pass room_version into compute_event_signature (#6807)

This commit is contained in:
Richard van der Hoff 2020-01-31 13:47:43 +00:00 committed by GitHub
parent a5afdd15e5
commit 7f93eb1903
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 25 additions and 9 deletions

1
changelog.d/6807.misc Normal file
View file

@ -0,0 +1 @@
Refactoring work in preparation for changing the event redaction algorithm.

View file

@ -1,6 +1,7 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
#
# Copyright 2014-2016 OpenMarket Ltd # Copyright 2014-2016 OpenMarket Ltd
# Copyright 2020 The Matrix.org Foundation C.I.C.
# #
# Licensed under the Apache License, Version 2.0 (the "License"); # Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License. # you may not use this file except in compliance with the License.
@ -17,6 +18,7 @@
import collections.abc import collections.abc
import hashlib import hashlib
import logging import logging
from typing import Dict
from canonicaljson import encode_canonical_json from canonicaljson import encode_canonical_json
from signedjson.sign import sign_json from signedjson.sign import sign_json
@ -115,18 +117,28 @@ def compute_event_reference_hash(event, hash_algorithm=hashlib.sha256):
return hashed.name, hashed.digest() return hashed.name, hashed.digest()
def compute_event_signature(event_dict, signature_name, signing_key): def compute_event_signature(
room_version: RoomVersion,
event_dict: JsonDict,
signature_name: str,
signing_key: SigningKey,
) -> Dict[str, Dict[str, str]]:
"""Compute the signature of the event for the given name and key. """Compute the signature of the event for the given name and key.
Args: Args:
event_dict (dict): The event as a dict room_version: the version of the room that this event is in.
signature_name (str): The name of the entity signing the event (the room version determines the redaction algorithm and hence the
json to be signed)
event_dict: The event as a dict
signature_name: The name of the entity signing the event
(typically the server's hostname). (typically the server's hostname).
signing_key (syutil.crypto.SigningKey): The key to sign with
signing_key: The key to sign with
Returns: Returns:
dict[str, dict[str, str]]: Returns a dictionary in the same format of a dictionary in the same format of an event's signatures field.
an event's signatures field.
""" """
redact_json = prune_event_dict(event_dict) redact_json = prune_event_dict(event_dict)
redact_json.pop("age_ts", None) redact_json.pop("age_ts", None)
@ -161,5 +173,5 @@ def add_hashes_and_signatures(
event_dict.setdefault("hashes", {})[name] = encode_base64(digest) event_dict.setdefault("hashes", {})[name] = encode_base64(digest)
event_dict["signatures"] = compute_event_signature( event_dict["signatures"] = compute_event_signature(
event_dict, signature_name=signature_name, signing_key=signing_key room_version, event_dict, signature_name=signature_name, signing_key=signing_key
) )

View file

@ -1528,7 +1528,10 @@ class FederationHandler(BaseHandler):
event.signatures.update( event.signatures.update(
compute_event_signature( compute_event_signature(
event.get_pdu_json(), self.hs.hostname, self.hs.config.signing_key[0] room_version,
event.get_pdu_json(),
self.hs.hostname,
self.hs.config.signing_key[0],
) )
) )