refactor(crypto): Remove the device ID from the megolm v2 m.room.encrypted content

2026-04-30 12:04:25 -04:00 · 2022-08-19 10:22:14 +02:00
parent 7e14857239
commit 67d968d4fa
6 changed files with 18 additions and 40 deletions
--- a/bindings/matrix-sdk-crypto-js/src/responses.rs
+++ b/bindings/matrix-sdk-crypto-js/src/responses.rs
@@ -156,7 +156,7 @@ impl DecryptedRoomEvent {
    /// trusted.
    #[wasm_bindgen(getter, js_name = "senderDevice")]
    pub fn sender_device(&self) -> Option<identifiers::DeviceId> {
-        Some(identifiers::DeviceId::from(self.encryption_info.as_ref()?.sender_device.clone()))
+        Some(self.encryption_info.as_ref()?.sender_device.as_ref()?.clone().into())
    }

    /// The Curve25519 key of the device that created the megolm
--- a/bindings/matrix-sdk-crypto-nodejs/src/responses.rs
+++ b/bindings/matrix-sdk-crypto-nodejs/src/responses.rs
@@ -152,7 +152,7 @@ impl DecryptedRoomEvent {
    /// trusted.
    #[napi(getter)]
    pub fn sender_device(&self) -> Option<identifiers::DeviceId> {
-        Some(identifiers::DeviceId::from(self.encryption_info.as_ref()?.sender_device.clone()))
+        Some(self.encryption_info.as_ref()?.sender_device.as_ref()?.clone().into())
    }

    /// The Curve25519 key of the device that created the megolm
--- a/crates/matrix-sdk-common/src/deserialized_responses.rs
+++ b/crates/matrix-sdk-common/src/deserialized_responses.rs
@@ -79,7 +79,7 @@ pub struct EncryptionInfo {
    pub sender: OwnedUserId,
    /// The device ID of the device that sent us the event, note this is
    /// untrusted data unless `verification_state` is as well trusted.
-    pub sender_device: OwnedDeviceId,
+    pub sender_device: Option<OwnedDeviceId>,
    /// Information about the algorithm that was used to encrypt the event.
    pub algorithm_info: AlgorithmInfo,
    /// The verification state of the device that sent us the event, note this
--- a/crates/matrix-sdk-crypto/src/machine.rs
+++ b/crates/matrix-sdk-crypto/src/machine.rs
@@ -38,8 +38,8 @@ use ruma::{
        secret::request::SecretName, AnyMessageLikeEvent, AnyTimelineEvent, MessageLikeEventContent,
    },
    serde::Raw,
-    DeviceId, DeviceKeyAlgorithm, OwnedDeviceKeyId, OwnedTransactionId, OwnedUserId, RoomId,
-    TransactionId, UInt, UserId,
+    DeviceId, DeviceKeyAlgorithm, OwnedDeviceId, OwnedDeviceKeyId, OwnedTransactionId, OwnedUserId,
+    RoomId, TransactionId, UInt, UserId,
 };
 use serde_json::{value::to_raw_value, Value};
 use tracing::{debug, error, info, trace, warn};
@@ -1037,16 +1037,16 @@ impl OlmMachine {
        &self,
        session: &InboundGroupSession,
        sender: &UserId,
-        device_id: &DeviceId,
-    ) -> StoreResult<VerificationState> {
+    ) -> StoreResult<(VerificationState, Option<OwnedDeviceId>)> {
        Ok(
            // First find the device corresponding to the Curve25519 identity
            // key that sent us the session (recorded upon successful
            // decryption of the `m.room_key` to-device message).
            if let Some(device) = self
-                .get_device(sender, device_id, None)
+                .get_user_devices(sender, None)
                .await?
-                .filter(|d| d.curve25519_key().map(|k| k == session.sender_key()).unwrap_or(false))
+                .devices()
+                .find(|d| d.curve25519_key() == Some(session.sender_key()))
            {
                // If the `Device` is confirmed to be the owner of the
                // `InboundGroupSession` we will consider the session (i.e.
@@ -1058,14 +1058,14 @@ impl OlmMachine {
                if device.is_owner_of_session(session)
                    && (device.is_our_own_device() || device.is_verified())
                {
-                    VerificationState::Trusted
+                    (VerificationState::Trusted, Some(device.device_id().to_owned()))
                } else {
-                    VerificationState::Untrusted
+                    (VerificationState::Untrusted, Some(device.device_id().to_owned()))
                }
            } else {
                // We didn't find a device, no way to know if we should trust
                // the `InboundGroupSession` or not.
-                VerificationState::UnknownDevice
+                (VerificationState::UnknownDevice, None)
            },
        )
    }
@@ -1079,12 +1079,10 @@ impl OlmMachine {
        &self,
        session: &InboundGroupSession,
        sender: &UserId,
-        device_id: &DeviceId,
    ) -> StoreResult<EncryptionInfo> {
-        let verification_state = self.get_verification_state(session, sender, device_id).await?;
+        let (verification_state, device_id) = self.get_verification_state(session, sender).await?;

