From 79b3dba1ed4b6870c4e989ada88e33b1ce0ddc21 Mon Sep 17 00:00:00 2001
From: Alexey Rusakov <Kitsune-Ral@users.sf.net>
Date: Mon, 16 May 2022 10:41:54 +0200
Subject: QOlmExpected and associated refactoring

As mentioned in the commit introducing `Expected`, `QOlmExpected` is
simply an alias for `Expected<T, QOlmError>`. This simplifies quite
a few function signatures in `QOlm*` classes and collapses unwieldy
`std::holds_alternative<>`/`std::get<>` constructs into a neat
contextual bool cast and an invocation of `operator*` or
`value()`/`error()` accessors that don't need to specify the type.

While refactoring the code, I found a couple of cases of mismatching
`uint32_t` and `qint32_t` in return values; a couple of cases where
`decrypt()` returns `QString` which is in fact `QByteArray` (e.g., in
`QOlmSession::decrypt()`); there's a repetitive algorithm in
`Connection::Private::sessionDecryptPrekey()` and
`sessionDecryptGeneral()`
---
 lib/e2ee/qolmoutboundsession.cpp | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

(limited to 'lib/e2ee/qolmoutboundsession.cpp')

diff --git a/lib/e2ee/qolmoutboundsession.cpp b/lib/e2ee/qolmoutboundsession.cpp
index da32417b..96bad344 100644
--- a/lib/e2ee/qolmoutboundsession.cpp
+++ b/lib/e2ee/qolmoutboundsession.cpp
@@ -13,8 +13,7 @@ QOlmError lastError(OlmOutboundGroupSession *session) {
 
 QOlmOutboundGroupSession::QOlmOutboundGroupSession(OlmOutboundGroupSession *session)
     : m_groupSession(session)
-{
-}
+{}
 
 QOlmOutboundGroupSession::~QOlmOutboundGroupSession()
 {
@@ -22,7 +21,7 @@ QOlmOutboundGroupSession::~QOlmOutboundGroupSession()
     delete[](reinterpret_cast<uint8_t *>(m_groupSession));
 }
 
-std::unique_ptr<QOlmOutboundGroupSession> QOlmOutboundGroupSession::create()
+QOlmOutboundGroupSessionPtr QOlmOutboundGroupSession::create()
 {
     auto *olmOutboundGroupSession = olm_outbound_group_session(new uint8_t[olm_outbound_group_session_size()]);
     const auto randomLength = olm_init_outbound_group_session_random_length(olmOutboundGroupSession);
@@ -45,7 +44,7 @@ std::unique_ptr<QOlmOutboundGroupSession> QOlmOutboundGroupSession::create()
     return std::make_unique<QOlmOutboundGroupSession>(olmOutboundGroupSession);
 }
 
-std::variant<QByteArray, QOlmError> QOlmOutboundGroupSession::pickle(const PicklingMode &mode)
+QOlmExpected<QByteArray> QOlmOutboundGroupSession::pickle(const PicklingMode &mode)
 {
     QByteArray pickledBuf(olm_pickle_outbound_group_session_length(m_groupSession), '0');
     QByteArray key = toKey(mode);
@@ -61,7 +60,7 @@ std::variant<QByteArray, QOlmError> QOlmOutboundGroupSession::pickle(const Pickl
     return pickledBuf;
 }
 
-std::variant<std::unique_ptr<QOlmOutboundGroupSession>, QOlmError> QOlmOutboundGroupSession::unpickle(QByteArray &pickled, const PicklingMode &mode)
+QOlmExpected<QOlmOutboundGroupSessionPtr> QOlmOutboundGroupSession::unpickle(QByteArray &pickled, const PicklingMode &mode)
 {
     QByteArray pickledBuf = pickled;
     auto *olmOutboundGroupSession = olm_outbound_group_session(new uint8_t[olm_outbound_group_session_size()]);
@@ -80,7 +79,7 @@ std::variant<std::unique_ptr<QOlmOutboundGroupSession>, QOlmError> QOlmOutboundG
     return std::make_unique<QOlmOutboundGroupSession>(olmOutboundGroupSession);
 }
 
-std::variant<QByteArray, QOlmError> QOlmOutboundGroupSession::encrypt(const QString &plaintext)
+QOlmExpected<QByteArray> QOlmOutboundGroupSession::encrypt(const QString &plaintext)
 {
     QByteArray plaintextBuf = plaintext.toUtf8();
     const auto messageMaxLength = olm_group_encrypt_message_length(m_groupSession, plaintextBuf.length());
@@ -112,12 +111,13 @@ QByteArray QOlmOutboundGroupSession::sessionId() const
     return idBuffer;
 }
 
-std::variant<QByteArray, QOlmError> QOlmOutboundGroupSession::sessionKey() const
+QOlmExpected<QByteArray> QOlmOutboundGroupSession::sessionKey() const
 {
     const auto keyMaxLength = olm_outbound_group_session_key_length(m_groupSession);
     QByteArray keyBuffer(keyMaxLength, '0');
-    const auto error = olm_outbound_group_session_key(m_groupSession, reinterpret_cast<uint8_t *>(keyBuffer.data()),
-            keyMaxLength);
+    const auto error = olm_outbound_group_session_key(
+        m_groupSession, reinterpret_cast<uint8_t*>(keyBuffer.data()),
+        keyMaxLength);
     if (error == olm_error()) {
         return lastError(m_groupSession);
     }
-- 
cgit v1.2.3


From 3eb7ad8b0a1ac0f6f9cda679108937a01268f184 Mon Sep 17 00:00:00 2001
From: Tobias Fella <fella@posteo.de>
Date: Mon, 16 May 2022 20:46:34 +0200
Subject: Save and load outgoing megolm session

---
 lib/connection.cpp               | 11 ++++++++++-
 lib/connection.h                 |  5 +++++
 lib/database.cpp                 | 41 +++++++++++++++++++++++++++++++++++++++-
 lib/database.h                   |  3 +++
 lib/e2ee/qolmoutboundsession.cpp | 22 ++++++++++++++++++++-
 lib/e2ee/qolmoutboundsession.h   |  9 +++++++++
 lib/room.cpp                     | 23 +++++++++++-----------
 7 files changed, 99 insertions(+), 15 deletions(-)

(limited to 'lib/e2ee/qolmoutboundsession.cpp')

diff --git a/lib/connection.cpp b/lib/connection.cpp
index a66a4168..b11ec731 100644
--- a/lib/connection.cpp
+++ b/lib/connection.cpp
@@ -2247,7 +2247,6 @@ bool Connection::hasOlmSession(User* user, const QString& deviceId) const
 QPair<QOlmMessage::Type, QByteArray> Connection::olmEncryptMessage(User* user, const QString& device, const QByteArray& message)
 {
     //TODO be smarter about choosing a session; see e2ee impl guide
-    //TODO create session?
     const auto& curveKey = curveKeyForUserDevice(user->id(), device);
     QOlmMessage::Type type = d->olmSessions[curveKey][0]->encryptMessageType();
     auto result = d->olmSessions[curveKey][0]->encrypt(message);
@@ -2266,4 +2265,14 @@ void Connection::createOlmSession(const QString& theirIdentityKey, const QString
     d->olmSessions[theirIdentityKey].push_back(std::move(std::get<std::unique_ptr<QOlmSession>>(session)));
 }
 
