diff --git a/changelog.d/4970.feature b/changelog.d/4970.feature new file mode 100644 index 000000000000..3374ae51fe7f --- /dev/null +++ b/changelog.d/4970.feature @@ -0,0 +1 @@ +Add support for cross-signing. diff --git a/synapse/handlers/e2e_keys.py b/synapse/handlers/e2e_keys.py index 90118ddf748b..ca33a654a33e 100644 --- a/synapse/handlers/e2e_keys.py +++ b/synapse/handlers/e2e_keys.py @@ -19,22 +19,24 @@ from six import iteritems from canonicaljson import encode_canonical_json, json - -from twisted.internet import defer - from signedjson.key import decode_verify_key_bytes, encode_verify_key_base64 from signedjson.sign import SignatureVerifyException, verify_signed_json +from unpaddedbase64 import decode_base64 -from synapse.api.errors import Codes, CodeMessageException, FederationDeniedError, \ - SynapseError +from twisted.internet import defer + +from synapse.api.errors import ( + CodeMessageException, + Codes, + FederationDeniedError, + SynapseError, +) from synapse.types import UserID, get_domain_from_id from synapse.util.async_helpers import Linearizer from synapse.util.caches.expiringcache import ExpiringCache from synapse.util.logcontext import make_deferred_yieldable, run_in_background from synapse.util.retryutils import NotRetryingDestination -from unpaddedbase64 import decode_base64 - logger = logging.getLogger(__name__) @@ -199,7 +201,7 @@ def get_self_signing_key(user_id): try: self_signing_keys[user_id] = \ yield self.store.get_e2e_self_signing_key(user_id, from_user_id) - except Exception as e: + except Exception: pass yield make_deferred_yieldable(defer.gatherResults([ @@ -465,7 +467,7 @@ def upload_signing_keys_for_user(self, user_id, keys): ) try: verify_signed_json(self_signing_key, user_id, old_verify_key) - except SignatureVerifyException as e: + except SignatureVerifyException: raise SynapseError( 400, "Invalid signature on self-signing key", @@ -499,7 +501,7 @@ def upload_signing_keys_for_user(self, user_id, keys): ) try: verify_signed_json(user_signing_key, user_id, verify_key) - except SignatureVerifyException as e: + except SignatureVerifyException: raise SynapseError( 400, "Invalid signature on user-signing key", @@ -614,7 +616,7 @@ def upload_signatures_for_device_keys(self, user_id, signatures): } try: verify_signed_json(key, user_id, self_signing_verify_key) - except SignatureVerifyException as e: + except SignatureVerifyException: logger.error("invalid signature on key") raise SynapseError( 400, @@ -745,7 +747,7 @@ def upload_signatures_for_device_keys(self, user_id, signatures): } try: verify_signed_json(key, user_id, user_signing_verify_key) - except SignatureVerifyException as e: + except SignatureVerifyException: logger.error("invalid signature on key") raise SynapseError( 400, diff --git a/synapse/storage/end_to_end_keys.py b/synapse/storage/end_to_end_keys.py index 33e4533f2043..0fafd2ee37a2 100644 --- a/synapse/storage/end_to_end_keys.py +++ b/synapse/storage/end_to_end_keys.py @@ -13,6 +13,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +import time + from six import iteritems from canonicaljson import encode_canonical_json, json @@ -21,8 +23,6 @@ from synapse.util.caches.descriptors import cached -import time - from ._base import SQLBaseStore, db_to_json diff --git a/tests/handlers/test_e2e_keys.py b/tests/handlers/test_e2e_keys.py index 081694280532..4fa95403fa5b 100644 --- a/tests/handlers/test_e2e_keys.py +++ b/tests/handlers/test_e2e_keys.py @@ -16,11 +16,11 @@ import mock -from twisted.internet import defer - import signedjson.key as key import signedjson.sign as sign +from twisted.internet import defer + import synapse.api.errors import synapse.handlers.e2e_keys import synapse.storage