deblan-mirror/mautrix-go
1
0
Fork 0
mirror of https://mau.dev/mautrix/go.git synced 2026-03-15 06:45:51 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
1,774 commits 50 branches 162 tags 6 MiB
Commit graph

405 commits

Author SHA1 Message Date
Adam Van Ymeren
569ef501bd keysharing: Add user_id to room key request logs 2024-07-18 11:41:38 -07:00
Tulir Asokan
1bdadae180 Ensure forwarding_curve25519_key_chain is not null when sharing keys 2024-07-16 18:19:46 +03:00
Tulir Asokan
3a6249bf08 dependencies: update go-util 2024-07-13 16:45:02 +03:00
Adam Van Ymeren
9e4bce17e7
 		decryptmegolm: Use ResolveTrustContext to ensure any DB transactions are carried forward (#254) 
- also make verificationhelper interfaces public so client code can assert conformance
 2024-07-11 13:17:44 -07:00
Tulir Asokan
5e50b6a87b crypto: remove incorrect warning log when m.relates_to is in both contents 2024-07-10 19:07:21 +03:00
Tulir Asokan
0cbe236550 crypto/sqlstore: fill account_id when updating crypto_secrets schema 2024-07-10 17:35:16 +03:00
Tulir Asokan
b5324dffde
 		crypto/attachment: implement io.Seeker in EncryptStream (#243) 2024-07-06 10:11:44 +03:00
Tulir Asokan
74c0110ee0 misc: remove some local functions in favor of generic ones 2024-07-02 11:20:21 +03:00
Tulir Asokan
0443daef0e crypto: use exzerolog.ArrayOfStrs instead of custom function 2024-06-30 01:14:27 +03:00
Simon Ruderich
f246e70414 verificationhelper: fix deadlock when ignoring an unknown cancellation 
vh.activeTransactionsLock must be unlocked before leaving the function.
The return when ignoring an unknown cancellation was the only one
missing the unlock.
 2024-06-25 15:15:24 -06:00
Tulir Asokan
afeadfb15f crypto: fix m.relates_to copying 2024-06-17 18:16:54 +03:00
Tulir Asokan
a5fbfe2692 Merge branch 'master' into tulir/hicli 2024-06-15 14:25:35 +03:00
Sumner Evans
b10a140a5c
 		goolm/crypto: use crypto/ed25519 Equal functions 
Previously, the code was using raw byte comparisons, which is not
correct, as it makes timing attacks possible.

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-31 12:14:04 -06:00
Sumner Evans
0b10e7346d
 		verificationhelper: implement timeout logic 
Added 10-minute timeout for verification requests as per
https://spec.matrix.org/v1.10/client-server-api/#error-and-exception-handling

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-27 18:23:35 -06:00
Sumner Evans
cd4146f728
 		verificationhelper: make auto-cancellations more spec-compliant 
* Prevents sending cancellation events in response to cancellation
  events that we don't know about.
* Streamlines sending cancellations for all other unknown-transaction
  cases.
* Ensures that the activeTransactionsLock is locked when calling
  cancelVerificationTxn.

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-27 16:18:05 -06:00
Sumner Evans
3885a6378e
 		verificationhelper: cancel if multiple requests received from same device 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-27 15:24:42 -06:00
Sumner Evans
1c750ffd0d
 		verificationhelper: fix CancelVerification 
* Calling `CancelVerification` no longer echoes an error back
  representing the reason for the cancellation.
* Calling `CancelVerification` right after starting verification (but
  before another device has accepted the verification) now sends out the
  cancellation events to all devices that the request was initially sent
  out to.
* Adds a test to ensure that the above statements are actually true.

