test_e2e_keys.py 35 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943
  1. # Copyright 2016 OpenMarket Ltd
  2. # Copyright 2019 New Vector Ltd
  3. # Copyright 2019 The Matrix.org Foundation C.I.C.
  4. #
  5. # Licensed under the Apache License, Version 2.0 (the "License");
  6. # you may not use this file except in compliance with the License.
  7. # You may obtain a copy of the License at
  8. #
  9. # http://www.apache.org/licenses/LICENSE-2.0
  10. #
  11. # Unless required by applicable law or agreed to in writing, software
  12. # distributed under the License is distributed on an "AS IS" BASIS,
  13. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14. # See the License for the specific language governing permissions and
  15. # limitations under the License.
  16. from typing import Iterable
  17. from unittest import mock
  18. from parameterized import parameterized
  19. from signedjson import key as key, sign as sign
  20. from twisted.test.proto_helpers import MemoryReactor
  21. from synapse.api.constants import RoomEncryptionAlgorithms
  22. from synapse.api.errors import Codes, SynapseError
  23. from synapse.handlers.device import DeviceHandler
  24. from synapse.server import HomeServer
  25. from synapse.types import JsonDict
  26. from synapse.util import Clock
  27. from tests import unittest
  28. from tests.test_utils import make_awaitable
  29. class E2eKeysHandlerTestCase(unittest.HomeserverTestCase):
  30. def make_homeserver(self, reactor: MemoryReactor, clock: Clock) -> HomeServer:
  31. return self.setup_test_homeserver(federation_client=mock.Mock())
  32. def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None:
  33. self.handler = hs.get_e2e_keys_handler()
  34. self.store = self.hs.get_datastores().main
  35. def test_query_local_devices_no_devices(self) -> None:
  36. """If the user has no devices, we expect an empty list."""
  37. local_user = "@boris:" + self.hs.hostname
  38. res = self.get_success(self.handler.query_local_devices({local_user: None}))
  39. self.assertDictEqual(res, {local_user: {}})
  40. def test_reupload_one_time_keys(self) -> None:
  41. """we should be able to re-upload the same keys"""
  42. local_user = "@boris:" + self.hs.hostname
  43. device_id = "xyz"
  44. keys: JsonDict = {
  45. "alg1:k1": "key1",
  46. "alg2:k2": {"key": "key2", "signatures": {"k1": "sig1"}},
  47. "alg2:k3": {"key": "key3"},
  48. }
  49. # Note that "signed_curve25519" is always returned in key count responses. This is necessary until
  50. # https://github.com/matrix-org/matrix-doc/issues/3298 is fixed.
  51. res = self.get_success(
  52. self.handler.upload_keys_for_user(
  53. local_user, device_id, {"one_time_keys": keys}
  54. )
  55. )
  56. self.assertDictEqual(
  57. res, {"one_time_key_counts": {"alg1": 1, "alg2": 2, "signed_curve25519": 0}}
  58. )
  59. # we should be able to change the signature without a problem
  60. keys["alg2:k2"]["signatures"]["k1"] = "sig2"
  61. res = self.get_success(
  62. self.handler.upload_keys_for_user(
  63. local_user, device_id, {"one_time_keys": keys}
  64. )
  65. )
  66. self.assertDictEqual(
  67. res, {"one_time_key_counts": {"alg1": 1, "alg2": 2, "signed_curve25519": 0}}
  68. )
  69. def test_change_one_time_keys(self) -> None:
  70. """attempts to change one-time-keys should be rejected"""
  71. local_user = "@boris:" + self.hs.hostname
  72. device_id = "xyz"
  73. keys = {
  74. "alg1:k1": "key1",
  75. "alg2:k2": {"key": "key2", "signatures": {"k1": "sig1"}},
  76. "alg2:k3": {"key": "key3"},
  77. }
  78. res = self.get_success(
  79. self.handler.upload_keys_for_user(
  80. local_user, device_id, {"one_time_keys": keys}
  81. )
  82. )
  83. self.assertDictEqual(
  84. res, {"one_time_key_counts": {"alg1": 1, "alg2": 2, "signed_curve25519": 0}}
  85. )
  86. # Error when changing string key
  87. self.get_failure(
  88. self.handler.upload_keys_for_user(
  89. local_user, device_id, {"one_time_keys": {"alg1:k1": "key2"}}
  90. ),
