From 67d968d4fa1f169faa9070bcbf6bd38301746a5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Damir=20Jeli=C4=87?= Date: Fri, 19 Aug 2022 10:22:14 +0200 Subject: [PATCH] refactor(crypto): Remove the device ID from the megolm v2 m.room.encrypted content --- .../matrix-sdk-crypto-js/src/responses.rs | 2 +- .../matrix-sdk-crypto-nodejs/src/responses.rs | 2 +- .../src/deserialized_responses.rs | 2 +- crates/matrix-sdk-crypto/src/machine.rs | 25 ++++++++----------- .../src/olm/group_sessions/outbound.rs | 9 +++---- .../src/types/events/room/encrypted.rs | 18 +------------ 6 files changed, 18 insertions(+), 40 deletions(-) diff --git a/bindings/matrix-sdk-crypto-js/src/responses.rs b/bindings/matrix-sdk-crypto-js/src/responses.rs index 888847f48..24d51cd48 100644 --- a/bindings/matrix-sdk-crypto-js/src/responses.rs +++ b/bindings/matrix-sdk-crypto-js/src/responses.rs @@ -156,7 +156,7 @@ impl DecryptedRoomEvent { /// trusted. #[wasm_bindgen(getter, js_name = "senderDevice")] pub fn sender_device(&self) -> Option { - Some(identifiers::DeviceId::from(self.encryption_info.as_ref()?.sender_device.clone())) + Some(self.encryption_info.as_ref()?.sender_device.as_ref()?.clone().into()) } /// The Curve25519 key of the device that created the megolm diff --git a/bindings/matrix-sdk-crypto-nodejs/src/responses.rs b/bindings/matrix-sdk-crypto-nodejs/src/responses.rs index 0efc96976..d6488f528 100644 --- a/bindings/matrix-sdk-crypto-nodejs/src/responses.rs +++ b/bindings/matrix-sdk-crypto-nodejs/src/responses.rs @@ -152,7 +152,7 @@ impl DecryptedRoomEvent { /// trusted. #[napi(getter)] pub fn sender_device(&self) -> Option { - Some(identifiers::DeviceId::from(self.encryption_info.as_ref()?.sender_device.clone())) + Some(self.encryption_info.as_ref()?.sender_device.as_ref()?.clone().into()) } /// The Curve25519 key of the device that created the megolm diff --git a/crates/matrix-sdk-common/src/deserialized_responses.rs b/crates/matrix-sdk-common/src/deserialized_responses.rs index a928d9132..ffe6e06d8 100644 --- a/crates/matrix-sdk-common/src/deserialized_responses.rs +++ b/crates/matrix-sdk-common/src/deserialized_responses.rs @@ -79,7 +79,7 @@ pub struct EncryptionInfo { pub sender: OwnedUserId, /// The device ID of the device that sent us the event, note this is /// untrusted data unless `verification_state` is as well trusted. - pub sender_device: OwnedDeviceId, + pub sender_device: Option, /// Information about the algorithm that was used to encrypt the event. pub algorithm_info: AlgorithmInfo, /// The verification state of the device that sent us the event, note this diff --git a/crates/matrix-sdk-crypto/src/machine.rs b/crates/matrix-sdk-crypto/src/machine.rs index 8b43edf6a..6c6edad6f 100644 --- a/crates/matrix-sdk-crypto/src/machine.rs +++ b/crates/matrix-sdk-crypto/src/machine.rs @@ -38,8 +38,8 @@ use ruma::{ secret::request::SecretName, AnyMessageLikeEvent, AnyTimelineEvent, MessageLikeEventContent, }, serde::Raw, - DeviceId, DeviceKeyAlgorithm, OwnedDeviceKeyId, OwnedTransactionId, OwnedUserId, RoomId, - TransactionId, UInt, UserId, + DeviceId, DeviceKeyAlgorithm, OwnedDeviceId, OwnedDeviceKeyId, OwnedTransactionId, OwnedUserId, + RoomId, TransactionId, UInt, UserId, }; use serde_json::{value::to_raw_value, Value}; use tracing::{debug, error, info, trace, warn}; @@ -1037,16 +1037,16 @@ impl OlmMachine { &self, session: &InboundGroupSession, sender: &UserId, - device_id: &DeviceId, - ) -> StoreResult { + ) -> StoreResult<(VerificationState, Option)> { Ok( // First find the device corresponding to the Curve25519 identity // key that sent us the session (recorded upon successful // decryption of the `m.room_key` to-device message). if let Some(device) = self - .get_device(sender, device_id, None) + .get_user_devices(sender, None) .await? - .filter(|d| d.curve25519_key().map(|k| k == session.sender_key()).unwrap_or(false)) + .devices() + .find(|d| d.curve25519_key() == Some(session.sender_key())) { // If the `Device` is confirmed to be the owner of the // `InboundGroupSession` we will consider the session (i.e. @@ -1058,14 +1058,14 @@ impl OlmMachine { if device.is_owner_of_session(session) && (device.is_our_own_device() || device.is_verified()) { - VerificationState::Trusted + (VerificationState::Trusted, Some(device.device_id().to_owned())) } else { - VerificationState::Untrusted + (VerificationState::Untrusted, Some(device.device_id().to_owned())) } } else { // We didn't find a device, no way to know if we should trust // the `InboundGroupSession` or not. - VerificationState::UnknownDevice + (VerificationState::UnknownDevice, None) }, ) } @@ -1079,12 +1079,10 @@ impl OlmMachine { &self, session: &InboundGroupSession, sender: &UserId, - device_id: &DeviceId, ) -> StoreResult { - let verification_state = self.get_verification_state(session, sender, device_id).await?; + let (verification_state, device_id) = self.get_verification_state(session, sender).await?; let sender = sender.to_owned(); - let device_id = device_id.to_owned(); Ok(EncryptionInfo { sender, @@ -1143,8 +1141,7 @@ impl OlmMachine { } } - let encryption_info = - self.get_encryption_info(&session, &event.sender, content.device_id()).await?; + let encryption_info = self.get_encryption_info(&session, &event.sender).await?; Ok(TimelineEvent { encryption_info: Some(encryption_info), event: decrypted_event }) } else { diff --git a/crates/matrix-sdk-crypto/src/olm/group_sessions/outbound.rs b/crates/matrix-sdk-crypto/src/olm/group_sessions/outbound.rs index eb072e313..753b84dc7 100644 --- a/crates/matrix-sdk-crypto/src/olm/group_sessions/outbound.rs +++ b/crates/matrix-sdk-crypto/src/olm/group_sessions/outbound.rs @@ -325,13 +325,10 @@ impl OutboundGroupSession { } .into(), #[cfg(feature = "experimental-algorithms")] - EventEncryptionAlgorithm::MegolmV2AesSha2 => MegolmV2AesSha2Content { - ciphertext, - session_id: self.session_id().to_owned(), - sender_key: self.account_identity_keys.curve25519, - device_id: (*self.device_id).to_owned(), + EventEncryptionAlgorithm::MegolmV2AesSha2 => { + MegolmV2AesSha2Content { ciphertext, session_id: self.session_id().to_owned() } + .into() } - .into(), _ => unreachable!( "An outbound group session is always using one of the supported algorithms" ), diff --git a/crates/matrix-sdk-crypto/src/types/events/room/encrypted.rs b/crates/matrix-sdk-crypto/src/types/events/room/encrypted.rs index d8b9a2642..552d898ed 100644 --- a/crates/matrix-sdk-crypto/src/types/events/room/encrypted.rs +++ b/crates/matrix-sdk-crypto/src/types/events/room/encrypted.rs @@ -16,7 +16,7 @@ use std::collections::BTreeMap; -use ruma::{DeviceId, OwnedDeviceId, RoomId}; +use ruma::{OwnedDeviceId, RoomId}; use serde::{Deserialize, Serialize}; use serde_json::Value; use vodozemac::{megolm::MegolmMessage, olm::OlmMessage, Curve25519PublicKey}; @@ -250,15 +250,6 @@ impl SupportedEventEncryptionSchemes<'_> { } } - /// The ID of the sending device. - pub fn device_id(&self) -> &DeviceId { - match self { - SupportedEventEncryptionSchemes::MegolmV1AesSha2(c) => &c.device_id, - #[cfg(feature = "experimental-algorithms")] - SupportedEventEncryptionSchemes::MegolmV2AesSha2(c) => &c.device_id, - } - } - /// The algorithm that was used to encrypt the event content. pub fn algorithm(&self) -> EventEncryptionAlgorithm { match self { @@ -314,13 +305,6 @@ pub struct MegolmV2AesSha2Content { /// The ID of the session used to encrypt the message. pub session_id: String, - - /// The Curve25519 key of the sender. - #[serde(deserialize_with = "deserialize_curve_key", serialize_with = "serialize_curve_key")] - pub sender_key: Curve25519PublicKey, - - /// The ID of the sending device. - pub device_id: OwnedDeviceId, } /// An unknown and unsupported `m.room.encrypted` event content.