Add a database for storing the server keys (#137)

* Add a database for storing the server keys

* Tweak wording, and comment on the resolution of the timestamp

* Update gomatrixserverlib
This commit is contained in:
Mark Haines 2017-06-09 18:07:34 +01:00 committed by GitHub
parent 6eae6f7598
commit 7cbdab30f4
7 changed files with 243 additions and 45 deletions

View file

@ -25,6 +25,7 @@ import (
"github.com/matrix-org/dendrite/clientapi/producers" "github.com/matrix-org/dendrite/clientapi/producers"
"github.com/matrix-org/dendrite/clientapi/routing" "github.com/matrix-org/dendrite/clientapi/routing"
"github.com/matrix-org/dendrite/common" "github.com/matrix-org/dendrite/common"
"github.com/matrix-org/dendrite/common/keydb"
"github.com/matrix-org/dendrite/roomserver/api" "github.com/matrix-org/dendrite/roomserver/api"
"github.com/matrix-org/gomatrixserverlib" "github.com/matrix-org/gomatrixserverlib"
@ -41,6 +42,7 @@ var (
serverName = gomatrixserverlib.ServerName(os.Getenv("SERVER_NAME")) serverName = gomatrixserverlib.ServerName(os.Getenv("SERVER_NAME"))
serverKey = os.Getenv("SERVER_KEY") serverKey = os.Getenv("SERVER_KEY")
accountDataSource = os.Getenv("ACCOUNT_DATABASE") accountDataSource = os.Getenv("ACCOUNT_DATABASE")
keyDataSource = os.Getenv("KEY_DATABASE")
) )
func main() { func main() {
@ -79,7 +81,7 @@ func main() {
roomserverProducer, err := producers.NewRoomserverProducer(cfg.KafkaProducerURIs, cfg.ClientAPIOutputTopic) roomserverProducer, err := producers.NewRoomserverProducer(cfg.KafkaProducerURIs, cfg.ClientAPIOutputTopic)
if err != nil { if err != nil {
log.Panicf("Failed to setup kafka producers(%s): %s", cfg.KafkaProducerURIs, err) log.Panicf("Failed to setup kafka producers(%q): %s", cfg.KafkaProducerURIs, err)
} }
federation := gomatrixserverlib.NewFederationClient(cfg.ServerName, cfg.KeyID, cfg.PrivateKey) federation := gomatrixserverlib.NewFederationClient(cfg.ServerName, cfg.KeyID, cfg.PrivateKey)
@ -87,11 +89,15 @@ func main() {
queryAPI := api.NewRoomserverQueryAPIHTTP(cfg.RoomserverURL, nil) queryAPI := api.NewRoomserverQueryAPIHTTP(cfg.RoomserverURL, nil)
accountDB, err := accounts.NewDatabase(accountDataSource, serverName) accountDB, err := accounts.NewDatabase(accountDataSource, serverName)
if err != nil { if err != nil {
log.Panicf("Failed to setup account database(%s): %s", accountDataSource, err.Error()) log.Panicf("Failed to setup account database(%q): %s", accountDataSource, err.Error())
} }
deviceDB, err := devices.NewDatabase(accountDataSource, serverName) deviceDB, err := devices.NewDatabase(accountDataSource, serverName)
if err != nil { if err != nil {
log.Panicf("Failed to setup device database(%s): %s", accountDataSource, err.Error()) log.Panicf("Failed to setup device database(%q): %s", accountDataSource, err.Error())
}
keyDB, err := keydb.NewDatabase(keyDataSource)
if err != nil {
log.Panicf("Failed to setup key database(%q): %s", keyDataSource, err.Error())
} }
keyRing := gomatrixserverlib.KeyRing{ keyRing := gomatrixserverlib.KeyRing{
@ -99,7 +105,7 @@ func main() {
// TODO: Use perspective key fetchers for production. // TODO: Use perspective key fetchers for production.
&gomatrixserverlib.DirectKeyFetcher{federation.Client}, &gomatrixserverlib.DirectKeyFetcher{federation.Client},
}, },
KeyDatabase: &dummyKeyDatabase{}, KeyDatabase: keyDB,
} }
routing.Setup( routing.Setup(
@ -108,18 +114,3 @@ func main() {
) )
log.Fatal(http.ListenAndServe(bindAddr, nil)) log.Fatal(http.ListenAndServe(bindAddr, nil))
} }
// TODO: Implement a proper key database.
type dummyKeyDatabase struct{}
func (d *dummyKeyDatabase) FetchKeys(
requests map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.Timestamp,
) (map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.ServerKeys, error) {
return nil, nil
}
func (d *dummyKeyDatabase) StoreKeys(
map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.ServerKeys,
) error {
return nil
}

