crypto: look up sender device for key bundles

richvdh · richvdh · commit 0a1874191da1 · 2025-10-09T01:01:58.000+01:00
diff --git a/crates/matrix-sdk-crypto/src/olm/account.rs b/crates/matrix-sdk-crypto/src/olm/account.rs
@@ -1540,6 +1540,14 @@ impl Account {
     }
 
     /// Look up the [`Device`] that sent us a successfully-decrypted event.
+    ///
+    /// Also validates the `sender_device_keys` field, if present.
+    ///
+    /// `m.room_key` events are special-cased and return `None`: we look up
+    /// their devices later on.
+    ///
+    /// For other events, we look up the device in the store, and return the
+    /// details.
     async fn get_event_sender_device(
         store: &Store,
         sender_key: Curve25519PublicKey,
@@ -1550,13 +1558,15 @@ impl Account {
         // valid. The processing of the historic room key bundle depends on this being
         // here.
         Self::check_sender_device_keys(event, sender_key)?;
-        let mut sender_device: Option<Device> = None;
         if let AnyDecryptedOlmEvent::RoomKey(_) = event {
             // If this event is an `m.room_key` event, defer the check for
             // the Ed25519 key of the sender until we decrypt room events.
             // This ensures that we receive the room key even if we don't
             // have access to the device.
-        } else if let AnyDecryptedOlmEvent::RoomKeyBundle(_) = event {
+            return Ok(None);
+        }
+
+        if let AnyDecryptedOlmEvent::RoomKeyBundle(_) = event {
             // If this is a room key bundle we're requiring the device keys to be part of
             // the `AnyDecryptedOlmEvent`. This ensures that we can skip the check for the
             // Ed25519 key below since `Self::check_sender_device_keys` already did so.
@@ -1566,22 +1576,24 @@ impl Account {
             event.sender_device_keys().ok_or(EventError::MissingSigningKey).inspect_err(|_| {
                 warn!("The room key bundle was missing the sender device keys in the event")
             })?;
-        } else {
-            let device = store
-                .get_device_from_curve_key(event.sender(), sender_key)
-                .await?
-                .ok_or(EventError::MissingSigningKey)?;
+        }
 
-            let key = device.ed25519_key().ok_or(EventError::MissingSigningKey)?;
+        let device = store
+            .get_device_from_curve_key(event.sender(), sender_key)
+            .await?
+            .ok_or(EventError::MissingSigningKey)?;
 
-            if key != event.keys().ed25519 {
-                return Err(
-                    EventError::MismatchedKeys(key.into(), event.keys().ed25519.into()).into()
-                );
-            }
-            sender_device = Some(device);
+        let key = device.ed25519_key().ok_or(EventError::MissingSigningKey)?;
+
+        if key != event.keys().ed25519 {
+            return Err(EventError::MismatchedKeys(key.into(), event.keys().ed25519.into()).into());
         }
-        Ok(sender_device)
+
+        // TODO: we may want to consider falling back to the details from
+        //   `sender_device_keys` if the device isn't in the store, to make
+        //   things work better when the sending device is not (yet) known.
+
+        Ok(Some(device))
     }
 
     /// Return true if:
