crypto: Pass the device key id to the verify signature method.

matrix_sdk_crypto/src/device.rs

@@ -179,7 +179,12 @@ impl Device {
             .get_key(DeviceKeyAlgorithm::Ed25519)
             .ok_or(SignatureError::MissingSigningKey)?;
 
-        verify_json(&self.user_id, &self.device_id.as_str(), signing_key, json)
+        verify_json(
+            &self.user_id,
+            &DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, self.device_id()),
+            signing_key,
+            json,
+        )
     }
 
     pub(crate) fn verify_device_keys(

matrix_sdk_crypto/src/error.rs

@@ -117,6 +117,9 @@ pub enum EventError {
 
 #[derive(Error, Debug)]
 pub enum SignatureError {
+    #[error("the signature used a unsupported algorithm")]
+    UnsupportedAlgorithm,
+
     #[error("the signing key is missing from the object that signed the message")]
     MissingSigningKey,
 

matrix_sdk_crypto/src/lib.rs

@@ -72,10 +72,14 @@ use serde_json::Value;
 /// * `json` - The JSON object that should be verified.
 pub(crate) fn verify_json(
     user_id: &UserId,
-    key_id: &str,
+    key_id: &DeviceKeyId,
     signing_key: &str,
     json: &mut Value,
 ) -> Result<(), SignatureError> {
+    if key_id.algorithm() != DeviceKeyAlgorithm::Ed25519 {
+        return Err(SignatureError::UnsupportedAlgorithm);
+    }
+
     let json_object = json.as_object_mut().ok_or(SignatureError::NotAnObject)?;
     let unsigned = json_object.remove("unsigned");
     let signatures = json_object.remove("signatures");
@@ -86,8 +90,6 @@ pub(crate) fn verify_json(
         json_object.insert("unsigned".to_string(), u);
     }
 
-    let key_id = DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, key_id.into());
-
     let signatures = signatures.ok_or(SignatureError::NoSignatureFound)?;
     let signature_object = signatures
         .as_object()

matrix_sdk_crypto/src/machine.rs

@@ -1407,7 +1407,9 @@ mod test {
             AnySyncMessageEvent, AnySyncRoomEvent, AnyToDeviceEvent, EventType, SyncMessageEvent,
             ToDeviceEvent, Unsigned,
         },
-        identifiers::{event_id, room_id, user_id, DeviceId, DeviceKeyAlgorithm, UserId},
+        identifiers::{
+            event_id, room_id, user_id, DeviceId, DeviceKeyAlgorithm, DeviceKeyId, UserId,
+        },
         Raw,
     };
     use matrix_sdk_test::test_json;
@@ -1626,7 +1628,7 @@ mod test {
 
         let ret = verify_json(
             &machine.user_id,
-            machine.device_id.as_str(),
+            &DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, machine.device_id()),
             ed25519_key,
             &mut json!(&mut device_keys),
         );
@@ -1657,7 +1659,7 @@ mod test {
 
         let ret = verify_json(
             &machine.user_id,
-            machine.device_id.as_str(),
+            &DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, machine.device_id()),
             "fake_key",
             &mut json!(&mut device_keys),
         );
@@ -1677,7 +1679,7 @@ mod test {
 
         let ret = verify_json(
             &machine.user_id,
-            machine.device_id.as_str(),
+            &DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, machine.device_id()),
             ed25519_key,
             &mut json!(&mut one_time_key),
         );
@@ -1699,7 +1701,7 @@ mod test {
 
         let ret = verify_json(
             &machine.user_id,
-            machine.device_id.as_str(),
+            &DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, machine.device_id()),
             ed25519_key,
             &mut json!(&mut request.one_time_keys.as_mut().unwrap().values_mut().next()),
         );
@@ -1707,7 +1709,7 @@ mod test {
 
         let ret = verify_json(
             &machine.user_id,
-            machine.device_id.as_str(),
+            &DeviceKeyId::from_parts(DeviceKeyAlgorithm::Ed25519, machine.device_id()),
             ed25519_key,
             &mut json!(&mut request.device_keys.unwrap()),
         );