  91. SynapseError,
  92. )
  93. # Error when replacing dict key with string
  94. self.get_failure(
  95. self.handler.upload_keys_for_user(
  96. local_user, device_id, {"one_time_keys": {"alg2:k3": "key2"}}
  97. ),
  98. SynapseError,
  99. )
  100. # Error when replacing string key with dict
  101. self.get_failure(
  102. self.handler.upload_keys_for_user(
  103. local_user,
  104. device_id,
  105. {"one_time_keys": {"alg1:k1": {"key": "key"}}},
  106. ),
  107. SynapseError,
  108. )
  109. # Error when replacing dict key
  110. self.get_failure(
  111. self.handler.upload_keys_for_user(
  112. local_user,
  113. device_id,
  114. {
  115. "one_time_keys": {
  116. "alg2:k2": {"key": "key3", "signatures": {"k1": "sig1"}}
  117. }
  118. },
  119. ),
  120. SynapseError,
  121. )
  122. def test_claim_one_time_key(self) -> None:
  123. local_user = "@boris:" + self.hs.hostname
  124. device_id = "xyz"
  125. keys = {"alg1:k1": "key1"}
  126. res = self.get_success(
  127. self.handler.upload_keys_for_user(
  128. local_user, device_id, {"one_time_keys": keys}
  129. )
  130. )
  131. self.assertDictEqual(
  132. res, {"one_time_key_counts": {"alg1": 1, "signed_curve25519": 0}}
  133. )
  134. res2 = self.get_success(
  135. self.handler.claim_one_time_keys(
  136. {"one_time_keys": {local_user: {device_id: "alg1"}}}, timeout=None
  137. )
  138. )
  139. self.assertEqual(
  140. res2,
  141. {
  142. "failures": {},
  143. "one_time_keys": {local_user: {device_id: {"alg1:k1": "key1"}}},
  144. },
  145. )
  146. def test_fallback_key(self) -> None:
  147. local_user = "@boris:" + self.hs.hostname
  148. device_id = "xyz"
  149. fallback_key = {"alg1:k1": "fallback_key1"}
  150. fallback_key2 = {"alg1:k2": "fallback_key2"}
  151. fallback_key3 = {"alg1:k2": "fallback_key3"}
  152. otk = {"alg1:k2": "key2"}
  153. # we shouldn't have any unused fallback keys yet
  154. res = self.get_success(
  155. self.store.get_e2e_unused_fallback_key_types(local_user, device_id)
  156. )
  157. self.assertEqual(res, [])
  158. self.get_success(
  159. self.handler.upload_keys_for_user(
  160. local_user,
  161. device_id,
  162. {"fallback_keys": fallback_key},
  163. )
  164. )
  165. # we should now have an unused alg1 key
  166. fallback_res = self.get_success(
  167. self.store.get_e2e_unused_fallback_key_types(local_user, device_id)
  168. )
  169. self.assertEqual(fallback_res, ["alg1"])
  170. # claiming an OTK when no OTKs are available should return the fallback
  171. # key
  172. claim_res = self.get_success(
  173. self.handler.claim_one_time_keys(
  174. {"one_time_keys": {local_user: {device_id: "alg1"}}}, timeout=None
  175. )
  176. )
  177. self.assertEqual(
  178. claim_res,
  179. {"failures": {}, "one_time_keys": {local_user: {device_id: fallback_key}}},
  180. )
  181. # we shouldn't have any unused fallback keys again
  182. unused_res = self.get_success(
  183. self.store.get_e2e_unused_fallback_key_types(local_user, device_id)
  184. )
  185. self.assertEqual(unused_res, [])
  186. # claiming an OTK again should return the same fallback key
  187. claim_res = self.get_success(
  188. self.handler.claim_one_time_keys(
  189. {"one_time_keys": {local_user: {device_id: "alg1"}}}, timeout=None
  190. )
  191. )
  192. self.assertEqual(
  193. claim_res,
  194. {"failures": {}, "one_time_keys": {local_user: {device_id: fallback_key}}},
  195. )
  196. # re-uploading the same fallback key should still result in no unused fallback
  197. # keys
  198. self.get_success(
  199. self.handler.upload_keys_for_user(
  200. local_user,
  201. device_id,
  202. {"fallback_keys": fallback_key},
  203. )
  204. )
  205. unused_res = self.get_success(
  206. self.store.get_e2e_unused_fallback_key_types(local_user, device_id)
  207. )
  208. self.assertEqual(unused_res, [])
  209. # uploading a new fallback key should result in an unused fallback key
  210. self.get_success(
  211. self.handler.upload_keys_for_user(
  212. local_user,
  213. device_id,
