Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

scripts-dev/sign_json: support for signing events #11486

Merged
merged 5 commits into from
Dec 2, 2021
Merged

scripts-dev/sign_json: support for signing events #11486

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
29e0110
`scripts-dev/sign_json`: support for signing events
richvdh Dec 1, 2021
c0f437b
notes on performing the send_join dance
richvdh Dec 1, 2021
a63afb8
changelog
richvdh Dec 1, 2021
91723a2
Update scripts-dev/federation_client.py
richvdh Dec 2, 2021
b765f86
Rename 11484.misc to 11486.misc
richvdh Dec 2, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog.d/11486.misc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Extend the `scripts-dev/sign_json` script to support signing events.
19 changes: 19 additions & 0 deletions scripts-dev/federation_client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,25 @@
# See the License for the specific language governing permissions and
# limitations under the License.


"""
Script for signing and sending federation requests.

Some tips on doing the join dance with this:

room_id=...
user_id=...

# make_join
federation_client.py "/_matrix/federation/v1/make_join/$room_id/$user_id?ver=5" > make_join.json

# sign
jq -M .event make_join.json | sign_json --sign-event-room-version=$(jq -r .room_version make_join.json) -o signed-join.json

# send_join
federation_client.py -X PUT "/_matrix/federation/v2/send_join/$room_id/x" --body $(<signed-join.json) > send_join.json
"""

import argparse
import base64
import json
Expand Down
24 changes: 23 additions & 1 deletion scripts-dev/sign_json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ import yaml
from signedjson.key import read_signing_keys
from signedjson.sign import sign_json

from synapse.api.room_versions import KNOWN_ROOM_VERSIONS
from synapse.crypto.event_signing import add_hashes_and_signatures
from synapse.util import json_encoder


Expand Down Expand Up @@ -68,6 +70,16 @@ Example usage:
),
)

parser.add_argument(
"--sign-event-room-version",
type=str,
help=(
"Sign the JSON as an event for the given room version, rather than raw JSON. "
"This means that we will add a 'hashes' object, and redact the event before "
"signing."
),
)

input_args = parser.add_mutually_exclusive_group()

input_args.add_argument("input_data", nargs="?", help="Raw JSON to be signed.")
Expand Down Expand Up @@ -116,7 +128,17 @@ Example usage:
print("Input json was not an object", file=sys.stderr)
sys.exit(1)

sign_json(obj, args.server_name, keys[0])
if args.sign_event_room_version:
room_version = KNOWN_ROOM_VERSIONS.get(args.sign_event_room_version)
if not room_version:
print(
f"Unknown room version {args.sign_event_room_version}", file=sys.stderr
)
sys.exit(1)
add_hashes_and_signatures(room_version, obj, args.server_name, keys[0])
else:
sign_json(obj, args.server_name, keys[0])

for c in json_encoder.iterencode(obj):
args.output.write(c)
args.output.write("\n")
Expand Down