summary refs log tree commit diff
path: root/tests/crypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Replace make_awaitable with AsyncMock (#16179)Patrick Cloke2023-08-241-3/+2
| | | | Python 3.8 provides a native AsyncMock, we can replace the homegrown version we have.
* Add cache to `get_server_keys_json_for_remote` (#16123)Erik Johnston2023-08-181-38/+23
|
* Run pyupgrade for python 3.7 & 3.8. (#16110)Patrick Cloke2023-08-151-1/+1
|
* Modify StoreKeyFetcher to read from server_keys_json. (#15417)Patrick Cloke2023-04-201-31/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | Before this change: * `PerspectivesKeyFetcher` and `ServerKeyFetcher` write to `server_keys_json`. * `PerspectivesKeyFetcher` also writes to `server_signature_keys`. * `StoreKeyFetcher` reads from `server_signature_keys`. After this change: * `PerspectivesKeyFetcher` and `ServerKeyFetcher` write to `server_keys_json`. * `PerspectivesKeyFetcher` also writes to `server_signature_keys`. * `StoreKeyFetcher` reads from `server_keys_json`. This results in `StoreKeyFetcher` now using the results from `ServerKeyFetcher` in addition to those from `PerspectivesKeyFetcher`, i.e. keys which are directly fetched from a server will now be pulled from the database instead of refetched. An additional minor change is included to avoid creating a `PerspectivesKeyFetcher` (and checking it) if no `trusted_key_servers` are configured. The overall impact of this should be better usage of cached results: * If a server has no trusted key servers configured then it should reduce how often keys are fetched. * if a server's trusted key server does not have a requested server's keys cached then it should reduce how often keys are directly fetched.
* Improve robustness when handling a perspective key response by deduplicating ↵reivilibre2023-04-131-2/+2
| | | | | | | | | | | | | | | received server keys. (#15423) * Change `store_server_verify_keys` to take a `Mapping[(str, str), FKR]` This is because we already can't handle duplicate keys — leads to cardinality violation * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Add final type hint to tests.unittest. (#15072)Patrick Cloke2023-02-141-11/+11
| | | | Adds a return type to HomeServerTestCase.make_homeserver and deal with any variables which are no longer Any.
* Add missing type hints to tests. (#14687)Patrick Cloke2022-12-282-54/+74
| | | Adds type hints to tests.metrics and tests.crypto.
* Stop using deprecated `keyIds` param on /key/v2/server (#14525)Richard van der Hoff2022-11-301-13/+1
| | | | Fixes #14523.
* Fix /key/v2/server calls with URL-unsafe key IDs (#14490)David Robertson2022-11-181-0/+12
| | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Remove direct refeferences to PyNaCl (use signedjson instead). (#12902)Jacek Kuśnierz2022-06-012-13/+6
|
* Fix typechecker problems exposed by signedjson 1.1.2 (#12326)David Robertson2022-03-291-3/+3
|
* Replace assertEquals and friends with non-deprecated versions. (#12092)Patrick Cloke2022-02-282-7/+7
|
* Remove `HomeServer.get_datastore()` (#12031)Richard van der Hoff2022-02-231-5/+5
| | | | | | | The presence of this method was confusing, and mostly present for backwards compatibility. Let's get rid of it. Part of #11733
* Deal with mypy errors w/ type-hinted pynacl 1.5.0 (#11714)David Robertson2022-01-101-1/+7
| | | | | | | | | | | | * Deal with mypy errors w/ type-hinted pynacl 1.5.0 Fixes #11644. I really don't like that we're monkey patching pynacl SignedKey instances with alg and version objects. But I'm too scared to make the changes necessary right now. (Ideally I would replace `signedjson.types.SingingKey` with a runtime class which wraps or inherits from `nacl.signing.SigningKey`.) C.f. https://github.com/matrix-org/python-signedjson/issues/16
* Fix perspectives requests for multiple keys for the same server (#11440)Richard van der Hoff2021-11-291-0/+71
| | | | | If we tried to request multiple keys for the same server, we would end up dropping some of those requests.
* Fix verification of objects signed with old local keys (#11379)Richard van der Hoff2021-11-191-3/+53
| | | | | | | Fixes a bug introduced in #11129: objects signed by the local server, but with keys other than the current one, could not be successfully verified. We need to check the key id in the signature, and track down the right key.
* Fetch verify key locally rather than trying to do so over federation if ↵Shay2021-10-281-0/+12
| | | | | | | | | | | | | | | | | | | | | | | origin and host are the same. (#11129) * add tests for fetching key locally * add logic to check if origin server is same as host and fetch verify key locally rather than over federation * add changelog * slight refactor, add docstring, change changelog entry * Make changelog entry one line * remove verify_json_locally and push locality check to process_request, add function process_request_locally * remove leftover code reference * refactor to add common call to 'verify_json and associated handling code * add type hint to process_json * add some docstrings + very slight refactor
* Rewrite the KeyRing (#10035)Erik Johnston2021-06-021-84/+86
|
* Remove redundant "coding: utf-8" lines (#9786)Jonathan de Jong2021-04-143-3/+0
| | | | | | | Part of #9744 Removes all redundant `# -*- coding: utf-8 -*-` lines from files, as python 3 automatically reads source code as utf-8 now. `Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>`
* Use mock from the stdlib. (#9772)Patrick Cloke2021-04-091-2/+1
|
* Record more information into structured logs. (#9654)Patrick Cloke2021-04-081-12/+11
| | | | Records additional request information into the structured logs, e.g. the requester, IP address, etc.
* Update black, and run auto formatting over the codebase (#9381)Eric Eastwood2021-02-161-2/+7
| | | | | | | - Update black version to the latest - Run black auto formatting over the codebase - Run autoformatting according to [`docs/code_style.md `](https://github.com/matrix-org/synapse/blob/80d6dc9783aa80886a133756028984dbf8920168/docs/code_style.md) - Update `code_style.md` docs around installing black to use the correct version
* Add type hints to the crypto module. (#8999)Patrick Cloke2021-01-041-5/+5
|
* Apply an IP range blacklist to push and key revocation requests. (#8821)Patrick Cloke2020-12-021-2/+4
| | | | | | | | | | | | Replaces the `federation_ip_range_blacklist` configuration setting with an `ip_range_blacklist` setting with wider scope. It now applies to: * Federation * Identity servers * Push notifications * Checking key validitity for third-party invite events The old `federation_ip_range_blacklist` setting is still honored if present, but with reduced scope (it only applies to federation and identity servers).
* Remove the deprecated Handlers object (#8494)Patrick Cloke2020-10-091-4/+2
| | | All handlers now available via get_*_handler() methods on the HomeServer.
* Create a mechanism for marking tests "logcontext clean" (#8399)Richard van der Hoff2020-09-281-0/+3
|
* Fix occasional "Re-starting finished log context" from keyring (#8398)Richard van der Hoff2020-09-251-64/+56
| | | | | | | | | | | | | | | * Fix test_verify_json_objects_for_server_awaits_previous_requests It turns out that this wasn't really testing what it thought it was testing (in particular, `check_context` was turning failures into success, which was making the tests pass even though it wasn't clear they should have been. It was also somewhat overcomplex - we can test what it was trying to test without mocking out perspectives servers. * Fix warnings about finished logcontexts in the keyring We need to make sure that we finish the key fetching magic before we run the verifying code, to ensure that we don't mess up our logcontexts.
* Stop sub-classing object (#8249)Patrick Cloke2020-09-041-1/+1
|
* Do not yield on awaitables in tests. (#8193)Patrick Cloke2020-08-271-2/+2
|
* Convert the crypto module to async/await. (#8003)Patrick Cloke2020-08-031-23/+16
|
* Convert federation client to async/await. (#7975)Patrick Cloke2020-07-301-7/+4
|
* Fix some spelling mistakes / typos. (#7811)Patrick Cloke2020-07-091-1/+1
|
* Clean up some LoggingContext stuff (#7120)Richard van der Hoff2020-03-241-4/+3
| | | | | | | | | | | | | | | | | | | | | | | * Pull Sentinel out of LoggingContext ... and drop a few unnecessary references to it * Factor out LoggingContext.current_context move `current_context` and `set_context` out to top-level functions. Mostly this means that I can more easily trace what's actually referring to LoggingContext, but I think it's generally neater. * move copy-to-parent into `stop` this really just makes `start` and `stop` more symetric. It also means that it behaves correctly if you manually `set_log_context` rather than using the context manager. * Replace `LoggingContext.alive` with `finished` Turn `alive` into `finished` and make it a bit better defined.
