Some refactoring

2025-08-01 13:52:46 +00:00 · 2021-07-29 15:47:30 +01:00 · 2021-07-29 15:47:30 +01:00 · 39d66ed9d6
commit 39d66ed9d6
parent b37b7c70b7
9 changed files with 55 additions and 70 deletions
--- a/keyserver/api/api.go
+++ b/keyserver/api/api.go
@ -174,7 +174,7 @@ type PerformUploadDeviceKeysResponse struct {
 }

 type PerformUploadDeviceSignaturesRequest struct {
-	gomatrixserverlib.CrossSigningSignatures
+	Signatures map[string]map[gomatrixserverlib.KeyID]json.RawMessage
 	// The user that uploaded the sig, should be populated by the clientapi.
 	UserID string `json:"user_id"`
 }
@ -198,9 +198,9 @@ type QueryKeysResponse struct {
 	// Map of user_id to device_id to device_key
 	DeviceKeys map[string]map[string]json.RawMessage
 	// Maps of user_id to cross signing key
-	MasterKeys      map[string]gomatrixserverlib.CrossSigningKey
-	SelfSigningKeys map[string]gomatrixserverlib.CrossSigningKey
-	UserSigningKeys map[string]gomatrixserverlib.CrossSigningKey
+	MasterKeys      map[string]gomatrixserverlib.CrossSigningForKey
+	SelfSigningKeys map[string]gomatrixserverlib.CrossSigningForKey
+	UserSigningKeys map[string]gomatrixserverlib.CrossSigningForKey
 	// Set if there was a fatal error processing this query
 	Error *KeyError
 }
--- a/keyserver/internal/cross_signing.go
+++ b/keyserver/internal/cross_signing.go
@ -12,7 +12,7 @@ import (
 	"github.com/sirupsen/logrus"
 )

-func sanityCheckKey(key gomatrixserverlib.CrossSigningKey, userID string, purpose gomatrixserverlib.CrossSigningKeyPurpose) error {
+func sanityCheckKey(key gomatrixserverlib.CrossSigningForKey, userID string, purpose gomatrixserverlib.CrossSigningKeyPurpose) error {
 	// Is there exactly one key?
 	if len(key.Keys) != 1 {
 		return fmt.Errorf("should contain exactly one key")
@ -108,7 +108,7 @@ func (a *KeyInternalAPI) PerformUploadDeviceKeys(ctx context.Context, req *api.P
 	masterKeyID := gomatrixserverlib.KeyID(fmt.Sprintf("ed25519:%s", masterKey.Encode()))

 	// Work out which things we need to verify the signatures for.
-	toVerify := make(map[gomatrixserverlib.CrossSigningKeyPurpose]gomatrixserverlib.CrossSigningKey, 3)
+	toVerify := make(map[gomatrixserverlib.CrossSigningKeyPurpose]gomatrixserverlib.CrossSigningForKey, 3)
 	toStore := api.CrossSigningKeyMap{}
 	if len(req.MasterKey.Keys) > 0 {
 		toVerify[gomatrixserverlib.CrossSigningKeyPurposeMaster] = req.MasterKey
@ -160,72 +160,57 @@ func (a *KeyInternalAPI) PerformUploadDeviceKeys(ctx context.Context, req *api.P
 }

 func (a *KeyInternalAPI) PerformUploadDeviceSignatures(ctx context.Context, req *api.PerformUploadDeviceSignaturesRequest, res *api.PerformUploadDeviceSignaturesResponse) {
-	for targetUserID, forTarget := range req.CrossSigningSignatures {
-		for targetID, signable := range forTarget {
-			switch obj := signable.(type) {
-			case *gomatrixserverlib.CrossSigningKey: // signing a key
-				// Check to see if we know about the target user ID and key ID. If we
-				// don't then we'll just drop the signatures.
-				keys, err := a.DB.CrossSigningKeysForUser(ctx, targetUserID)
-				if err != nil {
-					continue
-				}
-				foundMatchingKey := false
-				for _, key := range keys {
-					if key.Encode() == targetID {
-						foundMatchingKey = true
-					}
-				}
-				if !foundMatchingKey {
-					continue
-				}
+	/*
+		for targetUserID, forTarget := range req.Signatures {
+			for targetID, signable := range forTarget {
+				// Work out which type of thingy it is.

