all sessions so we don't do a thousand small loads. if !existing_sessions.has_better_session(&session) {
if let Some(existing_session) = self
.store
.get_inbound_group_session(
&session.room_id,
&session.sender_key,
session.session_id(),
)
.await?
{
let first_index = session.first_known_index().await;
let existing_index = existing_session.first_known_index().await;
if first_index < existing_index {
sessions.push(session)
}
} else {
sessions.push(session) sessions.push(session)
} }
} }
@ -1072,7 +1089,7 @@ impl OlmMachine {
num_sessions num_sessions
); );
Ok(num_sessions) Ok((num_sessions, total_sessions))
} }
/// Export the keys that match the given predicate. /// Export the keys that match the given predicate.

View File

@ -34,8 +34,8 @@ pub use olm_rs::{
use matrix_sdk_common::{ use matrix_sdk_common::{
events::{ events::{
forwarded_room_key::ForwardedRoomKeyEventContent, room::encrypted::EncryptedEventContent, forwarded_room_key::ForwardedRoomKeyToDeviceEventContent,
AnySyncRoomEvent, SyncMessageEvent, room::encrypted::EncryptedEventContent, AnySyncRoomEvent, SyncMessageEvent,
}, },
identifiers::{DeviceKeyAlgorithm, EventEncryptionAlgorithm, RoomId}, identifiers::{DeviceKeyAlgorithm, EventEncryptionAlgorithm, RoomId},
locks::Mutex, locks::Mutex,
@ -57,6 +57,7 @@ use crate::error::{EventError, MegolmResult};
pub struct InboundGroupSession { pub struct InboundGroupSession {
inner: Arc<Mutex<OlmInboundGroupSession>>, inner: Arc<Mutex<OlmInboundGroupSession>>,
session_id: Arc<str>, session_id: Arc<str>,
first_known_index: u32,
pub(crate) sender_key: Arc<str>, pub(crate) sender_key: Arc<str>,
pub(crate) signing_key: Arc<BTreeMap<DeviceKeyAlgorithm, String>>, pub(crate) signing_key: Arc<BTreeMap<DeviceKeyAlgorithm, String>>,
pub(crate) room_id: Arc<RoomId>, pub(crate) room_id: Arc<RoomId>,
@ -89,6 +90,7 @@ impl InboundGroupSession {
) -> Result<Self, OlmGroupSessionError> { ) -> Result<Self, OlmGroupSessionError> {
let session = OlmInboundGroupSession::new(&session_key.0)?; let session = OlmInboundGroupSession::new(&session_key.0)?;
let session_id = session.session_id(); let session_id = session.session_id();
let first_known_index = session.first_known_index();
let mut keys: BTreeMap<DeviceKeyAlgorithm, String> = BTreeMap::new(); let mut keys: BTreeMap<DeviceKeyAlgorithm, String> = BTreeMap::new();
keys.insert(DeviceKeyAlgorithm::Ed25519, signing_key.to_owned()); keys.insert(DeviceKeyAlgorithm::Ed25519, signing_key.to_owned());
@ -97,6 +99,7 @@ impl InboundGroupSession {
inner: Arc::new(Mutex::new(session)), inner: Arc::new(Mutex::new(session)),
session_id: session_id.into(), session_id: session_id.into(),
sender_key: sender_key.to_owned().into(), sender_key: sender_key.to_owned().into(),
first_known_index,
signing_key: Arc::new(keys), signing_key: Arc::new(keys),
room_id: Arc::new(room_id.clone()), room_id: Arc::new(room_id.clone()),
forwarding_chains: Arc::new(Mutex::new(None)), forwarding_chains: Arc::new(Mutex::new(None)),
@ -129,11 +132,12 @@ impl InboundGroupSession {
/// to create the `InboundGroupSession`. /// to create the `InboundGroupSession`.
