@@ -680,11 +680,6 @@ def _set_e2e_cross_signing_key_txn(self, txn, user_id, key_type, key):
680680 'user_signing' for a user-signing key
681681 key (dict): the key data
682682 """
683- # the cross-signing keys need to occupy the same namespace as devices,
684- # since signatures are identified by device ID. So add an entry to the
685- # device table to make sure that we don't have a collision with device
686- # IDs
687-
688683 # the 'key' dict will look something like:
689684 # {
690685 # "user_id": "@alice:example.com",
@@ -701,16 +696,24 @@ def _set_e2e_cross_signing_key_txn(self, txn, user_id, key_type, key):
701696 # The "keys" property must only have one entry, which will be the public
702697 # key, so we just grab the first value in there
703698 pubkey = next (iter (key ["keys" ].values ()))
704- self .db .simple_insert_txn (
705- txn ,
706- "devices" ,
707- values = {
708- "user_id" : user_id ,
709- "device_id" : pubkey ,
710- "display_name" : key_type + " signing key" ,
711- "hidden" : True ,
712- },
713- )
699+
700+ # The cross-signing keys need to occupy the same namespace as devices,
701+ # since signatures are identified by device ID. So add an entry to the
702+ # device table to make sure that we don't have a collision with device
703+ # IDs.
704+ # We only need to do this for local users, since remote servers should be
705+ # responsible for checking this for their own users.
706+ if self .hs .is_mine_id (user_id ):
707+ self .db .simple_insert_txn (
708+ txn ,
709+ "devices" ,
710+ values = {
711+ "user_id" : user_id ,
712+ "device_id" : pubkey ,
713+ "display_name" : key_type + " signing key" ,
714+ "hidden" : True ,
715+ },
716+ )
714717
715718 # and finally, store the key itself
716719 with self ._cross_signing_id_gen .get_next () as stream_id :
0 commit comments