char
/
matrix-rust-sdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' of state-store

master
Devin R 2020-04-23 21:53:13 -04:00
parent 030aa79750 6d12ed2046
commit 183fffe85e
16 changed files with 369 additions and 197 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Cargo.toml
View File

@ -27,10 +27,10 @@ serde_json = "1.0.51"
# Ruma dependencies
js_int = "0.1.4"
ruma-api = "0.15.1"
ruma-client-api = { git = "https://github.com/matrix-org/ruma-client-api/", version = "0.7.0" }
ruma-events = { git = "https://github.com/matrix-org/ruma-events", version = "0.18.0" }
ruma-identifiers = "0.14.1"
ruma-api = "0.16.0-rc.2"
ruma-client-api = { version = "0.8.0-rc.5" }
ruma-events = { version = "0.21.0-beta.1" }
ruma-identifiers = "0.16.0"
uuid = { version = "0.8.1", features = ["v4"] }
# Dependencies for the encryption support

2
examples/command_bot.rs
View File

@ -101,6 +101,8 @@ async fn login_and_sync(
#[tokio::main]
async fn main() -> Result<(), matrix_sdk::Error> {
tracing_subscriber::fmt::init();
let (homeserver_url, username, password) =
match (env::args().nth(1), env::args().nth(2), env::args().nth(3)) {
(Some(a), Some(b), Some(c)) => (a, b, c),

74
src/async_client.rs
View File

@ -13,6 +13,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
#[cfg(feature = "encryption")]
use std::collections::BTreeMap;
use std::collections::HashMap;
use std::convert::{TryFrom, TryInto};
use std::ops::Deref;
@ -35,9 +37,9 @@ use http::Response as HttpResponse;
use reqwest::header::{HeaderValue, InvalidHeaderValue};
use url::Url;
use ruma_api::{Endpoint, Outgoing};
use ruma_api::Endpoint;
use ruma_events::room::message::MessageEventContent;
use ruma_events::EventResult;
use ruma_events::EventJson;
pub use ruma_events::EventType;
use ruma_identifiers::{RoomId, RoomIdOrAliasId, UserId};
@ -422,9 +424,11 @@ impl AsyncClient {
pub async fn join_room_by_id_or_alias(
&self,
alias: &RoomIdOrAliasId,
server_name: &str,
) -> Result<join_room_by_id_or_alias::Response> {
let request = join_room_by_id_or_alias::Request {
room_id_or_alias: alias.clone(),
server_name: server_name.to_owned(),
third_party_signed: None,
};
self.send(request).await
@ -590,7 +594,7 @@ impl AsyncClient {
pub async fn room_messages<R: Into<get_message_events::Request>>(
&self,
request: R,
) -> Result<get_message_events::IncomingResponse> {
) -> Result<get_message_events::Response> {
let req = request.into();
self.send(req).await
}
@ -604,10 +608,7 @@ impl AsyncClient {
///
/// * `sync_settings` - Settings for the sync call.
#[instrument]
pub async fn sync(
&self,
mut sync_settings: SyncSettings,
) -> Result<sync_events::IncomingResponse> {
pub async fn sync(&self, mut sync_settings: SyncSettings) -> Result<sync_events::Response> {
{
if self.base_client.read().await.is_state_store_synced() {
if let Ok(synced) = self.sync_with_state_store().await {
@ -634,7 +635,7 @@ impl AsyncClient {
let matrix_room = {
let mut client = self.base_client.write().await;
for event in &room.state.events {
if let EventResult::Ok(e) = event {
if let Ok(e) = event.deserialize() {
if client.receive_joined_state_event(&room_id, &e).await {
updated = true;
}
@ -649,9 +650,9 @@ impl AsyncClient {
// re looping is not ideal here
for event in &mut room.state.events {
if let EventResult::Ok(e) = event {
if let Ok(e) = event.deserialize() {
let client = self.base_client.read().await;
client.emit_state_event(room_id, e).await;
client.emit_state_event(&room_id, &e).await;
}
}
@ -672,21 +673,21 @@ impl AsyncClient {
*event = e;
}
if let EventResult::Ok(e) = event {
if let Ok(e) = event.deserialize() {
let client = self.base_client.read().await;
client.emit_timeline_event(room_id, e).await;
client.emit_timeline_event(&room_id, &e).await;
}
}
// look at AccountData to further cut down users by collecting ignored users
for account_data in &mut room.account_data.events {
{
if let EventResult::Ok(e) = account_data {
if let Ok(e) = account_data.deserialize() {
let mut client = self.base_client.write().await;
if client.receive_account_data_event(&room_id, e).await {
if client.receive_account_data_event(&room_id, &e).await {
updated = true;
}
client.emit_account_data_event(room_id, e).await;
client.emit_account_data_event(room_id, &e).await;
}
}
}
@ -696,26 +697,26 @@ impl AsyncClient {
// efficient but we need a room_id so we would loop through now or later.
for presence in &mut response.presence.events {
{
if let EventResult::Ok(e) = presence {
if let Ok(e) = presence.deserialize() {
let mut client = self.base_client.write().await;
if client.receive_presence_event(&room_id, e).await {
if client.receive_presence_event(&room_id, &e).await {
updated = true;
}
client.emit_presence_event(room_id, e).await;
client.emit_presence_event(&room_id, &e).await;
}
}
}
for ephemeral in &mut room.ephemeral.events {
{
if let EventResult::Ok(e) = ephemeral {
if let Ok(e) = ephemeral.deserialize() {
let mut client = self.base_client.write().await;
if client.receive_ephemeral_event(&room_id, e).await {
if client.receive_ephemeral_event(&room_id, &e).await {
updated = true;
}
client.emit_ephemeral_event(room_id, e).await;
client.emit_ephemeral_event(&room_id, &e).await;
}
}
}
@ -800,7 +801,7 @@ impl AsyncClient {
pub async fn sync_forever<C>(
&self,
sync_settings: SyncSettings,
callback: impl Fn(sync_events::IncomingResponse) -> C + Send,
callback: impl Fn(sync_events::Response) -> C + Send,
) where
C: Future<Output = ()>,
{
@ -856,18 +857,7 @@ impl AsyncClient {
async fn send<Request: Endpoint<ResponseError = ruma_client_api::Error> + std::fmt::Debug>(
&self,
request: Request,
) -> Result<<Request::Response as Outgoing>::Incoming>
where
Request::Incoming:
TryFrom<http::Request<Vec<u8>>, Error = ruma_api::error::FromHttpRequestError>,
<Request::Response as Outgoing>::Incoming: TryFrom<
http::Response<Vec<u8>>,
Error = ruma_api::error::FromHttpResponseError<
<Request as ruma_api::Endpoint>::ResponseError,
>,
>,
<Request as ruma_api::Endpoint>::ResponseError: std::fmt::Debug,
{
) -> Result<Request::Response> {
let request: http::Request<Vec<u8>> = request.try_into()?;
let url = request.uri();
let path_and_query = url.path_and_query().unwrap();
@ -925,9 +915,7 @@ impl AsyncClient {
let body = response.bytes().await?.as_ref().to_owned();
let http_response = http_builder.body(body).unwrap();
Ok(<Request::Response as Outgoing>::Incoming::try_from(
http_response,
)?)
Ok(<Request::Response>::try_from(http_response)?)
}
/// Send a room message to the homeserver.
@ -1037,7 +1025,7 @@ impl AsyncClient {
room_id: room_id.clone(),
event_type,
txn_id: txn_id.unwrap_or_else(Uuid::new_v4).to_string(),
data: content,
data: EventJson::from(content),
};
let response = self.send(request).await?;
@ -1059,7 +1047,7 @@ impl AsyncClient {
#[instrument]
async fn claim_one_time_keys(
&self,
one_time_keys: HashMap<UserId, HashMap<DeviceId, KeyAlgorithm>>,
one_time_keys: BTreeMap<UserId, BTreeMap<DeviceId, KeyAlgorithm>>,
) -> Result<claim_keys::Response> {
let request = claim_keys::Request {
timeout: None,
@ -1068,7 +1056,7 @@ impl AsyncClient {
let response = self.send(request).await?;
self.base_client
.write()
.read()
.await
.receive_keys_claim_response(&response)
.await?;
@ -1138,7 +1126,7 @@ impl AsyncClient {
let response = self.send(request).await?;
self.base_client
.write()
.read()
.await
.receive_keys_upload_response(&response)
.await?;
@ -1173,7 +1161,7 @@ impl AsyncClient {
users_for_query
);
let mut device_keys: HashMap<UserId, Vec<DeviceId>> = HashMap::new();
let mut device_keys: BTreeMap<UserId, Vec<DeviceId>> = BTreeMap::new();
for user in users_for_query.drain() {
device_keys.insert(user, Vec::new());
@ -1187,7 +1175,7 @@ impl AsyncClient {
let response = self.send(request).await?;
self.base_client
.write()
.read()
.await
.receive_keys_query_response(&response)
.await?;

