History sharing: do /keys/query before checking for key bundle (#4992)

* History sharing: do `/keys/query` before checking for key bundle The next release of matrix-sdk-crypto-wasm will check that the device that sent us the key bundle data was correctly cross-signed by its owner, which means we need to have the owner's cross-signing keys before we check if we have the bundle. This replicates a change made in the Rust SDK, at https://github.com/matrix-org/matrix-rust-sdk/pull/5510/files#diff-9f89fa75c4eb3743ae674be1bb90f75169bd815a259917799c71b8a546449d51R133-R140. * fix unit test * Comment
2025-11-23 17:02:25 +03:00 · 2025-09-11 11:38:14 +01:00
parent 82aa04d894
commit 32f51e852b
2 changed files with 14 additions and 2 deletions
--- a/spec/unit/rust-crypto/rust-crypto.spec.ts
+++ b/spec/unit/rust-crypto/rust-crypto.spec.ts
@@ -2353,6 +2353,7 @@ describe("RustCrypto", () => {

        beforeEach(async () => {
            mockOlmMachine = {
+                queryKeysForUsers: jest.fn().mockReturnValue({}),
                getReceivedRoomKeyBundleData: jest.fn(),
                receiveRoomKeyBundle: jest.fn(),
            } as unknown as Mocked<OlmMachine>;
@@ -2377,6 +2378,7 @@ describe("RustCrypto", () => {
        it("does nothing if there is no key bundle", async () => {
            mockOlmMachine.getReceivedRoomKeyBundleData.mockResolvedValue(undefined);
            await rustCrypto.maybeAcceptKeyBundle("!room_id", "@bob:example.org");
+            expect(mockOlmMachine.queryKeysForUsers).toHaveBeenCalledTimes(1);
            expect(mockOlmMachine.getReceivedRoomKeyBundleData).toHaveBeenCalledTimes(1);
            expect(mockOlmMachine.getReceivedRoomKeyBundleData.mock.calls[0][0].toString()).toEqual("!room_id");
            expect(mockOlmMachine.getReceivedRoomKeyBundleData.mock.calls[0][1].toString()).toEqual("@bob:example.org");
--- a/src/rust-crypto/rust-crypto.ts
+++ b/src/rust-crypto/rust-crypto.ts
@@ -326,12 +326,22 @@ export class RustCrypto extends TypedEventEmitter<RustCryptoEvents, CryptoEventH
     * Implementation of {@link CryptoBackend.maybeAcceptKeyBundle}.
     */
    public async maybeAcceptKeyBundle(roomId: string, inviter: string): Promise<void> {
-        // TODO: retry this if it gets interrupted or it fails.
+        // TODO: retry this if it gets interrupted or it fails. (https://github.com/matrix-org/matrix-rust-sdk/issues/5112)
        // TODO: do this in the background.
-        // TODO: handle the bundle message arriving after the invite.
+        // TODO: handle the bundle message arriving after the invite (https://github.com/element-hq/element-web/issues/30740)

        const logger = new LogSpan(this.logger, `maybeAcceptKeyBundle(${roomId}, ${inviter})`);

+        // Make sure we have an up-to-date idea of the inviter's cross-signing keys, so that we can check if the
+        // device that sent us the bundle data was correctly cross-signed.
+        //
+        // TODO: it would be nice to skip this step if we have an up-to-date copy of the inviter's cross-signing keys,
+        //   but we don't have an easy way to check that. Possibly the rust side could trigger a key request and then
+        //   block until it happens.
+        logger.info(`Checking inviter cross-signing keys`);
+        const request = this.olmMachine.queryKeysForUsers([new RustSdkCryptoJs.UserId(inviter)]);
+        await this.outgoingRequestProcessor.makeOutgoingRequest(request);
+
        const bundleData = await this.olmMachine.getReceivedRoomKeyBundleData(
            new RustSdkCryptoJs.RoomId(roomId),
            new RustSdkCryptoJs.UserId(inviter),