mirror of
https://github.com/Nheko-Reborn/nheko.git
synced 2024-11-23 03:18:49 +03:00
Send one claim request per user that includes all devices
Add missing megolm algorithm field that was causing the "unknown algorithm" error.
This commit is contained in:
parent
794b9ceb1b
commit
9802ea8809
3 changed files with 96 additions and 49 deletions
|
@ -195,10 +195,9 @@ private:
|
||||||
const mtx::events::EncryptedEvent<mtx::events::msg::Encrypted> &e);
|
const mtx::events::EncryptedEvent<mtx::events::msg::Encrypted> &e);
|
||||||
|
|
||||||
void handleClaimedKeys(std::shared_ptr<StateKeeper> keeper,
|
void handleClaimedKeys(std::shared_ptr<StateKeeper> keeper,
|
||||||
const std::string &room_key,
|
const std::map<std::string, std::string> &room_key,
|
||||||
const DevicePublicKeys &pks,
|
const std::map<std::string, DevicePublicKeys> &pks,
|
||||||
const std::string &user_id,
|
const std::string &user_id,
|
||||||
const std::string &device_id,
|
|
||||||
const mtx::responses::ClaimKeys &res,
|
const mtx::responses::ClaimKeys &res,
|
||||||
mtx::http::RequestErr err);
|
mtx::http::RequestErr err);
|
||||||
|
|
||||||
|
|
|
@ -6,6 +6,7 @@
|
||||||
using namespace mtx::crypto;
|
using namespace mtx::crypto;
|
||||||
|
|
||||||
static const std::string STORAGE_SECRET_KEY("secret");
|
static const std::string STORAGE_SECRET_KEY("secret");
|
||||||
|
constexpr auto MEGOLM_ALGO = "m.megolm.v1.aes-sha2";
|
||||||
|
|
||||||
namespace {
|
namespace {
|
||||||
auto client_ = std::make_unique<mtx::crypto::OlmClient>();
|
auto client_ = std::make_unique<mtx::crypto::OlmClient>();
|
||||||
|
@ -142,6 +143,7 @@ encrypt_group_message(const std::string &room_id,
|
||||||
data.sender_key = olm::client()->identity_keys().curve25519;
|
data.sender_key = olm::client()->identity_keys().curve25519;
|
||||||
data.session_id = res.data.session_id;
|
data.session_id = res.data.session_id;
|
||||||
data.device_id = device_id;
|
data.device_id = device_id;
|
||||||
|
data.algorithm = MEGOLM_ALGO;
|
||||||
|
|
||||||
auto message_index = olm_outbound_group_session_message_index(res.session);
|
auto message_index = olm_outbound_group_session_message_index(res.session);
|
||||||
nhlog::crypto()->info("next message_index {}", message_index);
|
nhlog::crypto()->info("next message_index {}", message_index);
|
||||||
|
|
|
@ -185,7 +185,6 @@ TimelineView::sliderMoved(int position)
|
||||||
|
|
||||||
// Prevent user from moving up when there is pagination in
|
// Prevent user from moving up when there is pagination in
|
||||||
// progress.
|
// progress.
|
||||||
// TODO: Keep a map of the event ids to filter out duplicates.
|
|
||||||
if (isPaginationInProgress_)
|
if (isPaginationInProgress_)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
@ -1278,12 +1277,18 @@ TimelineView::prepareEncryptedMessage(const PendingMessage &msg)
|
||||||
}
|
}
|
||||||
|
|
||||||
for (const auto &user : res.device_keys) {
|
for (const auto &user : res.device_keys) {
|
||||||
|
// Mapping from a device_id with valid identity keys to the
|
||||||
|
// generated room_key event used for sharing the megolm session.
