christian/matrix-ai-agent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(e2ee): patch Rust FFI HKDF to match Element Call JS SDK parameters

Browse Source 
EC JS SDK uses: salt=Uint8Array(8), info=encode("LKFrameEncryptionKey")
Rust FFI used: salt=ratchet_salt, info=[0u8;128]

The salt and info parameters were swapped, causing DEC_FAILED on every
call. This patch fixes the Rust HKDF derivation in the Dockerfile
before cargo build.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Christian Gick
2026-02-22 21:14:31 +02:00
parent 220ad6cced
commit 62be6b91d6
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Dockerfile
View File

@@ -10,6 +10,17 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
WORKDIR /build WORKDIR /build
RUN git clone --branch EC-compat-changes --depth 1 --recurse-submodules \ RUN git clone --branch EC-compat-changes --depth 1 --recurse-submodules \
https://github.com/onestacked/livekit-rust-sdks.git https://github.com/onestacked/livekit-rust-sdks.git
WORKDIR /build/livekit-rust-sdks
# Patch HKDF to match Element Call JS SDK parameters.
# EC JS: salt=Uint8Array(8) (8 zero bytes), info=encode("LKFrameEncryptionKey")
# Rust fork: salt=ratchet_salt ("LKFrameEncryptionKey"), info=[0u8;128]
# Fix: use 8 zero bytes as HKDF salt, use the callback's salt param as HKDF info.
RUN find . -name '*.rs' -path '*/e2ee*' -exec grep -l 'hkdf.*expand' {} \; | head -1 | \
xargs -I{} sh -c 'echo "Patching HKDF in: {}"; \
sed -i "s|hkdf::Hkdf::<Sha256>::new(Some(salt), key);|hkdf::Hkdf::<Sha256>::new(Some(\&[0u8; 8]), key);|" "{}" && \
sed -i "s|hkdf.expand(\&\[0u8; 128\], derived_key)|hkdf.expand(salt, derived_key)|" "{}"'
WORKDIR /build/livekit-rust-sdks/livekit-ffi WORKDIR /build/livekit-rust-sdks/livekit-ffi
RUN cargo build --release RUN cargo build --release