mirror/matrix-rust-sdk
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-rust-sdk.git synced 2026-05-14 19:16:02 -04:00
Code Issues Packages Projects Releases Wiki Activity

fix(crypto): Always mark your own device as verified

Browse Source
This commit is contained in:
Damir Jelić
2023-02-06 16:00:24 +01:00
parent 8d642784bb
commit 56cfa8f4f9
2 changed files with 49 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
bindings/matrix-sdk-crypto-js/tests/device.test.js
View File

@@ -69,7 +69,39 @@ describe(OlmMachine.name, () => {
test('can read a user device', async () => {
const m = await machine();
const dev = await m.getDevice(user, device);
const hypothetical_response = JSON.stringify({
"device_keys": {
"@alice:example.org": {
"JLAFKJWSCS": {
"algorithms": [
"m.olm.v1.curve25519-aes-sha2",
"m.megolm.v1.aes-sha2"
],
"device_id": "JLAFKJWSCS",
"keys": {
"curve25519:JLAFKJWSCS": "wjLpTLRqbqBzLs63aYaEv2Boi6cFEbbM/sSRQ2oAKk4",
"ed25519:JLAFKJWSCS": "nE6W2fCblxDcOFmeEtCHNl8/l8bXcu7GKyAswA4r3mM"
},
"signatures": {
"@alice:example.org": {
"ed25519:JLAFKJWSCS": "m53Wkbh2HXkc3vFApZvCrfXcX3AI51GsDHustMhKwlv3TuOJMj4wistcOTM8q2+e/Ro7rWFUb9ZfnNbwptSUBA"
}
},
"unsigned": {
"device_display_name": "Alice's mobile phone"
},
"user_id": "@alice:example.org"
}
}
},
"failures": {}
});
// Insert another device into the store
await m.markRequestAsSent("ID", RequestType.KeysQuery, hypothetical_response);
const secondDeviceId = new DeviceId("JLAFKJWSCS");
const dev = await m.getDevice(user, secondDeviceId);
expect(dev).toBeInstanceOf(Device);
expect(dev.isVerified()).toStrictEqual(false);
@@ -82,7 +114,7 @@ describe(OlmMachine.name, () => {
expect(dev.isLocallyTrusted()).toStrictEqual(true);
expect(dev.userId.toString()).toStrictEqual(user.toString());
expect(dev.deviceId.toString()).toStrictEqual(device.toString());
expect(dev.deviceId.toString()).toStrictEqual(secondDeviceId.toString());
expect(dev.deviceName).toBeUndefined();
const deviceKey = dev.getKey(DeviceKeyAlgorithmName.Ed25519);

17
crates/matrix-sdk-crypto/src/machine.rs
View File

@@ -82,8 +82,8 @@ use crate::{
Signatures,
},
verification::{Verification, VerificationMachine, VerificationRequest},
CrossSigningKeyExport, CryptoStoreError, ReadOnlyDevice, RoomKeyImportResult, SignatureError,
ToDeviceRequest,
CrossSigningKeyExport, CryptoStoreError, LocalTrust, ReadOnlyDevice, RoomKeyImportResult,
SignatureError, ToDeviceRequest,
};
/// State machine implementation of the Olm/Megolm encryption protocol used for
@@ -256,6 +256,11 @@ impl OlmMachine {
let account = ReadOnlyAccount::new(user_id, device_id);
let device = ReadOnlyDevice::from_account(&account).await;
// We just created this device from our own Olm `Account`. Since we are the
// owners of the private keys of this device we can safely mark
// the device as verified.
device.set_trust_state(LocalTrust::Verified);
Span::current()
.record("ed25519_key", display(account.identity_keys().ed25519))
.record("curve25519_key", display(account.identity_keys().curve25519));
@@ -1773,6 +1778,14 @@ pub(crate) mod tests {
async fn create_olm_machine() {
let machine = OlmMachine::new(user_id(), alice_device_id()).await;
assert!(!machine.account().shared());
let own_device = machine
.get_device(machine.user_id(), machine.device_id(), None)
.await
.unwrap()
.expect("We should always have our own device in the store");
assert!(own_device.is_locally_trusted(), "Our own device should always be locally trusted");
}
#[async_test]