30
src/base_client.rs
View File

@ -15,7 +15,7 @@
use std::collections::HashMap;
#[cfg(feature = "encryption")]
use std::collections::HashSet;
use std::collections::{BTreeMap, HashSet};
use std::fmt;
use std::sync::Arc;
@ -30,7 +30,7 @@ use crate::events::presence::PresenceEvent;
use crate::events::collections::only::Event as NonRoomEvent;
use crate::events::ignored_user_list::IgnoredUserListEvent;
use crate::events::push_rules::{PushRulesEvent, Ruleset};
use crate::events::EventResult;
use crate::events::EventJson;
use crate::identifiers::{RoomId, UserId};
use crate::models::Room;
use crate::session::Session;
@ -277,11 +277,12 @@ impl Client {
pub async fn receive_joined_timeline_event(
&mut self,
room_id: &RoomId,
event: &mut EventResult<RoomEvent>,
event: &mut EventJson<RoomEvent>,
did_update: &mut bool,
) -> Option<EventResult<RoomEvent>> {
match event {
EventResult::Ok(e) => {
) -> Option<EventJson<RoomEvent>> {
match event.deserialize() {
#[allow(unused_mut)]
Ok(mut e) => {
#[cfg(feature = "encryption")]
let mut decrypted_event = None;
#[cfg(not(feature = "encryption"))]
@ -290,12 +291,12 @@ impl Client {
#[cfg(feature = "encryption")]
{
match e {
RoomEvent::RoomEncrypted(e) => {
RoomEvent::RoomEncrypted(ref mut e) => {
e.room_id = Some(room_id.to_owned());
let mut olm = self.olm.lock().await;
if let Some(o) = &mut *olm {
decrypted_event = o.decrypt_room_event(e).await.ok();
decrypted_event = o.decrypt_room_event(&e).await.ok();
}
}
_ => (),
@ -303,8 +304,8 @@ impl Client {
}
let mut room = self.get_or_create_room(&room_id).write().await;
// Not sure what the best way to do this is ??
*did_update = room.receive_timeline_event(e);
// TODO is passing in the bool to use in `AsyncClient::sync` ok here
*did_update = room.receive_timeline_event(&e);
decrypted_event
}
_ => None,
@ -403,10 +404,7 @@ impl Client {
/// # Arguments
///
/// * `response` - The response that we received after a successful sync.
pub async fn receive_sync_response(
&mut self,
response: &mut api::sync::sync_events::IncomingResponse,
) {
pub async fn receive_sync_response(&mut self, response: &mut api::sync::sync_events::Response) {
self.sync_token = Some(response.next_batch.clone());
#[cfg(feature = "encryption")]
@ -482,12 +480,12 @@ impl Client {
pub async fn get_missing_sessions(
&self,
users: impl Iterator<Item = &UserId>,
) -> HashMap<UserId, HashMap<DeviceId, KeyAlgorithm>> {
) -> BTreeMap<UserId, BTreeMap<DeviceId, KeyAlgorithm>> {
let mut olm = self.olm.lock().await;
match &mut *olm {
Some(o) => o.get_missing_sessions(users).await,
None => HashMap::new(),
None => BTreeMap::new(),
}
}