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>

verificationhelper: add test for cancellating right after starting verification

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-27 11:42:05 -06:00
Sumner Evans
289ef6f5db
 		verificationhelper: ensure cross-signing public keys are cached when handling QR data 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-27 09:03:15 -06:00
Sumner Evans
a6a3876403
 		keybackup: don't NPE if we couldn't get cross signing pubkeys 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-27 09:02:04 -06:00
Sumner Evans
c1e7cc5300
 		verificationhelper: add test for QR code cross-signing 
Signed-off-by: Sumner Evans <me@sumnerevans.com>
 2024-05-27 07:37:06 -06:00
Sumner Evans
5bdc3fdca0
 		verificationhelper: implement cross-signing 
Signed-off-by: Sumner Evans <me@sumnerevans.com>
 2024-05-27 07:37:06 -06:00
Sumner Evans
a2abce8215
 		verificationhelper: add tests for SAS flow 
Signed-off-by: Sumner Evans <me@sumnerevans.com>
 2024-05-27 07:37:06 -06:00
Sumner Evans
cd7f343cfd
 		verificationhelper: split QR code tests into separate file 
Signed-off-by: Sumner Evans <me@sumnerevans.com>
 2024-05-27 07:37:06 -06:00
Sumner Evans
84f77cbafe
 		crypto/cross signing: actually save signatures in store on publish 
Signed-off-by: Sumner Evans <me@sumnerevans.com>
 2024-05-27 07:37:05 -06:00
Tulir Asokan
0b07ae9942 Ignore conflicts when inserting withheld group sessions 2024-05-26 18:27:48 +03:00
Tulir Asokan
5afa391317 Refactor MarkTrackedUsersOutdated to use single query 2024-05-26 18:26:04 +03:00
Tulir Asokan
d7011a7f8b Return imported session in ImportRoomKeyFromBackup 2024-05-26 00:59:30 +03:00
Tulir Asokan
2497fe4397 Export function to parse megolm message index 2024-05-26 00:59:30 +03:00
Tulir Asokan
a2169274da Include room ID and first known index in SessionReceived callback 2024-05-26 00:59:30 +03:00
Tulir Asokan
d64447c3f7 Clamp megolm session rotation periods to sensible limits 2024-05-26 00:59:30 +03:00
Tulir Asokan
826c8cf28e Update m.relates_to in raw decrypted payload 2024-05-26 00:58:26 +03:00
Tulir Asokan
b196541e98 Fix crypto_secrets table schema 2024-05-26 00:58:17 +03:00
Sumner Evans
2195043eba
 		verificationhelper: add E2E tests 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-24 16:42:10 -06:00
Sumner Evans
3dbf8ef2f0
 		verificationhelper: better errors/logs and more aggressive cancellations 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-24 16:41:47 -06:00
Sumner Evans
2e50f99e52
 		verificationhelper: don't move state to done until both devices have sent the done event 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-24 16:36:29 -06:00
Sumner Evans
3bb4648c01
 		verification/qr: use SigningKey instead of IdentityKey 
It turns out that it's supposed to be the signing key. See discussion
about it in the #e2e:matrix.org room:
https://matrix.to/#/!vlnjqGLpLJlFmBSkfQ:matrix.org/$J6UbQwsakEsHMbv5yH7RUpM-OlklZ4U3Ti3VqWp9p8E?via=matrix.org&via=privacytools.io&via=envs.net

This commit reverts commit ef65138cf9:

	verification: check IdentityKey instead of SigningKey in QR mode 2

It also fixes generation to use the signing key instead of the identity
key.

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-24 16:34:43 -06:00
Sumner Evans
842852a6c1
 		crypto/cross_sign_ssss: trust master key during generation and upload 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-24 16:34:43 -06:00
Sumner Evans
3e8221b17d
 		verificationhelper: don't send cancellation to self 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-23 12:55:09 -06:00
Sumner Evans
843ba24d0a
 		cross signing: don't require master private key to sign master public key 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-23 10:02:15 -06:00
Sumner Evans
55f47fbb16
 		verificationhelper: fix sending cancellation to other devices 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-22 17:23:11 -06:00
Sumner Evans
4c8b63da5b
 		verification: log transaction ID and from_device on verification request 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-21 09:54:06 -06:00
Sumner Evans
ef65138cf9
 		verification: check IdentityKey instead of SigningKey in QR mode 2 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-21 07:12:53 -06:00
Sumner Evans
816d94077d
 		verificationhelper: verify we trust master key when scanning a device that doesn't 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-20 11:13:15 -06:00
Sumner Evans
800d061426
 		verificationhelper: fix check for whether we trust the master key 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-20 10:59:52 -06:00
Sumner Evans
1c054a4f5c
 		verificationhelper: actually sign master key 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-20 10:59:34 -06:00
Sumner Evans
dd1dfb9bab
 		pkcs7: update parameter names and documentation 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-20 10:57:51 -06:00
Tulir Asokan
3bd42f5a82 Add option to disable tracking megolm session ratchet state 
The tracking is meant for bridges/bots that want to delete old ratchet states
after they're not needed, but for normal clients it's just unnecessary overhead
 2024-05-16 17:14:13 +03:00
Sumner Evans
3651e46c1e
 		ShareGroupSession: return error in more cases 
* If getting the devices from the database fails
* If FetchKeys fails
* If createOutboundSessions fails

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-14 22:39:58 -06:00
Sumner Evans
de0347db00
 		crypto: fix usages of Store interface 
Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-14 12:47:45 -06:00
Sumner Evans
a87716a358
 		crypto/store: don't rely on sender key for storing and lookups 
* Fixes compatibility with the Store interface
* Increases the usage of "defer"s for "gs.lock.Unlock" and
  "gs.lock.RUnlock"
* Increases the usage of "golang.org/x/exp/maps"

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>

Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
 2024-05-14 12:47:35 -06:00