123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356 |
- # -*- coding: utf-8 -*-
- # Copyright 2017 New Vector Ltd
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- import json
- from twisted.internet import defer
- from synapse.api.errors import StoreError
- from ._base import SQLBaseStore
- class EndToEndRoomKeyStore(SQLBaseStore):
- @defer.inlineCallbacks
- def get_e2e_room_key(self, user_id, version, room_id, session_id):
- """Get the encrypted E2E room key for a given session from a given
- backup version of room_keys. We only store the 'best' room key for a given
- session at a given time, as determined by the handler.
- Args:
- user_id(str): the user whose backup we're querying
- version(str): the version ID of the backup for the set of keys we're querying
- room_id(str): the ID of the room whose keys we're querying.
- This is a bit redundant as it's implied by the session_id, but
- we include for consistency with the rest of the API.
- session_id(str): the session whose room_key we're querying.
- Returns:
- A deferred dict giving the session_data and message metadata for
- this room key.
- """
- row = yield self._simple_select_one(
- table="e2e_room_keys",
- keyvalues={
- "user_id": user_id,
- "version": version,
- "room_id": room_id,
- "session_id": session_id,
- },
- retcols=(
- "first_message_index",
- "forwarded_count",
- "is_verified",
- "session_data",
- ),
- desc="get_e2e_room_key",
- )
- row["session_data"] = json.loads(row["session_data"])
- defer.returnValue(row)
- @defer.inlineCallbacks
- def set_e2e_room_key(self, user_id, version, room_id, session_id, room_key):
- """Replaces or inserts the encrypted E2E room key for a given session in
- a given backup
- Args:
- user_id(str): the user whose backup we're setting
- version(str): the version ID of the backup we're updating
- room_id(str): the ID of the room whose keys we're setting
- session_id(str): the session whose room_key we're setting
- room_key(dict): the room_key being set
- Raises:
- StoreError
- """
- yield self._simple_upsert(
- table="e2e_room_keys",
- keyvalues={
- "user_id": user_id,
- "room_id": room_id,
- "session_id": session_id,
- },
- values={
- "version": version,
- "first_message_index": room_key['first_message_index'],
- "forwarded_count": room_key['forwarded_count'],
- "is_verified": room_key['is_verified'],
- "session_data": json.dumps(room_key['session_data']),
- },
- lock=False,
- )
- @defer.inlineCallbacks
- def get_e2e_room_keys(
- self, user_id, version, room_id=None, session_id=None
- ):
- """Bulk get the E2E room keys for a given backup, optionally filtered to a given
- room, or a given session.
- Args:
- user_id(str): the user whose backup we're querying
- version(str): the version ID of the backup for the set of keys we're querying
- room_id(str): Optional. the ID of the room whose keys we're querying, if any.
- If not specified, we return the keys for all the rooms in the backup.
- session_id(str): Optional. the session whose room_key we're querying, if any.
- If specified, we also require the room_id to be specified.
- If not specified, we return all the keys in this version of
- the backup (or for the specified room)
- Returns:
- A deferred list of dicts giving the session_data and message metadata for
- these room keys.
- """
- try:
- version = int(version)
- except ValueError:
- defer.returnValue({'rooms': {}})
- keyvalues = {
- "user_id": user_id,
- "version": version,
- }
- if room_id:
- keyvalues['room_id'] = room_id
- if session_id:
- keyvalues['session_id'] = session_id
- rows = yield self._simple_select_list(
- table="e2e_room_keys",
- keyvalues=keyvalues,
- retcols=(
- "user_id",
- "room_id",
- "session_id",
- "first_message_index",
- "forwarded_count",
- "is_verified",
- "session_data",
- ),
- desc="get_e2e_room_keys",
- )
- sessions = {'rooms': {}}
- for row in rows:
- room_entry = sessions['rooms'].setdefault(row['room_id'], {"sessions": {}})
- room_entry['sessions'][row['session_id']] = {
- "first_message_index": row["first_message_index"],
- "forwarded_count": row["forwarded_count"],
- "is_verified": row["is_verified"],
- "session_data": json.loads(row["session_data"]),
- }
- defer.returnValue(sessions)
- @defer.inlineCallbacks
- def delete_e2e_room_keys(
- self, user_id, version, room_id=None, session_id=None
- ):
- """Bulk delete the E2E room keys for a given backup, optionally filtered to a given
- room or a given session.
- Args:
- user_id(str): the user whose backup we're deleting from
- version(str): the version ID of the backup for the set of keys we're deleting
- room_id(str): Optional. the ID of the room whose keys we're deleting, if any.
- If not specified, we delete the keys for all the rooms in the backup.
- session_id(str): Optional. the session whose room_key we're querying, if any.
- If specified, we also require the room_id to be specified.
