diff --git a/clientapi/routing/key_crosssigning.go b/clientapi/routing/key_crosssigning.go index a0f7f06e..b0edb606 100644 --- a/clientapi/routing/key_crosssigning.go +++ b/clientapi/routing/key_crosssigning.go @@ -31,7 +31,6 @@ type crossSigningRequest struct { type UploadKeysAPI interface { QueryKeys(ctx context.Context, req *api.QueryKeysRequest, res *api.QueryKeysResponse) - QueryMasterKeys(ctx context.Context, req *api.QueryMasterKeysRequest, res *api.QueryMasterKeysResponse) api.UploadDeviceKeysAPI } @@ -76,15 +75,7 @@ func UploadCrossSigningDeviceKeys( // With MSC3861, UIA is not possible. Instead, the auth service has to explicitly mark the master key as replaceable. if cfg.MSCs.MSC3861Enabled() { - masterKeyResp := api.QueryMasterKeysResponse{} - keyserverAPI.QueryMasterKeys(req.Context(), &api.QueryMasterKeysRequest{UserID: device.UserID}, &masterKeyResp) - - if masterKeyResp.Error != nil { - logger.WithError(masterKeyResp.Error).Error("Failed to query master key") - return convertKeyError(masterKeyResp.Error) - } - - requireUIA := !sessions.isCrossSigningKeysReplacementAllowed(device.UserID) && masterKeyResp.Key != nil + requireUIA := !sessions.isCrossSigningKeysReplacementAllowed(device.UserID) if requireUIA { url := "" if m := cfg.MSCs.MSC3861; m.AccountManagementURL != "" { diff --git a/setup/mscs/msc3861/msc3861.go b/setup/mscs/msc3861/msc3861.go index 4dd5d517..cda2266c 100644 --- a/setup/mscs/msc3861/msc3861.go +++ b/setup/mscs/msc3861/msc3861.go @@ -6,6 +6,8 @@ package msc3861 import ( + "errors" + "github.com/element-hq/dendrite/setup" "github.com/matrix-org/gomatrixserverlib/fclient" ) @@ -20,6 +22,17 @@ func Enable(m *setup.Monolith) error { if err != nil { return err } - m.UserVerifierProvider = setup.NewUserVerifierProvider(userVerifier) + + if m.UserVerifierProvider == nil { + return errors.New("msc3861: UserVerifierProvider is not initialised") + } + + provider, ok := m.UserVerifierProvider.(*setup.UserVerifierProvider) + if !ok { + return errors.New("msc3861: the expected type of m.UserVerifierProvider is *setup.UserVerifierProvider") + } + + provider.UserVerifier = userVerifier + return nil } diff --git a/userapi/api/api.go b/userapi/api/api.go index ec3ae5f3..3c46b769 100644 --- a/userapi/api/api.go +++ b/userapi/api/api.go @@ -672,7 +672,6 @@ type QueryAccountByLocalpartResponse struct { type ClientKeyAPI interface { UploadDeviceKeysAPI QueryKeys(ctx context.Context, req *QueryKeysRequest, res *QueryKeysResponse) - QueryMasterKeys(ctx context.Context, req *QueryMasterKeysRequest, res *QueryMasterKeysResponse) PerformUploadKeys(ctx context.Context, req *PerformUploadKeysRequest, res *PerformUploadKeysResponse) error PerformUploadDeviceSignatures(ctx context.Context, req *PerformUploadDeviceSignaturesRequest, res *PerformUploadDeviceSignaturesResponse) @@ -934,16 +933,6 @@ type QueryKeysResponse struct { Error *KeyError } -type QueryMasterKeysRequest struct { - UserID string -} - -type QueryMasterKeysResponse struct { - Key spec.Base64Bytes - // Set if there was a fatal error processing this query - Error *KeyError -} - type QueryKeyChangesRequest struct { // The offset of the last received key event, or