chore(crypto): Improve the log for the one-time key signature error

2026-05-18 21:52:30 -04:00 · 2022-11-10 18:40:14 +01:00
parent 45cf32dfab
commit 0d80c0e3fe
2 changed files with 19 additions and 9 deletions
--- a/crates/matrix-sdk-crypto/src/error.rs
+++ b/crates/matrix-sdk-crypto/src/error.rs
@@ -18,7 +18,7 @@ use thiserror::Error;
 use vodozemac::{Curve25519PublicKey, Ed25519PublicKey};

 use super::store::CryptoStoreError;
-use crate::olm::SessionExportError;
+use crate::{olm::SessionExportError, types::SignedKey};

 pub type OlmResult<T> = Result<T, OlmError>;
 pub type MegolmResult<T> = Result<T, MegolmError>;
@@ -229,8 +229,18 @@ pub enum SessionCreationError {
    OneTimeKeyUnknown(OwnedUserId, OwnedDeviceId),

    /// Failed to verify the one-time key signatures.
-    #[error("Failed to verify the one-time key signatures for {0} {1}: {2:?}")]
-    InvalidSignature(OwnedUserId, OwnedDeviceId, SignatureError),
+    #[error(
+        "Failed to verify the signature of a one-time key, key: {one_time_key:?}, \
+        signing_key: {signing_key:?}: {error:?}"
+    )]
+    InvalidSignature {
+        /// The one-time key that failed the signature verification.
+        one_time_key: SignedKey,
+        /// The key that was used to verify the signature.
+        signing_key: Option<Ed25519PublicKey>,
+        /// The exact error describing why the signature verification failed.
+        error: SignatureError,
+    },

    /// The user's device is missing a curve25519 key.
    #[error(
--- a/crates/matrix-sdk-crypto/src/olm/account.rs
+++ b/crates/matrix-sdk-crypto/src/olm/account.rs
@@ -1036,12 +1036,12 @@ impl ReadOnlyAccount {
            Err(e) => return Err(SessionCreationError::InvalidJson(e)),
        };

-        device.verify_one_time_key(&one_time_key).map_err(|e| {
-            SessionCreationError::InvalidSignature(
-                device.user_id().to_owned(),
-                device.device_id().into(),
-                e,
-            )
+        device.verify_one_time_key(&one_time_key).map_err(|error| {
+            SessionCreationError::InvalidSignature {
+                signing_key: device.ed25519_key(),
+                one_time_key: one_time_key.clone(),
+                error,
+            }
        })?;

        let identity_key = device.curve25519_key().ok_or_else(|| {