Only accept MSK signatures, update unit test to validate

matrix-org · Jul 25, 2022 · dda6477 · dda6477
1 parent ede5a03
commit dda6477
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 22 deletions.
diff --git a/MatrixSDK/Crypto/KeyBackup/MXKeyBackup.m b/MatrixSDK/Crypto/KeyBackup/MXKeyBackup.m
@@ -1143,24 +1143,28 @@ - (MXKeyBackupVersionTrust *)trustForKeyBackupVersionFromCryptoQueue:(MXKeyBacku
                 signature.valid = valid;
                 [signatures addObject:signature];
             }
-            else // Try interpreting it as the MSK public key
+            else if ([deviceId isEqualToString:crypto.crossSigning.myUserCrossSigningKeys.masterKeys.keys])
             {
                 NSError *error;
                 BOOL valid = [crypto.crossSigning.crossSigningTools pkVerifyObject:authData.JSONDictionary userId:myUserId publicKey:deviceId error:&error];
 
                 if (!valid)
                 {
-                    MXLogDebug(@"[MXKeyBackup] trustForKeyBackupVersion: Signature with unknown key %@", deviceId);
+                    MXLogDebug(@"[MXKeyBackup] trustForKeyBackupVersion: Signature with cross-signing master key is invalid");
                 }
                 else
                 {
                     keyBackupVersionTrust.usable = YES;
-
-                    MXKeyBackupVersionTrustSignature *signature = [MXKeyBackupVersionTrustSignature new];
-                    signature.keys = deviceId;
-                    signature.valid = valid;
-                    [signatures addObject:signature];
                 }
+
+                MXKeyBackupVersionTrustSignature *signature = [MXKeyBackupVersionTrustSignature new];
+                signature.keys = deviceId;
+                signature.valid = valid;
+                [signatures addObject:signature];
+            }
+            else
+            {
+                MXLogDebug(@"[MXKeyBackup] trustForKeyBackupVersion: Signature with unknown key %@", deviceId);
             }
         }
     }

diff --git a/MatrixSDKTests/MXCryptoBackupTests.m b/MatrixSDKTests/MXCryptoBackupTests.m
@@ -515,9 +515,9 @@ - (void)testTrustForKeyBackupVersion
 // - Alice and Bob have messages in a room
 // - Alice has cross-signing enabled
 // - Alice creates a backup
+// - Modify the backup to remove all signatures other than the MSK so we know that the MSK alone is enough for the device to be trusted
 // - Check the returned MXKeyBackupVersion is trusted
-// -> It must be trusted by 2 entities
-// -> Trusted by her device
+// -> It must be trusted by 1 entities
 // -> Trusted by her MSK
 - (void)testCrossSigningMSKTrustForKeyBackupVersion
 {
@@ -530,26 +530,28 @@ - (void)testCrossSigningMSKTrustForKeyBackupVersion
             // - Alice creates a backup
             [aliceSession.crypto.backup prepareKeyBackupVersionWithPassword:nil success:^(MXMegolmBackupCreationInfo *keyBackupCreationInfo) {
                 [aliceSession.crypto.backup createKeyBackupVersion:keyBackupCreationInfo success:^(MXKeyBackupVersion *keyBackupVersion) {
+                    // De-serialize the authData, find the MSK signature, remove all other signatures from the authData, serialize it back in
+                    MXMegolmBackupAuthData *authData = [MXMegolmBackupAuthData modelFromJSON:keyBackupVersion.authData];
+                    NSString *myMSKSignatureKey = [NSString stringWithFormat:@"ed25519:%@", aliceSession.crypto.crossSigning.myUserCrossSigningKeys.masterKeys.keys];
+                    authData.signatures = @{
+                        aliceSession.myUserId: @{
+                            myMSKSignatureKey: authData.signatures[aliceSession.myUserId][myMSKSignatureKey]
+                        }
+                    };
+                    keyBackupVersion.authData = [authData JSONDictionary];
 
                     // - Check the returned MXKeyBackupVersion is trusted
                     [aliceSession.crypto.backup trustForKeyBackupVersion:keyBackupVersion onComplete:^(MXKeyBackupVersionTrust *keyBackupVersionTrust) {
-
-                        // -> It must be trusted by 2 entities
+                        // -> It must be trusted by 1 entity
                         XCTAssertNotNil(keyBackupVersionTrust);
                         XCTAssertTrue(keyBackupVersionTrust.usable);
-                        XCTAssertEqual(keyBackupVersionTrust.signatures.count, 2);
+                        XCTAssertEqual(keyBackupVersionTrust.signatures.count, 1);
 
                         [keyBackupVersionTrust.signatures enumerateObjectsUsingBlock:^(MXKeyBackupVersionTrustSignature *signature, NSUInteger idx, BOOL *stop) {
-                            if (signature.keys) {
-                                // Check if valid MSK signature
-                                XCTAssertTrue(signature.valid);
-                                XCTAssertEqualObjects(signature.keys, aliceSession.crypto.crossSigning.myUserCrossSigningKeys.masterKeys.keys);
-                            } else {
-                                // Check if valid device signature
-                                XCTAssertTrue(signature.valid);
-                                XCTAssertEqualObjects(signature.deviceId, aliceSession.matrixRestClient.credentials.deviceId);
-                                XCTAssertEqualObjects(signature.device.deviceId, aliceSession.matrixRestClient.credentials.deviceId);
-                            }
+                            // Check if valid MSK signature
+                            XCTAssertNotNil(signature.keys);
+                            XCTAssertTrue(signature.valid);
+                            XCTAssertEqualObjects(signature.keys, aliceSession.crypto.crossSigning.myUserCrossSigningKeys.masterKeys.keys);
                         }];
 
                         [expectation fulfill];