client-api: Use Raw variants to upload/download keys

Uploaded objects holding public keys tend to have the object signed by the very same key that is part of the object. Users that download such public keys are expected to verify the signature to confirm that the public key and its surrounding fields in the object have not been manipulated with. The SignedKey, DeviceKeys, and CrossSigningKey structs perform a lossy variant of deserialization, which removes the ability to verify signatures of the aforementioned objects. This patch changes the response types to a Raw variant, which let's the user decide how to deserialize.
2021-12-03 13:12:07 +01:00 · 2021-12-03 13:12:07 +01:00 · 786ab15c0c
commit 786ab15c0c
parent 96374a7517
4 changed files with 14 additions and 10 deletions
--- a/crates/ruma-client-api/src/r0/keys/claim_keys.rs
+++ b/crates/ruma-client-api/src/r0/keys/claim_keys.rs
@ -5,6 +5,7 @@ use std::{collections::BTreeMap, time::Duration};
 use ruma_api::ruma_api;
 use ruma_common::encryption::OneTimeKey;
 use ruma_identifiers::{DeviceId, DeviceKeyAlgorithm, DeviceKeyId, UserId};
+use ruma_serde::Raw;
 use serde_json::Value as JsonValue;

 ruma_api! {
@ -60,4 +61,4 @@ impl Response {
 }

 /// The one-time keys for a given device.
-pub type OneTimeKeys = BTreeMap<Box<DeviceId>, BTreeMap<Box<DeviceKeyId>, OneTimeKey>>;
+pub type OneTimeKeys = BTreeMap<Box<DeviceId>, BTreeMap<Box<DeviceKeyId>, Raw<OneTimeKey>>>;
--- a/crates/ruma-client-api/src/r0/keys/get_keys.rs
+++ b/crates/ruma-client-api/src/r0/keys/get_keys.rs
@ -5,6 +5,7 @@ use std::{collections::BTreeMap, time::Duration};
 use ruma_api::ruma_api;
 use ruma_common::encryption::DeviceKeys;
 use ruma_identifiers::{DeviceId, UserId};
+use ruma_serde::Raw;
 use serde_json::Value as JsonValue;

 #[cfg(feature = "unstable-pre-spec")]
@ -56,22 +57,22 @@ ruma_api! {

        /// Information on the queried devices.
        #[serde(default, skip_serializing_if = "BTreeMap::is_empty")]
-        pub device_keys: BTreeMap<Box<UserId>, BTreeMap<Box<DeviceId>, DeviceKeys>>,
+        pub device_keys: BTreeMap<Box<UserId>, BTreeMap<Box<DeviceId>, Raw<DeviceKeys>>>,

        /// Information on the master cross-signing keys of the queried users.
        #[cfg(feature = "unstable-pre-spec")]
        #[serde(default, skip_serializing_if = "BTreeMap::is_empty")]
-        pub master_keys: BTreeMap<Box<UserId>, CrossSigningKey>,
+        pub master_keys: BTreeMap<Box<UserId>, Raw<CrossSigningKey>>,

        /// Information on the self-signing keys of the queried users.
        #[cfg(feature = "unstable-pre-spec")]
        #[serde(default, skip_serializing_if = "BTreeMap::is_empty")]
-        pub self_signing_keys: BTreeMap<Box<UserId>, CrossSigningKey>,
+        pub self_signing_keys: BTreeMap<Box<UserId>, Raw<CrossSigningKey>>,

        /// Information on the user-signing keys of the queried users.
        #[cfg(feature = "unstable-pre-spec")]
        #[serde(default, skip_serializing_if = "BTreeMap::is_empty")]
-        pub user_signing_keys: BTreeMap<Box<UserId>, CrossSigningKey>,
+        pub user_signing_keys: BTreeMap<Box<UserId>, Raw<CrossSigningKey>>,
    }

    error: crate::Error
--- a/crates/ruma-client-api/src/r0/keys/upload_keys.rs
+++ b/crates/ruma-client-api/src/r0/keys/upload_keys.rs
@ -6,6 +6,7 @@ use js_int::UInt;
 use ruma_api::ruma_api;
 use ruma_common::encryption::{DeviceKeys, OneTimeKey};
 use ruma_identifiers::{DeviceKeyAlgorithm, DeviceKeyId};
+use ruma_serde::Raw;

 ruma_api! {
    metadata: {
@ -23,11 +24,11 @@ ruma_api! {
        ///
        /// May be absent if no new identity keys are required.
        #[serde(skip_serializing_if = "Option::is_none")]
-        pub device_keys: Option<DeviceKeys>,
+        pub device_keys: Option<Raw<DeviceKeys>>,

        /// One-time public keys for "pre-key" messages.
        #[serde(skip_serializing_if = "Option::is_none")]
-        pub one_time_keys: Option<BTreeMap<Box<DeviceKeyId>, OneTimeKey>>,
+        pub one_time_keys: Option<BTreeMap<Box<DeviceKeyId>, Raw<OneTimeKey>>>,
    }

    response: {
--- a/crates/ruma-client-api/src/r0/keys/upload_signing_keys.rs
+++ b/crates/ruma-client-api/src/r0/keys/upload_signing_keys.rs
@ -4,6 +4,7 @@

 use ruma_api::ruma_api;
 use ruma_common::encryption::CrossSigningKey;
+use ruma_serde::Raw;

 use crate::r0::uiaa::{AuthData, IncomingAuthData, UiaaResponse};

@ -25,21 +26,21 @@ ruma_api! {

        /// The user's master key.
        #[serde(skip_serializing_if = "Option::is_none")]
-        pub master_key: Option<CrossSigningKey>,
+        pub master_key: Option<Raw<CrossSigningKey>>,

        /// The user's self-signing key.
        ///
        /// Must be signed with the accompanied master, or by the user's most recently uploaded
        /// master key if no master key is included in the request.
        #[serde(skip_serializing_if = "Option::is_none")]
-        pub self_signing_key: Option<CrossSigningKey>,
+        pub self_signing_key: Option<Raw<CrossSigningKey>>,

        /// The user's user-signing key.
        ///
        /// Must be signed with the accompanied master, or by the user's most recently uploaded
        /// master key if no master key is included in the request.
        #[serde(skip_serializing_if = "Option::is_none")]
-        pub user_signing_key: Option<CrossSigningKey>,
+        pub user_signing_key: Option<Raw<CrossSigningKey>>,
    }

    #[derive(Default)]