View file

@ -23,6 +23,7 @@ import (
"github.com/matrix-org/dendrite/clientapi/producers" "github.com/matrix-org/dendrite/clientapi/producers"
"github.com/matrix-org/dendrite/common" "github.com/matrix-org/dendrite/common"
"github.com/matrix-org/dendrite/common/keydb"
"github.com/matrix-org/dendrite/federationapi/config" "github.com/matrix-org/dendrite/federationapi/config"
"github.com/matrix-org/dendrite/federationapi/routing" "github.com/matrix-org/dendrite/federationapi/routing"
"github.com/matrix-org/dendrite/roomserver/api" "github.com/matrix-org/dendrite/roomserver/api"
@ -47,6 +48,7 @@ var (
kafkaURIs = strings.Split(os.Getenv("KAFKA_URIS"), ",") kafkaURIs = strings.Split(os.Getenv("KAFKA_URIS"), ",")
roomserverURL = os.Getenv("ROOMSERVER_URL") roomserverURL = os.Getenv("ROOMSERVER_URL")
roomserverInputTopic = os.Getenv("TOPIC_INPUT_ROOM_EVENT") roomserverInputTopic = os.Getenv("TOPIC_INPUT_ROOM_EVENT")
keyDataSource = os.Getenv("KEY_DATABASE")
) )
func main() { func main() {
@ -95,12 +97,17 @@ func main() {
federation := gomatrixserverlib.NewFederationClient(cfg.ServerName, cfg.KeyID, cfg.PrivateKey) federation := gomatrixserverlib.NewFederationClient(cfg.ServerName, cfg.KeyID, cfg.PrivateKey)
keyDB, err := keydb.NewDatabase(keyDataSource)
if err != nil {
log.Panicf("Failed to setup key database(%q): %s", keyDataSource, err.Error())
}
keyRing := gomatrixserverlib.KeyRing{ keyRing := gomatrixserverlib.KeyRing{
KeyFetchers: []gomatrixserverlib.KeyFetcher{ KeyFetchers: []gomatrixserverlib.KeyFetcher{
// TODO: Use perspective key fetchers for production. // TODO: Use perspective key fetchers for production.
&gomatrixserverlib.DirectKeyFetcher{federation.Client}, &gomatrixserverlib.DirectKeyFetcher{federation.Client},
}, },
KeyDatabase: &dummyKeyDatabase{}, KeyDatabase: keyDB,
} }
queryAPI := api.NewRoomserverQueryAPIHTTP(roomserverURL, nil) queryAPI := api.NewRoomserverQueryAPIHTTP(roomserverURL, nil)
@ -112,18 +119,3 @@ func main() {
routing.Setup(http.DefaultServeMux, cfg, queryAPI, roomserverProducer, keyRing, federation) routing.Setup(http.DefaultServeMux, cfg, queryAPI, roomserverProducer, keyRing, federation)
log.Fatal(http.ListenAndServe(bindAddr, nil)) log.Fatal(http.ListenAndServe(bindAddr, nil))
} }
// TODO: Implement a proper key database.
type dummyKeyDatabase struct{}
func (d *dummyKeyDatabase) FetchKeys(
requests map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.Timestamp,
) (map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.ServerKeys, error) {
return nil, nil
}
func (d *dummyKeyDatabase) StoreKeys(
map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.ServerKeys,
) error {
return nil
}

