From 2271a56adc7de8fdbd155435b6b865ebc7b9a70a Mon Sep 17 00:00:00 2001 From: strawberry Date: Sun, 21 Apr 2024 15:12:22 -0400 Subject: [PATCH] move sign_json and verify_json admin commands to debug these are purely debug-related commands Signed-off-by: strawberry --- src/service/admin/debug/debug_commands.rs | 53 ++++++++++++++++++ src/service/admin/debug/mod.rs | 16 +++++- .../admin/federation/federation_commands.rs | 56 +------------------ src/service/admin/federation/mod.rs | 18 +----- 4 files changed, 70 insertions(+), 73 deletions(-) diff --git a/src/service/admin/debug/debug_commands.rs b/src/service/admin/debug/debug_commands.rs index 870016f3..b882b517 100644 --- a/src/service/admin/debug/debug_commands.rs +++ b/src/service/admin/debug/debug_commands.rs @@ -337,3 +337,56 @@ pub(super) async fn change_log_level( Ok(RoomMessageEventContent::text_plain("No log level was specified.")) } + +pub(super) async fn sign_json(body: Vec<&str>) -> Result { + if body.len() > 2 && body[0].trim().starts_with("```") && body.last().unwrap().trim() == "```" { + let string = body[1..body.len() - 1].join("\n"); + match serde_json::from_str(&string) { + Ok(mut value) => { + ruma::signatures::sign_json( + services().globals.server_name().as_str(), + services().globals.keypair(), + &mut value, + ) + .expect("our request json is what ruma expects"); + let json_text = serde_json::to_string_pretty(&value).expect("canonical json is valid json"); + Ok(RoomMessageEventContent::text_plain(json_text)) + }, + Err(e) => Ok(RoomMessageEventContent::text_plain(format!("Invalid json: {e}"))), + } + } else { + Ok(RoomMessageEventContent::text_plain( + "Expected code block in command body. Add --help for details.", + )) + } +} + +pub(super) async fn verify_json(body: Vec<&str>) -> Result { + if body.len() > 2 && body[0].trim().starts_with("```") && body.last().unwrap().trim() == "```" { + let string = body[1..body.len() - 1].join("\n"); + match serde_json::from_str(&string) { + Ok(value) => { + let pub_key_map = RwLock::new(BTreeMap::new()); + + services() + .rooms + .event_handler + .fetch_required_signing_keys([&value], &pub_key_map) + .await?; + + let pub_key_map = pub_key_map.read().await; + match ruma::signatures::verify_json(&pub_key_map, &value) { + Ok(()) => Ok(RoomMessageEventContent::text_plain("Signature correct")), + Err(e) => Ok(RoomMessageEventContent::text_plain(format!( + "Signature verification failed: {e}" + ))), + } + }, + Err(e) => Ok(RoomMessageEventContent::text_plain(format!("Invalid json: {e}"))), + } + } else { + Ok(RoomMessageEventContent::text_plain( + "Expected code block in command body. Add --help for details.", + )) + } +} diff --git a/src/service/admin/debug/mod.rs b/src/service/admin/debug/mod.rs index 80e1c74c..f25d7511 100644 --- a/src/service/admin/debug/mod.rs +++ b/src/service/admin/debug/mod.rs @@ -3,7 +3,7 @@ use ruma::{events::room::message::RoomMessageEventContent, EventId, RoomId, Serv use self::debug_commands::{ change_log_level, force_device_list_updates, get_auth_chain, get_pdu, get_remote_pdu, get_room_state, parse_pdu, - ping, + ping, sign_json, verify_json, }; use crate::Result; @@ -82,6 +82,18 @@ pub(crate) enum DebugCommand { #[arg(short, long)] reset: bool, }, + + /// - Verify json signatures + /// + /// This command needs a JSON blob provided in a Markdown code block below + /// the command. + SignJson, + + /// - Verify json signatures + /// + /// This command needs a JSON blob provided in a Markdown code block below + /// the command. + VerifyJson, } pub(crate) async fn process(command: DebugCommand, body: Vec<&str>) -> Result { @@ -108,5 +120,7 @@ pub(crate) async fn process(command: DebugCommand, body: Vec<&str>) -> Result change_log_level(body, filter, reset).await?, + DebugCommand::SignJson => sign_json(body).await?, + DebugCommand::VerifyJson => verify_json(body).await?, }) } diff --git a/src/service/admin/federation/federation_commands.rs