OpenCloud
/
riot-web
mirror of https://github.com/vector-im/riot-web
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #5092 from matrix-org/jryans/defer-cross-signing-setup 

Share and debug master cross-signing key
pull/21833/head
J. Ryan Stinnett 2020-08-07 16:06:35 +01:00 committed by GitHub
parent 0da31de5ad 9e40e079ff
commit 286624a89e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 24 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/CrossSigningManager.js
View File

@ -129,27 +129,21 @@ const onSecretRequested = async function({
console.log(`CrossSigningManager: Ignoring request from untrusted device ${deviceId}`); console.log(`CrossSigningManager: Ignoring request from untrusted device ${deviceId}`);
return; return;
} }
if (name.startsWith("m.cross_signing")) { if (
name === "m.cross_signing.master" ||
name === "m.cross_signing.self_signing" ||
name === "m.cross_signing.user_signing"
) {
const callbacks = client.getCrossSigningCacheCallbacks(); const callbacks = client.getCrossSigningCacheCallbacks();
if (!callbacks.getCrossSigningKeyCache) return; if (!callbacks.getCrossSigningKeyCache) return;
/* Explicit enumeration here is deliberate never share the master key! */ const keyId = name.replace("m.cross_signing.", "");
if (name === "m.cross_signing.self_signing") { const key = await callbacks.getCrossSigningKeyCache(keyId);
const key = await callbacks.getCrossSigningKeyCache("self_signing"); if (!key) {
if (!key) { console.log(
console.log( `${keyId} requested by ${deviceId}, but not found in cache`,
`self_signing requested by ${deviceId}, but not found in cache`, );
);
}
return key && encodeBase64(key);
} else if (name === "m.cross_signing.user_signing") {
const key = await callbacks.getCrossSigningKeyCache("user_signing");
if (!key) {
console.log(
`user_signing requested by ${deviceId}, but not found in cache`,
);
}
return key && encodeBase64(key);
} }
return key && encodeBase64(key);
} else if (name === "m.megolm_backup.v1") { } else if (name === "m.megolm_backup.v1") {
const key = await client._crypto.getSessionBackupPrivateKey(); const key = await client._crypto.getSessionBackupPrivateKey();
if (!key) { if (!key) {

