From c3966f501c5dbb495ca4ef8c044fac7049645594 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20K=C3=B6sters?= Date: Mon, 10 Jul 2023 23:10:27 +0200 Subject: [PATCH 1/2] fix: nheko e2ee verification bug --- src/api/client_server/keys.rs | 12 ------------ src/database/key_value/users.rs | 1 - 2 files changed, 13 deletions(-) diff --git a/src/api/client_server/keys.rs b/src/api/client_server/keys.rs index ba89ece0..21f71b6d 100644 --- a/src/api/client_server/keys.rs +++ b/src/api/client_server/keys.rs @@ -151,18 +151,6 @@ pub async fn upload_signatures_route( let key = serde_json::to_value(key) .map_err(|_| Error::BadRequest(ErrorKind::InvalidParam, "Invalid key JSON"))?; - let is_signed_key = match key.get("usage") { - Some(usage) => usage - .as_array() - .map(|usage| !usage.contains(&json!("master"))) - .unwrap_or(false), - None => true, - }; - - if !is_signed_key { - continue; - } - for signature in key .get("signatures") .ok_or(Error::BadRequest( diff --git a/src/database/key_value/users.rs b/src/database/key_value/users.rs index 1cabab0e..359a0724 100644 --- a/src/database/key_value/users.rs +++ b/src/database/key_value/users.rs @@ -592,7 +592,6 @@ impl service::users::Data for KeyValueDatabase { &serde_json::to_vec(&cross_signing_key).expect("CrossSigningKey::to_vec always works"), )?; - // TODO: Should we notify about this change? self.mark_device_key_update(target_id)?; Ok(()) From 24402312c58855679ccfe58b0d3d27ae041b4336 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20K=C3=B6sters?= Date: Sat, 15 Jul 2023 23:43:25 +0200 Subject: [PATCH 2/2] fix: could not verify own events --- src/service/globals/mod.rs | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/src/service/globals/mod.rs b/src/service/globals/mod.rs index 5326b7a9..7d618298 100644 --- a/src/service/globals/mod.rs +++ b/src/service/globals/mod.rs @@ -1,5 +1,6 @@ mod data; pub use data::Data; +use ruma::serde::Base64; use ruma::{ OwnedDeviceId, OwnedEventId, OwnedRoomId, OwnedServerName, OwnedServerSigningKeyId, OwnedUserId, }; @@ -316,7 +317,19 @@ impl Service { &self, origin: &ServerName, ) -> Result> { - self.db.signing_keys_for(origin) + let mut keys = self.db.signing_keys_for(origin)?; + if origin == self.server_name() { + keys.insert( + format!("ed25519:{}", services().globals.keypair().version()) + .try_into() + .expect("found invalid server signing keys in DB"), + VerifyKey { + key: Base64::new(self.keypair.public_key().to_vec()), + }, + ); + } + + Ok(keys) } pub fn database_version(&self) -> Result {