13
src/crypto/device.rs
View File

@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
use std::collections::HashMap;
use std::collections::BTreeMap;
use std::mem;
use std::sync::atomic::{AtomicBool, Ordering};
use std::sync::Arc;
@ -23,12 +23,13 @@ use crate::api::r0::keys::{DeviceKeys, KeyAlgorithm};
use crate::events::Algorithm;
use crate::identifiers::{DeviceId, UserId};
/// A device represents a E2EE capable client of an user.
#[derive(Debug, Clone)]
pub struct Device {
user_id: Arc<UserId>,
device_id: Arc<DeviceId>,
algorithms: Arc<Vec<Algorithm>>,
keys: Arc<HashMap<KeyAlgorithm, String>>,
keys: Arc<BTreeMap<KeyAlgorithm, String>>,
display_name: Arc<Option<String>>,
deleted: Arc<AtomicBool>,
trust_state: Arc<Atomic<TrustState>>,
@ -67,7 +68,7 @@ impl Device {
display_name: Option<String>,
trust_state: TrustState,
algorithms: Vec<Algorithm>,
keys: HashMap<KeyAlgorithm, String>,
keys: BTreeMap<KeyAlgorithm, String>,
) -> Self {
Device {
user_id: Arc::new(user_id),
@ -101,7 +102,7 @@ impl Device {
}
/// Get a map containing all the device keys.
pub fn keys(&self) -> &HashMap<KeyAlgorithm, String> {
pub fn keys(&self) -> &BTreeMap<KeyAlgorithm, String> {
&self.keys
}
@ -122,7 +123,7 @@ impl Device {
/// Update a device with a new device keys struct.
pub(crate) fn update_device(&mut self, device_keys: &DeviceKeys) {
let mut keys = HashMap::new();
let mut keys = BTreeMap::new();
for (key_id, key) in device_keys.keys.iter() {
let key_id = key_id.0;
@ -152,7 +153,7 @@ impl Device {
impl From<&DeviceKeys> for Device {
fn from(device_keys: &DeviceKeys) -> Self {
let mut keys = HashMap::new();
let mut keys = BTreeMap::new();
for (key_id, key) in device_keys.keys.iter() {
let key_id = key_id.0;

