From 27eeeb8db60ada42d5f6465686977bee55266136 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Damir=20Jeli=C4=87?= Date: Fri, 10 Jul 2020 17:53:04 +0200 Subject: [PATCH] crypto: Move the one-time key signing into the accoung. --- matrix_sdk_crypto/src/machine.rs | 48 ++------------------------------ matrix_sdk_crypto/src/olm.rs | 40 +++++++++++++++++++++++++- 2 files changed, 41 insertions(+), 47 deletions(-) diff --git a/matrix_sdk_crypto/src/machine.rs b/matrix_sdk_crypto/src/machine.rs index 7e4cf13a..cc2b73cb 100644 --- a/matrix_sdk_crypto/src/machine.rs +++ b/matrix_sdk_crypto/src/machine.rs @@ -48,7 +48,7 @@ use matrix_sdk_common::uuid::Uuid; use api::r0::keys; use api::r0::{ - keys::{AlgorithmAndDeviceId, DeviceKeys, KeyAlgorithm, OneTimeKey, SignedKey}, + keys::{AlgorithmAndDeviceId, DeviceKeys, KeyAlgorithm, OneTimeKey}, sync::sync_events::Response as SyncResponse, to_device::{send_event_to_device::Request as ToDeviceRequest, DeviceIdOrAllDevices}, }; @@ -568,51 +568,7 @@ impl OlmMachine { /// If no one-time keys need to be uploaded returns an empty error. async fn signed_one_time_keys(&self) -> StdResult { let _ = self.generate_one_time_keys().await?; - let one_time_keys = self.account.one_time_keys().await; - let mut one_time_key_map = BTreeMap::new(); - - for (key_id, key) in one_time_keys.curve25519().iter() { - let key_json = json!({ - "key": key, - }); - - let signature = self.sign_json(&key_json).await; - - let mut signature_map = BTreeMap::new(); - - signature_map.insert( - AlgorithmAndDeviceId(KeyAlgorithm::Ed25519, self.device_id.clone()), - signature, - ); - - let mut signatures = BTreeMap::new(); - signatures.insert(self.user_id.clone(), signature_map); - - let signed_key = SignedKey { - key: key.to_owned(), - signatures, - }; - - one_time_key_map.insert( - AlgorithmAndDeviceId(KeyAlgorithm::SignedCurve25519, key_id.to_owned()), - OneTimeKey::SignedKey(signed_key), - ); - } - - Ok(one_time_key_map) - } - - /// Convert a JSON value to the canonical representation and sign the JSON - /// string. - /// - /// # Arguments - /// - /// * `json` - The value that should be converted into a canonical JSON - /// string. - async fn sign_json(&self, json: &Value) -> String { - let canonical_json = cjson::to_string(json) - .unwrap_or_else(|_| panic!(format!("Can't serialize {} to canonical JSON", json))); - self.account.sign(&canonical_json).await + Ok(self.account.signed_one_time_keys().await) } /// Verify a signed JSON object. diff --git a/matrix_sdk_crypto/src/olm.rs b/matrix_sdk_crypto/src/olm.rs index 47dfe4e5..a1386650 100644 --- a/matrix_sdk_crypto/src/olm.rs +++ b/matrix_sdk_crypto/src/olm.rs @@ -38,7 +38,7 @@ pub use olm_rs::{ use matrix_sdk_common::identifiers::{DeviceId, RoomId, UserId}; use matrix_sdk_common::{ - api::r0::keys::{AlgorithmAndDeviceId, DeviceKeys, KeyAlgorithm, SignedKey}, + api::r0::keys::{AlgorithmAndDeviceId, DeviceKeys, KeyAlgorithm, OneTimeKey, SignedKey}, events::Algorithm, }; @@ -230,6 +230,44 @@ impl Account { self.sign(&canonical_json).await } + /// Generate, sign and prepare one-time keys to be uploaded. + /// + /// If no one-time keys need to be uploaded returns an empty error. + pub async fn signed_one_time_keys(&self) -> BTreeMap { + let one_time_keys = self.one_time_keys().await; + let mut one_time_key_map = BTreeMap::new(); + + for (key_id, key) in one_time_keys.curve25519().iter() { + let key_json = json!({ + "key": key, + }); + + let signature = self.sign_json(&key_json).await; + + let mut signature_map = BTreeMap::new(); + + signature_map.insert( + AlgorithmAndDeviceId(KeyAlgorithm::Ed25519, (*self.device_id).clone()), + signature, + ); + + let mut signatures = BTreeMap::new(); + signatures.insert((*self.user_id).clone(), signature_map); + + let signed_key = SignedKey { + key: key.to_owned(), + signatures, + }; + + one_time_key_map.insert( + AlgorithmAndDeviceId(KeyAlgorithm::SignedCurve25519, key_id.to_owned()), + OneTimeKey::SignedKey(signed_key), + ); + } + + one_time_key_map + } + /// Create a new session with another account given a one-time key. /// /// Returns the newly created session or a `OlmSessionError` if creating a