forked-synapse/tests/crypto/test_event_signing.py

#
# This file is licensed under the Affero General Public License (AGPL) version 3.
#
# Copyright 2015, 2016 OpenMarket Ltd
# Copyright (C) 2023 New Vector, Ltd
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# See the GNU Affero General Public License for more details:
# <https://www.gnu.org/licenses/agpl-3.0.html>.
#
# Originally licensed under the Apache License, Version 2.0:
# <http://www.apache.org/licenses/LICENSE-2.0>.
#
# [This file includes modifications made by New Vector Limited]
#
#

from signedjson.key import decode_signing_key_base64
from signedjson.types import SigningKey

from synapse.api.room_versions import RoomVersions
from synapse.crypto.event_signing import add_hashes_and_signatures
from synapse.events import make_event_from_dict

from tests import unittest

# Perform these tests using given secret key so we get entirely deterministic
# signatures output that we can test against.
SIGNING_KEY_SEED = "YJDBA9Xnr2sVqXD9Vj7XVUnmFZcZrlw8Md7kMW+3XA1"

KEY_ALG = "ed25519"
KEY_VER = "1"
KEY_NAME = "%s:%s" % (KEY_ALG, KEY_VER)

HOSTNAME = "domain"


class EventSigningTestCase(unittest.TestCase):
    def setUp(self) -> None:
        self.signing_key: SigningKey = decode_signing_key_base64(
            KEY_ALG, KEY_VER, SIGNING_KEY_SEED
        )

    def test_sign_minimal(self) -> None:
        event_dict = {
            "event_id": "$0:domain",
            "origin": "domain",
            "origin_server_ts": 1000000,
            "signatures": {},
            "type": "X",
            "unsigned": {"age_ts": 1000000},
        }

        add_hashes_and_signatures(
            RoomVersions.V1, event_dict, HOSTNAME, self.signing_key
        )

        event = make_event_from_dict(event_dict)

        self.assertTrue(hasattr(event, "hashes"))
        self.assertIn("sha256", event.hashes)
        self.assertEqual(
            event.hashes["sha256"], "6tJjLpXtggfke8UxFhAKg82QVkJzvKOVOOSjUDK4ZSI"
        )

        self.assertTrue(hasattr(event, "signatures"))
        self.assertIn(HOSTNAME, event.signatures)
        self.assertIn(KEY_NAME, event.signatures["domain"])
        self.assertEqual(
            event.signatures[HOSTNAME][KEY_NAME],
            "2Wptgo4CwmLo/Y8B8qinxApKaCkBG2fjTWB7AbP5Uy+"
            "aIbygsSdLOFzvdDjww8zUVKCmI02eP9xtyJxc/cLiBA",
        )

    def test_sign_message(self) -> None:
        event_dict = {
            "content": {"body": "Here is the message content"},
            "event_id": "$0:domain",
            "origin": "domain",
            "origin_server_ts": 1000000,
            "type": "m.room.message",
            "room_id": "!r:domain",
            "sender": "@u:domain",
            "signatures": {},
            "unsigned": {"age_ts": 1000000},
        }

        add_hashes_and_signatures(
            RoomVersions.V1, event_dict, HOSTNAME, self.signing_key
        )

        event = make_event_from_dict(event_dict)

        self.assertTrue(hasattr(event, "hashes"))
        self.assertIn("sha256", event.hashes)
        self.assertEqual(
            event.hashes["sha256"], "onLKD1bGljeBWQhWZ1kaP9SorVmRQNdN5aM2JYU2n/g"
        )

        self.assertTrue(hasattr(event, "signatures"))
        self.assertIn(HOSTNAME, event.signatures)
        self.assertIn(KEY_NAME, event.signatures["domain"])
        self.assertEqual(
            event.signatures[HOSTNAME][KEY_NAME],
            "Wm+VzmOUOz08Ds+0NTWb1d4CZrVsJSikkeRxh6aCcUw"
            "u6pNC78FunoD7KNWzqFn241eYHYMGCA5McEiVPdhzBA",
        )
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00			`#`
Update license headers 2023-11-21 15:29:58 -05:00			`# This file is licensed under the Affero General Public License (AGPL) version 3.`
			`#`
Correctly mention previous copyright (#16820) During the migration the automated script to update the copyright headers accidentally got rid of some of the existing copyright lines. Reinstate them. 2024-01-23 06:26:48 -05:00			`# Copyright 2015, 2016 OpenMarket Ltd`
Update license headers 2023-11-21 15:29:58 -05:00			`# Copyright (C) 2023 New Vector, Ltd`
			`#`
			`# This program is free software: you can redistribute it and/or modify`
			`# it under the terms of the GNU Affero General Public License as`
			`# published by the Free Software Foundation, either version 3 of the`
			`# License, or (at your option) any later version.`
			`#`
			`# See the GNU Affero General Public License for more details:`
			`# <https://www.gnu.org/licenses/agpl-3.0.html>.`
			`#`
			`# Originally licensed under the Apache License, Version 2.0:`
			`# <http://www.apache.org/licenses/LICENSE-2.0>.`
			`#`
			`# [This file includes modifications made by New Vector Limited]`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00			`#`
			`#`

