pub fn verify_event(
public_key_map: &PublicKeyMap,
object: &CanonicalJsonObject,
version: &RoomVersionId,
) -> Result<Verified, Error>
Expand description
Verifies that the signed event contains all the required valid signatures.
Some room versions may require signatures from multiple homeservers, so this function takes a map from servers to sets of public keys. Signatures are verified for each required homeserver. All known public keys for a homeserver should be provided. The first one found on the given event will be used.
If the Ok
variant is returned by this function, it will contain a Verified
value which
distinguishes an event with valid signatures and a matching content hash with an event with
only valid signatures. See the documentation for Verified
for details.
§Parameters
- public_key_map: A map from entity identifiers to a map from key identifiers to public keys. Generally, entity identifiers are server names—the host/IP/port of a homeserver (e.g. “example.com”) for which a signature must be verified. Key identifiers for each server (e.g. “ed25519:1”) then map to their respective public keys.
- object: The JSON object of the event that was signed.
- version: Room version of the given event
§Examples
const PUBLIC_KEY: &[u8] = b"XGX0JRS2Af3be3knz2fBiRbApjm2Dh61gXDJA8kcJNI";
// Deserialize an event from JSON.
let object = serde_json::from_str(
r#"{
"auth_events": [],
"content": {},
"depth": 3,
"hashes": {
"sha256": "5jM4wQpv6lnBo7CLIghJuHdW+s2CMBJPUOGOC89ncos"
},
"origin": "domain",
"origin_server_ts": 1000000,
"prev_events": [],
"room_id": "!x:domain",
"sender": "@a:domain",
"signatures": {
"domain": {
"ed25519:1": "KxwGjPSDEtvnFgU00fwFz+l6d2pJM6XBIaMEn81SXPTRl16AqLAYqfIReFGZlHi5KLjAWbOoMszkwsQma+lYAg"
}
},
"type": "X",
"unsigned": {
"age_ts": 1000000
}
}"#
).unwrap();
// Create the `PublicKeyMap` that will inform `verify_json` which signatures to verify.
let mut public_key_set = BTreeMap::new();
public_key_set.insert("ed25519:1".into(), Base64::parse(PUBLIC_KEY.to_owned()).unwrap());
let mut public_key_map = BTreeMap::new();
public_key_map.insert("domain".into(), public_key_set);
// Verify at least one signature for each entity in `public_key_map`.
let verification_result = verify_event(&public_key_map, &object, &RoomVersionId::V6);
assert!(verification_result.is_ok());
assert_eq!(verification_result.unwrap(), Verified::All);