Module matrix_sdk::encryption::identities
source · e2e-encryption
only.Expand description
Cryptographic identities used in Matrix.
There are two types of cryptographic identities in Matrix.
-
Devices, which are backed by device keys, they represent each individual log in by an E2EE capable Matrix client. We represent devices using the
Device
struct. -
User identities, which are backed by cross signing keys. The user identity represent a unique E2EE capable identity of any given user. This identity is generally created and uploaded to the server by the first E2EE capable client the user logs in with. We represent user identities using the
UserIdentity
struct.
A Device
or an UserIdentity
can be used to inspect the public keys
of the device/identity, or it can be used to initiate a interactive
verification flow. They can also be manually marked as verified.
§Examples
Verifying a device is pretty straightforward:
let device =
client.encryption().get_device(alice, device_id!("DEVICEID")).await?;
if let Some(device) = device {
// Let's request the device to be verified.
let verification = device.request_verification().await?;
// Actually this is taking too long.
verification.cancel().await?;
// Let's just mark it as verified.
device.verify().await?;
}
Verifying a user identity works largely the same:
let user = client.encryption().get_user_identity(alice).await?;
if let Some(user) = user {
// Let's request the user to be verified.
let verification = user.request_verification().await?;
// Actually this is taking too long.
verification.cancel().await?;
// Let's just mark it as verified.
user.verify().await?;
}
Structs§
- A device represents a E2EE capable client or device of an user.
- Updates about
Device
s which got received over the/keys/query
endpoint. - Updates about
UserIdentity
s which got received over the/keys/query
endpoint. - Wrapper for a cross signing key marking it as the master key.
- The collection of all the
Device
s a user has. - A struct representing a E2EE capable identity of a user.
Enums§
- Error for the manual verification step, when we manually sign users or devices.
- Error when requesting a verification.