Remove unused E2EE messaging code (#31193)

app/models/account.rb

@@ -44,7 +44,6 @@
 #  hide_collections              :boolean
 #  avatar_storage_schema_version :integer
 #  header_storage_schema_version :integer
-#  devices_url                   :string
 #  suspension_origin             :integer
 #  sensitized_at                 :datetime
 #  trendable                     :boolean
@@ -56,11 +55,12 @@
 
 class Account < ApplicationRecord
   self.ignored_columns += %w(
-    subscription_expires_at
-    secret
+    devices_url
+    hub_url
     remote_url
     salmon_url
-    hub_url
+    secret
+    subscription_expires_at
     trust_level
   )
 

app/models/concerns/account/associations.rb

@@ -7,9 +7,6 @@ module Account::Associations
     # Local users
     has_one :user, inverse_of: :account, dependent: :destroy
 
-    # E2EE
-    has_many :devices, dependent: :destroy, inverse_of: :account
-
     # Timelines
     has_many :statuses, inverse_of: :account, dependent: :destroy
     has_many :favourites, inverse_of: :account, dependent: :destroy

app/models/device.rb

@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-
-# == Schema Information
-#
-# Table name: devices
-#
-#  id              :bigint(8)        not null, primary key
-#  access_token_id :bigint(8)
-#  account_id      :bigint(8)
-#  device_id       :string           default(""), not null
-#  name            :string           default(""), not null
-#  fingerprint_key :text             default(""), not null
-#  identity_key    :text             default(""), not null
-#  created_at      :datetime         not null
-#  updated_at      :datetime         not null
-#
-
-class Device < ApplicationRecord
-  belongs_to :access_token, class_name: 'Doorkeeper::AccessToken'
-  belongs_to :account
-
-  has_many :one_time_keys, dependent: :destroy, inverse_of: :device
-  has_many :encrypted_messages, dependent: :destroy, inverse_of: :device
-
-  validates :name, :fingerprint_key, :identity_key, presence: true
-  validates :fingerprint_key, :identity_key, ed25519_key: true
-
-  before_save :invalidate_associations, if: -> { device_id_changed? || fingerprint_key_changed? || identity_key_changed? }
-
-  private
-
-  def invalidate_associations
-    one_time_keys.destroy_all
-    encrypted_messages.destroy_all
-  end
-end

app/models/encrypted_message.rb

@@ -1,49 +0,0 @@
-# frozen_string_literal: true
-
-# == Schema Information
-#
-# Table name: encrypted_messages
-#
-#  id               :bigint(8)        not null, primary key
-#  device_id        :bigint(8)
-#  from_account_id  :bigint(8)
-#  from_device_id   :string           default(""), not null
-#  type             :integer          default(0), not null
-#  body             :text             default(""), not null
-#  digest           :text             default(""), not null
-#  message_franking :text             default(""), not null
-#  created_at       :datetime         not null
-#  updated_at       :datetime         not null
-#
-
-class EncryptedMessage < ApplicationRecord
-  self.inheritance_column = nil
-
-  include Paginable
-  include Redisable
-
-  scope :up_to, ->(id) { where(arel_table[:id].lteq(id)) }
-
-  belongs_to :device
-  belongs_to :from_account, class_name: 'Account'
-
-  around_create Mastodon::Snowflake::Callbacks
-
-  after_commit :push_to_streaming_api
-
-  private
-
-  def push_to_streaming_api
-    return if destroyed? || !subscribed_to_timeline?
-
-    PushEncryptedMessageWorker.perform_async(id)
-  end
-
-  def subscribed_to_timeline?
-    redis.exists?("subscribed:#{streaming_channel}")
-  end
-
-  def streaming_channel
-    "timeline:#{device.account_id}:#{device.device_id}"
-  end
-end

app/models/message_franking.rb

@@ -1,19 +0,0 @@
-# frozen_string_literal: true
-
-class MessageFranking
-  attr_reader :hmac, :source_account_id, :target_account_id,
-              :timestamp, :original_franking
-
-  def initialize(attributes = {})
-    @hmac              = attributes[:hmac]
-    @source_account_id = attributes[:source_account_id]
-    @target_account_id = attributes[:target_account_id]
-    @timestamp         = attributes[:timestamp]
-    @original_franking = attributes[:original_franking]
-  end
-
-  def to_token
-    crypt = ActiveSupport::MessageEncryptor.new(SystemKey.current_key, serializer: Oj)
-    crypt.encrypt_and_sign(self)
-  end
-end

app/models/one_time_key.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-# == Schema Information
-#
-# Table name: one_time_keys
-#
-#  id         :bigint(8)        not null, primary key
-#  device_id  :bigint(8)
-#  key_id     :string           default(""), not null
-#  key        :text             default(""), not null
-#  signature  :text             default(""), not null
-#  created_at :datetime         not null
-#  updated_at :datetime         not null
-#
-
-class OneTimeKey < ApplicationRecord
-  belongs_to :device
-
-  validates :key_id, :key, :signature, presence: true
-  validates :key, ed25519_key: true
-  validates :signature, ed25519_signature: { message: :key, verify_key: ->(one_time_key) { one_time_key.device.fingerprint_key } }
-end

app/models/system_key.rb

@@ -1,41 +0,0 @@
-# frozen_string_literal: true
-
-# == Schema Information
-#
-# Table name: system_keys
-#
-#  id         :bigint(8)        not null, primary key
-#  key        :binary
-#  created_at :datetime         not null
-#  updated_at :datetime         not null
-#
-class SystemKey < ApplicationRecord
-  ROTATION_PERIOD = 1.week.freeze
-
-  before_validation :set_key
-
-  scope :expired, ->(now = Time.now.utc) { where(arel_table[:created_at].lt(now - (ROTATION_PERIOD * 3))) }
-
-  class << self
-    def current_key
-      previous_key = order(id: :asc).last
-
-      if previous_key && previous_key.created_at >= ROTATION_PERIOD.ago
-        previous_key.key
-      else
-        create.key
-      end
-    end
-  end
-
-  private
-
-  def set_key
-    return if key.present?
-
-    cipher = OpenSSL::Cipher.new('AES-256-GCM')
-    cipher.encrypt
-
-    self.key = cipher.random_key
-  end
-end