-				/*
-					keyJSON, err := json.Marshal(obj)
+
+				switch obj := signable.(type) {
+				case *gomatrixserverlib.CrossSigningForKey: // signing a key
+					// Check to see if we know about the target user ID and key ID. If we
+					// don't then we'll just drop the signatures.
+					keys, err := a.DB.CrossSigningKeysForUser(ctx, targetUserID)
 					if err != nil {
-						res.Error = &api.KeyError{
-							Err: fmt.Sprintf("The JSON of the signable object is invalid: %s", err.Error()),
-						}
-						return
+						continue
+					}
+					foundMatchingKey := false
+					for _, key := range keys {
+						if key.Encode() == targetID {
+							foundMatchingKey = true
+						}
+					}
+					if !foundMatchingKey {
+						continue
 					}
-				*/

-				for originUserID, forOriginUserID := range obj.Signatures {
-					for originKeyID, signature := range forOriginUserID {
-						// TODO: sig checking
-						/*
-							if err := gomatrixserverlib.VerifyJSON(originUserID, originKeyID, ed25519.PublicKey(masterKey), keyJSON); err != nil {
+					for originUserID, forOriginUserID := range obj.Signatures {
+						for originKeyID, signature := range forOriginUserID {
+							// TODO: check signatures
+
+							err := a.DB.StoreCrossSigningSigsForTarget(ctx, originUserID, originKeyID, targetUserID, gomatrixserverlib.KeyID(targetID), signature)
+							if err != nil {
 								res.Error = &api.KeyError{
-									Err:                fmt.Sprintf("The %q sub-key failed master key signature verification: %s", purpose, err.Error()),
-									IsInvalidSignature: true,
+									Err: "Failed to store cross-signing keys for target: " + err.Error(),
 								}
 								return
 							}
-						*/
-
-						err := a.DB.StoreCrossSigningSigsForTarget(ctx, originUserID, originKeyID, targetUserID, gomatrixserverlib.KeyID(targetID), signature)
-						if err != nil {
-							res.Error = &api.KeyError{
-								Err: "Failed to store cross-signing keys for target: " + err.Error(),
-							}
-							return
 						}
 					}
-				}

-			case *gomatrixserverlib.CrossSigningSignature: // signing a device
-				// TODO: signatures for devices
-				continue
+				case *gomatrixserverlib.CrossSigningForDevice: // signing a device
+					// TODO: signatures for devices
+					continue

-			default:
-				res.Error = &api.KeyError{
-					Err: "Found an unexpected item type",
+				default:
+					res.Error = &api.KeyError{
+						Err: "Found an unexpected item type",
+					}
+					return
 				}
-				return
 			}
 		}
-	}
-
+	*/
 	res.Error = &api.KeyError{
 		Err: "Not supported yet",
 	}
@ -244,7 +229,7 @@ func (a *KeyInternalAPI) crossSigningKeys(
 		for keyType, keyData := range keys {
 			b64 := keyData.Encode()
 			keyID := gomatrixserverlib.KeyID("ed25519:" + b64)
-			key := gomatrixserverlib.CrossSigningKey{
+			key := gomatrixserverlib.CrossSigningForKey{
 				UserID: userID,
 				Usage: []gomatrixserverlib.CrossSigningKeyPurpose{
 					keyType,
--- a/keyserver/internal/internal.go
+++ b/keyserver/internal/internal.go
@ -221,9 +221,9 @@ func (a *KeyInternalAPI) QueryDeviceMessages(ctx context.Context, req *api.Query

 func (a *KeyInternalAPI) QueryKeys(ctx context.Context, req *api.QueryKeysRequest, res *api.QueryKeysResponse) {
 	res.DeviceKeys = make(map[string]map[string]json.RawMessage)
-	res.MasterKeys = make(map[string]gomatrixserverlib.CrossSigningKey)
-	res.SelfSigningKeys = make(map[string]gomatrixserverlib.CrossSigningKey)
-	res.UserSigningKeys = make(map[string]gomatrixserverlib.CrossSigningKey)
+	res.MasterKeys = make(map[string]gomatrixserverlib.CrossSigningForKey)
+	res.SelfSigningKeys = make(map[string]gomatrixserverlib.CrossSigningForKey)
+	res.UserSigningKeys = make(map[string]gomatrixserverlib.CrossSigningForKey)
 	res.Failures = make(map[string]interface{})

 	// get cross-signing keys from the database
--- a/keyserver/inthttp/server.go
+++ b/keyserver/inthttp/server.go
@ -73,7 +73,7 @@ func AddRoutes(internalAPIMux *mux.Router, s api.KeyInternalAPI) {
 		httputil.MakeInternalAPI("performUploadDeviceSignatures", func(req *http.Request) util.JSONResponse {
 			request := api.PerformUploadDeviceSignaturesRequest{}
 			response := api.PerformUploadDeviceSignaturesResponse{}
-			if err := json.NewDecoder(req.Body).Decode(&request.CrossSigningSignatures); err != nil {
+			if err := json.NewDecoder(req.Body).Decode(&request.Signatures); err != nil {
 				return util.MessageResponse(http.StatusBadRequest, err.Error())
 			}
 			s.PerformUploadDeviceSignatures(req.Context(), &request, &response)