matrix/matrix-js-sdk
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-js-sdk.git synced 2025-11-29 16:43:09 +03:00
Code Activity

Reinstate device blocking for simple Olm

Browse Source 
Commit 4cde51b3 broke device blocking such that we were encrypting for all
devices, including blocked ones. Reinstate it, and add a test.
This commit is contained in:
Richard van der Hoff
2016-08-24 08:04:13 +01:00
parent ba339ffdad
commit 31e7addf2f
2 changed files with 47 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
lib/crypto-algorithms/olm.js
View File

@@ -24,6 +24,9 @@ var q = require('q');
var utils = require("../utils"); var utils = require("../utils");
var olmlib = require("../olmlib"); var olmlib = require("../olmlib");
var DeviceInfo = require("../crypto-deviceinfo");
var DeviceVerification = DeviceInfo.DeviceVerification;
var base = require("./base"); var base = require("./base");
@@ -77,23 +80,19 @@ OlmEncryption.prototype.encryptMessage = function(room, eventType, content) {
var userId = users[i]; var userId = users[i];
var devices = this._crypto.getStoredDevicesForUser(userId); var devices = this._crypto.getStoredDevicesForUser(userId);
for (var j = 0; j < devices.length; ++j) { for (var j = 0; j < devices.length; ++j) {
var dev = devices[j]; var deviceInfo = devices[j];
if (dev.blocked) { var key = deviceInfo.getIdentityKey();
if (key == this._olmDevice.deviceCurve25519Key) {
// don't bother setting up session to ourself
continue;
}
if (deviceInfo.verified == DeviceVerification.BLOCKED) {
// don't bother setting up sessions with blocked users
continue; continue;
} }
for (var keyId in dev.keys) {
if (keyId.indexOf("curve25519:") === 0) {
var key = dev.keys[keyId];
// don't send to ourselves.
if (key != this._olmDevice.deviceCurve25519Key) {
participantKeys.push(key); participantKeys.push(key);
} }
} }
}
}
}
return q( return q(
olmlib.encryptMessageForDevices( olmlib.encryptMessageForDevices(