|
||||||
|
std::map<std::string, std::string> room_key_msgs;
|
||||||
|
std::map<std::string, DevicePublicKeys> deviceKeys;
|
||||||
|
|
||||||
|
room_key_msgs.clear();
|
||||||
|
deviceKeys.clear();
|
||||||
|
|
||||||
for (const auto &dev : user.second) {
|
for (const auto &dev : user.second) {
|
||||||
const auto user_id = UserId(dev.second.user_id);
|
const auto user_id = UserId(dev.second.user_id);
|
||||||
const auto device_id = DeviceId(dev.second.device_id);
|
const auto device_id = DeviceId(dev.second.device_id);
|
||||||
|
|
||||||
nhlog::net()->info("device_id {}", device_id.get());
|
|
||||||
|
|
||||||
const auto device_keys = dev.second.keys;
|
const auto device_keys = dev.second.keys;
|
||||||
const auto curveKey = "curve25519:" + device_id.get();
|
const auto curveKey = "curve25519:" + device_id.get();
|
||||||
const auto edKey = "ed25519:" + device_id.get();
|
const auto edKey = "ed25519:" + device_id.get();
|
||||||
|
@ -1300,12 +1305,6 @@ TimelineView::prepareEncryptedMessage(const PendingMessage &msg)
|
||||||
pks.ed25519 = device_keys.at(edKey);
|
pks.ed25519 = device_keys.at(edKey);
|
||||||
pks.curve25519 = device_keys.at(curveKey);
|
pks.curve25519 = device_keys.at(curveKey);
|
||||||
|
|
||||||
// Validate signatures
|
|
||||||
for (const auto &algo : dev.second.keys) {
|
|
||||||
nhlog::net()->info(
|
|
||||||
"dev keys {} {}", algo.first, algo.second);
|
|
||||||
}
|
|
||||||
|
|
||||||
try {
|
try {
|
||||||
if (!mtx::crypto::verify_identity_signature(
|
if (!mtx::crypto::verify_identity_signature(
|
||||||
json(dev.second), device_id, user_id)) {
|
json(dev.second), device_id, user_id)) {
|
||||||
|
@ -1319,6 +1318,11 @@ TimelineView::prepareEncryptedMessage(const PendingMessage &msg)
|
||||||
"failed to parse device key json: {}",
|
"failed to parse device key json: {}",
|
||||||
e.what());
|
e.what());
|
||||||
continue;
|
continue;
|
||||||
|
} catch (const mtx::crypto::olm_exception &e) {
|
||||||
|
nhlog::crypto()->warn(
|
||||||
|
"failed to verify device key json: {}",
|
||||||
|
e.what());
|
||||||
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
auto room_key = olm::client()
|
auto room_key = olm::client()
|
||||||
|
@ -1326,19 +1330,41 @@ TimelineView::prepareEncryptedMessage(const PendingMessage &msg)
|
||||||
user_id, pks.ed25519, megolm_payload)
|
user_id, pks.ed25519, megolm_payload)
|
||||||
.dump();
|
.dump();
|
||||||
|
|
||||||
|
room_key_msgs.emplace(device_id, room_key);
|
||||||
|
deviceKeys.emplace(device_id, pks);
|
||||||
|
}
|
||||||
|
|
||||||
|
std::vector<std::string> valid_devices;
|
||||||
|
valid_devices.reserve(room_key_msgs.size());
|
||||||
|
for (auto const &d : room_key_msgs) {
|
||||||
|
valid_devices.push_back(d.first);
|
||||||
|
|
||||||
|
nhlog::net()->info("{}", d.first);
|
||||||
|
nhlog::net()->info(" curve25519 {}",
|
||||||
|
deviceKeys.at(d.first).curve25519);
|
||||||
|
nhlog::net()->info(" ed25519 {}",
|
||||||
|
deviceKeys.at(d.first).ed25519);
|
||||||
|
}
|
||||||
|
|
||||||
|
nhlog::net()->info(
|
||||||
|
"sending claim request for user {} with {} devices",
|
||||||
|
user.first,
|
||||||
|
valid_devices.size());
|
||||||
|
|
||||||
http::v2::client()->claim_keys(
|
http::v2::client()->claim_keys(
|
||||||
user_id,
|
user.first,
|
||||||
{device_id},
|
valid_devices,
|
||||||
std::bind(&TimelineView::handleClaimedKeys,
|
std::bind(&TimelineView::handleClaimedKeys,
|
||||||
this,
|
this,
|
||||||
keeper,
|
keeper,
|
||||||
room_key,
|
room_key_msgs,
|
||||||
pks,
|
deviceKeys,
|
||||||
user_id,
|
user.first,
|
||||||
device_id,
|
|
||||||
std::placeholders::_1,
|
std::placeholders::_1,
|
||||||
std::placeholders::_2));
|
std::placeholders::_2));
|
||||||
}
|
|
||||||
|
// TODO: Wait before sending the next batch of requests.
