Skip to main content

verify_event

ruma::signatures

Function verify_event 

Source 
pub fn verify_event(
    public_key_map: &BTreeMap<String, BTreeMap<String, Base64>>,
    object: &BTreeMap<String, CanonicalJsonValue>,
    rules: &RoomVersionRules,
) -> Result<Verified, VerificationError>
Available on crate feature signatures only.
Expand description

Verifies that the signed event contains all the required valid signatures.

Some room versions may require signatures from multiple homeservers, so this function takes a map from servers to sets of public keys. Signatures are verified for each required homeserver. All known public keys for a homeserver should be provided. The first one found on the given event will be used.

If the Ok variant is returned by this function, it will contain a Verified value which distinguishes an event with valid signatures and a matching content hash with an event with only valid signatures. See the documentation for Verified for details.

§Parameters

  • public_key_map: A map from server name to a map from key identifier to public signing key. required_server_signatures_to_verify_event() can be called to get the list of servers that must appear in this map. If any of those servers is missing, this function will return a VerificationError::NoPublicKeysForEntity error.
  • object: The JSON object of the event that was signed.
  • room_version: The version of the event’s room.

§Examples

const PUBLIC_KEY: &[u8] = b"XGX0JRS2Af3be3knz2fBiRbApjm2Dh61gXDJA8kcJNI";

// Deserialize an event from JSON.
let object = serde_json::from_str(
    r#"{
        "auth_events": [],
        "content": {},
        "depth": 3,
        "hashes": {
            "sha256": "5jM4wQpv6lnBo7CLIghJuHdW+s2CMBJPUOGOC89ncos"
        },
        "origin": "domain",
        "origin_server_ts": 1000000,
        "prev_events": [],
        "room_id": "!x:domain",
        "sender": "@a:domain",
        "signatures": {
            "domain": {
                "ed25519:1": "KxwGjPSDEtvnFgU00fwFz+l6d2pJM6XBIaMEn81SXPTRl16AqLAYqfIReFGZlHi5KLjAWbOoMszkwsQma+lYAg"
            }
        },
        "type": "X",
        "unsigned": {
            "age_ts": 1000000
        }
    }"#
).unwrap();

// Create the `PublicKeyMap` that will inform `verify_json` which signatures to verify.
let mut public_key_set = BTreeMap::new();
public_key_set.insert("ed25519:1".into(), Base64::parse(PUBLIC_KEY.to_owned()).unwrap());
let mut public_key_map = BTreeMap::new();
public_key_map.insert("domain".into(), public_key_set);

// Get the redaction rules for the version of the current room.
let rules =
    RoomVersionId::V6.rules().expect("The rules should be known for a supported room version");

// Verify at least one signature for each entity in `public_key_map`.
let verification_result = verify_event(&public_key_map, &object, &rules);
assert!(verification_result.is_ok());
assert_eq!(verification_result.unwrap(), Verified::All);