1#[cfg(feature = "experimental-encrypted-state-events")]
16use std::borrow::Borrow;
17use std::{
18 collections::{BTreeMap, HashMap, HashSet},
19 sync::Arc,
20 time::Duration,
21};
22
23use itertools::Itertools;
24#[cfg(feature = "experimental-send-custom-to-device")]
25use matrix_sdk_common::deserialized_responses::WithheldCode;
26use matrix_sdk_common::{
27 deserialized_responses::{
28 AlgorithmInfo, DecryptedRoomEvent, DeviceLinkProblem, EncryptionInfo,
29 ProcessedToDeviceEvent, ToDeviceUnableToDecryptInfo, ToDeviceUnableToDecryptReason,
30 UnableToDecryptInfo, UnableToDecryptReason, UnsignedDecryptionResult,
31 UnsignedEventLocation, VerificationLevel, VerificationState,
32 },
33 locks::RwLock as StdRwLock,
34 timer, BoxFuture,
35};
36#[cfg(feature = "experimental-encrypted-state-events")]
37use ruma::events::{AnyStateEventContent, StateEventContent};
38use ruma::{
39 api::client::{
40 dehydrated_device::DehydratedDeviceData,
41 keys::{
42 claim_keys::v3::Request as KeysClaimRequest,
43 get_keys::v3::Response as KeysQueryResponse,
44 upload_keys::v3::{Request as UploadKeysRequest, Response as UploadKeysResponse},
45 upload_signatures::v3::Request as UploadSignaturesRequest,
46 },
47 sync::sync_events::DeviceLists,
48 },
49 assign,
50 events::{
51 secret::request::SecretName, AnyMessageLikeEvent, AnyMessageLikeEventContent,
52 AnyTimelineEvent, AnyToDeviceEvent, MessageLikeEventContent,
53 },
54 serde::{JsonObject, Raw},
55 DeviceId, MilliSecondsSinceUnixEpoch, OneTimeKeyAlgorithm, OwnedDeviceId, OwnedDeviceKeyId,
56 OwnedTransactionId, OwnedUserId, RoomId, TransactionId, UInt, UserId,
57};
58use serde_json::{value::to_raw_value, Value};
59use tokio::sync::Mutex;
60use tracing::{
61 debug, error,
62 field::{debug, display},
63 info, instrument, trace, warn, Span,
64};
65use vodozemac::{
66 megolm::{DecryptionError, SessionOrdering},
67 Curve25519PublicKey, Ed25519Signature,
68};
69
70#[cfg(feature = "experimental-send-custom-to-device")]
71use crate::session_manager::split_devices_for_share_strategy;
72use crate::{
73 backups::{BackupMachine, MegolmV1BackupKey},
74 dehydrated_devices::{DehydratedDevices, DehydrationError},
75 error::{EventError, MegolmError, MegolmResult, OlmError, OlmResult, SetRoomSettingsError},
76 gossiping::GossipMachine,
77 identities::{user::UserIdentity, Device, IdentityManager, UserDevices},
78 olm::{
79 Account, CrossSigningStatus, EncryptionSettings, IdentityKeys, InboundGroupSession,
80 KnownSenderData, OlmDecryptionInfo, PrivateCrossSigningIdentity, SenderData,
81 SenderDataFinder, SessionType, StaticAccountData,
82 },
83 session_manager::{GroupSessionManager, SessionManager},
84 store::{
85 caches::StoreCache,
86 types::{
87 Changes, CrossSigningKeyExport, DeviceChanges, IdentityChanges, PendingChanges,
88 RoomKeyInfo, RoomSettings, StoredRoomKeyBundleData,
89 },
90 CryptoStoreWrapper, IntoCryptoStore, MemoryStore, Result as StoreResult, SecretImportError,
91 Store, StoreTransaction,
92 },
93 types::{
94 events::{
95 olm_v1::{AnyDecryptedOlmEvent, DecryptedRoomKeyBundleEvent, DecryptedRoomKeyEvent},
96 room::encrypted::{
97 EncryptedEvent, EncryptedToDeviceEvent, RoomEncryptedEventContent,
98 RoomEventEncryptionScheme, SupportedEventEncryptionSchemes,
99 ToDeviceEncryptedEventContent,
100 },
101 room_key::{MegolmV1AesSha2Content, RoomKeyContent},
102 room_key_bundle::RoomKeyBundleContent,
103 room_key_withheld::{
104 MegolmV1AesSha2WithheldContent, RoomKeyWithheldContent, RoomKeyWithheldEvent,
105 },
106 ToDeviceEvent, ToDeviceEvents,
107 },
108 requests::{
109 AnyIncomingResponse, KeysQueryRequest, OutgoingRequest, ToDeviceRequest,
110 UploadSigningKeysRequest,
111 },
112 EventEncryptionAlgorithm, Signatures,
113 },
114 utilities::timestamp_to_iso8601,
115 verification::{Verification, VerificationMachine, VerificationRequest},
116 CollectStrategy, CryptoStoreError, DecryptionSettings, DeviceData, LocalTrust,
117 RoomEventDecryptionResult, SignatureError, TrustRequirement,
118};
119
120#[derive(Clone)]
123pub struct OlmMachine {
124 pub(crate) inner: Arc<OlmMachineInner>,
125}
126
127pub struct OlmMachineInner {
128 user_id: OwnedUserId,
130 device_id: OwnedDeviceId,
132 user_identity: Arc<Mutex<PrivateCrossSigningIdentity>>,
137 store: Store,
141 session_manager: SessionManager,
143 pub(crate) group_session_manager: GroupSessionManager,
145 verification_machine: VerificationMachine,
148 pub(crate) key_request_machine: GossipMachine,
151 identity_manager: IdentityManager,
154 backup_machine: BackupMachine,
156}
157
158#[cfg(not(tarpaulin_include))]
159impl std::fmt::Debug for OlmMachine {
160 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
161 f.debug_struct("OlmMachine")
162 .field("user_id", &self.user_id())
163 .field("device_id", &self.device_id())
164 .finish()
165 }
166}
167
168impl OlmMachine {
169 const CURRENT_GENERATION_STORE_KEY: &'static str = "generation-counter";
170 const HAS_MIGRATED_VERIFICATION_LATCH: &'static str = "HAS_MIGRATED_VERIFICATION_LATCH";
171
172 pub async fn new(user_id: &UserId, device_id: &DeviceId) -> Self {
183 OlmMachine::with_store(user_id, device_id, MemoryStore::new(), None)
184 .await
185 .expect("Reading and writing to the memory store always succeeds")
186 }
187
188 pub(crate) async fn rehydrate(
189 &self,
190 pickle_key: &[u8; 32],
191 device_id: &DeviceId,
192 device_data: Raw<DehydratedDeviceData>,
193 ) -> Result<OlmMachine, DehydrationError> {
194 let account = Account::rehydrate(pickle_key, self.user_id(), device_id, device_data)?;
195 let static_account = account.static_data().clone();
196
197 let store =
198 Arc::new(CryptoStoreWrapper::new(self.user_id(), device_id, MemoryStore::new()));
199 let device = DeviceData::from_account(&account);
200 store.save_pending_changes(PendingChanges { account: Some(account) }).await?;
201 store
202 .save_changes(Changes {
203 devices: DeviceChanges { new: vec![device], ..Default::default() },
204 ..Default::default()
205 })
206 .await?;
207
208 let (verification_machine, store, identity_manager) =
209 Self::new_helper_prelude(store, static_account, self.store().private_identity());
210
211 Ok(Self::new_helper(
212 device_id,
213 store,
214 verification_machine,
215 identity_manager,
216 self.store().private_identity(),
217 None,
218 ))
219 }
220
221 fn new_helper_prelude(
222 store_wrapper: Arc<CryptoStoreWrapper>,
223 account: StaticAccountData,
224 user_identity: Arc<Mutex<PrivateCrossSigningIdentity>>,
225 ) -> (VerificationMachine, Store, IdentityManager) {
226 let verification_machine =
227 VerificationMachine::new(account.clone(), user_identity.clone(), store_wrapper.clone());
228 let store = Store::new(account, user_identity, store_wrapper, verification_machine.clone());
229
230 let identity_manager = IdentityManager::new(store.clone());
231
232 (verification_machine, store, identity_manager)
233 }
234
235 fn new_helper(
236 device_id: &DeviceId,
237 store: Store,
238 verification_machine: VerificationMachine,
239 identity_manager: IdentityManager,
240 user_identity: Arc<Mutex<PrivateCrossSigningIdentity>>,
241 maybe_backup_key: Option<MegolmV1BackupKey>,
242 ) -> Self {
243 let group_session_manager = GroupSessionManager::new(store.clone());
244
245 let users_for_key_claim = Arc::new(StdRwLock::new(BTreeMap::new()));
246 let key_request_machine = GossipMachine::new(
247 store.clone(),
248 identity_manager.clone(),
249 group_session_manager.session_cache(),
250 users_for_key_claim.clone(),
251 );
252
253 let session_manager =
254 SessionManager::new(users_for_key_claim, key_request_machine.clone(), store.clone());
255
256 let backup_machine = BackupMachine::new(store.clone(), maybe_backup_key);
257
258 let inner = Arc::new(OlmMachineInner {
259 user_id: store.user_id().to_owned(),
260 device_id: device_id.to_owned(),
261 user_identity,
262 store,
263 session_manager,
264 group_session_manager,
265 verification_machine,
266 key_request_machine,
267 identity_manager,
268 backup_machine,
269 });
270
271 Self { inner }
272 }
273
274 #[instrument(skip(store, custom_account), fields(ed25519_key, curve25519_key))]
299 pub async fn with_store(
300 user_id: &UserId,
301 device_id: &DeviceId,
302 store: impl IntoCryptoStore,
303 custom_account: Option<vodozemac::olm::Account>,
304 ) -> StoreResult<Self> {
305 let store = store.into_crypto_store();
306
307 let static_account = match store.load_account().await? {
308 Some(account) => {
309 if user_id != account.user_id()
310 || device_id != account.device_id()
311 || custom_account.is_some()
312 {
313 return Err(CryptoStoreError::MismatchedAccount {
314 expected: (account.user_id().to_owned(), account.device_id().to_owned()),
315 got: (user_id.to_owned(), device_id.to_owned()),
316 });
317 }
318
319 Span::current()
320 .record("ed25519_key", display(account.identity_keys().ed25519))
321 .record("curve25519_key", display(account.identity_keys().curve25519));
322 debug!("Restored an Olm account");
323
324 account.static_data().clone()
325 }
326
327 None => {
328 let account = if let Some(account) = custom_account {
329 Account::new_helper(account, user_id, device_id)
330 } else {
331 Account::with_device_id(user_id, device_id)
332 };
333
334 let static_account = account.static_data().clone();
335
336 Span::current()
337 .record("ed25519_key", display(account.identity_keys().ed25519))
338 .record("curve25519_key", display(account.identity_keys().curve25519));
339
340 let device = DeviceData::from_account(&account);
341
342 device.set_trust_state(LocalTrust::Verified);
346
347 let changes = Changes {
348 devices: DeviceChanges { new: vec![device], ..Default::default() },
349 ..Default::default()
350 };
351 store.save_changes(changes).await?;
352 store.save_pending_changes(PendingChanges { account: Some(account) }).await?;
353
354 debug!("Created a new Olm account");
355
356 static_account
357 }
358 };
359
360 let identity = match store.load_identity().await? {
361 Some(i) => {
362 let master_key = i