sarama.OffsetOldest if this is from the beginning Offset int64 diff --git a/userapi/internal/key_api.go b/userapi/internal/key_api.go index eb7597ab..24148eea 100644 --- a/userapi/internal/key_api.go +++ b/userapi/internal/key_api.go @@ -234,19 +234,6 @@ func (a *UserInternalAPI) PerformMarkAsStaleIfNeeded(ctx context.Context, req *a return a.Updater.ManualUpdate(ctx, req.Domain, req.UserID) } -func (a *UserInternalAPI) QueryMasterKeys(ctx context.Context, req *api.QueryMasterKeysRequest, res *api.QueryMasterKeysResponse) { - crossSigningKeyMap, err := a.KeyDatabase.CrossSigningKeysDataForUserAndKeyType(ctx, req.UserID, fclient.CrossSigningKeyPurposeMaster) - if err != nil { - res.Error = &api.KeyError{ - Err: fmt.Sprintf("failed to query user cross signing master keys: %s", err), - } - return - } - if key, ok := crossSigningKeyMap[fclient.CrossSigningKeyPurposeMaster]; ok { - res.Key = key - } -} - // nolint:gocyclo func (a *UserInternalAPI) QueryKeys(ctx context.Context, req *api.QueryKeysRequest, res *api.QueryKeysResponse) { var respMu sync.Mutex diff --git a/userapi/storage/interface.go b/userapi/storage/interface.go index 3cf7e765..41db1222 100644 --- a/userapi/storage/interface.go +++ b/userapi/storage/interface.go @@ -227,7 +227,6 @@ type KeyDatabase interface { CrossSigningKeysForUser(ctx context.Context, userID string) (map[fclient.CrossSigningKeyPurpose]fclient.CrossSigningKey, error) CrossSigningKeysDataForUser(ctx context.Context, userID string) (types.CrossSigningKeyMap, error) - CrossSigningKeysDataForUserAndKeyType(ctx context.Context, userID string, keyType fclient.CrossSigningKeyPurpose) (types.CrossSigningKeyMap, error) CrossSigningSigsForTarget(ctx context.Context, originUserID, targetUserID string, targetKeyID gomatrixserverlib.KeyID) (types.CrossSigningSigMap, error) StoreCrossSigningKeysForUser(ctx context.Context, userID string, keyMap types.CrossSigningKeyMap) error diff --git a/userapi/storage/postgres/cross_signing_keys_table.go b/userapi/storage/postgres/cross_signing_keys_table.go index f05f7845..b0f92cf8 100644 --- a/userapi/storage/postgres/cross_signing_keys_table.go +++ b/userapi/storage/postgres/cross_signing_keys_table.go @@ -32,20 +32,15 @@ const selectCrossSigningKeysForUserSQL = "" + "SELECT key_type, key_data FROM keyserver_cross_signing_keys" + " WHERE user_id = $1" -const selectCrossSigningKeysForUserAndKeyTypeSQL = "" + - "SELECT key_type, key_data FROM keyserver_cross_signing_keys" + - " WHERE user_id = $1 AND key_type = $2" - const upsertCrossSigningKeysForUserSQL = "" + "INSERT INTO keyserver_cross_signing_keys (user_id, key_type, key_data)" + " VALUES($1, $2, $3)" + " ON CONFLICT (user_id, key_type) DO UPDATE SET key_data = $3" type crossSigningKeysStatements struct { - db *sql.DB - selectCrossSigningKeysForUserStmt *sql.Stmt - selectCrossSigningKeysForUserAndKeyTypeStmt *sql.Stmt - upsertCrossSigningKeysForUserStmt *sql.Stmt + db *sql.DB + selectCrossSigningKeysForUserStmt *sql.Stmt + upsertCrossSigningKeysForUserStmt *sql.Stmt } func NewPostgresCrossSigningKeysTable(db *sql.DB) (tables.CrossSigningKeys, error) { @@ -63,7 +58,6 @@ func NewPostgresCrossSigningKeysTable(db *sql.DB) (tables.CrossSigningKeys, erro } return s, sqlutil.StatementList{ {&s.selectCrossSigningKeysForUserStmt, selectCrossSigningKeysForUserSQL}, - {&s.selectCrossSigningKeysForUserAndKeyTypeStmt, selectCrossSigningKeysForUserAndKeyTypeSQL}, {&s.upsertCrossSigningKeysForUserStmt, upsertCrossSigningKeysForUserSQL}, }.Prepare(db) } @@ -93,35 +87,6 @@ func (s *crossSigningKeysStatements) SelectCrossSigningKeysForUser( return } -func (s *crossSigningKeysStatements) SelectCrossSigningKeysForUserAndKeyType( - ctx context.Context, txn *sql.Tx, userID string, keyType fclient.CrossSigningKeyPurpose, -) (r types.CrossSigningKeyMap, err error) { - keyTypeInt, ok := types.KeyTypePurposeToInt[keyType] - if !ok { - return nil, fmt.Errorf("unknown key purpose %q", keyType) - } - rows, err := sqlutil.TxStmt(txn, s.selectCrossSigningKeysForUserAndKeyTypeStmt).QueryContext(ctx, userID, keyTypeInt) - if err != nil { - return nil, err - } - defer internal.CloseAndLogIfError(ctx, rows, "SelectCrossSigningKeysForUserAndKeyType: rows.close() failed") - r = types.CrossSigningKeyMap{} - for rows.Next() { - var keyTypeInt int16 - var keyData spec.Base64Bytes - if err = rows.Scan(&keyTypeInt, &keyData); err != nil { - return nil, err - } - keyType, ok := types.KeyTypeIntToPurpose[keyTypeInt] - if !ok { - return nil, fmt.Errorf("unknown key purpose int %d", keyTypeInt) - } - r[keyType] = keyData - } - err = rows.Err() - return -} - func (s *crossSigningKeysStatements) UpsertCrossSigningKeysForUser( ctx context.Context, txn *sql.Tx, userID string, keyType fclient.CrossSigningKeyPurpose, keyData spec.Base64Bytes, ) error { diff --git a/userapi/storage/shared/storage.go b/userapi/storage/shared/storage.go index 17140e69..e7f7789e 100644 --- a/userapi/storage/shared/storage.go +++ b/userapi/storage/shared/storage.go @@ -1172,11 +1172,6 @@ func (d *KeyDatabase) CrossSigningKeysDataForUser(ctx context.Context, userID st return d.CrossSigningKeysTable.SelectCrossSigningKeysForUser(ctx, nil, userID) } -// CrossSigningKeysForUserAndKeyType returns the latest known cross-signing keys for a user and key type, if any. -func (d *KeyDatabase) CrossSigningKeysDataForUserAndKeyType(ctx context.Context, userID string, keyType fclient.CrossSigningKeyPurpose) (types.CrossSigningKeyMap, error) { - return d.CrossSigningKeysTable.SelectCrossSigningKeysForUserAndKeyType(ctx, nil, userID, keyType) -} - // CrossSigningSigsForTarget returns the signatures for a given user's key ID, if any. func (d *KeyDatabase) CrossSigningSigsForTarget(ctx context.Context, originUserID, targetUserID string, targetKeyID gomatrixserverlib.KeyID) (types.CrossSigningSigMap, error) { return d.CrossSigningSigsTable.SelectCrossSigningSigsForTarget(ctx, nil, originUserID, targetUserID, targetKeyID) diff --git a/userapi/storage/sqlite3/cross_signing_keys_table.go b/userapi/storage/sqlite3/cross_signing_keys_table.go index c57ffd39..e34e0d36 100644 --- a/userapi/storage/sqlite3/cross_signing_keys_table.go +++ b/userapi/storage/sqlite3/cross_signing_keys_table.go @@ -32,19 +32,14 @@ const selectCrossSigningKeysForUserSQL = "" + "SELECT key_type, key_data FROM keyserver_cross_signing_keys" + " WHERE user_id = $1" -const selectCrossSigningKeysForUserAndKeyTypeSQL = "" + - "SELECT key_type, key_data FROM keyserver_cross_signing_keys" + - " WHERE user_id = $1 AND key_type = $2" - const upsertCrossSigningKeysForUserSQL = "" + "INSERT OR REPLACE INTO keyserver_cross_signing_keys (user_id, key_type, key_data)" + " VALUES($1, $2, $3)" type crossSigningKeysStatements struct { - db *sql.DB - selectCrossSigningKeysForUserStmt *sql.Stmt - selectCrossSigningKeysForUserAndKeyTypeStmt *sql.Stmt - upsertCrossSigningKeysForUserStmt *sql.Stmt + db *sql.DB + selectCrossSigningKeysForUserStmt *sql.Stmt + upsertCrossSigningKeysForUserStmt *sql.Stmt } func NewSqliteCrossSigningKeysTable(db *sql.DB) (tables.CrossSigningKeys, error) { @@ -62,7 +57,6 @@ func NewSqliteCrossSigningKeysTable(db *sql.DB) (tables.CrossSigningKeys, error) } return s, sqlutil.StatementList{ {&s.selectCrossSigningKeysForUserStmt, selectCrossSigningKeysForUserSQL}, - {&s.selectCrossSigningKeysForUserAndKeyTypeStmt, selectCrossSigningKeysForUserAndKeyTypeSQL}, {&s.upsertCrossSigningKeysForUserStmt, upsertCrossSigningKeysForUserSQL}, }.Prepare(db) } @@ -92,35 +86,6 @@ func (s *crossSigningKeysStatements) SelectCrossSigningKeysForUser( return } -func (s *crossSigningKeysStatements) SelectCrossSigningKeysForUserAndKeyType( - ctx context.Context, txn *sql.Tx, userID string, keyType fclient.CrossSigningKeyPurpose, -) (r types.CrossSigningKeyMap, err error) { - keyTypeInt, ok := types.KeyTypePurposeToInt[keyType] - if !ok { - return nil, fmt.Errorf("unknown key purpose %q", keyType) - } - rows, err := sqlutil.TxStmt(txn, s.selectCrossSigningKeysForUserAndKeyTypeStmt).QueryContext(ctx, userID, keyTypeInt) - if err != nil { - return nil, err - } - defer internal.CloseAndLogIfError(ctx, rows, "SelectCrossSigningKeysForUserAndKeyType: rows.close() failed") - r = types.CrossSigningKeyMap{} - for rows.Next() { - var keyTypeInt int16 - var keyData spec.Base64Bytes - if err = rows.Scan(&keyTypeInt, &keyData); err != nil { - return nil, err - } - keyType, ok := types.KeyTypeIntToPurpose[keyTypeInt] - if !ok { - return nil, fmt.Errorf("unknown key purpose int %d", keyTypeInt) - } - r[keyType] = keyData - } - err = rows.Err() - return -} - func (s *crossSigningKeysStatements) UpsertCrossSigningKeysForUser( ctx context.Context, txn *sql.Tx, userID string, keyType fclient.CrossSigningKeyPurpose, keyData spec.Base64Bytes) error { keyTypeInt, ok := types.KeyTypePurposeToInt[keyType] diff --git a/userapi/storage/tables/interface.go b/userapi/storage/tables/interface.go index fd9f10c3..e0dedcb3 100644 --- a/userapi/storage/tables/interface.go +++ b/userapi/storage/tables/interface.go @@ -198,7 +198,6 @@ type StaleDeviceLists interface { type CrossSigningKeys interface { SelectCrossSigningKeysForUser(ctx context.Context, txn *sql.Tx, userID string) (r types.CrossSigningKeyMap, err error) - SelectCrossSigningKeysForUserAndKeyType(ctx context.Context, txn *sql.Tx, userID string, keyType fclient.CrossSigningKeyPurpose) (r types.CrossSigningKeyMap, err error) UpsertCrossSigningKeysForUser(ctx context.Context, txn *sql.Tx, userID string, keyType fclient.CrossSigningKeyPurpose, keyData spec.Base64Bytes) error }