tests: Add integration test for key rotation on member leave.

Signed-off-by: Skye Elliot <[email protected]>

Author: kaylendog

testing/matrix-sdk-integration-testing/src/tests/e2ee/shared_history.rs

@@ -37,6 +37,7 @@ use matrix_sdk_ui::{
     },
 };
 use similar_asserts::assert_eq;
+use tempfile::tempdir;
 use tracing::{Instrument, info};
 
 use crate::{
@@ -1127,6 +1128,137 @@ async fn test_history_share_on_invite_respects_history_visibility() -> Result<()
     Ok(())
 }
 
+/// Test that when a user leaves a room that uses history sharing, the room key
+/// is rotated so they cannot decrypt future messages.
+#[tokio::test(flavor = "multi_thread", worker_threads = 4)]
+async fn test_history_sharing_room_key_rotation() -> Result<()> {
+    let alice_span = tracing::info_span!("alice");
+    let bob_span = tracing::info_span!("bob");
+    let charlie_span = tracing::info_span!("charlie");
+
+    let alice =
+        create_encryption_enabled_client("alice", false).instrument(alice_span.clone()).await?;
+    let bob = create_encryption_enabled_client("bob", false).instrument(bob_span.clone()).await?;
+
+    // We create Charlie's client manually to allow us to recreate their client
+    // later.
+    let charlie_sqlite_dir = tempdir().unwrap();
+    let charlie = SyncTokenAwareClient::new(
+        TestClientBuilder::new("charlie")
+            .use_sqlite_dir(charlie_sqlite_dir.path())
+            .encryption_settings(EncryptionSettings {
+                auto_enable_cross_signing: true,
+                ..Default::default()
+            })
+            .enable_share_history_on_invite(true)
+            .build()
+            .await?,
+    );
+
+    // 1. Alice creates a room with `shared` history visibility and invites Bob.
+    let alice_room = alice
+        .create_room(assign!(CreateRoomRequest::new(), {
+            preset: Some(RoomPreset::PublicChat),
+        }))
+        .instrument(alice_span.clone())
+        .await?;
+    alice_room.enable_encryption().instrument(alice_span.clone()).await?;
+
+    // Allow regular users to send invites so Bob can invite Charlie.
+    alice.sync_once().instrument(alice_span.clone()).await?;
+    alice_room
+        .apply_power_level_changes(RoomPowerLevelChanges { invite: Some(0), ..Default::default() })
+        .instrument(alice_span.clone())
+        .await?;
+
+    alice_room.invite_user_by_id(bob.user_id().unwrap()).instrument(alice_span.clone()).await?;
+
+    bob.sync_once().instrument(bob_span.clone()).await?;
+    let bob_room = bob.join_room_by_id(alice_room.room_id()).instrument(bob_span.clone()).await?;
+
+    alice.sync_once().instrument(alice_span.clone()).await?;
+
+    // 2. Alice sends message A, which Charlie should be able to read later as Bob
+    //    will send them a key bundle.
+    let event_id_a = alice_room
+        .send(RoomMessageEventContent::text_plain("Charlie is cool!"))
+        .into_future()
+        .instrument(alice_span.clone())
+        .await?
+        .response
+        .event_id;
+
+    // 3. Bob invites Charlie; Charlie joins and receives message A via the bundle.
+    bob.sync_once().instrument(bob_span.clone()).await?;
+    bob_room.invite_user_by_id(charlie.user_id().unwrap()).instrument(bob_span.clone()).await?;
+
+    let sync_response = charlie.sync_once().instrument(charlie_span.clone()).await?;
+    assert_received_room_key_bundle(sync_response);
+
+    let charlie_room =
+        charlie.join_room_by_id(alice_room.room_id()).instrument(charlie_span.clone()).await?;
+
+    charlie.sync_once().instrument(charlie_span.clone()).await?;
+
+    // Sanity check: Charlie can decrypt message A via the bundle.
+    let event_a = charlie_room.event(&event_id_a, None).instrument(charlie_span.clone()).await?;
+    assert!(
+        event_a.encryption_info().is_some(),
+        "Charlie should be able to decrypt message A via the key bundle"
+    );
+
+    // 4. Charlie leaves the room.
+    charlie_room.leave().instrument(charlie_span.clone()).await?;
+
+    // Alice syncs to learn about Charlie's departure, which should trigger key
+    // rotation.
+    alice.sync_once().instrument(alice_span.clone()).await?;
+
+    // 5. Alice sends message B. Because key rotation should have been performed,
+    //    this should be using a fresh session that hasn't been shared with Charlie.
+    let event_id_b = alice_room
+        .send(RoomMessageEventContent::text_plain("Charlie is mean!"))
+        .into_future()
+        .instrument(alice_span.clone())
+        .await?
+        .response
+        .event_id;
+
+    // 6. We re-create Charlie, since we can't disable history sharing on an
+    //    existing client.
+    let charlie = SyncTokenAwareClient::new(
+        TestClientBuilder::new("charlie")
+            .use_sqlite_dir(charlie_sqlite_dir.path())
+            .encryption_settings(EncryptionSettings {
+                auto_enable_cross_signing: true,
+                ..Default::default()
+            })
+            // Explicitly disable history sharing so we test only against keys received
+            // in the first key bundle.
+            .enable_share_history_on_invite(false)
+            .duplicate(&*charlie)
+            .await?,
+    );
+
+    // 7. Bob re-invites Charlie to the room, who joins.
+    bob.sync_once().instrument(bob_span.clone()).await?;
+    bob_room.invite_user_by_id(charlie.user_id().unwrap()).instrument(bob_span.clone()).await?;
+
+    charlie.sync_once().instrument(charlie_span.clone()).await?;
+    let charlie_room =
+        charlie.join_room_by_id(alice_room.room_id()).instrument(charlie_span.clone()).await?;
+
+    // 8. Charlie attempts to decrypt message B. He should not be able to, because
+    //    the session was rotated after he left the room.
+    let event_b = charlie_room.event(&event_id_b, None).instrument(charlie_span.clone()).await?;
+    assert!(
+        event_b.encryption_info().is_none(),
+        "Charlie should not be able to decrypt message B after being re-invited"
+    );
+
+    Ok(())
+}
+
 /// Creates a new encryption-enabled client with the given username and
 /// settings.
 ///