feat(crypto): Add forwarder_data to InboundGroupSession and pickle.
#5943
Conversation
kaylendog
requested review from
Hywan and
poljar
and removed request for
a team
CodSpeed Performance ReportMerging #5943 will not alter performanceComparing Summary
|
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #5943 +/- ##
==========================================
- Coverage 88.51% 88.48% -0.03%
==========================================
Files 363 363
Lines 103432 103527 +95
Branches 103432 103527 +95
==========================================
+ Hits 91548 91609 +61
- Misses 7531 7562 +31
- Partials 4353 4356 +3 ☔ View full report in Codecov by Sentry. |
kaylendog
force-pushed
the
kaylendog/history_sharing/store_history_sender_details
branch
3 times, most recently
from
c322d5d to
ceb0c71
Compare
kaylendog
force-pushed
the
kaylendog/history_sharing/store_history_sender_details
branch
from
ceb0c71 to
a61c06d
Compare
Issue: #5109 Signed-off-by: Skye Elliot <[email protected]>
kaylendog
force-pushed
the
kaylendog/history_sharing/store_history_sender_details
branch
from
a61c06d to
f7c6e5f
Compare
kaylendog
requested review from
poljar and
richvdh
and removed request for
richvdh
richvdh
left a comment
richvdh
left a comment
There was a problem hiding this comment.
A few comments and thoughts.
There doesn't seem to be much in the way of tests that forwarder_data gets set correctly. I know that integration tests are coming later, but can we update test_receive_room_key_bundle?
| /// * `sender_data` - If the sessions were received as part of an MSC4268 | ||
| /// key bundle, the information about the user who sent us the bundle. |
There was a problem hiding this comment.
this appears to be referring to a non-existent argument
| if matches!( | ||
| &sender_data, | ||
| // The sender's device must be either `SenderData::SenderUnverified` (i.e., | ||
| // TOFU-trusted) or `SenderData::SenderVerified` (i.e., fully verified | ||
| // via user verification and cross-signing). | ||
| let sender_data = match sender_data { | ||
| SenderData::UnknownDevice { .. } | ||
| | SenderData::VerificationViolation(_) | ||
| | SenderData::DeviceInfo { .. } | ||
| ) { | ||
| warn!( | ||
| "Not accepting a historic room key bundle due to insufficient trust in the sender" | ||
| ); | ||
| return Ok(()); | ||
| } | ||
| | SenderData::VerificationViolation(_) | ||
| | SenderData::DeviceInfo { .. } => { | ||
| warn!( | ||
| "Not accepting a historic room key bundle due to insufficient trust in the sender" | ||
| ); | ||
| return Ok(()); | ||
| } | ||
| SenderData::SenderUnverified(_) | SenderData::SenderVerified(_) => sender_data, | ||
| }; |
There was a problem hiding this comment.
now that we pass the whole SenderData into import_room_key_bundle_sessions, I don't think the match statement is an improvement over the old matches! macro. Maybe keep the comment though.
| /// * `sender_data` - If the sessions were received as part of an MSC4268 | ||
| /// key bundle, the information about the user who sent us the bundle. |
| /// store. | ||
| pub received_room_key_bundles: Vec<StoredRoomKeyBundleData>, | ||
|
|
||
| pub sender_data: BTreeMap<OwnedRoomId, BTreeMap<String, KnownSenderData>>, |
There was a problem hiding this comment.
this needs documentation at the very least, but I don't understand why it is needed and how it relates to inbound_group_sessions
There was a problem hiding this comment.
Left-over from before we decided to use InboundGroupSession, removed in 741a442
| &self, | ||
| room_keys: Vec<T>, | ||
| from_backup_version: Option<&str>, | ||
| sender_data: Option<&SenderData>, |
There was a problem hiding this comment.
given that this ends up as the forwarder_data rather than the sender_data, it should probably be named accordingly ... and that change could do with chasing up the call stack.
| &self, | ||
| keys: Vec<ExportedRoomKey>, | ||
| from_backup_version: Option<&str>, | ||
| sender_data: Option<&SenderData>, |
There was a problem hiding this comment.
since this is unused (and afaik we have no intention to use it), I'd suggest getting rid of it.
| &self, | ||
| exported_keys: Vec<ExportedRoomKey>, | ||
| from_backup_version: Option<&str>, | ||
| sender_data: Option<&SenderData>, |
| let mut keys = BTreeMap::new(); | ||
|
|
||
| for (i, key) in room_keys.into_iter().enumerate() { | ||
| match key.try_into() { |
There was a problem hiding this comment.
Low-confidence comment:
It feels like, ideally, we ought to be setting the InboundGroupSession::forwarder_data at the point we convert from HistoricRoomKey: it's not really meaningful to convert from HistoricRoomKey to InboundGroupSession without a forwarder_data.
In other words, we should replace InboundGroupSession::try_from(&HistoricRoomKey) with some other method that also takes a &SenderData.
On the flip side, import_sessions_impl is used for ExportedRoomKey as well as HistoricRoomKey, so this change would probably mean pushing the try_into call, and hence the error handling up the stack. It might give us more code and less clarity.
WDYT?
There was a problem hiding this comment.
I presume impl TryFrom<(&HistoricRoomKey, SenderData)> for InboundGroupSession is too hacky? I do like the polymorphism you point out in your final paragraph, and it'd be nice to keep that, I think.
There was a problem hiding this comment.
impl TryFrom<(&HistoricRoomKey, SenderData)> for InboundGroupSessionis too hacky?
That does feel pretty hacky. Once you get that specific, it seems like a dedicated method is preferable to trying to implement TryFrom or TryInto. (HistoricRoomKey::try_into_inbound_group_session(self, sender_data:: &SenderData) or sth.)
I do like the polymorphism you point out in your final paragraph, and it'd be nice to keep that, I think.
Ok, up to you.
There was a problem hiding this comment.
I think we can exploit TryFrom<T> for T being implemented in the standard library - I am cooking something up...
There was a problem hiding this comment.
Nevermind, opted to just rewrite Store::Import_sessions_impl
kaylendog
force-pushed
the
kaylendog/history_sharing/store_history_sender_details
branch
from
fdfaf0e to
341ab9c
Compare
Issue: #5109