* Add a `make_event_from_dict` method (#6858)Richard van der Hoff2020-02-071-3/+3
| | | | | | | ... and use it in places where it's trivial to do so. This will make it easier to pass room versions into the FrozenEvent constructors.
* Pass room_version into add_hashes_and_signaturesRichard van der Hoff2020-01-301-2/+7
|
* Fix exception when fetching notary server's old keys (#6625)Richard van der Hoff2020-01-061-44/+95
| | | | | | Lift the restriction that *all* the keys used for signing v2 key responses be present in verify_keys. Fixes #6596.
* Review commentsErik Johnston2019-10-301-2/+2
|
* Replace returnValue with return (#5736)Amber Brown2019-07-231-3/+3
|
* Refactor Keyring._start_key_lookupsRichard van der Hoff2019-07-191-29/+0
| | | | | There's an awful lot of deferreds and dictionaries flying around here. The whole thing can be made much simpler and achieve the same effect.
* Move logging utilities out of the side drawer of util/ and into logging/ (#5606)Amber Brown2019-07-041-5/+8
|
* Run Black. (#5482)Amber Brown2019-06-201-23/+23
|
* Fix key verification when key stored with null valid_until_msErik Johnston2019-06-101-1/+49
| | | | | | | | | | Some keys are stored in the synapse database with a null valid_until_ms which caused an exception to be thrown when using that key. We fix this by treating nulls as zeroes, i.e. they keys will match verification requests with a minimum_valid_until_ms of zero (i.e. don't validate ts) but will not match requests with a non-zero minimum_valid_until_ms. Fixes #5391.
* Stop hardcoding trust of old matrix.org key (#5374)Richard van der Hoff2019-06-061-15/+28
| | | | | | | | | | | | | | | | | There are a few changes going on here: * We make checking the signature on a key server response optional: if no verify_keys are specified, we trust to TLS to validate the connection. * We change the default config so that it does not require responses to be signed by the old key. * We replace the old 'perspectives' config with 'trusted_key_servers', which is also formatted slightly differently. * We emit a warning to the logs every time we trust a key server response signed by the old key.
* Associate a request_name with each verify request, for loggingRichard van der Hoff2019-06-051-10/+8
| | | | | | | Also: * rename VerifyKeyRequest->VerifyJsonRequest * calculate key_ids on VerifyJsonRequest construction * refactor things to pass around VerifyJsonRequests instead of 4-tuples
* Don't bomb out on direct key fetches as soon as one failsRichard van der Hoff2019-06-041-7/+5
|
* Enforce validity period on server_keys for fed requests. (#5321)Richard van der Hoff2019-06-031-27/+108
| | | | | | | | When handling incoming federation requests, make sure that we have an up-to-date copy of the signing key. We do not yet enforce the validity period for event signatures.
* Merge pull request #5251 from matrix-org/rav/server_keys/01-check_sigRichard van der Hoff2019-05-281-9/+75
|\ | | | | Ensure that server_keys fetched via a notary server are correctly signed.
| * Require sig from origin server on perspectives responsesRichard van der Hoff2019-05-231-9/+75
| |
* | Simplification to Keyring.wait_for_previous_lookups. (#5250)Richard van der Hoff2019-05-241-2/+2
|/ | | | | | The list of server names was redundant, since it was equivalent to the keys on the server_to_deferred map. This reduces the number of large lists being passed around, and has the benefit of deduplicating the entries in `wait_on`.
* Factor out KeyFetchers from KeyRingRichard van der Hoff2019-05-231-6/+28
| | | | | | | Rather than have three methods which have to have the same interface, factor out a separate interface which is provided by three implementations. I find it easier to grok the code this way.
* Store key validity time in the storage layerRichard van der Hoff2019-05-231-8/+14
| | | | | | | | This is a first step to checking that the key is valid at the required moment. The idea here is that, rather than passing VerifyKey objects in and out of the storage layer, we instead pass FetchKeyResult objects, which simply wrap the VerifyKey and add a valid_until_ts field.
