ircd::m::user::keys: Basis for verification cross-signatures between …

…users.
matrix-construct · May 1, 2023 · b6cb118 · b6cb118
1 parent 7413042
commit b6cb118
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 12 deletions.
diff --git a/include/ircd/m/user/keys.h b/include/ircd/m/user/keys.h
@@ -22,6 +22,7 @@ struct ircd::m::user::keys
 
 	void attach_sigs(json::stack::object &, const json::object &, const user::id &) const;
 	bool attach_sigs(json::stack::object &, const event::idx &, const user::id &) const;
+	void append_sigs(json::stack::object &, const json::object &, const user::id &) const;
 	void append_keys(json::stack::object &, const json::object &, const user::id &) const;
 	bool append_keys(json::stack::object &, const event::idx &, const user::id &) const;
 

diff --git a/matrix/user_keys.cc b/matrix/user_keys.cc
@@ -246,6 +246,7 @@ const
 		};
 
 		attach_sigs(user_sigs, device_keys, user_id);
+
 		const m::room::state state
 		{
 			user_room
@@ -299,12 +300,29 @@ const
 		out, "signatures"
 	};
 
+	// signatures of the key's owner
+	assert(user_room.user.user_id);
+	append_sigs(sigs, device_keys, user_room.user.user_id);
+
+	// signatures of a cross-signer
+	assert(user_id);
+	if(user_id != user_room.user.user_id)
+		append_sigs(sigs, device_keys, user_id);
+}
+
+void
+ircd::m::user::keys::append_sigs(json::stack::object &out,
+                                 const json::object &device_keys,
+                                 const user::id &user_id)
+const
+{
 	json::stack::object user_sigs
 	{
-		sigs, user_id
+		out, user_id
 	};
 
 	attach_sigs(user_sigs, device_keys, user_id);
+
 	const json::object device_keys_keys
 	{
 		device_keys["keys"]
@@ -318,18 +336,18 @@ const
 	state.for_each("ircd.keys.signatures", [this, &user_sigs, &user_id, &device_keys_keys]
 	(const string_view &, const string_view &state_key, const auto &event_idx)
 	{
+		const auto &[target, source]
+		{
+			unmake_sigs_state_key(state_key)
+		};
+
 		for(const auto &[key_id_, key] : device_keys_keys)
 		{
 			const auto &key_id
 			{
 				split(key_id_, ':').second
 			};
 
-			const auto &[target, source]
-			{
-				unmake_sigs_state_key(state_key)
-			};
-
 			if(target != key_id)
 				continue;
 

diff --git a/modules/client/keys/signatures/upload.cc b/modules/client/keys/signatures/upload.cc
@@ -48,19 +48,21 @@ ircd::m::post_keys_signatures_upload(client &client,
 		user::tokens::device(std::nothrow, request.access_token)
 	};
 
-	for(const auto &[user_id, device_keys_] : request)
+	for(const auto &[user_id_, device_keys_] : request)
 	{
-		if(!valid(m::id::USER, user_id))
-			continue;
-
 		const json::object device_keys
 		{
 			device_keys_
 		};
 
+		const m::user::id user_id
+		{
+			user_id_
+		};
+
 		const user::room user_room
 		{
-			user::id{user_id}
+			user_id
 		};
 
 		for(const auto &[tgt_id, keys] : device_keys)
@@ -71,7 +73,7 @@ ircd::m::post_keys_signatures_upload(client &client,
 				user::keys::make_sigs_state_key(state_key_buf, tgt_id, src_dev)
 			};
 
-			send(user_room, user_id, "ircd.keys.signatures", state_key, keys);
+			send(user_room, request.user_id, "ircd.keys.signatures", state_key, keys);
 		}
 	}