View file

@ -0,0 +1,70 @@
// Copyright 2017 Vector Creations Ltd
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package keydb
import (
"database/sql"
"github.com/matrix-org/gomatrixserverlib"
)
// A Database implements gomatrixserverlib.KeyDatabase and is used to store
// the public keys for other matrix servers.
type Database struct {
statements serverKeyStatements
}
// NewDatabase prepares a new key database.
// It creates the necessary tables if they don't already exist.
// It prepares all the SQL statements that it will use.
// Returns an error if there was a problem talking to the database.
func NewDatabase(dataSourceName string) (*Database, error) {
db, err := sql.Open("postgres", dataSourceName)
if err != nil {
return nil, err
}
d := &Database{}
d.statements.prepare(db)
return d, nil
}
// FetchKeys implements gomatrixserverlib.KeyDatabase
func (d *Database) FetchKeys(
requests map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.Timestamp,
) (map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.ServerKeys, error) {
return d.statements.bulkSelectServerKeys(requests)
}
// StoreKeys implements gomatrixserverlib.KeyDatabase
func (d *Database) StoreKeys(
keyMap map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.ServerKeys,
) error {
// TODO: Inserting all the keys within a single transaction may
// be more efficient since the transaction overhead can be quite
// high for a single insert statement.
var lastErr error
for request, keys := range keyMap {
if err := d.statements.upsertServerKeys(request, keys); err != nil {
// Rather than returning immediately on error we try to insert the
// remaining keys.
// Since we are inserting the keys outside of a transaction it is
// possible for some of the inserts to succeed even though some
// of the inserts have failed.
// Ensuring that we always insert all the keys we can means that
// this behaviour won't depend on the iteration order of the map.
lastErr = err
}
}
return lastErr
}

View file

@ -0,0 +1,125 @@
// Copyright 2017 Vector Creations Ltd
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package keydb
import (
"database/sql"
"encoding/json"
"github.com/lib/pq"
"github.com/matrix-org/gomatrixserverlib"
)
const serverKeysSchema = `
-- A cache of server keys downloaded from remote servers.
CREATE TABLE IF NOT EXISTS server_keys (
-- The name of the matrix server the key is for.
server_name TEXT NOT NULL,
-- The ID of the server key.
server_key_id TEXT NOT NULL,
-- Combined server name and key ID separated by the ASCII unit separator
-- to make it easier to run bulk queries.
server_name_and_key_id TEXT NOT NULL,
-- When the keys are valid until as a millisecond timestamp.
valid_until_ts BIGINT NOT NULL,
-- The raw JSON for the server key.
server_key_json TEXT NOT NULL,
CONSTRAINT server_keys_unique UNIQUE (server_name, server_key_id)
);
CREATE INDEX IF NOT EXISTS server_name_and_key_id ON server_keys (server_name_and_key_id);
`
const bulkSelectServerKeysSQL = "" +
"SELECT server_name, server_key_id, server_key_json FROM server_keys" +
" WHERE server_name_and_key_id = ANY($1)"
const upsertServerKeysSQL = "" +
"INSERT INTO server_keys (server_name, server_key_id," +
" server_name_and_key_id, valid_until_ts, server_key_json)" +
" VALUES ($1, $2, $3, $4, $5)" +
" ON CONFLICT ON CONSTRAINT server_keys_unique" +
" DO UPDATE SET valid_until_ts = $4, server_key_json = $5"
type serverKeyStatements struct {
bulkSelectServerKeysStmt *sql.Stmt
upsertServerKeysStmt *sql.Stmt
}
func (s *serverKeyStatements) prepare(db *sql.DB) (err error) {
_, err = db.Exec(serverKeysSchema)
if err != nil {
return
}
if s.bulkSelectServerKeysStmt, err = db.Prepare(bulkSelectServerKeysSQL); err != nil {
return
}
if s.upsertServerKeysStmt, err = db.Prepare(upsertServerKeysSQL); err != nil {
return
}
return
}
func (s *serverKeyStatements) bulkSelectServerKeys(
requests map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.Timestamp,
) (map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.ServerKeys, error) {
var nameAndKeyIDs []string
for request := range requests {
nameAndKeyIDs = append(nameAndKeyIDs, nameAndKeyID(request))
}
rows, err := s.bulkSelectServerKeysStmt.Query(pq.StringArray(nameAndKeyIDs))
if err != nil {
return nil, err
}
defer rows.Close()
results := map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.ServerKeys{}
for rows.Next() {
var serverName string
var keyID string
var keyJSON []byte
if err := rows.Scan(&serverName, &keyID, &keyJSON); err != nil {
return nil, err
}
var serverKeys gomatrixserverlib.ServerKeys
if err := json.Unmarshal(keyJSON, &serverKeys); err != nil {
return nil, err
}
r := gomatrixserverlib.PublicKeyRequest{
gomatrixserverlib.ServerName(serverName), gomatrixserverlib.KeyID(keyID),
}
results[r] = serverKeys
}
return results, nil
}
func (s *serverKeyStatements) upsertServerKeys(
request gomatrixserverlib.PublicKeyRequest, keys gomatrixserverlib.ServerKeys,
) error {
keyJSON, err := json.Marshal(keys)
if err != nil {
return err
}
_, err = s.upsertServerKeysStmt.Exec(
string(request.ServerName), string(request.KeyID), nameAndKeyID(request),
int64(keys.ValidUntilTS), keyJSON,
)
if err != nil {
return err
}
return nil
}
func nameAndKeyID(request gomatrixserverlib.PublicKeyRequest) string {
return string(request.ServerName) + "\x1F" + string(request.KeyID)
}

