Use to-device events for key sharing

Synapse now supports out-of-band messages, so use them instead of sending the key-sharing messages in-band.
2025-11-29 16:43:09 +03:00 · 2016-09-07 13:56:54 +01:00
parent af0f5b37d8
commit 9c18893ae5
4 changed files with 109 additions and 79 deletions
--- a/lib/crypto-algorithms/megolm.js
+++ b/lib/crypto-algorithms/megolm.js
@@ -96,17 +96,15 @@ MegolmEncryption.prototype._ensureOutboundSession = function(room) {
    ).then(function(res) {
        return self._crypto.ensureOlmSessionsForUsers(roomMembers);
    }).then(function(devicemap) {
-        // TODO: send OOB messages. for now, send an in-band message.  Each
-        // encrypted copy of the key takes up about 1K, so we'll only manage
-        // about 60 copies before we hit the event size limit; but ultimately the
-        // OOB messaging API will solve that problem for us.
+        var contentMap = {};

-        var participantKeys = [];
        for (var userId in devicemap) {
            if (!devicemap.hasOwnProperty(userId)) {
                continue;
            }

+            contentMap[userId] = {};
+
            var devices = devicemap[userId];

            for (var deviceId in devices) {
@@ -115,29 +113,18 @@ MegolmEncryption.prototype._ensureOutboundSession = function(room) {
                }

                var deviceInfo = devices[deviceId].device;
-                participantKeys.push(deviceInfo.getIdentityKey());
+                contentMap[userId][deviceId] =
+                    olmlib.encryptMessageForDevices(
+                        self._deviceId,
+                        self._olmDevice,
+                        [deviceInfo.getIdentityKey()],
+                        payload
+                    );
            }
        }

-        var encryptedContent = olmlib.encryptMessageForDevices(
-            self._deviceId,
-            self._olmDevice,
-            participantKeys,
-            payload
-        );
-
-        var txnId = '' + (new Date().getTime());
-        var path = utils.encodeUri(
-            "/rooms/$roomId/send/m.room.encrypted/$txnId", {
-                $roomId: self._roomId,
-                $txnId: txnId,
-            }
-        );
-
        // TODO: retries
-        return self._baseApis._http.authedRequest(
-            undefined, "PUT", path, undefined, encryptedContent
-        );
+        return self._baseApis.sendToDevice("m.room.encrypted", contentMap);
    }).then(function() {
        if (self._discardNewSession) {
            // we've had cause to reset the session_id since starting this process.