deblan-mirror/mautrix-go
1
0
Fork 0
mirror of https://mau.dev/mautrix/go.git synced 2026-03-14 14:25:53 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Log when the public keys don't match when verifiying megolm backups

Browse source
This commit is contained in:
Brad Murray 2025-02-27 16:36:20 -05:00
commit 63832e89ce
No known key found for this signature in database
GPG key ID: A49463C6B5B28DCF
1 changed files with 7 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
crypto/keybackup.go
View file

@ -54,9 +54,15 @@ func (mach *OlmMachine) GetAndVerifyLatestKeyBackupVersion(ctx context.Context,
// ...by deriving the public key from a private key that it obtained from a trusted source. Trusted sources for the private
// key include the user entering the key, retrieving the key stored in secret storage, or obtaining the key via secret sharing
// from a verified device belonging to the same user."
if megolmBackupKey != nil && versionInfo.AuthData.PublicKey == id.Ed25519(base64.RawStdEncoding.EncodeToString(megolmBackupKey.PublicKey().Bytes())) {
megolmBackupDerivedPublicKey := id.Ed25519(base64.RawStdEncoding.EncodeToString(megolmBackupKey.PublicKey().Bytes()))
if megolmBackupKey != nil && versionInfo.AuthData.PublicKey == megolmBackupDerivedPublicKey {
log.Debug().Msg("key backup is trusted based on public key")
return versionInfo, nil
} else {
log.Debug().
Stringer("expected_key", megolmBackupDerivedPublicKey).
Stringer("actual_key", versionInfo.AuthData.PublicKey).
Msg("key backup public keys do not match, proceeding to check device signatures")
}
// "...or checking that it is signed by the users master cross-signing key or by a verified device belonging to the same user"