crypto: Fix bugs in processing incoming encrypted to-device messages #5763
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
richvdh
force-pushed
the
rav/history_sharing_exclude_insecure_devices
branch
from
a364d10 to
0a18741
Compare
CodSpeed Performance ReportMerging #5763 will not alter performanceComparing Summary
|
`Account::parse_decrypted_to_device_event` is getting a bit big and unwieldy, so factor out the bit that attempts to find the sending device. (Also, remove an outdated TODO.)
richvdh
force-pushed
the
rav/history_sharing_exclude_insecure_devices
branch
from
0a18741 to
28beb91
Compare
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #5763 +/- ##
==========================================
+ Coverage 88.42% 88.43% +0.01%
==========================================
Files 360 360
Lines 99796 99842 +46
Branches 99796 99842 +46
==========================================
+ Hits 88244 88300 +56
+ Misses 7411 7399 -12
- Partials 4141 4143 +2 ☔ View full report in Codecov by Sentry. |
Currently, when we receive a room key bundle to-device event, we don't look up the sender device at all, meaning that the message is then marked as "from missing device", which means that if you turn on "exclude insecure devices", the message is dropped. This patch changes the logic so that room key bundle to-device events are treated the same way as most other to-device events (except room keys, which continue to be special). Fixes: #5613, although the integration test now fails because instead we hit #5768.
I'm going to need to suppress `sender_device_keys` for more tests, so pull out a test helper to help with this.
…per` No need to convert the event content to a to-device request, and then convert back again.
…sages When receiving an encrypted to-device message, if the sender device is not in the store, but the event includes `sender_device_keys`, use `sender_device_keys` to do the verification checks etc. Fixes: #5768
Add a test to ensure that history-sharing still works when "exclude insecure devices" is enabled.
richvdh
force-pushed
the
rav/history_sharing_exclude_insecure_devices
branch
from
fbe146a to
c6d1b60
Compare
richvdh
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR fixes a pair of bugs around how device verification on incoming encrypted to-device messages. See individual commits for more details.
Fixes: #5613
Fixes: #5768