2
vendor/manifest vendored
View file

@ -98,7 +98,7 @@
{ {
"importpath": "github.com/matrix-org/gomatrixserverlib", "importpath": "github.com/matrix-org/gomatrixserverlib",
"repository": "https://github.com/matrix-org/gomatrixserverlib", "repository": "https://github.com/matrix-org/gomatrixserverlib",
"revision": "b1dfcb3b345cc8410f1a03fec0a1ffe6bd002dcd", "revision": "0e1596ae7b0a034ec572cd1448aeaf7e96bff95a",
"branch": "master" "branch": "master"
}, },
{ {

View file

@ -32,6 +32,12 @@ type KeyFetcher interface {
type KeyDatabase interface { type KeyDatabase interface {
KeyFetcher KeyFetcher
// Add a block of public keys to the database. // Add a block of public keys to the database.
// Returns an error if there was a problem storing the keys.
// A database is not required to rollback storing the all keys if some of
// the keys aren't stored, and an in-progess store may be partially visible
// to a concurrent FetchKeys(). This is acceptable since the database is
// only used as a cache for the keys, so if a FetchKeys() races with a
// StoreKeys() and some of the keys are missing they will be just be refetched.
StoreKeys(map[PublicKeyRequest]ServerKeys) error StoreKeys(map[PublicKeyRequest]ServerKeys) error
} }

