Store signing keys in the same new format as synapse does, and conver…

…t old ones.
matrix-org · Apr 16, 2015 · 5abc90b · 5abc90b
1 parent b671d3b
commit 5abc90b
Showing 1 changed file with 32 additions and 9 deletions.
diff --git a/sydent/sign/ed25519.py b/sydent/sign/ed25519.py
@@ -18,6 +18,8 @@
 import nacl.signing
 import nacl.exceptions
 
+import syutil.crypto.signing_key
+
 import logging
 
 logger = logging.getLogger(__name__)
@@ -26,16 +28,37 @@ class SydentEd25519:
     def __init__(self, syd):
         self.sydent = syd
 
-        skHex = self.sydent.cfg.get('crypto', 'ed25519.signingkey')
-        if skHex != '':
-            self.signing_key = nacl.signing.SigningKey(skHex, encoder=nacl.encoding.HexEncoder)
-            self.signing_key.version = '0' # temp fix for API change
-        else:
+        save_key = False
+
+        sk_str = self.sydent.cfg.get('crypto', 'ed25519.signingkey')
+        sk_parts = sk_str.split(' ')
+
+        if sk_str == '':
             logger.info("This server does not yet have an ed25519 signing key. "+
                         "Creating one and saving it in the config file.")
+            self.signing_key = syutil.crypto.signing_key.generate_singing_key("0")
+            save_key = True
+        elif len(sk_parts) == 1:
+            # old format key
+            logger.info("Updating signing key format: brace yourselves")
+            self.signing_key = nacl.signing.SigningKey(sk_str, encoder=nacl.encoding.HexEncoder)
+            self.signing_key.version = "0"
+            self.signing_key.alg = syutil.crypto.signing_key.NACL_ED25519
+
+            save_key = True
+        else:
+            self.signing_key = syutil.crypto.signing_key.decode_signing_key_base64(
+                sk_parts[0],
+                sk_parts[1],
+                sk_parts[2]
+            )
 
-            self.signing_key = nacl.signing.SigningKey.generate()
-            self.signing_key.version = '0' # temp fix for api change
-            skHex = self.signing_key.encode(encoder=nacl.encoding.HexEncoder)
-            self.sydent.cfg.set('crypto', 'ed25519.signingkey', skHex)
+        if save_key:
+            sk_str = "%s %s %s" % (
+                self.signing_key.alg,
+                self.signing_key.version,
+                syutil.crypto.signing_key.encode_signing_key_base64(self.signing_key)
+            )
+            self.sydent.cfg.set('crypto', 'ed25519.signingkey', sk_str)
             self.sydent.save_config()
+            logger.info("Key saved")