From 625e03cde30d92a7e6fe67b3dd8cb975c9de621b Mon Sep 17 00:00:00 2001 From: Bruno Windels Date: Wed, 4 Nov 2020 16:51:45 +0100 Subject: [PATCH 1/3] allow customising the source of dehydration key --- src/MatrixClientPeg.ts | 6 +++++- src/customisations/Security.ts | 10 ++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/src/MatrixClientPeg.ts b/src/MatrixClientPeg.ts index 5bb10dfa89..8a0c2d63cb 100644 --- a/src/MatrixClientPeg.ts +++ b/src/MatrixClientPeg.ts @@ -34,6 +34,7 @@ import * as StorageManager from './utils/StorageManager'; import IdentityAuthClient from './IdentityAuthClient'; import { crossSigningCallbacks, tryToUnlockSecretStorageWithDehydrationKey } from './SecurityManager'; import {SHOW_QR_CODE_METHOD} from "matrix-js-sdk/src/crypto/verification/QRCode"; +import SecurityCustomisations from "./customisations/Security"; export interface IMatrixClientCreds { homeserverUrl: string; @@ -273,7 +274,10 @@ class _MatrixClientPeg implements IMatrixClientPeg { // These are always installed regardless of the labs flag so that // cross-signing features can toggle on without reloading and also be // accessed immediately after login. - Object.assign(opts.cryptoCallbacks, crossSigningCallbacks); + const customisatedCallbacks = { + getDehydrationKey: SecurityCustomisations.getDehydrationKey, + }; + Object.assign(opts.cryptoCallbacks, crossSigningCallbacks, customisatedCallbacks); this.matrixClient = createMatrixClient(opts); diff --git a/src/customisations/Security.ts b/src/customisations/Security.ts index 8fb0978375..71a2702027 100644 --- a/src/customisations/Security.ts +++ b/src/customisations/Security.ts @@ -44,6 +44,13 @@ function getSecretStorageKey(): Uint8Array { return null; } +/* eslint-disable-next-line @typescript-eslint/no-unused-vars */ +function getDehydrationKey( + keyInfo: ISecretStorageKeyInfo, +): Promise { + return Promise.resolve(null); +} + /* eslint-disable-next-line @typescript-eslint/no-unused-vars */ function catchAccessSecretStorageError(e: Error): void { // E.g. notify the user in some way @@ -74,6 +81,9 @@ export interface ISecurityCustomisations { setupEncryptionNeeded?: ( kind: SetupEncryptionKind, ) => boolean, + getDehydrationKey?: ( + keyInfo: ISecretStorageKeyInfo, + ) => Promise, } // A real customisation module will define and export one or more of the From f3743f3ca1e99d1e27cb5f9c5b6f80a6ce3c0394 Mon Sep 17 00:00:00 2001 From: Bruno Windels Date: Wed, 4 Nov 2020 16:53:58 +0100 Subject: [PATCH 2/3] fix spelling --- src/MatrixClientPeg.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/MatrixClientPeg.ts b/src/MatrixClientPeg.ts index 8a0c2d63cb..c65884e350 100644 --- a/src/MatrixClientPeg.ts +++ b/src/MatrixClientPeg.ts @@ -274,10 +274,10 @@ class _MatrixClientPeg implements IMatrixClientPeg { // These are always installed regardless of the labs flag so that // cross-signing features can toggle on without reloading and also be // accessed immediately after login. - const customisatedCallbacks = { + const customisedCallbacks = { getDehydrationKey: SecurityCustomisations.getDehydrationKey, }; - Object.assign(opts.cryptoCallbacks, crossSigningCallbacks, customisatedCallbacks); + Object.assign(opts.cryptoCallbacks, crossSigningCallbacks, customisedCallbacks); this.matrixClient = createMatrixClient(opts); From 41cb51e0443c262d09f27cc5d248f0c7a106496b Mon Sep 17 00:00:00 2001 From: Bruno Windels Date: Wed, 4 Nov 2020 17:09:21 +0100 Subject: [PATCH 3/3] add interface import --- src/customisations/Security.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/src/customisations/Security.ts b/src/customisations/Security.ts index 71a2702027..eb7c27dcc5 100644 --- a/src/customisations/Security.ts +++ b/src/customisations/Security.ts @@ -16,6 +16,7 @@ limitations under the License. import { IMatrixClientCreds } from "../MatrixClientPeg"; import { Kind as SetupEncryptionKind } from "../toasts/SetupEncryptionToast"; +import { ISecretStorageKeyInfo } from 'matrix-js-sdk/src/matrix'; /* eslint-disable-next-line @typescript-eslint/no-unused-vars */ function examineLoginResponse(