+QOlmOutboundGroupSessionPtr Connection::loadCurrentOutboundMegolmSession(Room* room)
+{
+    return d->database->loadCurrentOutboundMegolmSession(room->id(), d->picklingMode);
+}
+
+void Connection::saveCurrentOutboundMegolmSession(Room *room, const QOlmOutboundGroupSessionPtr& data)
+{
+    d->database->saveCurrentOutboundMegolmSession(room->id(), d->picklingMode, data);
+}
+
 #endif
diff --git a/lib/connection.h b/lib/connection.h
index afa4a657..8bed55da 100644
--- a/lib/connection.h
+++ b/lib/connection.h
@@ -25,6 +25,7 @@
 #ifdef Quotient_E2EE_ENABLED
 #include "e2ee/e2ee.h"
 #include "e2ee/qolmmessage.h"
+#include "e2ee/qolmoutboundsession.h"
 #endif
 
 Q_DECLARE_METATYPE(Quotient::GetLoginFlowsJob::LoginFlow)
@@ -324,6 +325,10 @@ public:
                            const QOlmInboundGroupSession& session);
     bool hasOlmSession(User* user, const QString& deviceId) const;
 
+    QOlmOutboundGroupSessionPtr loadCurrentOutboundMegolmSession(Room* room);
+    void saveCurrentOutboundMegolmSession(Room *room, const QOlmOutboundGroupSessionPtr& data);
+
+
     //This currently assumes that an olm session with (user, device) exists
     //TODO make this return an event?
     QPair<QOlmMessage::Type, QByteArray> olmEncryptMessage(User* user, const QString& device, const QByteArray& message);
diff --git a/lib/database.cpp b/lib/database.cpp
index e2e7acc9..8cb3a9d1 100644
--- a/lib/database.cpp
+++ b/lib/database.cpp
@@ -86,7 +86,7 @@ void Database::migrateTo1()
     execute(QStringLiteral("CREATE TABLE accounts (pickle TEXT);"));
     execute(QStringLiteral("CREATE TABLE olm_sessions (senderKey TEXT, sessionId TEXT, pickle TEXT);"));
     execute(QStringLiteral("CREATE TABLE inbound_megolm_sessions (roomId TEXT, senderKey TEXT, sessionId TEXT, pickle TEXT);"));
-    execute(QStringLiteral("CREATE TABLE outbound_megolm_sessions (roomId TEXT, senderKey TEXT, sessionId TEXT, pickle TEXT);"));
+    execute(QStringLiteral("CREATE TABLE outbound_megolm_sessions (roomId TEXT, sessionId TEXT, pickle TEXT, creationTime TEXT, messageCount INTEGER);"));
     execute(QStringLiteral("CREATE TABLE group_session_record_index (roomId TEXT, sessionId TEXT, i INTEGER, eventId TEXT, ts INTEGER);"));
     execute(QStringLiteral("CREATE TABLE tracked_users (matrixId TEXT);"));
     execute(QStringLiteral("CREATE TABLE outdated_users (matrixId TEXT);"));
@@ -292,3 +292,42 @@ void Database::setOlmSessionLastReceived(const QString& sessionId, const QDateTi
     execute(query);
     commit();
 }
+
+void Database::saveCurrentOutboundMegolmSession(const QString& roomId, const PicklingMode& picklingMode, const QOlmOutboundGroupSessionPtr& session)
+{
+    const auto pickle = session->pickle(picklingMode);
+    if (std::holds_alternative<QByteArray>(pickle)) {
+        auto deleteQuery = prepareQuery(QStringLiteral("DELETE FROM outbound_megolm_sessions WHERE roomId=:roomId AND sessionId=:sessionId;"));
+        deleteQuery.bindValue(":roomId", roomId);
+        deleteQuery.bindValue(":sessionId", session->sessionId());
+
+        auto insertQuery = prepareQuery(QStringLiteral("INSERT INTO outbound_megolm_sessions(roomId, sessionId, pickle, creationTime, messageCount) VALUES(:roomId, :sessionId, :pickle, :creationTime, :messageCount);"));
+        insertQuery.bindValue(":roomId", roomId);
+        insertQuery.bindValue(":sessionId", session->sessionId());
+        insertQuery.bindValue(":pickle", std::get<QByteArray>(pickle));
+        insertQuery.bindValue(":creationTime", session->creationTime());
+        insertQuery.bindValue(":messageCount", session->messageCount());
+
+        transaction();
+        execute(deleteQuery);
+        execute(insertQuery);
+        commit();
+    }
+}
+
+QOlmOutboundGroupSessionPtr Database::loadCurrentOutboundMegolmSession(const QString& roomId, const PicklingMode& picklingMode)
+{
+    auto query = prepareQuery(QStringLiteral("SELECT * FROM outbound_megolm_sessions WHERE roomId=:roomId ORDER BY creationTime DESC;"));
+    query.bindValue(":roomId", roomId);
+    execute(query);
+    if (query.next()) {
+        auto sessionResult = QOlmOutboundGroupSession::unpickle(query.value("pickle").toByteArray(), picklingMode);
+        if (std::holds_alternative<QOlmOutboundGroupSessionPtr>(sessionResult)) {
+            auto session = std::move(std::get<QOlmOutboundGroupSessionPtr>(sessionResult));
+            session->setCreationTime(query.value("creationTime").toDateTime());
+            session->setMessageCount(query.value("messageCount").toInt());
+            return session;
+        }
+    }
+    return nullptr;
+}
diff --git a/lib/database.h b/lib/database.h
index 08fe49f3..751ebd1d 100644
--- a/lib/database.h
+++ b/lib/database.h
@@ -8,6 +8,7 @@
 #include <QtCore/QVector>
 
 #include "e2ee/e2ee.h"
+
 namespace Quotient {
 class QUOTIENT_API Database : public QObject
 {
@@ -34,6 +35,8 @@ public:
     std::pair<QString, qint64> groupSessionIndexRecord(const QString& roomId, const QString& sessionId, qint64 index);
     void clearRoomData(const QString& roomId);
     void setOlmSessionLastReceived(const QString& sessionId, const QDateTime& timestamp);
+    QOlmOutboundGroupSessionPtr loadCurrentOutboundMegolmSession(const QString& roomId, const PicklingMode& picklingMode);
+    void saveCurrentOutboundMegolmSession(const QString& roomId, const PicklingMode& picklingMode, const QOlmOutboundGroupSessionPtr& data);
 