  214. {"fallback_keys": fallback_key2},
  215. )
  216. )
  217. unused_res = self.get_success(
  218. self.store.get_e2e_unused_fallback_key_types(local_user, device_id)
  219. )
  220. self.assertEqual(unused_res, ["alg1"])
  221. # if the user uploads a one-time key, the next claim should fetch the
  222. # one-time key, and then go back to the fallback
  223. self.get_success(
  224. self.handler.upload_keys_for_user(
  225. local_user, device_id, {"one_time_keys": otk}
  226. )
  227. )
  228. claim_res = self.get_success(
  229. self.handler.claim_one_time_keys(
  230. {"one_time_keys": {local_user: {device_id: "alg1"}}}, timeout=None
  231. )
  232. )
  233. self.assertEqual(
  234. claim_res,
  235. {"failures": {}, "one_time_keys": {local_user: {device_id: otk}}},
  236. )
  237. claim_res = self.get_success(
  238. self.handler.claim_one_time_keys(
  239. {"one_time_keys": {local_user: {device_id: "alg1"}}}, timeout=None
  240. )
  241. )
  242. self.assertEqual(
  243. claim_res,
  244. {"failures": {}, "one_time_keys": {local_user: {device_id: fallback_key2}}},
  245. )
  246. # using the unstable prefix should also set the fallback key
  247. self.get_success(
  248. self.handler.upload_keys_for_user(
  249. local_user,
  250. device_id,
  251. {"org.matrix.msc2732.fallback_keys": fallback_key3},
  252. )
  253. )
  254. claim_res = self.get_success(
  255. self.handler.claim_one_time_keys(
  256. {"one_time_keys": {local_user: {device_id: "alg1"}}}, timeout=None
  257. )
  258. )
  259. self.assertEqual(
  260. claim_res,
  261. {"failures": {}, "one_time_keys": {local_user: {device_id: fallback_key3}}},
  262. )
  263. def test_replace_master_key(self) -> None:
  264. """uploading a new signing key should make the old signing key unavailable"""
  265. local_user = "@boris:" + self.hs.hostname
  266. keys1 = {
  267. "master_key": {
  268. # private key: 2lonYOM6xYKdEsO+6KrC766xBcHnYnim1x/4LFGF8B0
  269. "user_id": local_user,
  270. "usage": ["master"],
  271. "keys": {
  272. "ed25519:nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk": "nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk"
  273. },
  274. }
  275. }
  276. self.get_success(self.handler.upload_signing_keys_for_user(local_user, keys1))
  277. keys2 = {
  278. "master_key": {
  279. # private key: 4TL4AjRYwDVwD3pqQzcor+ez/euOB1/q78aTJ+czDNs
  280. "user_id": local_user,
  281. "usage": ["master"],
  282. "keys": {
  283. "ed25519:Hq6gL+utB4ET+UvD5ci0kgAwsX6qP/zvf8v6OInU5iw": "Hq6gL+utB4ET+UvD5ci0kgAwsX6qP/zvf8v6OInU5iw"
  284. },
  285. }
  286. }
  287. self.get_success(self.handler.upload_signing_keys_for_user(local_user, keys2))
  288. devices = self.get_success(
  289. self.handler.query_devices(
  290. {"device_keys": {local_user: []}}, 0, local_user, "device123"
  291. )
  292. )
  293. self.assertDictEqual(devices["master_keys"], {local_user: keys2["master_key"]})
  294. def test_reupload_signatures(self) -> None:
  295. """re-uploading a signature should not fail"""
  296. local_user = "@boris:" + self.hs.hostname
  297. keys1 = {
  298. "master_key": {
  299. # private key: HvQBbU+hc2Zr+JP1sE0XwBe1pfZZEYtJNPJLZJtS+F8
  300. "user_id": local_user,
  301. "usage": ["master"],
  302. "keys": {
  303. "ed25519:EmkqvokUn8p+vQAGZitOk4PWjp7Ukp3txV2TbMPEiBQ": "EmkqvokUn8p+vQAGZitOk4PWjp7Ukp3txV2TbMPEiBQ"
  304. },
  305. },
  306. "self_signing_key": {
  307. # private key: 2lonYOM6xYKdEsO+6KrC766xBcHnYnim1x/4LFGF8B0
  308. "user_id": local_user,
  309. "usage": ["self_signing"],
  310. "keys": {
  311. "ed25519:nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk": "nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk"
  312. },
  313. },
  314. }
  315. master_signing_key = key.decode_signing_key_base64(
  316. "ed25519",
  317. "EmkqvokUn8p+vQAGZitOk4PWjp7Ukp3txV2TbMPEiBQ",
  318. "HvQBbU+hc2Zr+JP1sE0XwBe1pfZZEYtJNPJLZJtS+F8",
  319. )
  320. sign.sign_json(keys1["self_signing_key"], local_user, master_signing_key)
  321. signing_key = key.decode_signing_key_base64(
