From ded87290ce5db3aa356d76a3298a2423bccc131b Mon Sep 17 00:00:00 2001 From: Hubert Chathi Date: Mon, 9 Dec 2024 18:11:02 -0500 Subject: [PATCH] Update matrix-sdk-crypto-wasm to 11.0.0 (#4566) * Update matrix-sdk-crypto-wasm to 11.0.0 * use `backend` variable to test for rust crypto * apply changes from review --- package.json | 2 +- spec/integ/crypto/verification.spec.ts | 13 ++++++++++ spec/unit/rust-crypto/rust-crypto.spec.ts | 28 ++++++++++++++++++--- src/rust-crypto/rust-crypto.ts | 14 ++++++----- yarn.lock | 30 +++++------------------ 5 files changed, 53 insertions(+), 34 deletions(-) diff --git a/package.json b/package.json index 381e9ec7d9a..4ed1249f9d6 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,7 @@ ], "dependencies": { "@babel/runtime": "^7.12.5", - "@matrix-org/matrix-sdk-crypto-wasm": "^9.0.0", + "@matrix-org/matrix-sdk-crypto-wasm": "^11.0.0", "@matrix-org/olm": "3.2.15", "another-json": "^0.2.0", "bs58": "^6.0.0", diff --git a/spec/integ/crypto/verification.spec.ts b/spec/integ/crypto/verification.spec.ts index 7b207a432da..a4cee9e8365 100644 --- a/spec/integ/crypto/verification.spec.ts +++ b/spec/integ/crypto/verification.spec.ts @@ -78,6 +78,7 @@ import { encryptGroupSessionKey, encryptMegolmEvent, encryptSecretSend, + getTestOlmAccountKeys, ToDeviceEvent, } from "./olm-utils"; import { KeyBackupInfo } from "../../../src/crypto-api"; @@ -992,6 +993,18 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("verification (%s)", (backend: st aliceClient.setGlobalErrorOnUnknownDevices(false); syncResponder.sendOrQueueSyncResponse(getSyncResponse([BOB_TEST_USER_ID])); await syncPromise(aliceClient); + + // Rust crypto requires the sender's device keys before it accepts a + // verification request. + if (backend === "rust-sdk") { + const crypto = aliceClient.getCrypto()!; + + const bobDeviceKeys = getTestOlmAccountKeys(testOlmAccount, BOB_TEST_USER_ID, "BobDevice"); + e2eKeyResponder.addDeviceKeys(bobDeviceKeys); + syncResponder.sendOrQueueSyncResponse({ device_lists: { changed: [BOB_TEST_USER_ID] } }); + await syncPromise(aliceClient); + await crypto.getUserDeviceInfo([BOB_TEST_USER_ID]); + } }); /** diff --git a/spec/unit/rust-crypto/rust-crypto.spec.ts b/spec/unit/rust-crypto/rust-crypto.spec.ts index fc9b571acb2..aa4d9452059 100644 --- a/spec/unit/rust-crypto/rust-crypto.spec.ts +++ b/spec/unit/rust-crypto/rust-crypto.spec.ts @@ -572,15 +572,37 @@ describe("RustCrypto", () => { }); it("emits VerificationRequestReceived on incoming m.key.verification.request", async () => { + rustCrypto = await makeTestRustCrypto( + new MatrixHttpApi(new TypedEventEmitter(), { + baseUrl: "http://server/", + prefix: "", + onlyData: true, + }), + testData.TEST_USER_ID, + ); + + fetchMock.post("path:/_matrix/client/v3/keys/upload", { one_time_key_counts: {} }); + fetchMock.post("path:/_matrix/client/v3/keys/query", { + device_keys: { + [testData.TEST_USER_ID]: { + [testData.TEST_DEVICE_ID]: testData.SIGNED_TEST_DEVICE_DATA, + }, + }, + }); + + // wait until we know about the other device + rustCrypto.onSyncCompleted({}); + await rustCrypto.getUserDeviceInfo([testData.TEST_USER_ID]); + const toDeviceEvent = { type: "m.key.verification.request", content: { - from_device: "testDeviceId", + from_device: testData.TEST_DEVICE_ID, methods: ["m.sas.v1"], transaction_id: "testTxn", timestamp: Date.now() - 1000, }, - sender: "@user:id", + sender: testData.TEST_USER_ID, }; const onEvent = jest.fn(); @@ -1015,7 +1037,7 @@ describe("RustCrypto", () => { ["Not encrypted.", RustSdkCryptoJs.ShieldStateCode.SentInClear, EventShieldReason.SENT_IN_CLEAR], [ "Encrypted by a previously-verified user who is no longer verified.", - RustSdkCryptoJs.ShieldStateCode.PreviouslyVerified, + RustSdkCryptoJs.ShieldStateCode.VerificationViolation, EventShieldReason.VERIFICATION_VIOLATION, ], ])("gets the right shield reason (%s)", async (rustReason, rustCode, expectedReason) => { diff --git a/src/rust-crypto/rust-crypto.ts b/src/rust-crypto/rust-crypto.ts index 86853a9867a..d5a8736f551 100644 --- a/src/rust-crypto/rust-crypto.ts +++ b/src/rust-crypto/rust-crypto.ts @@ -653,7 +653,7 @@ export class RustCrypto extends TypedEventEmitter { - const userIdentity: RustSdkCryptoJs.UserIdentity | RustSdkCryptoJs.OwnUserIdentity | undefined = + const userIdentity: RustSdkCryptoJs.OtherUserIdentity | RustSdkCryptoJs.OwnUserIdentity | undefined = await this.getOlmMachineOrThrow().getIdentity(new RustSdkCryptoJs.UserId(userId)); if (userIdentity === undefined) { return new UserVerificationStatus(false, false, false); @@ -662,7 +662,9 @@ export class RustCrypto extends TypedEventEmitter { - const userIdentity: RustSdkCryptoJs.UserIdentity | RustSdkCryptoJs.OwnUserIdentity | undefined = + const userIdentity: RustSdkCryptoJs.OtherUserIdentity | RustSdkCryptoJs.OwnUserIdentity | undefined = await this.getOlmMachineOrThrow().getIdentity(new RustSdkCryptoJs.UserId(userId)); if (userIdentity === undefined) { @@ -1020,7 +1022,7 @@ export class RustCrypto extends TypedEventEmitter { - const userIdentity: RustSdkCryptoJs.UserIdentity | undefined = await this.olmMachine.getIdentity( + const userIdentity: RustSdkCryptoJs.OtherUserIdentity | undefined = await this.olmMachine.getIdentity( new RustSdkCryptoJs.UserId(userId), ); @@ -2035,7 +2037,7 @@ class EventDecryptor { errorDetails, ); - case RustSdkCryptoJs.DecryptionErrorCode.SenderIdentityPreviouslyVerified: + case RustSdkCryptoJs.DecryptionErrorCode.SenderIdentityVerificationViolation: // We're refusing to decrypt due to not trusting the sender, // rather than failing to decrypt due to lack of keys, so we // don't need to keep it on the pending list. @@ -2200,7 +2202,7 @@ function rustEncryptionInfoToJsEncryptionInfo( case RustSdkCryptoJs.ShieldStateCode.SentInClear: shieldReason = EventShieldReason.SENT_IN_CLEAR; break; - case RustSdkCryptoJs.ShieldStateCode.PreviouslyVerified: + case RustSdkCryptoJs.ShieldStateCode.VerificationViolation: shieldReason = EventShieldReason.VERIFICATION_VIOLATION; break; } diff --git a/yarn.lock b/yarn.lock index 412fd1f060d..a7ea2491c3b 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1477,10 +1477,10 @@ "@jridgewell/resolve-uri" "^3.1.0" "@jridgewell/sourcemap-codec" "^1.4.14" -"@matrix-org/matrix-sdk-crypto-wasm@^9.0.0": - version "9.1.0" - resolved "https://registry.yarnpkg.com/@matrix-org/matrix-sdk-crypto-wasm/-/matrix-sdk-crypto-wasm-9.1.0.tgz#f889653eb4fafaad2a963654d586bd34de62acd5" - integrity sha512-CtPoNcoRW6ehwxpRQAksG3tR+NJ7k4DV02nMFYTDwQtie1V4R8OTY77BjEIs97NOblhtS26jU8m1lWsOBEz0Og== +"@matrix-org/matrix-sdk-crypto-wasm@^11.0.0": + version "11.0.0" + resolved "https://registry.yarnpkg.com/@matrix-org/matrix-sdk-crypto-wasm/-/matrix-sdk-crypto-wasm-11.0.0.tgz#c49a1a0d1e367d3c00a2144a4ab23caee0b1eec2" + integrity sha512-a7NUH8Kjc8hwzNCPpkOGXoceFqWJiWvA8OskXeDrKyODJuDz4yKrZ/nvgaVRfQe45Ab5UC1ZXYqaME+ChlJuqg== "@matrix-org/olm@3.2.15": version "3.2.15" @@ -5846,16 +5846,7 @@ string-length@^4.0.1: char-regex "^1.0.2" strip-ansi "^6.0.0" -"string-width-cjs@npm:string-width@^4.2.0": - version "4.2.3" - resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" - integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== - dependencies: - emoji-regex "^8.0.0" - is-fullwidth-code-point "^3.0.0" - strip-ansi "^6.0.1" - -string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3: +"string-width-cjs@npm:string-width@^4.2.0", string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3: version "4.2.3" resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== @@ -6454,16 +6445,7 @@ word-wrap@^1.2.5: resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.5.tgz#d2c45c6dd4fbce621a66f136cbe328afd0410b34" integrity sha512-BN22B5eaMMI9UMtjrGd5g5eCYPpCPDUy0FJXbYsaT5zYxjFOckS53SQDE3pWkVoWpHXVb3BrYcEN4Twa55B5cA== -"wrap-ansi-cjs@npm:wrap-ansi@^7.0.0": - version "7.0.0" - resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" - integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q== - dependencies: - ansi-styles "^4.0.0" - string-width "^4.1.0" - strip-ansi "^6.0.0" - -wrap-ansi@^7.0.0: +"wrap-ansi-cjs@npm:wrap-ansi@^7.0.0", wrap-ansi@^7.0.0: version "7.0.0" resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==