|
||||||
|
std::this_thread::sleep_for(std::chrono::milliseconds(500));
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -1354,44 +1380,62 @@ TimelineView::prepareEncryptedMessage(const PendingMessage &msg)
|
||||||
|
|
||||||
void
|
void
|
||||||
TimelineView::handleClaimedKeys(std::shared_ptr<StateKeeper> keeper,
|
TimelineView::handleClaimedKeys(std::shared_ptr<StateKeeper> keeper,
|
||||||
const std::string &room_key,
|
const std::map<std::string, std::string> &room_keys,
|
||||||
const DevicePublicKeys &pks,
|
const std::map<std::string, DevicePublicKeys> &pks,
|
||||||
const std::string &user_id,
|
const std::string &user_id,
|
||||||
const std::string &device_id,
|
|
||||||
const mtx::responses::ClaimKeys &res,
|
const mtx::responses::ClaimKeys &res,
|
||||||
mtx::http::RequestErr err)
|
mtx::http::RequestErr err)
|
||||||
{
|
{
|
||||||
if (err) {
|
if (err) {
|
||||||
nhlog::net()->warn("claim keys error: {}", err->matrix_error.error);
|
nhlog::net()->warn("claim keys error: {} {} {}",
|
||||||
|
err->matrix_error.error,
|
||||||
|
err->parse_error,
|
||||||
|
static_cast<int>(err->status_code));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
nhlog::net()->info("claimed keys for {} - {}", user_id, device_id);
|
nhlog::net()->info("claimed keys for {}", user_id);
|
||||||
|
|
||||||
if (res.one_time_keys.size() == 0) {
|
if (res.one_time_keys.size() == 0) {
|
||||||
nhlog::net()->info("no one-time keys found for device_id: {}", device_id);
|
nhlog::net()->info("no one-time keys found for user_id: {}", user_id);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (res.one_time_keys.find(user_id) == res.one_time_keys.end()) {
|
if (res.one_time_keys.find(user_id) == res.one_time_keys.end()) {
|
||||||
nhlog::net()->info(
|
nhlog::net()->info("no one-time keys found for user_id: {}", user_id);
|
||||||
"no one-time keys found in device_id {} for the user {}", device_id, user_id);
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
auto retrieved_devices = res.one_time_keys.at(user_id);
|
auto retrieved_devices = res.one_time_keys.at(user_id);
|
||||||
|
|
||||||
|
// Payload with all the to_device message to be sent.
|
||||||
|
json body;
|
||||||
|
body["messages"][user_id] = json::object();
|
||||||
|
|
||||||
for (const auto &rd : retrieved_devices) {
|
for (const auto &rd : retrieved_devices) {
|
||||||
nhlog::net()->info("{} : \n {}", rd.first, rd.second.dump(2));
|
const auto device_id = rd.first;
|
||||||
|
nhlog::net()->info("{} : \n {}", device_id, rd.second.dump(2));
|
||||||
|
|
||||||
// TODO: Verify signatures
|
// TODO: Verify signatures
|
||||||
auto otk = rd.second.begin()->at("key");
|
auto otk = rd.second.begin()->at("key");
|
||||||
auto id_key = pks.curve25519;
|
|
||||||
|
|
||||||
|
if (pks.find(device_id) == pks.end()) {
|
||||||
|
nhlog::net()->critical("couldn't find public key for device: {}",
|
||||||
|
device_id);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
auto id_key = pks.at(device_id).curve25519;
|
||||||
auto s = olm::client()->create_outbound_session(id_key, otk);
|
auto s = olm::client()->create_outbound_session(id_key, otk);
|
||||||
|
|
||||||
auto device_msg =
|
if (room_keys.find(device_id) == room_keys.end()) {
|
||||||
olm::client()->create_olm_encrypted_content(s.get(), room_key, pks.curve25519);
|
nhlog::net()->critical("couldn't find m.room_key for device: {}",
|
||||||
|
device_id);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
auto device_msg = olm::client()->create_olm_encrypted_content(
|
||||||
|
s.get(), room_keys.at(device_id), pks.at(device_id).curve25519);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
cache::client()->saveOlmSession(id_key, std::move(s));
|
cache::client()->saveOlmSession(id_key, std::move(s));
|
||||||
|
@ -1402,7 +1446,10 @@ TimelineView::handleClaimedKeys(std::shared_ptr<StateKeeper> keeper,
|
||||||
e.what());
|
e.what());
|
||||||
}
|
}
|
||||||
|
|
||||||
json body{{"messages", {{user_id, {{device_id, device_msg}}}}}};
|
body["messages"][user_id][device_id] = device_msg;
|
||||||
|
}
|
||||||
|
|
||||||
|
nhlog::net()->info("send_to_device: {}", user_id);
|
||||||
|
|
||||||
http::v2::client()->send_to_device(
|
http::v2::client()->send_to_device(
|
||||||
"m.room.encrypted", body, [keeper](mtx::http::RequestErr err) {
|
"m.room.encrypted", body, [keeper](mtx::http::RequestErr err) {
|
||||||
|
@ -1414,4 +1461,3 @@ TimelineView::handleClaimedKeys(std::shared_ptr<StateKeeper> keeper,
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
Loading…
Reference in a new issue