Skip to content

Commit

Permalink
Merge branch 'release-for-crypto-wasm-11'
Browse files Browse the repository at this point in the history 
This brings in the fix for #4424 that we did on a release branch to
allow a quick release of crypto-wasm
  • Loading branch information
@andybalaam
andybalaam committed Dec 18, 2024
2 parents 373709f + b18e7d7 commit 0394761
Show file tree
Hide file tree
Showing 3 changed files with 175 additions and 21 deletions.
72 changes: 71 additions & 1 deletion crates/matrix-sdk-common/src/deserialized_responses.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,7 @@ pub enum VerificationLevel {

/// The message was sent by a user identity we have not verified, but the
/// user was previously verified.
#[serde(alias = "PreviouslyVerified")]
VerificationViolation,

/// The message was sent by a device not linked to (signed by) any user
Expand Down Expand Up @@ -262,6 +263,7 @@ pub enum ShieldStateCode {
/// An unencrypted event in an encrypted room.
SentInClear,
/// The sender was previously verified but changed their identity.
#[serde(alias = "PreviouslyVerified")]
VerificationViolation,
}

Expand Down Expand Up @@ -921,7 +923,7 @@ mod tests {
TimelineEventKind, UnableToDecryptInfo, UnableToDecryptReason, UnsignedDecryptionResult,
UnsignedEventLocation, VerificationState, WithheldCode,
};
use crate::deserialized_responses::{DeviceLinkProblem, VerificationLevel};
use crate::deserialized_responses::{DeviceLinkProblem, ShieldStateCode, VerificationLevel};

fn example_event() -> serde_json::Value {
json!({
Expand Down Expand Up @@ -996,6 +998,74 @@ mod tests {
);
}

#[test]
fn test_verification_level_deserializes() {
// Given a JSON VerificationLevel
#[derive(Deserialize)]
struct Container {
verification_level: VerificationLevel,
}
let container = json!({ "verification_level": "VerificationViolation" });

// When we deserialize it
let deserialized: Container = serde_json::from_value(container)
.expect("We can deserialize the old PreviouslyVerified value");

// Then it is populated correctly
assert_eq!(deserialized.verification_level, VerificationLevel::VerificationViolation);
}

#[test]
fn test_verification_level_deserializes_from_old_previously_verified_value() {
// Given a JSON VerificationLevel with the old value PreviouslyVerified
#[derive(Deserialize)]
struct Container {
verification_level: VerificationLevel,
}
let container = json!({ "verification_level": "PreviouslyVerified" });

// When we deserialize it
let deserialized: Container = serde_json::from_value(container)
.expect("We can deserialize the old PreviouslyVerified value");

// Then it is migrated to the new value
assert_eq!(deserialized.verification_level, VerificationLevel::VerificationViolation);
}

#[test]
fn test_shield_state_code_deserializes() {
// Given a JSON ShieldStateCode with value VerificationViolation
#[derive(Deserialize)]
struct Container {
shield_state_code: ShieldStateCode,
}
let container = json!({ "shield_state_code": "VerificationViolation" });

// When we deserialize it
let deserialized: Container = serde_json::from_value(container)
.expect("We can deserialize the old PreviouslyVerified value");

// Then it is populated correctly
assert_eq!(deserialized.shield_state_code, ShieldStateCode::VerificationViolation);
}

#[test]
fn test_shield_state_code_deserializes_from_old_previously_verified_value() {
// Given a JSON ShieldStateCode with the old value PreviouslyVerified
#[derive(Deserialize)]
struct Container {
shield_state_code: ShieldStateCode,
}
let container = json!({ "shield_state_code": "PreviouslyVerified" });

// When we deserialize it
let deserialized: Container = serde_json::from_value(container)
.expect("We can deserialize the old PreviouslyVerified value");

// Then it is migrated to the new value
assert_eq!(deserialized.shield_state_code, ShieldStateCode::VerificationViolation);
}

#[test]
fn sync_timeline_event_serialisation() {
let room_event = SyncTimelineEvent {
Expand Down
77 changes: 58 additions & 19 deletions crates/matrix-sdk-crypto/src/identities/user.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -922,6 +922,7 @@ enum OwnUserIdentityVerifiedState {
NeverVerified,

/// We previously verified this identity, but it has changed.
#[serde(alias = "PreviouslyVerifiedButNoLonger")]
VerificationViolation,

/// We have verified the current identity.
Expand Down Expand Up @@ -1541,26 +1542,10 @@ pub(crate) mod tests {
/// that we can deserialize boolean values.
#[test]
fn test_deserialize_own_user_identity_bool_verified() {
let mut json = json!({
"user_id": "@example:localhost",
"master_key": {
"user_id":"@example:localhost",
"usage":["master"],
"keys":{"ed25519:rJ2TAGkEOP6dX41Ksll6cl8K3J48l8s/59zaXyvl2p0":"rJ2TAGkEOP6dX41Ksll6cl8K3J48l8s/59zaXyvl2p0"},
},
"self_signing_key": {
"user_id":"@example:localhost",
"usage":["self_signing"],
"keys":{"ed25519:0C8lCBxrvrv/O7BQfsKnkYogHZX3zAgw3RfJuyiq210":"0C8lCBxrvrv/O7BQfsKnkYogHZX3zAgw3RfJuyiq210"}
},
"user_signing_key": {
"user_id":"@example:localhost",
"usage":["user_signing"],
"keys":{"ed25519:DU9z4gBFKFKCk7a13sW9wjT0Iyg7Hqv5f0BPM7DEhPo":"DU9z4gBFKFKCk7a13sW9wjT0Iyg7Hqv5f0BPM7DEhPo"}
},
"verified": false
});
let mut json = own_user_identity_data();