Remove direct refeferences to PyNaCl (use signedjson instead). (#12902) 2022-06-01 07:32:35 -04:00			`from signedjson.key import decode_signing_key_base64`
			`from signedjson.types import SigningKey`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00
Pass room_version into add_hashes_and_signatures 2020-01-29 12:40:33 -05:00			`from synapse.api.room_versions import RoomVersions`
run isort 2018-07-09 02:09:20 -04:00			`from synapse.crypto.event_signing import add_hashes_and_signatures`
Add a `make_event_from_dict` method (#6858) ... and use it in places where it's trivial to do so. This will make it easier to pass room versions into the FrozenEvent constructors. 2020-02-07 10:30:04 -05:00			`from synapse.events import make_event_from_dict`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00
run isort 2018-07-09 02:09:20 -04:00			`from tests import unittest`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00
			`# Perform these tests using given secret key so we get entirely deterministic`
			`# signatures output that we can test against.`
Remove direct refeferences to PyNaCl (use signedjson instead). (#12902) 2022-06-01 07:32:35 -04:00			`SIGNING_KEY_SEED = "YJDBA9Xnr2sVqXD9Vj7XVUnmFZcZrlw8Md7kMW+3XA1"`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00
			`KEY_ALG = "ed25519"`
Fix typechecker problems exposed by signedjson 1.1.2 (#12326) 2022-03-29 17:37:50 -04:00			`KEY_VER = "1"`
			`KEY_NAME = "%s:%s" % (KEY_ALG, KEY_VER)`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00
			`HOSTNAME = "domain"`


			`class EventSigningTestCase(unittest.TestCase):`
Add missing type hints to tests. (#14687) Adds type hints to tests.metrics and tests.crypto. 2022-12-28 08:29:35 -05:00			`def setUp(self) -> None:`
Remove direct refeferences to PyNaCl (use signedjson instead). (#12902) 2022-06-01 07:32:35 -04:00			`self.signing_key: SigningKey = decode_signing_key_base64(`
			`KEY_ALG, KEY_VER, SIGNING_KEY_SEED`
Deal with mypy errors w/ type-hinted pynacl 1.5.0 (#11714) * Deal with mypy errors w/ type-hinted pynacl 1.5.0 Fixes #11644. I really don't like that we're monkey patching pynacl SignedKey instances with alg and version objects. But I'm too scared to make the changes necessary right now. (Ideally I would replace `signedjson.types.SingingKey` with a runtime class which wraps or inherits from `nacl.signing.SigningKey`.) C.f. https://github.com/matrix-org/python-signedjson/issues/16 2022-01-10 08:40:46 -05:00			`)`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00
Add missing type hints to tests. (#14687) Adds type hints to tests.metrics and tests.crypto. 2022-12-28 08:29:35 -05:00			`def test_sign_minimal(self) -> None:`
Make add_hashes_and_signatures operate on dicts 2019-01-25 12:17:38 -05:00			`event_dict = {`
			`"event_id": "$0:domain",`
			`"origin": "domain",`
			`"origin_server_ts": 1000000,`
			`"signatures": {},`
			`"type": "X",`
			`"unsigned": {"age_ts": 1000000},`
			`}`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00
Pass room_version into add_hashes_and_signatures 2020-01-29 12:40:33 -05:00			`add_hashes_and_signatures(`
			`RoomVersions.V1, event_dict, HOSTNAME, self.signing_key`
			`)`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00
Add a `make_event_from_dict` method (#6858) ... and use it in places where it's trivial to do so. This will make it easier to pass room versions into the FrozenEvent constructors. 2020-02-07 10:30:04 -05:00			`event = make_event_from_dict(event_dict)`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00
			`self.assertTrue(hasattr(event, "hashes"))`
Use assertIn() instead of assertTrue on the 'in' operator 2015-10-19 10:24:49 -04:00			`self.assertIn("sha256", event.hashes)`
Replace assertEquals and friends with non-deprecated versions. (#12092) 2022-02-28 07:12:29 -05:00			`self.assertEqual(`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00			`event.hashes["sha256"], "6tJjLpXtggfke8UxFhAKg82QVkJzvKOVOOSjUDK4ZSI"`
			`)`

