crypto: withhold outgoing messages to unsigned dehydrated devices

Per #4313, we should not send outgoing messages to dehydrated devices that are not signed by the current pinned/verified identity.
matrix-org · Jan 29, 2025 · 6f42b0a · 6f42b0a
1 parent e3b3487
commit 6f42b0a
Show file tree

Hide file tree

Showing 7 changed files with 792 additions and 4 deletions.
diff --git a/crates/matrix-sdk-crypto/CHANGELOG.md b/crates/matrix-sdk-crypto/CHANGELOG.md
@@ -17,6 +17,9 @@ All notable changes to this project will be documented in this file.
   keys with Olm-encrypted events).
   ([#4420](https://github.com/matrix-org/matrix-rust-sdk/pull/4420))
 
+- Room keys are not shared with unsigned dehydrated devices.
+  ([#4551](https://github.com/matrix-org/matrix-rust-sdk/pull/4551))
+
 ## [0.9.0] - 2024-12-18
 
 ### Features

diff --git a/crates/matrix-sdk-crypto/src/identities/device.rs b/crates/matrix-sdk-crypto/src/identities/device.rs
@@ -479,9 +479,9 @@ impl Device {
         Ok(raw_encrypted)
     }
 
-    /// Whether or not the device is a dehydrated device.
+    /// True if this device is an [MSC3814](https://github.com/matrix-org/matrix-spec-proposals/pull/3814) dehydrated device.
     pub fn is_dehydrated(&self) -> bool {
-        self.inner.device_keys.dehydrated.unwrap_or(false)
+        self.inner.is_dehydrated()
     }
 }
 
@@ -966,6 +966,11 @@ impl DeviceData {
     pub fn first_time_seen_ts(&self) -> MilliSecondsSinceUnixEpoch {
         self.first_time_seen_ts
     }
+
+    /// True if this device is an [MSC3814](https://github.com/matrix-org/matrix-spec-proposals/pull/3814) dehydrated device.
+    pub fn is_dehydrated(&self) -> bool {
+        self.device_keys.dehydrated.unwrap_or(false)
+    }
 }
 
 impl TryFrom<&DeviceKeys> for DeviceData {