From 0673ad315f802c3bfdbcfaa63d32492d3320de2b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Damir=20Jeli=C4=87?= Date: Wed, 3 Aug 2022 17:24:15 +0200 Subject: [PATCH] Add support for megolm.v2 forwarded keys --- .../matrix-sdk-crypto/src/gossiping/machine.rs | 18 +++++++++++++++--- .../src/olm/group_sessions/inbound.rs | 4 ++-- .../src/olm/group_sessions/mod.rs | 7 +++++-- .../src/types/events/forwarded_room_key.rs | 14 ++++++++++++++ .../src/types/events/to_device.rs | 1 + 5 files changed, 37 insertions(+), 7 deletions(-) diff --git a/crates/matrix-sdk-crypto/src/gossiping/machine.rs b/crates/matrix-sdk-crypto/src/gossiping/machine.rs index 8688f351a..9109f1cce 100644 --- a/crates/matrix-sdk-crypto/src/gossiping/machine.rs +++ b/crates/matrix-sdk-crypto/src/gossiping/machine.rs @@ -895,9 +895,10 @@ impl GossipMachine { info: &GossipRequest, sender: &UserId, sender_key: Curve25519PublicKey, + algorithm: EventEncryptionAlgorithm, content: &ForwardedMegolmV1AesSha2Content, ) -> Result, CryptoStoreError> { - match InboundGroupSession::from_forwarded_key(sender_key, content) { + match InboundGroupSession::from_forwarded_key(sender_key, &algorithm, content) { Ok(session) => { let old_session = self .store @@ -932,6 +933,7 @@ impl GossipMachine { claimed_sender_key = content.claimed_sender_key.to_base64(), room_id = s.room_id().as_str(), session_id = session_id.as_str(), + %algorithm, "Received a forwarded room key", ); } else { @@ -941,6 +943,7 @@ impl GossipMachine { claimed_sender_key = content.claimed_sender_key.to_base64(), room_id = %content.room_id, session_id = session_id.as_str(), + %algorithm, "Received a forwarded room key but we already have a better version of it", ); } @@ -953,6 +956,7 @@ impl GossipMachine { sender_key = sender_key.to_base64(), claimed_sender_key = content.claimed_sender_key.to_base64(), room_id = content.room_id.as_str(), + %algorithm, "Couldn't create a group session from a received room key" ); Err(e.into()) @@ -967,9 +971,17 @@ impl GossipMachine { event: &DecryptedForwardedRoomKeyEvent, ) -> Result, CryptoStoreError> { match &event.content { - ForwardedRoomKeyContent::MegolmV1AesSha2(content) => { + ForwardedRoomKeyContent::MegolmV1AesSha2(content) + | ForwardedRoomKeyContent::MegolmV2AesSha2(content) => { if let Some(info) = self.get_key_info(content).await? { - self.accept_forwarded_room_key(&info, &event.sender, sender_key, content).await + self.accept_forwarded_room_key( + &info, + &event.sender, + sender_key, + event.content.algorithm(), + content, + ) + .await } else { warn!( sender = event.sender.as_str(), diff --git a/crates/matrix-sdk-crypto/src/olm/group_sessions/inbound.rs b/crates/matrix-sdk-crypto/src/olm/group_sessions/inbound.rs index d7f0d2243..1260df448 100644 --- a/crates/matrix-sdk-crypto/src/olm/group_sessions/inbound.rs +++ b/crates/matrix-sdk-crypto/src/olm/group_sessions/inbound.rs @@ -171,9 +171,9 @@ impl InboundGroupSession { /// to create the `InboundGroupSession`. pub fn from_forwarded_key( sender_key: Curve25519PublicKey, + algorithm: &EventEncryptionAlgorithm, content: &ForwardedMegolmV1AesSha2Content, ) -> Result { - let algorithm = EventEncryptionAlgorithm::MegolmV1AesSha2; let config = OutboundGroupSession::session_config(&algorithm)?; let session = InnerSession::import(&content.session_key, config); @@ -196,7 +196,7 @@ impl InboundGroupSession { forwarding_chains: forwarding_chains.into(), imported: true, backed_up: AtomicBool::new(false).into(), - algorithm: algorithm.into(), + algorithm: algorithm.to_owned().into(), }) } diff --git a/crates/matrix-sdk-crypto/src/olm/group_sessions/mod.rs