From 78ab127ced0b6dca9fb9a976596a80d96a93c4c6 Mon Sep 17 00:00:00 2001
From: Neil Alexander <neilalexander@users.noreply.github.com>
Date: Thu, 29 Jul 2021 18:22:27 +0100
Subject: [PATCH] Some groundwork

---
 go.mod                              |   2 +-
 go.sum                              |   4 +-
 keyserver/api/api.go                |   2 +-
 keyserver/internal/cross_signing.go | 112 +++++++++++++++++-----------
 4 files changed, 71 insertions(+), 49 deletions(-)

diff --git a/go.mod b/go.mod
index 564c1d09..97feeac2 100644
--- a/go.mod
+++ b/go.mod
@@ -31,7 +31,7 @@ require (
 	github.com/matrix-org/go-http-js-libp2p v0.0.0-20200518170932-783164aeeda4
 	github.com/matrix-org/go-sqlite3-js v0.0.0-20210709140738-b0d1ba599a6d
 	github.com/matrix-org/gomatrix v0.0.0-20210324163249-be2af5ef2e16
-	github.com/matrix-org/gomatrixserverlib v0.0.0-20210729144422-16ebeb5d0788
+	github.com/matrix-org/gomatrixserverlib v0.0.0-20210729170648-dadeeff7cf48
 	github.com/matrix-org/naffka v0.0.0-20210623111924-14ff508b58e0
 	github.com/matrix-org/pinecone v0.0.0-20210623102758-74f885644c1b
 	github.com/matrix-org/util v0.0.0-20200807132607-55161520e1d4
diff --git a/go.sum b/go.sum
index 5abbcec2..7021422e 100644
--- a/go.sum
+++ b/go.sum
@@ -1027,8 +1027,8 @@ github.com/matrix-org/go-sqlite3-js v0.0.0-20210709140738-b0d1ba599a6d/go.mod h1
 github.com/matrix-org/gomatrix v0.0.0-20190528120928-7df988a63f26/go.mod h1:3fxX6gUjWyI/2Bt7J1OLhpCzOfO/bB3AiX0cJtEKud0=
 github.com/matrix-org/gomatrix v0.0.0-20210324163249-be2af5ef2e16 h1:ZtO5uywdd5dLDCud4r0r55eP4j9FuUNpl60Gmntcop4=
 github.com/matrix-org/gomatrix v0.0.0-20210324163249-be2af5ef2e16/go.mod h1:/gBX06Kw0exX1HrwmoBibFA98yBk/jxKpGVeyQbff+s=
-github.com/matrix-org/gomatrixserverlib v0.0.0-20210729144422-16ebeb5d0788 h1:wnMa7rHryaAQMke++Y9rJtrVIvRbFzbPxPYimpctx6Y=
-github.com/matrix-org/gomatrixserverlib v0.0.0-20210729144422-16ebeb5d0788/go.mod h1:JsAzE1Ll3+gDWS9JSUHPJiiyAksvOOnGWF2nXdg4ZzU=
+github.com/matrix-org/gomatrixserverlib v0.0.0-20210729170648-dadeeff7cf48 h1:taDey9UlU14gutpcGW2A17PxsoWmcAuIexbcQUQs6NE=
+github.com/matrix-org/gomatrixserverlib v0.0.0-20210729170648-dadeeff7cf48/go.mod h1:JsAzE1Ll3+gDWS9JSUHPJiiyAksvOOnGWF2nXdg4ZzU=
 github.com/matrix-org/naffka v0.0.0-20210623111924-14ff508b58e0 h1:HZCzy4oVzz55e+cOMiX/JtSF2UOY1evBl2raaE7ACcU=
 github.com/matrix-org/naffka v0.0.0-20210623111924-14ff508b58e0/go.mod h1:sjyPyRxKM5uw1nD2cJ6O2OxI6GOqyVBfNXqKjBZTBZE=
 github.com/matrix-org/pinecone v0.0.0-20210623102758-74f885644c1b h1:5X5vdWQ13xrNkJVqaJHPsrt7rKkMJH5iac0EtfOuxSg=
diff --git a/keyserver/api/api.go b/keyserver/api/api.go
index 4ae5964a..3ac8f186 100644
--- a/keyserver/api/api.go
+++ b/keyserver/api/api.go
@@ -174,7 +174,7 @@ type PerformUploadDeviceKeysResponse struct {
 }
 
 type PerformUploadDeviceSignaturesRequest struct {
-	Signatures map[string]map[gomatrixserverlib.KeyID]json.RawMessage
+	Signatures map[string]map[gomatrixserverlib.KeyID]gomatrixserverlib.CrossSigningForKeyOrDevice
 	// The user that uploaded the sig, should be populated by the clientapi.
 	UserID string `json:"user_id"`
 }
diff --git a/keyserver/internal/cross_signing.go b/keyserver/internal/cross_signing.go
index 79662bbe..9766af0a 100644
--- a/keyserver/internal/cross_signing.go
+++ b/keyserver/internal/cross_signing.go
@@ -160,62 +160,84 @@ func (a *KeyInternalAPI) PerformUploadDeviceKeys(ctx context.Context, req *api.P
 }
 
 func (a *KeyInternalAPI) PerformUploadDeviceSignatures(ctx context.Context, req *api.PerformUploadDeviceSignaturesRequest, res *api.PerformUploadDeviceSignaturesResponse) {
-	/*
-		for targetUserID, forTarget := range req.Signatures {
-			for targetID, signable := range forTarget {
-				// Work out which type of thingy it is.
+	selfSignatures := map[string]map[gomatrixserverlib.KeyID]gomatrixserverlib.CrossSigningForKeyOrDevice{}
+	otherSignatures := map[string]map[gomatrixserverlib.KeyID]gomatrixserverlib.CrossSigningForKeyOrDevice{}
 
