forked from MirrorHub/synapse
Add signing host and keyname to signatures
This commit is contained in:
parent
b8dd5b1a2d
commit
c225d63e9e
2 changed files with 10 additions and 6 deletions
|
@ -416,11 +416,15 @@ class Auth(object):
|
|||
key_validity_url
|
||||
)
|
||||
return False
|
||||
for _, signature_block in join_third_party_invite["signatures"].items():
|
||||
for key_name, encoded_signature in signature_block.items():
|
||||
if not key_name.startswith("ed25519:"):
|
||||
return False
|
||||
verify_key = nacl.signing.VerifyKey(decode_base64(public_key))
|
||||
encoded_signature = join_third_party_invite["signature"]
|
||||
signature = decode_base64(encoded_signature)
|
||||
verify_key.verify(token, signature)
|
||||
return True
|
||||
return False
|
||||
except (KeyError, BadSignatureError,):
|
||||
return False
|
||||
|
||||
|
|
|
@ -23,7 +23,7 @@ JOIN_KEYS = {
|
|||
"token",
|
||||
"public_key",
|
||||
"key_validity_url",
|
||||
"signature",
|
||||
"signatures",
|
||||
"sender",
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue