7f364fd615
crypto: Allow only a identity to be verified when the verification finishes
...
QR code based verification doesn't verify a device when users are
verifying each other, generalize the logic that marks stuff as verified
so we can verify either only a device or an user identity or both.
2021-06-17 11:04:17 +02:00
ada71586ac
crypto: Scope the verifications per sender
2021-06-17 11:04:17 +02:00
533a5b92b0
crypto: Ignore key verification requests that have an invalid timestamp
2021-06-17 11:04:17 +02:00
5fa2b05622
matrix-sdk: Fix some more typos
2021-06-08 11:13:23 +02:00
74d0ac7c77
crypto: Depend on ruma directly
...
… instead of using matrix_sdk_common's re-exports
2021-06-07 18:55:56 +02:00
3bac536daf
Fix clippy lints
...
Automated via `cargo clippy --workspace --all-targets -Zunstable-options --fix`.
2021-06-07 15:51:18 +02:00
e18f248dbb
crypto: Add missing required-features to crypto_bench
2021-06-07 15:16:53 +02:00
6f11244017
Merge branch 'typos'
2021-06-06 21:01:30 +02:00
6b685b671d
Replace Arc<Box<dyn (Crypto|State)Store>> by Arc<dyn (Crypto|State)Store>
2021-06-06 18:16:25 +02:00
eed2b37885
Replace Arc<Box<DeviceId>> by Arc<DeviceId>
2021-06-06 18:15:18 +02:00
f76cb1d123
the the
2021-06-05 14:55:01 +02:00
f36fb55727
some more typos
2021-06-05 14:50:08 +02:00
74a6d39b9f
various typos
2021-06-05 14:35:20 +02:00
0df782e93e
crypto: Fix some clippy warnings
2021-06-04 19:26:32 +02:00
7cca358399
Merge branch 'master' into verification-improvements
2021-06-04 18:37:42 +02:00
96d4566111
crypto: Move the verification cache into a separate module
2021-06-04 18:13:52 +02:00
31e00eb434
crypto: Don't panic if we get a unknown cancel code
2021-06-04 18:13:52 +02:00
612fa46359
crypto: Replace a bunch of From implementations with macros
2021-06-04 18:13:52 +02:00
0a7fb2cbc3
crytpo: Mark verification requests as cancelled and as done
2021-06-04 18:13:52 +02:00
f9fb530480
crypto: Forward cancel events to the sas object
2021-06-04 18:13:52 +02:00
2ec8893273
crypto: Silence a clippy warning until we add QR code verifications
2021-06-04 15:39:56 +02:00
bd5dda370d
crypto: Remove the sas event enums module
2021-06-04 15:16:38 +02:00
ac04b0c36e
crypto: Create a enum for the verification types
2021-06-04 15:16:38 +02:00
a04afac963
crypto: Fix a clippy warning
2021-06-04 15:16:38 +02:00
cf98681f19
crypto: Remove some duplicate code
2021-06-04 15:16:38 +02:00
cbcf673d21
crypto: Make sure we send verification done events
2021-06-04 15:16:38 +02:00
9b20b00908
crypto: Log if we get a missmatch of the flow id
2021-06-04 15:16:38 +02:00
f50d0cd3a6
crypto: Test starting a to-device verification request
2021-06-04 15:16:38 +02:00
1e48b15040
crypto: Add enums so we can handle in-room and to-device verifications the same
2021-06-04 15:16:38 +02:00
b52f3fb11f
crypto: Remove an allocation when calculating the SAS MAC
2021-06-04 15:16:38 +02:00
d877c1cf8c
crypto: Move the Done state into the common verification module
2021-06-04 15:16:38 +02:00
327445c6a0
crypto: Move the logic for marking identities as verified out of the Sas struct
2021-06-04 15:16:38 +02:00
8a5a0e511e
crypto: Don't await while holding a sync lock
2021-06-04 15:16:38 +02:00
12619ab8b3
crypto: Log a warning if we get a start event without being ready
2021-06-04 15:16:38 +02:00
069ef3a661
crypto: Move the SAS starting logic into the verification request struct
2021-06-04 15:16:38 +02:00