 private:
     void migrateTo1();
diff --git a/lib/e2ee/qolmoutboundsession.cpp b/lib/e2ee/qolmoutboundsession.cpp
index 96bad344..10b0c4de 100644
--- a/lib/e2ee/qolmoutboundsession.cpp
+++ b/lib/e2ee/qolmoutboundsession.cpp
@@ -66,7 +66,7 @@ QOlmExpected<QOlmOutboundGroupSessionPtr> QOlmOutboundGroupSession::unpickle(QBy
     auto *olmOutboundGroupSession = olm_outbound_group_session(new uint8_t[olm_outbound_group_session_size()]);
     QByteArray key = toKey(mode);
     const auto error = olm_unpickle_outbound_group_session(olmOutboundGroupSession, key.data(), key.length(),
-            pickled.data(), pickled.length());
+            pickledBuf.data(), pickledBuf.length());
     if (error == olm_error()) {
         return lastError(olmOutboundGroupSession);
     }
@@ -123,3 +123,23 @@ QOlmExpected<QByteArray> QOlmOutboundGroupSession::sessionKey() const
     }
     return keyBuffer;
 }
+
+int QOlmOutboundGroupSession::messageCount() const
+{
+    return m_messageCount;
+}
+
+void QOlmOutboundGroupSession::setMessageCount(int messageCount)
+{
+    m_messageCount = messageCount;
+}
+
+QDateTime QOlmOutboundGroupSession::creationTime() const
+{
+    return m_creationTime;
+}
+
+void QOlmOutboundGroupSession::setCreationTime(const QDateTime& creationTime)
+{
+    m_creationTime = creationTime;
+}
diff --git a/lib/e2ee/qolmoutboundsession.h b/lib/e2ee/qolmoutboundsession.h
index 8058bbb1..56b25974 100644
--- a/lib/e2ee/qolmoutboundsession.h
+++ b/lib/e2ee/qolmoutboundsession.h
@@ -26,6 +26,7 @@ public:
     //! pickling a `QOlmOutboundGroupSession`.
     static QOlmExpected<QOlmOutboundGroupSessionPtr> unpickle(
         QByteArray& pickled, const PicklingMode& mode);
+
     //! Encrypts a plaintext message using the session.
     QOlmExpected<QByteArray> encrypt(const QString& plaintext);
 
@@ -44,8 +45,16 @@ public:
     //! ratchet key that will be used for the next message.
     QOlmExpected<QByteArray> sessionKey() const;
     QOlmOutboundGroupSession(OlmOutboundGroupSession *groupSession);
+
+    int messageCount() const;
+    void setMessageCount(int messageCount);
+
+    QDateTime creationTime() const;
+    void setCreationTime(const QDateTime& creationTime);
 private:
     OlmOutboundGroupSession *m_groupSession;
+    int m_messageCount = 0;
+    QDateTime m_creationTime = QDateTime::currentDateTime();
 };
 
 } // namespace Quotient
diff --git a/lib/room.cpp b/lib/room.cpp
index e8b63235..9e2bd7dd 100644
--- a/lib/room.cpp
+++ b/lib/room.cpp
@@ -344,7 +344,7 @@ public:
     int currentMegolmSessionMessageCount = 0;
     //TODO save this to database
     unsigned long long currentMegolmSessionCreationTimestamp = 0;
-    std::unique_ptr<QOlmOutboundGroupSession> currentOutboundMegolmSession = nullptr;
+    QOlmOutboundGroupSessionPtr currentOutboundMegolmSession = nullptr;
 
     bool addInboundGroupSession(QString sessionId, QByteArray sessionKey,
                                 const QString& senderId,
@@ -415,7 +415,7 @@ public:
         if (!q->usesEncryption()) {
             return false;
         }
-        return currentMegolmSessionMessageCount >= rotationMessageCount() || (currentMegolmSessionCreationTimestamp + rotationInterval()) < QDateTime::currentMSecsSinceEpoch();
+        return currentOutboundMegolmSession->messageCount() >= rotationMessageCount() || currentOutboundMegolmSession->creationTime().addMSecs(rotationInterval()) < QDateTime::currentDateTime();
     }
 
     bool hasValidMegolmSession() const
@@ -446,9 +446,7 @@ public:
     void createMegolmSession() {
         qCDebug(E2EE) << "Creating new outbound megolm session for room " << q->id();
         currentOutboundMegolmSession = QOlmOutboundGroupSession::create();
-        currentMegolmSessionMessageCount = 0;
-        currentMegolmSessionCreationTimestamp = QDateTime::currentMSecsSinceEpoch();
-        //TODO store megolm session to database
+        connection->saveCurrentOutboundMegolmSession(q, currentOutboundMegolmSession);
     }
 
     std::unique_ptr<EncryptedEvent> payloadForUserDevice(User* user, const QString& device, const QByteArray& sessionId, const QByteArray& sessionKey)
@@ -476,7 +474,7 @@ public:
 
     void sendRoomKeyToDevices(const QByteArray& sessionId, const QByteArray& sessionKey)
     {
-        qWarning() << "Sending room key to devices" << sessionId, sessionKey.toHex();
+        qCDebug(E2EE) << "Sending room key to devices" << sessionId, sessionKey.toHex();
         QHash<QString, QHash<QString, QString>> hash;
         for (const auto& user : q->users()) {
             QHash<QString, QString> u;
@@ -493,7 +491,7 @@ public:
         auto job = connection->callApi<ClaimKeysJob>(hash);
         connect(job, &BaseJob::success, q, [job, this, sessionId, sessionKey](){
             Connection::UsersToDevicesToEvents usersToDevicesToEvents;
-            auto data = job->jsonData();
+            const auto data = job->jsonData();
             for(const auto &user : q->users()) {
                 for(const auto &device : connection->devicesForUser(user)) {
                     const auto recipientCurveKey = connection->curveKeyForUserDevice(user->id(), device);
@@ -527,8 +525,6 @@ public:
         });
     }
 
-    //TODO load outbound megolm sessions from database
-
     void sendMegolmSession() {
         // Save the session to this device
         const auto sessionId = currentOutboundMegolmSession->sessionId();
@@ -577,14 +573,16 @@ Room::Room(Connection* connection, QString id, JoinState initialJoinState)
         }
     });
     d->groupSessions = connection->loadRoomMegolmSessions(this);
-    //TODO load outbound session
+    d->currentOutboundMegolmSession = connection->loadCurrentOutboundMegolmSession(this);
+    if (d->shouldRotateMegolmSession()) {
+        d->currentOutboundMegolmSession = nullptr;
+    }
     connect(this, &Room::userRemoved, this, [this](){
         if (!usesEncryption()) {
             return;
         }
         d->currentOutboundMegolmSession = nullptr;
         qCDebug(E2EE) << "Invalidating current megolm session because user left";
-        //TODO save old session probably
 
     });
 
@@ -2074,6 +2072,8 @@ QString Room::Private::sendEvent(RoomEventPtr&& event)
         //TODO check if we increment the sent message count
         event->setRoomId(id);
         const auto encrypted = currentOutboundMegolmSession->encrypt(QJsonDocument(event->fullJson()).toJson());
+        currentOutboundMegolmSession->setMessageCount(currentOutboundMegolmSession->messageCount() + 1);
+        connection->saveCurrentOutboundMegolmSession(q, currentOutboundMegolmSession);
         if(std::holds_alternative<QOlmError>(encrypted)) {
             //TODO something
             qWarning(E2EE) << "Error encrypting message" << std::get<QOlmError>(encrypted);
@@ -2084,7 +2084,6 @@ QString Room::Private::sendEvent(RoomEventPtr&& event)
         encryptedEvent->setRoomId(id);
         encryptedEvent->setSender(connection->userId());
         event->setTransactionId(encryptedEvent->transactionId());
-        currentMegolmSessionMessageCount++;
         // We show the unencrypted event locally while pending. The echo check will throw the encrypted version out
         addAsPending(std::move(event));
         return doSendEvent(encryptedEvent, true);
-- 
cgit v1.2.3


