Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Messages by the bot are unencrypted #647

Open
Abestanis opened this issue Jul 28, 2021 · 0 comments
Open

Messages by the bot are unencrypted #647

Abestanis opened this issue Jul 28, 2021 · 0 comments

Comments

@Abestanis
Copy link

Question

Is there support for encrypting the messages of the Telegram bridge bot?

Description

First of all, thank you for this very awesome bridge! I'm currently setting it up for my own matrix server (Synapse 1.38.1). I'm using the currently latest version of the docker container of the bridge (dock.mau.dev/tulir/mautrix-telegram:latest).

The bridging of messages from Telegram to Matrix and the other way works beautifully, I enabled end-to-bridge encryption and the messages I send from Telegram all show up as encrypted in the matrix chat, just as I want them to.

The encryption settings of the bridge 
# Bridge config
bridge:
    encryption:
        # Allow encryption, work in group chat rooms with e2ee enabled
        allow: true
        # Default to encryption, force-enable encryption in all portals the bridge creates
        # This will cause the bridge bot to be in private chats for the encryption to work properly.
        default: true
        # Database for the encryption data. Currently only supports Postgres and an in-memory
        # store that's persisted as a pickle.
        # If set to `default`, will use the appservice postgres database
        # or a pickle file if the appservice database is sqlite.
        #
        # Format examples:
        #   Pickle:   pickle:///filename.pickle
        #   Postgres: postgres://username:password@hostname/dbname
        database: default
        # Options for automatic key sharing.
        key_sharing:
            # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
            # You must use a client that supports requesting keys from other users to use this feature.
            allow: true
            # Require the requesting device to have a valid cross-signing signature?
            # This doesn't require that the bridge has verified the device, only that the user has verified it.
            # Not yet implemented.
            require_cross_signing: true
            # Require devices to be verified by the bridge?
            # Verification by the bridge is not yet implemented.
            require_verification: true

Unfortunately, the messages send by the Telegram bridge bot are not encrypted. This includes responses from the bot in normal chats, as shown in the image, as well as responses in the direct chat with the bot. They show up with a warning in Element.

Unencrypted message send by the Telegram bridge bot

Debugging the problem

I did some debugging and tried to work trough the code. I noticed that messages from Telegram go through BasePortal._send_message where they are encrypted.
Responses to commands seem to use CommandEvent.reply, EventMethods.send_notice, EventMethods.send_text, EventMethods.send_message and finally EventMethods.send_message_event. I don't see a code path that would encrypt the message. I noticed that there is an overload for send_message_event, EncryptingAPI.send_message_event, but that doesn't seem to be used.

Conclusion

Thank you in advance for your help and again for this awesome bridge. Let me know if you need more info or if this is something that is not supported yet.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Abestanis