Use encoded URI components when storing sessions in memory crypto store (#4170)

* Use encoded URI components when storing sessions in memory crypto store Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org> * Add URI en-/decoding to missing methods * Extract convenience functions --------- Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
2025-08-09 10:22:46 +03:00 · 2024-04-22 10:12:54 +02:00
parent d22a39f5d7
commit 6fedda91f9
1 changed files with 22 additions and 18 deletions
--- a/src/crypto/store/memory-crypto-store.ts
+++ b/src/crypto/store/memory-crypto-store.ts
@@ -37,6 +37,17 @@ import { IOlmDevice } from "../algorithms/megolm";
 import { IRoomEncryption } from "../RoomList";
 import { InboundGroupSessionData } from "../OlmDevice";

+function encodeSessionKey(senderCurve25519Key: string, sessionId: string): string {
+    return encodeURIComponent(senderCurve25519Key) + "/" + encodeURIComponent(sessionId);
+}
+
+function decodeSessionKey(key: string): { senderKey: string; sessionId: string } {
+    const keyParts = key.split("/");
+    const senderKey = decodeURIComponent(keyParts[0]);
+    const sessionId = decodeURIComponent(keyParts[1]);
+    return { senderKey, sessionId };
+}
+
 /**
 * Internal module. in-memory storage for e2e.
 */
@@ -481,20 +492,14 @@ export class MemoryCryptoStore implements CryptoStore {
        txn: unknown,
        func: (groupSession: InboundGroupSessionData | null, groupSessionWithheld: IWithheld | null) => void,
    ): void {
-        const k = senderCurve25519Key + "/" + sessionId;
+        const k = encodeSessionKey(senderCurve25519Key, sessionId);
        func(this.inboundGroupSessions[k] || null, this.inboundGroupSessionsWithheld[k] || null);
    }

    public getAllEndToEndInboundGroupSessions(txn: unknown, func: (session: ISession | null) => void): void {
        for (const key of Object.keys(this.inboundGroupSessions)) {
-            // we can't use split, as the components we are trying to split out
-            // might themselves contain '/' characters. We rely on the
-            // senderKey being a (32-byte) curve25519 key, base64-encoded
-            // (hence 43 characters long).
-
            func({
-                senderKey: key.slice(0, 43),
-                sessionId: key.slice(44),
+                ...decodeSessionKey(key),
                sessionData: this.inboundGroupSessions[key],
            });
        }
@@ -507,7 +512,7 @@ export class MemoryCryptoStore implements CryptoStore {
        sessionData: InboundGroupSessionData,
        txn: unknown,
    ): void {
-        const k = senderCurve25519Key + "/" + sessionId;
+        const k = encodeSessionKey(senderCurve25519Key, sessionId);
        if (this.inboundGroupSessions[k] === undefined) {
            this.inboundGroupSessions[k] = sessionData;
        }
@@ -519,7 +524,8 @@ export class MemoryCryptoStore implements CryptoStore {
        sessionData: InboundGroupSessionData,
        txn: unknown,
    ): void {
-        this.inboundGroupSessions[senderCurve25519Key + "/" + sessionId] = sessionData;
+        const k = encodeSessionKey(senderCurve25519Key, sessionId);
+        this.inboundGroupSessions[k] = sessionData;
    }

    public storeEndToEndInboundGroupSessionWithheld(
@@ -528,7 +534,7 @@ export class MemoryCryptoStore implements CryptoStore {
        sessionData: IWithheld,
        txn: unknown,
    ): void {
-        const k = senderCurve25519Key + "/" + sessionId;
+        const k = encodeSessionKey(senderCurve25519Key, sessionId);
        this.inboundGroupSessionsWithheld[k] = sessionData;
    }

@@ -554,8 +560,7 @@ export class MemoryCryptoStore implements CryptoStore {
        const result: SessionExtended[] = [];
        for (const [key, session] of Object.entries(this.inboundGroupSessions)) {
            result.push({
-                senderKey: key.slice(0, 43),
-                sessionId: key.slice(44),
+                ...decodeSessionKey(key),
                sessionData: session,
                needsBackup: key in this.sessionsNeedingBackup,
            });
@@ -584,7 +589,7 @@ export class MemoryCryptoStore implements CryptoStore {
        sessions: { senderKey: string; sessionId: string }[],
    ): Promise<void> {
        for (const { senderKey, sessionId } of sessions) {
-            const k = senderKey + "/" + sessionId;
+            const k = encodeSessionKey(senderKey, sessionId);
            delete this.inboundGroupSessions[k];
        }
    }
@@ -614,8 +619,7 @@ export class MemoryCryptoStore implements CryptoStore {
        for (const session in this.sessionsNeedingBackup) {
            if (this.inboundGroupSessions[session]) {
                sessions.push({
-                    senderKey: session.slice(0, 43),
-                    sessionId: session.slice(44),
+                    ...decodeSessionKey(session),
                    sessionData: this.inboundGroupSessions[session],
                });
                if (limit && session.length >= limit) {
@@ -632,7 +636,7 @@ export class MemoryCryptoStore implements CryptoStore {

    public unmarkSessionsNeedingBackup(sessions: ISession[]): Promise<void> {
        for (const session of sessions) {
-            const sessionKey = session.senderKey + "/" + session.sessionId;
+            const sessionKey = encodeSessionKey(session.senderKey, session.sessionId);
            delete this.sessionsNeedingBackup[sessionKey];
        }
        return Promise.resolve();
@@ -640,7 +644,7 @@ export class MemoryCryptoStore implements CryptoStore {

    public markSessionsNeedingBackup(sessions: ISession[]): Promise<void> {
        for (const session of sessions) {
-            const sessionKey = session.senderKey + "/" + session.sessionId;
+            const sessionKey = encodeSessionKey(session.senderKey, session.sessionId);
            this.sessionsNeedingBackup[sessionKey] = true;
        }
        return Promise.resolve();