def _on_event_received(self, event):
tag = event['tag']
data = event['data']
signatures = event.get('signatures')
signature_trusted = False
for signer in signatures.keys():
key = self._trusted_keys.get(signer)
if not key:
continue
try:
verify_event_message(signer, event, key, assume_valid=True)
except Exception as e:
log.info('Invalid signature on event ({}): {}'.format(
str(e), str(event)))
break
# if we are here, we verified a signature without issues, which means
# the message is legit and we can sign it ourselves and publish it
signature_trusted = True
break
if signature_trusted:
text = self._tag_data_to_html_message(tag, data)
else:
if self._mconf.allow_unsigned:
text = self._tag_data_to_html_message(tag, data)
text = '[<font color="#ed1515">VERIFY_FAILED</font>] ' + text
else:
log.info('Unable to verify signature on event: {}'.format(
str(event)))
return
self._rooms_publish_text(event, text)
def _event_message_received(self, socket, msg):
data = str(msg[1], 'utf-8', 'replace')
try:
event = json.loads(data)
except json.JSONDecodeError as e:
# we ignore invalid requests
log.info('Received invalid JSON message from sender: %s (%s)',
data if len(data) > 1 else msg, str(e))
return
# check if the message is actually valid and can be processed
if not event_message_is_valid_and_signed(event):
# we currently just silently ignore invalid submissions
return
signatures = event.get('signatures')
signature_trusted = False
for signer in signatures.keys():
key = self._trusted_keys.get(signer)
if not key:
continue
try:
verify_event_message(signer, event, key, assume_valid=True)
except Exception as e:
log.info('Invalid signature on event ({}): {}'.format(
str(e), str(event)))
return
# if we are here, we verified a signature without issues, which means
# the message is legit and we can sign it ourselves and publish it
signature_trusted = True
break
if not signature_trusted:
log.info('Unable to verify signature on event: {}'.format(
str(event)))
return
# now publish the event to the world
self._pub_queue.put(event)
def test_msg_creation(self):
'''
Test creation of new signed messages and check them for validity.
'''
from laniakea.db import LkModule
assert create_message_tag(
LkModule.DATAIMPORT,
'new-source-packages') == '_lk.dataimport.new-source-packages'
m = create_event_message(self._sender_id, '_lk.testsuite.dummy',
{'aaa': 'bbb'}, self._sender_signing_key)
assert m['tag'] == '_lk.testsuite.dummy'
assert m['format'] == '1.0'
assert UUID(m['uuid']).version == 1
assert m['data'] == {'aaa': 'bbb'}
sigs = m['signatures']
assert sigs
assert len(sigs[self._sender_id]['ed25519:0']) > 80
# this function will throw on error and thereby cause a test failure
verify_event_message(self._sender_id, m, self._sender_verify_key)