diff --git a/matrix_sdk_crypto/src/device.rs b/matrix_sdk_crypto/src/device.rs index 5cc53102..ce9e8ece 100644 --- a/matrix_sdk_crypto/src/device.rs +++ b/matrix_sdk_crypto/src/device.rs @@ -187,6 +187,16 @@ impl Device { ) } + pub(crate) fn as_signature_message(&self) -> Value { + json!({ + "user_id": &*self.user_id, + "device_id": &*self.device_id, + "keys": &*self.keys, + "algorithms": &*self.algorithms, + "signatures": &*self.signatures, + }) + } + pub(crate) fn verify_device_keys( &self, device_keys: &DeviceKeys, diff --git a/matrix_sdk_crypto/src/user_identity.rs b/matrix_sdk_crypto/src/user_identity.rs index a000bd73..9fd87033 100644 --- a/matrix_sdk_crypto/src/user_identity.rs +++ b/matrix_sdk_crypto/src/user_identity.rs @@ -24,7 +24,7 @@ use matrix_sdk_common::{ identifiers::{DeviceKeyId, UserId}, }; -use crate::{error::SignatureError, verify_json}; +use crate::{error::SignatureError, verify_json, Device}; #[derive(Debug, Clone)] pub struct MasterPubkey(Arc); @@ -111,6 +111,42 @@ impl MasterPubkey { } } +impl UserSigningPubkey { + fn verify_master_key(&self, master_key: &MasterPubkey) -> Result<(), SignatureError> { + let (key_id, key) = self + .0 + .keys + .iter() + .next() + .ok_or(SignatureError::MissingSigningKey)?; + + verify_json( + &self.0.user_id, + &DeviceKeyId::try_from(key_id.as_str())?, + key, + &mut to_value(&*master_key.0).map_err(|_| SignatureError::NotAnObject)?, + ) + } +} + +impl SelfSigningPubkey { + fn verify_device(&self, device: &Device) -> Result<(), SignatureError> { + let (key_id, key) = self + .0 + .keys + .iter() + .next() + .ok_or(SignatureError::MissingSigningKey)?; + + verify_json( + &self.0.user_id, + &DeviceKeyId::try_from(key_id.as_str())?, + key, + &mut device.as_signature_message(), + ) + } +} + impl UserIdentity { pub fn new( master_key: MasterPubkey,