-
-				switch obj := signable.(type) {
-				case *gomatrixserverlib.CrossSigningForKey: // signing a key
-					// Check to see if we know about the target user ID and key ID. If we
-					// don't then we'll just drop the signatures.
-					keys, err := a.DB.CrossSigningKeysForUser(ctx, targetUserID)
-					if err != nil {
-						continue
+	for userID, forUserID := range req.Signatures {
+		for keyID, keyOrDevice := range forUserID {
+			switch key := keyOrDevice.CrossSigningBody.(type) {
+			case *gomatrixserverlib.CrossSigningForKey:
+				if key.UserID == req.UserID {
+					if _, ok := selfSignatures[userID]; !ok {
+						selfSignatures[userID] = map[gomatrixserverlib.KeyID]gomatrixserverlib.CrossSigningForKeyOrDevice{}
 					}
-					foundMatchingKey := false
-					for _, key := range keys {
-						if key.Encode() == targetID {
-							foundMatchingKey = true
-						}
+					selfSignatures[userID][keyID] = keyOrDevice
+				} else {
+					if _, ok := selfSignatures[userID]; !ok {
+						otherSignatures[userID] = map[gomatrixserverlib.KeyID]gomatrixserverlib.CrossSigningForKeyOrDevice{}
 					}
-					if !foundMatchingKey {
-						continue
-					}
-
-					for originUserID, forOriginUserID := range obj.Signatures {
-						for originKeyID, signature := range forOriginUserID {
-							// TODO: check signatures
-
-							err := a.DB.StoreCrossSigningSigsForTarget(ctx, originUserID, originKeyID, targetUserID, gomatrixserverlib.KeyID(targetID), signature)
-							if err != nil {
-								res.Error = &api.KeyError{
-									Err: "Failed to store cross-signing keys for target: " + err.Error(),
-								}
-								return
-							}
-						}
-					}
-
-				case *gomatrixserverlib.CrossSigningForDevice: // signing a device
-					// TODO: signatures for devices
-					continue
-
-				default:
-					res.Error = &api.KeyError{
-						Err: "Found an unexpected item type",
-					}
-					return
+					otherSignatures[userID][keyID] = keyOrDevice
 				}
+
+			case *gomatrixserverlib.CrossSigningForDevice:
+				if key.UserID == req.UserID {
+					if _, ok := selfSignatures[userID]; !ok {
+						selfSignatures[userID] = map[gomatrixserverlib.KeyID]gomatrixserverlib.CrossSigningForKeyOrDevice{}
+					}
+					selfSignatures[userID][keyID] = keyOrDevice
+				} else {
+					if _, ok := selfSignatures[userID]; !ok {
+						otherSignatures[userID] = map[gomatrixserverlib.KeyID]gomatrixserverlib.CrossSigningForKeyOrDevice{}
+					}
+					otherSignatures[userID][keyID] = keyOrDevice
+				}
+
+			default:
+				continue
 			}
 		}
-	*/
+	}
+
+	if err := a.processSelfSignatures(ctx, req.UserID, selfSignatures); err != nil {
+		res.Error = &api.KeyError{
+			Err: fmt.Sprintf("a.processSelfSignatures: %s", err),
+		}
+		return
+	}
+
+	if err := a.processOtherSignatures(ctx, req.UserID, otherSignatures); err != nil {
+		res.Error = &api.KeyError{
+			Err: fmt.Sprintf("a.processOtherSignatures: %s", err),
+		}
+		return
+	}
+
 	res.Error = &api.KeyError{
 		Err: "Not supported yet",
 	}
 }
 
+func (a *KeyInternalAPI) processSelfSignatures(
+	ctx context.Context, userID string,
+	signatures map[string]map[gomatrixserverlib.KeyID]gomatrixserverlib.CrossSigningForKeyOrDevice,
+) error {
+	// Here we will process:
+	// * The user signing their own devices using their self-signing key
+	// * The user signing their master key using one of their devices
+
+	return nil
+}
+
+func (a *KeyInternalAPI) processOtherSignatures(
+	ctx context.Context, userID string,
+	signatures map[string]map[gomatrixserverlib.KeyID]gomatrixserverlib.CrossSigningForKeyOrDevice,
+) error {
+	// Here we will process:
+	// * A user signing someone else's master keys using their user-signing keys
+
+	return nil
+}
+
 func (a *KeyInternalAPI) crossSigningKeys(
 	ctx context.Context, req *api.QueryKeysRequest, res *api.QueryKeysResponse,
 ) error {