Support specifying old_verify_keys in config

2025-12-18 16:21:24 +01:00 · 2024-09-13 14:46:27 +00:00 · 2024-09-13 14:46:27 +00:00 · 458a7458dc
commit 458a7458dc
parent 5691cf0868
3 changed files with 22 additions and 2 deletions
--- a/src/service/globals/data.rs
+++ b/src/service/globals/data.rs
@ -18,17 +18,29 @@ use crate::{services, Result};
 /// don't require post-validation
 #[derive(Deserialize, Debug, Clone)]
 pub(crate) struct SigningKeys {
+    // FIXME: Use [`OwnedServerSigningKeyId`] as key
+    // Not yet feasibly because they get passed to `verify_event`, see https://github.com/ruma/ruma/pull/1808
    pub(crate) verify_keys: BTreeMap<String, VerifyKey>,
    pub(crate) old_verify_keys: BTreeMap<String, OldVerifyKey>,
+
    pub(crate) valid_until_ts: MilliSecondsSinceUnixEpoch,
 }

 impl SigningKeys {
    /// Creates the `SigningKeys` struct, using the keys of the current server
    pub(crate) fn load_own_keys() -> Self {
+        let old_verify_keys = services()
+            .globals
+            .config
+            .federation
+            .old_verify_keys
+            .iter()
+            .map(|(id, key)| (id.to_string(), key.clone()))
+            .collect();
+
        let mut keys = Self {
            verify_keys: BTreeMap::new(),
-            old_verify_keys: BTreeMap::new(),
+            old_verify_keys,
            valid_until_ts: MilliSecondsSinceUnixEpoch::from_system_time(
                SystemTime::now() + Duration::from_secs(7 * 86400),
            )