pub(crate) fn from_forwarded_key( pub(crate) fn from_forwarded_key(
sender_key: &str, sender_key: &str,
content: &mut ForwardedRoomKeyEventContent, content: &mut ForwardedRoomKeyToDeviceEventContent,
) -> Result<Self, OlmGroupSessionError> { ) -> Result<Self, OlmGroupSessionError> {
let key = Zeroizing::from(mem::take(&mut content.session_key)); let key = Zeroizing::from(mem::take(&mut content.session_key));
let session = OlmInboundGroupSession::import(&key)?; let session = OlmInboundGroupSession::import(&key)?;
let first_known_index = session.first_known_index();
let mut forwarding_chains = content.forwarding_curve25519_key_chain.clone(); let mut forwarding_chains = content.forwarding_curve25519_key_chain.clone();
forwarding_chains.push(sender_key.to_owned()); forwarding_chains.push(sender_key.to_owned());
@ -147,6 +151,7 @@ impl InboundGroupSession {
inner: Arc::new(Mutex::new(session)), inner: Arc::new(Mutex::new(session)),
session_id: content.session_id.as_str().into(), session_id: content.session_id.as_str().into(),
sender_key: content.sender_key.as_str().into(), sender_key: content.sender_key.as_str().into(),
first_known_index,
signing_key: Arc::new(sender_claimed_key), signing_key: Arc::new(sender_claimed_key),
room_id: Arc::new(content.room_id.clone()), room_id: Arc::new(content.room_id.clone()),
forwarding_chains: Arc::new(Mutex::new(Some(forwarding_chains))), forwarding_chains: Arc::new(Mutex::new(Some(forwarding_chains))),
@ -178,7 +183,7 @@ impl InboundGroupSession {
/// If only a limited part of this session should be exported use /// If only a limited part of this session should be exported use
/// [`export_at_index()`](#method.export_at_index). /// [`export_at_index()`](#method.export_at_index).
pub async fn export(&self) -> ExportedRoomKey { pub async fn export(&self) -> ExportedRoomKey {
self.export_at_index(self.first_known_index().await) self.export_at_index(self.first_known_index())
.await .await
.expect("Can't export at the first known index") .expect("Can't export at the first known index")
} }
@ -221,12 +226,14 @@ impl InboundGroupSession {
pickle_mode: PicklingMode, pickle_mode: PicklingMode,
) -> Result<Self, OlmGroupSessionError> { ) -> Result<Self, OlmGroupSessionError> {
let session = OlmInboundGroupSession::unpickle(pickle.pickle.0, pickle_mode)?; let session = OlmInboundGroupSession::unpickle(pickle.pickle.0, pickle_mode)?;
let first_known_index = session.first_known_index();
let session_id = session.session_id(); let session_id = session.session_id();
Ok(InboundGroupSession { Ok(InboundGroupSession {
inner: Arc::new(Mutex::new(session)), inner: Arc::new(Mutex::new(session)),
session_id: session_id.into(), session_id: session_id.into(),
sender_key: pickle.sender_key.into(), sender_key: pickle.sender_key.into(),
first_known_index,
signing_key: Arc::new(pickle.signing_key), signing_key: Arc::new(pickle.signing_key),
room_id: Arc::new(pickle.room_id), room_id: Arc::new(pickle.room_id),
forwarding_chains: Arc::new(Mutex::new(pickle.forwarding_chains)), forwarding_chains: Arc::new(Mutex::new(pickle.forwarding_chains)),
@ -245,8 +252,8 @@ impl InboundGroupSession {
} }
/// Get the first message index we know how to decrypt. /// Get the first message index we know how to decrypt.
pub async fn first_known_index(&self) -> u32 { pub fn first_known_index(&self) -> u32 {
self.inner.lock().await.first_known_index() self.first_known_index
} }
/// Decrypt the given ciphertext. /// Decrypt the given ciphertext.
@ -368,6 +375,7 @@ impl TryFrom<ExportedRoomKey> for InboundGroupSession {
fn try_from(key: ExportedRoomKey) -> Result<Self, Self::Error> { fn try_from(key: ExportedRoomKey) -> Result<Self, Self::Error> {
let session = OlmInboundGroupSession::import(&key.session_key.0)?; let session = OlmInboundGroupSession::import(&key.session_key.0)?;
let first_known_index = session.first_known_index();
let forwarding_chains = if key.forwarding_curve25519_key_chain.is_empty() { let forwarding_chains = if key.forwarding_curve25519_key_chain.is_empty() {
None None
@ -379,6 +387,7 @@ impl TryFrom<ExportedRoomKey> for InboundGroupSession {
inner: Arc::new(Mutex::new(session)), inner: Arc::new(Mutex::new(session)),
session_id: key.session_id.into(), session_id: key.session_id.into(),
sender_key: key.sender_key.into(), sender_key: key.sender_key.into(),
first_known_index,
signing_key: Arc::new(key.sender_claimed_keys), signing_key: Arc::new(key.sender_claimed_keys),
room_id: Arc::new(key.room_id), room_id: Arc::new(key.room_id),
forwarding_chains: Arc::new(Mutex::new(forwarding_chains)), forwarding_chains: Arc::new(Mutex::new(forwarding_chains)),

View File

@ -13,7 +13,7 @@
// limitations under the License. // limitations under the License.
