Add MXIDMapping for pseudoID rooms, also sign with the pseudoIDKey

roomserver/internal/perform/perform_create_room.go

@@ -16,9 +16,12 @@ package perform
 
 import (
 	"context"
+	"crypto/ed25519"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"net/http"
+	"strings"
 
 	"github.com/getsentry/sentry-go"
 	"github.com/matrix-org/dendrite/internal/eventutil"
@@ -30,6 +33,7 @@ import (
 	"github.com/matrix-org/gomatrixserverlib/fclient"
 	"github.com/matrix-org/gomatrixserverlib/spec"
 	"github.com/matrix-org/util"
+	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -93,6 +97,15 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo
 		}
 	}
 
+	_, err = c.DB.AssignRoomNID(ctx, roomID, createRequest.RoomVersion)
+	if err != nil {
+		util.GetLogger(ctx).WithError(err).Error("failed to assign roomNID")
+		return "", &util.JSONResponse{
+			Code: http.StatusInternalServerError,
+			JSON: spec.InternalServerError{},
+		}
+	}
+
 	var guestsCanJoin bool
 	switch createRequest.StatePreset {
 	case spec.PresetPrivateChat:
@@ -130,13 +143,59 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo
 	membershipEvent := gomatrixserverlib.FledglingEvent{
 		Type:     spec.MRoomMember,
 		StateKey: string(senderID),
-		Content: gomatrixserverlib.MemberContent{
-			Membership:  spec.Join,
-			DisplayName: createRequest.UserDisplayName,
-			AvatarURL:   createRequest.UserAvatarURL,
-		},
 	}
 
+	memberContent := gomatrixserverlib.MemberContent{
+		Membership:  spec.Join,
+		DisplayName: createRequest.UserDisplayName,
+		AvatarURL:   createRequest.UserAvatarURL,
+	}
+
+	// get the signing identity
+	identity, err := c.Cfg.Matrix.SigningIdentityFor(userID.Domain())
+	if err != nil {
+		logrus.WithError(err).WithField("domain", userID.Domain()).Error("unable to find signing identity for domain")
+		return "", &util.JSONResponse{
+			Code: http.StatusInternalServerError,
+			JSON: spec.InternalServerError{},
+		}
+	}
+
+	// If we are creating a room with pseudo IDs, create and sign the MXIDMapping
+	if createRequest.RoomVersion == gomatrixserverlib.RoomVersionPseudoIDs {
+		var pseudoIDKey ed25519.PrivateKey
+		pseudoIDKey, err = c.RSAPI.GetOrCreateUserRoomPrivateKey(ctx, userID, roomID)
+		if err != nil {
+			util.GetLogger(ctx).WithError(err).Error("GetOrCreateUserRoomPrivateKey failed")
+			return "", &util.JSONResponse{
+				Code: http.StatusInternalServerError,
+				JSON: spec.InternalServerError{},
+			}
+		}
+
+		mapping := &gomatrixserverlib.MXIDMapping{
+			UserRoomKey: strings.ToLower(base64.StdEncoding.WithPadding(base64.NoPadding).EncodeToString(pseudoIDKey.Public().(ed25519.PublicKey))),
+			UserID:      userID.String(),
+		}
+
+		// Sign the mapping with the server identity
+		if err = mapping.Sign(identity.ServerName, identity.KeyID, identity.PrivateKey); err != nil {
+			return "", &util.JSONResponse{
+				Code: http.StatusInternalServerError,
+				JSON: spec.InternalServerError{},
+			}
+		}
+		memberContent.MXIDMapping = mapping
+
+		// sign all events with the pseudo ID key
+		identity = &fclient.SigningIdentity{
+			ServerName: userID.Domain(),
+			KeyID:      "self",
+			PrivateKey: pseudoIDKey,
+		}
+	}
+	membershipEvent.Content = memberContent
+
 	var nameEvent *gomatrixserverlib.FledglingEvent
 	var topicEvent *gomatrixserverlib.FledglingEvent
 	var guestAccessEvent *gomatrixserverlib.FledglingEvent
@@ -314,7 +373,7 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo
 				JSON: spec.InternalServerError{},
 			}
 		}
-		ev, err = builder.Build(createRequest.EventTime, userID.Domain(), createRequest.KeyID, createRequest.PrivateKey)
+		ev, err = builder.Build(createRequest.EventTime, identity.ServerName, identity.KeyID, identity.PrivateKey)
 		if err != nil {
 			util.GetLogger(ctx).WithError(err).Error("buildEvent failed")
 			return "", &util.JSONResponse{
@@ -355,29 +414,8 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo
 		})
 	}
 
-	// first send the `m.room.create` event, so we have a roomNID
-	if err = api.SendInputRoomEvents(ctx, c.RSAPI, userID.Domain(), inputs[:1], false); err != nil {
-		util.GetLogger(ctx).WithError(err).Error("roomserverAPI.SendInputRoomEvents failed")
-		return "", &util.JSONResponse{
-			Code: http.StatusInternalServerError,
-			JSON: spec.InternalServerError{},
-		}
-	}
-
-	// create user room key if needed
-	if createRequest.RoomVersion == gomatrixserverlib.RoomVersionPseudoIDs {
-		_, err = c.RSAPI.GetOrCreateUserRoomPrivateKey(ctx, userID, roomID)
-		if err != nil {
-			util.GetLogger(ctx).WithError(err).Error("GetOrCreateUserRoomPrivateKey failed")
-			return "", &util.JSONResponse{
-				Code: http.StatusInternalServerError,
-				JSON: spec.InternalServerError{},
-			}
-		}
-	}
-
-	// send the remaining events
-	if err = api.SendInputRoomEvents(ctx, c.RSAPI, userID.Domain(), inputs[1:], false); err != nil {
+	// send the events to the roomserver
+	if err = api.SendInputRoomEvents(ctx, c.RSAPI, userID.Domain(), inputs, false); err != nil {
 		util.GetLogger(ctx).WithError(err).Error("roomserverAPI.SendInputRoomEvents failed")
 		return "", &util.JSONResponse{
 			Code: http.StatusInternalServerError,
@@ -487,11 +525,6 @@ func (c *Creator) PerformCreateRoom(ctx context.Context, userID spec.UserID, roo
 			}
 
 			// Build the invite event.
-			identity := &fclient.SigningIdentity{
-				ServerName: userID.Domain(),
-				KeyID:      createRequest.KeyID,
-				PrivateKey: createRequest.PrivateKey,
-			}
 			inviteEvent, err = eventutil.QueryAndBuildEvent(ctx, &proto, identity, createRequest.EventTime, c.RSAPI, nil)
 
 			if err != nil {