pub fn verify_event(
public_key_map: &BTreeMap<String, BTreeMap<String, Base64>>,
object: &BTreeMap<String, CanonicalJsonValue>,
version: &RoomVersionId,
) -> Result<Verified, Error>
Available on crate feature
signatures
only.Expand description
Verifies that the signed event contains all the required valid signatures.
Some room versions may require signatures from multiple homeservers, so this function takes a map from servers to sets of public keys. Signatures are verified for each required homeserver. All known public keys for a homeserver should be provided. The first one found on the given event will be used.
If the Ok
variant is returned by this function, it will contain a Verified
value which
distinguishes an event with valid signatures and a matching content hash with an event with
only valid signatures. See the documentation for Verified
for details.
§Parameters
- public_key_map: A map from entity identifiers to a map from key identifiers to public keys. Generally, entity identifiers are server names—the host/IP/port of a homeserver (e.g. “example.com”) for which a signature must be verified. Key identifiers for each server (e.g. “ed25519:1”) then map to their respective public keys.
- object: The JSON object of the event that was signed.
- version: Room version of the given event
§Examples
const PUBLIC_KEY: &[u8] = b"XGX0JRS2Af3be3knz2fBiRbApjm2Dh61gXDJA8kcJNI";
// Deserialize an event from JSON.
let object = serde_json::from_str(
r#"{
"auth_events": [],
"content": {},
"depth": 3,
"hashes": {
"sha256": "5jM4wQpv6lnBo7CLIghJuHdW+s2CMBJPUOGOC89ncos"
},
"origin": "domain",
"origin_server_ts": 1000000,
"prev_events": [],
"room_id": "!x:domain",
"sender": "@a:domain",
"signatures": {
"domain": {
"ed25519:1": "KxwGjPSDEtvnFgU00fwFz+l6d2pJM6XBIaMEn81SXPTRl16AqLAYqfIReFGZlHi5KLjAWbOoMszkwsQma+lYAg"
}
},
"type": "X",
"unsigned": {
"age_ts": 1000000
}
}"#
).unwrap();
// Create the `PublicKeyMap` that will inform `verify_json` which signatures to verify.
let mut public_key_set = BTreeMap::new();
public_key_set.insert("ed25519:1".into(), Base64::parse(PUBLIC_KEY.to_owned()).unwrap());
let mut public_key_map = BTreeMap::new();
public_key_map.insert("domain".into(), public_key_set);
// Verify at least one signature for each entity in `public_key_map`.
let verification_result = verify_event(&public_key_map, &object, &RoomVersionId::V6);
assert!(verification_result.is_ok());
assert_eq!(verification_result.unwrap(), Verified::All);