Add signing host and keyname to signatures

2024-10-01 08:25:44 -04:00 · 2015-10-16 15:07:56 +01:00 · 2015-10-16 15:07:56 +01:00 · c225d63e9e
commit c225d63e9e
parent b8dd5b1a2d
2 changed files with 10 additions and 6 deletions
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@ -416,11 +416,15 @@ class Auth(object):
                    key_validity_url
                )
                return False
-            verify_key = nacl.signing.VerifyKey(decode_base64(public_key))
-            encoded_signature = join_third_party_invite["signature"]
-            signature = decode_base64(encoded_signature)
-            verify_key.verify(token, signature)
-            return True
+            for _, signature_block in join_third_party_invite["signatures"].items():
+                for key_name, encoded_signature in signature_block.items():
+                    if not key_name.startswith("ed25519:"):
+                        return False
+                    verify_key = nacl.signing.VerifyKey(decode_base64(public_key))
+                    signature = decode_base64(encoded_signature)
+                    verify_key.verify(token, signature)
+                    return True
+            return False
        except (KeyError, BadSignatureError,):
            return False

--- a/synapse/util/third_party_invites.py
+++ b/synapse/util/third_party_invites.py
@ -23,7 +23,7 @@ JOIN_KEYS = {
    "token",
    "public_key",
    "key_validity_url",
-    "signature",
+    "signatures",
    "sender",
 }