Skip to content

Commit

Permalink
Only accept secret shares from verified devices
Browse files Browse the repository at this point in the history
  • Loading branch information
@bradtgmurray
bradtgmurray committed Feb 12, 2025
1 parent 100d945 commit 64d2a8a
Showing 1 changed file with 16 additions and 0 deletions.
16 changes: 16 additions & 0 deletions crypto/sharing.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,22 @@ func (mach *OlmMachine) receiveSecret(ctx context.Context, evt *DecryptedOlmEven
return
}

// https://spec.matrix.org/v1.10/client-server-api/#msecretsend
// "The recipient must ensure... that the device is a verified device owned by the recipient"
if senderDevice, err := mach.GetOrFetchDevice(ctx, evt.Sender, evt.SenderDevice); err != nil {
log.Err(err).Msg("Failed to get or fetch sender device, rejecting secret")
return
} else if senderDevice == nil {
log.Warn().Msg("Unknown sender device, rejecting secret")
return
} else if trustLevel, err := mach.ResolveTrustContext(ctx, senderDevice); err != nil {
log.Err(err).Msg("Failed to resolve trust for sender device, rejecting secret")
return
} else if trustLevel < id.TrustStateCrossSignedTOFU {
log.Warn().Msg("Sender device is not verified, rejecting secret")
return
}

mach.secretLock.Lock()
secretChan := mach.secretListeners[content.RequestID]
mach.secretLock.Unlock()
Expand Down

0 comments on commit 64d2a8a

Please sign in to comment.