From ec55258be9aa8b58a503ded49a19451c601368a6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Damir=20Jeli=C4=87?= <poljar@termina.org.uk>
Date: Thu, 13 May 2021 11:08:13 +0200
Subject: [PATCH] crypto: Handle decrypted to-device events as well

Usually only room keys and forwarded room keys are sent as encrypted
to-device events, those are specially handled to avoid accepting room
keys coming in unencrypted.

Some clients might send out other events encrypted which might lower
metadata leakage and the spec doesn't disallow it.

This patch handles decrypted events the same way as non-encrypted ones,
we're still special casing the decryption handling to avoid decryption
loops/bombs (i.e. events that are encrypted multiple times).
---
 matrix_sdk_crypto/src/machine.rs | 40 ++++++++++++++++++++++----------
 1 file changed, 28 insertions(+), 12 deletions(-)

diff --git a/matrix_sdk_crypto/src/machine.rs b/matrix_sdk_crypto/src/machine.rs
index be73530d..acc00784 100644
--- a/matrix_sdk_crypto/src/machine.rs
+++ b/matrix_sdk_crypto/src/machine.rs
@@ -781,6 +781,29 @@ impl OlmMachine {
         self.account.update_uploaded_key_count(key_count).await;
     }
 
+    async fn handle_to_device_evnet(&self, event: &AnyToDeviceEvent) {
+        match event {
+            AnyToDeviceEvent::RoomKeyRequest(e) => {
+                self.key_request_machine.receive_incoming_key_request(&e)
+            }
+            AnyToDeviceEvent::KeyVerificationAccept(..)
+            | AnyToDeviceEvent::KeyVerificationCancel(..)
+            | AnyToDeviceEvent::KeyVerificationKey(..)
+            | AnyToDeviceEvent::KeyVerificationMac(..)
+            | AnyToDeviceEvent::KeyVerificationRequest(..)
+            | AnyToDeviceEvent::KeyVerificationReady(..)
+            | AnyToDeviceEvent::KeyVerificationDone(..)
+            | AnyToDeviceEvent::KeyVerificationStart(..) => {
+                self.handle_verification_event(&event).await;
+            }
+            AnyToDeviceEvent::Dummy(_) => {}
+            AnyToDeviceEvent::RoomKey(_) => {}
+            AnyToDeviceEvent::ForwardedRoomKey(_) => {}
+            AnyToDeviceEvent::RoomEncrypted(_) => {}
+            AnyToDeviceEvent::Custom(_) => {}
+        }
+    }
+
     /// Handle a to-device and one-time key counts from a sync response.
     ///
     /// This will decrypt and handle to-device events returning the decrypted
@@ -885,20 +908,13 @@ impl OlmMachine {
                         changes.inbound_group_sessions.push(group_session);
                     }
 
+                    if let Some(event) = decrypted.deserialized_event {
+                        self.handle_to_device_evnet(&event).await;
+                    }
+
                     raw_event = decrypted.event;
                 }
-                AnyToDeviceEvent::RoomKeyRequest(e) => {
-                    self.key_request_machine.receive_incoming_key_request(&e)
-                }
-                AnyToDeviceEvent::KeyVerificationAccept(..)
-                | AnyToDeviceEvent::KeyVerificationCancel(..)
-                | AnyToDeviceEvent::KeyVerificationKey(..)
-                | AnyToDeviceEvent::KeyVerificationMac(..)
-                | AnyToDeviceEvent::KeyVerificationRequest(..)
-                | AnyToDeviceEvent::KeyVerificationStart(..) => {
-                    self.handle_verification_event(&event).await;
-                }
-                _ => continue,
+                e => self.handle_to_device_evnet(&e).await,
             }
 
             events.push(raw_event);