54
spec/integ/matrix-client-crypto.spec.js
View File

@@ -2,7 +2,9 @@
var sdk = require("../.."); var sdk = require("../..");
var q = require("q"); var q = require("q");
var HttpBackend = require("../mock-request"); var HttpBackend = require("../mock-request");
var utils = require("../test-utils"); var utils = require("../../lib/utils");
var test_utils = require("../test-utils");
function MockStorageApi() { function MockStorageApi() {
this.data = {}; this.data = {};
} }
@@ -119,7 +121,7 @@ function expectBobKeyUpload() {
} }
function bobUploadsKeys() { function bobUploadsKeys() {
bobClient.uploadKeys(5).catch(utils.failTest); bobClient.uploadKeys(5).catch(test_utils.failTest);
return expectBobKeyUpload(); return expectBobKeyUpload();
} }
@@ -194,7 +196,7 @@ function aliEnablesEncryption() {
// can't query keys before bob has uploaded them // can't query keys before bob has uploaded them
expect(bobOneTimeKeys).toBeDefined(); expect(bobOneTimeKeys).toBeDefined();
aliQueryKeys().catch(utils.failTest); aliQueryKeys().catch(test_utils.failTest);
aliHttpBackend.when("POST", "/keys/claim").respond(200, function(path, content) { aliHttpBackend.when("POST", "/keys/claim").respond(200, function(path, content) {
expect(content.one_time_keys[bobUserId][bobDeviceId]).toEqual("curve25519"); expect(content.one_time_keys[bobUserId][bobDeviceId]).toEqual("curve25519");
for (var keyId in bobOneTimeKeys) { for (var keyId in bobOneTimeKeys) {
@@ -223,7 +225,7 @@ function aliEnablesEncryption() {
} }
function bobEnablesEncryption() { function bobEnablesEncryption() {
bobQueryKeys().catch(utils.failTest); bobQueryKeys().catch(test_utils.failTest);
return bobClient.setRoomEncryption(roomId, { return bobClient.setRoomEncryption(roomId, {
algorithm: "m.olm.v1.curve25519-aes-sha2", algorithm: "m.olm.v1.curve25519-aes-sha2",
}).then(function(res) { }).then(function(res) {
@@ -237,6 +239,7 @@ function bobEnablesEncryption() {
function aliSendsMessage() { function aliSendsMessage() {
return sendMessage(aliHttpBackend, aliClient).then(function(content) { return sendMessage(aliHttpBackend, aliClient).then(function(content) {
aliMessages.push(content); aliMessages.push(content);
expect(utils.keys(content.ciphertext)).toEqual([bobDeviceCurve25519Key]);
var ciphertext = content.ciphertext[bobDeviceCurve25519Key]; var ciphertext = content.ciphertext[bobDeviceCurve25519Key];
expect(ciphertext).toBeDefined(); expect(ciphertext).toBeDefined();
}); });
@@ -247,6 +250,7 @@ function bobSendsMessage() {
bobMessages.push(content); bobMessages.push(content);
var aliKeyId = "curve25519:" + aliDeviceId; var aliKeyId = "curve25519:" + aliDeviceId;
var aliDeviceCurve25519Key = aliDeviceKeys.keys[aliKeyId]; var aliDeviceCurve25519Key = aliDeviceKeys.keys[aliKeyId];
expect(utils.keys(content.ciphertext)).toEqual([aliDeviceCurve25519Key]);
var ciphertext = content.ciphertext[aliDeviceCurve25519Key]; var ciphertext = content.ciphertext[aliDeviceCurve25519Key];
expect(ciphertext).toBeDefined(); expect(ciphertext).toBeDefined();
return ciphertext; return ciphertext;
@@ -293,7 +297,7 @@ function recvMessage(httpBackend, client, message) {
syncData.rooms.join[roomId] = { syncData.rooms.join[roomId] = {
timeline: { timeline: {
events: [ events: [
utils.mkEvent({ test_utils.mkEvent({
type: "m.room.encrypted", type: "m.room.encrypted",
room: roomId, room: roomId,
content: message content: message
@@ -331,7 +335,7 @@ function recvMessage(httpBackend, client, message) {
function aliStartClient() { function aliStartClient() {
expectAliKeyUpload().catch(utils.failTest); expectAliKeyUpload().catch(test_utils.failTest);
startClient(aliHttpBackend, aliClient); startClient(aliHttpBackend, aliClient);
return aliHttpBackend.flush().then(function() { return aliHttpBackend.flush().then(function() {
console.log("Ali client started"); console.log("Ali client started");
@@ -339,7 +343,7 @@ function aliStartClient() {
} }
function bobStartClient() { function bobStartClient() {
expectBobKeyUpload().catch(utils.failTest); expectBobKeyUpload().catch(test_utils.failTest);
startClient(bobHttpBackend, bobClient); startClient(bobHttpBackend, bobClient);
return bobHttpBackend.flush().then(function() { return bobHttpBackend.flush().then(function() {
console.log("Bob client started"); console.log("Bob client started");
@@ -368,11 +372,11 @@ function startClient(httpBackend, client) {
syncData.rooms.join[roomId] = { syncData.rooms.join[roomId] = {
