crypto: withhold outgoing messages to unsigned dehydrated devices

Per #4313, we should not send outgoing messages to dehydrated devices that are not signed by the current pinned/verified identity.
matrix-org · Jan 17, 2025 · 001dcf6 · 001dcf6
1 parent e9c5096
commit 001dcf6
Show file tree

Hide file tree

Showing 7 changed files with 750 additions and 19 deletions.
diff --git a/crates/matrix-sdk-crypto/src/identities/device.rs b/crates/matrix-sdk-crypto/src/identities/device.rs
@@ -481,7 +481,7 @@ impl Device {
 
     /// Whether or not the device is a dehydrated device.
     pub fn is_dehydrated(&self) -> bool {
-        self.inner.device_keys.dehydrated.unwrap_or(false)
+        self.inner.is_dehydrated()
     }
 }
 
@@ -966,6 +966,11 @@ impl DeviceData {
     pub fn first_time_seen_ts(&self) -> MilliSecondsSinceUnixEpoch {
         self.first_time_seen_ts
     }
+
+    /// True if this device is an MSC3814 dehydrated device.
+    pub fn is_dehydrated(&self) -> bool {
+        self.device_keys.dehydrated.unwrap_or(false)
+    }
 }
 
 impl TryFrom<&DeviceKeys> for DeviceData {