8
src/components/views/settings/CrossSigningPanel.js
View File

@ -32,6 +32,7 @@ export default class CrossSigningPanel extends React.PureComponent {
error: null, error: null,
crossSigningPublicKeysOnDevice: false, crossSigningPublicKeysOnDevice: false,
crossSigningPrivateKeysInStorage: false, crossSigningPrivateKeysInStorage: false,
masterPrivateKeyCached: false,
selfSigningPrivateKeyCached: false, selfSigningPrivateKeyCached: false,
userSigningPrivateKeyCached: false, userSigningPrivateKeyCached: false,
sessionBackupKeyCached: false, sessionBackupKeyCached: false,
@ -78,6 +79,7 @@ export default class CrossSigningPanel extends React.PureComponent {
const secretStorage = cli._crypto._secretStorage; const secretStorage = cli._crypto._secretStorage;
const crossSigningPublicKeysOnDevice = crossSigning.getId(); const crossSigningPublicKeysOnDevice = crossSigning.getId();
const crossSigningPrivateKeysInStorage = await crossSigning.isStoredInSecretStorage(secretStorage); const crossSigningPrivateKeysInStorage = await crossSigning.isStoredInSecretStorage(secretStorage);
const masterPrivateKeyCached = !!(pkCache && await pkCache.getCrossSigningKeyCache("master"));
const selfSigningPrivateKeyCached = !!(pkCache && await pkCache.getCrossSigningKeyCache("self_signing")); const selfSigningPrivateKeyCached = !!(pkCache && await pkCache.getCrossSigningKeyCache("self_signing"));
const userSigningPrivateKeyCached = !!(pkCache && await pkCache.getCrossSigningKeyCache("user_signing")); const userSigningPrivateKeyCached = !!(pkCache && await pkCache.getCrossSigningKeyCache("user_signing"));
const sessionBackupKeyFromCache = await cli._crypto.getSessionBackupPrivateKey(); const sessionBackupKeyFromCache = await cli._crypto.getSessionBackupPrivateKey();
@ -91,6 +93,7 @@ export default class CrossSigningPanel extends React.PureComponent {
this.setState({ this.setState({
crossSigningPublicKeysOnDevice, crossSigningPublicKeysOnDevice,
crossSigningPrivateKeysInStorage, crossSigningPrivateKeysInStorage,
masterPrivateKeyCached,
selfSigningPrivateKeyCached, selfSigningPrivateKeyCached,
userSigningPrivateKeyCached, userSigningPrivateKeyCached,
sessionBackupKeyCached, sessionBackupKeyCached,
@ -140,6 +143,7 @@ export default class CrossSigningPanel extends React.PureComponent {
error, error,
crossSigningPublicKeysOnDevice, crossSigningPublicKeysOnDevice,
crossSigningPrivateKeysInStorage, crossSigningPrivateKeysInStorage,
masterPrivateKeyCached,
selfSigningPrivateKeyCached, selfSigningPrivateKeyCached,
userSigningPrivateKeyCached, userSigningPrivateKeyCached,
sessionBackupKeyCached, sessionBackupKeyCached,
@ -235,6 +239,10 @@ export default class CrossSigningPanel extends React.PureComponent {
<td>{_t("Cross-signing private keys:")}</td> <td>{_t("Cross-signing private keys:")}</td>
<td>{crossSigningPrivateKeysInStorage ? _t("in secret storage") : _t("not found")}</td> <td>{crossSigningPrivateKeysInStorage ? _t("in secret storage") : _t("not found")}</td>
</tr> </tr>
<tr>
<td>{_t("Master private key:")}</td>
<td>{masterPrivateKeyCached ? _t("cached locally") : _t("not found locally")}</td>
</tr>
<tr> <tr>
<td>{_t("Self signing private key:")}</td> <td>{_t("Self signing private key:")}</td>
<td>{selfSigningPrivateKeyCached ? _t("cached locally") : _t("not found locally")}</td> <td>{selfSigningPrivateKeyCached ? _t("cached locally") : _t("not found locally")}</td>

3
src/i18n/strings/en_EN.json
View File

@ -653,9 +653,10 @@
"not found": "not found", "not found": "not found",
"Cross-signing private keys:": "Cross-signing private keys:", "Cross-signing private keys:": "Cross-signing private keys:",
"in secret storage": "in secret storage", "in secret storage": "in secret storage",
"Self signing private key:": "Self signing private key:", "Master private key:": "Master private key:",
"cached locally": "cached locally", "cached locally": "cached locally",
"not found locally": "not found locally", "not found locally": "not found locally",
"Self signing private key:": "Self signing private key:",
"User signing private key:": "User signing private key:", "User signing private key:": "User signing private key:",
"Session backup key:": "Session backup key:", "Session backup key:": "Session backup key:",
"Secret storage public key:": "Secret storage public key:", "Secret storage public key:": "Secret storage public key:",

2
src/rageshake/submit-rageshake.ts
View File

@ -122,6 +122,8 @@ export default async function sendBugReport(bugReportEndpoint: string, opts: IOp
body.append("ssss_key_in_account", String(!!(await secretStorage.hasKey()))); body.append("ssss_key_in_account", String(!!(await secretStorage.hasKey())));
const pkCache = client.getCrossSigningCacheCallbacks(); const pkCache = client.getCrossSigningCacheCallbacks();
body.append("master_pk_cached",
String(!!(pkCache && await pkCache.getCrossSigningKeyCache("master"))));
body.append("self_signing_pk_cached", body.append("self_signing_pk_cached",
String(!!(pkCache && await pkCache.getCrossSigningKeyCache("self_signing")))); String(!!(pkCache && await pkCache.getCrossSigningKeyCache("self_signing"))));
body.append("user_signing_pk_cached", body.append("user_signing_pk_cached",