Element-Android session doesn't encrypt for a dehydrated device

[giomfo]

Steps to reproduce

1. log an account userA in a Element-WebR client (this session will be the only one for userA)
2. create an encrypted room and invite another account userB. The userB joins the room
3. enable the device dehydration v2 feature on Element-WebR client for userA (see https://github.com/element-hq/element-meta/issues/2278)
4. log out the userA
5. send a message in the encrypted room from userB
6. log the userA in again

Outcome

What did you expect?

The userA is able to decrypt and read the message sent by userB

What happened instead?

The message is not decrypted on userA side (UTD message)

Your phone model

No response

Operating system version

No response

Application version and app store

v1.6.14

Homeserver

No response

Will you send logs?

No

Are you willing to provide a PR?

No

[giomfo]

reproduced on E-iOS: https://github.com/element-hq/element-ios/issues/7795

[giomfo]

@uhoreg investigated this issue. He observed the following error in the logs: 2024-05-22T22:51:30*074GMT+00:00Z 97 D/ /Tag: WARN matrix_sdk_crypto::identities::manager: Failed to create a new device user_id="" device_id="" error=VerificationError(Signature(signature::Error { source: Some(Verification equation was not satisfied) }))

"Looking at the Android sources, it looks like when it makes the /keys/query request, if I'm reading it correctly, it parses the response into a KeysQueryResponse, the device_keys get parsed into a DeviceKeysWithUnsigned, which only has set properties. Since dehydrated is not one of the properties, it gets dropped, which means that the signature is no longer valid.

Something in there needs to be changed so that any unknown properties still get passed on, otherwise any device keys that have unknown properties will fail the signature check.

I haven't looked at the iOS code, but if it is also failing, then it may have a similar problem."