From 89d8f6c44f86a27df28b1d89a80564fb0d4d89fc Mon Sep 17 00:00:00 2001
From: Tobias Fella <fella@posteo.de>
Date: Mon, 16 May 2022 21:26:14 +0200
Subject: Fix build failures

---
 lib/connection.cpp               | 12 ++++++------
 lib/database.cpp                 | 10 +++++-----
 lib/e2ee/qolmoutboundsession.cpp |  2 +-
 lib/e2ee/qolmoutboundsession.h   |  2 +-
 lib/room.cpp                     | 16 ++++++++--------
 5 files changed, 21 insertions(+), 21 deletions(-)

(limited to 'lib/e2ee/qolmoutboundsession.cpp')

diff --git a/lib/connection.cpp b/lib/connection.cpp
index 82046d53..a5615f64 100644
--- a/lib/connection.cpp
+++ b/lib/connection.cpp
@@ -2251,8 +2251,8 @@ QPair<QOlmMessage::Type, QByteArray> Connection::olmEncryptMessage(User* user, c
     QOlmMessage::Type type = d->olmSessions[curveKey][0]->encryptMessageType();
     auto result = d->olmSessions[curveKey][0]->encrypt(message);
     auto pickle = d->olmSessions[curveKey][0]->pickle(picklingMode());
-    if (std::holds_alternative<QByteArray>(pickle)) {
-        database()->updateOlmSession(curveKey, d->olmSessions[curveKey][0]->sessionId(), std::get<QByteArray>(pickle));
+    if (pickle) {
+        database()->updateOlmSession(curveKey, d->olmSessions[curveKey][0]->sessionId(), *pickle);
     } else {
         qCWarning(E2EE) << "Failed to pickle olm session.";
     }
@@ -2262,12 +2262,12 @@ QPair<QOlmMessage::Type, QByteArray> Connection::olmEncryptMessage(User* user, c
 void Connection::createOlmSession(const QString& theirIdentityKey, const QString& theirOneTimeKey)
 {
     auto session = QOlmSession::createOutboundSession(olmAccount(), theirIdentityKey, theirOneTimeKey);
-    if (std::holds_alternative<QOlmError>(session)) {
-        qCWarning(E2EE) << "Failed to create olm session for " << theirIdentityKey << std::get<QOlmError>(session);
+    if (!session) {
+        qCWarning(E2EE) << "Failed to create olm session for " << theirIdentityKey << session.error();
         return;
     }
-    d->saveSession(std::get<std::unique_ptr<QOlmSession>>(session), theirIdentityKey);
-    d->olmSessions[theirIdentityKey].push_back(std::move(std::get<std::unique_ptr<QOlmSession>>(session)));
+    d->saveSession(**session, theirIdentityKey);
+    d->olmSessions[theirIdentityKey].push_back(std::move(*session));
 }
 
 QOlmOutboundGroupSessionPtr Connection::loadCurrentOutboundMegolmSession(Room* room)
diff --git a/lib/database.cpp b/lib/database.cpp
index d2d33006..87275e1f 100644
--- a/lib/database.cpp
+++ b/lib/database.cpp
@@ -132,7 +132,7 @@ void Database::migrateTo3()
     commit();
 }
 
-void Database::migrateTo3()
+void Database::migrateTo4()
 {
     qCDebug(DATABASE) << "Migrating database to version 4";
     transaction();
@@ -313,7 +313,7 @@ void Database::setOlmSessionLastReceived(const QString& sessionId, const QDateTi
 void Database::saveCurrentOutboundMegolmSession(const QString& roomId, const PicklingMode& picklingMode, const QOlmOutboundGroupSessionPtr& session)
 {
     const auto pickle = session->pickle(picklingMode);
-    if (std::holds_alternative<QByteArray>(pickle)) {
+    if (pickle) {
         auto deleteQuery = prepareQuery(QStringLiteral("DELETE FROM outbound_megolm_sessions WHERE roomId=:roomId AND sessionId=:sessionId;"));
         deleteQuery.bindValue(":roomId", roomId);
         deleteQuery.bindValue(":sessionId", session->sessionId());
@@ -321,7 +321,7 @@ void Database::saveCurrentOutboundMegolmSession(const QString& roomId, const Pic
         auto insertQuery = prepareQuery(QStringLiteral("INSERT INTO outbound_megolm_sessions(roomId, sessionId, pickle, creationTime, messageCount) VALUES(:roomId, :sessionId, :pickle, :creationTime, :messageCount);"));
         insertQuery.bindValue(":roomId", roomId);
         insertQuery.bindValue(":sessionId", session->sessionId());
-        insertQuery.bindValue(":pickle", std::get<QByteArray>(pickle));
+        insertQuery.bindValue(":pickle", pickle.value());
         insertQuery.bindValue(":creationTime", session->creationTime());
         insertQuery.bindValue(":messageCount", session->messageCount());
 
@@ -339,8 +339,8 @@ QOlmOutboundGroupSessionPtr Database::loadCurrentOutboundMegolmSession(const QSt
     execute(query);
     if (query.next()) {
         auto sessionResult = QOlmOutboundGroupSession::unpickle(query.value("pickle").toByteArray(), picklingMode);
-        if (std::holds_alternative<QOlmOutboundGroupSessionPtr>(sessionResult)) {
-            auto session = std::move(std::get<QOlmOutboundGroupSessionPtr>(sessionResult));
+        if (sessionResult) {
+            auto session = std::move(*sessionResult);
             session->setCreationTime(query.value("creationTime").toDateTime());
             session->setMessageCount(query.value("messageCount").toInt());
             return session;
diff --git a/lib/e2ee/qolmoutboundsession.cpp b/lib/e2ee/qolmoutboundsession.cpp
index 10b0c4de..76188d08 100644
--- a/lib/e2ee/qolmoutboundsession.cpp
+++ b/lib/e2ee/qolmoutboundsession.cpp
@@ -60,7 +60,7 @@ QOlmExpected<QByteArray> QOlmOutboundGroupSession::pickle(const PicklingMode &mo
     return pickledBuf;
 }
 
-QOlmExpected<QOlmOutboundGroupSessionPtr> QOlmOutboundGroupSession::unpickle(QByteArray &pickled, const PicklingMode &mode)
+QOlmExpected<QOlmOutboundGroupSessionPtr> QOlmOutboundGroupSession::unpickle(const QByteArray &pickled, const PicklingMode &mode)
 {
     QByteArray pickledBuf = pickled;
     auto *olmOutboundGroupSession = olm_outbound_group_session(new uint8_t[olm_outbound_group_session_size()]);
diff --git a/lib/e2ee/qolmoutboundsession.h b/lib/e2ee/qolmoutboundsession.h
index 56b25974..c20613d3 100644
--- a/lib/e2ee/qolmoutboundsession.h
+++ b/lib/e2ee/qolmoutboundsession.h
@@ -25,7 +25,7 @@ public:
     //! Deserialises from encrypted Base64 that was previously obtained by
     //! pickling a `QOlmOutboundGroupSession`.
     static QOlmExpected<QOlmOutboundGroupSessionPtr> unpickle(
-        QByteArray& pickled, const PicklingMode& mode);
+        const QByteArray& pickled, const PicklingMode& mode);
 