363 .master_public_key()
364 .await
365 .and_then(|m| m.get_first_key().map(|m| m.to_owned()));
366 debug!(?master_key, "Restored the cross signing identity");
367 i
368 }
369 None => {
370 debug!("Creating an empty cross signing identity stub");
371 PrivateCrossSigningIdentity::empty(user_id)
372 }
373 };
374
375 let saved_keys = store.load_backup_keys().await?;
380 let maybe_backup_key = saved_keys.decryption_key.and_then(|k| {
381 if let Some(version) = saved_keys.backup_version {
382 let megolm_v1_backup_key = k.megolm_v1_public_key();
383 megolm_v1_backup_key.set_version(version);
384 Some(megolm_v1_backup_key)
385 } else {
386 None
387 }
388 });
389
390 let identity = Arc::new(Mutex::new(identity));
391 let store = Arc::new(CryptoStoreWrapper::new(user_id, device_id, store));
392
393 let (verification_machine, store, identity_manager) =
394 Self::new_helper_prelude(store, static_account, identity.clone());
395
396 Self::migration_post_verified_latch_support(&store, &identity_manager).await?;
399
400 Ok(Self::new_helper(
401 device_id,
402 store,
403 verification_machine,
404 identity_manager,
405 identity,
406 maybe_backup_key,
407 ))
408 }
409
410 pub(crate) async fn migration_post_verified_latch_support(
418 store: &Store,
419 identity_manager: &IdentityManager,
420 ) -> Result<(), CryptoStoreError> {
421 let maybe_migrate_for_identity_verified_latch =
422 store.get_custom_value(Self::HAS_MIGRATED_VERIFICATION_LATCH).await?.is_none();
423
424 if maybe_migrate_for_identity_verified_latch {
425 identity_manager.mark_all_tracked_users_as_dirty(store.cache().await?).await?;
426
427 store.set_custom_value(Self::HAS_MIGRATED_VERIFICATION_LATCH, vec![0]).await?
428 }
429 Ok(())
430 }
431
432 pub fn store(&self) -> &Store {
434 &self.inner.store
435 }
436
437 pub fn user_id(&self) -> &UserId {
439 &self.inner.user_id
440 }
441
442 pub fn device_id(&self) -> &DeviceId {
444 &self.inner.device_id
445 }
446
447 pub fn device_creation_time(&self) -> MilliSecondsSinceUnixEpoch {
454 self.inner.store.static_account().creation_local_time()
455 }
456
457 pub fn identity_keys(&self) -> IdentityKeys {
459 let account = self.inner.store.static_account();
460 account.identity_keys()
461 }
462
463 pub async fn display_name(&self) -> StoreResult<Option<String>> {
465 self.store().device_display_name().await
466 }
467
468 pub async fn tracked_users(&self) -> StoreResult<HashSet<OwnedUserId>> {
473 let cache = self.store().cache().await?;
474 Ok(self.inner.identity_manager.key_query_manager.synced(&cache).await?.tracked_users())
475 }
476
477 #[cfg(feature = "automatic-room-key-forwarding")]
486 pub fn set_room_key_requests_enabled(&self, enable: bool) {
487 self.inner.key_request_machine.set_room_key_requests_enabled(enable)
488 }
489
490 pub fn are_room_key_requests_enabled(&self) -> bool {
495 self.inner.key_request_machine.are_room_key_requests_enabled()
496 }
497
498 #[cfg(feature = "automatic-room-key-forwarding")]
507 pub fn set_room_key_forwarding_enabled(&self, enable: bool) {
508 self.inner.key_request_machine.set_room_key_forwarding_enabled(enable)
509 }
510
511 pub fn is_room_key_forwarding_enabled(&self) -> bool {
515 self.inner.key_request_machine.is_room_key_forwarding_enabled()
516 }
517
518 pub async fn outgoing_requests(&self) -> StoreResult<Vec<OutgoingRequest>> {
526 let mut requests = Vec::new();
527
528 {
529 let store_cache = self.inner.store.cache().await?;
530 let account = store_cache.account().await?;
531 if let Some(r) = self.keys_for_upload(&account).await.map(|r| OutgoingRequest {
532 request_id: TransactionId::new(),
533 request: Arc::new(r.into()),
534 }) {
535 requests.push(r);
536 }
537 }
538
539 for request in self
540 .inner
541 .identity_manager
542 .users_for_key_query()
543 .await?
544 .into_iter()
545 .map(|(request_id, r)| OutgoingRequest { request_id, request: Arc::new(r.into()) })
546 {
547 requests.push(request);
548 }
549
550 requests.append(&mut self.inner.verification_machine.outgoing_messages());
551 requests.append(&mut self.inner.key_request_machine.outgoing_to_device_requests().await?);
552
553 Ok(requests)
554 }
555
556 pub fn query_keys_for_users<'a>(
577 &self,
578 users: impl IntoIterator<Item = &'a UserId>,
579 ) -> (OwnedTransactionId, KeysQueryRequest) {
580 self.inner.identity_manager.build_key_query_for_users(users)
581 }
582
583 pub async fn mark_request_as_sent<'a>(
593 &self,
594 request_id: &TransactionId,
595 response: impl Into<AnyIncomingResponse<'a>>,
596 ) -> OlmResult<()> {
597 match response.into() {
598 AnyIncomingResponse::KeysUpload(response) => {
599 Box::pin(self.receive_keys_upload_response(response)).await?;
600 }
601 AnyIncomingResponse::KeysQuery(response) => {
602 Box::pin(self.receive_keys_query_response(request_id, response)).await?;
603 }
604 AnyIncomingResponse::KeysClaim(response) => {
605 Box::pin(
606 self.inner.session_manager.receive_keys_claim_response(request_id, response),
607 )
608 .await?;
609 }
610 AnyIncomingResponse::ToDevice(_) => {
611 Box::pin(self.mark_to_device_request_as_sent(request_id)).await?;
612 }
613 AnyIncomingResponse::SigningKeysUpload(_) => {
614 Box::pin(self.receive_cross_signing_upload_response()).await?;
615 }
616 AnyIncomingResponse::SignatureUpload(_) => {
617 self.inner.verification_machine.mark_request_as_sent(request_id);
618 }
619 AnyIncomingResponse::RoomMessage(_) => {
620 self.inner.verification_machine.mark_request_as_sent(request_id);
621 }
622 AnyIncomingResponse::KeysBackup(_) => {
623 Box::pin(self.inner.backup_machine.mark_request_as_sent(request_id)).await?;
624 }
625 }
626
627 Ok(())
628 }
629
630 async fn receive_cross_signing_upload_response(&self) -> StoreResult<()> {
632 let identity = self.inner.user_identity.lock().await;
633 identity.mark_as_shared();
634
635 let changes = Changes { private_identity: Some(identity.clone()), ..Default::default() };
636
637 self.store().save_changes(changes).await
638 }
639
640 pub async fn bootstrap_cross_signing(
659 &self,
660 reset: bool,
661 ) -> StoreResult<CrossSigningBootstrapRequests> {
662 let identity = self.inner.user_identity.lock().await.clone();
667
668 let (upload_signing_keys_req, upload_signatures_req) = if reset || identity.is_empty().await
669 {
670 info!("Creating new cross signing identity");
671
672 let (identity, upload_signing_keys_req, upload_signatures_req) = {
673 let cache = self.inner.store.cache().await?;
674 let account = cache.account().await?;
675 account.bootstrap_cross_signing().await
676 };
677
678 let public = identity.to_public_identity().await.expect(
679 "Couldn't create a public version of the identity from a new private identity",
680 );
681
682 *self.inner.user_identity.lock().await = identity.clone();
683
684 self.store()
685 .save_changes(Changes {
686 identities: IdentityChanges { new: vec![public.into()], ..Default::default() },
687 private_identity: Some(identity),
688 ..Default::default()
689 })
690 .await?;
691
692 (upload_signing_keys_req, upload_signatures_req)
693 } else {
694 info!("Trying to upload the existing cross signing identity");
695 let upload_signing_keys_req = identity.as_upload_request().await;
696
697 let upload_signatures_req = identity
699 .sign_account(self.inner.store.static_account())
700 .await
701 .expect("Can't sign device keys");
702
703 (upload_signing_keys_req, upload_signatures_req)
704 };
705
706 let upload_keys_req =
710 self.upload_device_keys().await?.map(|(_, request)| OutgoingRequest::from(request));
711
712 Ok(CrossSigningBootstrapRequests {
713 upload_signing_keys_req,
714 upload_keys_req,
715 upload_signatures_req,
716 })
717 }
718
719 pub async fn upload_device_keys(
731 &self,
732 ) -> StoreResult<Option<(OwnedTransactionId, UploadKeysRequest)>> {
733 let cache = self.store().cache().await?;
734 let account = cache.account().await?;
735
736 Ok(self.keys_for_upload(&account).await.map(|request| (TransactionId::new(), request)))
737 }
738
739 async fn receive_keys_upload_response(&self, response: &UploadKeysResponse) -> OlmResult<()> {
746 self.inner
747 .store
748 .with_transaction(|mut tr| async {
749 let account = tr.account().await?;
750 account.receive_keys_upload_response(response)?;
751 Ok((tr, ()))
752 })
753 .await
754 }
755
756 #[instrument(skip_all)]
784 pub async fn get_missing_sessions(
785 &self,
786 users: impl Iterator<Item = &UserId>,
787 ) -> StoreResult<Option<(OwnedTransactionId, KeysClaimRequest)>> {
788 self.inner.session_manager.get_missing_sessions(users).await
789 }
790
791 async fn receive_keys_query_response(
800 &self,
801 request_id: &TransactionId,
802 response: &KeysQueryResponse,
803 ) -> OlmResult<(DeviceChanges, IdentityChanges)> {
804 self.inner.identity_manager.receive_keys_query_response(request_id, response).await
805 }
806
807 async fn keys_for_upload(&self, account: &Account) -> Option<UploadKeysRequest> {
816 let (mut device_keys, one_time_keys, fallback_keys) = account.keys_for_upload();
817
818 if let Some(device_keys) = &mut device_keys {
828 let private_identity = self.store().private_identity();
829 let guard = private_identity.lock().await;
830
831 if guard.status().await.is_complete() {
832 guard.sign_device_keys(device_keys).await.expect(
833 "We should be able to sign our device keys since we confirmed that we \
834 have a complete set of private cross-signing keys",
835 );
836 }
837 }
838
839 if device_keys.is_none() && one_time_keys.is_empty() && fallback_keys.is_empty() {
840 None
841 } else {
842 let device_keys = device_keys.map(|d| d.to_raw());
843
844 Some(assign!(UploadKeysRequest::new(), {
845 device_keys, one_time_keys, fallback_keys
846 }))
847 }
848 }
849
850 async fn decrypt_to_device_event(
873 &self,
874 transaction: &mut StoreTransaction,
875 event: &EncryptedToDeviceEvent,
876 changes: &mut Changes,
877 decryption_settings: &DecryptionSettings,
878 ) -> Result<OlmDecryptionInfo, DecryptToDeviceError> {
879 let mut decrypted = transaction
881 .account()
882 .await?