use matrix_sdk_common::{ use matrix_sdk_common::{
events::forwarded_room_key::ForwardedRoomKeyEventContent, events::forwarded_room_key::ForwardedRoomKeyToDeviceEventContent,
identifiers::{DeviceKeyAlgorithm, EventEncryptionAlgorithm, RoomId}, identifiers::{DeviceKeyAlgorithm, EventEncryptionAlgorithm, RoomId},
}; };
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
@ -66,7 +66,7 @@ pub struct ExportedRoomKey {
pub forwarding_curve25519_key_chain: Vec<String>, pub forwarding_curve25519_key_chain: Vec<String>,
} }
impl TryInto<ForwardedRoomKeyEventContent> for ExportedRoomKey { impl TryInto<ForwardedRoomKeyToDeviceEventContent> for ExportedRoomKey {
type Error = (); type Error = ();
/// Convert an exported room key into a content for a forwarded room key /// Convert an exported room key into a content for a forwarded room key
@ -75,7 +75,7 @@ impl TryInto<ForwardedRoomKeyEventContent> for ExportedRoomKey {
/// This will fail if the exported room key has multiple sender claimed keys /// This will fail if the exported room key has multiple sender claimed keys
/// or if the algorithm of the claimed sender key isn't /// or if the algorithm of the claimed sender key isn't
/// `DeviceKeyAlgorithm::Ed25519`. /// `DeviceKeyAlgorithm::Ed25519`.
fn try_into(self) -> Result<ForwardedRoomKeyEventContent, Self::Error> { fn try_into(self) -> Result<ForwardedRoomKeyToDeviceEventContent, Self::Error> {
if self.sender_claimed_keys.len() != 1 { if self.sender_claimed_keys.len() != 1 {
Err(()) Err(())
} else { } else {
@ -85,7 +85,7 @@ impl TryInto<ForwardedRoomKeyEventContent> for ExportedRoomKey {
return Err(()); return Err(());
} }
Ok(ForwardedRoomKeyEventContent { Ok(ForwardedRoomKeyToDeviceEventContent {
algorithm: self.algorithm, algorithm: self.algorithm,
room_id: self.room_id, room_id: self.room_id,
sender_key: self.sender_key, sender_key: self.sender_key,
@ -98,9 +98,9 @@ impl TryInto<ForwardedRoomKeyEventContent> for ExportedRoomKey {
} }
} }
impl From<ForwardedRoomKeyEventContent> for ExportedRoomKey { impl From<ForwardedRoomKeyToDeviceEventContent> for ExportedRoomKey {
/// Convert the content of a forwarded room key into a exported room key. /// Convert the content of a forwarded room key into a exported room key.
fn from(forwarded_key: ForwardedRoomKeyEventContent) -> Self { fn from(forwarded_key: ForwardedRoomKeyToDeviceEventContent) -> Self {
let mut sender_claimed_keys: BTreeMap<DeviceKeyAlgorithm, String> = BTreeMap::new(); let mut sender_claimed_keys: BTreeMap<DeviceKeyAlgorithm, String> = BTreeMap::new();
sender_claimed_keys.insert( sender_claimed_keys.insert(
DeviceKeyAlgorithm::Ed25519, DeviceKeyAlgorithm::Ed25519,

View File

@ -40,7 +40,7 @@ pub(crate) mod test {
use crate::olm::{InboundGroupSession, ReadOnlyAccount, Session}; use crate::olm::{InboundGroupSession, ReadOnlyAccount, Session};
use matrix_sdk_common::{ use matrix_sdk_common::{
api::r0::keys::SignedKey, api::r0::keys::SignedKey,
events::forwarded_room_key::ForwardedRoomKeyEventContent, events::forwarded_room_key::ForwardedRoomKeyToDeviceEventContent,
identifiers::{room_id, user_id, DeviceId, UserId}, identifiers::{room_id, user_id, DeviceId, UserId},
}; };
use olm_rs::session::OlmMessage; use olm_rs::session::OlmMessage;
@ -213,7 +213,7 @@ pub(crate) mod test {
) )
.unwrap(); .unwrap();
assert_eq!(0, inbound.first_known_index().await); assert_eq!(0, inbound.first_known_index());
assert_eq!(outbound.session_id(), inbound.session_id()); assert_eq!(outbound.session_id(), inbound.session_id());
@ -237,7 +237,7 @@ pub(crate) mod test {
.unwrap(); .unwrap();