     //! Encrypts a plaintext message using the session.
     QOlmExpected<QByteArray> encrypt(const QString& plaintext);
diff --git a/lib/room.cpp b/lib/room.cpp
index 35de59ed..d77bf9ef 100644
--- a/lib/room.cpp
+++ b/lib/room.cpp
@@ -448,11 +448,11 @@ public:
         connection->saveCurrentOutboundMegolmSession(q, currentOutboundMegolmSession);
 
         const auto sessionKey = currentOutboundMegolmSession->sessionKey();
-        if(std::holds_alternative<QOlmError>(sessionKey)) {
+        if(!sessionKey) {
             qCWarning(E2EE) << "Failed to load key for new megolm session";
             return;
         }
-        addInboundGroupSession(currentOutboundMegolmSession->sessionId(), std::get<QByteArray>(sessionKey), q->localUser()->id(), "SELF"_ls);
+        addInboundGroupSession(currentOutboundMegolmSession->sessionId(), *sessionKey, q->localUser()->id(), "SELF"_ls);
     }
 
     std::unique_ptr<EncryptedEvent> payloadForUserDevice(User* user, const QString& device, const QByteArray& sessionId, const QByteArray& sessionKey)
@@ -526,7 +526,7 @@ public:
                         signedData.remove("unsigned");
                         signedData.remove("signatures");
                         auto signatureMatch = QOlmUtility().ed25519Verify(connection->edKeyForUserDevice(user->id(), device).toLatin1(), QJsonDocument(signedData).toJson(QJsonDocument::Compact), signature);
-                        if (std::holds_alternative<QOlmError>(signatureMatch)) {
+                        if (!signatureMatch) {
                             qCWarning(E2EE) << "Failed to verify one-time-key signature for" << user->id() << device << ". Skipping this device.";
                             continue;
                         } else {
@@ -547,11 +547,11 @@ public:
         // Save the session to this device
         const auto sessionId = currentOutboundMegolmSession->sessionId();
         const auto _sessionKey = currentOutboundMegolmSession->sessionKey();
-        if(std::holds_alternative<QOlmError>(_sessionKey)) {
+        if(!_sessionKey) {
             qCWarning(E2EE) << "Error loading session key";
             return;
         }
-        const auto sessionKey = std::get<QByteArray>(_sessionKey);
+        const auto sessionKey = *_sessionKey;
         const auto senderKey = q->connection()->olmAccount()->identityKeys().curve25519;
 
         // Send the session to other people
@@ -2101,11 +2101,11 @@ QString Room::Private::doSendEvent(const RoomEvent* pEvent)
         const auto encrypted = currentOutboundMegolmSession->encrypt(QJsonDocument(pEvent->fullJson()).toJson());
         currentOutboundMegolmSession->setMessageCount(currentOutboundMegolmSession->messageCount() + 1);
         connection->saveCurrentOutboundMegolmSession(q, currentOutboundMegolmSession);
-        if(std::holds_alternative<QOlmError>(encrypted)) {
-            qWarning(E2EE) << "Error encrypting message" << std::get<QOlmError>(encrypted);
+        if(!encrypted) {
+            qWarning(E2EE) << "Error encrypting message" << encrypted.error();
             return {};
         }
-        auto encryptedEvent = new EncryptedEvent(std::get<QByteArray>(encrypted), q->connection()->olmAccount()->identityKeys().curve25519, q->connection()->deviceId(), currentOutboundMegolmSession->sessionId());
+        auto encryptedEvent = new EncryptedEvent(*encrypted, q->connection()->olmAccount()->identityKeys().curve25519, q->connection()->deviceId(), currentOutboundMegolmSession->sessionId());
         encryptedEvent->setTransactionId(connection->generateTxnId());
         encryptedEvent->setRoomId(id);
         encryptedEvent->setSender(connection->userId());
-- 
cgit v1.2.3


From 64797165f04a16d290dd27c2f962060b40f85be3 Mon Sep 17 00:00:00 2001
From: Alexey Rusakov <Kitsune-Ral@users.sf.net>
Date: Wed, 25 May 2022 22:48:53 +0200
Subject: Refactor creation of Megolm sessions in Room

Notably, replace a multi-level hash map with QMultiHash and factor out
Room::P::createOlmSession().
---
 lib/connection.cpp               |  14 ++--
 lib/connection.h                 |   8 +-
 lib/database.cpp                 |  21 ++++--
 lib/database.h                   |  42 ++++++++---
 lib/e2ee/qolmoutboundsession.cpp |   4 +-
 lib/e2ee/qolmoutboundsession.h   |   4 +-
 lib/room.cpp                     | 156 +++++++++++++++++++++++----------------
 7 files changed, 151 insertions(+), 98 deletions(-)

(limited to 'lib/e2ee/qolmoutboundsession.cpp')

diff --git a/lib/connection.cpp b/lib/connection.cpp
index 8fd2d6cf..1193eb75 100644
--- a/lib/connection.cpp
+++ b/lib/connection.cpp
@@ -2187,7 +2187,7 @@ QJsonObject Connection::decryptNotification(const QJsonObject &notification)
     return decrypted ? decrypted->fullJson() : QJsonObject();
 }
 
-Database* Connection::database()
+Database* Connection::database() const
 {
     return d->database;
 }
@@ -2271,14 +2271,18 @@ void Connection::createOlmSession(const QString& theirIdentityKey,
     d->olmSessions[theirIdentityKey].push_back(std::move(*session));
 }
 
-QOlmOutboundGroupSessionPtr Connection::loadCurrentOutboundMegolmSession(Room* room)
+QOlmOutboundGroupSessionPtr Connection::loadCurrentOutboundMegolmSession(
+    const QString& roomId) const
 {
-    return d->database->loadCurrentOutboundMegolmSession(room->id(), d->picklingMode);
+    return d->database->loadCurrentOutboundMegolmSession(roomId,
+                                                         d->picklingMode);
 }
 
-void Connection::saveCurrentOutboundMegolmSession(Room *room, const QOlmOutboundGroupSessionPtr& data)
+void Connection::saveCurrentOutboundMegolmSession(
+    const QString& roomId, const QOlmOutboundGroupSession& session) const
 {
-    d->database->saveCurrentOutboundMegolmSession(room->id(), d->picklingMode, data);
+    d->database->saveCurrentOutboundMegolmSession(roomId, d->picklingMode,
+                                                  session);
 }
 
 #endif
diff --git a/lib/connection.h b/lib/connection.h
index 43e285c1..a2824744 100644
--- a/lib/connection.h
+++ b/lib/connection.h
@@ -318,16 +318,16 @@ public:
     bool isLoggedIn() const;
 #ifdef Quotient_E2EE_ENABLED
     QOlmAccount* olmAccount() const;
-    Database* database();
+    Database* database() const;
     UnorderedMap<QString, QOlmInboundGroupSessionPtr> loadRoomMegolmSessions(
         const Room* room);
     void saveMegolmSession(const Room* room,
                            const QOlmInboundGroupSession& session);
     bool hasOlmSession(const QString& user, const QString& deviceId) const;
 