999f0899f8
crypto: Move the outgoing requests to the VerificationCache
2021-06-04 15:16:38 +02:00
681f32b0a7
crypto: Fix a couple of typos
2021-06-04 15:16:38 +02:00
0e514b755f
crypto: Move the CancelContent generation out of the sas module
2021-06-04 15:16:38 +02:00
0c8e870bff
crypto: Implement From<EncryptedFile> for EncryptionInfo
2021-05-25 21:33:38 +02:00
300189bb37
crypto: Use the verification cache in verification requests
2021-05-24 16:41:27 +02:00
d928f39f68
crypto: Add a VerificationCache struct
2021-05-24 16:41:27 +02:00
98c259dc1e
crypto: Refactor the VerificationReqest struct a bit
2021-05-24 16:41:27 +02:00
110b8eb8dd
Merge branch 'master' into sas-longer-flow
2021-05-18 09:07:50 +02:00
cd77441d1b
Upgrade ruma to 0.1.0 (crates.io release)
2021-05-17 02:57:36 +02:00
15540e84e3
Upgrade ruma
2021-05-15 17:22:32 +02:00
3f57a2a9f2
Merge branch 'master' into sas-longer-flow
2021-05-13 11:26:40 +02:00
09a7858702
crypto: Initial support for the longer to-device verification flow
2021-05-13 11:15:56 +02:00
ec55258be9
crypto: Handle decrypted to-device events as well
...
Usually only room keys and forwarded room keys are sent as encrypted
to-device events, those are specially handled to avoid accepting room
keys coming in unencrypted.
Some clients might send out other events encrypted which might lower
metadata leakage and the spec doesn't disallow it.
This patch handles decrypted events the same way as non-encrypted ones,
we're still special casing the decryption handling to avoid decryption
loops/bombs (i.e. events that are encrypted multiple times).
2021-05-13 11:08:13 +02:00
5f09d091cb
Add cargo fmt to ci using nightly
2021-05-12 15:38:59 -04:00
2ef0c2959c
Add use_small_heuristics option and run fmt
2021-05-12 15:37:29 -04:00
c85f4d4f0c
Add rustfmt config file and run over workspace
2021-05-12 15:36:52 -04:00
4f7902d6f0
crypto: Add a method to check it the SAS flow supports emoji
2021-05-12 20:09:02 +02:00
77c2a4ed4f
matrix-sdk: Bump ruma
2021-05-12 19:19:42 +02:00
1bda3659ce
sas: Allow to just get the emoji index instead of the emoji and descryption
2021-05-07 17:04:27 +02:00
80d01b23c4
sas: Return an array of seven emojis instead of a vector
2021-05-07 17:01:53 +02:00
b8017b1fb0
bump ruma to 24154195a00390a33542603b968e94022487587c
2021-05-07 13:22:32 +02:00
43b7072609
matrix-sdk: Fix some newly introduced clippy warnings
2021-05-06 20:42:27 +02:00
6048a1a507
crypto: Fix a typo
...
Co-authored-by: Jonas Platte <jplatte@users.noreply.github.com>
2021-04-29 15:34:53 +02:00
cff90b1480
matrix-sdk: Add encryption info to our sync events.
2021-04-29 10:35:54 +02:00
324a0aafca
Merge branch 'key-share-improvements'
2021-04-21 13:47:02 +02:00
bfc7434f7e
crypto: Move the outbound session filter logic into the group session cache
2021-04-20 13:35:47 +02:00
e15f7264dc
crypto: Don't borrow inside a format unnecessarily
...
Co-authored-by: Jonas Platte <jplatte@users.noreply.github.com>
2021-04-20 12:27:56 +02:00
4a7be13961
crypto: Only send out automatic key requests if we have a verified device
...
Sending out automatic key requests is a bit spammy for new logins,
they'll likely have many undecryptable events upon an initial sync.
It's unlikely that anyone will respond to such a key request since keys are
shared only with verified devices between devices of the same user or if
the key owner knows that the device should have received the key.