  322. "ed25519",
  323. "nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk",
  324. "2lonYOM6xYKdEsO+6KrC766xBcHnYnim1x/4LFGF8B0",
  325. )
  326. self.get_success(self.handler.upload_signing_keys_for_user(local_user, keys1))
  327. # upload two device keys, which will be signed later by the self-signing key
  328. device_key_1: JsonDict = {
  329. "user_id": local_user,
  330. "device_id": "abc",
  331. "algorithms": [
  332. "m.olm.curve25519-aes-sha2",
  333. RoomEncryptionAlgorithms.MEGOLM_V1_AES_SHA2,
  334. ],
  335. "keys": {
  336. "ed25519:abc": "base64+ed25519+key",
  337. "curve25519:abc": "base64+curve25519+key",
  338. },
  339. "signatures": {local_user: {"ed25519:abc": "base64+signature"}},
  340. }
  341. device_key_2: JsonDict = {
  342. "user_id": local_user,
  343. "device_id": "def",
  344. "algorithms": [
  345. "m.olm.curve25519-aes-sha2",
  346. RoomEncryptionAlgorithms.MEGOLM_V1_AES_SHA2,
  347. ],
  348. "keys": {
  349. "ed25519:def": "base64+ed25519+key",
  350. "curve25519:def": "base64+curve25519+key",
  351. },
  352. "signatures": {local_user: {"ed25519:def": "base64+signature"}},
  353. }
  354. self.get_success(
  355. self.handler.upload_keys_for_user(
  356. local_user, "abc", {"device_keys": device_key_1}
  357. )
  358. )
  359. self.get_success(
  360. self.handler.upload_keys_for_user(
  361. local_user, "def", {"device_keys": device_key_2}
  362. )
  363. )
  364. # sign the first device key and upload it
  365. del device_key_1["signatures"]
  366. sign.sign_json(device_key_1, local_user, signing_key)
  367. self.get_success(
  368. self.handler.upload_signatures_for_device_keys(
  369. local_user, {local_user: {"abc": device_key_1}}
  370. )
  371. )
  372. # sign the second device key and upload both device keys. The server
  373. # should ignore the first device key since it already has a valid
  374. # signature for it
  375. del device_key_2["signatures"]
  376. sign.sign_json(device_key_2, local_user, signing_key)
  377. self.get_success(
  378. self.handler.upload_signatures_for_device_keys(
  379. local_user, {local_user: {"abc": device_key_1, "def": device_key_2}}
  380. )
  381. )
  382. device_key_1["signatures"][local_user]["ed25519:abc"] = "base64+signature"
  383. device_key_2["signatures"][local_user]["ed25519:def"] = "base64+signature"
  384. devices = self.get_success(
  385. self.handler.query_devices(
  386. {"device_keys": {local_user: []}}, 0, local_user, "device123"
  387. )
  388. )
  389. del devices["device_keys"][local_user]["abc"]["unsigned"]
  390. del devices["device_keys"][local_user]["def"]["unsigned"]
  391. self.assertDictEqual(devices["device_keys"][local_user]["abc"], device_key_1)
  392. self.assertDictEqual(devices["device_keys"][local_user]["def"], device_key_2)
  393. def test_self_signing_key_doesnt_show_up_as_device(self) -> None:
  394. """signing keys should be hidden when fetching a user's devices"""
  395. local_user = "@boris:" + self.hs.hostname
  396. keys1 = {
  397. "master_key": {
  398. # private key: 2lonYOM6xYKdEsO+6KrC766xBcHnYnim1x/4LFGF8B0
  399. "user_id": local_user,
  400. "usage": ["master"],
  401. "keys": {
  402. "ed25519:nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk": "nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk"
  403. },
  404. }
  405. }
  406. self.get_success(self.handler.upload_signing_keys_for_user(local_user, keys1))
  407. device_handler = self.hs.get_device_handler()
  408. assert isinstance(device_handler, DeviceHandler)
  409. e = self.get_failure(
  410. device_handler.check_device_registered(
  411. user_id=local_user,
  412. device_id="nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk",
  413. initial_device_display_name="new display name",
  414. ),
  415. SynapseError,
  416. )
  417. res = e.value.code
  418. self.assertEqual(res, 400)
  419. query_res = self.get_success(
  420. self.handler.query_local_devices({local_user: None})
  421. )
  422. self.assertDictEqual(query_res, {local_user: {}})
