diff options
author | Erik Johnston <erik@matrix.org> | 2019-08-21 10:39:45 +0100 |
---|---|---|
committer | Erik Johnston <erik@matrix.org> | 2019-08-21 11:21:58 +0100 |
commit | 97cbc96093dcd878bc823f34d71437a08786a3e4 (patch) | |
tree | a1c35804e4eb7a86288bccfc874868f4bf31a85d /synapse/crypto/keyring.py | |
parent | Add config option for keys to use to sign keys (diff) | |
download | synapse-97cbc96093dcd878bc823f34d71437a08786a3e4.tar.xz |
Only sign when we respond to remote key requests
Diffstat (limited to 'synapse/crypto/keyring.py')
-rw-r--r-- | synapse/crypto/keyring.py | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/synapse/crypto/keyring.py b/synapse/crypto/keyring.py index a3b55e349e..abeb0ac26e 100644 --- a/synapse/crypto/keyring.py +++ b/synapse/crypto/keyring.py @@ -30,7 +30,6 @@ from signedjson.key import ( from signedjson.sign import ( SignatureVerifyException, encode_canonical_json, - sign_json, signature_ids, verify_signed_json, ) @@ -540,15 +539,7 @@ class BaseV2KeyFetcher(object): verify_key=verify_key, valid_until_ts=key_data["expired_ts"] ) - # re-sign the json with our own keys, so that it is ready if we are - # asked to give it out as a notary server - signed_key_json = response_json - for signing_key in self.config.key_server_signing_keys: - signed_key_json = sign_json( - signed_key_json, self.config.server_name, signing_key - ) - - signed_key_json_bytes = encode_canonical_json(signed_key_json) + signed_key_json_bytes = encode_canonical_json(response_json) yield make_deferred_yieldable( defer.gatherResults( |