Upon initial sync it's unlikely that we have been verified and the key
owner likely did not intend to send us the key since we just created the
new device.
2021-04-20 11:47:11 +02:00
78b7dcac61
crypto: Add a public method to request and re-request keys.
2021-04-19 15:00:21 +02:00
3414a59b91
chore: bump ruma
2021-04-16 12:45:21 +02:00
8c007510cd
crypto: Only load the outgoing key requests when we want to send them out
2021-04-15 19:40:24 +02:00
f9d290746c
crypto: Load unsent outgoing key requests when we open a store
2021-04-15 17:48:37 +02:00
d4c56cc5b3
crypto: Refactor the outobund group session storing
...
This introduces a group session cache struct that can be shared between
components that need to access the currently active group session.
2021-04-15 15:19:21 +02:00
9e817a623b
crypto: Fix an invalid assert in the crypto bench
2021-04-15 15:01:56 +02:00
02331fa325
crypto: Add specialized methods to store outgoing key requests
2021-04-15 13:28:50 +02:00
5637ca3080
crypto: Simplify the should_share_session method
2021-04-15 13:28:50 +02:00
975f9a0b41
crypto: Improve the way we decide if we honor room key requests
...
This improves two things, use the correct outbound session to check if
the session should be shared.
Check first if the session has been shared if there isn't a session or
it hasn't been shared check if the request is comming from our own user.
2021-04-14 14:30:53 +02:00
4713af6aac
crypto: Fix a typo
2021-04-14 11:14:59 +02:00
ba81c2460c
crypto: Ignore key requests from ourselves
2021-04-13 17:17:09 +02:00
5132971558
crypto: Add a progress listener for key imports
2021-04-13 12:47:22 +02:00
893a5109ce
crypto: Remove some unneeded parenthesis
2021-04-12 19:11:03 +02:00
b4b897dd51
crypto: Await the group session invalidation
2021-04-12 15:19:30 +02:00
cb58c499b3
crypto: Store that our outbound session was invalidated
2021-04-12 13:47:38 +02:00
dadd2fa68c
Bump ruma to e2728a70812412aade9322f6ad832731978a4240
2021-04-11 12:04:53 +02:00
fdb1e3482e
Merge branch 'bump-ruma'
2021-04-06 12:44:33 +02:00
7c34ac4e82
Bump ruma to 2f1b9f097930bf7908ca539f2ab7bb0ccf5d8b25
...
Use MxcUri instead of String for media URLs.
Fix wrong MXC URIs in tests.
Remove method parse_mxc no longer useful.
Apply new non-exhaustive types: CrossSigningKey, OneTimeKey and SignedKey.
Apply endpoint name change: send_state_event_for_key to send_state_event
2021-04-05 19:49:55 +02:00
79eb07f717
Allow Result aliases to be used with two type parameters
2021-04-01 19:35:09 +02:00
ff683602f2
crypto: Export the KeysExport error
2021-03-30 13:52:57 +02:00
02b44ca9ba
matrix-sdk: Fix or silence a bunch of new clippy warnings
2021-03-30 13:05:13 +02:00
15d5b234ed
Merge branch 'multithreaded-crypto'
2021-03-23 11:34:07 +01:00
bbe812f1d9
common: Add a executor abstraction so we can spawn tasks under WASM
2021-03-23 10:18:55 +01:00
75ac29540d
crypto: Simplify counting the number of messages a to-device request has
2021-03-13 11:50:05 +01:00
880818a588
crypto: Send bigger sendToDevice requests out that carry our room keys
2021-03-12 16:33:35 +01:00
e09a155cfc
crypto: Fix a completely wrong application of extend()
...
We were merging the to-device messages using the extend() method while
our data has the shape of BTreeMap<UserId, BTreeMap<_, _>>, extending
such a map would mean that the inner BTreeMap would get dropped if both
maps contain the same UserId.
We need to extend the inner maps, those are guaranteed to contain unique
device ids.
2021-03-12 16:33:26 +01:00
42c8c42150
crypto: Improve doc of SAS accept settings
...
Document arguments explicitly.