  423. def test_upload_signatures(self) -> None:
  424. """should check signatures that are uploaded"""
  425. # set up a user with cross-signing keys and a device. This user will
  426. # try uploading signatures
  427. local_user = "@boris:" + self.hs.hostname
  428. device_id = "xyz"
  429. # private key: OMkooTr76ega06xNvXIGPbgvvxAOzmQncN8VObS7aBA
  430. device_pubkey = "NnHhnqiMFQkq969szYkooLaBAXW244ZOxgukCvm2ZeY"
  431. device_key: JsonDict = {
  432. "user_id": local_user,
  433. "device_id": device_id,
  434. "algorithms": [
  435. "m.olm.curve25519-aes-sha2",
  436. RoomEncryptionAlgorithms.MEGOLM_V1_AES_SHA2,
  437. ],
  438. "keys": {"curve25519:xyz": "curve25519+key", "ed25519:xyz": device_pubkey},
  439. "signatures": {local_user: {"ed25519:xyz": "something"}},
  440. }
  441. device_signing_key = key.decode_signing_key_base64(
  442. "ed25519", "xyz", "OMkooTr76ega06xNvXIGPbgvvxAOzmQncN8VObS7aBA"
  443. )
  444. self.get_success(
  445. self.handler.upload_keys_for_user(
  446. local_user, device_id, {"device_keys": device_key}
  447. )
  448. )
  449. # private key: 2lonYOM6xYKdEsO+6KrC766xBcHnYnim1x/4LFGF8B0
  450. master_pubkey = "nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk"
  451. master_key: JsonDict = {
  452. "user_id": local_user,
  453. "usage": ["master"],
  454. "keys": {"ed25519:" + master_pubkey: master_pubkey},
  455. }
  456. master_signing_key = key.decode_signing_key_base64(
  457. "ed25519", master_pubkey, "2lonYOM6xYKdEsO+6KrC766xBcHnYnim1x/4LFGF8B0"
  458. )
  459. usersigning_pubkey = "Hq6gL+utB4ET+UvD5ci0kgAwsX6qP/zvf8v6OInU5iw"
  460. usersigning_key = {
  461. # private key: 4TL4AjRYwDVwD3pqQzcor+ez/euOB1/q78aTJ+czDNs
  462. "user_id": local_user,
  463. "usage": ["user_signing"],
  464. "keys": {"ed25519:" + usersigning_pubkey: usersigning_pubkey},
  465. }
  466. usersigning_signing_key = key.decode_signing_key_base64(
  467. "ed25519", usersigning_pubkey, "4TL4AjRYwDVwD3pqQzcor+ez/euOB1/q78aTJ+czDNs"
  468. )
  469. sign.sign_json(usersigning_key, local_user, master_signing_key)
  470. # private key: HvQBbU+hc2Zr+JP1sE0XwBe1pfZZEYtJNPJLZJtS+F8
  471. selfsigning_pubkey = "EmkqvokUn8p+vQAGZitOk4PWjp7Ukp3txV2TbMPEiBQ"
  472. selfsigning_key = {
  473. "user_id": local_user,
  474. "usage": ["self_signing"],
  475. "keys": {"ed25519:" + selfsigning_pubkey: selfsigning_pubkey},
  476. }
  477. selfsigning_signing_key = key.decode_signing_key_base64(
  478. "ed25519", selfsigning_pubkey, "HvQBbU+hc2Zr+JP1sE0XwBe1pfZZEYtJNPJLZJtS+F8"
  479. )
  480. sign.sign_json(selfsigning_key, local_user, master_signing_key)
  481. cross_signing_keys = {
  482. "master_key": master_key,
  483. "user_signing_key": usersigning_key,
  484. "self_signing_key": selfsigning_key,
  485. }
  486. self.get_success(
  487. self.handler.upload_signing_keys_for_user(local_user, cross_signing_keys)
  488. )
  489. # set up another user with a master key. This user will be signed by
  490. # the first user
  491. other_user = "@otherboris:" + self.hs.hostname
  492. other_master_pubkey = "fHZ3NPiKxoLQm5OoZbKa99SYxprOjNs4TwJUKP+twCM"
  493. other_master_key: JsonDict = {
  494. # private key: oyw2ZUx0O4GifbfFYM0nQvj9CL0b8B7cyN4FprtK8OI
  495. "user_id": other_user,
  496. "usage": ["master"],
  497. "keys": {"ed25519:" + other_master_pubkey: other_master_pubkey},
  498. }
  499. self.get_success(
  500. self.handler.upload_signing_keys_for_user(
  501. other_user, {"master_key": other_master_key}
  502. )
  503. )
  504. # test various signature failures (see below)
  505. ret = self.get_success(
  506. self.handler.upload_signatures_for_device_keys(
  507. local_user,
  508. {
  509. local_user: {
  510. # fails because the signature is invalid
  511. # should fail with INVALID_SIGNATURE
  512. device_id: {
  513. "user_id": local_user,
  514. "device_id": device_id,
  515. "algorithms": [
  516. "m.olm.curve25519-aes-sha2",
  517. RoomEncryptionAlgorithms.MEGOLM_V1_AES_SHA2,
  518. ],
  519. "keys": {
