crypto: Pass the device key id to the verify signature method.
This commit is contained in:
parent
5b758b8344
commit
08d76f2ff4
4 changed files with 22 additions and 10 deletions
|
@ -179,7 +179,12 @@ impl Device {
|
|||
.get_key(DeviceKeyAlgorithm::Ed25519)
|
||||
.ok_or(SignatureError::MissingSigningKey)?;
|
||||
|
||||
verify_json(&self.user_id, &self.device_id.as_str(), signing_key, json)
|
||||
verify_json(
|
||||
&self.user_id,
|
||||
&DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, self.device_id()),
|
||||
signing_key,
|
||||
json,
|
||||
)
|
||||
}
|
||||
|
||||
pub(crate) fn verify_device_keys(
|
||||
|
|
|
@ -117,6 +117,9 @@ pub enum EventError {
|
|||
|
||||
#[derive(Error, Debug)]
|
||||
pub enum SignatureError {
|
||||
#[error("the signature used a unsupported algorithm")]
|
||||
UnsupportedAlgorithm,
|
||||
|
||||
#[error("the signing key is missing from the object that signed the message")]
|
||||
MissingSigningKey,
|
||||
|
||||
|
|
|
@ -72,10 +72,14 @@ use serde_json::Value;
|
|||
/// * `json` - The JSON object that should be verified.
|
||||
pub(crate) fn verify_json(
|
||||
user_id: &UserId,
|
||||
key_id: &str,
|
||||
key_id: &DeviceKeyId,
|
||||
signing_key: &str,
|
||||
json: &mut Value,
|
||||
) -> Result<(), SignatureError> {
|
||||
if key_id.algorithm() != DeviceKeyAlgorithm::Ed25519 {
|
||||
return Err(SignatureError::UnsupportedAlgorithm);
|
||||
}
|
||||
|
||||
let json_object = json.as_object_mut().ok_or(SignatureError::NotAnObject)?;
|
||||
let unsigned = json_object.remove("unsigned");
|
||||
let signatures = json_object.remove("signatures");
|
||||
|
@ -86,8 +90,6 @@ pub(crate) fn verify_json(
|
|||
json_object.insert("unsigned".to_string(), u);
|
||||
}
|
||||
|
||||
let key_id = DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, key_id.into());
|
||||
|
||||
let signatures = signatures.ok_or(SignatureError::NoSignatureFound)?;
|
||||
let signature_object = signatures
|
||||
.as_object()
|
||||
|
|
|
@ -1407,7 +1407,9 @@ mod test {
|
|||
AnySyncMessageEvent, AnySyncRoomEvent, AnyToDeviceEvent, EventType, SyncMessageEvent,
|
||||
ToDeviceEvent, Unsigned,
|
||||
},
|
||||
identifiers::{event_id, room_id, user_id, DeviceId, DeviceKeyAlgorithm, UserId},
|
||||
identifiers::{
|
||||
event_id, room_id, user_id, DeviceId, DeviceKeyAlgorithm, DeviceKeyId, UserId,
|
||||
},
|
||||
Raw,
|
||||
};
|
||||
use matrix_sdk_test::test_json;
|
||||
|
@ -1626,7 +1628,7 @@ mod test {
|
|||
|
||||
let ret = verify_json(
|
||||
&machine.user_id,
|
||||
machine.device_id.as_str(),
|
||||
&DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, machine.device_id()),
|
||||
ed25519_key,
|
||||
&mut json!(&mut device_keys),
|
||||
);
|
||||
|
@ -1657,7 +1659,7 @@ mod test {
|
|||
|
||||
let ret = verify_json(
|
||||
&machine.user_id,
|
||||
machine.device_id.as_str(),
|
||||
&DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, machine.device_id()),
|
||||
"fake_key",
|
||||
&mut json!(&mut device_keys),
|
||||
);
|
||||
|
@ -1677,7 +1679,7 @@ mod test {
|
|||
|
||||
let ret = verify_json(
|
||||
&machine.user_id,
|
||||
machine.device_id.as_str(),
|
||||
&DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, machine.device_id()),
|
||||
ed25519_key,
|
||||
&mut json!(&mut one_time_key),
|
||||
);
|
||||
|
@ -1699,7 +1701,7 @@ mod test {
|
|||
|
||||
let ret = verify_json(
|
||||
&machine.user_id,
|
||||
machine.device_id.as_str(),
|
||||
&DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, machine.device_id()),
|
||||
ed25519_key,
|
||||
&mut json!(&mut request.one_time_keys.as_mut().unwrap().values_mut().next()),
|
||||
);
|
||||
|
@ -1707,7 +1709,7 @@ mod test {
|
|||
|
||||
let ret = verify_json(
|
||||
&machine.user_id,
|
||||
machine.device_id.as_str(),
|
||||
&DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, machine.device_id()),
|
||||
ed25519_key,
|
||||
&mut json!(&mut request.device_keys.unwrap()),
|
||||
);
|
||||
|
|
Loading…
Reference in a new issue