-    QOlmOutboundGroupSessionPtr loadCurrentOutboundMegolmSession(Room* room);
-    void saveCurrentOutboundMegolmSession(Room *room, const QOlmOutboundGroupSessionPtr& data);
-
+    QOlmOutboundGroupSessionPtr loadCurrentOutboundMegolmSession(
+        const QString& roomId) const;
+    void saveCurrentOutboundMegolmSession(const QString& roomId, const QOlmOutboundGroupSession &session) const;
 
     //This assumes that an olm session with (user, device) exists
     std::pair<QOlmMessage::Type, QByteArray> olmEncryptMessage(
diff --git a/lib/database.cpp b/lib/database.cpp
index 0119b35c..193ff54e 100644
--- a/lib/database.cpp
+++ b/lib/database.cpp
@@ -307,20 +307,22 @@ void Database::setOlmSessionLastReceived(const QString& sessionId, const QDateTi
     commit();
 }
 
-void Database::saveCurrentOutboundMegolmSession(const QString& roomId, const PicklingMode& picklingMode, const QOlmOutboundGroupSessionPtr& session)
+void Database::saveCurrentOutboundMegolmSession(
+    const QString& roomId, const PicklingMode& picklingMode,
+    const QOlmOutboundGroupSession& session)
 {
-    const auto pickle = session->pickle(picklingMode);
+    const auto pickle = session.pickle(picklingMode);
     if (pickle) {
         auto deleteQuery = prepareQuery(QStringLiteral("DELETE FROM outbound_megolm_sessions WHERE roomId=:roomId AND sessionId=:sessionId;"));
         deleteQuery.bindValue(":roomId", roomId);
-        deleteQuery.bindValue(":sessionId", session->sessionId());
+        deleteQuery.bindValue(":sessionId", session.sessionId());
 
         auto insertQuery = prepareQuery(QStringLiteral("INSERT INTO outbound_megolm_sessions(roomId, sessionId, pickle, creationTime, messageCount) VALUES(:roomId, :sessionId, :pickle, :creationTime, :messageCount);"));
         insertQuery.bindValue(":roomId", roomId);
-        insertQuery.bindValue(":sessionId", session->sessionId());
+        insertQuery.bindValue(":sessionId", session.sessionId());
         insertQuery.bindValue(":pickle", pickle.value());
-        insertQuery.bindValue(":creationTime", session->creationTime());
-        insertQuery.bindValue(":messageCount", session->messageCount());
+        insertQuery.bindValue(":creationTime", session.creationTime());
+        insertQuery.bindValue(":messageCount", session.messageCount());
 
         transaction();
         execute(deleteQuery);
@@ -362,7 +364,9 @@ void Database::setDevicesReceivedKey(const QString& roomId, const QVector<std::t
     commit();
 }
 
-QHash<QString, QStringList> Database::devicesWithoutKey(const QString& roomId, QHash<QString, QStringList>& devices, const QString &sessionId)
+QMultiHash<QString, QString> Database::devicesWithoutKey(
+    const QString& roomId, QMultiHash<QString, QString> devices,
+    const QString& sessionId)
 {
     auto query = prepareQuery(QStringLiteral("SELECT userId, deviceId FROM sent_megolm_sessions WHERE roomId=:roomId AND sessionId=:sessionId"));
     query.bindValue(":roomId", roomId);
@@ -371,7 +375,8 @@ QHash<QString, QStringList> Database::devicesWithoutKey(const QString& roomId, Q
     execute(query);
     commit();
     while (query.next()) {
-        devices[query.value("userId").toString()].removeAll(query.value("deviceId").toString());
+        devices.remove(query.value("userId").toString(),
+                       query.value("deviceId").toString());
     }
     return devices;
 }
diff --git a/lib/database.h b/lib/database.h
index 45348c8d..4091d61b 100644
--- a/lib/database.h
+++ b/lib/database.h
@@ -32,22 +32,40 @@ public:
     QByteArray accountPickle();
     void setAccountPickle(const QByteArray &pickle);
     void clear();
-    void saveOlmSession(const QString& senderKey, const QString& sessionId, const QByteArray& pickle, const QDateTime& timestamp);
-    UnorderedMap<QString, std::vector<QOlmSessionPtr>> loadOlmSessions(const PicklingMode& picklingMode);
-    UnorderedMap<QString, QOlmInboundGroupSessionPtr> loadMegolmSessions(const QString& roomId, const PicklingMode& picklingMode);
-    void saveMegolmSession(const QString& roomId, const QString& sessionId, const QByteArray& pickle, const QString& senderId, const QString& olmSessionId);
-    void addGroupSessionIndexRecord(const QString& roomId, const QString& sessionId, uint32_t index, const QString& eventId, qint64 ts);
-    std::pair<QString, qint64> groupSessionIndexRecord(const QString& roomId, const QString& sessionId, qint64 index);
+    void saveOlmSession(const QString& senderKey, const QString& sessionId,
+                        const QByteArray& pickle, const QDateTime& timestamp);
+    UnorderedMap<QString, std::vector<QOlmSessionPtr>> loadOlmSessions(
+        const PicklingMode& picklingMode);
+    UnorderedMap<QString, QOlmInboundGroupSessionPtr> loadMegolmSessions(
+        const QString& roomId, const PicklingMode& picklingMode);
+    void saveMegolmSession(const QString& roomId, const QString& sessionId,
+                           const QByteArray& pickle, const QString& senderId,
+                           const QString& olmSessionId);
+    void addGroupSessionIndexRecord(const QString& roomId,
+                                    const QString& sessionId, uint32_t index,
+                                    const QString& eventId, qint64 ts);
+    std::pair<QString, qint64> groupSessionIndexRecord(const QString& roomId,
+                                                       const QString& sessionId,
+                                                       qint64 index);
     void clearRoomData(const QString& roomId);
-    void setOlmSessionLastReceived(const QString& sessionId, const QDateTime& timestamp);
-    QOlmOutboundGroupSessionPtr loadCurrentOutboundMegolmSession(const QString& roomId, const PicklingMode& picklingMode);
-    void saveCurrentOutboundMegolmSession(const QString& roomId, const PicklingMode& picklingMode, const QOlmOutboundGroupSessionPtr& data);
-    void updateOlmSession(const QString& senderKey, const QString& sessionId, const QByteArray& pickle);
+    void setOlmSessionLastReceived(const QString& sessionId,
+                                   const QDateTime& timestamp);
+    QOlmOutboundGroupSessionPtr loadCurrentOutboundMegolmSession(
+        const QString& roomId, const PicklingMode& picklingMode);
+    void saveCurrentOutboundMegolmSession(
+        const QString& roomId, const PicklingMode& picklingMode,
+        const QOlmOutboundGroupSession& session);
+    void updateOlmSession(const QString& senderKey, const QString& sessionId,
+                          const QByteArray& pickle);
 