  520. "curve25519:xyz": "curve25519+key",
  521. # private key: OMkooTr76ega06xNvXIGPbgvvxAOzmQncN8VObS7aBA
  522. "ed25519:xyz": device_pubkey,
  523. },
  524. "signatures": {
  525. local_user: {
  526. "ed25519:" + selfsigning_pubkey: "something"
  527. }
  528. },
  529. },
  530. # fails because device is unknown
  531. # should fail with NOT_FOUND
  532. "unknown": {
  533. "user_id": local_user,
  534. "device_id": "unknown",
  535. "signatures": {
  536. local_user: {
  537. "ed25519:" + selfsigning_pubkey: "something"
  538. }
  539. },
  540. },
  541. # fails because the signature is invalid
  542. # should fail with INVALID_SIGNATURE
  543. master_pubkey: {
  544. "user_id": local_user,
  545. "usage": ["master"],
  546. "keys": {"ed25519:" + master_pubkey: master_pubkey},
  547. "signatures": {
  548. local_user: {"ed25519:" + device_pubkey: "something"}
  549. },
  550. },
  551. },
  552. other_user: {
  553. # fails because the device is not the user's master-signing key
  554. # should fail with NOT_FOUND
  555. "unknown": {
  556. "user_id": other_user,
  557. "device_id": "unknown",
  558. "signatures": {
  559. local_user: {
  560. "ed25519:" + usersigning_pubkey: "something"
  561. }
  562. },
  563. },
  564. other_master_pubkey: {
  565. # fails because the key doesn't match what the server has
  566. # should fail with UNKNOWN
  567. "user_id": other_user,
  568. "usage": ["master"],
  569. "keys": {
  570. "ed25519:" + other_master_pubkey: other_master_pubkey
  571. },
  572. "something": "random",
  573. "signatures": {
  574. local_user: {
  575. "ed25519:" + usersigning_pubkey: "something"
  576. }
  577. },
  578. },
  579. },
  580. },
  581. )
  582. )
  583. user_failures = ret["failures"][local_user]
  584. self.assertEqual(user_failures[device_id]["errcode"], Codes.INVALID_SIGNATURE)
  585. self.assertEqual(
  586. user_failures[master_pubkey]["errcode"], Codes.INVALID_SIGNATURE
  587. )
  588. self.assertEqual(user_failures["unknown"]["errcode"], Codes.NOT_FOUND)
  589. other_user_failures = ret["failures"][other_user]
  590. self.assertEqual(other_user_failures["unknown"]["errcode"], Codes.NOT_FOUND)
  591. self.assertEqual(
  592. other_user_failures[other_master_pubkey]["errcode"], Codes.UNKNOWN
  593. )
  594. # test successful signatures
  595. del device_key["signatures"]
  596. sign.sign_json(device_key, local_user, selfsigning_signing_key)
  597. sign.sign_json(master_key, local_user, device_signing_key)
  598. sign.sign_json(other_master_key, local_user, usersigning_signing_key)
  599. ret = self.get_success(
  600. self.handler.upload_signatures_for_device_keys(
  601. local_user,
  602. {
  603. local_user: {device_id: device_key, master_pubkey: master_key},
  604. other_user: {other_master_pubkey: other_master_key},
  605. },
  606. )
  607. )
  608. self.assertEqual(ret["failures"], {})
  609. # fetch the signed keys/devices and make sure that the signatures are there
  610. ret = self.get_success(
  611. self.handler.query_devices(
  612. {"device_keys": {local_user: [], other_user: []}},
  613. 0,
  614. local_user,
  615. "device123",
  616. )
  617. )
  618. self.assertEqual(
  619. ret["device_keys"][local_user]["xyz"]["signatures"][local_user][
  620. "ed25519:" + selfsigning_pubkey
  621. ],
  622. device_key["signatures"][local_user]["ed25519:" + selfsigning_pubkey],
  623. )
  624. self.assertEqual(
  625. ret["master_keys"][local_user]["signatures"][local_user][
  626. "ed25519:" + device_id
  627. ],
  628. master_key["signatures"][local_user]["ed25519:" + device_id],
  629. )
  630. self.assertEqual(
  631. ret["master_keys"][other_user]["signatures"][local_user][
  632. "ed25519:" + usersigning_pubkey
  633. ],
  634. other_master_key["signatures"][local_user]["ed25519:" + usersigning_pubkey],
  635. )
  636. def test_query_devices_remote_no_sync(self) -> None:
  637. """Tests that querying keys for a remote user that we don't share a room
  638. with returns the cross signing keys correctly.
