crypto: Handle decrypted to-device events as well

Usually only room keys and forwarded room keys are sent as encrypted to-device events, those are specially handled to avoid accepting room keys coming in unencrypted. Some clients might send out other events encrypted which might lower metadata leakage and the spec doesn't disallow it. This patch handles decrypted events the same way as non-encrypted ones, we're still special casing the decryption handling to avoid decryption loops/bombs (i.e. events that are encrypted multiple times).
2021-05-13 11:08:13 +02:00 · 2021-05-13 11:08:13 +02:00 · ec55258be9
parent 4f7902d6f0
commit ec55258be9
1 changed files with 28 additions and 12 deletions
--- a/matrix_sdk_crypto/src/machine.rs
+++ b/matrix_sdk_crypto/src/machine.rs
@ -781,6 +781,29 @@ impl OlmMachine {
        self.account.update_uploaded_key_count(key_count).await;
    }

+    async fn handle_to_device_evnet(&self, event: &AnyToDeviceEvent) {
+        match event {
+            AnyToDeviceEvent::RoomKeyRequest(e) => {
+                self.key_request_machine.receive_incoming_key_request(&e)
+            }
+            AnyToDeviceEvent::KeyVerificationAccept(..)
+            | AnyToDeviceEvent::KeyVerificationCancel(..)
+            | AnyToDeviceEvent::KeyVerificationKey(..)
+            | AnyToDeviceEvent::KeyVerificationMac(..)
+            | AnyToDeviceEvent::KeyVerificationRequest(..)
+            | AnyToDeviceEvent::KeyVerificationReady(..)
+            | AnyToDeviceEvent::KeyVerificationDone(..)
+            | AnyToDeviceEvent::KeyVerificationStart(..) => {
+                self.handle_verification_event(&event).await;
+            }
+            AnyToDeviceEvent::Dummy(_) => {}
+            AnyToDeviceEvent::RoomKey(_) => {}
+            AnyToDeviceEvent::ForwardedRoomKey(_) => {}
+            AnyToDeviceEvent::RoomEncrypted(_) => {}
+            AnyToDeviceEvent::Custom(_) => {}
+        }
+    }
+
    /// Handle a to-device and one-time key counts from a sync response.
    ///
    /// This will decrypt and handle to-device events returning the decrypted
@ -885,20 +908,13 @@ impl OlmMachine {
                        changes.inbound_group_sessions.push(group_session);
                    }

+                    if let Some(event) = decrypted.deserialized_event {
+                        self.handle_to_device_evnet(&event).await;
+                    }
+
                    raw_event = decrypted.event;
                }
-                AnyToDeviceEvent::RoomKeyRequest(e) => {
-                    self.key_request_machine.receive_incoming_key_request(&e)
-                }
-                AnyToDeviceEvent::KeyVerificationAccept(..)
-                | AnyToDeviceEvent::KeyVerificationCancel(..)
-                | AnyToDeviceEvent::KeyVerificationKey(..)
-                | AnyToDeviceEvent::KeyVerificationMac(..)
-                | AnyToDeviceEvent::KeyVerificationRequest(..)
-                | AnyToDeviceEvent::KeyVerificationStart(..) => {
-                    self.handle_verification_event(&event).await;
-                }
-                _ => continue,
+                e => self.handle_to_device_evnet(&e).await,
            }

            events.push(raw_event);