* Rewrite store_server_verify_key to store several keys at once (#5234)Richard van der Hoff2019-05-231-2/+12
| | | | | Storing server keys hammered the database a bit. This replaces the implementation which stored a single key, with one which can do many updates at once.
* Run Black on the tests again (#5170)Amber Brown2019-05-101-1/+2
|
* Remove periods from copyright headers (#5046)Andrew Morgan2019-04-111-1/+1
|
* Fix from_server buglet in get_keys_from_perspectivesRichard van der Hoff2019-04-081-0/+1
| | | | | make sure we store the name of the server the keys came from, rather than the origin server, after doing a fetch-from-perspectives.
* test for get_keys_from_perspectivesRichard van der Hoff2019-04-041-0/+67
|
* add a test for get_keys_from_serverRichard van der Hoff2019-04-041-0/+63
|
* Rewrite KeyringTestCase as a HomeServerTestCase (#4986)Richard van der Hoff2019-04-031-107/+104
| | | | | This is a bit fiddly due to the keyring doing weird things with logcontexts.
* Make add_hashes_and_signatures operate on dictsErik Johnston2019-01-291-30/+26
|
* Check logcontexts before and after each test (#4190)Richard van der Hoff2018-11-271-6/+12
| | | | | | | | | | | | * Add better diagnostics to flakey keyring test * fix interpolation fail * Check logcontexts before and after each test * update changelog * update changelog
* Run tests under PostgreSQL (#3423)Amber Brown2018-08-131-4/+2
|
* fix up a forced long lineAmber Brown2018-08-111-1/+2
|
* Run black.black2018-08-102-43/+22
|
* run isortAmber Brown2018-07-092-9/+11
|
* Pass around the reactor explicitly (#3385)Amber Brown2018-06-221-4/+5
|
* Make tests py3 compatibleAdrian Tschira2018-04-161-1/+1
| | | | | | | | | | | This is a mixed commit that fixes various small issues * print parentheses * 01 is invalid syntax (it was octal in py2) * [x for i in 1, 2] is invalid syntax * six moves Signed-off-by: Adrian Tschira <nota@notafile.com>
* Create dbpool as normal in testsRichard van der Hoff2018-01-271-2/+2
| | | | | | | | ... instead of creating our own special SQLiteMemoryDbPool, whose purpose was a bit of a mystery. For some reason this makes one of the tests run slightly slower, so bump the sleep(). Sorry.
* Optimise LoggingContext creation and copyingRichard van der Hoff2018-01-161-7/+7
| | | | | | | | It turns out that the only thing we use the __dict__ of LoggingContext for is `request`, and given we create lots of LoggingContexts and then copy them every time we do a db transaction or log line, using the __dict__ seems a bit redundant. Let's try to optimise things by making the request attribute explicit.
* Add some more tests for KeyringRichard van der Hoff2017-09-201-37/+140
|
* Fix concurrent server_key requests (#2458)Richard van der Hoff2017-09-191-3/+55
| | | | Fix a bug where we could end up firing off multiple requests for server_keys for the same server at the same time.
* Clean up and document handling of logcontexts in Keyring (#2452)Richard van der Hoff2017-09-181-0/+74
| | | | | | I'm still unclear on what the intended behaviour for `verify_json_objects_for_server` is, but at least I now understand the behaviour of most of the things it calls...
* Fix flake8 warnings for testsMark Haines2016-02-191-1/+0
|
* copyrightsMatthew Hodgson2016-01-072-2/+2
|
* Invoke EventBuilder directly instead of going via the EventBuilderFactoryPaul "LeoNerd" Evans2015-10-191-35/+3
|
* Capture __init__.pyPaul "LeoNerd" Evans2015-10-191-0/+15
|
* Use assertIn() instead of assertTrue on the 'in' operatorPaul "LeoNerd" Evans2015-10-191-6/+6
|
* Another signing test vector using an 'm.room.message' with content, so that ↵Paul "LeoNerd" Evans2015-10-191-1/+49
| | | | the implementation will have to redact it
* Initial minimial hack at a test of event hashing and signingPaul "LeoNerd" Evans2015-10-191-0/+98