Adapt to changed implementation.
Provide example call.
2021-03-12 15:45:58 +01:00
587c09e700
crypto: Prohibit extending verification methods
...
Intersect the allowed methods passed from the user with the methods
supported by the other party. If the user added new methods to the
request, the remote party would cancel the verification.
2021-03-12 14:43:59 +01:00
e9be23f853
crypto: Add settings to customize SAS accepting
...
Offer specifying settings to SAS accept() requests to limit the allowed
verification methods.
2021-03-11 21:10:26 +01:00
7465574bdc
crypto: Fix a clippy warning
2021-03-11 20:06:51 +01:00
593b5e55cb
crypto: Don't load the account every time we load sessions in the sled store
...
This removes a massive performance issue since getting sessions is part
of every message send cycle.
Namely every time we check that all our devices inside a certain room
have established 1 to 1 Olm sessions we load the account from the store.
This means we go through an account unpickling phase which contains AES
decryption every time we load sessions.
Cache instead the account info that we're going to attach to sessions
when we initially save or load the account.
2021-03-11 19:49:32 +01:00
d4e847f02f
benches: Add a benchmark for the missing session collecting
2021-03-11 13:30:19 +01:00
a32f9187e6
benches: Fix the key claiming bench, it needs to run under tokio now
2021-03-11 13:28:22 +01:00
daf313e358
crypto: Go through the user device keys in parallel
2021-03-10 14:08:45 +01:00
570bd2e358
crypto: Move the tracked users marking out of the device key handling method
2021-03-10 12:20:03 +01:00
c8d4cd0a5b
crypto: Calculate the device changes for a given user in parallel
2021-03-10 12:05:21 +01:00
0c5d13cb91
crypto: Remove some stale TODO comments
2021-03-10 10:03:54 +01:00
aff5cddb68
crypto: Remove an unneeded import.
2021-03-10 09:58:30 +01:00
4a8c30527d
crypto: Fix a typo.
...
Co-authored-by: Jonas Platte <jplatte@users.noreply.github.com>
2021-03-10 09:54:33 +01:00
560aa5b0a9
crypto: Encrypt the share group session requests in parallel.
2021-03-09 15:09:59 +01:00
a8bc619dca
crypto: Encrypt room keys for a room key share request in parallel
2021-03-09 14:30:28 +01:00
91c326e970
benches: Run the async benches on a tokio runtime.
2021-03-09 14:24:16 +01:00
61167fab15
crypto: Make restored outbound sessions wait for requests if they have some
2021-03-05 17:12:32 +01:00
c5241af675
crypto: Expose the crypto store error pulicly
2021-03-04 17:46:18 +01:00
93e5c34670
crypto: Add a bit more info to the room key sharing logic logging
2021-03-02 17:15:10 +01:00
6597948564
crypto: Add a TODO item for m.room_key.withheld messages
2021-03-02 16:27:24 +01:00
693a0337a2
crypto: Don't log the devices that receive an outbound session twice
2021-03-02 16:26:58 +01:00
7729e2b11f
matrix-sdk: Add some custom debug implementations
...
This should avoid polluting the logs with sled trees and a lot of
redundant info in a device if a device or store ends up in the
structured logs.
2021-03-02 16:22:38 +01:00
00df34ed59
Merge branch 'more-benchmarks'
2021-03-02 15:03:24 +01:00
123772c524
crypto: More logs for the group session sharing logic
2021-03-02 14:54:56 +01:00
bb358909ef
crypto: Fix a typo and improve some logs in the session sharing logic.
2021-03-02 12:54:22 +01:00
3f7eae8633
cargo fmt
2021-03-02 12:20:09 +01:00
2b5e1744ee
More refactoring of the group session sharing code for clarity.
2021-03-02 12:20:09 +01:00
df8c489304
Fix typo: visiblity -> visibility
2021-03-02 12:20:09 +01:00
aa16a7e291
crypto: Refactor the group session rotation code some more for clarity.
2021-03-02 12:20:09 +01:00
70ecf269d0
Improve docstring of GroupSessionManager::collect_session_recipients.
