crypto/ssss: only accept secret shares from verified devices (#352)

Co-authored-by: Tulir Asokan <tulir@maunium.net>
2026-03-14 14:25:53 +01:00 · 2025-02-13 15:52:34 -05:00 · 2025-02-13 15:52:34 -05:00 · 14008caaa4
commit 14008caaa4
parent 041784441f
1 changed files with 13 additions and 0 deletions
--- a/crypto/sharing.go
+++ b/crypto/sharing.go
@ -173,6 +173,19 @@ func (mach *OlmMachine) receiveSecret(ctx context.Context, evt *DecryptedOlmEven
 		return
 	}

+	// https://spec.matrix.org/v1.10/client-server-api/#msecretsend
+	// "The recipient must ensure... that the device is a verified device owned by the recipient"
+	if senderDevice, err := mach.GetOrFetchDevice(ctx, evt.Sender, evt.SenderDevice); err != nil {
+		log.Err(err).Msg("Failed to get or fetch sender device, rejecting secret")
+		return
+	} else if senderDevice == nil {
+		log.Warn().Msg("Unknown sender device, rejecting secret")
+		return
+	} else if !mach.IsDeviceTrusted(ctx, senderDevice) {
+		log.Warn().Msg("Sender device is not verified, rejecting secret")
+		return
+	}
+
 	mach.secretLock.Lock()
 	secretChan := mach.secretListeners[content.RequestID]
 	mach.secretLock.Unlock()