Merge #542: Guard against device reuse attacks

1 files changed, 7 insertions, 0 deletions

diff --git a/lib/connection.cpp b/lib/connection.cpp
index 4abb77a5..ae8532c3 100644
--- a/lib/connection.cpp
+++ b/lib/connection.cpp
@@ -1998,6 +1998,7 @@ void Connection::Private::loadOutdatedUserDevices()
         currentQueryKeysJob = nullptr;
         const auto data = queryKeysJob->deviceKeys();
         for(const auto &[user, keys] : asKeyValueRange(data)) {
+            QHash<QString, Quotient::DeviceKeys> oldDevices = deviceKeys[user];
             deviceKeys[user].clear();
             for(const auto &device : keys) {
                 if(device.userId != user) {
@@ -2019,6 +2020,12 @@ void Connection::Private::loadOutdatedUserDevices()
                                        "Skipping this device";
                     continue;
                 }
+                if (oldDevices.contains(device.deviceId)) {
+                    if (oldDevices[device.deviceId].keys["ed25519:" % device.deviceId] != device.keys["ed25519:" % device.deviceId]) {
+                        qCDebug(E2EE) << "Device reuse detected. Skipping this device";
+                        continue;
+                    }
+                }
                 deviceKeys[user][device.deviceId] = device;
             }
             outdatedUsers -= user;