diff --git a/changelog.d/17097.misc b/changelog.d/17097.misc
new file mode 100644
index 0000000000..42792e5f38
--- /dev/null
+++ b/changelog.d/17097.misc
@@ -0,0 +1 @@
+Extend validation of uploaded device keys.
\ No newline at end of file
diff --git a/synapse/handlers/e2e_keys.py b/synapse/handlers/e2e_keys.py
index 540995e062..c13de7c067 100644
--- a/synapse/handlers/e2e_keys.py
+++ b/synapse/handlers/e2e_keys.py
@@ -58,7 +58,6 @@ if TYPE_CHECKING:
logger = logging.getLogger(__name__)
-
ONE_TIME_KEY_UPLOAD = "one_time_key_upload_lock"
@@ -821,15 +820,29 @@ class E2eKeysHandler:
# TODO: Validate the JSON to make sure it has the right keys.
device_keys = keys.get("device_keys", None)
- if device_keys:
- await self.device_key_uploader(
- user_id=user_id,
- device_id=device_id,
- keys={"device_keys": device_keys},
- )
+ if device_keys and isinstance(device_keys, dict):
+ # Validate that user_id and device_id match the requesting user
+ if (
+ device_keys["user_id"] == user_id
+ and device_keys["device_id"] == device_id
+ ):
+ await self.device_key_uploader(
+ user_id=user_id,
+ device_id=device_id,
+ keys={"device_keys": device_keys},
+ )
+ else:
+ log_kv(
+ {
+ "message": "Not updating device_keys for user, user_id or device_id mismatch",
+ "user_id": user_id,
+ }
+ )
+ else:
+ log_kv({"message": "Did not update device_keys", "reason": "not a dict"})
one_time_keys = keys.get("one_time_keys", None)
- if one_time_keys:
+ if one_time_keys and isinstance(one_time_keys, dict):
log_kv(
{
"message": "Updating one_time_keys for device.",
@@ -840,6 +853,8 @@ class E2eKeysHandler:
await self._upload_one_time_keys_for_user(
user_id, device_id, time_now, one_time_keys
)
+ elif one_time_keys:
+ log_kv({"message": "Did not update device_keys", "reason": "not a dict"})
else:
log_kv(
{"message": "Did not update one_time_keys", "reason": "no keys given"}