let export = inbound.export().await; let export = inbound.export().await;
let export: ForwardedRoomKeyEventContent = export.try_into().unwrap(); let export: ForwardedRoomKeyToDeviceEventContent = export.try_into().unwrap();
let imported = InboundGroupSession::from_export(export).unwrap(); let imported = InboundGroupSession::from_export(export).unwrap();

View File

@ -21,7 +21,7 @@ use olm_rs::sas::OlmSas;
use matrix_sdk_common::{ use matrix_sdk_common::{
api::r0::to_device::DeviceIdOrAllDevices, api::r0::to_device::DeviceIdOrAllDevices,
events::{ events::{
key::verification::{cancel::CancelCode, mac::MacEventContent}, key::verification::{cancel::CancelCode, mac::MacToDeviceEventContent},
AnyToDeviceEventContent, EventType, ToDeviceEvent, AnyToDeviceEventContent, EventType, ToDeviceEvent,
}, },
identifiers::{DeviceId, DeviceKeyAlgorithm, DeviceKeyId, UserId}, identifiers::{DeviceId, DeviceKeyAlgorithm, DeviceKeyId, UserId},
@ -159,7 +159,7 @@ pub fn receive_mac_event(
sas: &OlmSas, sas: &OlmSas,
ids: &SasIds, ids: &SasIds,
flow_id: &str, flow_id: &str,
event: &ToDeviceEvent<MacEventContent>, event: &ToDeviceEvent<MacToDeviceEventContent>,
) -> Result<(Vec<ReadOnlyDevice>, Vec<UserIdentities>), CancelCode> { ) -> Result<(Vec<ReadOnlyDevice>, Vec<UserIdentities>), CancelCode> {
let mut verified_devices = Vec::new(); let mut verified_devices = Vec::new();
let mut verified_identities = Vec::new(); let mut verified_identities = Vec::new();
@ -270,7 +270,7 @@ fn extra_mac_info_send(ids: &SasIds, flow_id: &str) -> String {
/// # Panics /// # Panics
/// ///
/// This will panic if the public key of the other side wasn't set. /// This will panic if the public key of the other side wasn't set.
pub fn get_mac_content(sas: &OlmSas, ids: &SasIds, flow_id: &str) -> MacEventContent { pub fn get_mac_content(sas: &OlmSas, ids: &SasIds, flow_id: &str) -> MacToDeviceEventContent {
let mut mac: BTreeMap<String, String> = BTreeMap::new(); let mut mac: BTreeMap<String, String> = BTreeMap::new();
let key_id = DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, ids.account.device_id()); let key_id = DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, ids.account.device_id());
@ -291,7 +291,7 @@ pub fn get_mac_content(sas: &OlmSas, ids: &SasIds, flow_id: &str) -> MacEventCon
.calculate_mac(&keys.join(","), &format!("{}KEY_IDS", &info)) .calculate_mac(&keys.join(","), &format!("{}KEY_IDS", &info))
.expect("Can't calculate SAS MAC"); .expect("Can't calculate SAS MAC");
MacEventContent { MacToDeviceEventContent {
transaction_id: flow_id.to_owned(), transaction_id: flow_id.to_owned(),
keys, keys,
mac, mac,

View File

@ -25,8 +25,8 @@ use matrix_sdk_common::{
api::r0::keys::upload_signatures::Request as SignatureUploadRequest, api::r0::keys::upload_signatures::Request as SignatureUploadRequest,
events::{ events::{
key::verification::{ key::verification::{
accept::AcceptEventContent, cancel::CancelCode, mac::MacEventContent, accept::AcceptToDeviceEventContent, cancel::CancelCode, mac::MacToDeviceEventContent,
start::StartEventContent, start::StartToDeviceEventContent,
}, },
AnyToDeviceEvent, AnyToDeviceEventContent, ToDeviceEvent, AnyToDeviceEvent, AnyToDeviceEventContent, ToDeviceEvent,
}, },
@ -122,7 +122,7 @@ impl Sas {
other_device: ReadOnlyDevice, other_device: ReadOnlyDevice,
store: Arc<Box<dyn CryptoStore>>, store: Arc<Box<dyn CryptoStore>>,
other_identity: Option<UserIdentities>, other_identity: Option<UserIdentities>,
) -> (Sas, StartEventContent) { ) -> (Sas, StartToDeviceEventContent) {
let (inner, content) = InnerSas::start( let (inner, content) = InnerSas::start(
account.clone(), account.clone(),