// Set `"verified": false`
*json.get_mut("verified").unwrap() = false.into();
let id: OwnUserIdentityData = serde_json::from_value(json.clone()).unwrap();
assert_eq!(*id.verified.read().unwrap(), OwnUserIdentityVerifiedState::NeverVerified);

Expand All @@ -1570,6 +1555,38 @@ pub(crate) mod tests {
assert_eq!(*id.verified.read().unwrap(), OwnUserIdentityVerifiedState::Verified);
}

#[test]
fn test_own_user_identity_verified_state_verification_violation_deserializes() {
// Given data containing verified: VerificationViolation
let mut json = own_user_identity_data();
*json.get_mut("verified").unwrap() = "VerificationViolation".into();

// When we deserialize
let id: OwnUserIdentityData = serde_json::from_value(json.clone()).unwrap();

// Then the value is correctly populated
assert_eq!(
*id.verified.read().unwrap(),
OwnUserIdentityVerifiedState::VerificationViolation
);
}

#[test]
fn test_own_user_identity_verified_state_previously_verified_deserializes() {
// Given data containing verified: PreviouslyVerifiedButNoLonger
let mut json = own_user_identity_data();
*json.get_mut("verified").unwrap() = "PreviouslyVerifiedButNoLonger".into();

// When we deserialize
let id: OwnUserIdentityData = serde_json::from_value(json.clone()).unwrap();

// Then the old value is re-interpreted as VerificationViolation
assert_eq!(
*id.verified.read().unwrap(),
OwnUserIdentityVerifiedState::VerificationViolation
);
}

#[test]
fn own_identity_check_signatures() {
let response = own_key_query();
Expand Down Expand Up @@ -1945,4 +1962,26 @@ pub(crate) mod tests {
assert!(!own_identity.was_previously_verified());
assert!(!own_identity.has_verification_violation());
}

fn own_user_identity_data() -> Value {
json!({
"user_id": "@example:localhost",
"master_key": {
"user_id":"@example:localhost",
"usage":["master"],
"keys":{"ed25519:rJ2TAGkEOP6dX41Ksll6cl8K3J48l8s/59zaXyvl2p0":"rJ2TAGkEOP6dX41Ksll6cl8K3J48l8s/59zaXyvl2p0"},
},
"self_signing_key": {
"user_id":"@example:localhost",
"usage":["self_signing"],
"keys":{"ed25519:0C8lCBxrvrv/O7BQfsKnkYogHZX3zAgw3RfJuyiq210":"0C8lCBxrvrv/O7BQfsKnkYogHZX3zAgw3RfJuyiq210"}
},
"user_signing_key": {
"user_id":"@example:localhost",
"usage":["user_signing"],
"keys":{"ed25519:DU9z4gBFKFKCk7a13sW9wjT0Iyg7Hqv5f0BPM7DEhPo":"DU9z4gBFKFKCk7a13sW9wjT0Iyg7Hqv5f0BPM7DEhPo"}
},
"verified": false
})
}
}
47 changes: 46 additions & 1 deletion crates/matrix-sdk-crypto/src/olm/group_sessions/sender_data.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -215,6 +215,7 @@ enum SenderDataReader {
legacy_session: bool,
},

#[serde(alias = "SenderUnverifiedButPreviouslyVerified")]
VerificationViolation(KnownSenderData),

SenderUnverified(KnownSenderData),
Expand Down Expand Up @@ -286,7 +287,10 @@ mod tests {
use vodozemac::Ed25519PublicKey;

use super::SenderData;
use crate::types::{DeviceKeys, Signatures};
use crate::{
olm::KnownSenderData,
types::{DeviceKeys, Signatures},
};

#[test]
fn serializing_unknown_device_correctly_preserves_owner_check_failed_if_true() {
Expand Down Expand Up @@ -360,6 +364,47 @@ mod tests {
assert_let!(SenderData::SenderVerified { .. } = end);
}

#[test]
fn deserializing_sender_unverified_but_previously_verified_migrates_to_verification_violation()
{
let json = r#"
{
"SenderUnverifiedButPreviouslyVerified":{
"user_id":"@u:s.co",
"master_key":[
150,140,249,139,141,29,63,230,179,14,213,175,176,61,11,255,
26,103,10,51,100,154,183,47,181,117,87,204,33,215,241,92
],
"master_key_verified":true
}
}
"#;

let end: SenderData = serde_json::from_str(json).expect("Failed to parse!");
assert_let!(SenderData::VerificationViolation(KnownSenderData { user_id, .. }) = end);
assert_eq!(user_id, owned_user_id!("@u:s.co"));
}

#[test]
fn deserializing_verification_violation() {
let json = r#"
{
"VerificationViolation":{
"user_id":"@u:s.co",
"master_key":[
150,140,249,139,141,29,63,230,179,14,213,175,176,61,11,255,
26,103,10,51,100,154,183,47,181,117,87,204,33,215,241,92
],
"master_key_verified":true
}
}
"#;

let end: SenderData = serde_json::from_str(json).expect("Failed to parse!");
assert_let!(SenderData::VerificationViolation(KnownSenderData { user_id, .. }) = end);
assert_eq!(user_id, owned_user_id!("@u:s.co"));
}

#[test]
fn equal_sessions_have_same_trust_level() {
let unknown = SenderData::unknown();
Expand Down

0 comments on commit 0394761

Please sign in to comment.