def _on_event_received(self, event): tag = event['tag'] data = event['data'] signatures = event.get('signatures') signature_trusted = False for signer in signatures.keys(): key = self._trusted_keys.get(signer) if not key: continue try: verify_event_message(signer, event, key, assume_valid=True) except Exception as e: log.info('Invalid signature on event ({}): {}'.format( str(e), str(event))) break # if we are here, we verified a signature without issues, which means # the message is legit and we can sign it ourselves and publish it signature_trusted = True break if signature_trusted: text = self._tag_data_to_html_message(tag, data) else: if self._mconf.allow_unsigned: text = self._tag_data_to_html_message(tag, data) text = '[<font color="#ed1515">VERIFY_FAILED</font>] ' + text else: log.info('Unable to verify signature on event: {}'.format( str(event))) return self._rooms_publish_text(event, text)
def _event_message_received(self, socket, msg): data = str(msg[1], 'utf-8', 'replace') try: event = json.loads(data) except json.JSONDecodeError as e: # we ignore invalid requests log.info('Received invalid JSON message from sender: %s (%s)', data if len(data) > 1 else msg, str(e)) return # check if the message is actually valid and can be processed if not event_message_is_valid_and_signed(event): # we currently just silently ignore invalid submissions return signatures = event.get('signatures') signature_trusted = False for signer in signatures.keys(): key = self._trusted_keys.get(signer) if not key: continue try: verify_event_message(signer, event, key, assume_valid=True) except Exception as e: log.info('Invalid signature on event ({}): {}'.format( str(e), str(event))) return # if we are here, we verified a signature without issues, which means # the message is legit and we can sign it ourselves and publish it signature_trusted = True break if not signature_trusted: log.info('Unable to verify signature on event: {}'.format( str(event))) return # now publish the event to the world self._pub_queue.put(event)
def test_msg_creation(self): ''' Test creation of new signed messages and check them for validity. ''' from laniakea.db import LkModule assert create_message_tag( LkModule.DATAIMPORT, 'new-source-packages') == '_lk.dataimport.new-source-packages' m = create_event_message(self._sender_id, '_lk.testsuite.dummy', {'aaa': 'bbb'}, self._sender_signing_key) assert m['tag'] == '_lk.testsuite.dummy' assert m['format'] == '1.0' assert UUID(m['uuid']).version == 1 assert m['data'] == {'aaa': 'bbb'} sigs = m['signatures'] assert sigs assert len(sigs[self._sender_id]['ed25519:0']) > 80 # this function will throw on error and thereby cause a test failure verify_event_message(self._sender_id, m, self._sender_verify_key)