other_device.clone(), other_device.clone(),
@ -158,7 +158,7 @@ impl Sas {
private_identity: PrivateCrossSigningIdentity, private_identity: PrivateCrossSigningIdentity,
other_device: ReadOnlyDevice, other_device: ReadOnlyDevice,
store: Arc<Box<dyn CryptoStore>>, store: Arc<Box<dyn CryptoStore>>,
event: &ToDeviceEvent<StartEventContent>, event: &ToDeviceEvent<StartToDeviceEventContent>,
other_identity: Option<UserIdentities>, other_identity: Option<UserIdentities>,
) -> Result<Sas, AnyToDeviceEventContent> { ) -> Result<Sas, AnyToDeviceEventContent> {
let inner = InnerSas::from_start_event( let inner = InnerSas::from_start_event(
@ -554,7 +554,7 @@ impl InnerSas {
account: ReadOnlyAccount, account: ReadOnlyAccount,
other_device: ReadOnlyDevice, other_device: ReadOnlyDevice,
other_identity: Option<UserIdentities>, other_identity: Option<UserIdentities>,
) -> (InnerSas, StartEventContent) { ) -> (InnerSas, StartToDeviceEventContent) {
let sas = SasState::<Created>::new(account, other_device, other_identity); let sas = SasState::<Created>::new(account, other_device, other_identity);
let content = sas.as_content(); let content = sas.as_content();
(InnerSas::Created(sas), content) (InnerSas::Created(sas), content)
@ -563,7 +563,7 @@ impl InnerSas {
fn from_start_event( fn from_start_event(
account: ReadOnlyAccount, account: ReadOnlyAccount,
other_device: ReadOnlyDevice, other_device: ReadOnlyDevice,
event: &ToDeviceEvent<StartEventContent>, event: &ToDeviceEvent<StartToDeviceEventContent>,
other_identity: Option<UserIdentities>, other_identity: Option<UserIdentities>,
) -> Result<InnerSas, AnyToDeviceEventContent> { ) -> Result<InnerSas, AnyToDeviceEventContent> {
match SasState::<Started>::from_start_event(account, other_device, event, other_identity) { match SasState::<Started>::from_start_event(account, other_device, event, other_identity) {
@ -572,7 +572,7 @@ impl InnerSas {
} }
} }
fn accept(&self) -> Option<AcceptEventContent> { fn accept(&self) -> Option<AcceptToDeviceEventContent> {
if let InnerSas::Started(s) = self { if let InnerSas::Started(s) = self {
Some(s.as_content()) Some(s.as_content())
} else { } else {
@ -610,7 +610,7 @@ impl InnerSas {
(InnerSas::Canceled(sas), Some(content)) (InnerSas::Canceled(sas), Some(content))
} }
fn confirm(self) -> (InnerSas, Option<MacEventContent>) { fn confirm(self) -> (InnerSas, Option<MacToDeviceEventContent>) {
match self { match self {
InnerSas::KeyRecieved(s) => { InnerSas::KeyRecieved(s) => {
let sas = s.confirm(); let sas = s.confirm();

View File

@ -25,13 +25,13 @@ use matrix_sdk_common::{
events::{ events::{
key::verification::{ key::verification::{
accept::{ accept::{
AcceptEventContent, AcceptMethod, MSasV1Content as AcceptV1Content, AcceptMethod, AcceptToDeviceEventContent, MSasV1Content as AcceptV1Content,
MSasV1ContentInit as AcceptV1ContentInit, MSasV1ContentInit as AcceptV1ContentInit,
}, },
cancel::{CancelCode, CancelEventContent}, cancel::{CancelCode, CancelToDeviceEventContent},
key::KeyEventContent, key::KeyToDeviceEventContent,
mac::MacEventContent, mac::MacToDeviceEventContent,
start::{MSasV1Content, MSasV1ContentInit, StartEventContent, StartMethod}, start::{MSasV1Content, MSasV1ContentInit, StartMethod, StartToDeviceEventContent},
HashAlgorithm, KeyAgreementProtocol, MessageAuthenticationCode, HashAlgorithm, KeyAgreementProtocol, MessageAuthenticationCode,
ShortAuthenticationString, VerificationMethod, ShortAuthenticationString, VerificationMethod,
}, },
@ -319,8 +319,8 @@ impl SasState<Created> {
/// Get the content for the start event. /// Get the content for the start event.