- If not specified, we delete all the keys in this version of
- the backup (or for the specified room)
- Returns:
- A deferred of the deletion transaction
- """
- keyvalues = {
- "user_id": user_id,
- "version": int(version),
- }
- if room_id:
- keyvalues['room_id'] = room_id
- if session_id:
- keyvalues['session_id'] = session_id
- yield self._simple_delete(
- table="e2e_room_keys",
- keyvalues=keyvalues,
- desc="delete_e2e_room_keys",
- )
- @staticmethod
- def _get_current_version(txn, user_id):
- txn.execute(
- "SELECT MAX(version) FROM e2e_room_keys_versions "
- "WHERE user_id=? AND deleted=0",
- (user_id,)
- )
- row = txn.fetchone()
- if not row:
- raise StoreError(404, 'No current backup version')
- return row[0]
- def get_e2e_room_keys_version_info(self, user_id, version=None):
- """Get info metadata about a version of our room_keys backup.
- Args:
- user_id(str): the user whose backup we're querying
- version(str): Optional. the version ID of the backup we're querying about
- If missing, we return the information about the current version.
- Raises:
- StoreError: with code 404 if there are no e2e_room_keys_versions present
- Returns:
- A deferred dict giving the info metadata for this backup version, with
- fields including:
- version(str)
- algorithm(str)
- auth_data(object): opaque dict supplied by the client
- """
- def _get_e2e_room_keys_version_info_txn(txn):
- if version is None:
- this_version = self._get_current_version(txn, user_id)
- else:
- try:
- this_version = int(version)
- except ValueError:
- # Our versions are all ints so if we can't convert it to an integer,
- # it isn't there.
- raise StoreError(404, "No row found")
- result = self._simple_select_one_txn(
- txn,
- table="e2e_room_keys_versions",
- keyvalues={
- "user_id": user_id,
- "version": this_version,
- "deleted": 0,
- },
- retcols=(
- "version",
- "algorithm",
- "auth_data",
- ),
- )
- result["auth_data"] = json.loads(result["auth_data"])
- result["version"] = str(result["version"])
- return result
- return self.runInteraction(
- "get_e2e_room_keys_version_info",
- _get_e2e_room_keys_version_info_txn
- )
- def create_e2e_room_keys_version(self, user_id, info):
- """Atomically creates a new version of this user's e2e_room_keys store
- with the given version info.
- Args:
- user_id(str): the user whose backup we're creating a version
- info(dict): the info about the backup version to be created
- Returns:
- A deferred string for the newly created version ID
- """
- def _create_e2e_room_keys_version_txn(txn):
- txn.execute(
- "SELECT MAX(version) FROM e2e_room_keys_versions WHERE user_id=?",
- (user_id,)
- )
- current_version = txn.fetchone()[0]
- if current_version is None:
- current_version = '0'
- new_version = str(int(current_version) + 1)
- self._simple_insert_txn(
- txn,
- table="e2e_room_keys_versions",
- values={
- "user_id": user_id,
- "version": new_version,
- "algorithm": info["algorithm"],
- "auth_data": json.dumps(info["auth_data"]),
- },
- )
- return new_version
- return self.runInteraction(
- "create_e2e_room_keys_version_txn", _create_e2e_room_keys_version_txn
- )
- def update_e2e_room_keys_version(self, user_id, version, info):
- """Update a given backup version
- Args:
- user_id(str): the user whose backup version we're updating
- version(str): the version ID of the backup version we're updating
- info(dict): the new backup version info to store
- """
- return self._simple_update(
- table="e2e_room_keys_versions",
- keyvalues={
- "user_id": user_id,
- "version": version,
- },
- updatevalues={
- "auth_data": json.dumps(info["auth_data"]),
- },
- desc="update_e2e_room_keys_version"
- )
- def delete_e2e_room_keys_version(self, user_id, version=None):
- """Delete a given backup version of the user's room keys.
- Doesn't delete their actual key data.
- Args:
- user_id(str): the user whose backup version we're deleting
- version(str): Optional. the version ID of the backup version we're deleting
- If missing, we delete the current backup version info.
- Raises:
- StoreError: with code 404 if there are no e2e_room_keys_versions present,
- or if the version requested doesn't exist.
- """
- def _delete_e2e_room_keys_version_txn(txn):
- if version is None:
- this_version = self._get_current_version(txn, user_id)
- else:
- this_version = version
- return self._simple_update_one_txn(
- txn,
- table="e2e_room_keys_versions",
- keyvalues={
- "user_id": user_id,
- "version": this_version,
- },
- updatevalues={
- "deleted": 1,
- }
- )
- return self.runInteraction(
- "delete_e2e_room_keys_version",
- _delete_e2e_room_keys_version_txn
- )
|