883 .decrypt_to_device_event(&self.inner.store, event, decryption_settings)
884 .await?;
885
886 self.check_to_device_event_is_not_from_dehydrated_device(&decrypted, &event.sender).await?;
888
889 self.handle_decrypted_to_device_event(transaction.cache(), &mut decrypted, changes).await?;
891
892 Ok(decrypted)
893 }
894
895 #[instrument(
896 skip_all,
897 fields(room_id = ? content.room_id, session_id, message_index)
901 )]
902 async fn handle_key(
903 &self,
904 sender_key: Curve25519PublicKey,
905 event: &DecryptedRoomKeyEvent,
906 content: &MegolmV1AesSha2Content,
907 ) -> OlmResult<Option<InboundGroupSession>> {
908 let session =
909 InboundGroupSession::from_room_key_content(sender_key, event.keys.ed25519, content);
910
911 match session {
912 Ok(mut session) => {
913 Span::current().record("session_id", session.session_id());
914 Span::current().record("message_index", session.first_known_index());
915
916 let sender_data =
917 SenderDataFinder::find_using_event(self.store(), sender_key, event, &session)
918 .await?;
919
920 session.sender_data = sender_data;
921
922 match self.store().compare_group_session(&session).await? {
923 SessionOrdering::Better => {
924 info!("Received a new megolm room key");
925
926 Ok(Some(session))
927 }
928 comparison_result => {
929 warn!(
930 ?comparison_result,
931 "Received a megolm room key that we already have a better version \
932 of, discarding"
933 );
934
935 Ok(None)
936 }
937 }
938 }
939 Err(e) => {
940 Span::current().record("session_id", &content.session_id);
941 warn!("Received a room key event which contained an invalid session key: {e}");
942
943 Ok(None)
944 }
945 }
946 }
947
948 #[instrument(skip_all, fields(algorithm = ?event.content.algorithm()))]
950 async fn add_room_key(
951 &self,
952 sender_key: Curve25519PublicKey,
953 event: &DecryptedRoomKeyEvent,
954 ) -> OlmResult<Option<InboundGroupSession>> {
955 match &event.content {
956 RoomKeyContent::MegolmV1AesSha2(content) => {
957 self.handle_key(sender_key, event, content).await
958 }
959 #[cfg(feature = "experimental-algorithms")]
960 RoomKeyContent::MegolmV2AesSha2(content) => {
961 self.handle_key(sender_key, event, content).await
962 }
963 RoomKeyContent::Unknown(_) => {
964 warn!("Received a room key with an unsupported algorithm");
965 Ok(None)
966 }
967 }
968 }
969
970 #[instrument()]
973 async fn receive_room_key_bundle_data(
974 &self,
975 sender_key: Curve25519PublicKey,
976 event: &DecryptedRoomKeyBundleEvent,
977 changes: &mut Changes,
978 ) -> OlmResult<()> {
979 let Some(sender_device_keys) = &event.sender_device_keys else {
980 warn!("Received a room key bundle with no sender device keys: ignoring");
981 return Ok(());
982 };
983
984 let sender_device_data =
989 DeviceData::try_from(sender_device_keys).expect("failed to verify sender device keys");
990 let sender_device = self.store().wrap_device_data(sender_device_data).await?;
991
992 changes.received_room_key_bundles.push(StoredRoomKeyBundleData {
993 sender_user: event.sender.clone(),
994 sender_data: SenderData::from_device(&sender_device),
995 sender_key,
996 bundle_data: event.content.clone(),
997 });
998 Ok(())
999 }
1000
1001 fn add_withheld_info(&self, changes: &mut Changes, event: &RoomKeyWithheldEvent) {
1002 debug!(?event.content, "Processing `m.room_key.withheld` event");
1003
1004 if let RoomKeyWithheldContent::MegolmV1AesSha2(
1005 MegolmV1AesSha2WithheldContent::BlackListed(c)
1006 | MegolmV1AesSha2WithheldContent::Unverified(c),
1007 ) = &event.content
1008 {
1009 changes
1010 .withheld_session_info
1011 .entry(c.room_id.to_owned())
1012 .or_default()
1013 .insert(c.session_id.to_owned(), event.to_owned());
1014 }
1015 }
1016
1017 #[cfg(test)]
1018 pub(crate) async fn create_outbound_group_session_with_defaults_test_helper(
1019 &self,
1020 room_id: &RoomId,
1021 ) -> OlmResult<()> {
1022 let (_, session) = self
1023 .inner
1024 .group_session_manager
1025 .create_outbound_group_session(
1026 room_id,
1027 EncryptionSettings::default(),
1028 SenderData::unknown(),
1029 )
1030 .await?;
1031
1032 self.store().save_inbound_group_sessions(&[session]).await?;
1033
1034 Ok(())
1035 }
1036
1037 #[cfg(test)]
1038 #[allow(dead_code)]
1039 pub(crate) async fn create_inbound_session_test_helper(
1040 &self,
1041 room_id: &RoomId,
1042 ) -> OlmResult<InboundGroupSession> {
1043 let (_, session) = self
1044 .inner
1045 .group_session_manager
1046 .create_outbound_group_session(
1047 room_id,
1048 EncryptionSettings::default(),
1049 SenderData::unknown(),
1050 )
1051 .await?;
1052
1053 Ok(session)
1054 }
1055
1056 pub async fn encrypt_room_event(
1073 &self,
1074 room_id: &RoomId,
1075 content: impl MessageLikeEventContent,
1076 ) -> MegolmResult<Raw<RoomEncryptedEventContent>> {
1077 let event_type = content.event_type().to_string();
1078 let content = Raw::new(&content)?.cast_unchecked();
1079 self.encrypt_room_event_raw(room_id, &event_type, &content).await
1080 }
1081
1082 pub async fn encrypt_room_event_raw(
1102 &self,
1103 room_id: &RoomId,
1104 event_type: &str,
1105 content: &Raw<AnyMessageLikeEventContent>,
1106 ) -> MegolmResult<Raw<RoomEncryptedEventContent>> {
1107 self.inner.group_session_manager.encrypt(room_id, event_type, content).await
1108 }
1109
1110 #[cfg(feature = "experimental-encrypted-state-events")]
1122 pub async fn encrypt_state_event<C, K>(
1123 &self,
1124 room_id: &RoomId,
1125 content: C,
1126 state_key: K,
1127 ) -> MegolmResult<Raw<RoomEncryptedEventContent>>
1128 where
1129 C: StateEventContent,
1130 C::StateKey: Borrow<K>,
1131 K: AsRef<str>,
1132 {
1133 let event_type = content.event_type().to_string();
1134 let content = Raw::new(&content)?.cast_unchecked();
1135 self.encrypt_state_event_raw(room_id, &event_type, state_key.as_ref(), &content).await
1136 }
1137
1138 #[cfg(feature = "experimental-encrypted-state-events")]
1157 pub async fn encrypt_state_event_raw(
1158 &self,
1159 room_id: &RoomId,
1160 event_type: &str,
1161 state_key: &str,
1162 content: &Raw<AnyStateEventContent>,
1163 ) -> MegolmResult<Raw<RoomEncryptedEventContent>> {
1164 self.inner
1165 .group_session_manager
1166 .encrypt_state(room_id, event_type, state_key, content)
1167 .await
1168 }
1169
1170 pub async fn discard_room_key(&self, room_id: &RoomId) -> StoreResult<bool> {
1181 self.inner.group_session_manager.invalidate_group_session(room_id).await
1182 }
1183
1184 pub async fn share_room_key(
1204 &self,
1205 room_id: &RoomId,
1206 users: impl Iterator<Item = &UserId>,
1207 encryption_settings: impl Into<EncryptionSettings>,
1208 ) -> OlmResult<Vec<Arc<ToDeviceRequest>>> {
1209 self.inner.group_session_manager.share_room_key(room_id, users, encryption_settings).await
1210 }
1211
1212 #[cfg(feature = "experimental-send-custom-to-device")]
1226 pub async fn encrypt_content_for_devices(
1227 &self,
1228 devices: Vec<DeviceData>,
1229 event_type: &str,
1230 content: &Value,
1231 share_strategy: CollectStrategy,
1232 ) -> OlmResult<(Vec<ToDeviceRequest>, Vec<(DeviceData, WithheldCode)>)> {
1233 let mut changes = Changes::default();
1234
1235 let (allowed_devices, mut blocked_devices) =
1236 split_devices_for_share_strategy(&self.inner.store, devices, share_strategy).await?;
1237
1238 let result = self
1239 .inner
1240 .group_session_manager
1241 .encrypt_content_for_devices(allowed_devices, event_type, content.clone(), &mut changes)
1242 .await;
1243
1244 if !changes.is_empty() {
1246 let session_count = changes.sessions.len();
1247
1248 self.inner.store.save_changes(changes).await?;
1249
1250 trace!(
1251 session_count = session_count,
1252 "Stored the changed sessions after encrypting a custom to-device event"
1253 );
1254 }
1255
1256 result.map(|(to_device_requests, mut withheld)| {
1257 withheld.append(&mut blocked_devices);
1258 (to_device_requests, withheld)
1259 })
1260 }
1261 pub async fn share_room_key_bundle_data(
1266 &self,
1267 user_id: &UserId,
1268 collect_strategy: &CollectStrategy,
1269 bundle_data: RoomKeyBundleContent,
1270 ) -> OlmResult<Vec<ToDeviceRequest>> {
1271 self.inner
1272 .group_session_manager
1273 .share_room_key_bundle_data(user_id, collect_strategy, bundle_data)
1274 .await
1275 }
1276
1277 #[deprecated(note = "Use OlmMachine::receive_verification_event instead", since = "0.7.0")]
1285 pub async fn receive_unencrypted_verification_event(
1286 &self,
1287 event: &AnyMessageLikeEvent,
1288 ) -> StoreResult<()> {
1289 self.inner.verification_machine.receive_any_event(event).await
1290 }
1291
1292 pub async fn receive_verification_event(&self, event: &AnyMessageLikeEvent) -> StoreResult<()> {
1296 self.inner.verification_machine.receive_any_event(event).await
1297 }
1298
1299 #[instrument(
1305 skip_all,
1306 fields(
1307 sender_key = ?decrypted.result.sender_key,
1308 event_type = decrypted.result.event.event_type(),
