From dda6477c0507d340a91c3da4eb9a0d59e6ab5209 Mon Sep 17 00:00:00 2001 From: Brad Murray Date: Mon, 25 Jul 2022 16:22:22 -0400 Subject: [PATCH] Only accept MSK signatures, update unit test to validate --- MatrixSDK/Crypto/KeyBackup/MXKeyBackup.m | 18 +++++++------ MatrixSDKTests/MXCryptoBackupTests.m | 32 +++++++++++++----------- 2 files changed, 28 insertions(+), 22 deletions(-) diff --git a/MatrixSDK/Crypto/KeyBackup/MXKeyBackup.m b/MatrixSDK/Crypto/KeyBackup/MXKeyBackup.m index 69bfe7a6ab..3de97e2942 100644 --- a/MatrixSDK/Crypto/KeyBackup/MXKeyBackup.m +++ b/MatrixSDK/Crypto/KeyBackup/MXKeyBackup.m @@ -1143,24 +1143,28 @@ - (MXKeyBackupVersionTrust *)trustForKeyBackupVersionFromCryptoQueue:(MXKeyBacku signature.valid = valid; [signatures addObject:signature]; } - else // Try interpreting it as the MSK public key + else if ([deviceId isEqualToString:crypto.crossSigning.myUserCrossSigningKeys.masterKeys.keys]) { NSError *error; BOOL valid = [crypto.crossSigning.crossSigningTools pkVerifyObject:authData.JSONDictionary userId:myUserId publicKey:deviceId error:&error]; if (!valid) { - MXLogDebug(@"[MXKeyBackup] trustForKeyBackupVersion: Signature with unknown key %@", deviceId); + MXLogDebug(@"[MXKeyBackup] trustForKeyBackupVersion: Signature with cross-signing master key is invalid"); } else { keyBackupVersionTrust.usable = YES; - - MXKeyBackupVersionTrustSignature *signature = [MXKeyBackupVersionTrustSignature new]; - signature.keys = deviceId; - signature.valid = valid; - [signatures addObject:signature]; } + + MXKeyBackupVersionTrustSignature *signature = [MXKeyBackupVersionTrustSignature new]; + signature.keys = deviceId; + signature.valid = valid; + [signatures addObject:signature]; + } + else + { + MXLogDebug(@"[MXKeyBackup] trustForKeyBackupVersion: Signature with unknown key %@", deviceId); } } } diff --git a/MatrixSDKTests/MXCryptoBackupTests.m b/MatrixSDKTests/MXCryptoBackupTests.m index e5499f9725..cc129ef101 100644 --- a/MatrixSDKTests/MXCryptoBackupTests.m +++ b/MatrixSDKTests/MXCryptoBackupTests.m @@ -515,9 +515,9 @@ - (void)testTrustForKeyBackupVersion // - Alice and Bob have messages in a room // - Alice has cross-signing enabled // - Alice creates a backup +// - Modify the backup to remove all signatures other than the MSK so we know that the MSK alone is enough for the device to be trusted // - Check the returned MXKeyBackupVersion is trusted -// -> It must be trusted by 2 entities -// -> Trusted by her device +// -> It must be trusted by 1 entities // -> Trusted by her MSK - (void)testCrossSigningMSKTrustForKeyBackupVersion { @@ -530,26 +530,28 @@ - (void)testCrossSigningMSKTrustForKeyBackupVersion // - Alice creates a backup [aliceSession.crypto.backup prepareKeyBackupVersionWithPassword:nil success:^(MXMegolmBackupCreationInfo *keyBackupCreationInfo) { [aliceSession.crypto.backup createKeyBackupVersion:keyBackupCreationInfo success:^(MXKeyBackupVersion *keyBackupVersion) { + // De-serialize the authData, find the MSK signature, remove all other signatures from the authData, serialize it back in + MXMegolmBackupAuthData *authData = [MXMegolmBackupAuthData modelFromJSON:keyBackupVersion.authData]; + NSString *myMSKSignatureKey = [NSString stringWithFormat:@"ed25519:%@", aliceSession.crypto.crossSigning.myUserCrossSigningKeys.masterKeys.keys]; + authData.signatures = @{ + aliceSession.myUserId: @{ + myMSKSignatureKey: authData.signatures[aliceSession.myUserId][myMSKSignatureKey] + } + }; + keyBackupVersion.authData = [authData JSONDictionary]; // - Check the returned MXKeyBackupVersion is trusted [aliceSession.crypto.backup trustForKeyBackupVersion:keyBackupVersion onComplete:^(MXKeyBackupVersionTrust *keyBackupVersionTrust) { - - // -> It must be trusted by 2 entities + // -> It must be trusted by 1 entity XCTAssertNotNil(keyBackupVersionTrust); XCTAssertTrue(keyBackupVersionTrust.usable); - XCTAssertEqual(keyBackupVersionTrust.signatures.count, 2); + XCTAssertEqual(keyBackupVersionTrust.signatures.count, 1); [keyBackupVersionTrust.signatures enumerateObjectsUsingBlock:^(MXKeyBackupVersionTrustSignature *signature, NSUInteger idx, BOOL *stop) { - if (signature.keys) { - // Check if valid MSK signature - XCTAssertTrue(signature.valid); - XCTAssertEqualObjects(signature.keys, aliceSession.crypto.crossSigning.myUserCrossSigningKeys.masterKeys.keys); - } else { - // Check if valid device signature - XCTAssertTrue(signature.valid); - XCTAssertEqualObjects(signature.deviceId, aliceSession.matrixRestClient.credentials.deviceId); - XCTAssertEqualObjects(signature.device.deviceId, aliceSession.matrixRestClient.credentials.deviceId); - } + // Check if valid MSK signature + XCTAssertNotNil(signature.keys); + XCTAssertTrue(signature.valid); + XCTAssertEqualObjects(signature.keys, aliceSession.crypto.crossSigning.myUserCrossSigningKeys.masterKeys.keys); }]; [expectation fulfill];