b/src/service/admin/federation/federation_commands.rs index 845c2f91..56c9f510 100644 --- a/src/service/admin/federation/federation_commands.rs +++ b/src/service/admin/federation/federation_commands.rs @@ -1,7 +1,6 @@ -use std::{collections::BTreeMap, fmt::Write as _}; +use std::fmt::Write as _; use ruma::{events::room::message::RoomMessageEventContent, RoomId, ServerName}; -use tokio::sync::RwLock; use crate::{services, utils::HtmlEscape, Result}; @@ -26,59 +25,6 @@ pub(super) async fn incoming_federeation(_body: Vec<&str>) -> Result) -> Result { - if body.len() > 2 && body[0].trim().starts_with("```") && body.last().unwrap().trim() == "```" { - let string = body[1..body.len() - 1].join("\n"); - match serde_json::from_str(&string) { - Ok(mut value) => { - ruma::signatures::sign_json( - services().globals.server_name().as_str(), - services().globals.keypair(), - &mut value, - ) - .expect("our request json is what ruma expects"); - let json_text = serde_json::to_string_pretty(&value).expect("canonical json is valid json"); - Ok(RoomMessageEventContent::text_plain(json_text)) - }, - Err(e) => Ok(RoomMessageEventContent::text_plain(format!("Invalid json: {e}"))), - } - } else { - Ok(RoomMessageEventContent::text_plain( - "Expected code block in command body. Add --help for details.", - )) - } -} - -pub(super) async fn verify_json(body: Vec<&str>) -> Result { - if body.len() > 2 && body[0].trim().starts_with("```") && body.last().unwrap().trim() == "```" { - let string = body[1..body.len() - 1].join("\n"); - match serde_json::from_str(&string) { - Ok(value) => { - let pub_key_map = RwLock::new(BTreeMap::new()); - - services() - .rooms - .event_handler - .fetch_required_signing_keys([&value], &pub_key_map) - .await?; - - let pub_key_map = pub_key_map.read().await; - match ruma::signatures::verify_json(&pub_key_map, &value) { - Ok(()) => Ok(RoomMessageEventContent::text_plain("Signature correct")), - Err(e) => Ok(RoomMessageEventContent::text_plain(format!( - "Signature verification failed: {e}" - ))), - } - }, - Err(e) => Ok(RoomMessageEventContent::text_plain(format!("Invalid json: {e}"))), - } - } else { - Ok(RoomMessageEventContent::text_plain( - "Expected code block in command body. Add --help for details.", - )) - } -} - pub(super) async fn fetch_support_well_known( _body: Vec<&str>, server_name: Box, ) -> Result { diff --git a/src/service/admin/federation/mod.rs b/src/service/admin/federation/mod.rs index 74878e36..1f8280b7 100644 --- a/src/service/admin/federation/mod.rs +++ b/src/service/admin/federation/mod.rs @@ -1,9 +1,7 @@ use clap::Subcommand; use ruma::{events::room::message::RoomMessageEventContent, RoomId, ServerName}; -use self::federation_commands::{ - disable_room, enable_room, fetch_support_well_known, incoming_federeation, sign_json, verify_json, -}; +use self::federation_commands::{disable_room, enable_room, fetch_support_well_known, incoming_federeation}; use crate::Result; pub(crate) mod federation_commands; @@ -24,18 +22,6 @@ pub(crate) enum FederationCommand { room_id: Box, }, - /// - Verify json signatures - /// - /// This command needs a JSON blob provided in a Markdown code block below - /// the command. - SignJson, - - /// - Verify json signatures - /// - /// This command needs a JSON blob provided in a Markdown code block below - /// the command. - VerifyJson, - /// - Fetch `/.well-known/matrix/support` from the specified server /// /// Despite the name, this is not a federation endpoint and does not go @@ -59,8 +45,6 @@ pub(crate) async fn process(command: FederationCommand, body: Vec<&str>) -> Resu room_id, } => enable_room(body, room_id).await?, FederationCommand::IncomingFederation => incoming_federeation(body).await?, - FederationCommand::SignJson => sign_json(body).await?, - FederationCommand::VerifyJson => verify_json(body).await?, FederationCommand::FetchSupportWellKnown { server_name, } => fetch_support_well_known(body, server_name).await?,