diff --git a/synapse/crypto/event_signing.py b/synapse/crypto/event_signing.py
index 07e383e221..cb2db01c04 100644
--- a/synapse/crypto/event_signing.py
+++ b/synapse/crypto/event_signing.py
@@ -94,3 +94,23 @@ def verify_signed_event_pdu(pdu, signature_name, verify_key):
tmp_pdu = prune_pdu(tmp_pdu)
pdu_json = tmp_pdu.get_dict()
verify_signed_json(pdu_json, signature_name, verify_key)
+
+
+def add_hashes_and_signatures(event, signature_name, signing_key,
+ hash_algorithm=hashlib.sha256):
+ tmp_event = copy.deepcopy(event)
+ tmp_event = prune_event(tmp_event)
+ redact_json = tmp_event.get_dict()
+ redact_json.pop("signatures", None)
+ redact_json = sign_json(redact_json, signature_name, signing_key)
+ event.signatures = redact_json["signatures"]
+
+ event_json = event.get_full_dict()
+ #TODO: We need to sign the JSON that is going out via fedaration.
+ event_json.pop("age_ts", None)
+ event_json.pop("unsigned", None)
+ event_json.pop("signatures", None)
+ event_json.pop("hashes", None)
+ event_json_bytes = encode_canonical_json(event_json)
+ hashed = hash_algorithm(event_json_bytes)
+ event.hashes[hashed.name] = encode_base64(hashed.digest())
diff --git a/synapse/storage/__init__.py b/synapse/storage/__init__.py
index 31a0022d54..1f39a4094e 100644
--- a/synapse/storage/__init__.py
+++ b/synapse/storage/__init__.py
@@ -255,6 +255,12 @@ class DataStore(RoomMemberStore, RoomStore,
}
)
+ for hash_alg, hash_base64 in event.hashes.items():
+ hash_bytes = decode_base64(hash_base64)
+ self._store_event_content_hash_txn(
+ txn, event.event_id, hash_alg, hash_bytes,
+ )
+
if hasattr(event, "signatures"):
signatures = event.signatures.get(event.origin, {})
|
