diff --git a/src/main/java/io/kamax/mxisd/HttpMxisd.java b/src/main/java/io/kamax/mxisd/HttpMxisd.java index 8f861a3..2dda143 100644 --- a/src/main/java/io/kamax/mxisd/HttpMxisd.java +++ b/src/main/java/io/kamax/mxisd/HttpMxisd.java @@ -54,6 +54,7 @@ import io.kamax.mxisd.http.undertow.handler.identity.share.SignEd25519Handler; import io.kamax.mxisd.http.undertow.handler.identity.share.StoreInviteHandler; import io.kamax.mxisd.http.undertow.handler.identity.v1.*; import io.kamax.mxisd.http.undertow.handler.identity.v2.HashDetailsHandler; +import io.kamax.mxisd.http.undertow.handler.identity.v2.HashLookupHandler; import io.kamax.mxisd.http.undertow.handler.invite.v1.RoomInviteHandler; import io.kamax.mxisd.http.undertow.handler.profile.v1.InternalProfileHandler; import io.kamax.mxisd.http.undertow.handler.profile.v1.ProfileHandler; diff --git a/src/main/java/io/kamax/mxisd/config/HashingConfig.java b/src/main/java/io/kamax/mxisd/config/HashingConfig.java index 8ef749c..6d557e0 100644 --- a/src/main/java/io/kamax/mxisd/config/HashingConfig.java +++ b/src/main/java/io/kamax/mxisd/config/HashingConfig.java @@ -3,6 +3,9 @@ package io.kamax.mxisd.config; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.util.ArrayList; +import java.util.List; + public class HashingConfig { private static final Logger LOGGER = LoggerFactory.getLogger(HashingConfig.class); @@ -12,6 +15,7 @@ public class HashingConfig { private RotationPolicyEnum rotationPolicy; private HashStorageEnum hashStorageType; private long delay = 10; + private List algorithms = new ArrayList<>(); public void build() { if (isEnabled()) { @@ -27,6 +31,11 @@ public class HashingConfig { } } + public enum Algorithm { + NONE, + SHA256 + } + public enum RotationPolicyEnum { PER_REQUESTS, PER_SECONDS @@ -76,4 +85,12 @@ public class HashingConfig { public void setDelay(long delay) { this.delay = delay; } + + public List getAlgorithms() { + return algorithms; + } + + public void setAlgorithms(List algorithms) { + this.algorithms = algorithms; + } } diff --git a/src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v2/HashDetailsHandler.java b/src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v2/HashDetailsHandler.java index 9813a9a..0d28e5f 100644 --- a/src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v2/HashDetailsHandler.java +++ b/src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v2/HashDetailsHandler.java @@ -2,6 +2,7 @@ package io.kamax.mxisd.http.undertow.handler.identity.v2; import com.google.gson.JsonArray; import com.google.gson.JsonObject; +import io.kamax.mxisd.config.HashingConfig; import io.kamax.mxisd.hash.HashManager; import io.kamax.mxisd.http.undertow.handler.BasicHttpHandler; import io.undertow.server.HttpServerExchange; @@ -11,7 +12,6 @@ public class HashDetailsHandler extends BasicHttpHandler { public static final String PATH = "/_matrix/identity/v2/hash_details"; private final HashManager hashManager; - private volatile JsonObject response = null; public HashDetailsHandler(HashManager hashManager) { this.hashManager = hashManager; @@ -23,20 +23,16 @@ public class HashDetailsHandler extends BasicHttpHandler { } private JsonObject getResponse() { - if (response == null) { - synchronized (this) { - if (response == null) { - response = new JsonObject(); - response.addProperty("lookup_pepper", hashManager.getHashEngine().getPepper()); - JsonArray algorithms = new JsonArray(); - algorithms.add("none"); - if (hashManager.getConfig().isEnabled()) { - algorithms.add("sha256"); - } - response.add("algorithms", algorithms); - } + JsonObject response = new JsonObject(); + response.addProperty("lookup_pepper", hashManager.getHashEngine().getPepper()); + JsonArray algorithms = new JsonArray(); + HashingConfig config = hashManager.getConfig(); + if (config.isEnabled()) { + for (HashingConfig.Algorithm algorithm : config.getAlgorithms()) { + algorithms.add(algorithm.name().toLowerCase()); } } + response.add("algorithms", algorithms); return response; } } diff --git a/src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v1/HashLookupHandler.java b/src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v2/HashLookupHandler.java similarity index 89% rename from src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v1/HashLookupHandler.java rename to src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v2/HashLookupHandler.java index 049ebf4..03a877e 100644 --- a/src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v1/HashLookupHandler.java +++ b/src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v2/HashLookupHandler.java @@ -18,8 +18,9 @@ * along with this program. If not, see . */ -package io.kamax.mxisd.http.undertow.handler.identity.v1; +package io.kamax.mxisd.http.undertow.handler.identity.v2; +import io.kamax.mxisd.config.HashingConfig; import io.kamax.mxisd.exception.InvalidParamException; import io.kamax.mxisd.exception.InvalidPepperException; import io.kamax.mxisd.hash.HashManager; @@ -51,6 +52,7 @@ public class HashLookupHandler extends LookupHandler implements ApiHandler { public HashLookupHandler(LookupStrategy strategy, HashManager hashManager) { this.strategy = strategy; + this.hashManager = hashManager; } @Override @@ -61,6 +63,10 @@ public class HashLookupHandler extends LookupHandler implements ApiHandler { log.info("Got bulk lookup request from {} with client {} - Is recursive? {}", lookupRequest.getRequester(), lookupRequest.getUserAgent(), lookupRequest.isRecursive()); + if (!hashManager.getConfig().isEnabled()) { + throw new InvalidParamException(); + } + if (!hashManager.getHashEngine().getPepper().equals(input.getPepper())) { throw new InvalidPepperException(); } @@ -78,6 +84,10 @@ public class HashLookupHandler extends LookupHandler implements ApiHandler { } private void noneAlgorithm(HttpServerExchange exchange, HashLookupRequest request, ClientHashLookupRequest input) throws Exception { + if (!hashManager.getConfig().getAlgorithms().contains(HashingConfig.Algorithm.NONE)) { + throw new InvalidParamException(); + } + BulkLookupRequest bulkLookupRequest = new BulkLookupRequest(); List mappings = new ArrayList<>(); for (String address : input.getAddresses()) { @@ -100,6 +110,10 @@ public class HashLookupHandler extends LookupHandler implements ApiHandler { } private void sha256Algorithm(HttpServerExchange exchange, HashLookupRequest request, ClientHashLookupRequest input) { + if (!hashManager.getConfig().getAlgorithms().contains(HashingConfig.Algorithm.SHA256)) { + throw new InvalidParamException(); + } + ClientHashLookupAnswer answer = new ClientHashLookupAnswer(); for (Pair pair : hashManager.getHashStorage().find(request.getHashes())) { answer.getMappings().put(pair.getKey(), pair.getValue().getMxid());