Add support for new dehydrated device format

[uhoreg]

as documented in the current version of MSC3814

Fixes #196

[poljar]

Gonna close and reopen this to see if the codecov thing kicks in.

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 89.65517% with 9 lines in your changes missing coverage. Please review.

Project coverage is 90.24%. Comparing base (5eb25a6) to head (e22dfcb).
Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
src/lib.rs	33.33%	6 Missing ⚠️
src/olm/account/mod.rs	97.01%	2 Missing ⚠️
src/types/ed25519.rs	87.50%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #199      +/-   ##
==========================================
- Coverage   90.28%   90.24%   -0.05%     
==========================================
  Files          34       34              
  Lines        1905     1989      +84     
==========================================
+ Hits         1720     1795      +75     
- Misses        185      194       +9     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[uhoreg]

@poljar can I get a review on this PR? Thanks

[poljar]

Hi, sorry for the late reply, we miscommunicated on who would do the first review.

A good start but needs a bit more polish.

[poljar]

You can just import this unconditionally and remove the imports from the line bellow.

[poljar]

This is pretty terse, perhaps we should explain a bit what a dehydrated device is and add an example how this can be used.

[poljar]

This also has the IV reuse problem, right? Mentioned here and in the MSC. I wonder if we should fix this properly now and just include a random IV or Nonce in the pickle.

[uhoreg]

Yup, I had considered fixing the IV problem, but also wasn't sure if I wanted to introduce a new encryption scheme into the code. I'll think about it some more.

[poljar]

We now have a dep on Chacha20 in vodozemac due to the QR Login work, and it's likely going to be needed for the PQ support.

So using a new scheme isn't as problematic anymore.

[uhoreg]

Added more to the comment, and switch encryption to using Chacha20poly1305

[poljar]

Since this format will come from the homeserver, we should add a fuzz target for it and fuzz it for a bit to ensure that we're not introducing a vulnerability. We already have a fuzz target for all the other formats we receive over the network and have to decode.

[uhoreg]

Forgot to respond to this earlier.

I've written the basic code:

use afl::fuzz;
use arbitrary::Arbitrary;
use vodozemac::olm::Account;

#[derive(Arbitrary)]
struct Data {
    ciphertext: String,
    nonce: String,
    key: [u8; 32],
}

fn main() {
    fuzz!(|data: Data| {
        let _ = Account::from_dehydrated_device(&data.ciphertext, &data.nonce, &data.key);
    });
}

It looks like the afl documentation is suggesting to provide some example input? Or can I just let it provide random input?

To use it, do I just run cargo afl fuzz? When I do that, I get a permission error -- which may be because my home directory is mounted noexec, so I need to figure out how to get it to run. But I was wondering if there was something else I need to add to the command line.

[uhoreg]

I tried using Decryption(#[from] chacha20poly1305::aead::Error), but it was complaining about some missing traits. So I had to do this instead. I'm not sure if there's a better way.

[uhoreg]

Should I create a new struct instead of returning (String, String)?

[poljar]

Yeah that sounds good, and it might implement Serialize

[uhoreg]

The clippy failure seems to be in code that I did not change. I'm guessing that I should create a new PR to fix that, rather than adding the fixes to this PR.