330
src/crypto/machine.rs
View File

@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
use std::collections::{HashMap, HashSet};
use std::collections::{BTreeMap, HashMap, HashSet};
use std::convert::TryInto;
use std::mem;
#[cfg(feature = "sqlite-cryptostore")]
@ -21,28 +21,17 @@ use std::result::Result as StdResult;
use uuid::Uuid;
use super::error::{OlmError, Result, SignatureError, VerificationResult};
use super::olm::{Account, GroupSessionKey, InboundGroupSession, OutboundGroupSession, Session};
use super::olm::{
Account, GroupSessionKey, InboundGroupSession, OlmMessage, OlmUtility, OutboundGroupSession,
Session,
};
use super::store::memorystore::MemoryStore;
#[cfg(feature = "sqlite-cryptostore")]
use super::store::sqlite::SqliteStore;
use super::{device::Device, CryptoStore};
use crate::api;
use api::r0::keys;
use cjson;
use olm_rs::{session::OlmMessage, utility::OlmUtility};
use serde_json::{json, Value};
use tracing::{debug, error, info, instrument, trace, warn};
use ruma_client_api::r0::client_exchange::{
send_event_to_device::Request as ToDeviceRequest, DeviceIdOrAllDevices,
};
use ruma_client_api::r0::keys::{
AlgorithmAndDeviceId, DeviceKeys, KeyAlgorithm, OneTimeKey, SignedKey,
};
use ruma_client_api::r0::sync::sync_events::IncomingResponse as SyncResponse;
use ruma_events::{
use crate::events::{
collections::all::RoomEvent,
room::encrypted::{
CiphertextInfo, EncryptedEvent, EncryptedEventContent, MegolmV1AesSha2Content,
@ -53,14 +42,23 @@ use ruma_events::{
AnyToDeviceEvent as ToDeviceEvent, ToDeviceEncrypted, ToDeviceForwardedRoomKey,
ToDeviceRoomKey, ToDeviceRoomKeyRequest,
},
Algorithm, EventResult, EventType,
Algorithm, EventJson, EventType,
};
use ruma_identifiers::RoomId;
use ruma_identifiers::{DeviceId, UserId};
use crate::identifiers::{DeviceId, RoomId, UserId};
pub type OneTimeKeys = HashMap<AlgorithmAndDeviceId, OneTimeKey>;
use api::r0::keys;
use api::r0::{
client_exchange::{send_event_to_device::Request as ToDeviceRequest, DeviceIdOrAllDevices},
keys::{AlgorithmAndDeviceId, DeviceKeys, KeyAlgorithm, OneTimeKey, SignedKey},
sync::sync_events::Response as SyncResponse,
};
use cjson;
use serde_json::{json, Value};
use tracing::{debug, error, info, instrument, trace, warn};
pub type OneTimeKeys = BTreeMap<AlgorithmAndDeviceId, OneTimeKey>;
#[derive(Debug)]
pub struct OlmMachine {
/// The unique user id that owns this account.
user_id: UserId,
@ -84,6 +82,16 @@ pub struct OlmMachine {
outbound_group_session: HashMap<RoomId, OutboundGroupSession>,
}
#[cfg_attr(tarpaulin, skip)]
impl std::fmt::Debug for OlmMachine {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
f.debug_struct("OlmMachine")
.field("user_id", &self.user_id)
.field("device_id", &self.device_id)
.finish()
}
}
impl OlmMachine {
const ALGORITHMS: &'static [&'static ruma_events::Algorithm] = &[
&Algorithm::OlmV1Curve25519AesSha2,
@ -194,8 +202,8 @@ impl OlmMachine {
pub async fn get_missing_sessions(
&mut self,
users: impl Iterator<Item = &UserId>,
) -> HashMap<UserId, HashMap<DeviceId, KeyAlgorithm>> {
let mut missing = HashMap::new();
) -> BTreeMap<UserId, BTreeMap<DeviceId, KeyAlgorithm>> {
let mut missing = BTreeMap::new();
for user_id in users {
let user_devices = self.store.get_user_devices(user_id).await.unwrap();
@ -217,7 +225,7 @@ impl OlmMachine {
if is_missing {
if !missing.contains_key(user_id) {
missing.insert(user_id.clone(), HashMap::new());
missing.insert(user_id.clone(), BTreeMap::new());
}
let user_map = missing.get_mut(user_id).unwrap();
@ -428,12 +436,13 @@ impl OlmMachine {
for device_id in deleted_devices {
if let Some(device) = stored_devices.get(device_id) {
device.mark_as_deleted();
// TODO change this to a delete device.
self.store.save_device(device).await?;
// TODO change this to a bulk deletion.
self.store.delete_device(device).await?;
}
}
}
// TODO change this to a bulk operation.
for device in &changed_devices {
self.store.save_device(device.clone()).await?;
}
@ -472,7 +481,7 @@ impl OlmMachine {
async fn device_keys(&self) -> DeviceKeys {
let identity_keys = self.account.identity_keys();
let mut keys = HashMap::new();
let mut keys = BTreeMap::new();
keys.insert(
AlgorithmAndDeviceId(KeyAlgorithm::Curve25519, self.device_id.clone()),
@ -490,9 +499,9 @@ impl OlmMachine {
"keys": keys,
});
let mut signatures = HashMap::new();
let mut signatures = BTreeMap::new();
let mut signature = HashMap::new();
let mut signature = BTreeMap::new();
signature.insert(
AlgorithmAndDeviceId(KeyAlgorithm::Ed25519, self.device_id.clone()),
self.sign_json(&device_keys).await,
@ -518,7 +527,7 @@ impl OlmMachine {
async fn signed_one_time_keys(&self) -> StdResult<OneTimeKeys, ()> {
let _ = self.generate_one_time_keys().await?;
let one_time_keys = self.account.one_time_keys().await;
let mut one_time_key_map = HashMap::new();
let mut one_time_key_map = BTreeMap::new();
for (key_id, key) in one_time_keys.curve25519().iter() {
let key_json = json!({
@ -527,14 +536,14 @@ impl OlmMachine {
let signature = self.sign_json(&key_json).await;
let mut signature_map = HashMap::new();
let mut signature_map = BTreeMap::new();
signature_map.insert(
AlgorithmAndDeviceId(KeyAlgorithm::Ed25519, self.device_id.clone()),
signature,
);
let mut signatures = HashMap::new();
let mut signatures = BTreeMap::new();
signatures.insert(self.user_id.clone(), signature_map);
let signed_key = SignedKey {
@ -655,22 +664,30 @@ impl OlmMachine {
async fn try_decrypt_olm_event(
&mut self,
sender: &UserId,
sender_key: &str,
message: &OlmMessage,
) -> Result<Option<String>> {
let s = self.store.get_sessions(sender_key).await?;
// We don't have any existing sessions, return early.
let sessions = if let Some(s) = s {
s
} else {
return Ok(None);
};
let mut session_to_save = None;
let mut plaintext = None;
for session in &mut *sessions.lock().await {
let mut matches = false;
// If this is a pre-key message check if it was encrypted for our
// session, if it wasn't decryption will fail so no need to try.
if let OlmMessage::PreKey(m) = &message {
matches = session.matches(sender_key, m.clone()).await?;
if !matches {
continue;
}
@ -679,48 +696,154 @@ impl OlmMachine {
