rnhmjoj/nheko
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Properly verify OTK signature

Browse Source
This commit is contained in:
Nicolas Werner 2021-07-25 14:10:38 +02:00
parent 8444683271
commit 8b3d0c14d0
No known key found for this signature in database
GPG Key ID: C8D75E610773F2D9
1 changed files with 26 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/Olm.cpp
View File

@ -1208,22 +1208,40 @@ send_encrypted_to_device_messages(const std::map<std::string, std::vector<std::s
continue; continue;
} }
// TODO: Verify signatures
auto otk = rd.second.begin()->at("key"); auto otk = rd.second.begin()->at("key");
auto id_key = pks.at(user_id).at(device_id).curve25519; auto sign_key = pks.at(user_id).at(device_id).ed25519;
auto id_key = pks.at(user_id).at(device_id).curve25519;
// Verify signature
{
auto signedKey = *rd.second.begin();
std::string signature =
signedKey["signatures"][user_id].value(
"ed25519:" + device_id, "");
if (signature.empty() ||
!mtx::crypto::ed25519_verify_signature(
sign_key, signedKey, signature)) {
nhlog::net()->warn(
"Skipping device {} as its one time key "
"has an invalid signature.",
device_id);
continue;
}
}
auto session = auto session =
olm::client()->create_outbound_session(id_key, otk); olm::client()->create_outbound_session(id_key, otk);
messages[mtx::identifiers::parse<mtx::identifiers::User>( messages[mtx::identifiers::parse<mtx::identifiers::User>(
user_id)][device_id] = user_id)][device_id] =
olm::client() olm::client()
->create_olm_encrypted_content( ->create_olm_encrypted_content(session.get(),
session.get(), ev_json,
ev_json, UserId(user_id),
UserId(user_id), sign_key,
pks.at(user_id).at(device_id).ed25519, id_key)
id_key)
.get<mtx::events::msg::OlmEncrypted>(); .get<mtx::events::msg::OlmEncrypted>();
try { try {