|
29 | 29 | => "nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk", |
30 | 30 | }, |
31 | 31 | }, |
32 | | - })->then( sub { |
| 32 | + })->then( sub {#get_media_config_for_user |
33 | 33 | matrix_get_e2e_keys( $user, $user_id ); |
34 | 34 | })->then( sub { |
35 | 35 | my ( $content ) = @_; |
|
587 | 587 |
|
588 | 588 | my $user2_id = $user2->user_id; |
589 | 589 | my $user2_device = $user2->device_id; |
| 590 | + my $user2_device_key_id_hash = "EmkqvokUn8p+vQAGZitOk4PWjp7Ukp3txV2TbMPEiBQ"; |
| 591 | + my $user2_device_key_id = "ed25519:$user2_device_key_id_hash"; |
590 | 592 |
|
591 | 593 | my $room_id; |
592 | 594 |
|
|
597 | 599 | "user_id" => $user2_id, |
598 | 600 | "usage" => ["self_signing"], |
599 | 601 | "keys" => { |
600 | | - "ed25519:EmkqvokUn8p+vQAGZitOk4PWjp7Ukp3txV2TbMPEiBQ" |
601 | | - => "EmkqvokUn8p+vQAGZitOk4PWjp7Ukp3txV2TbMPEiBQ", |
| 602 | + $user2_device_key_id => $user2_device_key_id_hash, |
602 | 603 | }, |
603 | 604 | }; |
604 | 605 | sign_json( |
|
668 | 669 | })->then( sub { |
669 | 670 | sign_json( |
670 | 671 | $device, secret_key => $self_signing_secret_key, |
671 | | - origin => $user2_id, key_id => "ed25519:EmkqvokUn8p+vQAGZitOk4PWjp7Ukp3txV2TbMPEiBQ" |
| 672 | + origin => $user2_id, key_id => $user2_device_key_id |
672 | 673 | ); |
673 | 674 | log_if_fail "sent signature", $device; |
674 | | - $cross_signature = $device->{signatures}->{$user2_id}->{"ed25519:EmkqvokUn8p+vQAGZitOk4PWjp7Ukp3txV2TbMPEiBQ"}; |
| 675 | + $cross_signature = $device->{signatures}->{$user2_id}->{$user2_device_key_id}; |
675 | 676 | matrix_upload_signatures( $user2, { |
676 | 677 | $user2_id => { |
677 | 678 | $user2_device => $device |
|
690 | 691 | # On server0, user1 syncs until they see user2's device. This is racey: the |
691 | 692 | # sync may complete before the signatures have uploaded, propagated over |
692 | 693 | # federation to server 1 and then over replication to the sync worker. |
| 694 | + # |
| 695 | + # Thus we check for the expected signatures inside this function. |
693 | 696 | matrix_get_e2e_keys( $user1, $user2_id )->then( sub { |
694 | 697 | my ( $content ) = @_; |
695 | 698 | log_if_fail "key query content2", $content; |
696 | | - $content->{device_keys}{$user2_id}{$user2_device}{"signatures"} |
| 699 | + my $sigs = $content->{device_keys}{$user2_id}{$user2_device}{"signatures"} |
697 | 700 | or die "No 'signatures' key present"; |
| 701 | + |
| 702 | + exists $sigs->{$user2_id} |
| 703 | + && exists $sigs->{$user2_id}{$user2_device_key_id} |
| 704 | + && $sigs->{$user2_id}{$user2_device_key_id} eq $cross_signature |
| 705 | + or die "Expected cross-signature not visible"; |
| 706 | + |
698 | 707 | Future->done( $content ); |
699 | 708 | }); |
700 | 709 | }; |
|
703 | 712 |
|
704 | 713 | log_if_fail "key query content3", $content; |
705 | 714 |
|
706 | | - # Check that fetching the devices again returns the new signature |
707 | | - assert_json_keys( $content->{device_keys}->{$user2_id}->{$user2_device}, "signatures" ); |
708 | | - |
709 | | - assert_deeply_eq( $content->{device_keys}->{$user2_id}->{$user2_device}->{signatures}, { |
710 | | - $user2_id => { |
711 | | - "ed25519:EmkqvokUn8p+vQAGZitOk4PWjp7Ukp3txV2TbMPEiBQ" => $cross_signature |
712 | | - }, |
713 | | - } ); |
714 | | - |
715 | 715 | # Check that we still see the master key when querying the devices. |
716 | 716 | assert_json_keys( $content->{master_keys}, $user2_id ); |
717 | 717 | assert_json_keys( $content->{master_keys}->{$user2_id}, "keys"); |
|
0 commit comments