dendrite

mirror of https://github.com/1f349/dendrite.git synced 2024-11-22 11:41:38 +00:00

History

Neil Alexander e95b1fd238 Cross-signing validation for self-sigs, expose signatures over `/user/keys/query` and `/user/devices/{userId}` (#1962 ) * Enable unstable feature again * Try to verify when a device signs a key * Try to verify when a key signs a device * It's the self-signing key, not the master key * Fix error * Try to verify master key uploads * Actually we can't guarantee we can do that so nevermind * Add signatures into /devices/list request * Fix nil pointer * Reprioritise map creation * Don't skip devices that don't have signatures * Add some debug logging * Fix logic error in QuerySignatures * Fix bugs * Expose master and self-signing keys on /devices/list hopefully * maps are tedious * Expose signatures via /keys/query * Upload signatures when uploading keys * Fixes * Disable the feature again		2021-08-06 10:13:35 +01:00
..
api	Cross-signing validation for self-sigs, expose signatures over `/user/keys/query` and `/user/devices/{userId}` (#1962 )	2021-08-06 10:13:35 +01:00
consumers	Cross-signing groundwork (#1953 )	2021-08-04 17:56:29 +01:00
internal	Cross-signing validation for self-sigs, expose signatures over `/user/keys/query` and `/user/devices/{userId}` (#1962 )	2021-08-06 10:13:35 +01:00
inthttp	Cross-signing validation for self-sigs, expose signatures over `/user/keys/query` and `/user/devices/{userId}` (#1962 )	2021-08-06 10:13:35 +01:00
producers	Summarise key change logs (#1278 )	2020-08-18 11:14:37 +01:00
storage	Cross-signing validation for self-sigs, expose signatures over `/user/keys/query` and `/user/devices/{userId}` (#1962 )	2021-08-06 10:13:35 +01:00
types	Cross-signing storage code (#1959 )	2021-08-04 17:31:18 +01:00
keyserver.go	Cross-signing groundwork (#1953 )	2021-08-04 17:56:29 +01:00
README.md	Add boilerplate for key server APIs (#1196 )	2020-07-13 16:02:35 +01:00

README.md

Key Server

This is an internal component which manages E2E keys from clients. It handles all the Key Management APIs with the exception of /keys/changes which is handled by Sync API. This component is designed to shard by user ID.

Keys are uploaded and stored in this component, and key changes are emitted to a Kafka topic for downstream components such as Sync API.

Internal APIs

PerformUploadKeys stores identity keys and one-time public keys for given user(s).
PerformClaimKeys acquires one-time public keys for given user(s). This may involve outbound federation calls.
QueryKeys returns identity keys for given user(s). This may involve outbound federation calls. This component may then cache federated identity keys to avoid repeatedly hitting remote servers.
A topic which emits identity keys every time there is a change (addition or deletion).

### Endpoint mappings

Client API maps /keys/upload to PerformUploadKeys.
Client API maps /keys/query to QueryKeys.
Client API maps /keys/claim to PerformClaimKeys.
Federation API maps /user/keys/query to QueryKeys.
Federation API maps /user/keys/claim to PerformClaimKeys.
Sync API maps /keys/changes to consuming from the Kafka topic.