diff options
author | Erik Johnston <erik@matrix.org> | 2014-10-31 17:08:52 +0000 |
---|---|---|
committer | Erik Johnston <erik@matrix.org> | 2014-10-31 17:08:52 +0000 |
commit | ecabff7eb49ea799d9f52fad1e05f1f9a4b31e1c (patch) | |
tree | ae7ff886fbb0b65f0bc82215bf88e48b3d7d3e04 /synapse | |
parent | Remove unused signature storage methods (diff) | |
download | synapse-ecabff7eb49ea799d9f52fad1e05f1f9a4b31e1c.tar.xz |
Sign evnets
Diffstat (limited to 'synapse')
-rw-r--r-- | synapse/crypto/event_signing.py | 20 | ||||
-rw-r--r-- | synapse/storage/__init__.py | 6 |
2 files changed, 26 insertions, 0 deletions
diff --git a/synapse/crypto/event_signing.py b/synapse/crypto/event_signing.py index 07e383e221..cb2db01c04 100644 --- a/synapse/crypto/event_signing.py +++ b/synapse/crypto/event_signing.py @@ -94,3 +94,23 @@ def verify_signed_event_pdu(pdu, signature_name, verify_key): tmp_pdu = prune_pdu(tmp_pdu) pdu_json = tmp_pdu.get_dict() verify_signed_json(pdu_json, signature_name, verify_key) + + +def add_hashes_and_signatures(event, signature_name, signing_key, + hash_algorithm=hashlib.sha256): + tmp_event = copy.deepcopy(event) + tmp_event = prune_event(tmp_event) + redact_json = tmp_event.get_dict() + redact_json.pop("signatures", None) + redact_json = sign_json(redact_json, signature_name, signing_key) + event.signatures = redact_json["signatures"] + + event_json = event.get_full_dict() + #TODO: We need to sign the JSON that is going out via fedaration. + event_json.pop("age_ts", None) + event_json.pop("unsigned", None) + event_json.pop("signatures", None) + event_json.pop("hashes", None) + event_json_bytes = encode_canonical_json(event_json) + hashed = hash_algorithm(event_json_bytes) + event.hashes[hashed.name] = encode_base64(hashed.digest()) diff --git a/synapse/storage/__init__.py b/synapse/storage/__init__.py index 31a0022d54..1f39a4094e 100644 --- a/synapse/storage/__init__.py +++ b/synapse/storage/__init__.py @@ -255,6 +255,12 @@ class DataStore(RoomMemberStore, RoomStore, } ) + for hash_alg, hash_base64 in event.hashes.items(): + hash_bytes = decode_base64(hash_base64) + self._store_event_content_hash_txn( + txn, event.event_id, hash_alg, hash_bytes, + ) + if hasattr(event, "signatures"): signatures = event.signatures.get(event.origin, {}) |