Merge pull request #6806 from matrix-org/rav/redact_changes/3

Pass room_version into add_hashes_and_signatures
This commit is contained in:
Richard van der Hoff 2020-01-31 10:57:03 +00:00 committed by GitHub
commit a5afdd15e5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 49 additions and 41 deletions

1
changelog.d/6806.misc Normal file
View File

@ -0,0 +1 @@
Refactoring work in preparation for changing the event redaction algorithm.

View File

@ -20,10 +20,13 @@ import logging
from canonicaljson import encode_canonical_json from canonicaljson import encode_canonical_json
from signedjson.sign import sign_json from signedjson.sign import sign_json
from signedjson.types import SigningKey
from unpaddedbase64 import decode_base64, encode_base64 from unpaddedbase64 import decode_base64, encode_base64
from synapse.api.errors import Codes, SynapseError from synapse.api.errors import Codes, SynapseError
from synapse.api.room_versions import RoomVersion
from synapse.events.utils import prune_event, prune_event_dict from synapse.events.utils import prune_event, prune_event_dict
from synapse.types import JsonDict
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -137,20 +140,23 @@ def compute_event_signature(event_dict, signature_name, signing_key):
def add_hashes_and_signatures( def add_hashes_and_signatures(
event_dict, signature_name, signing_key, hash_algorithm=hashlib.sha256 room_version: RoomVersion,
event_dict: JsonDict,
signature_name: str,
signing_key: SigningKey,
): ):
"""Add content hash and sign the event """Add content hash and sign the event
Args: Args:
event_dict (dict): The event to add hashes to and sign room_version: the version of the room this event is in
signature_name (str): The name of the entity signing the event
event_dict: The event to add hashes to and sign
signature_name: The name of the entity signing the event
(typically the server's hostname). (typically the server's hostname).
signing_key (syutil.crypto.SigningKey): The key to sign with signing_key: The key to sign with
hash_algorithm: A hasher from `hashlib`, e.g. hashlib.sha256, to use
to hash the event
""" """
name, digest = compute_content_hash(event_dict, hash_algorithm=hash_algorithm) name, digest = compute_content_hash(event_dict, hash_algorithm=hashlib.sha256)
event_dict.setdefault("hashes", {})[name] = encode_base64(digest) event_dict.setdefault("hashes", {})[name] = encode_base64(digest)

View File

@ -12,8 +12,10 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
from typing import Optional
import attr import attr
from nacl.signing import SigningKey
from twisted.internet import defer from twisted.internet import defer
@ -23,13 +25,18 @@ from synapse.api.room_versions import (
KNOWN_EVENT_FORMAT_VERSIONS, KNOWN_EVENT_FORMAT_VERSIONS,
KNOWN_ROOM_VERSIONS, KNOWN_ROOM_VERSIONS,
EventFormatVersions, EventFormatVersions,
RoomVersion,
) )
from synapse.crypto.event_signing import add_hashes_and_signatures from synapse.crypto.event_signing import add_hashes_and_signatures
from synapse.types import EventID from synapse.events import (
EventBase,
_EventInternalMetadata,
event_type_from_format_version,
)
from synapse.types import EventID, JsonDict
from synapse.util import Clock
from synapse.util.stringutils import random_string from synapse.util.stringutils import random_string
from . import _EventInternalMetadata, event_type_from_format_version
@attr.s(slots=True, cmp=False, frozen=True) @attr.s(slots=True, cmp=False, frozen=True)
class EventBuilder(object): class EventBuilder(object):
@ -40,7 +47,7 @@ class EventBuilder(object):
content/unsigned/internal_metadata fields are still mutable) content/unsigned/internal_metadata fields are still mutable)
Attributes: Attributes:
format_version (int): Event format version room_version: Version of the target room
room_id (str) room_id (str)
type (str) type (str)
sender (str) sender (str)
@ -63,7 +70,7 @@ class EventBuilder(object):
_hostname = attr.ib() _hostname = attr.ib()
_signing_key = attr.ib() _signing_key = attr.ib()
format_version = attr.ib() room_version = attr.ib(type=RoomVersion)
room_id = attr.ib() room_id = attr.ib()
type = attr.ib() type = attr.ib()
@ -108,7 +115,8 @@ class EventBuilder(object):
) )
auth_ids = yield self._auth.compute_auth_events(self, state_ids) auth_ids = yield self._auth.compute_auth_events(self, state_ids)
if self.format_version == EventFormatVersions.V1: format_version = self.room_version.event_format
if format_version == EventFormatVersions.V1:
auth_events = yield self._store.add_event_hashes(auth_ids) auth_events = yield self._store.add_event_hashes(auth_ids)
prev_events = yield self._store.add_event_hashes(prev_event_ids) prev_events = yield self._store.add_event_hashes(prev_event_ids)
else: else:
@ -148,7 +156,7 @@ class EventBuilder(object):
clock=self._clock, clock=self._clock,
hostname=self._hostname, hostname=self._hostname,
signing_key=self._signing_key, signing_key=self._signing_key,
format_version=self.format_version, room_version=self.room_version,
event_dict=event_dict, event_dict=event_dict,
internal_metadata_dict=self.internal_metadata.get_dict(), internal_metadata_dict=self.internal_metadata.get_dict(),
) )
@ -201,7 +209,7 @@ class EventBuilderFactory(object):
clock=self.clock, clock=self.clock,
hostname=self.hostname, hostname=self.hostname,
signing_key=self.signing_key, signing_key=self.signing_key,
format_version=room_version.event_format, room_version=room_version,
type=key_values["type"], type=key_values["type"],
state_key=key_values.get("state_key"), state_key=key_values.get("state_key"),
room_id=key_values["room_id"], room_id=key_values["room_id"],
@ -214,29 +222,19 @@ class EventBuilderFactory(object):
def create_local_event_from_event_dict( def create_local_event_from_event_dict(
clock, clock: Clock,
hostname, hostname: str,
signing_key, signing_key: SigningKey,
format_version, room_version: RoomVersion,
event_dict, event_dict: JsonDict,
internal_metadata_dict=None, internal_metadata_dict: Optional[JsonDict] = None,
): ) -> EventBase:
"""Takes a fully formed event dict, ensuring that fields like `origin` """Takes a fully formed event dict, ensuring that fields like `origin`
and `origin_server_ts` have correct values for a locally produced event, and `origin_server_ts` have correct values for a locally produced event,
then signs and hashes it. then signs and hashes it.
Args:
clock (Clock)
hostname (str)
signing_key
format_version (int)
event_dict (dict)
internal_metadata_dict (dict|None)
Returns:
FrozenEvent
""" """
format_version = room_version.event_format
if format_version not in KNOWN_EVENT_FORMAT_VERSIONS: if format_version not in KNOWN_EVENT_FORMAT_VERSIONS:
raise Exception("No event format defined for version %r" % (format_version,)) raise Exception("No event format defined for version %r" % (format_version,))
@ -257,7 +255,7 @@ def create_local_event_from_event_dict(
event_dict.setdefault("signatures", {}) event_dict.setdefault("signatures", {})
add_hashes_and_signatures(event_dict, hostname, signing_key) add_hashes_and_signatures(room_version, event_dict, hostname, signing_key)
return event_type_from_format_version(format_version)( return event_type_from_format_version(format_version)(
event_dict, internal_metadata_dict=internal_metadata_dict event_dict, internal_metadata_dict=internal_metadata_dict
) )