     // Returns a map UserId -> [DeviceId] that have not received key yet
-    QHash<QString, QStringList> devicesWithoutKey(const QString& roomId, QHash<QString, QStringList>& devices, const QString &sessionId);
+    QMultiHash<QString, QString> devicesWithoutKey(const QString& roomId, QMultiHash<QString, QString> devices,
+        const QString& sessionId);
     // 'devices' contains tuples {userId, deviceId, curveKey}
-    void setDevicesReceivedKey(const QString& roomId, const QVector<std::tuple<QString, QString, QString>>& devices, const QString& sessionId, int index);
+    void setDevicesReceivedKey(
+        const QString& roomId,
+        const QVector<std::tuple<QString, QString, QString>>& devices,
+        const QString& sessionId, int index);
 
 private:
     void migrateTo1();
diff --git a/lib/e2ee/qolmoutboundsession.cpp b/lib/e2ee/qolmoutboundsession.cpp
index 76188d08..a2eff2c8 100644
--- a/lib/e2ee/qolmoutboundsession.cpp
+++ b/lib/e2ee/qolmoutboundsession.cpp
@@ -44,7 +44,7 @@ QOlmOutboundGroupSessionPtr QOlmOutboundGroupSession::create()
     return std::make_unique<QOlmOutboundGroupSession>(olmOutboundGroupSession);
 }
 
-QOlmExpected<QByteArray> QOlmOutboundGroupSession::pickle(const PicklingMode &mode)
+QOlmExpected<QByteArray> QOlmOutboundGroupSession::pickle(const PicklingMode &mode) const
 {
     QByteArray pickledBuf(olm_pickle_outbound_group_session_length(m_groupSession), '0');
     QByteArray key = toKey(mode);
@@ -79,7 +79,7 @@ QOlmExpected<QOlmOutboundGroupSessionPtr> QOlmOutboundGroupSession::unpickle(con
     return std::make_unique<QOlmOutboundGroupSession>(olmOutboundGroupSession);
 }
 
-QOlmExpected<QByteArray> QOlmOutboundGroupSession::encrypt(const QString &plaintext)
+QOlmExpected<QByteArray> QOlmOutboundGroupSession::encrypt(const QString &plaintext) const
 {
     QByteArray plaintextBuf = plaintext.toUtf8();
     const auto messageMaxLength = olm_group_encrypt_message_length(m_groupSession, plaintextBuf.length());
diff --git a/lib/e2ee/qolmoutboundsession.h b/lib/e2ee/qolmoutboundsession.h
index c20613d3..9a82d22a 100644
--- a/lib/e2ee/qolmoutboundsession.h
+++ b/lib/e2ee/qolmoutboundsession.h
@@ -21,14 +21,14 @@ public:
     //! Throw OlmError on errors
     static QOlmOutboundGroupSessionPtr create();
     //! Serialises a `QOlmOutboundGroupSession` to encrypted Base64.
-    QOlmExpected<QByteArray> pickle(const PicklingMode &mode);
+    QOlmExpected<QByteArray> pickle(const PicklingMode &mode) const;
     //! Deserialises from encrypted Base64 that was previously obtained by
     //! pickling a `QOlmOutboundGroupSession`.
     static QOlmExpected<QOlmOutboundGroupSessionPtr> unpickle(
         const QByteArray& pickled, const PicklingMode& mode);
 
     //! Encrypts a plaintext message using the session.
-    QOlmExpected<QByteArray> encrypt(const QString& plaintext);
+    QOlmExpected<QByteArray> encrypt(const QString& plaintext) const;
 
     //! Get the current message index for this session.
     //!
diff --git a/lib/room.cpp b/lib/room.cpp
index 26fe80e3..07d03467 100644
--- a/lib/room.cpp
+++ b/lib/room.cpp
@@ -443,9 +443,11 @@ public:
         return q->getCurrentState<EncryptionEvent>()->rotationPeriodMsgs();
     }
     void createMegolmSession() {
-        qCDebug(E2EE) << "Creating new outbound megolm session for room " << q->id();
+        qCDebug(E2EE) << "Creating new outbound megolm session for room "
+                      << q->objectName();
         currentOutboundMegolmSession = QOlmOutboundGroupSession::create();
-        connection->saveCurrentOutboundMegolmSession(q, currentOutboundMegolmSession);
+        connection->saveCurrentOutboundMegolmSession(
+            id, *currentOutboundMegolmSession);
 
         const auto sessionKey = currentOutboundMegolmSession->sessionKey();
         if(!sessionKey) {
@@ -477,90 +479,113 @@ public:
         return makeEvent<EncryptedEvent>(encrypted, connection->olmAccount()->identityKeys().curve25519);
     }
 
-    QHash<QString, QStringList> getDevicesWithoutKey() const
+    QMultiHash<QString, QString> getDevicesWithoutKey() const
     {
-        QHash<QString, QStringList> devices;
-        for (const auto& user : q->users()) {
-            devices[user->id()] = q->connection()->devicesForUser(user->id());
+        QMultiHash<QString, QString> devices;
+        for (const auto& user : q->users())
+            for (const auto& deviceId : connection->devicesForUser(user->id()))
+                devices.insert(user->id(), deviceId);
+
+        return connection->database()->devicesWithoutKey(
+            id, devices, currentOutboundMegolmSession->sessionId());
+    }
+
+    bool createOlmSession(const QString& user, const QString& device,
+                          const QJsonObject& oneTimeKeyObject) const
+    {
+        static QOlmUtility verifier;
+        qDebug(E2EE) << "Creating a new session for" << user << device;
+        if (oneTimeKeyObject.isEmpty()) {
+            qWarning(E2EE) << "No one time key for" << user << device;
+            return false;
         }
-        return q->connection()->database()->devicesWithoutKey(q->id(), devices, QString(currentOutboundMegolmSession->sessionId()));
+        const auto oneTimeKeyForId = *oneTimeKeyObject.constBegin();
+        const auto signature =
+            oneTimeKeyForId["signatures"][user]["ed25519:"_ls % device]
+                .toString()
+                .toLatin1();
+        auto signedObject = oneTimeKeyForId.toObject();
+        signedObject.remove("unsigned"_ls);
+        signedObject.remove("signatures"_ls);
+        const auto signedData =
+            QJsonDocument(signedObject).toJson(QJsonDocument::Compact);
+        if (!verifier.ed25519Verify(
+                connection->edKeyForUserDevice(user, device).toLatin1(),
+                signedData, signature)) {
+            qWarning(E2EE) << "Failed to verify one-time-key signature for"
+                           << user << device << ". Skipping this device.";
+            return false;
+        }
+        const auto recipientCurveKey =
+            connection->curveKeyForUserDevice(user, device);
+        connection->createOlmSession(recipientCurveKey,
+                                     oneTimeKeyForId["key"].toString());
+        return true;
     }
 