  639. """
  640. remote_user_id = "@test:other"
  641. local_user_id = "@test:test"
  642. remote_master_key = "85T7JXPFBAySB/jwby4S3lBPTqY3+Zg53nYuGmu1ggY"
  643. remote_self_signing_key = "QeIiFEjluPBtI7WQdG365QKZcFs9kqmHir6RBD0//nQ"
  644. self.hs.get_federation_client().query_client_keys = mock.Mock( # type: ignore[assignment]
  645. return_value=make_awaitable(
  646. {
  647. "device_keys": {remote_user_id: {}},
  648. "master_keys": {
  649. remote_user_id: {
  650. "user_id": remote_user_id,
  651. "usage": ["master"],
  652. "keys": {"ed25519:" + remote_master_key: remote_master_key},
  653. },
  654. },
  655. "self_signing_keys": {
  656. remote_user_id: {
  657. "user_id": remote_user_id,
  658. "usage": ["self_signing"],
  659. "keys": {
  660. "ed25519:"
  661. + remote_self_signing_key: remote_self_signing_key
  662. },
  663. }
  664. },
  665. }
  666. )
  667. )
  668. e2e_handler = self.hs.get_e2e_keys_handler()
  669. query_result = self.get_success(
  670. e2e_handler.query_devices(
  671. {
  672. "device_keys": {remote_user_id: []},
  673. },
  674. timeout=10,
  675. from_user_id=local_user_id,
  676. from_device_id="some_device_id",
  677. )
  678. )
  679. self.assertEqual(query_result["failures"], {})
  680. self.assertEqual(
  681. query_result["master_keys"],
  682. {
  683. remote_user_id: {
  684. "user_id": remote_user_id,
  685. "usage": ["master"],
  686. "keys": {"ed25519:" + remote_master_key: remote_master_key},
  687. },
  688. },
  689. )
  690. self.assertEqual(
  691. query_result["self_signing_keys"],
  692. {
  693. remote_user_id: {
  694. "user_id": remote_user_id,
  695. "usage": ["self_signing"],
  696. "keys": {
  697. "ed25519:" + remote_self_signing_key: remote_self_signing_key
  698. },
  699. }
  700. },
  701. )
  702. def test_query_devices_remote_sync(self) -> None:
  703. """Tests that querying keys for a remote user that we share a room with,
  704. but haven't yet fetched the keys for, returns the cross signing keys
  705. correctly.
  706. """
  707. remote_user_id = "@test:other"
  708. local_user_id = "@test:test"
  709. # Pretend we're sharing a room with the user we're querying. If not,
  710. # `_query_devices_for_destination` will return early.
