From 122e2066db1cb7d7d26759b01292611ec76a6b51 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Damir=20Jeli=C4=87?= <poljar@termina.org.uk>
Date: Fri, 10 Jan 2025 12:56:50 +0100
Subject: [PATCH 1/2] fix(store-encryption): Remove an unwrap that snuck in

---
 crates/matrix-sdk-store-encryption/CHANGELOG.md | 6 ++++++
 crates/matrix-sdk-store-encryption/src/lib.rs   | 8 +++++++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/crates/matrix-sdk-store-encryption/CHANGELOG.md b/crates/matrix-sdk-store-encryption/CHANGELOG.md
index d3fae753d53..dd582eeae10 100644
--- a/crates/matrix-sdk-store-encryption/CHANGELOG.md
+++ b/crates/matrix-sdk-store-encryption/CHANGELOG.md
@@ -6,6 +6,12 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased] - ReleaseDate
 
+### Bug Fixes
+
+- Remove the usage of an unwrap in the `StoreCipher::import_with_key` method.
+  This could have lead to panics if the second argument was an invalid
+  `StoreCipher` export.
+
 ## [0.9.0] - 2024-12-18
 
 No notable changes in this release.
diff --git a/crates/matrix-sdk-store-encryption/src/lib.rs b/crates/matrix-sdk-store-encryption/src/lib.rs
index 78947d96af2..dea7e7e440c 100644
--- a/crates/matrix-sdk-store-encryption/src/lib.rs
+++ b/crates/matrix-sdk-store-encryption/src/lib.rs
@@ -334,7 +334,7 @@ impl StoreCipher {
     /// # anyhow::Ok(()) };
     /// ```
     pub fn import_with_key(key: &[u8; 32], encrypted: &[u8]) -> Result<Self, Error> {
-        let encrypted: EncryptedStoreCipher = rmp_serde::from_slice(encrypted).unwrap();
+        let encrypted: EncryptedStoreCipher = rmp_serde::from_slice(encrypted)?;
 
         if let KdfInfo::Pbkdf2ToChaCha20Poly1305 { .. } = encrypted.kdf_info {
             return Err(Error::KdfMismatch);
@@ -903,6 +903,12 @@ mod tests {
         Ok(())
     }
 
+    #[test]
+    fn test_importing_invalid_store_cipher_does_not_panic() {
+        // This used to panic, we're testing that we're getting a real error.
+        assert!(StoreCipher::import_with_key(&[0; 32], &[0; 64]).is_err())
+    }
+
     #[test]
     fn encrypting_values() -> Result<(), Error> {
         let event = json!({

From 8ada51ef5bb480edf813e02baac477ef2654cf1a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Damir=20Jeli=C4=87?= <poljar@termina.org.uk>
Date: Fri, 10 Jan 2025 13:45:45 +0100
Subject: [PATCH 2/2] fixup! fix(store-encryption): Remove an unwrap that snuck
 in

---
 crates/matrix-sdk-store-encryption/CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crates/matrix-sdk-store-encryption/CHANGELOG.md b/crates/matrix-sdk-store-encryption/CHANGELOG.md
index dd582eeae10..ac64e342f3b 100644
--- a/crates/matrix-sdk-store-encryption/CHANGELOG.md
+++ b/crates/matrix-sdk-store-encryption/CHANGELOG.md
@@ -11,6 +11,7 @@ All notable changes to this project will be documented in this file.
 - Remove the usage of an unwrap in the `StoreCipher::import_with_key` method.
   This could have lead to panics if the second argument was an invalid
   `StoreCipher` export.
+  ([#4506](https://github.com/matrix-org/matrix-rust-sdk/pull/4506))
 
 ## [0.9.0] - 2024-12-18