1309 ),
1310 )]
1311 async fn handle_decrypted_to_device_event(
1312 &self,
1313 cache: &StoreCache,
1314 decrypted: &mut OlmDecryptionInfo,
1315 changes: &mut Changes,
1316 ) -> OlmResult<()> {
1317 debug!(
1318 sender_device_keys =
1319 ?decrypted.result.event.sender_device_keys().map(|k| (k.curve25519_key(), k.ed25519_key())).unwrap_or((None, None)),
1320 "Received a decrypted to-device event",
1321 );
1322
1323 match &*decrypted.result.event {
1324 AnyDecryptedOlmEvent::RoomKey(e) => {
1325 let session = self.add_room_key(decrypted.result.sender_key, e).await?;
1326 decrypted.inbound_group_session = session;
1327 }
1328 AnyDecryptedOlmEvent::ForwardedRoomKey(e) => {
1329 let session = self
1330 .inner
1331 .key_request_machine
1332 .receive_forwarded_room_key(decrypted.result.sender_key, e)
1333 .await?;
1334 decrypted.inbound_group_session = session;
1335 }
1336 AnyDecryptedOlmEvent::SecretSend(e) => {
1337 let name = self
1338 .inner
1339 .key_request_machine
1340 .receive_secret_event(cache, decrypted.result.sender_key, e, changes)
1341 .await?;
1342
1343 if let Ok(ToDeviceEvents::SecretSend(mut e)) =
1346 decrypted.result.raw_event.deserialize_as()
1347 {
1348 e.content.secret_name = name;
1349 decrypted.result.raw_event = Raw::from_json(to_raw_value(&e)?);
1350 }
1351 }
1352 AnyDecryptedOlmEvent::Dummy(_) => {
1353 debug!("Received an `m.dummy` event");
1354 }
1355 AnyDecryptedOlmEvent::RoomKeyBundle(e) => {
1356 debug!("Received a room key bundle event {:?}", e);
1357 self.receive_room_key_bundle_data(decrypted.result.sender_key, e, changes).await?;
1358 }
1359 AnyDecryptedOlmEvent::Custom(_) => {
1360 warn!("Received an unexpected encrypted to-device event");
1361 }
1362 }
1363
1364 Ok(())
1365 }
1366
1367 async fn handle_verification_event(&self, event: &ToDeviceEvents) {
1368 if let Err(e) = self.inner.verification_machine.receive_any_event(event).await {
1369 error!("Error handling a verification event: {e:?}");
1370 }
1371 }
1372
1373 async fn mark_to_device_request_as_sent(&self, request_id: &TransactionId) -> StoreResult<()> {
1375 self.inner.verification_machine.mark_request_as_sent(request_id);
1376 self.inner.key_request_machine.mark_outgoing_request_as_sent(request_id).await?;
1377 self.inner.group_session_manager.mark_request_as_sent(request_id).await?;
1378 self.inner.session_manager.mark_outgoing_request_as_sent(request_id);
1379 Ok(())
1380 }
1381
1382 pub fn get_verification(&self, user_id: &UserId, flow_id: &str) -> Option<Verification> {
1384 self.inner.verification_machine.get_verification(user_id, flow_id)
1385 }
1386
1387 pub fn get_verification_request(
1389 &self,
1390 user_id: &UserId,
1391 flow_id: impl AsRef<str>,
1392 ) -> Option<VerificationRequest> {
1393 self.inner.verification_machine.get_request(user_id, flow_id)
1394 }
1395
1396 pub fn get_verification_requests(&self, user_id: &UserId) -> Vec<VerificationRequest> {
1398 self.inner.verification_machine.get_requests(user_id)
1399 }
1400
1401 async fn handle_to_device_event(&self, changes: &mut Changes, event: &ToDeviceEvents) {
1406 use crate::types::events::ToDeviceEvents::*;
1407
1408 match event {
1409 RoomKeyRequest(e) => self.inner.key_request_machine.receive_incoming_key_request(e),
1415 SecretRequest(e) => self.inner.key_request_machine.receive_incoming_secret_request(e),
1416 RoomKeyWithheld(e) => self.add_withheld_info(changes, e),
1417 KeyVerificationAccept(..)
1418 | KeyVerificationCancel(..)
1419 | KeyVerificationKey(..)
1420 | KeyVerificationMac(..)
1421 | KeyVerificationRequest(..)
1422 | KeyVerificationReady(..)
1423 | KeyVerificationDone(..)
1424 | KeyVerificationStart(..) => {
1425 self.handle_verification_event(event).await;
1426 }
1427
1428 Custom(_) | Dummy(_) => {}
1430
1431 RoomEncrypted(_) => {}
1433
1434 SecretSend(_) | RoomKey(_) | ForwardedRoomKey(_) => {}
1437 }
1438 }
1439
1440 fn record_message_id(event: &Raw<AnyToDeviceEvent>) {
1441 use serde::Deserialize;
1442
1443 #[derive(Deserialize)]
1444 struct ContentStub<'a> {
1445 #[serde(borrow, rename = "org.matrix.msgid")]
1446 message_id: Option<&'a str>,
1447 }
1448 #[derive(Deserialize)]
1449 struct ToDeviceStub<'a> {
1450 sender: &'a str,
1451 #[serde(rename = "type")]
1452 event_type: &'a str,
1453 #[serde(borrow)]
1454 content: ContentStub<'a>,
1455 }
1456
1457 if let Ok(event) = event.deserialize_as_unchecked::<ToDeviceStub<'_>>() {
1458 Span::current().record("sender", event.sender);
1459 Span::current().record("event_type", event.event_type);
1460 Span::current().record("message_id", event.content.message_id);
1461 }
1462 }
1463
1464 #[instrument(skip_all, fields(sender, event_type, message_id))]
1472 async fn receive_to_device_event(
1473 &self,
1474 transaction: &mut StoreTransaction,
1475 changes: &mut Changes,
1476 raw_event: Raw<AnyToDeviceEvent>,
1477 decryption_settings: &DecryptionSettings,
1478 ) -> Option<ProcessedToDeviceEvent> {
1479 Self::record_message_id(&raw_event);
1480
1481 let event: ToDeviceEvents = match raw_event.deserialize_as() {
1482 Ok(e) => e,
1483 Err(e) => {
1484 warn!("Received an invalid to-device event: {e}");
1486 return Some(ProcessedToDeviceEvent::Invalid(raw_event));
1487 }
1488 };
1489
1490 debug!("Received a to-device event");
1491
1492 match event {
1493 ToDeviceEvents::RoomEncrypted(e) => {
1494 self.receive_encrypted_to_device_event(
1495 transaction,
1496 changes,
1497 raw_event,
1498 e,
1499 decryption_settings,
1500 )
1501 .await
1502 }
1503 e => {
1504 self.handle_to_device_event(changes, &e).await;
1505 Some(ProcessedToDeviceEvent::PlainText(raw_event))
1506 }
1507 }
1508 }
1509
1510 async fn receive_encrypted_to_device_event(
1524 &self,
1525 transaction: &mut StoreTransaction,
1526 changes: &mut Changes,
1527 mut raw_event: Raw<AnyToDeviceEvent>,
1528 e: ToDeviceEvent<ToDeviceEncryptedEventContent>,
1529 decryption_settings: &DecryptionSettings,
1530 ) -> Option<ProcessedToDeviceEvent> {
1531 let decrypted = match self
1532 .decrypt_to_device_event(transaction, &e, changes, decryption_settings)
1533 .await
1534 {
1535 Ok(decrypted) => decrypted,
1536 Err(DecryptToDeviceError::OlmError(err)) => {
1537 let reason = if let OlmError::UnverifiedSenderDevice = &err {
1538 ToDeviceUnableToDecryptReason::UnverifiedSenderDevice
1539 } else {
1540 ToDeviceUnableToDecryptReason::DecryptionFailure
1541 };
1542
1543 if let OlmError::SessionWedged(sender, curve_key) = err {
1544 if let Err(e) =
1545 self.inner.session_manager.mark_device_as_wedged(&sender, curve_key).await
1546 {
1547 error!(
1548 error = ?e,
1549 "Couldn't mark device to be unwedged",
1550 );
1551 }
1552 }
1553
1554 return Some(ProcessedToDeviceEvent::UnableToDecrypt {
1555 encrypted_event: raw_event,
1556 utd_info: ToDeviceUnableToDecryptInfo { reason },
1557 });
1558 }
1559 Err(DecryptToDeviceError::FromDehydratedDevice) => return None,
1560 };
1561
1562 match decrypted.session {
1565 SessionType::New(s) | SessionType::Existing(s) => {
1566 changes.sessions.push(s);
1567 }
1568 }
1569
1570 changes.message_hashes.push(decrypted.message_hash);
1571
1572 if let Some(group_session) = decrypted.inbound_group_session {
1573 changes.inbound_group_sessions.push(group_session);
1574 }
1575
1576 match decrypted.result.raw_event.deserialize_as() {
1577 Ok(event) => {
1578 self.handle_to_device_event(changes, &event).await;
1579
1580 raw_event = event
1581 .serialize_zeroized()
1582 .expect("Zeroizing and reserializing our events should always work")
1583 .cast();
1584 }
1585 Err(e) => {
1586 warn!("Received an invalid encrypted to-device event: {e}");
1587 raw_event = decrypted.result.raw_event;
1588 }
1589 }
1590
1591 Some(ProcessedToDeviceEvent::Decrypted {
1592 raw: raw_event,
1593 encryption_info: decrypted.result.encryption_info,
1594 })
1595 }
1596
1597 async fn check_to_device_event_is_not_from_dehydrated_device(
1600 &self,
1601 decrypted: &OlmDecryptionInfo,
1602 sender_user_id: &UserId,
1603 ) -> Result<(), DecryptToDeviceError> {
1604 if self.to_device_event_is_from_dehydrated_device(decrypted, sender_user_id).await? {
1605 warn!(
1606 sender = ?sender_user_id,
1607 session = ?decrypted.session,
1608 "Received a to-device event from a dehydrated device. This is unexpected: ignoring event"
1609 );
1610 Err(DecryptToDeviceError::FromDehydratedDevice)
1611 } else {
1612 Ok(())
1613 }
1614 }
1615
1616 async fn to_device_event_is_from_dehydrated_device(
1622 &self,
1623 decrypted: &OlmDecryptionInfo,
1624 sender_user_id: &UserId,
1625 ) -> OlmResult<bool> {
1626 if let Some(device_keys) = decrypted.result.event.sender_device_keys() {
1628 if device_keys.dehydrated.unwrap_or(false) {
1634 return Ok(true);
1635 }
1636 }
1641
1642 Ok(self
1644 .store()
1645 .get_device_from_curve_key(sender_user_id, decrypted.result.sender_key)
1646 .await?
