Merge pull request #3995 from matrix-org/jryans/4s-in-mem

Add advanced option to keep secret storage in memory for session
pull/21833/head
J. Ryan Stinnett 2020-01-31 10:45:57 +00:00 committed by GitHub
commit 19ab395c18
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 23 additions and 6 deletions

View File

@ -20,6 +20,7 @@ import {MatrixClientPeg} from './MatrixClientPeg';
import { deriveKey } from 'matrix-js-sdk/src/crypto/key_passphrase';
import { decodeRecoveryKey } from 'matrix-js-sdk/src/crypto/recoverykey';
import { _t } from './languageHandler';
import SettingsStore from './settings/SettingsStore';
// This stores the secret storage private keys in memory for the JS SDK. This is
// only meant to act as a cache to avoid prompting the user multiple times
@ -27,7 +28,14 @@ import { _t } from './languageHandler';
// single secret storage operation, as it will clear the cached keys once the
// operation ends.
let secretStorageKeys = {};
let cachingAllowed = false;
let secretStorageBeingAccessed = false;
function isCachingAllowed() {
return (
secretStorageBeingAccessed ||
SettingsStore.getValue("keepSecretStoragePassphraseForSession")
);
}
async function getSecretStorageKey({ keys: keyInfos }) {
const keyInfoEntries = Object.entries(keyInfos);
@ -37,7 +45,7 @@ async function getSecretStorageKey({ keys: keyInfos }) {
const [name, info] = keyInfoEntries[0];
// Check the in-memory cache
if (cachingAllowed && secretStorageKeys[name]) {
if (isCachingAllowed() && secretStorageKeys[name]) {
return [name, secretStorageKeys[name]];
}
@ -71,7 +79,7 @@ async function getSecretStorageKey({ keys: keyInfos }) {
const key = await inputToKey(input);
// Save to cache to avoid future prompts in the current session
if (cachingAllowed) {
if (isCachingAllowed()) {
secretStorageKeys[name] = key;
}
@ -104,7 +112,7 @@ export const crossSigningCallbacks = {
*/
export async function accessSecretStorage(func = async () => { }) {
const cli = MatrixClientPeg.get();
cachingAllowed = true;
secretStorageBeingAccessed = true;
try {
if (!await cli.hasSecretStorageKey()) {
@ -143,7 +151,9 @@ export async function accessSecretStorage(func = async () => { }) {
return await func();
} finally {
// Clear secret storage key cache now that work is complete
cachingAllowed = false;
secretStorageKeys = {};
secretStorageBeingAccessed = false;
if (!isCachingAllowed()) {
secretStorageKeys = {};
}
}
}

View File

@ -66,6 +66,7 @@ export default class LabsUserSettingsTab extends React.Component {
<SettingsFlag name={"showHiddenEventsInTimeline"} level={SettingLevel.DEVICE} />
<SettingsFlag name={"lowBandwidth"} level={SettingLevel.DEVICE} />
<SettingsFlag name={"sendReadReceipts"} level={SettingLevel.ACCOUNT} />
<SettingsFlag name={"keepSecretStoragePassphraseForSession"} level={SettingLevel.DEVICE} />
</div>
</div>
);

View File

@ -413,6 +413,7 @@
"Send read receipts for messages (requires compatible homeserver to disable)": "Send read receipts for messages (requires compatible homeserver to disable)",
"Show previews/thumbnails for images": "Show previews/thumbnails for images",
"Enable message search in encrypted rooms": "Enable message search in encrypted rooms",
"Keep secret storage passphrase in memory for this session": "Keep secret storage passphrase in memory for this session",
"Collecting app version information": "Collecting app version information",
"Collecting logs": "Collecting logs",
"Uploading report": "Uploading report",

View File

@ -485,4 +485,9 @@ export const SETTINGS = {
displayName: _td("Enable message search in encrypted rooms"),
default: true,
},
"keepSecretStoragePassphraseForSession": {
supportedLevels: LEVELS_DEVICE_ONLY_SETTINGS,
displayName: _td("Keep secret storage passphrase in memory for this session"),
default: false,
},
};