Fetch the user's device info before processing a verification request (#5030)

* Use checked way to get OlmMachine * Factor out two variables in onKeyVerificationEvent * Make sure verification test waits for the request to be processed * Fetch the user's device info before processing a verification request If we don't have the device info for a user when we receive their verification request, we ignore it. This change gives us the best possible chance of having the right device data before we try to process the verification. Fixes #30693 Fixes #27819
2025-11-25 05:23:13 +03:00 · 2025-10-07 09:13:31 +01:00
parent e885ecf08d
commit a213d177f9
3 changed files with 177 additions and 14 deletions
--- a/src/rust-crypto/rust-crypto.ts
+++ b/src/rust-crypto/rust-crypto.ts
@@ -2053,20 +2053,38 @@ export class RustCrypto extends TypedEventEmitter<RustCryptoEvents, CryptoEventH
     */
    private async onKeyVerificationEvent(event: MatrixEvent): Promise<void> {
        const roomId = event.getRoomId();
+        const senderId = event.getSender();

        if (!roomId) {
            throw new Error("missing roomId in the event");
        }

+        if (!senderId) {
+            throw new Error("missing sender in the event");
+        }
+
        this.logger.debug(
            `Incoming verification event ${event.getId()} type ${event.getType()} from ${event.getSender()}`,
        );

-        await this.olmMachine.receiveVerificationEvent(
+        const isRoomVerificationRequest =
+            event.getType() === EventType.RoomMessage && event.getContent().msgtype === MsgType.KeyVerificationRequest;
+
+        if (isRoomVerificationRequest) {
+            // Before processing an in-room verification request, we need to
+            // make sure we have the sender's device information - otherwise we
+            // will immediately abort verification. So we explicitly fetch it
+            // from /keys/query and wait for that request to complete before we
+            // call receiveVerificationEvent.
+            const req = this.getOlmMachineOrThrow().queryKeysForUsers([new RustSdkCryptoJs.UserId(senderId)]);
+            await this.outgoingRequestProcessor.makeOutgoingRequest(req);
+        }
+
+        await this.getOlmMachineOrThrow().receiveVerificationEvent(
            JSON.stringify({
                event_id: event.getId(),
                type: event.getType(),
-                sender: event.getSender(),
+                sender: senderId,
                state_key: event.getStateKey(),
                content: event.getContent(),
                origin_server_ts: event.getTs(),
@@ -2074,11 +2092,8 @@ export class RustCrypto extends TypedEventEmitter<RustCryptoEvents, CryptoEventH
            new RustSdkCryptoJs.RoomId(roomId),
        );

-        if (
-            event.getType() === EventType.RoomMessage &&
-            event.getContent().msgtype === MsgType.KeyVerificationRequest
-        ) {
-            this.onIncomingKeyVerificationRequest(event.getSender()!, event.getId()!);
+        if (isRoomVerificationRequest) {
+            this.onIncomingKeyVerificationRequest(senderId, event.getId()!);
        }

        // that may have caused us to queue up outgoing requests, so make sure we send them.