let ret = session.decrypt(message.clone()).await;
if let Ok(p) = ret {
self.store.save_session(session.clone()).await?;
return Ok(Some(p));
plaintext = Some(p);
session_to_save = Some(session.clone());
break;
} else {
// Decryption failed with a matching session, the session is
// likely wedged and needs to be rotated.
if matches {
warn!(
"Found a matching Olm session yet decryption failed
for sender {} and sender_key {}",
sender, sender_key
);
return Err(OlmError::SessionWedged);
}
}
}
Ok(None)
if let Some(session) = session_to_save {
// Decryption was successful, save the new ratchet state of the
// session that was used to decrypt the message.
trace!("Saved the new session state for {}", sender);
self.store.save_session(session).await?;
}
Ok(plaintext)
}
async fn decrypt_olm_message(
&mut self,
_sender: &str,
sender: &UserId,
sender_key: &str,
message: OlmMessage,
) -> Result<EventResult<ToDeviceEvent>> {
let plaintext = if let Some(p) = self.try_decrypt_olm_event(sender_key, &message).await? {
) -> Result<(EventJson<ToDeviceEvent>, String)> {
// First try to decrypt using an existing session.
let plaintext = if let Some(p) = self
.try_decrypt_olm_event(sender, sender_key, &message)
.await?
{
// Decryption succeeded, destructure the plaintext out of the
// Option.
p
} else {
// Decryption failed with every known session, let's try to create a
// new session.
let mut session = match &message {
OlmMessage::Message(_) => return Err(OlmError::SessionWedged),
// A new session can only be created using a pre-key message,
// return with an error if it isn't one.
OlmMessage::Message(_) => {
warn!(
"Failed to decrypt a non-pre-key message with all
available sessions {} {}",
sender, sender_key
);
return Err(OlmError::SessionWedged);
}
OlmMessage::PreKey(m) => {
let session = self
// Create the new session.
let session = match self
.account
.create_inbound_session(sender_key, m.clone())
.await?;
.await
{
Ok(s) => s,
Err(e) => {
warn!(
"Failed to create a new Olm session for {} {}
from a prekey message: {}",
sender, sender_key, e
);
return Err(OlmError::SessionWedged);
}
};
// Save the account since we remove the one-time key that
// was used to create this session.
self.store.save_account(self.account.clone()).await?;
session
}
};
// Decrypt our message, this shouldn't fail since we're using a
// newly created Session.
let plaintext = session.decrypt(message).await?;
// Save the new ratcheted state of the session.
self.store.save_session(session).await?;
plaintext
};
trace!("Successfully decrypted a Olm message: {}", plaintext);
Ok(serde_json::from_str::<EventResult<ToDeviceEvent>>(
&plaintext,
)?)
Ok(self.parse_decrypted_to_device_event(sender, &plaintext)?)
}
fn parse_decrypted_to_device_event(
&self,
sender: &UserId,
plaintext: &str,
) -> Result<(EventJson<ToDeviceEvent>, String)> {
// TODO make the errors a bit more specific.
let decrypted_json: Value = serde_json::from_str(&plaintext)?;
let encrytped_sender = decrypted_json
.get("sender")
.cloned()
.ok_or(OlmError::MissingCiphertext)?;
let encrytped_sender: UserId = serde_json::from_value(encrytped_sender)?;
let recipient = decrypted_json
.get("recipient")
.cloned()
.ok_or(OlmError::MissingCiphertext)?;
let recipient: UserId = serde_json::from_value(recipient)?;
let recipient_keys: BTreeMap<KeyAlgorithm, String> = serde_json::from_value(
decrypted_json
.get("recipient_keys")
.cloned()
.ok_or(OlmError::MissingCiphertext)?,
)?;
let keys: BTreeMap<KeyAlgorithm, String> = serde_json::from_value(
decrypted_json
.get("keys")
.cloned()
.ok_or(OlmError::MissingCiphertext)?,
)?;
if recipient != self.user_id || sender != &encrytped_sender {
return Err(OlmError::MissingCiphertext);
}
if self.account.identity_keys().ed25519()
!= recipient_keys
.get(&KeyAlgorithm::Ed25519)
.ok_or(OlmError::MissingCiphertext)?
{
return Err(OlmError::MissingCiphertext);
}
let signing_key = keys
.get(&KeyAlgorithm::Ed25519)
.ok_or(OlmError::MissingSigningKey)?;
Ok((
serde_json::from_value::<EventJson<ToDeviceEvent>>(decrypted_json)?,
signing_key.to_owned(),
))
}
/// Decrypt a to-device event.
@ -731,11 +854,10 @@ impl OlmMachine {
/// # Arguments
///
/// * `event` - The to-device event that should be decrypted.
#[instrument]
async fn decrypt_to_device_event(
&mut self,
event: &ToDeviceEncrypted,
) -> Result<EventResult<ToDeviceEvent>> {
) -> Result<EventJson<ToDeviceEvent>> {
info!("Decrypting to-device event");
let content = if let EncryptedEventContent::OlmV1Curve25519AesSha2(c) = &event.content {
@ -749,21 +871,33 @@ impl OlmMachine {
let own_key = identity_keys.curve25519();
let own_ciphertext = content.ciphertext.get(own_key);
// Try to find a ciphertext that was meant for our device.
if let Some(ciphertext) = own_ciphertext {
let message_type: u8 = ciphertext
.message_type
.try_into()
.map_err(|_| OlmError::UnsupportedOlmType)?;
// Create a OlmMessage from the ciphertext and the type.
let message =
OlmMessage::from_type_and_ciphertext(message_type.into(), ciphertext.body.clone())
.map_err(|_| OlmError::UnsupportedOlmType)?;
let mut decrypted_event = self
.decrypt_olm_message(&event.sender.to_string(), &content.sender_key, message)
// Decrypt the OlmMessage and get a Ruma event out of it.
let (mut decrypted_event, signing_key) = self
.decrypt_olm_message(&event.sender, &content.sender_key, message)
.await?;
debug!("Decrypted a to-device event {:?}", decrypted_event);
self.handle_decrypted_to_device_event(&content.sender_key, &mut decrypted_event)
.await?;
// Handle the decrypted event, e.g. fetch out megolm sessions out of
// the event.
self.handle_decrypted_to_device_event(
&content.sender_key,
&signing_key,
&mut decrypted_event,
)
.await?;
Ok(decrypted_event)
} else {
@ -772,15 +906,14 @@ impl OlmMachine {
}
}
async fn add_room_key(&mut self, sender_key: &str, event: &mut ToDeviceRoomKey) -> Result<()> {
async fn add_room_key(
&mut self,
sender_key: &str,
signing_key: &str,
event: &mut ToDeviceRoomKey,
) -> Result<()> {
match event.content.algorithm {
Algorithm::MegolmV1AesSha2 => {
// TODO check for all the valid fields.
let signing_key = event
.keys
.get("ed25519")
.ok_or(OlmError::MissingSigningKey)?;
let session_key = GroupSessionKey(mem::take(&mut event.content.session_key));
let session = InboundGroupSession::new(
@ -828,7 +961,7 @@ impl OlmMachine {
&self,
room_id: &RoomId,
content: MessageEventContent,
) -> Result<MegolmV1AesSha2Content> {
) -> Result<EncryptedEventContent> {
let session = self.outbound_group_session.get(room_id);
let session = if let Some(s) = session {
@ -856,13 +989,15 @@ impl OlmMachine {
let ciphertext = session.encrypt(plaintext).await;
Ok(MegolmV1AesSha2Content {
algorithm: Algorithm::MegolmV1AesSha2,
ciphertext,
sender_key: self.account.identity_keys().curve25519().to_owned(),
session_id: session.session_id().to_owned(),
device_id: self.device_id.to_owned(),
})
Ok(EncryptedEventContent::MegolmV1AesSha2(
MegolmV1AesSha2Content {
algorithm: Algorithm::MegolmV1AesSha2,
ciphertext,
sender_key: self.account.identity_keys().curve25519().to_owned(),
session_id: session.session_id().to_owned(),
device_id: self.device_id.to_owned(),
},
))
}
async fn olm_encrypt(
@ -871,7 +1006,7 @@ impl OlmMachine {
recipient_device: &Device,
event_type: EventType,
content: Value,
) -> Result<OlmV1Curve25519AesSha2Content> {
) -> Result<EncryptedEventContent> {
let identity_keys = self.account.identity_keys();
let recipient_signing_key = recipient_device
@ -908,15 +1043,17 @@ impl OlmMachine {
message_type: (message_type as u32).into(),
};
let mut content = HashMap::new();
let mut content = BTreeMap::new();
content.insert(recipient_sender_key.to_owned(), ciphertext);
Ok(OlmV1Curve25519AesSha2Content {
algorithm: Algorithm::OlmV1Curve25519AesSha2,
sender_key: identity_keys.curve25519().to_owned(),
ciphertext: content,
})
Ok(EncryptedEventContent::OlmV1Curve25519AesSha2(
OlmV1Curve25519AesSha2Content {
algorithm: Algorithm::OlmV1Curve25519AesSha2,
sender_key: identity_keys.curve25519().to_owned(),
ciphertext: content,
},
))
}
/// Should the client share a group session for the given room.
@ -999,11 +1136,11 @@ impl OlmMachine {
let mut message_vec = Vec::new();
for user_map_chunk in user_map.chunks(OlmMachine::MAX_TO_DEVICE_MESSAGES) {
let mut messages = HashMap::new();
let mut messages = BTreeMap::new();
for (session, device) in user_map_chunk {
if !messages.contains_key(device.user_id()) {
messages.insert(device.user_id().clone(), HashMap::new());
messages.insert(device.user_id().clone(), BTreeMap::new());
};
let user_messages = messages.get_mut(device.user_id()).unwrap();
@ -1019,12 +1156,12 @@ impl OlmMachine {
user_messages.insert(
DeviceIdOrAllDevices::DeviceId(device.device_id().clone()),
encrypted_content,
EventJson::from(MessageEventContent::Encrypted(encrypted_content)),
);
}
message_vec.push(ToDeviceRequest {
event_type: "m.room.encrypted".to_owned(),
event_type: EventType::RoomEncrypted,
txn_id: Uuid::new_v4().to_string(),
messages,
});
@ -1036,6 +1173,7 @@ impl OlmMachine {
fn add_forwarded_room_key(
&self,
_sender_key: &str,
_signing_key: &str,
_event: &ToDeviceForwardedRoomKey,
) -> Result<()> {
Ok(())
@ -1045,9 +1183,10 @@ impl OlmMachine {
async fn handle_decrypted_to_device_event(
&mut self,
sender_key: &str,
event: &mut EventResult<ToDeviceEvent>,
signing_key: &str,
event: &mut EventJson<ToDeviceEvent>,
) -> Result<()> {
let event = if let EventResult::Ok(e) = event {
let event = if let Ok(e) = event.deserialize() {
e
} else {
warn!("Decrypted to-device event failed to be parsed correctly");
@ -1055,8 +1194,12 @@ impl OlmMachine {
};
match event {
ToDeviceEvent::RoomKey(e) => self.add_room_key(sender_key, e).await,
ToDeviceEvent::ForwardedRoomKey(e) => self.add_forwarded_room_key(sender_key, e),
ToDeviceEvent::RoomKey(mut e) => {
self.add_room_key(sender_key, signing_key, &mut e).await
}
ToDeviceEvent::ForwardedRoomKey(mut e) => {
self.add_forwarded_room_key(sender_key, signing_key, &mut e)
}
_ => {
warn!("Received a unexpected encrypted to-device event");
Ok(())
@ -1089,7 +1232,7 @@ impl OlmMachine {
self.uploaded_signed_key_count = Some(count);
for event_result in &mut response.to_device.events {
let event = if let EventResult::Ok(e) = &event_result {
let event = if let Ok(e) = event_result.deserialize() {
e
} else {
// Skip invalid events.
@ -1099,7 +1242,7 @@ impl OlmMachine {
info!("Received a to-device event {:?}", event);
match event {
match &event {
ToDeviceEvent::RoomEncrypted(e) => {
let decrypted_event = match self.decrypt_to_device_event(e).await {
Ok(e) => e,
@ -1124,7 +1267,7 @@ impl OlmMachine {
| ToDeviceEvent::KeyVerificationKey(..)
| ToDeviceEvent::KeyVerificationMac(..)
| ToDeviceEvent::KeyVerificationRequest(..)
| ToDeviceEvent::KeyVerificationStart(..) => self.handle_verification_event(event),
| ToDeviceEvent::KeyVerificationStart(..) => self.handle_verification_event(&event),
_ => continue,
}
}
@ -1133,7 +1276,7 @@ impl OlmMachine {
pub async fn decrypt_room_event(
&mut self,
event: &EncryptedEvent,
) -> Result<EventResult<RoomEvent>> {
) -> Result<EventJson<RoomEvent>> {
let content = match &event.content {
EncryptedEventContent::MegolmV1AesSha2(c) => c,
_ => return Err(OlmError::UnsupportedAlgorithm),
@ -1157,15 +1300,24 @@ impl OlmMachine {
.as_object_mut()
.ok_or(OlmError::NotAnObject)?;
let server_ts: u64 = event.origin_server_ts.into();
// TODO better number conversion here.
let server_ts = event
.origin_server_ts
.duration_since(std::time::SystemTime::UNIX_EPOCH)
.unwrap_or_default()
.as_millis();
let server_ts: i64 = server_ts.try_into().unwrap_or_default();
decrypted_object.insert("sender".to_owned(), event.sender.to_string().into());
decrypted_object.insert("event_id".to_owned(), event.event_id.to_string().into());
decrypted_object.insert("origin_server_ts".to_owned(), server_ts.into());
decrypted_object.insert("unsigned".to_owned(), event.unsigned.clone().into());
decrypted_object.insert(
"unsigned".to_owned(),
serde_json::to_value(&event.unsigned).unwrap_or_default(),
);
let decrypted_event = serde_json::from_value::<EventResult<RoomEvent>>(decrypted_value)?;
let decrypted_event = serde_json::from_value::<EventJson<RoomEvent>>(decrypted_value)?;
trace!("Successfully decrypted megolm event {:?}", decrypted_event);
// TODO set the encryption info on the event (is it verified, was it
// decrypted, sender key...)

5
src/crypto/mod.rs
View File

@ -12,15 +12,14 @@
// See the License for the specific language governing permissions and
// limitations under the License.
mod error;
// TODO remove this.
mod device;
mod error;
mod machine;
mod memory_stores;
#[allow(dead_code)]
mod olm;
mod store;
pub use device::{Device, TrustState};
pub use error::OlmError;
pub use machine::{OlmMachine, OneTimeKeys};
pub use store::{CryptoStore, CryptoStoreError};

13
src/crypto/olm.rs
View File

@ -26,9 +26,14 @@ use olm_rs::account::{IdentityKeys, OlmAccount, OneTimeKeys};
use olm_rs::errors::{OlmAccountError, OlmGroupSessionError, OlmSessionError};
use olm_rs::inbound_group_session::OlmInboundGroupSession;
use olm_rs::outbound_group_session::OlmOutboundGroupSession;
use olm_rs::session::{OlmMessage, OlmSession, PreKeyMessage};
use olm_rs::session::OlmSession;
use olm_rs::PicklingMode;
pub use olm_rs::{
session::{OlmMessage, PreKeyMessage},
utility::OlmUtility,
};
use crate::api::r0::keys::SignedKey;
use crate::identifiers::RoomId;
@ -618,7 +623,7 @@ pub(crate) mod test {
use crate::identifiers::RoomId;
use olm_rs::session::OlmMessage;
use ruma_client_api::r0::keys::SignedKey;
use std::collections::HashMap;
use std::collections::BTreeMap;
use std::convert::TryFrom;
pub(crate) async fn get_account_and_session() -> (Account, Session) {
@ -638,7 +643,7 @@ pub(crate) mod test {
.to_owned();
let one_time_key = SignedKey {
key: one_time_key,
signatures: HashMap::new(),
signatures: BTreeMap::new(),
};
let sender_key = bob.identity_keys().curve25519().to_owned();
let session = alice
@ -716,7 +721,7 @@ pub(crate) mod test {
let one_time_key = SignedKey {
key: one_time_key,
signatures: HashMap::new(),
signatures: BTreeMap::new(),
};
let mut bob_session = bob

12
src/crypto/store/memorystore.rs
View File

@ -88,6 +88,11 @@ impl CryptoStore for MemoryStore {
Ok(self.devices.get(user_id, device_id))
}
async fn delete_device(&self, device: Device) -> Result<()> {
self.devices.remove(device.user_id(), device.device_id());
Ok(())
}
async fn get_user_devices(&self, user_id: &UserId) -> Result<UserDevices> {
Ok(self.devices.user_devices(user_id))
}
@ -181,6 +186,13 @@ mod test {
let loaded_device = user_devices.get(device.device_id()).unwrap();
assert_eq!(device, loaded_device);
store.delete_device(device.clone()).await.unwrap();
assert!(store
.get_device(device.user_id(), device.device_id())
.await
.unwrap()
.is_none());
}
#[tokio::test]

7
src/crypto/store/mod.rs
View File

@ -133,6 +133,13 @@ pub trait CryptoStore: Debug + Send + Sync {
/// * `device` - The device that should be stored.
async fn save_device(&self, device: Device) -> Result<()>;
/// Delete the given device from the store.
///
/// # Arguments
///
/// * `device` - The device that should be stored.
async fn delete_device(&self, device: Device) -> Result<()>;
/// Get the device for the given user with the given device id.
///
/// # Arguments

12
src/crypto/store/sqlite.rs
View File

@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
use std::collections::{HashMap, HashSet};
use std::collections::{BTreeMap, HashSet};
use std::convert::TryFrom;
use std::mem;
use std::path::{Path, PathBuf};
@ -348,7 +348,7 @@ impl SqliteStore {
.fetch_all(&mut *connection)
.await?;
let mut keys = HashMap::new();
let mut keys = BTreeMap::new();
for row in key_rows {
let algorithm = if let Ok(a) = KeyAlgorithm::try_from(&row.0 as &str) {
@ -613,6 +613,10 @@ impl CryptoStore for SqliteStore {
self.save_device_helper(device).await
}
async fn delete_device(&self, device: Device) -> Result<()> {
todo!()
}
async fn get_device(&self, user_id: &UserId, device_id: &DeviceId) -> Result<Option<Device>> {
Ok(self.devices.get(user_id, device_id))
}
@ -639,7 +643,7 @@ mod test {
use crate::crypto::device::test::get_device;
use crate::crypto::olm::GroupSessionKey;
use olm_rs::outbound_group_session::OlmOutboundGroupSession;
use std::collections::HashMap;
use std::collections::BTreeMap;
use tempfile::tempdir;
use super::{
@ -705,7 +709,7 @@ mod test {
.to_owned();
let one_time_key = SignedKey {
key: one_time_key,
signatures: HashMap::new(),
signatures: BTreeMap::new(),
};
let sender_key = bob.identity_keys().curve25519().to_owned();
let session = alice

2
src/lib.rs
View File

@ -50,6 +50,8 @@ mod crypto;
pub use async_client::{AsyncClient, AsyncClientConfig, SyncSettings};
pub use base_client::Client;
#[cfg(feature = "encryption")]
pub use crypto::{Device, TrustState};
pub use event_emitter::EventEmitter;
pub use models::Room;
pub use request_builder::{MessagesRequestBuilder, RoomBuilder};

16
src/models/event_deser.rs
View File

@ -4,16 +4,16 @@ use serde::de::{Deserialize, Deserializer, Error as _};
use crate::events::collections::all::Event;
use crate::events::presence::PresenceEvent;
use crate::events::EventResult;
use crate::events::EventJson;
pub fn deserialize_events<'de, D>(deserializer: D) -> Result<Vec<Event>, D::Error>
where
D: Deserializer<'de>,
{
let mut events = vec![];
let ev = Vec::<EventResult<Event>>::deserialize(deserializer)?;
let ev = Vec::<EventJson<Event>>::deserialize(deserializer)?;
for event in ev {
events.push(event.into_result().map_err(D::Error::custom)?);
events.push(event.deserialize().map_err(D::Error::custom)?);
}
Ok(events)
@ -24,9 +24,9 @@ where
D: Deserializer<'de>,
{
let mut events = vec![];
let ev = Vec::<EventResult<PresenceEvent>>::deserialize(deserializer)?;
let ev = Vec::<EventJson<PresenceEvent>>::deserialize(deserializer)?;
for event in ev {
events.push(event.into_result().map_err(D::Error::custom)?);
events.push(event.deserialize().map_err(D::Error::custom)?);
}
Ok(events)
@ -37,15 +37,15 @@ mod test {
use std::fs;
use crate::events::room::member::MemberEvent;
use crate::events::EventResult;
use crate::events::EventJson;
use crate::models::RoomMember;
#[test]
fn events_and_presence_deserialization() {
let ev_json = fs::read_to_string("./tests/data/events/member.json").unwrap();
let ev = serde_json::from_str::<EventResult<MemberEvent>>(&ev_json)
let ev = serde_json::from_str::<EventJson<MemberEvent>>(&ev_json)
.unwrap()
.into_result()
.deserialize()
.unwrap();
let member = RoomMember::new(&ev);

4
src/models/room.rs
View File

@ -13,7 +13,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
use std::collections::HashMap;
use std::collections::{BTreeMap, HashMap};
use std::convert::TryFrom;
use super::RoomMember;
@ -63,7 +63,7 @@ pub struct PowerLevels {
/// The level required to send specific event types.
///
/// This is a mapping from event type to power level required.
pub events: HashMap<EventType, Int>,
pub events: BTreeMap<EventType, Int>,
/// The default level required to send message events.
pub events_default: Int,
/// The level required to invite a user.