-    void sendRoomKeyToDevices(const QByteArray& sessionId, const QByteArray& sessionKey, const QHash<QString, QStringList> devices, int index)
+    void sendRoomKeyToDevices(const QByteArray& sessionId,
+                              const QByteArray& sessionKey,
+                              const QMultiHash<QString, QString>& devices,
+                              int index)
     {
-        qCDebug(E2EE) << "Sending room key to devices" << sessionId, sessionKey.toHex();
+        qDebug(E2EE) << "Sending room key to devices:" << sessionId
+                     << sessionKey.toHex();
         QHash<QString, QHash<QString, QString>> hash;
-        for (const auto& user : devices.keys()) {
-            QHash<QString, QString> u;
-            for(const auto &device : devices[user]) {
-                if (!connection->hasOlmSession(user, device)) {
-                    u[device] = "signed_curve25519"_ls;
-                    qCDebug(E2EE) << "Adding" << user << device << "to keys to claim";
-                }
+        for (const auto& [userId, deviceId] : asKeyValueRange(devices))
+            if (!connection->hasOlmSession(userId, deviceId)) {
+                hash[userId].insert(deviceId, "signed_curve25519"_ls);
+                qDebug(E2EE)
+                    << "Adding" << userId << deviceId << "to keys to claim";
             }
-            if (!u.isEmpty()) {
-                hash[user] = u;
-            }
-        }
-        if (hash.isEmpty()) {
+
+        if (hash.isEmpty())
             return;
-        }
+
         auto job = connection->callApi<ClaimKeysJob>(hash);
-        connect(job, &BaseJob::success, q, [job, this, sessionId, sessionKey, devices, index](){
+        connect(job, &BaseJob::success, q,
+                [job, this, sessionId, sessionKey, devices, index] {
             Connection::UsersToDevicesToEvents usersToDevicesToEvents;
             const auto data = job->jsonData();
-            for(const auto &user : devices.keys()) {
-                for(const auto &device : devices[user]) {
-                    const auto recipientCurveKey = connection->curveKeyForUserDevice(user, device);
-                    if (!connection->hasOlmSession(user, device)) {
-                        qCDebug(E2EE) << "Creating a new session for" << user << device;
-                        if(data["one_time_keys"][user][device].toObject().isEmpty()) {
-                            qWarning() << "No one time key for" << user << device;
-                            continue;
-                        }
-                        const auto keyId = data["one_time_keys"][user][device].toObject().keys()[0];
-                        const auto oneTimeKey = data["one_time_keys"][user][device][keyId]["key"].toString();
-                        const auto signature = data["one_time_keys"][user][device][keyId]["signatures"][user][QStringLiteral("ed25519:") + device].toString().toLatin1();
-                        auto signedData = data["one_time_keys"][user][device][keyId].toObject();
-                        signedData.remove("unsigned");
-                        signedData.remove("signatures");
-                        auto signatureMatch = QOlmUtility().ed25519Verify(connection->edKeyForUserDevice(user, device).toLatin1(), QJsonDocument(signedData).toJson(QJsonDocument::Compact), signature);
-                        if (!signatureMatch) {
-                            qCWarning(E2EE) << "Failed to verify one-time-key signature for" << user << device << ". Skipping this device.";
-                            continue;
-                        } else {
-                        }
-                        connection->createOlmSession(recipientCurveKey, oneTimeKey);
-                    }
-                    usersToDevicesToEvents[user][device] = payloadForUserDevice(user, device, sessionId, sessionKey);
-                }
+            for (const auto& [user, device] : asKeyValueRange(devices)) {
+                if (!connection->hasOlmSession(user, device)
+                    && !createOlmSession(
+                        user, device,
+                        data["one_time_keys"][user][device].toObject()))
+                    continue;
+
+                usersToDevicesToEvents[user][device] =
+                    payloadForUserDevice(user, device, sessionId,
+                                         sessionKey);
             }
             if (!usersToDevicesToEvents.empty()) {
-                connection->sendToDevices("m.room.encrypted", usersToDevicesToEvents);
+                connection->sendToDevices("m.room.encrypted"_ls,
+                                          usersToDevicesToEvents);
                 QVector<std::tuple<QString, QString, QString>> receivedDevices;
-                for (const auto& user : devices.keys()) {
-                    for (const auto& device : devices[user]) {
-                        receivedDevices += {user, device, q->connection()->curveKeyForUserDevice(user, device) };
-                    }
-                }
-                connection->database()->setDevicesReceivedKey(q->id(), receivedDevices, sessionId, index);
+                receivedDevices.reserve(devices.size());
+                for (const auto& [user, device] : asKeyValueRange(devices))
+                    receivedDevices.push_back(
+                        { user, device,
+                          connection->curveKeyForUserDevice(user, device) });
+
+                connection->database()->setDevicesReceivedKey(id,
+                                                              receivedDevices,
+                                                              sessionId, index);
             }
         });
     }
 
-    void sendMegolmSession(const QHash<QString, QStringList>& devices) {
+    void sendMegolmSession(const QMultiHash<QString, QString>& devices) {
         // Save the session to this device
         const auto sessionId = currentOutboundMegolmSession->sessionId();
-        const auto _sessionKey = currentOutboundMegolmSession->sessionKey();
-        if(!_sessionKey) {
+        const auto sessionKey = currentOutboundMegolmSession->sessionKey();
+        if(!sessionKey) {
             qCWarning(E2EE) << "Error loading session key";
             return;
         }
-        const auto sessionKey = *_sessionKey;
-        const auto senderKey = q->connection()->olmAccount()->identityKeys().curve25519;
 
         // Send the session to other people
-        sendRoomKeyToDevices(sessionId, sessionKey, devices, currentOutboundMegolmSession->sessionMessageIndex());
+        sendRoomKeyToDevices(sessionId, *sessionKey, devices,
+                             currentOutboundMegolmSession->sessionMessageIndex());
     }
 
 #endif // Quotient_E2EE_ENABLED
@@ -592,7 +617,8 @@ Room::Room(Connection* connection, QString id, JoinState initialJoinState)
         }
     });
     d->groupSessions = connection->loadRoomMegolmSessions(this);
-    d->currentOutboundMegolmSession = connection->loadCurrentOutboundMegolmSession(this);
+    d->currentOutboundMegolmSession =
+        connection->loadCurrentOutboundMegolmSession(this->id());
     if (d->shouldRotateMegolmSession()) {
         d->currentOutboundMegolmSession = nullptr;
     }
@@ -2101,12 +2127,12 @@ QString Room::Private::doSendEvent(const RoomEvent* pEvent)
         if (!hasValidMegolmSession() || shouldRotateMegolmSession()) {
             createMegolmSession();
         }
-        const auto devicesWithoutKey = getDevicesWithoutKey();
-        sendMegolmSession(devicesWithoutKey);
+        sendMegolmSession(getDevicesWithoutKey());
 
         const auto encrypted = currentOutboundMegolmSession->encrypt(QJsonDocument(pEvent->fullJson()).toJson());
         currentOutboundMegolmSession->setMessageCount(currentOutboundMegolmSession->messageCount() + 1);
-        connection->saveCurrentOutboundMegolmSession(q, currentOutboundMegolmSession);
+        connection->saveCurrentOutboundMegolmSession(
+            id, *currentOutboundMegolmSession);
         if(!encrypted) {
             qWarning(E2EE) << "Error encrypting message" << encrypted.error();
             return {};
-- 
cgit v1.2.3