diff options
| author | Tobias Fella <fella@posteo.de> | 2021-05-19 23:23:46 +0200 |
|---|---|---|
| committer | Tobias Fella <fella@posteo.de> | 2021-12-01 21:56:11 +0100 |
| commit | 6449f66152396ed539904b0e89d41601aeadf30d (patch) | |
| tree | d7e6910ad9dc40ce4365e861975b706d09f95d86 | |
| parent | f451813f21a76e8c011bbd27f4ded1d31044a572 (diff) | |
| download | libquotient-6449f66152396ed539904b0e89d41601aeadf30d.tar.gz libquotient-6449f66152396ed539904b0e89d41601aeadf30d.zip | |
Verify deviceKeys signatures
| -rw-r--r-- | lib/connection.cpp | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/lib/connection.cpp b/lib/connection.cpp index b87610b7..06b9bcbc 100644 --- a/lib/connection.cpp +++ b/lib/connection.cpp @@ -1855,8 +1855,22 @@ void Connection::Private::loadOutdatedUserDevices() currentQueryKeysJob = nullptr; const auto data = queryKeysJob->deviceKeys(); for(const auto &[user, keys] : asKeyValueRange(data)) { - //TODO Check key signature - deviceKeys[user] = keys; + deviceKeys[user].clear(); + for(const auto &device : keys) { + if(device.userId != user) { + qCWarning(E2EE) << "mxId mismatch during device key verification:" << device.userId << user; + continue; + } + if(!device.algorithms.contains("m.olm.v1.curve25519-aes-sha2") || !device.algorithms.contains("m.megolm.v1.aes-sha2")) { + qCWarning(E2EE) << "Unsupported encryption algorithms found" << device.algorithms; + continue; + } + if(verifyIdentitySignature(device, device.deviceId, device.userId)) { + qCWarning(E2EE) << "Failed to verify devicekeys signature. Skipping this device"; + continue; + } + deviceKeys[user][device.deviceId] = device; + } outdatedUsers -= user; } }); |