8 releases (breaking)

0.7.0 Jan 5, 2024
0.6.0 Sep 28, 2022
0.5.0 May 11, 2022
0.4.1 Sep 13, 2021
0.1.0 May 26, 2020

#63 in Cryptography

Download history 236/week @ 2023-12-07 399/week @ 2023-12-14 254/week @ 2023-12-21 200/week @ 2023-12-28 282/week @ 2024-01-04 309/week @ 2024-01-11 300/week @ 2024-01-18 225/week @ 2024-01-25 264/week @ 2024-02-01 319/week @ 2024-02-08 430/week @ 2024-02-15 410/week @ 2024-02-22 675/week @ 2024-02-29 575/week @ 2024-03-07 435/week @ 2024-03-14 412/week @ 2024-03-21

2,208 downloads per month
Used in 9 crates (5 directly)

Apache-2.0

1.5MB
31K SLoC

A no-network-IO implementation of a state machine that handles E2EE for Matrix clients.

Usage

If you're just trying to write a Matrix client or bot in Rust, you're probably looking for matrix-sdk instead.

However, if you're looking to add E2EE to an existing Matrix client or library, read on.

The state machine works in a push/pull manner:

  • you push state changes and events retrieved from a Matrix homeserver /sync response into the state machine
  • you pull requests that you'll need to send back to the homeserver out of the state machine
use std::collections::BTreeMap;

use matrix_sdk_crypto::{EncryptionSyncChanges, OlmMachine, OlmError};
use ruma::{
    api::client::sync::sync_events::{v3::ToDevice, DeviceLists},
    device_id, user_id,
};

#[tokio::main]
async fn main() -> Result<(), OlmError> {
    let alice = user_id!("@alice:example.org");
    let machine = OlmMachine::new(&alice, device_id!("DEVICEID")).await;

    let changed_devices = DeviceLists::default();
    let one_time_key_counts = BTreeMap::default();
    let unused_fallback_keys = Some(Vec::new());
    let next_batch_token = "T0K3N".to_owned();

    // Push changes that the server sent to us in a sync response.
    let decrypted_to_device = machine.receive_sync_changes(EncryptionSyncChanges {
        to_device_events: vec![],
        changed_devices: &changed_devices,
        one_time_keys_counts: &one_time_key_counts,
        unused_fallback_keys: unused_fallback_keys.as_deref(),
        next_batch_token: Some(next_batch_token),
    }).await?;

    // Pull requests that we need to send out.
    let outgoing_requests = machine.outgoing_requests().await?;

    // Send the requests here out and call machine.mark_request_as_sent().

    Ok(())
}

Room key sharing algorithm

The decision tree below visualizes the way this crate decides whether a room key will be shared with a requester upon a key request.

Crate Feature Flags

The following crate feature flags are available:

  • qrcode: Enbles QRcode generation and reading code

  • testing: provides facilities and functions for tests, in particular for integration testing store implementations. ATTENTION: do not ever use outside of tests, we do not provide any stability warantees on these, these are merely helpers. If you find you need any function provided here outside of tests, please open a Github Issue and inform us about your use case for us to consider.

Dependencies

~19–26MB
~490K SLoC