From 041784441f73ef5187338894cbc09e31684944d7 Mon Sep 17 00:00:00 2001 From: Tulir Asokan Date: Thu, 13 Feb 2025 14:07:31 +0200 Subject: [PATCH] crypto: add context to IsDeviceTrusted and deprecate ResolveTrust --- bridge/crypto.go | 2 +- bridgev2/matrix/crypto.go | 2 +- crypto/cross_sign_test.go | 10 +++++----- crypto/cross_sign_validation.go | 11 +++++++++-- crypto/encryptmegolm.go | 2 +- crypto/keybackup.go | 2 +- crypto/keysharing.go | 2 +- 7 files changed, 19 insertions(+), 12 deletions(-) diff --git a/bridge/crypto.go b/bridge/crypto.go index de1aebbc..e3885a22 100644 --- a/bridge/crypto.go +++ b/bridge/crypto.go @@ -193,7 +193,7 @@ func (helper *CryptoHelper) allowKeyShare(ctx context.Context, device *id.Device return &crypto.KeyShareRejectNoResponse } else if device.Trust == id.TrustStateBlacklisted { return &crypto.KeyShareRejectBlacklisted - } else if trustState := helper.mach.ResolveTrust(device); trustState >= cfg.VerificationLevels.Share { + } else if trustState, _ := helper.mach.ResolveTrustContext(ctx, device); trustState >= cfg.VerificationLevels.Share { portal := helper.bridge.Child.GetIPortal(info.RoomID) if portal == nil { zerolog.Ctx(ctx).Debug().Msg("Rejecting key request: room is not a portal") diff --git a/bridgev2/matrix/crypto.go b/bridgev2/matrix/crypto.go index be5e196e..6e6416a9 100644 --- a/bridgev2/matrix/crypto.go +++ b/bridgev2/matrix/crypto.go @@ -199,7 +199,7 @@ func (helper *CryptoHelper) allowKeyShare(ctx context.Context, device *id.Device return &crypto.KeyShareRejectNoResponse } else if device.Trust == id.TrustStateBlacklisted { return &crypto.KeyShareRejectBlacklisted - } else if trustState := helper.mach.ResolveTrust(device); trustState >= cfg.VerificationLevels.Share { + } else if trustState, _ := helper.mach.ResolveTrustContext(ctx, device); trustState >= cfg.VerificationLevels.Share { portal, err := helper.bridge.Bridge.GetPortalByMXID(ctx, info.RoomID) if err != nil { zerolog.Ctx(ctx).Err(err).Msg("Failed to get portal to handle key request") diff --git a/crypto/cross_sign_test.go b/crypto/cross_sign_test.go index e11fb018..5e1ffd50 100644 --- a/crypto/cross_sign_test.go +++ b/crypto/cross_sign_test.go @@ -66,7 +66,7 @@ func TestTrustOwnDevice(t *testing.T) { DeviceID: "device", SigningKey: id.Ed25519("deviceKey"), } - if m.IsDeviceTrusted(ownDevice) { + if m.IsDeviceTrusted(context.TODO(), ownDevice) { t.Error("Own device trusted while it shouldn't be") } @@ -78,7 +78,7 @@ func TestTrustOwnDevice(t *testing.T) { if trusted, _ := m.IsUserTrusted(context.TODO(), ownDevice.UserID); !trusted { t.Error("Own user not trusted while they should be") } - if !m.IsDeviceTrusted(ownDevice) { + if !m.IsDeviceTrusted(context.TODO(), ownDevice) { t.Error("Own device not trusted while it should be") } } @@ -123,7 +123,7 @@ func TestTrustOtherDevice(t *testing.T) { if trusted, _ := m.IsUserTrusted(context.TODO(), otherUser); trusted { t.Error("Other user trusted while they shouldn't be") } - if m.IsDeviceTrusted(theirDevice) { + if m.IsDeviceTrusted(context.TODO(), theirDevice) { t.Error("Other device trusted while it shouldn't be") } @@ -144,14 +144,14 @@ func TestTrustOtherDevice(t *testing.T) { m.CryptoStore.PutSignature(context.TODO(), otherUser, theirSSK.PublicKey(), otherUser, theirMasterKey.PublicKey(), "sig3") - if m.IsDeviceTrusted(theirDevice) { + if m.IsDeviceTrusted(context.TODO(), theirDevice) { t.Error("Other device trusted before it has been signed with