Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

pass room_version into compute_event_signature #6807

Merged
merged 3 commits into from
Jan 31, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog.d/6807.misc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Refactoring work in preparation for changing the event redaction algorithm.
28 changes: 20 additions & 8 deletions synapse/crypto/event_signing.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
# -*- coding: utf-8 -*-

#
# Copyright 2014-2016 OpenMarket Ltd
# Copyright 2020 The Matrix.org Foundation C.I.C.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand All @@ -17,6 +18,7 @@
import collections.abc
import hashlib
import logging
from typing import Dict

from canonicaljson import encode_canonical_json
from signedjson.sign import sign_json
Expand Down Expand Up @@ -115,18 +117,28 @@ def compute_event_reference_hash(event, hash_algorithm=hashlib.sha256):
return hashed.name, hashed.digest()


def compute_event_signature(event_dict, signature_name, signing_key):
def compute_event_signature(
room_version: RoomVersion,
event_dict: JsonDict,
signature_name: str,
signing_key: SigningKey,
) -> Dict[str, Dict[str, str]]:
"""Compute the signature of the event for the given name and key.

Args:
event_dict (dict): The event as a dict
signature_name (str): The name of the entity signing the event
room_version: the version of the room that this event is in.
(the room version determines the redaction algorithm and hence the
json to be signed)

event_dict: The event as a dict

signature_name: The name of the entity signing the event
(typically the server's hostname).
signing_key (syutil.crypto.SigningKey): The key to sign with

signing_key: The key to sign with

Returns:
dict[str, dict[str, str]]: Returns a dictionary in the same format of
an event's signatures field.
a dictionary in the same format of an event's signatures field.
"""
redact_json = prune_event_dict(event_dict)
redact_json.pop("age_ts", None)
Expand Down Expand Up @@ -161,5 +173,5 @@ def add_hashes_and_signatures(
event_dict.setdefault("hashes", {})[name] = encode_base64(digest)

event_dict["signatures"] = compute_event_signature(
event_dict, signature_name=signature_name, signing_key=signing_key
room_version, event_dict, signature_name=signature_name, signing_key=signing_key
)
5 changes: 4 additions & 1 deletion synapse/handlers/federation.py
Original file line number Diff line number Diff line change
Expand Up @@ -1528,7 +1528,10 @@ def on_invite_request(

event.signatures.update(
compute_event_signature(
event.get_pdu_json(), self.hs.hostname, self.hs.config.signing_key[0]
room_version,
event.get_pdu_json(),
self.hs.hostname,
self.hs.config.signing_key[0],
)
)

Expand Down