crypto: Remove the session key in room key events again.
Damir Jelić
parent
e0477fa053
commit
39e59792d2
|
|
@ -984,7 +984,7 @@ impl OlmMachine {
|
||||||
.map_err(|_| EventError::UnsupportedOlmType)?;
|
.map_err(|_| EventError::UnsupportedOlmType)?;
|
||||||
|
|
||||||
// Decrypt the OlmMessage and get a Ruma event out of it.
|
// Decrypt the OlmMessage and get a Ruma event out of it.
|
||||||
let (mut decrypted_event, signing_key) = self
|
let (decrypted_event, signing_key) = self
|
||||||
.decrypt_olm_message(&event.sender, &content.sender_key, message)
|
.decrypt_olm_message(&event.sender, &content.sender_key, message)
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
|
|
@ -992,14 +992,23 @@ impl OlmMachine {
|
||||||
|
|
||||||
// Handle the decrypted event, e.g. fetch out Megolm sessions out of
|
// Handle the decrypted event, e.g. fetch out Megolm sessions out of
|
||||||
// the event.
|
// the event.
|
||||||
self.handle_decrypted_to_device_event(
|
if let Some(event) = self
|
||||||
&content.sender_key,
|
.handle_decrypted_to_device_event(
|
||||||
&signing_key,
|
&content.sender_key,
|
||||||
&mut decrypted_event,
|
&signing_key,
|
||||||
)
|
&decrypted_event,
|
||||||
.await?;
|
)
|
||||||
|
.await?
|
||||||
Ok(decrypted_event)
|
{
|
||||||
|
// Some events may have sensitive data e.g. private keys, while we
|
||||||
|
// wan't to notify our users that a private key was received we
|
||||||
|
// don't want them to be able to do silly things with it. Handling
|
||||||
|
// events modifies them and returns a modified one, so replace it
|
||||||
|
// here if we get one.
|
||||||
|
Ok(event)
|
||||||
|
} else {
|
||||||
|
Ok(decrypted_event)
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
warn!("Olm event doesn't contain a ciphertext for our key");
|
warn!("Olm event doesn't contain a ciphertext for our key");
|
||||||
Err(EventError::MissingCiphertext.into())
|
Err(EventError::MissingCiphertext.into())
|
||||||
|
|
@ -1012,7 +1021,7 @@ impl OlmMachine {
|
||||||
sender_key: &str,
|
sender_key: &str,
|
||||||
signing_key: &str,
|
signing_key: &str,
|
||||||
event: &mut ToDeviceRoomKey,
|
event: &mut ToDeviceRoomKey,
|
||||||
) -> OlmResult<()> {
|
) -> OlmResult<Option<EventJson<ToDeviceEvent>>> {
|
||||||
match event.content.algorithm {
|
match event.content.algorithm {
|
||||||
Algorithm::MegolmV1AesSha2 => {
|
Algorithm::MegolmV1AesSha2 => {
|
||||||
let session_key = GroupSessionKey(mem::take(&mut event.content.session_key));
|
let session_key = GroupSessionKey(mem::take(&mut event.content.session_key));
|
||||||
|
|
@ -1024,14 +1033,24 @@ impl OlmMachine {
|
||||||
session_key,
|
session_key,
|
||||||
)?;
|
)?;
|
||||||
let _ = self.store.save_inbound_group_session(session).await?;
|
let _ = self.store.save_inbound_group_session(session).await?;
|
||||||
Ok(())
|
// TODO ideally we would rewrap the event again just like so
|
||||||
|
// let event = EventJson::from(ToDeviceEvent::RoomKey(event.clone()));
|
||||||
|
// This saidly lacks a type once it's serialized again, fix
|
||||||
|
// this in Ruma.
|
||||||
|
let mut json = serde_json::to_value(event.clone())?;
|
||||||
|
json.as_object_mut()
|
||||||
|
.unwrap()
|
||||||
|
.insert("type".to_owned(), Value::String("m.room_key".to_owned()));
|
||||||
|
let event = serde_json::from_value::<EventJson<ToDeviceEvent>>(json)?;
|
||||||
|
|
||||||
|
Ok(Some(event))
|
||||||
}
|
}
|
||||||
_ => {
|
_ => {
|
||||||
warn!(
|
warn!(
|
||||||
"Received room key with unsupported key algorithm {}",
|
"Received room key with unsupported key algorithm {}",
|
||||||
event.content.algorithm
|
event.content.algorithm
|
||||||
);
|
);
|
||||||
Ok(())
|
Ok(None)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -1330,25 +1349,26 @@ impl OlmMachine {
|
||||||
&mut self,
|
&mut self,
|
||||||
sender_key: &str,
|
sender_key: &str,
|
||||||
signing_key: &str,
|
signing_key: &str,
|
||||||
event: &mut EventJson<ToDeviceEvent>,
|
event: &EventJson<ToDeviceEvent>,
|
||||||
) -> OlmResult<()> {
|
) -> OlmResult<Option<EventJson<ToDeviceEvent>>> {
|
||||||
let event = if let Ok(e) = event.deserialize() {
|
let event = if let Ok(e) = event.deserialize() {
|
||||||
e
|
e
|
||||||
} else {
|
} else {
|
||||||
warn!("Decrypted to-device event failed to be parsed correctly");
|
warn!("Decrypted to-device event failed to be parsed correctly");
|
||||||
return Ok(());
|
return Ok(None);
|
||||||
};
|
};
|
||||||
|
|
||||||
match event {
|
match event {
|
||||||
ToDeviceEvent::RoomKey(mut e) => {
|
ToDeviceEvent::RoomKey(mut e) => {
|
||||||
self.add_room_key(sender_key, signing_key, &mut e).await
|
Ok(self.add_room_key(sender_key, signing_key, &mut e).await?)
|
||||||
}
|
}
|
||||||
ToDeviceEvent::ForwardedRoomKey(e) => {
|
ToDeviceEvent::ForwardedRoomKey(e) => {
|
||||||
self.add_forwarded_room_key(sender_key, signing_key, &e)
|
self.add_forwarded_room_key(sender_key, signing_key, &e)?;
|
||||||
|
Ok(None)
|
||||||
}
|
}
|
||||||
_ => {
|
_ => {
|
||||||
warn!("Received a unexpected encrypted to-device event");
|
warn!("Received a unexpected encrypted to-device event");
|
||||||
Ok(())
|
Ok(None)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -2011,6 +2031,7 @@ mod test {
|
||||||
|
|
||||||
if let AnyToDeviceEvent::RoomKey(e) = event.deserialize().unwrap() {
|
if let AnyToDeviceEvent::RoomKey(e) = event.deserialize().unwrap() {
|
||||||
assert_eq!(e.sender, alice.user_id);
|
assert_eq!(e.sender, alice.user_id);
|
||||||
|
assert!(e.content.session_key.is_empty())
|
||||||
} else {
|
} else {
|
||||||
panic!("Event had the wrong type");
|
panic!("Event had the wrong type");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue