Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for fallback keys #779

Merged
merged 5 commits into from Dec 6, 2021
Merged

Support for fallback keys #779

merged 5 commits into from Dec 6, 2021

Conversation

poljar
Copy link
Contributor

@poljar poljar commented Dec 3, 2021

This PR adds support for MSC2732, fallback keys.

To do so, we first swapped to Raw variants of the types that are used to upload and download various keys in Matrix land. At the same time we swapped to Raw variants for the backup API as well.

The last commit fixes a bunch of typos discovered looking through the code and using typos.

This closes #760.

jplatte
jplatte reviewed Dec 3, 2021
View reviewed changes
Copy link
Member

@jplatte jplatte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In addition to the comments below, there's also a typo in the first commit message: "it's surrounding fields" should be "its surrounding fields"

crates/ruma-client-api/src/r0/keys/upload_keys.rs Outdated Show resolved Hide resolved
crates/ruma-common/src/encryption.rs Outdated Show resolved Hide resolved
@poljar
client-api: Use Raw variants to upload/download keys
e33f8da 
Uploaded objects holding public keys tend to have the object signed by
the very same key that is part of the object. Users that download such
public keys are expected to verify the signature to confirm that the
public key and its surrounding fields in the object have not been
manipulated with.

The SignedKey, DeviceKeys, and CrossSigningKey structs
perform a lossy variant of deserialization, which removes the ability to
verify signatures of the aforementioned objects.

This patch changes the response types to a Raw variant, which let's the
user decide how to deserialize.
@poljar
client-api: Update the backup API to use raw variants of types
70b3d31 
Similarly to the way structs holding public keys require signature
verification, the BackupAlgorithm struct may require verification as
well.

This lets users know if a certain device trusts the BackupAlgorithm and
if it should be used to upload room keys to the backup.
jplatte
jplatte approved these changes Dec 3, 2021
View reviewed changes
Copy link
Member

@jplatte jplatte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will merge once fixup commits are squashed.

@poljar
client-api: Add support for fallback keys
2d8dcbe 
This implements support for MSC2732[1], fallback keys. Only support to
upload and get notifications about fallback keys via `/sync` is
implemented.

[1]: matrix-org/matrix-spec-proposals#2732
@poljar
ruma: Fix a bunch of typos
4dbb460
@poljar
ruma-client-api: Use just a BTreeMap for the /keys/upload fields
e9987f8
@poljar
Copy link
Contributor Author

poljar commented Dec 6, 2021

Will merge once fixup commits are squashed.

Is there something else here needed? I squashed all the fixup commits.

@jplatte jplatte merged commit fdbc4d6 into ruma:main Dec 6, 2021
@jplatte
Copy link
Member

jplatte commented Dec 6, 2021

No, missed the force-push apparently.

@jplatte
Copy link
Member

jplatte commented Jan 27, 2022

I've reverted the RoomKeyBackup => Raw<RoomKeyBackup> change since it was applied only in one of two cases and it wasn't clear to me whether it's really needed with the same commit also changing RoomKeyBackups (only) field to change the type of its only field from BTreeMap<String, KeyBackupData> to BTreeMap<String, Raw<KeyBackupData>>.

Does that sound good to you @poljar?

@jplatte jplatte mentioned this pull request Jan 27, 2022
Closed
@poljar
Copy link
Contributor Author

poljar commented Feb 1, 2022

I've reverted the RoomKeyBackup => Raw<RoomKeyBackup> change since it was applied only in one of two cases and it wasn't clear to me whether it's really needed with the same commit also changing RoomKeyBackups (only) field to change the type of its only field from BTreeMap<String, KeyBackupData> to BTreeMap<String, Raw<KeyBackupData>>.

Does that sound good to you @poljar?

Sure, I don't think we're using any of these types in the rust-sdk yet.

@jplatte
Copy link
Member

jplatte commented Feb 1, 2022

I meant in terms of making it possible to work with the API in a forwards-compatible way.

@poljar
Copy link
Contributor Author

poljar commented Feb 1, 2022

I'm not completely sure what got changed to what.

Where Raw<RoomKeyBackup> was used now RoomKeyBackup is used, but that's fine because RoomKeyBackup contains a Raw field like so:

pub struct RoomKeyBackup {
    pub sessions: BTreeMap<String, Raw<KeyBackupData>>,
}

Is that correct?

@jplatte
Copy link
Member

jplatte commented Feb 1, 2022

Exactly, that was my thinking. You probably wouldn't be expected to keep around fileds other than sessions, it's just inside sessions where you need to store the full JSON for forwards compatibility?

@poljar
Copy link
Contributor Author

poljar commented Feb 1, 2022

Yeah, I think that this should be fine.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jplatte jplatte jplatte approved these changes

@iinuwa iinuwa Awaiting requested review from iinuwa

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SignedKey isn't forward compatible for signature verification
2 participants
@poljar @jplatte