Merge pull request #4797 from matrix-org/uhoreg/distrust_backup

Mark messages with a black shield if the megolm session isn't trusted
pull/21833/head
Hubert Chathi 2020-06-23 15:38:03 -04:00 committed by GitHub
commit 74e4ea7d48
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 45 additions and 13 deletions

View File

@ -354,6 +354,11 @@ limitations under the License.
opacity: 1; opacity: 1;
} }
.mx_EventTile_e2eIcon_unauthenticated {
background-image: url('$(res)/img/e2e/normal.svg');
opacity: 1;
}
.mx_EventTile_e2eIcon_hidden { .mx_EventTile_e2eIcon_hidden {
display: none; display: none;
} }

View File

@ -28,6 +28,7 @@ export const E2E_STATE = {
WARNING: "warning", WARNING: "warning",
UNKNOWN: "unknown", UNKNOWN: "unknown",
NORMAL: "normal", NORMAL: "normal",
UNAUTHENTICATED: "unauthenticated",
}; };
const crossSigningUserTitles = { const crossSigningUserTitles = {

View File

@ -313,35 +313,52 @@ export default createReactClass({
return; return;
} }
// If we directly trust the device, short-circuit here const encryptionInfo = this.context.getEventEncryptionInfo(mxEvent);
const verified = await this.context.isEventSenderVerified(mxEvent); const senderId = mxEvent.getSender();
if (verified) { const userTrust = this.context.checkUserTrust(senderId);
if (encryptionInfo.mismatchedSender) {
// something definitely wrong is going on here
this.setState({ this.setState({
verified: E2E_STATE.VERIFIED, verified: E2E_STATE.WARNING,
}, () => { }, this.props.onHeightChanged); // Decryption may have caused a change in size
// Decryption may have caused a change in size
this.props.onHeightChanged();
});
return; return;
} }
if (!this.context.checkUserTrust(mxEvent.getSender()).isCrossSigningVerified()) { if (!userTrust.isCrossSigningVerified()) {
// user is not verified, so default to everything is normal
this.setState({ this.setState({
verified: E2E_STATE.NORMAL, verified: E2E_STATE.NORMAL,
}, this.props.onHeightChanged); }, this.props.onHeightChanged); // Decryption may have caused a change in size
return; return;
} }
const eventSenderTrust = await this.context.checkEventSenderTrust(mxEvent); const eventSenderTrust = this.context.checkDeviceTrust(
senderId, encryptionInfo.sender.deviceId,
);
if (!eventSenderTrust) { if (!eventSenderTrust) {
this.setState({ this.setState({
verified: E2E_STATE.UNKNOWN, verified: E2E_STATE.UNKNOWN,
}, this.props.onHeightChanged); // Decryption may have cause a change in size }, this.props.onHeightChanged); // Decryption may have caused a change in size
return;
}
if (!eventSenderTrust.isVerified()) {
this.setState({
verified: E2E_STATE.WARNING,
}, this.props.onHeightChanged); // Decryption may have caused a change in size
return;
}
if (!encryptionInfo.authenticated) {
this.setState({
verified: E2E_STATE.UNAUTHENTICATED,
}, this.props.onHeightChanged); // Decryption may have caused a change in size
return; return;
} }
this.setState({ this.setState({
verified: eventSenderTrust.isVerified() ? E2E_STATE.VERIFIED : E2E_STATE.WARNING, verified: E2E_STATE.VERIFIED,
}, this.props.onHeightChanged); // Decryption may have caused a change in size }, this.props.onHeightChanged); // Decryption may have caused a change in size
}, },
@ -526,6 +543,8 @@ export default createReactClass({
return; // no icon if we've not even cross-signed the user return; // no icon if we've not even cross-signed the user
} else if (this.state.verified === E2E_STATE.VERIFIED) { } else if (this.state.verified === E2E_STATE.VERIFIED) {
return; // no icon for verified return; // no icon for verified
} else if (this.state.verified === E2E_STATE.UNAUTHENTICATED) {
return (<E2ePadlockUnauthenticated />);
} else if (this.state.verified === E2E_STATE.UNKNOWN) { } else if (this.state.verified === E2E_STATE.UNKNOWN) {
return (<E2ePadlockUnknown />); return (<E2ePadlockUnknown />);
} else { } else {
@ -976,6 +995,12 @@ function E2ePadlockUnknown(props) {
); );
} }
function E2ePadlockUnauthenticated(props) {
return (
<E2ePadlock title={_t("The authenticity of this encrypted message can't be guaranteed on this device.")} icon="unauthenticated" {...props} />
);
}
class E2ePadlock extends React.Component { class E2ePadlock extends React.Component {
static propTypes = { static propTypes = {
icon: PropTypes.string.isRequired, icon: PropTypes.string.isRequired,

View File

@ -1030,6 +1030,7 @@
"Encrypted by an unverified session": "Encrypted by an unverified session", "Encrypted by an unverified session": "Encrypted by an unverified session",
"Unencrypted": "Unencrypted", "Unencrypted": "Unencrypted",
"Encrypted by a deleted session": "Encrypted by a deleted session", "Encrypted by a deleted session": "Encrypted by a deleted session",
"The authenticity of this encrypted message can't be guaranteed on this device.": "The authenticity of this encrypted message can't be guaranteed on this device.",
"Please select the destination room for this message": "Please select the destination room for this message", "Please select the destination room for this message": "Please select the destination room for this message",
"Invite only": "Invite only", "Invite only": "Invite only",
"Scroll to most recent messages": "Scroll to most recent messages", "Scroll to most recent messages": "Scroll to most recent messages",