crypto: When we check the signature of a device use the DeviceKeys struct

2021-08-04 10:55:41 +02:00 · 2021-08-04 10:55:41 +02:00 · e401c87246
commit e401c87246
parent 2cf6ad21d3
2 changed files with 19 additions and 23 deletions
--- a/matrix_sdk_crypto/src/identities/device.rs
+++ b/matrix_sdk_crypto/src/identities/device.rs
@ -539,21 +539,11 @@ impl ReadOnlyDevice {
        )
    }

-    pub(crate) fn as_signature_message(&self) -> Value {
-        json!({
-            "user_id": &*self.user_id,
-            "device_id": &*self.device_id,
-            "keys": &*self.keys,
-            "algorithms": &*self.algorithms,
-            "signatures": &*self.signatures,
-        })
-    }
-
    pub(crate) fn verify_device_keys(
        &self,
        device_keys: &DeviceKeys,
    ) -> Result<(), SignatureError> {
-        let mut device_keys = serde_json::to_value(device_keys).unwrap();
+        let mut device_keys = serde_json::to_value(device_keys)?;
        self.is_signed_by_device(&mut device_keys)
    }

--- a/matrix_sdk_crypto/src/identities/user.rs
+++ b/matrix_sdk_crypto/src/identities/user.rs
@ -23,7 +23,7 @@ use std::{
 };

 use ruma::{
-    encryption::{CrossSigningKey, KeyUsage},
+    encryption::{CrossSigningKey, DeviceKeys, KeyUsage},
    events::{
        key::verification::VerificationMethod, room::message::KeyVerificationRequestEventContent,
    },
@ -494,6 +494,22 @@ impl SelfSigningPubkey {
        &self.0.keys
    }

+    pub(crate) fn verify_device_keys(&self, device_keys: DeviceKeys) -> Result<(), SignatureError> {
+        let (key_id, key) = self.0.keys.iter().next().ok_or(SignatureError::MissingSigningKey)?;
+        // TODO check that the usage is OK.
+
+        let mut device = to_value(device_keys)?;
+
+        let utility = Utility::new();
+
+        utility.verify_json(
+            &self.0.user_id,
+            &DeviceKeyId::try_from(key_id.as_str())?,
+            key,
+            &mut device,
+        )
+    }
+
    /// Check if the given device is signed by this self signing key.
    ///
    /// # Arguments
@ -503,17 +519,7 @@ impl SelfSigningPubkey {
    /// Returns an empty result if the signature check succeeded, otherwise a
    /// SignatureError indicating why the check failed.
    pub(crate) fn verify_device(&self, device: &ReadOnlyDevice) -> Result<(), SignatureError> {
-        let (key_id, key) = self.0.keys.iter().next().ok_or(SignatureError::MissingSigningKey)?;
-
-        // TODO check that the usage is OK.
-
-        let utility = Utility::new();
-        utility.verify_json(
-            &self.0.user_id,
-            &DeviceKeyId::try_from(key_id.as_str())?,
-            key,
-            &mut device.as_signature_message(),
-        )
+        self.verify_device_keys(device.as_device_keys())
    }
 }