Finish linking request validation

SignalServiceKit/src/Loki/API/Multi Device/LokiDeviceLinkingSession.swift

@@ -27,7 +27,7 @@ public final class LokiDeviceLinkingSession : NSObject {
         let master = LokiDeviceLink.Device(hexEncodedPublicKey: OWSIdentityManager.shared().identityKeyPair()!.hexEncodedPublicKey)
         let slave = LokiDeviceLink.Device(hexEncodedPublicKey: slaveHexEncodedPublicKey, signature: slaveSignature)
         let deviceLink = LokiDeviceLink(between: master, and: slave)
-        guard isValid(deviceLink) else { return }
+        guard isValidLinkingRequest(deviceLink) else { return }
         delegate.requestUserAuthorization(for: deviceLink)
     }
     
@@ -41,9 +41,12 @@ public final class LokiDeviceLinkingSession : NSObject {
     }
     
     // MARK: Private API
-    private func isValid(_ deviceLink: LokiDeviceLink) -> Bool {
-        let signature = deviceLink.slave.signature!
-        let publicKey = Data(hex: deviceLink.slave.hexEncodedPublicKey)
-        return try? Ed25519.verifySignature(signature, publicKey: publicKey, data: Data()) ?? false // TODO: Data
+    private func isValidLinkingRequest(_ deviceLink: LokiDeviceLink) -> Bool {
+        // When requesting a device link, the slave device signs the master device's public key. When authorizing
+        // a device link, the master device signs the slave device's public key.
+        let slaveSignature = deviceLink.slave.signature!
+        let slavePublicKey = Data(hex: deviceLink.slave.hexEncodedPublicKey)
+        let masterPublicKey = Data(hex: deviceLink.master.hexEncodedPublicKey)
+        return (try? Ed25519.verifySignature(slaveSignature, publicKey: slavePublicKey, data: masterPublicKey)) ?? false
     }
 }