From 8215384d23642cb262611d74d44e8f8128c6e22d Mon Sep 17 00:00:00 2001
From: Neil Alexander <neilalexander@users.noreply.github.com>
Date: Wed, 4 Aug 2021 10:21:13 +0100
Subject: [PATCH] Process self-signing key too

---
 keyserver/internal/cross_signing.go | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/keyserver/internal/cross_signing.go b/keyserver/internal/cross_signing.go
index 0fc31cba7..7e83cfce2 100644
--- a/keyserver/internal/cross_signing.go
+++ b/keyserver/internal/cross_signing.go
@@ -137,7 +137,7 @@ func (a *KeyInternalAPI) PerformUploadDeviceKeys(ctx context.Context, req *api.P
 		case *gomatrixserverlib.CrossSigningKey:
 			if err := sanityCheckKey(*k, req.UserID, gomatrixserverlib.CrossSigningKeyPurposeMaster); err != nil {
 				res.Error = &api.KeyError{
-					Err: "User-signing key sanity check failed: " + err.Error(),
+					Err: "Master key sanity check failed: " + err.Error(),
 				}
 				return
 			}
@@ -147,6 +147,20 @@ func (a *KeyInternalAPI) PerformUploadDeviceKeys(ctx context.Context, req *api.P
 			}
 			return
 		}
+		switch k := keys.SelfSigningKeys[req.UserID].CrossSigningBody.(type) {
+		case *gomatrixserverlib.CrossSigningKey:
+			if err := sanityCheckKey(*k, req.UserID, gomatrixserverlib.CrossSigningKeyPurposeSelfSigning); err != nil {
+				res.Error = &api.KeyError{
+					Err: "Self-signing key sanity check failed: " + err.Error(),
+				}
+				return
+			}
+		default:
+			res.Error = &api.KeyError{
+				Err: "Unexpected type for self-signing key retrieved from federation",
+			}
+			return
+		}
 	}
 
 	// If we still don't have a master key at this point then there's nothing else