1647 .is_some_and(|d| d.is_dehydrated()))
1648 }
1649
1650 #[instrument(skip_all)]
1668 pub async fn receive_sync_changes(
1669 &self,
1670 sync_changes: EncryptionSyncChanges<'_>,
1671 decryption_settings: &DecryptionSettings,
1672 ) -> OlmResult<(Vec<ProcessedToDeviceEvent>, Vec<RoomKeyInfo>)> {
1673 let mut store_transaction = self.inner.store.transaction().await;
1674
1675 let (events, changes) = self
1676 .preprocess_sync_changes(&mut store_transaction, sync_changes, decryption_settings)
1677 .await?;
1678
1679 let room_key_updates: Vec<_> =
1682 changes.inbound_group_sessions.iter().map(RoomKeyInfo::from).collect();
1683
1684 self.store().save_changes(changes).await?;
1685 store_transaction.commit().await?;
1686
1687 Ok((events, room_key_updates))
1688 }
1689
1690 pub(crate) async fn preprocess_sync_changes(
1708 &self,
1709 transaction: &mut StoreTransaction,
1710 sync_changes: EncryptionSyncChanges<'_>,
1711 decryption_settings: &DecryptionSettings,
1712 ) -> OlmResult<(Vec<ProcessedToDeviceEvent>, Changes)> {
1713 let mut events: Vec<ProcessedToDeviceEvent> = self
1715 .inner
1716 .verification_machine
1717 .garbage_collect()
1718 .iter()
1719 .map(|e| ProcessedToDeviceEvent::PlainText(e.clone()))
1723 .collect();
1724 let mut changes = Default::default();
1727
1728 {
1729 let account = transaction.account().await?;
1730 account.update_key_counts(
1731 sync_changes.one_time_keys_counts,
1732 sync_changes.unused_fallback_keys,
1733 )
1734 }
1735
1736 if let Err(e) = self
1737 .inner
1738 .identity_manager
1739 .receive_device_changes(
1740 transaction.cache(),
1741 sync_changes.changed_devices.changed.iter().map(|u| u.as_ref()),
1742 )
1743 .await
1744 {
1745 error!(error = ?e, "Error marking a tracked user as changed");
1746 }
1747
1748 for raw_event in sync_changes.to_device_events {
1749 let processed_event = Box::pin(self.receive_to_device_event(
1750 transaction,
1751 &mut changes,
1752 raw_event,
1753 decryption_settings,
1754 ))
1755 .await;
1756
1757 if let Some(processed_event) = processed_event {
1758 events.push(processed_event);
1759 }
1760 }
1761
1762 let changed_sessions = self
1763 .inner
1764 .key_request_machine
1765 .collect_incoming_key_requests(transaction.cache())
1766 .await?;
1767
1768 changes.sessions.extend(changed_sessions);
1769 changes.next_batch_token = sync_changes.next_batch_token;
1770
1771 Ok((events, changes))
1772 }
1773
1774 pub async fn request_room_key(
1791 &self,
1792 event: &Raw<EncryptedEvent>,
1793 room_id: &RoomId,
1794 ) -> MegolmResult<(Option<OutgoingRequest>, OutgoingRequest)> {
1795 let event = event.deserialize()?;
1796 self.inner.key_request_machine.request_key(room_id, &event).await
1797 }
1798
1799 async fn get_room_event_verification_state(
1812 &self,
1813 session: &InboundGroupSession,
1814 sender: &UserId,
1815 ) -> MegolmResult<(VerificationState, Option<OwnedDeviceId>)> {
1816 let sender_data = self.get_or_update_sender_data(session, sender).await?;
1817
1818 let (verification_state, device_id) = match sender_data.user_id() {
1827 Some(i) if i != sender => {
1828 (VerificationState::Unverified(VerificationLevel::MismatchedSender), None)
1829 }
1830
1831 Some(_) | None => {
1832 sender_data_to_verification_state(sender_data, session.has_been_imported())
1833 }
1834 };
1835
1836 Ok((verification_state, device_id))
1837 }
1838
1839 async fn get_or_update_sender_data(
1854 &self,
1855 session: &InboundGroupSession,
1856 sender: &UserId,
1857 ) -> MegolmResult<SenderData> {
1858 let sender_data = if session.sender_data.should_recalculate() {
1859 let calculated_sender_data = SenderDataFinder::find_using_curve_key(
1878 self.store(),
1879 session.sender_key(),
1880 sender,
1881 session,
1882 )
1883 .await?;
1884
1885 if calculated_sender_data.compare_trust_level(&session.sender_data).is_gt() {
1887 let mut new_session = session.clone();
1889 new_session.sender_data = calculated_sender_data.clone();
1890 self.store().save_inbound_group_sessions(&[new_session]).await?;
1891
1892 calculated_sender_data
1894 } else {
1895 session.sender_data.clone()
1897 }
1898 } else {
1899 session.sender_data.clone()
1900 };
1901
1902 Ok(sender_data)
1903 }
1904
1905 pub async fn query_missing_secrets_from_other_sessions(&self) -> StoreResult<bool> {
1930 let identity = self.inner.user_identity.lock().await;
1931 let mut secrets = identity.get_missing_secrets().await;
1932
1933 if self.store().load_backup_keys().await?.decryption_key.is_none() {
1934 secrets.push(SecretName::RecoveryKey);
1935 }
1936
1937 if secrets.is_empty() {
1938 debug!("No missing requests to query");
1939 return Ok(false);
1940 }
1941
1942 let secret_requests = GossipMachine::request_missing_secrets(self.user_id(), secrets);
1943
1944 let unsent_request = self.store().get_unsent_secret_requests().await?;
1946 let not_yet_requested = secret_requests
1947 .into_iter()
1948 .filter(|request| !unsent_request.iter().any(|unsent| unsent.info == request.info))
1949 .collect_vec();
1950
1951 if not_yet_requested.is_empty() {
1952 debug!("The missing secrets have already been requested");
1953 Ok(false)
1954 } else {
1955 debug!("Requesting missing secrets");
1956
1957 let changes = Changes { key_requests: not_yet_requested, ..Default::default() };
1958
1959 self.store().save_changes(changes).await?;
1960 Ok(true)
1961 }
1962 }
1963
1964 async fn get_encryption_info(
1970 &self,
1971 session: &InboundGroupSession,
1972 sender: &UserId,
1973 ) -> MegolmResult<Arc<EncryptionInfo>> {
1974 let (verification_state, device_id) =
1975 self.get_room_event_verification_state(session, sender).await?;
1976
1977 let sender = sender.to_owned();
1978
1979 Ok(Arc::new(EncryptionInfo {
1980 sender,
1981 sender_device: device_id,
1982 algorithm_info: AlgorithmInfo::MegolmV1AesSha2 {
1983 curve25519_key: session.sender_key().to_base64(),
1984 sender_claimed_keys: session
1985 .signing_keys()
1986 .iter()
1987 .map(|(k, v)| (k.to_owned(), v.to_base64()))
1988 .collect(),
1989 session_id: Some(session.session_id().to_owned()),
1990 },
1991 verification_state,
1992 }))
1993 }
1994
1995 async fn decrypt_megolm_events(
1996 &self,
1997 room_id: &RoomId,
1998 event: &EncryptedEvent,
1999 content: &SupportedEventEncryptionSchemes<'_>,
2000 decryption_settings: &DecryptionSettings,
2001 ) -> MegolmResult<(JsonObject, Arc<EncryptionInfo>)> {
2002 let session =
2003 self.get_inbound_group_session_or_error(room_id, content.session_id()).await?;
2004
2005 Span::current().record("sender_key", debug(session.sender_key()));
2011
2012 let result = session.decrypt(event).await;
2013 match result {
2014 Ok((decrypted_event, _)) => {
2015 let encryption_info = self.get_encryption_info(&session, &event.sender).await?;
2016
2017 self.check_sender_trust_requirement(
2018 &session,
2019 &encryption_info,
2020 &decryption_settings.sender_device_trust_requirement,
2021 )?;
2022
2023 Ok((decrypted_event, encryption_info))
2024 }
2025 Err(error) => Err(
2026 if let MegolmError::Decryption(DecryptionError::UnknownMessageIndex(_, _)) = error {
2027 let withheld_code = self
2028 .inner
2029 .store
2030 .get_withheld_info(room_id, content.session_id())
2031 .await?