View File

@ -470,8 +470,6 @@ class FederationClient(FederationBase):
if not room_version: if not room_version:
raise UnsupportedRoomVersionError() raise UnsupportedRoomVersionError()
event_format = room_version_to_event_format(room_version_id)
pdu_dict = ret.get("event", None) pdu_dict = ret.get("event", None)
if not isinstance(pdu_dict, dict): if not isinstance(pdu_dict, dict):
raise InvalidResponseError("Bad 'event' field in response") raise InvalidResponseError("Bad 'event' field in response")
@ -490,7 +488,7 @@ class FederationClient(FederationBase):
self._clock, self._clock,
self.hostname, self.hostname,
self.signing_key, self.signing_key,
format_version=event_format, room_version=room_version,
event_dict=pdu_dict, event_dict=pdu_dict,
) )

View File

@ -17,6 +17,7 @@
import nacl.signing import nacl.signing
from unpaddedbase64 import decode_base64 from unpaddedbase64 import decode_base64
from synapse.api.room_versions import RoomVersions
from synapse.crypto.event_signing import add_hashes_and_signatures from synapse.crypto.event_signing import add_hashes_and_signatures
from synapse.events import FrozenEvent from synapse.events import FrozenEvent
@ -49,7 +50,9 @@ class EventSigningTestCase(unittest.TestCase):
"unsigned": {"age_ts": 1000000}, "unsigned": {"age_ts": 1000000},
} }
add_hashes_and_signatures(event_dict, HOSTNAME, self.signing_key) add_hashes_and_signatures(
RoomVersions.V1, event_dict, HOSTNAME, self.signing_key
)
event = FrozenEvent(event_dict) event = FrozenEvent(event_dict)
@ -81,7 +84,9 @@ class EventSigningTestCase(unittest.TestCase):
"unsigned": {"age_ts": 1000000}, "unsigned": {"age_ts": 1000000},
} }
add_hashes_and_signatures(event_dict, HOSTNAME, self.signing_key) add_hashes_and_signatures(
RoomVersions.V1, event_dict, HOSTNAME, self.signing_key
)
event = FrozenEvent(event_dict) event = FrozenEvent(event_dict)

View File

@ -19,7 +19,7 @@ from mock import Mock, call
from signedjson.key import generate_signing_key from signedjson.key import generate_signing_key
from synapse.api.constants import EventTypes, Membership, PresenceState from synapse.api.constants import EventTypes, Membership, PresenceState
from synapse.events import room_version_to_event_format from synapse.api.room_versions import KNOWN_ROOM_VERSIONS
from synapse.events.builder import EventBuilder from synapse.events.builder import EventBuilder
from synapse.handlers.presence import ( from synapse.handlers.presence import (
EXTERNAL_PROCESS_EXPIRY, EXTERNAL_PROCESS_EXPIRY,
@ -597,7 +597,7 @@ class PresenceJoinTestCase(unittest.HomeserverTestCase):
clock=self.clock, clock=self.clock,
hostname=hostname, hostname=hostname,
signing_key=self.random_signing_key, signing_key=self.random_signing_key,
format_version=room_version_to_event_format(room_version), room_version=KNOWN_ROOM_VERSIONS[room_version],
room_id=room_id, room_id=room_id,
type=EventTypes.Member, type=EventTypes.Member,
sender=user_id, sender=user_id,