Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Include cross-signing signatures when syncing remote devices for the first time #11234

Merged
merged 7 commits into from
Nov 9, 2021
Merged

Include cross-signing signatures when syncing remote devices for the first time #11234

Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
a1a07c4
Factor out 'do_remote_query'
erikjohnston Nov 2, 2021
93f1892
Add cross signing keys to result
erikjohnston Nov 2, 2021
b5e5a69
Add test
erikjohnston Nov 2, 2021
ec41579
Newsfile
erikjohnston Nov 2, 2021
8fe1670
Update synapse/handlers/e2e_keys.py
erikjohnston Nov 2, 2021
f59ced2
Update docstring
erikjohnston Nov 5, 2021
0d9abc5
Apply suggestions from code review
erikjohnston Nov 9, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
150 changes: 150 additions & 0 deletions tests/handlers/test_e2e_keys.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@

from signedjson import key as key, sign as sign

from twisted.internet import defer

from synapse.api.constants import RoomEncryptionAlgorithms
from synapse.api.errors import Codes, SynapseError

Expand Down Expand Up @@ -630,3 +632,151 @@ def test_upload_signatures(self):
],
other_master_key["signatures"][local_user]["ed25519:" + usersigning_pubkey],
)

def test_query_devices_remote_no_sync(self):
"""Tests that querying keys for a remote user that we don't share a room
with returns the cross signing keys correctly.
"""

remote_user_id = "@test:other"
local_user_id = "@test:test"

remote_master_key = "85T7JXPFBAySB/jwby4S3lBPTqY3+Zg53nYuGmu1ggY"
remote_self_signing_key = "QeIiFEjluPBtI7WQdG365QKZcFs9kqmHir6RBD0//nQ"

self.hs.get_federation_client().query_client_keys = mock.Mock(
return_value=defer.succeed(
anoadragon453 marked this conversation as resolved.
Show resolved Hide resolved
{
"device_keys": {remote_user_id: {}},
"master_keys": {
remote_user_id: {
"user_id": remote_user_id,
"usage": ["master"],
"keys": {"ed25519:" + remote_master_key: remote_master_key},
},
},
"self_signing_keys": {
remote_user_id: {
"user_id": remote_user_id,
"usage": ["self_signing"],
"keys": {
"ed25519:"
+ remote_self_signing_key: remote_self_signing_key
},
}
},
}
)
)

e2e_handler = self.hs.get_e2e_keys_handler()

query_result = self.get_success(
e2e_handler.query_devices(
{
"device_keys": {remote_user_id: []},
},
timeout=10,
from_user_id=local_user_id,
from_device_id="some_device_id",
)
)

self.assertEqual(query_result["failures"], {})
self.assertEqual(
query_result["master_keys"],
{
remote_user_id: {
"user_id": remote_user_id,
"usage": ["master"],
"keys": {"ed25519:" + remote_master_key: remote_master_key},
},
},
)
self.assertEqual(
query_result["self_signing_keys"],
{
remote_user_id: {
"user_id": remote_user_id,
"usage": ["self_signing"],
"keys": {
"ed25519:" + remote_self_signing_key: remote_self_signing_key
},
}
},
)

def test_query_devices_remote_sync(self):
"""Tests that querying keys for a remote user that we don't share a room
with returns the cross signing keys correctly.
erikjohnston marked this conversation as resolved.
Show resolved Hide resolved
"""

remote_user_id = "@test:other"
local_user_id = "@test:test"

self.store.get_rooms_for_user = mock.Mock(
return_value=defer.succeed({"some_room_id"})
)

remote_master_key = "85T7JXPFBAySB/jwby4S3lBPTqY3+Zg53nYuGmu1ggY"
remote_self_signing_key = "QeIiFEjluPBtI7WQdG365QKZcFs9kqmHir6RBD0//nQ"

self.hs.get_federation_client().query_user_devices = mock.Mock(
return_value=defer.succeed(
{
"user_id": remote_user_id,
"stream_id": 1,
"devices": [],
"master_key": {
"user_id": remote_user_id,
"usage": ["master"],
"keys": {"ed25519:" + remote_master_key: remote_master_key},
},
"self_signing_key": {
"user_id": remote_user_id,
"usage": ["self_signing"],
"keys": {
"ed25519:"
+ remote_self_signing_key: remote_self_signing_key
},
},
}
)
)

e2e_handler = self.hs.get_e2e_keys_handler()

query_result = self.get_success(
e2e_handler.query_devices(
{
"device_keys": {remote_user_id: []},
},
timeout=10,
from_user_id=local_user_id,
from_device_id="some_device_id",
)
)

self.assertEqual(query_result["failures"], {})
self.assertEqual(
query_result["master_keys"],
{
remote_user_id: {
"user_id": remote_user_id,
"usage": ["master"],
"keys": {"ed25519:" + remote_master_key: remote_master_key},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems odd to me that we duplicate key contents here, but that does seem to be what the example spec says for the most part: https://spec.matrix.org/unstable/server-server-api/#get_matrixfederationv1userdevicesuserid

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤷

}
},
)
self.assertEqual(
query_result["self_signing_keys"],
{
remote_user_id: {
"user_id": remote_user_id,
"usage": ["self_signing"],
"keys": {
"ed25519:" + remote_self_signing_key: remote_self_signing_key
},
}
},
)