forked from MirrorHub/synapse
pass room_version into compute_event_signature (#6807)
This commit is contained in:
parent
a5afdd15e5
commit
7f93eb1903
3 changed files with 25 additions and 9 deletions
1
changelog.d/6807.misc
Normal file
1
changelog.d/6807.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Refactoring work in preparation for changing the event redaction algorithm.
|
|
@ -1,6 +1,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
#
|
||||||
# Copyright 2014-2016 OpenMarket Ltd
|
# Copyright 2014-2016 OpenMarket Ltd
|
||||||
|
# Copyright 2020 The Matrix.org Foundation C.I.C.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
|
@ -17,6 +18,7 @@
|
||||||
import collections.abc
|
import collections.abc
|
||||||
import hashlib
|
import hashlib
|
||||||
import logging
|
import logging
|
||||||
|
from typing import Dict
|
||||||
|
|
||||||
from canonicaljson import encode_canonical_json
|
from canonicaljson import encode_canonical_json
|
||||||
from signedjson.sign import sign_json
|
from signedjson.sign import sign_json
|
||||||
|
@ -115,18 +117,28 @@ def compute_event_reference_hash(event, hash_algorithm=hashlib.sha256):
|
||||||
return hashed.name, hashed.digest()
|
return hashed.name, hashed.digest()
|
||||||
|
|
||||||
|
|
||||||
def compute_event_signature(event_dict, signature_name, signing_key):
|
def compute_event_signature(
|
||||||
|
room_version: RoomVersion,
|
||||||
|
event_dict: JsonDict,
|
||||||
|
signature_name: str,
|
||||||
|
signing_key: SigningKey,
|
||||||
|
) -> Dict[str, Dict[str, str]]:
|
||||||
"""Compute the signature of the event for the given name and key.
|
"""Compute the signature of the event for the given name and key.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
event_dict (dict): The event as a dict
|
room_version: the version of the room that this event is in.
|
||||||
signature_name (str): The name of the entity signing the event
|
(the room version determines the redaction algorithm and hence the
|
||||||
|
json to be signed)
|
||||||
|
|
||||||
|
event_dict: The event as a dict
|
||||||
|
|
||||||
|
signature_name: The name of the entity signing the event
|
||||||
(typically the server's hostname).
|
(typically the server's hostname).
|
||||||
signing_key (syutil.crypto.SigningKey): The key to sign with
|
|
||||||
|
signing_key: The key to sign with
|
||||||
|
|
||||||
Returns:
|
Returns:
|
||||||
dict[str, dict[str, str]]: Returns a dictionary in the same format of
|
a dictionary in the same format of an event's signatures field.
|
||||||
an event's signatures field.
|
|
||||||
"""
|
"""
|
||||||
redact_json = prune_event_dict(event_dict)
|
redact_json = prune_event_dict(event_dict)
|
||||||
redact_json.pop("age_ts", None)
|
redact_json.pop("age_ts", None)
|
||||||
|
@ -161,5 +173,5 @@ def add_hashes_and_signatures(
|
||||||
event_dict.setdefault("hashes", {})[name] = encode_base64(digest)
|
event_dict.setdefault("hashes", {})[name] = encode_base64(digest)
|
||||||
|
|
||||||
event_dict["signatures"] = compute_event_signature(
|
event_dict["signatures"] = compute_event_signature(
|
||||||
event_dict, signature_name=signature_name, signing_key=signing_key
|
room_version, event_dict, signature_name=signature_name, signing_key=signing_key
|
||||||
)
|
)
|
||||||
|
|
|
@ -1528,7 +1528,10 @@ class FederationHandler(BaseHandler):
|
||||||
|
|
||||||
event.signatures.update(
|
event.signatures.update(
|
||||||
compute_event_signature(
|
compute_event_signature(
|
||||||
event.get_pdu_json(), self.hs.hostname, self.hs.config.signing_key[0]
|
room_version,
|
||||||
|
event.get_pdu_json(),
|
||||||
|
self.hs.hostname,
|
||||||
|
self.hs.config.signing_key[0],
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue