Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/ssss: only accept secret shares from verified devices #352

Merged
merged 3 commits into from
Feb 13, 2025
Merged

crypto/ssss: only accept secret shares from verified devices #352

merged 3 commits into from
Feb 13, 2025

Conversation

bradtgmurray
Copy link
Contributor

No description provided.

bradtgmurray
bradtgmurray commented Feb 12, 2025
View reviewed changes
crypto/sharing.go
@@ -173,6 +173,22 @@ func (mach *OlmMachine) receiveSecret(ctx context.Context, evt *DecryptedOlmEven
return
}

// https://spec.matrix.org/v1.10/client-server-api/#msecretsend
// "The recipient must ensure... that the device is a verified device owned by the recipient"
if senderDevice, err := mach.GetOrFetchDevice(ctx, evt.Sender, evt.SenderDevice); err != nil {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hrm, should I GetOrFetchDevice here or just look in the local store?

The key backup signature checking only looks in the local store

go/crypto/keybackup.go

Line 84 in 100d945

} else if device, err := mach.CryptoStore.GetDevice(ctx, mach.Client.UserID, id.DeviceID(keyName)); err != nil {

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It should always have the list cached, so shouldn't make a difference either way. If your own device list is somehow missing, it's probably only good that /sync is blocked until the list is fetched

@tulir tulir changed the title Only accept secret shares from verified devices crypto/ssss: only accept secret shares from verified devices Feb 13, 2025
tulir
tulir reviewed Feb 13, 2025
View reviewed changes
sumnerevans
sumnerevans approved these changes Feb 13, 2025
View reviewed changes
Copy link
Member

@sumnerevans sumnerevans left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks correct to me

@bradtgmurray bradtgmurray merged commit 14008ca into main Feb 13, 2025
10 checks passed
@bradtgmurray bradtgmurray deleted the only-accept-secret-shares-from-verified-devices branch February 13, 2025 20:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tulir tulir tulir approved these changes

@sumnerevans sumnerevans sumnerevans approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bradtgmurray @tulir @sumnerevans