View file

@ -30,15 +30,22 @@ type KeyID string
// SignJSON signs a JSON object returning a copy signed with the given key. // SignJSON signs a JSON object returning a copy signed with the given key.
// https://matrix.org/docs/spec/server_server/unstable.html#signing-json // https://matrix.org/docs/spec/server_server/unstable.html#signing-json
func SignJSON(signingName string, keyID KeyID, privateKey ed25519.PrivateKey, message []byte) ([]byte, error) { func SignJSON(signingName string, keyID KeyID, privateKey ed25519.PrivateKey, message []byte) ([]byte, error) {
// Unpack the top-level key of the JSON object without unpacking the contents of the keys.
// This allows us to add and remove the top-level keys from the JSON object.
// It also ensures that the JSON is actually a valid JSON object.
var object map[string]*json.RawMessage var object map[string]*json.RawMessage
var signatures map[string]map[KeyID]Base64String var signatures map[string]map[KeyID]Base64String
if err := json.Unmarshal(message, &object); err != nil { if err := json.Unmarshal(message, &object); err != nil {
return nil, err return nil, err
} }
// We don't sign the contents of the unsigned key so we remove it.
rawUnsigned, hasUnsigned := object["unsigned"] rawUnsigned, hasUnsigned := object["unsigned"]
delete(object, "unsigned") delete(object, "unsigned")
// Parse the existing signatures if they exist.
// Signing a JSON object adds our signature to the existing
// signature rather than replacing it.
if rawSignatures := object["signatures"]; rawSignatures != nil { if rawSignatures := object["signatures"]; rawSignatures != nil {
if err := json.Unmarshal(*rawSignatures, &signatures); err != nil { if err := json.Unmarshal(*rawSignatures, &signatures); err != nil {
return nil, err return nil, err
@ -48,32 +55,35 @@ func SignJSON(signingName string, keyID KeyID, privateKey ed25519.PrivateKey, me
signatures = map[string]map[KeyID]Base64String{} signatures = map[string]map[KeyID]Base64String{}
} }
// Encode the JSON object without the "signatures" key or
// the "unsigned" key in the canonical format.
unsorted, err := json.Marshal(object) unsorted, err := json.Marshal(object)
if err != nil { if err != nil {
return nil, err return nil, err
} }
canonical, err := CanonicalJSON(unsorted) canonical, err := CanonicalJSON(unsorted)
if err != nil { if err != nil {
return nil, err return nil, err
} }
// Sign the canonical JSON with the ed25519 key.
signature := Base64String(ed25519.Sign(privateKey, canonical)) signature := Base64String(ed25519.Sign(privateKey, canonical))
// Add the signature to the "signature" key.
signaturesForEntity := signatures[signingName] signaturesForEntity := signatures[signingName]
if signaturesForEntity != nil { if signaturesForEntity != nil {
signaturesForEntity[keyID] = signature signaturesForEntity[keyID] = signature
} else { } else {
signatures[signingName] = map[KeyID]Base64String{keyID: signature} signatures[signingName] = map[KeyID]Base64String{keyID: signature}
} }
var rawSignatures json.RawMessage var rawSignatures json.RawMessage
rawSignatures, err = json.Marshal(signatures) rawSignatures, err = json.Marshal(signatures)
if err != nil { if err != nil {
return nil, err return nil, err
} }
object["signatures"] = &rawSignatures object["signatures"] = &rawSignatures
// Add the unsigned key back if it was present.
if hasUnsigned { if hasUnsigned {
object["unsigned"] = rawUnsigned object["unsigned"] = rawUnsigned
} }
@ -98,41 +108,45 @@ func ListKeyIDs(signingName string, message []byte) ([]KeyID, error) {
// VerifyJSON checks that the entity has signed the message using a particular key. // VerifyJSON checks that the entity has signed the message using a particular key.
func VerifyJSON(signingName string, keyID KeyID, publicKey ed25519.PublicKey, message []byte) error { func VerifyJSON(signingName string, keyID KeyID, publicKey ed25519.PublicKey, message []byte) error {
// Unpack the top-level key of the JSON object without unpacking the contents of the keys.
// This allows us to add and remove the top-level keys from the JSON object.
// It also ensures that the JSON is actually a valid JSON object.
var object map[string]*json.RawMessage var object map[string]*json.RawMessage
var signatures map[string]map[KeyID]Base64String var signatures map[string]map[KeyID]Base64String
if err := json.Unmarshal(message, &object); err != nil { if err := json.Unmarshal(message, &object); err != nil {
return err return err
} }
delete(object, "unsigned")
// Check that there is a signature from the entity that we are expecting a signature from.
if object["signatures"] == nil { if object["signatures"] == nil {
return fmt.Errorf("No signatures") return fmt.Errorf("No signatures")
} }
if err := json.Unmarshal(*object["signatures"], &signatures); err != nil { if err := json.Unmarshal(*object["signatures"], &signatures); err != nil {
return err return err
} }
delete(object, "signatures")
signature, ok := signatures[signingName][keyID] signature, ok := signatures[signingName][keyID]
if !ok { if !ok {
return fmt.Errorf("No signature from %q with ID %q", signingName, keyID) return fmt.Errorf("No signature from %q with ID %q", signingName, keyID)
} }
if len(signature) != ed25519.SignatureSize { if len(signature) != ed25519.SignatureSize {
return fmt.Errorf("Bad signature length from %q with ID %q", signingName, keyID) return fmt.Errorf("Bad signature length from %q with ID %q", signingName, keyID)
} }
// The "unsigned" key and "signatures" keys aren't covered by the signature so remove them.
delete(object, "unsigned")
delete(object, "signatures")
// Encode the JSON without the "unsigned" and "signatures" keys in the canonical format.
unsorted, err := json.Marshal(object) unsorted, err := json.Marshal(object)
if err != nil { if err != nil {
return err return err
} }
canonical, err := CanonicalJSON(unsorted) canonical, err := CanonicalJSON(unsorted)
if err != nil { if err != nil {
return err return err
} }
// Verify the ed25519 signature.
if !ed25519.Verify(publicKey, canonical, signature) { if !ed25519.Verify(publicKey, canonical, signature) {
return fmt.Errorf("Bad signature from %q with ID %q", signingName, keyID) return fmt.Errorf("Bad signature from %q with ID %q", signingName, keyID)
} }