2021-03-02 12:20:09 +01:00
4ccb5a1cb9
benches: Benchmark the sled store as well in the key query/claim benches
2021-03-02 11:18:10 +01:00
48903a24d2
benches: Benchmark our key sharing throughput
2021-03-02 11:17:38 +01:00
e6f6665fa0
Merge branch 'master' into history-visiblity-session-share
2021-03-01 20:47:31 +01:00
2e659afd26
crypto: Make it clearer that the deleted flag can only be set to true
2021-03-01 20:34:29 +01:00
9893ddba74
crypto: Use Default to create some test data
2021-03-01 19:41:39 +01:00
1f5cad136e
matrix-sdk: Bump Ruma
2021-03-01 19:20:07 +01:00
e1d4fe533d
crypto: Make pprof a Linux specific dependency
2021-03-01 11:46:28 +01:00
fc6ff4288e
benches: Add support to generate flamegraphs when we profile our benchmarks
2021-02-28 11:28:10 +01:00
c64567ba9b
crypto: Add a bench for the key claiming process
2021-02-27 18:40:58 +01:00
6e168051b6
crypto: Chunk out key query requests.
2021-02-26 16:48:42 +01:00
2a09e588f3
crypto: Log when we receive room keys
2021-02-17 16:01:51 +01:00
5ca40b9893
crypto: Be more forgiving when updating one-time key counts
2021-02-17 15:24:46 +01:00
6cc03d1c19
crypto: Improve the logging for deserialization failures
2021-02-17 15:23:26 +01:00
544881f11c
crypto: Fix a clippy warning
2021-02-16 10:52:19 +01:00
ef5d7ca579
crypto: Add missing flush calls to the sled crypto store
2021-02-16 10:29:10 +01:00
1db89741bc
matrix-sdk: Re-export the EncryptionInfo struct
2021-02-16 09:42:23 +01:00
c39fa6543f
crypto: Expose the EncryptionInfo struct publicly
2021-02-15 15:19:48 +01:00
2811c490a0
matrix-sdk: Fix some new clippy warnings
2021-02-12 12:59:53 +01:00
c34f69f8a3
crypto: Don't receive the whole sync response, only what we need.
...
This makes it clearer what the crypto layer is doing, this also makes it
clearer for people that will use the crypto layer over FFI that they
don't need to go through a serialize/deserialize cycle for the whole
sync response.
2021-02-10 15:42:55 +01:00
1799721a5f
crypto: Store the history visibility with inbound group sessions
...
This can be useful to share the room history with new room members.
2021-02-03 16:59:34 +01:00
9e83eaf2f5
crypto: Store the history visiblity with the outbound session
2021-02-03 16:01:58 +01:00
10da61c567
crypto: Answer key reshare requests only at the originally shared message index
2021-01-28 14:07:51 +01:00
bf4f32eccf
crypto: Remove the sqlite store for now
2021-01-27 15:29:42 +01:00
bc3ba3fab0
crypto: Add tests for the sled cryptostore
2021-01-27 15:19:32 +01:00
d6c5a4d8aa
crypto: Add a missing encode call in the sled store
2021-01-27 15:15:45 +01:00
71a087c379
crypto: Encode our keys in the sled cryptostore as well
2021-01-26 14:22:03 +01:00
6cb2c8b468
crypto: Store and restore outbound group sessions
2021-01-25 17:14:13 +01:00
ac6dad3f35
matrix-sdk: Bump our deps
2021-01-25 15:47:51 +01:00
c1f9d3bc39
crypto: Add a bench for our key query response handling
2021-01-25 10:13:08 +01:00
077050efb4
crypto: Add a hack so e2ee support works under WASM again
2021-01-22 18:40:08 +01:00
c034de470b
base: Allow using the same sled database for the state and cryptostore
2021-01-22 11:33:06 +01:00
Damir Jelić
Jonas Platte
Jonathan de Jong
Kévin Commaille
Devin Ragotzy
Devin Ragotzy
Johannes Becker
Kévin Commaille
Jan Veen
Denis Kasak