Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-08-05 13:34:30 -04:00
Code Issues Projects Releases Packages Wiki Activity

Add config option for keys to use to sign keys

Browse source 
This allows servers to separate keys that are used to sign remote keys
when acting as a notary server.
This commit is contained in:
Erik Johnston 2019-08-20 15:27:08 +01:00
parent 72bc285669
commit 5906be8589
3 changed files with 46 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

12
synapse/crypto/keyring.py
View file

@ -540,11 +540,13 @@ class BaseV2KeyFetcher(object):
verify_key=verify_key, valid_until_ts=key_data["expired_ts"]
)
# re-sign the json with our own key, so that it is ready if we are asked to
# give it out as a notary server
signed_key_json = sign_json(
response_json, self.config.server_name, self.config.signing_key[0]
)
# re-sign the json with our own keys, so that it is ready if we are
# asked to give it out as a notary server
signed_key_json = response_json
for signing_key in self.config.key_server_signing_keys:
signed_key_json = sign_json(
signed_key_json, self.config.server_name, signing_key
)
signed_key_json_bytes = encode_canonical_json(signed_key_json)