        let sender = sender.to_owned();
-        let device_id = device_id.to_owned();

        Ok(EncryptionInfo {
            sender,
@@ -1143,8 +1141,7 @@ impl OlmMachine {
                }
            }

-            let encryption_info =
-                self.get_encryption_info(&session, &event.sender, content.device_id()).await?;
+            let encryption_info = self.get_encryption_info(&session, &event.sender).await?;

            Ok(TimelineEvent { encryption_info: Some(encryption_info), event: decrypted_event })
        } else {
--- a/crates/matrix-sdk-crypto/src/olm/group_sessions/outbound.rs
+++ b/crates/matrix-sdk-crypto/src/olm/group_sessions/outbound.rs
@@ -325,13 +325,10 @@ impl OutboundGroupSession {
            }
            .into(),
            #[cfg(feature = "experimental-algorithms")]
-            EventEncryptionAlgorithm::MegolmV2AesSha2 => MegolmV2AesSha2Content {
-                ciphertext,
-                session_id: self.session_id().to_owned(),
-                sender_key: self.account_identity_keys.curve25519,
-                device_id: (*self.device_id).to_owned(),
+            EventEncryptionAlgorithm::MegolmV2AesSha2 => {
+                MegolmV2AesSha2Content { ciphertext, session_id: self.session_id().to_owned() }
+                    .into()
            }
-            .into(),
            _ => unreachable!(
                "An outbound group session is always using one of the supported algorithms"
            ),
--- a/crates/matrix-sdk-crypto/src/types/events/room/encrypted.rs
+++ b/crates/matrix-sdk-crypto/src/types/events/room/encrypted.rs
@@ -16,7 +16,7 @@

 use std::collections::BTreeMap;

-use ruma::{DeviceId, OwnedDeviceId, RoomId};
+use ruma::{OwnedDeviceId, RoomId};
 use serde::{Deserialize, Serialize};
 use serde_json::Value;
 use vodozemac::{megolm::MegolmMessage, olm::OlmMessage, Curve25519PublicKey};
@@ -250,15 +250,6 @@ impl SupportedEventEncryptionSchemes<'_> {
        }
    }

-    /// The ID of the sending device.
-    pub fn device_id(&self) -> &DeviceId {
-        match self {
-            SupportedEventEncryptionSchemes::MegolmV1AesSha2(c) => &c.device_id,
-            #[cfg(feature = "experimental-algorithms")]
-            SupportedEventEncryptionSchemes::MegolmV2AesSha2(c) => &c.device_id,
-        }
-    }
-
    /// The algorithm that was used to encrypt the event content.
    pub fn algorithm(&self) -> EventEncryptionAlgorithm {
        match self {
@@ -314,13 +305,6 @@ pub struct MegolmV2AesSha2Content {

    /// The ID of the session used to encrypt the message.
    pub session_id: String,
-
-    /// The Curve25519 key of the sender.
-    #[serde(deserialize_with = "deserialize_curve_key", serialize_with = "serialize_curve_key")]
-    pub sender_key: Curve25519PublicKey,
-
-    /// The ID of the sending device.
-    pub device_id: OwnedDeviceId,
 }

 /// An unknown and unsupported `m.room.encrypted` event content.