-
Notifications
You must be signed in to change notification settings - Fork 742
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update/Revise SDK to implement reference flowchart for key sharing/forwarding + use backup #5559
Conversation
5ce8765
to
569a3fc
Compare
32e5033
to
7e68b1d
Compare
(Waiting for this PR to be rebased to review it) |
3d64727
to
ba03413
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Amazing work, thanks! A few remarks after a static review.
...x-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
Outdated
Show resolved
Hide resolved
matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/crypto/MXCryptoConfig.kt
Outdated
Show resolved
Hide resolved
matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
Show resolved
Hide resolved
...rc/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
Outdated
Show resolved
Hide resolved
.../src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/GossipingEventEntity.kt
Outdated
Show resolved
Hide resolved
...src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt
Outdated
Show resolved
Hide resolved
afd905b
to
a4314c0
Compare
70720e9
to
58c4c4e
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the update, more remarks.
I have also tested the Realm migration, it is working fine.
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
Outdated
Show resolved
Hide resolved
Timber.w("## SAS ignored verification ready with methods: ${keyReq.methods}") | ||
} | ||
} | ||
/* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
crlf?
.../src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailFragment.kt
Show resolved
Hide resolved
...droid/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
Outdated
Show resolved
Hide resolved
matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/crypto/MXCryptoConfig.kt
Outdated
Show resolved
Hide resolved
...rc/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo005.kt
Show resolved
Hide resolved
...roid/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
Outdated
Show resolved
Hide resolved
.../main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
Outdated
Show resolved
Hide resolved
...rc/main/java/org/matrix/android/sdk/internal/session/room/membership/joining/JoinRoomTask.kt
Outdated
Show resolved
Hide resolved
vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt
Show resolved
Hide resolved
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
Outdated
Show resolved
Hide resolved
use megolm backup before sending key request
Crypto config to only request to own device. Only cancel request if ratchet index is low enough
and disabled prompting for untrusted key sharing
df8eb40
to
8920ed3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One more remark, also there are some un-handled remarks
...java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt
Outdated
Show resolved
Hide resolved
FYI Beeper is now testing this PR internally, we'll see how it goes! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the update!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the update. Let's merge it!
Matrix SDKIntegration Tests Results:
|
Type of change
Content
Fixes #5494
A complete revision of the SDK key requesting and forwarding code.
The code has been modified to follow the reference recommandation for key forwarding and requesting.
Key Requesting is now managed by the
OutgoingKeyRequestManager
. The lifecycle is now based on the sync pulse:Secret management has been reworked and separated from key request, as it happens during interactive verification it's not using anymore workers, but it is replying directly and faster.
We don't download the full backup after verification as it can be very long and was causing incomplete session as the megolm backup key was only saved after the full import (for big backups the megolm key might not be saved at all if the app is killed before download complete). With the new system it's much faster as you will query keys on the fly when the timeline is opened (you can still download the complete backup from settings, with proper feedback).
A new SDK configuration to limit key request to the users own device has been added (requested by some forks), see MXCryptoConfig
** Update ** Remove Woker usage for verification, as it's an interactive process there's no reason to use workers
Resurrected Withheld and verification tests
Motivation and context
Screenshots / GIFs
Tests
Tested devices
Checklist