Check for changes in PerformUploadDeviceKeys (#2233)

* Don't generate key change notifs if nothing changed on cross-signing upload

* Check both directions of changes
This commit is contained in:
Neil Alexander 2022-03-01 11:00:54 +00:00 committed by GitHub
parent a23fda6626
commit 58bf91a585
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -166,26 +166,53 @@ func (a *KeyInternalAPI) PerformUploadDeviceKeys(ctx context.Context, req *api.P
} }
// We can't have a self-signing or user-signing key without a master // We can't have a self-signing or user-signing key without a master
// key, so make sure we have one of those. // key, so make sure we have one of those. We will also only actually do
if !hasMasterKey { // something if any of the specified keys in the request are different
existingKeys, err := a.DB.CrossSigningKeysDataForUser(ctx, req.UserID) // to what we've got in the database, to avoid generating key change
if err != nil { // notifications unnecessarily.
res.Error = &api.KeyError{ existingKeys, err := a.DB.CrossSigningKeysDataForUser(ctx, req.UserID)
Err: "Retrieving cross-signing keys from database failed: " + err.Error(), if err != nil {
} res.Error = &api.KeyError{
return Err: "Retrieving cross-signing keys from database failed: " + err.Error(),
} }
return
_, hasMasterKey = existingKeys[gomatrixserverlib.CrossSigningKeyPurposeMaster]
} }
// If we still can't find a master key for the user then stop the upload. // If we still can't find a master key for the user then stop the upload.
// This satisfies the "Fails to upload self-signing key without master key" test. // This satisfies the "Fails to upload self-signing key without master key" test.
if !hasMasterKey { if !hasMasterKey {
res.Error = &api.KeyError{ if _, hasMasterKey = existingKeys[gomatrixserverlib.CrossSigningKeyPurposeMaster]; !hasMasterKey {
Err: "No master key was found", res.Error = &api.KeyError{
IsMissingParam: true, Err: "No master key was found",
IsMissingParam: true,
}
return
} }
}
// Check if anything actually changed compared to what we have in the database.
changed := false
for _, purpose := range []gomatrixserverlib.CrossSigningKeyPurpose{
gomatrixserverlib.CrossSigningKeyPurposeMaster,
gomatrixserverlib.CrossSigningKeyPurposeSelfSigning,
gomatrixserverlib.CrossSigningKeyPurposeUserSigning,
} {
old, gotOld := existingKeys[purpose]
new, gotNew := toStore[purpose]
if gotOld != gotNew {
// A new key purpose has been specified that we didn't know before,
// or one has been removed.
changed = true
break
}
if !bytes.Equal(old, new) {
// One of the existing keys for a purpose we already knew about has
// changed.
changed = true
break
}
}
if !changed {
return return
} }