Skip to content
Permalink
Browse files Browse the repository at this point in the history
fix(crypto): Only accept forwarded room keys from our own trusted dev…
…ices
  • Loading branch information
poljar committed Sep 28, 2022
1 parent dea4b37 commit b1cbf23
Showing 1 changed file with 37 additions and 17 deletions.
54 changes: 37 additions & 17 deletions nio/crypto/olm_machine.py
Expand Up @@ -1182,30 +1182,22 @@ def _handle_room_key_event(

return event

# This function is copyrighted under the Apache 2.0 license Zil0
def _handle_forwarded_room_key_event(
def _should_accept_forward(
self,
sender, # type: str
sender_key, # type: str
payload, # type: Dict[Any, Any]
):
# type: (...) -> Union[ForwardedRoomKeyEvent, BadEventType, None]
event = ForwardedRoomKeyEvent.from_dict(payload, sender, sender_key)

if isinstance(event, (BadEvent, UnknownBadEvent)):
return event

sender: str,
sender_key: str,
event: ForwardedRoomKeyEvent,
) -> bool:
if event.algorithm != "m.megolm.v1.aes-sha2":
logger.error(
f"Error: unsupported forwarded room key of type {event.algorithm}"
)
return None

if event.session_id not in self.outgoing_key_requests:
return False
elif event.session_id not in self.outgoing_key_requests:
logger.info(
"Ignoring session key we have not requested from device {}.", sender_key
)
return None
return False

key_request = self.outgoing_key_requests[event.session_id]

Expand All @@ -1218,6 +1210,34 @@ def _handle_forwarded_room_key_event(
"Ignoring session key with mismatched algorithm, room_id, or "
"session id."
)
return False

device = self.device_store.device_from_sender_key(event.sender, sender_key)

# Only accept forwarded room keys from our own trusted devices
if not device or not device.verified or not device.user_id == self.user_id:
logger.warn(
"Received a forwarded room key from a untrusted device "
f"{event.sender}, {sender_key}"
)
return False

return True

# This function is copyrighted under the Apache 2.0 license Zil0
def _handle_forwarded_room_key_event(
self,
sender, # type: str
sender_key, # type: str
payload, # type: Dict[Any, Any]
):
# type: (...) -> Union[ForwardedRoomKeyEvent, BadEventType, None]
event = ForwardedRoomKeyEvent.from_dict(payload, sender, sender_key)

if isinstance(event, (BadEvent, UnknownBadEvent)):
return event

if not self._should_accept_forward(sender, sender_key, event):
return None

content = payload["content"]
Expand All @@ -1241,7 +1261,7 @@ def _handle_forwarded_room_key_event(
if self.inbound_group_store.add(session):
self.save_inbound_group_session(session)

key_request = self.outgoing_key_requests.pop(key_request.request_id)
key_request = self.outgoing_key_requests.pop(event.session_id)
self.store.remove_outgoing_key_request(key_request)
self.outgoing_to_device_messages.append(
key_request.as_cancellation(self.user_id, self.device_id)
Expand Down

0 comments on commit b1cbf23

Please sign in to comment.