/// ///
/// The content needs to be sent to the other device. /// The content needs to be sent to the other device.
pub fn as_content(&self) -> StartEventContent { pub fn as_content(&self) -> StartToDeviceEventContent {
StartEventContent { StartToDeviceEventContent {
transaction_id: self.verification_flow_id.to_string(), transaction_id: self.verification_flow_id.to_string(),
from_device: self.device_id().into(), from_device: self.device_id().into(),
method: StartMethod::MSasV1( method: StartMethod::MSasV1(
@ -339,7 +339,7 @@ impl SasState<Created> {
/// the other side. /// the other side.
pub fn into_accepted( pub fn into_accepted(
self, self,
event: &ToDeviceEvent<AcceptEventContent>, event: &ToDeviceEvent<AcceptToDeviceEventContent>,
) -> Result<SasState<Accepted>, SasState<Canceled>> { ) -> Result<SasState<Accepted>, SasState<Canceled>> {
self.check_event(&event.sender, &event.content.transaction_id) self.check_event(&event.sender, &event.content.transaction_id)
.map_err(|c| self.clone().cancel(c))?; .map_err(|c| self.clone().cancel(c))?;
@ -386,7 +386,7 @@ impl SasState<Started> {
pub fn from_start_event( pub fn from_start_event(
account: ReadOnlyAccount, account: ReadOnlyAccount,
other_device: ReadOnlyDevice, other_device: ReadOnlyDevice,
event: &ToDeviceEvent<StartEventContent>, event: &ToDeviceEvent<StartToDeviceEventContent>,
other_identity: Option<UserIdentities>, other_identity: Option<UserIdentities>,
) -> Result<SasState<Started>, SasState<Canceled>> { ) -> Result<SasState<Started>, SasState<Canceled>> {
if let StartMethod::MSasV1(content) = &event.content.method { if let StartMethod::MSasV1(content) = &event.content.method {
@ -462,10 +462,10 @@ impl SasState<Started> {
/// This should be sent out automatically if the SAS verification flow has /// This should be sent out automatically if the SAS verification flow has
/// been started because of a /// been started because of a
/// m.key.verification.request -> m.key.verification.ready flow. /// m.key.verification.request -> m.key.verification.ready flow.
pub fn as_content(&self) -> AcceptEventContent { pub fn as_content(&self) -> AcceptToDeviceEventContent {
let accepted_protocols = AcceptedProtocols::default(); let accepted_protocols = AcceptedProtocols::default();
AcceptEventContent { AcceptToDeviceEventContent {
transaction_id: self.verification_flow_id.to_string(), transaction_id: self.verification_flow_id.to_string(),
method: AcceptMethod::MSasV1( method: AcceptMethod::MSasV1(
AcceptV1ContentInit { AcceptV1ContentInit {
@ -494,7 +494,7 @@ impl SasState<Started> {
/// anymore. /// anymore.
pub fn into_key_received( pub fn into_key_received(
self, self,
event: &mut ToDeviceEvent<KeyEventContent>, event: &mut ToDeviceEvent<KeyToDeviceEventContent>,
) -> Result<SasState<KeyReceived>, SasState<Canceled>> { ) -> Result<SasState<KeyReceived>, SasState<Canceled>> {
self.check_event(&event.sender, &event.content.transaction_id) self.check_event(&event.sender, &event.content.transaction_id)
.map_err(|c| self.clone().cancel(c))?; .map_err(|c| self.clone().cancel(c))?;
@ -535,7 +535,7 @@ impl SasState<Accepted> {
/// anymore. /// anymore.
pub fn into_key_received( pub fn into_key_received(
self, self,
event: &mut ToDeviceEvent<KeyEventContent>, event: &mut ToDeviceEvent<KeyToDeviceEventContent>,
) -> Result<SasState<KeyReceived>, SasState<Canceled>> { ) -> Result<SasState<KeyReceived>, SasState<Canceled>> {
self.check_event(&event.sender, &event.content.transaction_id) self.check_event(&event.sender, &event.content.transaction_id)
.map_err(|c| self.clone().cancel(c))?; .map_err(|c| self.clone().cancel(c))?;
@ -575,8 +575,8 @@ impl SasState<Accepted> {
/// Get the content for the key event. /// Get the content for the key event.
