diff --git a/serverkeyapi/internal/api.go b/serverkeyapi/internal/api.go index 0a243baf7..2be7ae794 100644 --- a/serverkeyapi/internal/api.go +++ b/serverkeyapi/internal/api.go @@ -21,15 +21,18 @@ type ServerKeyAPI struct { } func (s *ServerKeyAPI) QueryLocalKeys(ctx context.Context, request *api.QueryLocalKeysRequest, response *api.QueryLocalKeysResponse) error { - response.ServerKeys.ServerName = s.Cfg.Matrix.ServerName - publicKey := s.Cfg.Matrix.PrivateKey.Public().(ed25519.PublicKey) + + response.ServerKeys.ServerName = s.Cfg.Matrix.ServerName response.ServerKeys.VerifyKeys = map[gomatrixserverlib.KeyID]gomatrixserverlib.VerifyKey{ s.Cfg.Matrix.KeyID: { Key: gomatrixserverlib.Base64Bytes(publicKey), }, } response.ServerKeys.TLSFingerprints = s.Cfg.Matrix.TLSFingerPrints + // TODO: Handle old expired keys. We should probably have a configuration section + // for these, as it's really counter-intuitive for people to have to rake through + // the database to find their own past keys. response.ServerKeys.OldVerifyKeys = map[gomatrixserverlib.KeyID]gomatrixserverlib.OldVerifyKey{} response.ServerKeys.ValidUntilTS = gomatrixserverlib.AsTimestamp(time.Now().Add(s.Cfg.Matrix.KeyValidityPeriod)) @@ -65,6 +68,7 @@ func (s *ServerKeyAPI) StoreKeys( return s.OurKeyRing.KeyDatabase.StoreKeys(ctx, results) } +// nolint:gocyclo func (s *ServerKeyAPI) FetchKeys( _ context.Context, requests map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.Timestamp, @@ -74,7 +78,40 @@ func (s *ServerKeyAPI) FetchKeys( ctx := context.Background() results := map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult{} now := gomatrixserverlib.AsTimestamp(time.Now()) - // First consult our local database and see if we have the requested + // First, check if any of these key checks are for our own keys. If + // they are then we will satisfy them directly. + for req := range requests { + if req.ServerName == s.Cfg.Matrix.ServerName { + // We found a key request that is supposed to be for our own + // keys. Remove it from the request list so we don't hit the + // database or the fetchers for it. + delete(requests, req) + // Look up our own keys. + request := &api.QueryLocalKeysRequest{} + response := &api.QueryLocalKeysResponse{} + if err := s.QueryLocalKeys(ctx, request, response); err != nil { + return nil, err + } + // Depending on whether the key is expired or not, we'll need + // to write slightly different + if verifyKeys, ok := response.ServerKeys.VerifyKeys[req.KeyID]; ok { + // The key is current. + results[req] = gomatrixserverlib.PublicKeyLookupResult{ + VerifyKey: verifyKeys, + ExpiredTS: gomatrixserverlib.PublicKeyNotExpired, + ValidUntilTS: response.ServerKeys.ValidUntilTS, + } + } else if verifyKeys, ok := response.ServerKeys.OldVerifyKeys[req.KeyID]; ok { + // The key is expired. + results[req] = gomatrixserverlib.PublicKeyLookupResult{ + VerifyKey: verifyKeys.VerifyKey, + ExpiredTS: verifyKeys.ExpiredTS, + ValidUntilTS: gomatrixserverlib.PublicKeyNotValid, + } + } + } + } + // Then consult our local database and see if we have the requested // keys. These might come from a cache, depending on the database // implementation used. if dbResults, err := s.OurKeyRing.KeyDatabase.FetchKeys(ctx, requests); err == nil { diff --git a/serverkeyapi/storage/postgres/keydb.go b/serverkeyapi/storage/postgres/keydb.go index aaa1292af..57a9a17e3 100644 --- a/serverkeyapi/storage/postgres/keydb.go +++ b/serverkeyapi/storage/postgres/keydb.go @@ -51,30 +51,6 @@ func NewDatabase( if err != nil { return nil, err } - // Store our own keys so that we don't end up making HTTP requests to find our - // own keys - /* - index := gomatrixserverlib.PublicKeyLookupRequest{ - ServerName: serverName, - KeyID: serverKeyID, - } - value := gomatrixserverlib.PublicKeyLookupResult{ - VerifyKey: gomatrixserverlib.VerifyKey{ - Key: gomatrixserverlib.Base64Bytes(serverKey), - }, - ValidUntilTS: gomatrixserverlib.AsTimestamp(time.Now().Add(100 * 365 * 24 * time.Hour)), - ExpiredTS: gomatrixserverlib.PublicKeyNotExpired, - } - err = d.StoreKeys( - context.Background(), - map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult{ - index: value, - }, - ) - if err != nil { - return nil, err - } - */ return d, nil } diff --git a/serverkeyapi/storage/sqlite3/keydb.go b/serverkeyapi/storage/sqlite3/keydb.go index cbad0c2e0..a7a1db100 100644 --- a/serverkeyapi/storage/sqlite3/keydb.go +++ b/serverkeyapi/storage/sqlite3/keydb.go @@ -56,27 +56,6 @@ func NewDatabase( if err != nil { return nil, err } - // Store our own keys so that we don't end up making HTTP requests to find our - // own keys - /* - index := gomatrixserverlib.PublicKeyLookupRequest{ - ServerName: serverName, - KeyID: serverKeyID, - } - value := gomatrixserverlib.PublicKeyLookupResult{ - VerifyKey: gomatrixserverlib.VerifyKey{ - Key: gomatrixserverlib.Base64Bytes(serverKey), - }, - ValidUntilTS: gomatrixserverlib.AsTimestamp(time.Now().Add(100 * 365 * 24 * time.Hour)), - ExpiredTS: gomatrixserverlib.PublicKeyNotExpired, - } - err = d.StoreKeys( - context.Background(), - map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult{ - index: value, - }, - ) - */ if err != nil { return nil, err }