Skip to content

Commit

Permalink
crypto: Store device_id in SenderData
Browse files Browse the repository at this point in the history
This means we have all the information inside SenderData to populate
VerificationStatus and DeviceId for EncryptionInfo, so we can share the
code between SenderDataFinder and get_verification_state.
  • Loading branch information
andybalaam committed Jul 29, 2024
1 parent 844923d commit 1e468ee
Show file tree
Hide file tree
Showing 2 changed files with 56 additions and 17 deletions.
27 changes: 25 additions & 2 deletions crates/matrix-sdk-crypto/src/olm/group_sessions/sender_data.rs
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.

use ruma::{MilliSecondsSinceUnixEpoch, OwnedUserId};
use ruma::{MilliSecondsSinceUnixEpoch, OwnedDeviceId, OwnedUserId};
use serde::{Deserialize, Serialize};
use vodozemac::Ed25519PublicKey;

Expand Down Expand Up @@ -66,8 +66,13 @@ pub enum SenderData {
/// The user ID of the user who established this session.
user_id: OwnedUserId,

/// The device ID of the device that send the session.
/// This is an `Option` for backwards compatibility, but we should
/// always populate it on creation.
device_id: Option<OwnedDeviceId>,

/// The cross-signing key of the user who established this session.
master_key: Ed25519PublicKey,
master_key: Box<Ed25519PublicKey>,

/// Whether, at the time we checked the signature on the device,
/// we had actively verified that `master_key` belongs to the user.
Expand Down Expand Up @@ -201,4 +206,22 @@ mod tests {
let end: SenderData = serde_json::from_str(&json).unwrap();
assert_eq!(start, end);
}

#[test]
fn deserializing_senderknown_without_device_id_defaults_to_none() {
let json = r#"
{
"SenderKnown":{
"user_id":"@u:s.co",
"master_key":[
150,140,249,139,141,29,63,230,179,14,213,175,176,61,11,255,
26,103,10,51,100,154,183,47,181,117,87,204,33,215,241,92
],
"master_key_verified":true
}
}
"#;

let _end: SenderData = serde_json::from_str(&json).expect("Failed to parse!");
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -257,6 +257,7 @@ impl<'a> SenderDataFinder<'a> {
fn device_is_cross_signed_by_sender(&self, sender_device: Device) -> SenderData {
// H (cross-signing key matches that used to sign the device!)
let user_id = sender_device.user_id().to_owned();
let device_id = Some(sender_device.device_id().to_owned());

let master_key = sender_device
.device_owner_identity
Expand All @@ -265,8 +266,9 @@ impl<'a> SenderDataFinder<'a> {

if let Some(master_key) = master_key {
// We have user_id and master_key for the user sending the to-device message.
let master_key = Box::new(master_key);
let master_key_verified = sender_device.is_cross_signing_trusted();
SenderData::SenderKnown { user_id, master_key, master_key_verified }
SenderData::SenderKnown { user_id, device_id, master_key, master_key_verified }
} else {
// Surprisingly, there was no key in the MasterPubkey. We did not expect this:
// treat it as if the device was not signed by this master key.
Expand Down Expand Up @@ -442,10 +444,12 @@ mod tests {

// Then we get back the information about the sender
assert_let!(
SenderData::SenderKnown { user_id, master_key, master_key_verified } = sender_data
SenderData::SenderKnown { user_id, device_id, master_key, master_key_verified } =
sender_data
);
assert_eq!(user_id, setup.sender.user_id);
assert_eq!(master_key, setup.sender_master_key());
assert_eq!(device_id.unwrap(), setup.sender_device.device_id());
assert_eq!(*master_key, setup.sender_master_key());
assert!(!master_key_verified);
}

Expand All @@ -469,10 +473,12 @@ mod tests {

// Then we get back the information about the sender
assert_let!(
SenderData::SenderKnown { user_id, master_key, master_key_verified } = sender_data
SenderData::SenderKnown { user_id, device_id, master_key, master_key_verified } =
sender_data
);
assert_eq!(user_id, setup.sender.user_id);
assert_eq!(master_key, setup.sender_master_key());
assert_eq!(device_id.unwrap(), setup.sender_device.device_id());
assert_eq!(*master_key, setup.sender_master_key());
assert!(!master_key_verified);
}

Expand All @@ -497,10 +503,12 @@ mod tests {

// Then we get back the information about the sender
assert_let!(
SenderData::SenderKnown { user_id, master_key, master_key_verified } = sender_data
SenderData::SenderKnown { user_id, device_id, master_key, master_key_verified } =
sender_data
);
assert_eq!(user_id, setup.sender.user_id);
assert_eq!(master_key, setup.sender_master_key());
assert_eq!(device_id.unwrap(), setup.sender_device.device_id());
assert_eq!(*master_key, setup.sender_master_key());
assert!(!master_key_verified);
}

Expand All @@ -524,10 +532,12 @@ mod tests {

// Then we get back the information about the sender
assert_let!(
SenderData::SenderKnown { user_id, master_key, master_key_verified } = sender_data
SenderData::SenderKnown { user_id, device_id, master_key, master_key_verified } =
sender_data
);
assert_eq!(user_id, setup.sender.user_id);
assert_eq!(master_key, setup.sender_master_key());
assert_eq!(device_id.unwrap(), setup.sender_device.device_id());
assert_eq!(*master_key, setup.sender_master_key());
assert!(!master_key_verified);
}

Expand Down Expand Up @@ -590,10 +600,12 @@ mod tests {

// Then we get back the information about the sender
assert_let!(
SenderData::SenderKnown { user_id, master_key, master_key_verified } = sender_data
SenderData::SenderKnown { user_id, device_id, master_key, master_key_verified } =
sender_data
);
assert_eq!(user_id, setup.sender.user_id);
assert_eq!(master_key, setup.sender_master_key());
assert_eq!(device_id.unwrap(), setup.sender_device.device_id());
assert_eq!(*master_key, setup.sender_master_key());
// Including the fact that it was verified
assert!(master_key_verified);
}
Expand Down Expand Up @@ -621,10 +633,12 @@ mod tests {

// Then we get back the information about the sender
assert_let!(
SenderData::SenderKnown { user_id, master_key, master_key_verified } = sender_data
SenderData::SenderKnown { user_id, device_id, master_key, master_key_verified } =
sender_data
);
assert_eq!(user_id, setup.sender.user_id);
assert_eq!(master_key, setup.sender_master_key());
assert_eq!(device_id.unwrap(), setup.sender_device.device_id());
assert_eq!(*master_key, setup.sender_master_key());
// Including the fact that it was verified
assert!(master_key_verified);
}
Expand All @@ -643,10 +657,12 @@ mod tests {

// Then it is found using the device we supplied
assert_let!(
SenderData::SenderKnown { user_id, master_key, master_key_verified } = sender_data
SenderData::SenderKnown { user_id, device_id, master_key, master_key_verified } =
sender_data
);
assert_eq!(user_id, setup.sender.user_id);
assert_eq!(master_key, setup.sender_master_key());
assert_eq!(device_id.unwrap(), setup.sender_device.device_id());
assert_eq!(*master_key, setup.sender_master_key());
assert!(!master_key_verified);
}

Expand Down

0 comments on commit 1e468ee

Please sign in to comment.