			`self.assertTrue(hasattr(event, "signatures"))`
Use assertIn() instead of assertTrue on the 'in' operator 2015-10-19 10:24:49 -04:00			`self.assertIn(HOSTNAME, event.signatures)`
			`self.assertIn(KEY_NAME, event.signatures["domain"])`
Replace assertEquals and friends with non-deprecated versions. (#12092) 2022-02-28 07:12:29 -05:00			`self.assertEqual(`
Initial minimial hack at a test of event hashing and signing 2015-10-19 09:40:15 -04:00			`event.signatures[HOSTNAME][KEY_NAME],`
			`"2Wptgo4CwmLo/Y8B8qinxApKaCkBG2fjTWB7AbP5Uy+"`
			`"aIbygsSdLOFzvdDjww8zUVKCmI02eP9xtyJxc/cLiBA",`
			`)`
Another signing test vector using an 'm.room.message' with content, so that the implementation will have to redact it 2015-10-19 10:00:52 -04:00
Add missing type hints to tests. (#14687) Adds type hints to tests.metrics and tests.crypto. 2022-12-28 08:29:35 -05:00			`def test_sign_message(self) -> None:`
Make add_hashes_and_signatures operate on dicts 2019-01-25 12:17:38 -05:00			`event_dict = {`
			`"content": {"body": "Here is the message content"},`
			`"event_id": "$0:domain",`
			`"origin": "domain",`
			`"origin_server_ts": 1000000,`
			`"type": "m.room.message",`
			`"room_id": "!r:domain",`
			`"sender": "@u:domain",`
			`"signatures": {},`
			`"unsigned": {"age_ts": 1000000},`
			`}`

Pass room_version into add_hashes_and_signatures 2020-01-29 12:40:33 -05:00			`add_hashes_and_signatures(`
			`RoomVersions.V1, event_dict, HOSTNAME, self.signing_key`
			`)`
Make add_hashes_and_signatures operate on dicts 2019-01-25 12:17:38 -05:00
Add a `make_event_from_dict` method (#6858) ... and use it in places where it's trivial to do so. This will make it easier to pass room versions into the FrozenEvent constructors. 2020-02-07 10:30:04 -05:00			`event = make_event_from_dict(event_dict)`
Another signing test vector using an 'm.room.message' with content, so that the implementation will have to redact it 2015-10-19 10:00:52 -04:00
			`self.assertTrue(hasattr(event, "hashes"))`
Use assertIn() instead of assertTrue on the 'in' operator 2015-10-19 10:24:49 -04:00			`self.assertIn("sha256", event.hashes)`
Replace assertEquals and friends with non-deprecated versions. (#12092) 2022-02-28 07:12:29 -05:00			`self.assertEqual(`
Another signing test vector using an 'm.room.message' with content, so that the implementation will have to redact it 2015-10-19 10:00:52 -04:00			`event.hashes["sha256"], "onLKD1bGljeBWQhWZ1kaP9SorVmRQNdN5aM2JYU2n/g"`
			`)`

			`self.assertTrue(hasattr(event, "signatures"))`
Use assertIn() instead of assertTrue on the 'in' operator 2015-10-19 10:24:49 -04:00			`self.assertIn(HOSTNAME, event.signatures)`
			`self.assertIn(KEY_NAME, event.signatures["domain"])`
Replace assertEquals and friends with non-deprecated versions. (#12092) 2022-02-28 07:12:29 -05:00			`self.assertEqual(`
Another signing test vector using an 'm.room.message' with content, so that the implementation will have to redact it 2015-10-19 10:00:52 -04:00			`event.signatures[HOSTNAME][KEY_NAME],`
			`"Wm+VzmOUOz08Ds+0NTWb1d4CZrVsJSikkeRxh6aCcUw"`
			`"u6pNC78FunoD7KNWzqFn241eYHYMGCA5McEiVPdhzBA",`
			`)`