Merge branch 'krille/decrypt-last-event' into 'main'

fix: Decrypt of last event might make an old message as last event See merge request famedly/company/frontend/famedlysdk!1110
2022-08-21 12:22:28 +00:00 · 2022-08-21 12:22:28 +00:00 · a536a7ea8b
parent d090c0e718 994faf1012
commit a536a7ea8b
1 changed files with 13 additions and 4 deletions
--- a/lib/encryption/key_manager.dart
+++ b/lib/encryption/key_manager.dart
@ -183,9 +183,14 @@ class KeyManager {
    final room = client.getRoomById(roomId);
    if (room != null) {
      // attempt to decrypt the last event
-      final event = room.getState(EventTypes.Encrypted);
-      if (event != null && event.content['session_id'] == sessionId) {
-        room.setState(encryption.decryptRoomEventSync(roomId, event));
+      final event = room.lastEvent;
+      if (event != null &&
+          event.type == EventTypes.Encrypted &&
+          event.content['session_id'] == sessionId) {
+        final decrypted = encryption.decryptRoomEventSync(roomId, event);
+        if (decrypted.type != EventTypes.Encrypted) {
+          room.setState(decrypted);
+        }
      }
      // and finally broadcast the new session
      room.onSessionKeyReceived.add(sessionId);
@ -887,7 +892,11 @@ class KeyManager {
      // we *received* an incoming key request
      final encryptedContent = event.encryptedContent;
      if (encryptedContent == null) {
-        return; // event wasn't encrypted, this is a security risk
+        Logs().w(
+          'Ignoring an unencrypted forwarded key from a to device message',
+          event.toJson(),
+        );
+        return;
      }
      final request = outgoingShareRequests.values.firstWhereOrNull((r) =>
          r.room.id == event.content['room_id'] &&