2032 .map(|e| e.content.withheld_code());
2033
2034 if withheld_code.is_some() {
2035 MegolmError::MissingRoomKey(withheld_code)
2037 } else {
2038 error
2039 }
2040 } else {
2041 error
2042 },
2043 ),
2044 }
2045 }
2046
2047 fn check_sender_trust_requirement(
2053 &self,
2054 session: &InboundGroupSession,
2055 encryption_info: &EncryptionInfo,
2056 trust_requirement: &TrustRequirement,
2057 ) -> MegolmResult<()> {
2058 trace!(
2059 verification_state = ?encryption_info.verification_state,
2060 ?trust_requirement, "check_sender_trust_requirement",
2061 );
2062
2063 let verification_level = match &encryption_info.verification_state {
2066 VerificationState::Verified => return Ok(()),
2067 VerificationState::Unverified(verification_level) => verification_level,
2068 };
2069
2070 let ok = match trust_requirement {
2071 TrustRequirement::Untrusted => true,
2072
2073 TrustRequirement::CrossSignedOrLegacy => {
2074 let legacy_session = match session.sender_data {
2080 SenderData::DeviceInfo { legacy_session, .. } => legacy_session,
2081 SenderData::UnknownDevice { legacy_session, .. } => legacy_session,
2082 _ => false,
2083 };
2084
2085 match (verification_level, legacy_session) {
2095 (VerificationLevel::UnverifiedIdentity, _) => true,
2097
2098 (VerificationLevel::UnsignedDevice, true) => true,
2100
2101 (VerificationLevel::None(_), true) => true,
2103
2104 (VerificationLevel::VerificationViolation, _)
2106 | (VerificationLevel::MismatchedSender, _)
2107 | (VerificationLevel::UnsignedDevice, false)
2108 | (VerificationLevel::None(_), false) => false,
2109 }
2110 }
2111
2112 TrustRequirement::CrossSigned => match verification_level {
2115 VerificationLevel::UnverifiedIdentity => true,
2116
2117 VerificationLevel::VerificationViolation
2118 | VerificationLevel::MismatchedSender
2119 | VerificationLevel::UnsignedDevice
2120 | VerificationLevel::None(_) => false,
2121 },
2122 };
2123
2124 if ok {
2125 Ok(())
2126 } else {
2127 Err(MegolmError::SenderIdentityNotTrusted(verification_level.clone()))
2128 }
2129 }
2130
2131 async fn get_inbound_group_session_or_error(
2136 &self,
2137 room_id: &RoomId,
2138 session_id: &str,
2139 ) -> MegolmResult<InboundGroupSession> {
2140 match self.store().get_inbound_group_session(room_id, session_id).await? {
2141 Some(session) => Ok(session),
2142 None => {
2143 let withheld_code = self
2144 .inner
2145 .store
2146 .get_withheld_info(room_id, session_id)
2147 .await?
2148 .map(|e| e.content.withheld_code());
2149 Err(MegolmError::MissingRoomKey(withheld_code))
2150 }
2151 }
2152 }
2153
2154 pub async fn try_decrypt_room_event(
2169 &self,
2170 raw_event: &Raw<EncryptedEvent>,
2171 room_id: &RoomId,
2172 decryption_settings: &DecryptionSettings,
2173 ) -> Result<RoomEventDecryptionResult, CryptoStoreError> {
2174 match self.decrypt_room_event_inner(raw_event, room_id, true, decryption_settings).await {
2175 Ok(decrypted) => Ok(RoomEventDecryptionResult::Decrypted(decrypted)),
2176 Err(err) => Ok(RoomEventDecryptionResult::UnableToDecrypt(megolm_error_to_utd_info(
2177 raw_event, err,
2178 )?)),
2179 }
2180 }
2181
2182 pub async fn decrypt_room_event(
2190 &self,
2191 event: &Raw<EncryptedEvent>,
2192 room_id: &RoomId,
2193 decryption_settings: &DecryptionSettings,
2194 ) -> MegolmResult<DecryptedRoomEvent> {
2195 self.decrypt_room_event_inner(event, room_id, true, decryption_settings).await
2196 }
2197
2198 #[instrument(name = "decrypt_room_event", skip_all, fields(?room_id, event_id, origin_server_ts, sender, algorithm, session_id, message_index, sender_key))]
2199 async fn decrypt_room_event_inner(
2200 &self,
2201 event: &Raw<EncryptedEvent>,
2202 room_id: &RoomId,
2203 decrypt_unsigned: bool,
2204 decryption_settings: &DecryptionSettings,
2205 ) -> MegolmResult<DecryptedRoomEvent> {
2206 let _timer = timer!(tracing::Level::TRACE, "_method");
2207
2208 let event = event.deserialize()?;
2209
2210 Span::current()
2211 .record("sender", debug(&event.sender))
2212 .record("event_id", debug(&event.event_id))
2213 .record(
2214 "origin_server_ts",
2215 timestamp_to_iso8601(event.origin_server_ts)
2216 .unwrap_or_else(|| "<out of range>".to_owned()),
2217 )
2218 .record("algorithm", debug(event.content.algorithm()));
2219
2220 let content: SupportedEventEncryptionSchemes<'_> = match &event.content.scheme {
2221 RoomEventEncryptionScheme::MegolmV1AesSha2(c) => {
2222 Span::current().record("sender_key", debug(c.sender_key));
2223 c.into()
2224 }
2225 #[cfg(feature = "experimental-algorithms")]
2226 RoomEventEncryptionScheme::MegolmV2AesSha2(c) => c.into(),
2227 RoomEventEncryptionScheme::Unknown(_) => {
2228 warn!("Received an encrypted room event with an unsupported algorithm");
2229 return Err(EventError::UnsupportedAlgorithm.into());
2230 }
2231 };
2232
2233 Span::current().record("session_id", content.session_id());
2234 Span::current().record("message_index", content.message_index());
2235
2236 let result =
2237 self.decrypt_megolm_events(room_id, &event, &content, decryption_settings).await;
2238
2239 if let Err(e) = &result {
2240 #[cfg(feature = "automatic-room-key-forwarding")]
2241 match e {
2242 MegolmError::MissingRoomKey(_)
2245 | MegolmError::Decryption(DecryptionError::UnknownMessageIndex(_, _)) => {
2246 self.inner
2247 .key_request_machine
2248 .create_outgoing_key_request(room_id, &event)
2249 .await?;
2250 }
2251 _ => {}
2252 }
2253
2254 warn!("Failed to decrypt a room event: {e}");
2255 }
2256
2257 let (mut decrypted_event, encryption_info) = result?;
2258
2259 let mut unsigned_encryption_info = None;
2260 if decrypt_unsigned {
2261 unsigned_encryption_info = self
2263 .decrypt_unsigned_events(&mut decrypted_event, room_id, decryption_settings)
2264 .await;
2265 }
2266
2267 let decrypted_event =
2268 serde_json::from_value::<Raw<AnyTimelineEvent>>(decrypted_event.into())?;
2269
2270 #[cfg(feature = "experimental-encrypted-state-events")]
2271 self.verify_packed_state_key(&event, &decrypted_event)?;
2272
2273 Ok(DecryptedRoomEvent { event: decrypted_event, encryption_info, unsigned_encryption_info })
2274 }
2275
2276 #[cfg(feature = "experimental-encrypted-state-events")]
2293 fn verify_packed_state_key(
2294 &self,
2295 original: &EncryptedEvent,
2296 decrypted: &Raw<AnyTimelineEvent>,
2297 ) -> MegolmResult<()> {
2298 use serde::Deserialize;
2299
2300 #[derive(Deserialize)]
2302 struct PayloadDeserializationHelper {
2303 state_key: Option<String>,
2304 #[serde(rename = "type")]
2305 event_type: String,
2306 }
2307
2308 let PayloadDeserializationHelper {
2310 state_key: inner_state_key,
2311 event_type: inner_event_type,
2312 } = decrypted
2313 .deserialize_as_unchecked()
2314 .map_err(|_| MegolmError::StateKeyVerificationFailed)?;
2315
2316 let (raw_state_key, inner_state_key) = match (&original.state_key, &inner_state_key) {
2318 (Some(raw_state_key), Some(inner_state_key)) => (raw_state_key, inner_state_key),
2319 (None, None) => return Ok(()),
2320 _ => return Err(MegolmError::StateKeyVerificationFailed),
2321 };
2322
2323 let (outer_event_type, outer_state_key) =
2325 raw_state_key.split_once(":").ok_or(MegolmError::StateKeyVerificationFailed)?;
2326
2327 if outer_event_type != inner_event_type {
2329 return Err(MegolmError::StateKeyVerificationFailed);
2330 }
2331
2332 if outer_state_key != inner_state_key {
2334 return Err(MegolmError::StateKeyVerificationFailed);
2335 }
2336 Ok(())
2337 }
2338
2339 async fn decrypt_unsigned_events(
2349 &self,
2350 main_event: &mut JsonObject,
2351 room_id: &RoomId,
2352 decryption_settings: &DecryptionSettings,
2353 ) -> Option<BTreeMap<UnsignedEventLocation, UnsignedDecryptionResult>> {
2354 let unsigned = main_event.get_mut("unsigned")?.as_object_mut()?;
2355 let mut unsigned_encryption_info: Option<
2356 BTreeMap<UnsignedEventLocation, UnsignedDecryptionResult>,
2357 > = None;
2358
2359 let location = UnsignedEventLocation::RelationsReplace;
2361 let replace = location.find_mut(unsigned);
2362 if let Some(decryption_result) =
2363 self.decrypt_unsigned_event(replace, room_id, decryption_settings).await
2364 {
2365 unsigned_encryption_info
