From 340ab4239a331fa7adcd83af677ff6ba5741b22f Mon Sep 17 00:00:00 2001 From: Toni Spets Date: Mon, 12 Feb 2024 14:00:33 +0200 Subject: [PATCH] Use device signing key to verify interactive verification Remove unnecessary base64 as well. --- crypto/verificationhelper/reciprocate.go | 27 +++++------------------- 1 file changed, 5 insertions(+), 22 deletions(-) diff --git a/crypto/verificationhelper/reciprocate.go b/crypto/verificationhelper/reciprocate.go index e1c5d403..cc1c33e7 100644 --- a/crypto/verificationhelper/reciprocate.go +++ b/crypto/verificationhelper/reciprocate.go @@ -9,7 +9,6 @@ package verificationhelper import ( "bytes" "context" - "encoding/base64" "fmt" "golang.org/x/exp/slices" @@ -60,11 +59,7 @@ func (vh *VerificationHelper) HandleScannedQRData(ctx context.Context, data []by // Verify the master key is correct crossSigningPubkeys := vh.mach.GetOwnCrossSigningPublicKeys(ctx) - crossSigningMasterKeyBytes, err := base64.RawStdEncoding.DecodeString(crossSigningPubkeys.MasterKey.String()) - if err != nil { - return err - } - if bytes.Equal(crossSigningMasterKeyBytes, qrCode.Key1[:]) { + if bytes.Equal(crossSigningPubkeys.MasterKey.Bytes(), qrCode.Key1[:]) { log.Info().Msg("Verified that the other device has the same master key") } else { return fmt.Errorf("the master key does not match") @@ -72,12 +67,8 @@ func (vh *VerificationHelper) HandleScannedQRData(ctx context.Context, data []by // Verify that the device key that the other device things we have is // correct. - myDevice := vh.mach.OwnIdentity() - myDeviceKeyBytes, err := base64.RawStdEncoding.DecodeString(myDevice.IdentityKey.String()) - if err != nil { - return err - } - if bytes.Equal(myDeviceKeyBytes, qrCode.Key2[:]) { + myKeys := vh.mach.OwnIdentity() + if bytes.Equal(myKeys.SigningKey.Bytes(), qrCode.Key2[:]) { log.Info().Msg("Verified that the other device has the correct key for this device") } else { return fmt.Errorf("the other device has the wrong key for this device") @@ -100,11 +91,7 @@ func (vh *VerificationHelper) HandleScannedQRData(ctx context.Context, data []by } // Verify that the other device's key is what we expect. - myDeviceKeyBytes, err := base64.RawStdEncoding.DecodeString(theirDevice.IdentityKey.String()) - if err != nil { - return err - } - if bytes.Equal(myDeviceKeyBytes, qrCode.Key1[:]) { + if bytes.Equal(theirDevice.SigningKey.Bytes(), qrCode.Key1[:]) { log.Info().Msg("Verified that the other device key is what we expected") } else { return fmt.Errorf("the other device's key is not what we expected") @@ -112,11 +99,7 @@ func (vh *VerificationHelper) HandleScannedQRData(ctx context.Context, data []by // Verify that what they think the master key is is correct. crossSigningPubkeys := vh.mach.GetOwnCrossSigningPublicKeys(ctx) - crossSigningMasterKeyBytes, err := base64.RawStdEncoding.DecodeString(crossSigningPubkeys.MasterKey.String()) - if err != nil { - return err - } - if bytes.Equal(crossSigningMasterKeyBytes, qrCode.Key2[:]) { + if bytes.Equal(crossSigningPubkeys.MasterKey.Bytes(), qrCode.Key2[:]) { log.Info().Msg("Verified that the other device has the correct master key") } else { return fmt.Errorf("the master key does not match")