fix: e2ee over federation

2023-07-16 16:50:03 +02:00 · 2023-07-16 16:50:03 +02:00 · a9ba067e77
commit a9ba067e77
parent 24402312c5
7 changed files with 137 additions and 63 deletions
--- a/src/api/client_server/directory.rs
+++ b/src/api/client_server/directory.rs
@ -20,7 +20,6 @@ use ruma::{
            guest_access::{GuestAccess, RoomGuestAccessEventContent},
            history_visibility::{HistoryVisibility, RoomHistoryVisibilityEventContent},
            join_rules::{JoinRule, RoomJoinRulesEventContent},
-            name::RoomNameEventContent,
            topic::RoomTopicEventContent,
        },
        StateEventType,
--- a/src/api/client_server/keys.rs
+++ b/src/api/client_server/keys.rs
@ -311,15 +311,17 @@ pub(crate) async fn get_keys_helper<F: Fn(&UserId) -> bool>(
            }
        }

-        if let Some(master_key) = services()
-            .users
-            .get_master_key(user_id, &allowed_signatures)?
+        if let Some(master_key) =
+            services()
+                .users
+                .get_master_key(sender_user, user_id, &allowed_signatures)?
        {
            master_keys.insert(user_id.to_owned(), master_key);
        }
-        if let Some(self_signing_key) = services()
-            .users
-            .get_self_signing_key(user_id, &allowed_signatures)?
+        if let Some(self_signing_key) =
+            services()
+                .users
+                .get_self_signing_key(sender_user, user_id, &allowed_signatures)?
        {
            self_signing_keys.insert(user_id.to_owned(), self_signing_key);
        }
@ -357,7 +359,25 @@ pub(crate) async fn get_keys_helper<F: Fn(&UserId) -> bool>(
    while let Some((server, response)) = futures.next().await {
        match response {
            Ok(response) => {
-                master_keys.extend(response.master_keys);
+                for (user, masterkey) in response.master_keys {
+                    let (master_key_id, mut master_key) =
+                        services().users.parse_master_key(&user, &masterkey)?;
+
+                    if let Some(our_master_key) = services().users.get_key(
+                        &master_key_id,
+                        sender_user,
+                        &user,
+                        &allowed_signatures,
+                    )? {
+                        let (_, our_master_key) =
+                            services().users.parse_master_key(&user, &our_master_key)?;
+                        master_key.signatures.extend(our_master_key.signatures);
+                    }
+                    let json = serde_json::to_value(master_key).expect("to_value always works");
+                    let raw = serde_json::from_value(json).expect("Raw::from_value always works");
+                    master_keys.insert(user, raw);
+                }
+
                self_signing_keys.extend(response.self_signing_keys);
                device_keys.extend(response.device_keys);
            }
--- a/src/api/server_server.rs
+++ b/src/api/server_server.rs
@ -1806,12 +1806,14 @@ pub async fn get_devices_route(
                })
            })
            .collect(),
-        master_key: services()
-            .users
-            .get_master_key(&body.user_id, &|u| u.server_name() == sender_servername)?,
+        master_key: services().users.get_master_key(None, &body.user_id, &|u| {
+            u.server_name() == sender_servername
+        })?,
        self_signing_key: services()
            .users
-            .get_self_signing_key(&body.user_id, &|u| u.server_name() == sender_servername)?,
+            .get_self_signing_key(None, &body.user_id, &|u| {
+                u.server_name() == sender_servername
+            })?,
    })
 }