chris/ruwuma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ruwuma/crates/ruma-signatures/CHANGELOG.md
gnieto 7565588be7
signatures: Prevent accepting events without at least one valid signature 
`verify_event` has been changed recently to be more aligned with the
spec. In the previous algorithm, it returned an error if the event was
not signed by at least one of the required entities.

The new algortihm is iterating over all the signtures for the required
entities *and* skipping unknown algorithms. If an event is signed only
by unkonwn algorithms, the event would be accepted and not verifications
will happen. In order to prevent that, we check that, at least, a single
key is checked. This covers the 2nd point in: https://spec.matrix.org/v1.6/appendices/#checking-for-a-signature

A few more test cases were added:

- The event is properly signed, but key map contains a key with an
  unknown algorithm. Under this circumstances, the event should be
  allowed.
- An event signed by multiple keys for an entity, should verify all
  those signatures
- An event signed by a single key with an unkown algorithm by the
  required entity, should fail
2023-03-02 09:34:57 +00:00

1.5 KiB
Raw Blame History

[unreleased]

Bug fixes:

  • Ignore keys with unknown algorithms in verify_events

0.13.1

No changes for this version

0.13.0

No changes for this version

0.12.0

Breaking changes:

  • Remove pointless PartialEq implementation for Ed25519Verifier

0.11.0

Breaking changes:

  • Upgrade dependencies

0.10.0

Breaking changes:

  • Merge SplitError into Error
  • Update some function signatures to use the new Base64 type

Improvements:

  • Move Room Version 9 keys out of unstable-pre-spec in allowed_content_keys_for

0.9.0

Breaking changes:

  • Change a few functions to return Results
    • See each function's documentation for how it can fail

Bug fixes:

  • Don't check stringified JSON size <= 65535 bytes for verify_json and sign_json since these functions may be used for things other than PDUs

0.8.0

Breaking changes:

  • Replace ring dependency with ed25519-dalek and pkcs8
  • canonical_json and content_hash now return Error when JSON is not canonical

0.7.2

Improvements:

  • Add a compat feature

    When enabled, ruma-signatures will accept slightly malformed base64 input.

0.7.1

Improvements:

  • Fix verify_json signature check algorithm
  • Bump dependency versions

0.7.0

Breaking changes:

  • Upgrade ruma-identifiers dependency to 0.19.0

0.6.0

Breaking changes:

  • Remove Copy implementation for Algorithm
  • Remove Copy and Clone implementations for Ed25519Verifier
  • Upgrade ruma-identifiers

Bug fixes:

  • Verify only the required signatures on verify_event
  • Fix redactions for aliases events