b/crates/matrix-sdk-crypto/src/olm/group_sessions/mod.rs index 5e5be8fe6..55466cfad 100644 --- a/crates/matrix-sdk-crypto/src/olm/group_sessions/mod.rs +++ b/crates/matrix-sdk-crypto/src/olm/group_sessions/mod.rs @@ -176,14 +176,17 @@ impl TryFrom for ExportedRoomKey { /// Convert the content of a forwarded room key into a exported room key. fn try_from(forwarded_key: ForwardedRoomKeyContent) -> Result { + let algorithm = forwarded_key.algorithm(); + match forwarded_key { - ForwardedRoomKeyContent::MegolmV1AesSha2(content) => { + ForwardedRoomKeyContent::MegolmV1AesSha2(content) + | ForwardedRoomKeyContent::MegolmV2AesSha2(content) => { let mut sender_claimed_keys = SigningKeys::new(); sender_claimed_keys .insert(DeviceKeyAlgorithm::Ed25519, content.claimed_ed25519_key.into()); Ok(Self { - algorithm: EventEncryptionAlgorithm::MegolmV1AesSha2, + algorithm, room_id: content.room_id, session_id: content.session_id, forwarding_curve25519_key_chain: content.forwarding_curve25519_key_chain, diff --git a/crates/matrix-sdk-crypto/src/types/events/forwarded_room_key.rs b/crates/matrix-sdk-crypto/src/types/events/forwarded_room_key.rs index 00e5dc5f8..4199c67d6 100644 --- a/crates/matrix-sdk-crypto/src/types/events/forwarded_room_key.rs +++ b/crates/matrix-sdk-crypto/src/types/events/forwarded_room_key.rs @@ -50,6 +50,9 @@ pub enum ForwardedRoomKeyContent { /// The `m.megolm.v1.aes-sha2` variant of the `m.forwarded_room_key` /// content. MegolmV1AesSha2(Box), + /// The `m.megolm.v2.aes-sha2` variant of the `m.forwarded_room_key` + /// content. + MegolmV2AesSha2(Box), /// An unknown and unsupported variant of the `m.forwarded_room_key` /// content. Unknown(UnknownRoomKeyContent), @@ -62,6 +65,9 @@ impl ForwardedRoomKeyContent { ForwardedRoomKeyContent::MegolmV1AesSha2(_) => { EventEncryptionAlgorithm::MegolmV1AesSha2 } + ForwardedRoomKeyContent::MegolmV2AesSha2(_) => { + EventEncryptionAlgorithm::MegolmV2AesSha2 + } ForwardedRoomKeyContent::Unknown(c) => c.algorithm.to_owned(), } } @@ -161,6 +167,10 @@ impl TryFrom for ForwardedRoomKeyContent { let content: ForwardedMegolmV1AesSha2Content = serde_json::from_value(value.other)?; Self::MegolmV1AesSha2(content.into()) } + EventEncryptionAlgorithm::MegolmV2AesSha2 => { + let content: ForwardedMegolmV1AesSha2Content = serde_json::from_value(value.other)?; + Self::MegolmV2AesSha2(content.into()) + } _ => Self::Unknown(UnknownRoomKeyContent { algorithm: value.algorithm, other: serde_json::from_value(value.other)?, @@ -179,6 +189,10 @@ impl Serialize for ForwardedRoomKeyContent { algorithm: EventEncryptionAlgorithm::MegolmV1AesSha2, other: serde_json::to_value(r).map_err(serde::ser::Error::custom)?, }, + Self::MegolmV2AesSha2(r) => RoomKeyHelper { + algorithm: EventEncryptionAlgorithm::MegolmV2AesSha2, + other: serde_json::to_value(r).map_err(serde::ser::Error::custom)?, + }, Self::Unknown(r) => RoomKeyHelper { algorithm: r.algorithm.clone(), other: serde_json::to_value(r.other.clone()).map_err(serde::ser::Error::custom)?, diff --git a/crates/matrix-sdk-crypto/src/types/events/to_device.rs b/crates/matrix-sdk-crypto/src/types/events/to_device.rs index 4b84e8019..2a590100f 100644 --- a/crates/matrix-sdk-crypto/src/types/events/to_device.rs +++ b/crates/matrix-sdk-crypto/src/types/events/to_device.rs @@ -201,6 +201,7 @@ impl ToDeviceEvents { ToDeviceEvents::ForwardedRoomKey(mut e) => { match &mut e.content { ForwardedRoomKeyContent::MegolmV1AesSha2(c) => c.session_key.zeroize(), + ForwardedRoomKeyContent::MegolmV2AesSha2(c) => c.session_key.zeroize(), ForwardedRoomKeyContent::Unknown(_) => (), }