crypto: Fix user-signing signature uploads
This commit is contained in:
Damir Jelić
parent
680f77beb9
commit
00e11d33f1
2 changed files with 30 additions and 24 deletions
|
|
@ -395,7 +395,7 @@ impl PrivateCrossSigningIdentity {
|
||||||
&self,
|
&self,
|
||||||
user_identity: &ReadOnlyUserIdentity,
|
user_identity: &ReadOnlyUserIdentity,
|
||||||
) -> Result<SignatureUploadRequest, SignatureError> {
|
) -> Result<SignatureUploadRequest, SignatureError> {
|
||||||
let signed_keys = self
|
let master_key = self
|
||||||
.user_signing_key
|
.user_signing_key
|
||||||
.lock()
|
.lock()
|
||||||
.await
|
.await
|
||||||
|
|
@ -404,6 +404,17 @@ impl PrivateCrossSigningIdentity {
|
||||||
.sign_user(user_identity)
|
.sign_user(user_identity)
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
|
let mut signed_keys = BTreeMap::new();
|
||||||
|
|
||||||
|
signed_keys.entry(user_identity.user_id().to_owned()).or_insert_with(BTreeMap::new).insert(
|
||||||
|
user_identity
|
||||||
|
.master_key()
|
||||||
|
.get_first_key()
|
||||||
|
.ok_or(SignatureError::MissingSigningKey)?
|
||||||
|
.to_owned(),
|
||||||
|
serde_json::to_value(master_key)?,
|
||||||
|
);
|
||||||
|
|
||||||
Ok(SignatureUploadRequest::new(signed_keys))
|
Ok(SignatureUploadRequest::new(signed_keys))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -632,10 +643,10 @@ impl PrivateCrossSigningIdentity {
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod test {
|
mod test {
|
||||||
use std::{collections::BTreeMap, sync::Arc};
|
use std::sync::Arc;
|
||||||
|
|
||||||
use matrix_sdk_test::async_test;
|
use matrix_sdk_test::async_test;
|
||||||
use ruma::{encryption::CrossSigningKey, user_id, UserId};
|
use ruma::{user_id, UserId};
|
||||||
|
|
||||||
use super::{PrivateCrossSigningIdentity, Signing};
|
use super::{PrivateCrossSigningIdentity, Signing};
|
||||||
use crate::{
|
use crate::{
|
||||||
|
|
@ -755,24 +766,7 @@ mod test {
|
||||||
let user_signing = identity.user_signing_key.lock().await;
|
let user_signing = identity.user_signing_key.lock().await;
|
||||||
let user_signing = user_signing.as_ref().unwrap();
|
let user_signing = user_signing.as_ref().unwrap();
|
||||||
|
|
||||||
let signatures = user_signing.sign_user(&bob_public).await.unwrap();
|
let master = user_signing.sign_user(&bob_public).await.unwrap();
|
||||||
|
|
||||||
let (key_id, signature) = signatures
|
|
||||||
.iter()
|
|
||||||
.next()
|
|
||||||
.unwrap()
|
|
||||||
.1
|
|
||||||
.iter()
|
|
||||||
.next()
|
|
||||||
.map(|(k, s)| (k.to_string(), serde_json::from_value(s.to_owned()).unwrap()))
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
let mut master: CrossSigningKey = bob_public.master_key.as_ref().clone();
|
|
||||||
master
|
|
||||||
.signatures
|
|
||||||
.entry(identity.user_id().to_owned())
|
|
||||||
.or_insert_with(BTreeMap::new)
|
|
||||||
.insert(key_id, signature);
|
|
||||||
|
|
||||||
bob_public.master_key = master.into();
|
bob_public.master_key = master.into();
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,7 @@ use olm_rs::pk::OlmPkSigning;
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
use olm_rs::{errors::OlmUtilityError, utility::OlmUtility};
|
use olm_rs::{errors::OlmUtilityError, utility::OlmUtility};
|
||||||
use ruma::{
|
use ruma::{
|
||||||
encryption::{CrossSigningKey, DeviceKeys, KeyUsage},
|
encryption::{CrossSigningKey, CrossSigningKeySignatures, DeviceKeys, KeyUsage},
|
||||||
serde::CanonicalJsonValue,
|
serde::CanonicalJsonValue,
|
||||||
DeviceKeyAlgorithm, DeviceKeyId, UserId,
|
DeviceKeyAlgorithm, DeviceKeyId, UserId,
|
||||||
};
|
};
|
||||||
|
|
@ -209,7 +209,19 @@ impl UserSigning {
|
||||||
pub async fn sign_user(
|
pub async fn sign_user(
|
||||||
&self,
|
&self,
|
||||||
user: &ReadOnlyUserIdentity,
|
user: &ReadOnlyUserIdentity,
|
||||||
) -> Result<BTreeMap<UserId, BTreeMap<String, Value>>, SignatureError> {
|
) -> Result<CrossSigningKey, SignatureError> {
|
||||||
|
let signature = self.sign_user_helper(user).await?;
|
||||||
|
let mut master_key: CrossSigningKey = user.master_key().to_owned().into();
|
||||||
|
|
||||||
|
master_key.signatures.extend(signature);
|
||||||
|
|
||||||
|
Ok(master_key)
|
||||||
|
}
|
||||||
|
|
||||||
|
pub async fn sign_user_helper(
|
||||||
|
&self,
|
||||||
|
user: &ReadOnlyUserIdentity,
|
||||||
|
) -> Result<CrossSigningKeySignatures, SignatureError> {
|
||||||
let user_master: &CrossSigningKey = user.master_key().as_ref();
|
let user_master: &CrossSigningKey = user.master_key().as_ref();
|
||||||
let signature = self.inner.sign_json(serde_json::to_value(user_master)?).await?;
|
let signature = self.inner.sign_json(serde_json::to_value(user_master)?).await?;
|
||||||
|
|
||||||
|
|
@ -224,7 +236,7 @@ impl UserSigning {
|
||||||
self.inner.public_key.as_str().into(),
|
self.inner.public_key.as_str().into(),
|
||||||
)
|
)
|
||||||
.to_string(),
|
.to_string(),
|
||||||
serde_json::to_value(signature.0)?,
|
signature.0,
|
||||||
);
|
);
|
||||||
|
|
||||||
Ok(signatures)
|
Ok(signatures)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue