matrixlib.olm module

Olm-related functionality

class matrixlib.olm.OlmChannel

Manages a set of Olm sessions with another device

Do not use initializer function. Use the create_* methods instead

add_outbound_olm_session(recipient_one_time_key: dict) None

Add a new Olm session to the channel

Arguments:

recipient_one_time_key:

the other party’s signed one-time key, as returned by /keys/claim

assert_partner_device_id(device_id: str) None
client: Client
classmethod create_from_encrypted_event(c: Client, device_keys_manager: DeviceKeysManager, partner_user_id: str, partner_identity_key: str, event_content: dict, partner_device_id: str | None = None, partner_fingerprint_key: str | None = None, key: bytes | None = None) Tuple[OlmChannel, dict | BaseException]

Create a new channel from an encrypted message

Arguments:

c:

the client object

device_keys_manager:

a DeviceKeysManager object

partner_user_id:

the other party’s user ID, as returned by /keys/query

partner_identity_key:

the other party’s identity key

event_content:

the content of the m.room.encrypted event

partner_device_id:

the other party’s device ID. You will not be able to create a new outbound Olm session without an device ID. The device ID can be set later by setting the OlmChannel object’s partner_device_id property

partner_fingerprint_key:

the other party’s fingerprint key. If not provided, will be set to the fingerprint key provided in the plaintext. However, the message may not be trusted unless it matches the device key obtained from the server, and this key should be provided if it is available.

key:

a 32-byte binary used to encrypt the objects in storage. If not specified, uses the same key as used by device_keys_manager

On success, returns a tuple consisting of the new OlmChannel object and the decrypted message. On failure, either raises an exception, or returns a tuple consisting of the new OlmChannel object and the exception, depending on whether the OlmChannel could be created.

classmethod create_from_storage(c: Client, device_keys_manager: DeviceKeysManager, partner_user_id: str, partner_identity_key: str, key: bytes | None = None) OlmChannel | None

Loads an Olm channel from storage

c:

the client object

device_keys_manager:

a DeviceKeysManager object

partner_user_id:

the other party’s user ID, as returned by /keys/query

partner_identity_key:

the other party’s identity key

key:

a 32-byte binary used to encrypt the objects in storage. If not specified, uses the same key as used by device_keys_manager

classmethod create_outbound_channel(c: Client, device_keys_manager: DeviceKeysManager, recipient_device_keys: dict, recipient_one_time_key: dict, key: bytes | None = None) OlmChannel

Create a new channel with a new Olm session

Arguments:

c:

the client object

device_keys_manager:

a DeviceKeysManager object

recipient_device_keys:

the other party’s device keys, as returned by /keys/query

recipient_one_time_key:

the other party’s signed one-time key, as returned by /keys/claim

key:

a 32-byte binary used to encrypt the objects in storage. If not specified, uses the same key as used by device_keys_manager

Returns a new OlmChannel with an Olm session

decrypt(event_content: dict) dict

Decrypt an m.room.encrypted event encrypted with Olm

Creates a new Olm session if necessary.

Arguments:

event_content:

the content of the m.room.encrypted event

Returns the decrypted event, which will be a dict that should have type (the decrypted event type), content (the event content), and information about the sender and recipient.

device_keys_manager: DeviceKeysManager
encrypt(event_type: str, content: dict) dict

Encrypt an event using Olm

Arguments:

event_type:

the type of the event (e.g. m.room.message)

content:

the event content

Returns the content of a m.room.encrypted event

key: bytes
partner_device_id: str | None
partner_fingerprint_key: str | None
partner_identity_key: str
partner_user_id: str
sessions: list[Session]