From 5de8d0a4bc9744327703c1613fc5ac3f232f44a8 Mon Sep 17 00:00:00 2001
From: Alexey Rusakov <Kitsune-Ral@users.sf.net>
Date: Wed, 22 Jun 2022 21:36:43 +0200
Subject: Fix signature verification

toJson(SignedOneTimeKey) incorrectly generated a "signatures" key
mapped to an empty object when no signatures were in the C++ value.

Also: fallback keys have an additional flag that also has to be taken
into account when verifying signatures.
---
 lib/e2ee/e2ee.h | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/e2ee/e2ee.h b/lib/e2ee/e2ee.h
index 234d4bcb..aba795a4 100644
--- a/lib/e2ee/e2ee.h
+++ b/lib/e2ee/e2ee.h
@@ -89,6 +89,8 @@ public:
     //! Required. Signatures of the key object.
     //! The signature is calculated using the process described at Signing JSON.
     QHash<QString, QHash<QString, QString>> signatures;
+
+    bool fallback = false;
 };
 
 template <>
@@ -97,12 +99,14 @@ struct JsonObjectConverter<SignedOneTimeKey> {
     {
         fromJson(jo.value("key"_ls), result.key);
         fromJson(jo.value("signatures"_ls), result.signatures);
+        fromJson(jo.value("fallback"_ls), result.fallback);
     }
 
     static void dumpTo(QJsonObject &jo, const SignedOneTimeKey &result)
     {
-        addParam<>(jo, QStringLiteral("key"), result.key);
-        addParam<>(jo, QStringLiteral("signatures"), result.signatures);
+        addParam<>(jo, "key"_ls, result.key);
+        addParam<IfNotEmpty>(jo, "signatures"_ls, result.signatures);
+        addParam<IfNotEmpty>(jo, "key"_ls, result.fallback);
     }
 };
 
-- 
cgit v1.2.3