fix: republish caller E2EE key as shared key, fallback to no-E2EE
Bot now publishes the same key as the caller so both sides can decrypt. Falls back to no-encryption if no caller key received. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Christian Gick
17
bot.py
17
bot.py
@@ -448,14 +448,12 @@ class Bot:
|
||||
model = self.room_models.get(room_id, DEFAULT_MODEL)
|
||||
caller_device_id = content.get("device_id", "")
|
||||
|
||||
# Generate our E2EE key and publish it as a timeline event FIRST.
|
||||
# Element Call only shares its key after seeing ours.
|
||||
# Publish a placeholder key first to trigger Element Call
|
||||
# to share its key with us. We'll republish the real shared
|
||||
# key once we receive the caller's key.
|
||||
import secrets
|
||||
our_key = secrets.token_bytes(32)
|
||||
await self._publish_encryption_key(room_id, our_key)
|
||||
|
||||
# Now check timeline for caller's key (they may have published before us)
|
||||
caller_key = await self._get_call_encryption_key(room_id, event.sender, caller_device_id)
|
||||
placeholder_key = secrets.token_bytes(16)
|
||||
await self._publish_encryption_key(room_id, placeholder_key)
|
||||
|
||||
vs = VoiceSession(
|
||||
nio_client=self.client,
|
||||
@@ -463,7 +461,12 @@ class Bot:
|
||||
device_id=BOT_DEVICE_ID,
|
||||
lk_url=LK_URL,
|
||||
model=model,
|
||||
publish_key_cb=lambda key: asyncio.ensure_future(
|
||||
self._publish_encryption_key(room_id, key)),
|
||||
)
|
||||
|
||||
# Check timeline for caller's key
|
||||
caller_key = await self._get_call_encryption_key(room_id, event.sender, caller_device_id)
|
||||
if caller_key:
|
||||
vs.on_encryption_key(event.sender, caller_device_id, caller_key, 0)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user