14
src/request_builder.rs
View File

@ -1,5 +1,6 @@
use crate::api;
use crate::events::room::power_levels::PowerLevelsEventContent;
use crate::events::EventJson;
use crate::identifiers::{RoomId, UserId};
use api::r0::filter::RoomEventFilter;
use api::r0::membership::Invite3pid;
@ -163,7 +164,7 @@ impl Into<create_room::Request> for RoomBuilder {
invite_3pid: self.invite_3pid,
is_direct: self.is_direct,
name: self.name,
power_level_content_override: self.power_level_content_override,
power_level_content_override: self.power_level_content_override.map(EventJson::from),
preset: self.preset,
room_alias_name: self.room_alias_name,
room_version: self.room_version,
@ -177,6 +178,7 @@ impl Into<create_room::Request> for RoomBuilder {
///
/// # Examples
/// ```
/// # use std::convert::TryFrom;
/// # use matrix_sdk::{AsyncClient, MessagesRequestBuilder};
/// # use matrix_sdk::api::r0::message::get_message_events::{self, Direction};
/// # use matrix_sdk::identifiers::RoomId;
@ -184,8 +186,8 @@ impl Into<create_room::Request> for RoomBuilder {
/// # let homeserver = Url::parse("http://example.com").unwrap();
/// # let mut rt = tokio::runtime::Runtime::new().unwrap();
/// # rt.block_on(async {
/// # let room_id = RoomId::new(homeserver.as_str()).unwrap();
/// # let last_sync_token = "".to_string();;
/// # let room_id = RoomId::try_from("!test:localhost").unwrap();
/// # let last_sync_token = "".to_string();
/// let mut cli = AsyncClient::new(homeserver, None).unwrap();
///
/// let mut builder = MessagesRequestBuilder::new();
@ -288,7 +290,7 @@ impl Into<get_message_events::Request> for MessagesRequestBuilder {
#[cfg(test)]
mod test {
use std::collections::HashMap;
use std::collections::BTreeMap;
use super::*;
use crate::events::room::power_levels::NotificationPowerLevels;
@ -325,7 +327,7 @@ mod test {
.is_direct(true)
.power_level_override(PowerLevelsEventContent {
ban: Int::max_value(),
events: HashMap::default(),
events: BTreeMap::default(),
events_default: Int::min_value(),
invite: Int::min_value(),
kick: Int::min_value(),
@ -335,7 +337,7 @@ mod test {
notifications: NotificationPowerLevels {
room: Int::min_value(),
},
users: HashMap::default(),
users: BTreeMap::default(),
})
.preset(RoomPreset::PrivateChat)
.room_alias_name("room_alias")

24
src/test_builder.rs
View File

@ -10,7 +10,7 @@ use crate::events::{
only::Event,
},
presence::PresenceEvent,
EventResult, TryFromRaw,
EventJson, TryFromRaw,
};
use crate::identifiers::{RoomId, UserId};
use crate::AsyncClient;
@ -97,9 +97,9 @@ impl EventBuilder {
) -> Self {
let val = fs::read_to_string(path.as_ref())
.expect(&format!("file not found {:?}", path.as_ref()));
let event = serde_json::from_str::<EventResult<Ev>>(&val)
let event = serde_json::from_str::<EventJson<Ev>>(&val)
.unwrap()
.into_result()
.deserialize()
.unwrap();
self.ephemeral.push(variant(event));
self
@ -113,9 +113,9 @@ impl EventBuilder {
) -> Self {
let val = fs::read_to_string(path.as_ref())
.expect(&format!("file not found {:?}", path.as_ref()));
let event = serde_json::from_str::<EventResult<Ev>>(&val)
let event = serde_json::from_str::<EventJson<Ev>>(&val)
.unwrap()
.into_result()
.deserialize()
.unwrap();
self.account_data.push(variant(event));
self
@ -129,9 +129,9 @@ impl EventBuilder {
) -> Self {
let val = fs::read_to_string(path.as_ref())
.expect(&format!("file not found {:?}", path.as_ref()));
let event = serde_json::from_str::<EventResult<Ev>>(&val)
let event = serde_json::from_str::<EventJson<Ev>>(&val)
.unwrap()
.into_result()
.deserialize()
.unwrap();
self.room_events.push(variant(event));
self
@ -145,9 +145,9 @@ impl EventBuilder {
) -> Self {
let val = fs::read_to_string(path.as_ref())
.expect(&format!("file not found {:?}", path.as_ref()));
let event = serde_json::from_str::<EventResult<Ev>>(&val)
let event = serde_json::from_str::<EventJson<Ev>>(&val)
.unwrap()
.into_result()
.deserialize()
.unwrap();
self.state_events.push(variant(event));
self
@ -157,9 +157,9 @@ impl EventBuilder {
pub fn add_presence_event_from_file<P: AsRef<Path>>(mut self, path: P) -> Self {
let val = fs::read_to_string(path.as_ref())
.expect(&format!("file not found {:?}", path.as_ref()));
let event = serde_json::from_str::<EventResult<PresenceEvent>>(&val)
let event = serde_json::from_str::<EventJson<PresenceEvent>>(&val)
.unwrap()
.into_result()
.deserialize()
.unwrap();
self.presence_events.push(event);
self
@ -342,7 +342,7 @@ impl ClientTestRunner {
for event in &self.room_events {
cli.receive_joined_timeline_event(
room_id,
&mut EventResult::Ok(event.clone()),
&mut EventJson::from(event.clone()),
&mut false,
)
.await;