From 5e0d6d93081c42eae90c4b864c4d76d19b61d1aa Mon Sep 17 00:00:00 2001
From: Andy Balaam <andy.balaam@matrix.org>
Date: Mon, 9 Dec 2024 15:52:11 +0000
Subject: [PATCH] Specify the order in which one-time keys are returned
 (MSC4225)

Signed-off-by: Andy Balaam <andy.balaam@matrix.org>
---
 .../client_server/newsfragments/2029.clarification   |  1 +
 data/api/client-server/keys.yaml                     | 12 +++++++++++-
 data/api/server-server/user_keys.yaml                | 12 +++++++++++-
 3 files changed, 23 insertions(+), 2 deletions(-)
 create mode 100644 changelogs/client_server/newsfragments/2029.clarification

diff --git a/changelogs/client_server/newsfragments/2029.clarification b/changelogs/client_server/newsfragments/2029.clarification
new file mode 100644
index 00000000..9900669e
--- /dev/null
+++ b/changelogs/client_server/newsfragments/2029.clarification
@@ -0,0 +1 @@
+Specify order of one-time keys, as per [MSC4225](https://github.com/matrix-org/matrix-spec-proposals/pull/4225).
diff --git a/data/api/client-server/keys.yaml b/data/api/client-server/keys.yaml
index 001fe1f5..fbc4d286 100644
--- a/data/api/client-server/keys.yaml
+++ b/data/api/client-server/keys.yaml
@@ -288,7 +288,17 @@ paths:
   /keys/claim:
     post:
       summary: Claim one-time encryption keys.
-      description: Claims one-time keys for use in pre-key messages.
+      description: |-
+        Claims one-time keys for use in pre-key messages.
+
+        The request contains the user ID, device ID and algorithm name of the
+        keys that are required. The response contains a key matching this -
+        either a one-time key, or if none are available, a fallback key.
+
+        One-time keys are given out in the order that they were uploaded via
+        [/keys/upload](/client-server-api/#post_matrixclientv3keysupload). (All
+        keys uploaded within a given call to `/keys/upload` are considered
+        equivalent in this regard; no ordering is specified within them.)
       operationId: claimKeys
       security:
         - accessTokenQuery: []
diff --git a/data/api/server-server/user_keys.yaml b/data/api/server-server/user_keys.yaml
index 6f242614..d2f5ac58 100644
--- a/data/api/server-server/user_keys.yaml
+++ b/data/api/server-server/user_keys.yaml
@@ -20,7 +20,17 @@ paths:
   /user/keys/claim:
     post:
       summary: Claims one-time encryption keys for a user.
-      description: Claims one-time keys for use in pre-key messages.
+      description: |-
+        Claims one-time keys for use in pre-key messages.
+
+        The request contains the user ID, device ID and algorithm name of the
+        keys that are required. The response contains a key matching this -
+        either a one-time key, or if none are available, a fallback key.
+
+        One-time keys are given out in the order that they were uploaded via
+        [/keys/upload](/client-server-api/#post_matrixclientv3keysupload). (All
+        keys uploaded within a given call to `/keys/upload` are considered
+        equivalent in this regard; no ordering is specified within them.)
       operationId: claimUserEncryptionKeys
       security:
         - signedRequest: []