/// ///
/// The content needs to be automatically sent to the other side. /// The content needs to be automatically sent to the other side.
pub fn as_content(&self) -> KeyEventContent { pub fn as_content(&self) -> KeyToDeviceEventContent {
KeyEventContent { KeyToDeviceEventContent {
transaction_id: self.verification_flow_id.to_string(), transaction_id: self.verification_flow_id.to_string(),
key: self.inner.lock().unwrap().public_key(), key: self.inner.lock().unwrap().public_key(),
} }
@ -588,8 +588,8 @@ impl SasState<KeyReceived> {
/// ///
/// The content needs to be automatically sent to the other side if and only /// The content needs to be automatically sent to the other side if and only
/// if we_started is false. /// if we_started is false.
pub fn as_content(&self) -> KeyEventContent { pub fn as_content(&self) -> KeyToDeviceEventContent {
KeyEventContent { KeyToDeviceEventContent {
transaction_id: self.verification_flow_id.to_string(), transaction_id: self.verification_flow_id.to_string(),
key: self.inner.lock().unwrap().public_key(), key: self.inner.lock().unwrap().public_key(),
} }
@ -632,7 +632,7 @@ impl SasState<KeyReceived> {
/// the other side. /// the other side.
pub fn into_mac_received( pub fn into_mac_received(
self, self,
event: &ToDeviceEvent<MacEventContent>, event: &ToDeviceEvent<MacToDeviceEventContent>,
) -> Result<SasState<MacReceived>, SasState<Canceled>> { ) -> Result<SasState<MacReceived>, SasState<Canceled>> {
self.check_event(&event.sender, &event.content.transaction_id) self.check_event(&event.sender, &event.content.transaction_id)
.map_err(|c| self.clone().cancel(c))?; .map_err(|c| self.clone().cancel(c))?;
@ -688,7 +688,7 @@ impl SasState<Confirmed> {
/// the other side. /// the other side.
pub fn into_done( pub fn into_done(
self, self,
event: &ToDeviceEvent<MacEventContent>, event: &ToDeviceEvent<MacToDeviceEventContent>,
) -> Result<SasState<Done>, SasState<Canceled>> { ) -> Result<SasState<Done>, SasState<Canceled>> {
self.check_event(&event.sender, &event.content.transaction_id) self.check_event(&event.sender, &event.content.transaction_id)
.map_err(|c| self.clone().cancel(c))?; .map_err(|c| self.clone().cancel(c))?;
@ -718,7 +718,7 @@ impl SasState<Confirmed> {
/// Get the content for the mac event. /// Get the content for the mac event.
/// ///
/// The content needs to be automatically sent to the other side. /// The content needs to be automatically sent to the other side.
pub fn as_content(&self) -> MacEventContent { pub fn as_content(&self) -> MacToDeviceEventContent {
get_mac_content( get_mac_content(
&self.inner.lock().unwrap(), &self.inner.lock().unwrap(),
&self.ids, &self.ids,
@ -780,7 +780,7 @@ impl SasState<Done> {
/// ///
/// The content needs to be automatically sent to the other side if it /// The content needs to be automatically sent to the other side if it
/// wasn't already sent. /// wasn't already sent.
pub fn as_content(&self) -> MacEventContent { pub fn as_content(&self) -> MacToDeviceEventContent {
get_mac_content( get_mac_content(
&self.inner.lock().unwrap(), &self.inner.lock().unwrap(),
&self.ids, &self.ids,
@ -829,7 +829,7 @@ impl Canceled {
impl SasState<Canceled> { impl SasState<Canceled> {
pub fn as_content(&self) -> AnyToDeviceEventContent { pub fn as_content(&self) -> AnyToDeviceEventContent {
AnyToDeviceEventContent::KeyVerificationCancel(CancelEventContent { AnyToDeviceEventContent::KeyVerificationCancel(CancelToDeviceEventContent {
transaction_id: self.verification_flow_id.to_string(), transaction_id: self.verification_flow_id.to_string(),
reason: self.state.reason.to_string(), reason: self.state.reason.to_string(),
code: self.state.cancel_code.clone(), code: self.state.cancel_code.clone(),