dendrite/keyserver
Neil Alexander 5306c73b00
Fix bug when uploading device signatures (#2377)
* Find the complete key ID when uploading signatures

* Try that again

* Try splitting the right thing

* Don't do it for device keys

* Refactor `QuerySignatures`

* Revert "Refactor `QuerySignatures`"

This reverts commit c02832a3e92569f64f180dec1555056dc8f8c3e3.

* Both requested key IDs and master/self/user keys

* Fix uniqueness

* Try tweaking GMSL

* Update GMSL again

* Revert "Update GMSL again"

This reverts commit bd6916cc379dd8d9e3f38d979c6550bd658938aa.

* Revert "Try tweaking GMSL"

This reverts commit 2a054524da9d64c6a2a5228262fbba5fde28798c.

* Database migrations
2022-04-26 13:08:54 +01:00
..
api Remove eduserver (#2306) 2022-03-29 14:14:35 +02:00
internal Fix bug when uploading device signatures (#2377) 2022-04-26 13:08:54 +01:00
inthttp Delete device keys/signatures from key server when deleting devices (#1979) 2021-08-18 12:07:09 +01:00
producers Remove eduserver (#2306) 2022-03-29 14:14:35 +02:00
storage Fix bug when uploading device signatures (#2377) 2022-04-26 13:08:54 +01:00
types Remove sarama/saramajetstream dependencies (#2138) 2022-02-04 13:08:13 +00:00
keyserver.go Per-room consumers (#2293) 2022-03-23 10:20:18 +00:00
README.md Add boilerplate for key server APIs (#1196) 2020-07-13 16:02:35 +01:00

Key Server

This is an internal component which manages E2E keys from clients. It handles all the Key Management APIs with the exception of /keys/changes which is handled by Sync API. This component is designed to shard by user ID.

Keys are uploaded and stored in this component, and key changes are emitted to a Kafka topic for downstream components such as Sync API.

Internal APIs

  • PerformUploadKeys stores identity keys and one-time public keys for given user(s).
  • PerformClaimKeys acquires one-time public keys for given user(s). This may involve outbound federation calls.
  • QueryKeys returns identity keys for given user(s). This may involve outbound federation calls. This component may then cache federated identity keys to avoid repeatedly hitting remote servers.
  • A topic which emits identity keys every time there is a change (addition or deletion).

### Endpoint mappings

  • Client API maps /keys/upload to PerformUploadKeys.
  • Client API maps /keys/query to QueryKeys.
  • Client API maps /keys/claim to PerformClaimKeys.
  • Federation API maps /user/keys/query to QueryKeys.
  • Federation API maps /user/keys/claim to PerformClaimKeys.
  • Sync API maps /keys/changes to consuming from the Kafka topic.