@@ -987,12 +987,22 @@ def _get_e2e_cross_signing_verify_key(
987987 SynapseError: if `user_id` is invalid
988988 """
989989 user = UserID .from_string (user_id )
990+
990991 key_id = None
991992 verify_key = None
992-
993993 key = yield self .store .get_e2e_cross_signing_key (
994994 user_id , key_type , from_user_id
995995 )
996+ if key is not None :
997+ try :
998+ key_id , verify_key = get_verify_key_from_cross_signing_key (key )
999+ except ValueError as e :
1000+ logger .warning (
1001+ "Invalid %s key retrieved: %s - %s %s" , key_type , key , type (e ), e ,
1002+ )
1003+ raise SynapseError (
1004+ 502 , "Invalid %s key retrieved from database" % (key_type ,)
1005+ )
9961006
9971007 # If we couldn't find the key locally, and we're looking for keys of
9981008 # another user then attempt to fetch the missing key from the remote
@@ -1008,32 +1018,20 @@ def _get_e2e_cross_signing_verify_key(
10081018 # We only get "master" and "self_signing" keys from remote servers
10091019 and key_type in ["master" , "self_signing" ]
10101020 ):
1011- key = yield self ._retrieve_cross_signing_keys_for_remote_user (
1021+ key , key_id , verify_key = yield self ._retrieve_cross_signing_keys_for_remote_user (
10121022 user , key_type
10131023 )
10141024
10151025 if key is None :
10161026 logger .debug ("No %s key found for %s" , key_type , user_id )
10171027 raise NotFoundError ("No %s key found for %s" % (key_type , user_id ))
10181028
1019- # If we retrieved the keys remotely, these values will already be set
1020- if key_id is None or verify_key is None :
1021- try :
1022- key_id , verify_key = get_verify_key_from_cross_signing_key (key )
1023- except ValueError as e :
1024- logger .debug (
1025- "Invalid %s key retrieved: %s - %s %s" , key_type , key , type (e ), e ,
1026- )
1027- raise SynapseError (
1028- 502 , "Invalid %s key retrieved from remote server" , key_type
1029- )
1030-
10311029 return key , key_id , verify_key
10321030
10331031 @defer .inlineCallbacks
10341032 def _retrieve_cross_signing_keys_for_remote_user (
10351033 self , user : UserID , desired_key_type : str ,
1036- ) -> Tuple [ Optional [ Dict ], Optional [ str ], Optional [ VerifyKey ]] :
1034+ ):
10371035 """Queries cross-signing keys for a remote user and saves them to the database
10381036
10391037 Only the key specified by `key_type` will be returned, while all retrieved keys
@@ -1044,7 +1042,8 @@ def _retrieve_cross_signing_keys_for_remote_user(
10441042 desired_key_type: The type of key to receive. One of "master", "self_signing"
10451043
10461044 Returns:
1047- A tuple of the retrieved key content, the key's ID and the matching VerifyKey.
1045+ Deferred[Tuple[Optional[Dict], Optional[str], Optional[VerifyKey]]]: A tuple
1046+ of the retrieved key content, the key's ID and the matching VerifyKey.
10481047 If the key cannot be retrieved, all values in the tuple will instead be None.
10491048 """
10501049 try :
@@ -1059,7 +1058,7 @@ def _retrieve_cross_signing_keys_for_remote_user(
10591058 type (e ),
10601059 e ,
10611060 )
1062- return None
1061+ return None , None , None
10631062
10641063 # Process each of the retrieved cross-signing keys
10651064 final_key = None
@@ -1084,8 +1083,9 @@ def _retrieve_cross_signing_keys_for_remote_user(
10841083 # algorithm and colon, which is the device ID
10851084 key_id , verify_key = get_verify_key_from_cross_signing_key (key_content )
10861085 except ValueError as e :
1087- logger .debug (
1088- "Invalid %s key retrieved: %s - %s %s" ,
1086+ logger .warning (
1087+ "Invalid %s key retrieved from remote %s: %s - %s %s" ,
1088+ user .domain ,
10891089 key_type ,
10901090 key_content ,
10911091 type (e ),
@@ -1094,7 +1094,7 @@ def _retrieve_cross_signing_keys_for_remote_user(
10941094 continue
10951095 device_ids .append (verify_key .version )
10961096
1097- # If this is the desired key type, save it and it's ID/VerifyKey
1097+ # If this is the desired key type, save it and its ID/VerifyKey
10981098 if key_type == desired_key_type :
10991099 final_key = key_content
11001100 final_verify_key = verify_key
0 commit comments