mirror of
https://github.com/Nheko-Reborn/nheko.git
synced 2024-11-22 11:00:48 +03:00
Upload cross-signing signatures after verification
This commit is contained in:
parent
7b46aa2a6e
commit
9413f5b8e5
1 changed files with 57 additions and 2 deletions
|
@ -275,11 +275,66 @@ DeviceVerificationFlow::DeviceVerificationFlow(QObject *,
|
||||||
req.signatures[utils::localUser().toStdString()]
|
req.signatures[utils::localUser().toStdString()]
|
||||||
[master_key.keys.at(mac.first)] =
|
[master_key.keys.at(mac.first)] =
|
||||||
master_key;
|
master_key;
|
||||||
|
} else if (mac.first ==
|
||||||
|
"ed25519:" + this->deviceId.toStdString()) {
|
||||||
|
// Sign their device key with self signing key
|
||||||
|
|
||||||
|
auto device_id = this->deviceId.toStdString();
|
||||||
|
|
||||||
|
if (their_keys.device_keys.count(device_id)) {
|
||||||
|
json j =
|
||||||
|
their_keys.device_keys.at(device_id);
|
||||||
|
j.erase("signatures");
|
||||||
|
j.erase("unsigned");
|
||||||
|
|
||||||
|
auto secret = cache::secret(
|
||||||
|
mtx::secret_storage::secrets::
|
||||||
|
cross_signing_self_signing);
|
||||||
|
if (!secret)
|
||||||
|
continue;
|
||||||
|
auto ssk =
|
||||||
|
mtx::crypto::PkSigning::from_seed(
|
||||||
|
*secret);
|
||||||
|
|
||||||
|
mtx::crypto::DeviceKeys dev = j;
|
||||||
|
dev.signatures
|
||||||
|
[utils::localUser().toStdString()]
|
||||||
|
["ed25519:" + ssk.public_key()] =
|
||||||
|
ssk.sign(j.dump());
|
||||||
|
|
||||||
|
req.signatures[utils::localUser()
|
||||||
|
.toStdString()]
|
||||||
|
[device_id] = dev;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// TODO(Nico): Sign their device key with self signing key
|
|
||||||
} else {
|
} else {
|
||||||
// TODO(Nico): Sign their master key with user signing key
|
// Sign their master key with user signing key
|
||||||
|
for (const auto &mac : msg.mac) {
|
||||||
|
if (their_keys.master_keys.keys.count(mac.first)) {
|
||||||
|
json j = their_keys.master_keys;
|
||||||
|
j.erase("signatures");
|
||||||
|
j.erase("unsigned");
|
||||||
|
|
||||||
|
auto secret =
|
||||||
|
cache::secret(mtx::secret_storage::secrets::
|
||||||
|
cross_signing_user_signing);
|
||||||
|
if (!secret)
|
||||||
|
continue;
|
||||||
|
auto usk =
|
||||||
|
mtx::crypto::PkSigning::from_seed(*secret);
|
||||||
|
|
||||||
|
mtx::crypto::CrossSigningKeys master_key = j;
|
||||||
|
master_key
|
||||||
|
.signatures[utils::localUser().toStdString()]
|
||||||
|
["ed25519:" + usk.public_key()] =
|
||||||
|
usk.sign(j.dump());
|
||||||
|
|
||||||
|
req.signatures[toClient.to_string()]
|
||||||
|
[master_key.keys.at(mac.first)] =
|
||||||
|
master_key;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!req.signatures.empty()) {
|
if (!req.signatures.empty()) {
|
||||||
|
|
Loading…
Reference in a new issue