state: { state: {
events: [ events: [
utils.mkMembership({ test_utils.mkMembership({
mship: "join", mship: "join",
user: aliUserId, user: aliUserId,
}), }),
utils.mkMembership({ test_utils.mkMembership({
mship: "join", mship: "join",
user: bobUserId, user: bobUserId,
}), }),
@@ -397,7 +401,7 @@ describe("MatrixClient crypto", function() {
aliLocalStore = new MockStorageApi(); aliLocalStore = new MockStorageApi();
aliStorage = new sdk.WebStorageSessionStore(aliLocalStore); aliStorage = new sdk.WebStorageSessionStore(aliLocalStore);
bobStorage = new sdk.WebStorageSessionStore(new MockStorageApi()); bobStorage = new sdk.WebStorageSessionStore(new MockStorageApi());
utils.beforeEach(this); test_utils.beforeEach(this);
aliHttpBackend = new HttpBackend(); aliHttpBackend = new HttpBackend();
aliClient = sdk.createClient({ aliClient = sdk.createClient({
@@ -436,14 +440,14 @@ describe("MatrixClient crypto", function() {
it("Bob uploads without one-time keys and with one-time keys", function(done) { it("Bob uploads without one-time keys and with one-time keys", function(done) {
q() q()
.then(bobUploadsKeys) .then(bobUploadsKeys)
.catch(utils.failTest).done(done); .catch(test_utils.failTest).done(done);
}); });
it("Ali downloads Bobs keys", function(done) { it("Ali downloads Bobs keys", function(done) {
q() q()
.then(bobUploadsKeys) .then(bobUploadsKeys)
.then(aliDownloadsKeys) .then(aliDownloadsKeys)
.catch(utils.failTest).done(done); .catch(test_utils.failTest).done(done);
}); });
it("Ali gets keys with an invalid signature", function(done) { it("Ali gets keys with an invalid signature", function(done) {
@@ -461,7 +465,7 @@ describe("MatrixClient crypto", function() {
// should get an empty list // should get an empty list
expect(aliClient.listDeviceKeys(bobUserId)).toEqual([]); expect(aliClient.listDeviceKeys(bobUserId)).toEqual([]);
}) })
.catch(utils.failTest).done(done); .catch(test_utils.failTest).done(done);
}); });
it("Ali enables encryption", function(done) { it("Ali enables encryption", function(done) {
@@ -469,7 +473,7 @@ describe("MatrixClient crypto", function() {
.then(bobUploadsKeys) .then(bobUploadsKeys)
.then(aliStartClient) .then(aliStartClient)
.then(aliEnablesEncryption) .then(aliEnablesEncryption)
.catch(utils.failTest).done(done); .catch(test_utils.failTest).done(done);
}); });
it("Ali sends a message", function(done) { it("Ali sends a message", function(done) {
@@ -478,7 +482,7 @@ describe("MatrixClient crypto", function() {
.then(aliStartClient) .then(aliStartClient)
.then(aliEnablesEncryption) .then(aliEnablesEncryption)
.then(aliSendsMessage) .then(aliSendsMessage)
.catch(utils.failTest).done(done); .catch(test_utils.failTest).done(done);
}); });
it("Bob receives a message", function(done) { it("Bob receives a message", function(done) {
@@ -489,7 +493,21 @@ describe("MatrixClient crypto", function() {
.then(aliSendsMessage) .then(aliSendsMessage)
.then(bobStartClient) .then(bobStartClient)
.then(bobRecvMessage) .then(bobRecvMessage)
.catch(utils.failTest).done(done); .catch(test_utils.failTest).done(done);
});
it("Ali blocks Bob's device", function(done) {
q()
.then(bobUploadsKeys)
.then(aliStartClient)
.then(aliEnablesEncryption)
.then(function() {
aliClient.setDeviceBlocked(bobUserId, bobDeviceId, true);
return sendMessage(aliHttpBackend, aliClient);
}).then(function(sentContent) {
// no unblocked devices, so the ciphertext should be empty
expect(sentContent.ciphertext).toEqual({});
}).catch(test_utils.failTest).done(done);
}); });
it("Bob receives two pre-key messages", function(done) { it("Bob receives two pre-key messages", function(done) {
@@ -502,7 +520,7 @@ describe("MatrixClient crypto", function() {
.then(bobRecvMessage) .then(bobRecvMessage)
.then(aliSendsMessage) .then(aliSendsMessage)
.then(bobRecvMessage) .then(bobRecvMessage)
.catch(utils.failTest).done(done); .catch(test_utils.failTest).done(done);
}); });
it("Bob replies to the message", function(done) { it("Bob replies to the message", function(done) {
@@ -517,6 +535,6 @@ describe("MatrixClient crypto", function() {
.then(bobSendsMessage).then(function(ciphertext) { .then(bobSendsMessage).then(function(ciphertext) {
expect(ciphertext.type).toEqual(1); expect(ciphertext.type).toEqual(1);
}).then(aliRecvMessage) }).then(aliRecvMessage)
.catch(utils.failTest).done(done); .catch(test_utils.failTest).done(done);
}); });
}); });