`scripts-dev/sign_json`: support for signing events (#11486)
This commit is contained in:
parent
a6f1a3abec
commit
f61462e1be
|
@ -0,0 +1 @@
|
||||||
|
Extend the `scripts-dev/sign_json` script to support signing events.
|
|
@ -15,6 +15,25 @@
|
||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
|
|
||||||
|
"""
|
||||||
|
Script for signing and sending federation requests.
|
||||||
|
|
||||||
|
Some tips on doing the join dance with this:
|
||||||
|
|
||||||
|
room_id=...
|
||||||
|
user_id=...
|
||||||
|
|
||||||
|
# make_join
|
||||||
|
federation_client.py "/_matrix/federation/v1/make_join/$room_id/$user_id?ver=5" > make_join.json
|
||||||
|
|
||||||
|
# sign
|
||||||
|
jq -M .event make_join.json | sign_json --sign-event-room-version=$(jq -r .room_version make_join.json) -o signed-join.json
|
||||||
|
|
||||||
|
# send_join
|
||||||
|
federation_client.py -X PUT "/_matrix/federation/v2/send_join/$room_id/x" --body $(<signed-join.json) > send_join.json
|
||||||
|
"""
|
||||||
|
|
||||||
import argparse
|
import argparse
|
||||||
import base64
|
import base64
|
||||||
import json
|
import json
|
||||||
|
|
|
@ -22,6 +22,8 @@ import yaml
|
||||||
from signedjson.key import read_signing_keys
|
from signedjson.key import read_signing_keys
|
||||||
from signedjson.sign import sign_json
|
from signedjson.sign import sign_json
|
||||||
|
|
||||||
|
from synapse.api.room_versions import KNOWN_ROOM_VERSIONS
|
||||||
|
from synapse.crypto.event_signing import add_hashes_and_signatures
|
||||||
from synapse.util import json_encoder
|
from synapse.util import json_encoder
|
||||||
|
|
||||||
|
|
||||||
|
@ -68,6 +70,16 @@ Example usage:
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
parser.add_argument(
|
||||||
|
"--sign-event-room-version",
|
||||||
|
type=str,
|
||||||
|
help=(
|
||||||
|
"Sign the JSON as an event for the given room version, rather than raw JSON. "
|
||||||
|
"This means that we will add a 'hashes' object, and redact the event before "
|
||||||
|
"signing."
|
||||||
|
),
|
||||||
|
)
|
||||||
|
|
||||||
input_args = parser.add_mutually_exclusive_group()
|
input_args = parser.add_mutually_exclusive_group()
|
||||||
|
|
||||||
input_args.add_argument("input_data", nargs="?", help="Raw JSON to be signed.")
|
input_args.add_argument("input_data", nargs="?", help="Raw JSON to be signed.")
|
||||||
|
@ -116,7 +128,17 @@ Example usage:
|
||||||
print("Input json was not an object", file=sys.stderr)
|
print("Input json was not an object", file=sys.stderr)
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
|
if args.sign_event_room_version:
|
||||||
|
room_version = KNOWN_ROOM_VERSIONS.get(args.sign_event_room_version)
|
||||||
|
if not room_version:
|
||||||
|
print(
|
||||||
|
f"Unknown room version {args.sign_event_room_version}", file=sys.stderr
|
||||||
|
)
|
||||||
|
sys.exit(1)
|
||||||
|
add_hashes_and_signatures(room_version, obj, args.server_name, keys[0])
|
||||||
|
else:
|
||||||
sign_json(obj, args.server_name, keys[0])
|
sign_json(obj, args.server_name, keys[0])
|
||||||
|
|
||||||
for c in json_encoder.iterencode(obj):
|
for c in json_encoder.iterencode(obj):
|
||||||
args.output.write(c)
|
args.output.write(c)
|
||||||
args.output.write("\n")
|
args.output.write("\n")
|
||||||
|
|
Loading…
Reference in New Issue