user's SSK") } m.CryptoStore.PutSignature(context.TODO(), otherUser, theirDevice.SigningKey, otherUser, theirSSK.PublicKey(), "sig4") - if !m.IsDeviceTrusted(theirDevice) { + if !m.IsDeviceTrusted(context.TODO(), theirDevice) { t.Error("Other device not trusted while it should be") } } diff --git a/crypto/cross_sign_validation.go b/crypto/cross_sign_validation.go index 04a179df..4cdf0dd5 100644 --- a/crypto/cross_sign_validation.go +++ b/crypto/cross_sign_validation.go @@ -13,6 +13,9 @@ import ( "maunium.net/go/mautrix/id" ) +// ResolveTrust resolves the trust state of the device from cross-signing. +// +// Deprecated: This method doesn't take a context. Use [OlmMachine.ResolveTrustContext] instead. func (mach *OlmMachine) ResolveTrust(device *id.Device) id.TrustState { state, _ := mach.ResolveTrustContext(context.Background(), device) return state @@ -77,8 +80,12 @@ func (mach *OlmMachine) ResolveTrustContext(ctx context.Context, device *id.Devi } // IsDeviceTrusted returns whether a device has been determined to be trusted either through verification or cross-signing. -func (mach *OlmMachine) IsDeviceTrusted(device *id.Device) bool { - switch mach.ResolveTrust(device) { +// +// Note: this will return false if resolving the trust state fails due to database errors. +// Use [OlmMachine.ResolveTrustContext] if special error handling is required. +func (mach *OlmMachine) IsDeviceTrusted(ctx context.Context, device *id.Device) bool { + trust, _ := mach.ResolveTrustContext(ctx, device) + switch trust { case id.TrustStateVerified, id.TrustStateCrossSignedTOFU, id.TrustStateCrossSignedVerified: return true default: diff --git a/crypto/encryptmegolm.go b/crypto/encryptmegolm.go index ef5f404f..804e15de 100644 --- a/crypto/encryptmegolm.go +++ b/crypto/encryptmegolm.go @@ -417,7 +417,7 @@ func (mach *OlmMachine) findOlmSessionsForUser(ctx context.Context, session *Out Reason: "Device is blacklisted", }} session.Users[userKey] = OGSIgnored - } else if trustState := mach.ResolveTrust(device); trustState < mach.SendKeysMinTrust { + } else if trustState, _ := mach.ResolveTrustContext(ctx, device); trustState < mach.SendKeysMinTrust { log.Debug(). Str("min_trust", mach.SendKeysMinTrust.String()). Str("device_trust", trustState.String()). diff --git a/crypto/keybackup.go b/crypto/keybackup.go index fe0b40dc..00f74175 100644 --- a/crypto/keybackup.go +++ b/crypto/keybackup.go @@ -86,7 +86,7 @@ func (mach *OlmMachine) GetAndVerifyLatestKeyBackupVersion(ctx context.Context, } else if device == nil { log.Warn().Err(err).Msg("Device does not exist, ignoring signature") continue - } else if !mach.IsDeviceTrusted(device) { + } else if !mach.IsDeviceTrusted(ctx, device) { log.Warn().Err(err).Msg("Device is not trusted") continue } else { diff --git a/crypto/keysharing.go b/crypto/keysharing.go index 0ccf006a..ea0ae65d 100644 --- a/crypto/keysharing.go +++ b/crypto/keysharing.go @@ -275,7 +275,7 @@ func (mach *OlmMachine) defaultAllowKeyShare(ctx context.Context, device *id.Dev } else if device.Trust == id.TrustStateBlacklisted { log.Debug().Msg("Rejecting key request from blacklisted device") return &KeyShareRejectBlacklisted - } else if trustState := mach.ResolveTrust(device); trustState >= mach.ShareKeysMinTrust { + } else if trustState, _ := mach.ResolveTrustContext(ctx, device); trustState >= mach.ShareKeysMinTrust { log.Debug(). Str("min_trust", mach.SendKeysMinTrust.String()). Str("device_trust", trustState.String()).