Merge pull request #5092 from matrix-org/jryans/defer-cross-signing-setup
Share and debug master cross-signing keypull/21833/head
commit
286624a89e
|
@ -129,27 +129,21 @@ const onSecretRequested = async function({
|
|||
console.log(`CrossSigningManager: Ignoring request from untrusted device ${deviceId}`);
|
||||
return;
|
||||
}
|
||||
if (name.startsWith("m.cross_signing")) {
|
||||
if (
|
||||
name === "m.cross_signing.master" ||
|
||||
name === "m.cross_signing.self_signing" ||
|
||||
name === "m.cross_signing.user_signing"
|
||||
) {
|
||||
const callbacks = client.getCrossSigningCacheCallbacks();
|
||||
if (!callbacks.getCrossSigningKeyCache) return;
|
||||
/* Explicit enumeration here is deliberate – never share the master key! */
|
||||
if (name === "m.cross_signing.self_signing") {
|
||||
const key = await callbacks.getCrossSigningKeyCache("self_signing");
|
||||
if (!key) {
|
||||
console.log(
|
||||
`self_signing requested by ${deviceId}, but not found in cache`,
|
||||
);
|
||||
}
|
||||
return key && encodeBase64(key);
|
||||
} else if (name === "m.cross_signing.user_signing") {
|
||||
const key = await callbacks.getCrossSigningKeyCache("user_signing");
|
||||
if (!key) {
|
||||
console.log(
|
||||
`user_signing requested by ${deviceId}, but not found in cache`,
|
||||
);
|
||||
}
|
||||
return key && encodeBase64(key);
|
||||
const keyId = name.replace("m.cross_signing.", "");
|
||||
const key = await callbacks.getCrossSigningKeyCache(keyId);
|
||||
if (!key) {
|
||||
console.log(
|
||||
`${keyId} requested by ${deviceId}, but not found in cache`,
|
||||
);
|
||||
}
|
||||
return key && encodeBase64(key);
|
||||
} else if (name === "m.megolm_backup.v1") {
|
||||
const key = await client._crypto.getSessionBackupPrivateKey();
|
||||
if (!key) {
|
||||
|
|
|
@ -32,6 +32,7 @@ export default class CrossSigningPanel extends React.PureComponent {
|
|||
error: null,
|
||||
crossSigningPublicKeysOnDevice: false,
|
||||
crossSigningPrivateKeysInStorage: false,
|
||||
masterPrivateKeyCached: false,
|
||||
selfSigningPrivateKeyCached: false,
|
||||
userSigningPrivateKeyCached: false,
|
||||
sessionBackupKeyCached: false,
|
||||
|
@ -78,6 +79,7 @@ export default class CrossSigningPanel extends React.PureComponent {
|
|||
const secretStorage = cli._crypto._secretStorage;
|
||||
const crossSigningPublicKeysOnDevice = crossSigning.getId();
|
||||
const crossSigningPrivateKeysInStorage = await crossSigning.isStoredInSecretStorage(secretStorage);
|
||||
const masterPrivateKeyCached = !!(pkCache && await pkCache.getCrossSigningKeyCache("master"));
|
||||
const selfSigningPrivateKeyCached = !!(pkCache && await pkCache.getCrossSigningKeyCache("self_signing"));
|
||||
const userSigningPrivateKeyCached = !!(pkCache && await pkCache.getCrossSigningKeyCache("user_signing"));
|
||||
const sessionBackupKeyFromCache = await cli._crypto.getSessionBackupPrivateKey();
|
||||
|
@ -91,6 +93,7 @@ export default class CrossSigningPanel extends React.PureComponent {
|
|||
this.setState({
|
||||
crossSigningPublicKeysOnDevice,
|
||||
crossSigningPrivateKeysInStorage,
|
||||
masterPrivateKeyCached,
|
||||
selfSigningPrivateKeyCached,
|
||||
userSigningPrivateKeyCached,
|
||||
sessionBackupKeyCached,
|
||||
|
@ -140,6 +143,7 @@ export default class CrossSigningPanel extends React.PureComponent {
|
|||
error,
|
||||
crossSigningPublicKeysOnDevice,
|
||||
crossSigningPrivateKeysInStorage,
|
||||
masterPrivateKeyCached,
|
||||
selfSigningPrivateKeyCached,
|
||||
userSigningPrivateKeyCached,
|
||||
sessionBackupKeyCached,
|
||||
|
@ -235,6 +239,10 @@ export default class CrossSigningPanel extends React.PureComponent {
|
|||
<td>{_t("Cross-signing private keys:")}</td>
|
||||
<td>{crossSigningPrivateKeysInStorage ? _t("in secret storage") : _t("not found")}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>{_t("Master private key:")}</td>
|
||||
<td>{masterPrivateKeyCached ? _t("cached locally") : _t("not found locally")}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>{_t("Self signing private key:")}</td>
|
||||
<td>{selfSigningPrivateKeyCached ? _t("cached locally") : _t("not found locally")}</td>
|
||||
|
|
|
@ -653,9 +653,10 @@
|
|||
"not found": "not found",
|
||||
"Cross-signing private keys:": "Cross-signing private keys:",
|
||||
"in secret storage": "in secret storage",
|
||||
"Self signing private key:": "Self signing private key:",
|
||||
"Master private key:": "Master private key:",
|
||||
"cached locally": "cached locally",
|
||||
"not found locally": "not found locally",
|
||||
"Self signing private key:": "Self signing private key:",
|
||||
"User signing private key:": "User signing private key:",
|
||||
"Session backup key:": "Session backup key:",
|
||||
"Secret storage public key:": "Secret storage public key:",
|
||||
|
|
|
@ -122,6 +122,8 @@ export default async function sendBugReport(bugReportEndpoint: string, opts: IOp
|
|||
body.append("ssss_key_in_account", String(!!(await secretStorage.hasKey())));
|
||||
|
||||
const pkCache = client.getCrossSigningCacheCallbacks();
|
||||
body.append("master_pk_cached",
|
||||
String(!!(pkCache && await pkCache.getCrossSigningKeyCache("master"))));
|
||||
body.append("self_signing_pk_cached",
|
||||
String(!!(pkCache && await pkCache.getCrossSigningKeyCache("self_signing"))));
|
||||
body.append("user_signing_pk_cached",
|
||||
|
|
Loading…
Reference in New Issue