Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Correct some errors in the description of the validation process for incoming Olm-encrypted messages.
12 changes: 7 additions & 5 deletions content/client-server-api/modules/end_to_end_encryption.md
Original file line number Diff line number Diff line change
Expand Up @@ -1662,27 +1662,29 @@ of olm sessions maintained per device should be at least 4.
###### Validation of incoming decrypted events

{{% changed-in v="1.15" %}} Existing checks made more explicit, and checks for `sender_device_keys` added.
{{% changed-in v="1.19" %}} Corrections to some errors in the description of the verification checks.

After decrypting an incoming encrypted event, clients MUST apply the
following checks:

1. The `sender` property in the decrypted content must match the
`sender` of the event.
2. The `keys.ed25519` property in the decrypted content must match
the `sender_key` property in the cleartext `m.room.encrypted`
event body.
the Ed25519 identity key of the sending device. This key can be
obtained from either [`/keys/query`](#post_matrixclientv3keysquery)
or the `sender_device_keys` object (see below).
3. The `recipient` property in the decrypted content must match
the user ID of the local user.
4. The `recipient_keys.ed25519` property in the decrypted content
must match the client device's [Ed25519 signing key](#device-keys).
5. Where `sender_device_keys` is present in the decrypted content:
1. `sender_device_keys.user_id` must also match the `sender`
of the event.
2. `sender_device_keys.keys.ed25519:<device_id>` must also match
2. `sender_device_keys.keys.curve25519:<device_id>` must match
the `sender_key` property in the cleartext `m.room.encrypted`
event body.
3. `sender_device_keys.keys.curve25519:<device_id>` must match
the Curve25519 key used to establish the Olm session.
3. `sender_device_keys.keys.ed25519:<device_id>` must be the same
as the `keys.ed25519` property in the decrypted content.
4. The `sender_device_keys` structure must have a valid signature
from the key with ID `ed25519:<device_id>` (i.e., the sending
device's Ed25519 key).
Expand Down
Loading