matrix/matrix-js-sdk
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-js-sdk.git synced 2025-11-23 17:02:25 +03:00
Code Activity

History sharing: do /keys/query before checking for key bundle (#4992)

Browse Source 
* History sharing: do `/keys/query` before checking for key bundle

The next release of matrix-sdk-crypto-wasm will check that the device that sent
us the key bundle data was correctly cross-signed by its owner, which means we
need to have the owner's cross-signing keys before we check if we have the
bundle.

This replicates a change made in the Rust SDK, at https://github.com/matrix-org/matrix-rust-sdk/pull/5510/files#diff-9f89fa75c4eb3743ae674be1bb90f75169bd815a259917799c71b8a546449d51R133-R140.

* fix unit test

* Comment
This commit is contained in:
Richard van der Hoff
2025-09-11 11:38:14 +01:00
committed by GitHub
parent 82aa04d894
commit 32f51e852b
2 changed files with 14 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/rust-crypto/rust-crypto.ts
View File

@@ -326,12 +326,22 @@ export class RustCrypto extends TypedEventEmitter<RustCryptoEvents, CryptoEventH
* Implementation of {@link CryptoBackend.maybeAcceptKeyBundle}.
*/
public async maybeAcceptKeyBundle(roomId: string, inviter: string): Promise<void> {
// TODO: retry this if it gets interrupted or it fails.
// TODO: retry this if it gets interrupted or it fails. (https://github.com/matrix-org/matrix-rust-sdk/issues/5112)
// TODO: do this in the background.
// TODO: handle the bundle message arriving after the invite.
// TODO: handle the bundle message arriving after the invite (https://github.com/element-hq/element-web/issues/30740)
const logger = new LogSpan(this.logger, `maybeAcceptKeyBundle(${roomId}, ${inviter})`);
// Make sure we have an up-to-date idea of the inviter's cross-signing keys, so that we can check if the
// device that sent us the bundle data was correctly cross-signed.
//
// TODO: it would be nice to skip this step if we have an up-to-date copy of the inviter's cross-signing keys,
// but we don't have an easy way to check that. Possibly the rust side could trigger a key request and then
// block until it happens.
logger.info(`Checking inviter cross-signing keys`);
const request = this.olmMachine.queryKeysForUsers([new RustSdkCryptoJs.UserId(inviter)]);
await this.outgoingRequestProcessor.makeOutgoingRequest(request);
const bundleData = await this.olmMachine.getReceivedRoomKeyBundleData(
new RustSdkCryptoJs.RoomId(roomId),
new RustSdkCryptoJs.UserId(inviter),