  711. self.store.get_rooms_for_user = mock.Mock(
  712. return_value=make_awaitable({"some_room_id"})
  713. )
  714. remote_master_key = "85T7JXPFBAySB/jwby4S3lBPTqY3+Zg53nYuGmu1ggY"
  715. remote_self_signing_key = "QeIiFEjluPBtI7WQdG365QKZcFs9kqmHir6RBD0//nQ"
  716. self.hs.get_federation_client().query_user_devices = mock.Mock( # type: ignore[assignment]
  717. return_value=make_awaitable(
  718. {
  719. "user_id": remote_user_id,
  720. "stream_id": 1,
  721. "devices": [],
  722. "master_key": {
  723. "user_id": remote_user_id,
  724. "usage": ["master"],
  725. "keys": {"ed25519:" + remote_master_key: remote_master_key},
  726. },
  727. "self_signing_key": {
  728. "user_id": remote_user_id,
  729. "usage": ["self_signing"],
  730. "keys": {
  731. "ed25519:"
  732. + remote_self_signing_key: remote_self_signing_key
  733. },
  734. },
  735. }
  736. )
  737. )
  738. e2e_handler = self.hs.get_e2e_keys_handler()
  739. query_result = self.get_success(
  740. e2e_handler.query_devices(
  741. {
  742. "device_keys": {remote_user_id: []},
  743. },
  744. timeout=10,
  745. from_user_id=local_user_id,
  746. from_device_id="some_device_id",
  747. )
  748. )
  749. self.assertEqual(query_result["failures"], {})
  750. self.assertEqual(
  751. query_result["master_keys"],
  752. {
  753. remote_user_id: {
  754. "user_id": remote_user_id,
  755. "usage": ["master"],
  756. "keys": {"ed25519:" + remote_master_key: remote_master_key},
  757. }
  758. },
  759. )
  760. self.assertEqual(
  761. query_result["self_signing_keys"],
  762. {
  763. remote_user_id: {
  764. "user_id": remote_user_id,
  765. "usage": ["self_signing"],
  766. "keys": {
  767. "ed25519:" + remote_self_signing_key: remote_self_signing_key
  768. },
  769. }
  770. },
  771. )
  772. @parameterized.expand(
  773. [
  774. # The remote homeserver's response indicates that this user has 0/1/2 devices.
  775. ([],),
  776. (["device_1"],),
  777. (["device_1", "device_2"],),
  778. ]
  779. )
  780. def test_query_all_devices_caches_result(self, device_ids: Iterable[str]) -> None:
  781. """Test that requests for all of a remote user's devices are cached.
  782. We do this by asserting that only one call over federation was made, and that
  783. the two queries to the local homeserver produce the same response.
  784. """
  785. local_user_id = "@test:test"
  786. remote_user_id = "@test:other"
  787. request_body: JsonDict = {"device_keys": {remote_user_id: []}}
  788. response_devices = [
  789. {
  790. "device_id": device_id,
  791. "keys": {
  792. "algorithms": ["dummy"],
  793. "device_id": device_id,
  794. "keys": {f"dummy:{device_id}": "dummy"},
  795. "signatures": {device_id: {f"dummy:{device_id}": "dummy"}},
  796. "unsigned": {},
  797. "user_id": "@test:other",
  798. },
  799. }
  800. for device_id in device_ids
  801. ]
  802. response_body = {
  803. "devices": response_devices,
  804. "user_id": remote_user_id,
  805. "stream_id": 12345, # an integer, according to the spec
  806. }
  807. e2e_handler = self.hs.get_e2e_keys_handler()
  808. # Pretend we're sharing a room with the user we're querying. If not,
  809. # `_query_devices_for_destination` will return early.
  810. mock_get_rooms = mock.patch.object(
  811. self.store,
  812. "get_rooms_for_user",
  813. new_callable=mock.MagicMock,
  814. return_value=make_awaitable(["some_room_id"]),
  815. )
  816. mock_get_users = mock.patch.object(
  817. self.store,
  818. "get_users_server_still_shares_room_with",
  819. new_callable=mock.MagicMock,
  820. return_value=make_awaitable({remote_user_id}),
  821. )
  822. mock_request = mock.patch.object(
  823. self.hs.get_federation_client(),
  824. "query_user_devices",
  825. new_callable=mock.MagicMock,
  826. return_value=make_awaitable(response_body),
  827. )
  828. with mock_get_rooms, mock_get_users, mock_request as mocked_federation_request:
  829. # Make the first query and sanity check it succeeds.
  830. response_1 = self.get_success(
  831. e2e_handler.query_devices(
  832. request_body,
  833. timeout=10,
  834. from_user_id=local_user_id,
  835. from_device_id="some_device_id",
  836. )
  837. )
  838. self.assertEqual(response_1["failures"], {})
  839. # We should have made a federation request to do so.
  840. mocked_federation_request.assert_called_once()
  841. # Reset the mock so we can prove we don't make a second federation request.
  842. mocked_federation_request.reset_mock()
  843. # Repeat the query.
  844. response_2 = self.get_success(
  845. e2e_handler.query_devices(
  846. request_body,
  847. timeout=10,
  848. from_user_id=local_user_id,
  849. from_device_id="some_device_id",
  850. )
  851. )
  852. self.assertEqual(response_2["failures"], {})
  853. # We should not have made a second federation request.
  854. mocked_federation_request.assert_not_called()
  855. # The two requests to the local homeserver should be identical.
  856. self.assertEqual(response_1, response_2)