OpenCloud
/
riot-web
mirror of https://github.com/vector-im/riot-web
1
0
Fork 0
Code Issues Releases Wiki Activity

Clarify current state of cross-signing private keys

pull/21833/head
J. Ryan Stinnett 2019-11-29 15:57:40 +00:00
parent a21285143f
commit 92c0fdf085
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/MatrixClientPeg.js
View File

@ -221,8 +221,14 @@ class MatrixClientPeg {
}; };
if (SettingsStore.isFeatureEnabled("feature_cross_signing")) { if (SettingsStore.isFeatureEnabled("feature_cross_signing")) {
// TODO: Cross-signing keys are temporarily in memory only. A // This stores the cross-signing private keys in memory for the JS SDK. They
// separate task in the cross-signing project will build from here. // are also persisted to Secure Secret Storage in account data by
// the JS SDK when created.
// XXX: On desktop platforms, we plan to store only the SSSS default
// key in a secure enclave, while the cross-signing private keys
// will still be retrieved from SSSS, so it's unclear that we
// actually need these cross-signing application callbacks for Riot.
// Should the JS SDK default to in-memory storage of these itself?
const keys = {}; const keys = {};
opts.cryptoCallbacks = { opts.cryptoCallbacks = {
getCrossSigningKey: k => keys[k], getCrossSigningKey: k => keys[k],