Merge pull request #4268 from matrix-org/jryans/robust-secret-share

Log and display secret sharing cache state
2020-03-25 15:00:04 +00:00 · 2020-03-25 15:00:04 +00:00 · d869ac9a69
parent a7913f4fe5 1c802cc6af
commit d869ac9a69
3 changed files with 27 additions and 0 deletions
--- a/src/CrossSigningManager.js
+++ b/src/CrossSigningManager.js
@ -149,9 +149,15 @@ const onSecretRequested = async function({
    if (!callbacks.getCrossSigningKeyCache) return;
    if (name === "m.cross_signing.self_signing") {
        const key = await callbacks.getCrossSigningKeyCache("self_signing");
+        if (!key) {
+            console.log(`self_signing requested by ${deviceId}, but not found in cache`);
+        }
        return key && encodeBase64(key);
    } else if (name === "m.cross_signing.user_signing") {
        const key = await callbacks.getCrossSigningKeyCache("user_signing");
+        if (!key) {
+            console.log(`user_signing requested by ${deviceId}, but not found in cache`);
+        }
        return key && encodeBase64(key);
    }
    console.warn("onSecretRequested didn't recognise the secret named ", name);
--- a/src/components/views/settings/CrossSigningPanel.js
+++ b/src/components/views/settings/CrossSigningPanel.js
@ -32,6 +32,8 @@ export default class CrossSigningPanel extends React.PureComponent {
            error: null,
            crossSigningPublicKeysOnDevice: false,
            crossSigningPrivateKeysInStorage: false,
+            selfSigningPrivateKeyCached: false,
+            userSigningPrivateKeyCached: false,
            secretStorageKeyInAccount: false,
            secretStorageKeyNeedsUpgrade: null,
        };
@ -71,10 +73,13 @@ export default class CrossSigningPanel extends React.PureComponent {

    async _getUpdatedStatus() {
        const cli = MatrixClientPeg.get();
+        const pkCache = cli.getCrossSigningCacheCallbacks();
        const crossSigning = cli._crypto._crossSigningInfo;
        const secretStorage = cli._crypto._secretStorage;
        const crossSigningPublicKeysOnDevice = crossSigning.getId();
        const crossSigningPrivateKeysInStorage = await crossSigning.isStoredInSecretStorage(secretStorage);
+        const selfSigningPrivateKeyCached = !!(pkCache && await pkCache.getCrossSigningKeyCache("self_signing"));
+        const userSigningPrivateKeyCached = !!(pkCache && await pkCache.getCrossSigningKeyCache("user_signing"));
        const secretStorageKeyInAccount = await secretStorage.hasKey();
        const homeserverSupportsCrossSigning =
            await cli.doesServerSupportUnstableFeature("org.matrix.e2e_cross_signing");
@ -84,6 +89,8 @@ export default class CrossSigningPanel extends React.PureComponent {
        this.setState({
            crossSigningPublicKeysOnDevice,
            crossSigningPrivateKeysInStorage,
+            selfSigningPrivateKeyCached,
+            userSigningPrivateKeyCached,
            secretStorageKeyInAccount,
            homeserverSupportsCrossSigning,
            crossSigningReady,
@ -130,6 +137,8 @@ export default class CrossSigningPanel extends React.PureComponent {
            error,
            crossSigningPublicKeysOnDevice,
            crossSigningPrivateKeysInStorage,
+            selfSigningPrivateKeyCached,
+            userSigningPrivateKeyCached,
            secretStorageKeyInAccount,
            homeserverSupportsCrossSigning,
            crossSigningReady,
@ -209,6 +218,14 @@ export default class CrossSigningPanel extends React.PureComponent {
                            <td>{_t("Cross-signing private keys:")}</td>
                            <td>{crossSigningPrivateKeysInStorage ? _t("in secret storage") : _t("not found")}</td>
                        </tr>
+                        <tr>
+                            <td>{_t("Self signing private key:")}</td>
+                            <td>{selfSigningPrivateKeyCached ? _t("cached locally") : _t("not found locally")}</td>
+                        </tr>
+                        <tr>
+                            <td>{_t("User signing private key:")}</td>
+                            <td>{userSigningPrivateKeyCached ? _t("cached locally") : _t("not found locally")}</td>
+                        </tr>
                        <tr>
                            <td>{_t("Secret storage public key:")}</td>
                            <td>{secretStorageKeyInAccount ? _t("in account data") : _t("not found")}</td>
--- a/src/i18n/strings/en_EN.json
+++ b/src/i18n/strings/en_EN.json
@ -582,6 +582,10 @@
    "not found": "not found",
    "Cross-signing private keys:": "Cross-signing private keys:",
    "in secret storage": "in secret storage",
+    "Self signing private key:": "Self signing private key:",
+    "cached locally": "cached locally",
+    "not found locally": "not found locally",
+    "User signing private key:": "User signing private key:",
    "Secret storage public key:": "Secret storage public key:",
    "in account data": "in account data",
    "Homeserver feature support:": "Homeserver feature support:",