From 65340bf0eeaf70bf16dffdaba1a79af5beafe073 Mon Sep 17 00:00:00 2001 From: Christian Gick Date: Sun, 22 Feb 2026 07:38:06 +0200 Subject: [PATCH] fix(e2ee): use set_shared_key for live key rotation updates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When Element Call sees the bot join, it rotates its encryption key (index 0 → 1). The on_encryption_key callback was calling set_key() (per-participant) which has no effect in shared-key mode. Switch to set_shared_key() so the shared-key decryption path stays current when the caller rotates keys. --- voice.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/voice.py b/voice.py index faa6fcc..63004a9 100644 --- a/voice.py +++ b/voice.py @@ -116,15 +116,15 @@ class VoiceSession: self._caller_all_keys[index] = key logger.info("E2EE key received from %s:%s (index=%d, %d bytes)", sender, device_id, index, len(key)) - # Live-update key provider if already connected + # Live-update shared key when caller rotates (e.g. on bot join) — use + # set_shared_key so the shared-key decryption path stays in sync. if self.lk_room and hasattr(self.lk_room, 'e2ee_manager'): try: kp = self.lk_room.e2ee_manager.key_provider - caller_id = self._caller_identity or f"{sender}:{device_id}" - kp.set_key(caller_id, key, index) - logger.info("Live-set caller key[%d] for %s", index, caller_id) + kp.set_shared_key(key, index) + logger.info("Live-updated shared key[%d] (%d bytes)", index, len(key)) except Exception as e: - logger.warning("Failed to live-set caller key: %s", e) + logger.warning("Failed to live-update shared key: %s", e) async def _fetch_encryption_key_http(self) -> bytes | None: """Fetch encryption key from room timeline (NOT state) via Matrix HTTP API.