2366 .get_or_insert_with(Default::default)
2367 .insert(location, decryption_result);
2368 }
2369
2370 let location = UnsignedEventLocation::RelationsThreadLatestEvent;
2373 let thread_latest_event = location.find_mut(unsigned);
2374 if let Some(decryption_result) =
2375 self.decrypt_unsigned_event(thread_latest_event, room_id, decryption_settings).await
2376 {
2377 unsigned_encryption_info
2378 .get_or_insert_with(Default::default)
2379 .insert(location, decryption_result);
2380 }
2381
2382 unsigned_encryption_info
2383 }
2384
2385 fn decrypt_unsigned_event<'a>(
2393 &'a self,
2394 event: Option<&'a mut Value>,
2395 room_id: &'a RoomId,
2396 decryption_settings: &'a DecryptionSettings,
2397 ) -> BoxFuture<'a, Option<UnsignedDecryptionResult>> {
2398 Box::pin(async move {
2399 let event = event?;
2400
2401 let is_encrypted = event
2402 .get("type")
2403 .and_then(|type_| type_.as_str())
2404 .is_some_and(|s| s == "m.room.encrypted");
2405 if !is_encrypted {
2406 return None;
2407 }
2408
2409 let raw_event = serde_json::from_value(event.clone()).ok()?;
2410 match self
2411 .decrypt_room_event_inner(&raw_event, room_id, false, decryption_settings)
2412 .await
2413 {
2414 Ok(decrypted_event) => {
2415 *event = serde_json::to_value(decrypted_event.event).ok()?;
2417 Some(UnsignedDecryptionResult::Decrypted(decrypted_event.encryption_info))
2418 }
2419 Err(err) => {
2420 let utd_info = megolm_error_to_utd_info(&raw_event, err).ok()?;
2425 Some(UnsignedDecryptionResult::UnableToDecrypt(utd_info))
2426 }
2427 }
2428 })
2429 }
2430
2431 pub async fn is_room_key_available(
2438 &self,
2439 event: &Raw<EncryptedEvent>,
2440 room_id: &RoomId,
2441 ) -> Result<bool, CryptoStoreError> {
2442 let event = event.deserialize()?;
2443
2444 let (session_id, message_index) = match &event.content.scheme {
2445 RoomEventEncryptionScheme::MegolmV1AesSha2(c) => {
2446 (&c.session_id, c.ciphertext.message_index())
2447 }
2448 #[cfg(feature = "experimental-algorithms")]
2449 RoomEventEncryptionScheme::MegolmV2AesSha2(c) => {
2450 (&c.session_id, c.ciphertext.message_index())
2451 }
2452 RoomEventEncryptionScheme::Unknown(_) => {
2453 return Ok(false);
2455 }
2456 };
2457
2458 Ok(self
2461 .store()
2462 .get_inbound_group_session(room_id, session_id)
2463 .await?
2464 .filter(|s| s.first_known_index() <= message_index)
2465 .is_some())
2466 }
2467
2468 #[instrument(skip(self, event), fields(event_id, sender, session_id))]
2481 pub async fn get_room_event_encryption_info(
2482 &self,
2483 event: &Raw<EncryptedEvent>,
2484 room_id: &RoomId,
2485 ) -> MegolmResult<Arc<EncryptionInfo>> {
2486 let event = event.deserialize()?;
2487
2488 let content: SupportedEventEncryptionSchemes<'_> = match &event.content.scheme {
2489 RoomEventEncryptionScheme::MegolmV1AesSha2(c) => c.into(),
2490 #[cfg(feature = "experimental-algorithms")]
2491 RoomEventEncryptionScheme::MegolmV2AesSha2(c) => c.into(),
2492 RoomEventEncryptionScheme::Unknown(_) => {
2493 return Err(EventError::UnsupportedAlgorithm.into());
2494 }
2495 };
2496
2497 Span::current()
2498 .record("sender", debug(&event.sender))
2499 .record("event_id", debug(&event.event_id))
2500 .record("session_id", content.session_id());
2501
2502 self.get_session_encryption_info(room_id, content.session_id(), &event.sender).await
2503 }
2504
2505 pub async fn get_session_encryption_info(
2520 &self,
2521 room_id: &RoomId,
2522 session_id: &str,
2523 sender: &UserId,
2524 ) -> MegolmResult<Arc<EncryptionInfo>> {
2525 let session = self.get_inbound_group_session_or_error(room_id, session_id).await?;
2526 self.get_encryption_info(&session, sender).await
2527 }
2528
2529 pub async fn update_tracked_users(
2547 &self,
2548 users: impl IntoIterator<Item = &UserId>,
2549 ) -> StoreResult<()> {
2550 self.inner.identity_manager.update_tracked_users(users).await
2551 }
2552
2553 pub async fn mark_all_tracked_users_as_dirty(&self) -> StoreResult<()> {
2558 self.inner
2559 .identity_manager
2560 .mark_all_tracked_users_as_dirty(self.inner.store.cache().await?)
2561 .await
2562 }
2563
2564 async fn wait_if_user_pending(
2565 &self,
2566 user_id: &UserId,
2567 timeout: Option<Duration>,
2568 ) -> StoreResult<()> {
2569 if let Some(timeout) = timeout {
2570 let cache = self.store().cache().await?;
2571 self.inner
2572 .identity_manager
2573 .key_query_manager
2574 .wait_if_user_key_query_pending(cache, timeout, user_id)
2575 .await?;
2576 }
2577 Ok(())
2578 }
2579
2580 #[instrument(skip(self))]
2610 pub async fn get_device(
2611 &self,
2612 user_id: &UserId,
2613 device_id: &DeviceId,
2614 timeout: Option<Duration>,
2615 ) -> StoreResult<Option<Device>> {
2616 self.wait_if_user_pending(user_id, timeout).await?;
2617 self.store().get_device(user_id, device_id).await
2618 }
2619
2620 #[instrument(skip(self))]
2634 pub async fn get_identity(
2635 &self,
2636 user_id: &UserId,
2637 timeout: Option<Duration>,
2638 ) -> StoreResult<Option<UserIdentity>> {
2639 self.wait_if_user_pending(user_id, timeout).await?;
2640 self.store().get_identity(user_id).await
2641 }
2642
2643 #[instrument(skip(self))]
2670 pub async fn get_user_devices(
2671 &self,
2672 user_id: &UserId,
2673 timeout: Option<Duration>,
2674 ) -> StoreResult<UserDevices> {
2675 self.wait_if_user_pending(user_id, timeout).await?;
2676 self.store().get_user_devices(user_id).await
2677 }
2678
2679 pub async fn cross_signing_status(&self) -> CrossSigningStatus {
2684 self.inner.user_identity.lock().await.status().await
2685 }
2686
2687 pub async fn export_cross_signing_keys(&self) -> StoreResult<Option<CrossSigningKeyExport>> {
2695 let master_key = self.store().export_secret(&SecretName::CrossSigningMasterKey).await?;
2696 let self_signing_key =
2697 self.store().export_secret(&SecretName::CrossSigningSelfSigningKey).await?;
2698 let user_signing_key =
2699 self.store().export_secret(&SecretName::CrossSigningUserSigningKey).await?;
2700
2701 Ok(if master_key.is_none() && self_signing_key.is_none() && user_signing_key.is_none() {
2702 None
2703 } else {
2704 Some(CrossSigningKeyExport { master_key, self_signing_key, user_signing_key })
2705 })
2706 }
2707
2708 pub async fn import_cross_signing_keys(
2713 &self,
2714 export: CrossSigningKeyExport,
2715 ) -> Result<CrossSigningStatus, SecretImportError> {
2716 self.store().import_cross_signing_keys(export).await
2717 }
2718
2719 async fn sign_with_master_key(
2720 &self,
2721 message: &str,
2722 ) -> Result<(OwnedDeviceKeyId, Ed25519Signature), SignatureError> {
2723 let identity = &*self.inner.user_identity.lock().await;
2724 let key_id = identity.master_key_id().await.ok_or(SignatureError::MissingSigningKey)?;
2725
2726 let signature = identity.sign(message).await?;
2727
2728 Ok((key_id, signature))
2729 }
2730
2731 pub async fn sign(&self, message: &str) -> Result<Signatures, CryptoStoreError> {
2737 let mut signatures = Signatures::new();
2738
2739 {
2740 let cache = self.inner.store.cache().await?;
2741 let account = cache.account().await?;
2742 let key_id = account.signing_key_id();
2743 let signature = account.sign(message);
2744 signatures.add_signature(self.user_id().to_owned(), key_id, signature);
2745 }
2746
2747 match self.sign_with_master_key(message).await {
2748 Ok((key_id, signature)) => {
2749 signatures.add_signature(self.user_id().to_owned(), key_id, signature);
2750 }
2751 Err(e) => {
2752 warn!(error = ?e, "Couldn't sign the message using the cross signing master key")
2753 }
2754 }
2755
2756 Ok(signatures)
2757 }
2758
2759 pub fn backup_machine(&self) -> &BackupMachine {
2764 &self.inner.backup_machine
2765 }
2766
2767 pub async fn initialize_crypto_store_generation(
2771 &self,
2772 generation: &Mutex<Option<u64>>,
2773 ) -> StoreResult<()> {
2774 let mut gen_guard = generation.lock().await;
2777
2778 let prev_generation =
2779 self.inner.store.get_custom_value(Self::CURRENT_GENERATION_STORE_KEY).await?;
2780
2781 let gen = match prev_generation {
2782 Some(val) => {
2783 u64::from_le_bytes(val.try_into().map_err(|_| {
2786 CryptoStoreError::InvalidLockGeneration("invalid format".to_owned())
2787 })?)
