crypto: Check that the master key and subkeys have the same user id.

master
Damir Jelić 2020-08-20 15:14:58 +02:00
parent 398edbbe0c
commit 9edc876160
2 changed files with 7 additions and 1 deletions

View File

@ -126,6 +126,9 @@ pub enum SignatureError {
#[error("the signing key is missing from the object that signed the message")] #[error("the signing key is missing from the object that signed the message")]
MissingSigningKey, MissingSigningKey,
#[error("the user id of the signing differs from the subkey user id")]
UserIdMissmatch,
#[error("the provided JSON value isn't an object")] #[error("the provided JSON value isn't an object")]
NotAnObject, NotAnObject,

View File

@ -137,9 +137,12 @@ impl MasterPubkey {
// if self.0.usage.contains(&KeyUsage::Master) { // if self.0.usage.contains(&KeyUsage::Master) {
// return Err(SignatureError::MissingSigningKey); // return Err(SignatureError::MissingSigningKey);
// } // }
let subkey: CrossSigningSubKeys = subkey.into(); let subkey: CrossSigningSubKeys = subkey.into();
if &self.0.user_id != subkey.user_id() {
return Err(SignatureError::UserIdMissmatch);
}
verify_json( verify_json(
&self.0.user_id, &self.0.user_id,
&DeviceKeyId::try_from(key_id.as_str())?, &DeviceKeyId::try_from(key_id.as_str())?,