2788 .wrapping_add(1)
2789 }
2790 None => 0,
2791 };
2792
2793 tracing::debug!("Initialising crypto store generation at {}", gen);
2794
2795 self.inner
2796 .store
2797 .set_custom_value(Self::CURRENT_GENERATION_STORE_KEY, gen.to_le_bytes().to_vec())
2798 .await?;
2799
2800 *gen_guard = Some(gen);
2801
2802 Ok(())
2803 }
2804
2805 pub async fn maintain_crypto_store_generation(
2830 &'_ self,
2831 generation: &Mutex<Option<u64>>,
2832 ) -> StoreResult<(bool, u64)> {
2833 let mut gen_guard = generation.lock().await;
2834
2835 let actual_gen = self
2841 .inner
2842 .store
2843 .get_custom_value(Self::CURRENT_GENERATION_STORE_KEY)
2844 .await?
2845 .ok_or_else(|| {
2846 CryptoStoreError::InvalidLockGeneration("counter missing in store".to_owned())
2847 })?;
2848
2849 let actual_gen =
2850 u64::from_le_bytes(actual_gen.try_into().map_err(|_| {
2851 CryptoStoreError::InvalidLockGeneration("invalid format".to_owned())
2852 })?);
2853
2854 let new_gen = match gen_guard.as_ref() {
2855 Some(expected_gen) => {
2856 if actual_gen == *expected_gen {
2857 return Ok((false, actual_gen));
2858 }
2859 actual_gen.max(*expected_gen).wrapping_add(1)
2861 }
2862 None => {
2863 actual_gen.wrapping_add(1)
2866 }
2867 };
2868
2869 tracing::debug!(
2870 "Crypto store generation mismatch: previously known was {:?}, actual is {:?}, next is {}",
2871 *gen_guard,
2872 actual_gen,
2873 new_gen
2874 );
2875
2876 *gen_guard = Some(new_gen);
2878
2879 self.inner
2881 .store
2882 .set_custom_value(Self::CURRENT_GENERATION_STORE_KEY, new_gen.to_le_bytes().to_vec())
2883 .await?;
2884
2885 Ok((true, new_gen))
2886 }
2887
2888 pub fn dehydrated_devices(&self) -> DehydratedDevices {
2890 DehydratedDevices { inner: self.to_owned() }
2891 }
2892
2893 pub async fn room_settings(&self, room_id: &RoomId) -> StoreResult<Option<RoomSettings>> {
2898 self.inner.store.get_room_settings(room_id).await
2901 }
2902
2903 pub async fn set_room_settings(
2914 &self,
2915 room_id: &RoomId,
2916 new_settings: &RoomSettings,
2917 ) -> Result<(), SetRoomSettingsError> {
2918 let store = &self.inner.store;
2919
2920 let _store_transaction = store.transaction().await;
2925
2926 let old_settings = store.get_room_settings(room_id).await?;
2927
2928 if let Some(old_settings) = old_settings {
2941 if old_settings != *new_settings {
2942 return Err(SetRoomSettingsError::EncryptionDowngrade);
2943 } else {
2944 return Ok(());
2946 }
2947 }
2948
2949 match new_settings.algorithm {
2951 EventEncryptionAlgorithm::MegolmV1AesSha2 => (),
2952
2953 #[cfg(feature = "experimental-algorithms")]
2954 EventEncryptionAlgorithm::MegolmV2AesSha2 => (),
2955
2956 _ => {
2957 warn!(
2958 ?room_id,
2959 "Rejecting invalid encryption algorithm {}", new_settings.algorithm
2960 );
2961 return Err(SetRoomSettingsError::InvalidSettings);
2962 }
2963 }
2964
2965 store
2967 .save_changes(Changes {
2968 room_settings: HashMap::from([(room_id.to_owned(), new_settings.clone())]),
2969 ..Default::default()
2970 })
2971 .await?;
2972
2973 Ok(())
2974 }
2975
2976 #[cfg(any(feature = "testing", test))]
2980 pub fn same_as(&self, other: &OlmMachine) -> bool {
2981 Arc::ptr_eq(&self.inner, &other.inner)
2982 }
2983
2984 #[cfg(any(feature = "testing", test))]
2986 pub async fn uploaded_key_count(&self) -> Result<u64, CryptoStoreError> {
2987 let cache = self.inner.store.cache().await?;
2988 let account = cache.account().await?;
2989 Ok(account.uploaded_key_count())
2990 }
2991
2992 #[cfg(test)]
2994 pub(crate) fn identity_manager(&self) -> &IdentityManager {
2995 &self.inner.identity_manager
2996 }
2997
2998 #[cfg(test)]
3000 pub(crate) fn key_for_has_migrated_verification_latch() -> &'static str {
3001 Self::HAS_MIGRATED_VERIFICATION_LATCH
3002 }
3003}
3004
3005fn sender_data_to_verification_state(
3006 sender_data: SenderData,
3007 session_has_been_imported: bool,
3008) -> (VerificationState, Option<OwnedDeviceId>) {
3009 match sender_data {
3010 SenderData::UnknownDevice { owner_check_failed: false, .. } => {
3011 let device_link_problem = if session_has_been_imported {
3012 DeviceLinkProblem::InsecureSource
3013 } else {
3014 DeviceLinkProblem::MissingDevice
3015 };
3016
3017 (VerificationState::Unverified(VerificationLevel::None(device_link_problem)), None)
3018 }
3019 SenderData::UnknownDevice { owner_check_failed: true, .. } => (
3020 VerificationState::Unverified(VerificationLevel::None(
3021 DeviceLinkProblem::InsecureSource,
3022 )),
3023 None,
3024 ),
3025 SenderData::DeviceInfo { device_keys, .. } => (
3026 VerificationState::Unverified(VerificationLevel::UnsignedDevice),
3027 Some(device_keys.device_id),
3028 ),
3029 SenderData::VerificationViolation(KnownSenderData { device_id, .. }) => {
3030 (VerificationState::Unverified(VerificationLevel::VerificationViolation), device_id)
3031 }
3032 SenderData::SenderUnverified(KnownSenderData { device_id, .. }) => {
3033 (VerificationState::Unverified(VerificationLevel::UnverifiedIdentity), device_id)
3034 }
3035 SenderData::SenderVerified(KnownSenderData { device_id, .. }) => {
3036 (VerificationState::Verified, device_id)
3037 }
3038 }
3039}
3040
3041#[derive(Debug, Clone)]
3044pub struct CrossSigningBootstrapRequests {
3045 pub upload_keys_req: Option<OutgoingRequest>,
3052
3053 pub upload_signing_keys_req: UploadSigningKeysRequest,
3057
3058 pub upload_signatures_req: UploadSignaturesRequest,
3063}
3064
3065#[derive(Debug)]
3068pub struct EncryptionSyncChanges<'a> {
3069 pub to_device_events: Vec<Raw<AnyToDeviceEvent>>,
3071 pub changed_devices: &'a DeviceLists,
3074 pub one_time_keys_counts: &'a BTreeMap<OneTimeKeyAlgorithm, UInt>,
3076 pub unused_fallback_keys: Option<&'a [OneTimeKeyAlgorithm]>,
3078 pub next_batch_token: Option<String>,
3080}
3081
3082fn megolm_error_to_utd_info(
3090 raw_event: &Raw<EncryptedEvent>,
3091 error: MegolmError,
3092) -> Result<UnableToDecryptInfo, CryptoStoreError> {
3093 use MegolmError::*;
3094 let reason = match error {
3095 EventError(_) => UnableToDecryptReason::MalformedEncryptedEvent,
3096 Decode(_) => UnableToDecryptReason::MalformedEncryptedEvent,
3097 MissingRoomKey(maybe_withheld) => {
3098 UnableToDecryptReason::MissingMegolmSession { withheld_code: maybe_withheld }
3099 }
3100 Decryption(DecryptionError::UnknownMessageIndex(_, _)) => {
3101 UnableToDecryptReason::UnknownMegolmMessageIndex
3102 }
3103 Decryption(_) => UnableToDecryptReason::MegolmDecryptionFailure,
3104 JsonError(_) => UnableToDecryptReason::PayloadDeserializationFailure,
3105 MismatchedIdentityKeys(_) => UnableToDecryptReason::MismatchedIdentityKeys,
3106 SenderIdentityNotTrusted(level) => UnableToDecryptReason::SenderIdentityNotTrusted(level),
3107 #[cfg(feature = "experimental-encrypted-state-events")]
3108 StateKeyVerificationFailed => UnableToDecryptReason::StateKeyVerificationFailed,
3109
3110 Store(error) => Err(error)?,
3113 };
3114
3115 let session_id = raw_event.deserialize().ok().and_then(|ev| match ev.content.scheme {
3116 RoomEventEncryptionScheme::MegolmV1AesSha2(s) => Some(s.session_id),
3117 #[cfg(feature = "experimental-algorithms")]
3118 RoomEventEncryptionScheme::MegolmV2AesSha2(s) => Some(s.session_id),
3119 RoomEventEncryptionScheme::Unknown(_) => None,
3120 });
3121
3122 Ok(UnableToDecryptInfo { session_id, reason })
3123}
3124
3125#[derive(Debug, thiserror::Error)]
3135pub(crate) enum DecryptToDeviceError {
3136 #[error("An Olm error occurred meaning we failed to decrypt the event")]
3137 OlmError(#[from] OlmError),
3138
3139 #[error("The event was sent from a dehydrated device")]
3140 FromDehydratedDevice,
3141}
3142
3143impl From<CryptoStoreError> for DecryptToDeviceError {
3144 fn from(value: CryptoStoreError) -> Self {
3145 Self::OlmError(value.into())
3146 }
3147}
3148
3149#[cfg(test)]
3150impl From<DecryptToDeviceError> for OlmError {
3151 fn from(value: DecryptToDeviceError) -> Self {
3154 match value {
3155 DecryptToDeviceError::OlmError(olm_error) => olm_error,
3156 DecryptToDeviceError::FromDehydratedDevice => {
3157 panic!("Expected an OlmError but found FromDehydratedDevice")
3158 }
3159 }
3160 }
3161}
3162
3163#[cfg(test)]
3164pub(crate) mod test_helpers;
3165
3166#[cfg(test)]
3167pub(crate) mod tests;